openstack-ansible-os_glance/defaults/main.yml

---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

## Verbosity Options
debug: False

# Set installation method
glance_install_method: "source"

# Set the package install state for distribution and pip packages
# Options are 'present' and 'latest'
glance_package_state: "latest"
glance_pip_package_state: "latest"

glance_git_repo: https://git.openstack.org/openstack/glance
glance_git_install_branch: master
glance_developer_mode: false
glance_developer_constraints:
  - "git+{{ glance_git_repo }}@{{ glance_git_install_branch }}#egg=glance"

# Name of the virtual env to deploy into
glance_venv_tag: untagged
glance_bin: "{{ _glance_bin }}"

# Set the etc dir path where glance is installed.
#  This is used for role access to the db migrations.
#  Example:
#  glance_etc_dir: "/usr/local/etc/glance"
glance_etc_dir: "{{ _glance_etc }}/glance"

# venv_download, even when true, will use the fallback method of building the
# venv from scratch if the venv download fails.
glance_venv_download: "{{ not glance_developer_mode | bool }}"
glance_venv_download_url: http://127.0.0.1/venvs/untagged/ubuntu/glance.tgz

# Enable/Disable Ceilometer
glance_ceilometer_enabled: False

glance_profiler_enabled: False
glance_fatal_deprecations: False

## System info
glance_system_user_name: glance
glance_system_group_name: glance
glance_system_shell: /bin/false
glance_system_comment: glance system user
glance_system_user_home: "/var/lib/{{ glance_system_user_name }}"

## Manually specified nova UID/GID
# Deployers can specify a UID for the glance user as well as the GID for the
# glance group if needed. This is commonly used in environments where shared
# storage is used, such as NFS or GlusterFS, and glance UID/GID values must be
# in sync between multiple servers.
#
# WARNING: Changing these values on an existing deployment can lead to
#          failures, errors, and instability.
#
# glance_system_user_uid: <UID>
# glance_system_group_gid: <GID>

glance_registry_host: "{{ internal_lb_vip_address }}"
glance_default_store: file
glance_additional_stores:
  - http
  - cinder
glance_flavor: "{% if glance_default_store == 'rbd' %}keystone{% else %}keystone+cachemanagement{% endif %}"
glance_show_image_direct_url: "{{ glance_default_store == 'rbd' }}"
glance_show_multiple_locations: "{{ glance_default_store == 'rbd' }}"


## API options
# The v1 API is deprecated and scheduled for removal in Queens.
glance_enable_v1_api: False
glance_enable_v2_api: True
# The v2 API does not require the registry service.
# The registry service is scheduled for removal in the S cycle.
glance_enable_v2_registry: False

## RabbitMQ info

## Oslo Messaging Info

# RPC
glance_oslomsg_rpc_host_group: "{{ oslomsg_rpc_host_group | default('rabbitmq_all') }}"
glance_oslomsg_rpc_setup_host: "{{ (glance_oslomsg_rpc_host_group in groups) | ternary(groups[glance_oslomsg_rpc_host_group][0], 'localhost') }}"
glance_oslomsg_rpc_transport: "{{ oslomsg_rpc_transport | default('rabbit') }}"
glance_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers | default('127.0.0.1') }}"
glance_oslomsg_rpc_port: "{{ oslomsg_rpc_port | default('5672') }}"
glance_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl | default(False) }}"
glance_oslomsg_rpc_userid: glance
glance_oslomsg_rpc_vhost: /glance

# Notify
glance_oslomsg_notify_host_group: "{{ oslomsg_rpc_host_group | default('rabbitmq_all') }}"
glance_oslomsg_notify_setup_host: "{{ (glance_oslomsg_rpc_host_group in groups) | ternary(groups[glance_oslomsg_rpc_host_group][0], 'localhost') }}"
glance_oslomsg_notify_transport: "{{ oslomsg_rpc_transport | default('rabbit') }}"
glance_oslomsg_notify_servers: "{{ oslomsg_rpc_servers | default('127.0.0.1') }}"
glance_oslomsg_notify_port: "{{ oslomsg_rpc_port | default('5672') }}"
glance_oslomsg_notify_use_ssl: "{{ oslomsg_rpc_use_ssl | default(False) }}"
glance_oslomsg_notify_userid: glance
glance_oslomsg_notify_vhost: /glance

## Database info
glance_db_setup_host: "{{ ('galera_all' in groups) | ternary(groups['galera_all'][0], 'localhost') }}"
glance_galera_address: "{{ galera_address | default('127.0.0.1') }}"
glance_galera_database: glance
glance_galera_user: glance
glance_galera_use_ssl: "{{ galera_use_ssl | default(False) }}"
glance_galera_ssl_ca_cert: "{{ galera_ssl_ca_cert | default('/etc/ssl/certs/galera-ca.pem') }}"

glance_role_name: admin
glance_api_bind_address: 0.0.0.0
glance_api_service_port: 9292

glance_registry_bind_address: 0.0.0.0
glance_registry_service_port: 9191

## Service Type and Data
glance_service_region: RegionOne
glance_service_name: glance
glance_service_port: 9292
glance_service_proto: http
glance_service_registry_proto: "{{ glance_service_proto }}"
glance_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(glance_service_proto) }}"
glance_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(glance_service_proto) }}"
glance_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(glance_service_proto) }}"
glance_service_type: image
glance_service_description: "Glance Image Service"
glance_service_user_name: glance
glance_service_project_name: service
glance_service_project_domain_id: default
glance_service_user_domain_id: default
glance_service_publicuri: "{{ glance_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ glance_service_port }}"
glance_service_publicurl: "{{ glance_service_publicuri }}"
glance_service_internaluri: "{{ glance_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ glance_service_port }}"
glance_service_internalurl: "{{ glance_service_internaluri }}"
glance_service_adminuri: "{{ glance_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ glance_service_port }}"
glance_service_adminurl: "{{ glance_service_adminuri }}"

## Enable automatic parsing of X-Forwarded-Proto, etc. headers passed by the
## load balancer.
glance_proxy_headers_parsing: True

## Swift Options
glance_swift_store_auth_address: "{{ keystone_service_internalurl }}"
glance_swift_store_auth_insecure: "{{ keystone_service_internaluri_insecure }}"
glance_swift_store_auth_version: 3
glance_swift_store_user_domain: default
glance_swift_store_project_domain: default
glance_swift_store_user: "service:{{ glance_service_user_name }}"
glance_swift_store_key: "{{ glance_service_password }}"
glance_swift_store_region: "{{ glance_service_region }}"
glance_swift_store_container: glance_images
glance_swift_store_endpoint_type: internalURL
# Set the swift_store_large_objects variables in MB
glance_swift_store_large_object_size: 5120
glance_swift_store_large_object_chunk_size: 200

## Keystone authentication middleware
glance_keystone_auth_plugin: password

## Glance config
glance_image_cache_max_size: 10737418240

# If ``glance_api_workers`` is unset the system will use half the number of available VCPUS to
# compute the number of api workers to use.
# glance_api_workers: 16

# If ``glance_registry_workers`` is unset the system will use half the number of available VCPUS to
# compute the number of api workers to use.
# glance_registry_workers: 16

## Cap the maximum number of threads / workers when a user value is unspecified.
glance_api_threads_max: 16
glance_api_threads: "{{ [[ansible_processor_vcpus|default(2) // 2, 1] | max, glance_api_threads_max] | min }}"

glance_task_executor: taskflow
glance_digest_algorithm: sha256
glance_http_keepalive: True

## Glance policy
glance_policy_file: policy.json
glance_policy_default_rule: default
glance_policy_dirs: policy.d


# Define nfs information to enable nfs shares as mounted directories for
# glance. The ``glance_nfs_client`` value is a list of dictionaries that must
# be filled out completely to enable the persistent NFS mounts.

glance_nfs_client: []

# Example of the expected dict structure:
#
# glance_nfs_client:
#   - server: "127.0.0.1"                   ## Hostname or IP address of NFS Server
#     remote_path: "/images"                ## Remote path from the NFS server's export
#     local_path: "/var/lib/glance/images"  ## Local path on machine
#     type: "nfs"                           ## This can be nfs or nfs4
#     options: "_netdev,auto"               ## Mount options
#     config_overrides: "{}"                ## Override dictionary for unit file

## Policy vars
# Provide a list of access controls to update the default policy.json with. These changes will be merged
# with the access controls in the default policy.json. E.g.
#glance_policy_overrides:
#  "add_image": ""
#  "delete_image": ""

## Ceph rbd Options
glance_ceph_client: glance
glance_rbd_store_pool: images
glance_rbd_store_user: '{{ glance_ceph_client }}'
glance_rbd_store_chunk_size: 8

glance_service_in_ldap: false


# Cinder packages that must be installed before anything else
glance_requires_pip_packages:
  - virtualenv
  - httplib2

# Common pip packages
glance_pip_packages:
  - cryptography
  - glance
  - keystonemiddleware
  - os-brick
  - osprofiler
  - PyMySQL
  - python-cinderclient
  - python-glanceclient
  - python-keystoneclient
  - python-memcached
  - python-swiftclient
  - uwsgi
  - warlock

glance_api_init_overrides: {}
glance_registry_init_overrides: {}

## Service Names
glance_services:
  glance-api:
    group: glance_api
    service_name: glance-api
    init_config_overrides: "{{ glance_api_init_overrides }}"
    start_order: 1
    wsgi_overrides: "{{ glance_api_uwsgi_ini_overrides }}"
    wsgi_app: "{{ not glance_enable_v1_api }}"
    wsgi_name: glance-wsgi-api
    uwsgi_bind_address: "{{ glance_api_bind_address }}"
    uwsgi_port: "{{ glance_api_service_port }}"
    execstarts: >-
       {{ glance_enable_v1_api | ternary(
          glance_bin ~ '/glance-api',
          glance_uwsgi_bin ~ '/uwsgi --autoload --ini /etc/uwsgi/glance-api.ini')
       }}
    execreloads: >-
       {{ glance_enable_v1_api | ternary(
          '/bin/kill -HUP $MAINPID',
          glance_uwsgi_bin ~ '/uwsgi --reload /var/run/glance-api/glance-api.pid')
       }}
  glance-registry:
    group: glance_registry
    service_name: glance-registry
    condition: "{{ glance_enable_v1_api | bool or glance_enable_v2_registry | bool }}"
    init_config_overrides: "{{ glance_registry_init_overrides }}"
    start_order: 2
    execstarts: "{{ _glance_bin }}/glance-registry"

# Glance uWSGI settings
glance_wsgi_processes_max: 16
glance_wsgi_processes: "{{ [[ansible_processor_vcpus|default(1), 1] | max * 2, glance_wsgi_processes_max] | min }}"
glance_wsgi_threads: 1
glance_wsgi_buffer_size: 65535

# This variable is used by the repo_build process to determine
# which host group to check for members of before building the
# pip packages required by this role. The value is picked up
# by the py_pkgs lookup.
glance_role_project_group: glance_all

## Tunable overrides
glance_glance_api_paste_ini_overrides: {}
glance_glance_api_conf_overrides: {}
glance_glance_cache_conf_overrides: {}
glance_glance_manage_conf_overrides: {}
glance_glance_registry_paste_ini_overrides: {}
glance_glance_registry_conf_overrides: {}
glance_glance_scrubber_conf_overrides: {}
glance_glance_scheme_json_overrides: {}
glance_glance_swift_store_conf_overrides: {}
glance_glance_rootwrap_conf_overrides: {}
glance_policy_overrides: {}
glance_api_uwsgi_ini_overrides: {}