[nsxv]<% settings = scope.lookupvar('settings') %> # URL for NSXv manager manager_uri = https://<%= settings['nsxv_manager_host'] %> # (Optional) If true, the NSXv server certificate is not verified. # If false, then the default CA truststore is used for verification. # This option is ignored if "ca_file" is set. insecure = <%= scope.lookupvar('insecure') %> # (Optional) Specify a CA bundle file to use in verifying the NSXv server certificate. <% if not scope.lookupvar('insecure') -%> ca_file = <%= scope.lookupvar('ca_file') %> <% else -%> # ca_file = <% end -%> # User name for NSXv manager user = <%= settings['nsxv_user'] %> # Password for NSXv manager password = <%= settings['nsxv_password'] %> # (Required) Datacenter ID for Edge deployment datacenter_moid = <%= settings['nsxv_datacenter_moid'] %> # (Required) Cluster IDs for clusters containing OpenStack hosts, comma separated cluster_moid = <%= scope.lookupvar('cluster_moid') %> # (Optional) Resource pool ID for NSX Edge deployment resource_pool_id = <%= settings['nsxv_resource_pool_id'] %> # (Optional) Datastore ID for NSX Edge deployment datastore_id = <%= settings['nsxv_datastore_id'] %> # (Required) UUID of logic switch for physical network connectivity external_network = <%= settings['nsxv_external_network'] %> # (Optional) Asynchronous task status check interval # default is 2000 (millisecond) <% if not (settings['nsxv_task_status_check_interval']).to_s.strip.empty? -%> task_status_check_interval = <%= settings['nsxv_task_status_check_interval'] %> <% else -%> # task_status_check_interval = <% end -%> # (Optional) Network scope ID for VXLAN virtual wires <% if not (settings['nsxv_vdn_scope_id']).to_s.strip.empty? -%> vdn_scope_id = <%= settings['nsxv_vdn_scope_id'] %> <% else -%> # vdn_scope_id = <% end -%> # (Optional) DVS ID for VLANS <% if not (settings['nsxv_dvs_id']).to_s.strip.empty? -%> dvs_id = <%= settings['nsxv_dvs_id'] %> <% else -%> # dvs_id = <% end -%> # (ListOpt) Define backup edge pool's management range with the four-tuple: # :[edge_size]::. # edge_type:'service'(service edge) or 'vdr'(distributed edge). # edge_size: 'compact', 'large'(by default), 'xlarge' or 'quadlarge'. # # By default, edge pool manager would manage service edge # with compact&&large size and distributed edge with large size as following: # backup_edge_pool = service:large:4:10,service:compact:4:10,vdr:large:4:10 <% if not (settings['nsxv_backup_edge_pool']).to_s.strip.empty? -%> backup_edge_pool = <%= settings['nsxv_backup_edge_pool'] %> <% else -%> # backup_edge_pool = <% end -%> # (Optional) Maximum number of sub interfaces supported per vnic in edge # default is 20 <% if not (settings['nsxv_maximum_tunnels_per_vnic']).to_s.strip.empty? -%> maximum_tunnels_per_vnic = <%= settings['nsxv_maximum_tunnels_per_vnic'] %> <% else -%> # maximum_tunnels_per_vnic = <% end -%> # Maximum number of API retries <% if not (settings['nsxv_retries']).to_s.strip.empty? -%> retries = <%= settings['nsxv_retries'] %> <% else -%> # retries = <% end -%> # If True, the server instance will attempt to initialize the metadata # infrastructure for access to nova-metadata service metadata_initializer = <%= scope.lookupvar('metadata_initializer') %> <% if settings['nsxv_metadata_initializer'] -%> # (Optional) Network ID for management network connectivity <% if not (settings['nsxv_mgt_net_moid']).to_s.strip.empty? -%> mgt_net_moid = <%= settings['nsxv_mgt_net_moid'] %> <% else -%> # mgt_net_moid = <% end -%> # (Optional) Management network IP address for metadata proxy <% if not (scope.lookupvar('mgt_ip')).to_s.strip.empty? -%> mgt_net_proxy_ips = <%= scope.lookupvar('mgt_ip') %> <% else -%> # mgt_net_proxy_ips = <% end -%> # (Optional) Management network netmask for metadata proxy <% if not (scope.lookupvar('mgt_netmask')).to_s.strip.empty? -%> mgt_net_proxy_netmask = <%= scope.lookupvar('mgt_netmask') %> <% else -%> # mgt_net_proxy_netmask = <% end -%> # (Optional) Management network default gateway for metadata proxy <% if not (scope.lookupvar('mgt_gateway')).to_s.strip.empty? -%> mgt_net_default_gateway = <%= scope.lookupvar('mgt_gateway') %> <% else -%> # mgt_net_default_gateway = <% end -%> # (Optional) IP addresses used by Nova metadata service nova_metadata_ips = <%= scope.lookupvar('nova_metadata_ips') %> # (Optional) TCP Port used by Nova metadata server nova_metadata_port = <%= scope.lookupvar('nova_metadata_port') %> # (Optional) Shared secret to sign metadata requests metadata_shared_secret = <%= scope.lookupvar('metadata_shared_secret') %> # (Optional) If True, the end to end connection for metadata service is # not verified. If False, the default CA truststore is used for verification. metadata_insecure = <%= settings['nsxv_metadata_insecure'] %> # (Optional) Client certificate to use when metadata connection is to be # verified. If not provided, a self signed certificate will be used. <% if scope.lookupvar('metadata_nova_client_cert_file') -%> metadata_nova_client_cert = <%= scope.lookupvar('metadata_nova_client_cert_file') %> <% else -%> # metadata_nova_client_cert = <% end -%> # (Optional) Private key to use for client certificate <% if scope.lookupvar('metadata_nova_client_priv_key_file') -%> metadata_nova_client_priv_key = <%= scope.lookupvar('metadata_nova_client_priv_key_file') %> <% else -%> # metadata_nova_client_priv_key = <% end -%> # (Optional) Comma separated list of tcp ports, to be allowed access to the # metadata proxy, in addition to the default 80,443,8775 tcp ports <% if not (settings['nsxv_metadata_service_allowed_ports']).to_s.strip.empty? -%> metadata_service_allowed_ports = <%= settings['nsxv_metadata_service_allowed_ports'] %> <% else -%> # metadata_service_allowed_ports = <% end -%> <% end -%> # (Optional) Indicates if Nsxv spoofguard component is used to implement # port-security feature. spoofguard_enabled = <%= settings['nsxv_spoofguard_enabled'] %> # (ListOpt) Ordered list of router_types to allocate as tenant routers. # It limits the router types Nsxv can support for tenants # distributed: router is supported by distributed edge at the backend. # shared: multiple routers shared one same service edge at the backend. # exclusive: router exclusivly occupy one service edge at the backend. # Nsxv would select the first availabe router type from tenant_router_types # list if router-type is not specified. # If tenant define the router type with "--distributed", # "--router_type exclusive" or "--router_type shared", Nsxv would verify that # the router type is in tenant_router_types. # Admin supports all these three router types <% if not (settings['nsxv_tenant_router_types']).to_s.strip.empty? -%> tenant_router_types = <%= settings['nsxv_tenant_router_types'] %> <% else -%> # tenant_router_types = <% end -%> # Enable HA for NSX Edges edge_ha = <%= settings['nsxv_edge_ha'] %> # (Optional) Edge appliance size to be used for creating exclusive router. # Valid values: ['compact', 'large', 'xlarge', 'quadlarge'] # This exclusive_router_appliance_size will be picked up if --router-size # parameter is not specified while doing neutron router-create <% if not (settings['nsxv_exclusive_router_appliance_size']).to_s.strip.empty? -%> exclusive_router_appliance_size = <%= settings['nsxv_exclusive_router_appliance_size'] %> <% else -%> # exclusive_router_appliance_size = compact <% end -%> # (Optional) Enable an administrator to configure the edge user and password # Username to configure for Edge appliance login <% if not (settings['nsxv_edge_appliance_user']).to_s.strip.empty? -%> edge_appliance_user = <%= settings['nsxv_edge_appliance_user'] %> <% else -%> # edge_appliance_user = <% end -%> # (Optional) Password to configure for Edge appliance login <% if not (settings['nsxv_edge_appliance_password']).to_s.strip.empty? -%> edge_appliance_password = <%= settings['nsxv_edge_appliance_password'] %> <% else -%> # edge_appliance_password = <% end -%> # (Optional) URL for distributed locking coordination resource for lock manager # This value is passed as a parameter to tooz coordinator. # By default, value is None and oslo_concurrency is used for single-node # lock management. <% if not (settings['nsxv_locking_coordinator_url']).to_s.strip.empty? -%> locking_coordinator_url = <%= settings['nsxv_locking_coordinator_url'] %> <% else -%> # locking_coordinator_url = <% end -%> # (Optional) DHCP lease time <% if not (settings['nsxv_dhcp_lease_time']).to_s.strip.empty? -%> dhcp_lease_time = <%= settings['nsxv_dhcp_lease_time'] %> <% else -%> # dhcp_lease_time = 86400 <% end -%> # (Optional) Comma separated list of nameservers to configure for the DHCP binding # entries. These will be used if there are no nameservers defined on the subnet. <% if not (settings['nsxv_nameservers']).to_s.strip.empty? -%> nameservers = <%= settings['nsxv_nameservers'] %> <% else -%> # nameservers = <% end -%>