openstack/openstack-ansible
Code Issues Proposed changes
ba572d1d2e
openstack-ansible/doc/source/install-guide/app-advanced-config-override.rst
Bob Taylor 7c5f177c57 Add a doc example for yaml file overrides 
Adds an example for yaml config file overrides and provides
clarification that the entire yaml file contents are overwritten
by any supplied override values, not just the added or changed values.

Change-Id: Ia64b6dceace4f33617736426c7818cfb6fc101e7
Partial-Bug: 1605758
2016-09-08 09:33:34 +00:00

7.4 KiB
Raw Blame History

Overriding OpenStack configuration defaults

OpenStack has many configuration options available in configuration files which are in the form of .conf files (in a standard INI file format), policy files (in a standard JSON format) and also YAML files.

Note

YAML files are only in the ceilometer project at this time.

OpenStack-Ansible provides the facility to include reference to any options in the OpenStack Configuration Reference through the use of a simple set of configuration entries in /etc/openstack_deploy/user_variables.yml.

This section provides guidance for how to make use of this facility. Further guidance is available in the developer documentation in the section titled Setting overrides in configuration files.

Overriding .conf files

The most common use-case for implementing overrides are for the <service>.conf files (for example, nova.conf). These files use a standard INI file format.

For example, if you add the following parameters to nova.conf:

[DEFAULT]
remove_unused_original_minimum_age_seconds = 43200

[libvirt]
cpu_mode = host-model
disk_cachemodes = file=directsync,block=none

[database]
idle_timeout = 300
max_pool_size = 10

This is accomplished through the use of the following configuration entry in /etc/openstack_deploy/user_variables.yml:

nova_nova_conf_overrides:
  DEFAULT:
    remove_unused_original_minimum_age_seconds: 43200
  libvirt:
    cpu_mode: host-model
    disk_cachemodes: file=directsync,block=none
  database:
    idle_timeout: 300
    max_pool_size: 10

Overrides may also be applied on a per host basis with the following configuration in /etc/openstack_deploy/openstack_user_config.yml:

compute_hosts:
  900089-compute001:
    ip: 192.0.2.10
    host_vars:
      nova_nova_conf_overrides:
        DEFAULT:
          remove_unused_original_minimum_age_seconds: 43200
        libvirt:
          cpu_mode: host-model
          disk_cachemodes: file=directsync,block=none
        database:
          idle_timeout: 300
          max_pool_size: 10

Use this method for any INI file format for all OpenStack projects deployed in OpenStack-Ansible.

To assist you in finding the appropriate variable name to use for overrides, the general format for the variable name is: <service>_<filename>_<file extension>_overrides.

Overriding .json files

You can adjust the default policies applied by services in order to implement access controls which are different to a standard OpenStack environment. Policy files are in a JSON format.

For example, you can add the following policy in keystone's policy.json:

{
    "identity:foo": "rule:admin_required",
    "identity:bar": "rule:admin_required"
}

Accomplish this through the use of the following configuration entry in /etc/openstack_deploy/user_variables.yml:

keystone_policy_overrides:
  identity:foo: "rule:admin_required"
  identity:bar: "rule:admin_required"

Use this method for all OpenStack projects deployed in OpenStack-Ansible with JSON file formats.

To assist you in finding the appropriate variable name to use for overrides, the general format for the variable name is <service>_policy_overrides.

Overriding YAML files

You can override .yml file values by supplying replacement YAML content.

Note

All default YAML file content will be completely overwritten by the provided overrides, so the entire YAML source (both the existing content and your changes) must be provided.

For example, you can define a meter exclusion for all hardware items in the default content of ceilometer's pipeline.yml:

sources:
    - name: meter_source
    interval: 600
    meters:
        - "!hardware.*"
    sinks:
        - meter_sink
    - name: foo_source
    value: foo

You can accomplish this through the use of the following configuration entry in /etc/openstack_deploy/user_variables.yml:

ceilometer_pipeline_yaml_overrides:
  sources:
      - name: meter_source
      interval: 600
      meters:
          - "!hardware.*"
      sinks:
          - meter_sink
      - name: source_foo
      value: foo

To assist you in finding the appropriate variable name to use for overrides, the general format for the variable name is <service>_<filename>_<file extension>_overrides.

Currently available overrides

The following is a list of overrides available:

Galera:
  • galera_client_my_cnf_overrides
  • galera_my_cnf_overrides
  • galera_cluster_cnf_overrides
  • galera_debian_cnf_overrides
Ceilometer:
  • ceilometer_policy_overrides
  • ceilometer_ceilometer_conf_overrides
  • ceilometer_api_paste_ini_overrides
  • ceilometer_event_definitions_yaml_overrides
  • ceilometer_event_pipeline_yaml_overrides
  • ceilometer_pipeline_yaml_overrides
Cinder:
  • cinder_policy_overrides
  • cinder_rootwrap_conf_overrides
  • cinder_api_paste_ini_overrides
  • cinder_cinder_conf_overrides
Glance:
  • glance_glance_api_paste_ini_overrides
  • glance_glance_api_conf_overrides
  • glance_glance_cache_conf_overrides
  • glance_glance_manage_conf_overrides
  • glance_glance_registry_paste_ini_overrides
  • glance_glance_registry_conf_overrides
  • glance_glance_scrubber_conf_overrides
  • glance_glance_scheme_json_overrides
  • glance_policy_overrides
Heat:
  • heat_heat_conf_overrides
  • heat_api_paste_ini_overrides
  • heat_default_yaml_overrides
  • heat_aws_cloudwatch_alarm_yaml_overrides
  • heat_aws_rds_dbinstance_yaml_overrides
  • heat_policy_overrides
Keystone:
  • keystone_keystone_conf_overrides
  • keystone_keystone_default_conf_overrides
  • keystone_keystone_paste_ini_overrides
  • keystone_policy_overrides
Neutron:
  • neutron_neutron_conf_overrides
  • neutron_ml2_conf_ini_overrides
  • neutron_dhcp_agent_ini_overrides
  • neutron_api_paste_ini_overrides
  • neutron_rootwrap_conf_overrides
  • neutron_policy_overrides
  • neutron_dnsmasq_neutron_conf_overrides
  • neutron_l3_agent_ini_overrides
  • neutron_metadata_agent_ini_overrides
  • neutron_metering_agent_ini_overrides
Nova:
  • nova_nova_conf_overrides
  • nova_rootwrap_conf_overrides
  • nova_api_paste_ini_overrides
  • nova_policy_overrides
Swift:
  • swift_swift_conf_overrides
  • swift_swift_dispersion_conf_overrides
  • swift_proxy_server_conf_overrides
  • swift_account_server_conf_overrides
  • swift_account_server_replicator_conf_overrides
  • swift_container_server_conf_overrides
  • swift_container_server_replicator_conf_overrides
  • swift_object_server_conf_overrides
  • swift_object_server_replicator_conf_overrides
Tempest:
  • tempest_tempest_conf_overrides
pip:
  • pip_global_conf_overrides