64575519aa
This implements a global toggle `om_enable_rabbitmq_quorum_queues` to enable quorum queues for each service in RabbitMQ, similar to what was done for HA[0]. Quorum Queues are enabled by default. Quorum queues are more reliable, safer, simpler and faster than replicated mirrored classic queues[1]. Mirrored classic queues are deprecated and scheduled for removal in RabbitMQ 4.0[2]. Notice, that we do not need a new policy in the RabbitMQ definitions template, because their usage is enabled on the client side and can't be set using a policy[3]. Notice also, that quorum queues are not yet enabled in oslo.messaging for the usage of reply_ and fanout_ queues (transient queues). This will change once[4] is merged. [0]: https://review.opendev.org/c/openstack/kolla-ansible/+/867771 [1]: https://www.rabbitmq.com/quorum-queues.html [2]: https://blog.rabbitmq.com/posts/2021/08/4.0-deprecation-announcements/ [3]: https://www.rabbitmq.com/quorum-queues.html#declaring [4]: https://review.opendev.org/c/openstack/oslo.messaging/+/888479 Signed-off-by: Sven Kieske <kieske@osism.tech> Change-Id: I6c033d460a5c9b93c346e9e47e93b159d3c27830
225 lines
7.0 KiB
Django/Jinja
225 lines
7.0 KiB
Django/Jinja
# neutron.conf
|
|
[DEFAULT]
|
|
debug = {{ neutron_logging_debug }}
|
|
|
|
log_dir = /var/log/kolla/neutron
|
|
|
|
# NOTE(elemoine): set use_stderr to False or the logs will also be sent to
|
|
# stderr and collected by Docker
|
|
use_stderr = False
|
|
{% if neutron_enable_tls_backend | bool %}
|
|
bind_host = 127.0.0.1
|
|
{% else %}
|
|
bind_host = {{ api_interface_address }}
|
|
{% endif %}
|
|
|
|
bind_port = {{ neutron_server_listen_port }}
|
|
|
|
api_paste_config = /etc/neutron/api-paste.ini
|
|
|
|
api_workers = {{ neutron_api_workers }}
|
|
rpc_workers = {{ openstack_service_rpc_workers }}
|
|
rpc_state_report_workers = {{ openstack_service_rpc_workers }}
|
|
|
|
# NOTE(SamYaple): We must specify this value here rather than the metadata conf
|
|
# because it is used by the l3 and dhcp agents. The reason the path has 'kolla'
|
|
# in it is because we are sharing this socket in a volume which is it's own dir
|
|
metadata_proxy_socket = /var/lib/neutron/kolla/metadata_proxy
|
|
|
|
{% if neutron_plugin_agent == "openvswitch" or (neutron_plugin_agent == "ovn" and neutron_ovn_dhcp_agent | bool) %}
|
|
interface_driver = openvswitch
|
|
{% elif neutron_plugin_agent == "linuxbridge" %}
|
|
interface_driver = linuxbridge
|
|
{% endif %}
|
|
|
|
{% if enable_nova_fake | bool %}
|
|
ovs_integration_bridge = br-int-{{ item }}
|
|
host = {{ ansible_facts.hostname }}_{{ item }}
|
|
{% endif %}
|
|
|
|
{% if neutron_plugin_agent == 'vmware_nsxv' %}
|
|
core_plugin = vmware_nsx.plugin.NsxVPlugin
|
|
{% elif neutron_plugin_agent == 'vmware_nsxv3' %}
|
|
core_plugin = vmware_nsx.plugin.NsxV3Plugin
|
|
dhcp_agent_notification = False
|
|
{% elif neutron_plugin_agent == 'vmware_nsxp' %}
|
|
core_plugin = vmware_nsx.plugin.NsxPolicyPlugin
|
|
dhcp_agent_notification = False
|
|
{% elif neutron_plugin_agent == 'vmware_dvs' %}
|
|
core_plugin = vmware_nsx.plugin.NsxDvsPlugin
|
|
{% else %}
|
|
core_plugin = ml2
|
|
service_plugins = {{ neutron_service_plugins|map(attribute='name')|join(',') }}
|
|
{% endif %}
|
|
|
|
{% if enable_neutron_agent_ha | bool %}
|
|
dhcp_agents_per_network = {{ dhcp_agents_per_network }}
|
|
l3_ha = true
|
|
max_l3_agents_per_router = {{ max_l3_agents_per_router }}
|
|
{% endif %}
|
|
|
|
transport_url = {{ rpc_transport_url }}
|
|
|
|
{% if enable_neutron_dvr | bool %}
|
|
router_distributed = True
|
|
{% endif %}
|
|
|
|
{% if enable_designate | bool %}
|
|
{% if designate_ns_record is string %}
|
|
dns_domain = {{ designate_ns_record }}.
|
|
{% endif %}
|
|
external_dns_driver = designate
|
|
{% if neutron_plugin_agent == 'vmware_nsxv' %}
|
|
nsx_extension_drivers = vmware_nsxv_dns
|
|
{% elif neutron_plugin_agent == 'vmware_nsxv3' %}
|
|
nsx_extension_drivers = vmware_nsxv3_dns
|
|
{% elif neutron_plugin_agent == 'vmware_nsxp' %}
|
|
nsx_extension_drivers = vmware_nsxp_dns
|
|
{% elif neutron_plugin_agent == 'vmware_dvs' %}
|
|
nsx_extension_drivers = vmware_dvs_dns
|
|
{% endif %}
|
|
{% endif %}
|
|
|
|
ipam_driver = {{ neutron_ipam_driver }}
|
|
|
|
[nova]
|
|
auth_url = {{ keystone_internal_url }}
|
|
auth_type = password
|
|
project_domain_id = {{ default_project_domain_id }}
|
|
user_domain_id = {{ default_user_domain_id }}
|
|
region_name = {{ openstack_region_name }}
|
|
project_name = service
|
|
username = {{ nova_keystone_user }}
|
|
password = {{ nova_keystone_password }}
|
|
endpoint_type = internal
|
|
cafile = {{ openstack_cacert }}
|
|
|
|
[oslo_middleware]
|
|
enable_proxy_headers_parsing = True
|
|
|
|
[oslo_concurrency]
|
|
lock_path = /var/lib/neutron/tmp
|
|
|
|
[agent]
|
|
root_helper = sudo neutron-rootwrap /etc/neutron/rootwrap.conf
|
|
|
|
[database]
|
|
connection = mysql+pymysql://{{ neutron_database_user }}:{{ neutron_database_password }}@{{ neutron_database_address }}/{{ neutron_database_name }}
|
|
connection_recycle_time = {{ database_connection_recycle_time }}
|
|
max_pool_size = {{ database_max_pool_size }}
|
|
max_retries = -1
|
|
|
|
[keystone_authtoken]
|
|
service_type = network
|
|
www_authenticate_uri = {{ keystone_internal_url }}
|
|
auth_url = {{ keystone_internal_url }}
|
|
auth_type = password
|
|
project_domain_id = {{ default_project_domain_id }}
|
|
user_domain_id = {{ default_user_domain_id }}
|
|
project_name = service
|
|
username = {{ neutron_keystone_user }}
|
|
password = {{ neutron_keystone_password }}
|
|
cafile = {{ openstack_cacert }}
|
|
region_name = {{ openstack_region_name }}
|
|
|
|
memcache_security_strategy = ENCRYPT
|
|
memcache_secret_key = {{ memcache_secret_key }}
|
|
|
|
memcached_servers = {% for host in groups['memcached'] %}{{ 'api' | kolla_address(host) | put_address_in_context('memcache') }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
|
|
|
[oslo_messaging_notifications]
|
|
transport_url = {{ notify_transport_url }}
|
|
{% if neutron_enabled_notification_topics %}
|
|
driver = messagingv2
|
|
topics = {{ neutron_enabled_notification_topics | map(attribute='name') | join(',') }}
|
|
{% else %}
|
|
driver = noop
|
|
{% endif %}
|
|
|
|
[oslo_messaging_rabbit]
|
|
heartbeat_in_pthread = false
|
|
{% if om_enable_rabbitmq_tls | bool %}
|
|
ssl = true
|
|
ssl_ca_file = {{ om_rabbitmq_cacert }}
|
|
{% endif %}
|
|
{% if om_enable_rabbitmq_high_availability | bool %}
|
|
amqp_durable_queues = true
|
|
{% endif %}
|
|
{% if om_enable_rabbitmq_quorum_queues | bool %}
|
|
rabbit_quorum_queue = true
|
|
{% endif %}
|
|
|
|
{% if neutron_policy_file is defined %}
|
|
[oslo_policy]
|
|
policy_file = {{ neutron_policy_file }}
|
|
{% endif %}
|
|
|
|
{% if enable_neutron_sfc | bool %}
|
|
[sfc]
|
|
drivers = ovs
|
|
|
|
[flowclassifier]
|
|
drivers = ovs
|
|
{% endif %}
|
|
|
|
{% if enable_designate | bool %}
|
|
[designate]
|
|
url = {{ designate_internal_endpoint }}/v2
|
|
auth_uri = {{ keystone_internal_url }}
|
|
auth_url = {{ keystone_internal_url }}
|
|
auth_type = password
|
|
project_domain_id = {{ default_project_domain_id }}
|
|
user_domain_id = {{ default_user_domain_id }}
|
|
project_name = service
|
|
username = {{ designate_keystone_user }}
|
|
password = {{ designate_keystone_password }}
|
|
allow_reverse_dns_lookup = True
|
|
ipv4_ptr_zone_prefix_size = 24
|
|
ipv6_ptr_zone_prefix_size = 116
|
|
cafile = {{ openstack_cacert }}
|
|
region_name = {{ openstack_region_name }}
|
|
{% endif %}
|
|
|
|
{% if enable_osprofiler | bool %}
|
|
[profiler]
|
|
enabled = true
|
|
trace_sqlalchemy = true
|
|
hmac_keys = {{ osprofiler_secret }}
|
|
connection_string = {{ osprofiler_backend_connection_string }}
|
|
{% endif %}
|
|
|
|
[placement]
|
|
auth_type = password
|
|
auth_url = {{ keystone_internal_url }}
|
|
username = {{ placement_keystone_user }}
|
|
password = {{ placement_keystone_password }}
|
|
user_domain_name = {{ default_user_domain_name }}
|
|
project_name = service
|
|
project_domain_name = {{ default_project_domain_name }}
|
|
endpoint_type = internal
|
|
cafile = {{ openstack_cacert }}
|
|
region_name = {{ openstack_region_name }}
|
|
|
|
[privsep]
|
|
helper_command=sudo neutron-rootwrap /etc/neutron/rootwrap.conf privsep-helper
|
|
|
|
{% if enable_neutron_infoblox_ipam_agent | bool %}
|
|
[infoblox]
|
|
keystone_admin_project_domain_id = {{ default_project_domain_id }}
|
|
keystone_admin_user_domain_id = {{ default_user_domain_id }}
|
|
keystone_admin_project_name = service
|
|
keystone_admin_username = {{ neutron_keystone_user }}
|
|
keystone_admin_password = {{ neutron_keystone_password }}
|
|
keystone_auth_uri = {{ keystone_internal_url }}
|
|
keystone_auth_version = v3
|
|
cloud_data_center_id = {{ infoblox_cloud_data_center_id }}
|
|
|
|
[infoblox-dc:{{ infoblox_cloud_data_center_id }}]
|
|
grid_master_host = {{ infoblox_grid_master_host }}
|
|
grid_master_name = {{ infoblox_grid_master_name }}
|
|
admin_user_name = {{ infoblox_admin_user_name }}
|
|
admin_password = {{ infoblox_admin_password }}
|
|
wapi_version = {{ infoblox_wapi_version }}
|
|
wapi_max_results = {{ infoblox_wapi_max_results }}
|
|
{% endif %}
|