cookbook-openstack-common/attributes/default.rb

# encoding: UTF-8
#
# Cookbook Name:: openstack-common
# Attributes:: default
#
# Copyright 2012-2013, AT&T Services, Inc.
# Copyright 2013-2014, SUSE Linux GmbH
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

# Set to some text value if you want templated config files
# to contain a custom banner at the top of the written file
default['openstack']['common']['custom_template_banner'] = '
# This file autogenerated by Chef
# Do not edit, changes will be overwritten
'

# Setting this to True means that database passwords and service user
# passwords for Keystone will be easy-to-remember values -- they will be
# the same value as the key. For instance, if a cookbook calls the
# ::Openstack::secret routine like so:
#
# pass = secret "passwords", "nova"
#
# The value of pass will be "nova"
#
# This attribute is now DEPRECATED and will be removed. Use the default
# attributes below instead.
default['openstack']['developer_mode'] = false

# Use data bags for storing passwords
# Set this to false in order to get the passwords from attributes like:
# node['openstack']['secret'][key][type]
default['openstack']['use_databags'] = true

# Set databag type
# acceptable values 'encrypted', 'standard', 'vault'
# Set this to 'standard' in order to use regular databags.
# this is not recommended for anything other than dev/CI
# type environments.  Storing real secrets in plaintext = craycray.
# In addition to the encrypted data_bags which are an included
# feature of the official chef project, you can use 'vault' to
# encrypt your secrets with the method provided in the chef-vault gem.
default['openstack']['databag_type'] = 'encrypted'
default['openstack']['vault_gem_version'] = '~> 2.3'

# Default attributes when not using data bags (use_databags = false)
%w{block-storage object-storage compute database dashboard image identity
   telemetry network object-storage orchestration}.each do |service|
  %w{user service db token}.each do |type|
    default['openstack']['secret'][service][type] = "#{service}-#{type}"
  end
end

# The type of token signing to use (uuid or pki)
default['openstack']['auth']['strategy'] = 'pki'

# Set to true where using self-signed certs (in testing environments)
default['openstack']['auth']['validate_certs'] = true

# ========================= Encrypted Databag Setup ===========================
#
# The openstack-common cookbook's default library contains a `secret`
# routine that looks up the value of encrypted databag values. This routine
# uses the secret key file located at the following location to decrypt the
# values in the data bag.
default['openstack']['secret']['key_path'] = '/etc/chef/openstack_data_bag_secret'

# The name of the encrypted data bag that stores openstack secrets
default['openstack']['secret']['secrets_data_bag'] = 'secrets'

# The name of the encrypted data bag that stores service user passwords, with
# each key in the data bag corresponding to a named OpenStack service, like
# "nova", "cinder", etc.
default['openstack']['secret']['service_passwords_data_bag'] = 'service_passwords'

# The name of the encrypted data bag that stores DB passwords, with
# each key in the data bag corresponding to a named OpenStack database, like
# "nova", "cinder", etc.
default['openstack']['secret']['db_passwords_data_bag'] = 'db_passwords'

# The name of the encrypted data bag that stores Keystone user passwords, with
# each key in the data bag corresponding to a user (Keystone or otherwise).
default['openstack']['secret']['user_passwords_data_bag'] = 'user_passwords'

# ========================= Package and Repository Setup ======================
#
# Various Linux distributions provide OpenStack packages and repositories.
# The provide some sensible defaults, but feel free to override per your
# needs.

# The coordinated release of OpenStack codename
default['openstack']['release'] = 'juno'

# The Ubuntu Cloud Archive has packages for multiple Ubuntu releases. For
# more information, see: https://wiki.ubuntu.com/ServerTeam/CloudArchive.
# In the component strings, %codename% will be replaced by the value of
# the node['lsb']['codename'] Ohai value and %release% will be replaced
# by the value of node['openstack']['release']
#
# Change ['openstack']['apt']['update_apt_cache'] to true if you would like
# have the cache automaticly updated
default['openstack']['apt']['update_apt_cache'] = false
default['openstack']['apt']['live_updates_enabled'] = true
default['openstack']['apt']['uri'] = 'http://ubuntu-cloud.archive.canonical.com/ubuntu'
default['openstack']['apt']['components'] = ["#{node['lsb']['codename']}-updates/#{node['openstack']['release']}", 'main']
# For the SRU packaging, use this:
# default['openstack']['apt']['components'] = [ '%codename%-proposed/%release%', 'main' ]

default['openstack']['zypp']['repo-key'] = 'd85f9316'  # 32 bit key ID
default['openstack']['zypp']['uri'] = 'http://download.opensuse.org/repositories/Cloud:/OpenStack:/%release%/%suse-release%/'

default['openstack']['yum']['rdo_enabled'] = true
default['openstack']['yum']['uri'] = 'http://repos.fedorapeople.org/repos/openstack/openstack-juno/epel-7'
default['openstack']['yum']['repo-key'] = 'https://raw.githubusercontent.com/redhat-openstack/rdo-release/master/RPM-GPG-KEY-RDO-Juno'
# Enforcing GnuPG signature check for RDO repo. Set this to false if you want to disable the check.
default['openstack']['yum']['gpgcheck'] = true
# ======================== OpenStack Endpoints ================================
#
# OpenStack recipes often need information about the various service
# endpoints in the deployment. For instance, the cookbook that deploys
# the Nova API service will need to set the glance_api_servers configuration
# option in the nova.conf, and the cookbook setting up the Glance image
# service might need information on the Swift proxy endpoint, etc. Having
# all of this related OpenStack endpoint information in a single set of
# common attributes in the openstack-common cookbook attributes means that
# instead of doing funky role-based lookups, a deployment zone's OpenStack
# endpoint information can simply be accessed by having the
# openstack-common::default recipe added to some base role definition file
# that all OpenStack nodes add to their run list.
#
# node['openstack']['endpoints'] is a hash of hashes, where each value hash
# contains one of more of the following keys:
#
#  - scheme
#  - uri
#  - host
#  - port
#  - path
#  - bind_interface
#
# If the uri key is set, its value is used as the full URI for the endpoint.
# If the uri key is not set, the endpoint's full URI is constructed from the
# component parts. This allows setups that use some standardized DNS names for
# OpenStack service endpoints in a deployment zone as well as setups that
# instead assign IP addresses (for an actual node or a load balanced virtual
# IP) in a network to a particular OpenStack service endpoint. If the
# bind_interface is set, it will set the host IP in the
# set_endpoints_by_interface recipe.
#
# If you wish to use different values for the admin, public, and internal
# URIs for a service, you can easily do so by putting that service's
# information within the node['openstack']['endpoints'][type][service] hash
# (where type is one of 'admin', 'public', or 'internal').
# For example, to use a special public URI for compute-api, it could be
# specified within...
# node['openstack']['endpoints']['public']['compute-api'] = ...
#
# If you have no need for separate URIs for any of the admin, public, or
# internal endpoints for compute-api, then you could just set the general
# service endpoint within...
# node['openstack']['endpoints']['compute-api'] = ...

# ******************** OpenStack Identity Endpoints ***************************
default['openstack']['endpoints']['host'] = '127.0.0.1'
default['openstack']['endpoints']['family'] = 'inet'

# Note: The ['<service-name>-bind'] for each service exist so that a user can
# have a service bind to a local IP per API node, that is different to the
# actual endpoint for that service, which may be a load balanced IP
default['openstack']['endpoints']['bind-host'] = '127.0.0.1'

# The OpenStack Identity (Keystone) API endpoint. This is commonly called
# the Keystone Service endpoint...

# NOTE(mancdaz): There is a single 'identity-bind' mash that is used
# by the identity cookbook, for both service and admin endpoint binds.
# This is because keystone presents two ports but only a single service,
# that can only be bound to a single IP.
default['openstack']['endpoints']['identity-bind']['host'] = node['openstack']['endpoints']['bind-host']
default['openstack']['endpoints']['identity-bind']['bind_interface'] = nil

default['openstack']['endpoints']['identity-api']['host'] = node['openstack']['endpoints']['host']
default['openstack']['endpoints']['identity-api']['scheme'] = 'http'
default['openstack']['endpoints']['identity-api']['port'] = '5000'
default['openstack']['endpoints']['identity-api']['path'] = '/v2.0'
default['openstack']['endpoints']['identity-api']['bind_interface'] = nil

# The OpenStack Identity (Keystone) Internal API endpoint
# For a reference architecture this is a sensable default, however with a more
# complex network setup the public endpoint may not be reachable by internal
# systems, thus the ability to set this to something different must be present.
# Even if the public endpoint is reachable there may be other reasons to send
# interal communications to a different endpoint, for security or auditing
# purposes for example.
# Generally this listens on the same IP as the admin interface, but with the
# public pipeline(5000) instead of the admin pipeline(35357).
default['openstack']['endpoints']['identity-internal']['host'] = node['openstack']['endpoints']['host']
default['openstack']['endpoints']['identity-internal']['scheme'] = 'http'
default['openstack']['endpoints']['identity-internal']['port'] = '5000'
default['openstack']['endpoints']['identity-internal']['path'] = '/v2.0'
default['openstack']['endpoints']['identity-internal']['bind_interface'] = nil

# The OpenStack Identity (Keystone) Admin API endpoint
default['openstack']['endpoints']['identity-admin-bind']['host'] = node['openstack']['endpoints']['bind-host']
default['openstack']['endpoints']['identity-admin-bind']['port'] = '35357'
default['openstack']['endpoints']['identity-admin-bind']['bind_interface'] = nil

default['openstack']['endpoints']['identity-admin']['host'] = node['openstack']['endpoints']['host']
default['openstack']['endpoints']['identity-admin']['scheme'] = 'http'
default['openstack']['endpoints']['identity-admin']['port'] = '35357'
default['openstack']['endpoints']['identity-admin']['path'] = '/v2.0'
default['openstack']['endpoints']['identity-admin']['bind_interface'] = nil

# ****************** OpenStack Compute Endpoints ******************************

# The OpenStack Compute (Nova) Native API endpoint
default['openstack']['endpoints']['compute-api-bind']['host'] = node['openstack']['endpoints']['bind-host']
default['openstack']['endpoints']['compute-api-bind']['port'] = '8774'
default['openstack']['endpoints']['compute-api-bind']['bind_interface'] = nil

default['openstack']['endpoints']['compute-api']['host'] = node['openstack']['endpoints']['host']
default['openstack']['endpoints']['compute-api']['scheme'] = 'http'
default['openstack']['endpoints']['compute-api']['port'] = '8774'
default['openstack']['endpoints']['compute-api']['path'] = '/v2/%(tenant_id)s'
default['openstack']['endpoints']['compute-api']['bind_interface'] = nil

# The OpenStack Compute (Nova) EC2 API endpoint
default['openstack']['endpoints']['compute-ec2-api-bind']['host'] = node['openstack']['endpoints']['bind-host']
default['openstack']['endpoints']['compute-ec2-api-bind']['port'] = '8773'
default['openstack']['endpoints']['compute-ec2-api-bind']['bind_interface'] = nil

default['openstack']['endpoints']['compute-ec2-api']['host'] = node['openstack']['endpoints']['host']
default['openstack']['endpoints']['compute-ec2-api']['scheme'] = 'http'
default['openstack']['endpoints']['compute-ec2-api']['port'] = '8773'
default['openstack']['endpoints']['compute-ec2-api']['path'] = '/services/Cloud'
default['openstack']['endpoints']['compute-ec2-api']['bind_interface'] = nil

# The OpenStack Compute (Nova) EC2 Admin API endpoint
default['openstack']['endpoints']['compute-ec2-admin-bind']['host'] = node['openstack']['endpoints']['bind-host']
default['openstack']['endpoints']['compute-ec2-admin-bind']['port'] = '8773'
default['openstack']['endpoints']['compute-ec2-admin-bind']['bind_interface'] = nil

default['openstack']['endpoints']['compute-ec2-admin']['host'] = node['openstack']['endpoints']['host']
default['openstack']['endpoints']['compute-ec2-admin']['scheme'] = 'http'
default['openstack']['endpoints']['compute-ec2-admin']['port'] = '8773'
default['openstack']['endpoints']['compute-ec2-admin']['path'] = '/services/Admin'
default['openstack']['endpoints']['compute-ec2-admin']['bind_interface'] = nil

# The OpenStack Compute (Nova) XVPvnc endpoint
default['openstack']['endpoints']['compute-xvpvnc-bind']['host'] = node['openstack']['endpoints']['bind-host']
default['openstack']['endpoints']['compute-xvpvnc-bind']['port'] = '6081'
default['openstack']['endpoints']['compute-xvpvnc-bind']['bind_interface'] = nil

default['openstack']['endpoints']['compute-xvpvnc']['host'] = node['openstack']['endpoints']['host']
default['openstack']['endpoints']['compute-xvpvnc']['scheme'] = 'http'
default['openstack']['endpoints']['compute-xvpvnc']['port'] = '6081'
default['openstack']['endpoints']['compute-xvpvnc']['path'] = '/console'
default['openstack']['endpoints']['compute-xvpvnc']['bind_interface'] = nil

# The OpenStack Compute (Nova) novnc endpoint
default['openstack']['endpoints']['compute-novnc-bind']['host'] = node['openstack']['endpoints']['bind-host']
default['openstack']['endpoints']['compute-novnc-bind']['port'] = '6080'
default['openstack']['endpoints']['compute-novnc-bind']['bind_interface'] = nil

default['openstack']['endpoints']['compute-novnc']['host'] = node['openstack']['endpoints']['host']
default['openstack']['endpoints']['compute-novnc']['scheme'] = 'http'
default['openstack']['endpoints']['compute-novnc']['port'] = '6080'
default['openstack']['endpoints']['compute-novnc']['path'] = '/vnc_auto.html'
default['openstack']['endpoints']['compute-novnc']['bind_interface'] = nil

# The OpenStack Compute (Nova) vnc endpoint
default['openstack']['endpoints']['compute-vnc-bind']['host'] = node['openstack']['endpoints']['bind-host']
default['openstack']['endpoints']['compute-vnc-bind']['bind_interface'] = nil

default['openstack']['endpoints']['compute-vnc']['host'] = node['openstack']['endpoints']['host']
default['openstack']['endpoints']['compute-vnc']['scheme'] = nil
default['openstack']['endpoints']['compute-vnc']['port'] = nil
default['openstack']['endpoints']['compute-vnc']['path'] = nil
default['openstack']['endpoints']['compute-vnc']['bind_interface'] = nil

# The OpenStack Compute (Nova) vnc proxy endpoint
default['openstack']['endpoints']['compute-vnc-proxy-bind']['host'] = node['openstack']['endpoints']['compute-vnc-bind']['host']
default['openstack']['endpoints']['compute-vnc-proxy-bind']['bind_interface'] = node['openstack']['endpoints']['compute-vnc-bind']['bind_interface']

# ******************** OpenStack Network Endpoints ****************************

# The OpenStack Network (Neutron) API endpoint.
default['openstack']['endpoints']['network-api-bind']['host'] = node['openstack']['endpoints']['bind-host']
default['openstack']['endpoints']['network-api-bind']['port'] = '9696'
default['openstack']['endpoints']['network-api-bind']['bind_interface'] = nil

default['openstack']['endpoints']['network-api']['host'] = node['openstack']['endpoints']['host']
default['openstack']['endpoints']['network-api']['scheme'] = 'http'
default['openstack']['endpoints']['network-api']['port'] = '9696'
# neutronclient appends the protocol version to the endpoint URL, so the
# path needs to be empty
default['openstack']['endpoints']['network-api']['path'] = ''
default['openstack']['endpoints']['network-api']['bind_interface'] = nil

# The OpenStack Network Linux Bridge endpoint
default['openstack']['endpoints']['network-linuxbridge']['host'] = node['openstack']['endpoints']['host']
default['openstack']['endpoints']['network-linuxbridge']['scheme'] = nil
default['openstack']['endpoints']['network-linuxbridge']['port'] = nil
default['openstack']['endpoints']['network-linuxbridge']['path'] = nil
default['openstack']['endpoints']['network-linuxbridge']['bind_interface'] = nil

# The OpenStack Network Open vSwitch endpoint
default['openstack']['endpoints']['network-openvswitch']['host'] = node['openstack']['endpoints']['host']
default['openstack']['endpoints']['network-openvswitch']['scheme'] = nil
default['openstack']['endpoints']['network-openvswitch']['port'] = nil
default['openstack']['endpoints']['network-openvswitch']['path'] = nil
default['openstack']['endpoints']['network-openvswitch']['bind_interface'] = nil

# ******************** OpenStack Image Endpoints ******************************

# The OpenStack Image (Glance) API endpoint
default['openstack']['endpoints']['image-api-bind']['host'] = node['openstack']['endpoints']['bind-host']
default['openstack']['endpoints']['image-api-bind']['port'] = '9292'
default['openstack']['endpoints']['image-api-bind']['bind_interface'] = nil

default['openstack']['endpoints']['image-api']['host'] = node['openstack']['endpoints']['host']
default['openstack']['endpoints']['image-api']['scheme'] = 'http'
default['openstack']['endpoints']['image-api']['port'] = '9292'
# The glance client appends the protocol version to the endpoint URL,
# so the path needs to be empty
default['openstack']['endpoints']['image-api']['path'] = ''
default['openstack']['endpoints']['image-api']['bind_interface'] = nil

# The OpenStack Image (Glance) Registry API endpoint
default['openstack']['endpoints']['image-registry-bind']['host'] = node['openstack']['endpoints']['bind-host']
default['openstack']['endpoints']['image-registry-bind']['port'] = '9191'
default['openstack']['endpoints']['image-registry-bind']['bind_interface'] = nil

default['openstack']['endpoints']['image-registry']['host'] = node['openstack']['endpoints']['host']
default['openstack']['endpoints']['image-registry']['scheme'] = 'http'
default['openstack']['endpoints']['image-registry']['port'] = '9191'
default['openstack']['endpoints']['image-registry']['path'] = '/v2'
default['openstack']['endpoints']['image-registry']['bind_interface'] = nil

# ******************** OpenStack Volume Endpoints *****************************

# The OpenStack Volume (Cinder) API endpoint
default['openstack']['endpoints']['block-storage-api-bind']['host'] = node['openstack']['endpoints']['bind-host']
default['openstack']['endpoints']['block-storage-api-bind']['port'] = '8776'
default['openstack']['endpoints']['block-storage-api-bind']['bind_interface'] = nil

default['openstack']['endpoints']['block-storage-api']['host'] = node['openstack']['endpoints']['host']
default['openstack']['endpoints']['block-storage-api']['scheme'] = 'http'
default['openstack']['endpoints']['block-storage-api']['port'] = '8776'
default['openstack']['endpoints']['block-storage-api']['path'] = '/v2/%(tenant_id)s'
default['openstack']['endpoints']['block-storage-api']['bind_interface'] = nil

# ******************** OpenStack Object Storage Endpoint *****************************

# The OpenStack Object Storage (Swift) API endpoint
default['openstack']['endpoints']['object-storage-api-bind']['host'] = node['openstack']['endpoints']['bind-host']
default['openstack']['endpoints']['object-storage-api-bind']['port'] = '8080'
default['openstack']['endpoints']['object-storage-api-bind']['bind_interface'] = nil

default['openstack']['endpoints']['object-storage-api']['host'] = node['openstack']['endpoints']['host']
default['openstack']['endpoints']['object-storage-api']['scheme'] = 'http'
default['openstack']['endpoints']['object-storage-api']['port'] = '8080'
default['openstack']['endpoints']['object-storage-api']['path'] = '/v1/'
default['openstack']['endpoints']['object-storage-api']['bind_interface'] = nil

# ******************** OpenStack Metering Endpoints ***************************

# The OpenStack Metering (Ceilometer) API endpoint
default['openstack']['endpoints']['telemetry-api-bind']['host'] = node['openstack']['endpoints']['bind-host']
default['openstack']['endpoints']['telemetry-api-bind']['port'] = '8777'
default['openstack']['endpoints']['telemetry-api-bind']['bind_interface'] = nil

default['openstack']['endpoints']['telemetry-api']['host'] = node['openstack']['endpoints']['host']
default['openstack']['endpoints']['telemetry-api']['scheme'] = 'http'
default['openstack']['endpoints']['telemetry-api']['port'] = '8777'
# The ceilometer client appends the protocol version to the endpoint URL,
# so the path needs to be empty
default['openstack']['endpoints']['telemetry-api']['path'] = ''
default['openstack']['endpoints']['telemetry-api']['bind_interface'] = nil

# ******************** OpenStack Orchestration Endpoints ***************************

# The OpenStack Orchestration (Heat) API endpoint
default['openstack']['endpoints']['orchestration-api-bind']['host'] = node['openstack']['endpoints']['bind-host']
default['openstack']['endpoints']['orchestration-api-bind']['port'] = '8004'
default['openstack']['endpoints']['orchestration-api-bind']['bind_interface'] = nil

default['openstack']['endpoints']['orchestration-api']['host'] = node['openstack']['endpoints']['host']
default['openstack']['endpoints']['orchestration-api']['scheme'] = 'http'
default['openstack']['endpoints']['orchestration-api']['port'] = '8004'
default['openstack']['endpoints']['orchestration-api']['path'] = '/v1/%(tenant_id)s'
default['openstack']['endpoints']['orchestration-api']['bind_interface'] = nil

# The OpenStack Orchestration (Heat) CloudFormation API endpoint
default['openstack']['endpoints']['orchestration-api-cfn-bind']['host'] = node['openstack']['endpoints']['bind-host']
default['openstack']['endpoints']['orchestration-api-cfn-bind']['port'] = '8000'
default['openstack']['endpoints']['orchestration-api-cfn-bind']['bind_interface'] = nil

default['openstack']['endpoints']['orchestration-api-cfn']['host'] = node['openstack']['endpoints']['host']
default['openstack']['endpoints']['orchestration-api-cfn']['scheme'] = 'http'
default['openstack']['endpoints']['orchestration-api-cfn']['port'] = '8000'
default['openstack']['endpoints']['orchestration-api-cfn']['path'] = '/v1'
default['openstack']['endpoints']['orchestration-api-cfn']['bind_interface'] = nil

# The OpenStack Orchestration (Heat) CloudWatch API endpoint
default['openstack']['endpoints']['orchestration-api-cloudwatch-bind']['host'] = node['openstack']['endpoints']['bind-host']
default['openstack']['endpoints']['orchestration-api-cloudwatch-bind']['port'] = '8003'
default['openstack']['endpoints']['orchestration-api-cloudwatch-bind']['bind_interface'] = nil

default['openstack']['endpoints']['orchestration-api-cloudwatch']['host'] = node['openstack']['endpoints']['host']
default['openstack']['endpoints']['orchestration-api-cloudwatch']['scheme'] = 'http'
default['openstack']['endpoints']['orchestration-api-cloudwatch']['port'] = '8003'
default['openstack']['endpoints']['orchestration-api-cloudwatch']['path'] = '/v1'
default['openstack']['endpoints']['orchestration-api-cloudwatch']['bind_interface'] = nil

# The OpenStack Database (Trove) API endpoint
default['openstack']['endpoints']['database-api-bind']['host'] = node['openstack']['endpoints']['bind-host']
default['openstack']['endpoints']['database-api-bind']['port'] = '8779'
default['openstack']['endpoints']['database-api-bind']['bind_interface'] = nil

default['openstack']['endpoints']['database-api']['host'] = node['openstack']['endpoints']['host']
default['openstack']['endpoints']['database-api']['scheme'] = 'http'
default['openstack']['endpoints']['database-api']['port'] = '8779'
default['openstack']['endpoints']['database-api']['path'] = '/v1.0/%(tenant_id)s'
default['openstack']['endpoints']['database-api']['bind_interface'] = nil

# Alternately, if you used some standardized DNS naming scheme, you could
# do something like this, which would override any part-wise specifications above.
#
# default['openstack']['endpoints']['identity-api']['uri']         = 'https://identity.example.com:35357/v2.0'
# default['openstack']['endpoints']['identity-admin']['uri']       = 'https://identity.example.com:5000/v2.0'
# default['openstack']['endpoints']['compute-api']['uri']          = 'https://compute.example.com:8774/v2/%(tenant_id)s'
# default['openstack']['endpoints']['compute-ec2-api']['uri']      = 'https://ec2.example.com:8773/services/Cloud'
# default['openstack']['endpoints']['compute-ec2-admin']['uri']    = 'https://ec2.example.com:8773/services/Admin'
# default['openstack']['endpoints']['compute-xvpvnc']['uri']       = 'https://xvpvnc.example.com:6081/console'
# default['openstack']['endpoints']['compute-novnc']['uri']        = 'https://novnc.example.com:6080/vnc_auto.html'
# default['openstack']['endpoints']['image-api']['uri']            = 'https://image.example.com:9292/v2'
# default['openstack']['endpoints']['image-registry']['uri']       = 'https://image.example.com:9191/v2'
# default['openstack']['endpoints']['block-storage-api']['uri']           = 'https://volume.example.com:8776/v1/%(tenant_id)s'
# default['openstack']['endpoints']['telemetry-api']['uri']        = 'https://telemetry.example.com:9000/v1'
# default['openstack']['endpoints']['orchestration-api']['uri']               = 'https://orchestration.example.com:8004//v1/%(tenant_id)s'
# default['openstack']['endpoints']['orchestration-api-cfn']['uri']           = 'https://orchestration.example.com:8000/v1'
# default['openstack']['endpoints']['orchestration-api-cloudwatch']['uri']    = 'https://orchestration.example.com:8003/v1'

# Set a default region that other regions are set to - such that changing the region for all services can be done in one place
default['openstack']['region'] = 'RegionOne'

# Set a default auth api version that other components use to interact with identity service.
# Allowed auth API versions: v2.0 or v3.0. By default, it is set to v2.0.
default['openstack']['api']['auth']['version'] = 'v2.0'

# logging.conf list keypairs module_name => log level to write
# DEPRECATED, use new loggers attributes below.
# TODO(MRV) remove in Juno
# The old defaults have been incorporated below:
# { 'nova.api.openstack.wsgi' => 'WARNING',
#   'nova.osapi_compute.wsgi.server' => 'WARNING' }
default['openstack']['logging']['ignore'] = {}

# Allow configured loggers in logging.conf
default['openstack']['logging']['loggers'] = {
  'root' => {
    'level' => 'NOTSET',
    'handlers' => 'devel'
  },
  'ceilometer' => {
    'level' => 'DEBUG',
    'handlers' => 'prod,debug',
    'qualname' => 'ceilometer'
  },
  'cinder' => {
    'level' => 'DEBUG',
    'handlers' => 'prod,debug',
    'qualname' => 'cinder'
  },
  'glance' => {
    'level' => 'DEBUG',
    'handlers' => 'prod,debug',
    'qualname' => 'glance'
  },
  'horizon' => {
    'level' => 'DEBUG',
    'handlers' => 'prod,debug',
    'qualname' => 'horizon'
  },
  'keystone' => {
    'level' => 'DEBUG',
    'handlers' => 'prod,debug',
    'qualname' => 'keystone'
  },
  'nova' => {
    'level' => 'DEBUG',
    'handlers' => 'prod,debug',
    'qualname' => 'nova'
  },
  'neutron' => {
    'level' => 'DEBUG',
    'handlers' => 'prod,debug',
    'qualname' => 'neutron'
  },
  'swift' => {
    'level' => 'DEBUG',
    'handlers' => 'prod,debug',
    'qualname' => 'swift'
  },
  'trove' => {
    'level' => 'DEBUG',
    'handlers' => 'prod,debug',
    'qualname' => 'trove'
  },
  'amqplib' => {
    'level' => 'WARNING',
    'handlers' => 'stderr',
    'qualname' => 'amqplib'
  },
  'sqlalchemy' => {
    'level' => 'WARNING',
    # "level' => 'INFO" logs SQL queries.
    # "level' => 'DEBUG" logs SQL queries and results.
    # "level' => 'WARNING" logs neither.  (Recommended for production systems.)
    'handlers' => 'stderr',
    'qualname' => 'sqlalchemy'
  },
  'boto' => {
    'level' => 'WARNING',
    'handlers' => 'stderr',
    'qualname' => 'boto'
  },
  'suds' => {
    'level' => 'INFO',
    'handlers' => 'stderr',
    'qualname' => 'suds'
  },
  'eventletwsgi' => {
    'level' => 'WARNING',
    'handlers' => 'stderr',
    'qualname' => 'eventlet.wsgi.server'
  },
  'nova_api_openstack_wsgi' => {
    'level' => 'WARNING',
    'handlers' => 'prod,debug',
    'qualname' => 'nova.api.openstack.wsgi'
  },
  'nova_osapi_compute_wsgi_server' => {
    'level' => 'WARNING',
    'handlers' => 'prod,debug',
    'qualname' => 'nova.osapi_compute.wsgi.server'
  }
}

# Allow configured formatters in logging.conf
default['openstack']['logging']['formatters'] = {
  'normal' => {
    'format' => '%(asctime)s %(levelname)s %(message)s'
  },
  'normal_with_name' => {
    'format' => '[%(name)s]: %(asctime)s %(levelname)s %(message)s'
  },
  'debug' => {
    'format' => '[%(name)s]: %(asctime)s %(levelname)s %(module)s.%(funcName)s %(message)s'
  },
  'syslog_with_name' => {
    'format' => '%(name)s: %(levelname)s %(message)s'
  },
  'syslog_debug' => {
    'format' => '%(name)s: %(levelname)s %(module)s.%(funcName)s %(message)s'
  }
}

# Allow configured logging handlers in logging.conf
default['openstack']['logging']['handlers'] = {
  'stderr' => {
    'args' => '(sys.stderr,)',
    'class' => 'StreamHandler',
    'formatter' => 'debug'
  },
  'devel' => {
    'args' => '(sys.stdout,)',
    'class' => 'StreamHandler',
    'formatter' => 'debug',
    'level' => 'NOTSET'
  },
  'prod' => {
    'args' => '((\'/dev/log\'), handlers.SysLogHandler.LOG_LOCAL0)',
    'class' => 'handlers.SysLogHandler',
    'formatter' => 'syslog_with_name',
    'level' => 'INFO'
  },
  'debug' => {
    'args' => '((\'/dev/log\'), handlers.SysLogHandler.LOG_LOCAL1)',
    'class' => 'handlers.SysLogHandler',
    'formatter' => 'syslog_debug',
    'level' => 'DEBUG'
  }
}

default['openstack']['memcached_servers'] = nil

# Default sysctl settings
default['openstack']['sysctl']['net.ipv4.conf.all.rp_filter'] = 0
default['openstack']['sysctl']['net.ipv4.conf.default.rp_filter'] = 0

# Default OpenStack Network Type: nova (optional: neutron)
default['openstack']['compute']['network']['service_type'] = 'nova'

case node['platform_family']
when 'rhel', 'suse'
  default['openstack']['common']['platform'] = {
    'common_client_packages' => ['python-openstackclient'],
    'package_overrides' => ''
  }
when 'debian'
  default['openstack']['common']['platform'] = {
    'common_client_packages' => ['python-openstackclient'],
    'package_overrides' => "-o Dpkg::Options::='--force-confold' -o Dpkg::Options::='--force-confdef'"
  }
end

# The name of the Chef role that installs the Keystone Service API
default['openstack']['identity_service_chef_role'] = 'os-identity'

# Array of bare options for openrc (e.g. 'option=value')
default['openstack']['misc_openrc'] = nil

# openrc location and owner
default['openstack']['openrc']['path'] = '/root'
default['openstack']['openrc']['file'] = 'openrc'
default['openstack']['openrc']['user'] = 'root'
default['openstack']['openrc']['group'] = 'root'
default['openstack']['openrc']['file_mode'] = '0600'
default['openstack']['openrc']['path_mode'] = '0700'