6c2b614533
neutron_plugin_loaded_base is only used in the template. This var probably shouldn't be used by any deployer, so we mask this variable from the defaults. Currently, we still keep this overridable behavior: neutron_plugin_loaded_base can still be overriden by a deployer, and we still rely on plugin_base if the deployer hasn't defined it. Change-Id: I8d7903dbb9a6f7d096eb3f840164b87c48eb5e4d
246 lines
8.4 KiB
Django/Jinja
246 lines
8.4 KiB
Django/Jinja
# {{ ansible_managed }}
|
|
{% set neutron_plugin_loaded_base = [] %}
|
|
|
|
{% for plugin in neutron_plugin_base %}
|
|
{% if plugin != 'dns' %}
|
|
{% set _ = neutron_plugin_loaded_base.append(plugin) %}
|
|
{% endif %}
|
|
{% endfor %}
|
|
|
|
{% if (neutron_lbaasv2|bool) and ('neutron_lbaas.services.loadbalancer.plugin.LoadBalancerPluginv2' not in neutron_plugin_base) %}
|
|
{% set _ = neutron_plugin_loaded_base.append("lbaasv2") %}
|
|
{%- endif -%}
|
|
|
|
# General, applies to all host groups
|
|
[DEFAULT]
|
|
# Disable stderr logging
|
|
use_stderr = False
|
|
debug = {{ debug }}
|
|
fatal_deprecations = {{ neutron_fatal_deprecations }}
|
|
log_file = /var/log/neutron/neutron.log
|
|
|
|
## Rpc all
|
|
executor_thread_pool_size = {{ neutron_rpc_thread_pool_size }}
|
|
rpc_response_timeout = {{ neutron_rpc_response_timeout }}
|
|
transport_url = rabbit://{% for host in neutron_rabbitmq_servers.split(',') %}{{ neutron_rabbitmq_userid }}:{{ neutron_rabbitmq_password }}@{{ host }}:{{ neutron_rabbitmq_port }}{% if not loop.last %},{% else %}/{{ neutron_rabbitmq_vhost }}{% endif %}{% endfor %}
|
|
|
|
# Domain to use for building hostnames
|
|
dns_domain = {{ neutron_dns_domain }}
|
|
|
|
{% if neutron_services['neutron-server']['group'] in group_names %}
|
|
|
|
# General, only applies to neutron server host group
|
|
allow_overlapping_ips = True
|
|
vlan_transparent = False
|
|
|
|
# Plugins
|
|
core_plugin = {{ neutron_plugin_core }}
|
|
{% if neutron_plugin_type.split('.')[0] == 'ml2' %}
|
|
service_plugins = {{ neutron_plugin_loaded_base | join(',') }}
|
|
{% endif %}
|
|
|
|
# MAC address generation for VIFs
|
|
base_mac = fa:16:3e:00:00:00
|
|
mac_generation_retries = 16
|
|
|
|
# Authentication method
|
|
auth_strategy = keystone
|
|
|
|
# Drivers
|
|
network_scheduler_driver = {{ neutron_driver_network_scheduler }}
|
|
router_scheduler_driver = {{ neutron_driver_router_scheduler }}
|
|
loadbalancer_pool_scheduler_driver = {{ neutron_driver_loadbalancer_pool_scheduler }}
|
|
|
|
# Schedulers
|
|
network_auto_schedule = True
|
|
router_auto_schedule = True
|
|
|
|
# Distributed virtual routing
|
|
router_distributed = {{ neutron_plugins[neutron_plugin_type].router_distributed | default('False') }}
|
|
|
|
# Agents
|
|
agent_down_time = {{ neutron_agent_down_time }}
|
|
|
|
{% set num_agent = groups[neutron_services['neutron-dhcp-agent']['group']] | length %}
|
|
{% if neutron_plugin_type.split('.')[0] == 'ml2' and num_agent >= 2 %}
|
|
{% if neutron_services['neutron-linuxbridge-agent']['service_en'] | bool or neutron_services['neutron-openvswitch-agent']['service_en'] | bool %}
|
|
|
|
{% set max_l3_router = num_agent if num_agent > 2 else 2 %}
|
|
|
|
# L3HA
|
|
l3_ha = True
|
|
l3_ha_net_cidr = {{ neutron_l3_ha_net_cidr }}
|
|
max_l3_agents_per_router = {{ max_l3_router }}
|
|
{% if neutron_provider_networks.network_mappings_list is defined %}
|
|
ha_network_type = {{ neutron_provider_networks.network_mappings_list[0].split(':')[0] }}
|
|
ha_network_physical_name = {{ neutron_provider_networks.network_mappings_list[0].split(':')[-1] }}
|
|
{% endif %}
|
|
|
|
{% endif %}
|
|
{% endif %}
|
|
|
|
# API
|
|
bind_port = 9696
|
|
bind_host = 0.0.0.0
|
|
|
|
# Workers
|
|
api_workers = {{ neutron_api_workers | default(neutron_api_threads) }}
|
|
rpc_workers = {{ neutron_rpc_workers }}
|
|
|
|
{% set dhcp_agents_max = num_agent if num_agent > 2 else 2 %}
|
|
# DHCP
|
|
{% if neutron_plugin_type == 'ml2.dragonflow' %}
|
|
# In dragonflow, DHCP is fully distributed, and DHCP agents are not used
|
|
dhcp_agent_notification = False
|
|
{% else %}
|
|
dhcp_agent_notification = True
|
|
dhcp_agents_per_network = {{ dhcp_agents_max }}
|
|
dhcp_lease_duration = 86400
|
|
{% endif %}
|
|
|
|
# Nova notifications
|
|
notify_nova_on_port_status_changes = True
|
|
notify_nova_on_port_data_changes = True
|
|
send_events_interval = 2
|
|
|
|
[nova]
|
|
auth_type = {{ nova_keystone_auth_plugin }}
|
|
auth_url = {{ keystone_service_adminurl }}
|
|
region_name = {{ nova_service_region }}
|
|
project_domain_id = {{ nova_service_project_domain_id }}
|
|
user_domain_id = {{ nova_service_user_domain_id }}
|
|
project_name = {{ nova_service_project_name }}
|
|
username = {{ nova_service_user_name }}
|
|
password = {{ nova_service_password }}
|
|
endpoint_type = internal
|
|
|
|
# Quotas
|
|
[quotas]
|
|
quota_driver = {{ neutron_driver_quota }}
|
|
quota_items = network,subnet,port
|
|
default_quota = {{ neutron_default_quota }}
|
|
quota_floatingip = {{ neutron_quota_floatingip }}
|
|
quota_health_monitor = {{ neutron_quota_health_monitor }}
|
|
quota_member = {{ neutron_quota_member }}
|
|
quota_network = {{ neutron_quota_network }}
|
|
quota_network_gateway = {{ neutron_quota_network_gateway }}
|
|
quota_packet_filter = {{ neutron_quota_packet_filter }}
|
|
quota_pool = {{ neutron_quota_pool }}
|
|
quota_port = {{ neutron_quota_port }}
|
|
quota_router = {{ neutron_quota_router }}
|
|
quota_security_group = {{ neutron_quota_security_group }}
|
|
quota_security_group_rule = {{ neutron_quota_security_group_rule }}
|
|
quota_subnet = {{ neutron_quota_subnet }}
|
|
quota_vip = {{ neutron_quota_vip }}
|
|
|
|
# Keystone authentication
|
|
[keystone_authtoken]
|
|
insecure = {{ keystone_service_internaluri_insecure | bool }}
|
|
auth_type = {{ neutron_keystone_auth_plugin }}
|
|
auth_url = {{ keystone_service_adminuri }}
|
|
auth_uri = {{ keystone_service_internaluri }}
|
|
project_domain_id = {{ neutron_service_project_domain_id }}
|
|
user_domain_id = {{ neutron_service_user_domain_id }}
|
|
project_name = {{ neutron_service_project_name }}
|
|
username = {{ neutron_service_user_name }}
|
|
password = {{ neutron_service_password }}
|
|
region_name = {{ keystone_service_region }}
|
|
|
|
memcached_servers = {{ memcached_servers }}
|
|
|
|
token_cache_time = 300
|
|
|
|
# Prevent cache poisoning if sharing a memcached server
|
|
memcache_security_strategy = ENCRYPT
|
|
memcache_secret_key = {{ memcached_encryption_key }}
|
|
|
|
# Database
|
|
[database]
|
|
connection = mysql+pymysql://{{ neutron_galera_user }}:{{ neutron_container_mysql_password }}@{{ neutron_galera_address }}/{{ neutron_galera_database }}?charset=utf8
|
|
max_overflow = {{ neutron_db_max_overflow }}
|
|
max_pool_size = {{ neutron_db_pool_size }}
|
|
pool_timeout = {{ neutron_db_pool_timeout }}
|
|
|
|
# Service providers
|
|
[service_providers]
|
|
{% if neutron_lbaasv2 | bool %}
|
|
{% for service_provider in neutron_lbaasv2_service_provider.split(',') %}
|
|
service_provider = {{ service_provider }}
|
|
{% endfor %}
|
|
{% endif %}
|
|
{% if neutron_vpnaas| bool %}
|
|
service_provider = {{ neutron_vpnaas_service_provider }}
|
|
{% endif %}
|
|
|
|
{% if neutron_lbaasv2 | bool %}
|
|
{% if neutron_lbaas_octavia | bool %}
|
|
[octavia]
|
|
base_url= {{ octavia_service_url }}
|
|
request_poll_timeout = {{ neutron_octavia_request_poll_timeout }}
|
|
{% endif %}
|
|
|
|
# Configure Barbican - TLS will not work if Barbican is misisng
|
|
[certificates]
|
|
|
|
# Certificate Manager plugin. Defaults to barbican. (string value)
|
|
cert_manager_type = barbican
|
|
|
|
# Name of the Barbican authentication method to use (string value)
|
|
#barbican_auth = barbican_acl_auth
|
|
|
|
[service_auth]
|
|
insecure = {{ keystone_service_internaluri_insecure | bool }}
|
|
auth_plugin = {{ neutron_keystone_auth_plugin }}
|
|
# this needs to have a v3 added manually :-(
|
|
auth_url = {{ keystone_service_internaluri }}/v3
|
|
admin_project_domain = {{ neutron_service_project_domain_id }}
|
|
admin_user_domain = {{ neutron_service_user_domain_id }}
|
|
admin_tenant_name = {{ neutron_service_project_name }}
|
|
admin_user = {{ neutron_service_user_name }}
|
|
admin_password = {{ neutron_service_password }}
|
|
region = {{ keystone_service_region }}
|
|
endpoint_type = internalURL
|
|
service_name = neutron
|
|
auth_version = 3
|
|
{% endif %}
|
|
|
|
{% endif %}
|
|
|
|
{% if neutron_fwaas | bool and neutron_plugin_type != 'plumgrid' %}
|
|
[fwaas]
|
|
enabled = true
|
|
driver = neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver
|
|
{% endif %}
|
|
|
|
# Agent
|
|
[agent]
|
|
polling_interval = {{ neutron_agent_polling_interval|default(5) }}
|
|
report_interval = {{ neutron_report_interval|int }}
|
|
root_helper = sudo {{ neutron_bin }}/neutron-rootwrap {{ neutron_conf_dir }}/rootwrap.conf
|
|
|
|
# Messaging
|
|
[oslo_messaging_rabbit]
|
|
rabbit_use_ssl = {{ neutron_rabbitmq_use_ssl }}
|
|
rpc_conn_pool_size = {{ neutron_rpc_conn_pool_size }}
|
|
|
|
# Notifications
|
|
{% if neutron_ceilometer_enabled or neutron_designate_enabled %}
|
|
[oslo_messaging_notifications]
|
|
{% set notification_topics = [] %}
|
|
{% if neutron_ceilometer_enabled %}
|
|
{% set _ = notification_topics.append('notifications') %}
|
|
{% endif %}
|
|
{% if neutron_designate_enabled %}
|
|
{% set _ = notification_topics.append(neutron_notifications_designate) %}
|
|
{% endif %}
|
|
notification_topics = {{ notification_topics | join(',') }}
|
|
driver = messagingv2
|
|
transport_url = rabbit://{% for host in neutron_rabbitmq_telemetry_servers.split(',') %}{{ neutron_rabbitmq_telemetry_userid }}:{{ neutron_rabbitmq_telemetry_password }}@{{ host }}:{{ neutron_rabbitmq_telemetry_port }}{% if not loop.last %},{% else %}/{{ neutron_rabbitmq_telemetry_vhost }}{% endif %}{% endfor %}
|
|
{% endif %}
|
|
|
|
# Concurrency (locking mechanisms)
|
|
[oslo_concurrency]
|
|
lock_path = {{ neutron_lock_path }}
|
|
|
|
|