71554ca7cf
As per discussion in the OSA docs summit session, clean up of installation guide. This fixes typos, minor RST mark up changes, and passive voice. This patch also merges a some of the sections into the larger chapter. This is in an effort to remove multiple smaller files. This patch is the first of many to avoid major conflicts. Change-Id: I38daa515ba47fde7719cd0bd3e0e40c2cd0f39f1
6.2 KiB
Home OpenStack-Ansible Installation Guide
Overriding OpenStack configuration defaults
OpenStack has many configuration options available in configuration
files which are in the form of .conf files (in a standard
INI file format), policy files (in a standard
JSON format) and also YAML files.
Note
YAML files are only in the ceilometer project at this
time.
OpenStack-Ansible provides the facility to include reference to any
options in the OpenStack
Configuration Reference through the use of a simple set of
configuration entries in
/etc/openstack_deploy/user_variables.yml.
This section provides guidance for how to make use of this facility. Further guidance is available in the developer documentation in the section titled Setting overrides in configuration files.
Overriding .conf files
The most common use-case for implementing overrides are for the
<service>.conf files (for example,
nova.conf). These files use a standard INI
file format.
For example, if you add the following parameters to
nova.conf:
[DEFAULT]
remove_unused_original_minimum_age_seconds = 43200
[libvirt]
cpu_mode = host-model
disk_cachemodes = file=directsync,block=none
[database]
idle_timeout = 300
max_pool_size = 10This is accomplished through the use of the following configuration
entry in /etc/openstack_deploy/user_variables.yml:
nova_nova_conf_overrides:
DEFAULT:
remove_unused_original_minimum_age_seconds: 43200
libvirt:
cpu_mode: host-model
disk_cachemodes: file=directsync,block=none
database:
idle_timeout: 300
max_pool_size: 10Overrides may also be applied on a per host basis with the following
configuration in
/etc/openstack_deploy/openstack_user_config.yml:
compute_hosts:
900089-compute001:
ip: 192.0.2.10
host_vars:
nova_nova_conf_overrides:
DEFAULT:
remove_unused_original_minimum_age_seconds: 43200
libvirt:
cpu_mode: host-model
disk_cachemodes: file=directsync,block=none
database:
idle_timeout: 300
max_pool_size: 10Use this method for any INI file format for all
OpenStack projects deployed in OpenStack-Ansible.
To assist you in finding the appropriate variable name to use for
overrides, the general format for the variable name is:
<service>_<filename>_<file extension>_overrides.
Overriding .json files
You can adjust the default policies applied by services in order to
implement access controls which are different to a standard OpenStack
environment. Policy files are in a JSON format.
For example, you can add the following policy in keystone's
policy.json:
{
"identity:foo": "rule:admin_required",
"identity:bar": "rule:admin_required"
}Accomplish this through the use of the following configuration entry
in /etc/openstack_deploy/user_variables.yml:
keystone_policy_overrides:
identity:foo: "rule:admin_required"
identity:bar: "rule:admin_required"Use this method for any JSON file format for all
OpenStack projects deployed in OpenStack-Ansible.
To assist you in finding the appropriate variable name to use for
overrides, the general format for the variable name is
<service>_policy_overrides.
Currently available overrides
The following is a list of overrides available:
- Galera:
-
- galera_client_my_cnf_overrides
- galera_my_cnf_overrides
- galera_cluster_cnf_overrides
- galera_debian_cnf_overrides
- Ceilometer:
-
- ceilometer_policy_overrides
- ceilometer_ceilometer_conf_overrides
- ceilometer_api_paste_ini_overrides
- ceilometer_event_definitions_yaml_overrides
- ceilometer_event_pipeline_yaml_overrides
- ceilometer_pipeline_yaml_overrides
- Cinder:
-
- cinder_policy_overrides
- cinder_rootwrap_conf_overrides
- cinder_api_paste_ini_overrides
- cinder_cinder_conf_overrides
- Glance:
-
- glance_glance_api_paste_ini_overrides
- glance_glance_api_conf_overrides
- glance_glance_cache_conf_overrides
- glance_glance_manage_conf_overrides
- glance_glance_registry_paste_ini_overrides
- glance_glance_registry_conf_overrides
- glance_glance_scrubber_conf_overrides
- glance_glance_scheme_json_overrides
- glance_policy_overrides
- Heat:
-
- heat_heat_conf_overrides
- heat_api_paste_ini_overrides
- heat_default_yaml_overrides
- heat_aws_cloudwatch_alarm_yaml_overrides
- heat_aws_rds_dbinstance_yaml_overrides
- heat_policy_overrides
- Keystone:
-
- keystone_keystone_conf_overrides
- keystone_keystone_default_conf_overrides
- keystone_keystone_paste_ini_overrides
- keystone_policy_overrides
- Neutron:
-
- neutron_neutron_conf_overrides
- neutron_ml2_conf_ini_overrides
- neutron_dhcp_agent_ini_overrides
- neutron_api_paste_ini_overrides
- neutron_rootwrap_conf_overrides
- neutron_policy_overrides
- neutron_dnsmasq_neutron_conf_overrides
- neutron_l3_agent_ini_overrides
- neutron_metadata_agent_ini_overrides
- neutron_metering_agent_ini_overrides
- Nova:
-
- nova_nova_conf_overrides
- nova_rootwrap_conf_overrides
- nova_api_paste_ini_overrides
- nova_policy_overrides
- Swift:
-
- swift_swift_conf_overrides
- swift_swift_dispersion_conf_overrides
- swift_proxy_server_conf_overrides
- swift_account_server_conf_overrides
- swift_account_server_replicator_conf_overrides
- swift_container_server_conf_overrides
- swift_container_server_replicator_conf_overrides
- swift_object_server_conf_overrides
- swift_object_server_replicator_conf_overrides
- Tempest:
-
- tempest_tempest_conf_overrides
- pip:
-
- pip_global_conf_overrides