openstack/openstack-ansible
Code Issues Proposed changes
Files
4f4d81acb51f3d8d6efaab0fc3beeabdeebd9957
openstack-ansible/playbooks/roles/os_neutron/templates/neutron.conf.j2
Matthew Kassawara 4f4d81acb5 Reduce neutron configuration 
Reduce neutron configuration as follows:

1) Limit [ml2*] sections to neutron server containers [1].
2) Remove the [vlan] section everywhere because it only
   pertains to the defunct Linux bridge monolithic
   plug-in [2].
3) Explicitly disable VXLAN if deployment only includes flat
   or VLAN networks [3].
4) Limit Linux bridge agent configuration options to neutron
   agent containers.
5) Remove [agent] tunnel_type option because the Linux bridge
   agent does not use it.
6) Move some options to correct locations.
7) Reorder some options to improve readability.
8) Annotate groups of options or specific options.

[1] https://review.openstack.org/#/c/196759/
[2] https://review.openstack.org/#/c/196765/
[3] https://review.openstack.org/#/c/160826/

Change-Id: I275fb600360530534f7673e6eb2a3d397b10fb8e
Closes-Bug: #1473230
2015-08-07 08:08:44 +00:00

159 lines
5.1 KiB
Django/Jinja
Raw Blame History

# {{ ansible_managed }}
{% set _api_threads = ansible_processor_vcpus|default(2) // 2 %}
{% set api_threads = _api_threads if _api_threads > 0 else 1 %}
# General, applies to all host groups
[DEFAULT]
verbose = {{ verbose }}
debug = {{ debug }}
fatal_deprecations = {{ neutron_fatal_deprecations }}
use_syslog = False
log_file = /var/log/neutron/neutron.log
{% if inventory_hostname in groups['neutron_server'] %}
# General, only applies to neutron server host group
network_device_mtu = {{ neutron_network_device_mtu }}
allow_overlapping_ips = True
vlan_transparent = False
# Plugins
core_plugin = {{ neutron_plugin_core }}
service_plugins = {{ neutron_plugin_loaded_base }}
# MAC address generation for VIFs
base_mac = fa:16:3e:00:00:00
mac_generation_retries = 16
# Authentication method
auth_strategy = keystone
# Drivers
network_scheduler_driver = {{ neutron_driver_network_scheduler }}
router_scheduler_driver = {{ neutron_driver_router_scheduler }}
loadbalancer_pool_scheduler_driver = {{ neutron_driver_loadbalancer_pool_scheduler }}
notification_driver = {{ neutron_driver_notification }}
# Schedulers
network_auto_schedule = True
router_auto_schedule = True
# Distributed virtual routing (disable by default)
router_distributed = False
# Agents
agent_down_time = {{ neutron_agent_down_time }}
# API
bind_port = 9696
bind_host = 0.0.0.0
# Workers
api_workers = {{ neutron_api_workers | default(api_threads) }}
rpc_workers = {{ neutron_rpc_workers }}
# DHCP
dhcp_agent_notification = True
dhcp_agents_per_network = {{ groups['neutron_agent'] | length }}
dhcp_lease_duration = 86400
advertise_mtu = False
# Nova notifications
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
send_events_interval = 2
nova_url = {{ nova_service_adminurl|replace('/%(tenant_id)s', '') }}
## Rpc all
rpc_backend = {{ neutron_rpc_backend }}
rpc_thread_pool_size = {{ neutron_rpc_thread_pool_size }}
rpc_conn_pool_size = {{ neutron_rpc_conn_pool_size }}
rpc_response_timeout = {{ neutron_rpc_response_timeout }}
[nova]
auth_plugin = {{ nova_keystone_auth_plugin }}
auth_url = {{ keystone_service_adminuri }}
region_name = {{ nova_service_region }}
project_domain_id = {{ nova_service_project_domain_id }}
user_domain_id = {{ nova_service_user_domain_id }}
project_name = {{ nova_service_project_name }}
username = {{ nova_service_user_name }}
password = {{ nova_service_password }}
# Quotas
[quotas]
quota_driver = {{ neutron_driver_quota }}
quota_items = network,subnet,port
default_quota = {{ neutron_default_quota }}
quota_floatingip = {{ neutron_quota_floatingip }}
quota_health_monitor = {{ neutron_quota_health_monitor }}
quota_member = {{ neutron_quota_member }}
quota_network = {{ neutron_quota_network }}
quota_network_gateway = {{ neutron_quota_network_gateway }}
quota_packet_filter = {{ neutron_quota_packet_filter }}
quota_pool = {{ neutron_quota_pool }}
quota_port = {{ neutron_quota_port }}
quota_router = {{ neutron_quota_router }}
quota_security_group = {{ neutron_quota_security_group }}
quota_security_group_rule = {{ neutron_quota_security_group_rule }}
quota_subnet = {{ neutron_quota_subnet }}
quota_vip = {{ neutron_quota_vip }}
# Keystone authentication
[keystone_authtoken]
insecure = {{ keystone_service_internaluri_insecure | bool }}
auth_plugin = {{ neutron_keystone_auth_plugin }}
signing_dir = /var/cache/neutron
auth_url = {{ keystone_service_adminuri }}
auth_uri = {{ keystone_service_internaluri }}
project_domain_id = {{ neutron_service_project_domain_id }}
user_domain_id = {{ neutron_service_user_domain_id }}
project_name = {{ neutron_service_project_name }}
username = {{ neutron_service_user_name }}
password = {{ neutron_service_password }}
memcached_servers = {{ memcached_servers }}
token_cache_time = 300
revocation_cache_time = 60
# Prevent cache poisoning if sharing a memcached server
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcached_encryption_key }}
# Enable if your keystone deployment uses PKI and you prefer security over
# performance (disable by default)
check_revocations_for_cached = False
# Database
[database]
connection = mysql://{{ neutron_galera_user }}:{{ neutron_container_mysql_password }}@{{ neutron_galera_address }}/{{ neutron_galera_database }}?charset=utf8
max_overflow = {{ neutron_db_max_overflow }}
max_pool_size = {{ neutron_db_pool_size }}
pool_timeout = {{ neutron_db_pool_timeout }}
# Service providers
[service_providers]
service_provider = LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
service_provider = VPN:openswan:neutron.services.vpn.service_drivers.ipsec.IPsecVPNDriver:default
{% endif %}
# Agent
[agent]
polling_interval = {{ neutron_agent_polling_interval|default(5) }}
report_interval = {{ neutron_report_interval|int }}
root_helper = sudo /usr/local/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
# Messaging service
[oslo_messaging_rabbit]
rabbit_port = {{ rabbitmq_port }}
rabbit_userid = {{ rabbitmq_userid }}
rabbit_password = {{ rabbitmq_password }}
rabbit_hosts = {{ rabbitmq_servers }}
# Concurrency (locking mechanisms)
[oslo_concurrency]
lock_path = /var/lock/neutron
View Git Blame Copy Permalink