openstack/kolla-ansible
Code Issues Proposed changes
9fffc7bc52
kolla-ansible/ansible/roles/nova-cell/defaults/main.yml
Mark Goddard ade5bfa302 Use ansible_facts to reference facts 
By default, Ansible injects a variable for every fact, prefixed with
ansible_. This can result in a large number of variables for each host,
which at scale can incur a performance penalty. Ansible provides a
configuration option [0] that can be set to False to prevent this
injection of facts. In this case, facts should be referenced via
ansible_facts.<fact>.

This change updates all references to Ansible facts within Kolla Ansible
from using individual fact variables to using the items in the
ansible_facts dictionary. This allows users to disable fact variable
injection in their Ansible configuration, which may provide some
performance improvement.

This change disables fact variable injection in the ansible
configuration used in CI, to catch any attempts to use the injected
variables.

[0] https://docs.ansible.com/ansible/latest/reference_appendices/config.html#inject-facts-as-vars

Change-Id: I7e9d5c9b8b9164d4aee3abb4e37c8f28d98ff5d1
Partially-Implements: blueprint performance-improvements
2021-06-23 10:38:06 +01:00

529 lines
28 KiB
YAML
Raw Blame History

---
project_name: "nova"
nova_cell_services:
nova-libvirt:
container_name: nova_libvirt
group: "{{ nova_cell_compute_group }}"
enabled: "{{ nova_compute_virt_type in ['kvm', 'qemu'] }}"
image: "{{ nova_libvirt_image_full }}"
pid_mode: "host"
cgroupns_mode: "host"
privileged: True
volumes: "{{ nova_libvirt_default_volumes + nova_libvirt_extra_volumes }}"
dimensions: "{{ nova_libvirt_dimensions }}"
healthcheck: "{{ nova_libvirt_healthcheck }}"
nova-ssh:
container_name: "nova_ssh"
group: "{{ nova_cell_compute_group }}"
image: "{{ nova_ssh_image_full }}"
enabled: "{{ enable_nova_ssh | bool }}"
volumes: "{{ nova_ssh_default_volumes + nova_ssh_extra_volumes }}"
dimensions: "{{ nova_ssh_dimensions }}"
healthcheck: "{{ nova_ssh_healthcheck }}"
nova-novncproxy:
container_name: "nova_novncproxy"
group: "{{ nova_cell_novncproxy_group }}"
image: "{{ nova_novncproxy_image_full }}"
enabled: "{{ nova_console == 'novnc' }}"
volumes: "{{ nova_novncproxy_default_volumes + nova_novncproxy_extra_volumes }}"
dimensions: "{{ nova_novncproxy_dimensions }}"
healthcheck: "{{ nova_novncproxy_healthcheck }}"
nova-spicehtml5proxy:
container_name: "nova_spicehtml5proxy"
group: "{{ nova_cell_spicehtml5proxy_group }}"
image: "{{ nova_spicehtml5proxy_image_full }}"
enabled: "{{ nova_console == 'spice' }}"
volumes: "{{ nova_spicehtml5proxy_default_volumes + nova_spicehtml5proxy_extra_volumes }}"
dimensions: "{{ nova_spicehtml5proxy_dimensions }}"
nova-serialproxy:
container_name: "nova_serialproxy"
group: "{{ nova_cell_serialproxy_group }}"
image: "{{ nova_serialproxy_image_full }}"
enabled: "{{ enable_nova_serialconsole_proxy | bool }}"
volumes: "{{ nova_serialproxy_default_volumes + nova_serialproxy_extra_volumes }}"
dimensions: "{{ nova_serialproxy_dimensions }}"
nova-conductor:
container_name: "nova_conductor"
group: "{{ nova_cell_conductor_group }}"
enabled: True
image: "{{ nova_conductor_image_full }}"
volumes: "{{ nova_conductor_default_volumes + nova_conductor_extra_volumes }}"
dimensions: "{{ nova_conductor_dimensions }}"
healthcheck: "{{ nova_conductor_healthcheck }}"
nova-compute:
container_name: "nova_compute"
group: "{{ nova_cell_compute_group }}"
image: "{{ nova_compute_image_full }}"
environment:
LIBGUESTFS_BACKEND: "direct"
privileged: True
enabled: "{{ not enable_nova_fake | bool }}"
ipc_mode: "host"
volumes: "{{ nova_compute_default_volumes + nova_compute_extra_volumes }}"
dimensions: "{{ nova_compute_dimensions }}"
healthcheck: "{{ nova_compute_healthcheck }}"
nova-compute-ironic:
container_name: "nova_compute_ironic"
group: "{{ nova_cell_compute_ironic_group }}"
image: "{{ nova_compute_ironic_image_full }}"
enabled: "{{ enable_ironic | bool and nova_cell_name == nova_cell_ironic_cell_name }}"
volumes: "{{ nova_compute_ironic_default_volumes + nova_compute_ironic_extra_volumes }}"
dimensions: "{{ nova_compute_ironic_dimensions }}"
healthcheck: "{{ nova_compute_ironic_healthcheck }}"
####################
# Ceph options
####################
# Discard option for nova managed disks. Requires libvirt (1, 0, 6) or later and
# qemu (1, 6, 0) or later. Set to "" to disable.
nova_hw_disk_discard: "unmap"
####################
# Cells Options
####################
# Name of the cell. For backwards compatibility this defaults to an empty name,
# since the cell created by kolla-ansible prior to the Train release had no
# name.
nova_cell_name: ''
# Name of the cell in which nova-compute-ironic will be deployed. For backwards
# compatibility this defaults to an empty name, since the cell created by
# kolla-ansible prior to the Train release had no name.
nova_cell_ironic_cell_name: ''
# Name of the Ansible group containing compute hosts. For backwards
# compatibility this is 'compute'. For a multi-cell deployment, this should be
# set to the name of a group containing only the compute hosts in this cell.
# Note that all compute hosts should also be in the 'compute' group.
nova_cell_compute_group: 'compute'
# Name of the Ansible group containing nova-compute-ironic hosts. For backwards
# compatibility this is 'nova-compute-ironic'. For a multi-cell deployment,
# this should be set to the name of a group containing only the compute hosts #
# in this cell. Note that all nova-compute-ironic hosts should also be in the
# 'nova-compute-ironic' group.
nova_cell_compute_ironic_group: 'nova-compute-ironic'
# Name of the Ansible group containing nova-conductor hosts. For backwards
# compatibility this is 'nova-conductor'. For a multi-cell deployment, this
# should be set to the name of a group containing only the nova-conductor hosts
# in this cell. Note that all nova-conductor hosts should also be in the
# 'nova-conductor' group.
nova_cell_conductor_group: 'nova-conductor'
# Name of the Ansible group containing nova-novncproxy hosts. For backwards
# compatibility this is 'nova-novncproxy'. For a multi-cell deployment, this
# should be set to the name of a group containing only the nova-novncproxy
# hosts in this cell. Note that all nova-novncproxy hosts should also be in
# the 'nova-novncproxy' group.
nova_cell_novncproxy_group: 'nova-novncproxy'
# Name of the Ansible group containing nova-spicehtml5proxy hosts. For
# backwards compatibility this is 'nova-spicehtml5proxy'. For a multi-cell
# deployment, this should be set to the name of a group containing only the
# nova-spicehtml5proxy hosts in this cell. Note that all nova-spicehtml5proxy
# hosts should also be in the 'nova-spicehtml5proxy' group.
nova_cell_spicehtml5proxy_group: 'nova-spicehtml5proxy'
# Name of the Ansible group containing nova-serialproxy hosts. For backwards
# compatibility this is 'nova-serialproxy'. For a multi-cell deployment, this
# should be set to the name of a group containing only the nova-serialproxy
# hosts in this cell. Note that all nova-serialproxy hosts should also be in
# the 'nova-serialproxy' group.
nova_cell_serialproxy_group: 'nova-serialproxy'
####################
# Database
####################
nova_cell_database_admin_user: "{{ database_user }}"
nova_cell_database_admin_password: "{{ database_password }}"
nova_cell_database_name: "{{ 'nova_' ~ nova_cell_name if nova_cell_name else 'nova' }}"
nova_cell_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}nova{% endif %}"
nova_cell_database_password: '{{ nova_database_password }}'
nova_cell_database_address: "{% if nova_cell_database_group is defined %}{{ 'api' | kolla_address(groups[nova_cell_database_group][0]) }}{% else %}{{ database_address }}{% endif %}"
nova_cell_database_port: '{{ database_port }}'
# Ideally, the cell conductors would not have access to the API database.
# However, certain features require it (see
# https://docs.openstack.org/nova/latest/user/cellsv2-layout.html#operations-requiring-upcalls).
# Also, it is necessary for executing nova-manage cell_v2 create_cell.
nova_api_database_name: "nova_api"
nova_api_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}nova_api{% endif %}"
nova_api_database_address: "{{ database_address | put_address_in_context('url') }}:{{ database_port }}"
# Optional group for cell database. If this is not defined, then the top level database is used.
# nova_cell_database_group:
####################
# RabbitMQ
####################
# Internal rabbit users should set these
nova_cell_rpc_user: "{{ om_rpc_user }}"
nova_cell_rpc_password: "{{ om_rpc_password }}"
nova_cell_rpc_port: "{{ om_rpc_port }}"
nova_cell_rpc_group_name: "{{ om_rpc_group }}"
nova_cell_rpc_transport: "{{ om_rpc_transport }}"
nova_cell_rpc_vhost: "{{ 'nova_' ~ nova_cell_name if nova_cell_name else om_rpc_vhost }}"
nova_cell_rpc_tags:
- "administrator"
nova_cell_notify_user: "{{ nova_cell_rpc_user }}"
nova_cell_notify_password: "{{ nova_cell_rpc_password }}"
nova_cell_notify_port: "{{ nova_cell_rpc_port }}"
nova_cell_notify_group_name: "{{ nova_cell_rpc_group_name }}"
nova_cell_notify_transport: "{{ nova_cell_rpc_transport }}"
nova_cell_notify_vhost: "{{ nova_cell_rpc_vhost }}"
nova_cell_notify_tags: "{{ nova_cell_rpc_tags }}"
# External Rabbit users should override these
nova_cell_rpc_transport_url: "{{ nova_cell_rpc_transport }}://{% for host in groups[nova_cell_rpc_group_name] %}{{ nova_cell_rpc_user }}:{{ nova_cell_rpc_password }}@{{ 'api' | kolla_address(host) | put_address_in_context('url') }}:{{ nova_cell_rpc_port }}{% if not loop.last %},{% endif %}{% endfor %}/{{ nova_cell_rpc_vhost }}"
nova_cell_notify_transport_url: "{{ nova_cell_notify_transport }}://{% for host in groups[nova_cell_notify_group_name] %}{{ nova_cell_notify_user }}:{{ nova_cell_notify_password }}@{{ 'api' | kolla_address(host) | put_address_in_context('url') }}:{{ nova_cell_notify_port }}{% if not loop.last %},{% endif %}{% endfor %}/{{ nova_cell_notify_vhost }}"
# These vhosts and users will be created.
nova_cell_rpc_rabbitmq_users:
- user: "{{ nova_cell_rpc_user }}"
password: "{{ nova_cell_rpc_password }}"
vhost: "{{ nova_cell_rpc_vhost }}"
tags: "{{ nova_cell_rpc_tags }}"
nova_cell_notify_rabbitmq_users:
- user: "{{ nova_cell_notify_user }}"
password: "{{ nova_cell_notify_password }}"
vhost: "{{ nova_cell_notify_vhost }}"
tags: "{{ nova_cell_notify_tags }}"
####################
# Docker
####################
nova_install_type: "{{ kolla_install_type }}"
nova_tag: "{{ openstack_tag }}"
nova_libvirt_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ nova_install_type }}-nova-libvirt"
nova_libvirt_tag: "{{ nova_tag }}"
nova_libvirt_image_full: "{{ nova_libvirt_image }}:{{ nova_libvirt_tag }}"
nova_libvirt_cpu_mode: "{{ 'host-passthrough' if ansible_facts.architecture == 'aarch64' else '' }}"
nova_ssh_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ nova_install_type }}-nova-ssh"
nova_ssh_tag: "{{ nova_tag }}"
nova_ssh_image_full: "{{ nova_ssh_image }}:{{ nova_ssh_tag }}"
nova_novncproxy_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ nova_install_type }}-nova-novncproxy"
nova_novncproxy_tag: "{{ nova_tag }}"
nova_novncproxy_image_full: "{{ nova_novncproxy_image }}:{{ nova_novncproxy_tag }}"
nova_spicehtml5proxy_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ nova_install_type }}-nova-spicehtml5proxy"
nova_spicehtml5proxy_tag: "{{ nova_tag }}"
nova_spicehtml5proxy_image_full: "{{ nova_spicehtml5proxy_image }}:{{ nova_spicehtml5proxy_tag }}"
nova_serialproxy_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ nova_install_type }}-nova-serialproxy"
nova_serialproxy_tag: "{{ nova_tag }}"
nova_serialproxy_image_full: "{{ nova_serialproxy_image }}:{{ nova_serialproxy_tag }}"
nova_conductor_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ nova_install_type }}-nova-conductor"
nova_conductor_tag: "{{ nova_tag }}"
nova_conductor_image_full: "{{ nova_conductor_image }}:{{ nova_conductor_tag }}"
nova_compute_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ nova_install_type }}-nova-compute"
nova_compute_tag: "{{ nova_tag }}"
nova_compute_image_full: "{{ nova_compute_image }}:{{ nova_compute_tag }}"
nova_compute_ironic_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ nova_install_type }}-nova-compute-ironic"
nova_compute_ironic_tag: "{{ nova_tag }}"
nova_compute_ironic_image_full: "{{ nova_compute_ironic_image }}:{{ nova_compute_ironic_tag }}"
nova_libvirt_dimensions: "{{ default_container_dimensions }}"
nova_ssh_dimensions: "{{ default_container_dimensions }}"
nova_novncproxy_dimensions: "{{ default_container_dimensions }}"
nova_spicehtml5proxy_dimensions: "{{ default_container_dimensions }}"
nova_serialproxy_dimensions: "{{ default_container_dimensions }}"
nova_conductor_dimensions: "{{ default_container_dimensions }}"
nova_compute_dimensions: "{{ default_container_dimensions }}"
nova_compute_ironic_dimensions: "{{ default_container_dimensions }}"
nova_libvirt_enable_healthchecks: "{{ enable_container_healthchecks }}"
nova_libvirt_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
nova_libvirt_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
nova_libvirt_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
nova_libvirt_healthcheck_test: ["CMD-SHELL", "virsh version --daemon"]
nova_libvirt_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
nova_libvirt_healthcheck:
interval: "{{ nova_libvirt_healthcheck_interval }}"
retries: "{{ nova_libvirt_healthcheck_retries }}"
start_period: "{{ nova_libvirt_healthcheck_start_period }}"
test: "{% if nova_libvirt_enable_healthchecks | bool %}{{ nova_libvirt_healthcheck_test }}{% else %}NONE{% endif %}"
timeout: "{{ nova_libvirt_healthcheck_timeout }}"
nova_ssh_enable_healthchecks: "{{ enable_container_healthchecks }}"
nova_ssh_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
nova_ssh_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
nova_ssh_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
nova_ssh_healthcheck_test: ["CMD-SHELL", "healthcheck_listen sshd {{ nova_ssh_port }}"]
nova_ssh_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
nova_ssh_healthcheck:
interval: "{{ nova_ssh_healthcheck_interval }}"
retries: "{{ nova_ssh_healthcheck_retries }}"
start_period: "{{ nova_ssh_healthcheck_start_period }}"
test: "{% if nova_ssh_enable_healthchecks | bool %}{{ nova_ssh_healthcheck_test }}{% else %}NONE{% endif %}"
timeout: "{{ nova_ssh_healthcheck_timeout }}"
nova_novncproxy_enable_healthchecks: "{{ enable_container_healthchecks }}"
nova_novncproxy_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
nova_novncproxy_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
nova_novncproxy_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
nova_novncproxy_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ nova_novncproxy_listen_port }}/vnc_auto.html"]
nova_novncproxy_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
nova_novncproxy_healthcheck:
interval: "{{ nova_novncproxy_healthcheck_interval }}"
retries: "{{ nova_novncproxy_healthcheck_retries }}"
start_period: "{{ nova_novncproxy_healthcheck_start_period }}"
test: "{% if nova_novncproxy_enable_healthchecks | bool %}{{ nova_novncproxy_healthcheck_test }}{% else %}NONE{% endif %}"
timeout: "{{ nova_novncproxy_healthcheck_timeout }}"
nova_conductor_enable_healthchecks: "{{ enable_container_healthchecks }}"
nova_conductor_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
nova_conductor_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
nova_conductor_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
nova_conductor_healthcheck_test: ["CMD-SHELL", "healthcheck_port nova-conductor {{ om_rpc_port }}"]
nova_conductor_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
nova_conductor_healthcheck:
interval: "{{ nova_conductor_healthcheck_interval }}"
retries: "{{ nova_conductor_healthcheck_retries }}"
start_period: "{{ nova_conductor_healthcheck_start_period }}"
test: "{% if nova_conductor_enable_healthchecks | bool %}{{ nova_conductor_healthcheck_test }}{% else %}NONE{% endif %}"
timeout: "{{ nova_conductor_healthcheck_timeout }}"
nova_compute_enable_healthchecks: "{{ enable_container_healthchecks }}"
nova_compute_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
nova_compute_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
nova_compute_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
nova_compute_healthcheck_test: ["CMD-SHELL", "healthcheck_port nova-compute {{ om_rpc_port }}"]
nova_compute_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
nova_compute_healthcheck:
interval: "{{ nova_compute_healthcheck_interval }}"
retries: "{{ nova_compute_healthcheck_retries }}"
start_period: "{{ nova_compute_healthcheck_start_period }}"
test: "{% if nova_compute_enable_healthchecks | bool %}{{ nova_compute_healthcheck_test }}{% else %}NONE{% endif %}"
timeout: "{{ nova_compute_healthcheck_timeout }}"
nova_compute_ironic_enable_healthchecks: "{{ enable_container_healthchecks }}"
nova_compute_ironic_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
nova_compute_ironic_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
nova_compute_ironic_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
nova_compute_ironic_healthcheck_test: ["CMD-SHELL", "healthcheck_port nova-compute {{ om_rpc_port }}"]
nova_compute_ironic_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
nova_compute_ironic_healthcheck:
interval: "{{ nova_compute_ironic_healthcheck_interval }}"
retries: "{{ nova_compute_ironic_healthcheck_retries }}"
start_period: "{{ nova_compute_ironic_healthcheck_start_period }}"
test: "{% if nova_compute_ironic_enable_healthchecks | bool %}{{ nova_compute_ironic_healthcheck_test }}{% else %}NONE{% endif %}"
timeout: "{{ nova_compute_ironic_healthcheck_timeout }}"
nova_libvirt_default_volumes:
- "{{ node_config_directory }}/nova-libvirt/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
- "/lib/modules:/lib/modules:ro"
- "/run/:/run/:shared"
- "/dev:/dev"
- "kolla_logs:/var/log/kolla/"
- "libvirtd:/var/lib/libvirt"
- "{{ nova_instance_datadir_volume }}:/var/lib/nova/"
- "{% if enable_shared_var_lib_nova_mnt | bool %}/var/lib/nova/mnt:/var/lib/nova/mnt:shared{% endif %}"
- "nova_libvirt_qemu:/etc/libvirt/qemu"
- "nova_libvirt_secrets:/etc/libvirt/secrets"
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/nova' if nova_dev_mode | bool else '' }}"
nova_ssh_default_volumes:
- "{{ node_config_directory }}/nova-ssh/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
- "kolla_logs:/var/log/kolla"
- "{{ nova_instance_datadir_volume }}:/var/lib/nova"
- "{% if enable_shared_var_lib_nova_mnt | bool %}/var/lib/nova/mnt:/var/lib/nova/mnt:shared{% endif %}"
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/nova' if nova_dev_mode | bool else '' }}"
nova_novncproxy_default_volumes:
- "{{ node_config_directory }}/nova-novncproxy/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/nova' if nova_dev_mode | bool else '' }}"
nova_spicehtml5proxy_default_volumes:
- "{{ node_config_directory }}/nova-spicehtml5proxy/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/nova' if nova_dev_mode | bool else '' }}"
nova_serialproxy_default_volumes:
- "{{ node_config_directory }}/nova-serialproxy/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/nova' if nova_dev_mode | bool else '' }}"
nova_conductor_default_volumes:
- "{{ node_config_directory }}/nova-conductor/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/nova' if nova_dev_mode | bool else '' }}"
nova_compute_default_volumes:
- "{{ node_config_directory }}/nova-compute/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
- "/lib/modules:/lib/modules:ro"
- "/run:/run:shared"
- "/dev:/dev"
- "kolla_logs:/var/log/kolla/"
- "{% if enable_iscsid | bool %}iscsi_info:/etc/iscsi{% endif %}"
- "libvirtd:/var/lib/libvirt"
- "{{ nova_instance_datadir_volume }}:/var/lib/nova/"
- "{% if enable_shared_var_lib_nova_mnt | bool %}/var/lib/nova/mnt:/var/lib/nova/mnt:shared{% endif %}"
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/nova' if nova_dev_mode | bool else '' }}"
nova_compute_ironic_default_volumes:
- "{{ node_config_directory }}/nova-compute-ironic/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/nova' if nova_dev_mode | bool else '' }}"
# Used by bootstrapping containers.
nova_cell_bootstrap_default_volumes:
- "{{ node_config_directory }}/nova-cell-bootstrap/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/nova' if nova_dev_mode | bool else '' }}"
nova_extra_volumes: "{{ default_extra_volumes }}"
nova_libvirt_extra_volumes: "{{ nova_extra_volumes }}"
nova_ssh_extra_volumes: "{{ nova_extra_volumes }}"
nova_novncproxy_extra_volumes: "{{ nova_extra_volumes }}"
nova_spicehtml5proxy_extra_volumes: "{{ nova_extra_volumes }}"
nova_serialproxy_extra_volumes: "{{ nova_extra_volumes }}"
nova_conductor_extra_volumes: "{{ nova_extra_volumes }}"
nova_compute_extra_volumes: "{{ nova_extra_volumes }}"
nova_compute_ironic_extra_volumes: "{{ nova_extra_volumes }}"
# Used by bootstrapping containers.
nova_cell_bootstrap_extra_volumes: "{{ nova_extra_volumes }}"
####################
# HAProxy
####################
haproxy_nova_serialconsole_proxy_tunnel_timeout: "10m"
####################
# OpenStack
####################
nova_logging_debug: "{{ openstack_logging_debug }}"
nova_libvirt_logging_debug: "{{ nova_logging_debug }}"
openstack_nova_auth: "{{ openstack_auth }}"
# Set to KOLLA_SKIP to skip setting these (even if set already - total ignore).
# Set to KOLLA_UNSET to make Kolla unset these in the managed sysctl.conf file.
nova_compute_host_rp_filter_mode: 0
nova_safety_upgrade: "no"
nova_libvirt_port: "{{'16514' if libvirt_tls | bool else '16509'}}"
nova_ssh_port: "8022"
# NOTE(mgoddard): The order of this list defines the order in which services
# are restarted during an upgrade in reload.yml. Restarting the conductor
# first is recommended.
nova_cell_services_require_nova_conf:
- nova-conductor
- nova-compute
- nova-compute-ironic
- nova-novncproxy
- nova-serialproxy
- nova-spicehtml5proxy
# Ideally these services would not require access to policy files, but there
# is a place in compute where they are referenced:
# https://opendev.org/openstack/nova/src/commit/627c461a62ce722a4c95a44b181f40b8db198c2b/nova/network/neutronv2/api.py#L532
nova_cell_services_require_policy_json:
- nova-compute
- nova-compute-ironic
# After upgrading nova-compute, services will have an RPC version cap in place.
# We need to restart all services that communicate with nova-compute in order
# to allow them to use the latest RPC version. Ideally, there would be a way to
# check whether all nova services are using the latest version, but currently
# there is not. Instead, wait a short time for all nova compute services to
# update the version of their service in the database. This seems to take
# around 10 seconds, but the default is 30 to allow room for slowness.
nova_compute_startup_delay: 30
# By default, the cell conductor is configured with access to the API database.
# This is necessary for some features which require an 'upcall'. These are
# listed here:
# https://docs.openstack.org/nova/latest/user/cellsv2-layout.html#operations-requiring-upcalls.
# To disable access to the API database from cell conductors, set
# nova_cell_conductor_has_api_database to no.
nova_cell_conductor_has_api_database: "yes"
####################
# Notification
####################
nova_notification_topics:
- name: notifications
enabled: "{{ enable_ceilometer | bool or enable_neutron_infoblox_ipam_agent | bool }}"
- name: notifications_designate
enabled: "{{ enable_designate | bool }}"
- name: vitrage_notifications
enabled: "{{ enable_vitrage | bool }}"
nova_enabled_notification_topics: "{{ nova_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# VMware
####################
vmware_vcenter_datastore_regex: ".*"
ovs_bridge: "nsx-managed"
####################
# Libvirt/qemu
####################
# The number of max files qemu can open
qemu_max_files: 32768
# The number of max processes qemu can open
qemu_max_processes: 131072
# Use TLS for libvirt connections and live migration
libvirt_tls: false
# Should kolla-ansible manage/copy the certs. False, assumes the deployer is
# responsible for making the TLS certs show up in the config directories
# also means the deployer is responsible for restarting the nova_compute and
# nova_libvirt containers when the key changes, as we can't know when to do that
libvirt_tls_manage_certs: true
# When using tls we are verfiying the hostname we are connected to matches the
# libvirt cert we are presented. As such we can't use IP's here, but keep the
# ability for people to override the hostname to use.
migration_hostname: "{{ ansible_facts.nodename }}"
# NOTE(yoctozepto): Part of bug #1681461 fix.
# We can't get the id too effectively from the images so hardcoding here.
# It does not change that often (in fact, most likely never ever).
qemu_user_gid: 42427
####################
# Kolla
####################
nova_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
nova_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
nova_dev_mode: "{{ kolla_dev_mode }}"
nova_source_version: "{{ kolla_source_version }}"
###################################
# Enable Shared Bind Propogation
###################################
enable_shared_var_lib_nova_mnt: "{{ enable_cinder_backend_nfs | bool or enable_cinder_backend_quobyte | bool }}"
###################################
# PCI passthrough whitelist
###################################
nova_pci_passthrough_whitelist: "{{ enable_neutron_sriov | bool | ternary(neutron_sriov_physnet_mappings | dict2items(key_name='physical_network', value_name='devname'), []) }}"
View Git Blame Copy Permalink