openstack-ansible/tests/roles/bootstrap-host/templates/user_variables.aio.yml.j2

---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

## General options
debug: True

## Installation method for OpenStack services
install_method: "{{ bootstrap_host_install_method }}"

## Tempest settings
{% if bootstrap_host_container_tech == 'nspawn' %}
tempest_public_subnet_cidr: "172.29.240.0/22"
tempest_public_subnet_allocation_pools: "172.29.243.110-172.29.243.200"
{% else %}
tempest_public_subnet_cidr: "172.29.248.0/22"
tempest_public_subnet_allocation_pools: "172.29.249.110-172.29.249.200"
{% endif %}

## Galera settings
galera_monitoring_allowed_source: "0.0.0.0/0"
galera_innodb_buffer_pool_size: 16M
galera_innodb_log_buffer_size: 4M
galera_wsrep_provider_options:
 - { option: "gcache.size", value: "4M" }

### Set workers for all services to optimise memory usage

## Repo
repo_nginx_threads: 2

{% if 'metal' in bootstrap_host_scenario %}
# NOTE(mnaser): We don't currently deploy HAproxy in metal scenarios therefore
#               all URLs which be using HTTP instead of HTTPS.
openstack_service_publicuri_proto: http
{% endif %}

## Keystone
keystone_httpd_mpm_start_servers: 2
keystone_httpd_mpm_min_spare_threads: 1
keystone_httpd_mpm_max_spare_threads: 2
keystone_httpd_mpm_thread_limit: 2
keystone_httpd_mpm_thread_child: 1
keystone_wsgi_threads: 1
keystone_wsgi_processes_max: 2

## Barbican
barbican_wsgi_processes: 2
barbican_wsgi_threads: 1

## Cinder
cinder_wsgi_processes_max: 2
cinder_wsgi_threads: 1
cinder_wsgi_buffer_size: 16384
cinder_osapi_volume_workers_max: 2

## Glance
glance_api_threads_max: 2
glance_api_threads: 1
glance_api_workers: 1
glance_registry_workers: 1
glance_wsgi_threads: 1
glance_wsgi_processes_max: 2
glance_wsgi_processes: 2

## Nova
nova_wsgi_threads: 1
nova_wsgi_processes_max: 2
nova_wsgi_processes: 2
nova_wsgi_buffer_size: 16384
nova_api_threads_max: 2
nova_api_threads: 1
nova_osapi_compute_workers: 1
nova_conductor_workers: 1
nova_metadata_workers: 1
nova_scheduler_workers: 1

## Neutron
neutron_rpc_workers: 1
neutron_metadata_workers: 1
neutron_api_workers: 1
neutron_api_threads_max: 2
neutron_api_threads: 2
neutron_num_sync_threads: 1

## Octavia
octavia_management_net_subnet_cidr: 172.29.252.0/22
octavia_management_net_subnet_allocation_pools: "172.29.253.1-172.29.253.200"

## Heat
heat_api_workers: 1
heat_api_threads_max: 2
heat_api_threads: 1
heat_wsgi_threads: 1
heat_wsgi_processes_max: 2
heat_wsgi_processes: 1
heat_wsgi_buffer_size: 16384

## Horizon
horizon_wsgi_processes: 1
horizon_wsgi_threads: 1
horizon_wsgi_threads_max: 2

## Ceilometer
ceilometer_notification_workers_max: 2
ceilometer_notification_workers: 1

## AODH
aodh_wsgi_threads: 1
aodh_wsgi_processes_max: 2
aodh_wsgi_processes: 1

## Gnocchi
gnocchi_wsgi_threads: 1
gnocchi_wsgi_processes_max: 2
gnocchi_wsgi_processes: 1

## Swift
swift_account_server_replicator_workers: 1
swift_server_replicator_workers: 1
swift_object_replicator_workers: 1
swift_account_server_workers: 1
swift_container_server_workers: 1
swift_object_server_workers: 1
swift_proxy_server_workers_max: 2
swift_proxy_server_workers_not_capped: 1
swift_proxy_server_workers_capped: 1
swift_proxy_server_workers: 1

## Ironic
ironic_wsgi_threads: 1
ironic_wsgi_processes_max: 2
ironic_wsgi_processes: 1

## Trove
trove_api_workers_max: 2
trove_service_net_setup: true
trove_api_workers: 1
trove_conductor_workers_max: 2
trove_conductor_workers: 1
trove_wsgi_threads: 1
trove_wsgi_processes_max: 2
trove_wsgi_processes: 1

## Octavia
{% if 'metal' in bootstrap_host_scenario %}
# TODO(mnaser): The Octavia role relies on gathering IPs of hosts in the
#               LBaaS network and using those in the health manager pool
#               IPs.  We don't store those IPs when running metal so we
#               have to override it manually.  We should remove this and
#               fix the role (or the inventory tool) eventually.
octavia_hm_hosts: 172.29.252.100 # br-lbaas IP
{% endif %}

## Sahara
sahara_api_workers_max: 2
sahara_api_workers: 1

# NOTE: hpcloud-b4's eth0 uses 10.0.3.0/24, which overlaps with the
#       lxc_net_address default
# TODO: We'll need to implement a mechanism to determine valid lxc_net_address
#       value which will not overlap with an IP already assigned to the host.
lxc_net_address: 10.255.255.1
lxc_net_netmask: 255.255.255.0
lxc_net_dhcp_range: 10.255.255.2,10.255.255.253

{% if _lxc_mirror is defined and _lxc_mirror.stdout_lines is defined %}
## images.linuxcontainers.org reverse proxy
lxc_image_cache_server_mirrors:
  - "http://{{ _lxc_mirror.stdout_lines[0] }}"
{% endif %}

{% if cache_timeout is defined %}
## Package cache timeout
cache_timeout: {{ cache_timeout }}
{% endif %}

# The container backing store is set to 'machinectl' to speed up the
# AIO build time. Options are: [machinectl, overlayfs, btrfs, zfs, dir, lvm]
lxc_container_backing_store: "{{ lxc_container_backing_store }}"

## Always setup tempest, the resources for it, then execute tests
tempest_install: yes
tempest_run: yes

# Do a gateway ping test once the tempest role creates it
tempest_network_ping_gateway: yes

{% if nodepool_dir.stat.exists %}
# Copy /etc/pip.conf into containers to get mirrors for wheels
# and due to extra-index-url bugs in Ubuntu, we workaround it
# by ignoring the config file during PIP upgrade time
venv_pip_upgrade_noconf: true
lxc_container_cache_files_from_host:
  - /etc/pip.conf
# Disable chronyd in OpenStack CI
security_rhel7_enable_chrony: no
# The location where images are downloaded in openstack-infra
tempest_image_dir: "/opt/cache/files"
{% endif %}

# For testing purposes in public clouds, we need to ignore these
# services when trying to do a reload of nova services.
nova_service_negate:
  - "nova-agent.service"
  - "nova-resetnetwork.service"

# Set all the distros to the same value: a "quiet" print
# of kernel log messages.
openstack_user_kernel_options:
  - key: 'kernel.printk'
    value: '4 1 7 4'

{% if 'octaviav2' in bootstrap_host_scenario %}
# Disable Octavia support in Neutron
neutron_lbaas_octavia: False
# Disable LBaaS V2
neutron_lbaasv2: False
# Enable Octavia V2 API/standalone
octavia_v2: True
# Disable Octavia V1 API
octavia_v1: False
octavia_management_net_subnet_cidr: "{{ (bootstrap_host_container_tech == 'nspawn') | ternary('172.29.240.0/22', '172.29.252.0/22') }}"
{% elif 'octavia' in bootstrap_host_scenarios_expanded %}
neutron_lbaas_octavia: True
octavia_management_net_subnet_cidr: "{{ (bootstrap_host_container_tech == 'nspawn') | ternary('172.29.240.0/22', '172.29.252.0/22') }}"
{% endif %}

{% if bootstrap_host_scenario is search('proxy') %}
# For testing with the 'proxy' scenario configure deployment environment
# to point to the local squid
# Playbooks will set a runtime proxy to the AIO host squid
deployment_environment_variables:
  http_proxy: http://172.29.236.100:3128/
  https_proxy: http://172.29.236.100:3128/
  no_proxy: "localhost,127.0.0.1,172.29.236.100,{{ bootstrap_host_public_address | default(ansible_default_ipv4.address) }}"

# Remove eth0 from all container so there is no default route and everything
# must go via the http proxy
lxc_container_networks: {}
{% endif %}