---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# Package cache
cache_timeout: 600

# /etc/openstack-release settings
openstack_distrib_id: "OSA"
openstack_distrib_release: "{{ openstack_release | default('master') }}"
openstack_distrib_code_name: "Yoga"
openstack_distrib_description: "OpenStack-Ansible"
openstack_distrib_file: yes
openstack_distrib_file_path: "/etc/openstack-release"

openstack_host_sysstat_enabled: true
openstack_host_sysstat_interval: 1
openstack_host_sysstat_statistics_hour: 23

# Set the package install state for distribution packages
# Options are 'present' and 'latest'
openstack_hosts_package_state: "{{ package_state | default('present') }}"

## Enable/disable /etc/hosts file management on OSA managed hosts
## You should make other arrangements for name resolution
## of OSA containers and hosts if disabling these
openstack_host_manage_hosts_file: true
## Enable/disable /etc/hosts file management on OSA deploy host
openstack_host_manage_deploy_hosts_file: true
## Provide extra records to /etc/hosts file that would be added
## to all hosts, if openstack_host_manage_hosts_file is true
## Example:
## openstack_host_custom_hosts_records:
##   - '192.168.1.1 my.fqdn'
openstack_host_custom_hosts_records: []

## kernel modules for specific group hosts
openstack_host_specific_kernel_modules: []
# If you want to include some specific modules per group
# of hosts, override this with a group/host var, like below:
#openstack_host_specific_kernel_modules:
#  - name: "ebtables"
#    pattern: "CONFIG_BRIDGE_NF_EBTABLES"
## Where:
## :param name: name of the kernel module
## :param pattern: pattern to grep for in /boot/config-$kernel_version to check how module is configured inside kernel
## Our default overrides will be combined with your overrides.

# Overridable package list is composed of the old override
# named user_package_list and the standard defaults _package_list
openstack_hosts_package_list: "{{ _package_list + (user_package_list | default([])) }}"

# Overridable package repo is composed of the old override
# named user_external_repo_lists and the standard defaults _package_repos
openstack_hosts_package_repos: "{{ _package_repos + (user_external_repos_list | default([])) }}"

# Overridable package vendors is composed of the old override named
# user_external_vendors_lists and the standard defaults
# _package_vendors
openstack_hosts_package_vendors: "{{ (_package_vendors | default([])) + (user_external_vendors_list | default([])) }}"

# Overridable package repo gpg is composed of the old override
# named user_external_repo_keys_list and the standard defaults _package_repos_keys
openstack_hosts_package_repos_keys: "{{ _package_repos_keys + (user_external_repo_keys_list | default([])) }}"

# The following garbage collection values are set to better support lots of neutron networks/routers.
#  Used for setting the net.ipv4/6.neigh.default.gc_thresh* values. This assumes that facts were
#  gathered to obtain the total amount of memory available on a given host. If no facts are gathered
#  the default set will be 1024 unless its defined by the user.
gc_val: "{{ ansible_facts['memtotal_mb'] | default(1024) | bit_length_power_of_2 }}"
# The ste value has a Max allowable value of 8192 unless set by the user.
set_gc_val: "{{ gc_val if (gc_val | int <= 8192) else 8192 }}"

# Controls the shell search PATH environment variable dropped in
# /etc/environment
openstack_host_environment_path:
  - /usr/local/sbin
  - /usr/local/bin
  - /usr/sbin
  - /usr/bin
  - /sbin
  - /bin
  - /usr/games
  - /usr/local/games

# Allows the ability to override or add extra parameters to the systemd global config
# that will be applied by default to all units
openstack_systemd_global_overrides: {}

# Set the level of reverse path filtering to use
openstack_host_rp_filter_all: 0
openstack_host_rp_filter_default: 0

# Set the maximum size of the connection tracking table.
openstack_host_nf_conntrack_max: 262144

# System control kernel tuning
openstack_kernel_options:
  - { key: 'fs.inotify.max_user_watches', value: 1048576 }
  - { key: 'net.ipv4.conf.all.rp_filter', value: "{{ openstack_host_rp_filter_all }}" }
  - { key: 'net.ipv4.conf.default.rp_filter', value: "{{ openstack_host_rp_filter_default }}" }
  - { key: 'net.ipv4.ip_forward', value: 1 }
  - { key: 'net.netfilter.nf_conntrack_max', value: "{{ openstack_host_nf_conntrack_max }}" }
  - { key: 'vm.dirty_background_ratio', value: 5 }
  - { key: 'vm.dirty_ratio', value: 10 }
  - { key: 'vm.swappiness', value: 5 }
  - { key: 'net.bridge.bridge-nf-call-ip6tables', value: 1 }
  - { key: 'net.bridge.bridge-nf-call-iptables', value: 1 }
  - { key: 'net.bridge.bridge-nf-call-arptables', value: 1 }
  - { key: 'net.ipv4.igmp_max_memberships', value: 1024 }
  - { key: 'net.ipv4.neigh.default.gc_thresh1', value: "{{ set_gc_val | int // 2 }}" }
  - { key: 'net.ipv4.neigh.default.gc_thresh2', value: "{{ set_gc_val | int }}" }
  - { key: 'net.ipv4.neigh.default.gc_thresh3', value: "{{ set_gc_val | int * 2 }}" }
  - { key: 'net.ipv4.route.gc_thresh', value: "{{ set_gc_val | int * 2 }}" }
  - { key: 'net.ipv4.neigh.default.gc_interval', value: 60 }
  - { key: 'net.ipv4.neigh.default.gc_stale_time', value: 120 }
  - { key: 'net.ipv6.neigh.default.gc_thresh1', value: "{{ set_gc_val | int // 2 }}" }
  - { key: 'net.ipv6.neigh.default.gc_thresh2', value: "{{ set_gc_val | int }}" }
  - { key: 'net.ipv6.neigh.default.gc_thresh3', value: "{{ set_gc_val | int * 2 }}" }
  - { key: 'net.ipv6.route.gc_thresh', value: "{{ set_gc_val | int * 2 }}" }
  - { key: 'net.ipv6.neigh.default.gc_interval', value: 60 }
  - { key: 'net.ipv6.neigh.default.gc_stale_time', value: 120 }
  - { key: 'net.ipv6.conf.lo.disable_ipv6', value: 0 }
  - { key: 'fs.aio-max-nr', value: 131072 }

# Optional user defined list of sysctl options in the same dict item format as
# above.
openstack_user_kernel_options: []

# User defined list of extra packages to install on all hosts and containers
openstack_host_extra_distro_packages: []

# Overridable set of packages to install on all hosts and containers.
openstack_host_distro_packages: "{{ _openstack_host_distro_packages }}"

# User defined list of extra packages to install on the host
openstack_host_extra_metal_distro_packages: []

# Overridable set of packages to install on the host.
openstack_host_metal_distro_packages: "{{ _openstack_host_metal_distro_packages }}"

# Set the openstack domain name
openstack_domain: openstack.local

# Global environment variables should be empty by default
global_environment_variables: {}

# Set the default mode for the /etc/cron.d/sysstat file
openstack_host_sysstat_cron_mode: '0755'

## Default repositories data
# Set default mirror for CentOS repositories
# NOTE(mhayden): Ensure that the full path to the 'centos' directory is used.
openstack_hosts_centos_mirror_url: "{{ centos_mirror_url | default('http://mirror.centos.org/centos') }}"
openstack_hosts_rdo_mirror_url: 'https://trunk.rdoproject.org'
openstack_hosts_rdo_repo_url: "{{ _openstack_hosts_rdo_repo_url }}"
openstack_hosts_rdo_deps_url: "{{ _openstack_hosts_rdo_deps_url }}"
openstack_hosts_power_tool_enable: "{{ ('repo_all' in groups or 'manila_all' in groups or 'gnocchi_all' in groups or install_method | default('source') == 'distro') }}"

# Keep a history of systemd journals on disk after reboots
openstack_host_keep_journals: yes

# Enable/Disable the yum fastestmirror plugin
openstack_hosts_enable_yum_fastestmirror: yes

#user supplied list of CA certificates to copy to hosts from the deploy host
# example:
# - name: SnakeOilCorp.crt                             #the filename created on the target host (must be .crt on Ubuntu)
#    src: /etc/ssl/certs/snake-oil-cert-latest.pem     #the source file on the deploy host
openstack_host_ca_certificates: []

# Path to the file with trusted CA that will be used by python requests module
openstack_ca_bundle_path: "{{ _openstack_ca_bundle_path }}"

# extra configuration for OS package manager
openstack_hosts_package_manager_default_conf: "{{ _openstack_hosts_package_manager_default_conf | default('') }}"
openstack_hosts_package_manager_extra_conf: ''

# apt pins to apply to all hosts in the deployment
# the default is to make ceph packages from UCA lower priority than those from the ubuntu distro repo
openstack_hosts_apt_pinned_packages:
  - package: "src:ceph"
    origin: "ubuntu-cloud.archive.canonical.com"
    priority: 400