[DEFAULT]

#
# From undercloud_config
#

undercloud_hostname = wallabyuc8.trilio.local
local_interface = ens3
local_ip = 172.30.6.102/24
undercloud_public_host = 172.30.6.103
undercloud_admin_host = 172.30.6.104
undercloud_nameservers = 8.8.8.8
overcloud_domain_name = trilio.local
generate_service_certificate = True
undercloud_debug = True
container_cli = podman
undercloud_enable_selinux = false
enable_tempest = False
enable_glance = True
enable_nova = true
enable_telemetry = False
enable_validations = True
enable_mistral = true
enable_ironic = True
enable_ironic_inspector = True
enable_zaqar = true
enable_swift = true
enable_swift_encryption = False
enable_heat = True
heat_native=true
ipxe_deploy = True
enable_monitoring = False
container_images_file = /home/stack/containers-prepare-parameter.yaml

# List of additional architectures enabled in your cloud environment.
# The list of supported values is: ppc64le (list value)
#additional_architectures =

# Authentication token expiration time in seconds. Note reducing this
# can have impacts on long running undercloud processes. (string
# value)
#auth_token_lifetime = 14400

# The certmonger nickname of the CA from which the certificate will be
# requested. This is used only if the generate_service_certificate
# option is set. Note that if the "local" CA is selected the
# certmonger's local CA certificate will be extracted to /etc/pki/ca-
# trust/source/anchors/cm-local-ca.pem and subsequently added to the
# trust chain. (string value)
#certificate_generation_ca = local

# Whether to clean overcloud nodes (wipe the hard drive) between
# deployments and after the introspection. (boolean value)
#clean_nodes = false

# Cleanup temporary files. Setting this to False will leave the
# temporary files used during deployment in place after the command is
# run. This is useful for debugging the generated files or if errors
# occur. (boolean value)
#cleanup = true

# Container CLI used for deployment; Can be docker or podman. (string
# value)
#container_cli = podman

# Whether or not we disable the container healthchecks. (boolean
# value)
#container_healthcheck_disabled = false

# REQUIRED if authentication is needed to fetch containers. This file
# should contain values for "ContainerImagePrepare" and
# "ContainerImageRegistryCredentials" that will be used to fetch the
# containers for the undercloud installation. `openstack tripleo
# container image prepare default` can be used to provide a sample
# "ContainerImagePrepare" value. Alternatively this file can contain
# all the required Heat parameters for the containers for advanced
# configurations. (string value)
#container_images_file =

# Used to add custom insecure registries for containers. (list value)
# Deprecated group/name - [DEFAULT]/docker_insecure_registries
#container_insecure_registries =

# An optional container registry mirror that will be used. (string
# value)
# Deprecated group/name - [DEFAULT]/docker_registry_mirror
#container_registry_mirror =

# List of any custom environment yaml files to use. These are applied
# after any other configuration and can be used to override any
# derived values. This should be used only by advanced users. (list
# value)
#custom_env_files =

# User used to run openstack undercloud install command which will be
# used to add the user to the docker group, required to upload
# containers (string value)
#deployment_user = <None>

# The default driver or hardware type to use for newly discovered
# nodes (requires enable_node_discovery set to True). It is
# automatically added to enabled_hardware_types. (string value)
#discovery_default_driver = ipmi

# Whether to install the cinder service. (boolean value)
#enable_cinder = false

# Whether to enable the frr service. (boolean value)
#enable_frr = false

# DEPRECATED: Whether to enable the heat service. (boolean value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Heat has been replaced by the heat-ephemeral service and
# this option has been deprecated.
#enable_heat = false

# Whether to enable the ironic service. (boolean value)
#enable_ironic = true

# Whether to enable the ironic inspector service. (boolean value)
#enable_ironic_inspector = true

# Whether to enable the neutron service. (boolean value)
#enable_neutron = true

# Makes ironic-inspector enroll any unknown node that PXE-boots
# introspection ramdisk in Ironic. By default, the "fake" driver is
# used for new nodes (it is automatically enabled when this option is
# set to True). Set discovery_default_driver to override.
# Introspection rules can also be used to specify driver information
# for newly enrolled nodes. (boolean value)
#enable_node_discovery = false

# DEPRECATED: Whether to enable the nova service. (boolean value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Nova can no longer be enabled via the config settings.
#enable_nova = false

# DEPRECATED: Whether to install the novajoin metadata service
# (boolean value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Support for the novajoin metadata service has been
# deprecated.
#enable_novajoin = false

# Enable support for routed ctlplane networks. (boolean value)
#enable_routed_networks = false

# Whether to install the swift services (boolean value)
#enable_swift = false

# Whether to enable Swift encryption at-rest or not. (boolean value)
#enable_swift_encryption = false

# Whether to install Telemetry services (ceilometer, gnocchi, aodh).
# (boolean value)
#enable_telemetry = false

# Whether to install requirements to run the TripleO validations.
# (boolean value)
#enable_validations = true

# List of enabled bare metal hardware types (next generation drivers).
# (list value)
#enabled_hardware_types = ipmi,redfish,ilo,idrac

# When set to True, an SSL certificate will be generated as part of
# the undercloud install and this certificate will be used in place of
# the value for undercloud_service_certificate.  The resulting
# certificate will be written to
# /etc/pki/tls/private/overcloud_endpoint.pem. This certificate is
# signed by CA selected by the "certificate_generation_ca" option.
# (boolean value)
#generate_service_certificate = true

# Custom URL for the heat-all container image to use as part of the
# undercloud deployment. If not specified, the default
# "quay.io/tripleowallaby/openstack-heat-all:current-tripleo" is used.
# If this location requires authentication, run podman login prior to
# running the undercloud install. (string value)
#heat_container_image =

# Execute the heat-all process natively on this host. This option
# requires that the heat-all binaries be installed locally on this
# machine. This option is enabled by default which means heat-all is
# executed on the host OS  directly If this is set to false, a
# containerized version of heat-all is used. (boolean value)
#heat_native = true

# Path to hieradata override file. Relative paths get computed inside
# of $HOME. When it points to a heat env file, it is passed in t-h-t
# via "-e <file>", as is. When the file contains legacy instack data,
# it is wrapped with UndercloudExtraConfig and also passed in for
# t-h-t as a temp file created in output_dir. Note, instack hiera data
# may be not t-h-t compatible and will highly likely require a manual
# revision. (string value)
#hieradata_override =

# Whether to enable extra hardware collection during the inspection
# process. Requires python-hardware or python-hardware-detect package
# on the introspection image. (boolean value)
#inspection_extras = true

# Network interface on which inspection dnsmasq will listen.  If in
# doubt, use the default value. (string value)
# Deprecated group/name - [DEFAULT]/discovery_interface
#inspection_interface = br-ctlplane

# Whether to run benchmarks when inspecting nodes. Requires
# inspection_extras set to True. (boolean value)
# Deprecated group/name - [DEFAULT]/discovery_runbench
#inspection_runbench = false

# One Time Password to register Undercloud node with an IPA server.
# (string value)
#ipa_otp =

# IPv6 address configuration mode for the undercloud provisioning
# network. (string value)
# Possible values:
# dhcpv6-stateless - Address configuration using RA and optional
# information using DHCPv6.
# dhcpv6-stateful - Address configuration and optional information
# using DHCPv6.
#ipv6_address_mode = dhcpv6-stateless

# Whether to use iPXE for inspection. (boolean value)
# Deprecated group/name - [DEFAULT]/ipxe_deploy
#ipxe_enabled = true

# Ironic network interface implementation to use by default. (string
# value)
# Possible values:
# flat - Use one flat provider network.
# neutron - Ironic interacts with Neutron to enable other network
# types and advanced networking features.
#ironic_default_network_interface = flat

# Enabled ironic network interface implementations. Each hardware type
# must have at least one valid implementation enabled. (list value)
#ironic_enabled_network_interfaces = flat

# Network interface on the Undercloud that will be handling the PXE
# boots and DHCP for Overcloud instances. (string value)
#local_interface = eth1

# IP information for the interface on the Undercloud that will be
# handling the PXE boots and DHCP for Overcloud instances.  The IP
# portion of the value will be assigned to the network interface
# defined by local_interface, with the netmask defined by the prefix
# portion of the value. (string value)
#local_ip = 192.168.24.1/24

# MTU to use for the local_interface. (integer value)
#local_mtu = 1500

# Name of the local subnet, where the PXE boot and DHCP interfaces for
# overcloud instances is located. The IP address of the
# local_ip/local_interface should reside in this subnet. (string
# value)
#local_subnet = ctlplane-subnet

# Path to network config override template. Relative paths get
# computed inside of $HOME. Must be in the json or yaml format. Its
# content overrides anything in t-h-t <role>NetConfigOverride. The
# processed template is then passed in Heat via the generated
# parameters file created in output_dir and used to configure the
# networking via run-os-net-config. If you wish to disable you can set
# this location to an empty file. Templated for instack j2 tags may be
# used, for example:
#
# "network_config": [
#  {
#   "type": "ovs_bridge",
#   "name": "br-ctlplane",
#   "ovs_extra": [
#    "br-set-external-id br-ctlplane bridge-id br-ctlplane"
#   ],
#   "members": [
#    {
#     "type": "interface",
#     "name": "{{LOCAL_INTERFACE}}",
#     "primary": "true",
#     "mtu": {{LOCAL_MTU}},
#     "dns_servers": {{UNDERCLOUD_NAMESERVERS}}
#    }
#   ],
#   "addresses": [
#     {
#       "ip_netmask": "{{PUBLIC_INTERFACE_IP}}"
#     }
#   ],
#   "routes": {{SUBNETS_STATIC_ROUTES}},
#   "mtu": {{LOCAL_MTU}}
# }
# ]
#   (string value)
#net_config_override =

# Networks file to override for heat. May be an absolute path or the
# path relative to the t-h-t templates directory used for deployment
# (string value)
#networks_file = <None>

# Directory to output state, processed heat templates, ansible
# deployment files.Defaults to ~/tripleo-deploy/<stack> (string value)
#output_dir = <None>

# DNS domain name to use when deploying the overcloud. The overcloud
# parameter "CloudDomain" must be set to a matching value. (string
# value)
#overcloud_domain_name = localdomain

# Roles file to override for heat. May be an absolute path or the path
# relative to the t-h-t templates directory used for deployment
# (string value)
#roles_file = <None>

# Maximum number of attempts the scheduler will make when deploying
# the instance. You should keep it greater or equal to the number of
# bare metal nodes you expect to deploy at once to work around
# potential race condition when scheduling. (integer value)
# Minimum value: 1
#scheduler_max_attempts = 30

# The kerberos principal for the service that will use the
# certificate. This is only needed if your CA requires a kerberos
# principal. e.g. with FreeIPA. (string value)
#service_principal =

# List of routed network subnets for provisioning and introspection.
# Comma separated list of names/tags. For each network a section/group
# needs to be added to the configuration file with these parameters
# set: cidr, dhcp_start, dhcp_end, inspection_iprange, gateway and
# masquerade_network. Note: The section/group must be placed before or
# after any other section. (See the example section [ctlplane-subnet]
# in the sample configuration file.) (list value)
#subnets = ctlplane-subnet

# heat templates file to override. (string value)
#templates =

# Virtual IP or DNS address to use for the admin endpoints of
# Undercloud services. Only used with SSL. (string value)
# Deprecated group/name - [DEFAULT]/undercloud_admin_vip
#undercloud_admin_host = 192.168.24.3

# Whether to enable the debug log level for Undercloud OpenStack
# services and Container Image Prepare step. (boolean value)
#undercloud_debug = true

# Enable or disable SELinux during the deployment. (boolean value)
#undercloud_enable_selinux = true

# Fully qualified hostname (including domain) to set on the
# Undercloud. If left unset, the current hostname will be used, but
# the user is responsible for configuring all system hostname settings
# appropriately.  If set, the undercloud install will configure all
# system hostname settings. (string value)
#undercloud_hostname = <None>

# The path to a log file to store the undercloud install/upgrade logs.
# (string value)
#undercloud_log_file = install-undercloud.log

# DNS nameserver(s). Use for the undercloud node and for the overcloud
# nodes. (NOTE: To use different nameserver(s) for the overcloud,
# override the DnsServers parameter in overcloud environment.) (list
# value)
#undercloud_nameservers =

# List of ntp servers to use. (list value)
#undercloud_ntp_servers = 0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org,3.pool.ntp.org

# Virtual IP or DNS address to use for the public endpoints of
# Undercloud services. Only used with SSL. (string value)
# Deprecated group/name - [DEFAULT]/undercloud_public_vip
#undercloud_public_host = 192.168.24.2

# Certificate file to use for OpenStack service SSL connections.
# Setting this enables SSL for the OpenStack API endpoints, leaving it
# unset disables SSL. (string value)
#undercloud_service_certificate =

# Host timezone to be used. If no timezone is specified, the existing
# timezone configuration is used. (string value)
#undercloud_timezone = <None>


[ctlplane-subnet]

#
# From undercloud_config
#

cidr = 172.30.6.0/24
dhcp_start = 172.30.6.105
dhcp_end = 172.30.6.120
gateway = 172.30.6.1
inspection_iprange = 172.30.6.121,172.30.6.140
masquerade=true

# Network CIDR for the Neutron-managed subnet for Overcloud instances.
# (string value)
# Deprecated group/name - [DEFAULT]/network_cidr
#cidr = 192.168.24.0/24

# End of DHCP allocation range for PXE and DHCP of Overcloud instances
# on this network. (list value)
# Deprecated group/name - [DEFAULT]/dhcp_end
#dhcp_end = 192.168.24.24

# List of IP addresses or IP ranges to exclude from the subnets
# allocation pool. Example: 192.168.24.50,192.168.24.80-192.168.24.90
# (list value)
#dhcp_exclude =

# Start of DHCP allocation range for PXE and DHCP of Overcloud
# instances on this network. (list value)
# Deprecated group/name - [DEFAULT]/dhcp_start
#dhcp_start = 192.168.24.5

# DNS nameservers for the Neutron-managed subnet for the Overcloud
# instances on this network. If no nameservers are defined for the
# subnet, the nameservers defined for undercloud_nameservers will be
# used. (list value)
#dns_nameservers =

# Network gateway for the Neutron-managed network for Overcloud
# instances on this network. (string value)
# Deprecated group/name - [DEFAULT]/network_gateway
#gateway = 192.168.24.1

# Host routes for the Neutron-managed subnet for the Overcloud
# instances on this network. The host routes on the local_subnet will
# also be configured on the undercloud. (list value)
#
# This option has a sample default set, which means that
# its actual default value may vary from the one documented
# below.
#host_routes = [{destination: 10.10.10.0/24, nexthop: 192.168.24.1}]

# Temporary IP range that will be given to nodes on this network
# during the inspection process. Should not overlap with the range
# defined by dhcp_start and dhcp_end, but should be in the same ip
# subnet. (string value)
# Deprecated group/name - [DEFAULT]/inspection_iprange
#inspection_iprange = 192.168.24.100,192.168.24.120

# The network will be masqueraded for external access. (boolean value)
#masquerade = false