kolla-ansible/ansible/roles/neutron/defaults/main.yml

---
project_name: "neutron"

neutron_services:
  neutron-server:
    container_name: "neutron_server"
    image: "{{ neutron_server_image_full }}"
    enabled: true
    group: "neutron-server"
    host_in_groups: "{{ inventory_hostname in groups['neutron-server'] }}"
    volumes:
      - "{{ node_config_directory }}/neutron-server/:{{ container_config_directory }}/:ro"
      - "/etc/localtime:/etc/localtime:ro"
      - "kolla_logs:/var/log/kolla/"
  neutron-openvswitch-agent:
    container_name: "neutron_openvswitch_agent"
    image: "{{ neutron_openvswitch_agent_image_full }}"
    enabled: "{{ neutron_plugin_agent == 'openvswitch' }}"
    privileged: True
    host_in_groups: >-
      {{
      ( (inventory_hostname in groups['compute'] and nova_compute_virt_type != 'xenapi')
      or (enable_manila | bool and inventory_hostname in groups['manila-share'])
      or inventory_hostname in groups['neutron-dhcp-agent']
      or inventory_hostname in groups['neutron-l3-agent']
      or inventory_hostname in groups['neutron-metadata-agent']
      or inventory_hostname in groups['neutron-vpnaas-agent']
      and not enable_nova_fake | bool
      ) or
      ( inventory_hostname in groups['neutron-dhcp-agent']
      or inventory_hostname in groups['neutron-l3-agent']
      or inventory_hostname in groups['neutron-metadata-agent']
      or inventory_hostname in groups['neutron-vpnaas-agent']
      and enable_nova_fake | bool
      )
      }}
    volumes:
      - "{{ node_config_directory }}/neutron-openvswitch-agent/:{{ container_config_directory }}/:ro"
      - "/etc/localtime:/etc/localtime:ro"
      - "/lib/modules:/lib/modules:ro"
      - "/run:/run:shared"
      - "kolla_logs:/var/log/kolla/"
  neutron-openvswitch-agent-xenapi:
    container_name: "neutron_openvswitch_agent_xenapi"
    image: "{{ neutron_openvswitch_agent_image_full }}"
    enabled: "{{ neutron_plugin_agent == 'openvswitch' and nova_compute_virt_type == 'xenapi' }}"
    privileged: True
    host_in_groups: >-
      {{
       inventory_hostname in groups['compute']
      }}
    volumes:
      - "{{ node_config_directory }}/neutron-openvswitch-agent-xenapi/:{{ container_config_directory }}/:ro"
      - "/etc/localtime:/etc/localtime:ro"
      - "/lib/modules:/lib/modules:ro"
      - "/run:/run:shared"
      - "kolla_logs:/var/log/kolla/"
  neutron-linuxbridge-agent:
    container_name: "neutron_linuxbridge_agent"
    image: "{{  neutron_linuxbridge_agent_image_full }}"
    privileged: True
    enabled: "{{ neutron_plugin_agent == 'linuxbridge' }}"
    environment:
      KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
      NEUTRON_BRIDGE: "br-ex"
      NEUTRON_INTERFACE: "{{ neutron_external_interface }}"
    host_in_groups: >-
      {{
      inventory_hostname in groups['compute']
      or (enable_manila | bool and inventory_hostname in groups['manila-share'])
      or inventory_hostname in groups['neutron-dhcp-agent']
      or inventory_hostname in groups['neutron-l3-agent']
      or inventory_hostname in groups['neutron-metadata-agent']
      or inventory_hostname in groups['neutron-vpnaas-agent']
      }}
    volumes:
      - "{{ node_config_directory }}/neutron-linuxbridge-agent/:{{ container_config_directory }}/:ro"
      - "/etc/localtime:/etc/localtime:ro"
      - "/lib/modules:/lib/modules:ro"
      - "/run:/run:shared"
      - "kolla_logs:/var/log/kolla/"
  neutron-dhcp-agent:
    container_name: "neutron_dhcp_agent"
    image: "{{ neutron_dhcp_agent_image_full }}"
    privileged: True
    enabled: "{{ neutron_plugin_agent != 'vmware_nsxv' }}"
    group: "neutron-dhcp-agent"
    host_in_groups: "{{ inventory_hostname in groups['neutron-dhcp-agent'] }}"
    volumes:
      - "{{ node_config_directory }}/neutron-dhcp-agent/:{{ container_config_directory }}/:ro"
      - "/etc/localtime:/etc/localtime:ro"
      - "/run/:/run/:shared"
      - "neutron_metadata_socket:/var/lib/neutron/kolla/"
      - "kolla_logs:/var/log/kolla/"
  neutron-l3-agent:
    container_name: "neutron_l3_agent"
    image: "{{ neutron_l3_agent_image_full }}"
    privileged: True
    enabled: "{{ not enable_neutron_vpnaas | bool and neutron_plugin_agent not in ['vmware_nsxv', 'vmware_dvs'] and not enable_opendaylight_l3 | bool }}"
    host_in_groups: >-
      {{
      inventory_hostname in groups['neutron-l3-agent']
      or (inventory_hostname in groups['compute'] and enable_neutron_dvr | bool)
      }}
    volumes:
      - "{{ node_config_directory }}/neutron-l3-agent/:{{ container_config_directory }}/:ro"
      - "/etc/localtime:/etc/localtime:ro"
      - "/lib/modules:/lib/modules:ro"
      - "/run:/run:shared"
      - "neutron_metadata_socket:/var/lib/neutron/kolla/"
      - "kolla_logs:/var/log/kolla/"
  neutron-lbaas-agent:
    container_name: "neutron_lbaas_agent"
    image: "{{ neutron_lbaas_agent_image_full }}"
    privileged: True
    enabled: "{{ enable_neutron_lbaas | bool and neutron_plugin_agent not in ['vmware_nsxv', 'vmware_dvs'] }}"
    group: "neutron-lbaas-agent"
    host_in_groups: "{{ inventory_hostname in groups['neutron-lbaas-agent'] }}"
    volumes:
      - "{{ node_config_directory }}/neutron-lbaas-agent/:{{ container_config_directory }}/:ro"
      - "/etc/localtime:/etc/localtime:ro"
      - "/run:/run:shared"
      - "kolla_logs:/var/log/kolla/"
  neutron-metadata-agent:
    container_name: "neutron_metadata_agent"
    image: "{{ neutron_metadata_agent_image_full }}"
    privileged: True
    enabled: "{{ neutron_plugin_agent != 'vmware_nsxv' }}"
    host_in_groups: >-
      {{
      inventory_hostname in groups['neutron-metadata-agent']
      or (inventory_hostname in groups['compute'] and enable_neutron_dvr | bool)
      }}
    volumes:
      - "{{ node_config_directory }}/neutron-metadata-agent/:{{ container_config_directory }}/:ro"
      - "/etc/localtime:/etc/localtime:ro"
      - "/run/:/run/:shared"
      - "neutron_metadata_socket:/var/lib/neutron/kolla/"
      - "kolla_logs:/var/log/kolla/"
  neutron-vpnaas-agent:
    container_name: "neutron_vpnaas_agent"
    image: "{{ neutron_vpnaas_agent_image_full }}"
    privileged: True
    enabled: "{{ enable_neutron_vpnaas | bool and neutron_plugin_agent not in ['vmware_nsxv', 'vmware_dvs'] }}"
    group: "neutron-vpnaas-agent"
    host_in_groups: "{{ inventory_hostname in groups['neutron-vpnaas-agent'] }}"
    volumes:
      - "{{ node_config_directory }}/neutron-vpnaas-agent/:{{ container_config_directory }}/:ro"
      - "/etc/localtime:/etc/localtime:ro"
      - "/run:/run:shared"
      - "/lib/modules:/lib/modules:ro"
      - "kolla_logs:/var/log/kolla/"
  neutron-bgp-dragent:
    container_name: "neutron_bgp_dragent"
    image: "{{ neutron_bgp_dragent_image_full }}"
    privileged: True
    enabled: "{{ enable_neutron_bgp_dragent | bool and neutron_plugin_agent not in ['vmware_nsxv', 'vmware_dvs'] }}"
    group: "neutron-bgp-dragent"
    host_in_groups: "{{ inventory_hostname in groups['neutron-bgp-dragent'] }}"
    volumes:
      - "{{ node_config_directory }}/neutron-bgp-dragent/:{{ container_config_directory }}/:ro"
      - "/etc/localtime:/etc/localtime:ro"
      - "/run:/run:shared"
      - "kolla_logs:/var/log/kolla/"


####################
# Database
####################
neutron_database_name: "neutron"
neutron_database_user: "neutron"
neutron_database_address: "{{ kolla_internal_fqdn }}:{{ database_port }}"


####################
# Docker
####################
neutron_install_type: "{{ kolla_install_type }}"
neutron_tag: "{{ openstack_release }}"

neutron_dhcp_agent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-dhcp-agent"
neutron_dhcp_agent_tag: "{{ neutron_tag }}"
neutron_dhcp_agent_image_full: "{{ neutron_dhcp_agent_image }}:{{ neutron_dhcp_agent_tag }}"

neutron_l3_agent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-l3-agent"
neutron_l3_agent_tag: "{{ neutron_tag }}"
neutron_l3_agent_image_full: "{{ neutron_l3_agent_image }}:{{ neutron_l3_agent_tag }}"

neutron_lbaas_agent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-lbaas-agent"
neutron_lbaas_agent_tag: "{{ neutron_tag }}"
neutron_lbaas_agent_image_full: "{{ neutron_lbaas_agent_image }}:{{ neutron_lbaas_agent_tag }}"

neutron_linuxbridge_agent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-linuxbridge-agent"
neutron_linuxbridge_agent_tag: "{{ neutron_tag }}"
neutron_linuxbridge_agent_image_full: "{{ neutron_linuxbridge_agent_image }}:{{ neutron_linuxbridge_agent_tag }}"

neutron_metadata_agent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-metadata-agent"
neutron_metadata_agent_tag: "{{ neutron_tag }}"
neutron_metadata_agent_image_full: "{{ neutron_metadata_agent_image }}:{{ neutron_metadata_agent_tag }}"

neutron_openvswitch_agent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-openvswitch-agent"
neutron_openvswitch_agent_tag: "{{ neutron_tag }}"
neutron_openvswitch_agent_image_full: "{{ neutron_openvswitch_agent_image }}:{{ neutron_openvswitch_agent_tag }}"

neutron_server_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-server{{ '-opendaylight' if enable_opendaylight | bool else '' }}"
neutron_server_tag: "{{ neutron_tag }}"
neutron_server_image_full: "{{ neutron_server_image }}:{{ neutron_server_tag }}"

neutron_vpnaas_agent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-vpnaas-agent"
neutron_vpnaas_agent_tag: "{{ neutron_tag }}"
neutron_vpnaas_agent_image_full: "{{ neutron_vpnaas_agent_image }}:{{ neutron_vpnaas_agent_tag }}"

neutron_bgp_dragent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-bgp-dragent"
neutron_bgp_dragent_tag: "{{ neutron_tag }}"
neutron_bgp_dragent_image_full: "{{ neutron_bgp_dragent_image }}:{{ neutron_bgp_dragent_tag }}"


####################
# OpenStack
####################
dhcp_agents_per_network: 2
max_l3_agents_per_router: 3

# valid value is: ["v1", "v2"]
neutron_fwaas_version: "v1"

neutron_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}"
neutron_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}"
neutron_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ neutron_server_port }}"

neutron_logging_debug: "{{ openstack_logging_debug }}"

openstack_neutron_auth: "{{ openstack_auth }}"

####################
# Extension drivers
####################
extension_drivers:
  - name: "qos"
    enabled: "{{ enable_neutron_qos | bool or enable_opendaylight_qos | bool }}"
  - name: "port_security"
    enabled: true
  - name: "dns"
    enabled: "{{ enable_designate | bool }}"
  - name: "sfc"
    enabled: "{{ enable_neutron_sfc | bool }}"

neutron_extension_drivers: "{{ extension_drivers|selectattr('enabled', 'equalto', true)|list }}"

####################
# Service Plugins
####################
service_plugins:
  - name: "firewall"
    enabled: "{{ enable_neutron_fwaas | bool and neutron_fwaas_version == 'v1' }}"
  - name: "firewall_v2"
    enabled: "{{ enable_neutron_fwaas | bool and neutron_fwaas_version == 'v2' }}"
  - name: "flow_classifier"
    enabled: "{{ enable_neutron_sfc | bool }}"
  - name: "lbaasv2"
    enabled: "{{ enable_neutron_lbaas | bool }}"
  - name: "neutron_dynamic_routing.services.bgp.bgp_plugin.BgpPlugin"
    enabled: "{{ enable_neutron_bgp_dragent | bool }}"
  - name: "qos"
    enabled: "{{ enable_neutron_qos | bool or enable_opendaylight_qos | bool}}"
  - name: "router"
    enabled: "{{ not enable_opendaylight_l3 | bool }}"
  - name: "segments"
    enabled: "{{ enable_neutron_segments | bool }}"
  - name: "sfc"
    enabled: "{{ enable_neutron_sfc | bool }}"
  - name: "vpnaas"
    enabled: "{{ enable_neutron_vpnaas | bool }}"
  - name: "{{ opendaylight_l3_service_plugin }}"
    enabled: "{{ enable_opendaylight_l3 | bool and enable_opendaylight | bool }}"

neutron_service_plugins: "{{ service_plugins|selectattr('enabled', 'equalto', true)|list }}"

####################
# Notification
####################
neutron_notification_topics:
  - name: notifications
    enabled: "{{ enable_ceilometer | bool or enable_searchlight | bool }}"
  - name: notifications_designate
    enabled: "{{ enable_designate | bool }}"

neutron_enabled_notification_topics: "{{ neutron_notification_topics | selectattr('enabled', 'equalto', true) | list }}"

####################
# Agent Extensions
####################
agent_extensions:
  - name: "qos"
    enabled: "{{ enable_neutron_qos | bool }}"
  - name: "sfc"
    enabled: "{{ enable_neutron_sfc | bool }}"

neutron_agent_extensions: "{{ agent_extensions | selectattr('enabled', 'equalto', true) | list }}"

l3_agent_extensions:
  - name: "fwaas"
    enabled: "{{ enable_neutron_fwaas | bool and neutron_fwaas_version == 'v1' }}"
  - name: "fwaas_v2"
    enabled: "{{ enable_neutron_fwaas | bool and neutron_fwaas_version == 'v2' }}"

neutron_l3_agent_extensions: "{{ l3_agent_extensions | selectattr('enabled', 'equalto', true) | list }}"

####################
# VMware NSXV
####################
vmware_nsxv_user: "nsx_manager_user"
vmware_nsxv_manager_uri: "https://127.0.0.1"
vmware_nsxv_insecure: "True"
vmware_nsxv_cluster_moid: "TestCluster"
vmware_nsxv_datacenter_moid: "TestDataCeter"
vmware_nsxv_resource_pool_id: "TestRSGroup"
vmware_nsxv_datastore_id: "TestDataStore"
vmware_nsxv_external_network: "TestDVSPort-Ext"
vmware_nsxv_vdn_scope_id: "TestVDNScope"
vmware_nsxv_dvs_id: "TestDVS"
vmware_nsxv_backup_edge_pool: "service:compact:1:2"
vmware_nsxv_spoofguard_enabled: "false"
vmware_nsxv_metadata_initializer: "false"
vmware_nsxv_edge_ha: "false"

####################
# VMware DVS
####################
vmware_dvs_host_ip: "192.168.1.1"
vmware_dvs_host_port: "443"
vmware_dvs_host_username: "admin"
vmware_dvs_insecure: "True"
vmware_dvs_dvs_name: "VDS-1"
vmware_dvs_dhcp_override_mac: ""

######################
# Notification Drivers
######################
notification_drivers:
  - name: "odl-qos-v2"
    enabled: "{{ enable_opendaylight_qos | bool }}"

neutron_notification_drivers: "{{ notification_drivers|selectattr('enabled', 'equalto', true)|list }}"