"base URL for repo with helm charts & other binaries"
default: "https://binary.mirantis.com"
"base URL for docker images"
default: "mirantis.azurecr.io"
settings passed to every helm chart
list of helm chart repositories
symbolic name to reference this repo
helm charts repo url
JSON of values passed to all charts
Additional Properties of any type are allowed.
Type: objectversion of charts to install for infra components
JSON of values passed to all infra charts
Additional Properties of any type are allowed.
Type: objectversion of charts to install for openstack components
JSON of values passed to all openstack charts
Additional Properties of any type are allowed.
Type: objecttrigger to process osdpl resource
default: false
Specifies the app role ID
The name of secret key to get data from.
The name of secret to get data from.
Specifies the secret ID created for the app role
The name of secret key to get data from.
The name of secret to get data from.
Indicates if simple_crypto backend is enabled
default: false
Mountpoint of KV store in Vault to use.
Vault Namespace to use for all requests to Vault.
This is available only in Vault Enterprise and
is supported only since OpenStack Victoria release.
The path to CA cert file
The name of secret key to get data from.
The name of secret to get data from.
Specifies whether to use SSL
URL of the Vault server
Backends to perform backup to. Could be: ceph, s3. Default is ceph.
No Additional PropertiesAll property whose name matches the following regular expression must respect the following conditions
Property name regular expression:.*
Backup backend name.
No Additional PropertiesIf the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.
"s3"
If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.
"nfs"
The url where the S3 server is listening
The S3 query token access key.
No Additional PropertiesThe name of secret key to get data from.
The name of secret to get data from.
The S3 bucket to be used to store the Cinder backup data
The S3 query token secret key.
No Additional PropertiesThe name of secret key to get data from.
The name of secret to get data from.
Enable cinder backup service. Disable for cephless deployment.
default: true
Flag to enable main cinder volume running as statefulset.
When enabled openstack-controller will wait for ceph deployment
provided by MOSK Ceph controller. Disable for cephless deployment.
default true
Defines parameters of openstack resources discovery and targets generation for cloudprober.
No Additional PropertiesDefault interval in seconds between runs of openstack resources discovery. default: 600.
Backend to perform backup to. Could be: pvc, pv_nfs, hostpath. Default is pvc.
Type of backup. Possible values: incremental or full.
incremental: If newest full backup is older then fullbackupcycle seconds,
perform full backup, else perform incremental backup to the newest full.
full: perform always only full backup. Default is incremental.
How many full backups to keep.
Indicates whether cron job will launch backup jobs. When set to true suspend
flag in cron job will be switched to false.
default: false
Number of seconds that defines a period between 2 full backups.
During this period incremental backups will be performed. The parameter
is taken into account only if backuptype is set to 'incremental', otherwise
it is ignored. For example with fullbackup_cycle set to 604800 seconds full
backup will be taken every week and if cron is set to 0 0 * * *, incremental backup
will be performed on daily basis.
Path to the nfs share on the server.
Ip address or domain name of nfs server
Unix style cron expression indicates how often to run backup
cron job. Default is '0 1 * * *' - every day at 01:00.
Whether to enable syncing backups to/from remote.
Dictionary with remotes configuration in format:
path: "
conf:
Currently configuration of only 1 remote is allowed.
Additional Properties of any type are allowed.
Type: objectNumber of days that alarm histories are kept in the database for (<= 0 means forever)
Enable periodic cleanup of expired alarm history data for Aodh
default: true
Cron schedule for periodic cleanup
default: "1 6 * * 1"
Number of days to keep deleted entries. When set to 0 all entries from shadow tables
are deleted.
default: 30
Enable periodic cleanup of database for Barbican.
default: true
Cron schedule for periodic cleanup.
default: "1 4 * * 1"
Number of days to keep deleted entries. When set to 0 all entries from shadow tables
are deleted.
default: 30
Enable periodic cleanup of database for Cinder.
default: true
Cron schedule for periodic cleanup.
default: "1 0 * * 1"
Number of days to keep deleted entries. When set to 0 all entries from shadow tables
are deleted.
default: 30
The batch size for each iteration.
Note that setting it to non-default value will
quite probably fail the DB cleanup.
default: -1
Enable periodic cleanup of database for Glance.
default: true
Cron schedule for periodic cleanup.
default: "1 2 * * 1"
Number of days to keep deleted entries. When set to 0 all entries from shadow tables
are deleted.
default: 30
Number of stacks to delete at a time (per transaction).
default: 10
Enable periodic cleanup of database for Heat.
default: true
Cron schedule for periodic cleanup.
default: "1 5 * * 1"
Number of days to keep deleted entries. When set to 0 all entries from shadow tables
are deleted.
default: 30
Enable periodic cleanup of database for Manila.
default: true
Cron schedule for periodic cleanup.
default: "1 7 * * 1"
Number of days to keep deleted entries. When set to 0 all entries from shadow tables
are deleted.
default: 30
The batch size for each iteration.
default: 1000
Enable periodic cleanup of database for Masakari.
default: true
Cron schedule for periodic cleanup.
default: "1 3 * * 1"
Number of days to keep deleted entries. When set to 0 all entries from shadow tables
are deleted.
default: 30
The batch size for each iteration.
default: 1000
Enable periodic cleanup of database for Nova.
default: true
Cron schedule for periodic cleanup.
default: "1 1 * * 1"
Optional field to define IP address for LoadBalancer service.
Protocol for Designate backend in Kubernetes Service. Could be udp|tcp|tcp+udp.
default: udp
Type of the backend for Designate. For example: powerdns.
default: powerdns
Set of backeds are going to be used by glance as multi backends.
No Additional PropertiesSection to configure cinder backends.
Additional Properties of any type are allowed.
Type: objectSection to configure rbd (Ceph) backends
Additional Properties of any type are allowed.
Type: objectEnable certificate validation when verifying signatures.
default: false
Enforce signature validation for images on upload. Upload of images without signature
metadata is rejected. When image signature is not valid compute service will not allow
to start instance and block storage service will not allow to create volumes.
The default theme name.
default: "default"
Theme description showed to user
Custom theme name
The sha256 checksumm of arhive with theme
Link to archive with theme
base URL for ironic agent images
default: "https://binary.mirantis.com/openstack/bin/ironic/tinyipa"
name of baremetal provisioning/cleaning network
default: true
the MTU for cleaning network
name of baremetal network
default: "baremetal"
type of provisioning/cleaning baremetal network
default: "vlan"
name of physical network to associate
default: "ironic"
the vlan number of cleaning network in case of VLAN segmentation is used
the gateway for baremetal network
baremetal subnet name
the end range of allocation pool for baremetal network
the start range of allocation pool for baremetal network
the cidr of baremetal network
name of physical interface to bind PXE services
default: "ironic-pxe"
ks_domains instead.
Domain specific configuration options.
Additional Properties of any type are allowed.
Type: objectEnable domain specific keystone configuration
Domain name
Enable domain specific keystone configuration
Domain specific configuration
Additional Properties of any type are allowed.
Type: objectTrigger to enable keycloak integration
default: false
The delimiter to use when setting multi-valued claims (openid-connect or oauth20) in the HTTP
headers/environment variables.
Client identifier used in calls to the statically configured OpenID Connect Provider
default: "os"
Require a valid SSL server certificate when communicating with the Authorization Server
Override for URL where OpenID Connect Provider metadata can be found
The redirect_uri for this OpenID Connect client
Define one or more regular expressions that specify URLs (or domains) allowed for post logout and
other redirects such as the "return_to" value on refresh token requests
Require a valid SSL server certificate when communicating with the OP
Used to request specific scopes
default: "openid email profile"
Interval in seconds after which the session will be invalidated when no interaction has occurred.
default: 1800
Url for keycloak
Domain ID for admin of OpenStack deployment
default: "default"
Project domain name for admin of OpenStack deployment
default: "default"
Project name for admin of OpenStack deployment
default: "admin"
Domain name for admin of OpenStack deployment
default: "default"
Service logging level
default: "INFO"
Service logging level
default: "INFO"
List of drivers to handle sending audit notifications
default: messagingv2
Enable CADF audit notifications
default: false
Service logging level
default: "INFO"
Service logging level
default: "INFO"
Service logging level
default: "INFO"
Service logging level
default: "INFO"
Service logging level
default: "INFO"
Service logging level
default: "INFO"
Service logging level
default: "INFO"
Service logging level
default: "INFO"
Service logging level
default: "INFO"
Service logging level
default: "INFO"
Service logging level
default: "INFO"
Service logging level
default: "INFO"
Service logging level
default: "INFO"
Service logging level
default: "INFO"
Service logging level
default: "INFO"
Array of components need to be set up with dedicated rabbitmq server for migration
enable RabbitMQ external endpoints
default: false
List of RabbitMQ external topics
Trigger network policy enforcement for OpenStack related pods.
Only ingress policies are applied. Default is False.
Neutron backend
default: "ml2"
Netmiko device type
IP address of switch
Switch name
Credential password
The name of secret key to get data from.
The name of secret to get data from.
RAW config for device.
Additional Properties of any type are allowed.
Type: objectEnable secret
The name of secret key to get data from.
The name of secret to get data from.
SSH private key for switch.
The name of secret key to get data from.
The name of secret to get data from.
Credential username
The name of secret key to get data from.
The name of secret to get data from.
Additional Properties of any type are allowed.
Type: objectAutonomous System number
IP address or interface used for BGP peerings
IP address or interface used to send VPN traffic
[Technology Preview] Enable BGPVPN plugin/service
default: false
UDP port toward which send VXLAN traffic
IP addresses of BGP peers, when not specified will be picked from secret
The object describes RouteReflector settings
No Additional PropertiesEnable BGPVPN route reflector on controller nodes
BGP sessions allowed from neighbors in this subnet
The list with the IP addresses of DNS servers reachable from Virtual Networks
Enable distributed routers
default: false
[Technology Preview] Enable BGP Dynamic Routing plugin/service
default: false
[Technology Preview] Enable VPNaaS plugin/service
default: false
OVS bridge name to map with physnet.
Physical interface mapped with physnet
Network types allowed on particular physnet
Neutron physnet name
default: "physnet1"
Range of vlans allowed on physnet
enable floating network creation
default: false