477fae8e5c
This change removes the plumgrid network provider type. Plumgrid was purchased by VMWare and subsequently dismantled. This change removes the driver because it is no longer maintained and is no longer a viable option with an OpenStack cloud. Change-Id: I87522d5dc4a5a1fccc417e2e9688900873c067fe Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
246 lines
8.4 KiB
Django/Jinja
246 lines
8.4 KiB
Django/Jinja
# {{ ansible_managed }}
|
|
{% set neutron_plugin_loaded_base = [] %}
|
|
|
|
{% for plugin in neutron_plugin_base %}
|
|
{% if plugin != 'dns' %}
|
|
{% set _ = neutron_plugin_loaded_base.append(plugin) %}
|
|
{% endif %}
|
|
{% endfor %}
|
|
|
|
{% if (neutron_lbaasv2|bool) and ('neutron_lbaas.services.loadbalancer.plugin.LoadBalancerPluginv2' not in neutron_plugin_base) %}
|
|
{% set _ = neutron_plugin_loaded_base.append("lbaasv2") %}
|
|
{%- endif -%}
|
|
|
|
# General, applies to all host groups
|
|
[DEFAULT]
|
|
# Disable stderr logging
|
|
use_stderr = False
|
|
debug = {{ debug }}
|
|
fatal_deprecations = {{ neutron_fatal_deprecations }}
|
|
log_file = /var/log/neutron/neutron.log
|
|
|
|
## Rpc all
|
|
executor_thread_pool_size = {{ neutron_rpc_thread_pool_size }}
|
|
rpc_response_timeout = {{ neutron_rpc_response_timeout }}
|
|
transport_url = rabbit://{% for host in neutron_rabbitmq_servers.split(',') %}{{ neutron_rabbitmq_userid }}:{{ neutron_rabbitmq_password }}@{{ host }}:{{ neutron_rabbitmq_port }}{% if not loop.last %},{% else %}/{{ neutron_rabbitmq_vhost }}{% endif %}{% endfor %}
|
|
|
|
# Domain to use for building hostnames
|
|
dns_domain = {{ neutron_dns_domain }}
|
|
|
|
{% if neutron_services['neutron-server']['group'] in group_names %}
|
|
|
|
# General, only applies to neutron server host group
|
|
allow_overlapping_ips = True
|
|
vlan_transparent = False
|
|
|
|
# Plugins
|
|
core_plugin = {{ neutron_plugin_core }}
|
|
{% if neutron_plugin_type.split('.')[0] == 'ml2' %}
|
|
service_plugins = {{ neutron_plugin_loaded_base | join(',') }}
|
|
{% endif %}
|
|
|
|
# MAC address generation for VIFs
|
|
base_mac = fa:16:3e:00:00:00
|
|
mac_generation_retries = 16
|
|
|
|
# Authentication method
|
|
auth_strategy = keystone
|
|
|
|
# Drivers
|
|
network_scheduler_driver = {{ neutron_driver_network_scheduler }}
|
|
router_scheduler_driver = {{ neutron_driver_router_scheduler }}
|
|
loadbalancer_pool_scheduler_driver = {{ neutron_driver_loadbalancer_pool_scheduler }}
|
|
|
|
# Schedulers
|
|
network_auto_schedule = True
|
|
router_auto_schedule = True
|
|
|
|
# Distributed virtual routing
|
|
router_distributed = {{ neutron_plugins[neutron_plugin_type].router_distributed | default('False') }}
|
|
|
|
# Agents
|
|
agent_down_time = {{ neutron_agent_down_time }}
|
|
|
|
{% set num_agent = groups[neutron_services['neutron-dhcp-agent']['group']] | length %}
|
|
{% if neutron_plugin_type.split('.')[0] == 'ml2' and num_agent >= 2 %}
|
|
{% if neutron_services['neutron-linuxbridge-agent']['service_en'] | bool or neutron_services['neutron-openvswitch-agent']['service_en'] | bool %}
|
|
|
|
{% set max_l3_router = num_agent if num_agent > 2 else 2 %}
|
|
|
|
# L3HA
|
|
l3_ha = True
|
|
l3_ha_net_cidr = {{ neutron_l3_ha_net_cidr }}
|
|
max_l3_agents_per_router = {{ max_l3_router }}
|
|
{% if neutron_provider_networks.network_mappings_list is defined %}
|
|
ha_network_type = {{ neutron_provider_networks.network_mappings_list[0].split(':')[0] }}
|
|
ha_network_physical_name = {{ neutron_provider_networks.network_mappings_list[0].split(':')[-1] }}
|
|
{% endif %}
|
|
|
|
{% endif %}
|
|
{% endif %}
|
|
|
|
# API
|
|
bind_port = 9696
|
|
bind_host = 0.0.0.0
|
|
|
|
# Workers
|
|
api_workers = {{ neutron_api_workers | default(neutron_api_threads) }}
|
|
rpc_workers = {{ neutron_rpc_workers }}
|
|
|
|
{% set dhcp_agents_max = num_agent if num_agent > 2 else 2 %}
|
|
# DHCP
|
|
{% if neutron_plugin_type == 'ml2.dragonflow' %}
|
|
# In dragonflow, DHCP is fully distributed, and DHCP agents are not used
|
|
dhcp_agent_notification = False
|
|
{% else %}
|
|
dhcp_agent_notification = True
|
|
dhcp_agents_per_network = {{ dhcp_agents_max }}
|
|
dhcp_lease_duration = 86400
|
|
{% endif %}
|
|
|
|
# Nova notifications
|
|
notify_nova_on_port_status_changes = True
|
|
notify_nova_on_port_data_changes = True
|
|
send_events_interval = 2
|
|
|
|
[nova]
|
|
auth_type = {{ nova_keystone_auth_plugin }}
|
|
auth_url = {{ keystone_service_adminurl }}
|
|
region_name = {{ nova_service_region }}
|
|
project_domain_id = {{ nova_service_project_domain_id }}
|
|
user_domain_id = {{ nova_service_user_domain_id }}
|
|
project_name = {{ nova_service_project_name }}
|
|
username = {{ nova_service_user_name }}
|
|
password = {{ nova_service_password }}
|
|
endpoint_type = internal
|
|
|
|
# Quotas
|
|
[quotas]
|
|
quota_driver = {{ neutron_driver_quota }}
|
|
quota_items = network,subnet,port
|
|
default_quota = {{ neutron_default_quota }}
|
|
quota_floatingip = {{ neutron_quota_floatingip }}
|
|
quota_health_monitor = {{ neutron_quota_health_monitor }}
|
|
quota_member = {{ neutron_quota_member }}
|
|
quota_network = {{ neutron_quota_network }}
|
|
quota_network_gateway = {{ neutron_quota_network_gateway }}
|
|
quota_packet_filter = {{ neutron_quota_packet_filter }}
|
|
quota_pool = {{ neutron_quota_pool }}
|
|
quota_port = {{ neutron_quota_port }}
|
|
quota_router = {{ neutron_quota_router }}
|
|
quota_security_group = {{ neutron_quota_security_group }}
|
|
quota_security_group_rule = {{ neutron_quota_security_group_rule }}
|
|
quota_subnet = {{ neutron_quota_subnet }}
|
|
quota_vip = {{ neutron_quota_vip }}
|
|
|
|
# Keystone authentication
|
|
[keystone_authtoken]
|
|
insecure = {{ keystone_service_internaluri_insecure | bool }}
|
|
auth_type = {{ neutron_keystone_auth_plugin }}
|
|
auth_url = {{ keystone_service_adminuri }}
|
|
auth_uri = {{ keystone_service_internaluri }}
|
|
project_domain_id = {{ neutron_service_project_domain_id }}
|
|
user_domain_id = {{ neutron_service_user_domain_id }}
|
|
project_name = {{ neutron_service_project_name }}
|
|
username = {{ neutron_service_user_name }}
|
|
password = {{ neutron_service_password }}
|
|
region_name = {{ keystone_service_region }}
|
|
|
|
memcached_servers = {{ memcached_servers }}
|
|
|
|
token_cache_time = 300
|
|
|
|
# Prevent cache poisoning if sharing a memcached server
|
|
memcache_security_strategy = ENCRYPT
|
|
memcache_secret_key = {{ memcached_encryption_key }}
|
|
|
|
# Database
|
|
[database]
|
|
connection = mysql+pymysql://{{ neutron_galera_user }}:{{ neutron_container_mysql_password }}@{{ neutron_galera_address }}/{{ neutron_galera_database }}?charset=utf8
|
|
max_overflow = {{ neutron_db_max_overflow }}
|
|
max_pool_size = {{ neutron_db_pool_size }}
|
|
pool_timeout = {{ neutron_db_pool_timeout }}
|
|
|
|
# Service providers
|
|
[service_providers]
|
|
{% if neutron_lbaasv2 | bool %}
|
|
{% for service_provider in neutron_lbaasv2_service_provider.split(',') %}
|
|
service_provider = {{ service_provider }}
|
|
{% endfor %}
|
|
{% endif %}
|
|
{% if neutron_vpnaas| bool %}
|
|
service_provider = {{ neutron_vpnaas_service_provider }}
|
|
{% endif %}
|
|
|
|
{% if neutron_lbaasv2 | bool %}
|
|
{% if neutron_lbaas_octavia | bool %}
|
|
[octavia]
|
|
base_url= {{ octavia_service_url }}
|
|
request_poll_timeout = {{ neutron_octavia_request_poll_timeout }}
|
|
{% endif %}
|
|
|
|
# Configure Barbican - TLS will not work if Barbican is misisng
|
|
[certificates]
|
|
|
|
# Certificate Manager plugin. Defaults to barbican. (string value)
|
|
cert_manager_type = barbican
|
|
|
|
# Name of the Barbican authentication method to use (string value)
|
|
#barbican_auth = barbican_acl_auth
|
|
|
|
[service_auth]
|
|
insecure = {{ keystone_service_internaluri_insecure | bool }}
|
|
auth_plugin = {{ neutron_keystone_auth_plugin }}
|
|
# this needs to have a v3 added manually :-(
|
|
auth_url = {{ keystone_service_internaluri }}/v3
|
|
admin_project_domain = {{ neutron_service_project_domain_id }}
|
|
admin_user_domain = {{ neutron_service_user_domain_id }}
|
|
admin_tenant_name = {{ neutron_service_project_name }}
|
|
admin_user = {{ neutron_service_user_name }}
|
|
admin_password = {{ neutron_service_password }}
|
|
region = {{ keystone_service_region }}
|
|
endpoint_type = internalURL
|
|
service_name = neutron
|
|
auth_version = 3
|
|
{% endif %}
|
|
|
|
{% endif %}
|
|
|
|
{% if neutron_fwaas | bool %}
|
|
[fwaas]
|
|
enabled = true
|
|
driver = neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver
|
|
{% endif %}
|
|
|
|
# Agent
|
|
[agent]
|
|
polling_interval = {{ neutron_agent_polling_interval|default(5) }}
|
|
report_interval = {{ neutron_report_interval|int }}
|
|
root_helper = sudo {{ neutron_bin }}/neutron-rootwrap {{ neutron_conf_dir }}/rootwrap.conf
|
|
|
|
# Messaging
|
|
[oslo_messaging_rabbit]
|
|
rabbit_use_ssl = {{ neutron_rabbitmq_use_ssl }}
|
|
rpc_conn_pool_size = {{ neutron_rpc_conn_pool_size }}
|
|
|
|
# Notifications
|
|
{% if neutron_ceilometer_enabled or neutron_designate_enabled %}
|
|
[oslo_messaging_notifications]
|
|
{% set notification_topics = [] %}
|
|
{% if neutron_ceilometer_enabled %}
|
|
{% set _ = notification_topics.append('notifications') %}
|
|
{% endif %}
|
|
{% if neutron_designate_enabled %}
|
|
{% set _ = notification_topics.append(neutron_notifications_designate) %}
|
|
{% endif %}
|
|
notification_topics = {{ notification_topics | join(',') }}
|
|
driver = messagingv2
|
|
transport_url = rabbit://{% for host in neutron_rabbitmq_telemetry_servers.split(',') %}{{ neutron_rabbitmq_telemetry_userid }}:{{ neutron_rabbitmq_telemetry_password }}@{{ host }}:{{ neutron_rabbitmq_telemetry_port }}{% if not loop.last %},{% else %}/{{ neutron_rabbitmq_telemetry_vhost }}{% endif %}{% endfor %}
|
|
{% endif %}
|
|
|
|
# Concurrency (locking mechanisms)
|
|
[oslo_concurrency]
|
|
lock_path = {{ neutron_lock_path }}
|
|
|
|
|