openstack/kolla-ansible
Code Issues Proposed changes
8c8dad0187
kolla-ansible/ansible/roles/nova/defaults/main.yml
Matt Crees 6c2aace8d6 Integrate oslo-config-validator 
Regularly, we experience issues in Kolla Ansible deployments because we
use wrong options in OpenStack configuration files. This is because
OpenStack services ignore unknown options. We also need to keep on top
of deprecated options that may be removed in the future. Integrating
oslo-config-validator into Kolla Ansible will greatly help.

Adds a shared role to run oslo-config-validator on each service. Takes
into account that services have multiple containers, and these may also
use multiple config files. Service roles are extended to use this shared
role. Executed with the new command ``kolla-ansible validate-config``.

Change-Id: Ic10b410fc115646d96d2ce39d9618e7c46cb3fbc
2022-12-21 17:19:09 +00:00

273 lines
12 KiB
YAML
Raw Blame History

---
nova_services:
nova-api:
container_name: "nova_api"
group: "nova-api"
image: "{{ nova_api_image_full }}"
enabled: True
privileged: True
volumes: "{{ nova_api_default_volumes + nova_api_extra_volumes }}"
dimensions: "{{ nova_api_dimensions }}"
healthcheck: "{{ nova_api_healthcheck }}"
haproxy:
nova_api:
enabled: "{{ enable_nova }}"
mode: "http"
external: false
port: "{{ nova_api_port }}"
listen_port: "{{ nova_api_listen_port }}"
tls_backend: "{{ nova_enable_tls_backend }}"
nova_api_external:
enabled: "{{ enable_nova }}"
mode: "http"
external: true
port: "{{ nova_api_port }}"
listen_port: "{{ nova_api_listen_port }}"
tls_backend: "{{ nova_enable_tls_backend }}"
nova_metadata:
enabled: "{{ enable_nova }}"
mode: "http"
external: false
port: "{{ nova_metadata_port }}"
listen_port: "{{ nova_metadata_listen_port }}"
tls_backend: "{{ nova_enable_tls_backend }}"
nova_metadata_external:
enabled: "{{ nova_enable_external_metadata }}"
mode: "http"
external: true
port: "{{ nova_metadata_port }}"
listen_port: "{{ nova_metadata_listen_port }}"
tls_backend: "{{ nova_enable_tls_backend }}"
nova-scheduler:
container_name: "nova_scheduler"
group: "nova-scheduler"
image: "{{ nova_scheduler_image_full }}"
enabled: True
volumes: "{{ nova_scheduler_default_volumes + nova_scheduler_extra_volumes }}"
dimensions: "{{ nova_scheduler_dimensions }}"
healthcheck: "{{ nova_scheduler_healthcheck }}"
nova-super-conductor:
container_name: "nova_super_conductor"
group: "nova-super-conductor"
enabled: "{{ enable_cells }}"
image: "{{ nova_super_conductor_image_full }}"
volumes: "{{ nova_super_conductor_default_volumes + nova_super_conductor_extra_volumes }}"
dimensions: "{{ nova_super_conductor_dimensions }}"
healthcheck: "{{ nova_super_conductor_healthcheck }}"
####################
# Config Validate
####################
nova_config_validation:
- generator: "/nova/etc/nova/nova-config-generator.conf"
config: "/etc/nova/nova.conf"
####################
# Database
####################
# These are kept for backwards compatibility, as cell0 references them.
nova_database_name: "nova"
nova_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}nova{% endif %}"
nova_database_address: "{{ database_address | put_address_in_context('url') }}:{{ database_port }}"
nova_cell0_database_name: "{{ nova_database_name }}_cell0"
nova_cell0_database_user: "{{ nova_database_user }}"
nova_cell0_database_address: "{{ nova_database_address }}"
nova_cell0_database_password: "{{ nova_database_password }}"
nova_api_database_name: "nova_api"
nova_api_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}nova_api{% endif %}"
nova_api_database_address: "{{ database_address | put_address_in_context('url') }}:{{ database_port }}"
####################
# Database sharding
####################
nova_database_shard_root_user: "{% if enable_proxysql | bool %}root_shard_{{ nova_database_shard_id }}{% else %}{{ database_user }}{% endif %}"
nova_database_shard:
users:
- user: "{{ nova_database_user }}"
password: "{{ nova_database_password }}"
- user: "{{ nova_api_database_user }}"
password: "{{ nova_api_database_password }}"
rules:
- schema: "{{ nova_database_name }}"
shard_id: "{{ nova_database_shard_id }}"
- schema: "{{ nova_cell0_database_name }}"
shard_id: "{{ nova_database_shard_id }}"
- schema: "{{ nova_api_database_name }}"
shard_id: "{{ nova_database_shard_id }}"
####################
# Docker
####################
nova_tag: "{{ openstack_tag }}"
nova_super_conductor_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/nova-conductor"
nova_super_conductor_tag: "{{ nova_tag }}"
nova_super_conductor_image_full: "{{ nova_super_conductor_image }}:{{ nova_super_conductor_tag }}"
nova_scheduler_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/nova-scheduler"
nova_scheduler_tag: "{{ nova_tag }}"
nova_scheduler_image_full: "{{ nova_scheduler_image }}:{{ nova_scheduler_tag }}"
nova_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/nova-api"
nova_api_tag: "{{ nova_tag }}"
nova_api_image_full: "{{ nova_api_image }}:{{ nova_api_tag }}"
nova_api_dimensions: "{{ default_container_dimensions }}"
nova_scheduler_dimensions: "{{ default_container_dimensions }}"
nova_super_conductor_dimensions: "{{ default_container_dimensions }}"
nova_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
nova_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
nova_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
nova_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
nova_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if nova_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ nova_api_listen_port }} "]
nova_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
nova_api_healthcheck:
interval: "{{ nova_api_healthcheck_interval }}"
retries: "{{ nova_api_healthcheck_retries }}"
start_period: "{{ nova_api_healthcheck_start_period }}"
test: "{% if nova_api_enable_healthchecks | bool %}{{ nova_api_healthcheck_test }}{% else %}NONE{% endif %}"
timeout: "{{ nova_api_healthcheck_timeout }}"
nova_scheduler_enable_healthchecks: "{{ enable_container_healthchecks }}"
nova_scheduler_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
nova_scheduler_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
nova_scheduler_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
nova_scheduler_healthcheck_test: ["CMD-SHELL", "healthcheck_port nova-scheduler {{ om_rpc_port }}"]
nova_scheduler_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
nova_scheduler_healthcheck:
interval: "{{ nova_scheduler_healthcheck_interval }}"
retries: "{{ nova_scheduler_healthcheck_retries }}"
start_period: "{{ nova_scheduler_healthcheck_start_period }}"
test: "{% if nova_scheduler_enable_healthchecks | bool %}{{ nova_scheduler_healthcheck_test }}{% else %}NONE{% endif %}"
timeout: "{{ nova_scheduler_healthcheck_timeout }}"
nova_super_conductor_enable_healthchecks: "{{ enable_container_healthchecks }}"
nova_super_conductor_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
nova_super_conductor_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
nova_super_conductor_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
nova_super_conductor_healthcheck_test: ["CMD-SHELL", "healthcheck_port nova-conductor {{ om_rpc_port }}"]
nova_super_conductor_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
nova_super_conductor_healthcheck:
interval: "{{ nova_super_conductor_healthcheck_interval }}"
retries: "{{ nova_super_conductor_healthcheck_retries }}"
start_period: "{{ nova_super_conductor_healthcheck_start_period }}"
test: "{% if nova_super_conductor_enable_healthchecks | bool %}{{ nova_super_conductor_healthcheck_test }}{% else %}NONE{% endif %}"
timeout: "{{ nova_super_conductor_healthcheck_timeout }}"
nova_api_default_volumes:
- "{{ node_config_directory }}/nova-api/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
- "/lib/modules:/lib/modules:ro"
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/nova' if nova_dev_mode | bool else '' }}"
nova_scheduler_default_volumes:
- "{{ node_config_directory }}/nova-scheduler/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/nova' if nova_dev_mode | bool else '' }}"
nova_super_conductor_default_volumes:
- "{{ node_config_directory }}/nova-super-conductor/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/nova' if nova_dev_mode | bool else '' }}"
# Used by bootstrapping containers.
nova_api_bootstrap_default_volumes:
- "{{ node_config_directory }}/nova-api-bootstrap/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
- "kolla_logs:/var/log/kolla/"
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/nova' if nova_dev_mode | bool else '' }}"
nova_extra_volumes: "{{ default_extra_volumes }}"
nova_api_extra_volumes: "{{ nova_extra_volumes }}"
nova_scheduler_extra_volumes: "{{ nova_extra_volumes }}"
nova_super_conductor_extra_volumes: "{{ nova_extra_volumes }}"
# Used by bootstrapping containers.
nova_api_bootstrap_extra_volumes: "{{ nova_extra_volumes }}"
####################
# OpenStack
####################
nova_internal_base_endpoint: "{{ internal_protocol }}://{{ nova_internal_fqdn | put_address_in_context('url') }}:{{ nova_api_port }}"
nova_public_base_endpoint: "{{ public_protocol }}://{{ nova_external_fqdn | put_address_in_context('url') }}:{{ nova_api_port }}"
nova_legacy_internal_endpoint: "{{ nova_internal_base_endpoint }}/v2/%(tenant_id)s"
nova_legacy_public_endpoint: "{{ nova_public_base_endpoint }}/v2/%(tenant_id)s"
nova_internal_endpoint: "{{ nova_internal_base_endpoint }}/v2.1"
nova_public_endpoint: "{{ nova_public_base_endpoint }}/v2.1"
nova_logging_debug: "{{ openstack_logging_debug }}"
openstack_nova_auth: "{{ openstack_auth }}"
nova_services_require_policy_json:
- nova-api
nova_enable_external_metadata: "no"
nova_api_workers: "{{ openstack_service_workers }}"
nova_superconductor_workers: "{{ openstack_service_workers }}"
nova_metadata_api_workers: "{{ openstack_service_workers }}"
nova_scheduler_workers: "{{ openstack_service_workers }}"
nova_enable_nova_legacy_service: false
####################
# Keystone
####################
nova_ks_services:
- name: "nova_legacy"
type: "compute_legacy"
description: "OpenStack Compute Service (Legacy 2.0)"
endpoints:
- {'interface': 'internal', 'url': '{{ nova_legacy_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ nova_legacy_public_endpoint }}'}
enabled: "{{ nova_enable_nova_legacy_service | bool }}"
- name: "nova"
type: "compute"
description: "OpenStack Compute Service"
endpoints:
- {'interface': 'internal', 'url': '{{ nova_internal_endpoint }}'}
- {'interface': 'public', 'url': '{{ nova_public_endpoint }}'}
nova_ks_users:
- project: "service"
user: "{{ nova_keystone_user }}"
password: "{{ nova_keystone_password }}"
role: "admin"
####################
# Notification
####################
nova_notification_topics:
- name: notifications
enabled: "{{ enable_ceilometer | bool or enable_neutron_infoblox_ipam_agent | bool }}"
- name: "{{ designate_notifications_topic_name }}"
enabled: "{{ designate_enable_notifications_sink | bool }}"
- name: vitrage_notifications
enabled: "{{ enable_vitrage | bool }}"
nova_enabled_notification_topics: "{{ nova_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
####################
# Kolla
####################
nova_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
nova_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
nova_dev_mode: "{{ kolla_dev_mode }}"
nova_source_version: "{{ kolla_source_version }}"
####################
# TLS
####################
nova_enable_tls_backend: "{{ kolla_enable_tls_backend }}"
View Git Blame Copy Permalink