openstack/openstack-ansible-os_ironic
Code Issues Proposed changes
openstack-ansible-os_ironic/templates/ironic.conf.j2
Dmitriy Rabotyagov fcde81e4a7 Add quorum queues support for service 
This change implements and enables by default quorum support
for rabbitmq as well as providing default variables to globally tune
it's behaviour.

In order to ensure upgrade path and ability to switch back to HA queues
we change vhost names with removing leading `/`, as enabling quorum
requires to remove exchange which is tricky thing to do with running
services.

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-plugins/+/896017
Change-Id: I0f6ae74be36c0cb7a2270cfa1085c44e6dd4dc77
2023-10-20 12:19:49 +00:00

228 lines
8.7 KiB
Django/Jinja
Raw Permalink Blame History

# {{ ansible_managed }}
[DEFAULT]
# Disable stderr logging
use_stderr = False
use_journal = True
debug = {{ debug }}
auth_strategy = {{ ironic_auth_strategy }}
host = {{ inventory_hostname }}
memcached_servers = {{ ironic_memcached_servers }}
enabled_network_interfaces = {{ ironic_enabled_network_interfaces_list }}
default_network_interface = {{ ironic_default_network_interface }}
## RPC Backend
transport_url = {{ ironic_oslomsg_rpc_transport }}://{% for host in ironic_oslomsg_rpc_servers.split(',') %}{{ ironic_oslomsg_rpc_userid }}:{{ ironic_oslomsg_rpc_password }}@{{ host }}:{{ ironic_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ _ironic_oslomsg_rpc_vhost_conf }}{% if ironic_oslomsg_rpc_use_ssl | bool %}?ssl=1&ssl_version={{ ironic_oslomsg_rpc_ssl_version }}&ssl_ca_file={{ ironic_oslomsg_rpc_ssl_ca_file }}{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
# drivers
enabled_hardware_types = {{ filtered_ironic_drivers | json_query('[*].hardware_type') | unique | join(',') }}
enabled_boot_interfaces = {{ filtered_ironic_drivers | json_query('[*].boot') | unique | join(',') }}
enabled_deploy_interfaces = {{ filtered_ironic_drivers | json_query('[*].deploy') | unique | join(',') }}
enabled_inspect_interfaces = {{ filtered_ironic_drivers | json_query('[*].inspect') | unique | join(',') }}
enabled_management_interfaces = {{ filtered_ironic_drivers | json_query('[*].management') | unique | join(',') }}
enabled_power_interfaces = {{ filtered_ironic_drivers | json_query('[*].power') | unique | join(',') }}
enabled_console_interfaces = {{ filtered_ironic_drivers | json_query('[*].console') | unique | join(',') }}
enabled_raid_interfaces = {{ filtered_ironic_drivers | json_query('[*].raid') | unique | join(',') }}
[agent]
[amt]
[api]
[conductor]
{% if ironic_standalone | bool %}
api_url = {{ ironic_service_internaluri }}/
{% endif %}
sync_power_state_interval = {{ ironic_sync_power_state_interval }}
automated_clean = {{ ironic_automated_clean }}
[console]
{% if 'ipmitool-socat' in (filtered_ironic_drivers | json_query('[*].console') | unique) %}
socat_address = {{ ironic_socat_bind_address }}
port_range = "{{ ironic_socat_port_range }}"
{% endif %}
[cors]
[cors.subdomain]
[database]
connection = {{ ironic_db_connection_string }}
max_overflow = {{ ironic_db_max_overflow }}
max_pool_size = {{ ironic_db_max_pool_size }}
pool_timeout = {{ ironic_db_pool_timeout }}
connection_recycle_time = {{ ironic_db_connection_recycle_time }}
[deploy]
erase_devices_priority = {{ ironic_erase_devices_priority }}
{% if not ironic_standalone | bool %}
object_store_endpoint_type = {{ ironic_swift_url_endpoint_type }}
{% endif %}
{% if ironic_enable_web_server_for_images | bool %}
http_root ={{ ironic_http_root }}
http_url = {{ ironic_http_url }}
{% endif %}
[dhcp]
dhcp_provider = {{ ironic_dhcp_provider }}
[disk_partitioner]
[disk_utils]
[glance]
auth_url = {{ ironic_glance_keystone_auth_url }}
auth_type = {{ ironic_glance_keystone_auth_plugin }}
project_name = {{ ironic_glance_service_project_name }}
project_domain_id = {{ ironic_glance_service_project_domain_id }}
username = {{ ironic_glance_service_user_name }}
user_domain_id = {{ ironic_glance_service_user_domain_id }}
password = {{ glance_service_password }}
{% if not ironic_standalone | bool and not ironic_enable_web_server_for_images | bool %}
swift_temp_url_key = {{ ironic_swift_temp_url_secret_key }}
swift_container = {{ ironic_swift_image_container }}
swift_endpoint_url = {{ ironic_swift_endpoint }}
swift_account = {{ ironic_swift_auth_account }}
swift_api_version = {{ ironic_swift_api_version }}
{% endif %}
[healthcheck]
enabled = True
[iboot]
[ilo]
{% if ironic_enable_web_server_for_images | bool %}
use_web_server_for_images = True
{% endif %}
[inspector]
{% if ironic_services['ironic-api']['group'] in group_names %}
auth_type = {{ ironic_keystone_auth_plugin }}
auth_url = {{ keystone_service_adminuri }}
insecure = {{ keystone_service_internaluri_insecure | bool }}
password = {{ ironic_inspector_service_password }}
project_domain_name = {{ ironic_inspector_service_domain_id }}
project_name ={{ ironic_inspector_service_project_name }}
user_domain_name = {{ ironic_inspector_service_domain_id }}
username = {{ ironic_inspector_service_user_name }}
valid_interfaces = {{ ironic_inspector_valid_interfaces }}
{% endif %}
[ipmi]
[irmc]
[ironic_lib]
[keystone_authtoken]
insecure = {{ keystone_service_internaluri_insecure | bool }}
auth_type = {{ ironic_keystone_auth_plugin }}
auth_url = {{ keystone_service_adminuri }}
www_authenticate_uri = {{ keystone_service_internaluri }}
project_domain_id = {{ ironic_service_project_domain_id }}
user_domain_id = {{ ironic_service_user_domain_id }}
project_name = {{ ironic_service_project_name }}
username = {{ ironic_service_user_name }}
password = {{ ironic_service_password }}
region_name = {{ keystone_service_region }}
service_token_roles = {{ ironic_service_token_roles | join(',') }}
service_token_roles_required = {{ ironic_service_token_roles_required | bool }}
service_type = {{ ironic_service_type }}
memcached_servers = {{ ironic_memcached_servers }}
token_cache_time = 300
# if your memcached server is shared, use these settings to avoid cache poisoning
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcached_encryption_key }}
[matchmaker_redis]
[service_catalog]
insecure = {{ keystone_service_internaluri_insecure | bool }}
auth_type = {{ ironic_keystone_auth_plugin }}
auth_url = {{ keystone_service_adminuri }}
www_authenticate_uri = {{ keystone_service_internaluri }}
project_domain_id = {{ ironic_service_project_domain_id }}
user_domain_id = {{ ironic_service_user_domain_id }}
project_name = {{ ironic_service_project_name }}
username = {{ ironic_service_user_name }}
password = {{ ironic_service_password }}
region_name = {{ keystone_service_region }}
[neutron]
auth_type = password
# Keystone auth using ironic credentials
username = {{ ironic_service_user_name }}
password = {{ ironic_service_password }}
project_name = {{ ironic_service_project_name }}
user_domain_id = {{ ironic_service_user_domain_id }}
project_domain_id = {{ ironic_service_project_domain_id }}
auth_url = {{ keystone_service_adminurl }}
insecure = {{ keystone_service_adminuri_insecure | bool }}
{% if ironic_neutron_provisioning_network_name is defined %}
provisioning_network = {{ ironic_neutron_provisioning_network_uuid | default(ironic_neutron_provisioning_network_name) | default('') }}
cleaning_network = {{ ironic_neutron_cleaning_network_uuid | default(ironic_neutron_cleaning_network_name) | default(ironic_neutron_provisioning_network_uuid) | default(ironic_neutron_provisioning_network_name) | default('') }}
inspection_network = {{ ironic_neutron_inspection_network_uuid | default(ironic_neutron_inspection_network_name) | default(ironic_neutron_provisioning_network_uuid) | default(ironic_neutron_provisioning_network_name) | default('') }}
{% endif %}
[nova]
auth_url = {{ keystone_service_adminurl }}
auth_type = password
# Keystone auth using ironic credentials
username = {{ ironic_service_user_name }}
password = {{ ironic_service_password }}
project_name = {{ ironic_service_project_name }}
user_domain_id = {{ ironic_service_user_domain_id }}
project_domain_id = {{ ironic_service_project_domain_id }}
insecure = {{ keystone_service_adminuri_insecure | bool }}
[oslo_concurrency]
lock_path = {{ ironic_lock_dir }}/{{ ironic_system_slice_name }}
[oslo_messaging_amqp]
[oslo_messaging_notifications]
transport_url = {{ ironic_oslomsg_notify_transport }}://{% for host in ironic_oslomsg_notify_servers.split(',') %}{{ ironic_oslomsg_notify_userid }}:{{ ironic_oslomsg_notify_password }}@{{ host }}:{{ ironic_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ _ironic_oslomsg_notify_vhost_conf }}{% if ironic_oslomsg_notify_use_ssl | bool %}?ssl=1&ssl_version={{ ironic_oslomsg_notify_ssl_version }}&ssl_ca_file={{ ironic_oslomsg_notify_ssl_ca_file }}{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
[oslo_messaging_rabbit]
ssl = {{ ironic_oslomsg_rpc_use_ssl }}
pool_max_size = {{ ironic_wsgi_processes }}
rabbit_quorum_queue = {{ ironic_oslomsg_rabbit_quorum_queues }}
rabbit_quorum_delivery_limit = {{ ironic_oslomsg_rabbit_quorum_delivery_limit }}
rabbit_quorum_max_memory_bytes = {{ ironic_oslomsg_rabbit_quorum_max_memory_bytes }}
[oslo_policy]
[pxe]
{% if ironic_ipxe_enabled | bool %}
pxe_bootfile_name = undionly.kpxe
uefi_ipxe_bootfile_name = ipxe.efi
pxe_config_template = $pybasedir/drivers/modules/ipxe_config.template
uefi_pxe_config_template = $pybasedir/drivers/modules/ipxe_config.template
{% endif %}
tftp_server = {{ ironic_tftp_server_address }}
kernel_append_params = {{ ironic_pxe_append_params | default(ironic_kernel_append_params) }}
tftp_root = {{ ironic_tftpd_root }}
tftp_master_path = {{ ironic_tftpd_root }}/master_images
[seamicro]
[snmp]
[ssh]
[ssl]
[swift]
[virtualbox]
View Git Blame Copy Permalink