openstack/kolla-ansible
Code Issues Proposed changes
c5d314d979
kolla-ansible/ansible/roles/neutron/templates/neutron.conf.j2
Matt Crees 09df6fc1aa Add a flag to handle RabbitMQ high availability 
A combination of durable queues and classic queue mirroring can be used
to provide high availability of RabbitMQ. However, these options should
only be used together, otherwise the system will become unstable. Using
the flag ``om_enable_rabbitmq_high_availability`` will either enable
both options at once, or neither of them.

There are some queues that should not be mirrored:
* ``reply`` queues (these have a single consumer and TTL policy)
* ``fanout`` queues (these have a TTL policy)
* ``amq`` queues (these are auto-delete queues, with a single consumer)
An exclusionary pattern is used in the classic mirroring policy. This
pattern is ``^(?!(amq\\.)|(.*_fanout_)|(reply_)).*``

Change-Id: I51c8023b260eb40b2eaa91bd276b46890c215c25
2023-01-13 15:40:08 +00:00

222 lines
6.9 KiB
Django/Jinja
Raw Blame History

# neutron.conf
[DEFAULT]
debug = {{ neutron_logging_debug }}
log_dir = /var/log/kolla/neutron
# NOTE(elemoine): set use_stderr to False or the logs will also be sent to
# stderr and collected by Docker
use_stderr = False
{% if neutron_enable_tls_backend | bool %}
bind_host = 127.0.0.1
{% else %}
bind_host = {{ api_interface_address }}
{% endif %}
bind_port = {{ neutron_server_listen_port }}
api_paste_config = /etc/neutron/api-paste.ini
api_workers = {{ neutron_api_workers }}
rpc_workers = {{ openstack_service_rpc_workers }}
rpc_state_report_workers = {{ openstack_service_rpc_workers }}
# NOTE(SamYaple): We must specify this value here rather than the metadata conf
# because it is used by the l3 and dhcp agents. The reason the path has 'kolla'
# in it is because we are sharing this socket in a volume which is it's own dir
metadata_proxy_socket = /var/lib/neutron/kolla/metadata_proxy
{% if neutron_plugin_agent == "openvswitch" or (neutron_plugin_agent == "ovn" and neutron_ovn_dhcp_agent | bool) %}
interface_driver = openvswitch
{% elif neutron_plugin_agent == "linuxbridge" %}
interface_driver = linuxbridge
{% endif %}
{% if enable_nova_fake | bool %}
ovs_integration_bridge = br-int-{{ item }}
host = {{ ansible_facts.hostname }}_{{ item }}
{% endif %}
{% if neutron_plugin_agent == 'vmware_nsxv' %}
core_plugin = vmware_nsx.plugin.NsxVPlugin
{% elif neutron_plugin_agent == 'vmware_nsxv3' %}
core_plugin = vmware_nsx.plugin.NsxV3Plugin
dhcp_agent_notification = False
{% elif neutron_plugin_agent == 'vmware_nsxp' %}
core_plugin = vmware_nsx.plugin.NsxPolicyPlugin
dhcp_agent_notification = False
{% elif neutron_plugin_agent == 'vmware_dvs' %}
core_plugin = vmware_nsx.plugin.NsxDvsPlugin
{% else %}
core_plugin = ml2
service_plugins = {{ neutron_service_plugins|map(attribute='name')|join(',') }}
{% endif %}
{% if enable_neutron_agent_ha | bool %}
dhcp_agents_per_network = {{ dhcp_agents_per_network }}
l3_ha = true
max_l3_agents_per_router = {{ max_l3_agents_per_router }}
{% endif %}
transport_url = {{ rpc_transport_url }}
{% if enable_neutron_dvr | bool %}
router_distributed = True
{% endif %}
{% if enable_designate | bool %}
{% if designate_ns_record is string %}
dns_domain = {{ designate_ns_record }}.
{% endif %}
external_dns_driver = designate
{% if neutron_plugin_agent == 'vmware_nsxv' %}
nsx_extension_drivers = vmware_nsxv_dns
{% elif neutron_plugin_agent == 'vmware_nsxv3' %}
nsx_extension_drivers = vmware_nsxv3_dns
{% elif neutron_plugin_agent == 'vmware_nsxp' %}
nsx_extension_drivers = vmware_nsxp_dns
{% elif neutron_plugin_agent == 'vmware_dvs' %}
nsx_extension_drivers = vmware_dvs_dns
{% endif %}
{% endif %}
ipam_driver = {{ neutron_ipam_driver }}
[nova]
auth_url = {{ keystone_internal_url }}
auth_type = password
project_domain_id = {{ default_project_domain_id }}
user_domain_id = {{ default_user_domain_id }}
region_name = {{ openstack_region_name }}
project_name = service
username = {{ nova_keystone_user }}
password = {{ nova_keystone_password }}
endpoint_type = internal
cafile = {{ openstack_cacert }}
[oslo_middleware]
enable_proxy_headers_parsing = True
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
[agent]
root_helper = sudo neutron-rootwrap /etc/neutron/rootwrap.conf
[database]
connection = mysql+pymysql://{{ neutron_database_user }}:{{ neutron_database_password }}@{{ neutron_database_address }}/{{ neutron_database_name }}
connection_recycle_time = {{ database_connection_recycle_time }}
max_pool_size = {{ database_max_pool_size }}
max_retries = -1
[keystone_authtoken]
service_type = network
www_authenticate_uri = {{ keystone_internal_url }}
auth_url = {{ keystone_internal_url }}
auth_type = password
project_domain_id = {{ default_project_domain_id }}
user_domain_id = {{ default_user_domain_id }}
project_name = service
username = {{ neutron_keystone_user }}
password = {{ neutron_keystone_password }}
cafile = {{ openstack_cacert }}
region_name = {{ openstack_region_name }}
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcache_secret_key }}
memcached_servers = {% for host in groups['memcached'] %}{{ 'api' | kolla_address(host) | put_address_in_context('memcache') }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
[oslo_messaging_notifications]
transport_url = {{ notify_transport_url }}
{% if neutron_enabled_notification_topics %}
driver = messagingv2
topics = {{ neutron_enabled_notification_topics | map(attribute='name') | join(',') }}
{% else %}
driver = noop
{% endif %}
[oslo_messaging_rabbit]
heartbeat_in_pthread = false
{% if om_enable_rabbitmq_tls | bool %}
ssl = true
ssl_ca_file = {{ om_rabbitmq_cacert }}
{% endif %}
{% if om_enable_rabbitmq_high_availability | bool %}
amqp_durable_queues = true
{% endif %}
{% if neutron_policy_file is defined %}
[oslo_policy]
policy_file = {{ neutron_policy_file }}
{% endif %}
{% if enable_neutron_sfc | bool %}
[sfc]
drivers = ovs
[flowclassifier]
drivers = ovs
{% endif %}
{% if enable_designate | bool %}
[designate]
url = {{ designate_internal_endpoint }}/v2
auth_uri = {{ keystone_internal_url }}
auth_url = {{ keystone_internal_url }}
auth_type = password
project_domain_id = {{ default_project_domain_id }}
user_domain_id = {{ default_user_domain_id }}
project_name = service
username = {{ designate_keystone_user }}
password = {{ designate_keystone_password }}
allow_reverse_dns_lookup = True
ipv4_ptr_zone_prefix_size = 24
ipv6_ptr_zone_prefix_size = 116
cafile = {{ openstack_cacert }}
region_name = {{ openstack_region_name }}
{% endif %}
{% if enable_osprofiler | bool %}
[profiler]
enabled = true
trace_sqlalchemy = true
hmac_keys = {{ osprofiler_secret }}
connection_string = {{ osprofiler_backend_connection_string }}
{% endif %}
[placement]
auth_type = password
auth_url = {{ keystone_internal_url }}
username = {{ placement_keystone_user }}
password = {{ placement_keystone_password }}
user_domain_name = {{ default_user_domain_name }}
project_name = service
project_domain_name = {{ default_project_domain_name }}
endpoint_type = internal
cafile = {{ openstack_cacert }}
region_name = {{ openstack_region_name }}
[privsep]
helper_command=sudo neutron-rootwrap /etc/neutron/rootwrap.conf privsep-helper
{% if enable_neutron_infoblox_ipam_agent | bool %}
[infoblox]
keystone_admin_project_domain_id = {{ default_project_domain_id }}
keystone_admin_user_domain_id = {{ default_user_domain_id }}
keystone_admin_project_name = service
keystone_admin_username = {{ neutron_keystone_user }}
keystone_admin_password = {{ neutron_keystone_password }}
keystone_auth_uri = {{ keystone_internal_url }}
keystone_auth_version = v3
cloud_data_center_id = {{ infoblox_cloud_data_center_id }}
[infoblox-dc:{{ infoblox_cloud_data_center_id }}]
grid_master_host = {{ infoblox_grid_master_host }}
grid_master_name = {{ infoblox_grid_master_name }}
admin_user_name = {{ infoblox_admin_user_name }}
admin_password = {{ infoblox_admin_password }}
wapi_version = {{ infoblox_wapi_version }}
wapi_max_results = {{ infoblox_wapi_max_results }}
{% endif %}
View Git Blame Copy Permalink