Type: object
No Additional Properties

Type: object
No Additional Properties

Type: string

"base URL for repo with helm charts & other binaries"
default: "https://binary.mirantis.com"

Type: string

"base URL for docker images"
default: "mirantis.azurecr.io"

Type: object
No Additional Properties

Type: object

settings passed to every helm chart

Type: object

Type: object

Type: array of object

list of helm chart repositories

Each item of this array must be:

Type: object

Type: string

symbolic name to reference this repo

Type: string

helm charts repo url

Type: object

JSON of values passed to all charts

Additional Properties of any type are allowed.

Type: object

Type: object
No Additional Properties

Type: object
No Additional Properties

Type: string

version of charts to install for infra components

Type: string

Type: object

JSON of values passed to all infra charts

Additional Properties of any type are allowed.

Type: object

Type: object
No Additional Properties

Type: object
No Additional Properties

Type: string

version of charts to install for openstack components

Type: string

Type: object

JSON of values passed to all openstack charts

Additional Properties of any type are allowed.

Type: object

Type: boolean

trigger to process osdpl resource
default: false

Type: object
No Additional Properties

Type: object
No Additional Properties

Type: object
No Additional Properties

Type: object
No Additional Properties


Specifies the app role ID

Type: object
No Additional Properties

Type: object
No Additional Properties

Type: object

Type: string

The name of secret key to get data from.

Type: string

The name of secret to get data from.


Specifies the secret ID created for the app role

Type: object
No Additional Properties

Type: object
No Additional Properties

Type: object

Type: string

The name of secret key to get data from.

Type: string

The name of secret to get data from.

Type: boolean

Indicates if simple_crypto backend is enabled
default: false

Type: string

Mountpoint of KV store in Vault to use.

Type: string

Vault Namespace to use for all requests to Vault.
This is available only in Vault Enterprise and
is supported only since OpenStack Victoria release.


The path to CA cert file

Type: object
No Additional Properties

Type: object
No Additional Properties

Type: object

Type: string

The name of secret key to get data from.

Type: string

The name of secret to get data from.

Type: boolean

Specifies whether to use SSL

Type: string

URL of the Vault server

Type: object
No Additional Properties

Type: object
No Additional Properties

Type: object

Backends to perform backup to. Could be: ceph, s3. Default is ceph.

No Additional Properties

All property whose name matches the following regular expression must respect the following conditions

Property name regular expression: .*

Backup backend name.

No Additional Properties

Type: object

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

Type: const
Specific value: "s3"
Type: object

The following properties are required:

  • endpoint_url
  • store_bucket
  • store_access_key
  • store_secret_key
Type: object

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

Type: const
Specific value: "nfs"
Type: object

The following properties are required:

  • backup_share

Type: string

NFS share in hostname:path, ipv4addr:path, or [ipv6addr]:path format.

Type: boolean

Type: string

The url where the S3 server is listening

Type: object

The S3 query token access key.

No Additional Properties

Type: object
No Additional Properties

Type: object

Type: string

The name of secret key to get data from.

Type: string

The name of secret to get data from.

Type: string

The S3 bucket to be used to store the Cinder backup data

Type: object

The S3 query token secret key.

No Additional Properties

Type: object
No Additional Properties

Type: object

Type: string

The name of secret key to get data from.

Type: string

The name of secret to get data from.

Type: enum (of string)

Must be one of:

  • "s3"
  • "nfs"

Type: boolean

Enable cinder backup service. Disable for cephless deployment.
default: true

Type: object
No Additional Properties

Type: boolean

Flag to enable main cinder volume running as statefulset.
When enabled openstack-controller will wait for ceph deployment
provided by MOSK Ceph controller. Disable for cephless deployment.
default true

Type: object
No Additional Properties

Type: object

Defines parameters of openstack resources discovery and targets generation for cloudprober.

No Additional Properties

Type: number

Default interval in seconds between runs of openstack resources discovery. default: 600.

Type: object
No Additional Properties

Type: object
No Additional Properties

Type: enum (of string)

Backend to perform backup to. Could be: pvc, pv_nfs, hostpath. Default is pvc.

Must be one of:

  • "pvc"
  • "pv_nfs"
  • "hostpath"

Type: string

Type of backup. Possible values: incremental or full.
incremental: If newest full backup is older then fullbackupcycle seconds,
perform full backup, else perform incremental backup to the newest full.
full: perform always only full backup. Default is incremental.

Type: integer

How many full backups to keep.

Type: boolean

Indicates whether cron job will launch backup jobs. When set to true suspend
flag in cron job will be switched to false.
default: false

Type: integer

Number of seconds that defines a period between 2 full backups.
During this period incremental backups will be performed. The parameter
is taken into account only if backuptype is set to 'incremental', otherwise
it is ignored. For example with full
backup_cycle set to 604800 seconds full
backup will be taken every week and if cron is set to 0 0 * * *, incremental backup
will be performed on daily basis.

Type: object
No Additional Properties

Type: string

Path to the nfs share on the server.

Type: string

Ip address or domain name of nfs server

Type: string

Unix style cron expression indicates how often to run backup
cron job. Default is '0 1 * * *' - every day at 01:00.

Type: object
No Additional Properties

Type: boolean

Whether to enable syncing backups to/from remote.

Type: object

Dictionary with remotes configuration in format:
:
path: ""
conf:
Currently configuration of only 1 remote is allowed.

Additional Properties of any type are allowed.

Type: object

Type: object
No Additional Properties

Type: object
No Additional Properties

Type: integer

Number of days that alarm histories are kept in the database for (<= 0 means forever)

Type: boolean

Enable periodic cleanup of expired alarm history data for Aodh
default: true

Type: string

Cron schedule for periodic cleanup
default: "1 6 * * 1"

Type: object
No Additional Properties

Type: integer

Number of days to keep deleted entries. When set to 0 all entries from shadow tables
are deleted.
default: 30

Type: boolean

Enable periodic cleanup of database for Barbican.
default: true

Type: string

Cron schedule for periodic cleanup.
default: "1 4 * * 1"

Type: object
No Additional Properties

Type: integer

Number of days to keep deleted entries. When set to 0 all entries from shadow tables
are deleted.
default: 30

Type: boolean

Enable periodic cleanup of database for Cinder.
default: true

Type: string

Cron schedule for periodic cleanup.
default: "1 0 * * 1"

Type: object
No Additional Properties

Type: integer

Number of days to keep deleted entries. When set to 0 all entries from shadow tables
are deleted.
default: 30

Type: integer

The batch size for each iteration.
Note that setting it to non-default value will
quite probably fail the DB cleanup.
default: -1

Type: boolean

Enable periodic cleanup of database for Glance.
default: true

Type: string

Cron schedule for periodic cleanup.
default: "1 2 * * 1"

Type: object
No Additional Properties

Type: integer

Number of days to keep deleted entries. When set to 0 all entries from shadow tables
are deleted.
default: 30

Type: integer

Number of stacks to delete at a time (per transaction).
default: 10

Type: boolean

Enable periodic cleanup of database for Heat.
default: true

Type: string

Cron schedule for periodic cleanup.
default: "1 5 * * 1"

Type: object
No Additional Properties

Type: integer

Number of days to keep deleted entries. When set to 0 all entries from shadow tables
are deleted.
default: 30

Type: boolean

Enable periodic cleanup of database for Manila.
default: true

Type: string

Cron schedule for periodic cleanup.
default: "1 7 * * 1"

Type: object
No Additional Properties

Type: integer

Number of days to keep deleted entries. When set to 0 all entries from shadow tables
are deleted.
default: 30

Type: integer

The batch size for each iteration.
default: 1000

Type: boolean

Enable periodic cleanup of database for Masakari.
default: true

Type: string

Cron schedule for periodic cleanup.
default: "1 3 * * 1"

Type: object
No Additional Properties

Type: integer

Number of days to keep deleted entries. When set to 0 all entries from shadow tables
are deleted.
default: 30

Type: integer

The batch size for each iteration.
default: 1000

Type: boolean

Enable periodic cleanup of database for Nova.
default: true

Type: string

Cron schedule for periodic cleanup.
default: "1 1 * * 1"

Type: object
No Additional Properties

Type: object
No Additional Properties

Type: string

Optional field to define IP address for LoadBalancer service.

Type: enum (of string)

Protocol for Designate backend in Kubernetes Service. Could be udp|tcp|tcp+udp.
default: udp

Must be one of:

  • "udp"
  • "tcp"
  • "tcp+udp"

Type: string

Type of the backend for Designate. For example: powerdns.
default: powerdns

Type: object
No Additional Properties

Type: object

Set of backeds are going to be used by glance as multi backends.

No Additional Properties

Type: object

Section to configure cinder backends.

Additional Properties of any type are allowed.

Type: object

Type: object

Section to configure rbd (Ceph) backends

Additional Properties of any type are allowed.

Type: object

Type: object
No Additional Properties

Type: boolean

Enable certificate validation when verifying signatures.
default: false

Type: boolean

Enforce signature validation for images on upload. Upload of images without signature
metadata is rejected. When image signature is not valid compute service will not allow
to start instance and block storage service will not allow to create volumes.

Type: object
No Additional Properties

Type: string

The default theme name.
default: "default"

Type: array of object

Each item of this array must be:

Type: object
No Additional Properties

Type: string

Theme description showed to user

Type: string

Custom theme name

Type: string

The sha256 checksumm of arhive with theme

Type: string

Link to archive with theme

Type: object
No Additional Properties

Type: object
No Additional Properties

Type: string

base URL for ironic agent images
default: "https://binary.mirantis.com/openstack/bin/ironic/tinyipa"

Type: string

Type: string

name of baremetal provisioning/cleaning network

Type: object
No Additional Properties

Type: object
No Additional Properties

Type: boolean

default: true

Type: integer

the MTU for cleaning network

Type: string

name of baremetal network
default: "baremetal"

Type: enum (of string)

type of provisioning/cleaning baremetal network
default: "vlan"

Must be one of:

  • "flat"
  • "vlan"

Type: string

name of physical network to associate
default: "ironic"

Type: integer

the vlan number of cleaning network in case of VLAN segmentation is used

Type: boolean

default: true

Type: array of object

Each item of this array must be:

Type: object
No Additional Properties

Type: string

the gateway for baremetal network

Type: string

baremetal subnet name

Type: string

the end range of allocation pool for baremetal network

Type: string

the start range of allocation pool for baremetal network

Type: string

the cidr of baremetal network

Type: string

name of physical interface to bind PXE services
default: "ironic-pxe"

Type: object
No Additional Properties

Type: object
No Additional Properties

Type: array of object

ks_domains instead.

Each item of this array must be:

Type: object
No Additional Properties

Type: object

Domain specific configuration options.

Additional Properties of any type are allowed.

Type: object

Type: boolean

Enable domain specific keystone configuration

Type: boolean

Enable domain specific keystone configuration

Type: object

Domain specific configuration

Additional Properties of any type are allowed.

Type: object

Type: object
No Additional Properties

Type: boolean

Trigger to enable keycloak integration
default: false

Type: object
No Additional Properties

Type: string

The delimiter to use when setting multi-valued claims (openid-connect or oauth20) in the HTTP
headers/environment variables.

Type: string

Client identifier used in calls to the statically configured OpenID Connect Provider
default: "os"

Type: boolean

Require a valid SSL server certificate when communicating with the Authorization Server

Type: string

Override for URL where OpenID Connect Provider metadata can be found

Type: array of string

The redirect_uri for this OpenID Connect client

Each item of this array must be:

Type: string

Define one or more regular expressions that specify URLs (or domains) allowed for post logout and
other redirects such as the "return_to" value on refresh token requests

Type: boolean

Require a valid SSL server certificate when communicating with the OP

Type: string

Used to request specific scopes
default: "openid email profile"

Type: integer

Interval in seconds after which the session will be invalidated when no interaction has occurred.
default: 1800

Type: string

Url for keycloak

Type: object
No Additional Properties

Type: object
No Additional Properties

Type: string

Domain ID for admin of OpenStack deployment
default: "default"

Type: string

Project domain name for admin of OpenStack deployment
default: "default"

Type: string

Project name for admin of OpenStack deployment
default: "admin"

Type: string

Domain name for admin of OpenStack deployment
default: "default"

Type: object
No Additional Properties

Type: object
No Additional Properties

Type: enum (of string)

Service logging level
default: "INFO"

Must be one of:

  • "DEBUG"
  • "INFO"
  • "WARNING"
  • "ERROR"
  • "CRITICAL"

Type: object
No Additional Properties

Type: enum (of string)

Service logging level
default: "INFO"

Must be one of:

  • "DEBUG"
  • "INFO"
  • "WARNING"
  • "ERROR"
  • "CRITICAL"

Type: object
No Additional Properties

Type: enum (of string)

List of drivers to handle sending audit notifications
default: messagingv2

Must be one of:

  • "messagingv2"
  • "log"

Type: boolean

Enable CADF audit notifications
default: false

Type: object
No Additional Properties

Type: enum (of string)

Service logging level
default: "INFO"

Must be one of:

  • "DEBUG"
  • "INFO"
  • "WARNING"
  • "ERROR"
  • "CRITICAL"

Type: object
No Additional Properties

Type: enum (of string)

Service logging level
default: "INFO"

Must be one of:

  • "DEBUG"
  • "INFO"
  • "WARNING"
  • "ERROR"
  • "CRITICAL"

Type: object
No Additional Properties

Type: enum (of string)

Service logging level
default: "INFO"

Must be one of:

  • "DEBUG"
  • "INFO"
  • "WARNING"
  • "ERROR"
  • "CRITICAL"

Type: object
No Additional Properties

Type: enum (of string)

Service logging level
default: "INFO"

Must be one of:

  • "DEBUG"
  • "INFO"
  • "WARNING"
  • "ERROR"
  • "CRITICAL"

Type: object
No Additional Properties

Type: enum (of string)

Service logging level
default: "INFO"

Must be one of:

  • "DEBUG"
  • "INFO"
  • "WARNING"
  • "ERROR"
  • "CRITICAL"

Type: object
No Additional Properties

Type: enum (of string)

Service logging level
default: "INFO"

Must be one of:

  • "DEBUG"
  • "INFO"
  • "WARNING"
  • "ERROR"
  • "CRITICAL"

Type: object
No Additional Properties

Type: enum (of string)

Service logging level
default: "INFO"

Must be one of:

  • "DEBUG"
  • "INFO"
  • "WARNING"
  • "ERROR"
  • "CRITICAL"

Type: object
No Additional Properties

Type: enum (of string)

Service logging level
default: "INFO"

Must be one of:

  • "DEBUG"
  • "INFO"
  • "WARNING"
  • "ERROR"
  • "CRITICAL"

Type: object
No Additional Properties

Type: enum (of string)

Service logging level
default: "INFO"

Must be one of:

  • "DEBUG"
  • "INFO"
  • "WARNING"
  • "ERROR"
  • "CRITICAL"

Type: object
No Additional Properties

Type: enum (of string)

Service logging level
default: "INFO"

Must be one of:

  • "DEBUG"
  • "INFO"
  • "WARNING"
  • "ERROR"
  • "CRITICAL"

Type: object
No Additional Properties

Type: enum (of string)

Service logging level
default: "INFO"

Must be one of:

  • "DEBUG"
  • "INFO"
  • "WARNING"
  • "ERROR"
  • "CRITICAL"

Type: object
No Additional Properties

Type: enum (of string)

Service logging level
default: "INFO"

Must be one of:

  • "DEBUG"
  • "INFO"
  • "WARNING"
  • "ERROR"
  • "CRITICAL"

Type: object
No Additional Properties

Type: enum (of string)

Service logging level
default: "INFO"

Must be one of:

  • "DEBUG"
  • "INFO"
  • "WARNING"
  • "ERROR"
  • "CRITICAL"

Type: object
No Additional Properties

Type: enum (of string)

Service logging level
default: "INFO"

Must be one of:

  • "DEBUG"
  • "INFO"
  • "WARNING"
  • "ERROR"
  • "CRITICAL"

Type: object
No Additional Properties

Type: enum (of string)

Service logging level
default: "INFO"

Must be one of:

  • "DEBUG"
  • "INFO"
  • "WARNING"
  • "ERROR"
  • "CRITICAL"

Type: object
No Additional Properties

Type: array of enum (of string)

Array of components need to be set up with dedicated rabbitmq server for migration

Each item of this array must be:

Type: enum (of string)

Must be one of:

  • "compute"
  • "networking"

Type: object
No Additional Properties

Type: object
No Additional Properties

Type: boolean

enable RabbitMQ external endpoints
default: false

Type: array of string

List of RabbitMQ external topics

Each item of this array must be:

Type: object
No Additional Properties

Type: boolean

Trigger network policy enforcement for OpenStack related pods.
Only ingress policies are applied. Default is False.

Type: object
No Additional Properties

Type: enum (of string)

Neutron backend
default: "ml2"

Must be one of:

  • "ml2"
  • "tungstenfabric"
  • "ml2/ovn"

Type: object
No Additional Properties

Type: object
No Additional Properties

Type: array of object

Each item of this array must be:

Type: object
No Additional Properties

Type: string

Netmiko device type

Type: string

IP address of switch

Type: string

Switch name

Type: object

RAW config for device.

Additional Properties of any type are allowed.

Type: object


Enable secret

Type: object
No Additional Properties

Type: object
No Additional Properties

Type: object

Additional Properties of any type are allowed.

Type: object

Type: object
No Additional Properties

Type: integer

Autonomous System number

Type: string

IP address or interface used for BGP peerings

Type: string

IP address or interface used to send VPN traffic

Type: boolean

[Technology Preview] Enable BGPVPN plugin/service
default: false

Type: integer

UDP port toward which send VXLAN traffic

Type: array of string

IP addresses of BGP peers, when not specified will be picked from secret

Each item of this array must be:

Type: object

The object describes RouteReflector settings

No Additional Properties

Type: boolean

Enable BGPVPN route reflector on controller nodes

Type: array of string

BGP sessions allowed from neighbors in this subnet

Each item of this array must be:

Type: array of string

The list with the IP addresses of DNS servers reachable from Virtual Networks

Each item of this array must be:

Type: object
No Additional Properties

Type: boolean

Enable distributed routers
default: false

Type: object
No Additional Properties

Type: object
No Additional Properties

Type: boolean

[Technology Preview] Enable BGP Dynamic Routing plugin/service
default: false

Type: object
No Additional Properties

Type: boolean

[Technology Preview] Enable VPNaaS plugin/service
default: false

Type: array of object

Each item of this array must be:

Type: object
No Additional Properties

Type: string

OVS bridge name to map with physnet.

Type: string

Physical interface mapped with physnet

Type: array of enum (of string)

Network types allowed on particular physnet

Each item of this array must be:

Type: enum (of string)

Must be one of:

  • "flat"
  • "vlan"
  • "vxlan"
  • "gre"
  • "local"

Type: string

Neutron physnet name
default: "physnet1"

Type: string or null

Range of vlans allowed on physnet

Type: object
No Additional Properties

Type: boolean

enable floating network creation
default: false