179 lines
6.1 KiB
Django/Jinja
179 lines
6.1 KiB
Django/Jinja
# nova.conf
|
|
[DEFAULT]
|
|
debug = {{ nova.logging_debug }}
|
|
|
|
state_path = /var/lib/nova
|
|
|
|
osapi_compute_listen = {{ network_topology["private"]["address"] }}
|
|
osapi_compute_listen_port = {{ nova.api_port.cont }}
|
|
|
|
metadata_listen = {{ network_topology["private"]["address"] }}
|
|
metadata_listen_port = {{ nova.metadata.port.cont }}
|
|
|
|
use_neutron = true
|
|
firewall_driver = nova.virt.firewall.NoopFirewallDriver
|
|
scheduler_max_attempts = 10
|
|
|
|
{% if neutron.plugin_agent == "openvswitch" %}
|
|
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
|
|
{% elif neutron.plugin_agent == "linuxbridge" %}
|
|
linuxnet_interface_driver = nova.network.linux_net.BridgeInterfaceDriver
|
|
{% endif %}
|
|
|
|
allow_resize_to_same_host = true
|
|
|
|
compute_driver = libvirt.LibvirtDriver
|
|
|
|
# ironic requires different host manager, this not affects regular instances
|
|
scheduler_host_manager = ironic_host_manager
|
|
|
|
force_config_drive = True
|
|
# vfat format doesn't require sending config drive over scp (like in case
|
|
# of default iso format)
|
|
config_drive_format = vfat
|
|
|
|
# allocation ratio params
|
|
cpu_allocation_ratio = {{ nova.allocation_ratio.cpu }}
|
|
disk_allocation_ratio = {{ nova.allocation_ratio.disk }}
|
|
ram_allocation_ratio = {{ nova.allocation_ratio.ram }}
|
|
|
|
# scheduler filter params
|
|
scheduler_default_filters = {{ nova.scheduler.enabled_filters | join(",") }}
|
|
|
|
# Though my_ip is not used directly, lots of other variables use $my_ip
|
|
my_ip = {{ network_topology["private"]["address"] }}
|
|
|
|
{% if ingress.enabled %}
|
|
secure_proxy_ssl_header = HTTP_X_FORWARDED_PROTO
|
|
{% endif %}
|
|
|
|
{% if nova.console == 'novnc' %}
|
|
[vnc]
|
|
novncproxy_host = {{ network_topology["private"]["address"] }}
|
|
novncproxy_port = {{ nova.novncproxy_port.cont }}
|
|
vncserver_listen = {{ network_topology["private"]["address"] }}
|
|
vncserver_proxyclient_address = {{ network_topology["private"]["address"] }}
|
|
novncproxy_base_url = {{ address('nova-novncproxy', nova.novncproxy_port, external=True, with_scheme=True) }}/vnc_auto.html
|
|
{% elif nova.console == 'spice' %}
|
|
[vnc]
|
|
# We have to turn off vnc to use spice
|
|
enabled = false
|
|
[spice]
|
|
server_listen = {{ network_topology["private"]["address"] }}
|
|
server_proxyclient_address = {{ nova.spicehtml5proxy.host }}
|
|
html5proxy_base_url = http://{{ address('nova-html5proxy') }}:{{ nova.spicehtml5proxy.port.cont }}/spice_auto.html
|
|
html5proxy_host = {{ nova.spicehtml5proxy.host }}
|
|
html5proxy_port = {{ nova.spicehtml5proxy.port.cont }}
|
|
{% endif %}
|
|
|
|
{% if role_name == "nova-compute-ironic" %}
|
|
[ironic]
|
|
#(TODO) remember to update this once discoverd is replaced by inspector
|
|
admin_username = {{ ironic_keystone_user }}
|
|
admin_password = {{ ironic_keystone_password }}
|
|
admin_url = {{ openstack_auth_url }}
|
|
admin_tenant_name = service
|
|
api_endpoint = http://{{ address('ironic-api') }}:{{ ironic_api_port }}/v1
|
|
{% endif %}
|
|
|
|
[oslo_concurrency]
|
|
lock_path = /var/lib/nova/tmp
|
|
|
|
[glance]
|
|
api_servers = {{ address('glance-api', glance.api_port) }}
|
|
# We need to do N number of retries here, N = number of glance-api daemons running
|
|
# FIXME
|
|
num_retries = 1
|
|
|
|
[cinder]
|
|
catalog_info = volumev2:cinder:internalURL
|
|
|
|
[neutron]
|
|
url = {{ address('neutron-server', neutron.server_port, with_scheme=True) }}
|
|
auth_strategy = keystone
|
|
metadata_proxy_shared_secret = {{ nova.metadata.secret }}
|
|
service_metadata_proxy = true
|
|
|
|
auth_url = {{ address('keystone', keystone.admin_port, with_scheme=True) }}
|
|
auth_type = password
|
|
project_domain_name = default
|
|
user_domain_id = default
|
|
project_name = service
|
|
username = {{ neutron.db.username }}
|
|
password = {{ neutron.db.password }}
|
|
|
|
[database]
|
|
connection = mysql+pymysql://{{ nova.db.username }}:{{ nova.db.password }}@{{ address(service.database) }}/{{ nova.db.name }}{% if percona.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
|
|
max_pool_size = 50
|
|
max_overflow = 1000
|
|
max_retries = -1
|
|
|
|
[api_database]
|
|
connection = mysql+pymysql://{{ nova.db.username }}:{{ nova.db.password }}@{{ address(service.database) }}/{{ nova.db.api_name }}{% if percona.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
|
|
max_retries = -1
|
|
|
|
[cache]
|
|
backend = oslo_cache.memcache_pool
|
|
enabled = true
|
|
# Here we need to pass an array of memcached daemons, for now we just use DNS
|
|
# FIXME
|
|
memcache_servers = {{ address('memcached', memcached.port) }}
|
|
|
|
[keystone_authtoken]
|
|
auth_version = v3
|
|
auth_uri = {{ address('keystone', keystone.public_port, with_scheme=True) }}/v3
|
|
auth_url = {{ address('keystone', keystone.admin_port, with_scheme=True) }}/v3
|
|
auth_type = password
|
|
project_domain_id = default
|
|
user_domain_id = default
|
|
project_name = service
|
|
username = {{ nova.db.username }}
|
|
password = {{ nova.db.password }}
|
|
# Here we need to pass an array of memcached daemons, for now we just use DNS
|
|
#FIXME
|
|
memcached_servers = {{ address('memcached', memcached.port) }}
|
|
|
|
[libvirt]
|
|
virt_type = {{ nova.virt_type }}
|
|
{% if nova.libvirt.tls_enable %}
|
|
# TLS config:
|
|
# 1. NOTE: nova will use default connection_uri to connect to libvirt,
|
|
# e.g. qemu:/// which assumes nova-compute and libvirtd are on the same host.
|
|
#
|
|
# 2. We are using %s in live_migration_uri as workaround for TLS config with
|
|
# wildcard PKI certificates because they are issued for hostnames not IPs.
|
|
# We also need to pass domainname so FQDN (not just hostname) is used when
|
|
# initiating TLS connection and TLS can match server certificate to FQDN.
|
|
# FIXME
|
|
live_migration_uri = "qemu+tls://%s.{{ cluster_domain }}/system"
|
|
{% else %}
|
|
# non-TLS config:
|
|
connection_uri = "qemu+tcp://{{ network_topology["private"]["address"] }}/system"
|
|
live_migration_inbound_addr = "{{ network_topology["private"]["address"] }}"
|
|
{% endif %}
|
|
{% if nova.ceph.enable %}
|
|
images_type = rbd
|
|
images_rbd_pool = {{ nova.ceph.pool_name }}
|
|
images_rbd_ceph_conf = /etc/ceph/ceph.conf
|
|
rbd_user = {{ cinder.ceph.username }}
|
|
rbd_secret_uuid = {{ cinder.ceph.rbd_secret_uuid }}
|
|
disk_cachemodes="network=writeback"
|
|
hw_disk_discard = unmap
|
|
{% endif %}
|
|
|
|
[upgrade_levels]
|
|
compute = auto
|
|
|
|
[wsgi]
|
|
api_paste_config = /etc/nova/api-paste.ini
|
|
|
|
[oslo_messaging_notifications]
|
|
{% if searchlight is defined and searchlight.services.nova %}
|
|
driver = {{ searchlight.notification_driver }}
|
|
notify_on_state_change = vm_and_task_state
|
|
{% endif %}
|
|
|
|
{# messaging macros templates #}
|
|
{{ oslo_messaging[messaging.backend.notifications]('notifications_config') }}
|
|
{{ oslo_messaging[messaging.backend.rpc]('rpc_config') }}
|