[DEFAULT]
# Logs / State
debug = {{ debug|default('False') }}
verbose = {{ verbose|default('True') }}
log_dir = /var/log/nova
state_path = /var/lib/nova
lock_path = /var/lock/nova
rootwrap_config = /etc/nova/rootwrap.conf
service_down_time = 120

# Scheduler
cpu_allocation_ratio = {{ nova_cpu_allocation_ratio }}
disk_allocation_ratio = {{ nova_disk_allocation_ratio }}
max_instances_per_host = {{ nova_max_instances_per_host }}
max_io_ops_per_host = {{ nova_max_io_ops_per_host }}
ram_allocation_ratio = {{ nova_ram_allocation_ratio }}
ram_weight_multiplier = {{ nova_ram_weight_multiplier }}
reserved_host_disk_mb = {{ nova_reserved_host_disk_mb }}
reserved_host_memory_mb = {{ nova_reserved_host_memory_mb }}
scheduler_driver = {{ nova_scheduler_driver }}
scheduler_available_filters = {{ nova_scheduler_available_filters }}
scheduler_default_filters = {{ nova_scheduler_default_filters }}
scheduler_driver_task_period = {{ nova_scheduler_driver_task_period }}
scheduler_host_manager = {{ nova_scheduler_host_manager }}
scheduler_host_subset_size = {{ nova_scheduler_host_subset_size }}
scheduler_manager = {{ nova_scheduler_manager }}
scheduler_max_attempts = {{ nova_scheduler_max_attempts }}
scheduler_weight_classes = {{ nova_scheduler_weight_classes }}

# Compute
compute_driver = {{ nova_compute_driver }}
instance_name_template = instance-%08x
instances_path = /var/lib/nova/instances
api_paste_config = /etc/nova/api-paste.ini
allow_resize_to_same_host = True

# Api's
enabled_apis = osapi_compute,metadata,ec2
ec2_dmz_host = {{ external_vip_address }}
s3_port = 3333
s3_host = {{ ansible_ssh_host }}

# Rpc all
amqp_auto_delete = False
rpc_backend = {{ rpc_backend }}

# RabbitMQ
rabbit_port = {{ rabbit_port }}
rabbit_userid = {{ rabbit_userid }}
rabbit_password = {{ rabbit_password }}
rabbit_hosts = {{ rabbit_hosts }}


# Metadata
metadata_host = {{ internal_vip_address }}
metadata_port = {{ nova_metadata_port|default('8775') }}

# Network
force_dhcp_release = True
dhcpbridge_flagfile = /etc/nova/nova.conf
firewall_driver = {{ nova_firewall_driver }}
my_ip = {{ container_address }}
default_floating_pool = public
security_group_api = neutron
network_api_class = nova.network.neutronv2.api.API

# VNC disabled, see spice section
vnc_enabled = False

# Authentication
auth_strategy = keystone

## Vif
linuxnet_interface_driver = {{ nova_linuxnet_interface_driver }}
libvirt_vif_driver = {{ nova_libvirt_vif_driver }}
libvirt_vif_type = ethernet
vif_plugging_timeout = 10
vif_plugging_is_fatal = False

# Hypervisor
default_ephemeral_format = ext4

# Configdrive
force_config_drive = always

# Policy
max_age = {{ nova_max_age }}

# Common
memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['container_address'] }}:{{ memcached_port|default('11211') }}{% if not loop.last %},{% endif %}{% endfor %}

# Cinder
[cinder]
catalog_info = volume:cinder:internalURL


{% if nova_html5proxy_base_url is defined%}
[spice]
agent_enabled = {{ nova_console_agent_enabled|default('True') }}
enabled = {{ nova_console_agent_enabled|default('True') }}
keymap = {{ nova_console_keymap|default('en-us') }}
# Console Url and binds
html5proxy_base_url = {{ nova_html5proxy_base_url }}
server_listen = {{ container_address }}
server_proxyclient_address = {{ container_address }}
{% endif %}

# Glance
[glance]
api_servers = {{ glance_service_adminurl }}

# Neutron
[neutron]
url = {{ neutron_service_adminurl }}
region_name = {{ service_region }}
admin_tenant_name = {{ hostvars[groups['neutron_all'][0]]['service_admin_tenant_name'] }}
auth_strategy = keystone
admin_auth_url = {{ auth_admin_uri }}
admin_password = {{ neutron_service_password }}
admin_username = {{ hostvars[groups['neutron_all'][0]]['service_admin_username'] }}
metadata_proxy_shared_secret = {{ nova_metadata_proxy_secret }}
service_metadata_proxy = True


[conductor]
use_local = false
topic = conductor
manager = nova.conductor.manager.ConductorManager


[osapi_v3]
enabled = True


[keystone_authtoken]
signing_dir = /var/lib/nova/cache/api
identity_uri = {{ auth_protocol }}://{{ auth_host }}:{{ auth_port }}
admin_password = {{ service_admin_password }}
admin_user = {{ service_admin_username }}
admin_tenant_name = {{ service_admin_tenant_name }}

memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['container_address'] }}:{{ memcached_port|default('11211') }}{% if not loop.last %},{% endif %}{% endfor %}

token_cache_time = 300
revocation_cache_time = 60

# if your memcached server is shared, use these settings to avoid cache poisoning
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcached_secret_key }}

# if your keystone deployment uses PKI, and you value security over performance:
check_revocations_for_cached = {{ hostvars[groups['keystone_all'][0]]['keystone_use_pki'] }}


[database]
connection = mysql://{{ container_mysql_user }}:{{ container_mysql_password }}@{{ mysql_address }}/{{ container_database }}?charset=utf8


[libvirt]
vif_driver = {{ nova_libvirt_vif_driver }}
inject_partition = -2
use_usb_tablet = False
use_virtio_for_bridges = True
cpu_mode = {{ nova_cpu_mode }}
virt_type = {{ virt_type }}