-
Notifications
You must be signed in to change notification settings - Fork 94
/
reference.deploy.yml
189 lines (171 loc) · 5.44 KB
/
reference.deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
# deploy.yml reference implementation v2.1.0
# [Optional]
# By changing the license_accepted boolean value to "true" you are
# declaring your agreement to the terms of the license agreement
# contained in the license.txt file included with this software
# distribution.
licensing:
license_accepted: false
# [Required]
# Deployment facts reference
facts:
# [Required]
# Node IP or resolvable hostname from which installations will be launched
# The only supported configuration is to install from the same node as the
# bootstrap.sh script is run.
# NOTE: if the install node is to be migrated into an island environment,
# the hostname or IP address listed here should be the one in the
# island environment.
install_node: 192.168.2.200
# [Required]
# IPs of machines that will be whitelisted in the firewall and allowed
# to access management ports of all nodes. If this is set to the
# wildcard (0.0.0.0/0) then anyone can access management ports.
management_clients:
- 0.0.0.0/0
# [Required]
# These credentials must be the same across all nodes. Ansible uses these credentials to
# gain initial access to each node in the deployment and set up ssh public key authentication.
# If these are not correct, the deployment will fail.
ssh_defaults:
# Username to login as
ssh_username: admin
# Password to use with SSH login
ssh_password: ChangeMe
# [Required]
# Environment configuration for this deployment.
node_defaults:
dns_domain: local
dns_servers:
- 192.168.2.2
ntp_servers:
- 192.168.2.2
#
# [Optional]
# VFS path to source of randomness
# Defaults to /dev/urandom for speed considerations. If you prefer /dev/random, put that here.
# If you have a /dev/srandom implementation or special entropy hardware, you may use that too
# so long as it implements a /dev/random type device abstraction.
entropy_source: /dev/urandom
#
# [Optional]
# Picklist for node names.
# Available options:
# - "moons" (ECS CE default)
# - "cities" (ECS SKU-flavored)
autonaming: moons
#
# [Optional]
# If your ECS comes with differing default credentials, you can specify those here
ecs_root_user: root
ecs_root_pass: ChangeMe
# [Optional]
# Storage pool defaults. Configure to your liking.
# All block devices that will be consumed by ECS on ALL nodes must be listed under the
# ecs_block_devices option. This can be overridden by the storage pool configuration.
# At least ONE (1) block device is REQUIRED for a successful install. More is better.
storage_pool_defaults:
is_cold_storage_enabled: false
is_protected: false
description: Default storage pool description
ecs_block_devices:
- /dev/vda
# [Required]
# Storage pool layout. You MUST have at least ONE (1) storage pool for a successful install.
storage_pools:
- name: sp1
members:
- 192.168.2.200
options:
is_protected: false
is_cold_storage_enabled: false
description: My First SP
ecs_block_devices:
- /dev/vda
# [Optional]
# VDC defaults. Configure to your liking.
virtual_data_center_defaults:
description: Default virtual data center description
# [Required]
# Virtual data center layout. You MUST have at least ONE (1) VDC for a successful install.
# Multi-VDC deployments are not yet implemented
virtual_data_centers:
- name: vdc1
members:
- sp1
options:
description: My First VDC
# [Optional]
# Replication group defaults. Configure to your liking.
replication_group_defaults:
description: Default replication group description
enable_rebalancing: true
allow_all_namespaces: true
is_full_rep: false
# [Optional, required for namespaces]
# Replication group layout. You MUST have at least ONE (1) RG to provision namespaces.
replication_groups:
- name: rg1
members:
- vdc1
options:
description: My First RG
enable_rebalancing: true
allow_all_namespaces: true
is_full_rep: false
# [Optional]
# Management User defaults
management_user_defaults:
is_system_admin: false
is_system_monitor: false
# [Optional]
# Management Users
management_users:
- username: admin1
password: ChangeMe
options:
is_system_admin: true
- username: monitor1
password: ChangeMe
options:
is_system_monitor: true
# [Optional]
# Namespace defaults
namespace_defaults:
is_stale_allowed: false
is_compliance_enabled: false
# [Optional]
# Namespace layout
namespaces:
- name: ns1
replication_group: rg1
administrators:
- root
options:
is_stale_allowed: false
is_compliance_enabled: false
# [Optional]
# Object User defaults
object_user_defaults:
# Comma-separated list of Swift authorization groups
swift_groups_list:
- users
# Lifetime of S3 secret key in minutes
s3_expiry_time: 2592000
# [Optional]
# Object Users
object_users:
- username: object_admin1
namespace: ns1
options:
swift_password: ChangeMe
swift_groups_list:
- admin
- users
s3_secret_key: ChangeMeChangeMeChangeMeChangeMeChangeMe
s3_expiry_time: 2592000
- username: object_user1
namespace: ns1
options:
swift_password: ChangeMe
s3_secret_key: ChangeMeChangeMeChangeMeChangeMeChangeMe