---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# Defines that the role will be deployed on a host machine
is_metal: true

## Verbosity Options
debug: False
verbose: True
neutron_fatal_deprecations: False

## neutron User / Group
neutron_system_user_name: neutron
neutron_system_group_name: neutron
neutron_system_comment: neutron system user
neutron_system_shell: /bin/false
neutron_system_home_folder: "/var/lib/{{ neutron_system_user_name }}"

## DB
neutron_galera_user: neutron
neutron_galera_password: "{{ neutron_container_mysql_password }}"
neutron_galera_database: neutron
neutron_db_config: /etc/neutron/neutron.conf
neutron_db_plugin: /etc/neutron/plugins/ml2/ml2_conf.ini
neutron_db_max_overflow: 20
neutron_db_pool_size: 120
neutron_db_pool_timeout: 30

## RabbitMQ info
neutron_rabbitmq_userid: neutron
neutron_rabbitmq_vhost: /neutron

## Plugins
neutron_plugin_core: neutron.plugins.ml2.plugin.Ml2Plugin
# Other plugins can be added to the system by simply extending the list `neutron_plugin_base`.
# neutron_plugin_base:
#   - neutron.services.l3_router.l3_router_plugin.L3RouterPlugin
#   - neutron.services.metering.metering_plugin.MeteringPlugin
#   - neutron.services.loadbalancer.plugin.LoadBalancerPlugin
#   - neutron.services.vpn.plugin.VPNDriverPlugin
neutron_plugin_base:
  - neutron.services.l3_router.l3_router_plugin.L3RouterPlugin
  - neutron.services.metering.metering_plugin.MeteringPlugin
neutron_plugin_loaded_base: "{% for plugin in neutron_plugin_base %}{{ plugin }}{% if not loop.last %},{% endif %}{% endfor %}"

## Drivers
neutron_driver_network_scheduler: neutron.scheduler.dhcp_agent_scheduler.ChanceScheduler
neutron_driver_router_scheduler: neutron.scheduler.l3_agent_scheduler.LeastRoutersScheduler
neutron_driver_loadbalancer_pool_scheduler: neutron.services.loadbalancer.agent_scheduler.ChanceScheduler
neutron_driver_interface: neutron.agent.linux.interface.BridgeInterfaceDriver
neutron_driver_metering: neutron.services.metering.drivers.iptables.iptables_driver.IptablesMeteringDriver
neutron_driver_dhcp: neutron.agent.linux.dhcp.Dnsmasq
neutron_driver_notification: neutron.openstack.common.notifier.rpc_notifier
neutron_driver_quota: neutron.db.quota_db.DbQuotaDriver
neutron_driver_firewall: neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

## Quotas
neutron_default_quota: -1
neutron_quota_floatingip: 50
neutron_quota_health_monitor: -1
neutron_quota_member: -1
neutron_quota_network: 10
neutron_quota_network_gateway: 5
neutron_quota_packet_filter: 100
neutron_quota_pool: 10
neutron_quota_port: 50
neutron_quota_router: 10
neutron_quota_security_group: 10
neutron_quota_security_group_rule: 100
neutron_quota_subnet: 10
neutron_quota_vip: 10

## General Neutron configuration
# If ``neutron_api_workers`` is unset the system will use half the number of available VCPUs to
# compute the number of api workers to use.
# neutron_api_workers: 16

# ``neutron_rpc_workers`` is an experimental feature in neutron master (as of 03/2015) and
# the value will be 0 by default.
neutron_rpc_workers: 0

# If ``neutron_metadata_workers`` is unset the system will use half the number of available VCPUs to
# compute the number of api workers to use.
# neutron_metadata_workers: 16
neutron_metadata_backlog: 128

## Auth
neutron_service_project_name: service
neutron_service_project_domain_id: default
neutron_service_user_domain_id: default
neutron_service_role_name: admin
neutron_service_user_name: neutron
neutron_service_name: neutron
neutron_service_type: network
neutron_service_description: "OpenStack Networking"
neutron_service_port: 9696
neutron_service_proto: http
neutron_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(neutron_service_proto) }}"
neutron_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(neutron_service_proto) }}"
neutron_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(neutron_service_proto) }}"
neutron_service_publicuri: "{{ neutron_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ neutron_service_port }}"
neutron_service_publicurl: "{{ neutron_service_publicuri }}"
neutron_service_adminuri: "{{ neutron_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ neutron_service_port }}"
neutron_service_adminurl: "{{ neutron_service_adminuri }}"
neutron_service_internaluri: "{{ neutron_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ neutron_service_port }}"
neutron_service_internalurl: "{{ neutron_service_internaluri }}"
neutron_service_region: RegionOne

## Keystone authentication middleware
neutron_keystone_auth_plugin: password

neutron_service_program_name: neutron-server
neutron_service_program_config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
neutron_service_program_enabled: false

neutron_service_dhcp_program_name: neutron-dhcp-agent
neutron_service_dhcp_program_config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/dhcp_agent.ini
neutron_service_dhcp_program_enabled: false

neutron_service_l3_program_name: neutron-l3-agent
neutron_service_l3_program_config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini
neutron_service_l3_program_enabled: false

neutron_service_linuxbridge_program_name: neutron-linuxbridge-agent
neutron_service_linuxbridge_program_config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
neutron_service_linuxbridge_program_enabled: false

neutron_service_metadata_program_name: neutron-metadata-agent
neutron_service_metadata_program_config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/metadata_agent.ini
neutron_service_metadata_program_enabled: false

neutron_service_metering_program_name: neutron-metering-agent
neutron_service_metering_program_config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/metering_agent.ini
neutron_service_metering_program_enabled: false

## Agent
neutron_external_network_bridge: ""
neutron_gateway_external_network_id: ""

# Enable l2 population
neutron_l2_population: True

neutron_agent_mode: legacy
neutron_agent_down_time: 120
neutron_agent_polling_interval: 5
neutron_report_interval: "{{ neutron_agent_down_time | int / 2 | int }}"
neutron_network_device_mtu: 1450

# L3 configuration options
neutron_l3_router_delete_namespaces: True

# L3HA configuration options.
neutron_ha_vrrp_advert_int: 2
neutron_ha_vrrp_auth_password: None
neutron_ha_vrrp_auth_type: PASS
neutron_handle_internal_only_routers: True
neutron_l3_ha_enabled: False
neutron_l3_ha_net_cidr: 169.254.192.0/18

# If ``neutron_min_l3_agents_per_router`` is unset the system will use half the number of hosts in the
# "neutron_agent" group to determine the min agents per routers.
# neutron_min_l3_agents_per_router: 3

# If ``neutron_max_l3_agents_per_router`` is unset the system will use the number of hosts in the
# "neutron_agent" group to determine the max agents per routers.
# neutron_max_l3_agents_per_router: 3

# DHCP AGENT CONFIG
neutron_dhcp_config:
  dhcp-option-force: "26,1450"
  log-facility: "/var/log/neutron/neutron-dnsmasq.log"

# Types of networks supported by the ml2 plugin
neutron_ml2_drivers_type: "flat,vlan,vxlan,local"
neutron_ml2_mechanism_drivers: "linuxbridge,l2population"

## Set this to configure overlay networks. The default is set as an empty hash.
# neutron_overlay_network:
#   address: "172.29.241.248"
#   bridge: "br-vxlan"
#   interface: "eth10"
#   netmask: "255.255.252.0"
#   type: "veth"
neutron_overlay_network: {}

## The neutron multicast group address. This should be set as a host variable if used.
## This defaults to an empty string
# neutron_vxlan_group: 239.1.1.100
neutron_vxlan_group: ""

## Set this variable to configure the provider networks that will be available
## When setting up networking in things like the ml2_conf.ini file. Normally
## this will be defined as a host variable used within neutron as network configuration
## are likely to differ in between hosts.
# neutron_provider_networks:
#   network_flat_networks: "flat"
#   network_mappings: "flat:eth12,vlan:eth11"
#   network_types: "vxlan,flat,vlan"
#   network_vlan_ranges: "vlan:1:1,vlan:1024:1025"
#   network_vxlan_ranges: "1:1000"

neutron_dhcp_domain: openstacklocal
neutron_dhcp_delete_namespaces: True
# Comma-separated list of DNS servers which will be used by dnsmasq as forwarders.
neutron_dnsmasq_dns_servers: ""
# Limit number of leases to prevent a denial-of-service.
neutron_dnsmasq_lease_max: 16777216
# If ``neutron_num_sync_threads`` is unset, the system will use the value of api_workers calculated
# in templates/dhcp_agent.ini.j2 for num_sync_threads.
# neutron_num_sync_threads: 4

## RPC
neutron_rpc_backend: rabbit
neutron_rpc_thread_pool_size: 64
neutron_rpc_conn_pool_size: 30
neutron_rpc_response_timeout: 60

## Policy vars
# Provide a list of access controls to update the default policy.json with. These changes will be merged
# with the access controls in the default policy.json. E.g.
#neutron_policy_overrides:
#  "create_subnet": "rule:admin_or_network_owner"
#  "get_subnet": "rule:admin_or_owner or rule:shared"

neutron_apt_packages:
  - conntrack
  - dnsmasq-base
  - dnsmasq-utils
  - ipset
  - iputils-arping
  - keepalived
  - libpq-dev
  - ebtables

neutron_apt_remove_packages:
  - conntrackd

neutron_pip_packages:
  - configobj
  - cliff
  - keystonemiddleware
  - MySQL-python
  - neutron
  - pycrypto
  - python-glanceclient
  - python-keystoneclient
  - python-memcached
  - python-neutronclient
  - python-novaclient
  - repoze.lru

## Service Names
neutron_service_names:
  - neutron-agent
  - neutron-dhcp-agent
  - neutron-linuxbridge-agent
  - neutron-l3-agent
  - neutron-metadata-agent
  - neutron-metering-agent
  - neutron-server

## Tunable overrides
neutron_neutron_conf_overrides: {}
neutron_ml2_conf_ini_overrides: {}
neutron_dhcp_agent_ini_overrides: {}
neutron_api_paste_ini_overrides: {}
neutron_rootwrap_conf_overrides: {}
neutron_policy_overrides: {}
neutron_dnsmasq_neutron_conf_overrides: {}
neutron_l3_agent_ini_overrides: {}
neutron_metadata_agent_ini_overrides: {}
neutron_metering_agent_ini_overrides: {}