06081df5ab
This patch set is designed to allow deployers to select the virt_type = 'lxc', which will deploy the nova-lxd driver instead of the usual kvm driver. Change-Id: I8b298080faaef9da1ab0040de437086a1a393296
284 lines
10 KiB
Django/Jinja
284 lines
10 KiB
Django/Jinja
# {{ ansible_managed }}
|
|
|
|
{% set _api_threads = ansible_processor_vcpus|default(2) // 2 %}
|
|
{% set api_threads = _api_threads if _api_threads > 0 else 1 %}
|
|
|
|
[DEFAULT]
|
|
# Logs / State
|
|
debug = {{ debug }}
|
|
fatal_deprecations = {{ nova_fatal_deprecations }}
|
|
log_dir = /var/log/nova
|
|
state_path = {{ nova_system_home_folder }}
|
|
rootwrap_config = /etc/nova/rootwrap.conf
|
|
service_down_time = 120
|
|
default_schedule_zone = {{ nova_default_schedule_zone }}
|
|
|
|
{% if nova_external_ssl | bool %}
|
|
secure_proxy_ssl_header = {{ nova_secure_proxy_ssl_header }}
|
|
{% endif %}
|
|
|
|
# Quota
|
|
quota_cores = {{ nova_quota_cores }}
|
|
quota_fixed_ips = {{ nova_quota_fixed_ips }}
|
|
quota_floating_ips = {{ nova_quota_floating_ips }}
|
|
quota_injected_file_content_bytes = {{ nova_quota_injected_file_content_bytes }}
|
|
quota_injected_file_path_length = {{ nova_quota_injected_file_path_length }}
|
|
quota_injected_files = {{ nova_quota_injected_files }}
|
|
quota_instances = {{ nova_quota_instances }}
|
|
quota_key_pairs = {{ nova_quota_key_pairs }}
|
|
quota_metadata_items = {{ nova_quota_metadata_items }}
|
|
quota_networks = {{ nova_quota_networks }}
|
|
quota_ram = {{ nova_quota_ram }}
|
|
quota_security_group_rules = {{ nova_quota_security_group_rules }}
|
|
quota_security_groups = {{ nova_quota_security_groups }}
|
|
quota_server_group_members = {{ nova_quota_server_group_members }}
|
|
quota_server_groups = {{ nova_quota_server_groups }}
|
|
|
|
# Scheduler
|
|
cpu_allocation_ratio = {{ nova_cpu_allocation_ratio }}
|
|
disk_allocation_ratio = {{ nova_disk_allocation_ratio }}
|
|
max_instances_per_host = {{ nova_max_instances_per_host }}
|
|
max_io_ops_per_host = {{ nova_max_io_ops_per_host }}
|
|
ram_allocation_ratio = {{ nova_ram_allocation_ratio }}
|
|
ram_weight_multiplier = {{ nova_ram_weight_multiplier }}
|
|
reserved_host_disk_mb = {{ nova_reserved_host_disk_mb }}
|
|
reserved_host_memory_mb = {{ nova_reserved_host_memory_mb }}
|
|
scheduler_driver = {{ nova_scheduler_driver }}
|
|
scheduler_available_filters = {{ nova_scheduler_available_filters }}
|
|
scheduler_default_filters = {{ nova_scheduler_default_filters }}
|
|
scheduler_driver_task_period = {{ nova_scheduler_driver_task_period }}
|
|
scheduler_host_manager = {{ nova_scheduler_host_manager }}
|
|
scheduler_host_subset_size = {{ nova_scheduler_host_subset_size }}
|
|
scheduler_max_attempts = {{ nova_scheduler_max_attempts }}
|
|
scheduler_weight_classes = {{ nova_scheduler_weight_classes }}
|
|
scheduler_use_baremetal_filters = {{ nova_scheduler_use_baremetal_filters }}
|
|
scheduler_tracks_instance_changes = {{ nova_scheduler_tracks_instance_changes }}
|
|
|
|
# Compute
|
|
enable_instance_password = {{ nova_enable_instance_password }}
|
|
compute_driver = {{ nova_compute_driver }}
|
|
instance_name_template = instance-%08x
|
|
instances_path = {{ nova_system_home_folder }}/instances
|
|
api_paste_config = /etc/nova/api-paste.ini
|
|
allow_resize_to_same_host = True
|
|
image_cache_manager_interval = {{ nova_image_cache_manager_interval }}
|
|
resume_guests_state_on_host_boot = {{ nova_resume_guests_state_on_host_boot }}
|
|
|
|
{% if nova_console_user_ssl_cert is defined and nova_console_user_ssl_key is defined and inventory_hostname in groups['nova_console'] %}
|
|
# Console SSL keys
|
|
ssl_only = true
|
|
cert = {{ nova_console_ssl_cert }}
|
|
key = {{ nova_console_ssl_key }}
|
|
{% endif %}
|
|
|
|
# Api's
|
|
enabled_apis = {{ nova_enabled_apis }}
|
|
osapi_compute_workers = {{ nova_osapi_compute_workers | default(api_threads) }}
|
|
|
|
# Rpc all
|
|
rpc_backend = {{ nova_rpc_backend }}
|
|
transport_url = rabbit://{% for host in nova_rabbitmq_servers.split(',') %}{{ nova_rabbitmq_userid }}:{{ nova_rabbitmq_password }}@{{ host }}:{{ nova_rabbitmq_port }}{% if not loop.last %},{% else %}/{{ nova_rabbitmq_vhost }}{% endif %}{% endfor %}
|
|
|
|
executor_thread_pool_size = {{ nova_rpc_thread_pool_size }}
|
|
rpc_conn_pool_size = {{ nova_rpc_conn_pool_size }}
|
|
rpc_response_timeout = {{ nova_rpc_response_timeout }}
|
|
|
|
# Metadata
|
|
metadata_host = {{ nova_metadata_host }}
|
|
metadata_port = {{ nova_metadata_port }}
|
|
metadata_workers = {{ nova_metadata_workers | default(api_threads) }}
|
|
|
|
# Network
|
|
dhcp_domain = {{ nova_dhcp_domain }}
|
|
force_dhcp_release = True
|
|
dhcpbridge_flagfile = /etc/nova/nova.conf
|
|
firewall_driver = {{ nova_firewall_driver }}
|
|
use_forwarded_for = {{ nova_network_services[nova_network_type]['use_forwarded_for'] | bool }}
|
|
my_ip = {{ nova_management_address }}
|
|
default_floating_pool = public
|
|
use_neutron = True
|
|
|
|
# Authentication
|
|
auth_strategy = keystone
|
|
|
|
## Vif
|
|
linuxnet_interface_driver = {{ nova_linuxnet_interface_driver }}
|
|
{% if nova_virt_type in ['kvm', 'lxc', 'qemu', 'xen'] %}
|
|
libvirt_vif_type = ethernet
|
|
{% endif %}
|
|
vif_plugging_timeout = 10
|
|
vif_plugging_is_fatal = False
|
|
|
|
# Hypervisor
|
|
default_ephemeral_format = ext4
|
|
|
|
# Configdrive
|
|
force_config_drive = {{ nova_force_config_drive }}
|
|
|
|
# Policy
|
|
max_age = {{ nova_max_age }}
|
|
|
|
# Ceilometer notification configurations
|
|
{% if nova_ceilometer_enabled %}
|
|
instance_usage_audit = True
|
|
instance_usage_audit_period = hour
|
|
notify_on_state_change = vm_and_task_state
|
|
{% endif %}
|
|
|
|
{% if nova_ceilometer_enabled %}
|
|
[oslo_messaging_notifications]
|
|
driver = messagingv2
|
|
transport_url = rabbit://{% for host in nova_rabbitmq_telemetry_servers.split(',') %}{{ nova_rabbitmq_telemetry_userid }}:{{ nova_rabbitmq_telemetry_password }}@{{ host }}:{{ nova_rabbitmq_telemetry_port }}{% if not loop.last %},{% else %}/{{ nova_rabbitmq_telemetry_vhost }}{% endif %}{% endfor %}
|
|
{% endif %}
|
|
|
|
# Cache
|
|
[cache]
|
|
enabled = true
|
|
memcache_servers = {{ memcached_servers }}
|
|
|
|
|
|
# Cinder
|
|
[cinder]
|
|
catalog_info = volumev2:cinderv2:internalURL
|
|
cross_az_attach = {{ nova_cross_az_attach }}
|
|
os_region_name = {{ nova_service_region }}
|
|
|
|
|
|
{% if nova_console_type == 'spice' %}
|
|
[spice]
|
|
agent_enabled = {{ nova_console_agent_enabled }}
|
|
enabled = {{ nova_console_agent_enabled }}
|
|
keymap = {{ nova_console_keymap }}
|
|
# Console Url and binds
|
|
html5proxy_base_url = {{ nova_spice_html5proxy_base_url }}
|
|
server_listen = {{ nova_management_address }}
|
|
server_proxyclient_address = {{ nova_management_address }}
|
|
|
|
[vnc]
|
|
enabled = False
|
|
|
|
{% elif nova_console_type == 'novnc' %}
|
|
[vnc]
|
|
enabled = {{ nova_novncproxy_agent_enabled }}
|
|
keymap = {{ nova_novncproxy_vnc_keymap }}
|
|
novncproxy_base_url = {{ nova_novncproxy_base_url }}
|
|
vncserver_listen = {{ nova_novncproxy_vncserver_listen }}
|
|
vncserver_proxyclient_address = {{ nova_novncproxy_vncserver_proxyclient_address }}
|
|
|
|
{% endif %}
|
|
|
|
# Glance
|
|
[glance]
|
|
api_servers = {{ nova_glance_api_servers }}
|
|
|
|
# Neutron
|
|
[neutron]
|
|
url = {{ neutron_service_adminurl }}
|
|
region_name = {{ neutron_service_region }}
|
|
auth_type = password
|
|
# Keystone client plugin password option
|
|
password = {{ neutron_service_password }}
|
|
# Keystone client plugin username option
|
|
username = {{ neutron_service_user_name }}
|
|
project_name = {{ neutron_service_project_name }}
|
|
user_domain_name = {{ neutron_service_domain_name |default("Default") }}
|
|
project_domain_name = {{ neutron_service_domain_name |default("Default") }}
|
|
# Keystone client plugin authentication URL option
|
|
auth_url = {{ keystone_service_adminurl }}
|
|
insecure = {{ keystone_service_adminuri_insecure | bool }}
|
|
metadata_proxy_shared_secret = {{ nova_metadata_proxy_secret }}
|
|
service_metadata_proxy = {{ nova_metadata_proxy_enabled }}
|
|
{% if nova_network_services[nova_network_type]['ovs_bridge'] is defined %}
|
|
ovs_bridge = {{ nova_network_services[nova_network_type]['ovs_bridge'] }}
|
|
{% endif %}
|
|
|
|
[conductor]
|
|
topic = conductor
|
|
workers = {{ nova_conductor_workers | default(api_threads) }}
|
|
|
|
|
|
[keystone_authtoken]
|
|
insecure = {{ keystone_service_internaluri_insecure | bool }}
|
|
auth_plugin = {{ nova_keystone_auth_plugin }}
|
|
signing_dir = {{ nova_system_home_folder }}/cache/api
|
|
auth_url = {{ keystone_service_adminuri }}
|
|
auth_uri = {{ keystone_service_internaluri }}
|
|
project_domain_id = {{ nova_service_project_domain_id }}
|
|
user_domain_id = {{ nova_service_user_domain_id }}
|
|
project_name = {{ nova_service_project_name }}
|
|
username = {{ nova_service_user_name }}
|
|
password = {{ nova_service_password }}
|
|
region_name = {{ keystone_service_region }}
|
|
|
|
memcached_servers = {{ memcached_servers }}
|
|
|
|
token_cache_time = 300
|
|
revocation_cache_time = 60
|
|
|
|
# if your memcached server is shared, use these settings to avoid cache poisoning
|
|
memcache_security_strategy = ENCRYPT
|
|
memcache_secret_key = {{ memcached_encryption_key }}
|
|
|
|
# if your keystone deployment uses PKI, and you value security over performance:
|
|
check_revocations_for_cached = False
|
|
|
|
|
|
{% if inventory_hostname in (groups['nova_conductor'] + groups['nova_scheduler'] + groups['nova_api_os_compute'] + groups['nova_api_metadata'] + groups['nova_console'] + groups['nova_cert']) %}
|
|
[database]
|
|
connection = mysql+pymysql://{{ nova_galera_user }}:{{ nova_container_mysql_password }}@{{ nova_galera_address }}/{{ nova_galera_database }}?charset=utf8
|
|
max_overflow = {{ nova_db_max_overflow }}
|
|
max_pool_size = {{ nova_db_max_pool_size }}
|
|
pool_timeout = {{ nova_db_pool_timeout }}
|
|
|
|
|
|
[api_database]
|
|
connection = mysql+pymysql://{{ nova_api_galera_user }}:{{ nova_api_container_mysql_password }}@{{ nova_api_galera_address }}/{{ nova_api_galera_database }}?charset=utf8
|
|
max_overflow = {{ nova_api_db_max_overflow }}
|
|
max_pool_size = {{ nova_api_db_max_pool_size }}
|
|
pool_timeout = {{ nova_api_db_pool_timeout }}
|
|
{% endif %}
|
|
|
|
|
|
[oslo_concurrency]
|
|
lock_path = /var/lock/nova
|
|
|
|
|
|
[oslo_messaging_rabbit]
|
|
rabbit_use_ssl = {{ nova_rabbitmq_use_ssl }}
|
|
|
|
{% if nova_virt_type == 'ironic' %}
|
|
[ironic]
|
|
# TODO(mrda): These should be changed to support the Keystone v3 API
|
|
admin_username = {{ ironic_service_name }}
|
|
admin_password = {{ ironic_service_password }}
|
|
admin_tenant_name = {{ ironic_service_project_name }}
|
|
admin_url = {{ keystone_service_adminuri }}/v2.0
|
|
api_endpoint = {{ ironic_service_adminurl }}
|
|
{% endif %}
|
|
|
|
{% if nova_virt_type in ['kvm', 'lxc', 'qemu', 'xen'] %}
|
|
[libvirt]
|
|
inject_partition = {{ nova_libvirt_inject_partition }}
|
|
inject_password = {{ nova_libvirt_inject_password }}
|
|
inject_key = {{ nova_libvirt_inject_key }}
|
|
use_usb_tablet = False
|
|
use_virtio_for_bridges = True
|
|
cpu_mode = {{ nova_cpu_mode }}
|
|
virt_type = {{ nova_virt_type }}
|
|
remove_unused_resized_minimum_age_seconds = {{ nova_remove_unused_resized_minimum_age_seconds }}
|
|
|
|
{% if cinder_backends_rbd_inuse|bool or nova_libvirt_images_rbd_pool is defined %}
|
|
rbd_user = {{ nova_ceph_client }}
|
|
rbd_secret_uuid = {{ nova_ceph_client_uuid }}
|
|
{% endif %}
|
|
{% if nova_libvirt_images_rbd_pool is defined %}
|
|
# ceph rbd support
|
|
images_type = rbd
|
|
images_rbd_pool = {{ nova_libvirt_images_rbd_pool }}
|
|
images_rbd_ceph_conf = /etc/ceph/ceph.conf
|
|
{% endif %}
|
|
live_migration_uri = "qemu+ssh://nova@%s/system?no_verify=1&keyfile={{ nova_system_home_folder }}/.ssh/id_rsa"
|
|
hw_disk_discard = {{ nova_libvirt_hw_disk_discard }}
|
|
disk_cachemodes = {{ nova_libvirt_disk_cachemodes }}
|
|
{% endif %}
|