# nova.conf [DEFAULT] debug = {{ nova_logging_debug }} log_dir = /var/log/kolla/nova {% if service_name == "nova-super-conductor" %} log_file = /var/log/kolla/nova/nova-super-conductor.log {% endif %} state_path = /var/lib/nova osapi_compute_listen = {{ api_interface_address }} osapi_compute_listen_port = {{ nova_api_listen_port }} osapi_compute_workers = {{ openstack_service_workers }} metadata_workers = {{ openstack_service_workers }} metadata_listen = {{ api_interface_address }} metadata_listen_port = {{ nova_metadata_listen_port }} allow_resize_to_same_host = true # Though my_ip is not used directly, lots of other variables use $my_ip my_ip = {{ api_interface_address }} {% if enable_ceilometer | bool or enable_searchlight | bool or enable_designate | bool %} instance_usage_audit = True instance_usage_audit_period = hour {% endif %} transport_url = {{ rpc_transport_url }} [filter_scheduler] {% if enable_blazar | bool %} available_filters = nova.scheduler.filters.all_filters available_filters = blazarnova.scheduler.filters.blazar_filter.BlazarFilter enabled_filters = AvailabilityZoneFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,BlazarFilter {% endif %} {% if enable_nova_fake | bool %} enabled_filters = AvailabilityZoneFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter {% endif %} {% if enable_cells | bool %} # When in superconductor mode, nova-compute can't send instance # info updates to the scheduler, so just disable it. track_instance_changes = False {% endif %} [api] use_forwarded_for = true # Super conductor [conductor] workers = {{ openstack_service_workers }} [oslo_middleware] enable_proxy_headers_parsing = True [oslo_concurrency] lock_path = /var/lib/nova/tmp [glance] api_servers = {{ internal_protocol }}://{{ glance_internal_fqdn | put_address_in_context('url') }}:{{ glance_api_port }} cafile = {{ openstack_cacert }} num_retries = {{ groups['glance-api'] | length }} debug = {{ nova_logging_debug }} {% if enable_cinder | bool %} [cinder] catalog_info = volumev3:cinderv3:internalURL os_region_name = {{ openstack_region_name }} auth_url = {{ keystone_admin_url }} auth_type = password project_domain_name = {{ default_project_domain_name }} user_domain_id = {{ default_user_domain_id }} project_name = service username = {{ cinder_keystone_user }} password = {{ cinder_keystone_password }} cafile = {{ openstack_cacert }} {% endif %} [neutron] metadata_proxy_shared_secret = {{ metadata_secret }} service_metadata_proxy = true {% if neutron_plugin_agent == 'vmware_nsxv3' %} ovs_bridge = {{ ovs_bridge }} {% endif %} auth_url = {{ keystone_admin_url }} auth_type = password project_domain_name = {{ default_project_domain_name }} user_domain_id = {{ default_user_domain_id }} project_name = service username = {{ neutron_keystone_user }} password = {{ neutron_keystone_password }} region_name = {{ openstack_region_name }} valid_interfaces = internal cafile = {{ openstack_cacert }} [database] connection = mysql+pymysql://{{ nova_cell0_database_user }}:{{ nova_cell0_database_password }}@{{ nova_cell0_database_address }}/{{ nova_cell0_database_name }} max_pool_size = 50 max_overflow = 1000 max_retries = -1 [api_database] connection = mysql+pymysql://{{ nova_api_database_user }}:{{ nova_api_database_password }}@{{ nova_api_database_address }}/{{ nova_api_database_name }} max_retries = -1 [cache] backend = oslo_cache.memcache_pool enabled = True memcache_servers = {% for host in groups['memcached'] %}{{ 'api' | kolla_address(host) | put_address_in_context('memcache') }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} [keystone_authtoken] www_authenticate_uri = {{ keystone_internal_url }} auth_url = {{ keystone_admin_url }} auth_type = password project_domain_id = {{ default_project_domain_id }} user_domain_id = {{ default_user_domain_id }} project_name = service username = {{ nova_keystone_user }} password = {{ nova_keystone_password }} cafile = {{ openstack_cacert }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} memcached_servers = {% for host in groups['memcached'] %}{{ 'api' | kolla_address(host) | put_address_in_context('memcache') }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} [upgrade_levels] compute = auto [oslo_messaging_notifications] transport_url = {{ notify_transport_url }} {% if nova_enabled_notification_topics %} driver = messagingv2 topics = {{ nova_enabled_notification_topics | map(attribute='name') | join(',') }} {% else %} driver = noop {% endif %} {% if service_name in nova_services_require_policy_json and nova_policy_file is defined %} [oslo_policy] policy_file = {{ nova_policy_file }} {% endif %} [privsep_entrypoint] helper_command=sudo nova-rootwrap /etc/nova/rootwrap.conf privsep-helper --config-file /etc/nova/nova.conf [guestfs] debug = {{ nova_logging_debug }} [wsgi] api_paste_config = /etc/nova/api-paste.ini {% if kolla_enable_tls_external | bool or kolla_enable_tls_internal | bool %} secure_proxy_ssl_header = HTTP_X_FORWARDED_PROTO {% endif %} [scheduler] max_attempts = 10 # NOTE(yoctozepto): kolla-ansible handles cell mapping by itself on each deploy # periodic run must be disabled to avoid random failures (where both try to map) # -1 is default and means periodic discovery is disabled discover_hosts_in_cells_interval = -1 workers = {{ openstack_service_workers }} [placement] auth_type = password auth_url = {{ keystone_admin_url }} username = {{ placement_keystone_user }} password = {{ placement_keystone_password }} user_domain_name = {{ default_user_domain_name }} project_name = service project_domain_name = {{ default_project_domain_name }} region_name = {{ openstack_region_name }} cafile = {{ openstack_cacert }} valid_interfaces = internal [notifications] {% if enable_ceilometer | bool or enable_searchlight | bool or enable_designate | bool or enable_neutron_infoblox_ipam_agent | bool %} notify_on_state_change = vm_and_task_state {% endif %} {% if not enable_searchlight | bool %} notification_format = unversioned {% else %} notification_format = both {% endif %} {% if enable_osprofiler | bool %} [profiler] enabled = true trace_sqlalchemy = true hmac_keys = {{ osprofiler_secret }} connection_string = {{ osprofiler_backend_connection_string }} {% endif %} {% if enable_barbican | bool %} [barbican] auth_endpoint = {{ keystone_internal_url }} barbican_endpoint_type = internal verify_ssl_path = {{ openstack_cacert }} {% endif %}