openstack-ansible-os_nova/templates/nova.conf.j2

# {{ ansible_managed }}

[DEFAULT]
# Disable stderr logging
use_stderr = False
# Logs / State
debug = {{ debug }}
fatal_deprecations = {{ nova_fatal_deprecations }}
log_dir = /var/log/nova
state_path = {{ nova_system_home_folder }}
rootwrap_config = /etc/nova/rootwrap.conf
service_down_time = 120
default_schedule_zone = {{ nova_default_schedule_zone }}

# Scheduler
cpu_allocation_ratio = {{ nova_cpu_allocation_ratio }}
disk_allocation_ratio = {{ nova_disk_allocation_ratio }}
ram_allocation_ratio = {{ nova_ram_allocation_ratio }}
reserved_host_disk_mb = {{ nova_reserved_host_disk_mb }}
reserved_host_memory_mb = {{ nova_reserved_host_memory_mb }}

# Compute
compute_driver = {{ nova_compute_driver }}
instance_name_template = instance-%08x
instances_path = {{ nova_system_home_folder }}/instances
allow_resize_to_same_host = True
image_cache_manager_interval = {{ nova_image_cache_manager_interval }}
resume_guests_state_on_host_boot = {{ nova_resume_guests_state_on_host_boot }}

{% if nova_console_user_ssl_cert is defined and nova_console_user_ssl_key is defined and inventory_hostname in groups['nova_console'] %}
# Console SSL keys
ssl_only = true
cert = {{ nova_console_ssl_cert }}
key = {{ nova_console_ssl_key }}
{% endif %}

# Api's
enabled_apis = {{ nova_enabled_apis }}
osapi_compute_workers = {{ nova_osapi_compute_workers | default(nova_api_threads) }}

# Rpc all
transport_url = rabbit://{% for host in nova_rabbitmq_servers.split(',') %}{{ nova_rabbitmq_userid }}:{{ nova_rabbitmq_password }}@{{ host }}:{{ nova_rabbitmq_port }}{% if not loop.last %},{% else %}/{{ nova_rabbitmq_vhost }}{% endif %}{% endfor %}

executor_thread_pool_size = {{ nova_rpc_thread_pool_size }}
rpc_response_timeout = {{ nova_rpc_response_timeout }}

# Metadata
metadata_host = {{ nova_metadata_host }}
metadata_port = {{ nova_metadata_port }}
metadata_workers = {{ nova_metadata_workers | default(nova_api_threads) }}

# Network
dhcpbridge_flagfile = /etc/nova/nova.conf
firewall_driver = {{ nova_firewall_driver }}
my_ip = {% if nova_management_address == 'localhost' %}127.0.0.1{% else %}{{ nova_management_address }}{% endif %}

default_floating_pool = public

## Vif
linuxnet_interface_driver = {{ nova_linuxnet_interface_driver }}
{% if nova_virt_type in ['kvm', 'lxd', 'qemu', 'xen'] %}
libvirt_vif_type = ethernet
{% endif %}
vif_plugging_timeout = 10
vif_plugging_is_fatal = False

{% if nova_pci_passthrough_whitelist  %}
# PCI Passthrough
pci_passthrough_whitelist = "{{ nova_pci_passthrough_whitelist }}"
{% endif %}

# Hypervisor
default_ephemeral_format = ext4

{% if nova_virt_type == 'powervm' %}
injected_network_template = /etc/nova/nova-interfaces-template
{% endif %}

# Configdrive
force_config_drive = {{ nova_force_config_drive }}

# Ceilometer notification configurations
{% if nova_ceilometer_enabled %}
instance_usage_audit = True
instance_usage_audit_period = hour
notify_on_state_change = vm_and_task_state
{% endif %}

# Notifications
{% if nova_ceilometer_enabled or nova_designate_enabled %}
[oslo_messaging_notifications]
{% set notification_topics = [] %}
{% if neutron_ceilometer_enabled %}
{%   set _ = notification_topics.append('notifications') %}
{% endif %}
{% if neutron_designate_enabled %}
{%   set _ = notification_topics.append(nova_notifications_designate) %}
{% endif %}
notification_topics = {{ notification_topics | join(',') }}
driver = messagingv2
transport_url = rabbit://{% for host in nova_rabbitmq_telemetry_servers.split(',') %}{{ nova_rabbitmq_telemetry_userid }}:{{ nova_rabbitmq_telemetry_password }}@{{ host }}:{{ nova_rabbitmq_telemetry_port }}{% if not loop.last %},{% else %}/{{ nova_rabbitmq_telemetry_vhost }}{% endif %}{% endfor %}
{% endif %}

# Cache
[cache]
enabled = true
backend = oslo_cache.memcache_pool
memcache_servers = {{ memcached_servers }}


# Cinder
[cinder]
catalog_info = volumev2:cinderv2:internalURL
cross_az_attach = {{ nova_cross_az_attach }}
os_region_name = {{ nova_service_region }}


{% if nova_console_type == 'spice' %}
[spice]
agent_enabled = {{ nova_console_agent_enabled }}
enabled = {{ nova_console_agent_enabled }}
keymap = {{ nova_spice_console_keymap }}
# Console Url and binds
html5proxy_base_url = {{ nova_spice_html5proxy_base_url }}
server_listen = {% if nova_management_address == 'localhost' %}127.0.0.1{% else %}{{ nova_management_address }}{% endif %}

server_proxyclient_address = {% if nova_management_address == 'localhost' %}127.0.0.1{% else %}{{ nova_management_address }}{% endif %}


[vnc]
enabled = False

{% elif nova_console_type == 'novnc' %}
[vnc]
enabled = {{ nova_novncproxy_agent_enabled }}
keymap = {{ nova_novncproxy_vnc_keymap }}
novncproxy_base_url = {{ nova_novncproxy_base_url }}
vncserver_listen = {{ nova_novncproxy_vncserver_listen }}
vncserver_proxyclient_address = {{ nova_novncproxy_vncserver_proxyclient_address }}

{% endif %}

# Glance
[glance]
api_servers = {{ nova_glance_api_servers }}

# Neutron
[neutron]
url = {{ neutron_service_adminurl }}
region_name = {{ neutron_service_region }}
auth_type = password
# Keystone client plugin password option
password = {{ neutron_service_password }}
# Keystone client plugin username option
username = {{ neutron_service_user_name }}
project_name = {{ neutron_service_project_name }}
user_domain_name = {{ neutron_service_domain_name |default("Default") }}
project_domain_name = {{ neutron_service_domain_name |default("Default") }}
# Keystone client plugin authentication URL option
auth_url = {{ keystone_service_adminurl }}
insecure = {{ keystone_service_adminuri_insecure | bool }}
metadata_proxy_shared_secret = {{ nova_metadata_proxy_secret }}
service_metadata_proxy = {{ nova_metadata_proxy_enabled }}
{% if nova_network_services[nova_network_type]['ovs_bridge'] is defined %}
ovs_bridge = {{ nova_network_services[nova_network_type]['ovs_bridge'] }}
{% endif %}

{% if nova_placement_service_enabled | bool %}
# Placement
[placement]
os_region_name = {{ nova_placement_service_region }}
os_interface = {{ nova_placement_service_interface }}
auth_type = "password"
password = {{ nova_placement_service_password }}
username = {{ nova_placement_service_username }}
project_name = {{ nova_placement_service_project_name }}
user_domain_name = {{ nova_placement_service_user_domain_id }}
project_domain_name = {{ nova_placement_service_project_domain_id }}
auth_url = {{ keystone_service_adminurl }}
insecure = {{ keystone_service_adminuri_insecure | bool }}
{% endif %}

[conductor]
workers = {{ nova_conductor_workers | default(nova_api_threads) }}


[keystone_authtoken]
insecure = {{ keystone_service_internaluri_insecure | bool }}
auth_type = {{ nova_keystone_auth_plugin }}
auth_url = {{ keystone_service_adminuri }}
auth_uri = {{ keystone_service_internaluri }}
project_domain_id = {{ nova_service_project_domain_id }}
user_domain_id = {{ nova_service_user_domain_id }}
project_name = {{ nova_service_project_name }}
username = {{ nova_service_user_name }}
password = {{ nova_service_password }}
region_name = {{ keystone_service_region }}

memcached_servers = {{ memcached_servers }}

token_cache_time = 300

# if your memcached server is shared, use these settings to avoid cache poisoning
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcached_encryption_key }}

{% if inventory_hostname in (groups['nova_conductor'] + groups['nova_scheduler'] + groups['nova_api_os_compute'] + groups['nova_api_metadata'] + groups['nova_console'] + groups['nova_api_placement'])%}
[database]
{% if nova_galera_use_ssl | bool %}
connection = mysql+pymysql://{{ nova_galera_user }}:{{ nova_container_mysql_password }}@{{ nova_galera_address }}/{{ nova_galera_database }}?charset=utf8&ssl_ca={{ nova_galera_ssl_ca_cert }}
{% else %}
connection = mysql+pymysql://{{ nova_galera_user }}:{{ nova_container_mysql_password }}@{{ nova_galera_address }}/{{ nova_galera_database }}?charset=utf8
{% endif %}
max_overflow = {{ nova_db_max_overflow }}
max_pool_size = {{ nova_db_max_pool_size }}
pool_timeout = {{ nova_db_pool_timeout }}


[api_database]
connection = mysql+pymysql://{{ nova_api_galera_user }}:{{ nova_api_container_mysql_password }}@{{ nova_api_galera_address }}/{{ nova_api_galera_database }}?charset=utf8
max_overflow = {{ nova_api_db_max_overflow }}
max_pool_size = {{ nova_api_db_max_pool_size }}
pool_timeout = {{ nova_api_db_pool_timeout }}

{% if nova_placement_service_enabled | bool %}
[placement_database]
connection = mysql+pymysql://{{ nova_placement_galera_user }}:{{ nova_placement_container_mysql_password }}@{{ nova_placement_galera_address }}/{{ nova_placement_galera_database }}?charset=utf8
max_overflow = {{ nova_placement_db_max_overflow }}
max_pool_size = {{ nova_placement_db_max_pool_size }}
pool_timeout = {{ nova_placement_db_pool_timeout }}
{% endif %}
{% endif %}

[oslo_concurrency]
lock_path = {{ nova_lock_path }}


[oslo_messaging_rabbit]
rabbit_use_ssl = {{ nova_rabbitmq_use_ssl }}
rpc_conn_pool_size = {{ nova_rpc_conn_pool_size }}


{% if nova_virt_type == 'ironic' %}
[ironic]
username = {{ ironic_service_user_name }}
password = {{ ironic_service_password }}
project_name = {{ ironic_service_project_name }}
user_domain_name = {{ ironic_service_domain_name | default("Default") }}
project_domain_name = {{ ironic_service_domain_name | default("Default") }}
auth_url = {{ keystone_service_adminurl }}
insecure = {{ keystone_service_adminuri_insecure | bool }}
api_endpoint = {{ ironic_service_adminurl }}
auth_type = {{ ironic_keystone_auth_plugin }}

{% endif %}

{% if nova_virt_type in ['kvm', 'qemu', 'xen'] %}
[libvirt]
inject_partition = {{ nova_libvirt_inject_partition }}
inject_password = {{ nova_libvirt_inject_password }}
inject_key = {{ nova_libvirt_inject_key }}
use_virtio_for_bridges = True
cpu_mode = {{ nova_cpu_mode }}
virt_type = {{ nova_virt_type }}
remove_unused_resized_minimum_age_seconds = {{ nova_remove_unused_resized_minimum_age_seconds }}

{% if nova_libvirt_images_rbd_pool is defined %}
# ceph rbd support
rbd_user = {{ nova_ceph_client }}
rbd_secret_uuid = {{ nova_ceph_client_uuid }}
images_type = rbd
images_rbd_pool = {{ nova_libvirt_images_rbd_pool }}
images_rbd_ceph_conf = /etc/ceph/ceph.conf
{% endif %}
hw_disk_discard = {{ nova_libvirt_hw_disk_discard }}
disk_cachemodes = {{ nova_libvirt_disk_cachemodes }}
{% endif %}

{% if nova_barbican_enabled %}
[barbican]
auth_endpoint = {{ keystone_service_internaluri }}/v3

[key_manager]
api_class = castellan.key_manager.barbican_key_manager.BarbicanKeyManager
{% endif %}

[wsgi]
api_paste_config = /etc/nova/api-paste.ini
{% if nova_external_ssl | bool %}
secure_proxy_ssl_header = {{ nova_secure_proxy_ssl_header }}
{% endif %}

[api]
auth_strategy = keystone
enable_instance_password = {{ nova_enable_instance_password }}
use_forwarded_for = {{ nova_network_services[nova_network_type]['use_forwarded_for'] | bool }}

[scheduler]
max_attempts = {{ nova_scheduler_max_attempts }}
scheduler_driver = {{ nova_scheduler_driver }}
periodic_task_interval = {{ nova_scheduler_driver_task_period }}
host_manager = {{ nova_scheduler_host_manager }}
discover_hosts_in_cells_interval = {{ nova_discover_hosts_in_cells_interval }}

[filter_scheduler]
max_instances_per_host = {{ nova_max_instances_per_host }}
max_io_ops_per_host = {{ nova_max_io_ops_per_host }}
ram_weight_multiplier = {{ nova_ram_weight_multiplier }}
available_filters = {{ nova_scheduler_available_filters }}
enabled_filters = {{ nova_scheduler_default_filters }}
host_subset_size = {{ nova_scheduler_host_subset_size }}
weight_classes = {{ nova_scheduler_weight_classes }}
use_baremetal_filters = {{ nova_scheduler_use_baremetal_filters }}
tracks_instance_changes = {{ nova_scheduler_tracks_instance_changes }}

[quota]
cores = {{ nova_quota_cores }}
injected_file_content_bytes = {{ nova_quota_injected_file_content_bytes }}
injected_file_path_length = {{ nova_quota_injected_file_path_length }}
injected_files = {{ nova_quota_injected_files }}
instances = {{ nova_quota_instances }}
key_pairs = {{ nova_quota_key_pairs }}
max_age = {{ nova_max_age }}
metadata_items = {{ nova_quota_metadata_items }}
ram = {{ nova_quota_ram }}
server_group_members = {{ nova_quota_server_group_members }}
server_groups = {{ nova_quota_server_groups }}