openstack-ansible/playbooks/roles/os_cinder/templates/cinder.conf.j2

# {{ ansible_managed }}

{% set _api_threads = ansible_processor_vcpus|default(2) // 2 %}
{% set api_threads = _api_threads if _api_threads > 0 else 1 %}

[DEFAULT]
verbose = {{ verbose }}
debug = {{ debug }}
fatal_deprecations = {{ cinder_fatal_deprecations }}
my_ip = {{ cinder_storage_address }}

osapi_volume_workers = {{ cinder_osapi_volume_workers | default(api_threads) }}

rootwrap_config = /etc/cinder/rootwrap.conf
api_paste_config = /etc/cinder/api-paste.ini
auth_strategy = keystone

## Cinder API's enabled
enable_v1_api = {{ cinder_enable_v1_api }}
enable_v2_api = {{ cinder_enable_v2_api }}

{% if inventory_hostname in groups['cinder_volume'] %}
{% if cinder_service_backup_program_enabled == true %}
## Cinder Backup
backup_driver = {{ cinder_service_backup_driver }}
backup_metadata_version = {{ cinder_service_backup_metadata_version }}
backup_compression_algorithm = {{ cinder_service_backup_compression_algorithm }}
{% if cinder_service_backup_driver == 'cinder.backup.drivers.swift' %}
backup_swift_auth = {{ cinder_service_backup_swift_auth }}
{% if cinder_service_backup_swift_auth == 'single_user' %}
backup_swift_url = {{ cinder_service_backup_swift_url }}
backup_swift_user = {{ cinder_service_backup_swift_user }}
backup_swift_tenant = {{ cinder_service_backup_swift_tenant }}
backup_swift_key = {{ cinder_service_backup_swift_key }}
backup_swift_auth_version = {{ cinder_service_backup_swift_auth_version }}
{% endif %}
backup_swift_container = {{ cinder_service_backup_swift_container }}
backup_swift_object_size = {{ cinder_service_backup_swift_object_size }}
backup_swift_retry_attempts = {{ cinder_service_backup_swift_retry_attempts }}
backup_swift_retry_backoff = {{ cinder_service_backup_swift_retry_backoff }}
{% elif cinder_service_backup_driver == 'cinder.backup.drivers.ceph' %}
backup_ceph_user = {{ cinder_service_backup_ceph_user }}
backup_ceph_pool = {{ cinder_service_backup_ceph_pool }}
{% endif %}
{% endif %}
{% endif %}

## RabbitMQ
rpc_backend = {{ cinder_rpc_backend }}

## Quota
quota_volumes = {{ cinder_quota_volumes }}
quota_snapshots = {{ cinder_quota_snapshots }}
quota_consistencygroups = {{ cinder_quota_consistencygroups }}
quota_gigabytes = {{ cinder_quota_gigabytes }}
quota_backups = {{ cinder_quota_backups }}
quota_backup_gigabytes = {{ cinder_quota_backup_gigabytes }}

## Nova
nova_catalog_info = {{ cinder_nova_catalog_info }}
nova_catalog_admin_info = {{ cinder_nova_catalog_admin_info }}

## Glance
{% if cinder_glance_api_servers is defined %}
glance_api_servers = {{ cinder_glance_api_servers }}
{% else %}
glance_host = {{ cinder_glance_host }}
glance_port = {{ cinder_glance_service_port }}
{% endif %}
glance_num_retries = 0

volume_clear = {{ cinder_volume_clear }}
volume_clear_size = {{ cinder_volume_clear_size }}
volume_clear_ionice = {{ cinder_volume_clear_ionice }}
volume_name_template = {{ cinder_volume_name_template }}

storage_availability_zone = {{ cinder_storage_availability_zone }}
default_availability_zone = {{ cinder_default_availability_zone }}

iscsi_helper = {{ cinder_iscsi_helper }}
iscsi_iotype = {{ cinder_iscsi_iotype }}
iscsi_ip_address = $my_ip
iscsi_num_targets = {{ cinder_iscsi_num_targets }}
iscsi_port = {{ cinder_iscsi_port }}

client_socket_timeout = {{ cinder_client_socket_timeout }}

{% if cinder_default_volume_type is defined %}
default_volume_type = {{ cinder_default_volume_type }}
{% endif %}

{% if cinder_backends is defined %}
enabled_backends={% for backend in cinder_backends|dictsort %}{{ backend.0 }}{% if not loop.last %},{% endif %}{% endfor %}

#cinder configurations
{% if cinder_ceilometer_enabled %}
notification_driver = cinder.openstack.common.notifier.rpc_notifier
{% endif %}

# All given backend(s)
{% for backend_section in cinder_backends|dictsort %}
[{{ backend_section.0 }}]
{% for key, value in backend_section.1.items() %}
{{ key }}={{ value }}
{% endfor %}
{% if cinder_nfs_client is defined %}
nfs_shares_config={{ cinder_nfs_client.nfs_shares_config }}
{% endif %}

{% endfor %}
{% endif %}

[database]
connection = mysql+pymysql://{{ cinder_galera_user }}:{{ cinder_container_mysql_password }}@{{ cinder_galera_address }}/{{ cinder_galera_database }}?charset=utf8

[oslo_messaging_rabbit]
rabbit_port = {{ rabbitmq_port }}
rabbit_userid = {{ cinder_rabbitmq_userid }}
rabbit_password = {{ cinder_rabbitmq_password }}
rabbit_virtual_host = {{ cinder_rabbitmq_vhost }}
rabbit_hosts = {{ rabbitmq_servers }}

[oslo_concurrency]
lock_path = /var/lock/cinder

[profiler]
profiler_enabled = {{ cinder_profiler_enabled }}
trace_sqlalchemy = {{ cinder_profiler_trace_sqlalchemy }}

[keymgr]
encryption_auth_url = {{ keystone_service_internaluri }}/v3

[keystone_authtoken]
insecure = {{ keystone_service_internaluri_insecure | bool }}
auth_plugin = {{ cinder_keystone_auth_plugin }}
signing_dir = /var/cache/cinder
auth_url = {{ keystone_service_adminuri }}
auth_uri = {{ keystone_service_internaluri }}
project_domain_id = {{ cinder_service_project_domain_id }}
user_domain_id = {{ cinder_service_user_domain_id }}
project_name = {{ cinder_service_project_name }}
username = {{ cinder_service_user_name }}
password = {{ cinder_service_password }}

memcached_servers = {{ memcached_servers }}

token_cache_time = 300
revocation_cache_time = 60

# if your memcached server is shared, use these settings to avoid cache poisoning
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcached_encryption_key }}

# if your keystone deployment uses PKI, and you value security over performance:
check_revocations_for_cached = False