
179 lines
6.0 KiB

# nova.conf
debug = {{ nova.logging_debug }}
state_path = /var/lib/nova
osapi_compute_listen = {{ network_topology["private"]["address"] }}
osapi_compute_listen_port = {{ nova.api_port.cont }}
metadata_listen = {{ network_topology["private"]["address"] }}
metadata_listen_port = {{ nova.metadata.port.cont }}
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver
scheduler_max_attempts = 10
{% if neutron.plugin_agent == "openvswitch" %}
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
{% elif neutron.plugin_agent == "linuxbridge" %}
linuxnet_interface_driver = nova.network.linux_net.BridgeInterfaceDriver
{% endif %}
allow_resize_to_same_host = true
compute_driver = libvirt.LibvirtDriver
# ironic requires different host manager, this not affects regular instances
scheduler_host_manager = ironic_host_manager
force_config_drive = True
# vfat format doesn't require sending config drive over scp (like in case
# of default iso format)
config_drive_format = vfat
# allocation ratio params
cpu_allocation_ratio = {{ nova.allocation_ratio.cpu }}
disk_allocation_ratio = {{ nova.allocation_ratio.disk }}
ram_allocation_ratio = {{ nova.allocation_ratio.ram }}
# scheduler filter params
scheduler_default_filters = {{ nova.scheduler.enabled_filters | join(",") }}
# Though my_ip is not used directly, lots of other variables use $my_ip
my_ip = {{ network_topology["private"]["address"] }}
{% if ingress.enabled %}
secure_proxy_ssl_header = HTTP_X_FORWARDED_PROTO
{% endif %}
{% if nova.console == 'novnc' %}
novncproxy_host = {{ network_topology["private"]["address"] }}
novncproxy_port = {{ nova.novncproxy_port.cont }}
vncserver_listen = {{ network_topology["private"]["address"] }}
vncserver_proxyclient_address = {{ network_topology["private"]["address"] }}
novncproxy_base_url = {{ address('nova-novncproxy', nova.novncproxy_port, external=True, with_scheme=True) }}/vnc_auto.html
{% elif nova.console == 'spice' %}
# We have to turn off vnc to use spice
enabled = false
server_listen = {{ network_topology["private"]["address"] }}
server_proxyclient_address = {{ nova.spicehtml5proxy.host }}
html5proxy_base_url = http://{{ address('nova-html5proxy') }}:{{ nova.spicehtml5proxy.port.cont }}/spice_auto.html
html5proxy_host = {{ nova.spicehtml5proxy.host }}
html5proxy_port = {{ nova.spicehtml5proxy.port.cont }}
{% endif %}
{% if role_name == "nova-compute-ironic" %}
#(TODO) remember to update this once discoverd is replaced by inspector
admin_username = {{ ironic_keystone_user }}
admin_password = {{ ironic_keystone_password }}
admin_url = {{ openstack_auth_url }}
admin_tenant_name = service
api_endpoint = http://{{ address('ironic-api') }}:{{ ironic_api_port }}/v1
{% endif %}
lock_path = /var/lib/nova/tmp
api_servers = {{ address('glance-api', glance.api_port) }}
# We need to do N number of retries here, N = number of glance-api daemons running
num_retries = 1
catalog_info = volumev2:cinder:internalURL
url = {{ address('neutron-server', neutron.server_port, with_scheme=True) }}
auth_strategy = keystone
metadata_proxy_shared_secret = {{ nova.metadata.secret }}
service_metadata_proxy = true
auth_url = {{ address('keystone', keystone.admin_port, with_scheme=True) }}
auth_type = password
project_domain_name = default
user_domain_id = default
project_name = service
username = {{ neutron.db.username }}
password = {{ neutron.db.password }}
connection = mysql+pymysql://{{ nova.db.username }}:{{ nova.db.password }}@{{ address(service.database) }}/{{ nova.db.name }}
max_pool_size = 50
max_overflow = 1000
max_retries = -1
connection = mysql+pymysql://{{ nova.db.username }}:{{ nova.db.password }}@{{ address(service.database) }}/{{ nova.db.api_name }}
max_retries = -1
backend = oslo_cache.memcache_pool
enabled = true
# Here we need to pass an array of memcached daemons, for now we just use DNS
memcache_servers = {{ address('memcached', memcached.port) }}
auth_version = v3
auth_uri = {{ address('keystone', keystone.public_port, with_scheme=True) }}/v3
auth_url = {{ address('keystone', keystone.admin_port, with_scheme=True) }}/v3
auth_type = password
project_domain_id = default
user_domain_id = default
project_name = service
username = {{ nova.db.username }}
password = {{ nova.db.password }}
# Here we need to pass an array of memcached daemons, for now we just use DNS
memcached_servers = {{ address('memcached', memcached.port) }}
virt_type = {{ nova.virt_type }}
{% if nova.libvirt.tls_enable %}
# TLS config:
# 1. NOTE: nova will use default connection_uri to connect to libvirt,
# e.g. qemu:/// which assumes nova-compute and libvirtd are on the same host.
# 2. We are using %s in live_migration_uri as workaround for TLS config with
# wildcard PKI certificates because they are issued for hostnames not IPs.
# We also need to pass domainname so FQDN (not just hostname) is used when
# initiating TLS connection and TLS can match server certificate to FQDN.
live_migration_uri = "qemu+tls://%s.{{ cluster_domain }}/system"
{% else %}
# non-TLS config:
connection_uri = "qemu+tcp://{{ network_topology["private"]["address"] }}/system"
live_migration_inbound_addr = "{{ network_topology["private"]["address"] }}"
{% endif %}
{% if nova.ceph.enable %}
images_type = rbd
images_rbd_pool = {{ nova.ceph.pool_name }}
images_rbd_ceph_conf = /etc/ceph/ceph.conf
rbd_user = {{ cinder.ceph.username }}
rbd_secret_uuid = {{ cinder.ceph.rbd_secret_uuid }}
hw_disk_discard = unmap
{% endif %}
compute = auto
api_paste_config = /etc/nova/api-paste.ini
{% if searchlight is defined and searchlight.services.nova %}
driver = {{ searchlight.notification_driver }}
notify_on_state_change = vm_and_task_state
{% endif %}
{# messaging macros templates #}
{{ oslo_messaging[messaging.backend.notifications]('notifications_config') }}
{{ oslo_messaging[messaging.backend.rpc]('rpc_config') }}