To gain access to the configuration repository for your customer specific infrastructure, please send a request to


A Git repository is required to store the configuration for your specific infrastructure. The manager node needs to have access to this repository. An SSH deploy/access key for read-only access is sufficient.

Before creating the configuration repository, infrastructure specific information needs to be provided:

  • NTP servers

  • DNS servers

  • FQDNs and IP addresses for the API endpoints

  • desired versions of OSISM, OpenStack, Ceph and Docker

  • CIDRs of networks for Ceph

  • SSL certificate, if one is used


After the deployment of the manager node, it is possible to generate a self-signed SSL certificate using an included Ansible playbook. See Generate self-signed certificates for more information.

Usually the configuration repository is prepared on your workstation. After the repository creation, it needs to be pushed to a central Git server, to make it available to the manager node.


Installation of gcc, python-development and git packages is a prerequisite to install required Python packages.

apt-get install git build-essential python3-dev

It is recommended to use a virtual environment when installing packages from PyPI.

virtualenv -p python3 .venv
source .venv/bin/activate
pip3 install \
  ansible \
  cookiecutter \
  cryptography \
  oslo.utils \
  paramiko \
  passlib \
  pwgen \
  pycrypto \
  pykeepass \
  python-gilt \
  pyyaml \
  ruamel.yaml \


When running cookiecutter, infrastructure specific information needs to be provided.

A list with all parameters can be found in the cookiecutter.json configuration file inside the configuration repository. A description of the individual parameters can be found in the README file of the repository.


with_ceph [1]: 1
with_monitoring [1]: 0
with_vault [1]: 1
ceph_fsid [Use a great UUID here]: 1a6b162c-cc15-4569-aa09-db536c93569f
ceph_manager_version [2019.3.0]:
ceph_network_backend []:
ceph_network_frontend []:
ceph_version [luminous]:
docker_registry []:
docker_version [5:18.09.5]:
domain []:
fqdn_external []:
fqdn_internal []:
git_host []:
git_port [22]:
git_repository [generic/cookiecutter]:
git_username [git]:
git_version [master]:
ip_external []:
ip_internal []:
kolla_manager_version [2019.3.0]:
openstack_version [rocky]:
osism_manager_version [2019.3.0]:
project_name [customer]: betacloud
repository_version [2019.3.0]:
name_servers [default]: { "values": ["", ""] }
ntp_servers [default]: { "values": [""] }

Create a Git repository inside the newly created cfg-customer directory. Be careful not to forget dotfiles like .gitignore.

cd cfg-customer
git init
git add .
git commit -m "Initial commit"

Push the repository to a Git server, so it will be available to the manager node.

git remote add origin <your-git-server>/cfg-customer
git push --set-upstream origin master

Directory structure after the initial commit in the Git repository. The secrets directory is only stored in the repository for test environments.