Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
[DOCS] Move horizon docs to roles
This change moves the horizon config information into the os_horizon role repo. Moving forward, specific project configurations are maintained in the appropriate role book. Change-Id: Ic0b1599aee659f47128aa50f367164b64353556a
- Loading branch information
Nate Graf
authored and
Nate Graf
committed
Aug 12, 2016
1 parent
387abfa
commit f40f7d1
Showing
4 changed files
with
116 additions
and
72 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,77 +1,8 @@ | ||
========================= | ||
OpenStack-Ansible Horizon | ||
######################### | ||
========================= | ||
|
||
This Ansible role installs and configures OpenStack Horizon served by the | ||
Apache webserver. Horizon is configured to use Galera for session caching and | ||
memcached for other caching. | ||
|
||
Default Variables | ||
================= | ||
|
||
.. literalinclude:: ../../defaults/main.yml | ||
:language: yaml | ||
:start-after: under the License. | ||
|
||
|
||
Required Variables | ||
================== | ||
|
||
This list is not exhaustive at present. See role internals for further | ||
details. | ||
|
||
.. code-block:: yaml | ||
horizon_ssl_protocol: "ALL -SSLv2 -SSLv3" | ||
horizon_ssl_cipher_suite: "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS" | ||
horizon_galera_address: 10.100.100.101 | ||
horizon_container_mysql_password: "SuperSecrete" | ||
horizon_secret_key: "SuperSecreteHorizonKey" | ||
Example Playbook | ||
================ | ||
|
||
.. code-block:: yaml | ||
- name: Installation and setup of horizon | ||
hosts: horizon_all | ||
user: root | ||
roles: | ||
- { role: "os_horizon", tags: [ "os-horizon" ] } | ||
vars: | ||
galera_client_drop_config_file: false | ||
external_lb_vip_address: 10.100.100.101 | ||
internal_lb_vip_address: 10.100.100.101 | ||
horizon_galera_address: 10.100.100.101 | ||
horizon_container_mysql_password: "SuperSecrete" | ||
horizon_secret_key: "SuperSecreteHorizonKey" | ||
horizon_external_ssl: true | ||
horizon_ssl_protocol: "ALL -SSLv2 -SSLv3" | ||
horizon_ssl_cipher_suite: "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS" | ||
galera_root_password: "secrete" | ||
rabbitmq_servers: 10.100.100.101 | ||
rabbitmq_use_ssl: false | ||
rabbitmq_port: 5671 | ||
keystone_admin_user_name: admin | ||
keystone_auth_admin_password: "SuperSecretePassword" | ||
keystone_admin_tenant_name: admin | ||
keystone_service_adminuri_insecure: false | ||
keystone_service_internaluri_insecure: false | ||
keystone_service_internaluri: "http://{{ internal_lb_vip_address }}:5000" | ||
keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3" | ||
keystone_service_adminuri: "http://{{ internal_lb_vip_address }}:35357" | ||
keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3" | ||
openrc_os_password: "{{ keystone_auth_admin_password }}" | ||
openrc_os_domain_name: "Default" | ||
memcached_servers: 10.100.100.101 | ||
memcached_encryption_key: "secrete" | ||
Tags | ||
==== | ||
|
||
This role supports two tags: ``horizon-install`` and ``horizon-config`` | ||
|
||
The ``horizon-install`` tag can be used to install and upgrade. | ||
|
||
The ``horizon-config`` tag can be used to manage configuration. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
============================================== | ||
Configuring the Dashboard (horizon) (optional) | ||
============================================== | ||
|
||
Customize your horizon deployment in | ||
``/etc/openstack_deploy/user_variables.yml``. | ||
|
||
Securing horizon communication with SSL certificates | ||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
||
The OpenStack-Ansible project provides the ability to secure Dashboard | ||
(horizon) communications with self-signed or user-provided SSL certificates. | ||
|
||
Refer to `Securing services with SSL certificates`_ for available configuration | ||
options. | ||
|
||
.. _Securing services with SSL certificates: http://docs.openstack.org/developer/openstack-ansible/install-guide/configure-sslcertificates.html | ||
|
||
Configuring a horizon customization module | ||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
||
Openstack-Ansible supports deployment of a horizon `customization module`_. | ||
After building your customization module, configure the | ||
``horizon_customization_module`` variable with a path to your module. | ||
|
||
.. code-block:: yaml | ||
horizon_customization_module: /path/to/customization_module.py | ||
.. _customization module: http://docs.openstack.org/developer/horizon/topics/customizing.html#horizon-customization-module-overrides | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,51 @@ | ||
.. include:: ../../README.rst | ||
========================= | ||
OpenStack-Ansible Horizon | ||
========================= | ||
|
||
.. toctree:: | ||
:maxdepth: 2 | ||
|
||
configure-horizon.rst | ||
|
||
This Ansible role installs and configures OpenStack Horizon served by the | ||
Apache webserver. Horizon is configured to use Galera for session caching and | ||
memcached for other caching. | ||
|
||
Default variables | ||
~~~~~~~~~~~~~~~~~ | ||
|
||
.. literalinclude:: ../../defaults/main.yml | ||
:language: yaml | ||
:start-after: under the License. | ||
|
||
|
||
Required variables | ||
~~~~~~~~~~~~~~~~~~ | ||
|
||
This list is not exhaustive. See role internals for further | ||
details. | ||
|
||
.. code-block:: yaml | ||
horizon_ssl_protocol: "ALL -SSLv2 -SSLv3" | ||
horizon_ssl_cipher_suite: "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS" | ||
horizon_galera_address: 10.100.100.101 | ||
horizon_container_mysql_password: "SuperSecrete" | ||
horizon_secret_key: "SuperSecreteHorizonKey" | ||
Example playbook | ||
~~~~~~~~~~~~~~~~ | ||
|
||
.. literalinclude:: ../../examples/playbook.yml | ||
:language: yaml | ||
|
||
Tags | ||
==== | ||
|
||
This role supports two tags: ``horizon-install`` and ``horizon-config``. | ||
|
||
The ``horizon-install`` tag can be used to install and upgrade. | ||
|
||
The ``horizon-config`` tag can be used to manage configuration. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
- name: Installation and setup of horizon | ||
hosts: horizon_all | ||
user: root | ||
roles: | ||
- { role: "os_horizon", tags: [ "os-horizon" ] } | ||
vars: | ||
galera_client_drop_config_file: false | ||
external_lb_vip_address: 10.100.100.101 | ||
internal_lb_vip_address: 10.100.100.101 | ||
horizon_galera_address: 10.100.100.101 | ||
horizon_container_mysql_password: "SuperSecrete" | ||
horizon_secret_key: "SuperSecreteHorizonKey" | ||
horizon_external_ssl: true | ||
horizon_ssl_protocol: "ALL -SSLv2 -SSLv3" | ||
horizon_ssl_cipher_suite: "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS" | ||
galera_root_password: "secrete" | ||
rabbitmq_servers: 10.100.100.101 | ||
rabbitmq_use_ssl: false | ||
rabbitmq_port: 5671 | ||
keystone_admin_user_name: admin | ||
keystone_auth_admin_password: "SuperSecretePassword" | ||
keystone_admin_tenant_name: admin | ||
keystone_service_adminuri_insecure: false | ||
keystone_service_internaluri_insecure: false | ||
keystone_service_internaluri: "http://{{ internal_lb_vip_address }}:5000" | ||
keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3" | ||
keystone_service_adminuri: "http://{{ internal_lb_vip_address }}:35357" | ||
keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3" | ||
openrc_os_password: "{{ keystone_auth_admin_password }}" | ||
openrc_os_domain_name: "Default" | ||
memcached_servers: 10.100.100.101 | ||
memcached_encryption_key: "secrete" |