COMPUTED VALUES: bootstrap: enabled: true ks_user: admin script: | openstack role create --or-show load-balancer_admin openstack role create --or-show load-balancer_observer openstack role create --or-show load-balancer_global_observer openstack role create --or-show load-balancer_quota_admin openstack role create --or-show load-balancer_member conf: logging: formatter_context: class: oslo_log.formatters.ContextFormatter formatter_default: format: '%(message)s' formatters: keys: - context - default handler_null: args: () class: logging.NullHandler formatter: default handler_stderr: args: (sys.stderr,) class: StreamHandler formatter: context handler_stdout: args: (sys.stdout,) class: StreamHandler formatter: context handlers: keys: - stdout - stderr - "null" logger_amqp: handlers: stderr level: WARNING qualname: amqp logger_amqplib: handlers: stderr level: WARNING qualname: amqplib logger_boto: handlers: stderr level: WARNING qualname: boto logger_eventletwsgi: handlers: stderr level: WARNING qualname: eventlet.wsgi.server logger_octavia: handlers: - stdout level: WARNING qualname: octavia logger_root: handlers: "null" level: WARNING logger_sqlalchemy: handlers: stderr level: WARNING qualname: sqlalchemy loggers: keys: - root - octavia octavia: DEFAULT: {} api_settings: api_handler: queue_producer bind_host: 0.0.0.0 certificates: ca_certificate: /etc/octavia/certs/server/ca.crt ca_private_key: /etc/octavia/certs/server/tls.key endpoint_type: internalURL cinder: endpoint_type: internalURL controller_worker: amp_active_retries: 100 amp_active_wait_sec: 2 amp_boot_network_list: 6112cc13-46bd-46f6-b16d-816e616ea419 amp_flavor_id: e75ef55f-27a5-4dc4-890e-d32e12a82733 amp_image_owner_id: 5a7e38d67d884304b62bd9b7165bc321 amp_image_tag: amphora amp_secgroup_list: d5688edb-fd33-4b49-9fe2-b446d8cb876e amp_ssh_key_name: octavia-amphora-ssh-key amphora_driver: amphora_haproxy_rest_driver client_ca: /etc/octavia/certs/client/ca.crt compute_driver: compute_nova_driver loadbalancer_topology: SINGLE network_driver: allowed_address_pairs_driver volume_driver: volume_cinder_driver workers: 2 database: connection_recycle_time: 600 max_overflow: 50 max_pool_size: 5 max_retries: -1 pool_timeout: 30 glance: endpoint_type: internalURL haproxy_amphora: base_cert_dir: /var/lib/octavia/certs base_path: /var/lib/octavia client_cert: /etc/octavia/certs/client/tls-combined.pem server_ca: /etc/octavia/certs/server/ca.crt health_manager: bind_ip: 0.0.0.0 bind_port: 5555 controller_ip_port_list: 172.24.2.46:5555 heartbeat_key: wAaSPvw6y63f8OshVqWPRcgx1FUG093x house_keeping: amphora_expiry_age: 3600 load_balancer_expiry_age: 3600 keystone_authtoken: auth_type: password auth_uri: http://keystone-api.openstack.svc.cluster.local:5000/ auth_url: http://keystone-api.openstack.svc.cluster.local:5000/ auth_version: v3 memcache_secret_key: Jj9HAZQACDViKb7OnC6hacoo5WWUg6aX memcache_security_strategy: ENCRYPT memcached_servers: memcached.openstack.svc.cluster.local:11211 password: d2bv5NRQnmZCHZv38Q8cU9mS3COArLc7 project_domain_name: service project_name: service region_name: RegionOne service_type: load-balancer user_domain_name: service username: octavia-RegionOne neutron: endpoint_type: internalURL valid_interfaces: internal nova: endpoint_type: internalURL oslo_messaging: rpc_thread_pool_size: 2 topic: octavia_prov oslo_messaging_notifications: driver: noop service_auth: auth_type: password auth_version: v3 cafile: "" endpoint_type: internalURL memcache_security_strategy: ENCRYPT octavia_api_uwsgi: uwsgi: add-header: 'Connection: close' buffer-size: 65535 chunked-input-limit: "4096000" die-on-term: true enable-threads: true exit-on-reload: false hook-master-start: unix_signal:15 gracefully_kill_them_all http-auto-chunked: true http-raw-body: true lazy-apps: true log-x-forwarded-for: true master: true need-app: true processes: 2 procname-prefix-spaced: 'octavia-api:' route-user-agent: '^kube-probe.* donotlog:' socket-timeout: 10 thunder-lock: true worker-reload-mercy: 80 wsgi-file: /var/lib/openstack/bin/octavia-wsgi rabbitmq: policies: - apply-to: all definition: ha-mode: all ha-sync-mode: automatic message-ttl: 70000 name: ha_ttl_octavia pattern: (notifications)\. priority: 0 vhost: octavia dependencies: dynamic: common: local_image_registry: jobs: - heat-image-repo-sync services: - endpoint: node service: local_image_registry static: api: jobs: - octavia-db-sync - octavia-ks-user - octavia-ks-endpoints - octavia-rabbit-init services: - endpoint: internal service: oslo_db - endpoint: internal service: identity - endpoint: internal service: oslo_messaging - endpoint: internal service: oslo_cache - endpoint: internal service: network db_init: services: - endpoint: internal service: oslo_db db_sync: jobs: - octavia-db-init services: - endpoint: internal service: oslo_db health_manager: jobs: - octavia-db-sync - octavia-ks-user - octavia-ks-endpoints - octavia-rabbit-init services: - endpoint: internal service: oslo_db - endpoint: internal service: identity - endpoint: internal service: oslo_messaging - endpoint: internal service: oslo_cache - endpoint: internal service: network - endpoint: internal service: load_balancer housekeeping: jobs: - octavia-db-sync - octavia-ks-user - octavia-ks-endpoints - octavia-rabbit-init services: - endpoint: internal service: oslo_db - endpoint: internal service: identity - endpoint: internal service: oslo_messaging - endpoint: internal service: oslo_cache - endpoint: internal service: network - endpoint: internal service: load_balancer image_repo_sync: services: - endpoint: internal service: local_image_registry ks_endpoints: jobs: - octavia-ks-service services: - endpoint: internal service: identity ks_service: services: - endpoint: internal service: identity ks_user: services: - endpoint: internal service: identity rabbit_init: services: - endpoint: internal service: oslo_messaging worker: jobs: - octavia-db-sync - octavia-ks-user - octavia-ks-endpoints - octavia-rabbit-init services: - endpoint: internal service: oslo_db - endpoint: internal service: identity - endpoint: internal service: oslo_messaging - endpoint: internal service: oslo_cache - endpoint: internal service: network - endpoint: internal service: load_balancer endpoints: cluster_domain_suffix: cluster.local identity: auth: admin: password: hZ7sYkiTK3dvapU462VHhj7Zlw4PBmC1 project_domain_name: default project_name: admin region_name: RegionOne user_domain_name: default username: admin-RegionOne neutron: password: AnkIRiITQQSIJsT8MQLhaMRneCtdsMm3 region_name: RegionOne username: neutron-RegionOne octavia: password: d2bv5NRQnmZCHZv38Q8cU9mS3COArLc7 project_domain_name: service project_name: service region_name: RegionOne role: admin user_domain_name: service username: octavia-RegionOne test: password: password project_domain_name: service project_name: test region_name: RegionOne role: admin user_domain_name: service username: test host_fqdn_override: default: null public: host: identity.199-204-45-19.nip.io hosts: default: keystone-api internal: keystone-api name: keystone path: default: / port: api: default: 5000 internal: 5000 public: 443 scheme: default: http public: https load_balancer: host_fqdn_override: default: null public: host: load-balancer.199-204-45-19.nip.io hosts: default: octavia-api public: octavia name: octavia path: default: null port: api: default: 9876 public: 443 scheme: default: http public: https local_image_registry: host_fqdn_override: default: null hosts: default: localhost internal: docker-registry node: localhost name: docker-registry namespace: docker-registry port: registry: node: 5000 network: host_fqdn_override: default: null public: host: network.199-204-45-19.nip.io hosts: default: neutron-server public: neutron name: neutron path: default: null port: api: default: 9696 public: 443 scheme: default: http public: https oci_image_registry: auth: enabled: false octavia: password: password username: octavia host_fqdn_override: default: null hosts: default: localhost name: oci-image-registry namespace: oci-image-registry port: registry: default: null oslo_cache: auth: memcache_secret_key: Jj9HAZQACDViKb7OnC6hacoo5WWUg6aX host_fqdn_override: default: null hosts: default: memcached port: memcache: default: 11211 oslo_db: auth: admin: password: MNkZ3D8N8SkjuO9yOCaqW0htWE1oKSc4 username: root keystone: password: 6CfM2zjPACtiPExAPlrc9OcjqQ1t4srr neutron: password: h2A7TGcCWFCOoqAotRI8FIU3sNxDZKsY octavia: password: 5H8EcP1Ev6qOr8CtJlOFsg3DV1LsrALR username: octavia host_fqdn_override: default: null hosts: default: percona-xtradb-haproxy path: /octavia port: mysql: default: 3306 scheme: mysql+pymysql oslo_messaging: auth: admin: password: tW7If4b5I14LtOU12RbUM_Rw3y8zKtB7 username: default_user_7NWEx4rkyUPlYviWEqN keystone: password: xQ9wzUxE34Ug3xkb6Sc613l9eklfgFu8 neutron: password: 6LEF2vOquTQjRVFoRnC68cYvMqJFsKMF octavia: password: MnhFHAZQ00PprAZknUeEDwcVY2myJHWW username: octavia user: password: tW7If4b5I14LtOU12RbUM_Rw3y8zKtB7 username: default_user_7NWEx4rkyUPlYviWEqN host_fqdn_override: default: null hosts: default: rabbitmq-octavia path: /octavia port: amqp: default: 5672 http: default: 15672 scheme: rabbit helm-toolkit: global: {} helm3_hook: true images: local_registry: active: false exclude: - dep_check - image_repo_sync pull_policy: IfNotPresent tags: bootstrap: harbor.atmosphere.dev/ghcr.io/vexxhost/heat:2023.1@sha256:2f81e02e1e89487f7986fbcfb28857024421d3fd7d9d3ce82465534740046bad db_drop: harbor.atmosphere.dev/ghcr.io/vexxhost/heat:2023.1@sha256:2f81e02e1e89487f7986fbcfb28857024421d3fd7d9d3ce82465534740046bad db_init: harbor.atmosphere.dev/ghcr.io/vexxhost/heat:2023.1@sha256:2f81e02e1e89487f7986fbcfb28857024421d3fd7d9d3ce82465534740046bad dep_check: harbor.atmosphere.dev/ghcr.io/vexxhost/kubernetes-entrypoint:edge@sha256:8921b64b87af184a1421dd856b2703bcf3cff9f50863cd0d18371cf964a87bd3 image_repo_sync: docker.io/docker:17.07.0 ks_endpoints: harbor.atmosphere.dev/ghcr.io/vexxhost/heat:2023.1@sha256:2f81e02e1e89487f7986fbcfb28857024421d3fd7d9d3ce82465534740046bad ks_service: harbor.atmosphere.dev/ghcr.io/vexxhost/heat:2023.1@sha256:2f81e02e1e89487f7986fbcfb28857024421d3fd7d9d3ce82465534740046bad ks_user: harbor.atmosphere.dev/ghcr.io/vexxhost/heat:2023.1@sha256:2f81e02e1e89487f7986fbcfb28857024421d3fd7d9d3ce82465534740046bad octavia_api: harbor.atmosphere.dev/ghcr.io/vexxhost/octavia:2023.1@sha256:88514b15a7e04b5f340e5c974cac7af5b2ac115e941ada4c4dee6ddd0a88144b octavia_db_sync: harbor.atmosphere.dev/ghcr.io/vexxhost/octavia:2023.1@sha256:88514b15a7e04b5f340e5c974cac7af5b2ac115e941ada4c4dee6ddd0a88144b octavia_health_manager: harbor.atmosphere.dev/ghcr.io/vexxhost/octavia:2023.1@sha256:88514b15a7e04b5f340e5c974cac7af5b2ac115e941ada4c4dee6ddd0a88144b octavia_health_manager_init: harbor.atmosphere.dev/ghcr.io/vexxhost/heat:2023.1@sha256:2f81e02e1e89487f7986fbcfb28857024421d3fd7d9d3ce82465534740046bad octavia_housekeeping: harbor.atmosphere.dev/ghcr.io/vexxhost/octavia:2023.1@sha256:88514b15a7e04b5f340e5c974cac7af5b2ac115e941ada4c4dee6ddd0a88144b octavia_worker: harbor.atmosphere.dev/ghcr.io/vexxhost/octavia:2023.1@sha256:88514b15a7e04b5f340e5c974cac7af5b2ac115e941ada4c4dee6ddd0a88144b openvswitch_vswitchd: harbor.atmosphere.dev/ghcr.io/vexxhost/openvswitch:v3.3.6-6@sha256:2e8624539c36b50fd317d05f9b167107ccc33120fa34d241b6f835509b139c3b rabbit_init: harbor.atmosphere.dev/docker.io/library/rabbitmq:3.11.28-management test: docker.io/xrally/xrally-openstack:2.0.0 labels: api: node_selector_key: openstack-control-plane node_selector_value: enabled health_manager: node_selector_key: openstack-control-plane node_selector_value: enabled housekeeping: node_selector_key: openstack-control-plane node_selector_value: enabled job: node_selector_key: openstack-control-plane node_selector_value: enabled worker: node_selector_key: openstack-control-plane node_selector_value: enabled manifests: configmap_bin: true configmap_etc: true daemonset_health_manager: true deployment_api: true deployment_housekeeping: true deployment_worker: true ingress_api: false job_bootstrap: true job_db_drop: false job_db_init: true job_db_sync: true job_image_repo_sync: true job_ks_endpoints: true job_ks_service: true job_ks_user: true job_rabbit_init: true network_policy: false pdb_api: true pod_rally_test: false secret_credential_keys: true secret_db: true secret_ingress_tls: true secret_keystone: true secret_rabbitmq: true secret_registry: true service_api: true service_ingress_api: false network: api: external_policy_local: false ingress: annotations: nginx.ingress.kubernetes.io/rewrite-target: / classes: cluster: nginx-cluster namespace: nginx public: true node_port: enabled: false port: 30826 network_policy: octavia: ingress: - {} pod: affinity: anti: topologyKey: default: kubernetes.io/hostname type: default: preferredDuringSchedulingIgnoredDuringExecution labels: include_app_kubernetes_io: false lifecycle: disruption_budget: api: min_available: 0 termination_grace_period: api: timeout: 30 upgrades: daemonsets: health_manager: enabled: true max_unavailable: 1 min_ready_seconds: 0 pod_replacement_strategy: RollingUpdate deployments: pod_replacement_strategy: RollingUpdate revision_history: 3 rolling_update: max_surge: 3 max_unavailable: 1 mounts: octavia_api: init_container: null octavia_api: volumeMounts: - mountPath: /etc/octavia/certs/server name: octavia-server-ca - mountPath: /etc/octavia/certs/client name: octavia-client-certs volumes: - name: octavia-server-ca secret: secretName: octavia-server-ca - name: octavia-client-certs secret: secretName: octavia-client-certs octavia_bootstrap: init_container: null octavia_bootstrap: volumeMounts: null volumes: null octavia_health_manager: init_container: null octavia_health_manager: volumeMounts: - mountPath: /etc/octavia/certs/server name: octavia-server-ca - mountPath: /etc/octavia/certs/client name: octavia-client-certs volumes: - name: octavia-server-ca secret: secretName: octavia-server-ca - name: octavia-client-certs secret: secretName: octavia-client-certs octavia_housekeeping: init_container: null octavia_housekeeping: volumeMounts: - mountPath: /etc/octavia/certs/server name: octavia-server-ca - mountPath: /etc/octavia/certs/client name: octavia-client-certs volumes: - name: octavia-server-ca secret: secretName: octavia-server-ca - name: octavia-client-certs secret: secretName: octavia-client-certs octavia_worker: init_container: null octavia_worker: volumeMounts: - mountPath: /etc/octavia/certs/server name: octavia-server-ca - mountPath: /etc/octavia/certs/client name: octavia-client-certs - mountPath: /var/lib/octavia/.ssh name: octavia-amphora-ssh-key readOnly: true volumes: - name: octavia-server-ca secret: secretName: octavia-server-ca - name: octavia-client-certs secret: secretName: octavia-client-certs - name: octavia-amphora-ssh-key secret: defaultMode: 292 secretName: octavia-amphora-ssh-key replicas: api: 1 housekeeping: 1 worker: 1 resources: api: limits: cpu: 2000m memory: 1024Mi requests: cpu: 100m memory: 128Mi enabled: false health_manager: limits: cpu: 2000m memory: 1024Mi requests: cpu: 100m memory: 128Mi housekeeping: limits: cpu: 2000m memory: 1024Mi requests: cpu: 100m memory: 128Mi jobs: bootstrap: limits: cpu: 2000m memory: 1024Mi requests: cpu: 100m memory: 128Mi db_drop: limits: cpu: 2000m memory: 1024Mi requests: cpu: 100m memory: 128Mi db_init: limits: cpu: 2000m memory: 1024Mi requests: cpu: 100m memory: 128Mi db_sync: limits: cpu: 2000m memory: 1024Mi requests: cpu: 100m memory: 128Mi image_repo_sync: limits: cpu: 2000m memory: 1024Mi requests: cpu: 100m memory: 128Mi ks_endpoints: limits: cpu: 2000m memory: 1024Mi requests: cpu: 100m memory: 128Mi ks_service: limits: cpu: 2000m memory: 1024Mi requests: cpu: 100m memory: 128Mi ks_user: limits: cpu: 2000m memory: 1024Mi requests: cpu: 100m memory: 128Mi rabbit_init: limits: cpu: 2000m memory: 1024Mi requests: cpu: 100m memory: 128Mi tests: limits: cpu: 2000m memory: 1024Mi requests: cpu: 100m memory: 128Mi worker: limits: cpu: 2000m memory: 1024Mi requests: cpu: 100m memory: 128Mi user: octavia: uid: 42424 release_group: null secrets: identity: admin: octavia-keystone-admin octavia: octavia-keystone-user test: octavia-keystone-test oci_image_registry: octavia: octavia-oci-image-registry oslo_db: admin: octavia-db-admin octavia: octavia-db-user oslo_messaging: admin: octavia-rabbitmq-admin octavia: octavia-rabbitmq-user tls: load_balancer: api: public: octavia-tls-public