editable: access: email: description: Email address for Administrator label: Email regex: error: Invalid email source: ^\S+@\S+$ type: text value: sysadmins@citrixonline.com weight: 40 metadata: group: general label: Access weight: 10 password: description: Password for Administrator label: Password regex: error: Empty password source: \S type: password value: changeme weight: 20 tenant: description: Tenant (project) name for Administrator label: Tenant regex: error: Invalid tenant name source: ^(?!services$)(?!nova$)(?!glance$)(?!keystone$)(?!neutron$)(?!cinder$)(?!swift$)(?!ceph$)(?!ironic$)(?![Gg]uest$)(?!.* +.*$).+ type: text value: admin weight: 30 user: description: Username for Administrator label: Username regex: error: Invalid username source: ^(?!services$)(?!nova$)(?!glance$)(?!keystone$)(?!neutron$)(?!cinder$)(?!swift$)(?!ceph$)(?!ironic$)(?![Gg]uest$)(?!.* +.*$).+ type: text value: admin weight: 10 additional_components: ceilometer: description: If selected, Ceilometer component will be installed label: Install Ceilometer type: checkbox value: true weight: 60 heat: description: '' label: '' type: hidden value: true weight: 50 ironic: description: If selected, Ironic component will be installed label: Install Ironic restrictions: - cluster:net_provider != 'neutron' or networking_parameters:segmentation_type != 'vlan': Ironic requires Neutron with VLAN segmentation. - settings:storage.images_ceph.value == true and settings:storage.objects_ceph.value == false: Ironic requires Swift or RadosGW for Glance images. type: checkbox value: false weight: 80 metadata: group: openstack_services label: Additional Components weight: 20 mongo: description: If selected, You can use external Mongo DB as ceilometer backend label: Use external Mongo DB restrictions: - settings:additional_components.ceilometer.value == false type: checkbox value: false weight: 70 murano: description: If selected, Murano component will be installed label: Install Murano type: checkbox value: true weight: 20 murano-cfapi: description: If selected, Murano service broker will be installed label: Install Murano service broker for Cloud Foundry restrictions: - condition: settings:additional_components.murano.value == false message: Murano should be enabled - action: hide condition: not ('experimental' in version:feature_groups) type: checkbox value: false weight: 30 murano_glance_artifacts_plugin: description: If selected glance artifact repository will be enabled label: Enable glance artifact repository restrictions: - condition: settings:additional_components.murano.value == false message: Murano should be enabled - action: hide condition: not ('experimental' in version:feature_groups) type: checkbox value: false weight: 40 sahara: description: If selected, Sahara component will be installed label: Install Sahara type: checkbox value: false weight: 10 common: auth_key: description: Public key(s) to include in authorized_keys on deployed nodes group: security label: Public Key type: textarea value: '' weight: 70 auto_assign_floating_ip: description: If selected, OpenStack will automatically assign a floating IP to a new instance group: network label: Auto assign floating IP restrictions: - action: hide condition: cluster:net_provider == 'neutron' type: checkbox value: false weight: 40 debug: description: Debug logging mode provides more information, but requires more disk space. group: logging label: OpenStack debug logging type: checkbox value: false weight: 20 libvirt_type: group: compute label: Hypervisor type type: radio value: kvm values: - data: kvm description: Choose this type of hypervisor if you run OpenStack on hardware label: KVM - data: qemu description: Choose this type of hypervisor if you run OpenStack on virtual hosts. label: QEMU weight: 30 metadata: label: Common weight: 10 nova_quota: description: Quotas are used to limit CPU and memory usage for tenants. Enabling quotas will increase load on the Nova database. group: compute label: Nova quotas type: checkbox value: true weight: 30 puppet_debug: description: Debug puppet logging mode provides more information, but requires more disk space. group: logging label: Puppet debug logging type: checkbox value: true weight: 20 resume_guests_state_on_host_boot: description: Whether to resume previous guests state when the host reboots. If enabled, this option causes guests assigned to the host to resume their previous state. If the guest was running a restart will be attempted when nova-compute starts. If the guest was not running previously, a restart will not be attempted. group: compute label: Resume guests state on host boot type: checkbox value: true weight: 50 task_deploy: description: Enables new deployment engine based on cross-node dependencies for deployment tasks which allows to deploy all nodes simultaneously. Works only for deployment tasks with version >= 2.0.0. label: Enable task based deploy restrictions: - action: hide condition: not ('experimental' in version:feature_groups) type: checkbox value: false weight: 11 use_cow_images: description: For most cases you will want qcow format. If it's disabled, raw image format will be used to run VMs. OpenStack with raw format currently does not support snapshotting. group: storage label: Use qcow format for images type: checkbox value: true weight: 60 use_vcenter: type: hidden value: false weight: 30 contrail: metadata: chosen_id: 1 class: plugin default: false enabled: true label: Fuel Contrail plugin toggleable: true versions: - contrail_api_public_port: description: The listen port for Contrail API endpoint for Public VIP. Default value 8082 may not be used if Murano is installed, as it uses the same port label: Listen port for Contrail API on Public VIP regex: error: Invalid port source: ^(102[4-9]|10[3-9]\d|1[1-9]\d{2}|[2-9]\d{3}|[1-5]\d{4}|6[0-4]\d{3}|65[0-4]\d{2}|655[0-2]\d|6553[0-5])$ type: text value: '8082' weight: 62 contrail_asnum: description: AS number for BGP communication label: AS Number regex: error: Invalid AS number source: ^([1-9]|[0-9]{2,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-4])$ type: text value: '64512' weight: 20 contrail_external: description: The CIDR for Contrail external network label: External IP CIDR regex: error: Invalid CIDR source: ^(?!(?:0(?:\.0){3}|255(?:\.255){3})\/([1-9]|[1-2]\d|3[0-2])$)(?:\d|1?\d\d|2[0-4]\d|25[0-5])(?:\.(?:\d|1?\d\d|2[0-4]\d|25[0-5])){3}\/([1-9]|[1-2]\d|3[0-2])$ type: text value: 216.115.216.0/24 weight: 50 contrail_gateways: description: Comma separated IP addresses of BGP peers. label: GW IP regex: error: Invalid IP address list source: ^(?!(?:0(?:\.0){3}|255(?:\.255){3}))(?:\d|1?\d\d|2[0-4]\d|25[0-5])(?:\.(?:\d|1?\d\d|2[0-4]\d|25[0-5])){3}(?:,\s*(?!(?:0(?:\.0){3}|255(?:\.255){3}))(?:\d|1?\d\d|2[0-4]\d|25[0-5])(?:\.(?:\d|1?\d\d|2[0-4]\d|25[0-5])){3})*$ type: text value: 173.199.63.236,173.199.63.237 weight: 40 contrail_global_dpdk: description: 'Enable this option to unlock the DPDK feature. NOTE: You still have to assign DPDK-role to compute nodes to enable DPDK on them.' label: Enable DPDK feature for this environment. type: checkbox value: false weight: 70 contrail_global_sriov: description: 'Enable this option to unlock the SRIOV feature. NOTE: You still have to assign SRIOV-role to compute nodes to enable SRIOV on them. ' label: Enable SRIOV feature for this environment. type: checkbox value: false weight: 210 contrail_route_target: description: The route target number for Contrail external network label: Route Target regex: error: Invalid target source: ^(429496729[0-5]|42949672[0-8]\d|4294967[01]\d{2}|429496[0-6]\d{3}|42949[0-5]\d{4}|4294[0-8]\d{5}|429[0-3]\d{6}|42[0-8]\d{7}|4[01]\d{8}|[1-3]\d{9}|[1-9][0-9]{0,8})$ type: text value: '2' weight: 60 dpdk_on_vf: description: Configure DPDK vrouter use VF network adapter label: DPDK on VF (experimental) restrictions: - action: hide condition: not (settings:contrail.metadata.enabled == true and settings:contrail.contrail_global_dpdk.value == true) type: checkbox value: false weight: 160 enable_tor_agents: description: Enable this option to unlock the Tor Agent configuration feature. label: Enable ToR agents (experimental) type: checkbox value: false weight: 230 hugepages_amount: description: The amount of memory allocated on each compute-node for hugepages in percent label: Hugepages amount (%) regex: error: Invalid amount of percent source: ^[1-9][0-9]?$|^100$ restrictions: - action: hide condition: not (settings:contrail.metadata.enabled == true and settings:contrail.contrail_global_dpdk.value == true) type: text value: '60' weight: 130 hugepages_size: description: 'Choose the size of hugepages that will be used for dpdk feature. Check if 1GB pages are supported on target compute node. # grep pdpe1gb /proc/cpuinfo | uniq' label: Hugepage size restrictions: - action: hide condition: not (settings:contrail.metadata.enabled == true and settings:contrail.contrail_global_dpdk.value == true) type: select value: '2' values: - data: '2' label: 2M - data: '1024' label: 1G weight: 120 install_contrail_qemu_lv: description: Install Qemu and Libvirt packages from contrail repository label: Install Qemu and Libvirt from Contrail restrictions: - action: hide condition: not (settings:contrail.metadata.enabled == true and settings:contrail.contrail_global_dpdk.value == true) type: checkbox value: true weight: 150 metadata: always_editable: false plugin_id: 1 plugin_version: 4.0.1 restrictions: - condition: not (cluster:net_provider == 'neutron' and networking_parameters:segmentation_type != 'vlan') message: Please use Neutron with tunneling segmentation. patch_nova: description: Patch Nova packages for dpdk-vrouter label: Patch Nova restrictions: - action: hide condition: not (settings:contrail.metadata.enabled == true and settings:contrail.contrail_global_dpdk.value == true) type: checkbox value: true weight: 140 provision_networks: description: Disable this option to disable provisioning ostf networks label: Provision ostf networks type: checkbox value: true weight: 260 sriov_physnet: description: 'This physical network will be provided over SRIOV capable interfaces. ' label: Provide name for physical net regex: error: Name has to be alphanumeric source: ^\w+$ restrictions: - action: hide condition: not (settings:contrail.contrail_global_sriov.value == true) type: text value: physnet1 weight: 220 tor_agents_configurations: description: Provide here configuration data for ToR agents in YAML format label: Configuration for TOR agents regex: error: Provide information for ToR agents source: . restrictions: - action: hide condition: settings:contrail.enable_tor_agents.value == false type: textarea value: '' weight: 250 tor_agents_ssl: description: Enable this option to generate ssl certificates and configure them for tor agents. label: Enable ToR agents ssl mode restrictions: - action: hide condition: settings:contrail.enable_tor_agents.value == false type: checkbox value: false weight: 240 vrouter_core_mask: description: Hexadecimal mask that determines how many and what exactly processors will be used for dpdk vrouter label: CPU pinning regex: error: Invalid hexadecimal value source: ^0[xX][0-9a-fA-F]+$ restrictions: - action: hide condition: not (settings:contrail.metadata.enabled == true and settings:contrail.contrail_global_dpdk.value == true) type: text value: '0x3' weight: 131 weight: 70 corosync: group: description: '' label: Group type: text value: 226.94.1.1 weight: 10 metadata: group: general label: Corosync restrictions: - action: hide condition: 'true' weight: 50 port: description: '' label: Port type: text value: '12000' weight: 20 verified: description: Set True only if multicast is configured correctly on router. label: Need to pass network verification. type: checkbox value: false weight: 10 elasticsearch_kibana: metadata: chosen_id: 2 class: plugin default: false enabled: true label: The StackLight Elasticsearch-Kibana Server Plugin toggleable: true versions: - advanced_settings: description: The plugin determines the best settings if not set label: Advanced settings type: checkbox value: false weight: 19 data_dir: description: Directory used by elasticsearch to store data. label: Elasticsearch directory restrictions: - action: hide condition: 'true' type: text value: /opt/es-data weight: 15 jvm_heap_size: description: in GB (between 1 and 32). The amount of memory reserved for the JVM. label: JVM heap size regex: error: Enter a value between 1 and 32 source: ^([1-9]|[12][0-9]|3[0-2])$ type: text value: '1' weight: 16 kibana_hostname: description: Your DNS entries should point to this name. label: DNS hostname for Kibana restrictions: - action: hide condition: settings:elasticsearch_kibana.tls_enabled.value == false type: text value: kibana.qai2.expertcity.com weight: 40 kibana_password: description: The password to access Kibana. label: User password regex: error: You must provide a password with at least 4 characters source: ^[\S]{4,}$ type: password value: changeme weight: 18 kibana_ssl_cert: description: Certificate and private key data, concatenated into a single file. label: Certificate for Kibana restrictions: - action: hide condition: settings:elasticsearch_kibana.tls_enabled.value == false type: file value: content: "-----BEGIN RSA PRIVATE KEY-----\nXIIEXAIBAAKCAXEAXqXRXXXAnSXXXXXrXXXCnACXXXnXXXKXXXXXXAYACXXBFXXX\n\ XXXXXCXXXPXFXXVXNXGXXXXXKXXNXXXXXXXXXXPXXXXXXXBKXDXXVXXXXPXIX+X/\nXXXXXXAAXXXXXUAXXYAXXXXXXXGXXXXKTXnDXGXXXXDXXXXXXXUXXX+XAXRNKXXB\n\ XXrXSXXUDGXXXXXSXXXRXDCqXNXnXUXXqXXXXXNXXXXXXXDXBNNXXIXXVXXXEXXE\nXXXXXnXX/XXAATXXXXTXRXXKXXXXXXXXXDVDXBXR++PnXDXXIXXTKPXXXAXXXSXX\n\ GXCXXXXXIXXYXXPXXXXKFXXXXXXXXXX+KXXXXXIDAXABAXIBAXCXXXXCXXXXXX+X\nSXVIXXXXXXXGXXXSTXnIUXFXDXXXXEXFX+XXXXXXBKANFqXEXXXUXFXXXBYVDXVX\n\ XXGSXXXXGXXRXTX/XYXXXXXAXXXXXSXE/YXXXUXXXXXXXX+FSXnKXAVXEXXXXEXX\nXXTXXRXXXGXXXXXXXX+XXKRXXXXXFXFIXXXTUXNGXXXXXNXBrXXXTXXXABXXXXUX\n\ XXXXXXPXXXXXXrXXXXX+XXRDDXYNXXXTRKnXXqXX/VXqXTXXXXDXXXX+XCGX+XXX\nSXXVEXXXT/rXKXXKKIXXCXXRXX+XPXUXXXTXXCXXXXXXXXDXGXXqXXXXXXIXXXEX\n\ XPXXXAqXAXGBANXPXAXXXX/+XVXXXrXSXPXKXKXXXXKXXXTXDPPXXUXXXNXGXX+X\nXXXXXIXXXXXBSSXXXXXXXXCPEXIXXXPUXXXXX/XXqXCXXBrXXXIXXXXXXXXXKqXX\n\ GNnXXIPXXFXCNXXXFXXXXXXFXXXXXXSXXXXqVIXXEXXr/XXCXXBXXXXXAXGBAXXX\nYXXG/qXXDXXXXXXXPnnrXXX+XXqXXXXXXXXSEXGXXXqYXXXXXXXrCqXIXXrKXVXG\n\ nCXDXUTFqEXXXXXRXYRX++UXNXXEXXXXXXXXVXXXXXPXXVXXFKXnXXXCXRPXXXXX\nXXCXXXXVXXCXXXBXD+XXXDCXXXXqGXXTXRXXAXXPAXGAF+XXXFXP+XXXAXXXDXDC\n\ UVXXXXXXDXXXXXEXXXIATXXXXUXqXPTXXXXXrEXUXXXXXXXPSXqEXPDKXTqXX+XT\nX+X+XIXXnXXXXXXVXXIXXKXTTUXX+RIXXXBXqXXXIXXXXFXXXXX//XRXXXXqX/NX\n\ XXXXXPXDXrXXNXXXXXCBXXXCXYAXXXNUXXXXSXXPXVXTXXXXVXXXXXAXXKXXXrXX\nXBXYSrXXUVBXXVAXTXXVXXXXXXRXGXX/CVXGAXXnXI+XXXXUXX+XXX+XSFPXEXrX\n\ XXXXXXXXCXXXXXXTXXXXXnXPXXXXPXXGX/XXNXXXUXXKrXXXX/UXXXXXFXXXXXYX\nNXqXXXKBXXCS/RXXXTXqXAXNDXXrDXX+DSrXXPX+XXXXNrXXCPXXXXAXXXKXXAEX\n\ XXXrXrAXXXrXXXnXXXXEXYXX+DXXXXXXIXXXXXXXFXXXXXqGXXXRTXXNEYXXrXUX\nXGXX+TXXXXXXXUXUXXNXTXIXXXYXPXXXXXGXXESXSn++XXXX/XTAXA==\n\ -----END RSA PRIVATE KEY-----\n-----BEGIN CERTIFICATE-----\nXIIDXXCCAXXCCXCXXNXDXXXYXXANBXXqXXXGXXXBAXUFADCBnDEXXAXGAXUEBXXC\n\ VVXXCXAXBXNVBAXTAXNBXXXXDXYDVXXXEXXXXXXXXGEXDXAXBXNVBAXTBUXXXEXX\nXRAXDXYDVXXXEXXUXXNXTXBTXSXXIXYDVXXDEXXrXXXXXXEXXXFXXXXXXXBXXnRX\n\ XXRXXXNXXTEXXCYGCSqGSIXXDXEXARYXXXXXXXXXXXXAYXXXXXXXXXXXXXXXXXNX\nXTAXFXXXNXEXXDUXXXAXXXNXFXXXXTEXXDXXXXAXXXNXXIGXXXXXCXYDVXXGEXXV\n\ UXEXXAXGAXUECBXCXXEXDXANBXNVBAXTBXXXXGVXYTEXXAXGAXUECXXFRXVXRXXX\nEDAXBXNVBAXTBXRXYXXPUFXXIXAXBXNVBAXTGXXXYXFXYSXXYXXXXXVXXGVXXGNX\n\ XXXXYXXXXSXXXXYXKXXIXXXNAXXBFXXXXXNXXXFXXEBXXXRXXXXXXXXXXXUXYXXX\nXIIBIXANBXXqXXXGXXXBAXEFAAXCAXXAXIIBCXKCAXEAXqXRXXXAnSXXXXXrXXXC\n\ nACXXXnXXXKXXXXXXAYACXXBFXXXXXXXXCXXXPXFXXVXNXGXXXXXKXXNXXXXXXXX\nXXPXXXXXXXBKXDXXVXXXXPXIX+X/XXXXXXAAXXXXXUAXXYAXXXXXXXGXXXXKTXnD\n\ XGXXXXDXXXXXXXUXXX+XAXRNKXXBXXrXSXXUDGXXXXXSXXXRXDCqXNXnXUXXqXXX\nXXNXXXXXXXDXBNNXXIXXVXXXEXXEXXXXXnXX/XXAATXXXXTXRXXKXXXXXXXXXDVD\n\ XBXR++PnXDXXIXXTKPXXXAXXXSXXGXCXXXXXIXXYXXPXXXXKFXXXXXXXXXX+KXXX\nXXIDAXABXAXGCSqGSIXXDXEBBXUAAXIBAXAXYXXXKXPXXXXXXXAXCXXVXXXXXXNX\n\ XX+XXnXXrXNXTqXXXYXXXXXXXXXrUnXXXXXXXXXXrEXTXXKEXXRX/XXXXXXXXXTR\nXXXXXXXCBIXVXXXGXXXXYXYXXE+XXTXXXXXSI+XXXXX/IYXXXqXRXXXXXX+XXXEX\n\ XXXnXXXXXXXGXXSXXXXXnXVXXNXXUXXXXXCXXXXXXXXGXXCXTXPXKXXXXXXGDRXP\nXKXBXPXIAXVFXXXXXREXXX+YXnNXXXXXXXXXXXXVXXXXXXXXUTXXDIXXXXXXXXXU\n\ XXXXXXXXXBXXXGXXXXXXYXXXRXXBRTXXXGXXXAXDnXXXXXXBXXCXXXXX\n-----END CERTIFICATE-----\n\ -----BEGIN CERTIFICATE-----\r\nXIIEXDCCAXXXAXIBAXIXAXXXXXXKXXXIXXXXSX+XXTANBXXqXXXGXXXBAXXFADBX\r\ \nXXXXCXYDVXXGEXXVUXEVXBXGAXUECXXXRGXnXUNXXnXXSXXXXRXXFXYDVXXXEXBX\r\ \nXXXXXGXnXXNXXnXXYXXXXSAXXXYDVXXDEXXEXXXXXXVXXCBXXGXXYXXXUXXXXCBD\r\ \nXTAXFXXXXXAXXDXXXXAXXDBXFXXXXXAXXDXXXXAXXDBXXEXXCXAXBXNVBAYTAXVT\r\ \nXRUXEXYDVXXKEXXEXXXXXXVXXCBXXXXXXXAXBXNVBAXTXXRXXXXDXXXXIFNIXTIX\r\ \nUXVXXXXXIFNXXnXXXXBDXTCCASIXDXYXKXXIXXXNAXEBBXADXXEPADCCAXXCXXEB\r\ \nANXXXXBNXXXXFXAXXXXXXXXXXFXXXXX/XUPXXCXAXXXYXXXXXXAKXXXRXDYXXKXX\r\ \nnXXXXYSXXX+X/XXXTXXXXXCXXXXTXXXXXnVIXRXXNXXXXTIXXXXrBXSqXUXXRXXX\r\ \nKXPDXCXXXIDXEXRqFDXXXXK+XXXXTXXX/PXXrXXXXXUXDXXXBXTXXX/TCXrSXXXX\r\ \n/XXXUXXXXNXXXXSYXXXXXXrXX/RrKXXEXXXYXGXSSXXDXnXXEXXIXARFXRrXNXGX\r\ \nXXXNVAXXXXE/XVXXXPNXXXCXXXEAXUVXRXCXXXXXqXXXTXXXX+XXqXXXXXAX+XXX\r\ \n/RRXXXRXKFXCX/XC/XXFXXXCAXEAAXXCAVXXXXFXXBIGAXUXEXEB/XXIXAYBAXXC\r\ \nAXAXDXYDVRXPAXX/BAXDAXGGXDXGCCXGAXUFBXEBBCXXXXAXBXXrBXEFBXXXAYYY\r\ \nXXRXXDXXXXXXXXAXXGXnXXNXXnXXYXXXXXXGAXUXXXRXXXIXNXAXXDXGXXXXXXAX\r\ \nXXXXXXXXXXRXXXXXXXXXXXNXXSXEXXXXXXVXXEXXXXXXXFXXXXRDXSXXXXXXNXAX\r\ \nXDXGXXXXXXAXXXXXXXXXXXRXXXXXXXXXXXNXXSXEXXXXXXVXXEXXXXXXXFXXXXRD\r\ \nXSXXXXXXPXYDVRXXBDYXNDAXBXRVXSAAXCXXKAYIKXYBBXUXAXEXXGXXXXBXXXXX\r\ \nXXXXXXRXXXXXXXXXXXNXXSXDUFXXXXYDVRXXBBYEFA+AYRXCXXXVXXXnXUYXXCXX\r\ \nXXnXXBXGAXUXIXXYXBXAFAPXUDVXXUXXXXCXXXXXXXXXPXFVXAXGCSqGSIXXDXEB\r\ \nCXUAAXIBAXAXPXXXXXFCXXX+XXXXRXXXXXXXXUXXBCFXS+XXXXXXXX+XUXnNqXXX\r\ \nXTXPXXXXXXXYXXXXXXXXXXPXXXXGTUq/XEXXXNqXqPXX/XGFUXXXTXXXXDXXXXGA\r\ \nXXXXXXRNXXSrXXX+XXXIXXXXXXXTB+XXXXXYFXXXTEDXXXXX/XXBXXX/XXXAXDXC\r\ \nXXDXXXXKXXXGrnXXXXXIqBXXXXTXXRRXXXXXXXXXNXCXXTXXXrXXDXXXrXAXXPXX\r\ \nX+XXXXXXXXXVXXXXXGXGXSXBNXXXXVAXXXrXXXEIDXXXXXXYXXSXXXXXXXVSXXRX\r\ \nXXXXXXXXXXXXXXXXXXrXXXPXXRXXXDXX\r\n-----END CERTIFICATE-----\r\n" name: kibana.qai2.expertcity.com.pem weight: 50 kibana_username: description: The username to access Kibana. label: User name regex: error: You must provide a username. source: \S type: text value: lma weight: 17 ldap_admin_group_dn: description: '' label: Group DN mapping to the Admin role regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:elasticsearch_kibana.ldap_enabled.value == false - action: disable condition: settings:elasticsearch_kibana.ldap_enabled.value == false - action: disable condition: settings:elasticsearch_kibana.ldap_authorization_enabled.value == false type: text value: cn=operations-general,cn=groups,cn=accounts,dc=expertcity,dc=com weight: 210 ldap_authorization_enabled: description: It allows to associate users with the Admin or Viewer role. Otherwise all users are assigned to Admin role by default. label: Enable group-based authorization restrictions: - action: hide condition: settings:elasticsearch_kibana.ldap_enabled.value == false type: checkbox value: true weight: 200 ldap_bind_dn: description: DN used to bind to the server when searching for entries. label: Bind DN regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:elasticsearch_kibana.ldap_enabled.value == false - action: disable condition: settings:elasticsearch_kibana.ldap_enabled.value == false type: text value: uid=sudo,cn=sysaccounts,cn=etc,dc=expertcity,dc=com weight: 140 ldap_bind_password: description: Password to use in conjunction with the bind DN. label: Bind password regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:elasticsearch_kibana.ldap_enabled.value == false - action: disable condition: settings:elasticsearch_kibana.ldap_enabled.value == false type: password value: changeme weight: 150 ldap_enabled: description: '' label: Use LDAP for Kibana authentication type: checkbox value: true weight: 100 ldap_group_attribute: description: LDAP attribute used to identify the user members of groups. label: LDAP group attribute regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:elasticsearch_kibana.ldap_enabled.value == false - action: disable condition: settings:elasticsearch_kibana.ldap_enabled.value == false - action: disable condition: settings:elasticsearch_kibana.ldap_authorization_enabled.value == false type: text value: memberOf weight: 205 ldap_protocol_for_kibana: label: LDAP protocol restrictions: - action: hide condition: settings:elasticsearch_kibana.ldap_enabled.value == false type: radio value: ldaps values: - data: ldap label: LDAP - data: ldaps label: LDAPS weight: 110 ldap_server_port: description: If empty, the default value is 389 for LDAP and 636 for LDAPS. label: Port regex: error: You must provide a valid port number source: ^\d{0,5}$ restrictions: - action: hide condition: settings:elasticsearch_kibana.ldap_enabled.value == false - action: disable condition: settings:elasticsearch_kibana.ldap_enabled.value == false type: text value: '' weight: 130 ldap_servers: description: Specify one or several LDAP servers separated by space. label: LDAP servers regex: error: You must provide a hostname or IP source: ^\w[\w\-\s.]+$ restrictions: - action: hide condition: settings:elasticsearch_kibana.ldap_enabled.value == false - action: disable condition: settings:elasticsearch_kibana.ldap_enabled.value == false type: text value: auth1.ops.expertcity.com weight: 120 ldap_user_attribute: description: The attribute to search for. label: User search attribute regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:elasticsearch_kibana.ldap_enabled.value == false - action: disable condition: settings:elasticsearch_kibana.ldap_enabled.value == false type: text value: uid weight: 165 ldap_user_search_base_dns: description: The base DN to search for users. label: User search base DN regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:elasticsearch_kibana.ldap_enabled.value == false - action: disable condition: settings:elasticsearch_kibana.ldap_enabled.value == false type: text value: cn=users,cn=accounts,dc=expertcity,dc=com weight: 160 ldap_user_search_filter: description: A valid LDAP search filter. label: User search filter regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:elasticsearch_kibana.ldap_enabled.value == false - action: disable condition: settings:elasticsearch_kibana.ldap_enabled.value == false type: text value: (&(objectClass=inetOrgPerson)(!(memberOf=cn=daemons,cn=groups,cn=accounts,dc=expertcity,dc=com))) weight: 170 ldap_viewer_group_dn: description: '' label: Group DN mapping to the Viewer role regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:elasticsearch_kibana.ldap_enabled.value == false - action: disable condition: settings:elasticsearch_kibana.ldap_enabled.value == false - action: disable condition: settings:elasticsearch_kibana.ldap_authorization_enabled.value == false type: text value: '"*"' weight: 220 metadata: always_editable: true plugin_id: 2 plugin_version: 0.10.1 minimum_master_nodes: description: This must be less than or equal to the total number of Elasticsearch nodes (total number of Elasticsearch nodes / 2 + 1 by default). label: Minimum number of master eligible nodes regex: error: You must provide either a number or leave it empty source: ^\d?$ restrictions: - action: hide condition: settings:elasticsearch_kibana.advanced_settings.value == false type: text value: '' weight: 21 number_of_replicas: description: The number of replicas must be less than the total number of Elasticsearch nodes (total number of Elasticsearch nodes - 1 by default). label: Number of replicas regex: error: You must provide either a number or leave it empty source: ^\d?$ restrictions: - action: hide condition: settings:elasticsearch_kibana.advanced_settings.value == false type: text value: '' weight: 20 recover_after_nodes: description: The number of nodes to wait before starting a recovery action following a cluster restart. This must be less than or equal to the total number of nodes in the cluster (2/3 of the total number of nodes by default). label: Recover after nodes regex: error: You must provide either a number or leave it empty source: ^\d?$ restrictions: - action: hide condition: settings:elasticsearch_kibana.advanced_settings.value == false type: text value: '' weight: 22 recover_after_time: description: The number of minutes the cluster should wait before starting a recovery action following a cluster restart. label: Recover after time regex: error: You must provide a number source: ^\d+$ restrictions: - action: hide condition: settings:elasticsearch_kibana.advanced_settings.value == false type: text value: '5' weight: 23 retention_period: description: The number of days after which data is automatically deleted within the Elasticsearch system (0 to never delete data). label: Retention period regex: error: You must provide a number source: ^\d+$ type: text value: '30' weight: 5 tls_enabled: description: '' label: Enable TLS for Kibana type: checkbox value: true weight: 30 weight: 70 external_dns: dns_list: description: List of upstream DNS servers, separated by comma label: DNS list regex: error: Invalid IP address list source: ^\*$|^(?:\d|1?\d\d|2[0-4]\d|25[0-5])(?:\.(?:\d|1?\d\d|2[0-4]\d|25[0-5])){3}(?:\s*,\s*(?:\d|1?\d\d|2[0-4]\d|25[0-5])(?:\.(?:\d|1?\d\d|2[0-4]\d|25[0-5])){3})*$ type: text value: 10.1.90.19,10.224.32.1 weight: 10 metadata: group: network label: Host OS DNS Servers weight: 30 external_mongo: hosts_ip: description: IP Addresses of MongoDB. Use comma to split IPs label: MongoDB hosts IP regex: error: Invalid hosts ip sequence source: ^(((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?),)*((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ type: text value: '' weight: 30 metadata: group: openstack_services label: External MongoDB restrictions: - action: hide condition: settings:additional_components.mongo.value == false message: Ceilometer and MongoDB are not enabled on the Additional Components section weight: 20 mongo_db_name: description: Mongo database name label: Database name regex: error: Invalid database name source: ^\w+$ type: text value: ceilometer weight: 30 mongo_password: description: Mongo database password label: Password regex: error: Password contains spaces source: ^\S*$ type: password value: ceilometer weight: 30 mongo_replset: description: Name for Mongo replication set label: Replset type: text value: '' weight: 30 mongo_user: description: Mongo database username label: Username regex: error: Empty username source: ^\w+$ type: text value: ceilometer weight: 30 external_ntp: metadata: group: network label: Host OS NTP Servers weight: 40 ntp_list: description: List of upstream NTP servers, separated by comma label: NTP server list regex: error: Invalid NTP server list source: ^\s*(?:(?:\w+(?:-+\w+)*\.)+[a-z]+|\d{1,3}(?:\.\d{1,3}){3})\s*(?:,\s*(?:(?:\w+(?:-+\w+)*\.)+[a-z]+|\d{1,3}(\.\d{1,3}){3})\s*)*$ type: text value: time1.ops.expertcity.com, time1.las.expertcity.com, time1.iad.expertcity.com weight: 10 influxdb_grafana: metadata: chosen_id: 3 class: plugin default: false enabled: true label: The StackLight InfluxDB-Grafana Server Plugin toggleable: true versions: - grafana_hostname: description: Your DNS entries should point to this name. label: DNS hostname for Grafana restrictions: - action: hide condition: settings:influxdb_grafana.tls_enabled.value == false type: text value: grafana.qai2.expertcity.com weight: 150 grafana_ssl_cert: description: Certificate and private key concatenated into a single PEM file. label: Certificate for Grafana restrictions: - action: hide condition: settings:influxdb_grafana.tls_enabled.value == false type: file value: content: "-----BEGIN RSA PRIVATE KEY-----\nXIIEXAIBAAKCAXEAXXXXXXRXXXXXXXXAXXXFXXX/XXXXPXBXXXXXXXRXXXXKTXnV\n\ rXPPXEXXXXGXXXXXXXXXXPXXXXXXY/XESXXXXXrVXXXGXXXXXXXXXXUFXXSXDXNX\nECXXXXXNFXNCKXXXXXXXUCrDPXXXSXXXXXAXXXX/XXXIXXXXXTTXXDrXXRXCXXXX\n\ XXrKCXXXXXXXXXXXXBXXBXXXXXXXXT/XXNKXXGFXUXKPSXXXXPXXXXXXVrCXXXXX\nXXXXXXXXPYXEXXXXXEXXYXXGAXXYXXXRXXXXXXXXXnXRXXXXXBVGXSXXYXXPDXCX\n\ TXXXXXXXAXXFXXXXUXXXXrVXXXXXXEXCR/XXXXIDAXABAXIBAXTGXXXSA/nFXXPX\nXTEXXXXFFnCrXIGXXDXXXXGXGXXXXAXXXXXTFEXXXXDXXX/AXXXXXXXXGXXErXXX\n\ XXXXXXXDXXXXXX/XBXXXXIXXXXXXXXXXEXPXXXXXSXXXEXBXX/AXXXXrXXXXXXrX\nBTXrXXXXXXXPXXXArXPXXSXnXXXXXXXXBXXXrXIXXXXXRSXVRXXXXXXPXXXXXTXX\n\ XXrXXXXXXXFXPXPNXXXXXXRXXrXPXXPXrXXXUXXTXrEXXXGGGTXXXXFXXDSXrXXA\nXXXDXBKXXXCXIYUXRXUXXXXXXVXXXXrXKXXnXUCXKNXXXnXXXXNXNXX/GXXXXXX/\n\ FXVXXIXCXYEAXGBXXXrXAX/XXXXXXXXX/XXXXVXTPXXXXRXXXDYXXXRCGXXXXXX/\n/TYXKXXXXXXXTDXXXXXXXGXGPFXXXXXXEYXFEXXCYNXDXXYXBXXSXXXXYXTXYGXX\n\ XXSXNIDKXXXXXXXXXX/XXAVXNXNXNGXXXRXUXrXXXBXXICXXXXGXIXXCXYEAXXXX\nAXXXXSIXX/XXXXXnTXXXGNXXTXXAXXXXEYXXXXXXNnXXXEVUXXnXYYXXXXXIXTXV\n\ EXPBXXAXrXXXrNXXXnXXXXXnAXNEXXXXXIXCXrXXXXrXXXXSXXXXXXXXXFXFnXFX\nUXXXXXnnXXXXXXX/XXXNYIXXXXXnXDXXAAXXXXXCXYEAXFXXXnXXXXXEXXCYXXUX\n\ XKXXXXXXXXXAXAXXXXXXXXXXX/XXXXXXIXBXXVXXXXXXXXXXXX/nXSXVXPXSXXXB\nXXXXXXXXXXXXBXXXXXBnXXRrXXXrXXXXXXXXGXBXXXXXCrYXPKEXXXXVNXXXCXXB\n\ /XXXXXXXXXXXXXBXTXVIXXXCXYAXXXXCXXXYXKVXXXXXnSXXXXYXXX/XXTXXXXXX\nXXArXXNACXUXKXrXEXFXXTXXXAXRSXXNXSBCXXXXRXRXSXXXXCXXXXCXXXXXnXXD\n\ NXCSRXXnBXXnPVXKXXXXXXAXXXXXXXTXUXXIXXXNUXXICIXYXKXXXXXXXCXBSnXY\nXXENXXKBXXDXXXXCXXBXXPCXXXXXXXXXXXXXXXXCGXXPXXXXRUXKXXXXX/XXXXXD\n\ XSXEXGXXIXXPCXXXXXFXXRXRXXXXXXXX/SXXXEXKUEXXXXXEPXXCXnXXBXXXXXXX\nNXXXXXXXXRVXXrXXXXXPXXCXXXXXXXXXXXXXXXXXX//SAXXEXXXXXAXX\n\ -----END RSA PRIVATE KEY-----\n-----BEGIN CERTIFICATE-----\nXIIDXDCCAXACCXCXNXNXPXXnXDANBXXXXXXGXXXBAXUFADCBnTEXXAXGAXUEBXXC\n\ VVXXCXAXBXNVBAXTAXNBXXXXDXYDVXXXEXXXXXXXXGEXDXAXBXNVBAXTBUXXXEXX\nXRAXDXYDVXXXEXXUXXNXTXBTXSXXIXYDVXXDEXXnXXFXYXXXXnFXXTIXXXXXXXXX\n\ YXXXXSXXXXXXKDAXBXXXXXXGXXXBCXEXGXXXYXVXYXXXXGNXXXXXXGXXXGXXXSXX\nXXXXXXXNXTYXXDAXXXIXNXXXXXXNXXEXXDAXXXIXNXXXXXCBnTEXXAXGAXUEBXXC\n\ VVXXCXAXBXNVBAXTAXNBXXXXDXYDVXXXEXXXXXXXXGEXDXAXBXNVBAXTBUXXXEXX\nXRAXDXYDVXXXEXXUXXNXTXBTXSXXIXYDVXXDEXXnXXFXYXXXXnFXXTIXXXXXXXXX\n\ YXXXXSXXXXXXKDAXBXXXXXXGXXXBCXEXGXXXYXVXYXXXXGNXXXXXXGXXXGXXXSXX\nXXXXXXEXXAXGCSXGSIXXDXEBAXUAAXIBDXAXXXEKAXIBAXDPDXIXXXGAXKNnXXDN\n\ XXXrVDXXXrXXXFXXXIXXXGXXIXXPXXXXXXXXRrNXXXDXDPXXNXXXXXPrGXXX/ARX\nXYXFXXVXRXXGXXXXTrXXXXVrXXYXXXXXXVXXXAXVXXIXXXXXXXXXKXX/XXXX/XXX\n\ XDXXXXXXXXXXRXXXNPXXXXVXGXXXPBXXXXXXXXXPXFXXXrFYXXXGXXXXXFXBP/XU\nXXXXYVXRXXXXCXNX/C/XXXXXXXXXXTXXXrDXXXAXXXTPXXXISXXXXEYBXXXRXXGX\n\ XX/XXXXXXXXXXBnUFUXXXBXXXYXXYXXNrrXnDXXCXXXXXPNRXXXXXXBXXXXXTXXX\n/XXXAXXBAAEXDXYXKXXIXXXNAXEFBXADXXEBAIXXXXXXEXXX/XXXTXXFDXXXXXY/\n\ XCXXEXXXX/ADXXXXXXXUXXSXXXDXXAXXXXXXXXXXUTXXXXXXKXXGXXSXXr/NXXXX\nXXXXGGPEXGPXXXXXXX/XXXXXXXXBXXXXXXXXXnXPXXXAXFXXXVRRXEEXXXXNSXXX\n\ XXXXIXXSXXXXXXXXXXEXYXDXXXAXXTXXXXXnTXXXXYXXVKDSVXEXCYXXTNXXCXXX\nXXXXXXXXXGXXXXXXXPCXXX/SYXXXXXXXXXXIKXXXSXXXXAXXXXXYXFXXXXRSXKXn\n\ XNXXXXXEVSrXXnFGIXXTEXXXXXXXXXXXXXXXXXXXDXXXDGXXXXXXXXXXXIXX\n-----END\ \ CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\r\nXIIEXDCCAXXXAXIBAXIXAXXXXXXKXXXIXXXXSXXXXTANBXXXXXXGXXXBAXXFADBX\r\ \nXXXXCXYDVXXGEXXVUXEVXBXGAXUECXXXRGXnXUNXXnXXSXXXXRXXFXYDVXXXEXBX\r\ \nXXXXXGXnXXNXXnXXYXXXXSAXXXYDVXXDEXXEXXXXXXVXXCBXXGXXYXXXUXXXXCBD\r\ \nXTAXFXXXXXAXXDXXXXAXXDBXFXXXXXAXXDXXXXAXXDBXXEXXCXAXBXNVBAYTAXVT\r\ \nXRUXEXYDVXXKEXXEXXXXXXVXXCBXXXXXXXAXBXNVBAXTXXRXXXXDXXXXIFNIXTIX\r\ \nUXVXXXXXIFNXXnXXXXBDXTCCASIXDXYXKXXIXXXNAXEBBXADXXEPADCCAXXCXXEB\r\ \nANXXXXBNXXXXFXAXXXXXXXXXXFXXXXX/XUPXXCXAXXXYXXXXXXAKXXXRXDYXXKXX\r\ \nnXXXXYSXXXXX/XXXTXXXXXCXXXXTXXXXXnVIXRXXNXXXXTIXXXXrBXSXXUXXRXXX\r\ \nKXPDXCXXXIDXEXRXFDXXXXKXXXXXTXXX/PXXrXXXXXUXDXXXBXTXXX/TCXrSXXXX\r\ \n/XXXUXXXXNXXXXSYXXXXXXrXX/RrKXXEXXXYXGXSSXXDXnXXEXXIXARFXRrXNXGX\r\ \nXXXNVAXXXXE/XVXXXPNXXXCXXXEAXUVXRXCXXXXXXXXXTXXXXXXXXXXXXXAXXXXX\r\ \n/RRXXXRXKFXCX/XC/XXFXXXCAXEAAXXCAVXXXXFXXBIGAXUXEXEB/XXIXAYBAXXC\r\ \nAXAXDXYDVRXPAXX/BAXDAXGGXDXGCCXGAXUFBXEBBCXXXXAXBXXrBXEFBXXXAYYY\r\ \nXXRXXDXXXXXXXXAXXGXnXXNXXnXXYXXXXXXGAXUXXXRXXXIXNXAXXDXGXXXXXXAX\r\ \nXXXXXXXXXXRXXXXXXXXXXXNXXSXEXXXXXXVXXEXXXXXXXFXXXXRDXSXXXXXXNXAX\r\ \nXDXGXXXXXXAXXXXXXXXXXXRXXXXXXXXXXXNXXSXEXXXXXXVXXEXXXXXXXFXXXXRD\r\ \nXSXXXXXXPXYDVRXXBDYXNDAXBXRVXSAAXCXXKAYIKXYBBXUXAXEXXGXXXXBXXXXX\r\ \nXXXXXXRXXXXXXXXXXXNXXSXDUFXXXXYDVRXXBBYEFAXAYRXCXXXVXXXnXUYXXCXX\r\ \nXXnXXBXGAXUXIXXYXBXAFAPXUDVXXUXXXXCXXXXXXXXXPXFVXAXGCSXGSIXXDXEB\r\ \nCXUAAXIBAXAXPXXXXXFCXXXXXXXXRXXXXXXXXUXXBCFXSXXXXXXXXXXXUXnNXXXX\r\ \nXTXPXXXXXXXYXXXXXXXXXXPXXXXGTUX/XEXXXNXXXPXX/XGFUXXXTXXXXDXXXXGA\r\ \nXXXXXXRNXXSrXXXXXXXIXXXXXXXTBXXXXXXYFXXXTEDXXXXX/XXBXXX/XXXAXDXC\r\ \nXXDXXXXKXXXGrnXXXXXIXBXXXXTXXRRXXXXXXXXXNXCXXTXXXrXXDXXXrXAXXPXX\r\ \nXXXXXXXXXXXVXXXXXGXGXSXBNXXXXVAXXXrXXXEIDXXXXXXYXXSXXXXXXXVSXXRX\r\ \nXXXXXXXXXXXXXXXXXXrXXXPXXRXXXDXX\r\n-----END CERTIFICATE-----\r\n" name: grafana.qai2.expertcity.com.pem weight: 160 grafana_username: description: The name of the Grafana admin label: User name regex: error: You must provide a username source: \S type: text value: lma weight: 70 grafana_userpass: description: The password of the Grafana admin label: User password regex: error: You must provide a password with at least 4 characters source: ^[\S]{4,}$ type: password value: changeme weight: 80 influxdb_dbname: description: The name of the database used to store the metrics label: Database name regex: error: You must provide a name source: \S type: text value: lma weight: 40 influxdb_rootpass: description: The password of the InfluxDB root user label: Root password regex: error: You must provide a password with at least 4 characters source: ^[\S]{4,}$ type: password value: changeme weight: 30 influxdb_username: description: The name of the InfluxDB user label: User name regex: error: You must provide a valid username source: ^((?!root$)\S) type: text value: lma weight: 50 influxdb_userpass: description: The password of the InfluxDB user label: User password regex: error: You must provide a password with at least 4 characters source: ^[\S]{4,}$ type: password value: changeme weight: 60 ldap_admin_group_dn: description: The group CN for the 'admin' role label: LDAP group CN regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:influxdb_grafana.ldap_enabled.value == false - action: disable condition: settings:influxdb_grafana.ldap_enabled.value == false - action: disable condition: settings:influxdb_grafana.ldap_authorization_enabled.value == false type: text value: cn=operations-general,cn=groups,cn=accounts,dc=expertcity,dc=com weight: 280 ldap_authorization_enabled: description: It allows to associate users with the 'admin' or 'viewer' role. Otherwise all users are assigned to the admin role. label: Enable group-based authorization restrictions: - action: hide condition: settings:influxdb_grafana.ldap_enabled.value == false type: checkbox value: true weight: 250 ldap_bind_dn: description: DN used to bind to the server when searching for entries. label: Bind DN regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:influxdb_grafana.ldap_enabled.value == false - action: disable condition: settings:influxdb_grafana.ldap_enabled.value == false type: text value: uid=sudo,cn=sysaccounts,cn=etc,dc=expertcity,dc=com weight: 210 ldap_bind_password: description: Password to use in conjunction with the bind DN. label: Bind password regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:influxdb_grafana.ldap_enabled.value == false - action: disable condition: settings:influxdb_grafana.ldap_enabled.value == false type: password value: changeme weight: 220 ldap_enabled: description: '' label: Use LDAP for Grafana authentication type: checkbox value: true weight: 170 ldap_group_search_base_dns: description: The base DN to search for groups. label: Group search base DN regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:influxdb_grafana.ldap_enabled.value == false - action: disable condition: settings:influxdb_grafana.ldap_enabled.value == false - action: disable condition: settings:influxdb_grafana.ldap_authorization_enabled.value == false type: text value: cn=groups,cn=accounts,dc=expertcity,dc=com weight: 260 ldap_group_search_filter: description: A valid LDAP search filter. label: Group search filter regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:influxdb_grafana.ldap_enabled.value == false - action: disable condition: settings:influxdb_grafana.ldap_enabled.value == false - action: disable condition: settings:influxdb_grafana.ldap_authorization_enabled.value == false type: text value: (&(objectClass=posixGroup)(memberUid=%s)) weight: 270 ldap_protocol_for_grafana: label: LDAP protocol restrictions: - action: hide condition: settings:influxdb_grafana.ldap_enabled.value == false type: radio value: ldaps values: - data: ldap label: LDAP - data: ldaps label: LDAPS weight: 180 ldap_server_port: description: If empty, the default value is 389 for LDAP and 636 for LDAPS. label: Port regex: error: You must provide a valid port number source: ^\d{0,5}$ restrictions: - action: hide condition: settings:influxdb_grafana.ldap_enabled.value == false - action: disable condition: settings:influxdb_grafana.ldap_enabled.value == false type: text value: '' weight: 200 ldap_servers: description: Specify one or several LDAP servers separated by space. label: LDAP servers regex: error: You must provide a hostname or IP source: ^\w[\w\-\s.]+$ restrictions: - action: hide condition: settings:influxdb_grafana.ldap_enabled.value == false - action: disable condition: settings:influxdb_grafana.ldap_enabled.value == false type: text value: auth1.ops.expertcity.com weight: 190 ldap_user_search_base_dns: description: The base DN to search for users. label: User search base DN regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:influxdb_grafana.ldap_enabled.value == false - action: disable condition: settings:influxdb_grafana.ldap_enabled.value == false type: text value: cn=users,cn=accounts,dc=expertcity,dc=com weight: 230 ldap_user_search_filter: description: A valid LDAP search filter. label: User search filter regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:influxdb_grafana.ldap_enabled.value == false - action: disable condition: settings:influxdb_grafana.ldap_enabled.value == false type: text value: (&(uid=%s)(objectClass=inetOrgPerson)(!(memberOf=cn=daemons,cn=groups,cn=accounts,dc=expertcity,dc=com))) weight: 240 ldap_viewer_group_dn: description: The group CN for the 'viewer' role label: LDAP group CN regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:influxdb_grafana.ldap_enabled.value == false - action: disable condition: settings:influxdb_grafana.ldap_enabled.value == false - action: disable condition: settings:influxdb_grafana.ldap_authorization_enabled.value == false type: text value: '"*"' weight: 290 metadata: always_editable: true plugin_id: 3 plugin_version: 0.10.1 mysql_dbname: description: The name of the database. The database must be created beforehand when 'remote' mode is selected. label: MySQL database regex: error: 'You must provide the name of the database (maximum length: 64 characters)' source: ^[a-zA-Z0-9$_]{1,64}$ type: text value: grafana weight: 110 mysql_host: description: IP address or fully qualified domain name of the MySQL server and port. E.g. example.com:3307. Specifying the port is optional, the default value is 3306. label: MySQL address and port regex: error: You must provide a hostname or IP source: ^[a-zA-Z\d][a-zA-Z\d_\-.]+(:[0-9]+)?$ restrictions: - action: disable condition: settings:influxdb_grafana.mysql_mode.value != 'remote' type: text value: '' weight: 100 mysql_mode: label: MySQL settings type: radio value: local values: - data: local label: Local MySQL - data: remote label: Remote server weight: 90 mysql_password: description: '' label: MySQL password regex: error: You must provide a password with at least 4 characters source: ^[\S]{4,}$ type: password value: changeme weight: 130 mysql_username: description: The user must be provisioned beforehand when the 'remote' mode is selected. label: MySQL username regex: error: 'You must provide a username (maximum length: 16 characters)' source: ^[a-zA-Z0-9$_-]{1,16}$ type: text value: grafana weight: 120 retention_period: description: The number of days after which data is automatically deleted in InfluxDB (0 to never delete data). label: Retention period regex: error: You must provide a number source: ^\d+$ type: text value: '30' weight: 5 tls_enabled: description: '' label: Enable TLS for Grafana type: checkbox value: true weight: 140 weight: 70 kernel_params: kernel: description: Default kernel parameters label: Initial parameters type: text value: console=tty0 net.ifnames=0 biosdevname=0 rootdelay=90 nomodeset metadata: group: general label: Kernel parameters weight: 60 ldap: metadata: chosen_id: 4 class: plugin default: false enabled: true label: LDAP plugin for Keystone toggleable: true versions: - additional_domains: description: Blocks of additional domains/parameters that should be created label: List of additional Domains type: textarea value: '' weight: 110 ca_chain: description: CA trust chain in PEM format. label: CA Chain regex: error: Please provide certificate in PEM format or leave this field empty source: ^(-----BEGIN CERTIFICATE-----)(.*[\r\n])+(-----END CERTIFICATE-----[\s\S]*?)$|^$ restrictions: - action: disable condition: settings:ldap.use_tls.value == false type: textarea value: '-----BEGIN CERTIFICATE----- XIIDnTCCAXXXAXIBAXIBATANBXXXXXXGXXXBAXXFADAXXRXXFXYDVXXKEXXFXFBF UXRDSVRXXXNPTTEXXBXGAXUEAXXVXXVXXGXXXXNXXGUXXXVXXGXXXXRXXBXXDTEX XTEXXTEXXTUXNXXXDTEXXTEXXTEXXTUXNXXXXTEXXBUGAXUECXXXRVXXRVXUXXXU XSXDTXXXXXAXBXNVBAXTFUNXXnRXXXXXYXRXIEFXXGXXXXXXXTCCASIXDXYXKXXI XXXNAXEBBXADXXEPADCCAXXCXXEBAXXXXXXXXSXXCXPXXGXRXXXXXXFKFXXXXXXX XUXXXXDXXXXUXXXNXBBXXBXXXXVFXXDXXXBXXXXXXXXNXTXXXXEFRXXXXXXXXX/X RDXGXXVPrXrXXXXXXFXXXnEXCXTUSXX/XBXXXN/XXXFFXXXn/SXXXXXXXXXXXDUX BXXXXXXXXXXBXXFXXRXKXXXXXXXXGXXXXSDXCXCXXICXXPXXTXXXVBXXR/VXUXNX XXXXXXXVTXXX/XXXXXXXXXXUXXXXIXXX/XFEKXXXXXXXXXXXXAXXXXXXXXXXXnXX XCXXXXXXXXXXXXXXXUXBTFVSXPXGXYXCVXB/XIEXXXXXXPXEXXECAXEAAXXBrXCB rDAXBXNVXSXEGDAXXBTXXXXXnXnNXTXDAXXXACXXXUXDXDAPBXNVXRXBAXXEBTAD AXX/XAXGAXUXDXEB/XXEAXIBXXAXBXNVXXXEFXXUXXXTXXXXXXUXAXXXXXAXXXVK XXXXSXYIKXYBBXUXAXEEPTAXXDXGCCXGAXUFBXABXXXXXXRXXXXXYXVXXGXnXXEX XXBXXXVXXGVXXGNXXXXXYXXXXXXXXXNXXXXXXXAXDXYXKXXIXXXNAXEXBXADXXEB AXXXX/NXXXX/KXXXXEXXXXYXXrXXRXXXTXXXXXXXKrK/XNPXXXXXXSXXXDEXDXXX XXXXXVBXXIXXPYXXXXXXXIXFXXAXXPXXXXXXXXXIXXIXEXKXXXIFXXXPAXXXXN/X NXXRXTXXXXXXXXXXGXXXXKXXXXK/XXNXXXXXXFNPXXXXXXrXXXXXFXnXXXXVXNXA AXXXUXPXXXXIXXXXSXAXXrBEVXXDYPXXCX/XFXXVEXIXrTXXPNXXXX/PXXTXXYXY VDX/XVn/XKXXXXXXXFRDINXXIXXXXIXXXXXXXE/XXKXXTGXXXXVXKARXXXXXXIXS XYXXnXXXXrXXnXXXFEGXXXXX -----END CERTIFICATE-----' weight: 27 domain: description: Name of the Keystone domain label: Domain name regex: error: Domain name contains unexpected value. Must only contain letters, numbers and characters . / _ / - source: ^[a-zA-Z0-9._-]+$ type: text value: expertcity.com weight: 20 group_desc_attribute: description: LDAP attribute mapped to description. label: Group description Attribute type: text value: description weight: 105 group_filter: description: LDAP search filter for groups. label: Group Filter type: text value: (objectClass=groupofnames) weight: 80 group_id_attribute: description: LDAP attribute mapped to group id. label: Group ID Attribute type: text value: cn weight: 90 group_member_attribute: description: LDAP attribute that maps user to group. label: Group Member Attribute type: text value: member weight: 100 group_name_attribute: description: LDAP attribute mapped to group name. label: Group Name Attribute type: text value: cn weight: 95 group_objectclass: description: LDAP objectclass for groups. label: Group Object Class type: text value: groupOfNames weight: 85 group_tree_dn: description: Search base for groups. label: Groups Tree DN type: text value: cn=groups,cn=accounts,dc=expertcity,dc=com weight: 75 metadata: always_editable: false plugin_id: 4 plugin_version: 2.0.0 password: description: Password for the BindDN to query the LDAP server. label: LDAP User Password regex: error: Password must not contain spaces. source: ^\S+$ type: password value: changeme weight: 35 query_scope: description: The LDAP scope for queries, this can be either "one" (onelevel/singleLevel) or "sub" (subtree/wholeSubtree). label: LDAP Query Scope type: text value: one weight: 40 suffix: description: LDAP server suffix. label: LDAP Suffix type: text value: dc=expertcity,dc=com weight: 26 url: description: URL for connecting to the LDAP server. label: LDAP URL regex: error: LDAP URL is not valid. Should be e.g. 'ldap://example.com'. source: ^ldap[si]?:\/\/([a-zA-Z0-9._-]+)(:[0-9]+)?$ type: text value: ldap://auth1.ops.expertcity.com weight: 25 use_tls: description: Enable TLS for communicating with the LDAP server. label: Use TLS type: checkbox value: true weight: 26 user: description: User BindDN to query the LDAP server. label: LDAP User type: text value: uid=sudo,cn=sysaccounts,cn=etc,dc=expertcity,dc=com weight: 30 user_enabled_attribute: description: LDAP attribute mapped to enabled/disabled. label: User Enabled/Disabled Attribute type: text value: enabled weight: 66 user_filter: description: LDAP search filter for users. label: User Filter type: text value: (&(objectClass=inetOrgPerson)(!(memberOf=cn=daemons,cn=groups,cn=accounts,dc=expertcity,dc=com))) weight: 46 user_id_attribute: description: LDAP attribute mapped to user id. label: User ID Attribute type: text value: uid weight: 55 user_name_attribute: description: LDAP attribute mapped to user name. label: User Name Attribute type: text value: uid weight: 60 user_objectclass: description: LDAP objectclass for users. label: User Object Class type: text value: inetOrgPerson weight: 50 user_pass_attribute: description: LDAP attribute mapped to password. label: User Password Attribute type: text value: userPassword weight: 65 user_tree_dn: description: Search base for users. label: Users Tree DN type: text value: cn=users,cn=accounts,dc=expertcity,dc=com weight: 45 weight: 70 lma_collector: metadata: chosen_id: 5 class: plugin default: false enabled: true label: The StackLight Collector Plugin toggleable: true versions: - alerting_mode: label: Alerting type: radio value: local values: - data: local label: Alerts sent to the StackLight Infrastructure Alerting plugin (Nagios) if deployed. - data: standalone label: Alerts sent by email (requires a SMTP server) weight: 90 alerting_send_from: description: '' label: The sender email address regex: error: Invalid email address source: '[a-z0-9!#$%&*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.?)?[a-z0-9]?(?:[a-z0-9-]*[a-z0-9])?' restrictions: - action: disable condition: settings:lma_collector.alerting_mode.value != 'standalone' type: text value: '' weight: 92 alerting_send_to: description: '' label: The recipient email address regex: error: Invalid email address source: '[a-z0-9!#$%&*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.?)?[a-z0-9]?(?:[a-z0-9-]*[a-z0-9])?' restrictions: - action: disable condition: settings:lma_collector.alerting_mode.value != 'standalone' type: text value: '' weight: 91 alerting_smtp_auth: label: SMTP authentication method restrictions: - action: disable condition: settings:lma_collector.alerting_mode.value != 'standalone' type: radio value: none values: - data: none label: None - data: Plain label: Plain - data: CRAMMD5 label: CRAMMD5 weight: 93 alerting_smtp_host: description: IP address (or fully qualified domain name) and port of the SMTP server label: SMTP server address regex: error: Invalid address or name source: ^[a-zA-Z\d][a-zA-Z\d_\-.]+(:[0-9]+)?$ restrictions: - action: disable condition: settings:lma_collector.alerting_mode.value != 'standalone' type: text value: '' weight: 93 alerting_smtp_password: description: '' label: SMTP password restrictions: - action: disable condition: settings:lma_collector.alerting_mode.value != 'standalone' or settings:lma_collector.alerting_smtp_auth.value == 'none' type: password value: '' weight: 97 alerting_smtp_user: description: '' label: SMTP user restrictions: - action: disable condition: settings:lma_collector.alerting_mode.value != 'standalone' or settings:lma_collector.alerting_smtp_auth.value == 'none' type: text value: '' weight: 96 elasticsearch_address: description: IP address or fully qualified domain name of the Elasticsearch server. label: Elasticsearch address regex: error: Invalid address or name source: ^[a-zA-Z\d][a-zA-Z\d_\-.]+$ restrictions: - action: disable condition: settings:lma_collector.elasticsearch_mode.value != 'remote' type: text value: '' weight: 40 elasticsearch_mode: label: Events analytics (logs and notifications) type: radio value: local values: - data: local label: Local node (if deployed) - data: remote label: Remote server weight: 20 environment_label: description: Optional string to tag the data. If empty, it will default to "env-". label: Environment label type: text value: '' weight: 10 influxdb_address: description: IP address or fully qualified domain name of the InfluxDB server. label: InfluxDB address regex: error: Invalid address or name source: ^[a-zA-Z\d][a-zA-Z\d_\-.]+$ restrictions: - action: disable condition: settings:lma_collector.influxdb_mode.value != 'remote' type: text value: '' weight: 70 influxdb_database: description: '' label: InfluxDB database name regex: error: Invalid value source: \S restrictions: - action: disable condition: settings:lma_collector.influxdb_mode.value != 'remote' type: text value: lma weight: 75 influxdb_mode: label: Metrics analytics type: radio value: local values: - data: local label: Local node (if deployed) - data: remote label: Remote server weight: 60 influxdb_password: description: '' label: InfluxDB password regex: error: Invalid value source: \S restrictions: - action: disable condition: settings:lma_collector.influxdb_mode.value != 'remote' type: password value: lmapass weight: 85 influxdb_user: description: '' label: InfluxDB user regex: error: Invalid value source: \S restrictions: - action: disable condition: settings:lma_collector.influxdb_mode.value != 'remote' type: text value: lma weight: 80 metadata: always_editable: true plugin_id: 5 plugin_version: 0.10.1 restrictions: - action: hide condition: cluster:net_provider != 'neutron' weight: 70 lma_infrastructure_alerting: metadata: chosen_id: 6 class: plugin default: false enabled: true label: The StackLight Infrastructure Alerting Plugin toggleable: true versions: - ldap_admin_group_dn: description: '' label: Group DN mapping to the Admins role regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:lma_infrastructure_alerting.ldap_enabled.value == false - action: disable condition: settings:lma_infrastructure_alerting.ldap_enabled.value == false - action: disable condition: settings:lma_infrastructure_alerting.ldap_authorization_enabled.value == false type: text value: cn=operations-general,cn=groups,cn=accounts,dc=expertcity,dc=com weight: 210 ldap_authorization_enabled: description: It allows to authorized only users for a specific group. label: Enable group-based authorization restrictions: - action: hide condition: settings:lma_infrastructure_alerting.ldap_enabled.value == false type: checkbox value: true weight: 200 ldap_bind_dn: description: DN used to bind to the server when searching for entries. label: Bind DN regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:lma_infrastructure_alerting.ldap_enabled.value == false - action: disable condition: settings:lma_infrastructure_alerting.ldap_enabled.value == false type: text value: uid=sudo,cn=sysaccounts,cn=etc,dc=expertcity,dc=com weight: 140 ldap_bind_password: description: Password to use in conjunction with the bind DN. label: Bind password regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:lma_infrastructure_alerting.ldap_enabled.value == false - action: disable condition: settings:lma_infrastructure_alerting.ldap_enabled.value == false type: password value: changeme weight: 150 ldap_enabled: description: '' label: Use LDAP for Nagios authentication type: checkbox value: true weight: 100 ldap_group_attribute: description: LDAP attribute used to identify the user members of group. label: LDAP group attribute regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:lma_infrastructure_alerting.ldap_enabled.value == false - action: disable condition: settings:lma_infrastructure_alerting.ldap_enabled.value == false - action: disable condition: settings:lma_infrastructure_alerting.ldap_authorization_enabled.value == false type: text value: memberOf weight: 205 ldap_protocol_for_nagios: label: LDAP protocol restrictions: - action: hide condition: settings:lma_infrastructure_alerting.ldap_enabled.value == false type: radio value: ldaps values: - data: ldap label: LDAP - data: ldaps label: LDAPS weight: 110 ldap_server_port: description: If empty, the default value is 389 for LDAP and 636 for LDAPS. label: Port regex: error: You must provide a valid port number source: ^\d{0,5}$ restrictions: - action: hide condition: settings:lma_infrastructure_alerting.ldap_enabled.value == false - action: disable condition: settings:lma_infrastructure_alerting.ldap_enabled.value == false type: text value: '' weight: 130 ldap_servers: description: Specify one or several LDAP servers separated by space. label: LDAP servers regex: error: You must provide a hostname or IP source: ^\w[\w\-\s.]+$ restrictions: - action: hide condition: settings:lma_infrastructure_alerting.ldap_enabled.value == false - action: disable condition: settings:lma_infrastructure_alerting.ldap_enabled.value == false type: text value: auth1.ops.expertcity.com weight: 120 ldap_user_attribute: description: It's a good idea to choose an attribute that will be unique across all entries. label: User attribute to search for regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:lma_infrastructure_alerting.ldap_enabled.value == false - action: disable condition: settings:lma_infrastructure_alerting.ldap_enabled.value == false type: text value: uid weight: 165 ldap_user_search_base_dns: description: The base DN to search for users. label: User search base DN regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:lma_infrastructure_alerting.ldap_enabled.value == false - action: disable condition: settings:lma_infrastructure_alerting.ldap_enabled.value == false type: text value: cn=users,cn=accounts,dc=expertcity,dc=com weight: 160 ldap_user_search_filter: description: A valid LDAP search filter. label: User search filter regex: error: Invalid value source: \S restrictions: - action: hide condition: settings:lma_infrastructure_alerting.ldap_enabled.value == false - action: disable condition: settings:lma_infrastructure_alerting.ldap_enabled.value == false type: text value: (&(objectClass=inetOrgPerson)(!(memberOf=cn=daemons,cn=groups,cn=accounts,dc=expertcity,dc=com))) weight: 170 metadata: always_editable: true plugin_id: 6 plugin_version: 0.10.1 nagios_hostname: description: Your DNS entries should point to this name label: DNS hostname for Nagios UI restrictions: - action: hide condition: settings:lma_infrastructure_alerting.tls_enabled.value == false type: text value: nagios.qai2.expertcity.com weight: 61 nagios_password: description: 'The password to access the Nagios Web Interface (username: "nagiosadmin")' label: Nagios HTTP password regex: error: Invalid value source: \S type: password value: changeme weight: 42 nagios_ssl_cert: description: Certificate and private key data, concatenated into a single file label: Certificate for Nagios UI restrictions: - action: hide condition: settings:lma_infrastructure_alerting.tls_enabled.value == false type: file value: content: "-----BEGIN RSA PRIVATE KEY-----\nXIIEXXIBAAKCAXEAXXXXXUXXXXXXBXXXPIXXXXXXXrXXRXCXXXXXXYXXXAEXXXNX\n\ XXRXXBXVXPXXYXXXTXPX/XXrAXFNVXXXXUXXXKXXXXXrXSXX/XTXSXVXYSXXFYXX\nXGXXEXXXDXXBXXBXFXXXSXXXFXXXXXXXXXSXUKUXXXVrXXXXCXXXPXRXTXXXXTXX\n\ XKXPXSSXCXEXXXIXXNXBGSAXXXXrXEUCARYXFXXXXDXXFXEXXNKXXXXXKXXXXSXU\nXXXXXGAXXXXXXXXXXKXXGXXVXXXYXXXXXKrXXXXXXXXXXXAXXXXXXCXYXSFXXREF\n\ XXUXXX/XXIXXXUXXXXXXUXXXNXSXFXAXXXnrrXIDAXABAXIBACNDGEXGnXXXGrXX\nXARAXXXXXFXXAGBXXXYCXXXXXXXTXXXXXXXXXrYXnFBXXXXXXFFXXXXXXCXXXXXB\n\ NXXrTXXPXCX/CnCDrXUXCXPUXXXXXARXXGXXXXXAXXXXXXXXXXXXXXXXXXVVEXXX\nXnXXrXTKXIXXKXXXrVrXXXNXXrXXXXPXYAXXRDXXXIPXXnVXXFXNXXNrXXFXXXTX\n\ XTXNXXXXXXXX/RXXX/XX/XTXXXXXXXErIXXXXXXrNXXXXRXXXXXTXXXIXXrXXPXX\nXDXXXUXXXXSXXXXXXXFBGXXXnXXXXXXDXXXDAXXXDXXXXXXXKXXGXXXXNXXnXXRP\n\ XXAXXXECXYEAXXXXnXXKXXFEXXXSXXEDrXXXY/XXRXNXYXXXXX/RXnXXPXXRXXrX\nAXXXIXXNXXSXYXXK/XXSXXXXXXXXXIXXrAXXXXXXPXXXDXXXUXnrXGAFXXXXXISX\n\ RNXXXXXXXUXXXXnXBCXXAXUXEXBAUXRXXXXXXXYXXXXXTXXXVYXXXFXCXYEAXCXX\nXKDXXXXVXBEXXVXXTSAXXnXXXXXXXVIXECXKTXXXFXXPKXXXXXXXYSXGTXXXXXXK\n\ XXXXXXXXXTXXXFFXXXAXXXXTXXXNXSXXXXFDXXXXXXXFXXNFXSYXUXXXXXXXXUXU\nAXXXXXXAXXXANXXXXSAXXnPAXXXXXGXXXXXXX/XCXYEAXXXD/XXXSXCXXXXrXPAX\n\ XXXXXXXXXXXrKXUXXIXXXXCRnXRXUYXDKXXBXVFXTXXSXXXXXrXXXXXYXXXXXDXX\nXXXXXXXXXXXXXXXXXFXXSXSXXXXXPXXXXFXXCXFGXXKXXXTXXGXXVVrXIXGXXXXX\n\ BYXYXAXGTXXXVXXXXXXXXXXCXYBRXVXXIXXXXXXXXXNYDXXXXXXXXXPRVNXXIrXX\nXXXXSXIXK/XXXXXUPXnXXXXXXXDXXXDXXGRXXXDXYXXRKXXXXVXUXnVXNXXXXXXB\n\ XXXXXXXKXXXFXXPXUXXXXXXXrXE/XXXUXSAXXXXXXXXRXXCXKXYXVXXYXTXBXXIK\nXXVCIXKBXEXTXXXXXX/XXXXXXXKXXXEXXXXXnGPXXDXXXXXXKXXXCUXXVASXXXXX\n\ KXXXXEXCBSCXFXIXXXFXPXXXXNBXXXKXXXXK/XYXXAXXXXnXUIXXrXXXRXXXXXXX\nXXXVXXXXXDKVnXXXXYXXCYXXUXnEXIXXXXrXGXXXXXXnIXXYXSXX\n\ -----END RSA PRIVATE KEY-----\n-----BEGIN CERTIFICATE-----\nXIIDXXCCAXXCCXDXXX/XX/XXXXANBXXXXXXGXXXBAXUFADCBnDEXXAXGAXUEBXXC\n\ VVXXCXAXBXNVBAXTAXNBXXXXDXYDVXXXEXXXXXXXXGEXDXAXBXNVBAXTBUXXXEXX\nXRAXDXYDVXXXEXXUXXNXTXBTXSXXIXYDVXXDEXXXYXXXXXXXXXFXXXXXXXBXXnRX\n\ XXRXXXNXXTEXXCYGCSXGSIXXDXEXARYXXXXXXXXXXXXAYXXXXXXXXXXXXXXXXXNX\nXTAXFXXXNXEXXDUXXXAXNTBXFXXXXTEXXDXXXXAXNTBXXIGXXXXXCXYDVXXGEXXV\n\ UXEXXAXGAXUECBXCXXEXDXANBXNVBAXTBXXXXGVXYTEXXAXGAXUECXXFRXVXRXXX\nEDAXBXNVBAXTBXRXYXXPUFXXIXAXBXNVBAXTGXXXXXXXXXXXYXXXXXVXXGVXXGNX\n\ XXXXYXXXXSXXXXYXKXXIXXXNAXXBFXXXXXNXXXFXXEBXXXRXXXXXXXXXXXUXYXXX\nXIIBIXANBXXXXXXGXXXBAXEFAAXCAXXAXIIBCXKCAXEAXXXXXUXXXXXXBXXXPIXX\n\ XXXXXrXXRXCXXXXXXYXXXAEXXXNXXXRXXBXVXPXXYXXXTXPX/XXrAXFNVXXXXUXX\nXKXXXXXrXSXX/XTXSXVXYSXXFYXXXGXXEXXXDXXBXXBXFXXXSXXXFXXXXXXXXXSX\n\ UKUXXXVrXXXXCXXXPXRXTXXXXTXXXKXPXSSXCXEXXXIXXNXBGSAXXXXrXEUCARYX\nFXXXXDXXFXEXXNKXXXXXKXXXXSXUXXXXXGAXXXXXXXXXXKXXGXXVXXXYXXXXXKrX\n\ XXXXXXXXXXAXXXXXXCXYXSFXXREFXXUXXX/XXIXXXUXXXXXXUXXXNXSXFXAXXXnr\nrXIDAXABXAXGCSXGSIXXDXEBBXUAAXIBAXAXKXXnXXXXXXXXDXXXXXBXXXEXSXXn\n\ XXRXnXrXUXXXXXXD/XXCXXXXFXXXrXXXXXUXXXUXXXXXXXXKXFEXXE/XXXXXCXXX\nXXXXCrXXXREXXXXXXXXXFXXXXnXYXNYnXVIXXXXXXXCXBXXGXKXFXXCXXXXSXNXX\n\ XYXNGXXFX/nEXXXKXXXXXXXXXXXXVXXXXXXXnNXXXXXXXIXBCXA/XXXXYXXSXFXX\nXXPXXXXXXPXXXXXXXXXXXEDEXXXXXSCXVIXXXITPXXXXKDXXTXXXrXXXXXXXXXXX\n\ XXXXAXNXXXXXXXX/SXYXXrXXKXXXKXAEFXRXTXXXNVCXXXXXVXCYXXAB\n-----END CERTIFICATE-----\n\ -----BEGIN CERTIFICATE-----\r\nXIIEXDCCAXXXAXIBAXIXAXXXXXXKXXXIXXXXSXXXXTANBXXXXXXGXXXBAXXFADBX\r\ \nXXXXCXYDVXXGEXXVUXEVXBXGAXUECXXXRGXnXUNXXnXXSXXXXRXXFXYDVXXXEXBX\r\ \nXXXXXGXnXXNXXnXXYXXXXSAXXXYDVXXDEXXEXXXXXXVXXCBXXGXXYXXXUXXXXCBD\r\ \nXTAXFXXXXXAXXDXXXXAXXDBXFXXXXXAXXDXXXXAXXDBXXEXXCXAXBXNVBAYTAXVT\r\ \nXRUXEXYDVXXKEXXEXXXXXXVXXCBXXXXXXXAXBXNVBAXTXXRXXXXDXXXXIFNIXTIX\r\ \nUXVXXXXXIFNXXnXXXXBDXTCCASIXDXYXKXXIXXXNAXEBBXADXXEPADCCAXXCXXEB\r\ \nANXXXXBNXXXXFXAXXXXXXXXXXFXXXXX/XUPXXCXAXXXYXXXXXXAKXXXRXDYXXKXX\r\ \nnXXXXYSXXXXX/XXXTXXXXXCXXXXTXXXXXnVIXRXXNXXXXTIXXXXrBXSXXUXXRXXX\r\ \nKXPDXCXXXIDXEXRXFDXXXXKXXXXXTXXX/PXXrXXXXXUXDXXXBXTXXX/TCXrSXXXX\r\ \n/XXXUXXXXNXXXXSYXXXXXXrXX/RrKXXEXXXYXGXSSXXDXnXXEXXIXARFXRrXNXGX\r\ \nXXXNVAXXXXE/XVXXXPNXXXCXXXEAXUVXRXCXXXXXXXXXTXXXXXXXXXXXXXAXXXXX\r\ \n/RRXXXRXKFXCX/XC/XXFXXXCAXEAAXXCAVXXXXFXXBIGAXUXEXEB/XXIXAYBAXXC\r\ \nAXAXDXYDVRXPAXX/BAXDAXGGXDXGCCXGAXUFBXEBBCXXXXAXBXXrBXEFBXXXAYYY\r\ \nXXRXXDXXXXXXXXAXXGXnXXNXXnXXYXXXXXXGAXUXXXRXXXIXNXAXXDXGXXXXXXAX\r\ \nXXXXXXXXXXRXXXXXXXXXXXNXXSXEXXXXXXVXXEXXXXXXXFXXXXRDXSXXXXXXNXAX\r\ \nXDXGXXXXXXAXXXXXXXXXXXRXXXXXXXXXXXNXXSXEXXXXXXVXXEXXXXXXXFXXXXRD\r\ \nXSXXXXXXPXYDVRXXBDYXNDAXBXRVXSAAXCXXKAYIKXYBBXUXAXEXXGXXXXBXXXXX\r\ \nXXXXXXRXXXXXXXXXXXNXXSXDUFXXXXYDVRXXBBYEFAXAYRXCXXXVXXXnXUYXXCXX\r\ \nXXnXXBXGAXUXIXXYXBXAFAPXUDVXXUXXXXCXXXXXXXXXPXFVXAXGCSXGSIXXDXEB\r\ \nCXUAAXIBAXAXPXXXXXFCXXXXXXXXRXXXXXXXXUXXBCFXSXXXXXXXXXXXUXnNXXXX\r\ \nXTXPXXXXXXXYXXXXXXXXXXPXXXXGTUX/XEXXXNXXXPXX/XGFUXXXTXXXXDXXXXGA\r\ \nXXXXXXRNXXSrXXXXXXXIXXXXXXXTBXXXXXXYFXXXTEDXXXXX/XXBXXX/XXXAXDXC\r\ \nXXDXXXXKXXXGrnXXXXXIXBXXXXTXXRRXXXXXXXXXNXCXXTXXXrXXDXXXrXAXXPXX\r\ \nXXXXXXXXXXXVXXXXXGXGXSXBNXXXXVAXXXrXXXEIDXXXXXXYXXSXXXXXXXVSXXRX\r\ \nXXXXXXXXXXXXXXXXXXrXXXPXXRXXXDXX\r\n-----END CERTIFICATE-----\r\n" name: nagios.qai2.expertcity.com.pem weight: 62 notify_critical: label: Receive CRITICAL notifications by email type: checkbox value: true weight: 43 notify_recovery: label: Receive RECOVERY notifications by email type: checkbox value: true weight: 46 notify_unknown: label: Receive UNKNOWN notifications by email type: checkbox value: true weight: 45 notify_warning: label: Receive WARNING notifications by email type: checkbox value: true weight: 44 send_from: description: '' label: The sender email address regex: error: Invalid Email source: '[a-z0-9!#$%&*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.?)?[a-z0-9]?(?:[a-z0-9-]*[a-z0-9])?' restrictions: - action: disable condition: settings:lma_infrastructure_alerting.notify_critical.value == false and settings:lma_infrastructure_alerting.notify_warning.value == false and settings:lma_infrastructure_alerting.notify_unknown.value == false and settings:lma_infrastructure_alerting.notify_recovery.value == false type: text value: openstack-qai2@citrixonline.com weight: 48 send_to: description: The recipient for the alert notifications label: The recipient email address regex: error: Invalid Email source: '[a-z0-9!#$%&*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.?)?[a-z0-9]?(?:[a-z0-9-]*[a-z0-9])?' restrictions: - action: disable condition: settings:lma_infrastructure_alerting.notify_critical.value == false and settings:lma_infrastructure_alerting.notify_warning.value == false and settings:lma_infrastructure_alerting.notify_unknown.value == false and settings:lma_infrastructure_alerting.notify_recovery.value == false type: text value: sysadmins@citrixonline.com weight: 47 smtp_auth: label: SMTP authentication method restrictions: - action: disable condition: settings:lma_infrastructure_alerting.notify_critical.value == false and settings:lma_infrastructure_alerting.notify_warning.value == false and settings:lma_infrastructure_alerting.notify_unknown.value == false and settings:lma_infrastructure_alerting.notify_recovery.value == false type: radio value: none values: - data: none label: None - data: login label: Login - data: plain label: Plain - data: cram-md5 label: CRAMMD5 weight: 50 smtp_host: description: IP address (or fully qualified domain name) and port of the external SMTP server. Leave empty to use the local MTA service. label: External SMTP server and port regex: error: Invalid address or name source: ^$|[a-zA-Z\d][a-zA-Z\d_\-.]+(:[0-9]+)?$ restrictions: - action: disable condition: settings:lma_infrastructure_alerting.notify_critical.value == false and settings:lma_infrastructure_alerting.notify_warning.value == false and settings:lma_infrastructure_alerting.notify_unknown.value == false and settings:lma_infrastructure_alerting.notify_recovery.value == false type: text value: mail1.ops.expertcity.com weight: 49 smtp_password: description: '' label: SMTP password restrictions: - action: disable condition: settings:lma_infrastructure_alerting.smtp_auth.value == 'none' - action: disable condition: settings:lma_infrastructure_alerting.notify_critical.value == false and settings:lma_infrastructure_alerting.notify_warning.value == false and settings:lma_infrastructure_alerting.notify_unknown.value == false and settings:lma_infrastructure_alerting.notify_recovery.value == false type: password value: '' weight: 52 smtp_user: description: '' label: SMTP user restrictions: - action: disable condition: settings:lma_infrastructure_alerting.smtp_auth.value == 'none' - action: disable condition: settings:lma_infrastructure_alerting.notify_critical.value == false and settings:lma_infrastructure_alerting.notify_warning.value == false and settings:lma_infrastructure_alerting.notify_unknown.value == false and settings:lma_infrastructure_alerting.notify_recovery.value == false type: text value: '' weight: 51 tls_enabled: description: '' label: Enable TLS for Nagios type: checkbox value: true weight: 60 weight: 70 murano_settings: metadata: group: openstack_services label: Murano Settings restrictions: - action: hide condition: settings:additional_components.murano.value == false message: Murano is not enabled on the Additional Components section weight: 20 murano_repo_url: description: '' label: Murano Repository URL type: text value: http://storage.apps.openstack.org/ weight: 10 neutron_advanced_configuration: metadata: group: network label: Neutron Advanced Configuration restrictions: - action: hide condition: cluster:net_provider != 'neutron' weight: 20 neutron_dvr: description: Enable Distributed Virtual Routers in Neutron label: Neutron DVR restrictions: - ? networking_parameters:segmentation_type != 'vlan' and settings:neutron_advanced_configuration.neutron_l2_pop.value == false : DVR requires L2 population to be enabled. type: checkbox value: false weight: 20 neutron_l2_pop: description: Enable L2 population mechanism in Neutron label: Neutron L2 population restrictions: - action: hide condition: networking_parameters:segmentation_type == 'vlan' type: checkbox value: false weight: 10 neutron_l3_ha: description: 'Enable High Availability features for Virtual Routers in Neutron Requires at least 2 Controller nodes to function properly ' label: Neutron L3 HA restrictions: - condition: settings:neutron_advanced_configuration.neutron_dvr.value == true message: Neutron DVR must be disabled in order to use Neutron L3 HA type: checkbox value: false weight: 30 neutron_mellanox: metadata: enabled: true group: network label: Mellanox Neutron components restrictions: - action: hide condition: not ('experimental' in version:feature_groups) toggleable: false weight: 50 plugin: label: Mellanox drivers and SR-IOV plugin type: radio value: disabled values: - data: disabled description: If selected, Mellanox drivers, Neutron and Cinder plugin will not be installed. label: Mellanox drivers and plugins disabled restrictions: - settings:storage.iser.value == true - data: drivers_only description: If selected, Mellanox Ethernet drivers will be installed to support networking over Mellanox NIC. Mellanox Neutron plugin will not be installed. label: Install only Mellanox drivers restrictions: - settings:common.libvirt_type.value != 'kvm' - data: ethernet description: If selected, both Mellanox Ethernet drivers and Mellanox network acceleration (Neutron) plugin will be installed. label: Install Mellanox drivers and SR-IOV plugin restrictions: - settings:common.libvirt_type.value != 'kvm' or not (cluster:net_provider == 'neutron' and networking_parameters:segmentation_type == 'vlan') weight: 60 vf_num: description: Note that one virtual function will be reserved to the storage network, in case of choosing iSER. label: Number of virtual NICs restrictions: - settings:neutron_mellanox.plugin.value != 'ethernet' type: text value: '16' weight: 70 provision: metadata: group: general label: Provision restrictions: - action: hide condition: 'true' weight: 80 method: type: hidden value: image public_network_assignment: assign_to_all_nodes: description: When disabled, public network will be assigned to controllers only label: Assign public network to all nodes type: checkbox value: false weight: 10 metadata: group: network label: Public network assignment restrictions: - action: hide condition: cluster:net_provider != 'neutron' weight: 10 public_ssl: cert_data: description: Certificate and private key data, concatenated into a single file label: Certificate restrictions: - action: hide condition: (settings:public_ssl.cert_source.value != 'user_uploaded') or (settings:public_ssl.horizon.value == false and settings:public_ssl.services.value == false) type: file value: content: "-----BEGIN RSA PRIVATE KEY-----\nXIIEXXIBAAKCAXEAXEECrXXGBXXXGXXXXXXXXXXXXXXXXEXXXXXDXKKAGXYXXXXX\n\ XXXXXVXXXXnXKXYXXUXXXXXXXXXEXUXDrXXBRXXVXFXXXXXXXXIXXXXA/UAXNXPX\nXXXXUGXXXXXXXXXRUXXIBNXYRXXX/FIXXXXXXXXXGXFXXnCKXXXXXXXNXXXnXXAX\n\ XXGXXXSKXXXPnXrFXUXKXAXUXFXYXXDXXrPUXXXNXX/XEXnXXXXXXXXXXXXXXXVX\nVXGXXXXSXXPXXXXnXXXXXXXCXXXAXIXX/XUXXXXXXXXXNXYCXBFXXTXTXTrTXVXX\n\ SXX/XTXXCXXXXAnEXXTSPEnXXSXXXXXAXXXXXXIDAXABAXIBAXCnArXXXXXXXXVX\nXXUXXYXXXAnAXKXXETXRXSXXXXXX/XXXXXXXXIXXNXXXYXXXVXXXXAX/XFTXXXXX\n\ XXrXXXXXXXXXXXCTXRXXGXGUCRNUXnX/FXXXXXNP/XXXXKXXXIXXXXXXXXXSXXDP\nBXXXEXXXXDXXXXXXnXXXXFXXnXXXNXXXXSSXXXnXXXXXUAPXXXBXIXXXTXGXXXXX\n\ XXXDXXXXXIXYXYXXXXBXYXRBXXPXXXXXXRXXUXXXXXXXXEPXXXXXXXXXTXXXXKAX\nCXnXXPXIXXTXXX/XDXXXXTrXXXXNXSXXXXXVXXNXXXRFXIXr/BSTXXXXGXXXXXXE\n\ XXXNXXXRAXGBANXXXXXXXXXXXXXXXXPXVPXBXTXXXXXXXDXXTBXXrXXXXXIXXrXr\nRXDPNXXXXXX/XXXXPXDIXXXXXXXXEXXXXXXFXYTXCXXXXXYXAXXUXnXRXXXXXXXK\n\ XXXXRDXXXXXD/DXXYXXXXXXXXXRXXXXXXPXXXRBXXXXXXUKXVnFXIXTXAXGBANFK\nXXXXXVXXXIXXXNXXXrIXXXXXXXXXXXAXYXXUXXBXXXTXNXBXXAXXXErXPXXXXIXX\n\ GXXXXXFYXXYVXXXnXPIXXXXXXXXXXVDXIAYXXXXXXKXIXEVXXXXCSXXRXXXXNXXN\nXXKPXXXXXFXXXXXSXXXXXXXDXX/UDXXXXXXXXXC/AXGBAXVXXXXXXXEPXXXXDXCX\n\ XRXGRXIXXXSVXEXXSXXXXRXnKXUX/SXXFXXXGXYXYXXXXXSXXXXXXnFNBXrXAXXR\nXXXXXnXXUXGXTXEDXNXXXXXFXXFXXXXCXXXXXXXXXXIVIXDYXnXXXXAXXXSXGXXX\n\ nGXXDAXXXnnXNUK/XT/XXRFRAXGAEU/XXXXXXSXrXXXXXXIXTXXVXXXXPXPXXGX/\nXrXSXXnXEXIrXXXXXXXGXIFXIXNXYXBXXIYXSXXAXXnKXXXPXXnRBXXXSXSXTVXX\n\ nXXCXXXXXXXXXXXXXXGXUBRXXXXXXXV/NCRXrEXXrXXXXBXXXARXXXXXXXXXXXXX\nXXXXXXXCXYEAXVVX/XXAXGXBRNXXXTYXXBVXXXXTXXXUPXXRXXXXVXXIGXXXXDXX\n\ XXXXAXXXXXTXXXXXXBXKrXNXXXXXXXXXXRX/YXXGXEXXAVAXXXUXXPXrXX/XXXPX\nXXXXXUnXXXAEXXXXXXXXXXXYXXXUXRSXrYCVXXTXXXXXXUXXXXXPXXUX\n\ -----END RSA PRIVATE KEY-----\n-----BEGIN CERTIFICATE-----\r\nXIIFGDCCBACXAXIBAXIXCXX/XXAXXAXXEXXXFXXRIXANBXXXXXXGXXXBAXXFADBN\r\ \nXXXXCXYDVXXGEXXVUXEVXBXGAXUECXXXRGXnXUNXXnXXSXXXXSXXXXYDVXXDEXXE\r\nXXXXXXVXXCBTSEEXIFNXYXVXXSBTXXXXXXIXXXEXXXXNXTYXXDAXXDAXXDAXXXXN\r\ \nXTXXXDEXXTIXXDAXXXBXXXXXCXYDVXXGEXXVUXEXXAXGAXUECBXCXXEXDXANBXNV\r\nBAXTBXXXXGVXYTEUXBIGAXUECXXXRXVXRXXXIEXXYXXXXXAXBXNVBAXTFXXXXnFX\r\ \nXTIXXXXXXXXXYXXXXSXXXXXXXXEXXAXGCSXGSIXXDXEBAXUAAXIBDXAXXXEKAXIB\r\nAXCXXXKXXXYGXKXXNXrXXXC/XXXXXXXXTXXFXXNXXXAYXXXXXXXRCrNXXDKGXXXX\r\ \nXXTNSDTXXnX/TXSRTUXXCXFFXXXXXXXUXXFXXXXEXYDXXBXXXXXSXTXXXXXXXXXX\r\nXXFSPXXEXFXFXX/XUXXXXXXXTXXXXVnXXIXXXXXXBXXXAXXXUB/XYXCXXIXXXIXX\r\ \nXXXXSErXDXSXXVXnXXXXXXRYXXXXnXYXXXPnXXXXXXUXXXXXXXXXIXXXXFXKXXXX\r\nXXXXXXXXSXKFXEDXXXPXXSnXXXXXXXAXXXXXEUXXNXPXXXPXVXXXXXXXXXXKDNXX\r\ \nCXXXXNIXSXXXXSXXPXCnPXXDAXXBAAGXXXXXXIIBXTAXBXNVXSXEGDAXXBXPXGEX\r\nXXFXXSXXXXXGXXXXXXXXXXAXBXNVXXXEFXXUAXNXAKYXDXXXKFXEXGXXXTXXGXXX\r\ \nIXYDVRXRBBXXGIIXXXXXXXFXXXXXXXBXXnRXXXRXXXNXXTAXBXNVXXXBAXXEBAXC\r\nBXAXXXYDVRXXBBYXFAYIKXYBBXUXAXEGCCXGAXUFBXXCXGXGAXUXXXRXXGIXXXAX\r\ \nXCXGKXXXXXAXXXXXXXXXXXRXXXXXXXXXXXNXXSXXXXNXXXNXYTIXXXUXYXXXXCXX\r\nXXArXXXXXXRXXXXXYXXXNCXXXXXXYXVXXCXXXXXXXXNXYSXXXGEXXXXXXXNXXDBX\r\ \nBXNVXSAERTBDXDXGCXCGSAGG/XXBATAXXCXGCCXGAXUFBXIBFXXXXXRXXXXXXXXX\r\nXXXXXXXXYXVXXCXXXXXXXXBTXAXGBXXBDAECAXBXBXXrBXEFBXXBAXRXXGXXXAYI\r\ \nKXYBBXUXXAGGGGXXXXAXXXXXYXNXXXRXXXXXXXXXXXNXXTBGBXXrBXEFBXXXAXYX\r\nXXRXXDXXXXNXYXVXXXXXXGXnXXNXXnXXYXXXXXRXXXXDXXXXUXXBXXNXYXVXXVNX\r\ \nXnXXXXNBXXNXXDAXBXNVXRXBAXXEAXAAXAXGCSXGSIXXDXEBCXUAAXIBAXBXTXXX\r\nDXXXXXXXXnXXRX/NXRXnXXCXXUXARXDEXnXEXXXVXDXXXXXXXPX/XN/XIXXYXXXX\r\ \nXXXXXXXPXXXUIX/AXXXXXXX/XXXXX/XXXXANPXXXXVXXXXXXXXXYXXXXnTXXRXXX\r\nXXXXAXnFXYXXXnXX/KXXXXXXXXIXIVBSXrKXXXXXXXXXXXNXXUGXXXXXCXCRXnUU\r\ \nXXXXPXXXVXIXXIXXDrXXXEXXVXXTRXXXXXXXTXXXXXNBXXXXXXXX/XXRXXXXXXXT\r\nXXXGXXBXXXTXXXXXXXXXrXPXXXrXXAXXTXXXXXXXRPXXXUDXCRXXXXDSXDXXXXFX\r\ \nVXXXXGXPXXXXFIXN\r\n-----END CERTIFICATE-----\r\n-----BEGIN CERTIFICATE-----\r\ \nXIIEXDCCAXXXAXIBAXIXAXXXXXXKXXXIXXXXSXXXXTANBXXXXXXGXXXBAXXFADBX\r\nXXXXCXYDVXXGEXXVUXEVXBXGAXUECXXXRGXnXUNXXnXXSXXXXRXXFXYDVXXXEXBX\r\ \nXXXXXGXnXXNXXnXXYXXXXSAXXXYDVXXDEXXEXXXXXXVXXCBXXGXXYXXXUXXXXCBD\r\nXTAXFXXXXXAXXDXXXXAXXDBXFXXXXXAXXDXXXXAXXDBXXEXXCXAXBXNVBAYTAXVT\r\ \nXRUXEXYDVXXKEXXEXXXXXXVXXCBXXXXXXXAXBXNVBAXTXXRXXXXDXXXXIFNIXTIX\r\nUXVXXXXXIFNXXnXXXXBDXTCCASIXDXYXKXXIXXXNAXEBBXADXXEPADCCAXXCXXEB\r\ \nANXXXXBNXXXXFXAXXXXXXXXXXFXXXXX/XUPXXCXAXXXYXXXXXXAKXXXRXDYXXKXX\r\nnXXXXYSXXXXX/XXXTXXXXXCXXXXTXXXXXnVIXRXXNXXXXTIXXXXrBXSXXUXXRXXX\r\ \nKXPDXCXXXIDXEXRXFDXXXXKXXXXXTXXX/PXXrXXXXXUXDXXXBXTXXX/TCXrSXXXX\r\n/XXXUXXXXNXXXXSYXXXXXXrXX/RrKXXEXXXYXGXSSXXDXnXXEXXIXARFXRrXNXGX\r\ \nXXXNVAXXXXE/XVXXXPNXXXCXXXEAXUVXRXCXXXXXXXXXTXXXXXXXXXXXXXAXXXXX\r\n/RRXXXRXKFXCX/XC/XXFXXXCAXEAAXXCAVXXXXFXXBIGAXUXEXEB/XXIXAYBAXXC\r\ \nAXAXDXYDVRXPAXX/BAXDAXGGXDXGCCXGAXUFBXEBBCXXXXAXBXXrBXEFBXXXAYYY\r\nXXRXXDXXXXXXXXAXXGXnXXNXXnXXYXXXXXXGAXUXXXRXXXIXNXAXXDXGXXXXXXAX\r\ \nXXXXXXXXXXRXXXXXXXXXXXNXXSXEXXXXXXVXXEXXXXXXXFXXXXRDXSXXXXXXNXAX\r\nXDXGXXXXXXAXXXXXXXXXXXRXXXXXXXXXXXNXXSXEXXXXXXVXXEXXXXXXXFXXXXRD\r\ \nXSXXXXXXPXYDVRXXBDYXNDAXBXRVXSAAXCXXKAYIKXYBBXUXAXEXXGXXXXBXXXXX\r\nXXXXXXRXXXXXXXXXXXNXXSXDUFXXXXYDVRXXBBYEFAXAYRXCXXXVXXXnXUYXXCXX\r\ \nXXnXXBXGAXUXIXXYXBXAFAPXUDVXXUXXXXCXXXXXXXXXPXFVXAXGCSXGSIXXDXEB\r\nCXUAAXIBAXAXPXXXXXFCXXXXXXXXRXXXXXXXXUXXBCFXSXXXXXXXXXXXUXnNXXXX\r\ \nXTXPXXXXXXXYXXXXXXXXXXPXXXXGTUX/XEXXXNXXXPXX/XGFUXXXTXXXXDXXXXGA\r\nXXXXXXRNXXSrXXXXXXXIXXXXXXXTBXXXXXXYFXXXTEDXXXXX/XXBXXX/XXXAXDXC\r\ \nXXDXXXXKXXXGrnXXXXXIXBXXXXTXXRRXXXXXXXXXNXCXXTXXXrXXDXXXrXAXXPXX\r\nXXXXXXXXXXXVXXXXXGXGXSXBNXXXXVAXXXrXXXEIDXXXXXXYXXSXXXXXXXVSXXRX\r\ \nXXXXXXXXXXXXXXXXXXrXXXPXXRXXXDXX\r\n-----END CERTIFICATE-----\r\n" name: os.qai2.expertcity.com.pem weight: 40 cert_source: description: From where we'll get certificate and private key label: Select source for certificate restrictions: - action: hide condition: settings:public_ssl.horizon.value == false and settings:public_ssl.services.value == false type: radio value: user_uploaded values: - data: self_signed description: Generate private key and certificate that will be signed by this key label: Self-signed - data: user_uploaded description: Use pre-generated key and certificate label: I have my own keypair with certificate weight: 30 horizon: description: Secure access to Horizon enabling HTTPS instead of HTTP label: HTTPS for Horizon restrictions: - settings:public_ssl.services.value == false: TLS for OpenStack public endpoints should be enabled type: checkbox value: true weight: 20 hostname: description: Your DNS entries should point to this name. Self-signed certificates also will use this hostname label: DNS hostname for public TLS endpoints restrictions: - action: hide condition: settings:public_ssl.horizon.value == false and settings:public_ssl.services.value == false type: text value: os.qai2.expertcity.com weight: 50 metadata: group: security label: Public TLS weight: 110 services: description: Enable TLS termination on HAProxy for OpenStack services label: TLS for OpenStack public endpoints type: checkbox value: true weight: 10 repo_setup: metadata: always_editable: true group: general label: Repositories weight: 50 repos: description: 'Please note: the first repository will be considered the operating system mirror that will be used during node provisioning. To create a local repository mirror on the Fuel master node, please follow the instructions provided by running "fuel-createmirror --help" on the Fuel master node. Please make sure your Fuel master node has Internet access to the repository before attempting to create a mirror. For more details, please refer to the documentation (https://docs.mirantis.com/openstack/fuel/fuel-8.0/operations.html#external-ubuntu-ops). ' extra_priority: null type: custom_repo_configuration value: - name: ubuntu priority: null section: main universe multiverse suite: trusty type: deb uri: http://archive.ubuntu.com/ubuntu/ - name: ubuntu-updates priority: null section: main universe multiverse suite: trusty-updates type: deb uri: http://archive.ubuntu.com/ubuntu/ - name: ubuntu-security priority: null section: main universe multiverse suite: trusty-security type: deb uri: http://archive.ubuntu.com/ubuntu/ - name: mos priority: 1050 section: main restricted suite: mos8.0 type: deb uri: http://10.226.0.9:8080/liberty-8.0/ubuntu/x86_64 - name: mos-updates priority: 1050 section: main restricted suite: mos8.0-updates type: deb uri: http://mirror.fuel-infra.org/mos-repos/ubuntu/8.0/ - name: mos-security priority: 1050 section: main restricted suite: mos8.0-security type: deb uri: http://mirror.fuel-infra.org/mos-repos/ubuntu/8.0/ - name: mos-holdback priority: 1100 section: main restricted suite: mos8.0-holdback type: deb uri: http://mirror.fuel-infra.org/mos-repos/ubuntu/8.0/ - name: Auxiliary priority: 1150 section: main restricted suite: auxiliary type: deb uri: http://10.226.0.9:8080/liberty-8.0/ubuntu/auxiliary - name: mos-mu priority: 1150 section: main restricted suite: mos8.0-updates type: deb uri: http://10.226.0.9:8080/mos-ubuntu storage: ephemeral_ceph: description: Configures Nova to store ephemeral volumes in RBD. This works best if Ceph is enabled for volumes and images, too. Enables live migration of all types of Ceph backed VMs (without this option, live migration will only work with VMs launched from Cinder volumes). label: Ceph RBD for ephemeral volumes (Nova) type: checkbox value: true weight: 75 images_ceph: description: Configures Glance to use the Ceph RBD backend to store images. If enabled, this option will prevent Swift from installing. label: Ceph RBD for images (Glance) restrictions: - settings:storage.images_vcenter.value == true: Only one Glance backend could be selected. type: checkbox value: true weight: 30 images_vcenter: description: Configures Glance to use the vCenter/ESXi backend to store images. If enabled, this option will prevent Swift from installing. label: VMware vCenter/ESXi datastore for images (Glance) restrictions: - action: hide condition: settings:common.use_vcenter.value != true - condition: settings:storage.images_ceph.value == true message: Only one Glance backend could be selected. type: checkbox value: false weight: 35 iser: description: 'High performance block storage: Cinder volumes over iSER protocol (iSCSI over RDMA). This feature requires SR-IOV capabilities in the NIC, and will use a dedicated virtual function for the storage network.' label: iSER protocol for volumes (Cinder) restrictions: - settings:storage.volumes_lvm.value != true or settings:common.libvirt_type.value != 'kvm' - action: hide condition: not ('experimental' in version:feature_groups) type: checkbox value: false weight: 11 metadata: group: storage label: Storage Backends weight: 60 objects_ceph: description: Configures RadosGW front end for Ceph RBD. This exposes S3 and Swift API Interfaces. If enabled, this option will prevent Swift from installing. label: Ceph RadosGW for objects (Swift API) type: checkbox value: true weight: 80 osd_pool_size: description: Configures the default number of object replicas in Ceph. This number must be equal to or lower than the number of deployed 'Storage - Ceph OSD' nodes. label: Ceph object replication factor regex: error: Invalid number source: ^[1-9]\d*$ type: text value: '3' weight: 85 volumes_block_device: description: High performance block device storage. It is recommended to have at least one Storage - Cinder Block Device label: Cinder Block device driver restrictions: - settings:storage.volumes_ceph.value == true type: checkbox value: false weight: 15 volumes_ceph: description: Configures Cinder to store volumes in Ceph RBD images. label: Ceph RBD for volumes (Cinder) restrictions: - settings:storage.volumes_lvm.value == true or settings:storage.volumes_block_device.value == true type: checkbox value: true weight: 20 volumes_lvm: description: It is recommended to have at least one Storage - Cinder LVM node. label: Cinder LVM over iSCSI for volumes restrictions: - settings:storage.volumes_ceph.value == true type: checkbox value: false weight: 10 syslog: metadata: enabled: true group: logging label: Syslog toggleable: true weight: 50 syslog_port: description: Remote syslog port label: Port regex: error: Invalid syslog port source: ^([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$ type: text value: '514' weight: 20 syslog_server: description: Remote syslog hostname label: Hostname regex: error: Invalid hostname source: ^[a-zA-Z\d]+[-\.\da-zA-Z]*$ type: text value: logng1.ops.expertcity.com weight: 10 syslog_transport: label: Syslog transport protocol type: radio value: tcp values: - data: udp description: '' label: UDP - data: tcp description: '' label: TCP weight: 30 workloads_collector: enabled: type: hidden value: true metadata: group: general label: Workloads Collector User restrictions: - action: hide condition: 'true' weight: 10 password: type: password value: changeme tenant: type: text value: services user: type: text value: fuel_stats_user