Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / nova / ae4e93cd67d894576b89ca2d1c2c59da5b8cb4de / . / nova / files / mitaka / nova-controller.conf.Debian
blob: 2ed73c44041d6dd0e040e0b2dbb52c9ade411675 [file] [log] [blame]
{%- from "nova/map.jinja" import controller with context %}
[DEFAULT]
verbose = True
log-dir = /var/log/nova
{%- if controller.debug %}
debug = True
{%- else %}
debug = False
{%- endif %}
{%- if controller.logging.log_appender %}
log_config_append=/etc/nova/logging.conf
{%- endif %}
state_path = /var/lib/nova
volumes_dir = /etc/nova/volumes
dhcpbridge = /usr/bin/nova-dhcpbridge
dhcpbridge_flagfile = /etc/nova/nova.conf
force_dhcp_release = True
injected_network_template = /usr/share/nova/interfaces.template
libvirt_nonblocking = True
vif_plugging_is_fatal = False
vif_plugging_timeout = 0
cpu_allocation_ratio = {{ controller.cpu_allocation_ratio }}
ram_allocation_ratio = {{ controller.ram_allocation_ratio }}
disk_allocation_ratio = {{ controller.disk_allocation_ratio }}
scheduler_default_filters = {{ controller.scheduler_default_filters }}
scheduler_available_filters = nova.scheduler.filters.all_filters
scheduler_available_filters = nova.scheduler.filters.pci_passthrough_filter.PciPassthroughFilter
{% for filter in controller.get('scheduler_custom_filters', []) %}
scheduler_available_filters = {{ filter }}
{% endfor %}
scheduler_driver = filter_scheduler
allow_resize_to_same_host = True
osapi_max_limit = {{ controller.osapi_max_limit|default('1000') }}
service_down_time = {{ controller.service_down_time|default('180') }}
iscsi_helper=tgtadm
connection_type=libvirt
root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf
api_paste_config=/etc/nova/api-paste.ini
compute_driver = nova.virt.libvirt.LibvirtDriver
rootwrap_config = /etc/nova/rootwrap.conf
auth_strategy = keystone
firewall_driver=nova.virt.firewall.NoopFirewallDriver
enabled_apis = osapi_compute,metadata
my_ip={{ controller.bind.private_address }}
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
rpc_backend = rabbit
osapi_volume_listen={{ controller.bind.private_address }}
osapi_compute_listen={{ controller.bind.private_address }}
metadata_listen={{ controller.bind.private_address }}
glance_host = {{ controller.glance.host }}
osapi_compute_workers = {{ controller.workers }}
metadata_workers = {{ controller.workers }}
allow_resize_to_same_host=True
rpc_cast_timeout = 30
rpc_response_timeout = 3600
rpc_thread_pool_size = 70
report_interval = 5
block_device_allocate_retries=600
block_device_allocate_retries_interval=10
[vnc]
enabled = true
novncproxy_host = {{ controller.bind.get('novncproxy_address', '0.0.0.0') }}
novncproxy_base_url = {{ controller.vncproxy_url }}/vnc_auto.html
novncproxy_port={{ controller.bind.get('vncproxy_port', '6080') }}
{%- if pillar.nova.compute is defined %}
vncserver_listen={{ controller.bind.private_address }}
vncserver_proxyclient_address={{ controller.bind.private_address }}
{%- else %}
vncserver_listen={{ controller.bind.get('novncproxy_address', '0.0.0.0') }}
{%- endif %}
[spice]
enabled = false
html5proxy_base_url = {{ controller.vncproxy_url }}/spice_auto.html
[libvirt]
inject_partition = -1
use_usb_tablet = True
cpu_mode = host-passthrough
virt_type = kvm
use_virtio_for_bridges = True
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[oslo_messaging_notifications]
{%- if controller.notification is mapping %}
driver = {{ controller.notification.get('driver', 'messagingv2') }}
{%- if controller.notification.topics is defined %}
topics = {{ controller.notification.topics }}
{%- endif %}
{%- elif controller.notification %}
driver=messagingv2
{%- endif %}
{%- set rabbit_port = controller.message_queue.get('port', 5671 if controller.message_queue.get('ssl',{}).get('enabled', False) else 5672) %}
[oslo_messaging_rabbit]
{%- if controller.message_queue.members is defined %}
rabbit_hosts = {% for member in controller.message_queue.members -%}
{{ member.host }}:{{ member.get('port', rabbit_port) }}
{%- if not loop.last -%},{%- endif -%}
{%- endfor -%}
{%- else %}
rabbit_host = {{ controller.message_queue.host }}
rabbit_port = {{ rabbit_port }}
{%- endif %}
rabbit_userid = {{ controller.message_queue.user }}
rabbit_password = {{ controller.message_queue.password }}
rabbit_virtual_host = {{ controller.message_queue.virtual_host }}
rabbit_retry_interval = 1
rabbit_retry_backoff = 2
rpc_conn_pool_size = 300
{# rabbitmq ssl configuration #}
{%- if controller.message_queue.get('ssl',{}).get('enabled', False) %}
[oslo_messaging_rabbit]
rabbit_use_ssl=true
{%- if controller.message_queue.ssl.version is defined %}
kombu_ssl_version = {{ controller.message_queue.ssl.version }}
{%- elif salt['grains.get']('pythonversion') > [2,7,8] %}
kombu_ssl_version = TLSv1_2
{%- endif %}
kombu_ssl_ca_certs = {{ controller.message_queue.ssl.get('cacert_file', controller.cacert_file) }}
{%- endif %}
[cache]
{%- if controller.cache is defined %}
enabled = true
backend = oslo_cache.memcache_pool
memcache_servers={%- for member in controller.cache.members %}{{ member.host }}:11211{% if not loop.last %},{% endif %}{%- endfor %}
{%- endif %}
[keystone_authtoken]
revocation_cache_time = 10
signing_dir=/tmp/keystone-signing-nova
auth_type = password
user_domain_id = {{ controller.identity.get('domain', 'default') }}
project_domain_id = {{ controller.identity.get('domain', 'default') }}
project_name = {{ controller.identity.tenant }}
username = {{ controller.identity.user }}
password = {{ controller.identity.password }}
auth_uri=http://{{ controller.identity.host }}:5000
auth_url=http://{{ controller.identity.host }}:35357
{%- if controller.cache is defined %}
memcached_servers={%- for member in controller.cache.members %}{{ member.host }}:11211{% if not loop.last %},{% endif %}{%- endfor %}
{%- endif %}
[conductor]
workers = {{ controller.workers }}
[database]
idle_timeout = 180
min_pool_size = 100
max_pool_size = 700
max_overflow = 100
retry_interval = 5
max_retries = -1
db_max_retries = 3
db_retry_interval = 1
connection_debug = 10
pool_timeout = 120
connection = {{ controller.database.engine }}+pymysql://{{ controller.database.user }}:{{ controller.database.password }}@{{ controller.database.host }}/{{ controller.database.name }}{%- if controller.database.get('ssl',{}).get('enabled',False) %}?ssl_ca={{ controller.database.ssl.get('cacert_file', conroller.cacert_file) }}{% endif %}
[api_database]
idle_timeout = 180
min_pool_size = 100
max_pool_size = 700
max_overflow = 100
retry_interval = 5
max_retries = -1
db_max_retries = 3
db_retry_interval = 1
connection_debug = 10
pool_timeout = 120
connection = {{ controller.database.engine }}+pymysql://{{ controller.database.user }}:{{ controller.database.password }}@{{ controller.database.host }}/{{ controller.database.name }}_api{%- if controller.database.get('ssl',{}).get('enabled',False) %}?ssl_ca={{ controller.database.ssl.get('cacert_file', controller.cacert_file) }}{% endif %}
[glance]
host = {{ controller.glance.host }}
[neutron]
auth_type = password
project_domain_name = default
user_domain_name = default
auth_url = http://{{ controller.identity.host }}:35357
{% if pillar.neutron is defined and pillar.neutron.server is defined %}
password={{ pillar.neutron.server.identity.password }}
project_name={{ pillar.neutron.server.identity.tenant }}
username={{ pillar.neutron.server.identity.user }}
region_name= {{ pillar.neutron.server.identity.region }}
{%- else %}
password={{ controller.network.password }}
project_name={{ controller.network.tenant }}
username={{ controller.network.user }}
region_name= {{ controller.network.region }}
{%- endif %}
url=http://{{ controller.network.host }}:{{ controller.network.port }}
{%- if controller.get('networking', 'default') != "contrail" %}
metadata_proxy_shared_secret={{ controller.metadata.password }}
{%- endif %}
service_metadata_proxy=True
[cinder]
os_region_name = {{ controller.identity.region }}
catalog_info=volumev2:cinderv2:internalURL
{%- if controller.cross_az_attach is defined %}
cross_az_attach={{ controller.cross_az_attach }}
{%- endif %}
[vnc]
keymap = {{ controller.get('vnc_keymap', 'en-us') }}
[cors]
#
# From oslo.middleware
#
# Indicate whether this resource may be shared with the domain received in the
# requests "origin" header. (list value)
#allowed_origin = <None>
{% if controller.cors.allowed_origin is defined %}
allowed_origin = {{ controller.cors.allowed_origin }}
{% endif %}
# Indicate that the actual request can include user credentials (boolean value)
#allow_credentials = true
{% if controller.cors.allow_credentials is defined %}
allow_credentials = {{ controller.cors.allow_credentials }}
{% endif %}
# Indicate which headers are safe to expose to the API. Defaults to HTTP Simple
# Headers. (list value)
#expose_headers = X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token
{% if controller.cors.expose_headers is defined %}
expose_headers = {{ controller.cors.expose_headers }}
{% endif %}
# Maximum cache age of CORS preflight requests. (integer value)
#max_age = 3600
{% if controller.cors.max_age is defined %}
max_age = {{ controller.cors.max_age }}
{% endif %}
# Indicate which methods can be used during the actual request. (list value)
#allow_methods = GET,PUT,POST,DELETE,PATCH
{% if controller.cors.allow_methods is defined %}
allow_methods = {{ controller.cors.allow_methods }}
{% endif %}
# Indicate which header field names may be used during the actual request.
# (list value)
#allow_headers = X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token,X-Project-Id,X-Project-Name,X-Project-Domain-Id,X-Project-Domain-Name,X-Domain-Id,X-Domain-Name
{% if controller.cors.allow_headers is defined %}
allow_headers = {{ controller.cors.allow_headers }}
{% endif %}
{%- if controller.upgrade_levels is defined %}
[upgrade_levels]
{%- for key, value in controller.upgrade_levels.iteritems() %}
{{ key }}={{ value }}
{%- endfor %}
{%- endif %}