openstack/openstack-ansible-os_nova
Code Issues Proposed changes
f769d0d18e
openstack-ansible-os_nova/templates/nova.conf.j2
Logan V fd6da36ab5 Always deploy placement authtoken config 
The placement service is required, nova cannot start without it,
so we must always configure the authtoken even if the flag to deploy
the integrated nova-placement-api is disabled. This will enable the
ability to move placement into a separate service, disable the
nova-placement-api deployment, yet still configure the required
authtoken in nova.conf.

Depends-On: I58788af6f02a4b339a270dff69a86ce7cdea41d3
Change-Id: I4619d333187a0e96c1b60fe2f203df0838c12059
2019-05-08 09:37:05 -05:00

364 lines
13 KiB
Django/Jinja
Raw Blame History

# {{ ansible_managed }}
[DEFAULT]
# Disable stderr logging
use_stderr = False
# Logs / State
debug = {{ debug }}
fatal_deprecations = {{ nova_fatal_deprecations }}
log_dir = {{ nova_log_dir }}
state_path = {{ nova_system_home_folder }}
rootwrap_config = /etc/nova/rootwrap.conf
service_down_time = 120
{% if nova_default_schedule_zone is defined %}
default_schedule_zone = {{ nova_default_schedule_zone }}
{% endif %}
# Scheduler
cpu_allocation_ratio = {{ nova_cpu_allocation_ratio }}
disk_allocation_ratio = {{ nova_disk_allocation_ratio }}
ram_allocation_ratio = {{ nova_ram_allocation_ratio }}
reserved_host_disk_mb = {{ nova_reserved_host_disk_mb }}
reserved_host_memory_mb = {{ nova_reserved_host_memory_mb }}
# Compute
compute_driver = {{ nova_compute_driver }}
instance_name_template = instance-%08x
instances_path = {{ nova_system_home_folder }}/instances
allow_resize_to_same_host = True
image_cache_manager_interval = {{ nova_image_cache_manager_interval }}
resume_guests_state_on_host_boot = {{ nova_resume_guests_state_on_host_boot }}
{% if nova_console_user_ssl_cert is defined and nova_console_user_ssl_key is defined and ( nova_services['nova-novncproxy']['group'] in group_names or nova_services['nova-spicehtml5proxy']['group'] in group_names or nova_services['nova-serialconsole-proxy']['group'] in group_names ) %}
# Console SSL keys
ssl_only = true
cert = {{ nova_console_ssl_cert }}
key = {{ nova_console_ssl_key }}
{% endif %}
# Api's
enabled_apis = {{ nova_enabled_apis }}
osapi_compute_workers = {{ nova_osapi_compute_workers | default(nova_api_threads) }}
# Rpc all
transport_url = {{ nova_oslomsg_rpc_transport }}://{% for host in nova_oslomsg_rpc_servers.split(',') %}{{ nova_oslomsg_rpc_userid }}:{{ nova_oslomsg_rpc_password }}@{{ host }}:{{ nova_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ nova_oslomsg_rpc_vhost }}{% if nova_oslomsg_rpc_use_ssl | bool %}?ssl=1{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
executor_thread_pool_size = {{ nova_rpc_thread_pool_size }}
rpc_response_timeout = {{ nova_rpc_response_timeout }}
# Metadata
metadata_workers = {{ nova_metadata_workers | default(nova_api_threads) }}
# Network
my_ip = {% if nova_management_address == 'localhost' %}127.0.0.1{% else %}{{ nova_management_address }}{% endif %}
## Vif
{% if nova_virt_type in ['kvm', 'lxd', 'qemu', 'xen'] %}
libvirt_vif_type = ethernet
{% endif %}
# Hypervisor
default_ephemeral_format = ext4
{% if nova_virt_type == 'powervm' %}
injected_network_template = /etc/nova/nova-interfaces-template
{% endif %}
# Configdrive
force_config_drive = {{ nova_force_config_drive }}
# Ceilometer notification configurations
{% if nova_ceilometer_enabled %}
instance_usage_audit = True
instance_usage_audit_period = hour
{% endif %}
# Notifications
[oslo_messaging_notifications]
{% set notification_topics = ['notifications'] %}
{% if nova_designate_enabled %}
{% set _ = notification_topics.append(nova_notifications_designate) %}
{% endif %}
topics = {{ notification_topics | join(',') }}
driver = messagingv2
transport_url = {{ nova_oslomsg_notify_transport }}://{% for host in nova_oslomsg_notify_servers.split(',') %}{{ nova_oslomsg_notify_userid }}:{{ nova_oslomsg_notify_password }}@{{ host }}:{{ nova_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ nova_oslomsg_notify_vhost }}{% if nova_oslomsg_notify_use_ssl | bool %}?ssl=1{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
# Cache
[cache]
enabled = true
backend = oslo_cache.memcache_pool
memcache_servers = {{ memcached_servers }}
# Cinder
[cinder]
catalog_info = volumev3:cinderv3:internalURL
cross_az_attach = {{ nova_cross_az_attach }}
os_region_name = {{ nova_service_region }}
{% if nova_console_type == 'spice' %}
[spice]
agent_enabled = {{ nova_console_agent_enabled }}
enabled = {{ nova_console_agent_enabled }}
# Console Url and binds
html5proxy_base_url = {{ nova_spice_html5proxy_base_url }}
server_listen = {% if nova_management_address == 'localhost' %}127.0.0.1{% else %}{{ nova_management_address }}{% endif %}
server_proxyclient_address = {% if nova_management_address == 'localhost' %}127.0.0.1{% else %}{{ nova_management_address }}{% endif %}
[vnc]
enabled = False
{% elif nova_console_type == 'novnc' %}
[vnc]
enabled = {{ nova_novncproxy_agent_enabled }}
novncproxy_base_url = {{ nova_novncproxy_base_url }}
server_listen = {{ nova_novncproxy_vncserver_listen }}
server_proxyclient_address = {{ nova_novncproxy_vncserver_proxyclient_address }}
{% elif nova_console_type == 'serialconsole' %}
[serial_console]
enabled = {{ nova_serialconsoleproxy_enabled }}
# Console Url and binds
base_url= {{ nova_serialconsoleproxy_base_url }}
proxyclient_address = {% if nova_management_address == 'localhost' %}127.0.0.1{% else %}{{ nova_management_address }}{% endif %}
port_range = {{ nova_serialconsoleproxy_port_range }}
{% if nova_services['nova-serialconsole-proxy']['group'] %}
serialproxy_host= {{ nova_serialconsoleproxy_serialconsole_proxyserver_proxyclient_address }}
serialproxy_port= {{ nova_serialconsoleproxy_port }}
{% endif %}
[vnc]
enabled = False
{% endif %}
# Glance
[glance]
api_servers = {{ nova_glance_api_servers }}
insecure = {{ keystone_service_internaluri_insecure | bool }}
# Neutron
[neutron]
region_name = {{ neutron_service_region }}
auth_type = password
default_floating_pool = public
# Keystone client plugin password option
password = {{ neutron_service_password }}
# Keystone client plugin username option
username = {{ neutron_service_user_name }}
project_name = {{ neutron_service_project_name }}
user_domain_name = {{ neutron_service_domain_name |default("Default") }}
project_domain_name = {{ neutron_service_domain_name |default("Default") }}
# Keystone client plugin authentication URL option
auth_url = {{ keystone_service_adminurl }}
insecure = {{ keystone_service_adminuri_insecure | bool }}
metadata_proxy_shared_secret = {{ nova_metadata_proxy_secret }}
service_metadata_proxy = {{ nova_metadata_proxy_enabled }}
{% if nova_network_services[nova_network_type]['ovs_bridge'] is defined %}
ovs_bridge = {{ nova_network_services[nova_network_type]['ovs_bridge'] }}
{% endif %}
{% if nova_ceilometer_enabled %}
[notifications]
notify_on_state_change = vm_and_task_state
notification_format = {% if nova_versioned_notification_enabled %}both{% else %}unversioned{% endif %}
{% endif %}
[placement]
region_name = {{ nova_placement_service_region }}
valid_interfaces = {{ nova_placement_service_interface }}
auth_type = "password"
password = {{ nova_placement_service_password }}
username = {{ nova_placement_service_username }}
project_name = {{ nova_placement_service_project_name }}
user_domain_name = {{ nova_placement_service_user_domain_id }}
project_domain_name = {{ nova_placement_service_project_domain_id }}
auth_url = {{ keystone_service_adminurl }}
insecure = {{ keystone_service_adminuri_insecure | bool }}
[conductor]
workers = {{ nova_conductor_workers | default(nova_api_threads) }}
[keystone_authtoken]
insecure = {{ keystone_service_internaluri_insecure | bool }}
auth_type = {{ nova_keystone_auth_plugin }}
auth_url = {{ keystone_service_adminuri }}
www_authenticate_uri = {{ keystone_service_internaluri }}
project_domain_id = {{ nova_service_project_domain_id }}
user_domain_id = {{ nova_service_user_domain_id }}
project_name = {{ nova_service_project_name }}
username = {{ nova_service_user_name }}
password = {{ nova_service_password }}
region_name = {{ keystone_service_region }}
memcached_servers = {{ memcached_servers }}
token_cache_time = 300
# if your memcached server is shared, use these settings to avoid cache poisoning
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcached_encryption_key }}
{% if group_names | intersect(nova_services.keys() | difference('nova-compute') | map('extract', nova_services, 'group') | list) | count > 0 %}
[database]
connection = mysql+pymysql://{{ nova_galera_user }}:{{ nova_container_mysql_password }}@{{ nova_galera_address }}/{{ nova_galera_database }}?charset=utf8{% if nova_galera_use_ssl | bool %}&ssl_ca={{ nova_galera_ssl_ca_cert }}{% endif %}
max_overflow = {{ nova_db_max_overflow }}
max_pool_size = {{ nova_db_max_pool_size }}
pool_timeout = {{ nova_db_pool_timeout }}
[api_database]
connection = mysql+pymysql://{{ nova_api_galera_user }}:{{ nova_api_container_mysql_password }}@{{ nova_api_galera_address }}/{{ nova_api_galera_database }}?charset=utf8{% if nova_galera_use_ssl | bool %}&ssl_ca={{ nova_galera_ssl_ca_cert }}{% endif %}
max_overflow = {{ nova_api_db_max_overflow }}
max_pool_size = {{ nova_api_db_max_pool_size }}
pool_timeout = {{ nova_api_db_pool_timeout }}
{% endif %}
[oslo_concurrency]
lock_path = {{ nova_lock_path }}
[oslo_messaging_rabbit]
ssl = {{ nova_oslomsg_rpc_use_ssl }}
rpc_conn_pool_size = {{ nova_rpc_conn_pool_size }}
{% if nova_virt_type == 'ironic' %}
[ironic]
username = {{ ironic_service_user_name }}
password = {{ ironic_service_password }}
project_name = {{ ironic_service_project_name }}
user_domain_name = {{ ironic_service_domain_name | default("Default") }}
project_domain_name = {{ ironic_service_domain_name | default("Default") }}
auth_url = {{ keystone_service_adminurl }}
insecure = {{ keystone_service_adminuri_insecure | bool }}
api_endpoint = {{ ironic_service_adminurl }}
auth_type = {{ ironic_keystone_auth_plugin }}
{% endif %}
{% if nova_virt_type in ['kvm', 'qemu', 'xen'] %}
[libvirt]
inject_partition = {{ nova_libvirt_inject_partition }}
inject_password = {{ nova_libvirt_inject_password }}
inject_key = {{ nova_libvirt_inject_key }}
use_virtio_for_bridges = True
virt_type = {{ nova_virt_type }}
remove_unused_resized_minimum_age_seconds = {{ nova_remove_unused_resized_minimum_age_seconds }}
{% if nova_cpu_mode is defined %}
cpu_mode = {{ nova_cpu_mode }}
{% if nova_cpu_mode == 'custom' %}
cpu_model = {{ nova_cpu_model }}
{% endif %}
{% if nova_cpu_model_extra_flags is defined %}
cpu_model_extra_flags = {{ nova_cpu_model_extra_flags | join(',') }}
{% endif %}
{% endif %}
{% if nova_libvirt_images_rbd_pool is defined %}
# ceph rbd support
rbd_user = {{ nova_ceph_client }}
rbd_secret_uuid = {{ nova_ceph_client_uuid }}
images_type = rbd
images_rbd_pool = {{ nova_libvirt_images_rbd_pool }}
images_rbd_ceph_conf = /etc/ceph/ceph.conf
{% endif %}
live_migration_uri = "qemu+ssh://nova@%s/system?no_verify=1&keyfile={{ nova_system_home_folder }}/.ssh/id_rsa"
live_migration_tunnelled = True
hw_disk_discard = {{ nova_libvirt_hw_disk_discard }}
disk_cachemodes = {{ nova_libvirt_disk_cachemodes }}
{% endif %}
{% if nova_virt_type == 'lxd' %}
[lxd]
pool= {{ lxd_storage_pool }}
{% endif %}
{% if nova_barbican_enabled %}
[barbican]
auth_endpoint = {{ keystone_service_internaluri }}/v3
[key_manager]
backend = barbican
region_name = {{ nova_placement_service_region }}
auth_type = "password"
password = {{ nova_placement_service_password }}
username = {{ nova_placement_service_username }}
project_name = {{ nova_placement_service_project_name }}
user_domain_name = {{ nova_placement_service_user_domain_id }}
project_domain_name = {{ nova_placement_service_project_domain_id }}
auth_url = {{ keystone_service_adminurl }}
insecure = {{ keystone_service_adminuri_insecure | bool }}
{% endif %}
[wsgi]
api_paste_config = /etc/nova/api-paste.ini
{% if nova_external_ssl | bool %}
secure_proxy_ssl_header = {{ nova_secure_proxy_ssl_header }}
{% endif %}
[api]
auth_strategy = keystone
enable_instance_password = {{ nova_enable_instance_password }}
use_forwarded_for = {{ nova_network_services[nova_network_type]['use_forwarded_for'] | bool }}
vendordata_jsonfile_path = /etc/nova/vendor_data.json
[scheduler]
workers = {{ nova_scheduler_workers | default(nova_api_threads) }}
max_attempts = {{ nova_scheduler_max_attempts }}
scheduler_driver = {{ nova_scheduler_driver }}
periodic_task_interval = {{ nova_scheduler_driver_task_period }}
discover_hosts_in_cells_interval = {{ nova_discover_hosts_in_cells_interval }}
[filter_scheduler]
max_instances_per_host = {{ nova_max_instances_per_host }}
max_io_ops_per_host = {{ nova_max_io_ops_per_host }}
ram_weight_multiplier = {{ nova_ram_weight_multiplier }}
available_filters = {{ nova_scheduler_available_filters }}
enabled_filters = {{ nova_scheduler_default_filters }}
host_subset_size = {{ nova_scheduler_host_subset_size }}
weight_classes = {{ nova_scheduler_weight_classes }}
tracks_instance_changes = {{ nova_scheduler_tracks_instance_changes }}
[quota]
cores = {{ nova_quota_cores }}
injected_file_content_bytes = {{ nova_quota_injected_file_content_bytes }}
injected_file_path_length = {{ nova_quota_injected_file_path_length }}
injected_files = {{ nova_quota_injected_files }}
instances = {{ nova_quota_instances }}
key_pairs = {{ nova_quota_key_pairs }}
max_age = {{ nova_max_age }}
metadata_items = {{ nova_quota_metadata_items }}
ram = {{ nova_quota_ram }}
server_group_members = {{ nova_quota_server_group_members }}
server_groups = {{ nova_quota_server_groups }}
[upgrade_levels]
compute=auto
{% if enabled_vgpu_types is defined %}
[devices]
enabled_vgpu_types = {{ enabled_vgpu_types | join(',') }}
{% endif %}
{% if nova_pci_passthrough_whitelist or nova_pci_alias %}
[pci]
{% if nova_pci_passthrough_whitelist %}
# White list of PCI devices available to VMs.
passthrough_whitelist = {{ nova_pci_passthrough_whitelist }}
{% endif %}
{% if nova_pci_alias %}
# PCI Alias
{% for item in nova_pci_alias %}
alias = {{item}}
{% endfor %}
{% endif %}
{% endif %}
View Git Blame Copy Permalink