openstack/openstack-ansible-os_neutron
Code Issues Proposed changes
openstack-ansible-os_neutron/templates/neutron.conf.j2
Travis Truman 0bdaa8c6db Support for Open vSwitch Distributed Virtual Routing 
Deployers may now enable DVR by setting the value of
the neutron_plugin_type variable to "ml2.ovs.dvr"

When set, the role will deploy and configure the OVS agent,
l3 agent and metadata agent as recommended by the neutron
Networking Guide's High Availability using Distributed Virtual
Routing scenario:

http://docs.openstack.org/mitaka/networking-guide/scenario-dvr-ovs.html

Change-Id: I27fd65c807cfde83f6250f613d9994cf83e1c0e0
Partially-Implements: blueprint neutron-dvr
2016-07-18 09:50:15 -04:00

193 lines
6.5 KiB
Django/Jinja
Raw Blame History

# {{ ansible_managed }}
{% set _api_threads = ansible_processor_vcpus|default(2) // 2 %}
{% set api_threads = _api_threads if _api_threads > 0 else 1 %}
# General, applies to all host groups
[DEFAULT]
debug = {{ debug }}
fatal_deprecations = {{ neutron_fatal_deprecations }}
log_file = /var/log/neutron/neutron.log
{% if neutron_services['neutron-server']['group'] in group_names %}
# General, only applies to neutron server host group
allow_overlapping_ips = True
vlan_transparent = False
# Plugins
core_plugin = {{ neutron_plugin_core }}
{% if neutron_plugin_type.split('.')[0] == 'ml2' %}
service_plugins = {{ neutron_plugin_loaded_base }}
{% endif %}
# MAC address generation for VIFs
base_mac = fa:16:3e:00:00:00
mac_generation_retries = 16
# Authentication method
auth_strategy = keystone
# Drivers
network_scheduler_driver = {{ neutron_driver_network_scheduler }}
router_scheduler_driver = {{ neutron_driver_router_scheduler }}
loadbalancer_pool_scheduler_driver = {{ neutron_driver_loadbalancer_pool_scheduler }}
{% if neutron_ceilometer_enabled %}
notification_driver = messagingv2
{% endif %}
# Schedulers
network_auto_schedule = True
router_auto_schedule = True
# Distributed virtual routing
router_distributed = {{ neutron_plugins[neutron_plugin_type].router_distributed | default('False') }}
# Agents
agent_down_time = {{ neutron_agent_down_time }}
{% set num_agent = groups[neutron_services['neutron-dhcp-agent']['group']] | length %}
{% if neutron_plugin_type.split('.')[0] == 'ml2' and num_agent >= 2 %}
{% if neutron_services['neutron-linuxbridge-agent']['service_en'] | bool %}
{% set max_l3_router = num_agent if num_agent > 2 else 2 %}
{% set min_l3_router = num_agent if (num_agent > 2 and num_agent < max_l3_router) else 2 %}
# L3HA
l3_ha = True
l3_ha_net_cidr = {{ neutron_l3_ha_net_cidr }}
min_l3_agents_per_router = {{ min_l3_router }}
max_l3_agents_per_router = {{ max_l3_router }}
ha_network_type = {{ neutron_provider_networks.network_mappings_list[0].split(':')[0] }}
ha_network_physical_name = {{ neutron_provider_networks.network_mappings_list[0].split(':')[-1] }}
{% endif %}
{% endif %}
# API
bind_port = 9696
bind_host = 0.0.0.0
# Workers
api_workers = {{ neutron_api_workers | default(api_threads) }}
rpc_workers = {{ neutron_rpc_workers }}
{% set dhcp_agents_max = num_agent if num_agent > 2 else 2 %}
# DHCP
dhcp_agent_notification = True
dhcp_agents_per_network = {{ dhcp_agents_max }}
dhcp_lease_duration = 86400
# Nova notifications
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
send_events_interval = 2
nova_url = {{ nova_service_adminurl|replace('/%(tenant_id)s', '') }}
## Rpc all
rpc_backend = {{ neutron_rpc_backend }}
executor_thread_pool_size = {{ neutron_rpc_thread_pool_size }}
rpc_conn_pool_size = {{ neutron_rpc_conn_pool_size }}
rpc_response_timeout = {{ neutron_rpc_response_timeout }}
[nova]
auth_plugin = {{ nova_keystone_auth_plugin }}
auth_url = {{ keystone_service_adminurl }}
region_name = {{ nova_service_region }}
project_domain_id = {{ nova_service_project_domain_id }}
user_domain_id = {{ nova_service_user_domain_id }}
project_name = {{ nova_service_project_name }}
username = {{ nova_service_user_name }}
password = {{ nova_service_password }}
endpoint_type = internal
# Quotas
[quotas]
quota_driver = {{ neutron_driver_quota }}
quota_items = network,subnet,port
default_quota = {{ neutron_default_quota }}
quota_floatingip = {{ neutron_quota_floatingip }}
quota_health_monitor = {{ neutron_quota_health_monitor }}
quota_member = {{ neutron_quota_member }}
quota_network = {{ neutron_quota_network }}
quota_network_gateway = {{ neutron_quota_network_gateway }}
quota_packet_filter = {{ neutron_quota_packet_filter }}
quota_pool = {{ neutron_quota_pool }}
quota_port = {{ neutron_quota_port }}
quota_router = {{ neutron_quota_router }}
quota_security_group = {{ neutron_quota_security_group }}
quota_security_group_rule = {{ neutron_quota_security_group_rule }}
quota_subnet = {{ neutron_quota_subnet }}
quota_vip = {{ neutron_quota_vip }}
# Keystone authentication
[keystone_authtoken]
insecure = {{ keystone_service_internaluri_insecure | bool }}
auth_plugin = {{ neutron_keystone_auth_plugin }}
signing_dir = /var/cache/neutron
auth_url = {{ keystone_service_adminuri }}
auth_uri = {{ keystone_service_internaluri }}
project_domain_id = {{ neutron_service_project_domain_id }}
user_domain_id = {{ neutron_service_user_domain_id }}
project_name = {{ neutron_service_project_name }}
username = {{ neutron_service_user_name }}
password = {{ neutron_service_password }}
memcached_servers = {{ memcached_servers }}
token_cache_time = 300
revocation_cache_time = 60
# Prevent cache poisoning if sharing a memcached server
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcached_encryption_key }}
# Enable if your keystone deployment uses PKI and you prefer security over
# performance (disable by default)
check_revocations_for_cached = False
# Database
[database]
connection = mysql+pymysql://{{ neutron_galera_user }}:{{ neutron_container_mysql_password }}@{{ neutron_galera_address }}/{{ neutron_galera_database }}?charset=utf8
max_overflow = {{ neutron_db_max_overflow }}
max_pool_size = {{ neutron_db_pool_size }}
pool_timeout = {{ neutron_db_pool_timeout }}
# Service providers
[service_providers]
{% if neutron_lbaas | bool %}
service_provider = LOADBALANCER:Haproxy:neutron_lbaas.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
{% elif neutron_lbaasv2 | bool %}
service_provider = LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
{% endif %}
{% if neutron_vpnaas| bool %}
service_provider = VPN:openswan:neutron_vpnaas.services.vpn.service_drivers.ipsec.IPsecVPNDriver:default
{% endif %}
{% endif %}
{% if neutron_fwaas | bool and neutron_plugin_type != 'plumgrid' %}
[fwaas]
enabled = true
driver = neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver
{% endif %}
# Agent
[agent]
polling_interval = {{ neutron_agent_polling_interval|default(5) }}
report_interval = {{ neutron_report_interval|int }}
root_helper = sudo {{ neutron_bin }}/neutron-rootwrap /etc/neutron/rootwrap.conf
# Messaging service
[oslo_messaging_rabbit]
rabbit_port = {{ neutron_rabbitmq_port }}
rabbit_userid = {{ neutron_rabbitmq_userid }}
rabbit_password = {{ neutron_rabbitmq_password }}
rabbit_virtual_host = {{ neutron_rabbitmq_vhost }}
rabbit_hosts = {{ neutron_rabbitmq_servers }}
rabbit_use_ssl = {{ neutron_rabbitmq_use_ssl }}
# Concurrency (locking mechanisms)
[oslo_concurrency]
lock_path = /var/lock/neutron
View Git Blame Copy Permalink