423 lines
14 KiB
YAML
423 lines
14 KiB
YAML
options:
|
|
debug:
|
|
default: False
|
|
type: boolean
|
|
description: Enable debug logging.
|
|
verbose:
|
|
default: False
|
|
type: boolean
|
|
description: Enable verbose logging.
|
|
use-syslog:
|
|
type: boolean
|
|
default: False
|
|
description: |
|
|
Setting this to True will allow supporting services to log to syslog.
|
|
openstack-origin:
|
|
default: distro
|
|
type: string
|
|
description: |
|
|
Repository from which to install. May be one of the following:
|
|
distro (default), ppa:somecustom/ppa, a deb url sources entry,
|
|
or a supported Cloud Archive release pocket.
|
|
|
|
Supported Cloud Archive sources include:
|
|
|
|
cloud:<series>-<openstack-release>
|
|
cloud:<series>-<openstack-release>/updates
|
|
cloud:<series>-<openstack-release>/staging
|
|
cloud:<series>-<openstack-release>/proposed
|
|
|
|
For series=Precise we support cloud archives for openstack-release:
|
|
* icehouse
|
|
|
|
For series=Trusty we support cloud archives for openstack-release:
|
|
* juno
|
|
* kilo
|
|
* ...
|
|
|
|
NOTE: updating this setting to a source that is known to provide
|
|
a later version of OpenStack will trigger a software upgrade.
|
|
|
|
NOTE: when openstack-origin-git is specified, openstack specific
|
|
packages will be installed from source rather than from the
|
|
openstack-origin repository.
|
|
openstack-origin-git:
|
|
default:
|
|
type: string
|
|
description: |
|
|
Specifies a YAML-formatted dictionary listing the git
|
|
repositories and branches from which to install OpenStack and
|
|
its dependencies.
|
|
|
|
Note that the installed config files will be determined based on
|
|
the OpenStack release of the openstack-origin option.
|
|
|
|
For more details see README.md.
|
|
rabbit-user:
|
|
default: nova
|
|
type: string
|
|
description: Username used to access rabbitmq queue
|
|
rabbit-vhost:
|
|
default: openstack
|
|
type: string
|
|
description: Rabbitmq vhost
|
|
database-user:
|
|
default: nova
|
|
type: string
|
|
description: Username for database access
|
|
database:
|
|
default: nova
|
|
type: string
|
|
description: Database name
|
|
nova-alchemy-flags:
|
|
type: string
|
|
default:
|
|
description: |
|
|
Comma-separated list of key=value sqlalchemy related config flags to be
|
|
set in nova.conf [database] section.
|
|
neutron-database-user:
|
|
default: neutron
|
|
type: string
|
|
description: Username for Neutron database access (if enabled)
|
|
neutron-database:
|
|
default: neutron
|
|
type: string
|
|
description: Database name for Neutron (if enabled)
|
|
neutron-alchemy-flags:
|
|
type: string
|
|
default:
|
|
description: |
|
|
Comma-separated list of key=value sqlalchemy related config flags to be
|
|
set in neutron.conf [database] section.
|
|
network-manager:
|
|
default: FlatDHCPManager
|
|
type: string
|
|
description: |
|
|
Network manager for the cloud; supports the following options:
|
|
|
|
FlatDHCPManager (nova-network) (default)
|
|
FlatManager (nova-network)
|
|
Neutron|Quantum (Full SDN solution)
|
|
|
|
When using the Neutron option you will most likely want to use
|
|
the neutron-gateway charm to provide L3 routing and DHCP Services.
|
|
bridge-interface:
|
|
default: br100
|
|
type: string
|
|
description: Bridge interface to be configured
|
|
bridge-ip:
|
|
default: 11.0.0.1
|
|
type: string
|
|
description: IP to be assigned to bridge interface
|
|
bridge-netmask:
|
|
default: 255.255.255.0
|
|
type: string
|
|
description: Netmask to be assigned to bridge interface
|
|
quantum-plugin:
|
|
default: ovs
|
|
type: string
|
|
description: |
|
|
Quantum plugin to use for network management; supports:
|
|
|
|
ovs - OpenvSwitch Plugin
|
|
nvp|nsx - Nicira Network Virtualization Platform/
|
|
VMware NSX Network Virtualization Platform
|
|
(renamed for Icehouse)
|
|
|
|
This configuration only has context when used with network-manager
|
|
Quantum|Neutron.
|
|
quantum-security-groups:
|
|
type: string
|
|
default: "no"
|
|
description: |
|
|
Use quantum for security group management.
|
|
.
|
|
Only supported for >= grizzly.
|
|
neutron-external-network:
|
|
type: string
|
|
default: ext_net
|
|
description: |
|
|
Name of the external network for floating IP addresses provided by
|
|
Neutron.
|
|
config-flags:
|
|
type: string
|
|
default:
|
|
description: |
|
|
Comma-separated list of key=value config flags. These values will be
|
|
placed in the nova.conf [DEFAULT] section.
|
|
region:
|
|
default: RegionOne
|
|
type: string
|
|
description: OpenStack Region
|
|
# HA configuration settings
|
|
vip:
|
|
type: string
|
|
default:
|
|
description: |
|
|
Virtual IP(s) to use to front API services in HA configuration.
|
|
.
|
|
If multiple networks are being used, a VIP should be provided for each
|
|
network, separated by spaces.
|
|
vip_iface:
|
|
type: string
|
|
default: eth0
|
|
description: |
|
|
Default network interface to use for HA vip when it cannot be
|
|
automatically determined.
|
|
vip_cidr:
|
|
type: int
|
|
default: 24
|
|
description: |
|
|
Default CIDR netmask to use for HA vip when it cannot be automatically
|
|
determined.
|
|
ha-bindiface:
|
|
type: string
|
|
default: eth0
|
|
description: |
|
|
Default network interface on which HA cluster will bind to communication
|
|
with the other members of the HA Cluster.
|
|
ha-mcastport:
|
|
type: int
|
|
default: 5404
|
|
description: |
|
|
Default multicast port number that will be used to communicate between
|
|
HA Cluster nodes.
|
|
haproxy-server-timeout:
|
|
type: int
|
|
default:
|
|
description: |
|
|
Server timeout configuration in ms for haproxy, used in HA
|
|
configurations. If not provided, default value of 30000ms is used.
|
|
haproxy-client-timeout:
|
|
type: int
|
|
default:
|
|
description: |
|
|
Client timeout configuration in ms for haproxy, used in HA
|
|
configurations. If not provided, default value of 30000ms is used.
|
|
ssl_cert:
|
|
type: string
|
|
default:
|
|
description: |
|
|
SSL certificate to install and use for API ports. Setting this value
|
|
and ssl_key will enable reverse proxying, point Nova's entry in the
|
|
Keystone catalog to use https, and override any certificate and key
|
|
issued by Keystone (if it is configured to do so).
|
|
ssl_key:
|
|
type: string
|
|
default:
|
|
description: SSL key to use with certificate specified as ssl_cert.
|
|
ssl_ca:
|
|
type: string
|
|
default:
|
|
description: |
|
|
SSL CA to use with the certificate and key provided - this is only
|
|
required if you are providing a privately signed ssl_cert and ssl_key.
|
|
# Neutron NVP and VMware NSX plugin configuration
|
|
nvp-controllers:
|
|
type: string
|
|
default:
|
|
description: Space delimited addresses of NVP/NSX controllers
|
|
nvp-username:
|
|
type: string
|
|
default: admin
|
|
description: Username to connect to NVP/NSX controllers with
|
|
nvp-password:
|
|
type: string
|
|
default: admin
|
|
description: Password to connect to NVP/NSX controllers with
|
|
nvp-cluster-name:
|
|
type: string
|
|
default: example
|
|
description: Name of the NVP cluster configuration to create (grizzly only)
|
|
nvp-tz-uuid:
|
|
type: string
|
|
default:
|
|
description: |
|
|
This is uuid of the default NVP/NSX Transport zone that will be used for
|
|
creating tunneled isolated Quantum networks. It needs to be created
|
|
in NVP before starting Quantum with the nvp plugin.
|
|
nvp-l3-uuid:
|
|
type: string
|
|
default:
|
|
description: |
|
|
This is uuid of the default NVP/NSX L3 Gateway Service.
|
|
# end of NVP/NSX configuration
|
|
# Network configuration options
|
|
# by default all access is over 'private-address'
|
|
os-admin-network:
|
|
type: string
|
|
default:
|
|
description: |
|
|
The IP address and netmask of the OpenStack Admin network (e.g.
|
|
192.168.0.0/24)
|
|
|
|
This network will be used for admin endpoints.
|
|
os-internal-network:
|
|
type: string
|
|
default:
|
|
description: |
|
|
The IP address and netmask of the OpenStack Internal network (e.g.
|
|
192.168.0.0/24)
|
|
|
|
This network will be used for internal endpoints.
|
|
os-public-network:
|
|
type: string
|
|
default:
|
|
description: |
|
|
The IP address and netmask of the OpenStack Public network (e.g.
|
|
192.168.0.0/24)
|
|
|
|
This network will be used for public endpoints.
|
|
os-public-hostname:
|
|
type: string
|
|
default:
|
|
description: |
|
|
The hostname or address of the public endpoints provided by the
|
|
nova-cloud-controller in the keystone identity provider.
|
|
|
|
This value will be used for public endpoints. For example, an
|
|
os-public-hostname set to 'ncc.example.com' with ssl enabled will
|
|
create public endpoints such as:
|
|
|
|
https://ncc.example.com:8775/v2/$(tenant_id)s
|
|
service-guard:
|
|
type: boolean
|
|
default: false
|
|
description: |
|
|
Ensure required relations are made and complete before allowing services
|
|
to be started
|
|
|
|
By default, services may be up and accepting API request from install
|
|
onwards.
|
|
|
|
Enabling this flag ensures that services will not be started until the
|
|
minimum 'core relations' have been made between this charm and other
|
|
charms.
|
|
|
|
For this charm the following relations must be made:
|
|
|
|
* shared-db or (pgsql-nova-db, pgsql-neutron-db)
|
|
* amqp
|
|
* identity-service
|
|
console-access-protocol:
|
|
type: string
|
|
default:
|
|
description: |
|
|
Protocol to use when accessing virtual machine console. Supported types
|
|
are None, spice, xvpvnc, novnc and vnc (for both xvpvnc and novnc)
|
|
console-proxy-ip:
|
|
type: string
|
|
default: local
|
|
description: |
|
|
If console-access-protocol != None then this is the ip published to
|
|
clients for access to console proxy. Set to local for the ip address of
|
|
the nova-cloud-controller serving the request to be used
|
|
console-keymap:
|
|
type: string
|
|
default: 'en-us'
|
|
description: |
|
|
Console keymap
|
|
console-ssl-cert:
|
|
type: string
|
|
default:
|
|
description: |
|
|
Used for encrypted console connections. This differs from the SSL
|
|
certificate used for API endpoints and is used for console sessions only.
|
|
Setting this value along with console-ssl-key will enable encrypted
|
|
console sessions. This has nothing to do with Nova API SSL and can be
|
|
used independently. This can be used in conjunction when
|
|
console-access-protocol is set to 'novnc' or 'spice'.
|
|
console-ssl-key:
|
|
type: string
|
|
default:
|
|
description: SSL key to use with certificate specified as console-ssl-cert.
|
|
worker-multiplier:
|
|
type: int
|
|
default: 2
|
|
description: |
|
|
The CPU core multiplier to use when configuring worker processes for
|
|
Nova and Neutron. By default, the number of workers for each daemon
|
|
is set to twice the number of CPU cores a service unit has.
|
|
cpu-allocation-ratio:
|
|
type: float
|
|
default: 16.0
|
|
description: |
|
|
The per physical core -> virtual core ratio to use in the Nova scheduler.
|
|
.
|
|
Increasing this value will increase instance density on compute nodes
|
|
at the expense of instance performance.
|
|
ram-allocation-ratio:
|
|
type: float
|
|
default: 1.5
|
|
description: |
|
|
The physical ram -> virtual ram ratio to use in the Nova scheduler.
|
|
|
|
Increasing this value will increase instance density on compute nodes
|
|
at the potential expense of instance performance.
|
|
prefer-ipv6:
|
|
type: boolean
|
|
default: False
|
|
description: |
|
|
If True enables IPv6 support. The charm will expect network interfaces
|
|
to be configured with an IPv6 address. If set to False (default) IPv4
|
|
is expected.
|
|
|
|
NOTE: these charms do not currently support IPv6 privacy extension. In
|
|
order for this charm to function correctly, the privacy extension must be
|
|
disabled and a non-temporary address must be configured/available on
|
|
your network interface.
|
|
nagios_context:
|
|
default: "juju"
|
|
type: string
|
|
description: |
|
|
Used by the nrpe-external-master subordinate charm.
|
|
A string that will be prepended to instance name to set the host name
|
|
in nagios. So for instance the hostname would be something like:
|
|
|
|
juju-myservice-0
|
|
|
|
If you're running multiple environments with the same services in them
|
|
this allows you to differentiate between them.
|
|
nagios_servicegroups:
|
|
default: ""
|
|
type: string
|
|
description: |
|
|
A comma-separated list of nagios servicegroups. If left empty, the
|
|
nagios_context will be used as the servicegroup.
|
|
single-nova-consoleauth:
|
|
type: boolean
|
|
default: true
|
|
description: |
|
|
When this configuration is set to True, a single instance of
|
|
nova-consoleauth service will be running, this allows users to always
|
|
authenticate against the same instance and avoid authentications issues
|
|
when the token used was stored in a different instance.
|
|
|
|
If memcached is being used to store the tokens, then it's recommended to
|
|
change this configuration to False.
|
|
action-managed-upgrade:
|
|
type: boolean
|
|
default: False
|
|
description: |
|
|
If True enables openstack upgrades for this charm via juju actions.
|
|
You will still need to set openstack-origin to the new repository but
|
|
instead of an upgrade running automatically across all units, it will
|
|
wait for you to execute the openstack-upgrade action for this charm on
|
|
each unit. If False it will revert to existing behavior of upgrading
|
|
all units on config change.
|
|
scheduler-default-filters:
|
|
type: string
|
|
default: "RetryFilter,AvailabilityZoneFilter,CoreFilter,RamFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter"
|
|
description: |
|
|
List of filter class names to use for filtering hosts when not specified in
|
|
the request.
|
|
api-rate-limit-rules:
|
|
type: string
|
|
default:
|
|
description: |
|
|
The API rate-limit rules to use for the deployed nova API, if any.
|
|
Contents of this config options will be inserted in the api-paste.ini file
|
|
under the "filter:ratelimit" section as "limits". The syntax for these
|
|
rules is documented at
|
|
http://docs.openstack.org/kilo/config-reference/content/configuring-compute-API.html
|