ironic/files/queens/ironic.conf

{%- from "ironic/map.jinja" import api,conductor with context -%}
{%- if api.get("enabled", False) %}
  {%- set ironic = api %}
{%- elif conductor.get('enabled', False) %}
  {%- set ironic = conductor %}
{%- endif %}

{%- set connection_x509_ssl_option = '' %}
{%- if ironic.database.get('x509',{}).get('enabled',False) %}
  {%- set connection_x509_ssl_option = '&ssl_ca=' ~ ironic.database.x509.ca_file ~ '&ssl_cert=' ~ ironic.database.x509.cert_file ~ '&ssl_key=' ~ ironic.database.x509.key_file %}
{%- elif ironic.database.get('ssl',{}).get('enabled',False) %}
  {%- set connection_x509_ssl_option = '&ssl_ca=' ~ ironic.database.ssl.get('cacert_file', ironic.cacert_file) %}
{%- endif %}

[DEFAULT]

#
# From ironic
#

# Authentication strategy used by ironic-api. "noauth" should
# not be used in a production environment because all
# authentication will be disabled. (string value)
# Possible values:
# noauth - <No description provided>
# keystone - <No description provided>
{%- if ironic.identity is defined %}
auth_strategy = {{ ironic.identity.engine }}
{%- else %}
#auth_strategy = keystone
{%- endif %}

# Return server tracebacks in the API response for any error
# responses. WARNING: this is insecure and should not be used
# in a production environment. (boolean value)
#debug_tracebacks_in_api = false

# Enable pecan debug mode. WARNING: this is insecure and
# should not be used in a production environment. (boolean
# value)
#pecan_debug = false

# Resource class to use for new nodes when no resource class
# is provided in the creation request. (string value)
#default_resource_class = <None>

# DEPRECATED: Specify the list of drivers to load during
# service initialization. Missing drivers, or drivers which
# fail to initialize, will prevent the conductor service from
# starting. The option default is a recommended set of
# production-oriented drivers. A complete list of drivers
# present on your system may be found by enumerating the
# "ironic.drivers" entrypoint. An example may be found in the
# developer documentation online. (list value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Hardware types should be used instead of classic
# drivers. They are enabled via the enabled_hardware_types
# option.
{%- if conductor.get('enabled_drivers') %}
enabled_drivers = {{ ','.join(conductor.enabled_drivers) }}
{%- else %}
#enabled_drivers = pxe_ipmitool
{%- endif %}

# Specify the list of hardware types to load during service
# initialization. Missing hardware types, or hardware types
# which fail to initialize, will prevent the conductor service
# from starting. This option defaults to a recommended set of
# production-oriented hardware types. A complete list of
# hardware types present on your system may be found by
# enumerating the "ironic.hardware.types" entrypoint. (list
# value)
{%- if conductor.get('enabled_hardware_types') %}
enabled_hardware_types = {{ ','.join(conductor.enabled_hardware_types) }}
{%- else %}
#enabled_hardware_types = ipmi
{%- endif %}

# Specify the list of boot interfaces to load during service
# initialization. Missing boot interfaces, or boot interfaces
# which fail to initialize, will prevent the ironic-conductor
# service from starting. At least one boot interface that is
# supported by each enabled hardware type must be enabled
# here, or the ironic-conductor service will not start. Must
# not be an empty list. The default value is a recommended set
# of production-oriented boot interfaces. A complete list of
# boot interfaces present on your system may be found by
# enumerating the "ironic.hardware.interfaces.boot"
# entrypoint. When setting this value, please make sure that
# every enabled hardware type will have the same set of
# enabled boot interfaces on every ironic-conductor service.
# (list value)
{%- if conductor.get('enabled_boot_interfaces') %}
enabled_boot_interfaces = {{ ','.join(conductor.enabled_boot_interfaces) }}
{%- else %}
#enabled_boot_interfaces = pxe
{%- endif %}

# Default boot interface to be used for nodes that do not have
# boot_interface field set. A complete list of boot interfaces
# present on your system may be found by enumerating the
# "ironic.hardware.interfaces.boot" entrypoint. (string value)
{%- if conductor.get('default_boot_interface') %}
default_boot_interface = {{ conductor.default_boot_interface }}
{%- else %}
#default_boot_interface = <None>
{%- endif %}

# Specify the list of console interfaces to load during
# service initialization. Missing console interfaces, or
# console interfaces which fail to initialize, will prevent
# the ironic-conductor service from starting. At least one
# console interface that is supported by each enabled hardware
# type must be enabled here, or the ironic-conductor service
# will not start. Must not be an empty list. The default value
# is a recommended set of production-oriented console
# interfaces. A complete list of console interfaces present on
# your system may be found by enumerating the
# "ironic.hardware.interfaces.console" entrypoint. When
# setting this value, please make sure that every enabled
# hardware type will have the same set of enabled console
# interfaces on every ironic-conductor service. (list value)
{%- if conductor.get('enabled_console_interfaces') %}
enabled_console_interfaces = {{ ','.join(conductor.enabled_console_interfaces) }}
{%- else %}
#enabled_console_interfaces = no-console
{%- endif %}

# Default console interface to be used for nodes that do not
# have console_interface field set. A complete list of console
# interfaces present on your system may be found by
# enumerating the "ironic.hardware.interfaces.console"
# entrypoint. (string value)
{%- if conductor.get('default_console_interface') %}
default_console_interface = {{ conductor.default_console_interface }}
{%- else %}
#default_console_interface = <None>
{%- endif %}

# Specify the list of deploy interfaces to load during service
# initialization. Missing deploy interfaces, or deploy
# interfaces which fail to initialize, will prevent the
# ironic-conductor service from starting. At least one deploy
# interface that is supported by each enabled hardware type
# must be enabled here, or the ironic-conductor service will
# not start. Must not be an empty list. The default value is a
# recommended set of production-oriented deploy interfaces. A
# complete list of deploy interfaces present on your system
# may be found by enumerating the
# "ironic.hardware.interfaces.deploy" entrypoint. When setting
# this value, please make sure that every enabled hardware
# type will have the same set of enabled deploy interfaces on
# every ironic-conductor service. (list value)
{%- if conductor.get('enabled_deploy_interfaces') %}
enabled_deploy_interfaces = {{ ','.join(conductor.enabled_deploy_interfaces) }}
{%- else %}
#enabled_deploy_interfaces = iscsi,direct
{%- endif %}

# Default deploy interface to be used for nodes that do not
# have deploy_interface field set. A complete list of deploy
# interfaces present on your system may be found by
# enumerating the "ironic.hardware.interfaces.deploy"
# entrypoint. (string value)
{%- if conductor.get('default_deploy_interface') %}
default_deploy_interface = {{ conductor.default_deploy_interface }}
{%- else %}
#default_deploy_interface = <None>
{%- endif %}

# Specify the list of inspect interfaces to load during
# service initialization. Missing inspect interfaces, or
# inspect interfaces which fail to initialize, will prevent
# the ironic-conductor service from starting. At least one
# inspect interface that is supported by each enabled hardware
# type must be enabled here, or the ironic-conductor service
# will not start. Must not be an empty list. The default value
# is a recommended set of production-oriented inspect
# interfaces. A complete list of inspect interfaces present on
# your system may be found by enumerating the
# "ironic.hardware.interfaces.inspect" entrypoint. When
# setting this value, please make sure that every enabled
# hardware type will have the same set of enabled inspect
# interfaces on every ironic-conductor service. (list value)
{%- if conductor.get('enabled_inspect_interfaces') %}
enabled_inspect_interfaces = {{ ','.join(conductor.enabled_inspect_interfaces) }}
{%- else %}
#enabled_inspect_interfaces = no-inspect
{%- endif %}

# Default inspect interface to be used for nodes that do not
# have inspect_interface field set. A complete list of inspect
# interfaces present on your system may be found by
# enumerating the "ironic.hardware.interfaces.inspect"
# entrypoint. (string value)
{%- if conductor.get('default_inspect_interface') %}
default_inspect_interface = {{ conductor.default_inspect_interface }}
{%- else %}
#default_inspect_interface = <None>
{%- endif %}

# Specify the list of management interfaces to load during
# service initialization. Missing management interfaces, or
# management interfaces which fail to initialize, will prevent
# the ironic-conductor service from starting. At least one
# management interface that is supported by each enabled
# hardware type must be enabled here, or the ironic-conductor
# service will not start. Must not be an empty list. The
# default value is a recommended set of production-oriented
# management interfaces. A complete list of management
# interfaces present on your system may be found by
# enumerating the "ironic.hardware.interfaces.management"
# entrypoint. When setting this value, please make sure that
# every enabled hardware type will have the same set of
# enabled management interfaces on every ironic-conductor
# service. (list value)
{%- if conductor.get('enabled_management_interfaces') %}
enabled_management_interfaces = {{ ','.join(conductor.enabled_management_interfaces) }}
{%- else %}
#enabled_management_interfaces = ipmitool
{%- endif %}

# Default management interface to be used for nodes that do
# not have management_interface field set. A complete list of
# management interfaces present on your system may be found by
# enumerating the "ironic.hardware.interfaces.management"
# entrypoint. (string value)
{%- if conductor.get('default_management_interface') %}
default_management_interface = {{ conductor.default_management_interface }}
{%- else %}
#default_management_interface = <None>
{%- endif %}

# Specify the list of network interfaces to load during
# service initialization. Missing network interfaces, or
# network interfaces which fail to initialize, will prevent
# the ironic-conductor service from starting. At least one
# network interface that is supported by each enabled hardware
# type must be enabled here, or the ironic-conductor service
# will not start. Must not be an empty list. The default value
# is a recommended set of production-oriented network
# interfaces. A complete list of network interfaces present on
# your system may be found by enumerating the
# "ironic.hardware.interfaces.network" entrypoint. When
# setting this value, please make sure that every enabled
# hardware type will have the same set of enabled network
# interfaces on every ironic-conductor service. (list value)
{%- if conductor.get('enabled_network_interfaces') %}
enabled_network_interfaces = {{ ','.join(conductor.enabled_network_interfaces) }}
{%- else %}
#enabled_network_interfaces = flat,noop
{%- endif %}

# Default network interface to be used for nodes that do not
# have network_interface field set. A complete list of network
# interfaces present on your system may be found by
# enumerating the "ironic.hardware.interfaces.network"
# entrypoint. (string value)
{%- if conductor.get('default_network_interface') %}
default_network_interface = {{ conductor.default_network_interface }}
{%- else %}
#default_network_interface = <None>
{%- endif %}

# Specify the list of power interfaces to load during service
# initialization. Missing power interfaces, or power
# interfaces which fail to initialize, will prevent the
# ironic-conductor service from starting. At least one power
# interface that is supported by each enabled hardware type
# must be enabled here, or the ironic-conductor service will
# not start. Must not be an empty list. The default value is a
# recommended set of production-oriented power interfaces. A
# complete list of power interfaces present on your system may
# be found by enumerating the
# "ironic.hardware.interfaces.power" entrypoint. When setting
# this value, please make sure that every enabled hardware
# type will have the same set of enabled power interfaces on
# every ironic-conductor service. (list value)
{%- if conductor.get('enabled_power_interfaces') %}
enabled_power_interfaces = {{ ','.join(conductor.enabled_power_interfaces) }}
{%- else %}
#enabled_power_interfaces = ipmitool
{%- endif %}

# Default power interface to be used for nodes that do not
# have power_interface field set. A complete list of power
# interfaces present on your system may be found by
# enumerating the "ironic.hardware.interfaces.power"
# entrypoint. (string value)
{%- if conductor.get('default_power_interface') %}
default_power_interface = {{ conductor.default_power_interface }}
{%- else %}
#default_power_interface = <None>
{%- endif %}

# Specify the list of raid interfaces to load during service
# initialization. Missing raid interfaces, or raid interfaces
# which fail to initialize, will prevent the ironic-conductor
# service from starting. At least one raid interface that is
# supported by each enabled hardware type must be enabled
# here, or the ironic-conductor service will not start. Must
# not be an empty list. The default value is a recommended set
# of production-oriented raid interfaces. A complete list of
# raid interfaces present on your system may be found by
# enumerating the "ironic.hardware.interfaces.raid"
# entrypoint. When setting this value, please make sure that
# every enabled hardware type will have the same set of
# enabled raid interfaces on every ironic-conductor service.
# (list value)
{%- if conductor.get('enabled_raid_interfaces') %}
enabled_raid_interfaces = {{ ','.join(conductor.enabled_raid_interfaces) }}
{%- else %}
#enabled_raid_interfaces = agent,no-raid
{%- endif %}

# Default raid interface to be used for nodes that do not have
# raid_interface field set. A complete list of raid interfaces
# present on your system may be found by enumerating the
# "ironic.hardware.interfaces.raid" entrypoint. (string value)
{%- if conductor.get('default_raid_interface') %}
default_raid_interface = {{ conductor.default_raid_interface }}
{%- else %}
#default_raid_interface = <None>
{%- endif %}

# Specify the list of rescue interfaces to load during service
# initialization. Missing rescue interfaces, or rescue
# interfaces which fail to initialize, will prevent the
# ironic-conductor service from starting. At least one rescue
# interface that is supported by each enabled hardware type
# must be enabled here, or the ironic-conductor service will
# not start. Must not be an empty list. The default value is a
# recommended set of production-oriented rescue interfaces. A
# complete list of rescue interfaces present on your system
# may be found by enumerating the
# "ironic.hardware.interfaces.rescue" entrypoint. When setting
# this value, please make sure that every enabled hardware
# type will have the same set of enabled rescue interfaces on
# every ironic-conductor service. (list value)
{%- if conductor.get('enabled_rescue_interfaces') %}
enabled_rescue_interfaces = {{ ','.join(conductor.enabled_rescue_interfaces) }}
{%- else %}
#enabled_rescue_interfaces = no-rescue
{%- endif %}

# Default rescue interface to be used for nodes that do not
# have rescue_interface field set. A complete list of rescue
# interfaces present on your system may be found by
# enumerating the "ironic.hardware.interfaces.rescue"
# entrypoint. (string value)
{%- if conductor.get('default_rescue_interface') %}
default_rescue_interface = {{ conductor.default_rescue_interface }}
{%- else %}
#default_rescue_interface = <None>
{%- endif %}

# Specify the list of storage interfaces to load during
# service initialization. Missing storage interfaces, or
# storage interfaces which fail to initialize, will prevent
# the ironic-conductor service from starting. At least one
# storage interface that is supported by each enabled hardware
# type must be enabled here, or the ironic-conductor service
# will not start. Must not be an empty list. The default value
# is a recommended set of production-oriented storage
# interfaces. A complete list of storage interfaces present on
# your system may be found by enumerating the
# "ironic.hardware.interfaces.storage" entrypoint. When
# setting this value, please make sure that every enabled
# hardware type will have the same set of enabled storage
# interfaces on every ironic-conductor service. (list value)
{%- if conductor.get('enabled_storage_interfaces') %}
enabled_storage_interfaces = {{ ','.join(conductor.enabled_storage_interfaces) }}
{%- else %}
#enabled_storage_interfaces = noop
{%- endif %}

# Default storage interface to be used for nodes that do not
# have storage_interface field set. A complete list of storage
# interfaces present on your system may be found by
# enumerating the "ironic.hardware.interfaces.storage"
# entrypoint. (string value)
{%- if conductor.get('default_storage_interface') %}
default_storage_interface = {{ ironic.condcutor.default_storage_interface }}
{%- else %}
#default_storage_interface = <None>
{%- endif %}

# Specify the list of vendor interfaces to load during service
# initialization. Missing vendor interfaces, or vendor
# interfaces which fail to initialize, will prevent the
# ironic-conductor service from starting. At least one vendor
# interface that is supported by each enabled hardware type
# must be enabled here, or the ironic-conductor service will
# not start. Must not be an empty list. The default value is a
# recommended set of production-oriented vendor interfaces. A
# complete list of vendor interfaces present on your system
# may be found by enumerating the
# "ironic.hardware.interfaces.vendor" entrypoint. When setting
# this value, please make sure that every enabled hardware
# type will have the same set of enabled vendor interfaces on
# every ironic-conductor service. (list value)
{%- if conductor.get('enabled_vendor_interfaces') %}
enabled_vendor_interfaces = {{ ','.join(conductor.enabled_vendor_interfaces) }}
{%- else %}
#enabled_vendor_interfaces = no-vendor
{%- endif %}

# Default vendor interface to be used for nodes that do not
# have vendor_interface field set. A complete list of vendor
# interfaces present on your system may be found by
# enumerating the "ironic.hardware.interfaces.vendor"
# entrypoint. (string value)
{%- if conductor.get('default_vendor_interface') %}
default_vendor_interface = {{ conductor.default_vendor_interface }}
{%- else %}
#default_vendor_interface = <None>
{%- endif %}

# Used if there is a formatting error when generating an
# exception message (a programming error). If True, raise an
# exception; if False, use the unformatted message. (boolean
# value)
#fatal_exception_format_errors = false

# Exponent to determine number of hash partitions to use when
# distributing load across conductors. Larger values will
# result in more even distribution of load and less load when
# rebalancing the ring, but more memory usage. Number of
# partitions per conductor is (2^hash_partition_exponent).
# This determines the granularity of rebalancing: given 10
# hosts, and an exponent of the 2, there are 40 partitions in
# the ring.A few thousand partitions should make rebalancing
# smooth in most cases. The default is suitable for up to a
# few hundred conductors. Configuring for too many partitions
# has a negative impact on CPU usage. (integer value)
#hash_partition_exponent = 5

# [Experimental Feature] Number of hosts to map onto each hash
# partition. Setting this to more than one will cause
# additional conductor services to prepare deployment
# environments and potentially allow the Ironic cluster to
# recover more quickly if a conductor instance is terminated.
# (integer value)
#hash_distribution_replicas = 1

# Interval (in seconds) between hash ring resets. (integer
# value)
#hash_ring_reset_interval = 180

# If True, convert backing images to "raw" disk image format.
# (boolean value)
#force_raw_images = true

# Path to isolinux binary file. (string value)
#isolinux_bin = /usr/lib/syslinux/isolinux.bin

# Template file for isolinux configuration file. (string
# value)
#isolinux_config_template = $pybasedir/common/isolinux_config.template

# Template file for grub configuration file. (string value)
#grub_config_template = $pybasedir/common/grub_conf.template

# Path to ldlinux.c32 file. This file is required for syslinux
# 5.0 or later. If not specified, the file is looked for in
# "/usr/lib/syslinux/modules/bios/ldlinux.c32" and
# "/usr/share/syslinux/ldlinux.c32". (string value)
#ldlinux_c32 = <None>

# Run image downloads and raw format conversions in parallel.
# (boolean value)
#parallel_image_downloads = false

# IP address of this host. If unset, will determine the IP
# programmatically. If unable to do so, will use "127.0.0.1".
# (string value)
{%- if conductor.get('my_ip') %}
my_ip = {{ conductor.my_ip }}
{%- else %}
#my_ip = 127.0.0.1
{%- endif %}

# Specifies the minimum level for which to send notifications.
# If not set, no notifications will be sent. The default is
# for this option to be unset. (string value)
# Possible values:
# debug - <No description provided>
# info - <No description provided>
# warning - <No description provided>
# error - <No description provided>
# critical - <No description provided>
#notification_level = <None>

# Directory where the ironic python module is installed.
# (string value)
#pybasedir = /usr/lib/python/site-packages/ironic/ironic

# Directory where ironic binaries are installed. (string
# value)
#bindir = $pybasedir/bin

# Top-level directory for maintaining ironic's state. (string
# value)
#state_path = $pybasedir

# Default mode for portgroups. Allowed values can be found in
# the linux kernel documentation on bonding:
# https://www.kernel.org/doc/Documentation/networking/bonding.txt.
# (string value)
#default_portgroup_mode = active-backup

# Name of this node. This can be an opaque identifier. It is
# not necessarily a hostname, FQDN, or IP address. However,
# the node name must be valid within an AMQP key, and if using
# ZeroMQ, a valid hostname, FQDN, or IP address. (string
# value)
#host = localhost

# Used for rolling upgrades. Setting this option downgrades
# (or pins) the Bare Metal API, the internal ironic RPC
# communication, and the database objects to their respective
# versions, so they are compatible with older services. When
# doing a rolling upgrade from version N to version N+1, set
# (to pin) this to N. To unpin (default), leave it unset and
# the latest versions will be used. (string value)
# Possible values:
# queens - <No description provided>
# pike - <No description provided>
# 9.2 - <No description provided>
# 9.1 - <No description provided>
# 9.0 - <No description provided>
# 8.0 - <No description provided>
# 10.1 - <No description provided>
# 10.0 - <No description provided>
#pin_release_version = <None>

# Path to the rootwrap configuration file to use for running
# commands as root. (string value)
#rootwrap_config = /etc/ironic/rootwrap.conf

# Temporary working directory, default is Python temp dir.
# (string value)
#tempdir = /tmp

{%- if ironic.logging is defined %}
{%- set _data = ironic.logging %}
{%- include "oslo_templates/files/queens/oslo/_log.conf" %}
{%- endif %}


{%- set _data = ironic.message_queue %}
{%- include "oslo_templates/files/queens/oslo/messaging/_default.conf" %}

#
# From oslo.service.periodic_task
#

# Some periodic tasks can be run in a separate process. Should
# we run them here? (boolean value)
#run_external_periodic_tasks = true

#
# From oslo.service.service
#

# Enable eventlet backdoor.  Acceptable values are 0, <port>,
# and <start>:<end>, where 0 results in listening on a random
# tcp port number; <port> results in listening on the
# specified port number (and not enabling backdoor if that
# port is in use); and <start>:<end> results in listening on
# the smallest unused port number within the specified range
# of port numbers.  The chosen port is displayed in the
# service's log file. (string value)
#backdoor_port = <None>

# Enable eventlet backdoor, using the provided path as a unix
# socket that can receive connections. This option is mutually
# exclusive with 'backdoor_port' in that only one should be
# provided. If both are provided then the existence of this
# option overrides the usage of that option. (string value)
#backdoor_socket = <None>

# Enables or disables logging values of all registered options
# when starting a service (at DEBUG level). (boolean value)
#log_options = true

# Specify a timeout after which a gracefully shutdown server
# will exit. Zero value means endless wait. (integer value)
#graceful_shutdown_timeout = 60


[agent]

#
# From ironic
#

# Whether Ironic will manage booting of the agent ramdisk. If
# set to False, you will need to configure your mechanism to
# allow booting the agent ramdisk. (boolean value)
#manage_agent_boot = true

# The memory size in MiB consumed by agent when it is booted
# on a bare metal node. This is used for checking if the image
# can be downloaded and deployed on the bare metal node after
# booting agent ramdisk. This may be set according to the
# memory consumed by the agent ramdisk image. (integer value)
#memory_consumed_by_agent = 0

# Whether the agent ramdisk should stream raw images directly
# onto the disk or not. By streaming raw images directly onto
# the disk the agent ramdisk will not spend time copying the
# image to a tmpfs partition (therefore consuming less memory)
# prior to writing it to the disk. Unless the disk where the
# image will be copied to is really slow, this option should
# be set to True. Defaults to True. (boolean value)
#stream_raw_images = true

# Number of times to retry getting power state to check if
# bare metal node has been powered off after a soft power off.
# (integer value)
#post_deploy_get_power_state_retries = 6

# Amount of time (in seconds) to wait between polling power
# state after trigger soft poweroff. (integer value)
#post_deploy_get_power_state_retry_interval = 5

# API version to use for communicating with the ramdisk agent.
# (string value)
#agent_api_version = v1

# Whether Ironic should collect the deployment logs on
# deployment failure (on_failure), always or never. (string
# value)
# Possible values:
# always - <No description provided>
# on_failure - <No description provided>
# never - <No description provided>
#deploy_logs_collect = on_failure

# The name of the storage backend where the logs will be
# stored. (string value)
# Possible values:
# local - <No description provided>
# swift - <No description provided>
#deploy_logs_storage_backend = local

# The path to the directory where the logs should be stored,
# used when the deploy_logs_storage_backend is configured to
# "local". (string value)
#deploy_logs_local_path = /var/log/ironic/deploy

# The name of the Swift container to store the logs, used when
# the deploy_logs_storage_backend is configured to "swift".
# (string value)
#deploy_logs_swift_container = ironic_deploy_logs_container

# Number of days before a log object is marked as expired in
# Swift. If None, the logs will be kept forever or until
# manually deleted. Used when the deploy_logs_storage_backend
# is configured to "swift". (integer value)
#deploy_logs_swift_days_to_expire = 30


[ansible]

#
# From ironic
#

# Extra arguments to pass on every invocation of Ansible.
# (string value)
#ansible_extra_args = <None>

# Set ansible verbosity level requested when invoking
# "ansible-playbook" command. 4 includes detailed SSH session
# logging. Default is 4 when global debug is enabled and 0
# otherwise. (integer value)
# Minimum value: 0
# Maximum value: 4
#verbosity = <None>

# Path to "ansible-playbook" script. Default will search the
# $PATH configured for user running ironic-conductor process.
# Provide the full path when ansible-playbook is not in $PATH
# or installed in not default location. (string value)
#ansible_playbook_script = ansible-playbook

# Path to directory with playbooks, roles and local inventory.
# (string value)
#playbooks_path = $pybasedir/drivers/modules/ansible/playbooks

# Path to ansible configuration file. If set to empty, system
# default will be used. (string value)
#config_file_path = $pybasedir/drivers/modules/ansible/playbooks/ansible.cfg

# Number of times to retry getting power state to check if
# bare metal node has been powered off after a soft power off.
# Value of 0 means do not retry on failure. (integer value)
# Minimum value: 0
#post_deploy_get_power_state_retries = 6

# Amount of time (in seconds) to wait between polling power
# state after trigger soft poweroff. (integer value)
# Minimum value: 0
#post_deploy_get_power_state_retry_interval = 5

# Extra amount of memory in MiB expected to be consumed by
# Ansible-related processes on the node. Affects decision
# whether image will fit into RAM. (integer value)
#extra_memory = 10

# Skip verifying SSL connections to the image store when
# downloading the image. Setting it to "True" is only
# recommended for testing environments that use self-signed
# certificates. (boolean value)
#image_store_insecure = false

# Specific CA bundle to use for validating SSL connections to
# the image store. If not specified, CA available in the
# ramdisk will be used. Is not used by default playbooks
# included with the driver. Suitable for environments that use
# self-signed certificates. (string value)
#image_store_cafile = <None>

# Client cert to use for SSL connections to image store. Is
# not used by default playbooks included with the driver.
# (string value)
#image_store_certfile = <None>

# Client key to use for SSL connections to image store. Is not
# used by default playbooks included with the driver. (string
# value)
#image_store_keyfile = <None>

# Name of the user to use for Ansible when connecting to the
# ramdisk over SSH. It may be overriden by per-node
# 'ansible_username' option in node's 'driver_info' field.
# (string value)
#default_username = ansible

# Absolute path to the private SSH key file to use by Ansible
# by default when connecting to the ramdisk over SSH. Default
# is to use default SSH keys configured for the user running
# the ironic-conductor service. Private keys with password
# must be pre-loaded into 'ssh-agent'. It may be overriden by
# per-node 'ansible_key_file' option in node's 'driver_info'
# field. (string value)
#default_key_file = <None>

# Path (relative to $playbooks_path or absolute) to the
# default playbook used for deployment. It may be overriden by
# per-node 'ansible_deploy_playbook' option in node's
# 'driver_info' field. (string value)
#default_deploy_playbook = deploy.yaml

# Path (relative to $playbooks_path or absolute) to the
# default playbook used for graceful in-band shutdown of the
# node. It may be overriden by per-node
# 'ansible_shutdown_playbook' option in node's 'driver_info'
# field. (string value)
#default_shutdown_playbook = shutdown.yaml

# Path (relative to $playbooks_path or absolute) to the
# default playbook used for node cleaning. It may be overriden
# by per-node 'ansible_clean_playbook' option in node's
# 'driver_info' field. (string value)
#default_clean_playbook = clean.yaml

# Path (relative to $playbooks_path or absolute) to the
# default auxiliary cleaning steps file used during the node
# cleaning. It may be overriden by per-node
# 'ansible_clean_steps_config' option in node's 'driver_info'
# field. (string value)
#default_clean_steps_config = clean_steps.yaml


[api]

#
# From ironic
#

# The IP address on which ironic-api listens. (string value)
{%- if api.get('bind', {}).get('address') %}
host_ip = {{ api.bind.address }}
{%- else %}
#host_ip = 0.0.0.0
{%- endif %}

# The TCP port on which ironic-api listens. (port value)
# Minimum value: 0
# Maximum value: 65535
{%- if api.get('bind', {}).get('port') %}
port = {{ api.bind.port }}
{%- else %}
#port = 6385
{%- endif %}

# The maximum number of items returned in a single response
# from a collection resource. (integer value)
#max_limit = 1000

# Public URL to use when building the links to the API
# resources (for example, "https://ironic.rocks:6384"). If
# None the links will be built using the request's host URL.
# If the API is operating behind a proxy, you will want to
# change this to represent the proxy's URL. Defaults to None.
# (string value)
{%- if api.public_endpoint is defined %}
public_endpoint = {{ api.public_endpoint }}
{%- else %}
#public_endpoint = <None>
{%- endif %}

# Number of workers for OpenStack Ironic API service. The
# default is equal to the number of CPUs available if that can
# be determined, else a default worker count of 1 is returned.
# (integer value)
#api_workers = <None>

# Enable the integrated stand-alone API to service requests
# via HTTPS instead of HTTP. If there is a front-end service
# performing HTTPS offloading from the service, this option
# should be False; note, you will want to change public API
# endpoint to represent SSL termination URL with
# 'public_endpoint' option. (boolean value)
#enable_ssl_api = false

# Whether to restrict the lookup API to only nodes in certain
# states. (boolean value)
#restrict_lookup = true

# Maximum interval (in seconds) for agent heartbeats. (integer
# value)
# Deprecated group/name - [agent]/heartbeat_timeout
#ramdisk_heartbeat_timeout = 300


[audit]

#
# From ironic
#

# Enable auditing of API requests (for ironic-api service).
# (boolean value)
#enabled = false

# Path to audit map file for ironic-api service. Used only
# when API audit is enabled. (string value)
#audit_map_file = /etc/ironic/api_audit_map.conf

# Comma separated list of Ironic REST API HTTP methods to be
# ignored during audit logging. For example: auditing will not
# be done on any GET or POST requests if this is set to
# "GET,POST". It is used only when API audit is enabled.
# (string value)
#ignore_req_list =


[cimc]

#
# From ironic
#

# Number of times a power operation needs to be retried
# (integer value)
#max_retry = 6

# Amount of time in seconds to wait in between power
# operations (integer value)
#action_interval = 10


[cinder]

#
# From ironic
#

# This section was added by iura
# I referred to https://docs.openstack.org/ironic/pike/configuration/sample-config.html

# Number of retries in the case of a failed action (currently
# only used when detaching volumes). This option is part of
# boot-from-volume work, which is not currently exposed to
# users. (integer value)
#action_retries = 3
action_retries = 3

# Retry interval in seconds in the case of a failed action
# (only specific actions are retried). (integer value)
#action_retry_interval = 5

# Authentication URL (string value)
{%- if ironic.get('cinder', {}).get('auth_strategy') == 'keystone' %}
auth_url = {{ ironic.identity.protocol }}://{{ ironic.identity.host }}:{{ ironic.identity.port }}
{%- if ironic.identity.protocol == 'https' %}
cafile={{ ironic.identity.get('cacert_file', ironic.cacert_file) }}
{%- endif %}
{%- else %}
#auth_url = <None>
{%- endif %}

# Authentication type to load (string value)
# Deprecated group/name - [cinder]/auth_plugin
{%- if ironic.get('cinder', {}).get('auth_type') %}
auth_type = {{ ironic.cinder.auth_type }}
{%- else %}
#auth_type = <None>
{%- endif %}

# PEM encoded Certificate Authority to use when verifying
# HTTPs connections. (string value)
#cafile = <None>

# PEM encoded client certificate cert file (string value)
#certfile = <None>

# Optional domain ID to use with v3 and v2 parameters. It will
# be used for both the user and project domain in v3 and
# ignored in v2 authentication. (string value)
#default_domain_id = <None>

# Optional domain name to use with v3 API and v2 parameters.
# It will be used for both the user and project domain in v3
# and ignored in v2 authentication. (string value)
#default_domain_name = <None>

# Domain ID to scope to (string value)
#domain_id = <None>

# Domain name to scope to (string value)
#domain_name = <None>

# Verify HTTPS connections. (boolean value)
#insecure = false
insecure = true

# PEM encoded client certificate key file (string value)
#keyfile = <None>

# User's password (string value)
#password = <None>
{%- if ironic.get('cinder', {}).get('password') %}
password = {{ ironic.cinder.password }}
{%- else %}
#password = <None>
{%- endif %}

# Domain ID containing project (string value)
#project_domain_id = <None>
{%- if ironic.get('cinder', {}).get('project_domain_id') %}
project_domain_id = {{ ironic.cinder.project_domain_id }}
{%- else %}
#project_domain_id = <None>
{%- endif %}

# Domain name containing project (string value)
#project_domain_name = <None>
#project_domain_id = default

# Project ID to scope to (string value)
# Deprecated group/name - [cinder]/tenant_id
#project_id = <None>

# Project name to scope to (string value)
# Deprecated group/name - [cinder]/tenant_name
#project_name = <None>
{%- if ironic.get('cinder', {}).get('project_name') %}
project_name = {{ ironic.cinder.project_name }}
{%- else %}
#project_name = <None>
{%- endif %}

# Client retries in the case of a failed request connection.
# This option is part of boot-from-volume work, which is not
# currently exposed to users. (integer value)
#retries = 3

# Tenant ID (string value)
#tenant_id = <None>

# Tenant Name (string value)
#tenant_name = <None>

# Timeout value for http requests (integer value)
#timeout = <None>

# Trust ID (string value)
#trust_id = <None>

# URL for connecting to cinder. If set, the value must start
# with either http:// or https://. This option is part of
# boot-from-volume work, which is not currently exposed to
# users. (uri value)
{%- if ironic.get('cinder', {}).get('url') %}
url = {{ ironic.cinder.url }}
{%- else %}
#url = <None>
{%- endif %}

# User's domain id (string value)
#user_domain_id = <None>
user_domain_id = default

# User's domain name (string value)
{%- if ironic.get('cinder', {}).get('user_domain_name') %}
user_domain_name = {{ ironic.cinder.user_domain_name }}
{%- else %}
#user_domain_name = <None>
{%- endif %}

# User id (string value)
#user_id = <None>

# Username (string value)
# Deprecated group/name - [cinder]/user_name
{%- if ironic.get('cinder', {}).get('username') %}
username = {{ ironic.cinder.username }}
{%- else %}
#username = <None>
{%- endif %}


[cisco_ucs]

#
# From ironic
#

# Number of times a power operation needs to be retried
# (integer value)
#max_retry = 6

# Amount of time in seconds to wait in between power
# operations (integer value)
#action_interval = 5


[conductor]

#
# From ironic
#

# The size of the workers greenthread pool. Note that 2
# threads will be reserved by the conductor itself for
# handling heart beats and periodic tasks. (integer value)
# Minimum value: 3
#workers_pool_size = 100

# Seconds between conductor heart beats. (integer value)
#heartbeat_interval = 10

# DEPRECATED: URL of Ironic API service. If not set ironic can
# get the current value from the keystone service catalog. If
# set, the value must start with either http:// or https://.
# (uri value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Use [service_catalog]endpoint_override option
# instead if required to use a specific ironic api address,
# for example in noauth mode.
{%- if conductor.get('api_url') %}
api_url = {{ conductor.api_url }}
{%- else %}
#api_url = <None>
{%- endif %}

# Maximum time (in seconds) since the last check-in of a
# conductor. A conductor is considered inactive when this time
# has been exceeded. (integer value)
#heartbeat_timeout = 60

# Interval between syncing the node power state to the
# database, in seconds. (integer value)
#sync_power_state_interval = 60

# Interval between checks of provision timeouts, in seconds.
# (integer value)
#check_provision_state_interval = 60

# Interval (seconds) between checks of rescue timeouts.
# (integer value)
# Minimum value: 1
#check_rescue_state_interval = 60

# Timeout (seconds) to wait for a callback from a deploy
# ramdisk. Set to 0 to disable timeout. (integer value)
#deploy_callback_timeout = 1800

# During sync_power_state, should the hardware power state be
# set to the state recorded in the database (True) or should
# the database be updated based on the hardware state (False).
# (boolean value)
#force_power_state_during_sync = true

# During sync_power_state failures, limit the number of times
# Ironic should try syncing the hardware node power state with
# the node power state in DB (integer value)
#power_state_sync_max_retries = 3

# Maximum number of worker threads that can be started
# simultaneously by a periodic task. Should be less than RPC
# thread pool size. (integer value)
#periodic_max_workers = 8

# Number of attempts to grab a node lock. (integer value)
#node_locked_retry_attempts = 3

# Seconds to sleep between node lock attempts. (integer value)
#node_locked_retry_interval = 1

# Enable sending sensor data message via the notification bus
# (boolean value)
#send_sensor_data = false

# Seconds between conductor sending sensor data message to
# ceilometer via the notification bus. (integer value)
#send_sensor_data_interval = 600

# The maximum number of workers that can be started
# simultaneously for send data from sensors periodic task.
# (integer value)
# Minimum value: 1
#send_sensor_data_workers = 4

# The time in seconds to wait for send sensors data periodic
# task to be finished before allowing periodic call to happen
# again. Should be less than send_sensor_data_interval value.
# (integer value)
#send_sensor_data_wait_timeout = 300

# List of comma separated meter types which need to be sent to
# Ceilometer. The default value, "ALL", is a special value
# meaning send all the sensor data. (list value)
#send_sensor_data_types = ALL

# When conductors join or leave the cluster, existing
# conductors may need to update any persistent local state as
# nodes are moved around the cluster. This option controls how
# often, in seconds, each conductor will check for nodes that
# it should "take over". Set it to a negative value to disable
# the check entirely. (integer value)
#sync_local_state_interval = 180

# Name of the Swift container to store config drive data. Used
# when configdrive_use_object_store is True. (string value)
#configdrive_swift_container = ironic_configdrive_container

# Timeout (seconds) for waiting for node inspection. 0 -
# unlimited. (integer value)
#inspect_timeout = 1800

# Enables or disables automated cleaning. Automated cleaning
# is a configurable set of steps, such as erasing disk drives,
# that are performed on the node to ensure it is in a baseline
# state and ready to be deployed to. This is done after
# instance deletion as well as during the transition from a
# "manageable" to "available" state. When enabled, the
# particular steps performed to clean a node depend on which
# driver that node is managed by; see the individual driver's
# documentation for details. NOTE: The introduction of the
# cleaning operation causes instance deletion to take
# significantly longer. In an environment where all tenants
# are trusted (eg, because there is only one tenant), this
# option could be safely disabled. (boolean value)
{%- if conductor.automated_clean is defined %}
automated_clean = {{ conductor.automated_clean }}
{%- else %}
#automated_clean = true
{%- endif %}

# Timeout (seconds) to wait for a callback from the ramdisk
# doing the cleaning. If the timeout is reached the node will
# be put in the "clean failed" provision state. Set to 0 to
# disable timeout. (integer value)
#clean_callback_timeout = 1800

# Timeout (seconds) to wait for a callback from the rescue
# ramdisk. If the timeout is reached the node will be put in
# the "rescue failed" provision state. Set to 0 to disable
# timeout. (integer value)
# Minimum value: 0
#rescue_callback_timeout = 1800

# Timeout (in seconds) of soft reboot and soft power off
# operation. This value always has to be positive. (integer
# value)
# Minimum value: 1
#soft_power_off_timeout = 600

# Number of seconds to wait for power operations to complete,
# i.e., so that a baremetal node is in the desired power
# state. If timed out, the power operation is considered a
# failure. (integer value)
# Minimum value: 2
#power_state_change_timeout = 30


[console]

#
# From ironic
#

# Path to serial console terminal program. Used only by Shell
# In A Box console. (string value)
#terminal = shellinaboxd

# Directory containing the terminal SSL cert (PEM) for serial
# console access. Used only by Shell In A Box console. (string
# value)
#terminal_cert_dir = <None>

# Directory for holding terminal pid files. If not specified,
# the temporary directory will be used. (string value)
#terminal_pid_dir = <None>

# Timeout (in seconds) for the terminal session to be closed
# on inactivity. Set to 0 to disable timeout. Used only by
# Socat console. (integer value)
# Minimum value: 0
#terminal_timeout = 600

# Time interval (in seconds) for checking the status of
# console subprocess. (integer value)
#subprocess_checking_interval = 1

# Time (in seconds) to wait for the console subprocess to
# start. (integer value)
#subprocess_timeout = 10

# IP address of Socat service running on the host of ironic
# conductor. Used only by Socat console. (IP address value)
#socat_address = $my_ip


[cors]
{%- if ironic.cors is defined %}
{%- set _data = ironic.cors %}
{%- include "oslo_templates/files/queens/oslo/_cors.conf" %}
{%- endif %}


[database]
{%- set _data = ironic.database %}
{%- if _data.ssl is defined and 'cacert_file' not in _data.get('ssl', {}).keys() %}{% do _data['ssl'].update({'cacert_file': ironic.cacert_file}) %}{% endif %}
{%- include "oslo_templates/files/queens/oslo/_database.conf" %}

[deploy]

#
# From ironic
#

# ironic-conductor node's HTTP server URL. Example:
# http://192.1.2.3:8080 (string value)
{%- if conductor.get('http_url') %}
http_url = {{ conductor.http_url }}
{%- else %}
#http_url = <None>
{%- endif %}

# ironic-conductor node's HTTP root path. (string value)
{%- if conductor.get('http_root') %}
http_root = {{ conductor.http_root }}
{%- else %}
#http_root = /httpboot
{%- endif %}

# Priority to run in-band erase devices via the Ironic Python
# Agent ramdisk. If unset, will use the priority set in the
# ramdisk (defaults to 10 for the GenericHardwareManager). If
# set to 0, will not run during cleaning. (integer value)
{%- if conductor.erase_devices_priority is defined %}
erase_devices_priority = {{ conductor.erase_devices_priority }}
{%- else %}
#erase_devices_priority = <None>
{%- endif %}

# Priority to run in-band clean step that erases metadata from
# devices, via the Ironic Python Agent ramdisk. If unset, will
# use the priority set in the ramdisk (defaults to 99 for the
# GenericHardwareManager). If set to 0, will not run during
# cleaning. (integer value)
{%- if conductor.erase_devices_metadata_priority is defined %}
erase_devices_metadata_priority = {{ conductor.erase_devices_metadata_priority }}
{%- else %}
#erase_devices_metadata_priority = <None>
{%- endif %}

# During shred, overwrite all block devices N times with
# random data. This is only used if a device could not be ATA
# Secure Erased. Defaults to 1. (integer value)
# Minimum value: 0
#shred_random_overwrite_iterations = 1

# Whether to write zeros to a node's block devices after
# writing random data. This will write zeros to the device
# even when deploy.shred_random_overwrite_iterations is 0.
# This option is only used if a device could not be ATA Secure
# Erased. Defaults to True. (boolean value)
#shred_final_overwrite_with_zeros = true

# Defines what to do if an ATA secure erase operation fails
# during cleaning in the Ironic Python Agent. If False, the
# cleaning operation will fail and the node will be put in
# ``clean failed`` state. If True, shred will be invoked and
# cleaning will continue. (boolean value)
#continue_if_disk_secure_erase_fails = false

# Whether to power off a node after deploy failure. Defaults
# to True. (boolean value)
#power_off_after_deploy_failure = true

# Default boot option to use when no boot option is requested
# in node's driver_info. Currently the default is "netboot",
# but it will be changed to "local" in the future. It is
# recommended to set an explicit value for this option.
# (string value)
# Possible values:
# netboot - <No description provided>
# local - <No description provided>
{%- if conductor.default_boot_option is defined %}
default_boot_option = {{ conductor.default_boot_option }}
{%- else %}
#default_boot_option = <None>
{%- endif %}

# Whether to upload the config drive to object store. Set this
# option to True to store config drive in swift or radosgw.
# (boolean value)
# Deprecated group/name - [conductor]/configdrive_use_swift
#configdrive_use_object_store = false

# Type of object store endpoint type to be used as a backend
# (string value)
# Possible values:
# swift - <No description provided>
# radosgw - <No description provided>
# Deprecated group/name - [glance]/temp_url_endpoint_type
#object_store_endpoint_type = swift


[dhcp]

#
# From ironic
#

# DHCP provider to use. "neutron" uses Neutron, and "none"
# uses a no-op provider. (string value)
{%- if conductor.get('dhcp', {}).get('provider') %}
dhcp_provider = {{ conductor.dhcp.provider }}
{%- else %}
#dhcp_provider = neutron
{%- endif %}


[disk_partitioner]

#
# From ironic_lib.disk_partitioner
#

# After Ironic has completed creating the partition table, it
# continues to check for activity on the attached iSCSI device
# status at this interval prior to copying the image to the
# node, in seconds (integer value)
#check_device_interval = 1

# The maximum number of times to check that the device is not
# accessed by another process. If the device is still busy
# after that, the disk partitioning will be treated as having
# failed. (integer value)
#check_device_max_retries = 20


[disk_utils]

#
# From ironic_lib.disk_utils
#

# Size of EFI system partition in MiB when configuring UEFI
# systems for local boot. (integer value)
#efi_system_partition_size = 200

# Size of BIOS Boot partition in MiB when configuring GPT
# partitioned systems for local boot in BIOS. (integer value)
#bios_boot_partition_size = 1

# Block size to use when writing to the nodes disk. (string
# value)
#dd_block_size = 1M

# Maximum attempts to verify an iSCSI connection is active,
# sleeping 1 second between attempts. (integer value)
#iscsi_verify_attempts = 3


[drac]

#
# From ironic
#

# Interval (in seconds) between periodic RAID job status
# checks to determine whether the asynchronous RAID
# configuration was successfully finished or not. (integer
# value)
#query_raid_config_job_status_interval = 120


[glance]

#
# From ironic
#

# A list of URL schemes that can be downloaded directly via
# the direct_url.  Currently supported schemes: [file]. (list
# value)
#allowed_direct_url_schemes =

{%- set _data = ironic.get('glance', ironic.get('identity', {})) %}
{%- if 'cacert_file' not in _data.keys() %}{% do _data.update({'cacert_file': ironic.cacert_file}) %}{% endif %}
{%- set auth_type = _data.get('auth_type', 'password') %}
{%- include "oslo_templates/files/queens/keystoneauth/_type_" + auth_type + ".conf" %}

# Authentication strategy to use when connecting to glance.
# (string value)
# Allowed values: keystone, noauth
{%- if conductor.get('glance', {}).get('auth_strategy') %}
auth_strategy = {{ conductor.glance.auth_strategy }}
{%- else %}
#auth_strategy = keystone
{%- endif %}

# DEPRECATED: Glance API version (1 or 2) to use. (integer
# value)
# Minimum value: 1
# Maximum value: 2
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Ironic will only support using Glance API version 2
# in the Queens release.
#glance_api_version = 2

# Number of retries when downloading an image from glance.
# (integer value)
#glance_num_retries = 0

# The account that Glance uses to communicate with Swift. The
# format is "AUTH_uuid". "uuid" is the UUID for the account
# configured in the glance-api.conf. For example:
# "AUTH_a422b2-91f3-2f46-74b7-d7c9e8958f5d30". If not set, the
# default value is calculated based on the ID of the project
# used to access Swift (as set in the [swift] section). Swift
# temporary URL format:
# "endpoint_url/api_version/[account/]container/object_id"
# (string value)
#swift_account = <None>

# The Swift API version to create a temporary URL for.
# Defaults to "v1". Swift temporary URL format:
# "endpoint_url/api_version/[account/]container/object_id"
# (string value)
#swift_api_version = v1

# The Swift container Glance is configured to store its images
# in. Defaults to "glance", which is the default in glance-
# api.conf. Swift temporary URL format:
# "endpoint_url/api_version/[account/]container/object_id"
# (string value)
#swift_container = glance

# The "endpoint" (scheme, hostname, optional port) for the
# Swift URL of the form
# "endpoint_url/api_version/[account/]container/object_id". Do
# not include trailing "/". For example, use
# "https://swift.example.com". If using RADOS Gateway,
# endpoint may also contain /swift path; if it does not, it
# will be appended. Used for temporary URLs, will be fetched
# from the service catalog, if not provided. (string value)
#swift_endpoint_url = <None>

# This should match a config by the same name in the Glance
# configuration file. When set to 0, a single-tenant store
# will only use one container to store all images. When set to
# an integer value between 1 and 32, a single-tenant store
# will use multiple containers to store images, and this value
# will determine how many containers are created. (integer
# value)
#swift_store_multiple_containers_seed = 0

# Whether to cache generated Swift temporary URLs. Setting it
# to true is only useful when an image caching proxy is used.
# Defaults to False. (boolean value)
#swift_temp_url_cache_enabled = false

# The length of time in seconds that the temporary URL will be
# valid for. Defaults to 20 minutes. If some deploys get a 401
# response code when trying to download from the temporary
# URL, try raising this duration. This value must be greater
# than or equal to the value for
# swift_temp_url_expected_download_start_delay (integer value)
#swift_temp_url_duration = 1200

# This is the delay (in seconds) from the time of the deploy
# request (when the Swift temporary URL is generated) to when
# the IPA ramdisk starts up and URL is used for the image
# download. This value is used to check if the Swift temporary
# URL duration is large enough to let the image download
# begin. Also if temporary URL caching is enabled this will
# determine if a cached entry will still be valid when the
# download starts. swift_temp_url_duration value must be
# greater than or equal to this option's value. Defaults to 0.
# (integer value)
# Minimum value: 0
#swift_temp_url_expected_download_start_delay = 0

# The secret token given to Swift to allow temporary URL
# downloads. Required for temporary URLs. For the Swift
# backend, the key on the service project (as set in the
# [swift] section) is used by default. (string value)
{%- if conductor.get('glance', {}).get('swift_temp_url_key') %}
swift_temp_url_key = {{ conductor.glance.swift_temp_url_key }}
{%- else %}
#swift_temp_url_key = <None>
{%- endif %}

# Type of endpoint to use for temporary URLs. If the Glance
# backend is Swift, use "swift"; if it is CEPH with RADOS
# gateway, use "radosgw". (string value)
# Allowed values: swift, radosgw
#temp_url_endpoint_type = swift

# Tenant ID (string value)
#tenant_id = <None>

# Tenant Name (string value)
#tenant_name = <None>

# Timeout value for http requests (integer value)
#timeout = <None>

# Trust ID (string value)
#trust_id = <None>

# User's domain id (string value)
#user_domain_id = <None>

# User's domain name (string value)
{%- if conductor.get('glance', {}).get('user_domain_name') %}
user_domain_name = {{ conductor.glance.user_domain_name }}
{%- else %}
#user_domain_name = <None>
{%- endif %}

# User id (string value)
#user_id = <None>

# Username (string value)
# Deprecated group/name - [glance]/user_name
{%- if conductor.get('glance', {}).get('username') %}
username = {{ conductor.glance.username }}
{%- else %}
#username = <None>
{%- endif %}


[ilo]

#
# From ironic
#

# Timeout (in seconds) for iLO operations (integer value)
#client_timeout = 60

# Port to be used for iLO operations (port value)
# Minimum value: 0
# Maximum value: 65535
#client_port = 443

# The Swift iLO container to store data. (string value)
#swift_ilo_container = ironic_ilo_container

# Amount of time in seconds for Swift objects to auto-expire.
# (integer value)
#swift_object_expiry_timeout = 900

# Set this to True to use http web server to host floppy
# images and generated boot ISO. This requires http_root and
# http_url to be configured in the [deploy] section of the
# config file. If this is set to False, then Ironic will use
# Swift to host the floppy images and generated boot_iso.
# (boolean value)
#use_web_server_for_images = false

# Priority for reset_ilo clean step. (integer value)
#clean_priority_reset_ilo = 0

# Priority for reset_bios_to_default clean step. (integer
# value)
#clean_priority_reset_bios_to_default = 10

# Priority for reset_secure_boot_keys clean step. This step
# will reset the secure boot keys to manufacturing defaults.
# (integer value)
#clean_priority_reset_secure_boot_keys_to_default = 20

# Priority for clear_secure_boot_keys clean step. This step is
# not enabled by default. It can be enabled to clear all
# secure boot keys enrolled with iLO. (integer value)
#clean_priority_clear_secure_boot_keys = 0

# Priority for reset_ilo_credential clean step. This step
# requires "ilo_change_password" parameter to be updated in
# nodes's driver_info with the new password. (integer value)
#clean_priority_reset_ilo_credential = 30

# Number of times a power operation needs to be retried
# (integer value)
#power_retry = 6

# Amount of time in seconds to wait in between power
# operations (integer value)
#power_wait = 2

# CA certificate file to validate iLO. (string value)
#ca_file = <None>

# Default boot mode to be used in provisioning when
# "boot_mode" capability is not provided in the
# "properties/capabilities" of the node. The default is "auto"
# for backward compatibility. When "auto" is specified,
# default boot mode will be selected based on boot mode
# settings on the system. (string value)
# Possible values:
# auto - <No description provided>
# bios - <No description provided>
# uefi - <No description provided>
#default_boot_mode = auto


[inspector]

#
# From ironic
#

# Authentication URL (string value)
#auth_url = <None>

# Authentication type to load (string value)
# Deprecated group/name - [inspector]/auth_plugin
#auth_type = <None>

# PEM encoded Certificate Authority to use when verifying
# HTTPs connections. (string value)
#cafile = <None>

# PEM encoded client certificate cert file (string value)
#certfile = <None>

# Optional domain ID to use with v3 and v2 parameters. It will
# be used for both the user and project domain in v3 and
# ignored in v2 authentication. (string value)
#default_domain_id = <None>

# Optional domain name to use with v3 API and v2 parameters.
# It will be used for both the user and project domain in v3
# and ignored in v2 authentication. (string value)
#default_domain_name = <None>

# Domain ID to scope to (string value)
#domain_id = <None>

# Domain name to scope to (string value)
#domain_name = <None>

# whether to enable inspection using ironic-inspector. This
# option does not affect new-style dynamic drivers and the
# fake_inspector driver. (boolean value)
#enabled = false

# Always use this endpoint URL for requests for this client.
# NOTE: The unversioned endpoint should be specified here; to
# request a particular API version, use the `version`, `min-
# version`, and/or `max-version` options. (string value)
#endpoint_override = <None>

# Verify HTTPS connections. (boolean value)
#insecure = false

# PEM encoded client certificate key file (string value)
#keyfile = <None>

# The maximum major version of a given API, intended to be
# used as the upper bound of a range with min_version.
# Mutually exclusive with version. (string value)
#max_version = <None>

# The minimum major version of a given API, intended to be
# used as the lower bound of a range with max_version.
# Mutually exclusive with version. If min_version is given
# with no max_version it is as if max version is "latest".
# (string value)
#min_version = <None>

# User's password (string value)
#password = <None>

# Domain ID containing project (string value)
#project_domain_id = <None>

# Domain name containing project (string value)
#project_domain_name = <None>

# Project ID to scope to (string value)
# Deprecated group/name - [inspector]/tenant_id
#project_id = <None>

# Project name to scope to (string value)
# Deprecated group/name - [inspector]/tenant_name
#project_name = <None>

# The default region_name for endpoint URL discovery. (string
# value)
#region_name = <None>

# The default service_name for endpoint URL discovery. (string
# value)
#service_name = <None>

# The default service_type for endpoint URL discovery. (string
# value)
#service_type = baremetal-introspection

# DEPRECATED: ironic-inspector HTTP endpoint. If this is not
# set, the service catalog will be used. (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Use [inspector]/endpoint_override option instead to
# set a specific ironic-inspector API URL to connect to.
#service_url = <None>

# period (in seconds) to check status of nodes on inspection
# (integer value)
#status_check_period = 60

# Scope for system operations (string value)
#system_scope = <None>

# Tenant ID (string value)
#tenant_id = <None>

# Tenant Name (string value)
#tenant_name = <None>

# Timeout value for http requests (integer value)
#timeout = <None>

# Trust ID (string value)
#trust_id = <None>

# User's domain id (string value)
#user_domain_id = <None>

# User's domain name (string value)
#user_domain_name = <None>

# User id (string value)
#user_id = <None>

# Username (string value)
# Deprecated group/name - [inspector]/user_name
#username = <None>

# List of interfaces, in order of preference, for endpoint
# URL. (list value)
#valid_interfaces = internal,public

# Minimum Major API version within a given Major API version
# for endpoint URL discovery. Mutually exclusive with
# min_version and max_version (string value)
#version = <None>

[ipmi]

#
# From ironic
#

# Maximum time in seconds to retry retryable IPMI operations.
# (An operation is retryable, for example, if the requested
# operation fails because the BMC is busy.) Setting this too
# high can cause the sync power state periodic task to hang
# when there are slow or unresponsive BMCs. (integer value)
#command_retry_timeout = 60

# DEPRECATED: Maximum time in seconds to retry IPMI
# operations. Setting this too high can cause the sync power
# state periodic task to hang when there are slow or
# unresponsive BMCs. (integer value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Use option [ipmi]/command_retry_timeout to specify
# the timeout value for IPMI command retries, and use option
# [conductor]/power_state_change_timeout to specify the
# timeout value for waiting for a power operation to complete
# so that a baremetal node reaches the desired power state.
#retry_timeout = <None>

# Minimum time, in seconds, between IPMI operations sent to a
# server. There is a risk with some hardware that setting this
# too low may cause the BMC to crash. Recommended setting is 5
# seconds. (integer value)
#min_command_interval = 5


[irmc]

#
# From ironic
#

# Ironic conductor node's "NFS" or "CIFS" root path (string
# value)
#remote_image_share_root = /remote_image_share_root

# IP of remote image server (string value)
#remote_image_server = <None>

# Share type of virtual media (string value)
# Possible values:
# CIFS - <No description provided>
# NFS - <No description provided>
#remote_image_share_type = CIFS

# share name of remote_image_server (string value)
#remote_image_share_name = share

# User name of remote_image_server (string value)
#remote_image_user_name = <None>

# Password of remote_image_user_name (string value)
#remote_image_user_password = <None>

# Domain name of remote_image_user_name (string value)
#remote_image_user_domain =

# Port to be used for iRMC operations (port value)
# Minimum value: 0
# Maximum value: 65535
# Possible values:
# 443 - <No description provided>
# 80 - <No description provided>
#port = 443

# Authentication method to be used for iRMC operations (string
# value)
# Possible values:
# basic - <No description provided>
# digest - <No description provided>
#auth_method = basic

# Timeout (in seconds) for iRMC operations (integer value)
#client_timeout = 60

# Sensor data retrieval method. (string value)
# Possible values:
# ipmitool - <No description provided>
# scci - <No description provided>
#sensor_method = ipmitool

# SNMP protocol version (string value)
# Possible values:
# v1 - <No description provided>
# v2c - <No description provided>
# v3 - <No description provided>
#snmp_version = v2c

# SNMP port (port value)
# Minimum value: 0
# Maximum value: 65535
#snmp_port = 161

# SNMP community. Required for versions "v1" and "v2c" (string
# value)
#snmp_community = public

# SNMP security name. Required for version "v3" (string value)
#snmp_security = <None>

# SNMP polling interval in seconds (integer value)
#snmp_polling_interval = 10

# Priority for restore_irmc_bios_config clean step. (integer
# value)
#clean_priority_restore_irmc_bios_config = 0

# List of vendor IDs and device IDs for GPU device to inspect.
# List items are in format vendorID/deviceID and separated by
# commas. GPU inspection will use this value to count the
# number of GPU device in a node. If this option is not
# defined, then leave out pci_gpu_devices in capabilities
# property. Sample gpu_ids value: 0x1000/0x0079,0x2100/0x0080
# (list value)
#gpu_ids =


[ironic_lib]

#
# From ironic_lib.utils
#

# Command that is prefixed to commands that are run as root.
# If not specified, no commands are run as root. (string
# value)
#root_helper = sudo ironic-rootwrap /etc/ironic/rootwrap.conf

# List of vendor IDs and device IDs for GPU device to inspect.
# List items are in format vendorID/deviceID and separated by
# commas. GPU inspection will use this value to count the
# number of GPU device in a node. If this option is not
# defined, then leave out pci_gpu_devices in capabilities
# property. Sample gpu_ids value: 0x1000/0x0079,0x2100/0x0080
# (list value)
#gpu_ids =


[iscsi]

#
# From ironic
#

# The port number on which the iSCSI portal listens for
# incoming connections. (port value)
# Minimum value: 0
# Maximum value: 65535
#portal_port = 3260


[keystone]

#
# From ironic
#

# The region used for getting endpoints of OpenStack services.
# (string value)
{%- if ironic.get('identity', {}).get('region') %}
region_name = {{ ironic.identity.region }}
{%- else %}
#region_name = <None>
{%- endif %}


[keystone_authtoken]
{%- set _data = ironic.get('identity', {}) %}
{%- if 'cacert_file' not in _data.keys() %}{% do _data.update({'cacert_file': ironic.cacert_file}) %}{% endif %}
{%- set auth_type = _data.get('auth_type', 'password') %}
{%- include "oslo_templates/files/queens/keystoneauth/_type_" + auth_type + ".conf" %}

[matchmaker_redis]

#
# From oslo.messaging
#

# DEPRECATED: Host to locate redis. (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Replaced by [DEFAULT]/transport_url
#host = 127.0.0.1

# DEPRECATED: Use this port to connect to redis host. (port
# value)
# Minimum value: 0
# Maximum value: 65535
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Replaced by [DEFAULT]/transport_url
#port = 6379

# DEPRECATED: Password for Redis server (optional). (string
# value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Replaced by [DEFAULT]/transport_url
#password =

# DEPRECATED: List of Redis Sentinel hosts (fault tolerance
# mode), e.g., [host:port, host1:port ... ] (list value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Replaced by [DEFAULT]/transport_url
#sentinel_hosts =

# Redis replica set name. (string value)
#sentinel_group_name = oslo-messaging-zeromq

# Time in ms to wait between connection attempts. (integer
# value)
#wait_timeout = 2000

# Time in ms to wait before the transaction is killed.
# (integer value)
#check_timeout = 20000

# Timeout in ms on blocking socket operations. (integer value)
#socket_timeout = 10000


[metrics]

#
# From ironic
#

# Backend for the agent ramdisk to use for metrics. Default
# possible backends are "noop" and "statsd". (string value)
#agent_backend = noop

# Prepend the hostname to all metric names sent by the agent
# ramdisk. The format of metric names is
# [global_prefix.][uuid.][host_name.]prefix.metric_name.
# (boolean value)
#agent_prepend_host = false

# Prepend the node's Ironic uuid to all metric names sent by
# the agent ramdisk. The format of metric names is
# [global_prefix.][uuid.][host_name.]prefix.metric_name.
# (boolean value)
#agent_prepend_uuid = false

# Split the prepended host value by "." and reverse it for
# metrics sent by the agent ramdisk (to better match the
# reverse hierarchical form of domain names). (boolean value)
#agent_prepend_host_reverse = true

# Prefix all metric names sent by the agent ramdisk with this
# value. The format of metric names is
# [global_prefix.][uuid.][host_name.]prefix.metric_name.
# (string value)
#agent_global_prefix = <None>

#
# From ironic_lib.metrics
#

# Backend to use for the metrics system. (string value)
# Allowed values: noop, statsd
#backend = noop

# Prepend the hostname to all metric names. The format of
# metric names is
# [global_prefix.][host_name.]prefix.metric_name. (boolean
# value)
#prepend_host = false

# Split the prepended host value by "." and reverse it (to
# better match the reverse hierarchical form of domain names).
# (boolean value)
#prepend_host_reverse = true

# Prefix all metric names with this value. By default, there
# is no global prefix. The format of metric names is
# [global_prefix.][host_name.]prefix.metric_name. (string
# value)
#global_prefix = <None>


[metrics_statsd]

#
# From ironic
#

# Host for the agent ramdisk to use with the statsd backend.
# This must be accessible from networks the agent is booted
# on. (string value)
#agent_statsd_host = localhost

# Port for the agent ramdisk to use with the statsd backend.
# (port value)
# Minimum value: 0
# Maximum value: 65535
#agent_statsd_port = 8125

#
# From ironic_lib.metrics_statsd
#

# Host for use with the statsd backend. (string value)
#statsd_host = localhost

# Port to use with the statsd backend. (port value)
# Minimum value: 0
# Maximum value: 65535
#statsd_port = 8125


[neutron]
{%- set _data = ironic.get('neutron', ironic.get('identity', {})) %}
{%- if 'cacert_file' not in _data.keys() %}{% do _data.update({'cacert_file': ironic.cacert_file}) %}{% endif %}
{%- set auth_type = _data.get('auth_type', 'password') %}
{%- include "oslo_templates/files/queens/keystoneauth/_type_" + auth_type + ".conf" %}

#
# From ironic
#

# Neutron network UUID or name for the ramdisk to be booted
# into for cleaning nodes. Required for "neutron" network
# interface. It is also required if cleaning nodes when using
# "flat" network interface or "neutron" DHCP provider. If a
# name is provided, it must be unique among all networks or
# cleaning will fail. (string value)
# Deprecated group/name - [neutron]/cleaning_network_uuid
{%- if conductor.get('neutron', {}).get('cleaning_network') %}
cleaning_network = {{ conductor.neutron.cleaning_network }}
{%- else %}
#cleaning_network = <None>
{%- endif %}

# List of Neutron Security Group UUIDs to be applied during
# cleaning of the nodes. Optional for the "neutron" network
# interface and not used for the "flat" or "noop" network
# interfaces. If not specified, default security group is
# used. (list value)
#cleaning_network_security_groups =

# Delay value to wait for Neutron agents to setup sufficient
# DHCP configuration for port. (integer value)
# Minimum value: 0
{%- if conductor.get('neutron', {}).get('port_setup_delay') %}
port_setup_delay = {{ conductor.neutron.port_setup_delay }}
{%- else %}
#port_setup_delay = 0
{%- endif %}

# Neutron network UUID or name for the ramdisk to be booted
# into for provisioning nodes. Required for "neutron" network
# interface. If a name is provided, it must be unique among
# all networks or deploy will fail. (string value)
# Deprecated group/name - [neutron]/provisioning_network_uuid
{%- if conductor.get('neutron', {}).get('provisioning_network') %}
provisioning_network = {{ conductor.neutron.provisioning_network }}
{%- else %}
#provisioning_network = <None>
{%- endif %}

# List of Neutron Security Group UUIDs to be applied during
# provisioning of the nodes. Optional for the "neutron"
# network interface and not used for the "flat" or "noop"
# network interfaces. If not specified, default security group
# is used. (list value)
#provisioning_network_security_groups =

# Neutron network UUID or name for booting the ramdisk for
# rescue mode. This is not the network that the rescue ramdisk
# will use post-boot -- the tenant network is used for that.
# Required for "neutron" network interface, if rescue mode
# will be used. It is not used for the "flat" or "noop"
# network interfaces. If a name is provided, it must be unique
# among all networks or rescue will fail. (string value)
{%- if conductor.get('neutron', {}).get('rescuing_network') %}
rescuing_network = {{ conductor.neutron.rescuing_network }}
{%- else %}
#rescuing_network = <None>
{%- endif %}

# List of Neutron Security Group UUIDs to be applied during
# the node rescue process. Optional for the "neutron" network
# interface and not used for the "flat" or "noop" network
# interfaces. If not specified, the default security group is
# used. (list value)
#rescuing_network_security_groups =

# Client retries in the case of a failed request. (integer
# value)
#retries = 3

# Timeout value for connecting to neutron in seconds. (integer
# value)
#url_timeout = 30


[oneview]

#
# From ironic
#

# URL where OneView is available. (string value)
#manager_url = <None>

# OneView username to be used. (string value)
#username = <None>

# OneView password to be used. (string value)
#password = <None>

# Option to allow insecure connection with OneView. (boolean
# value)
#allow_insecure_connections = false

# Path to CA certificate. (string value)
#tls_cacert_file = <None>

# Whether to enable the periodic tasks for OneView driver be
# aware when OneView hardware resources are taken and released
# by Ironic or OneView users and proactively manage nodes in
# clean fail state according to Dynamic Allocation model of
# hardware resources allocation in OneView. (boolean value)
#enable_periodic_tasks = true

# Period (in seconds) for periodic tasks to be executed when
# enable_periodic_tasks=True. (integer value)
#periodic_check_interval = 300


[oslo_concurrency]
{%- if ironic.concurrency is defined %}
{%- set _data = ironic.concurrency %}
{%- include "oslo_templates/files/queens/oslo/_concurrency.conf" %}
{%- endif %}

[oslo_messaging_notifications]
{%- set _data = ironic.notification %}
{%- include "oslo_templates/files/queens/oslo/messaging/_notifications.conf" %}

{%- if ironic.message_queue is defined %}
{%- set _data = ironic.message_queue %}
{%- if _data.engine == 'rabbitmq' %}
    {%- set messaging_engine = 'rabbit' %}
{%- else %}
    {%- set messaging_engine = _data.engine %}
{%- endif %}
[oslo_messaging_{{ messaging_engine }}]
{%- if _data.ssl is defined and 'cacert_file' not in _data.get('ssl', {}).keys() %}{% do _data['ssl'].update({'cacert_file': ironic.cacert_file}) %}{% endif %}
{%- include "oslo_templates/files/queens/oslo/messaging/_" + messaging_engine + ".conf" %}
{%- endif %}

[oslo_policy]
{%- if ironic.policy is defined %}
{%- set _data = ironic.policy %}
{%- include "oslo_templates/files/queens/oslo/_policy.conf" %}
{%- endif %}

[profiler]
{%- if ironic.profiler is defined %}
{%- set _data = ironic.profiler %}
{%- include "oslo_templates/files/queens/oslo/_osprofiler.conf" %}
{%- endif %}


[pxe]

#
# From ironic
#

# Additional append parameters for baremetal PXE boot. (string
# value)
#pxe_append_params = nofb nomodeset vga=normal

# Default file system format for ephemeral partition, if one
# is created. (string value)
#default_ephemeral_format = ext4

# On the ironic-conductor node, directory where images are
# stored on disk. (string value)
#images_path = /var/lib/ironic/images/

# On the ironic-conductor node, directory where master
# instance images are stored on disk. Setting to <None>
# disables image caching. (string value)
#instance_master_path = /var/lib/ironic/master_images

# Maximum size (in MiB) of cache for master images, including
# those in use. (integer value)
#image_cache_size = 20480

# Maximum TTL (in minutes) for old master images in cache.
# (integer value)
#image_cache_ttl = 10080

# On ironic-conductor node, template file for PXE
# configuration. (string value)
{%- if conductor.get('pxe_config_template') %}
pxe_config_template = {{ conductor.pxe_config_template }}
{%- else %}
#pxe_config_template = $pybasedir/drivers/modules/pxe_common.template
{%- endif %}

# On ironic-conductor node, template file for PXE
# configuration for UEFI boot loader. (string value)
#uefi_pxe_config_template = $pybasedir/drivers/modules/pxe_grub_common.template

# On ironic-conductor node, template file for PXE
# configuration per node architecture. For example:
# aarch64:/opt/share/grubaa64_pxe_common.template (dict value)
#pxe_config_template_by_arch =

# IP address of ironic-conductor node's TFTP server. (string
# value)
#tftp_server = $my_ip

# ironic-conductor node's TFTP root path. The ironic-conductor
# must have read/write access to this path. (string value)
{%- if conductor.get('tftp_root') %}
tftp_root = {{ conductor.tftp_root }}
{%- else %}
#tftp_root = /tftpboot
{%- endif %}

# On ironic-conductor node, directory where master TFTP images
# are stored on disk. Setting to <None> disables image
# caching. (string value)
{%- if conductor.get('tftp_master_path') %}
tftp_master_path = {{ conductor.tftp_master_path }}
{%- else %}
#tftp_master_path = /tftpboot/master_images
{%- endif %}

# The permission that will be applied to the TFTP folders upon
# creation. This should be set to the permission such that the
# tftpserver has access to read the contents of the configured
# TFTP folder. This setting is only required when the
# operating system's umask is restrictive such that ironic-
# conductor is creating files that cannot be read by the TFTP
# server. Setting to <None> will result in the operating
# system's umask to be utilized for the creation of new tftp
# folders. It is recommended that an octal representation is
# specified. For example: 0o755 (integer value)
#dir_permission = <None>

# Bootfile DHCP parameter. (string value)
{%- if conductor.get('pxe_bootfile_name') %}
pxe_bootfile_name = {{ conductor.pxe_bootfile_name }}
{%- else %}
#pxe_bootfile_name = pxelinux.0
{%- endif %}

# Bootfile DHCP parameter for UEFI boot mode. (string value)
#uefi_pxe_bootfile_name = bootx64.efi

# Bootfile DHCP parameter per node architecture. For example:
# aarch64:grubaa64.efi (dict value)
#pxe_bootfile_name_by_arch =

# Enable iPXE boot. (boolean value)
{%- if conductor.ipxe_enabled is defined %}
ipxe_enabled = {{ conductor.ipxe_enabled }}
{%- else %}
#ipxe_enabled = false
{%- endif %}

# On ironic-conductor node, the path to the main iPXE script
# file. (string value)
#ipxe_boot_script = $pybasedir/drivers/modules/boot.ipxe

# Timeout value (in seconds) for downloading an image via
# iPXE. Defaults to 0 (no timeout) (integer value)
#ipxe_timeout = 0


# The IP version that will be used for PXE booting. Defaults
# to 4. EXPERIMENTAL (string value)
# Possible values:
# 4 - <No description provided>
# 6 - <No description provided>
#ip_version = 4

# Download deploy and rescue images directly from swift using
# temporary URLs. If set to false (default), images are
# downloaded to the ironic-conductor node and served over its
# local HTTP server. Applicable only when 'ipxe_enabled'
# option is set to true. (boolean value)
#ipxe_use_swift = false


[service_catalog]
{%- set _data = ironic.get('identity', {}) %}
{%- if 'cacert_file' not in _data.keys() %}{% do _data.update({'cacert_file': ironic.cacert_file}) %}{% endif %}
{%- set auth_type = _data.get('auth_type', 'password') %}
{%- include "oslo_templates/files/queens/keystoneauth/_type_" + auth_type + ".conf" %}


[snmp]

#
# From ironic
#

# Seconds to wait for power action to be completed (integer
# value)
#power_timeout = 10

# Time (in seconds) to sleep between when rebooting (powering
# off and on again) (integer value)
# Minimum value: 0
#reboot_delay = 0

# Response timeout in seconds used for UDP transport. Timeout
# should be a multiple of 0.5 seconds and is applicable to
# each retry. (floating point value)
# Minimum value: 0
#udp_transport_timeout = 1.0

# Maximum number of UDP request retries, 0 means no retries.
# (integer value)
# Minimum value: 0
#udp_transport_retries = 5


[ssl]

#
# From oslo.service.sslutils
#

# CA certificate file to use to verify connecting clients.
# (string value)
# Deprecated group/name - [DEFAULT]/ssl_ca_file
#ca_file = <None>

# Certificate file to use when starting the server securely.
# (string value)
# Deprecated group/name - [DEFAULT]/ssl_cert_file
#cert_file = <None>

# Private key file to use when starting the server securely.
# (string value)
# Deprecated group/name - [DEFAULT]/ssl_key_file
#key_file = <None>

# SSL version to use (valid only if SSL enabled). Valid values
# are TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may
# be available on some distributions. (string value)
#version = <None>

# Sets the list of available ciphers. value should be a string
# in the OpenSSL cipher list format. (string value)
#ciphers = <None>


[swift]
{%- set _data = ironic.get('swift', ironic.get('identity', {})) %}
{%- if 'cacert_file' not in _data.keys() %}{% do _data.update({'cacert_file': ironic.cacert_file}) %}{% endif %}
{%- set auth_type = _data.get('auth_type', 'password') %}
{%- include "oslo_templates/files/queens/keystoneauth/_type_" + auth_type + ".conf" %}

# Maximum number of times to retry a Swift request, before
# failing. (integer value)
#swift_max_retries = 2