Ansible deployment of the Kolla containers
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

202 lines
6.4 KiB

  1. # nova.conf
  2. [DEFAULT]
  3. debug = {{ nova_logging_debug }}
  4. log_dir = /var/log/kolla/nova
  5. {% if service_name == "nova-super-conductor" %}
  6. log_file = /var/log/kolla/nova/nova-super-conductor.log
  7. {% endif %}
  8. state_path = /var/lib/nova
  9. osapi_compute_listen = {{ api_interface_address }}
  10. osapi_compute_listen_port = {{ nova_api_listen_port }}
  11. osapi_compute_workers = {{ openstack_service_workers }}
  12. metadata_workers = {{ openstack_service_workers }}
  13. metadata_listen = {{ api_interface_address }}
  14. metadata_listen_port = {{ nova_metadata_listen_port }}
  15. allow_resize_to_same_host = true
  16. # Though my_ip is not used directly, lots of other variables use $my_ip
  17. my_ip = {{ api_interface_address }}
  18. {% if enable_ceilometer | bool or enable_searchlight | bool or enable_designate | bool %}
  19. instance_usage_audit = True
  20. instance_usage_audit_period = hour
  21. {% endif %}
  22. transport_url = {{ rpc_transport_url }}
  23. [filter_scheduler]
  24. {% if enable_blazar | bool %}
  25. available_filters = nova.scheduler.filters.all_filters
  26. available_filters = blazarnova.scheduler.filters.blazar_filter.BlazarFilter
  27. enabled_filters = AvailabilityZoneFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,BlazarFilter
  28. {% endif %}
  29. {% if enable_nova_fake | bool %}
  30. enabled_filters = AvailabilityZoneFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter
  31. {% endif %}
  32. {% if enable_cells | bool %}
  33. # When in superconductor mode, nova-compute can't send instance
  34. # info updates to the scheduler, so just disable it.
  35. track_instance_changes = False
  36. {% endif %}
  37. [api]
  38. use_forwarded_for = true
  39. # Super conductor
  40. [conductor]
  41. workers = {{ openstack_service_workers }}
  42. [oslo_middleware]
  43. enable_proxy_headers_parsing = True
  44. [oslo_concurrency]
  45. lock_path = /var/lib/nova/tmp
  46. [glance]
  47. api_servers = {{ internal_protocol }}://{{ glance_internal_fqdn | put_address_in_context('url') }}:{{ glance_api_port }}
  48. cafile = {{ openstack_cacert }}
  49. num_retries = {{ groups['glance-api'] | length }}
  50. debug = {{ nova_logging_debug }}
  51. {% if enable_cinder | bool %}
  52. [cinder]
  53. catalog_info = volumev3:cinderv3:internalURL
  54. os_region_name = {{ openstack_region_name }}
  55. auth_url = {{ keystone_admin_url }}
  56. auth_type = password
  57. project_domain_name = {{ default_project_domain_name }}
  58. user_domain_id = {{ default_user_domain_id }}
  59. project_name = service
  60. username = {{ cinder_keystone_user }}
  61. password = {{ cinder_keystone_password }}
  62. cafile = {{ openstack_cacert }}
  63. {% endif %}
  64. [neutron]
  65. metadata_proxy_shared_secret = {{ metadata_secret }}
  66. service_metadata_proxy = true
  67. {% if neutron_plugin_agent == 'vmware_nsxv3' %}
  68. ovs_bridge = {{ ovs_bridge }}
  69. {% endif %}
  70. auth_url = {{ keystone_admin_url }}
  71. auth_type = password
  72. project_domain_name = {{ default_project_domain_name }}
  73. user_domain_id = {{ default_user_domain_id }}
  74. project_name = service
  75. username = {{ neutron_keystone_user }}
  76. password = {{ neutron_keystone_password }}
  77. region_name = {{ openstack_region_name }}
  78. valid_interfaces = internal
  79. cafile = {{ openstack_cacert }}
  80. [database]
  81. connection = mysql+pymysql://{{ nova_cell0_database_user }}:{{ nova_cell0_database_password }}@{{ nova_cell0_database_address }}/{{ nova_cell0_database_name }}
  82. max_pool_size = 50
  83. max_overflow = 1000
  84. max_retries = -1
  85. [api_database]
  86. connection = mysql+pymysql://{{ nova_api_database_user }}:{{ nova_api_database_password }}@{{ nova_api_database_address }}/{{ nova_api_database_name }}
  87. max_retries = -1
  88. [cache]
  89. backend = oslo_cache.memcache_pool
  90. enabled = True
  91. memcache_servers = {% for host in groups['memcached'] %}{{ 'api' | kolla_address(host) | put_address_in_context('memcache') }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
  92. [keystone_authtoken]
  93. www_authenticate_uri = {{ keystone_internal_url }}
  94. auth_url = {{ keystone_admin_url }}
  95. auth_type = password
  96. project_domain_id = {{ default_project_domain_id }}
  97. user_domain_id = {{ default_user_domain_id }}
  98. project_name = service
  99. username = {{ nova_keystone_user }}
  100. password = {{ nova_keystone_password }}
  101. cafile = {{ openstack_cacert }}
  102. memcache_security_strategy = ENCRYPT
  103. memcache_secret_key = {{ memcache_secret_key }}
  104. memcached_servers = {% for host in groups['memcached'] %}{{ 'api' | kolla_address(host) | put_address_in_context('memcache') }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
  105. [upgrade_levels]
  106. compute = auto
  107. [oslo_messaging_notifications]
  108. transport_url = {{ notify_transport_url }}
  109. {% if nova_enabled_notification_topics %}
  110. driver = messagingv2
  111. topics = {{ nova_enabled_notification_topics | map(attribute='name') | join(',') }}
  112. {% else %}
  113. driver = noop
  114. {% endif %}
  115. {% if service_name in nova_services_require_policy_json and nova_policy_file is defined %}
  116. [oslo_policy]
  117. policy_file = {{ nova_policy_file }}
  118. {% endif %}
  119. [privsep_entrypoint]
  120. helper_command=sudo nova-rootwrap /etc/nova/rootwrap.conf privsep-helper --config-file /etc/nova/nova.conf
  121. [guestfs]
  122. debug = {{ nova_logging_debug }}
  123. [wsgi]
  124. api_paste_config = /etc/nova/api-paste.ini
  125. {% if kolla_enable_tls_external | bool or kolla_enable_tls_internal | bool %}
  126. secure_proxy_ssl_header = HTTP_X_FORWARDED_PROTO
  127. {% endif %}
  128. [scheduler]
  129. max_attempts = 10
  130. # NOTE(yoctozepto): kolla-ansible handles cell mapping by itself on each deploy
  131. # periodic run must be disabled to avoid random failures (where both try to map)
  132. # -1 is default and means periodic discovery is disabled
  133. discover_hosts_in_cells_interval = -1
  134. workers = {{ openstack_service_workers }}
  135. [placement]
  136. auth_type = password
  137. auth_url = {{ keystone_admin_url }}
  138. username = {{ placement_keystone_user }}
  139. password = {{ placement_keystone_password }}
  140. user_domain_name = {{ default_user_domain_name }}
  141. project_name = service
  142. project_domain_name = {{ default_project_domain_name }}
  143. region_name = {{ openstack_region_name }}
  144. cafile = {{ openstack_cacert }}
  145. valid_interfaces = internal
  146. [notifications]
  147. {% if enable_ceilometer | bool or enable_searchlight | bool or enable_designate | bool or enable_neutron_infoblox_ipam_agent | bool %}
  148. notify_on_state_change = vm_and_task_state
  149. {% endif %}
  150. {% if not enable_searchlight | bool %}
  151. notification_format = unversioned
  152. {% else %}
  153. notification_format = both
  154. {% endif %}
  155. {% if enable_osprofiler | bool %}
  156. [profiler]
  157. enabled = true
  158. trace_sqlalchemy = true
  159. hmac_keys = {{ osprofiler_secret }}
  160. connection_string = {{ osprofiler_backend_connection_string }}
  161. {% endif %}
  162. {% if enable_barbican | bool %}
  163. [barbican]
  164. auth_endpoint = {{ keystone_internal_url }}
  165. barbican_endpoint_type = internal
  166. verify_ssl_path = {{ openstack_cacert }}
  167. {% endif %}