openstack/kolla-ansible
Code Issues Proposed changes
kolla-ansible/ansible/roles/neutron/templates/neutron.conf.j2
Mark Goddard ade5bfa302 Use ansible_facts to reference facts 
By default, Ansible injects a variable for every fact, prefixed with
ansible_. This can result in a large number of variables for each host,
which at scale can incur a performance penalty. Ansible provides a
configuration option [0] that can be set to False to prevent this
injection of facts. In this case, facts should be referenced via
ansible_facts.<fact>.

This change updates all references to Ansible facts within Kolla Ansible
from using individual fact variables to using the items in the
ansible_facts dictionary. This allows users to disable fact variable
injection in their Ansible configuration, which may provide some
performance improvement.

This change disables fact variable injection in the ansible
configuration used in CI, to catch any attempts to use the injected
variables.

[0] https://docs.ansible.com/ansible/latest/reference_appendices/config.html#inject-facts-as-vars

Change-Id: I7e9d5c9b8b9164d4aee3abb4e37c8f28d98ff5d1
Partially-Implements: blueprint performance-improvements
2021-06-23 10:38:06 +01:00

217 lines
6.7 KiB
Django/Jinja
Raw Blame History

# neutron.conf
[DEFAULT]
debug = {{ neutron_logging_debug }}
log_dir = /var/log/kolla/neutron
# NOTE(elemoine): set use_stderr to False or the logs will also be sent to
# stderr and collected by Docker
use_stderr = False
{% if neutron_enable_tls_backend | bool %}
bind_host = 127.0.0.1
{% else %}
bind_host = {{ api_interface_address }}
{% endif %}
bind_port = {{ neutron_server_listen_port }}
api_paste_config = /usr/share/neutron/api-paste.ini
api_workers = {{ openstack_service_workers }}
metadata_workers = {{ openstack_service_workers }}
rpc_workers = {{ openstack_service_rpc_workers }}
rpc_state_report_workers = {{ openstack_service_rpc_workers }}
# NOTE(SamYaple): We must specify this value here rather than the metadata conf
# because it is used by the l3 and dhcp agents. The reason the path has 'kolla'
# in it is because we are sharing this socket in a volume which is it's own dir
metadata_proxy_socket = /var/lib/neutron/kolla/metadata_proxy
{% if neutron_plugin_agent == "openvswitch" or (neutron_plugin_agent == "ovn" and neutron_ovn_dhcp_agent | bool) %}
interface_driver = openvswitch
{% elif neutron_plugin_agent == "linuxbridge" %}
interface_driver = linuxbridge
{% endif %}
{% if enable_nova_fake | bool %}
ovs_integration_bridge = br-int-{{ item }}
host = {{ ansible_facts.hostname }}_{{ item }}
{% endif %}
allow_overlapping_ips = true
{% if neutron_plugin_agent == 'vmware_nsxv' %}
core_plugin = vmware_nsx.plugin.NsxVPlugin
{% elif neutron_plugin_agent == 'vmware_nsxv3' %}
core_plugin = vmware_nsx.plugin.NsxV3Plugin
dhcp_agent_notification = False
{% elif neutron_plugin_agent == 'vmware_dvs' %}
core_plugin = vmware_nsx.plugin.NsxDvsPlugin
{% else %}
core_plugin = ml2
service_plugins = {{ neutron_service_plugins|map(attribute='name')|join(',') }}
{% endif %}
{% if enable_neutron_agent_ha | bool %}
dhcp_agents_per_network = {{ dhcp_agents_per_network }}
l3_ha = true
max_l3_agents_per_router = {{ max_l3_agents_per_router }}
{% endif %}
transport_url = {{ rpc_transport_url }}
{% if enable_neutron_dvr | bool %}
router_distributed = True
{% endif %}
{% if enable_designate | bool %}
dns_domain = {{ designate_ns_record }}.
external_dns_driver = designate
{% if neutron_plugin_agent == 'vmware_nsxv' %}
nsx_extension_drivers = vmware_nsxv_dns
{% elif neutron_plugin_agent == 'vmware_nsxv3' %}
nsx_extension_drivers = vmware_nsxv3_dns
{% elif neutron_plugin_agent == 'vmware_dvs' %}
nsx_extension_drivers = vmware_dvs_dns
{% endif %}
{% endif %}
ipam_driver = {{ neutron_ipam_driver }}
[nova]
auth_url = {{ keystone_admin_url }}
auth_type = password
project_domain_id = {{ default_project_domain_id }}
user_domain_id = {{ default_user_domain_id }}
region_name = {{ openstack_region_name }}
project_name = service
username = {{ nova_keystone_user }}
password = {{ nova_keystone_password }}
endpoint_type = internal
cafile = {{ openstack_cacert }}
[oslo_middleware]
enable_proxy_headers_parsing = True
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
[agent]
root_helper = sudo neutron-rootwrap /etc/neutron/rootwrap.conf
[database]
connection = mysql+pymysql://{{ neutron_database_user }}:{{ neutron_database_password }}@{{ neutron_database_address }}/{{ neutron_database_name }}
connection_recycle_time = {{ database_connection_recycle_time }}
max_pool_size = {{ database_max_pool_size }}
max_retries = -1
[keystone_authtoken]
www_authenticate_uri = {{ keystone_internal_url }}
auth_url = {{ keystone_admin_url }}
auth_type = password
project_domain_id = {{ default_project_domain_id }}
user_domain_id = {{ default_user_domain_id }}
project_name = service
username = {{ neutron_keystone_user }}
password = {{ neutron_keystone_password }}
cafile = {{ openstack_cacert }}
region_name = {{ openstack_region_name }}
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcache_secret_key }}
memcached_servers = {% for host in groups['memcached'] %}{{ 'api' | kolla_address(host) | put_address_in_context('memcache') }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
# Workaround for https://bugs.launchpad.net/keystonemiddleware/+bug/1883659
memcache_use_advanced_pool = True
[oslo_messaging_notifications]
transport_url = {{ notify_transport_url }}
{% if neutron_enabled_notification_topics %}
driver = messagingv2
topics = {{ neutron_enabled_notification_topics | map(attribute='name') | join(',') }}
{% else %}
driver = noop
{% endif %}
{% if om_enable_rabbitmq_tls | bool %}
[oslo_messaging_rabbit]
ssl = true
ssl_ca_file = {{ om_rabbitmq_cacert }}
{% endif %}
{% if neutron_policy_file is defined %}
[oslo_policy]
policy_file = {{ neutron_policy_file }}
{% endif %}
{% if enable_neutron_sfc | bool %}
[sfc]
drivers = ovs
[flowclassifier]
drivers = ovs
{% endif %}
{% if enable_designate | bool %}
[designate]
url = {{ designate_internal_endpoint }}/v2
auth_uri = {{ keystone_internal_url }}
auth_url = {{ keystone_admin_url }}
auth_type = password
project_domain_id = {{ default_project_domain_id }}
user_domain_id = {{ default_user_domain_id }}
project_name = service
username = {{ designate_keystone_user }}
password = {{ designate_keystone_password }}
allow_reverse_dns_lookup = True
ipv4_ptr_zone_prefix_size = 24
ipv6_ptr_zone_prefix_size = 116
cafile = {{ openstack_cacert }}
region_name = {{ openstack_region_name }}
{% endif %}
{% if enable_osprofiler | bool %}
[profiler]
enabled = true
trace_sqlalchemy = true
hmac_keys = {{ osprofiler_secret }}
connection_string = {{ osprofiler_backend_connection_string }}
{% endif %}
[placement]
auth_type = password
auth_url = {{ keystone_admin_url }}
username = {{ placement_keystone_user }}
password = {{ placement_keystone_password }}
user_domain_name = {{ default_user_domain_name }}
project_name = service
project_domain_name = {{ default_project_domain_name }}
os_region_name = {{ openstack_region_name }}
os_interface = internal
cafile = {{ openstack_cacert }}
region_name = {{ openstack_region_name }}
[privsep]
helper_command=sudo neutron-rootwrap /etc/neutron/rootwrap.conf privsep-helper
{% if enable_neutron_infoblox_ipam_agent | bool %}
[infoblox]
keystone_admin_project_domain_id = {{ default_project_domain_id }}
keystone_admin_user_domain_id = {{ default_user_domain_id }}
keystone_admin_project_name = service
keystone_admin_username = {{ neutron_keystone_user }}
keystone_admin_password = {{ neutron_keystone_password }}
keystone_auth_uri = {{ keystone_internal_url }}
keystone_auth_version = v3
cloud_data_center_id = {{ infoblox_cloud_data_center_id }}
[infoblox-dc:{{ infoblox_cloud_data_center_id }}]
grid_master_host = {{ infoblox_grid_master_host }}
grid_master_name = {{ infoblox_grid_master_name }}
admin_user_name = {{ infoblox_admin_user_name }}
admin_password = {{ infoblox_admin_password }}
wapi_version = {{ infoblox_wapi_version }}
wapi_max_results = {{ infoblox_wapi_max_results }}
{% endif %}
View Git Blame Copy Permalink