# nova.conf [DEFAULT] debug = {{ nova_logging_debug }} log_dir = /var/log/kolla/nova state_path = /var/lib/nova osapi_compute_listen = {{ api_interface_address }} osapi_compute_listen_port = {{ nova_api_port }} osapi_compute_workers = {{ openstack_service_workers }} metadata_workers = {{ openstack_service_workers }} metadata_listen = {{ api_interface_address }} metadata_listen_port = {{ nova_metadata_port }} # NOTE(mgoddard): This option has been deprecated but RDO sets a different # default value for it in /usr/share/nova/nova-dist.conf which causes the # ironic virt driver to fail to load. See # https://bugs.launchpad.net/kolla-ansible/+bug/1701564. firewall_driver = nova.virt.firewall.NoopFirewallDriver allow_resize_to_same_host = true {% if service_name == "nova-compute-ironic" %} host={{ ansible_hostname }}-ironic log_file = /var/log/kolla/nova/nova-compute-ironic.log compute_driver = ironic.IronicDriver ram_allocation_ratio = 1.0 reserved_host_memory_mb = 0 {% elif enable_nova_fake | bool %} host = {{ ansible_hostname }}_{{ service_name }} compute_driver = fake.FakeDriver {% elif nova_compute_virt_type == 'vmware' %} compute_driver = vmwareapi.VMwareVCDriver {% else %} compute_driver = libvirt.LibvirtDriver {% endif %} # Though my_ip is not used directly, lots of other variables use $my_ip my_ip = {{ api_interface_address }} {% if enable_ceilometer | bool or enable_searchlight | bool or enable_designate | bool %} instance_usage_audit = True instance_usage_audit_period = hour {% if enable_watcher | bool %} compute_monitors=nova.compute.monitors.cpu.virt_driver {% endif %} {% endif %} transport_url = {{ rpc_transport_url }} [api] use_forwarded_for = true [conductor] workers = {{ openstack_service_workers }} {% if nova_console == 'novnc' %} [vnc] {% if service_name == "nova-compute-ironic" %} enabled = false {% else %} novncproxy_host = {{ api_interface_address }} novncproxy_port = {{ nova_novncproxy_port }} vncserver_listen = {{ api_interface_address }} vncserver_proxyclient_address = {{ api_interface_address }} {% if inventory_hostname in groups['compute'] %} novncproxy_base_url = {{ public_protocol }}://{{ kolla_external_fqdn }}:{{ nova_novncproxy_port }}/vnc_auto.html {% endif %} {% endif %} {% elif nova_console == 'spice' %} [vnc] # We have to turn off vnc to use spice enabled = false [spice] enabled = true server_listen = {{ api_interface_address }} server_proxyclient_address = {{ api_interface_address }} {% if inventory_hostname in groups['compute'] %} html5proxy_base_url = {{ public_protocol }}://{{ kolla_external_fqdn }}:{{ nova_spicehtml5proxy_port }}/spice_auto.html {% endif %} html5proxy_host = {{ api_interface_address }} html5proxy_port = {{ nova_spicehtml5proxy_port }} {% endif %} {% if enable_nova_serialconsole_proxy | bool %} [serial_console] enabled = true base_url = ws://{{ kolla_external_fqdn }}:{{ nova_serialproxy_port }}/ serialproxy_host = {{ api_interface_address }} serialproxy_port = {{ nova_serialproxy_port }} proxyclient_address = {{ api_interface_address }} {% endif %} {% if service_name == "nova-compute-ironic" %} [ironic] username = {{ ironic_keystone_user }} password = {{ ironic_keystone_password }} auth_url = {{ openstack_auth.auth_url }}/v3 auth_type = password project_name = service user_domain_name = {{ default_user_domain_name }} project_domain_name = {{ default_project_domain_name }} api_endpoint = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ ironic_api_port }}/v1 {% endif %} [oslo_concurrency] lock_path = /var/lib/nova/tmp [glance] api_servers = {{ internal_protocol }}://{{ kolla_internal_vip_address }}:{{ glance_api_port }} num_retries = {{ groups['glance-api'] | length }} {% if enable_cinder | bool %} [cinder] catalog_info = volumev3:cinderv3:internalURL os_region_name = {{ openstack_region_name }} {% endif %} [neutron] url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }} metadata_proxy_shared_secret = {{ metadata_secret }} service_metadata_proxy = true auth_url = {{ keystone_admin_url }} auth_type = password project_domain_name = {{ default_project_domain_name }} user_domain_id = {{ default_user_domain_id }} project_name = service username = {{ neutron_keystone_user }} password = {{ neutron_keystone_password }} [database] connection = mysql+pymysql://{{ nova_database_user }}:{{ nova_database_password }}@{{ nova_database_address }}/{{ nova_database_name }} max_pool_size = 50 max_overflow = 1000 max_retries = -1 [api_database] connection = mysql+pymysql://{{ nova_api_database_user }}:{{ nova_api_database_password }}@{{ nova_api_database_address }}/{{ nova_api_database_name }} max_retries = -1 [cache] backend = oslo_cache.memcache_pool enabled = True memcache_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} [keystone_authtoken] auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} auth_type = password project_domain_id = {{ default_project_domain_id }} user_domain_id = {{ default_user_domain_id }} project_name = service username = {{ nova_keystone_user }} password = {{ nova_keystone_password }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} {% if nova_compute_virt_type in ['kvm', 'qemu'] %} [libvirt] connection_uri = "qemu+tcp://{{ api_interface_address }}/system" {% if enable_ceph | bool and nova_backend == "rbd" %} images_type = rbd images_rbd_pool = {{ ceph_nova_pool_name }} images_rbd_ceph_conf = /etc/ceph/ceph.conf rbd_user = nova disk_cachemodes="network=writeback" {% if nova_hw_disk_discard != '' %} hw_disk_discard = {{ nova_hw_disk_discard }} {% endif %} {% endif %} {% if nova_backend == "rbd" and external_ceph_cephx_enabled | bool %} rbd_secret_uuid = {{ rbd_secret_uuid }} {% endif %} virt_type = {{ nova_compute_virt_type }} {% endif %} {% if nova_compute_virt_type == "vmware" %} [vmware] host_ip = {{ vmware_vcenter_host_ip }} host_username = {{ vmware_vcenter_host_username }} host_password = {{ vmware_vcenter_host_password }} cluster_name = {{ vmware_vcenter_cluster_name }} datastore_regex = {{ vmware_vcenter_datastore_regex }} insecure = {{ vmware_vcenter_insecure }} {% if not vmware_vcenter_insecure | bool %} ca_file = /etc/nova/vmware_ca {% endif %} {% endif %} [upgrade_levels] compute = auto [oslo_messaging_notifications] transport_url = {{ notify_transport_url }} {% if nova_enabled_notification_topics %} driver = messagingv2 topics = {{ nova_enabled_notification_topics | map(attribute='name') | join(',') }} {% else %} driver = noop {% endif %} [privsep_entrypoint] helper_command=sudo nova-rootwrap /etc/nova/rootwrap.conf privsep-helper --config-file /etc/nova/nova.conf [glance] debug = {{ nova_logging_debug }} [guestfs] debug = {{ nova_logging_debug }} [wsgi] api_paste_config = /etc/nova/api-paste.ini {% if kolla_enable_tls_external | bool %} secure_proxy_ssl_header = HTTP_X_FORWARDED_PROTO {% endif %} [scheduler] max_attempts = 10 discover_hosts_in_cells_interval = 60 {% if enable_ironic | bool %} host_manager = ironic_host_manager {% endif %} {% if enable_nova_fake | bool %} default_filters = RetryFilter,AvailabilityZoneFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter {% endif %} [placement] auth_type = password auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} username = {{ placement_keystone_user }} password = {{ placement_keystone_password }} user_domain_name = {{ default_user_domain_name }} project_name = service project_domain_name = {{ default_project_domain_name }} os_region_name = {{ openstack_region_name }} os_interface = internal [notifications] {% if enable_ceilometer | bool or enable_searchlight | bool or enable_designate | bool %} notify_on_state_change = vm_and_task_state {% endif %} {% if enable_osprofiler | bool %} [profiler] enabled = true trace_sqlalchemy = true hmac_keys = {{ osprofiler_secret }} {% if enable_elasticsearch | bool %} connection_string = elasticsearch://{{ elasticsearch_address }}:{{ elasticsearch_port }} {% endif %} {% endif %} {% if enable_barbican | bool %} [barbican] auth_endpoint = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} {% endif %}