From 18c0ba06606af6028ce1e31d352ac90afc6f14c9 Mon Sep 17 00:00:00 2001 From: Matthias Hinrichs Date: Thu, 12 Jun 2025 14:50:39 +0200 Subject: [PATCH] first commit --- Dockerfile.kolla | 14 + README.md | 213 +++++ admin-openrc-system.sh | 15 + admin-openrc.sh | 17 + ansible.cfg | 5 + clouds.yaml | 37 + hnrx-openrc | 40 + hnrx.key | 28 + hosts/netplan/99-openstack.yaml | 22 + kolla-ansible/admin-openrc-system.sh | 14 + kolla-ansible/admin-openrc.sh | 16 + kolla-ansible/clouds.yaml | 37 + .../config/cinder/ceph.client.cinder.keyring | 2 + kolla-ansible/config/cinder/ceph.conf | 3 + .../ceph.client.cinder-backup.keyring | 2 + .../cinder-backup/ceph.client.cinder.keyring | 2 + .../cinder-volume/ceph.client.cinder.keyring | 2 + .../config/designate/designate-sink.conf | 4 + .../config/glance/ceph.client.glance.keyring | 2 + kolla-ansible/config/glance/ceph.conf | 3 + .../config/hacluster-corosync/authkey | Bin 0 -> 4096 bytes .../config/hacluster-pacemaker/authkey | Bin 0 -> 4096 bytes .../config/horizon/custom_local_settings | 3 + kolla-ansible/config/neutron/ml2_conf.ini | 9 + kolla-ansible/config/neutron/neutron.conf | 2 + kolla-ansible/config/nfs_shares | 1 + .../config/nova/ceph.client.cinder.keyring | 2 + .../config/nova/ceph.client.nova.keyring | 2 + kolla-ansible/config/nova/ceph.conf | 3 + kolla-ansible/config/nova/nova.conf | 2 + .../config/octavia/client.cert-and-key.pem | 85 ++ .../config/octavia/client_ca.cert.pem | 33 + .../config/octavia/server_ca.cert.pem | 33 + .../config/octavia/server_ca.key.pem | 54 ++ kolla-ansible/globals.yml | 879 ++++++++++++++++++ kolla-ansible/multinode | 620 ++++++++++++ .../octavia-certificates/client_ca/1000.pem | 33 + .../client_ca/client.cert-and-key.pem | 85 ++ .../client_ca/client.cert.pem | 33 + .../client_ca/client.csr.pem | 27 + .../client_ca/client.key.pem | 52 ++ .../client_ca/client_ca.cert.pem | 33 + .../client_ca/client_ca.key.pem | 54 ++ .../octavia-certificates/client_ca/index.txt | 1 + .../client_ca/index.txt.attr | 1 + .../client_ca/index.txt.old | 0 .../octavia-certificates/client_ca/serial | 1 + .../octavia-certificates/client_ca/serial.old | 1 + .../octavia-certificates/openssl.cnf | 49 + .../server_ca/server_ca.cert.pem | 33 + .../server_ca/server_ca.key.pem | 54 ++ kolla-ansible/octavia-openrc.sh | 10 + kolla-ansible/overrides.yml | 98 ++ kolla-ansible/passwords.yml | 861 +++++++++++++++++ kolla-ansible/public-openrc-system.sh | 12 + kolla-ansible/public-openrc.sh | 14 + kolla.sh | 44 + public-openrc-system.sh | 12 + public-openrc.sh | 14 + scripts/add_allowed_to_port.sh | 11 + 60 files changed, 3739 insertions(+) create mode 100644 Dockerfile.kolla create mode 100644 README.md create mode 100644 admin-openrc-system.sh create mode 100644 admin-openrc.sh create mode 100644 ansible.cfg create mode 100644 clouds.yaml create mode 100644 hnrx-openrc create mode 100644 hnrx.key create mode 100644 hosts/netplan/99-openstack.yaml create mode 100644 kolla-ansible/admin-openrc-system.sh create mode 100644 kolla-ansible/admin-openrc.sh create mode 100644 kolla-ansible/clouds.yaml create mode 100644 kolla-ansible/config/cinder/ceph.client.cinder.keyring create mode 100644 kolla-ansible/config/cinder/ceph.conf create mode 100644 kolla-ansible/config/cinder/cinder-backup/ceph.client.cinder-backup.keyring create mode 100644 kolla-ansible/config/cinder/cinder-backup/ceph.client.cinder.keyring create mode 100644 kolla-ansible/config/cinder/cinder-volume/ceph.client.cinder.keyring create mode 100644 kolla-ansible/config/designate/designate-sink.conf create mode 100644 kolla-ansible/config/glance/ceph.client.glance.keyring create mode 100644 kolla-ansible/config/glance/ceph.conf create mode 100644 kolla-ansible/config/hacluster-corosync/authkey create mode 100644 kolla-ansible/config/hacluster-pacemaker/authkey create mode 100644 kolla-ansible/config/horizon/custom_local_settings create mode 100644 kolla-ansible/config/neutron/ml2_conf.ini create mode 100644 kolla-ansible/config/neutron/neutron.conf create mode 100644 kolla-ansible/config/nfs_shares create mode 100644 kolla-ansible/config/nova/ceph.client.cinder.keyring create mode 100644 kolla-ansible/config/nova/ceph.client.nova.keyring create mode 100644 kolla-ansible/config/nova/ceph.conf create mode 100644 kolla-ansible/config/nova/nova.conf create mode 100644 kolla-ansible/config/octavia/client.cert-and-key.pem create mode 100644 kolla-ansible/config/octavia/client_ca.cert.pem create mode 100644 kolla-ansible/config/octavia/server_ca.cert.pem create mode 100644 kolla-ansible/config/octavia/server_ca.key.pem create mode 100644 kolla-ansible/globals.yml create mode 100644 kolla-ansible/multinode create mode 100644 kolla-ansible/octavia-certificates/client_ca/1000.pem create mode 100644 kolla-ansible/octavia-certificates/client_ca/client.cert-and-key.pem create mode 100644 kolla-ansible/octavia-certificates/client_ca/client.cert.pem create mode 100644 kolla-ansible/octavia-certificates/client_ca/client.csr.pem create mode 100644 kolla-ansible/octavia-certificates/client_ca/client.key.pem create mode 100644 kolla-ansible/octavia-certificates/client_ca/client_ca.cert.pem create mode 100644 kolla-ansible/octavia-certificates/client_ca/client_ca.key.pem create mode 100644 kolla-ansible/octavia-certificates/client_ca/index.txt create mode 100644 kolla-ansible/octavia-certificates/client_ca/index.txt.attr create mode 100644 kolla-ansible/octavia-certificates/client_ca/index.txt.old create mode 100644 kolla-ansible/octavia-certificates/client_ca/serial create mode 100644 kolla-ansible/octavia-certificates/client_ca/serial.old create mode 100644 kolla-ansible/octavia-certificates/openssl.cnf create mode 100644 kolla-ansible/octavia-certificates/server_ca/server_ca.cert.pem create mode 100644 kolla-ansible/octavia-certificates/server_ca/server_ca.key.pem create mode 100644 kolla-ansible/octavia-openrc.sh create mode 100644 kolla-ansible/overrides.yml create mode 100644 kolla-ansible/passwords.yml create mode 100644 kolla-ansible/public-openrc-system.sh create mode 100644 kolla-ansible/public-openrc.sh create mode 100755 kolla.sh create mode 100644 public-openrc-system.sh create mode 100644 public-openrc.sh create mode 100755 scripts/add_allowed_to_port.sh diff --git a/Dockerfile.kolla b/Dockerfile.kolla new file mode 100644 index 0000000..c938eca --- /dev/null +++ b/Dockerfile.kolla @@ -0,0 +1,14 @@ +FROM ubuntu:24.04 + +RUN apt-get update && apt-get upgrade -y && \ + apt-get -y install git python3-dev iputils-ping dnsutils sshpass python3-pip libffi-dev gcc libssl-dev openssh-client \ + && rm -rf /var/lib/apt/lists/* +RUN pip3 install ansible --break-system-packages +RUN pip3 install git+https://opendev.org/openstack/kolla-ansible@master --break-system-packages +#RUN pip3 install git+https://git.hnrx.net/hnrx/kolla-ansible-mirror.git@master --break-system-packages + +RUN kolla-ansible install-deps + +COPY ansible.cfg /etc/ansible/ansible.cfg + +WORKDIR /etc/kolla diff --git a/README.md b/README.md new file mode 100644 index 0000000..413fa1d --- /dev/null +++ b/README.md @@ -0,0 +1,213 @@ +# OpenStack Homelab + +OpenStack Homelab is a collection of scripts and configurations to deploy OpenStack on a single server or a small cluster of servers. It is designed to be easy to use and customize, and to provide a good starting point for anyone interested in deploying OpenStack. + +## Hardware Setup + +My Homelab consists of the following components: + +- 3 x Control/Compute Nodes +- 1 Unifi USW 8-Port Switch +- 1 Synology DiskStation DS920+ + +## VLANs +- VLAN100: Management Network +- VLAN111-113: ExternalCompute Network +- VLAN114-116: Storage Network + +## Initial Setup + +### Host Preparation + +First install Ubuntu Server 24.04 LTS on each host. Just a minimal Base installation. During setup ensure to configure VLAN100 as the only DHCP interface. +Hostname and IP are defined by DHCP on the Unifi Gateway. + +Add optional: true to enp2s0 to speed up boot time. Otherwise Ubuntu will wait for a DHCP response before booting. + +``` +network: + version: 2 + ethernets: + enp2s0f0: + mtu: 9000 + optional: true + enp2s0f1: + mtu: 9000 + optional: true + vlans: + enp2s0f0.100: + mtu: 9000 + dhcp4: true + id: 100 + link: "enp2s0f0" + enp2s0f0.105: + mtu: 9000 + dhcp4: true + id: 105 + link: "enp2s0f0" + dhcp4-overrides: + use-routes: false +``` + +Enable login with SSH-Key based authentication and configure sudo access for the user without password. + + +# Installation + +## Create credentials: + +run +``` +./kolla.sh genpwd +``` + +## Bootstrap Servers +This will install everything needed to run OpenStack on the host servers. + +``` +./kolla.sh bootstrap-servers +``` + +## Prechecks +Checking if the configuration is correct. + +``` +./kolla.sh prechecks +``` + +## Deployment + +``` +./kolla.sh deploy +``` + +# Post-Deployment Tasks + +After the deployment is complete, you can copy the admin-openrc.sh and other credential files file to your kolla directory. +This is only needed after the initial deployment and installation of some services like octavia. + + +``` +./kolla.sh post-deploy +``` + +## Create Networks + +``` +openstack network create --share --external \ + --provider-physical-network physnet1 \ + --provider-segment 113 \ + --provider-network-type vlan \ + extnet-vlan113 + +openstack subnet create \ + --allocation-pool start=192.168.113.10,end=192.168.113.200 \ + --network extnet-vlan113 \ + --subnet-range 192.168.113.0/24 \ + --gateway 192.168.113.1 \ + extnet-vlan113-subnet + +openstack network set --external extnet-vlan113 + +openstack network create selfservice1 + +openstack subnet create --subnet-range 10.0.2.0/24 \ + --network selfservice1 --dns-nameserver 8.8.4.4 selfservice1-v4 + +openstack router create router1 +openstack router add subnet router1 selfservice1-v4 + +openstack router set --external-gateway extnet-vlan113 router1 + + +openstack security group rule create --protocol icmp default + +``` + +## Some Flavors + +``` +openstack flavor create --ram 512 --disk 5 --vcpus 1 m1.tiny +openstack flavor create --ram 1024 --disk 10 --vcpus 1 m1.small +openstack flavor create --ram 2048 --disk 20 --vcpus 1 m1.medium +openstack flavor create --ram 4096 --disk 30 --vcpus 1 m1.large +openstack flavor create --ram 8192 --disk 50 --vcpus 1 m1.x-large + +openstack flavor create --ram 1024 --disk 25 --vcpus 2 c2.tiny +openstack flavor create --ram 2048 --disk 50 --vcpus 2 c2.small +openstack flavor create --ram 4096 --disk 75 --vcpus 2 c2.medium +openstack flavor create --ram 8192 --disk 100 --vcpus 2 ko +openstack flavor create --ram 8192 --disk 150 --vcpus 2 c2.x-large + +``` + +## Some Images + +``` +wget https://files.hnrx.net/OS-Images/cirros-0.6.3-x86_64-disk.img && \ + openstack image create --disk-format qcow2 --container-format bare --public --file ./cirros-0.6.3-x86_64-disk.img cirros-0.6.3 --progress && \ + rm cirros-0.6.3-x86_64-disk.img + +wget https://download.opensuse.org/repositories/Cloud:/Images:/Leap_15.6/images/openSUSE-Leap-15.6.x86_64-NoCloud.qcow2 +openstack image create --disk-format qcow2 --container-format bare --public --file ./openSUSE-Leap-15.6.x86_64-NoCloud.qcow2 openSUSE-Leap-15.6 --progress + +wget https://files.hnrx.net/OS-Images/Fedora-Cloud-Base-Generic-41-1.4.x86_64.qcow2 && \ + openstack image create --disk-format qcow2 --container-format bare --public --file ./Fedora-Cloud-Base-Generic-41-1.4.x86_64.qcow2 Fedora-Cloud-Base-Generic-41-1.4.x86_64 --progress && \ + rm Fedora-Cloud-Base-Generic-41-1.4.x86_64.qcow2 + +wget https://files.hnrx.net/OS-Images/rhel-10-hnrx.qcow2 && \ + openstack image create --disk-format qcow2 --container-format bare --public --file ./rhel-10-hnrx.qcow2 rhel-10-hnrx --progress && \ + rm rhel-10-hnrx.qcow2 + +wget https://files.hnrx.net/OS-Images/ubuntu-24.0am4-lts-noble-server-cloudimg-amd64.img && \ + openstack image create --disk-format qcow2 --container-format bare --public --file ./ubuntu-24.04-lts-noble-server-cloudimg-amd64.img ubuntu-24.04-lts-noble-server-cloudimg-amd64 --progress && \ + rm ubuntu-24.04-lts-noble-server-cloudimg-amd64.img + +wget https://files.hnrx.net/OS-Images/talos-1.10.2-openstack-amd64.raw && \ + openstack image create --disk-format raw --container-format bare --public --file ./talos-1.10.2-openstack-amd64.raw talos --progress && \ + rm talos-1.10.2-openstack-amd64.raw + + + + + + +openstack image create amphora-x64-haproxy.qcow2 --container-format bare --disk-format qcow2 --private --tag amphora --file amphora-x64-haproxy.qcow2 --property hw_architecture='x86_64' --property hw_rng_model=virtio --progress + + + +``` + +## create a security group + +``` +openstack security group create --description "Allow SSH and ICMP" hnrx-default +openstack security group rule create --protocol tcp --dst-port 22:22 hnrx-default +openstack security group rule create --protocol icmp hnrx-default + +openstack default security group rule create --protocol tcp --dst-port 22:22 +openstack default security group rule create --protocol icmp + +``` + +## Prepare separate project + +``` +openstack project create --description 'the hnrx homelab test project' hnrx-test \ + --domain default + +openstack project create --description 'the hnrx homelab prod project' hnrx-prod \ + --domain default + + +openstack user create --project hnrx-test --password start123 hnrx +openstack role add --user hnrx --project hnrx-test admin +openstack role add --user hnrx --project hnrx-prod admin +``` + +## Configure Designate +as admin User: +openstack service list; openstack endpoint list --service designate + +openstack zone create --email admin@hnrx.net hnrx.cloud. + diff --git a/admin-openrc-system.sh b/admin-openrc-system.sh new file mode 100644 index 0000000..cdae0e8 --- /dev/null +++ b/admin-openrc-system.sh @@ -0,0 +1,15 @@ +# Ansible managed + +# Clear any old environment that may conflict. +for key in $( set | awk '{FS="="} /^OS_/ {print $1}' ); do unset $key ; done +export OS_USER_DOMAIN_NAME='Default' +export OS_SYSTEM_SCOPE=all +export OS_USERNAME='admin' +export OS_PASSWORD='3QAtP4dECYsRtxIpW23OpPYiE7XOUvZ9UDmtyiDT' +export OS_AUTH_URL='http://192.168.100.10:5000' +export OS_INTERFACE='internal' +export OS_ENDPOINT_TYPE='internalURL' +export OS_MANILA_ENDPOINT_TYPE='internalURL' +export OS_IDENTITY_API_VERSION='3' +export OS_REGION_NAME='RegionOne' +export OS_AUTH_PLUGIN='password' diff --git a/admin-openrc.sh b/admin-openrc.sh new file mode 100644 index 0000000..14a66ee --- /dev/null +++ b/admin-openrc.sh @@ -0,0 +1,17 @@ +# Ansible managed + +# Clear any old environment that may conflict. +for key in $( set | awk '{FS="="} /^OS_/ {print $1}' ); do unset $key ; done +export OS_PROJECT_DOMAIN_NAME='Default' +export OS_USER_DOMAIN_NAME='Default' +export OS_PROJECT_NAME='admin' +export OS_TENANT_NAME='admin' +export OS_USERNAME='admin' +export OS_PASSWORD='3QAtP4dECYsRtxIpW23OpPYiE7XOUvZ9UDmtyiDT' +export OS_AUTH_URL='http://192.168.100.10:5000' +export OS_INTERFACE='internal' +export OS_ENDPOINT_TYPE='internalURL' +export OS_MANILA_ENDPOINT_TYPE='internalURL' +export OS_IDENTITY_API_VERSION='3' +export OS_REGION_NAME='RegionOne' +export OS_AUTH_PLUGIN='password' diff --git a/ansible.cfg b/ansible.cfg new file mode 100644 index 0000000..3f5e24c --- /dev/null +++ b/ansible.cfg @@ -0,0 +1,5 @@ +[defaults] +host_key_checking=False +pipelining=True +forks=100 +local_tmp=/tmp diff --git a/clouds.yaml b/clouds.yaml new file mode 100644 index 0000000..8018c40 --- /dev/null +++ b/clouds.yaml @@ -0,0 +1,37 @@ +clouds: + kolla-admin: + auth: + auth_url: http://192.168.100.10:5000 + project_domain_name: Default + user_domain_name: Default + project_name: admin + username: admin + password: 3QAtP4dECYsRtxIpW23OpPYiE7XOUvZ9UDmtyiDT + region_name: RegionOne + kolla-admin-system: + auth: + auth_url: http://192.168.100.10:5000 + user_domain_name: Default + system_scope: all + username: admin + password: 3QAtP4dECYsRtxIpW23OpPYiE7XOUvZ9UDmtyiDT + region_name: RegionOne + kolla-admin-internal: + auth: + auth_url: http://192.168.100.10:5000 + project_domain_name: Default + user_domain_name: Default + project_name: admin + username: admin + password: 3QAtP4dECYsRtxIpW23OpPYiE7XOUvZ9UDmtyiDT + interface: internal + region_name: RegionOne + kolla-admin-system-internal: + auth: + auth_url: http://192.168.100.10:5000 + user_domain_name: Default + system_scope: all + username: admin + password: 3QAtP4dECYsRtxIpW23OpPYiE7XOUvZ9UDmtyiDT + interface: internal + region_name: RegionOne diff --git a/hnrx-openrc b/hnrx-openrc new file mode 100644 index 0000000..a990081 --- /dev/null +++ b/hnrx-openrc @@ -0,0 +1,40 @@ +#!/usr/bin/env bash +# To use an OpenStack cloud you need to authenticate against the Identity +# service named keystone, which returns a **Token** and **Service Catalog**. +# The catalog contains the endpoints for all services the user/tenant has +# access to - such as Compute, Image Service, Identity, Object Storage, Block +# Storage, and Networking (code-named nova, glance, keystone, swift, +# cinder, and neutron). +# +# *NOTE*: Using the 3 *Identity API* does not necessarily mean any other +# OpenStack API is version 3. For example, your cloud provider may implement +# Image API v1.1, Block Storage API v2, and Compute API v2.0. OS_AUTH_URL is +# only for the Identity API served through keystone. +export OS_AUTH_URL=http://192.168.100.10:5000/v3/ + +# With the addition of Keystone we have standardized on the term **project** +# as the entity that owns the resources. +export OS_PROJECT_ID=7df9ccc619c44b84857c1a48fc76d419 +export OS_PROJECT_NAME=hnrx-test +export OS_PROJECT_DOMAIN_NAME=Default +export OS_USER_DOMAIN_NAME=Default + +# unset v2.0 items in case set +unset OS_TENANT_ID +unset OS_TENANT_NAME +# In addition to the owning entity (tenant), OpenStack stores the entity +# performing the action as the **user**. +export OS_USERNAME=hnrx + +# With Keystone you pass the keystone password. +echo "Please enter your OpenStack Password for project $OS_PROJECT_NAME as user $OS_USERNAME: " +read -sr OS_PASSWORD_INPUT +export OS_PASSWORD=$OS_PASSWORD_INPUT +# If your configuration has multiple regions, we set that information here. +# OS_REGION_NAME is optional and only valid in certain environments. +export OS_REGION_NAME=RegionOne + +# Don't leave a blank variable, unset it if it was empty +if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi +export OS_INTERFACE=public +export OS_IDENTITY_API_VERSION=3 diff --git a/hnrx.key b/hnrx.key new file mode 100644 index 0000000..7630895 --- /dev/null +++ b/hnrx.key @@ -0,0 +1,28 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAtQ4/n4Q1WN6JVxEFPY79QisUQiBAcC7P3Utktz99IsND5b2z +ELc+fka0lktzL4/77QDnj6j+zaeKHkX9HmOQ7ycGTrcBKS1da2DvJ2apsk6iApbA +1G3aOTz1kZyLYmvCt5PTIJ+48sykHTIFSuyVtc2dKXY9TcppuYhgkiV2m93ZDE32 +3xBFxicYb+yhNl9QpIs/3wBdPeY+uZuOGCHGVlkUWvgc6BPHnML/eX9fh9rp0HqY +YEfqdvOugNdrGocsv4lD9ZNVPg94hAVVrVTiGmIwWYtCHFnbCQYhmScR5jwi75/h +wVa2NOJ3EF10CShnMV4UsUUuj4Gzc2AolBkVWQIDAQABAoIBAAU3B4QbtcGn30LV +EwE76MrgHMbu0OGqUi296dpmshRZ6s8SO2HO4AuZE8MvIdPhN3tocZhaC292/5Zx +o6HIHQ5BDIB16vWkVd2C6ZXenM1YUHhMnqSVFBpensrL5y6K4LfoQnDdHjb4HVNY +nn29pMObdtxmiHYregdwXdUNI9vHZ9nUq1SFsnBkuMzb6Sy2/Okm6GwnYWobjTQF +1Z5TSD7DqOytlQDn4ARQCUgd6W2b75mZ6sXWAv2rEIZUZeVUirUbZjzLPqgjRfvy +XKxywat59K3y1cb8WMvgriMxom2q/rpoIN6kNbm4lBzH4wF4krkT0+0YC5HT8M5/ +lgfKLEUCgYEA+jB+uHvwHmf5B+nNBuvBgHxIeLn9tx25Ss7wZl5PCRb9DYOew4f7 +qqBhcPqa11d2AwuT8kBISVMDdQpF3Uy67UJEKS5E0q7KmyAIYY7TYNyHUYpCNJHr +0W/kXnhDJhHWbyDBtVSZv+pNyxgdEBG0iISw6eiJZjwGllmIGhO58YcCgYEAuUK3 +twPrLYx+dZIBrASGiamed7WyA+gUdFA9oAq1r1zv2K9/0THdfe063s4z1t3juGfX +ubuJFA0xP9QzOWV+fTKTWqxYCFETTYQgrCHWhVLhlbmbdHQJQh69lZQD16wPwf5O +4Q2GKw5HwRPILBbKxizZsbvakWsZeULWZxlR+h8CgYBn4u0rk6MgLRI2G/objpd5 +z6GUJ77XY4tGKemeyDhPUPFgxC+Ph46TyibL7/ONyW5iU1NqexDJCaRc3BgojSzt +Sd/dra28QgI1KbbxM4pIJSo3TI6zH4hpHeoY5B0V2MBOwq5MqkVxcEw/MdMXkhKB +wX9okTtEbVZa5fBiy6AhTwKBgQChhh4Pn4cI65nGgEqc5EU4+X6E+RIAffR3hQ51 +32CRSQKFdl6G0mc/R/swD7D7AfNt8HwSIARgSzBJaoZO4MLr/ZCkWedXOPkPeMfT +zJzxGVY96No1KoZ3871wEOFYxVfn2AaGCfiUyZqeKNU6O5UIPEqBwDvM1ggbxb6R +nW3wGQKBgQCogS6KGyt1EC1S3Scbd85mP5w0ESs1TmcuOAaO9B7ZBMN+m5ztJ+6s +2KfhI3Qcik9YCVIdtRg5Sz06/WKTZk/uwnE6N6/v/3YTRH02qDvOeFuoWkpA2lSQ +hs5UJ1PsRN0m2v4ylfVMuyWB/kD7jZbO4+K/fCJrAvrHArxFIQFOjA== +-----END RSA PRIVATE KEY----- + diff --git a/hosts/netplan/99-openstack.yaml b/hosts/netplan/99-openstack.yaml new file mode 100644 index 0000000..7a9cafe --- /dev/null +++ b/hosts/netplan/99-openstack.yaml @@ -0,0 +1,22 @@ +network: + version: 2 + ethernets: + enp2s0f0: + mtu: 9000 + optional: true + enp2s0f1: + mtu: 9000 + optional: true + vlans: + enp2s0f0.100: + mtu: 9000 + dhcp4: true + id: 100 + link: "enp2s0f0" + enp2s0f0.105: + mtu: 9000 + dhcp4: true + id: 105 + link: "enp2s0f0" + dhcp4-overrides: + use-routes: false \ No newline at end of file diff --git a/kolla-ansible/admin-openrc-system.sh b/kolla-ansible/admin-openrc-system.sh new file mode 100644 index 0000000..be018bf --- /dev/null +++ b/kolla-ansible/admin-openrc-system.sh @@ -0,0 +1,14 @@ +# Ansible managed + +# Clear any old environment that may conflict. +for key in $( set | awk '{FS="="} /^OS_/ {print $1}' ); do unset $key ; done +export OS_USER_DOMAIN_NAME='Default' +export OS_SYSTEM_SCOPE=all +export OS_USERNAME='admin' +export OS_PASSWORD='3QAtP4dECYsRtxIpW23OpPYiE7XOUvZ9UDmtyiDT' +export OS_AUTH_URL='http://192.168.100.10:5000' +export OS_INTERFACE='internal' +export OS_ENDPOINT_TYPE='internalURL' +export OS_IDENTITY_API_VERSION='3' +export OS_REGION_NAME='RegionOne' +export OS_AUTH_PLUGIN='password' diff --git a/kolla-ansible/admin-openrc.sh b/kolla-ansible/admin-openrc.sh new file mode 100644 index 0000000..247b380 --- /dev/null +++ b/kolla-ansible/admin-openrc.sh @@ -0,0 +1,16 @@ +# Ansible managed + +# Clear any old environment that may conflict. +for key in $( set | awk '{FS="="} /^OS_/ {print $1}' ); do unset $key ; done +export OS_PROJECT_DOMAIN_NAME='Default' +export OS_USER_DOMAIN_NAME='Default' +export OS_PROJECT_NAME='admin' +export OS_TENANT_NAME='admin' +export OS_USERNAME='admin' +export OS_PASSWORD='3QAtP4dECYsRtxIpW23OpPYiE7XOUvZ9UDmtyiDT' +export OS_AUTH_URL='http://192.168.100.10:5000' +export OS_INTERFACE='internal' +export OS_ENDPOINT_TYPE='internalURL' +export OS_IDENTITY_API_VERSION='3' +export OS_REGION_NAME='RegionOne' +export OS_AUTH_PLUGIN='password' diff --git a/kolla-ansible/clouds.yaml b/kolla-ansible/clouds.yaml new file mode 100644 index 0000000..8018c40 --- /dev/null +++ b/kolla-ansible/clouds.yaml @@ -0,0 +1,37 @@ +clouds: + kolla-admin: + auth: + auth_url: http://192.168.100.10:5000 + project_domain_name: Default + user_domain_name: Default + project_name: admin + username: admin + password: 3QAtP4dECYsRtxIpW23OpPYiE7XOUvZ9UDmtyiDT + region_name: RegionOne + kolla-admin-system: + auth: + auth_url: http://192.168.100.10:5000 + user_domain_name: Default + system_scope: all + username: admin + password: 3QAtP4dECYsRtxIpW23OpPYiE7XOUvZ9UDmtyiDT + region_name: RegionOne + kolla-admin-internal: + auth: + auth_url: http://192.168.100.10:5000 + project_domain_name: Default + user_domain_name: Default + project_name: admin + username: admin + password: 3QAtP4dECYsRtxIpW23OpPYiE7XOUvZ9UDmtyiDT + interface: internal + region_name: RegionOne + kolla-admin-system-internal: + auth: + auth_url: http://192.168.100.10:5000 + user_domain_name: Default + system_scope: all + username: admin + password: 3QAtP4dECYsRtxIpW23OpPYiE7XOUvZ9UDmtyiDT + interface: internal + region_name: RegionOne diff --git a/kolla-ansible/config/cinder/ceph.client.cinder.keyring b/kolla-ansible/config/cinder/ceph.client.cinder.keyring new file mode 100644 index 0000000..af444ea --- /dev/null +++ b/kolla-ansible/config/cinder/ceph.client.cinder.keyring @@ -0,0 +1,2 @@ +[client.cinder] +key = AQAGN0ho6ZPOGxAAssuvO4fCUc+VcUSSQe5dwA== diff --git a/kolla-ansible/config/cinder/ceph.conf b/kolla-ansible/config/cinder/ceph.conf new file mode 100644 index 0000000..f6aa960 --- /dev/null +++ b/kolla-ansible/config/cinder/ceph.conf @@ -0,0 +1,3 @@ +[global] +fsid = 1e61b741-45df-11f0-aa93-3c493705c28c +mon_host = [v2:192.168.105.105:3300/0,v1:192.168.105.105:6789/0] [v2:192.168.105.217:3300/0,v1:192.168.105.217:6789/0] [v2:192.168.105.11:3300/0,v1:192.168.105.11:6789/0] diff --git a/kolla-ansible/config/cinder/cinder-backup/ceph.client.cinder-backup.keyring b/kolla-ansible/config/cinder/cinder-backup/ceph.client.cinder-backup.keyring new file mode 100644 index 0000000..38486be --- /dev/null +++ b/kolla-ansible/config/cinder/cinder-backup/ceph.client.cinder-backup.keyring @@ -0,0 +1,2 @@ +[client.cinder-backup] +key = AQDIUUhoCmKFGRAAAksKEuXvHDgzhRMulyLoSQ== diff --git a/kolla-ansible/config/cinder/cinder-backup/ceph.client.cinder.keyring b/kolla-ansible/config/cinder/cinder-backup/ceph.client.cinder.keyring new file mode 100644 index 0000000..af444ea --- /dev/null +++ b/kolla-ansible/config/cinder/cinder-backup/ceph.client.cinder.keyring @@ -0,0 +1,2 @@ +[client.cinder] +key = AQAGN0ho6ZPOGxAAssuvO4fCUc+VcUSSQe5dwA== diff --git a/kolla-ansible/config/cinder/cinder-volume/ceph.client.cinder.keyring b/kolla-ansible/config/cinder/cinder-volume/ceph.client.cinder.keyring new file mode 100644 index 0000000..af444ea --- /dev/null +++ b/kolla-ansible/config/cinder/cinder-volume/ceph.client.cinder.keyring @@ -0,0 +1,2 @@ +[client.cinder] +key = AQAGN0ho6ZPOGxAAssuvO4fCUc+VcUSSQe5dwA== diff --git a/kolla-ansible/config/designate/designate-sink.conf b/kolla-ansible/config/designate/designate-sink.conf new file mode 100644 index 0000000..182d085 --- /dev/null +++ b/kolla-ansible/config/designate/designate-sink.conf @@ -0,0 +1,4 @@ +[handler:nova_fixed] +zone_id = fa63143c-a5bb-4be9-ae9a-77744e76d26a +[handler:neutron_floatingip] +zone_id = fa63143c-a5bb-4be9-ae9a-77744e76d26a diff --git a/kolla-ansible/config/glance/ceph.client.glance.keyring b/kolla-ansible/config/glance/ceph.client.glance.keyring new file mode 100644 index 0000000..09caea5 --- /dev/null +++ b/kolla-ansible/config/glance/ceph.client.glance.keyring @@ -0,0 +1,2 @@ +[client.glance] +key = AQA+N0hoeOHLDBAAyopZ5JmVP4Skfmj+C1JaEA== diff --git a/kolla-ansible/config/glance/ceph.conf b/kolla-ansible/config/glance/ceph.conf new file mode 100644 index 0000000..f6aa960 --- /dev/null +++ b/kolla-ansible/config/glance/ceph.conf @@ -0,0 +1,3 @@ +[global] +fsid = 1e61b741-45df-11f0-aa93-3c493705c28c +mon_host = [v2:192.168.105.105:3300/0,v1:192.168.105.105:6789/0] [v2:192.168.105.217:3300/0,v1:192.168.105.217:6789/0] [v2:192.168.105.11:3300/0,v1:192.168.105.11:6789/0] diff --git a/kolla-ansible/config/hacluster-corosync/authkey b/kolla-ansible/config/hacluster-corosync/authkey new file mode 100644 index 0000000000000000000000000000000000000000..702f868516d8a9ab6d2a5b1066911f6f300a6b47 GIT binary patch literal 4096 zcmV+b5dZJMwZ*U_q-W#?>;J~NF!Z?!T?X?E6Up`-G3-%JdxsBlV(@Kr4@D9OTeQx= zeSllIuz+mhz?-M#MIY!O%j00=D)`#Q@v`!}XzSPWfn-uuBPBujJxgul}=F# zI?_8i{4~Z1FX3?OWl20%ZY4~Lbc029n!3z|0*DB~F8xw!3mB8aRzZ-1JCtb^2x7Ef z3Q9;;{>b$coNgs(*NH^tpuKDdIfVERZ!OvZQH$v2ZS&G_}iar=6x zR=+}b49vc4Mto}+Oz$$eZq5$GZ#SSg5tTM-uVu2k_58YQK{%lbJ@w$Tm*-xzW5kSl zSJWUoV(e>=!JNq;LuC7c{-ZL7_?hZ(@#)S#jhLU=Upf+CrF2FqOiY2i*7nw8Brz}wk-tixVIs=2Efs4CAMF-8m6fRG-}P=RZX@nH`Tv*=9o~p%jcH0_wTB4H zJQrvQx}ebsBr$|icbmUhG9x!3WFqq?=`G0i5A~a$W%cP=cVG?@;u-6GDu6V zDuh@#MM~4CLNMUPcxucQ5}XOAUc5_aS8r@1>OhKjKkfXy&Y=~B=9Cw#BDX1;Ls@99 zPoDfdJfH%c`5hl}nCr9>_vkhe`*UDGd=}O}hk>vd*^X z_Fek+NC-))=-gk|nr zzZf}PWkHReO0dX}0+t`0K2GbZXYHH@9^5aN`q3dVNv{Kw~}JS~$cEUgP>64b_@9@DG2>F`{Y&HxR)W-i6!2B6|Je%{sK} zhM{d$Afv?H^RZzE|NZba`zcU7o8T`xuR3E;Y)ULW3Y7#zg1R{&Pe)XVU($k#PPsa+8yL z08s~mM~cfU1e2&~b2v;QtySWqS^*1%)r{1j5OalM@KqiMHMWBp5A*ps^O@XjObH_6 z6)%oc&z z4L`Gpom0?N{2i0hP2)S5bkT;J&f1(W3DgViC3?HyO;tI>_Tl_V%hE z2aZaLNYKAvPG}$TFwoM?U*^FB3`}}gfxxat|Cd`Jh0L=_Zn!Thq^`kH+;MTYi)Y0x z#vWddUxpetHZ!0>%QWnpkJZ*!j8;8|IrGk04!S(ibb1G0T`vLKF$h;bznycB{H-nZ zAL82cz#G5wTf4f2mPCq0h!)*J?DOFd9JMyRA^~E#BshQ&TufPG4N}g?04P_0`0$a= zF}M6~k*H}Tmq8D|fs6B$8Pf3YBee=W$xehi33H??TW{V%CZJ90kp=N_?hZGH)NowR zItip@7JnEdm3luZ4Djjy@WeDJftHV+_Q>K#+~;6UDf%s#xROQ@cZD{|A*2@SzlS3% z88zu~p2&ROJiwS%rB5 zQ`?gLW(;*<;VcCB8Ti&o)Uxylo}qXzXjDf8zw(8ToD)|*D3P#Bv46v+1P-NGX3I;) zQL#)u1KPXwOscd?tF0e=ibw?jWxR4*kR(BQG8K7Xn$ufhbOv;;Cof~?;Qa2xtq0`ZJPoI6%q(xu zGA5s^Z@Azg&{*@wBUt)yO@TOh%Hib#sw*ECdx|*t8+JomDf#EfCZJtVq1kBemve!= z0aWo-$i5f}n>eq%$C;k*hU{b(<1>n?Uo@I^F^W z^i%q!n*SU-Nk#hMatF!reBXG?fN4$Hh*O+KAPhGG**p?+L zz9+_lQ+%E@_1P#Eu_H(-kBrXRK@YM`Twv}Dq!GwxVnhFT+5g%6^dSTU?QB~c_LJ&~_^^DNyBLB|ItM72bcvQ*4=k*W-UHdF zDh5J8Ma$Kw#92g#NAYM%K=FfMMAYSvi)0yyGKq}Q6VNPvtI``LAGqHwYw3gl#7ALV zu#;6U#b3DG%qUNeZt<0CkELFt#{U+m$4*{-qnxzG>4_*eCwszfDI0PH2hG)SMxWI+ z*HygcMPF!EgPo4rCn^cFjh9+(y4ETKO=bv5Hn*)75=TjY`hYq{=D*i>^`f8)vyG^% z{S4d9!y|dx7$N;Sm)c!c1GnTBK*?EC(m$CMR$;sA377Qv;&UIxOuVR(=Emz)7F6i~ zV0Izw2j}bB4tQrGJ+UBfI>Cs*S6#xl@w-k$z^x#{@UfP5lG#KM$8I=TUTS{zo4<}R z&Zgu>xwd|Od;e*NgI!5-)OQK#sTOk0MUqsO8+`}ePJ!SelL9n1$O%qN!+Z^^?rd`9 z_g<7N9w;zkA^4H3iV?NPwhF-;rF**x?4vlG$k9>S0zrxB_+_os zfOxy)duzJENGDKacp1%CWja&s1eJe?v$G0g4CvjI?3|U)C(V$C1LdZGkNb>WGQ#E$ zAo!)W|N6Hz`&G1(VD%S5#-1wBbrbGs(A{wT_;P_6NlG4-q#aH86*zMo&CZUBFub2v z^qsr4EN7^mv*pzhqC;uw7Qf7wM*{rW{bQ`AHzy24H%GXX zz@e<(R%Wy!oiB`s@)CJ8m%`i5z!zd&Fb&)<~N1rBLHJ9XR46 zmD7oU`ZwCPUU$1kU1p@4`tf57cjT-(;&2bS7ROn}>@BC3Hllx1+k$YwlK`>+yyb|i zLlAw9b^hKVsG`k&#z2fg#Sx!W^S+^QHS?F0f%MafDb~Q@8gM2lm77U@i3WS*LrYG> zx(TN~+^T(Y))>T3QY@U^4G(nX4l%TdhCeYOo$vq79Ru#%-RvceYzVfpw4Cjl){e0k zJCAJEL@x@d;I+*mgn02I1;jG0NA!<1{*_M@yp^&vh3<>Jm;YD8EDf03VyV0e@w}iy zOpDQjuZX9OSx;~ew!zg+gLfUq5wH}Rxo zcH5ah)NMkgj$l>eT9CF=m5YR{K~7~6q>kFnYf$e`5;B~6rY4GA<|@6o%!D~Z&%r}d z!J$tuHZBSKVBl=PD~t;dP+&%DMSQ99vp5ruc?Aqn{mDKhb2$MQ4`$S|B&{?2X_}>e zT?_7zSqY8j%?M^Q>Fs*gz7dsa??2WHyUM-32l>xN#ga}Z9u$34D_fa^F)VdpESxIMMSB78EWrW`G6`lWpOlu z`Ps`{d(s5>rI>pKHXJb3&%$;9zP|0-E_U&@01LSRV508`ZV>>G!vad@&_l1lDzLPr zma}Rnlz5y*THuX_xRqoy@NJ@}lSTd==jCaLE2@qKW~Vt%jfX}}WO&QB1IV~HK+-7j zGBotp7lyL`lnaU11GVYKUDn5C;_g2MI7n2vZ}!=YOyvhP2>@iU>lx83B$nnL0-XL$ zfB(#Rci23mbcFqgz**J`r)hE`42cg)4lJ4=#xaWl0 zNe4a84f`a?bA9qN*EB`fUn3}0-ulJdM_2(Fw5?cMSQxR%+LRE7W}74lrg+y0o`DKm zM2F9*cx&aF>}eil0l%02jhPVK6zaX$FAWlmnCiPap7}K9o3_Q(dgFyA9BE^(@!uE# literal 0 HcmV?d00001 diff --git a/kolla-ansible/config/hacluster-pacemaker/authkey b/kolla-ansible/config/hacluster-pacemaker/authkey new file mode 100644 index 0000000000000000000000000000000000000000..c398ccbb2f857f7c3c23879aa319d67a1cccc42c GIT binary patch literal 4096 zcmV+b5dZH=EIBw7Gpr~b5QM*4iq`2z&(iBTM0**Z`iG{nE23B?@lpV-dKEpBlHyz4 zIHF)C=AeE+-RVA{Q%448ZDf5erDDq0=qzwS(;rWZ!p5XAzzxuTwH$0ac{m+dQNy=z zenWPF#oLlAxWjIzt#G@C}7`Mbk(q z#}nSAcx-#UX`zU|VJ*14tdh$rHCP-!w>q&(iFC0w=hfRaj8$?i z@?4Dp_hqJjc@?^BmJaE#A~9YuCu54wA(mLsb^r|xmXk0bR?Nye$*wlcJ|`HzM~fYI z{w?Er#mcf_uHWysvOgBmtwUdB8Q&@-K{CU8AfQI_ebp+e&E!#I0LMM2w?~PhonU2z%eWGrW8^vJ3U3)W`RO$}r!w$dl=#0Y#pWYpZL<HX6j@@MG6D4fn~du@x?VZ6Sh0u~ z&dr(#n(Vm_T{LSk`}D*f1@RCbzXS+vkC8cWjRZhsm{>9ebQaMq&Wet=RpU_*Hj z$(dCjS9px%fwOX?KiOu6)x|4hYiV+Fhw$nl!^+};m}-$(8#{C<^2C;7>8Rt;!xRM? z?QUyOERS7GG(!oz5BR6S9h0C`B55i1HNROeC5IDtOy^@?MBZNME|@D<>r;!um-SLJ zWt^?X=?)x#))paFYT5uy!||i zYhDA?FP6ZH3eqwkz)RJc_eNuo-B1k0Hi&xgyUXLVmDeqVNQ0PRoVicMkNL1}{Vlfe z`~PE%A!N`i%M~*e?->1jku@>m=WN)PJ%ATu>oP)ruwyEm0b6Q`GE){;YP9lC|0>no z7A4@f`W}qM>s&jpst+-f8)4n@{kqGm70Yy4Y>xkY3wy4Ar0Pa5Z>#Ha{5=MXsn`hT ze%hG}2O4Tc%u@3=#<`na1N`-eE(If6{x129r) zKQ-u)w_)6hFoNYG(Ol>S^>a}RRa-3pBbG_k9wvGKvlI8M3UqFdM7xgf@O9c!{(O?d zsio5Q^Rc@1F|Y9W)J~o#LV86S=7&)udoKY;F2TXVVu#csgMr^V4kH2{@bhzUKmqn6 zw4m58$Gio%jpv?)ZS0-6<$^==hxk-8ZptfOmQzj!lgk>~vy7}&fhD&eQ< zC!fAU9yBxdq*|%p0#e}a=6owoWp`qU^_rxGMZlV=Rhpm_uFyy|3;K`(^lQRp63oDn z{!FCE$+IZrh)e&$dAa{={RUkUB-LabtmUG4?4y#RSY9+h<{fk?ZfpD*_J|z(tFp1( zkwGVRyN}!X0ty6q+Ybajg_HTwdNvAYAy+c;MjFbj^x7ad1F+6jkbYqw()PS32GrN8 zwC?I<1@u>?rhTXBqkeHu@J#$D$)fB0YmgPopeHN2&LcrzW7&Lm8_|28C^Yx9GED9Y z91I1Fp&J~4`%bC>gr}Z0kW2An{ltTz-ApXSNep*LXD3=Gv+ah;BKzs^J}OdGfoNCy z;Bs5pDsGzQj~WRh|0_m_*k{h32g{^?x|1jUoSce5An?7MHb@8L#fY`f$_Rd;4ohKn zl-zv7UC7u!Nxj`^ZR3Y+X7KP}Um$cFCqc=UmguLItOqDAoKeBSte2$LSSzsQ1G>=6 zdo)`l34I;`tB+_curk)>X;N5)Pv5rvYfV+uHZ@Y(=?NIqFbq^UvQjfT>>jqQg%CO& zRnjV5riA`wsGx>BLRtLr?Y;2jA32|$qQs$e0F>x_{Bk-t_2v&zNM2I&N0>$}$6Q3hp4}totc2{628*omo(v}BxczC4#iE0v z<-jf3n%vKvE`XkJ?1A~XsiBTMji$$0NWsxT+UT4~=K*q&LFrTwv`xeh3X46?JdY~W7e;m_D!|@GodOM!ae~;~ z+@;tZ^(!%c-WgQ&0&&;Ir-~5aSMaQ7kkqO)j{?_4vd&R{Umo5a{k=aae1(=wGR4hV zrS2{QalkN7#4lVQ;y*)S`J~eVCUTta+)u@A#F9jxNlmH#6t9yTJa@XpncS-Ntm7Dj z5WXE10F@7F4h+c+~m4{%rbMuUpfq;=f{ZFM$?S1+Oq22Nw9tfaECj{Vdq+}Ut>A-QY67VS&Bhe zqV?AX-@>ELII70dYrvYZ?!jlSqAdZof8V2=&?Oa@TZJ0G@rObNzuf-sfMR?Fcg+6O z4kQNAZ>}@`bkHU)iDf&E0=dda+AJO@mey>d65ZVvOI9q*}t{jmyys$%T>V5 zwngAnkmWuO*(R3M_me2C?si#@%h~^gWeZkJExe$no#qn*=c5iqYAzGX32xMD$voN6 z1-Zg{RQuDqs!=Ttx!%w_Lon<{5eQtx#eD`Naj10s>G)5cSGiR;nvE2ZNkJ-P^17(I zbwrTbO(#rRljSbrWb6XPH4VtMRk)v0SJlqiz0)Q~#mGvK$tpMb5yF+9m(-UsXVu3W z6lJ_fX#y@4azK81lgaWnXPxks^gnk|LZo#*33-ulW3a+J${R&C`qN=|&Mi^uBk_Km zKkrtKo_&>k7e)Jvtl(z8sXZtvd99XmV;pwad=Q#$N2gzeBRQrbQziJ3k4LMt%!x+l z^B90s8TY+W>!{nT4jbv%p8MXPTAW8MdJBT+GM}SU@V9>%Dm+EB$yM#nGWb4Z2 zHXl({X{{4Yuj_+|ToqS&jj|2E5DK8kR5)sL)NYEJL>E2?j~SvhrfeG}NHe)ml?r*d ze#$ATZ{+MTSP9=sW;uFeb3-ylT0EL47D7b)T;u(SMg*EsZIKxP(~G}0P}jZiJ-wcl zos306?6it!i=i(gpNT$^<)(1WPQar78U{hjfwRnpC`<@Gf^ic%z=X?@MzC84*$117D-=|D z(5p!7oWkJ27Y25F9Uu@RB%XuDQIA}+<($Fop+ki~6U_sL<(|-=?&T^I6|7n=RCRyL zD^;_#9FGqL_3Qu{MAje*1MxZT;!Vh1Wbg_F4KdM)+auIMh$^N$LL{|W9zkCt;Ve*1 zDBJiFsFud9uJ#!CThh25bA+3|1v0oH&r$v&@@}8gtA<4k)*iOy=YVr+ts&4fOZHf5 zYkRY*1fBe^MK`(9gsGSMKfXMD%*g&Q910Zv;N{Gw1A@?ry;?;~Xpa2hz!%vLp2>=% zuI$g$QhJ&t8sEy_x&k#{>*zM3q?g^6kcn>P#w9YaHhA(4AhJ*@mgJ%|c_dH`;6U$X zM5E`~qw6v=pBem+Q<`z)RHUN@s{XvF{I59&yIH)+#+KJbTc>He z3a^nar`VfBkXC|Ss}pQBPvRx8DZBBk^cAeG_-qC+(y{P@^ntxyJ1EJyjE|1`^cx`q zh&)FKDaw5At4*(i#z(cb=Jnhp7ms%wvWLk9)eB{kvn*e*#3i=a_?iL=%L8!4+2eIE z=dflZC@M5tvJq_u(GGvq(`U&%)Bav^dh1X9SuZrXj+HF9pUqmX&N?*%J9yevO$$ih zRw*@b{1p3>0*i~eoYn#u@v9gAGP?s#f;X4IS5@X$&n+z<9U&&-ATzDO$YSuo9IiBK|#n*38PxFE%3qmb+ z!i^Ioce=H71m#SD-NM>Z7Wq65n8DVBk*|e)!AczyC&#a@^RpNXJ?Ukq4j~pkFfDlGNo}H222< literal 0 HcmV?d00001 diff --git a/kolla-ansible/config/horizon/custom_local_settings b/kolla-ansible/config/horizon/custom_local_settings new file mode 100644 index 0000000..9c7d766 --- /dev/null +++ b/kolla-ansible/config/horizon/custom_local_settings @@ -0,0 +1,3 @@ +LAUNCH_INSTANCE_DEFAULTS = { + 'create_volume': False, +} diff --git a/kolla-ansible/config/neutron/ml2_conf.ini b/kolla-ansible/config/neutron/ml2_conf.ini new file mode 100644 index 0000000..d7b13a4 --- /dev/null +++ b/kolla-ansible/config/neutron/ml2_conf.ini @@ -0,0 +1,9 @@ +[ml2] +extension_drivers = port_security,dns_domain_ports,subnet_dns_publish_fixed_ip +path_mtu = 9000 + +[ml2_type_vlan] +network_vlan_ranges = physnet1:110:119 + +[ml2_type_vxlan] +vni_ranges = 1000:2000 \ No newline at end of file diff --git a/kolla-ansible/config/neutron/neutron.conf b/kolla-ansible/config/neutron/neutron.conf new file mode 100644 index 0000000..ccd833d --- /dev/null +++ b/kolla-ansible/config/neutron/neutron.conf @@ -0,0 +1,2 @@ +[DEFAULT] +global_physnet_mtu = 9000 \ No newline at end of file diff --git a/kolla-ansible/config/nfs_shares b/kolla-ansible/config/nfs_shares new file mode 100644 index 0000000..820eecc --- /dev/null +++ b/kolla-ansible/config/nfs_shares @@ -0,0 +1 @@ +192.168.1.10:/volume1/openstack diff --git a/kolla-ansible/config/nova/ceph.client.cinder.keyring b/kolla-ansible/config/nova/ceph.client.cinder.keyring new file mode 100644 index 0000000..af444ea --- /dev/null +++ b/kolla-ansible/config/nova/ceph.client.cinder.keyring @@ -0,0 +1,2 @@ +[client.cinder] +key = AQAGN0ho6ZPOGxAAssuvO4fCUc+VcUSSQe5dwA== diff --git a/kolla-ansible/config/nova/ceph.client.nova.keyring b/kolla-ansible/config/nova/ceph.client.nova.keyring new file mode 100644 index 0000000..63960f0 --- /dev/null +++ b/kolla-ansible/config/nova/ceph.client.nova.keyring @@ -0,0 +1,2 @@ +[client.nova] +key = AQAGN0hog4SFLxAA4cx4MQvwTd3VNZ03mXlXtw== diff --git a/kolla-ansible/config/nova/ceph.conf b/kolla-ansible/config/nova/ceph.conf new file mode 100644 index 0000000..f6aa960 --- /dev/null +++ b/kolla-ansible/config/nova/ceph.conf @@ -0,0 +1,3 @@ +[global] +fsid = 1e61b741-45df-11f0-aa93-3c493705c28c +mon_host = [v2:192.168.105.105:3300/0,v1:192.168.105.105:6789/0] [v2:192.168.105.217:3300/0,v1:192.168.105.217:6789/0] [v2:192.168.105.11:3300/0,v1:192.168.105.11:6789/0] diff --git a/kolla-ansible/config/nova/nova.conf b/kolla-ansible/config/nova/nova.conf new file mode 100644 index 0000000..467c0f3 --- /dev/null +++ b/kolla-ansible/config/nova/nova.conf @@ -0,0 +1,2 @@ +[DEFAULT] +resume_guests_state_on_host_boot = True diff --git a/kolla-ansible/config/octavia/client.cert-and-key.pem b/kolla-ansible/config/octavia/client.cert-and-key.pem new file mode 100644 index 0000000..9d6e674 --- /dev/null +++ b/kolla-ansible/config/octavia/client.cert-and-key.pem @@ -0,0 +1,85 @@ +-----BEGIN CERTIFICATE----- +MIIFtjCCA56gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwZDELMAkGA1UEBhMCQ0gx +DzANBgNVBAgMBkFhcmdhdTESMBAGA1UECgwJT3BlblN0YWNrMRAwDgYDVQQLDAdP +Y3RhdmlhMR4wHAYDVQQDDBVjbGllbnQtY2EuZXhhbXBsZS5vcmcwHhcNMjUwNDE0 +MTg0NTA0WhcNMjYwNDE0MTg0NTA0WjBhMQswCQYDVQQGEwJDSDEPMA0GA1UECAwG +QWFyZ2F1MRIwEAYDVQQKDAlPcGVuU3RhY2sxEDAOBgNVBAsMB09jdGF2aWExGzAZ +BgNVBAMMEmNsaWVudC5leGFtcGxlLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIP +ADCCAgoCggIBAMKbP5olK/ydPkoE7v+MsPqebMuqQpkaPAIZA5XdU0BNS8gx/OW2 +3/g7nF/hYFQLxYb8s/eTOWZPTRl/dTyiDflB0FU9F9AXfZA/3hpNThNNAlU9QDjp +S3Ylh2mNHt5DDzsG0nKM7Lkm7oU9C9Ny9+i2FYgdBQDIQumCdg33tAJT0V9GGUBX +Kb0Km5eOOixzsolkp+1gyL27rU5xBAq8mrn/IavVwO94mDk7xk3enWHtwQpy0YKU +IwE1Bwms3RxKeKOb5OegzodpgX/bPlbWtsQz2sSP16OQ1Wyuj03R6mfogI2mxcOV +Mtiji3mOMZniIl42deA3Ln6wx5iQcLovyIvLeIIiCrr/Zqq0rhikTgPQ0CY0s7Td +ykU870QsYM6vDl0wmUmBQLX+HbOmCJCY7mpu2fHWdjz7OYlu1sP4sd/hxPpJgwbP +z3CUCIh3e3CP67ps+sAuFR2H8cxdvFGIhn/0mi0BDyga+E4HHBC1IT5ODSGS7T+L +vx2T586oN+REuXZAKFvJiWQfpEzKuHFVTEYkkYxLXvKVKZRilXH4fPvpGiGdUQRn +2RAaDissngi7KepkzWChBeRZNbn7eG29t1u8tSRLaRWVKX1JJ1UPlOA8yQV9WJ9r +3y3hmqDnIlnZRVid9hQ5BT/ptxp7wlnEhm0gzbS5oEdgQ0hJCjF11/3dAgMBAAGj +dTBzMB0GA1UdDgQWBBTdTxlhxIrBRYB7JI8UyvMrgmGZvjAfBgNVHSMEGDAWgBSV +r/rauTcSTIqHFhPjf9QYsH4o/jAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIH +gDATBgNVHSUEDDAKBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAgEAaXHWaFzr +GVhMrsdbUNd6gk+uAjhmRX2xAbswLuHEVK/0Ud+cqXCcJztExUb0edglpL8SvRsY +CAE89jZdZGAzDFUBrQLZ7yvfBWcnau8jpE5PAgqY6xbmeWMSwKBFdUvU0sQ7S/xz +nSyjfbtd7memmfkd1iivEqQL3EeDs91+0qE+6BdrDsRuKYRWQHbk3c9/e8P8hzjI +ztJwJXQVAH7Z8pN2cOm5hxWoptmOOMrezQWZ22eEKN8lPzjozR77mWtTMjZvSC2J +xFuXx/BBDQ8vGhoe7y52Uv2RRPczf0zQ1wCezXZxKRUr2bwNLq/Kv8QJglKLMTWs +RUWjP2uMKK2N70s0OxQZOzMK3JLJ9lVqSdvPjoCKnz88l+JG6qd7xKuibZIsJqhm +f+C0ZpTGOgS2rfZbGku20h9MXOGJQyTE+OxRhVrIikgygQJ910kqj2W4WPFZ75sV +i7A6PvU5R6X9Ilq5R+4E+ro8nZBr+ejpMlvgtWyrLuj+x2yY3l8QAHI4WQx38h5Y +rvbYgUIhqVqKC+vmyveYuJHl7ipYQvQCgVNg/dCh78Adjwu768soz6Y0U3gwLfyS +sJLlAPWJup2oJiE+Md89L46yhZ5aqQEkBiy6UiHjtaM8DH9yHg+/zxG+14/RJtac +N/OEXZ4XcnaJ8QWFG2ZIbLSDNzwYxZMtnnU= +-----END CERTIFICATE----- +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDCmz+aJSv8nT5K +BO7/jLD6nmzLqkKZGjwCGQOV3VNATUvIMfzltt/4O5xf4WBUC8WG/LP3kzlmT00Z +f3U8og35QdBVPRfQF32QP94aTU4TTQJVPUA46Ut2JYdpjR7eQw87BtJyjOy5Ju6F +PQvTcvfothWIHQUAyELpgnYN97QCU9FfRhlAVym9CpuXjjosc7KJZKftYMi9u61O +cQQKvJq5/yGr1cDveJg5O8ZN3p1h7cEKctGClCMBNQcJrN0cSnijm+TnoM6HaYF/ +2z5W1rbEM9rEj9ejkNVsro9N0epn6ICNpsXDlTLYo4t5jjGZ4iJeNnXgNy5+sMeY +kHC6L8iLy3iCIgq6/2aqtK4YpE4D0NAmNLO03cpFPO9ELGDOrw5dMJlJgUC1/h2z +pgiQmO5qbtnx1nY8+zmJbtbD+LHf4cT6SYMGz89wlAiId3twj+u6bPrALhUdh/HM +XbxRiIZ/9JotAQ8oGvhOBxwQtSE+Tg0hku0/i78dk+fOqDfkRLl2QChbyYlkH6RM +yrhxVUxGJJGMS17ylSmUYpVx+Hz76RohnVEEZ9kQGg4rLJ4IuynqZM1goQXkWTW5 ++3htvbdbvLUkS2kVlSl9SSdVD5TgPMkFfVifa98t4Zqg5yJZ2UVYnfYUOQU/6bca +e8JZxIZtIM20uaBHYENISQoxddf93QIDAQABAoICAEusKtM52Rzl2C7YNEdS4g7S +Q+P+VN9MAEGgkHBaG+FJLUqvhXOd5QGVzHzMGrUTzr9qzGBc81kBRS3BDkmBioV+ +PhCnLPdR6xWIgEkh/lYq/9k9dBetQBa1CS7WHUa4NNfzEypP+k0VAnL1BgA3GId5 +Jm5DOorPVJWQkW9k/q5ZAXVWwMLwId7MnSwVtjFK3AXpChOYKvb8X6u87qFuLYxd +1S4IdHmqHydCQx5Mjk5iMUpq02U/TU1O3Wm5ulEh9D9Kg3w+X5DwSdb53gfOfktV +DqCYfnWwAA2+4yKTmd7F3hc23nfrMFZlYfrmfAsmj86qxrNlQcMp4rNEl1EO+6AR +UGlCCJTNzMT/Rr1QFSTWdzIMdzdzHY0AwyATrCPy3GzuiGR0+8yUrB/TXcMqPxh5 +uJ29rtpMtBvyK0qihPy3gVCuFYenuZVpDbRhDlUT9gbWipb91AtsuuygQfyk+mDM +WaOdL1Tv2yerrCXEcQBV7KNCfyynbc/DuBzxcc/Fgx+stn3z5MdmOsrQXK8rqA3V +igyHd1dhBeXJnoYL76brF1hHZilYE7sYapK3ieoQC+JkqqYceNFC5zx7qXNKRmD7 +AaUTT95cFNMP190sp+mBF+rxb2omuuL3WVomjjLi0RBHRUmwyPSQCSiS1xFFMhGX +jkGx4eqaAfFcv7W/JLFRAoIBAQD/vr+ZeEGU3Ygk+oB/Fjus7/9x4x3k/x+W837m +7joMLAagesJrvMfuPb2pcdgk27iE7DwnMDHdINcHH7qAZpLAvuzjJyuSpIL2wbW7 +lTHD3TIXbEUNH6kgk4XZSck8NGARlncn7EFWs0QDSJCB6j4cEuuvNVvEYrDhgPoh +38pfpPLxP/BlYkH0YlEVVpJuBV73kun3S19TVmgsZpuB9uT7mHMPP7M9uTl3GanT +VIUAnOQDr0t8UNUVAhyhkogj5pa8HcOQ0K22uop1d+CIWINlsjDdSFWcN9BPnITV +kvIe3KOiR5JztOU/Zh/men2oLMT9bTVvUEOQdzz3+GqBrWnrAoIBAQDCzOah8uH8 +dg+DutyBxdDxpc1HZycfKEm1aX/ZRnbpXBeHGuvjFZMBM4jbdngU5i+ionQ+wgFb +l03YwTwzoHRsEDdvsvQjo76I34AsGccIDr7bBu5ydS5RhprJkxIiDx+JtJeaV6Oh +bk+U9zVLdP5wIRhItiujadp/xgPNrgnULLDLxaKeG7BNjRz83wrmPXH9I5SxBNcK +ZqciK04Zue+aJW4dktEAXUj+Ra6ISznvSlaeEDEecxp64mmwJkdya5k66MkxUuoE +5VVjBo9IyCyxJJzWxJbmJTLf3L5TIkGVzbvZ1ScE0K6iyPTWTIUS37dkHJ387QBb +WAt9lJW+BD1XAoIBAQCzm3jgBU65h6N3pN3dYvXiDGLvzrtN+cZrsvIqqJ/nsHuu +9MfZ9ijLLl0mxScxK4Y5A9dzBiveypN5E1Vdm6vw5aVkGjxFrnezaHODG9JpZc0q +GgWco+GZWUGlSmaje30EnRFt3kQ86YUYcTvboXChMsCGugiKsWzb0kLYy1xLM4LS +3z6rVQhQ40NiovwPfIIniOv7mtmFo6dhl2YbLhO+hmA4E1qEPLMY69MS8ca+mXCh +DdkLo5EiQettpYUrAWRXFOglqgh1zigzO09bMh6Fq1EZ9xT4s1H+t0Oq4ppcBkR9 +UZqO3Dor/kLlEJ1zII3wFWRzmoD40mTlGXdjPzClAoIBAGdR1mG/OS12UPRFf/80 +tIX2stJUW+OisrWNp0nOnfNX7QKzvLlNEBNrCgOc6kPrcwiHsbA3phC2R4vXsd6Q +FC/cygpsmCDvEHf4UzsQ0QftCj2Rh5cdn9uN0Ttozg1SiB+5sU8jfJ56q6sPEy1a +eDlw1Dh8ptidpE5w8EN/M6ddrMfno0DI3tHDLsTQaC+GF5dz78GUF5pkp/DvlxT+ +EZ9oiucUn9XZpIV44AFaJPhOLXLYk7TayAi1XekX5H1DpJoiLdQDbiv6lzdWm1i3 +Ez1Bdg5TZtXalQk3Q5tEaBTUcfYvn+pl5Lpia7neDBbeoZ5vrzwfWDkakb2huWp3 +RTECggEAco5JiP4qFJ979jdPZTkI0l8R776yCrnrjnmaomqbtHIhzBsOHamu3wXb +tnk06gWzBQ9JCd9UJ1GZRMyGsCS1Q9+H0LEpZjROQ0i8F7cO5LyOtFfMCITOWfZ8 +GQiHlwEiD/c7m62ctaI/gcKDgywmc1HZmWakwZWwafFqW/PCcnVAyi11gP9C60/T +gFnlZJa1+K2XAb6zYnnj2YwBAaJThj8q64saGAsdBuWiaQswzM4SelhM8DYTTNsK +6tEjnTKFMM/X3TuDFZwHdTIKfp/G85fX0Y/S77eoJsbVtmzNvplcqmYhArbWrvzu +Ap9Grkjj6HB+bU+kkWTjo16dREKTKQ== +-----END PRIVATE KEY----- diff --git a/kolla-ansible/config/octavia/client_ca.cert.pem b/kolla-ansible/config/octavia/client_ca.cert.pem new file mode 100644 index 0000000..47d94e3 --- /dev/null +++ b/kolla-ansible/config/octavia/client_ca.cert.pem @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFuTCCA6GgAwIBAgIUZBRKMHg+nLCtIlrOJ2TirJsaYRMwDQYJKoZIhvcNAQEL +BQAwZDELMAkGA1UEBhMCQ0gxDzANBgNVBAgMBkFhcmdhdTESMBAGA1UECgwJT3Bl +blN0YWNrMRAwDgYDVQQLDAdPY3RhdmlhMR4wHAYDVQQDDBVjbGllbnQtY2EuZXhh +bXBsZS5vcmcwHhcNMjUwNDE0MTg0NTAyWhcNMzUwNDEyMTg0NTAyWjBkMQswCQYD +VQQGEwJDSDEPMA0GA1UECAwGQWFyZ2F1MRIwEAYDVQQKDAlPcGVuU3RhY2sxEDAO +BgNVBAsMB09jdGF2aWExHjAcBgNVBAMMFWNsaWVudC1jYS5leGFtcGxlLm9yZzCC +AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMC46TQXtmtYYCulf3Osb0Hz +yHPQU6pLFNL61qvtPTwe3fomy9tBDS4lVv7ZYfoGjbCDES3xKnY48xy8gvyCa1Dg +weQMfdgd0kpAiyoGItHXWw5JLZtg5YNdd5muJ91krvsRJsuJeemSkUxGME7cm3Y3 +Czt3Datl/d8HcCAnyYZzCv2ixZQS6h8u6noX7HN3tOiaeSEtXLAvJUf15njXYwZ2 +MfsNz6VQxL0UjhvGbZt3Z0cIzfBNRTe4Jv7ygcNMODUppiMPmOT5JbXxogb1Q080 +bqsMlOfM9WhjESjCNKQqhS5YAn25swZ/qZvHRfldJjBIA0l3FirgbHzTZOM9BVAo +osc6q82AGsuCesdSsMFb1VLjhLwTq0LiRF2+hnYzvRbiOsAH7aIP0gnbgLN3D5Vv +9bvog8z6QZ06e9P3XOUTBNWzTPRCaGQA8rm6qOHRqgbIbm+0npzA7siHmQqQl3uH +GwjBQ50XOwyFG+SNTZLCHC1An5NPkT739qLUKCqkle65I0rnWJFKxZO5Zj2ih9C2 +v9jYHHo8Cp9cOyBUc+zI3MOBs63so8WDzF8bR0hDIkc2TkUT1/Y2dG84r0iRXD62 +MLEwp88d+2JzsCYCLHbBBTtRJ2H2sis9xedazwKcAvAXB0LBnS6qQv7Ok0SC6GsW +SCW/FoOmXOYSspErI4xxAgMBAAGjYzBhMB0GA1UdDgQWBBSVr/rauTcSTIqHFhPj +f9QYsH4o/jAfBgNVHSMEGDAWgBSVr/rauTcSTIqHFhPjf9QYsH4o/jAPBgNVHRMB +Af8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAf4xZ +UvtXy8GvLAtE5O9dHXa0cqiw3FSIkB94u1wGIDyq8FT0uXTR6GvbSbCbcrZhds1u +AcPdFJXu0tSekMn+DCALpfTX/8RqJyU57zh+02RZTrlIqSsGsTv+PFhC/hI44fmx ++ONVXUfNOdNGembR2xo/g01VLSh1kwHzf4EgusNp6RDGm04liMlILlo8JUV0gzoW +d+A/usgPzmEkGi5NHcSIVc15etj1Z3PvKRqlNdlTz7HPlqn+2vqLK5OoeoGdyM9C +8ZVx5xfcVowBdjHNYOykI8HsLLp8fXFSfh3T1h5MdAS/VCJAZdTjgnuV674CRO70 +Cy9ELU+Tyjbonfkcs+oBn4BrK+pXRbL5guF7abcRKwlVlcb72M1VkCUe3dcEGxaG +SaQPs2GydtraVOC74nki7V7bj2G0KwVP74Tey85cTCQcxRV2rMZ1TMWCR5s/9MbD +jKMtAakb8j4yQej5fLz2gnzGsSqslFDzEQ3kMqFgxnHcTad0dqnv1aLxrclDgn8t +zlnQcPVdyl5Vxl4X+7atG+Xa81niEEEIf38dV7KuvnYOlNr5zYZO+xFV6TDjuMGi +Huska/n3AZ159Rk1wM8Q1TyEFbdxjZ91a1UDPjXDhD+Z1aH8oaesvxwFd2e0u2+0 +sdDgdBMGYNPySMFyGmCBc3vO79HijzDW/OxmJ7M= +-----END CERTIFICATE----- diff --git a/kolla-ansible/config/octavia/server_ca.cert.pem b/kolla-ansible/config/octavia/server_ca.cert.pem new file mode 100644 index 0000000..8782554 --- /dev/null +++ b/kolla-ansible/config/octavia/server_ca.cert.pem @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFuTCCA6GgAwIBAgIUCB2lEvG1aThxW4b/kwm6Q0/uZN8wDQYJKoZIhvcNAQEL +BQAwZDELMAkGA1UEBhMCQ0gxDzANBgNVBAgMBkFhcmdhdTESMBAGA1UECgwJT3Bl +blN0YWNrMRAwDgYDVQQLDAdPY3RhdmlhMR4wHAYDVQQDDBVzZXJ2ZXItY2EuZXhh +bXBsZS5vcmcwHhcNMjUwNDE0MTg0NTAxWhcNMzUwNDEyMTg0NTAxWjBkMQswCQYD +VQQGEwJDSDEPMA0GA1UECAwGQWFyZ2F1MRIwEAYDVQQKDAlPcGVuU3RhY2sxEDAO +BgNVBAsMB09jdGF2aWExHjAcBgNVBAMMFXNlcnZlci1jYS5leGFtcGxlLm9yZzCC +AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK2BhhiaG4H/JwCCGyv5+ZJX +qsypfMFUvLuMwb+vX4nukOUTsQSKTOji+LNG0GAUFWkssmkLh/T166WDaYHMpdaX +Avb1TfgIb68YT1tXU12uwtlp1RBl9qvHpFMzZ1g4OKaqjRIK7JDz91UFwTydz63R +gM2u3/BUGj1qgeb/Y2jC5FLb4ABxTVy3tQJF1hOUOg2eauqEk/3DNq9r3PXJxqv1 +slD2KUoPBQqolFAOP+dVY/AMV8sQ/6+RAbfmq2WdOs21fasc2e7XYa164xyd2biX +qRqHaAI7YWMmWZju4c4SaDynvQYy35147pO6+24DbbtAWzspynm888YRTll8Ezgl +O1s3hpoG98PZUcaCgiGlULAnaedHRZ4D9IGFs29EHVUF/5LwJLSYBLXkGA1yjo+t +3zSMBh8Dem6NlwkipcO1XW70MSyjeL3zBUSjdbf6W7AdMF65fUNt4qqy4tLWB1xC +X6Kk3VNMJgsJCBggB9ypJ/S5G912Yf75fd2E0IsavqfYvwltdv+dJika0w/hjuyz +nAZorZyz4d+SMh6jQIF3f8BEkA5n+bKPwyZ5en/HHKcTsJcHGNON0jxp5EO/v29p +eixcDv5KspLUPeDW7+UQqwGSd0YFngmlZfcHHR3USQenNYyDQ7OJClAhQp3lnH5T +LxdWyp0ZPWi6Jqve3vTTAgMBAAGjYzBhMB0GA1UdDgQWBBRDXn/oho3okugX/3PZ +gvIi76OffDAfBgNVHSMEGDAWgBRDXn/oho3okugX/3PZgvIi76OffDAPBgNVHRMB +Af8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAOOaL +zV0pylMNzv/IdCjHS6s02VVmP7VzI0oDKXE87FbPBDLHDazNNf/wfITla37Covye +satC6xcPWrwM0sIeqt9uD/CHDpp2oTvb4UqGf4bdJzgFPSnT+yi4fKmWTJ1gCeSI +J9O2vTmhasBN00ozg2EocaeIG9JD2UXV+ttVwn+pHr95cM37YCas1IS+XSVy4bSs +4Gc/ezbTiddM3r81mSIb+P2Tx+YbetwflthlrWxB98H8e7zAxtnZGjQ6he3sGY2P +4KFAd6GB4qmRLYDFF3hb9bqx2zQosxnaaeMZ2i2jpGKwpDxSpG7rsG1ceEG+e1dH +mN5ezhR//CXFjzqgeYB61XMm2V2AVh2dvniGQ8oTckFFn/E01j4BTG6VPd3KkZu/ +s0KIM1+ncVggo0oIPfsnWT5IEkJ043T0o0x5wCwrDlLTJ+sDhu61Kp9Soytxm0oI +TxHotabiT8k5mULgCSkX1uOjUIYCOYjSX2FrPce2Sfs6Mju59CaurIMjfQsKTuLe +IheUs5sOEtSav4pjqg2U6k8MGembgjSoqTfEk3bnKkpVyKaP0HQswQJ6eO6wtPWT +Rvk0zXfknHXaQF+Olau1X2bTvmEbk0Gqjj4wG67ZldOXru8mf5htj9xzEPE6RoHi +2oayF2zNtwlunDCSNyZDftcyGLFuF/5T+nFJfYs= +-----END CERTIFICATE----- diff --git a/kolla-ansible/config/octavia/server_ca.key.pem b/kolla-ansible/config/octavia/server_ca.key.pem new file mode 100644 index 0000000..7f4a918 --- /dev/null +++ b/kolla-ansible/config/octavia/server_ca.key.pem @@ -0,0 +1,54 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIJrTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQI61DYriqPUrsCAggA +MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBAlmn6sMPrAs/OLhWsnGgxFBIIJ +UGuQnpwulG4bB/rf1AVLDS4ZRmCpJ23uhXjT5nhKtmP6TW2x60t79QZRyPkvNzhy +4EO0nOYoaCEyvTcUSfanlpZzY62AMHg4mH+eyygNrHWSMPg4g0m8ARGBp2n5aPMb +Y+hNMvIqVf7zUN2es86ve3FWwZqPxTkieoEjUH27CFW6IALTm84/NqNtp0EMaiwj +6trgpyQqTkUHI0AG2hjdNNKqMEY+/LJsyxZaQb1/a3IR/mqhfwGlMb/KIjBMVKF0 +XdCJsbVYrSAljCHFaPA5dXh6t88wBC0RiJCQO2XDagXDHrgVkM7weT1wZgGwIWxl +v+o9YJbnalHKNGxfywqtb6cxrjpgDZQ3c5MU/bk70v3aMlq/mwZBIQlevHOPjY9h +0lf0loEEKvb9VUNuIl53mq1bNbq81M7pN8Sux5lujcVALxXi3T9ZxUfhhd1FuvGq +yAbekIJt300G64BNj7OC9MDSjHA+5dZMz46VgabUirwhI8KC4bTfFIMwS+79ERF6 +EVr9ENg9TX4bjPrZijaGHAwCrlbmTN6r3Ssq0nj7JUHeB7Nr4Wq+3hm5Y9S1eDDt +5oDVAj/WqGloS4s2Jrq+fpqqRIxoMJ46dvZ/4bXQOSL/iMT3wbqgNYOPnY4K/q5p +zvDM9BIOIimh85VeDnWMhDU1LmRitRIQzZ/OumvGU2aA+a4vqroJOSCre0SPFlee +Fxn3aCrClgMh/akNYjKX6dxuED9n3yXI8d+sRiYVIssUy5p/0aMktLU4OR+HIBzC +lmhFyiKH6oaDcvNURY3G9tkT6aE/B7zMhmIcX7w4Kdaz3Me3FTKajQ20s6LrKwKC +ScCNZV/DfgsgCOluPKZz/Pdc0A54ngJeQdm1VhtdbjVP5Go+zLa4TIHS6IafZG9Z +XGsgaIh0ItFuCeELDPCN/pRv9o25SbRMUAtCHQ8ljFOadaLIYEA4RpcuVpVtv9ZS +g1csHMwJOUlJaFJPjymAIfMZoZf7PfvxL7egeHiHwfEFSE29Kh0b2dhVuMFK5oL0 +wrbu0FkW7TY/r/vYRtuAYtzm/4tm2v2Aemb56ISKJnLqvntbZ9Z7QI1diWoi2TR1 +OWfSQiJQCbQknBJUw0puGudj70G7Lr0QBGlK9lao/FDYqQosSM7Ko2LhdnURUAC+ +6zdXE8gFevNjaMaIDfsvk1nrs94+k6gdvSwPPWaaIeIN3qIC08XuwV8wrUP3Z8gF +eqGq02F4g47zI+3H1kq56tBfCnz8FIDPku8il0LEDQ8evABHkcTPij8H50N6dJBM +9bomztzASmUvdnLT2MaP+fJ0Ny3A0xD1EyT75h8H17ReLqXQ5vmNZKeTzm3UtAui +hxvDqBE49S41HykeHx6dCmQHpt86H0tAdFeg4PC//plKplkyFVqYm/IOdNEvZ4/q +X7uQbi2YIFbOpwzGcL+359RYfcPyuEslYo81sD5PU4KJZFXeAoEc7NMgK2LLYAc2 +JMOa4OKgXZdoiE40Q3k0GkOWNaAVA6+P/9pOHKEwhykm+u4l2Ws8SDjH1sHIMxoV +BE6tX/3s4X+B6gM78ApUwv7MfWzBNF63hllYH0redrs4lXqfMGzgp9W7eyt2f2CZ +ak7bt+JmFLu9A0EgKDuhsw82nX7074qGhKwQPG2ru83vgOgBiYtRujTuZhgJWGE2 +SaxQmQ9uPDt6bC1ikvQLph60HuaLr/Kcu0pmYW0//2Xt+Iz0Ppvu5PBTUiRTe6nD +6L2x5fMiqx5/H+tp+E1WjXw/+avOQ/sk+isuF7jJmUgkHdTz9PqSNfXU/OsxcfU9 +FjuqmE218BxahZiW8T1KxjY02lhlntR+IINtMOGc7J50WvbJpYDhX8+vzV6J6EY1 +2DxoJc+DuQ8W9jdh+0+Ls8envwclrYeFTkysYcz5GdyBmLuZ8umpqdswPhKRJ4b/ +JCmhLoaBGXdeVEbU8+5NzRTIusfwlqXzwPmzNH7uSQNxRwmIx7eDnTagGAUmQkHr +JPJWblaxfA+sZCd34YN83HETDXbWPzbwPAwZoUdsgB2P9mu64pfLFQ8SdGOQgWrm +s1EvO9dn9VasgVsn8A7g/dYaW5u6SLsshdoABErk4JIGkwv6rhTg9MgIdAWGA4Sz +22NTA9/NqL2gzBo281OX0N6fEC2l+6t3aar5I8Wpv1I7JLfXCObB7cSRwpZSEKpn +VYOF2HnB46Mrt/hD1uwjSf6lgv+cqqOWxkBQk8VoAD5zmMcRluNd2WbnkzX/6WYn +p+J5DkIjXHLl7FBtJRYw573xkyKmSG9RRPSJEAcTPVuou3Cnxnn9Vwvp+zTM5oKH +WUc1XqKBlU/hFYKUOxlGnMi9F4qnOoKxm5Wpje8vlrGKXrB9jTsqnM0loQTCMyBW +MZBymOTcAiqd/U7aPGBQnnG7PvZuFhGPaos2ETJPlJW50dIL0kWMxBKI1XQ970YG +VfGqh4UUKA+c8VZ7pXLEngXEU3sB8+LKeV1Vo51kYrn8uMM8TdJbjJyLLNo7n9tW +I916iwhIoPdMalF7HO7C5/5i3p/zbH0zD6JmjHYrm62WyXiJeRtEiS47HTVYtVqq +fAZ59saDmCV55kYf1qrasF3JQe8Cotv0X7ZyhKtLxMufwSB7xtYxNMmqIytCZrfr +6AKSt1EBmMI/ooKeXRNIjlK2LW2H2RbsdWKheQDSGO7583zH1P4Rzw2tEt8IX8vJ +cvD5tnU/ZRod1DGtiPgwohXSNjvCPK4YbTXv4XPJn4qPGSQArJhfZVSgtqFio3Gc +uBFrkXwD+9kVsiTGvCDaUZXAHSRWZ3y2LQ7vx1VPy93SAOGVXU5IWBRmjXVUrDfY +u60uKRKPzoGOg0LBu/9dUhm359Q07RpoAfHO/+V6+kXoBNmpzY/8lVh4FgdTTP2T +APUirytMRqHWgzw1R0DcM8ZoIEOgOWlM/kXGq+JuIO75g7CbapKI8+Rf/OidXrDK +NhDGu1IxCD618scql+zPcg+DmCQo6EwOiCyM26VqN01chtRnZLPL37AddTJGlXe/ +ABVuLKtKYaeGnaUC6tEo7rbiPll8VoKc0WTnyy2AlANmxgh9Q+iGh6owYOV6ygLm +5JN2gDXlACtsAGecEDp93JBB6+a2CdtPKMUvN4HlIy8H79L7dddaoKI20ALG9zAQ +Kvcq+cd7Jv/km7Jjy97fUH5gru238g1T5DNBng2s6w8H +-----END ENCRYPTED PRIVATE KEY----- diff --git a/kolla-ansible/globals.yml b/kolla-ansible/globals.yml new file mode 100644 index 0000000..8a5d645 --- /dev/null +++ b/kolla-ansible/globals.yml @@ -0,0 +1,879 @@ +--- +# You can use this file to override _any_ variable throughout Kolla. +# Additional options can be found in the +# 'kolla-ansible/ansible/group_vars/all.yml' file. Default value of all the +# commented parameters are shown here, To override the default value uncomment +# the parameter and change its value. + +# Dummy variable to allow Ansible to accept this file. +workaround_ansible_issue_8743: yes + +################### +# Ansible options +################### + +# This variable is used as the "filter" argument for the setup module. For +# instance, if one wants to remove/ignore all Neutron interface facts: +# kolla_ansible_setup_filter: "ansible_[!qt]*" +# By default, we do not provide a filter. +#kolla_ansible_setup_filter: "{{ omit }}" + +# This variable is used as the "gather_subset" argument for the setup module. +# For instance, if one wants to avoid collecting facts via facter: +# kolla_ansible_setup_gather_subset: "all,!facter" +# By default, we do not provide a gather subset. +#kolla_ansible_setup_gather_subset: "{{ omit }}" + +# This variable may be used to set the maximum failure percentage for all +# plays. More fine-grained control is possible via per-service variables, e.g. +# nova_max_fail_percentage. The default behaviour is to set a max fail +# percentage of 100, which is equivalent to not setting it. +#kolla_max_fail_percentage: + +# This variable determines which hosts require facts when using --limit. Facts +# will be gathered using delegation for hosts in this list that are not +# included in the limit. +# By default, this list includes all hosts. +#kolla_ansible_delegate_facts_hosts: "{{ groups['all'] }}" + +############### +# Kolla options +############### +# Valid options are [ COPY_ONCE, COPY_ALWAYS ] +#config_strategy: "COPY_ALWAYS" + +# Valid options are ['centos', 'debian', 'rocky', 'ubuntu'] +#kolla_base_distro: "rocky" + +# Do not override this unless you know what you are doing. +#openstack_release: "master" + +# Docker image tag used by default. +#openstack_tag: "{{ openstack_release ~ openstack_tag_suffix }}" + +# Suffix applied to openstack_release to generate openstack_tag. +#openstack_tag_suffix: "" + +# Location of configuration overrides +#node_custom_config: "{{ node_config }}/config" + +# This should be a VIP, an unused IP on your network that will float between +# the hosts running keepalived for high-availability. If you want to run an +# All-In-One without haproxy and keepalived, you can set enable_haproxy to no +# in "OpenStack options" section, and set this value to the IP of your +# 'network_interface' as set in the Networking section below. +#kolla_internal_vip_address: "10.10.10.254" + +# This is the DNS name that maps to the kolla_internal_vip_address VIP. By +# default it is the same as kolla_internal_vip_address. +#kolla_internal_fqdn: "{{ kolla_internal_vip_address }}" + +# This should be a VIP, an unused IP on your network that will float between +# the hosts running keepalived for high-availability. It defaults to the +# kolla_internal_vip_address, allowing internal and external communication to +# share the same address. Specify a kolla_external_vip_address to separate +# internal and external requests between two VIPs. +#kolla_external_vip_address: "{{ kolla_internal_vip_address }}" + +# The Public address used to communicate with OpenStack as set in the public_url +# for the endpoints that will be created. This DNS name should map to +# kolla_external_vip_address. +#kolla_external_fqdn: "{{ kolla_external_vip_address }}" + +# Optionally change the path to sysctl.conf modified by Kolla Ansible plays. +#kolla_sysctl_conf_path: /etc/sysctl.conf + +################## +# Container engine +################## + +# Set desired container engine to deploy on or migrate to +# Valid options are [ docker, podman ] +#kolla_container_engine: docker + + +################ +# Docker options +################ + +# Custom docker registry settings: +#docker_registry: +# Please read the docs carefully before applying docker_registry_insecure. +#docker_registry_insecure: "no" +#docker_registry_username: +# docker_registry_password is set in the passwords.yml file. + +# Namespace of images: +#docker_namespace: "kolla" + +# Docker client timeout in seconds. +#docker_client_timeout: 120 + +#docker_configure_for_zun: "no" +#containerd_configure_for_zun: "no" +#containerd_grpc_gid: 42463 + +################### +# Messaging options +################### +# Whether to enable TLS for oslo.messaging communication with RabbitMQ. +#om_enable_rabbitmq_tls: "{{ rabbitmq_enable_tls | bool }}" +# CA certificate bundle in containers using oslo.messaging with RabbitMQ TLS. +#om_rabbitmq_cacert: "{{ rabbitmq_cacert }}" + +############################## +# Neutron - Networking Options +############################## +# This interface is what all your api services will be bound to by default. +# Additionally, all vxlan/tunnel and storage network traffic will go over this +# interface by default. This interface must contain an IP address. +# It is possible for hosts to have non-matching names of interfaces - these can +# be set in an inventory file per host or per group or stored separately, see +# http://docs.ansible.com/ansible/latest/intro_inventory.html +# Yet another way to workaround the naming problem is to create a bond for the +# interface on all hosts and give the bond name here. Similar strategy can be +# followed for other types of interfaces. +#network_interface: "eth0" + +# These can be adjusted for even more customization. The default is the same as +# the 'network_interface'. These interfaces must contain an IP address. +#kolla_external_vip_interface: "{{ network_interface }}" +#api_interface: "{{ network_interface }}" +#tunnel_interface: "{{ network_interface }}" +#dns_interface: "{{ network_interface }}" +#octavia_network_interface: "{{ api_interface }}" + +# Configure the address family (AF) per network. +# Valid options are [ ipv4, ipv6 ] +#network_address_family: "ipv4" +#api_address_family: "{{ network_address_family }}" +#storage_address_family: "{{ network_address_family }}" +#migration_address_family: "{{ api_address_family }}" +#tunnel_address_family: "{{ network_address_family }}" +#octavia_network_address_family: "{{ api_address_family }}" +#bifrost_network_address_family: "{{ network_address_family }}" +#dns_address_family: "{{ network_address_family }}" + +# This is the raw interface given to neutron as its external network port. Even +# though an IP address can exist on this interface, it will be unusable in most +# configurations. It is recommended this interface not be configured with any IP +# addresses for that reason. +#neutron_external_interface: "eth1" + +# Valid options are [ openvswitch, ovn, linuxbridge, vmware_nsxv, vmware_nsxv3, vmware_nsxp, vmware_dvs ] +# if vmware_nsxv3 or vmware_nsxp is selected, enable_openvswitch MUST be set to "no" (default is yes) +# Do note linuxbridge is *EXPERIMENTAL* in Neutron since Zed and it requires extra tweaks to config to be usable. +# For details, see: https://docs.openstack.org/neutron/latest/admin/config-experimental-framework.html +#neutron_plugin_agent: "openvswitch" + +# Valid options are [ internal, infoblox ] +#neutron_ipam_driver: "internal" + +# Configure Neutron upgrade option, currently Kolla support +# two upgrade ways for Neutron: legacy_upgrade and rolling_upgrade +# The variable "neutron_enable_rolling_upgrade: yes" is meaning rolling_upgrade +# were enabled and opposite +# Neutron rolling upgrade were enable by default +#neutron_enable_rolling_upgrade: "yes" + +# Configure neutron logging framework to log ingress/egress connections to instances +# for security groups rules. More information can be found here: +# https://docs.openstack.org/neutron/latest/admin/config-logging.html +#enable_neutron_packet_logging: "no" + +#################### +# keepalived options +#################### +# Arbitrary unique number from 0..255 +# This should be changed from the default in the event of a multi-region deployment +# where the VIPs of different regions reside on a common subnet. +#keepalived_virtual_router_id: "51" + +################### +# Dimension options +################### +# This is to provide an extra option to deploy containers with Resource constraints. +# We call it dimensions here. +# The dimensions for each container are defined by a mapping, where each dimension value should be a +# string. +# Reference_Docs +# https://docs.docker.com/config/containers/resource_constraints/ +# eg: +# _dimensions: +# blkio_weight: +# cpu_period: +# cpu_quota: +# cpu_shares: +# cpuset_cpus: +# cpuset_mems: +# mem_limit: +# mem_reservation: +# memswap_limit: +# kernel_memory: +# ulimits: + +##################### +# Healthcheck options +##################### +#enable_container_healthchecks: "yes" +# Healthcheck options for Docker containers +# interval/timeout/start_period are in seconds +#default_container_healthcheck_interval: 30 +#default_container_healthcheck_timeout: 30 +#default_container_healthcheck_retries: 3 +#default_container_healthcheck_start_period: 5 + +################## +# Firewall options +################## +# Configures firewalld on both ubuntu and centos systems +# for enabled services. +# firewalld should be installed beforehand. +# disable_firewall: "true" +# enable_external_api_firewalld: "false" +# external_api_firewalld_zone: "public" + +############# +# TLS options +############# +# To provide encryption and authentication on the kolla_external_vip_interface, +# TLS can be enabled. When TLS is enabled, certificates must be provided to +# allow clients to perform authentication. +#kolla_enable_tls_internal: "no" +#kolla_enable_tls_external: "{{ kolla_enable_tls_internal if kolla_same_external_internal_vip | bool else 'no' }}" +#kolla_certificates_dir: "{{ node_config }}/certificates" +#kolla_external_fqdn_cert: "{{ kolla_certificates_dir }}/haproxy.pem" +#kolla_internal_fqdn_cert: "{{ kolla_certificates_dir }}/haproxy-internal.pem" +#kolla_admin_openrc_cacert: "" +#kolla_copy_ca_into_containers: "no" +#haproxy_backend_cacert: "{{ 'ca-certificates.crt' if kolla_base_distro in ['debian', 'ubuntu'] else 'ca-bundle.trust.crt' }}" +#haproxy_backend_cacert_dir: "/etc/ssl/certs" +#database_enable_tls_backend: "{{ 'yes' if kolla_enable_tls_backend | bool and enable_proxysql | bool else 'no' }}" +################## +# Backend options +################## +#kolla_httpd_keep_alive: "60" +#kolla_httpd_timeout: "60" + +##################### +# Backend TLS options +##################### +#kolla_enable_tls_backend: "no" +#kolla_verify_tls_backend: "yes" +#kolla_tls_backend_cert: "{{ kolla_certificates_dir }}/backend-cert.pem" +#kolla_tls_backend_key: "{{ kolla_certificates_dir }}/backend-key.pem" + +##################### +# ACME client options +##################### +# A list of haproxy backend server directives pointing to addresses used by the +# ACME client to complete http-01 challenge. +# Please read the docs for more details. +#acme_client_servers: [] + +#################### +# LetsEncrypt options +#################### +# This option is required for letsencrypt role to work properly. +#letsencrypt_email: "" + +# Establishes the key type for letsencrypt lego +# Some servers may require a different key type than the default. +# See lego docs for possible options. +#letsencrypt_key_type: "ec256" + +#################### +# LetsEncrypt certificate server options +#################### +#letsencrypt_cert_server: "https://acme-v02.api.letsencrypt.org/directory" +# attempt to renew Let's Encrypt certificate every 12 hours +#letsencrypt_cron_renew_schedule: "0 */12 * * *" + +#################### +# LetsEncrypt external account binding options +#################### +#letsencrypt_external_account_binding: "no" +#letsencrypt_eab_hmac: "" +#letsencrypt_eab_key_id: "" + +################ +# Region options +################ +# Use this option to change the name of this region. +#openstack_region_name: "RegionOne" + +# Use this option to define a list of region names - only needs to be configured +# in a multi-region deployment, and then only in the *first* region. +#multiple_regions_names: ["{{ openstack_region_name }}"] + +################### +# OpenStack options +################### +# Use these options to set the various log levels across all OpenStack projects +# Valid options are [ True, False ] +#openstack_logging_debug: "False" + +# Enable core OpenStack services. This includes: +# glance, keystone, neutron, nova, heat, and horizon. +#enable_openstack_core: "yes" + +# These roles are required for Kolla to be operation, however a savvy deployer +# could disable some of these required roles and run their own services. +#enable_glance: "{{ enable_openstack_core | bool }}" +#enable_hacluster: "no" +#enable_haproxy: "yes" +#enable_keepalived: "{{ enable_haproxy | bool }}" +#enable_keystone: "{{ enable_openstack_core | bool }}" +#enable_mariadb: "yes" +#enable_memcached: "yes" +#enable_neutron: "{{ enable_openstack_core | bool }}" +#enable_nova: "{{ enable_openstack_core | bool }}" +#enable_rabbitmq: "{{ 'yes' if om_rpc_transport == 'rabbit' or om_notify_transport == 'rabbit' else 'no' }}" + +# OpenStack services can be enabled or disabled with these options +#enable_aodh: "no" +#enable_barbican: "no" +#enable_blazar: "no" +#enable_ceilometer: "no" +#enable_ceilometer_ipmi: "no" +#enable_cells: "no" +#enable_central_logging: "no" +#enable_ceph_rgw: "no" +#enable_ceph_rgw_loadbalancer: "{{ enable_ceph_rgw | bool }}" +#enable_cinder: "no" +#enable_cinder_backup: "yes" +#enable_cinder_backend_iscsi: "{{ enable_cinder_backend_lvm | bool }}" +#enable_cinder_backend_lvm: "no" +#enable_cinder_backend_nfs: "no" +#enable_cinder_backend_quobyte: "no" +#enable_cinder_backend_pure_iscsi: "no" +#enable_cinder_backend_pure_fc: "no" +#enable_cinder_backend_pure_roce: "no" +#enable_cinder_backend_pure_nvme_tcp: "no" +#enable_cinder_backend_lightbits: "no" +#enable_cloudkitty: "no" +#enable_collectd: "no" +#enable_cyborg: "no" +#enable_designate: "no" +#enable_destroy_images: "no" +#enable_etcd: "no" +#enable_fluentd: "yes" +#enable_fluentd_systemd: "{{ (enable_fluentd | bool) and (enable_central_logging | bool) }}" +#enable_gnocchi: "no" +#enable_gnocchi_statsd: "no" +#enable_grafana: "no" +#enable_grafana_external: "{{ enable_grafana | bool }}" +#enable_heat: "{{ enable_openstack_core | bool }}" +#enable_horizon: "{{ enable_openstack_core | bool }}" +#enable_horizon_blazar: "{{ enable_blazar | bool }}" +#enable_horizon_cloudkitty: "{{ enable_cloudkitty | bool }}" +#enable_horizon_designate: "{{ enable_designate | bool }}" +#enable_horizon_fwaas: "{{ enable_neutron_fwaas | bool }}" +#enable_horizon_heat: "{{ enable_heat | bool }}" +#enable_horizon_ironic: "{{ enable_ironic | bool }}" +#enable_horizon_magnum: "{{ enable_magnum | bool }}" +#enable_horizon_manila: "{{ enable_manila | bool }}" +#enable_horizon_masakari: "{{ enable_masakari | bool }}" +#enable_horizon_mistral: "{{ enable_mistral | bool }}" +#enable_horizon_neutron_vpnaas: "{{ enable_neutron_vpnaas | bool }}" +#enable_horizon_octavia: "{{ enable_octavia | bool }}" +#enable_horizon_tacker: "{{ enable_tacker | bool }}" +#enable_horizon_trove: "{{ enable_trove | bool }}" +#enable_horizon_venus: "{{ enable_venus | bool }}" +#enable_horizon_watcher: "{{ enable_watcher | bool }}" +#enable_horizon_zun: "{{ enable_zun | bool }}" +#enable_influxdb: "{{ enable_cloudkitty | bool and cloudkitty_storage_backend == 'influxdb' }}" +#enable_ironic: "no" +#enable_ironic_neutron_agent: "no" +#enable_ironic_prometheus_exporter: "{{ enable_ironic | bool and enable_prometheus | bool }}" +#enable_iscsid: "{{ enable_cinder | bool and enable_cinder_backend_iscsi | bool }}" +#enable_kuryr: "no" +#enable_magnum: "no" +#enable_manila: "no" +#enable_manila_backend_generic: "no" +#enable_manila_backend_hnas: "no" +#enable_manila_backend_cephfs_native: "no" +#enable_manila_backend_cephfs_nfs: "no" +#enable_manila_backend_glusterfs_nfs: "no" +#enable_manila_backend_flashblade: "no" +#enable_mariabackup: "no" +#enable_masakari: "no" +#enable_mistral: "no" +#enable_multipathd: "no" +#enable_neutron_vpnaas: "no" +#enable_neutron_sriov: "no" +#enable_neutron_dvr: "no" +#enable_neutron_fwaas: "no" +#enable_neutron_qos: "no" +#enable_neutron_agent_ha: "no" +#enable_neutron_bgp_dragent: "no" +#enable_neutron_provider_networks: "no" +#enable_neutron_segments: "no" +#enable_neutron_sfc: "no" +#enable_neutron_trunk: "no" +#enable_neutron_metering: "no" +#enable_neutron_infoblox_ipam_agent: "no" +#enable_neutron_port_forwarding: "no" +#enable_nova_serialconsole_proxy: "no" +#enable_nova_ssh: "yes" +#enable_octavia: "no" +#enable_octavia_driver_agent: "{{ enable_octavia | bool and neutron_plugin_agent == 'ovn' }}" +#enable_octavia_jobboard: "{{ enable_octavia | bool and 'amphora' in octavia_provider_drivers }}" +#enable_opensearch: "{{ enable_central_logging | bool or enable_osprofiler | bool or (enable_cloudkitty | bool and cloudkitty_storage_backend == 'opensearch') }}" +#enable_opensearch_dashboards: "{{ enable_opensearch | bool }}" +#enable_opensearch_dashboards_external: "{{ enable_opensearch_dashboards | bool }}" +#enable_openvswitch: "{{ enable_neutron | bool and neutron_plugin_agent != 'linuxbridge' }}" +#enable_ovn: "{{ enable_neutron | bool and neutron_plugin_agent == 'ovn' }}" +#enable_ovs_dpdk: "no" +#enable_osprofiler: "no" +#enable_placement: "{{ enable_nova | bool or enable_zun | bool }}" +#enable_prometheus: "no" +#enable_proxysql: "yes" +#enable_redis: "no" +#enable_skyline: "no" +#enable_tacker: "no" +#enable_telegraf: "no" +#enable_trove: "no" +#enable_trove_singletenant: "no" +#enable_venus: "no" +#enable_watcher: "no" +#enable_zun: "no" + +############# +# S3 options +############# +# Common options for S3 Cinder Backup and Glance S3 backend. +#s3_url: +#s3_bucket: +#s3_access_key: +#s3_secret_key: + +################## +# RabbitMQ options +################## +# Options passed to RabbitMQ server startup script via the +# RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS environment var. +# See Kolla Ansible docs RabbitMQ section for details. +# These are appended to args already provided by Kolla Ansible +# to configure IPv6 in RabbitMQ server. +# More details can be found in the RabbitMQ docs: +# https://www.rabbitmq.com/runtime.html#scheduling +# https://www.rabbitmq.com/runtime.html#busy-waiting +# The default tells RabbitMQ to always use two cores (+S 2:2), +# and not to busy wait (+sbwt none +sbwtdcpu none +sbwtdio none): +#rabbitmq_server_additional_erl_args: "+S 2:2 +sbwt none +sbwtdcpu none +sbwtdio none" +# Whether to enable TLS encryption for RabbitMQ client-server communication. +#rabbitmq_enable_tls: "no" +# CA certificate bundle in RabbitMQ container. +#rabbitmq_cacert: "/etc/ssl/certs/{{ 'ca-certificates.crt' if kolla_base_distro in ['debian', 'ubuntu'] else 'ca-bundle.trust.crt' }}" + +################# +# MariaDB options +################# +# List of additional WSREP options +#mariadb_wsrep_extra_provider_options: [] + +####################### +# External Ceph options +####################### +# External Ceph - cephx auth enabled (this is the standard nowadays, defaults to yes) +#external_ceph_cephx_enabled: "yes" + +# Glance +#ceph_glance_user: "glance" +#ceph_glance_pool_name: "images" +# Cinder +#ceph_cinder_user: "cinder" +#ceph_cinder_pool_name: "volumes" +#ceph_cinder_backup_user: "cinder-backup" +#ceph_cinder_backup_pool_name: "backups" +# Nova +#ceph_nova_user: "{{ ceph_cinder_user }}" +#ceph_nova_pool_name: "vms" +# Gnocchi +#ceph_gnocchi_user: "gnocchi" +#ceph_gnocchi_pool_name: "gnocchi" +# Manila +#ceph_manila_user: "manila" + +############################# +# Keystone - Identity Options +############################# + +#keystone_admin_user: "admin" + +#keystone_admin_project: "admin" + +# Interval to rotate fernet keys by (in seconds). Must be an interval of +# 60(1 min), 120(2 min), 180(3 min), 240(4 min), 300(5 min), 360(6 min), +# 600(10 min), 720(12 min), 900(15 min), 1200(20 min), 1800(30 min), +# 3600(1 hour), 7200(2 hour), 10800(3 hour), 14400(4 hour), 21600(6 hour), +# 28800(8 hour), 43200(12 hour), 86400(1 day), 604800(1 week). +#fernet_token_expiry: 86400 + +# Whether or not to apply changes to service user passwords when services are +# reconfigured +#update_keystone_service_user_passwords: "true" + +######################## +# Glance - Image Options +######################## +# Configure image backend. +#glance_backend_ceph: "no" +#glance_backend_file: "yes" +#glance_backend_vmware: "no" +#glance_backend_s3: "no" +#enable_glance_image_cache: "no" +#glance_enable_property_protection: "no" +#glance_enable_interoperable_image_import: "no" +# Configure glance upgrade option. +# Due to this feature being experimental in glance, +# the default value is "no". +#glance_enable_rolling_upgrade: "no" + +#################### +# Glance S3 Backend +#################### +#glance_backend_s3_url: "{{ s3_url }}" +#glance_backend_s3_bucket: "{{ s3_bucket }}" +#glance_backend_s3_access_key: "{{ s3_access_key }}" +#glance_backend_s3_secret_key: "{{ s3_secret_key }}" + +#################### +# Osprofiler options +#################### +# valid values: ["elasticsearch", "redis"] +#osprofiler_backend: "elasticsearch" + +################## +# Barbican options +################## +# Valid options are [ simple_crypto, p11_crypto ] +#barbican_crypto_plugin: "simple_crypto" +#barbican_library_path: "/usr/lib/libCryptoki2_64.so" + +################# +# Gnocchi options +################# +# Valid options are [ file, ceph ] +#gnocchi_backend_storage: "file" + +# Valid options are [redis, ''] +#gnocchi_incoming_storage: "{{ 'redis' if enable_redis | bool else '' }}" + +################################ +# Cinder - Block Storage Options +################################ +# Enable / disable Cinder backends +#cinder_backend_ceph: "no" +#cinder_backend_vmwarevc_vmdk: "no" +#cinder_backend_vmware_vstorage_object: "no" +#cinder_volume_group: "cinder-volumes" +# Valid options are [ '', redis, etcd ] +#cinder_coordination_backend: "{{ 'redis' if enable_redis|bool else 'etcd' if enable_etcd|bool else '' }}" + +# Valid options are [ nfs, ceph, s3 ] +#cinder_backup_driver: "ceph" +#cinder_backup_share: "" +#cinder_backup_mount_options_nfs: "" + +# Cinder backup S3 options +#cinder_backup_s3_url: "{{ s3_url }}" +#cinder_backup_s3_bucket: "{{ s3_bucket }}" +#cinder_backup_s3_access_key: "{{ s3_access_key }}" +#cinder_backup_s3_secret_key: "{{ s3_secret_key }}" + +####################### +# Cloudkitty options +####################### +# Valid option is gnocchi +#cloudkitty_collector_backend: "gnocchi" +# Valid options are 'sqlalchemy' or 'influxdb'. The default value is +# 'influxdb', which matches the default in Cloudkitty since the Stein release. +# When the backend is "influxdb", we also enable Influxdb. +# Also, when using 'influxdb' as the backend, we trigger the configuration/use +# of Cloudkitty storage backend version 2. +#cloudkitty_storage_backend: "influxdb" + +################### +# Designate options +################### +# Valid options are [ bind9 ] +#designate_backend: "bind9" +#designate_ns_record: +# - "ns1.example.org" +# Valid options are [ '', redis ] +#designate_coordination_backend: "{{ 'redis' if enable_redis|bool else '' }}" + +######################## +# Nova - Compute Options +######################## +#nova_backend_ceph: "no" + +# Valid options are [ qemu, kvm, vmware ] +#nova_compute_virt_type: "kvm" + +# The number of fake driver per compute node +#num_nova_fake_per_node: 5 + +# The "nova_safety_upgrade" controls whether the nova services +# are all stopped before rolling upgrade to the new version, +# for the safety and availability. If "nova_safety_upgrade" is "yes", +# that will stop all nova services (except nova-compute) for no failed +# API operations before upgrade to the new version. And opposite. +#nova_safety_upgrade: "no" + +# Valid options are [ none, novnc, spice ] +#nova_console: "novnc" + +############################## +# Neutron - networking options +############################## +# Enable distributed floating ip for OVN deployments +#neutron_ovn_distributed_fip: "no" + +# Enable DHCP agent(s) to use with OVN +#neutron_ovn_dhcp_agent: "no" + +############################# +# Horizon - Dashboard Options +############################# +#horizon_backend_database: false + +############################# +# Ironic options +############################# +# dnsmasq bind interface for Ironic Inspector, by default is network_interface +#ironic_dnsmasq_interface: "{{ network_interface }}" +# The following value must be set when enabling ironic, the value format is a +# list of ranges - at least one must be configured, for example: +# - range: 192.168.0.10,192.168.0.100 +# See Kolla Ansible docs on Ironic for details. +#ironic_dnsmasq_dhcp_ranges: +# PXE bootloader file for Ironic Inspector, relative to /var/lib/ironic/tftpboot. +#ironic_dnsmasq_boot_file: "pxelinux.0" + +# Configure ironic upgrade option, due to currently kolla support +# two upgrade ways for ironic: legacy_upgrade and rolling_upgrade +# The variable "ironic_enable_rolling_upgrade: yes" is meaning rolling_upgrade +# were enabled and opposite +# Rolling upgrade were enable by default +#ironic_enable_rolling_upgrade: "yes" + +# List of extra kernel parameters passed to the kernel used during inspection +#ironic_inspector_kernel_cmdline_extras: [] + +# Valid options are [ '', redis, etcd ] +#ironic_coordination_backend: "{{ 'redis' if enable_redis|bool else 'etcd' if enable_etcd|bool else '' }}" + +###################################### +# Manila - Shared File Systems Options +###################################### +# HNAS backend configuration +#hnas_ip: +#hnas_user: +#hnas_password: +#hnas_evs_id: +#hnas_evs_ip: +#hnas_file_system_name: + +# CephFS backend configuration. +# External Ceph FS name. +# By default this is empty to allow Manila to auto-find the first FS available. +#manila_cephfs_filesystem_name: + +# Gluster backend configuration +# The option of glusterfs share layout can be directory or volume +# The default option of share layout is 'volume' +#manila_glusterfs_share_layout: +# The default option of nfs server type is 'Gluster' +#manila_glusterfs_nfs_server_type: + +# Pure Storage FlashBlade configuration +#manila_flashblade_mgmt_vip: +#manila_flashblade_data_vip: +#manila_flashblade_api: +# +# Volume layout Options (required) +# If the glusterfs server requires remote ssh, then you need to fill +# in 'manila_glusterfs_servers', ssh user 'manila_glusterfs_ssh_user', and ssh password +# 'manila_glusterfs_ssh_password'. +# 'manila_glusterfs_servers' value List of GlusterFS servers which provide volumes, +# the format is for example: +# - 10.0.1.1 +# - 10.0.1.2 +#manila_glusterfs_servers: +#manila_glusterfs_ssh_user: +#manila_glusterfs_ssh_password: +# Used to filter GlusterFS volumes for share creation. +# Examples: manila-share-volume-\\d+$, manila-share-volume-#{size}G-\\d+$; +#manila_glusterfs_volume_pattern: + +# Directory layout Options +# If the glusterfs server is on the local node of the manila share, +# it’s of the format :/ +# If the glusterfs server is on a remote node, +# it’s of the format @:/ , +# and define 'manila_glusterfs_ssh_password' +#manila_glusterfs_target: +#manila_glusterfs_mount_point_base: + +################################### +# VMware - OpenStack VMware support +################################### +#vmware_vcenter_host_ip: +#vmware_vcenter_host_username: +#vmware_vcenter_host_password: +#vmware_datastore_name: +#vmware_vcenter_name: +#vmware_vcenter_cluster_name: + +############ +# Prometheus +############ +#enable_prometheus_server: "{{ enable_prometheus | bool }}" +#enable_prometheus_haproxy_exporter: "{{ enable_haproxy | bool }}" +#enable_prometheus_mysqld_exporter: "{{ enable_mariadb | bool }}" +#enable_prometheus_node_exporter: "{{ enable_prometheus | bool }}" +#enable_prometheus_cadvisor: "{{ enable_prometheus | bool }}" +#enable_prometheus_fluentd_integration: "{{ enable_prometheus | bool and enable_fluentd | bool }}" +#enable_prometheus_memcached_exporter: "{{ enable_prometheus | bool }}" +#enable_prometheus_alertmanager: "{{ enable_prometheus | bool }}" +#enable_prometheus_alertmanager_external: "{{ enable_prometheus_alertmanager | bool }}" +#enable_prometheus_ceph_mgr_exporter: "no" +#enable_prometheus_openstack_exporter: "{{ enable_prometheus | bool }}" +#enable_prometheus_elasticsearch_exporter: "{{ enable_prometheus | bool and enable_elasticsearch | bool }}" +#enable_prometheus_blackbox_exporter: "{{ enable_prometheus | bool }}" +#enable_prometheus_libvirt_exporter: "{{ enable_prometheus | bool and enable_nova | bool and nova_compute_virt_type in ['kvm', 'qemu'] }}" +#enable_prometheus_etcd_integration: "{{ enable_prometheus | bool and enable_etcd | bool }}" + +# The labels to add to any time series or alerts when communicating with external systems (federation, remote storage, Alertmanager). +# prometheus_external_labels: +# : +# By default, prometheus_external_labels is empty +#prometheus_external_labels: + +# List of extra parameters passed to prometheus. You can add as many to the list. +#prometheus_cmdline_extras: + +# List of extra parameters passed to cAdvisor. By default system cgroups +# and container labels are not exposed to reduce time series cardinality. +#prometheus_cadvisor_cmdline_extras: "--docker_only --store_container_labels=false --disable_metrics=percpu,referenced_memory,cpu_topology,resctrl,udp,advtcp,sched,hugetlb,memory_numa,tcp,process" + +# Extra parameters passed to Prometheus exporters. +#prometheus_blackbox_exporter_cmdline_extras: +#prometheus_elasticsearch_exporter_cmdline_extras: +#prometheus_memcached_exporter_cmdline_extras: +#prometheus_mysqld_exporter_cmdline_extras: +#prometheus_node_exporter_cmdline_extras: +#prometheus_openstack_exporter_cmdline_extras: + +# Example of setting endpoints for prometheus ceph mgr exporter. +# You should add all ceph mgr's in your external ceph deployment. +#prometheus_ceph_mgr_exporter_endpoints: +# - host1:port1 +# - host2:port2 + +########## +# Telegraf +########## +# Configure telegraf to use the docker daemon itself as an input for +# telemetry data. +#telegraf_enable_docker_input: "no" + +########################################## +# Octavia - openstack loadbalancer Options +########################################## +# Whether to run Kolla Ansible's automatic configuration for Octavia. +# NOTE: if you upgrade from Ussuri, you must set `octavia_auto_configure` to `no` +# and keep your other Octavia config like before. +#octavia_auto_configure: yes + +# Octavia amphora flavor. +# See os_nova_flavor for details. Supported parameters: +# - flavorid (optional) +# - is_public (optional) +# - name +# - vcpus +# - ram +# - disk +# - ephemeral (optional) +# - swap (optional) +# - extra_specs (optional) +#octavia_amp_flavor: +# name: "amphora" +# is_public: no +# vcpus: 1 +# ram: 1024 +# disk: 5 + +# Octavia security groups. lb-mgmt-sec-grp is for amphorae. +#octavia_amp_security_groups: +# mgmt-sec-grp: +# name: "lb-mgmt-sec-grp" +# rules: +# - protocol: icmp +# - protocol: tcp +# src_port: 22 +# dst_port: 22 +# - protocol: tcp +# src_port: "{{ octavia_amp_listen_port }}" +# dst_port: "{{ octavia_amp_listen_port }}" + +# Octavia management network. +# See os_network and os_subnet for details. Supported parameters: +# - external (optional) +# - mtu (optional) +# - name +# - provider_network_type (optional) +# - provider_physical_network (optional) +# - provider_segmentation_id (optional) +# - shared (optional) +# - subnet +# The subnet parameter has the following supported parameters: +# - allocation_pool_start (optional) +# - allocation_pool_end (optional) +# - cidr +# - enable_dhcp (optional) +# - gateway_ip (optional) +# - name +# - no_gateway_ip (optional) +# - ip_version (optional) +# - ipv6_address_mode (optional) +# - ipv6_ra_mode (optional) +#octavia_amp_network: +# name: lb-mgmt-net +# shared: false +# subnet: +# name: lb-mgmt-subnet +# cidr: "{{ octavia_amp_network_cidr }}" +# no_gateway_ip: yes +# enable_dhcp: yes + +# Octavia management network subnet CIDR. +#octavia_amp_network_cidr: 10.1.0.0/24 + +#octavia_amp_image_tag: "amphora" + +# Load balancer topology options are [ SINGLE, ACTIVE_STANDBY ] +#octavia_loadbalancer_topology: "SINGLE" + +# The following variables are ignored as along as `octavia_auto_configure` is set to `yes`. +#octavia_amp_image_owner_id: +#octavia_amp_boot_network_list: +#octavia_amp_secgroup_list: +#octavia_amp_flavor_id: + +#################### +# Corosync options +#################### + +# this is UDP port +#hacluster_corosync_port: 5405 + +############## +# etcd options +############## +# If `etcd_remove_deleted_members` is enabled, Kolla Ansible will automatically +# remove etcd members from the cluster that are no longer in the inventory. +#etcd_remove_deleted_members: "no" diff --git a/kolla-ansible/multinode b/kolla-ansible/multinode new file mode 100644 index 0000000..93b959c --- /dev/null +++ b/kolla-ansible/multinode @@ -0,0 +1,620 @@ +[all:vars] +ansible_connection = ssh +ansible_user = matthias +ansible_ssh_pass = maddog07 +ansible_become = true +ansible_become_method = sudo + +# These initial groups are the only groups required to be modified. The +# additional groups are for more control of the environment. +[control] +# These hostname must be resolvable from your deployment host +openstack-1.homelab + +# The above can also be specified as follows: +#control[01:03] + +# The network nodes are where your l3-agent and loadbalancers will run +# This can be the same as a host in the control group +[network] +openstack-1.homelab + +[compute] +openstack-1.homelab +openstack-2.homelab +openstack-3.homelab + +[monitoring] +openstack-1.homelab + +# When compute nodes and control nodes use different interfaces, +# you need to comment out "api_interface" and other interfaces from the globals.yml +# and specify like below: +#compute01 neutron_external_interface=eth0 api_interface=em1 tunnel_interface=em1 + +[storage] +openstack-1.homelab +openstack-2.homelab +openstack-3.homelab + + +[deployment] +localhost ansible_connection=local + +[baremetal:children] +control +network +compute +storage +monitoring + +[tls-backend:children] +control + +# You can explicitly specify which hosts run each project by updating the +# groups in the sections below. Common services are grouped together. + +[common:children] +control +network +compute +storage +monitoring + +[collectd:children] +compute + +[grafana:children] +monitoring + +[etcd:children] +control + +[influxdb:children] +monitoring + +[prometheus:children] +monitoring + +[telegraf:children] +compute +control +monitoring +network +storage + +[hacluster:children] +control + +[hacluster-remote:children] +compute + +[loadbalancer:children] +network + +[mariadb:children] +control + +[rabbitmq:children] +control + +[keystone:children] +control + +[glance:children] +control + +[nova:children] +control + +[neutron:children] +network + +[openvswitch:children] +network +compute +manila-share + +[cinder:children] +control + +[cloudkitty:children] +control + +[memcached:children] +control + +[horizon:children] +control + +[barbican:children] +control + +[heat:children] +control + +[ironic:children] +control + +[magnum:children] +control + +[mistral:children] +control + +[manila:children] +control + +[ceilometer:children] +control + +[aodh:children] +control + +[cyborg:children] +control +compute + +[gnocchi:children] +control + +[tacker:children] +control + +[trove:children] +control + +[watcher:children] +control + +[octavia:children] +control + +[designate:children] +control + +[placement:children] +control + +[bifrost:children] +deployment + +[zun:children] +control + +[skyline:children] +control + +[redis:children] +control + +[blazar:children] +control + +[venus:children] +monitoring + +[letsencrypt:children] +loadbalancer + +# Additional control implemented here. These groups allow you to control which +# services run on which hosts at a per-service level. +# +# Word of caution: Some services are required to run on the same host to +# function appropriately. For example, neutron-metadata-agent must run on the +# same host as the l3-agent and (depending on configuration) the dhcp-agent. + +# Common +[cron:children] +common + +[fluentd:children] +common + +[kolla-logs:children] +common + +[kolla-toolbox:children] +common + +[opensearch:children] +control + +# Opensearch dashboards +[opensearch-dashboards:children] +opensearch + +# Glance +[glance-api:children] +glance + +# Nova +[nova-api:children] +nova + +[nova-conductor:children] +nova + +[nova-metadata:children] +nova + +[nova-super-conductor:children] +nova + +[nova-novncproxy:children] +nova + +[nova-scheduler:children] +nova + +[nova-spicehtml5proxy:children] +nova + +[nova-compute-ironic:children] +nova + +[nova-serialproxy:children] +nova + +# Neutron +[neutron-server:children] +control + +[neutron-dhcp-agent:children] +neutron + +[neutron-l3-agent:children] +neutron + +[neutron-metadata-agent:children] +neutron + +[neutron-ovn-metadata-agent:children] +compute +network + +[neutron-bgp-dragent:children] +neutron + +[neutron-infoblox-ipam-agent:children] +neutron + +[neutron-metering-agent:children] +neutron + +[ironic-neutron-agent:children] +neutron + +[neutron-ovn-agent:children] +compute +network + +# Cinder +[cinder-api:children] +cinder + +[cinder-backup:children] +storage + +[cinder-scheduler:children] +cinder + +[cinder-volume:children] +storage + +# Cloudkitty +[cloudkitty-api:children] +cloudkitty + +[cloudkitty-processor:children] +cloudkitty + +# iSCSI +[iscsid:children] +compute +storage +ironic + +[tgtd:children] +storage + +# Manila +[manila-api:children] +manila + +[manila-scheduler:children] +manila + +[manila-share:children] +network + +[manila-data:children] +manila + +# Barbican +[barbican-api:children] +barbican + +[barbican-keystone-listener:children] +barbican + +[barbican-worker:children] +barbican + +# Heat +[heat-api:children] +heat + +[heat-api-cfn:children] +heat + +[heat-engine:children] +heat + +# Ironic +[ironic-api:children] +ironic + +[ironic-conductor:children] +ironic + +[ironic-inspector:children] +ironic + +[ironic-tftp:children] +ironic + +[ironic-http:children] +ironic + +# Magnum +[magnum-api:children] +magnum + +[magnum-conductor:children] +magnum + +# Mistral +[mistral-api:children] +mistral + +[mistral-executor:children] +mistral + +[mistral-engine:children] +mistral + +[mistral-event-engine:children] +mistral + +# Ceilometer +[ceilometer-central:children] +ceilometer + +[ceilometer-notification:children] +ceilometer + +[ceilometer-compute:children] +compute + +[ceilometer-ipmi:children] +compute + +# Aodh +[aodh-api:children] +aodh + +[aodh-evaluator:children] +aodh + +[aodh-listener:children] +aodh + +[aodh-notifier:children] +aodh + +# Cyborg +[cyborg-api:children] +cyborg + +[cyborg-agent:children] +compute + +[cyborg-conductor:children] +cyborg + +# Gnocchi +[gnocchi-api:children] +gnocchi + +[gnocchi-statsd:children] +gnocchi + +[gnocchi-metricd:children] +gnocchi + +# Trove +[trove-api:children] +trove + +[trove-conductor:children] +trove + +[trove-taskmanager:children] +trove + +# Multipathd +[multipathd:children] +compute +storage + +# Watcher +[watcher-api:children] +watcher + +[watcher-engine:children] +watcher + +[watcher-applier:children] +watcher + +# Octavia +[octavia-api:children] +octavia + +[octavia-driver-agent:children] +octavia + +[octavia-health-manager:children] +octavia + +[octavia-housekeeping:children] +octavia + +[octavia-worker:children] +octavia + +# Designate +[designate-api:children] +designate + +[designate-central:children] +designate + +[designate-producer:children] +designate + +[designate-mdns:children] +network + +[designate-worker:children] +designate + +[designate-sink:children] +designate + +[designate-backend-bind9:children] +designate + +# Placement +[placement-api:children] +placement + +# Zun +[zun-api:children] +zun + +[zun-wsproxy:children] +zun + +[zun-compute:children] +compute + +[zun-cni-daemon:children] +compute + +# Skyline +[skyline-apiserver:children] +skyline + +[skyline-console:children] +skyline + +# Tacker +[tacker-server:children] +tacker + +[tacker-conductor:children] +tacker + +# Blazar +[blazar-api:children] +blazar + +[blazar-manager:children] +blazar + +# Prometheus +[prometheus-node-exporter:children] +monitoring +control +compute +network +storage + +[prometheus-mysqld-exporter:children] +mariadb + +[prometheus-memcached-exporter:children] +memcached + +[prometheus-cadvisor:children] +monitoring +control +compute +network +storage + +[prometheus-alertmanager:children] +monitoring + +[prometheus-openstack-exporter:children] +monitoring + +[prometheus-elasticsearch-exporter:children] +opensearch + +[prometheus-blackbox-exporter:children] +monitoring + +[prometheus-libvirt-exporter:children] +compute + +[masakari-api:children] +control + +[masakari-engine:children] +control + +[masakari-hostmonitor:children] +control + +[masakari-instancemonitor:children] +compute + +[ovn-controller:children] +ovn-controller-compute +ovn-controller-network + +[ovn-controller-compute:children] +compute + +[ovn-controller-network:children] +network + +[ovn-database:children] +control + +[ovn-northd:children] +ovn-database + +[ovn-nb-db:children] +ovn-database + +[ovn-sb-db:children] +ovn-database + +[ovn-sb-db-relay:children] +ovn-database + +[venus-api:children] +venus + +[venus-manager:children] +venus + +[letsencrypt-webserver:children] +letsencrypt + +[letsencrypt-lego:children] +letsencrypt diff --git a/kolla-ansible/octavia-certificates/client_ca/1000.pem b/kolla-ansible/octavia-certificates/client_ca/1000.pem new file mode 100644 index 0000000..279e98a --- /dev/null +++ b/kolla-ansible/octavia-certificates/client_ca/1000.pem @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFtjCCA56gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwZDELMAkGA1UEBhMCQ0gx +DzANBgNVBAgMBkFhcmdhdTESMBAGA1UECgwJT3BlblN0YWNrMRAwDgYDVQQLDAdP +Y3RhdmlhMR4wHAYDVQQDDBVjbGllbnQtY2EuZXhhbXBsZS5vcmcwHhcNMjUwNDE0 +MTg0NTA0WhcNMjYwNDE0MTg0NTA0WjBhMQswCQYDVQQGEwJDSDEPMA0GA1UECAwG +QWFyZ2F1MRIwEAYDVQQKDAlPcGVuU3RhY2sxEDAOBgNVBAsMB09jdGF2aWExGzAZ +BgNVBAMMEmNsaWVudC5leGFtcGxlLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIP +ADCCAgoCggIBAMKbP5olK/ydPkoE7v+MsPqebMuqQpkaPAIZA5XdU0BNS8gx/OW2 +3/g7nF/hYFQLxYb8s/eTOWZPTRl/dTyiDflB0FU9F9AXfZA/3hpNThNNAlU9QDjp +S3Ylh2mNHt5DDzsG0nKM7Lkm7oU9C9Ny9+i2FYgdBQDIQumCdg33tAJT0V9GGUBX +Kb0Km5eOOixzsolkp+1gyL27rU5xBAq8mrn/IavVwO94mDk7xk3enWHtwQpy0YKU +IwE1Bwms3RxKeKOb5OegzodpgX/bPlbWtsQz2sSP16OQ1Wyuj03R6mfogI2mxcOV +Mtiji3mOMZniIl42deA3Ln6wx5iQcLovyIvLeIIiCrr/Zqq0rhikTgPQ0CY0s7Td +ykU870QsYM6vDl0wmUmBQLX+HbOmCJCY7mpu2fHWdjz7OYlu1sP4sd/hxPpJgwbP +z3CUCIh3e3CP67ps+sAuFR2H8cxdvFGIhn/0mi0BDyga+E4HHBC1IT5ODSGS7T+L +vx2T586oN+REuXZAKFvJiWQfpEzKuHFVTEYkkYxLXvKVKZRilXH4fPvpGiGdUQRn +2RAaDissngi7KepkzWChBeRZNbn7eG29t1u8tSRLaRWVKX1JJ1UPlOA8yQV9WJ9r +3y3hmqDnIlnZRVid9hQ5BT/ptxp7wlnEhm0gzbS5oEdgQ0hJCjF11/3dAgMBAAGj +dTBzMB0GA1UdDgQWBBTdTxlhxIrBRYB7JI8UyvMrgmGZvjAfBgNVHSMEGDAWgBSV +r/rauTcSTIqHFhPjf9QYsH4o/jAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIH +gDATBgNVHSUEDDAKBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAgEAaXHWaFzr +GVhMrsdbUNd6gk+uAjhmRX2xAbswLuHEVK/0Ud+cqXCcJztExUb0edglpL8SvRsY +CAE89jZdZGAzDFUBrQLZ7yvfBWcnau8jpE5PAgqY6xbmeWMSwKBFdUvU0sQ7S/xz +nSyjfbtd7memmfkd1iivEqQL3EeDs91+0qE+6BdrDsRuKYRWQHbk3c9/e8P8hzjI +ztJwJXQVAH7Z8pN2cOm5hxWoptmOOMrezQWZ22eEKN8lPzjozR77mWtTMjZvSC2J +xFuXx/BBDQ8vGhoe7y52Uv2RRPczf0zQ1wCezXZxKRUr2bwNLq/Kv8QJglKLMTWs +RUWjP2uMKK2N70s0OxQZOzMK3JLJ9lVqSdvPjoCKnz88l+JG6qd7xKuibZIsJqhm +f+C0ZpTGOgS2rfZbGku20h9MXOGJQyTE+OxRhVrIikgygQJ910kqj2W4WPFZ75sV +i7A6PvU5R6X9Ilq5R+4E+ro8nZBr+ejpMlvgtWyrLuj+x2yY3l8QAHI4WQx38h5Y +rvbYgUIhqVqKC+vmyveYuJHl7ipYQvQCgVNg/dCh78Adjwu768soz6Y0U3gwLfyS +sJLlAPWJup2oJiE+Md89L46yhZ5aqQEkBiy6UiHjtaM8DH9yHg+/zxG+14/RJtac +N/OEXZ4XcnaJ8QWFG2ZIbLSDNzwYxZMtnnU= +-----END CERTIFICATE----- diff --git a/kolla-ansible/octavia-certificates/client_ca/client.cert-and-key.pem b/kolla-ansible/octavia-certificates/client_ca/client.cert-and-key.pem new file mode 100644 index 0000000..9d6e674 --- /dev/null +++ b/kolla-ansible/octavia-certificates/client_ca/client.cert-and-key.pem @@ -0,0 +1,85 @@ +-----BEGIN CERTIFICATE----- +MIIFtjCCA56gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwZDELMAkGA1UEBhMCQ0gx +DzANBgNVBAgMBkFhcmdhdTESMBAGA1UECgwJT3BlblN0YWNrMRAwDgYDVQQLDAdP +Y3RhdmlhMR4wHAYDVQQDDBVjbGllbnQtY2EuZXhhbXBsZS5vcmcwHhcNMjUwNDE0 +MTg0NTA0WhcNMjYwNDE0MTg0NTA0WjBhMQswCQYDVQQGEwJDSDEPMA0GA1UECAwG +QWFyZ2F1MRIwEAYDVQQKDAlPcGVuU3RhY2sxEDAOBgNVBAsMB09jdGF2aWExGzAZ +BgNVBAMMEmNsaWVudC5leGFtcGxlLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIP +ADCCAgoCggIBAMKbP5olK/ydPkoE7v+MsPqebMuqQpkaPAIZA5XdU0BNS8gx/OW2 +3/g7nF/hYFQLxYb8s/eTOWZPTRl/dTyiDflB0FU9F9AXfZA/3hpNThNNAlU9QDjp +S3Ylh2mNHt5DDzsG0nKM7Lkm7oU9C9Ny9+i2FYgdBQDIQumCdg33tAJT0V9GGUBX +Kb0Km5eOOixzsolkp+1gyL27rU5xBAq8mrn/IavVwO94mDk7xk3enWHtwQpy0YKU +IwE1Bwms3RxKeKOb5OegzodpgX/bPlbWtsQz2sSP16OQ1Wyuj03R6mfogI2mxcOV +Mtiji3mOMZniIl42deA3Ln6wx5iQcLovyIvLeIIiCrr/Zqq0rhikTgPQ0CY0s7Td +ykU870QsYM6vDl0wmUmBQLX+HbOmCJCY7mpu2fHWdjz7OYlu1sP4sd/hxPpJgwbP +z3CUCIh3e3CP67ps+sAuFR2H8cxdvFGIhn/0mi0BDyga+E4HHBC1IT5ODSGS7T+L +vx2T586oN+REuXZAKFvJiWQfpEzKuHFVTEYkkYxLXvKVKZRilXH4fPvpGiGdUQRn +2RAaDissngi7KepkzWChBeRZNbn7eG29t1u8tSRLaRWVKX1JJ1UPlOA8yQV9WJ9r +3y3hmqDnIlnZRVid9hQ5BT/ptxp7wlnEhm0gzbS5oEdgQ0hJCjF11/3dAgMBAAGj +dTBzMB0GA1UdDgQWBBTdTxlhxIrBRYB7JI8UyvMrgmGZvjAfBgNVHSMEGDAWgBSV +r/rauTcSTIqHFhPjf9QYsH4o/jAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIH +gDATBgNVHSUEDDAKBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAgEAaXHWaFzr +GVhMrsdbUNd6gk+uAjhmRX2xAbswLuHEVK/0Ud+cqXCcJztExUb0edglpL8SvRsY +CAE89jZdZGAzDFUBrQLZ7yvfBWcnau8jpE5PAgqY6xbmeWMSwKBFdUvU0sQ7S/xz +nSyjfbtd7memmfkd1iivEqQL3EeDs91+0qE+6BdrDsRuKYRWQHbk3c9/e8P8hzjI +ztJwJXQVAH7Z8pN2cOm5hxWoptmOOMrezQWZ22eEKN8lPzjozR77mWtTMjZvSC2J +xFuXx/BBDQ8vGhoe7y52Uv2RRPczf0zQ1wCezXZxKRUr2bwNLq/Kv8QJglKLMTWs +RUWjP2uMKK2N70s0OxQZOzMK3JLJ9lVqSdvPjoCKnz88l+JG6qd7xKuibZIsJqhm +f+C0ZpTGOgS2rfZbGku20h9MXOGJQyTE+OxRhVrIikgygQJ910kqj2W4WPFZ75sV +i7A6PvU5R6X9Ilq5R+4E+ro8nZBr+ejpMlvgtWyrLuj+x2yY3l8QAHI4WQx38h5Y +rvbYgUIhqVqKC+vmyveYuJHl7ipYQvQCgVNg/dCh78Adjwu768soz6Y0U3gwLfyS +sJLlAPWJup2oJiE+Md89L46yhZ5aqQEkBiy6UiHjtaM8DH9yHg+/zxG+14/RJtac +N/OEXZ4XcnaJ8QWFG2ZIbLSDNzwYxZMtnnU= +-----END CERTIFICATE----- +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDCmz+aJSv8nT5K +BO7/jLD6nmzLqkKZGjwCGQOV3VNATUvIMfzltt/4O5xf4WBUC8WG/LP3kzlmT00Z +f3U8og35QdBVPRfQF32QP94aTU4TTQJVPUA46Ut2JYdpjR7eQw87BtJyjOy5Ju6F +PQvTcvfothWIHQUAyELpgnYN97QCU9FfRhlAVym9CpuXjjosc7KJZKftYMi9u61O +cQQKvJq5/yGr1cDveJg5O8ZN3p1h7cEKctGClCMBNQcJrN0cSnijm+TnoM6HaYF/ +2z5W1rbEM9rEj9ejkNVsro9N0epn6ICNpsXDlTLYo4t5jjGZ4iJeNnXgNy5+sMeY +kHC6L8iLy3iCIgq6/2aqtK4YpE4D0NAmNLO03cpFPO9ELGDOrw5dMJlJgUC1/h2z +pgiQmO5qbtnx1nY8+zmJbtbD+LHf4cT6SYMGz89wlAiId3twj+u6bPrALhUdh/HM +XbxRiIZ/9JotAQ8oGvhOBxwQtSE+Tg0hku0/i78dk+fOqDfkRLl2QChbyYlkH6RM +yrhxVUxGJJGMS17ylSmUYpVx+Hz76RohnVEEZ9kQGg4rLJ4IuynqZM1goQXkWTW5 ++3htvbdbvLUkS2kVlSl9SSdVD5TgPMkFfVifa98t4Zqg5yJZ2UVYnfYUOQU/6bca +e8JZxIZtIM20uaBHYENISQoxddf93QIDAQABAoICAEusKtM52Rzl2C7YNEdS4g7S +Q+P+VN9MAEGgkHBaG+FJLUqvhXOd5QGVzHzMGrUTzr9qzGBc81kBRS3BDkmBioV+ +PhCnLPdR6xWIgEkh/lYq/9k9dBetQBa1CS7WHUa4NNfzEypP+k0VAnL1BgA3GId5 +Jm5DOorPVJWQkW9k/q5ZAXVWwMLwId7MnSwVtjFK3AXpChOYKvb8X6u87qFuLYxd +1S4IdHmqHydCQx5Mjk5iMUpq02U/TU1O3Wm5ulEh9D9Kg3w+X5DwSdb53gfOfktV +DqCYfnWwAA2+4yKTmd7F3hc23nfrMFZlYfrmfAsmj86qxrNlQcMp4rNEl1EO+6AR +UGlCCJTNzMT/Rr1QFSTWdzIMdzdzHY0AwyATrCPy3GzuiGR0+8yUrB/TXcMqPxh5 +uJ29rtpMtBvyK0qihPy3gVCuFYenuZVpDbRhDlUT9gbWipb91AtsuuygQfyk+mDM +WaOdL1Tv2yerrCXEcQBV7KNCfyynbc/DuBzxcc/Fgx+stn3z5MdmOsrQXK8rqA3V +igyHd1dhBeXJnoYL76brF1hHZilYE7sYapK3ieoQC+JkqqYceNFC5zx7qXNKRmD7 +AaUTT95cFNMP190sp+mBF+rxb2omuuL3WVomjjLi0RBHRUmwyPSQCSiS1xFFMhGX +jkGx4eqaAfFcv7W/JLFRAoIBAQD/vr+ZeEGU3Ygk+oB/Fjus7/9x4x3k/x+W837m +7joMLAagesJrvMfuPb2pcdgk27iE7DwnMDHdINcHH7qAZpLAvuzjJyuSpIL2wbW7 +lTHD3TIXbEUNH6kgk4XZSck8NGARlncn7EFWs0QDSJCB6j4cEuuvNVvEYrDhgPoh +38pfpPLxP/BlYkH0YlEVVpJuBV73kun3S19TVmgsZpuB9uT7mHMPP7M9uTl3GanT +VIUAnOQDr0t8UNUVAhyhkogj5pa8HcOQ0K22uop1d+CIWINlsjDdSFWcN9BPnITV +kvIe3KOiR5JztOU/Zh/men2oLMT9bTVvUEOQdzz3+GqBrWnrAoIBAQDCzOah8uH8 +dg+DutyBxdDxpc1HZycfKEm1aX/ZRnbpXBeHGuvjFZMBM4jbdngU5i+ionQ+wgFb +l03YwTwzoHRsEDdvsvQjo76I34AsGccIDr7bBu5ydS5RhprJkxIiDx+JtJeaV6Oh +bk+U9zVLdP5wIRhItiujadp/xgPNrgnULLDLxaKeG7BNjRz83wrmPXH9I5SxBNcK +ZqciK04Zue+aJW4dktEAXUj+Ra6ISznvSlaeEDEecxp64mmwJkdya5k66MkxUuoE +5VVjBo9IyCyxJJzWxJbmJTLf3L5TIkGVzbvZ1ScE0K6iyPTWTIUS37dkHJ387QBb +WAt9lJW+BD1XAoIBAQCzm3jgBU65h6N3pN3dYvXiDGLvzrtN+cZrsvIqqJ/nsHuu +9MfZ9ijLLl0mxScxK4Y5A9dzBiveypN5E1Vdm6vw5aVkGjxFrnezaHODG9JpZc0q +GgWco+GZWUGlSmaje30EnRFt3kQ86YUYcTvboXChMsCGugiKsWzb0kLYy1xLM4LS +3z6rVQhQ40NiovwPfIIniOv7mtmFo6dhl2YbLhO+hmA4E1qEPLMY69MS8ca+mXCh +DdkLo5EiQettpYUrAWRXFOglqgh1zigzO09bMh6Fq1EZ9xT4s1H+t0Oq4ppcBkR9 +UZqO3Dor/kLlEJ1zII3wFWRzmoD40mTlGXdjPzClAoIBAGdR1mG/OS12UPRFf/80 +tIX2stJUW+OisrWNp0nOnfNX7QKzvLlNEBNrCgOc6kPrcwiHsbA3phC2R4vXsd6Q +FC/cygpsmCDvEHf4UzsQ0QftCj2Rh5cdn9uN0Ttozg1SiB+5sU8jfJ56q6sPEy1a +eDlw1Dh8ptidpE5w8EN/M6ddrMfno0DI3tHDLsTQaC+GF5dz78GUF5pkp/DvlxT+ +EZ9oiucUn9XZpIV44AFaJPhOLXLYk7TayAi1XekX5H1DpJoiLdQDbiv6lzdWm1i3 +Ez1Bdg5TZtXalQk3Q5tEaBTUcfYvn+pl5Lpia7neDBbeoZ5vrzwfWDkakb2huWp3 +RTECggEAco5JiP4qFJ979jdPZTkI0l8R776yCrnrjnmaomqbtHIhzBsOHamu3wXb +tnk06gWzBQ9JCd9UJ1GZRMyGsCS1Q9+H0LEpZjROQ0i8F7cO5LyOtFfMCITOWfZ8 +GQiHlwEiD/c7m62ctaI/gcKDgywmc1HZmWakwZWwafFqW/PCcnVAyi11gP9C60/T +gFnlZJa1+K2XAb6zYnnj2YwBAaJThj8q64saGAsdBuWiaQswzM4SelhM8DYTTNsK +6tEjnTKFMM/X3TuDFZwHdTIKfp/G85fX0Y/S77eoJsbVtmzNvplcqmYhArbWrvzu +Ap9Grkjj6HB+bU+kkWTjo16dREKTKQ== +-----END PRIVATE KEY----- diff --git a/kolla-ansible/octavia-certificates/client_ca/client.cert.pem b/kolla-ansible/octavia-certificates/client_ca/client.cert.pem new file mode 100644 index 0000000..279e98a --- /dev/null +++ b/kolla-ansible/octavia-certificates/client_ca/client.cert.pem @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFtjCCA56gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwZDELMAkGA1UEBhMCQ0gx +DzANBgNVBAgMBkFhcmdhdTESMBAGA1UECgwJT3BlblN0YWNrMRAwDgYDVQQLDAdP +Y3RhdmlhMR4wHAYDVQQDDBVjbGllbnQtY2EuZXhhbXBsZS5vcmcwHhcNMjUwNDE0 +MTg0NTA0WhcNMjYwNDE0MTg0NTA0WjBhMQswCQYDVQQGEwJDSDEPMA0GA1UECAwG +QWFyZ2F1MRIwEAYDVQQKDAlPcGVuU3RhY2sxEDAOBgNVBAsMB09jdGF2aWExGzAZ +BgNVBAMMEmNsaWVudC5leGFtcGxlLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIP +ADCCAgoCggIBAMKbP5olK/ydPkoE7v+MsPqebMuqQpkaPAIZA5XdU0BNS8gx/OW2 +3/g7nF/hYFQLxYb8s/eTOWZPTRl/dTyiDflB0FU9F9AXfZA/3hpNThNNAlU9QDjp +S3Ylh2mNHt5DDzsG0nKM7Lkm7oU9C9Ny9+i2FYgdBQDIQumCdg33tAJT0V9GGUBX +Kb0Km5eOOixzsolkp+1gyL27rU5xBAq8mrn/IavVwO94mDk7xk3enWHtwQpy0YKU +IwE1Bwms3RxKeKOb5OegzodpgX/bPlbWtsQz2sSP16OQ1Wyuj03R6mfogI2mxcOV +Mtiji3mOMZniIl42deA3Ln6wx5iQcLovyIvLeIIiCrr/Zqq0rhikTgPQ0CY0s7Td +ykU870QsYM6vDl0wmUmBQLX+HbOmCJCY7mpu2fHWdjz7OYlu1sP4sd/hxPpJgwbP +z3CUCIh3e3CP67ps+sAuFR2H8cxdvFGIhn/0mi0BDyga+E4HHBC1IT5ODSGS7T+L +vx2T586oN+REuXZAKFvJiWQfpEzKuHFVTEYkkYxLXvKVKZRilXH4fPvpGiGdUQRn +2RAaDissngi7KepkzWChBeRZNbn7eG29t1u8tSRLaRWVKX1JJ1UPlOA8yQV9WJ9r +3y3hmqDnIlnZRVid9hQ5BT/ptxp7wlnEhm0gzbS5oEdgQ0hJCjF11/3dAgMBAAGj +dTBzMB0GA1UdDgQWBBTdTxlhxIrBRYB7JI8UyvMrgmGZvjAfBgNVHSMEGDAWgBSV +r/rauTcSTIqHFhPjf9QYsH4o/jAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIH +gDATBgNVHSUEDDAKBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAgEAaXHWaFzr +GVhMrsdbUNd6gk+uAjhmRX2xAbswLuHEVK/0Ud+cqXCcJztExUb0edglpL8SvRsY +CAE89jZdZGAzDFUBrQLZ7yvfBWcnau8jpE5PAgqY6xbmeWMSwKBFdUvU0sQ7S/xz +nSyjfbtd7memmfkd1iivEqQL3EeDs91+0qE+6BdrDsRuKYRWQHbk3c9/e8P8hzjI +ztJwJXQVAH7Z8pN2cOm5hxWoptmOOMrezQWZ22eEKN8lPzjozR77mWtTMjZvSC2J +xFuXx/BBDQ8vGhoe7y52Uv2RRPczf0zQ1wCezXZxKRUr2bwNLq/Kv8QJglKLMTWs +RUWjP2uMKK2N70s0OxQZOzMK3JLJ9lVqSdvPjoCKnz88l+JG6qd7xKuibZIsJqhm +f+C0ZpTGOgS2rfZbGku20h9MXOGJQyTE+OxRhVrIikgygQJ910kqj2W4WPFZ75sV +i7A6PvU5R6X9Ilq5R+4E+ro8nZBr+ejpMlvgtWyrLuj+x2yY3l8QAHI4WQx38h5Y +rvbYgUIhqVqKC+vmyveYuJHl7ipYQvQCgVNg/dCh78Adjwu768soz6Y0U3gwLfyS +sJLlAPWJup2oJiE+Md89L46yhZ5aqQEkBiy6UiHjtaM8DH9yHg+/zxG+14/RJtac +N/OEXZ4XcnaJ8QWFG2ZIbLSDNzwYxZMtnnU= +-----END CERTIFICATE----- diff --git a/kolla-ansible/octavia-certificates/client_ca/client.csr.pem b/kolla-ansible/octavia-certificates/client_ca/client.csr.pem new file mode 100644 index 0000000..e416077 --- /dev/null +++ b/kolla-ansible/octavia-certificates/client_ca/client.csr.pem @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIEpjCCAo4CAQAwYTELMAkGA1UEBhMCQ0gxDzANBgNVBAgMBkFhcmdhdTESMBAG +A1UECgwJT3BlblN0YWNrMRAwDgYDVQQLDAdPY3RhdmlhMRswGQYDVQQDDBJjbGll +bnQuZXhhbXBsZS5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDC +mz+aJSv8nT5KBO7/jLD6nmzLqkKZGjwCGQOV3VNATUvIMfzltt/4O5xf4WBUC8WG +/LP3kzlmT00Zf3U8og35QdBVPRfQF32QP94aTU4TTQJVPUA46Ut2JYdpjR7eQw87 +BtJyjOy5Ju6FPQvTcvfothWIHQUAyELpgnYN97QCU9FfRhlAVym9CpuXjjosc7KJ +ZKftYMi9u61OcQQKvJq5/yGr1cDveJg5O8ZN3p1h7cEKctGClCMBNQcJrN0cSnij +m+TnoM6HaYF/2z5W1rbEM9rEj9ejkNVsro9N0epn6ICNpsXDlTLYo4t5jjGZ4iJe +NnXgNy5+sMeYkHC6L8iLy3iCIgq6/2aqtK4YpE4D0NAmNLO03cpFPO9ELGDOrw5d +MJlJgUC1/h2zpgiQmO5qbtnx1nY8+zmJbtbD+LHf4cT6SYMGz89wlAiId3twj+u6 +bPrALhUdh/HMXbxRiIZ/9JotAQ8oGvhOBxwQtSE+Tg0hku0/i78dk+fOqDfkRLl2 +QChbyYlkH6RMyrhxVUxGJJGMS17ylSmUYpVx+Hz76RohnVEEZ9kQGg4rLJ4Iuynq +ZM1goQXkWTW5+3htvbdbvLUkS2kVlSl9SSdVD5TgPMkFfVifa98t4Zqg5yJZ2UVY +nfYUOQU/6bcae8JZxIZtIM20uaBHYENISQoxddf93QIDAQABoAAwDQYJKoZIhvcN +AQELBQADggIBABkJFy2OfxMD8/nwVXMFh875H4lKq07Vm1CIblZXrH7lwV5S7YTd +4h4bz8Sv0RKPgOdBzJkdqE7wuM2gjO+hDWEyo0CM84uNKDgSEY6FJ/FVY64SQDO5 +T3RcHcan13/b9O2ZLNm7O1vZRvdUe2ugXbJ8wWJHlKKK8FB+71PO6vrUkwIOoPPp +X3ZJIkzRGaMVNBDrbPXUoVPW9FpZ3fw+sGDP3Vg1hP/uPzN2f7T5T7EMhJnif0i3 +EqGcG8SOpXffGtZt87JPqd8ry9QoyQjQ/l21uXNwhRZAKBchaUy3MPpt7OfBovYD +QVVBA49m75tzXYjmXa2ScP4DLHHv+Df13fXMyZcgSxnlY/o6LiDp9smK3dviiaTD +TM0iIODb6fBVBQev39tY8MbVBmMAGqCqJZ1prDUdmYlVda/1X6fzv/+KomhxHApT +ViuwFQK+UN6Vuq8yk9CR96AS45vUH7iU/iM4UpyEk6p/Cl6dddbi5GiuV298SIpu +UgqIZ5y5V68LCAFzhK0tZrcbkJYCpwjSWSwkS7aBriPSB3fnyCMCAGnBeVZ+AYrR +HCKuEPxc8amnG5wtzVUAWRFYbXQDYnK+FhVPsMVnnyY9IAbM+b18YFvnTjJQz1jK +pHAAgS1gf4Nc4CjhUsyqfjR6l0RDAro51PXLA+pHiJ/PmYluRKTISSnn +-----END CERTIFICATE REQUEST----- diff --git a/kolla-ansible/octavia-certificates/client_ca/client.key.pem b/kolla-ansible/octavia-certificates/client_ca/client.key.pem new file mode 100644 index 0000000..ff7c2e2 --- /dev/null +++ b/kolla-ansible/octavia-certificates/client_ca/client.key.pem @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDCmz+aJSv8nT5K +BO7/jLD6nmzLqkKZGjwCGQOV3VNATUvIMfzltt/4O5xf4WBUC8WG/LP3kzlmT00Z +f3U8og35QdBVPRfQF32QP94aTU4TTQJVPUA46Ut2JYdpjR7eQw87BtJyjOy5Ju6F +PQvTcvfothWIHQUAyELpgnYN97QCU9FfRhlAVym9CpuXjjosc7KJZKftYMi9u61O +cQQKvJq5/yGr1cDveJg5O8ZN3p1h7cEKctGClCMBNQcJrN0cSnijm+TnoM6HaYF/ +2z5W1rbEM9rEj9ejkNVsro9N0epn6ICNpsXDlTLYo4t5jjGZ4iJeNnXgNy5+sMeY +kHC6L8iLy3iCIgq6/2aqtK4YpE4D0NAmNLO03cpFPO9ELGDOrw5dMJlJgUC1/h2z +pgiQmO5qbtnx1nY8+zmJbtbD+LHf4cT6SYMGz89wlAiId3twj+u6bPrALhUdh/HM +XbxRiIZ/9JotAQ8oGvhOBxwQtSE+Tg0hku0/i78dk+fOqDfkRLl2QChbyYlkH6RM +yrhxVUxGJJGMS17ylSmUYpVx+Hz76RohnVEEZ9kQGg4rLJ4IuynqZM1goQXkWTW5 ++3htvbdbvLUkS2kVlSl9SSdVD5TgPMkFfVifa98t4Zqg5yJZ2UVYnfYUOQU/6bca +e8JZxIZtIM20uaBHYENISQoxddf93QIDAQABAoICAEusKtM52Rzl2C7YNEdS4g7S +Q+P+VN9MAEGgkHBaG+FJLUqvhXOd5QGVzHzMGrUTzr9qzGBc81kBRS3BDkmBioV+ +PhCnLPdR6xWIgEkh/lYq/9k9dBetQBa1CS7WHUa4NNfzEypP+k0VAnL1BgA3GId5 +Jm5DOorPVJWQkW9k/q5ZAXVWwMLwId7MnSwVtjFK3AXpChOYKvb8X6u87qFuLYxd +1S4IdHmqHydCQx5Mjk5iMUpq02U/TU1O3Wm5ulEh9D9Kg3w+X5DwSdb53gfOfktV +DqCYfnWwAA2+4yKTmd7F3hc23nfrMFZlYfrmfAsmj86qxrNlQcMp4rNEl1EO+6AR +UGlCCJTNzMT/Rr1QFSTWdzIMdzdzHY0AwyATrCPy3GzuiGR0+8yUrB/TXcMqPxh5 +uJ29rtpMtBvyK0qihPy3gVCuFYenuZVpDbRhDlUT9gbWipb91AtsuuygQfyk+mDM +WaOdL1Tv2yerrCXEcQBV7KNCfyynbc/DuBzxcc/Fgx+stn3z5MdmOsrQXK8rqA3V +igyHd1dhBeXJnoYL76brF1hHZilYE7sYapK3ieoQC+JkqqYceNFC5zx7qXNKRmD7 +AaUTT95cFNMP190sp+mBF+rxb2omuuL3WVomjjLi0RBHRUmwyPSQCSiS1xFFMhGX +jkGx4eqaAfFcv7W/JLFRAoIBAQD/vr+ZeEGU3Ygk+oB/Fjus7/9x4x3k/x+W837m +7joMLAagesJrvMfuPb2pcdgk27iE7DwnMDHdINcHH7qAZpLAvuzjJyuSpIL2wbW7 +lTHD3TIXbEUNH6kgk4XZSck8NGARlncn7EFWs0QDSJCB6j4cEuuvNVvEYrDhgPoh +38pfpPLxP/BlYkH0YlEVVpJuBV73kun3S19TVmgsZpuB9uT7mHMPP7M9uTl3GanT +VIUAnOQDr0t8UNUVAhyhkogj5pa8HcOQ0K22uop1d+CIWINlsjDdSFWcN9BPnITV +kvIe3KOiR5JztOU/Zh/men2oLMT9bTVvUEOQdzz3+GqBrWnrAoIBAQDCzOah8uH8 +dg+DutyBxdDxpc1HZycfKEm1aX/ZRnbpXBeHGuvjFZMBM4jbdngU5i+ionQ+wgFb +l03YwTwzoHRsEDdvsvQjo76I34AsGccIDr7bBu5ydS5RhprJkxIiDx+JtJeaV6Oh +bk+U9zVLdP5wIRhItiujadp/xgPNrgnULLDLxaKeG7BNjRz83wrmPXH9I5SxBNcK +ZqciK04Zue+aJW4dktEAXUj+Ra6ISznvSlaeEDEecxp64mmwJkdya5k66MkxUuoE +5VVjBo9IyCyxJJzWxJbmJTLf3L5TIkGVzbvZ1ScE0K6iyPTWTIUS37dkHJ387QBb +WAt9lJW+BD1XAoIBAQCzm3jgBU65h6N3pN3dYvXiDGLvzrtN+cZrsvIqqJ/nsHuu +9MfZ9ijLLl0mxScxK4Y5A9dzBiveypN5E1Vdm6vw5aVkGjxFrnezaHODG9JpZc0q +GgWco+GZWUGlSmaje30EnRFt3kQ86YUYcTvboXChMsCGugiKsWzb0kLYy1xLM4LS +3z6rVQhQ40NiovwPfIIniOv7mtmFo6dhl2YbLhO+hmA4E1qEPLMY69MS8ca+mXCh +DdkLo5EiQettpYUrAWRXFOglqgh1zigzO09bMh6Fq1EZ9xT4s1H+t0Oq4ppcBkR9 +UZqO3Dor/kLlEJ1zII3wFWRzmoD40mTlGXdjPzClAoIBAGdR1mG/OS12UPRFf/80 +tIX2stJUW+OisrWNp0nOnfNX7QKzvLlNEBNrCgOc6kPrcwiHsbA3phC2R4vXsd6Q +FC/cygpsmCDvEHf4UzsQ0QftCj2Rh5cdn9uN0Ttozg1SiB+5sU8jfJ56q6sPEy1a +eDlw1Dh8ptidpE5w8EN/M6ddrMfno0DI3tHDLsTQaC+GF5dz78GUF5pkp/DvlxT+ +EZ9oiucUn9XZpIV44AFaJPhOLXLYk7TayAi1XekX5H1DpJoiLdQDbiv6lzdWm1i3 +Ez1Bdg5TZtXalQk3Q5tEaBTUcfYvn+pl5Lpia7neDBbeoZ5vrzwfWDkakb2huWp3 +RTECggEAco5JiP4qFJ979jdPZTkI0l8R776yCrnrjnmaomqbtHIhzBsOHamu3wXb +tnk06gWzBQ9JCd9UJ1GZRMyGsCS1Q9+H0LEpZjROQ0i8F7cO5LyOtFfMCITOWfZ8 +GQiHlwEiD/c7m62ctaI/gcKDgywmc1HZmWakwZWwafFqW/PCcnVAyi11gP9C60/T +gFnlZJa1+K2XAb6zYnnj2YwBAaJThj8q64saGAsdBuWiaQswzM4SelhM8DYTTNsK +6tEjnTKFMM/X3TuDFZwHdTIKfp/G85fX0Y/S77eoJsbVtmzNvplcqmYhArbWrvzu +Ap9Grkjj6HB+bU+kkWTjo16dREKTKQ== +-----END PRIVATE KEY----- diff --git a/kolla-ansible/octavia-certificates/client_ca/client_ca.cert.pem b/kolla-ansible/octavia-certificates/client_ca/client_ca.cert.pem new file mode 100644 index 0000000..47d94e3 --- /dev/null +++ b/kolla-ansible/octavia-certificates/client_ca/client_ca.cert.pem @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFuTCCA6GgAwIBAgIUZBRKMHg+nLCtIlrOJ2TirJsaYRMwDQYJKoZIhvcNAQEL +BQAwZDELMAkGA1UEBhMCQ0gxDzANBgNVBAgMBkFhcmdhdTESMBAGA1UECgwJT3Bl +blN0YWNrMRAwDgYDVQQLDAdPY3RhdmlhMR4wHAYDVQQDDBVjbGllbnQtY2EuZXhh +bXBsZS5vcmcwHhcNMjUwNDE0MTg0NTAyWhcNMzUwNDEyMTg0NTAyWjBkMQswCQYD +VQQGEwJDSDEPMA0GA1UECAwGQWFyZ2F1MRIwEAYDVQQKDAlPcGVuU3RhY2sxEDAO +BgNVBAsMB09jdGF2aWExHjAcBgNVBAMMFWNsaWVudC1jYS5leGFtcGxlLm9yZzCC +AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMC46TQXtmtYYCulf3Osb0Hz +yHPQU6pLFNL61qvtPTwe3fomy9tBDS4lVv7ZYfoGjbCDES3xKnY48xy8gvyCa1Dg +weQMfdgd0kpAiyoGItHXWw5JLZtg5YNdd5muJ91krvsRJsuJeemSkUxGME7cm3Y3 +Czt3Datl/d8HcCAnyYZzCv2ixZQS6h8u6noX7HN3tOiaeSEtXLAvJUf15njXYwZ2 +MfsNz6VQxL0UjhvGbZt3Z0cIzfBNRTe4Jv7ygcNMODUppiMPmOT5JbXxogb1Q080 +bqsMlOfM9WhjESjCNKQqhS5YAn25swZ/qZvHRfldJjBIA0l3FirgbHzTZOM9BVAo +osc6q82AGsuCesdSsMFb1VLjhLwTq0LiRF2+hnYzvRbiOsAH7aIP0gnbgLN3D5Vv +9bvog8z6QZ06e9P3XOUTBNWzTPRCaGQA8rm6qOHRqgbIbm+0npzA7siHmQqQl3uH +GwjBQ50XOwyFG+SNTZLCHC1An5NPkT739qLUKCqkle65I0rnWJFKxZO5Zj2ih9C2 +v9jYHHo8Cp9cOyBUc+zI3MOBs63so8WDzF8bR0hDIkc2TkUT1/Y2dG84r0iRXD62 +MLEwp88d+2JzsCYCLHbBBTtRJ2H2sis9xedazwKcAvAXB0LBnS6qQv7Ok0SC6GsW +SCW/FoOmXOYSspErI4xxAgMBAAGjYzBhMB0GA1UdDgQWBBSVr/rauTcSTIqHFhPj +f9QYsH4o/jAfBgNVHSMEGDAWgBSVr/rauTcSTIqHFhPjf9QYsH4o/jAPBgNVHRMB +Af8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAf4xZ +UvtXy8GvLAtE5O9dHXa0cqiw3FSIkB94u1wGIDyq8FT0uXTR6GvbSbCbcrZhds1u +AcPdFJXu0tSekMn+DCALpfTX/8RqJyU57zh+02RZTrlIqSsGsTv+PFhC/hI44fmx ++ONVXUfNOdNGembR2xo/g01VLSh1kwHzf4EgusNp6RDGm04liMlILlo8JUV0gzoW +d+A/usgPzmEkGi5NHcSIVc15etj1Z3PvKRqlNdlTz7HPlqn+2vqLK5OoeoGdyM9C +8ZVx5xfcVowBdjHNYOykI8HsLLp8fXFSfh3T1h5MdAS/VCJAZdTjgnuV674CRO70 +Cy9ELU+Tyjbonfkcs+oBn4BrK+pXRbL5guF7abcRKwlVlcb72M1VkCUe3dcEGxaG +SaQPs2GydtraVOC74nki7V7bj2G0KwVP74Tey85cTCQcxRV2rMZ1TMWCR5s/9MbD +jKMtAakb8j4yQej5fLz2gnzGsSqslFDzEQ3kMqFgxnHcTad0dqnv1aLxrclDgn8t +zlnQcPVdyl5Vxl4X+7atG+Xa81niEEEIf38dV7KuvnYOlNr5zYZO+xFV6TDjuMGi +Huska/n3AZ159Rk1wM8Q1TyEFbdxjZ91a1UDPjXDhD+Z1aH8oaesvxwFd2e0u2+0 +sdDgdBMGYNPySMFyGmCBc3vO79HijzDW/OxmJ7M= +-----END CERTIFICATE----- diff --git a/kolla-ansible/octavia-certificates/client_ca/client_ca.key.pem b/kolla-ansible/octavia-certificates/client_ca/client_ca.key.pem new file mode 100644 index 0000000..d284827 --- /dev/null +++ b/kolla-ansible/octavia-certificates/client_ca/client_ca.key.pem @@ -0,0 +1,54 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIJrTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQI+ewtQ2CQgKkCAggA +MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBDADFDZrp9O/sEXlksVnxxSBIIJ +UB8CywBzZTM6JqpBJMw1nHhcehEWUPfSL4bfDY42GvwxuedGRayDbLq98EWQG3k1 +AsaFPKDk70+WdX2eCF8DcLAhyfEygJ6otB1xoF2tdPD5FDwt+ZyIF89uGGvSznfu +rUKnN0XNN7i+T9Fh5TqZ+dKMJo3PvjDpCJ1MmryrNX2MtpvnTLfY7GkuEprCzr3I +qQokWnlFUD15E0rttBgs68WjycpVIi7yfzbVjCinf6FNJQzovMWOtBqadHGxECpp +v2AyuzqD6A96g2JNxPlheiF3lPN/lH21OWIGnWz48gSOK9kmcu32RSd4QbeC1/kq +y8xJl9kSd3/8NPI6xM++/1g1IA5SB+kBmnm6txCrOHNKCgQk3fyJir1nlGudC+R0 +0MzhrOcZ14iD5EvpJ9+plFToYg030TuMcsvyW8Rdf3nFVxx1f5OvGoS2i31WW65i +K18SR4DVk3eQNJadF9X5o9TwL/dddQcGJv4X1i2DirN7/v82/gJDZx8qrt6h5835 +S+Rre8u2hU9MhaknZS+9XGkRKCsXqIE8ZVzDRYayueBY2Ntk1wPrCdffBV6vegcC +TkRzGZCuoXJGD8dBIlkCxL0h5yLuifzGXmqlmzStiLH+m6rNRyrBm9rFyS5Spu83 +Q8U+Xv7ddXx3HEjuoIHa03pgmgjl3NVczl9nopYxYGkZwG2lGYOHA39AJZBqRcAA +8/vRn6R/4MJY3fFRqRHaOpjApj/2tWb+HQ56OtCeFIXV4u+1tfPmkQQCYN9RPehT +vibA3Ho0OAHCRWW++8redt5pgu7a9bVOM1mA2zrg0aL8e7mdrytbY1c0jOhhZe2R +KwAnT+xdqLrs0Bbxv+6OnjF+wBSj2Np5uc4lUCjMpwp/GsSjKhYHxTEI1GNf1/qB +ldlqLJT5KvPtNUm5S1iKezuAjVPhQrMQ354IOIjb1DLGCM/YlSrvx/p4OJqhJ3KQ +ktm2vUvB+Ul9P8qthvIFjaxVuasuCZFwWwk6xNr9xzvsVtCyHxmFg5+gNh3Hfos3 +1X4o60ZLXYk8TioMgbm68zyG9uWb70BWt3m26Z2uqdtW7rO2JNEQAgrCvbLJyV1C +3l/soScaVRPhwNjprYDjWvS1wmMMlF8hDEXVIfqtA18dxX/Npia9kL6giq6rmthX +xabkwmUK3D9c3HIIF/C2Xrg7RNOEQ5lSuNF+EP60+qYAXDMGrxPgM68MnkAQr1sg +ngwZUI54dHyyuIZZOc64NjLTzFonzvA3Azx3C2OAEnG79f/kxgIe1p22TVw28G13 +5NDdhdxOwP7Lj485CTsQohXHHHYzakvz1ySXaDpgqb4eWD2GBIPM1YxyrIe9j/+O +LGVU/JNe0UK1h/KSRbEnglAPZ0Hsi0LJBbGjmVaMuaXkq9ef+5QhSdr0nrCXikJs +aPm/rLWLHZZLm4R+95hwXEiRn7P2ReFJ40L7Ktkb1Wmf2ii0RVB8VnW76D+XO83Q +dC3IjikhdF2+8O8r3grxPCDUgSalMWe8aul1qHjlCEbP87zT8S+X17b5UgdG22UC +KB8nYG4bBRNz+xwBZa0LdjBS8coO7XjVoSmA/QAgU0HlVzRdmslpoiezRAThj8vP +Q7tqbGNismcXJQf7iuT8NDc0mKph/TGuqIqR9EK/yVMwUy3J588TAiz1QaVonCSA +3acMt4lwS6rj5Jo2K5GKArdTakP94lFhhJVQIBrFrGWyVsxitI0QBsQFSF2R8fkU +1uEm42Y6fRO0ptpyDl6DLHWhhiC2t64ymDe9JsTAIUzMWdJLvLh5JfDbGvOAElle +YG6HSANv7Q76/IhzWYi2Iol4OqkKmyqAg5aBA1FBOKt1O/Mri3u42uhAvzNSSUO9 +qEiE0wSBedK9hHpnHOcM+5rAiqymPa476uCdkXnVdSAVnITvnuAaUrMgRdqeCIUm +H9Srqr6NgcoXbG912/O4xlyh3FAs9OSvY4gBVK0RFdwumErPg3GmZNPTvXrjHePX +SZoEB8Dsct72dF6onQuKw5UbDsKS/05JZ/eTVOpMkFE9CSwJDJj0J1HihFyHVpQI +wB8lmypTKxM63ck6ShBGZKTWTE7ZU2UfbXg0LHAzjZPGcqshe7i5pLmt4fpFy44H +MxPSZjBOkAExclCKtQmchADkgW8wrC7WPEYqAn/mgUGnmpiwytPLJGvll+vSnwrI +aqPdiAjZiBhx1K/HNesCJVZeE+225ejcb5oUAmXiETDqhFwQw9xkugVeCzlE0RIM +uUIfX9ldlWfB0P//zUw+1ZDtYJZwwl6rXXl0g9pc+JczpV4lYArSfgZT3sJBCWa5 +C1l7IuCNgV5afLj2GYiOL35tZkL8sdCOrjlYJSNYEUnN7PdWa/QdlbxpWrHcgluD +L6wfiuEgNS+gDeZvXSaeYgmIqvDpBPsqLBQrUXAerQTzsdjx8DkUDD5pwsrCfiF8 +n76NAQzdI8UIrG7rY847f/dgaKSJt03ZRdEXq++eLpQHW90XKw+tDQfx8IJ8i4B4 +6aB85PCSdAvSOi346IT2Lwi2fXiHH7UyUEqmjC66ltAdTWjWa3czlfUMkAR9MH+w +KHENP1l+Z5wyE4acAsMNM+aYCkNUalqHTzEEqMmGDbMTDW9ZFdu9Sxvzx2wrokQH +M+m0TBhS0cINBIJ9CQcnVgrbv8rYqfE5oAaYhqbyFcjHabmFmJ5+/YchjRPDfNix +gV+6z8JfdS39zCQRLU/xwTzhlpJdEFnN8vqco4Xpnh73BGS60j1TQDE2SXBAQFWQ +rFlItPYxQ8nkyFCd9Is0KCiwPvb1cyaM70t7AU+Lt9IN8tnFeauDsK3bDTNi5/jO +CPjGCFyrr+KJfGBiLISBB8en4QFfA05VAKCMS0TKlkpLcpFWq6A4yGSqTO//VTlq +KsMVfKANkxXvIbEEYGx3c1CpMbME02BcrQi9brSf8PVh9m58qrZwguP8c9fhIb5C +e3EgY3zfzASZiTMaxi4jR1t0dFBUMlrVf8TWX8kqPH4A94Op2euTUM+D4FSX7ntS +dlpKuL3sbNAbqH0qj+y54VGEXMQs4BZqHQIt0t1q+22W+8rFuAAHgXNnCY/n+4pX +bPnQudF5A0Na0v5KpoySjir4cMambqNrB4FouEDYDzDxl5hlCT3F4tCvVD2Fs7ZB +qrAc8Rdxk7MIU7kEPk6iRKmf2eD1TQcGK+BEd39rntzV +-----END ENCRYPTED PRIVATE KEY----- diff --git a/kolla-ansible/octavia-certificates/client_ca/index.txt b/kolla-ansible/octavia-certificates/client_ca/index.txt new file mode 100644 index 0000000..c7774ca --- /dev/null +++ b/kolla-ansible/octavia-certificates/client_ca/index.txt @@ -0,0 +1 @@ +V 260414184504Z 1000 unknown /C=CH/ST=Aargau/O=OpenStack/OU=Octavia/CN=client.example.org diff --git a/kolla-ansible/octavia-certificates/client_ca/index.txt.attr b/kolla-ansible/octavia-certificates/client_ca/index.txt.attr new file mode 100644 index 0000000..8f7e63a --- /dev/null +++ b/kolla-ansible/octavia-certificates/client_ca/index.txt.attr @@ -0,0 +1 @@ +unique_subject = yes diff --git a/kolla-ansible/octavia-certificates/client_ca/index.txt.old b/kolla-ansible/octavia-certificates/client_ca/index.txt.old new file mode 100644 index 0000000..e69de29 diff --git a/kolla-ansible/octavia-certificates/client_ca/serial b/kolla-ansible/octavia-certificates/client_ca/serial new file mode 100644 index 0000000..dd11724 --- /dev/null +++ b/kolla-ansible/octavia-certificates/client_ca/serial @@ -0,0 +1 @@ +1001 diff --git a/kolla-ansible/octavia-certificates/client_ca/serial.old b/kolla-ansible/octavia-certificates/client_ca/serial.old new file mode 100644 index 0000000..83b33d2 --- /dev/null +++ b/kolla-ansible/octavia-certificates/client_ca/serial.old @@ -0,0 +1 @@ +1000 diff --git a/kolla-ansible/octavia-certificates/openssl.cnf b/kolla-ansible/octavia-certificates/openssl.cnf new file mode 100644 index 0000000..34161b8 --- /dev/null +++ b/kolla-ansible/octavia-certificates/openssl.cnf @@ -0,0 +1,49 @@ +[ client_ca ] +new_certs_dir = . +database = index.txt +serial = serial +RANDFILE = .rand + +private_key = client_ca.key.pem +certificate = client_ca.cert.pem + +# SHA-1 is deprecated, so use SHA-2 instead. +default_md = sha256 + +name_opt = ca_default +cert_opt = ca_default +default_days = 3650 + +x509_extensions = client_cert + +policy = policy_any + +[ policy_any ] +countryName = supplied +stateOrProvinceName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +[ req ] +distinguished_name = req_distinguished_name +x509_extensions = v3_ca + +# SHA-1 is deprecated, so use SHA-2 instead. +default_md = sha256 + +[ req_distinguished_name ] + +[ v3_ca ] +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid:always +basicConstraints = critical, CA:TRUE +keyUsage = critical, cRLSign, keyCertSign + +[ client_cert ] +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid:always +basicConstraints = critical, CA:FALSE +keyUsage = critical, digitalSignature +extendedKeyUsage = clientAuth diff --git a/kolla-ansible/octavia-certificates/server_ca/server_ca.cert.pem b/kolla-ansible/octavia-certificates/server_ca/server_ca.cert.pem new file mode 100644 index 0000000..8782554 --- /dev/null +++ b/kolla-ansible/octavia-certificates/server_ca/server_ca.cert.pem @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFuTCCA6GgAwIBAgIUCB2lEvG1aThxW4b/kwm6Q0/uZN8wDQYJKoZIhvcNAQEL +BQAwZDELMAkGA1UEBhMCQ0gxDzANBgNVBAgMBkFhcmdhdTESMBAGA1UECgwJT3Bl +blN0YWNrMRAwDgYDVQQLDAdPY3RhdmlhMR4wHAYDVQQDDBVzZXJ2ZXItY2EuZXhh +bXBsZS5vcmcwHhcNMjUwNDE0MTg0NTAxWhcNMzUwNDEyMTg0NTAxWjBkMQswCQYD +VQQGEwJDSDEPMA0GA1UECAwGQWFyZ2F1MRIwEAYDVQQKDAlPcGVuU3RhY2sxEDAO +BgNVBAsMB09jdGF2aWExHjAcBgNVBAMMFXNlcnZlci1jYS5leGFtcGxlLm9yZzCC +AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK2BhhiaG4H/JwCCGyv5+ZJX +qsypfMFUvLuMwb+vX4nukOUTsQSKTOji+LNG0GAUFWkssmkLh/T166WDaYHMpdaX +Avb1TfgIb68YT1tXU12uwtlp1RBl9qvHpFMzZ1g4OKaqjRIK7JDz91UFwTydz63R +gM2u3/BUGj1qgeb/Y2jC5FLb4ABxTVy3tQJF1hOUOg2eauqEk/3DNq9r3PXJxqv1 +slD2KUoPBQqolFAOP+dVY/AMV8sQ/6+RAbfmq2WdOs21fasc2e7XYa164xyd2biX +qRqHaAI7YWMmWZju4c4SaDynvQYy35147pO6+24DbbtAWzspynm888YRTll8Ezgl +O1s3hpoG98PZUcaCgiGlULAnaedHRZ4D9IGFs29EHVUF/5LwJLSYBLXkGA1yjo+t +3zSMBh8Dem6NlwkipcO1XW70MSyjeL3zBUSjdbf6W7AdMF65fUNt4qqy4tLWB1xC +X6Kk3VNMJgsJCBggB9ypJ/S5G912Yf75fd2E0IsavqfYvwltdv+dJika0w/hjuyz +nAZorZyz4d+SMh6jQIF3f8BEkA5n+bKPwyZ5en/HHKcTsJcHGNON0jxp5EO/v29p +eixcDv5KspLUPeDW7+UQqwGSd0YFngmlZfcHHR3USQenNYyDQ7OJClAhQp3lnH5T +LxdWyp0ZPWi6Jqve3vTTAgMBAAGjYzBhMB0GA1UdDgQWBBRDXn/oho3okugX/3PZ +gvIi76OffDAfBgNVHSMEGDAWgBRDXn/oho3okugX/3PZgvIi76OffDAPBgNVHRMB +Af8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAOOaL +zV0pylMNzv/IdCjHS6s02VVmP7VzI0oDKXE87FbPBDLHDazNNf/wfITla37Covye +satC6xcPWrwM0sIeqt9uD/CHDpp2oTvb4UqGf4bdJzgFPSnT+yi4fKmWTJ1gCeSI +J9O2vTmhasBN00ozg2EocaeIG9JD2UXV+ttVwn+pHr95cM37YCas1IS+XSVy4bSs +4Gc/ezbTiddM3r81mSIb+P2Tx+YbetwflthlrWxB98H8e7zAxtnZGjQ6he3sGY2P +4KFAd6GB4qmRLYDFF3hb9bqx2zQosxnaaeMZ2i2jpGKwpDxSpG7rsG1ceEG+e1dH +mN5ezhR//CXFjzqgeYB61XMm2V2AVh2dvniGQ8oTckFFn/E01j4BTG6VPd3KkZu/ +s0KIM1+ncVggo0oIPfsnWT5IEkJ043T0o0x5wCwrDlLTJ+sDhu61Kp9Soytxm0oI +TxHotabiT8k5mULgCSkX1uOjUIYCOYjSX2FrPce2Sfs6Mju59CaurIMjfQsKTuLe +IheUs5sOEtSav4pjqg2U6k8MGembgjSoqTfEk3bnKkpVyKaP0HQswQJ6eO6wtPWT +Rvk0zXfknHXaQF+Olau1X2bTvmEbk0Gqjj4wG67ZldOXru8mf5htj9xzEPE6RoHi +2oayF2zNtwlunDCSNyZDftcyGLFuF/5T+nFJfYs= +-----END CERTIFICATE----- diff --git a/kolla-ansible/octavia-certificates/server_ca/server_ca.key.pem b/kolla-ansible/octavia-certificates/server_ca/server_ca.key.pem new file mode 100644 index 0000000..7f4a918 --- /dev/null +++ b/kolla-ansible/octavia-certificates/server_ca/server_ca.key.pem @@ -0,0 +1,54 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIJrTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQI61DYriqPUrsCAggA +MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBAlmn6sMPrAs/OLhWsnGgxFBIIJ +UGuQnpwulG4bB/rf1AVLDS4ZRmCpJ23uhXjT5nhKtmP6TW2x60t79QZRyPkvNzhy +4EO0nOYoaCEyvTcUSfanlpZzY62AMHg4mH+eyygNrHWSMPg4g0m8ARGBp2n5aPMb +Y+hNMvIqVf7zUN2es86ve3FWwZqPxTkieoEjUH27CFW6IALTm84/NqNtp0EMaiwj +6trgpyQqTkUHI0AG2hjdNNKqMEY+/LJsyxZaQb1/a3IR/mqhfwGlMb/KIjBMVKF0 +XdCJsbVYrSAljCHFaPA5dXh6t88wBC0RiJCQO2XDagXDHrgVkM7weT1wZgGwIWxl +v+o9YJbnalHKNGxfywqtb6cxrjpgDZQ3c5MU/bk70v3aMlq/mwZBIQlevHOPjY9h +0lf0loEEKvb9VUNuIl53mq1bNbq81M7pN8Sux5lujcVALxXi3T9ZxUfhhd1FuvGq +yAbekIJt300G64BNj7OC9MDSjHA+5dZMz46VgabUirwhI8KC4bTfFIMwS+79ERF6 +EVr9ENg9TX4bjPrZijaGHAwCrlbmTN6r3Ssq0nj7JUHeB7Nr4Wq+3hm5Y9S1eDDt +5oDVAj/WqGloS4s2Jrq+fpqqRIxoMJ46dvZ/4bXQOSL/iMT3wbqgNYOPnY4K/q5p +zvDM9BIOIimh85VeDnWMhDU1LmRitRIQzZ/OumvGU2aA+a4vqroJOSCre0SPFlee +Fxn3aCrClgMh/akNYjKX6dxuED9n3yXI8d+sRiYVIssUy5p/0aMktLU4OR+HIBzC +lmhFyiKH6oaDcvNURY3G9tkT6aE/B7zMhmIcX7w4Kdaz3Me3FTKajQ20s6LrKwKC +ScCNZV/DfgsgCOluPKZz/Pdc0A54ngJeQdm1VhtdbjVP5Go+zLa4TIHS6IafZG9Z +XGsgaIh0ItFuCeELDPCN/pRv9o25SbRMUAtCHQ8ljFOadaLIYEA4RpcuVpVtv9ZS +g1csHMwJOUlJaFJPjymAIfMZoZf7PfvxL7egeHiHwfEFSE29Kh0b2dhVuMFK5oL0 +wrbu0FkW7TY/r/vYRtuAYtzm/4tm2v2Aemb56ISKJnLqvntbZ9Z7QI1diWoi2TR1 +OWfSQiJQCbQknBJUw0puGudj70G7Lr0QBGlK9lao/FDYqQosSM7Ko2LhdnURUAC+ +6zdXE8gFevNjaMaIDfsvk1nrs94+k6gdvSwPPWaaIeIN3qIC08XuwV8wrUP3Z8gF +eqGq02F4g47zI+3H1kq56tBfCnz8FIDPku8il0LEDQ8evABHkcTPij8H50N6dJBM +9bomztzASmUvdnLT2MaP+fJ0Ny3A0xD1EyT75h8H17ReLqXQ5vmNZKeTzm3UtAui +hxvDqBE49S41HykeHx6dCmQHpt86H0tAdFeg4PC//plKplkyFVqYm/IOdNEvZ4/q +X7uQbi2YIFbOpwzGcL+359RYfcPyuEslYo81sD5PU4KJZFXeAoEc7NMgK2LLYAc2 +JMOa4OKgXZdoiE40Q3k0GkOWNaAVA6+P/9pOHKEwhykm+u4l2Ws8SDjH1sHIMxoV +BE6tX/3s4X+B6gM78ApUwv7MfWzBNF63hllYH0redrs4lXqfMGzgp9W7eyt2f2CZ +ak7bt+JmFLu9A0EgKDuhsw82nX7074qGhKwQPG2ru83vgOgBiYtRujTuZhgJWGE2 +SaxQmQ9uPDt6bC1ikvQLph60HuaLr/Kcu0pmYW0//2Xt+Iz0Ppvu5PBTUiRTe6nD +6L2x5fMiqx5/H+tp+E1WjXw/+avOQ/sk+isuF7jJmUgkHdTz9PqSNfXU/OsxcfU9 +FjuqmE218BxahZiW8T1KxjY02lhlntR+IINtMOGc7J50WvbJpYDhX8+vzV6J6EY1 +2DxoJc+DuQ8W9jdh+0+Ls8envwclrYeFTkysYcz5GdyBmLuZ8umpqdswPhKRJ4b/ +JCmhLoaBGXdeVEbU8+5NzRTIusfwlqXzwPmzNH7uSQNxRwmIx7eDnTagGAUmQkHr +JPJWblaxfA+sZCd34YN83HETDXbWPzbwPAwZoUdsgB2P9mu64pfLFQ8SdGOQgWrm +s1EvO9dn9VasgVsn8A7g/dYaW5u6SLsshdoABErk4JIGkwv6rhTg9MgIdAWGA4Sz +22NTA9/NqL2gzBo281OX0N6fEC2l+6t3aar5I8Wpv1I7JLfXCObB7cSRwpZSEKpn +VYOF2HnB46Mrt/hD1uwjSf6lgv+cqqOWxkBQk8VoAD5zmMcRluNd2WbnkzX/6WYn +p+J5DkIjXHLl7FBtJRYw573xkyKmSG9RRPSJEAcTPVuou3Cnxnn9Vwvp+zTM5oKH +WUc1XqKBlU/hFYKUOxlGnMi9F4qnOoKxm5Wpje8vlrGKXrB9jTsqnM0loQTCMyBW +MZBymOTcAiqd/U7aPGBQnnG7PvZuFhGPaos2ETJPlJW50dIL0kWMxBKI1XQ970YG +VfGqh4UUKA+c8VZ7pXLEngXEU3sB8+LKeV1Vo51kYrn8uMM8TdJbjJyLLNo7n9tW +I916iwhIoPdMalF7HO7C5/5i3p/zbH0zD6JmjHYrm62WyXiJeRtEiS47HTVYtVqq +fAZ59saDmCV55kYf1qrasF3JQe8Cotv0X7ZyhKtLxMufwSB7xtYxNMmqIytCZrfr +6AKSt1EBmMI/ooKeXRNIjlK2LW2H2RbsdWKheQDSGO7583zH1P4Rzw2tEt8IX8vJ +cvD5tnU/ZRod1DGtiPgwohXSNjvCPK4YbTXv4XPJn4qPGSQArJhfZVSgtqFio3Gc +uBFrkXwD+9kVsiTGvCDaUZXAHSRWZ3y2LQ7vx1VPy93SAOGVXU5IWBRmjXVUrDfY +u60uKRKPzoGOg0LBu/9dUhm359Q07RpoAfHO/+V6+kXoBNmpzY/8lVh4FgdTTP2T +APUirytMRqHWgzw1R0DcM8ZoIEOgOWlM/kXGq+JuIO75g7CbapKI8+Rf/OidXrDK +NhDGu1IxCD618scql+zPcg+DmCQo6EwOiCyM26VqN01chtRnZLPL37AddTJGlXe/ +ABVuLKtKYaeGnaUC6tEo7rbiPll8VoKc0WTnyy2AlANmxgh9Q+iGh6owYOV6ygLm +5JN2gDXlACtsAGecEDp93JBB6+a2CdtPKMUvN4HlIy8H79L7dddaoKI20ALG9zAQ +Kvcq+cd7Jv/km7Jjy97fUH5gru238g1T5DNBng2s6w8H +-----END ENCRYPTED PRIVATE KEY----- diff --git a/kolla-ansible/octavia-openrc.sh b/kolla-ansible/octavia-openrc.sh new file mode 100644 index 0000000..cf62a64 --- /dev/null +++ b/kolla-ansible/octavia-openrc.sh @@ -0,0 +1,10 @@ +# Clear any old environment that may conflict. +for key in $( set | awk '{FS="="} /^OS_/ {print $1}' ); do unset $key ; done +export OS_PROJECT_DOMAIN_NAME='Default' +export OS_USER_DOMAIN_NAME='Default' +export OS_PROJECT_NAME='service' +export OS_USERNAME='octavia' +export OS_PASSWORD='L8dZsrWOtNI8UvLVGKseC3FB5tRZ0cZTI1xw87Ns' +export OS_AUTH_URL='http://192.168.100.10:5000' +export OS_INTERFACE='internal' +export OS_ENDPOINT_TYPE='internalURL' diff --git a/kolla-ansible/overrides.yml b/kolla-ansible/overrides.yml new file mode 100644 index 0000000..59822c0 --- /dev/null +++ b/kolla-ansible/overrides.yml @@ -0,0 +1,98 @@ +--- +# These are overrides of the globals +# use ` kolla-ansible -i multinode --extra-vars=@overrides.yml ` + +# limited resources, so only use 1 worker +openstack_service_workers: 1 + +kolla_container_engine: docker + +# openstack rocky +kolla_base_distro: "ubuntu" +kolla_install_type: "binary" +openstack_release: "master" + +# vip address +kolla_internal_vip_address: "192.168.100.10" + +kolla_internal_fqdn: console.hnrx.cloud +kolla_external_fqdn: console.hnrx.cloud + +# network interfaces +network_interface: "enp2s0f0.100" +neutron_external_interface: "enp2s0f0" + +enable_barbican: "yes" +enable_central_logging: "yes" +enable_ceilometer: "no" +enable_cinder: "yes" +enable_designate: "yes" +enable_grafana: "yes" +enable_horizon: "yes" +enable_horizon_neutron_lbaas: "no" +enable_neutron_dvr: "yes" +enable_neutron_fwaas: "no" +enable_neutron_lbaas: "no" +enable_neutron_provider_networks: "yes" +enable_nova_ssh: "yes" +enable_octavia: "yes" +enable_prometheus: "yes" +enable_prometheus_ceph_mgr_exporter: "yes" +enable_redis: "yes" +enable_skyline: "yes" +enable_watcher: "yes" + +# Designate +designate_ns_record: + - "ns1.cloud.hnrx.net" +neutron_dns_integration: "yes" +neutron_dns_domain: "cloud.hnrx.net." +designate_enable_notifications_sink: "yes" +dns_interface: "enp2s0f0.100" + +# (Storage) +cinder_cluster_name: "cinder_cluster_ceph_hnrx" +glance_backend_ceph: "yes" +nova_backend_ceph: "yes" +ceph_nova_user: nova +cinder_backend_ceph: "yes" + + +octavia_certs_country: CH +octavia_certs_state: Aargau +octavia_certs_organization: OpenStack +octavia_certs_organizational_unit: Octavia + +octavia_auto_configure: "yes" + +octavia_amp_flavor: + name: "amphora" + is_public: no + vcpus: 1 + ram: 1024 + disk: 5 + +octavia_amp_network: + name: lb-mgmt-net + provider_network_type: vlan + provider_segmentation_id: 111 + provider_physical_network: physnet1 + external: true + shared: false + subnet: + name: lb-mgmt-subnet + cidr: "192.168.111.0/24" + allocation_pool_start: "192.168.111.100" + allocation_pool_end: "192.168.111.200" + gateway_ip: "192.168.111.1" + enable_dhcp: yes + +octavia_amp_image_tag: "amphora" + +# Load balancer topology options are [ SINGLE, ACTIVE_STANDBY ] +octavia_loadbalancer_topology: "SINGLE" + +prometheus_ceph_mgr_exporter_endpoints: + - 192.168.100.11:9283 + - 192.168.100.12:9283 + - 192.168.100.13:9283 \ No newline at end of file diff --git a/kolla-ansible/passwords.yml b/kolla-ansible/passwords.yml new file mode 100644 index 0000000..17abd82 --- /dev/null +++ b/kolla-ansible/passwords.yml @@ -0,0 +1,861 @@ +aodh_database_password: 5NluokWXPWwQvteEoP36crtBiM4vAsGHICM3ilqz +aodh_keystone_password: YNIKNLHCT0upwUPnJf7CK9IV2pU6ZfQY0dD2nWEq +barbican_crypto_key: NnA8uCwp0Oz2J6Zs5o3sd8icbOiWggU8y6_osqgDtA8= +barbican_database_password: l4Txau9ggndBHUdYFRLp6iwO7kpUYWVldc2dytFl +barbican_keystone_password: TCo7X8GLDJQvuFB50FC5N3KaIwb3o0FPqdiCy8nd +barbican_p11_password: a7sOsbZruwIDg8mCuxxpgjydK3tj8bT5XZI18re7 +bifrost_ssh_key: + private_key: '-----BEGIN PRIVATE KEY----- + + MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQDFw0i4dkVfcxq3 + + kZJ4cq8ikdJzgCoItnTpaQSP+GeWxw110x+zs2b1Z3WjG6bXpq0couBL2yT1yvN6 + + 1B6C3X1Vm/rpGO7J9G08btaEzpteFtTMpuJO1QmAC9GoWzfY5aLXSQZRsljBsKAj + + r3Tr94if38/TDp6mawYf2p4/o4c8lc5niTJ8dUMzSmW1kD2iLxCDZ5Qovk6exVWS + + AYnlLbKtWyP9vgsJlTmFmFntlru1Z6PulI6CrNsNM+DcS0aAzmapRt0b0xrdPM41 + + HOzOi1eC5bmT24BgQqGjECFO1+wEQEmisl55DNC+DC+0iJGChZkw/c9Raa+z7Txm + + gcfkd0J4OB08bxK3kWGm3hRR3nfuLO9gQgv9tU0/ifgJDoZAXlHf5dCMftSOtR0B + + YFbEB+b65cbaXEMKOrerY8jD93Vws0+70nYyXnaIvd52rCPfOkf5dByQpGu3wpIv + + H/oN2fA8pggu+RbIvFQ09ZTYHyq7RLnvI1K6gnsmlXBmwiZDQIKnTs9RDAdPiUWV + + wKBxBSw6naDl9nXfWBq/tPSaNXHd+kjWJCGZu9byvt5Drk8/cT4/U5aO5UEs6Cxn + + 3ELBNJf1ObCq3UCfqIGQVg2zQemnsbIqp7xDX00LZTgnvIYE/wMhalt8DfrTDqEp + + 02HM98ci+7mlO1X0FGal995mezlwUwIDAQABAoICAB8jCJuWb4TAPDgj0OJq+B0i + + xXZO+w9FHvIzCTdbvn+UVo+zDn4+JFtGD1T/gQzaHs5v7I208sRKUHyJ0kX7doTY + + mrBBrzMX620E7HybhQXS5W1VZzNPQoApHDj8J7ZcLX/k7PxG7seMNiJ4ORn/7sBx + + Pij2V89O8XdpddoCNsQ4t/dAODU1Rz/Xmlz0WWfkLh7qW37wu7Mu0bK70EjHoaa+ + + v1NvrRA0sQpSOvJ39ZTxvPNO64MykQiqnuBAb9jO5oYHdL+xRL0JmlPtenFoqf4f + + ilD30eYWB5oDa6McxvnCX3WgzNQVSvZpN8eeav6YZ065337re3ECTKy9CUp05n99 + + O06Ix/BJ0fvDc/zs0lov7V3KVxH30h2pL20KUScDJJye3+enOGKPgzMbNuEcDlut + + SpGZjNy5GL4etAtj845XoRmwKi1ymJp/SPNgmn+Km4Dib6heTO/e0XaqEUKEsSef + + uI3tGPB0MrNBXQBFnrqQU8DA9bkVYqaktLhKDn8bSZOXSk35KlT6C37I2jz53eh0 + + FiJiZO0v2hzmbCF9XRj7RZH2XuIKlLFnEeN8rQj0i/aTQZO+YzVKvlwss8zmGg7L + + qtkXOkxOfLQrDK+PsaJ/uhP8cmx8o0AArY4gg08a4cIsnDgxClSP2UFS819UXgct + + CgtpHmrcg/7IhjNlVtZNAoIBAQDpixC3BBvxuFHz6xclwTqL1W4eg6qth+QfVAls + + 8akPQOd1Kkcj0NxpO3YTw6deP7WfNMzZb6tRt/koeNh+7d/IZycsWY+HT7Kp3zN+ + + b9GU9FAr/HYY6PwYNozt7ufdvd/MK5ugjKaNixBCSXALFoVNCSAWChzNve8RB/86 + + ZT+gbW4qjb2SkgpnVafwFPUro2Zz+KIZlB2BkmafYgn0HXofY3LrkPORw3NJeDTV + + Rqdm3KkD7yZFfcVMtoxCE1TTEL1yuQ9RGZo+DW/nZBlgjNmQZzjXbcLpnzsLG0tU + + VXHkz7mPjLVaBu1M05ruzpTAfLDNUfOHJ37+mHhhvoX5VJgVAoIBAQDYx3F4Na5/ + + XV/YUQosaEcUV3Gn9VS7hz8G1B+9zyiphQ+5cNrOg/sj+vvQUKnLfqngL88DHj1u + + KpMYwqzdBePtN53opIduZBoMHw1aML5pvrQQJ0dQt1ziut3QC/Pbrd7YWANbvk6p + + 0FCGe0+ZveSXCUQi8XVGlxVevM64RlziS7Vkd25/BTNcAVmEjUY7r1m2zFCAsXzY + + 8bJTA2NmMeIqP7oILWZOCDwRkbWeInFF8G01UIZVrrJMY0PQeEAC1IpJ/yS05JRj + + PwFKKJMvRdnxZUAGp57JxBPDFOOzCuK2WD8x19ldqeZSvxPOakBsDWmup2UDPgBO + + nGoiX/AZcFjHAoIBAQCi9O8f1NUuz/8XJMXNCUwxwCYLUrIoTXbGyVueUe02AILA + + hVSIUDdLkjrsxYumPuwa/7ukSMAQ0D8hl1jxEEgizJ9P2dpFfz3aPCzxH1LtDaBX + + YNyCuycUOhQR/a56Uf+ztgXse9fHUe5xYk603ez7eM+TsVCx2sLSbnMPqxA/f7vs + + I2TQvehWfDUnV2hPH7/gUe/By1DfVWkX80+gr2TEPB828biSz/9El4S+AIPUSUoB + + vcBFouGliobJoDWC5N5cC3b9jtDKVZPssDLo5L72fJ/z6dmkLAAF2vCwEsLa9nqz + + CGqOO+Eex1QHJ8wxl4/CZFl5x/xb58Wv5kITXIyVAoIBAQC+AZpodgz73/kZXnbf + + U4sxvi+FuxhIwpOwxY8IzKHkbBfLP6rZpn8jG2NKRNl+3wfA08bMAd5wSGrkIgZo + + ODh+fOgwuL1oOd9GzpTif6T2hMvI+NSeYAnPRWEUcNWOsIiJ8iMHb/f9CfT62ux7 + + YiERbXLGegOEGvsFLdK3XB0f0KIubCxyszlAJIK1Fyr/N4QYIF9TXb6DXN4juu2N + + 7p1A0NibQEfSj48vCxs4fxHv7nuaZnlIcrYfFEalXDEnCeooT7V5xHx3vQrBWG0h + + 20TbPBbxfkxEp1N3A0FNdnYew5yocHw6h6e00XxnyWOsEdmW12xHejnErX6toI+P + + jJSTAoIBAQDh0vYLmycgqokNpWEhf3q49kn3RIQTPV2QrvEOBzdXv/TOMbUMqwMc + + 9UcUiyS1X8sJ3qMwrq021lJy2S8Nwa3F5qGGDugLDDhn6lOE40X8gNOC9HvIL/Zc + + JdqUHnL6M8daaIL6Z4YoIkutvIaW2xfBfS9ZEWALpV+y9HijsOouVrsfNhjN8AJr + + SoxWQMIYsy20eKEm+f8+Clo1YfuGuLyLKs8Xb91hKgKPPgv+Y9ZLbcWSjG/efHc5 + + ZLshm2AzAsMK2HrRAeVQUNPbM6C+niXSyc6SAAh4Rd7T1jTzGyTaMSawFXA1alYi + + WN6LtGSOme8pNqybhSs6UsJSVBlRSZ4u + + -----END PRIVATE KEY----- + + ' + public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDFw0i4dkVfcxq3kZJ4cq8ikdJzgCoItnTpaQSP+GeWxw110x+zs2b1Z3WjG6bXpq0couBL2yT1yvN61B6C3X1Vm/rpGO7J9G08btaEzpteFtTMpuJO1QmAC9GoWzfY5aLXSQZRsljBsKAjr3Tr94if38/TDp6mawYf2p4/o4c8lc5niTJ8dUMzSmW1kD2iLxCDZ5Qovk6exVWSAYnlLbKtWyP9vgsJlTmFmFntlru1Z6PulI6CrNsNM+DcS0aAzmapRt0b0xrdPM41HOzOi1eC5bmT24BgQqGjECFO1+wEQEmisl55DNC+DC+0iJGChZkw/c9Raa+z7Txmgcfkd0J4OB08bxK3kWGm3hRR3nfuLO9gQgv9tU0/ifgJDoZAXlHf5dCMftSOtR0BYFbEB+b65cbaXEMKOrerY8jD93Vws0+70nYyXnaIvd52rCPfOkf5dByQpGu3wpIvH/oN2fA8pggu+RbIvFQ09ZTYHyq7RLnvI1K6gnsmlXBmwiZDQIKnTs9RDAdPiUWVwKBxBSw6naDl9nXfWBq/tPSaNXHd+kjWJCGZu9byvt5Drk8/cT4/U5aO5UEs6Cxn3ELBNJf1ObCq3UCfqIGQVg2zQemnsbIqp7xDX00LZTgnvIYE/wMhalt8DfrTDqEp02HM98ci+7mlO1X0FGal995mezlwUw== +blazar_database_password: kKbSYPPipgdW8oe6c6bdLoBsHlOcuK06Ae2DOSLG +blazar_keystone_password: Uahq2wDZhhOMbZdXJlezQQDMZwhTKAetED0LZdT1 +ceilometer_database_password: qDgwPwaKICj4KgQge2bNTGYbt97Ma0hBF8L0Pe4p +ceilometer_keystone_password: jVPLyA59Y6KXHbSwN2EmLQ0N9aBeKCY73u7oEGl9 +ceph_rgw_keystone_password: FZRNx6LPNAdtr5aVe1pvg7vGZGSnzF1MC1K1nhRW +cinder_database_password: oD6xpHOPZUviQNxASz35UIQFTIlaeRiFD6bFFxYw +cinder_keystone_password: VxHzxGQ3y6TDb84zKasQAvWQPmfupDGdDETU7LNH +cinder_rbd_secret_uuid: cc59236c-2551-4e73-a58d-e5cc5a1a8bac +cloudkitty_database_password: m0b6EuQSCdrOt5e2eMByIpX0fwXv6H51BKb41JNU +cloudkitty_keystone_password: GII2gNwP5MGQvq7tDZcLxfebIlRFgFrqBJdEprWR +cyborg_database_password: GA2RVKMyB0uDY6uZ1pK048pGLWUhj4Sar9CJpLKG +cyborg_keystone_password: 3lxb0WygFlp35N9mwhWXcX74U57mvS3NlHofcbfM +database_password: M2n3BRZDDCXn4ntXS6QLftyqwyDt9hCko9r9SAn2 +designate_database_password: pUbpp6bsKbM4zeZwlwj7tAWB8gPoxhcX88FtCWIb +designate_keystone_password: fyqQVjJX2ypPrULSHiP64zCdKBqa137qXChqowZW +designate_pool_id: 1fa6324d-10d7-45f2-b550-20c0a25a2cf7 +designate_rndc_key: 8f073eab55fba233a97de3ef06427d48 +docker_registry_password: null +etcd_cluster_token: i8TxRmf79HgfFozqqwfP5ZPpsODHUYJrqdjQg5EV +glance_database_password: kMucPlLO6gaawQORSfxZiDCky8U2ZRtxooUIkDOt +glance_keystone_password: d8lzKg4zfbXzL4qpJ3U74PgsFiPpdA99X5mkHtKa +gnocchi_database_password: AE6tyf0x60f1bRw3iiH7q8mX19lruHjoKgoLIZff +gnocchi_keystone_password: jlFzIUzpNmueOi2bb321vgCKGk3Ugv35sd6xOlhr +gnocchi_project_id: 9431f408-d07b-4bd9-866c-0b3ce49f2ab5 +gnocchi_resource_id: 4b8aa5c3-dbc4-4297-ad65-6226f68d3ca6 +gnocchi_user_id: 7aced417-7ab1-4f5d-943b-26869c2223bb +grafana_admin_password: z2xYt9hEUHwe3EgsEOTHluJsvS0YEopIzEbC6izi +grafana_database_password: IzedtAlG6chCrMGpeny4hH6JoIMIH7kdq0wRGedU +haproxy_password: GtIYatR7hakbRPFH8eYK41BYCsSd5qjzCElCXwkw +haproxy_ssh_key: + private_key: '-----BEGIN PRIVATE KEY----- + + MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDjdcyRToLT6kpN + + QpdsItbhA4h1I1thhqsHYnBgWTWDO4xLjFLXsc8YtqnKDUm2RIybL3eHi7MKnCl0 + + HkVCwM7ELZdB7AzHNIxI8cfwiQSk7KxGxGJ8Kjl3Lrq15n6hSqsnHqFVTMBmBIVO + + Mgnj7ItpeX6vycwvDu22xfd/iVM4mO2wcgsxUD1DlYxrDszZjYTZPjS0gkdbcDVS + + 8FCb8PmN9Qpu+J48exxTPwetAlGt8z2IjmB2lvda5zwFQnaxNuGsAIBOePN5UGF0 + + fpoRZAnHURYGYuePkuB9Nnw8huYdfABBFEnQEnti8kBdmdlTreRgpCvEIxX+aXt2 + + 8sg29UM1hWH8GKeyQyAZMPM72Ppn0r6jKcFSJ86VsnWqtS2fGoiL7XCKDHgxXnys + + 8Kj4uDPCcVVC9z/pfFyjt2u0K96hcGSBL5jULS9efVNyuQjRPZTdFglLwjmUzbzt + + LcYlDK+ErF1tXf5un2Z5+X0vAPKhSP3Qa16xXYlLUI51+a8t84itSvmoUlU3CC7j + + iFW969Xtm6HPUpBlUpiqGqiG9eEqyC6YFksmCp+PGLGJ9Q3No5U6YIddKI3QnJAG + + ENTW9ZF7nlsPdWuCZmoH93lGdjxnuLWoz2tUFworil2ZMncoOLNDZaxC8RJ3NAw/ + + p/mxNGpUmjI0nG5qX/Iq/0yVP5DKeQIDAQABAoICABVtnY361XxdUA6jPVykk5Wz + + HYHbiNpRM3+ImImbHd11GKxtVciYKahsXOZ6Bf2zy4M7H4mXcZCIUadsyp2VSGVW + + 3i8Jq9KAcs7UaD+SyOs4mKo6CgUkfTFrJ4/HXRqYzDLtQcmlZ2K0/lH1iNT+Dcwr + + 8/Ffk2rDf0V+tOhA6aQlVA8RT1if9IWPayESzd2Y5XEJ2TFALLTCh2N+3Dk0pG3p + + Lchyh4WvG2YERBbaZxN6HMvmjdPeOQNJUXA1aLUdNHldurip0FYXanbtDlqhEALE + + 8sw7ORFfhuKE5YNWOguBCQ0YejOt6g3SQJoQylaFxUQNc0oQ/BtxmH4GNTJoPKJ6 + + rNX2yTD1umvnG5BTEanN3EaSFuK6SEYRI0aMVxo2a7oYeBz0LQBV+ZtezC4mE6KP + + Mi2v8l3bfWkFdZR4KhISyYhcBUu3qNS1p5zEtOKRS4mNz2w5u+I3/VhBLCWAhObA + + Cazq85PCcYL9Rozb8U5+YJl/O3EEQkYHep0AQmNN+Z9Y+LKGvVS3sm2S2478qN+f + + ISRtxq2naU1vDruF6qAY2Kh4aX4HVLbw/zhl6IfT5+pVyeEmdgX+s+8Rbtj6eJtc + + H+/nwH5HlZW9AJkBrEcySYxCToaYcFl0QLrAsZ5GPfA3j/++5Fzba6L92M8mEU7Q + + HBNDNSRzY967L8ghu4MBAoIBAQDyeuA+lvt/vfbQM8lyG+kgVVmt/Xo/FacW4cBp + + zMf+V7rTANEQQEJmvM3JfvBuVbIaKBsySSyF4nwnSbhaVrrQZ6oszQh6Bmb7aj6X + + 5n9y5l7qh6S8UJubFUbE37URdCi5m/oP2cPrJ7zzbXP6ypUVoFLnVXXSQbLTJB2P + + flOH48tWQ9Hiw3ZP0KGRviTbKNhXL8Pdk5EgcwNh43kl/nmC/60gzilodvuVyIiq + + S67Zs7RWzAZL2rpUMBCX1Gb9EPjPThuE4E3bfwMWvlJkdKln2TeZ9ztErzjbysMp + + Y5l8dpyWkVv5RD3FLeUGPnhwasSwntAUHoKTwe5wssQmh0cRAoIBAQDwJIhBQ2TK + + tOmCMKruyg7t3h2EKc+70Qy8MifX351pZkjCxb5H2d8WhLAdpWP/KGya+zIhWAVy + + u/p/ML91CxVxpaJz7Lqo7+WTJY7XAqvC9wUfHBBLUQzwqXbezsZdfD1PCY76Mvvj + + 4E5yjQehJIvsaoPogaJjQTK/O+K0Bb+em0qBBfehak0ohdhCV4AtdUK2Rkbg6hxX + + ArQO7Ose/jlgrydJVJUaydxVn+MkaCdlIjKf0sTk3F3R34MkAOr7VrjZB/nXJrHY + + IUhGOIGzMEe0bWDgwEVQc0AcseR9KSlnD4T+snDshdaXZmwmrICLlonMw0S3uvru + + lyVLE2sId1zpAoIBACA0MZQeeUh98km0lwyQqGWi8EYrZBD8zzQ6x1NF30noXOep + + NBr0bd03Nh2MvmHo/755lSMYlNEzQ0n0gId+/VCwc+l/UaDjOMorUiTaeBLKhdCg + + M0DPc9sk+EEtdN7cjowYKx3vzhVtMasi3kRwo1w77sbKkttZ3mYsZcCpBm8F0fuj + + Bj0XuJ7hFpRErKBuzEzICztiXePxYoGdtHlXUswTKOsydk1pgABkocH8SzyeoVTl + + w/BPHHAR8iI4E3WIy4K83OrI345HUCG1JTwyQk2Ii9nm+/gjTWnjhAf7MmdVWXal + + 15FDfvCxJ7msklJb28OZVAlYA/+bwg81rtdvIAECggEAY7UXadmcoNmq1qZ0Yn88 + + 4aDGqphdq0LqQb2lc2liR1/zuAM4tUaN7SCcq0J/mXLkXRkNQHD2miPYpzTLWcKH + + Xc+C+xUAj6JDtOv0Oeve+y1rT/ZsAYmekNIcC/jYvfoWzplOZy4CDiSVDdTmpQ6y + + li/HoyMoFIP+mQ45W7vDSwx5S8b5gWjMrpWcLDd+feFhGKNnTH2H1MzHjCbsnMq7 + + chxneHgJDL1hoZ+oRPaF3OTtFhUCMXAZ+EkQf0NuTXs9dsdsAdwMHYv8IUPW/lp+ + + eziq78aFQRkJNqDaGOmdSjBUbRgT8PDFH8mkAA7BtLOFdaJiBtM42xWgo2Jln3dH + + +QKCAQEA7hK8BYLU/b6G2ghQw2Bd+Xx+CBUpeo1xOfUwsRxRsmPJqsy/WEPPiOaQ + + 09B5YUJy8Wx53TLTL9Yizibtd+vyrDf6D1AGAD196319u/zLYesY0PqQS3ok7o0i + + MV+rP3JdXhX8zMy1alPER0aTK5wTt0WkvUbQtdabcR8s/PSzKh/Fo6QKqDPQWeLV + + 3Oq6GoubbOH9GL6fHlg66J0ZDRujPTxRgRusTusuwqm1VdJdFi7y3FZ4/vuntLHo + + fBpNnNeR199kL71zqgzSGFnUjQJzUuu0CoPmk7OmFdH7oZEwHYMIwFQaLU7jhGYU + + WBSAtbSJwAsBxlslILSrqRG6rgl+Eg== + + -----END PRIVATE KEY----- + + ' + public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDjdcyRToLT6kpNQpdsItbhA4h1I1thhqsHYnBgWTWDO4xLjFLXsc8YtqnKDUm2RIybL3eHi7MKnCl0HkVCwM7ELZdB7AzHNIxI8cfwiQSk7KxGxGJ8Kjl3Lrq15n6hSqsnHqFVTMBmBIVOMgnj7ItpeX6vycwvDu22xfd/iVM4mO2wcgsxUD1DlYxrDszZjYTZPjS0gkdbcDVS8FCb8PmN9Qpu+J48exxTPwetAlGt8z2IjmB2lvda5zwFQnaxNuGsAIBOePN5UGF0fpoRZAnHURYGYuePkuB9Nnw8huYdfABBFEnQEnti8kBdmdlTreRgpCvEIxX+aXt28sg29UM1hWH8GKeyQyAZMPM72Ppn0r6jKcFSJ86VsnWqtS2fGoiL7XCKDHgxXnys8Kj4uDPCcVVC9z/pfFyjt2u0K96hcGSBL5jULS9efVNyuQjRPZTdFglLwjmUzbztLcYlDK+ErF1tXf5un2Z5+X0vAPKhSP3Qa16xXYlLUI51+a8t84itSvmoUlU3CC7jiFW969Xtm6HPUpBlUpiqGqiG9eEqyC6YFksmCp+PGLGJ9Q3No5U6YIddKI3QnJAGENTW9ZF7nlsPdWuCZmoH93lGdjxnuLWoz2tUFworil2ZMncoOLNDZaxC8RJ3NAw/p/mxNGpUmjI0nG5qX/Iq/0yVP5DKeQ== +heat_database_password: cpEA8v2cAPedm4VohMD3AtNqP2heZZltVlrScYo3 +heat_domain_admin_password: peIhtGw4WiLBQzdUo0qd50EUs79AGDVyqWG6G2sP +heat_keystone_password: V1V1j8kASxeWdT4laDcJotgD3EFtAyJDKydDotCn +hnas_nfs_password: BtC0OaPp6rQqiDbOCP9vSScX3GGaTXTLNPVIR2RK +horizon_database_password: FYmb4IH6BUjjtW24mVbo2EzbVgtVuEfzqv93WG63 +horizon_secret_key: VGwwiKCsKECc7uMsU92A0Vu5LRn5a3sfiTdJn1KI +infoblox_admin_password: p0UVlyar45tvJhlQGrTKjPDI7pKdGP1wccDf8Dgs +ironic_database_password: 16F01iKzZ7zwtqqhCqgcVBPD6VHQMEOxUompO9Zn +ironic_inspector_database_password: 2wqOFRA19iV6BXkjtMV3FG8pYsm25V9ZkAp9OHJL +ironic_inspector_keystone_password: AlF9rHdYDVmi9bbS6MXnxKY37X2RUJ0IDw7GLkDP +ironic_keystone_password: xz9cuNoqiGb3YXUE4lZrka4LABfqwsZlqfk4pd4b +keepalived_password: 6CMUfIPfhcji3XUY7EOWRo24kv1SX4GHTZLY2vnj +keystone_admin_password: 3QAtP4dECYsRtxIpW23OpPYiE7XOUvZ9UDmtyiDT +keystone_database_password: I9rEkKEyR6T6vGztjE7F31t8eDKBveCD4GLbktah +keystone_federation_openid_crypto_password: g4TqdWuFxJPj5pRLFI4ea6LfWsvgreIkypDzIMUx +keystone_ssh_key: + private_key: '-----BEGIN PRIVATE KEY----- + + MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDhbqCnpuB3g5j4 + + YUeQbEgAnBTfJev+f0MefpgHYg8Qfp0D/Tm8ILwX3+qhuiryql4uXDB8BPVnA2+c + + 3bW3kXLY+014PYWx2jSC7/HCZlZ+CxVAtDHRs9XKTm4OLGVB4chKF3FF5YYhi9Sv + + aJnn6HdGrG7iUG7oPeVHFgZh51pexUzfHjPb1yLxThr2a0EJATlp4Pkltu2eYdML + + smaYUc0d7Mw5HW3CruZVGSZRNBq7uj10VYNHT32e0du80bPwb50wSdZ6o915fpto + + d7coS+nfAlIPGuCpxYXcCa7OkGsOlteodGMm4ShkD5ybJu+mKEm35R42IzGSRGst + + ZVQu1lVJiLxh5sAiEQKPUjEwqSX6euojImAdx7rEecj3R5Z1FemYPhcoF/Dp26A8 + + b7d/9T6TZU54z3R2OWGzjmyObDPCTmuhg5iLmi429nnQYzBz22zdhFrvFqy1eYH3 + + 2WcbhrGh5KdySHFR7q1+u52SVzvAu/JG7ZDOrIoNFRJ57/XO7XZcNoJPC1LilAPj + + fjk8lZGeOw/t9JVCChazEQK4l1e9ZS/ST8yKFRJZ0vHjsbkFEbB1ia/lZYqgc842 + + OeqEpIzfEnW1oAgrwNgXJcfZkp/klCPfcosoHFes5sxbdllrgVhS20XhuP09oZSB + + RVFpDINOcO1PAYgI2jU2M9CrzrOs5wIDAQABAoICAAcljbGi8wzMPuY+Qe7h2pUt + + CDsG0GjSD1urzGq3gMjCFXznOJRZPqf3G6Yi6Rz7ql6yjNWcW/dMaZZshPKb3tXi + + 1FLn3bwvXGjQ7eDULmZyjYBD9ixdaigEEoMf2dnxLCYFK5HOs/uORkuFTRPID+Ki + + sXqP7Y7ZSifVxUAHU0XGitMBTx2SFXPW87iKL+v206N3/ri5CDwe18+lc+aHpAa7 + + LMJGx5BbdnE43zkbJhnQzq/zIg/5r37VzQSQarGdqDsRVtuueY/8zop3o8vYPu19 + + /QH+P88XXvtZ0eaPN4WlNz206uEe/uZ6hDl6+NqoqPr2fYhegezO1HhXn7KYbZMG + + +qf8JgAfMi3f4QMUGdaCbRiGHehJUXYk24X8YFe/+ObUuD6sjagAGTIlr/Yrja2L + + /sbpqlqGX76KqQWpVW245p25JdyJap+6C/teoXE1EmiiX3JOpW3t/gBvN7SlUu/E + + fs5xcte4QGWxwl50dGSYVWJMSkKYq+/KnIFXTxYlM6XB5frr1EjlTWVowIDNVrDh + + Bto+LaMZJFVVsebqMhUibj6J2aQHvmjxrXdyU80j1XVHA1Y6rbxR50LKV1+fTn2y + + x8GPpoNLwkR8F2tEwyHaAP5tVByflhEEA8BbBI2+u3qOiegNs2hQI0PZGEP1XngM + + IkqVYXeTiTJuWuGRE3A5AoIBAQD4uD3UdKFLRO25hWURZkvldHdN40+p6xIyZByK + + LqxHIEe/e+Pbz6i0uBYN4tXzpQe9doltLIFaDFklKIO53jMRH1OMsSBgsYuU6RPx + + 8HIquF/u84owhf88WQGTau1T2Z+BMsyBKA1FrHSMAgDIlvd8nyr2VQqB0fQ8qUhF + + jeggNbAFw80W4ptkc6GUNtkt27A/kDLchghI0FEUV+oIKb9E4VpPU7m0U4aiRBJd + + 35PDCs857JrFeMWG/ZMG4LF8gDgZo1fPQSpdqmj5CLwUAZ3LpZKBpgu/MhjoXZr0 + + +p8sLgq4V5ZmpG4LpFPL9sVE+vQGQknnyQu1Kqn9YPr1SNGFAoIBAQDoB+IC2pBF + + +HpypxPIbdU9p+h3fTUOMa15qmh9nyIum8pHG/pUpmxENTYV/7mMz4BcMMjYXtnh + + eh9sZmERUm5h7vQrcd6PjbJSXRlFaJr9GsubD9PdBlFGFL5D/xKDO0S1CRacs2B0 + + QOm4U98+3C+MtNK75fC8824Aa1Xp7qSZhx2as1E56BO7lQQqQZyOLNizc3/S3lDy + + V/GcfTlqdjz8HeJ9Ocib6qVX5JeQpWNjRgVgKCzDpGYz4S+hqlZrhCuZpMafHM+T + + NDjJ5hbHD3oGHrbyzM1hC7X9w1rsIHsEOe+AZOCf6miNPe2asLgyLy0fV4POX4sh + + Fc4wHSV1CZp7AoIBAQCRQum5n7RkRYmiBKqWkuxYwsC7GLt6PfSOwbF5cvDjSZMd + + 3rmhs5KQmcMnsQfMGOKAYS66OHgDo5qc/SCR+ZhRs74UOY7zaj5fZhFkCE5lbPF6 + + mXpoBJqhIEqvUo/xnPRvfL+73yyBOMuIydKzVJiOjFeHLvvH/ltq4mN3W/3qcfCw + + LT8m0op3DKGd8rq88cXqGcnayd0kyaXQ/9eLlPZEwGkCU5/uFapYMvGXKfEexL1q + + 0ylBk9upj4fDSI/gavJY5vFt9l1L/y7344YVGSyTt8vtNJE/xX6Ol7zcv1MfdnSE + + XYNVx0sOOZdHVIS6WOcUkLqhSOYxlQ1bErz/bNwRAoIBAH/QX9KcnR6+Go1vtbkR + + r4ZwKOExanlwKhQ8J6UTdNvh25JCOipJJpiIC0wg+xAy+Y1PHkP6M+E9yXOIDe5h + + zwZJf90ys5u2PUWbnSEb10yXZxL6rAUzxq9pG8oPBx6dFmL3J6qYMQi4/UYZhX92 + + AQdsUC1LI8qh+bVnawMa/zbHNCqUnqjcS4poMswoKlozIAfyFraM2mA0y5YdcPRR + + P5TNzYaXvwcMQZpiBI+cW1xDJRDr8ISw2c+4Oum+EC7XtsDDANqDH2ECQkoNYfyz + + bM9UOgkTggr0TYMFCt/JoJoaY/EBIK9Wi9NKCsnMkRqr3BpItgWHofdOsK7WT1zi + + NmMCggEBAPMN2cM6isSSY6GFvrK93I82SpqxCLDRnEgO3rcoRNu2G/STiq3Pqy+y + + zvC0aGFWkGx+wZStwlNrL+Oc03AjPf+uDF63HLv8o5bI/fxcayT/5dQuHhMYJ8W9 + + 9SJ64b+g0epV7yDaSsXzhXGmbXTbuzTHeuB+RmpxoKZQhjZv7e+PSa1swRhAdNyg + + tpd40aKn2o/vQUMvTWeEU7ulUOw//afVX7/lwU7adqB5TrHaA+E1i3WgmNhYBhGY + + +4GKcM0QrOszCUD8kmjJYJJ8MnqBwaxnR9SL+RGoFjfYsuLyqOHlQvsyCZw/MnR2 + + fEWTKsK+/X/4t/rcVPljv4bdg69bKdo= + + -----END PRIVATE KEY----- + + ' + public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDhbqCnpuB3g5j4YUeQbEgAnBTfJev+f0MefpgHYg8Qfp0D/Tm8ILwX3+qhuiryql4uXDB8BPVnA2+c3bW3kXLY+014PYWx2jSC7/HCZlZ+CxVAtDHRs9XKTm4OLGVB4chKF3FF5YYhi9SvaJnn6HdGrG7iUG7oPeVHFgZh51pexUzfHjPb1yLxThr2a0EJATlp4Pkltu2eYdMLsmaYUc0d7Mw5HW3CruZVGSZRNBq7uj10VYNHT32e0du80bPwb50wSdZ6o915fptod7coS+nfAlIPGuCpxYXcCa7OkGsOlteodGMm4ShkD5ybJu+mKEm35R42IzGSRGstZVQu1lVJiLxh5sAiEQKPUjEwqSX6euojImAdx7rEecj3R5Z1FemYPhcoF/Dp26A8b7d/9T6TZU54z3R2OWGzjmyObDPCTmuhg5iLmi429nnQYzBz22zdhFrvFqy1eYH32WcbhrGh5KdySHFR7q1+u52SVzvAu/JG7ZDOrIoNFRJ57/XO7XZcNoJPC1LilAPjfjk8lZGeOw/t9JVCChazEQK4l1e9ZS/ST8yKFRJZ0vHjsbkFEbB1ia/lZYqgc842OeqEpIzfEnW1oAgrwNgXJcfZkp/klCPfcosoHFes5sxbdllrgVhS20XhuP09oZSBRVFpDINOcO1PAYgI2jU2M9CrzrOs5w== +kolla_ssh_key: + private_key: '-----BEGIN PRIVATE KEY----- + + MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQCm8TLmkPOG47fi + + ZfxD/qwTZuXsk6p52ydfdK1j6nc5d7kzLOenWUTNvPqJ+jBNuJhzMy4Z1zegKVnf + + o7bRlC0GKTXXleFKTThLtfMOT2IzsU8OoWFpy5Uaubx0sSjOxP0d9NQbbuMC63tg + + gzolCx/lEv/wWEk9Yn+wdZMjpS8ZPqHmAr3KvGjqXLC023aoMLjOeh21tnxXyPmf + + r0L9vtLOqGcPuHa7XCP5YU8xATokFQh2XOBXYtKsSW9OhFHS6m6kjrn/MgGLUnC1 + + oEP3DJzm9eYRM5FVwKZjNk9jZNo4qjZ2XunhUbuPt68dz2bx3XW1DscpShMg0ohR + + KetzNiObSWcoUmNA7rPJ7ycVewt5WCOwSW1ay3VnGZJ8hsKTSrGVK7M/hwh+5Oss + + 0tKwbKzUGD+piSnm595o/tBE+ugGXO9Jx+7BiUP+bk6CgBPTSHst7RjYJJvXrNpV + + nOGMTIbDSC/9FkGgvkP46NeIP62sJ54Rwj6OGk7MkgvcxTSaH7jYCJn60eCQ49On + + LPABISc5ggLDGjy7UYU2CcJKqhfq1QiZuN6a+0QjsT6d1p5f0uQckn3YK9ZpKC79 + + cVAsm/n5TlO6J0SEhRyqQaEDBi1ZM7LDaHUYm2OQLy/RqiDCjaxecD7GtQR/x6C0 + + 3DUCBfLczzA4A1+YG6tAlWRQ60cvUQIDAQABAoICAAKFi844p+wMgCZh4d1NUVA2 + + 9n/EBIAEFeB6zsRuyguevcf6jHp+NkRJD6wCQOTophld31s1sXX4b+6JTpl0dHhm + + ipUZwwocN96pZj0r6Ozk14/OE16NrCA36GNHGomihzwCyuop6vEMKWw+GTSOaiY7 + + uuzYiY0tQeZihUUlYWxvQjLrLU6c2VUabrMhqkV8vGrmhHC+a5sIGrCtPRzf+zdS + + ywE9WSJIAFVb0V5ZMVWSkYLXsO4S/KGMd6tjA2klIEQZMZErskMmbPRKYiJvAOb6 + + dYXinnYyE3VV0H3M7ACtfgZ8VSoxkcyoQrN3oruCK80vBqY+k6LEGVnoASHnskKX + + ybBzVhQOkZuNCpny8Rk7Bh3UZMHZ5MUizz5MFgwDwT1ICsXNYPpOReCKjuUWznrj + + UWCoYhbntzIyr5B68sMpIchxlOK7eL5n06enBFhSdLLxhljcLROdnvJRmBk/gIB+ + + XczkAm9AzJinY7U8XhX74OXmilb6CZJ0lF5gBBKCBnZdbD8eIGeDs8vLMt7B55r/ + + wzKz854TNMsbETRkS1vsTh37YC5wOszCIoA7F9YuCoGkGY21Cl90DRzlQi9WHbpA + + OtET7OsTIB3aakjoC/cWlGZ0at9/ZzUxaDujTpEmFfU9PtDD48ijLzseGqgr/0Fv + + NMlYf2Yhh41YhpZKZUHBAoIBAQDWXKFP+QrXHgoCxV1a8IWgBcaqO4Q+bMrXpcDT + + Yb2q3CUYzUYpCqv7awh+oU1SejnP9y8Hoz+yjelJO4b/v7FlzTmW3WRKX1+DeyWU + + RGZICXAqBvkBkYqhi1v4ojARC9sASidnnk906JybnWNu7RydPYOPIc4IqUJjzzxK + + mZ6+tgJ/Dr2ZgJR7mYwmdnLJ3Fzzi/WLWmrpttl90sxhw9n9D18am3AZO6/+G0Tb + + jBWjOkKTmxHOQNAfn7u3UVblOy7Y48FNErU3QIe3AvKPgRt8IR7O8u5UlCRc9HWC + + qWQfReTaPccIZlvF99IIYhukeM4Rgb1irL1A04xVJfIpIPJBAoIBAQDHXpN6+w5f + + 83ZHudMCRd4kiwQT1Yjd2Qk83V4Ehc3/lITugJPgBz9Y2J2hSf8+90iyd7ZJ7V96 + + +0eK2AQ8nj4S9qnFkNauHUUuJL9Kfdy8r2EXmyeOP0mVMSeQtksfV0k535gWSSBy + + f1Wldl2frhfI3DEu9gUp5OYwByPpOE2KbWw8LUZ3OcodHqVxhqzdo68Xw1/S2IuC + + ZTUhMrElh653uxcYNzkQfMswWP5p0QkIrfVQu0p8qRuQ/MndiE5KQuPgoG3Oo6jL + + Ho1/YYyOLJYEoqc/vLpogTOT7YqYY989g1aS1oloXc5q2Q2rM2Z6c14oaTVtONeb + + xvGA3PDXPtkRAoIBAHQzRmaZs9yktfyGjHKti2IRf33sQWWth8+aVIrBoxUpvRpS + + vEOnO09Q2Av82HNrOkeX0PCs9+yMrPc7w5SDj2CF/T/gx2rhhF87tEVJRsCqDRlb + + KkRFZwbnCnYfRTsYWCEyEWZEFQJkzfA1Qx9wfWBnZheC1bMwPYLpZd9yovDyrSu/ + + C9xYLSVLOQPolZUDVYfYSMS/wNDsg72HNa+RgWuCl6VOuVeUWXS/x3XT3C7deBWX + + q/FIhQl/hzx6ZUZh7KU54SEskPtgibEVcfOEoyeItLCuU6+ZlpSlF8Y6mMGzG7mK + + X4gYJIuOKVbOB/oCWoJ29/izduvbQWku5rSQ3YECggEAPR/s/Y6NaLOfNvxtCkxb + + gD6y4FXeoY3SPDvugFp5vvtNCkaXj98I9/dp1LJ4NFjii/0SAXZqiK0T0SjLm740 + + b+H6SR1QBI/qzuvrTi5qh9sJXJBwPzd+GuS4KbEKNTCwvbKk0WhYL2KE4rb4m2Vn + + 22hPGAPLr32DaYQ26WEevOsxfP2wlgs8wVLNDJJq24U8wH9hGKbVlwPqlyQQld4U + + ipbszLrZnwlzzn3qeozhRSz4gmj5vGCol/o49de9kR0S+qKVJ/6bWLMkVMKWslxP + + Hlq0BmGZkULTim4QyQoNvrFO0LQ/6qSgDbhAbZXTvIU0gBVJkRQVXqhPEOAsYwHc + + 0QKCAQA3O+652sQRQbJcOYoEy05sDYxaJ37jhAtGyoqsgB1RUw9X0WbkIlBIzakE + + g9EfZy9wB/lnUcDrQrOogDVD6mAKmWv4WPGO/Zy+69AggAuSxZDpXk7NFAvxazSf + + Cd9sfQ7anxZV6lqMOCn6PTlYRhUOAbfN99bio8Uw9nu/OapJp/FwNI9LoN+/SmS5 + + oltsixIWbwldFLYiO3PFu9Csgvhbr0iiQq1TnPp7ZT67WbZDuyd+7xQbaMaWzFUL + + JZ7BlSnRQQTFyXAPR+h0SyIybkaG2z9851YQl1RabM9ApOTnU2Ij25EIw8Wg0jkq + + wgU6NS9Yit14FcmPpb2wlG7IoLwb + + -----END PRIVATE KEY----- + + ' + public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCm8TLmkPOG47fiZfxD/qwTZuXsk6p52ydfdK1j6nc5d7kzLOenWUTNvPqJ+jBNuJhzMy4Z1zegKVnfo7bRlC0GKTXXleFKTThLtfMOT2IzsU8OoWFpy5Uaubx0sSjOxP0d9NQbbuMC63tggzolCx/lEv/wWEk9Yn+wdZMjpS8ZPqHmAr3KvGjqXLC023aoMLjOeh21tnxXyPmfr0L9vtLOqGcPuHa7XCP5YU8xATokFQh2XOBXYtKsSW9OhFHS6m6kjrn/MgGLUnC1oEP3DJzm9eYRM5FVwKZjNk9jZNo4qjZ2XunhUbuPt68dz2bx3XW1DscpShMg0ohRKetzNiObSWcoUmNA7rPJ7ycVewt5WCOwSW1ay3VnGZJ8hsKTSrGVK7M/hwh+5Oss0tKwbKzUGD+piSnm595o/tBE+ugGXO9Jx+7BiUP+bk6CgBPTSHst7RjYJJvXrNpVnOGMTIbDSC/9FkGgvkP46NeIP62sJ54Rwj6OGk7MkgvcxTSaH7jYCJn60eCQ49OnLPABISc5ggLDGjy7UYU2CcJKqhfq1QiZuN6a+0QjsT6d1p5f0uQckn3YK9ZpKC79cVAsm/n5TlO6J0SEhRyqQaEDBi1ZM7LDaHUYm2OQLy/RqiDCjaxecD7GtQR/x6C03DUCBfLczzA4A1+YG6tAlWRQ60cvUQ== +kuryr_keystone_password: 3RuECy1qMXEnkaRqB01EOnXggb48jjlcrdY1GcFE +libvirt_sasl_password: vt6j1AqKnBSXD83jzWzCoOkg7lMobhWRJ0EqxIhE +magnum_database_password: xN3A9UUi4CnPE85d9qOUsMPSFHNkExkrCzseFH5m +magnum_keystone_password: KxhbsikFlshisbpoFGIus3O3PF6MN0LZBPRH0QOF +manila_database_password: E4daXrNp5EYE1K5rhdydgNHpCFqzEixCBQ60F7eI +manila_keystone_password: nkQyDEjo09nY0CHdKgcvPOhe0a9v6ABBIYHDBfAW +mariadb_backup_database_password: 7mrklFaE1YYTzFmzLQXcl1QgGtI8f5u200hpni95 +mariadb_monitor_password: gLDE4fI2lw8soCiHi4WU6pgcYdZoGowH0dVHSDOk +masakari_database_password: yzw59V0FWiUcgKGsTi057cJvzKdG6nPR3P382bZI +masakari_keystone_password: rIApuTt30NNTKtuWGQvkQqLHPySPvodpHjc4m3r1 +memcache_secret_key: iZgOofBdv5gu94QHqtzQ1h7PrygBoFraHiTdQ9gJ +metadata_secret: isOEAJ6AdtSU7Z9Qi6qglT3kH4IGfCkGH8fuWybV +mistral_database_password: G8iilvNpncLu1knY3Rk9WShd6o1bCRwoazHqlnAk +mistral_keystone_password: 2jkk1Z9leA0PfmoIDrU09JWUo4FIaezfkl4taAlK +neutron_database_password: 9JiTgxjJVBx3XVxwxIwnc8Qz0mnzywFGWVZnlZEk +neutron_keystone_password: 2WPfjS9RB7HRBAsj8w9KLTagZJIi87Zsk1ehu8Jc +neutron_ssh_key: + private_key: '-----BEGIN PRIVATE KEY----- + + MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQCYs0iQc8Tg2AJr + + jAr3cD4vN3MANVXx2P26SxTyZjC12P7WWpIxzYo+HTbWQVR9m4VjnHAHsDCqJDsH + + Lg14TnrCvj+tQveAM2V1NGCD0VQdDgIGUGFoQHfiR9N3iao+N3EtYGIqmvY8ETe+ + + 4UDEF0OGws9JCms7ozq8UdRo+NDIpe9YeEQPTG5wzkTzeiO+iuMOSQo7jw5jj1EJ + + IWrmuxVbJWMSVFfKjnkcUnX6mJPqrpzk8uBTsrFmpRP78EjvFwrml/ibF6xaSfUA + + BV6eqYWLoJPPthDd+pcivZMpwkYTzc8skEoLFs2J+BIChk4xm/nXWunO61IfT8zq + + o3Om5rsJrwuQ/3uB5cVmuS9l3B7laXSPDcz9Lq9z64KjH5jptVR8GKbRusWkWGzR + + tjAy2nItdr0UKa0VWYanZZgTO9MrpMVnH1RA2mFj4eE9b0omgtwrsnx3MGri1fjd + + AhsS4bwn2TSTWeDlROxXAv1YKOwlgHrgIxx4QL2NQiWL0aXpd7cPduYkBiDDkZs2 + + +28J7nb+7f5J7g04mzHbhib+evvLrjolGbioNSM5G8K/Jv0LwDxvykQtS/5Ekb0R + + baoCX9CP8camREs8uaL9rkc0temraiw96ygi90xAFT9IfU6rJRhl+0YMvY6UlddF + + itk7nPpZh7WQd1fgaZ2NYqbJJ4pN1QIDAQABAoICAAKVfhPbsagwX5IcU48uWg8I + + fCyzulmWV2zQmnEjo41gN6e+7pxjIwS8D9J+VoStngs6eXbX12r5o/oSIG45vcAP + + 4hn3eSK1O/FIyp1QbID1XLlooM1X0e+FUaHDNZtJ6uNeryqTZrlLfUsAmsz2q9Da + + +RD+WSQwNe074UFJfJb4n906Y8RygaftBaOtHG+7/+2c9MxfNloe8bsa0qlG3yyk + + rFGCFd46nPgKuS5daJtfCw6gwYUJEBFxl636ufE5zZhrV+yf8O2yNLAkZx5+NeFP + + /VBVf2GSPP58gMIDJJZvNCNH6cjYQPAlv4BFb4tNXWP0iOJUfxZCjnAmBe38F4wi + + tDjbO59wbpv7jJ/4XRqqoNa2KWI8RkM9zDDuwvCtJJj8RmUU6ll+lHDbN6jCHaA/ + + aVVG8S1PQHu8nosbyK+6y3kNs0w0nZwnC0g/j+7gMxTnugo9DRJsO/i4IQBZIHjE + + SkeL321vkXJKblOShKz1G1ooI1Zgc6KocfB0fPKzOHqVvSwljub2TpWn16lcxO4R + + iGCDbrirpou4KdF/EGgyLbASFgXKZtv+eZPN/t1rZr0dPbXudcZRVQA3NIUvGPyC + + 0X6THfqueXuTgXD273oXyZIvrO5i46PWWsjFdpHwhRgu5REZn5j3Cx7tpWOwK75V + + HQ0CTq4jyXF8wXZT/qDBAoIBAQDPUYZhufb3hIFaAwq9klF7WG6i1VkdKnguuCDd + + mhanHiDC7isupmEf6QorxoFqP6QXSQSdCBAncAH/xulgkq749sx50H6ykmazjwfW + + I8/5TRKcL4wkIhbHFWXvkstoa5p896GDJzDa7XJD9i3h3nH7w4TeJZrq5SvGlCbn + + yXLWkgCRonRGHfan/oJTJrAcAI5aFFs85RfidmloX9h0zyaD7UbQ2iMyljI0/329 + + d641QwDzbkquOYPr/xb99eZPCSERHdYiraCrJDG2tcA7LjfV0hyDWOHu3tDJ1Ir2 + + UKhwsues8oZrJkPXWryyQ/xLB85kLiF8/NHQAtntwptVT5fxAoIBAQC8joOzkzhH + + HXthV2cgJdkDOvsFm3HTE/v0UsQOx1J1kJXENIdQASiwy+5mg416ui+RaUiAxFsz + + D0MJarvm11Y9pnkijFI4AoT+b+uI8v2iRL5paj4g/PkAQTJCYWNgMeAONDXmqMhE + + ZWsfYEShBflIKkDXM6/op+EeK9koU01FOs1JgR2w/sGNnLbd/qqEJBFdkFs66ccS + + BE4sMlYQ0LYctSZbxsWL+wur/3CaEsYNIXrY9BXSssxlQ7z8WGB7YxvSHYbQdqT0 + + X2QXppVnAk/4JuPyDgciRnx0IcQqHcX5LbLwjE/qXnv+aLBfjNwpOF8U5dF2nlvS + + t7kuf0h+NtglAoIBAFCbKP2MOXqpOUXPEvj8D9Q+YN3Mx9YwMgQwMQ8YHyCg9Sn1 + + QjLkG7U1fW/hwWWXEuy+xh1sCiPbR9uz8f9LaN6BzqS6LNivVWERBoH68JzEm6zA + + S+OsoWCMcFLCp3WVCL735QNCVJt6YMgNym8cdwLlVR6uTlpv+iI+bhYG3DCTGceF + + +2FbuxA8Q12jGCv7B138tjCp/ixdz8P2KAnalOYMdlEzzyWXAjRa9f+ZrdElmRQM + + 2Np+oE08pCrf1cj7CrFGAYEAMwz3iKC6b+BSqwDmrZFgGJAwb8tZaSI14BfZZ3x1 + + 20+D1DLCI8XH6ysdAOEwknKvNcCDq0nnNU/pH3ECggEBALeGTxH9/Qza2TgJhkp4 + + DB1kzubKQaOdE+LenA12XAAp1lu+dOWd+yj5lPUanh4SEjKKMxOCCvJLrIgB5xns + + BfjDi6vgwDXb3e54qNwHBm9mUZ7w1b/t+b4RtwV9HOiIIvgwQTZcmXBY9kb3wFSq + + J9PhrHLJ0DG3FRn0u8zQJ6l2blFY5rlbfLCFFEhGk1lCcdSLqQBSgnw6zIugAr0j + + J94RQ2CYu7ZfhyDF46dTFom5SITaLlOBzAfUQqGqs13lPTLpokpM8IkaP6X1cf1s + + 9sEluT/j/3WQ/ZlbND958zNxE3WmXDJV/IHHC8Q0qiVExObmOVYnFGCoigmDwd93 + + KjECggEBAM4shtWOJh9pOR1ocQfvG+N+EOyZIKgMr+nKaITZCRW9gdpeDYaf+RMw + + Y/7XHVyzByCBbunI84x2JURA0ouqzUO1nWwREO/XbWDrckjbNreWIGUonIWoKYr/ + + HmIiQefnQ4bC0huji++1GZWA0aYrsXKyNTYGEpou/6APzu9THEftq9eFn5kMMiuA + + avvdMGJfoq5JIdmQSLfSiC/XlKwADrJuypt8/09CRywlWZXpjuTKjjz3JhYB/Wgd + + hLQA2W7KW7P/FaAfFv0/nAdIrMRafjBvONvopi6V99m3HK4ti7snVsQXTwjz7Jjw + + eXRQhAwzSUMEipqUNoiKNxwPknRDcw8= + + -----END PRIVATE KEY----- + + ' + public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCYs0iQc8Tg2AJrjAr3cD4vN3MANVXx2P26SxTyZjC12P7WWpIxzYo+HTbWQVR9m4VjnHAHsDCqJDsHLg14TnrCvj+tQveAM2V1NGCD0VQdDgIGUGFoQHfiR9N3iao+N3EtYGIqmvY8ETe+4UDEF0OGws9JCms7ozq8UdRo+NDIpe9YeEQPTG5wzkTzeiO+iuMOSQo7jw5jj1EJIWrmuxVbJWMSVFfKjnkcUnX6mJPqrpzk8uBTsrFmpRP78EjvFwrml/ibF6xaSfUABV6eqYWLoJPPthDd+pcivZMpwkYTzc8skEoLFs2J+BIChk4xm/nXWunO61IfT8zqo3Om5rsJrwuQ/3uB5cVmuS9l3B7laXSPDcz9Lq9z64KjH5jptVR8GKbRusWkWGzRtjAy2nItdr0UKa0VWYanZZgTO9MrpMVnH1RA2mFj4eE9b0omgtwrsnx3MGri1fjdAhsS4bwn2TSTWeDlROxXAv1YKOwlgHrgIxx4QL2NQiWL0aXpd7cPduYkBiDDkZs2+28J7nb+7f5J7g04mzHbhib+evvLrjolGbioNSM5G8K/Jv0LwDxvykQtS/5Ekb0RbaoCX9CP8camREs8uaL9rkc0temraiw96ygi90xAFT9IfU6rJRhl+0YMvY6UlddFitk7nPpZh7WQd1fgaZ2NYqbJJ4pN1Q== +nova_api_database_password: 6tVga1L1ISrIo1K3mkCMHTFtoLnVg8yKV7NA8ssg +nova_database_password: u3lg8yvdB0VxWUeKZIsCiin9AgIBXIdQIhFRMgXs +nova_keystone_password: cSmYr9rOJ6ymprb869zUUi88893ept9HibprUPNa +nova_ssh_key: + private_key: '-----BEGIN PRIVATE KEY----- + + MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQC4FumgQ7fSbDwK + + 2MvWZjBQ7gJInraPiTGDSIxGu+I+GSwuee3UToMs7EyP2iPuhPxc2ZGEYbzbWGOf + + qQdmEW2zy4e/CevFHqcpMEB8+2my5YhYGF5tGnljMqhGEiyez/NxI1PUnZVjzTKr + + nv6tVE6tx1KDxpm6qzR+D/7Y2+1PAN4k4ryIObY65AAJB0THS8zfSTI10vMcBoaN + + iBCyI4yIX7Hh7iAa43RqbyNkJaEQSL5KADJvgOviUIGYhNL48dw5OxE7vOy74eus + + UuTGMrIXjL7bQjWFDKfxNKeeEy5y4wXr0STyLhNIXtyXuuEwXYEfcac+Kia15SZO + + fLKNhU8WhqW10KCXnPgPIH0xsqIkT05kg/3aUzPxiUBz/WdhpbbAPGZa0ctoDCDm + + 1eLnAp43HcFI3xT47W+Vg5qp5WJR7THW6tSOcFIB4rqUNC3jKzjwPIaVZdc/K58d + + R5T1+II1sPzezqVWRJn4iWgJrkDiZQLw8CL39E83eW0TuxWprwXh5yPkeVTR2jfR + + yDNl5swB8UT4cSIAOFBlAu7ICoqqyS/mVI58FtrFBUP2zIcc8AkfoX+ChOf4Q/0u + + Vc4GUjI1WAJcy5T4MEiY6sxIvef36Dsz+VBmNlhvqn1rTEj2Xm9kExGjemmOjUbQ + + K8lvemzNUEPTWMV15OIH/21LZdGmFwIDAQABAoICADD8i+PFUWOxwJKEWU2uuLm4 + + dCwd6+erMt1ED2v9MDmlGjAt6v89e0OXh9IZ0sj0Y3FTxhjLp2VZEn2Yjar4BVC8 + + Xt2TxsUYIJRhzi9T+a8MzGjg5zOyQU4H22Z2DKCgJqBbLcIcwvWhU5P+xbebASrW + + KRt+3Eajq17GY+MSNwZ4bSS0n0XC0b6/EFFWuVMtVRGv2Sggf+fbxq9f302ADzP0 + + /xFne+ybzU1LUMgkCUWbjeOEROeOD3cUREAxTDDJr3gdQzs5zWc7uaqMDmu9bs28 + + esc+yZ4jnYceo2H5qbkRt3AmoeW+JAx0jc/kf2sO3r7e0AnHTrDFjxmArkThjgc1 + + Hp+LiB1RBmyxd9eWVtKXaSDCA3w/MEK2v8eh+pecPKTT8mwJt16m+jdLdqwDBa0W + + uRGT/CxRphfG1qiSJAgefccCUcPInUcx6/R/j/Z33ur8nT0/1Ck9HXQqEWAfcBQS + + dYb4kbrEFqtH9zz5K6xZGLQGmAf+0pl/Ei0E0sZqN1TFmTdsLW48+1xbKIq600w2 + + NJgAptz/VAApmFQBr7TQ1INfVohG0+3+hKDGkgdFS4B0TF7jONcMVzpTJ1UtjZVU + + Cp32ZFbDYym5OxXHRWovY7iwXuodD2E5fAanUpmiN+AVbs6CqHaZJw2zfTcMjEY2 + + Wv4LYdL4XVuoN1htbRedAoIBAQDqve71IeIapiOZgjF1wHROWgFbjHWYQmkkRYLZ + + qQx0ZeXJM/JzzhGrYD48MpNC0oItra6R3H2OeYRpFIXuy/e1wcuD2L6HjiXPKgmS + + 29fkYCLbgqmAKmKV1Z2wjINcrlGFisSuCNSv7nl5xnogCmqi/y56dxkwb4MTQP1a + + /hMmx1rEkFfnTxiChfH5x9mko3vNDS7vU7iZSe5hpmwyC479PM7SxK2UqGx6FaKq + + +AQc2OfmD75deWAhLcGJi9AMieA6/OWjEwRzRBj81c1PSwR3zzMwed1JH5wxorw/ + + CP+N7Nikmlw1XtHyl4lEPFll6J0fZOHJFVL+ADaOySx8TBR1AoIBAQDIwrHErlLY + + 6Oal4UKKqUpj2nQvFO6UyNQWld6FvyVr2m1M8j6d/EZse7hzjWmpnq8GBRSaAwXQ + + cOPIP1JJafN0IX7Yq8OpPyszzjfFwVAWqAZkmeFMNivIh9sQV6HqYZGPsHfaeltu + + jlZ4g7nXNBqqPaNsV4G+kr5g6DseIjZcW1fzDV9aMRSicMJYOybc7AXK9LE3bXmM + + 0qrk8nYT0eKexOZ+syAc68cUaKcQ+0dPQuS7G98F7jKYsiFGRzZ40YgfRoJsqqfU + + CSxn4JweIYF+aaN3e9TimgGeV28Yn2M+9t+zchcQNiHjzNX/dSar1zmvv6JS+892 + + PEs2EhEWbs7bAoIBAQCEo3OtUUr4Md41tCoMVgWh7BuORiyALy5Hz3sjT/D4qEcR + + zGd35f1373ba/tzUyivCcbwNMSBE7AbUdUNEbj32lp1PT55A7CITD7a/I7e2lFe9 + + 3vO1tr1j2oMyqgLj0J/BrGp7yAOdsUs0cuC40An3NedmTXuPMcNHktZVnvDlXYm9 + + Pa5dxgScY+EZeUJSVAn1EDjwBEdvXiXzSV0jXgKatsxKrdVDBXPd+/GhV2jDgBBw + + n366RIX72WXdOYICQ7nOuu1qmqlOFDFmU8yhvEq3A/3xqzpNQi44obJqj8QOxsCX + + KZ1mjsBkqhlm1A7TlX+KqK8ntwPg/+/T+HpJdZetAoIBAFgcMt8KTywJ06i723N1 + + 50M5zkIXorpEBek/r2DtymOygsQBkX/PB613AzYbu2MJVPGEa01IxFV+JkptmBTG + + XmX6iWxYvk/afICJIis1s4uuBNhEPQAwyjiBf6CFhXeTiMoSfheyGczExaiwz3Bm + + 2skask3LfhMA3nMzmTaZd1hDcq8mkFHKNq8wY+tLUrwlDknL6LdV4cHvd7dxvmbm + + d9qMukijHxXyWPZZE/G9Bsf/qNmB2vkEWMpxa28ns/2EoIRxcq50m6HQwN96Uapb + + tDSh8m9vNriZNNqkrwqUcX9h5D4idYLU7zzGWql6ZhWHKTc8GObow122CqBZf4xj + + 538CggEAUM8sCikVOkEiV3O1WYjovz159RH9IG6W3rcKxY70o5zDnF63s3EUho1n + + BSE8ZXDuUaA6yIaLlOSvlz0yCvTQKLajlpUM7TX3I7zyVtDukfXUbZ3yCwhuUxlC + + Xf4RaNBYFHLhXLQSwj6VNBCtXo3u6a42rTGmRuMom3Rv4m5O1uC+czbKvZbDhL6S + + iFYhkNsggAqWIwCnWUKsqysSDtXI6Z7GNVsn05D/BqazI16+v1FaIG+Q5CW3mLxv + + xbCBhSxE6mODauc8qFvXLuRQQCkZaiVaIYMZ0ajfnEJ1SFNABSj4JhDVnMwAej8Z + + YBN74ErH9jIv/hUD8CUbG/CVAyeXnA== + + -----END PRIVATE KEY----- + + ' + public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC4FumgQ7fSbDwK2MvWZjBQ7gJInraPiTGDSIxGu+I+GSwuee3UToMs7EyP2iPuhPxc2ZGEYbzbWGOfqQdmEW2zy4e/CevFHqcpMEB8+2my5YhYGF5tGnljMqhGEiyez/NxI1PUnZVjzTKrnv6tVE6tx1KDxpm6qzR+D/7Y2+1PAN4k4ryIObY65AAJB0THS8zfSTI10vMcBoaNiBCyI4yIX7Hh7iAa43RqbyNkJaEQSL5KADJvgOviUIGYhNL48dw5OxE7vOy74eusUuTGMrIXjL7bQjWFDKfxNKeeEy5y4wXr0STyLhNIXtyXuuEwXYEfcac+Kia15SZOfLKNhU8WhqW10KCXnPgPIH0xsqIkT05kg/3aUzPxiUBz/WdhpbbAPGZa0ctoDCDm1eLnAp43HcFI3xT47W+Vg5qp5WJR7THW6tSOcFIB4rqUNC3jKzjwPIaVZdc/K58dR5T1+II1sPzezqVWRJn4iWgJrkDiZQLw8CL39E83eW0TuxWprwXh5yPkeVTR2jfRyDNl5swB8UT4cSIAOFBlAu7ICoqqyS/mVI58FtrFBUP2zIcc8AkfoX+ChOf4Q/0uVc4GUjI1WAJcy5T4MEiY6sxIvef36Dsz+VBmNlhvqn1rTEj2Xm9kExGjemmOjUbQK8lvemzNUEPTWMV15OIH/21LZdGmFw== +nsxv3_api_password: fkFC30FW3XSvfGBGaVRUz4mCSKWzsTsen5H7ZRA5 +octavia_amp_ssh_key: + private_key: '-----BEGIN PRIVATE KEY----- + + MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQCqAXBDoN44KQuU + + Hl7NLjJckL3cp3gHLvOt5gfYsmQty7eCBvVGmlas+LoWVysCD5ZxJ1oVDOJxs+V8 + + 8a+zOsi50JBDtEgTDx3M1TjI/B1zEb/6eaWaGpinkseOsPs8HhcLT7hv1DfYum2G + + +sDmg6C+bViTsV+7r9pUK1USX8Vfzd9syRNbEBxDYbKJmQYxuFva6qkHkex7BiIi + + kCSrMJZ/11Zr0qNJS2LNuz3qFfsberfY4Hx0NqiY+6ZjnMWRQI+uMfEDWDYzWMhB + + azrJ8LoCD6fsFtf4PrPZT2jnV9GNE2QO/vPfzQT44azmFYIdJ9zcVksX/YpcE0JC + + wKQEyhHC2l/1fK6sQeD7njfOtxWRLpXuZa+lOB7jOT631ux0xdtb0JDtmC045Zrc + + CLPUsMdmqoXpSybiQB1q0atzIE5kQYReLpoBtVsKtfKoaqzd1HhEyKmN6ylv5eaR + + HS9NMfR3k/ozmH57CQZwrBGRCk1/5yDsMF5czCIlKAgd8uf1KiM9F5CdkHWqiszH + + zmH85R5X1m2yb/pF49mZvF6+mODbTWotS21HSGybGNL1Q/C9Q6rxPqPt7U9PDJ+q + + t7LYs4Brd30yklU9lPf7+4c3k3Dt1jbcTM+6NraxayTa25ugTMY8eQJOiSkCo7cf + + rNfD/7bg0qW/Hv7kU/cs2mqUaF4tgQIDAQABAoICABMBVyoQTVds60DzRjjc3b9w + + ZPFKfYYcDxzVNvJYOw/NkuXD3l62uVLb+X2u3/16faCHvC/XQWdhq5mUsUYxn6f6 + + M26GNHqA+Z1hBtidKrOm+9XGDKfWKlOteoaurV9yo7PdhSpnSJj/emgZF0CN3YX8 + + VmcocKHcTmWTdI65yyhjLQON1Q6clfRIczujskgTqp0mF6BjhVLZhC5l+9txcpm3 + + Go+yPBPhDBogwRKuw2Q2i2AA9JjPVXjIxTikmYeb9pQMPDvZ/DEwTy7VDHzv3vOF + + CYpAoYM8i0GTeZBHRoNldA2jHeNamaAzJm+QXvvgbXXqZbm4W+PgOUuaGpv4dRSr + + QOMuBc8Ag86LrNdlE7AC/7moOUzlbCzP6EEvbOtbIc0pApiNco8ozNlL5LPj4XwK + + l+XC7VvKJLSi2aTaAb5lDC6aG2tJKgSvZhS2c0wBXG51HmmIW88n0uSbrP5kG95T + + r5DtsETTjTxLgS5Fe912F/JeALoER9O0X1Yrj1ZZYuULda619vhUoQtng25kQ7zk + + TW9zY3PwKKz4Ug1VkiJLowkLGdQV0NvULAtvkRoS4mX3ckiOm5rNWoKruzgbzRgy + + PBmoxn09vpPR54VuQIm+KhfTJJvV7MDMbRdZWLpZkZT9CzyImDujoDLyHZFLvKns + + +1FphHPO4cRPusRodY75AoIBAQDaRNJlAkH7felhxZj7ykT21lUToild2QE/M2IM + + GQpunLZu1C1nK8nHXC+zTDZ0tse8fOTur2Gs0N/RVnzyKogMBn8SKnNzjWTjahs0 + + TbKeu/TARTPmdfFv4Ec44Yeg+1d7rbYvd+q+PPcx5vuZ60jK9BRGDru7ingD+Hob + + ETvgATmRhYTn0g7DaG5BG2tlt13TdnphhgOTJ2+WToI4cijvPLGjrQK2OQySoZE8 + + 8CaVFPe1Jjy3SiYD5uLEgemqiJoI6hWVE6bG4MXq3hg9ywzpRnbsa1OkhHsweDwO + + 8ZRSTjLiOMGFd3bUCvEY+AA4KBO6SlWu4mtNNPcN2xwAV7vVAoIBAQDHZMvhmgjz + + fp7ge9D/aPXId+2Z/79enKtpl9mIkqQmZAp1BCJktyB8o6+lBPNQi4xbCa+dyTkj + + Gf1324PPmiQgTAErSQTPp+GO3A7qKebbx9CU07kM2RuxnaiC6vjN/VsFqUGHYg7N + + /aFazpuQxREurhOUdMV9wXMYh2ap9cpDbtpVHfnwnNHLkmbYWoGBSNn3+4r6qb5I + + xxcWkOcvRUcxP6V5xbZWCKkqhya35KFf5fGlS7m9lo4+d/akGsTTJprk2/hkao6+ + + KeKgA6l3geyAan/+awpS7mHddC4P+gV4CLqU4Ah4HBwo/TWJmcwVwjZMo4SGAcQW + + PDPBTnTjBVz9AoIBAEHmY4uhueA/rNYbPcxPzrCkF728yTaPjWPSlLjIWrD42c/u + + eeLbgqmReMluqkZk5TtQjiJOi3QNAHaI4WKQWtEeqQEIFiF+QEa1Q49wIgzw/L2M + + Z1YeqA26LmbLGRMOr+Qkl4wPba2QZKYJck+PjUPRm8lnK2E9Nm0keWFwu54vYH1C + + TdVcQ57WCevYZn2odkihTePh/XRRhMxh2clHFnrc3VlopBf2c4hWBa7bZxq94Ogt + + qklAtueYr0DbZHxbj/4/BtMiwsjrFnaKJdGKW9SWtNM+uFtEsJj6xE9SuxB6kbxh + + nHQ6lIMC5rY+MnrCBurJBMOvkuwVoL3rOLIVyx0CggEAEbgjZikKIpleBRT7vbbW + + ILqHoufXWdESao/UBQ8DB2Zch4mWhNzBRlJFiaSm+sFr96sksCDxsuzcWYpobEqG + + a1hVwkL66nlA0jE8IhMXMPDQ2Gj4SOwCSgZ4symucp/RNu+TozRTnHqtnCRALt1U + + aZGOq+K0qjhGwidGOFRfZR60yFuhmoBVJIIeIZvpZlPTCvaPozbycgU/SAIYiVre + + uMGvMuMfEQY0AlOAXVc0ABGvJ8FTAEYg3exLPsoiM6F6olvp9wKBLOUL/qxUowoo + + ukC8nx9kC3qjt8pbTZAqbEBaVGCUYBgfaIUX/OJuAIEB0k21uTLu+grfjo4qVQJl + + AQKCAQA99rex4o68eNZ0pTmJWSL7R0VUKB2GMvB97WKw1B/ZRMd9u6GNlgMQO4FB + + slzHSK1RBUJW4v6gUunUy2Km5aajnK+7rLtA1dnHrZ8erP5JKDDW9sMfbvr6wnjA + + eA++3eqvpzN0dsYcQMXpC8n+L2fYTJ/IgTSgVmM0YD9KBrXASxm5he5VgyMoBxO7 + + DKt5AGToLBnR+qLbxOlyNsJKzW0yS4Mx/YPCHYuf9PuvqTinOLskCEPsCT0dv0Cr + + D9SEXyDX427MW5+/8nTBHcsixH4F0yKm4DcU7l0qEqSHl7lz2H2oKvwRUunGsF/2 + + igNbdpLYKG/cNAgsga4YXcmIMM+u + + -----END PRIVATE KEY----- + + ' + public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCqAXBDoN44KQuUHl7NLjJckL3cp3gHLvOt5gfYsmQty7eCBvVGmlas+LoWVysCD5ZxJ1oVDOJxs+V88a+zOsi50JBDtEgTDx3M1TjI/B1zEb/6eaWaGpinkseOsPs8HhcLT7hv1DfYum2G+sDmg6C+bViTsV+7r9pUK1USX8Vfzd9syRNbEBxDYbKJmQYxuFva6qkHkex7BiIikCSrMJZ/11Zr0qNJS2LNuz3qFfsberfY4Hx0NqiY+6ZjnMWRQI+uMfEDWDYzWMhBazrJ8LoCD6fsFtf4PrPZT2jnV9GNE2QO/vPfzQT44azmFYIdJ9zcVksX/YpcE0JCwKQEyhHC2l/1fK6sQeD7njfOtxWRLpXuZa+lOB7jOT631ux0xdtb0JDtmC045ZrcCLPUsMdmqoXpSybiQB1q0atzIE5kQYReLpoBtVsKtfKoaqzd1HhEyKmN6ylv5eaRHS9NMfR3k/ozmH57CQZwrBGRCk1/5yDsMF5czCIlKAgd8uf1KiM9F5CdkHWqiszHzmH85R5X1m2yb/pF49mZvF6+mODbTWotS21HSGybGNL1Q/C9Q6rxPqPt7U9PDJ+qt7LYs4Brd30yklU9lPf7+4c3k3Dt1jbcTM+6NraxayTa25ugTMY8eQJOiSkCo7cfrNfD/7bg0qW/Hv7kU/cs2mqUaF4tgQ== +octavia_ca_password: HgvteAAbGp5AAntetRy6chB3yelnfATisyumk1jk +octavia_client_ca_password: WqPOoKzggHXoVpM5dBIaYZW2Npklc4WHYA9VJoBB +octavia_database_password: FksM9wXSzWnkFkhMf4wDKKttMLQiwRTljkE46Hex +octavia_keystone_password: L8dZsrWOtNI8UvLVGKseC3FB5tRZ0cZTI1xw87Ns +octavia_persistence_database_password: SIXbu52EUy5Guj7Ki5U6h8Y6geI00Iv7Cy1uNd3P +opensearch_dashboards_password: FzbtoZ2cOMeFJC8sTnLpe7ghakXIiOkPWpOvrGP1 +osprofiler_secret: b3aaba739f0d4289b4e2b4ec1129a369 +placement_database_password: d2LMylghGtvyIv76Q1YPvSVGC2QlSNWdeirReEAy +placement_keystone_password: gGC7ecF20b93rYU8Ta0jv1vX3FpuQvEHMvJC3lx9 +prometheus_alertmanager_password: kPdVjCNIPAvcAWqghDe57kgwUC8yBoMJ9fFVO5gZ +prometheus_bcrypt_salt: Wxg.T9at/TQmK9R8O3Z/SJ +prometheus_grafana_password: on4LQa4XeladKOQieHsf35CjAYPSkLCqufZB31Ie +prometheus_haproxy_password: GoRO4YJaJina0RFJmpKmkot6jYnwtYdtxSs2Xeos +prometheus_mysql_exporter_database_password: OOaqV7JkZlGktNrds9SVWJbmMEnOy3uNGlW1CtRN +prometheus_password: uUSKsPavOu1i7enKOSmnF1AwIgm4Cmx9TPVWLrRJ +prometheus_skyline_password: HNOv9nG3h07EZU6K9aawVJTi9CYyo9d0uITKlZC6 +proxysql_admin_password: kP3k23S0CWruxTQWRDmDvyf0z1TkYORTblqaJwCO +proxysql_stats_password: kvdMmHwfFcWqyl7aFLeQ18bpHB6iWZZZLSIPWn6D +rabbitmq_cluster_cookie: GBnQHhnieDhEtemO4n6P0tyBBWx3NrkM2YDblKHY +rabbitmq_monitoring_password: jCfQUzBRwIYnidm2xvlPXEQg01eXLaqyzRtyui5L +rabbitmq_password: y1YY3n89MGloWhkkAY78q9SuItKNLTqf2wWEuN6W +rbd_secret_uuid: eab2dc11-fa3c-4503-898d-b02c4811986d +redis_master_password: 7pbnW2LYdLx5LjPSUWvetYWA72AoqZxpgmGErmQY +skyline_database_password: xGhKWs4v08EywLYbsImcDiZFiusLHwtaV283Uyst +skyline_keystone_password: 2a5i3SqVTQKPlenWaCZzILLtJuRzWHHlEJJkFjbm +skyline_secret_key: XBoSqIlLyzg4R231gwDotdGBx6o7OidYNX3pBtUw +tacker_database_password: g71KaG03e4LfrKqVw4gU96Nc33sYaDcu4XuW3KJk +tacker_keystone_password: kEwMHiahxldJrWvwXYelwjNgRYTujp6zBaKK09NX +telemetry_secret_key: 4tTnh4T25clPxhmCVgTIbITb5rCXMyNyPtx3STb6 +trove_database_password: hiNmHk24DlbdwKcInPuCxddNOwCXbgrWynySLHxe +trove_keystone_password: UzxKdrccsAnyNG4SKwFKcTi0R1MKC8BAxstUt54X +venus_database_password: 7CFoUgAcEPVRjSorCSnCdD8tZAvzOJuZrsqhN90o +venus_keystone_password: LYCGwBzRBiszunDt3GvAKJhMXXCEKlnGZfSCdflq +vmware_dvs_host_password: rEqp6QLtqe5RPXSSys4unukI13yApCSRUuEyGRst +vmware_nsxp_api_password: 8y2VY4qfpyVpNgxMUfjjhUvT0XRKrmim6HLAM2GV +vmware_nsxp_metadata_proxy_shared_secret: EpLEEefnjriBIzuZJYmW9BRR8XGgFeuZFwmQUijF +vmware_nsxv_password: Aviz6yYvKVOGrOAJtCFPHL3dQiPMJLr7sxd4edAI +vmware_vcenter_host_password: oGaEIm7FefhwbfP18GWBt4sTPWU4nC7EhuBrc73d +watcher_database_password: ojaHMfjH4KYqOWUID3Tx6K1t6TkS1vmGjSDZxhiy +watcher_keystone_password: s3NSkCDygmxMjuoCJ3enNp3ouQIHP1pJnUlN67jL +zun_database_password: KTQ3Ksjzwf1cPocNyf9uq3ieYvuQ5kAzTciOSYwQ +zun_keystone_password: NWgSUQn6HSNKGJkOb0jnEep501DIrTEDSZyIxXhn diff --git a/kolla-ansible/public-openrc-system.sh b/kolla-ansible/public-openrc-system.sh new file mode 100644 index 0000000..a7022e8 --- /dev/null +++ b/kolla-ansible/public-openrc-system.sh @@ -0,0 +1,12 @@ +# Ansible managed + +# Clear any old environment that may conflict. +for key in $( set | awk '{FS="="} /^OS_/ {print $1}' ); do unset $key ; done +export OS_USER_DOMAIN_NAME=Default +export OS_SYSTEM_SCOPE=all +export OS_USERNAME=admin +export OS_PASSWORD=3QAtP4dECYsRtxIpW23OpPYiE7XOUvZ9UDmtyiDT +export OS_AUTH_URL=http://192.168.100.10:5000 +export OS_IDENTITY_API_VERSION=3 +export OS_REGION_NAME=RegionOne +export OS_AUTH_PLUGIN=password diff --git a/kolla-ansible/public-openrc.sh b/kolla-ansible/public-openrc.sh new file mode 100644 index 0000000..30a1426 --- /dev/null +++ b/kolla-ansible/public-openrc.sh @@ -0,0 +1,14 @@ +# Ansible managed + +# Clear any old environment that may conflict. +for key in $( set | awk '{FS="="} /^OS_/ {print $1}' ); do unset $key ; done +export OS_PROJECT_DOMAIN_NAME=Default +export OS_USER_DOMAIN_NAME=Default +export OS_PROJECT_NAME=admin +export OS_TENANT_NAME=admin +export OS_USERNAME=admin +export OS_PASSWORD=3QAtP4dECYsRtxIpW23OpPYiE7XOUvZ9UDmtyiDT +export OS_AUTH_URL=http://192.168.100.10:5000 +export OS_IDENTITY_API_VERSION=3 +export OS_REGION_NAME=RegionOne +export OS_AUTH_PLUGIN=password diff --git a/kolla.sh b/kolla.sh new file mode 100755 index 0000000..1e6f2d3 --- /dev/null +++ b/kolla.sh @@ -0,0 +1,44 @@ +#!/bin/bash + +build () { + podman build --no-cache -t hnrx/kolla-ansible -f Dockerfile.kolla . +} + +genpwd () { + podman run --rm --volume $(pwd)/kolla-ansible:/etc/kolla -it hnrx/kolla-ansible cp /usr/local/share/kolla-ansible/etc_examples/kolla/passwords.yml /etc/kolla/passwords.yml + podman run --rm --volume $(pwd)/kolla-ansible:/etc/kolla -it hnrx/kolla-ansible cp /usr/local/share/kolla-ansible/etc_examples/kolla/globals.yml /etc/kolla/globals.yml + podman run --rm --volume $(pwd)/kolla-ansible:/etc/kolla -it hnrx/kolla-ansible kolla-genpwd +} + +kolla_ansible () { + podman run \ + --rm --volume $(pwd)/kolla-ansible:/etc/kolla \ + -it hnrx/kolla-ansible kolla-ansible $@ -i multinode --extra-vars=@overrides.yml +} + +help () { + podman run \ + -v $(pwd)/kolla-ansible:/etc/kolla \ + --rm -it hnrx/kolla-ansible kolla-ansible --help +} + +ping () { + podman run \ + --rm -it hnrx/kolla-ansible ping openstack-1.homelab +} + +if [ "$1" == "genpwd" ] +then + genpwd +elif [ "$1" == "build" ] +then + build +elif [ "$1" == "help" ] +then + help +elif [ "$1" == "ping" ] +then + ping +else + kolla_ansible $@ +fi diff --git a/public-openrc-system.sh b/public-openrc-system.sh new file mode 100644 index 0000000..a7022e8 --- /dev/null +++ b/public-openrc-system.sh @@ -0,0 +1,12 @@ +# Ansible managed + +# Clear any old environment that may conflict. +for key in $( set | awk '{FS="="} /^OS_/ {print $1}' ); do unset $key ; done +export OS_USER_DOMAIN_NAME=Default +export OS_SYSTEM_SCOPE=all +export OS_USERNAME=admin +export OS_PASSWORD=3QAtP4dECYsRtxIpW23OpPYiE7XOUvZ9UDmtyiDT +export OS_AUTH_URL=http://192.168.100.10:5000 +export OS_IDENTITY_API_VERSION=3 +export OS_REGION_NAME=RegionOne +export OS_AUTH_PLUGIN=password diff --git a/public-openrc.sh b/public-openrc.sh new file mode 100644 index 0000000..30a1426 --- /dev/null +++ b/public-openrc.sh @@ -0,0 +1,14 @@ +# Ansible managed + +# Clear any old environment that may conflict. +for key in $( set | awk '{FS="="} /^OS_/ {print $1}' ); do unset $key ; done +export OS_PROJECT_DOMAIN_NAME=Default +export OS_USER_DOMAIN_NAME=Default +export OS_PROJECT_NAME=admin +export OS_TENANT_NAME=admin +export OS_USERNAME=admin +export OS_PASSWORD=3QAtP4dECYsRtxIpW23OpPYiE7XOUvZ9UDmtyiDT +export OS_AUTH_URL=http://192.168.100.10:5000 +export OS_IDENTITY_API_VERSION=3 +export OS_REGION_NAME=RegionOne +export OS_AUTH_PLUGIN=password diff --git a/scripts/add_allowed_to_port.sh b/scripts/add_allowed_to_port.sh new file mode 100755 index 0000000..60e1ce0 --- /dev/null +++ b/scripts/add_allowed_to_port.sh @@ -0,0 +1,11 @@ +#!/bin/bash + + + +openstack port set --allowed-address=ip-address=$1 0e8cfb8d-b69c-4c59-b968-74fc181ac917 +openstack port set --allowed-address=ip-address=$1 395d5414-67f9-4f04-97fe-2d890016223c +openstack port set --allowed-address=ip-address=$1 d460aad0-ef6e-4e7f-8531-901aa053f2f5 + +openstack port show 0e8cfb8d-b69c-4c59-b968-74fc181ac917 +openstack port show 395d5414-67f9-4f04-97fe-2d890016223c +openstack port show d460aad0-ef6e-4e7f-8531-901aa053f2f5 \ No newline at end of file