openstack integrator #81

Supports: bionic xenial focal
Add to new model

Description

This charm can grant select permissions to instances of applications related to it which enable integration with OpenStack specific features, such as firewalls, load balancing, block storage, object storage, etc.


Overview

This charm acts as a proxy to OpenStack and provides an interface to provide a set of credentials for a somewhat limited project user to the applications that are related to this charm.

Usage

This charm is a component of Charmed Kubernetes. For full information, please visit the official Charmed Kubernetes docs.


Configuration

auth-url
(string) The URL of the keystone API used to authenticate. On OpenStack control panels, this can be found at Access and Security > API Access > Credentials.
bs-version
(string) Used to override automatic version detection for block storage usage. Valid values are v1, v2, v3 and auto. When auto is specified automatic detection will select the highest supported version exposed by the underlying OpenStack cloud. If not set, will use the upstream default.
credentials
(string) The base64-encoded contents of a JSON file containing OpenStack credentials. The credentials must contain the following keys: auth-url, region, username, password, project-name, user-domain-name, and project-domain-name. It could also contain a base64-encoded CA certificate in endpoint-tls-ca key value. This can be used from bundles with 'include-base64://' (see https://jujucharms.com/docs/stable/charms-bundles#setting-charm-configurations-options-in-a-bundle), or from the command-line with 'juju config openstack credentials="$(base64 /path/to/file)"'. It is strongly recommended that you use 'juju trust' instead, if available.
endpoint-tls-ca
(string) A CA certificate that can be used to verify the target cloud API endpoints. Use 'include-base64://' in a bundle to include a certificate. Otherwise, pass a base64-encoded certificate (base64 of "-----BEGIN" to "-----END") as a config option in a Juju CLI invocation.
floating-network-id
(string) If set, it will be passed to integrated workloads to indicate that floating IPs should be created in the given network for load balancers that those workloads manage. For example, this will determine whether and where FIPs will be created by Kubernetes for LoadBalancer type services in the cluster.
ignore-volume-az
(boolean) Used to influence availability zone use when attaching Cinder volumes. When Nova and Cinder have different availability zones, this should be set to true. This is most commonly the case where there are many Nova availability zones but only one Cinder availability zone. If not set, will use the upstream default.
lb-floating-network
(string) If set, this charm will assign a floating IP in this network (name or ID) for load balancers created for other charms related on the loadbalancer endpoint.
lb-method
(string) Algorithm that will be used by load balancers, which must be one of: ROUND_ROBIN, LEAST_CONNECTIONS, SOURCE_IP. This applies both to load balancers managed by this charm for applications related via the loadbalancer endpoint, as well as to load balancers managed by integrated workloads, such as Kubernetes.
ROUND_ROBIN
lb-port
(int) Port to use for load balancers created by this charm for other charms related on the loadbalancer endpoint.
443
lb-subnet
(string) Override the subnet (name or ID) in which this charm will create load balancers for other charms related on the loadbalancer endpoint. If not set, the subnet over which the requesting application is related will be used.
manage-security-groups
(boolean) Whether or not each load balancer should have its own security group, or if all load balancers should use the default security group for the project. This applies both to load balancers managed by this charm for applications related via the loadbalancer endpoint, as well as to load balancers managed by integrated workloads, such as Kubernetes.
password
(string) Password of a valid user set in keystone.
project-domain-name
(string) Name of the project domain where you want to create your resources.
project-name
(string) Name of project where you want to create your resources.
region
(string) Name of the region where you want to create your resources.
snap_proxy
(string) DEPRECATED. Use snap-http-proxy and snap-https-proxy model configuration settings. HTTP/HTTPS web proxy for Snappy to use when accessing the snap store.
snap_proxy_url
(string) DEPRECATED. Use snap-store-proxy model configuration setting. The address of a Snap Store Proxy to use for snaps e.g. http://snap-proxy.example.com
snapd_refresh
(string) How often snapd handles updates for installed snaps. The default (an empty string) is 4x per day. Set to "max" to check once per month based on the charm deployment date. You may also set a custom string as described in the 'refresh.timer' section here: https://forum.snapcraft.io/t/system-options/87
subnet-id
(string) If set, it will be passed to integrated workloads to indicate in what subnet load balancers should be created. For example, this will determine what subnet Kubernetes uses for LoadBalancer type services in the cluster.
trust-device-path
(boolean) In most scenarios the block device names provided by Cinder (e.g. /dev/vda) can not be trusted. This boolean toggles this behavior. Setting it to true results in trusting the block device names provided by Cinder. The value of false results in the discovery of the device path based on its serial number and /dev/disk/by-id mapping and is the recommended approach. If not set, will use the upstream default.
user-domain-name
(string) Name of the user domain where you want to create your resources.
username
(string) Username of a valid user set in keystone.