-
Notifications
You must be signed in to change notification settings - Fork 20
/
Copy pathcommon.env.sample
306 lines (266 loc) · 8.77 KB
/
common.env.sample
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
# common.env.sample can be used to create common.env file.
# Use common.env file to change default settings.
# If exists it is executed by bash with source command during execution of other scripts.
# Save this sample file as common.env,
# uncomment required variables and set proper values.
# Values with lists in this file are comma-separated.
# ---
# Set this to simplify configuration of single node mode
# Default: IP of the NIC used as default gateway
#HOST_IP=10.0.2.15
# ---
# Set this to auto configure other variables only
# Default: $HOST_IP
#_CONTRAIL_REGISTRY_IP=10.0.2.15
# ---
# Contrail version for pull/tag containers
# CONTRAIL_CONTAINER_TAG='dev'
# ---
# Contrail version to pull/tag containers, to get packages
# Default: 1.11.2
#K8S_VERSION=1.11.2
# ---
# Address of docker regisry to pull/push containers
# Default: $_CONTRAIL_REGISTRY_IP:5000
#CONTRAIL_REGISTRY=10.0.2.15:5000
# ---
# Enable/disable pushing of containers during build
# Default: 1
#CONTRAIL_REGISTRY_PUSH=1
# ---
# This version is used to deploy correctly openstack-init containers.
# It must be passed in environment in case of OpenStack deployment.
#OPENSTACK_VERSION=queens
# ---
# Url of rpm/deb repository to get Contrail packages
# Default: http://$_CONTRAIL_REGISTRY_IP/$CONTRAIL_CONTAINER_TAG
#CONTRAIL_REPOSITORY=http://10.0.2.15/contrail-$CONTRAIL_CONTAINER_TAG
# ---
# URL or file path to Contrails' install packages.
# It can be a rpm (as it present in Contrail's build system).
# Or it can be just a tar archive with packages.
# Example for centos:
# (version will be used from CONTRAIL_CONTAINER_TAG)
#CONTRAIL_INSTALL_PACKAGES_URL="https://s3-us-west-2.amazonaws.com/contrailrhel7/contrail-install-packages-4.1.0.0-6.el7.noarch.rpm"
# ---
# RHEL specific variable for build
# Account for build system subscription
#RHEL_USER_NAME=
#RHEL_USER_PASSWORD=
#RHEL_POOL_ID=
#RHEL_ORG=
#RHEL_ACTIVATION_KEY=
# --
# Additional packages to be installed into generic-base container
# (comma separated list)
#GENERAL_EXTRA_RPMS=""
# --
# Additional packages to be installed into contrail-base container
# (comma separated list)
# using some stable OpenStack repo for Contrail's dependencies by default
#BASE_EXTRA_RPMS="https://repos.fedorapeople.org/repos/openstack/openstack-rocky/rdo-release-rocky-2.noarch.rpm"
# ---
# Extra repos to be additionally enabled in yum install command inside containers
# Format: "repo1,repo2"
#YUM_ENABLE_REPOS=
# ---
# List of IPs of controller nodes (config+control+web+analytics+all 3rd party services).
# If more granular tuning is required then redefine a particular
# type of node via appropriate _NODES (see below).
# Default: $HOST_IP
#CONTROLLER_NODES=10.0.2.15
# ---
# List of IPs of compute nodes (agent).
# Default: $CONTROLLER_NODES
#AGENT_NODES=10.0.2.15,10.0.2.16
# List of IPs of TSN compute nodes
# Default: Empty list
# TSN_NODES=
# ---
# Lists of IPs of nodes dedicated to custom roles to use for K8s manifest
# Default: $HOST_IP
#CONFIG_NODES=10.0.2.15
#CONTROL_NODES=10.0.2.15
#CONFIGDB_NODES=10.0.2.15
#ZOOKEEPER_NODES=10.0.2.15
#RABBITMQ_NODES=10.0.2.15
#WEBUI_NODES=10.0.2.15
#CONTROL_NODES=10.0.2.15
#ANALYTICS_NODES=10.0.2.15
#ANALYTICSDB_NODES=10.0.2.15
#ANALYTCIS_ALARM_NODES=10.0.2.15
#ANLAYTICS_SNMP_NODES=10.0.2.15
#KAFKA_NODES=10.0.2.15
# ---
# Zookeeper client ports range
# by default it's 2888:3888
# ZOOKEEPER_PORTS=2888:3888
# ---
# RabbitMQ Port used for inter-node and CLI tool communition.
# RABBITMQ_NODE_PORT=5673
# ---
# VIP addresses of Contrail services
# Default: first IP of appropriate list
#ANALYTICS_API_VIP=10.0.2.15
#CONFIG_API_VIP=10.0.2.15
# ---
# Physical network parameter to setup Contrail on
# Default: NIC & gateway are used as in default route
#PHYSICAL_INTERFACE=
#VROUTER_GATEWAY=
# ---
# BGB options
# Cluster ASN number
#BGP_ASN=64512
# AUto mesh option
#BGP_AUTO_MESH='true'
# Enable 4 byte ASN
#ENABLE_4BYTE_AS='false'
# ---
# RNDC key for Contrail DNS and Contrail named services
#RNDC_KEY="xvysmOR8lnUQRBcunkC6vg=="
# ---
# Level of logging
#LOG_LEVEL=SYS_NOTICE
# ---
# Authentication parameters
# CLOUD_ORCHESTRATOR is an orchestration system.
# for now could be none / openstack
#CLOUD_ORCHESTRATOR='none'
# AUTH_MODE could be noauth / keystone. It'll be set to keystone
# automatically if CLOUD_ORCHESTRATOR is openstack.
#AUTH_MODE='noauth'
# AAA_MODE could be no-auth / cloud-admin / rbac. In case of cloud-admin roles parameters can be set to non-default values.
#AAA_MODE='no-auth'
#CLOUD_ADMIN_ROLE=admin
#GLOBAL_READ_ONLY_ROLE=
# ---
# Address of K8S API server
#KUBERNETES_API_SERVER=$DEFAULT_LOCAL_IP
# ---
# Map of Kubernetes node names on their IP addresses used for Contrail.
# May be useful for multi-NICs servers.
# Default: none (autodetection)
#declare -A KUBERNETES_NODES_MAP=(
# ["ip-172-31-24-31.ec2.internal"]=172.31.24.31
# ["ip-172-31-32-215.ec2.internal"]=172.31.32.215
#)
# ---
# Vrouter kernel module options
# e.g. VROUTER_MODULE_OPTIONS="vr_mpls_labels=196000 vr_nexthops=521000 vr_vrfs=65536 vr_bridge_entries=1000000"
#VROUTER_MODULE_OPTIONS=
# ---
# Agent mode. For DPDK case should be set to 'dpdk'.
#AGENT_MODE=${AGENT_MODE:-'nic'}
# ---
# Cpu coremask fo DPDK
# - forwarding threads pinning
#CPU_CORE_MASK='0x01'
# - service threads pinning
#SERVICE_CORE_MASK=''
# - dpdk ctrl threads pinning
#DPDK_CTRL_THREAD_MASK=''
# ---
# Number of huge pages to be set if provided
# When possible preallocate HP on host machine instead of set it here.
# See https://bugs.launchpad.net/juniperopenstack/+bug/1790130
#HUGE_PAGES=
# ---
# DPDK UIO driver
#DPDK_UIO_DRIVER='uio_pci_generic'
#NIC_OFFLOAD_ENABLE=False
# ---
# DPDK pers socket memory allocation (MB)
#DPDK_MEM_PER_SOCKET=1024
# DPDK additional command line options (optinal)
# e.g. some tunings are possible via providing
# arguments line '--vr_mempool_sz 65536 --dpdk_txd_sz 2048 --dpdk_rxd_sz 2048'
# via this variable
#DPDK_COMMAND_ADDITIONAL_ARGS=''
# ---
# Java extra options for Cassandra
# Allow minimizing used memory for low-mem deployments
#JVM_EXTRA_OPTS="-Xms1g -Xmx2g"
# ---
# Additional perfomance option for Cassandra
# Allow to set cache size (e.g. 512), in some cases it may increase performance
#CASSANDRA_FILE_CACHE_SIZE_IN_MB=512
# ---
# TLS
#SSL_ENABLE=False
#SSL_INSECURE=False
#SERVER_CERTFILE=/etc/contrail/ssl/certs/server.pem
#SERVER_KEYFILE=/etc/contrail/ssl/private/server-privkey.pem
#SERVER_CA_CERTFILE=/etc/contrail/ssl/certs/ca-cert.pem
#SERVER_CA_KEYFILE=/etc/contrail/ssl/private/ca-key.pem
#
#XMPP_SSL_ENABLE=${SSL_ENABLE}
#XMPP_SERVER_CERTFILE=${SERVER_CERTFILE}
#XMPP_SERVER_KEYFILE=${SERVER_KEYFILE}
#XMPP_SERVER_CA_CERTFILE=${SERVER_CA_CERTFILE}
#
#CONFIG_API_SSL_ENABLE=${SSL_ENABLE}
#CONFIG_API_SERVER_CERTFILE=${SERVER_CERTFILE}
#CONFIG_API_SERVER_KEYFILE=${SERVER_KEYFILE}
#CONFIG_API_SERVER_CA_CERTFILE=${SERVER_CA_CERTFILE}
#
#INTROSPECT_SSL_ENABLE=${SSL_ENABLE}
#INTROSPECT_SSL_INSECURE=${SSL_INSECURE}
#INTROSPECT_CERTFILE=${SERVER_CERTFILE}
#INTROSPECT_KEYFILE=${SERVER_KEYFILE}
#INTROSPECT_CA_CERTFILE=${SERVER_CA_CERTFILE}
#
#SANDESH_SSL_ENABLE=${SSL_ENABLE}
#SANDESH_CERTFILE=${SERVER_CERTFILE}
#SANDESH_KEYFILE=${SERVER_KEYFILE}
#SANDESH_SERVER_KEYFILE=${SANDESH_KEYFILE}
#SANDESH_SERVER_CERTFILE=${SANDESH_CERTFILE}
#SANDESH_CA_CERTFILE=${SERVER_CA_CERTFILE}
#
#KEYSTONE_AUTH_PROTO=http
#KEYSTONE_AUTH_INSECURE=${SSL_INSECURE}
#KEYSTONE_AUTH_CERTFILE=
#KEYSTONE_AUTH_KEYFILE=
#KEYSTONE_AUTH_CA_CERTFILE=
#
#RabbitMQ client options
#RABBITMQ_VHOST='/'
#RABBITMQ_USER='guest'
#RABBITMQ_PASSWORD='guest'
#RABBITMQ_USE_SSL=False
#RABBITMQ_SSL_VER='tlsv1.2'
#RABBITMQ_CLIENT_SSL_CERTFILE=${RABBITMQ_SSL_CERTFILE}
#RABBITMQ_CLIENT_SSL_KEYFILE=${RABBITMQ_SSL_KEYFILE}
#RABBITMQ_CLIENT_SSL_CACERTFILE=${RABBITMQ_SSL_CACERTFILE}
#RABBITMQ_HEARTBEAT_INTERVAL=60
#RABBITMQ_CLUSTER_PARTITION_HANDLING='autoheal'
#RABBITMQ_MIRRORED_QUEUE_MODE='all'
#
#RabbitMQ container interfaces
#These variables are to be passed to RabbitMQ containers
#to enable SSL on RabbitMQ server.
#Setting of these parameters should correspond to
#the values of RABBITMQ_USE_SSL and RABBITMQ_CLIENT_SSL_*
#RABBITMQ_SSL_CERTFILE=${SERVER_CERTFILE}
#RABBITMQ_SSL_KEYFILE=${SERVER_KEYFILE}
#RABBITMQ_SSL_CACERTFILE=${SERVER_CA_CERTFILE}
#RABBITMQ_SSL_FAIL_IF_NO_PEER_CERT='true'
#
# Metadata service SSL opts
#METADATA_SSL_ENABLE=false
#METADATA_SSL_CERTFILE=
#METADATA_SSL_KEYFILE=
#METADATA_SSL_CA_CERTFILE=
#METADATA_SSL_CERT_TYPE=
#
# Redis SSL Options
#REDIS_SSL_ENABLE=${REDIS_SSL_ENABLE:-${SSL_ENABLE:-False}}
#REDIS_SSL_CERTFILE=${REDIS_SSL_CERTFILE:-${SERVER_CERTFILE}}
#REDIS_SSL_KEYFILE=${REDIS_SSL_KEYFILE:-${SERVER_KEYFILE}}
#REDIS_SSL_CACERTFILE=${REDIS_SSL_CACERTFILE-${SERVER_CA_CERTFILE}}
# Set this to True to enable adding all local IP-s to self-signed certs
# that are created by certs-init.sh
#SELFSIGNED_CERTS_WITH_IPS=True
# label info for container images
VENDOR_NAME='Juniper'
VENDOR_DOMAIN='net.juniper.contrail'