[DEFAULT]
verbose = {{ verbose }}
debug = {{ debug }}

my_ip={{ container_address }}

rpc_backend = {{ rpc_backend }}
rabbit_hosts = {{ rabbit_hosts }}
rabbit_userid = {{ rabbit_userid }}
rabbit_password = {{ rabbit_password }}

lock_path = /var/lock/cinder
rootwrap_config = /etc/cinder/rootwrap.conf
api_paste_config = /etc/cinder/api-paste.ini
auth_strategy = keystone
volume_clear = {{ cinder_volume_clear }}
{% if cinder_volume_clear_ionice is defined %}
volume_clear_ionice =  {{ cinder_volume_clear_ionice }}
{% endif %}
volume_clear_size = {{ cinder_volume_clear_size }}

nova_catalog_info=compute:nova:internalURL
nova_catalog_admin_info=compute:nova:adminURL

glance_host={{ internal_vip_address }}
glance_port={{ glance_port|default('9292') }}
glance_num_retries=0
glance_api_servers={% for host in groups['glance_api'] %}{{ hostvars[host]['container_address'] }}:{{ glance_port|default('9292') }}{% if not loop.last %},{% endif %}{% endfor %}

{% if cinder_default_volume_type is defined %}
default_volume_type = {{ cinder_default_volume_type }}
{% endif %}

iscsi_helper=tgtadm
volume_name_template = volume-%s

{% if cinder_backends is defined %}

enabled_backends={% for backend in cinder_backends|dictsort %}{{ backend.0 }}{% if not loop.last %},{% endif %}{% endfor %}

{% for backend_section in cinder_backends|dictsort %}
[{{ backend_section.0 }}]
{% for key, value in backend_section.1.items() %}
{{ key }}={{ value }}
{% endfor %}

{% endfor %}
{% endif %}

[database]
connection = mysql://{{ container_mysql_user }}:{{ container_mysql_password }}@{{ mysql_address }}/{{ container_database }}?charset=utf8



[keystone_authtoken]
identity_uri = {{ auth_protocol }}://{{ auth_host }}:{{ auth_port }}
auth_uri = {{ auth_identity_uri }}
signing_dir = /var/cache/cinder
admin_tenant_name = {{ service_admin_tenant_name }}
admin_user = {{ service_admin_username }}
admin_password = {{ service_admin_password }}

memcached_servers = {{ internal_vip_address }}:{{ memcached_port }}
token_cache_time = 300
revocation_cache_time = 60
 
# if your memcached server is shared, use these settings to avoid cache poisoning
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcached_secret_key }}
 
# if your keystone deployment uses PKI, and you value security over performance:
check_revocations_for_cached = {{ hostvars[groups['keystone_all'][0]]['keystone_use_pki'] }}