1cedf77f19
To allow for TLS to protect the service endpoints, the protocol in the URLs for the endpoints will be either http or https. This patch removes the hardcoded values of http and replaces them with variables that can be adjusted accordingly in future patches. Change-Id: Ibca6f8aac09c65115d1ac9957410e7f81ac7671e Partially-implements: blueprint ssl-kolla
70 lines
2.3 KiB
Django/Jinja
70 lines
2.3 KiB
Django/Jinja
# neutron.conf
|
|
[DEFAULT]
|
|
debug = {{ neutron_logging_debug }}
|
|
|
|
use_syslog = True
|
|
syslog_log_facility = LOG_LOCAL0
|
|
|
|
bind_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
|
|
bind_port = {{ neutron_server_port }}
|
|
|
|
api_paste_config = /usr/share/neutron/api-paste.ini
|
|
|
|
# NOTE(SamYaple): We must specify this value here rather than the metadata conf
|
|
# because it is used by the l3 and dhcp agents. The reason the path has 'kolla'
|
|
# in it is because we are sharing this socket in a volume which is it's own dir
|
|
metadata_proxy_socket = /var/lib/neutron/kolla/metadata_proxy
|
|
|
|
{% if neutron_plugin_agent == "openvswitch" %}
|
|
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
|
|
{% elif neutron_plugin_agent == "linuxbridge" %}
|
|
interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
|
|
{% endif %}
|
|
|
|
{% if enable_nova_fake | bool %}
|
|
ovs_integration_bridge = br-int-{{ item }}
|
|
host = {{ ansible_hostname }}_{{ item }}
|
|
{% endif %}
|
|
|
|
allow_overlapping_ips = true
|
|
core_plugin = ml2
|
|
service_plugins = router
|
|
|
|
[nova]
|
|
auth_url = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }}
|
|
auth_type = password
|
|
project_domain_id = default
|
|
user_domain_id = default
|
|
region_name = {{ openstack_region_name }}
|
|
project_name = service
|
|
username = nova
|
|
password = {{ nova_keystone_password }}
|
|
|
|
[oslo_concurrency]
|
|
lock_path = /var/lib/neutron/tmp
|
|
|
|
[oslo_messaging_rabbit]
|
|
rabbit_userid = {{ rabbitmq_user }}
|
|
rabbit_password = {{ rabbitmq_password }}
|
|
rabbit_ha_queues = true
|
|
rabbit_hosts = {% for host in groups['rabbitmq'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
|
|
|
[agent]
|
|
root_helper = sudo neutron-rootwrap /etc/neutron/rootwrap.conf
|
|
|
|
[database]
|
|
connection = mysql+pymysql://{{ neutron_database_user }}:{{ neutron_database_password }}@{{ neutron_database_address }}/{{ neutron_database_name }}
|
|
|
|
[keystone_authtoken]
|
|
auth_uri = {{ internal_protocol }}://{{ kolla_internal_address }}:{{ keystone_public_port }}
|
|
auth_url = {{ admin_protocol }}://{{ kolla_internal_address }}:{{ keystone_admin_port }}
|
|
auth_type = password
|
|
project_domain_id = default
|
|
user_domain_id = default
|
|
project_name = service
|
|
username = neutron
|
|
password = {{ neutron_keystone_password }}
|
|
|
|
[oslo_messaging_notifications]
|
|
driver = noop
|