# {{ ansible_managed }}

[DEFAULT]
debug = {{ debug }}

auth_strategy = {{ ironic_openstack_auth_strategy }}
enabled_drivers = {{ ironic_driver_list }}
host = {{ inventory_hostname }}

memcached_servers = {{ memcached_servers }}

[agent]

[amt]

[api]

[cimc]

[cisco_ucs]

[conductor]
api_url = {{ ironic_api_url }}
sync_power_state_interval = {{ ironic_sync_power_state_interval }}
automated_clean = {{ ironic_automated_clean }}

[console]

[cors]

[cors.subdomain]

[database]
connection = {{ ironic_db_connection_string }}
max_overflow = {{ ironic_db_max_overflow }}
max_pool_size = {{ ironic_db_max_pool_size }}
pool_timeout = {{ ironic_db_pool_timeout }}

[deploy]

[dhcp]
dhcp_provider = {{ ironic_dhcp_provider }}

[disk_partitioner]

[disk_utils]

[glance]
glance_api_servers = {{ glance_api_servers }}
{% if not ironic_standalone | bool %}
swift_temp_url_key = {{ ironic_swift_temp_url_secret_key }}
swift_container = {{ ironic_swift_image_container }}
swift_endpoint_url = {{ ironic_swift_endpoint }}
swift_account = {{ ironic_swift_auth_account }}
swift_api_version = {{ ironic_swift_api_version }}
temp_url_endpoint_type = swift
{% endif %}

[iboot]

[ilo]

[inspector]

[ipmi]

[irmc]

[ironic_lib]

[keystone]
region_name = {{ ironic_service_region }}

[keystone_authtoken]
insecure = {{ keystone_service_internaluri_insecure | bool }}
auth_type = {{ ironic_keystone_auth_plugin }}
signing_dir = {{ ironic_system_home_folder }}/cache/api
auth_url = {{ keystone_service_adminuri }}
auth_uri = {{ keystone_service_internaluri }}
project_domain_id = {{ ironic_service_project_domain_id }}
user_domain_id = {{ ironic_service_user_domain_id }}
project_name = {{ ironic_service_project_name }}
username = {{ ironic_service_user_name }}
password = {{ ironic_service_password }}

memcached_servers = {{ memcached_servers }}

token_cache_time = 300
revocation_cache_time = 60

# if your memcached server is shared, use these settings to avoid cache poisoning
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcached_encryption_key }}

# if your keystone deployment uses PKI, and you value security over performance:
check_revocations_for_cached = False

[matchmaker_redis]

[neutron]
url = {{ neutron_service_adminurl }}
region_name = {{ neutron_service_region }}
auth_type = password
# Keystone client plugin password option
password = {{ neutron_service_password }}
# Keystone client plugin username option
username = {{ neutron_service_user_name }}
project_name = {{ neutron_service_project_name }}
user_domain_name = {{ neutron_service_domain_name |default("Default") }}
project_domain_name = {{ neutron_service_domain_name |default("Default") }}
# Keystone client plugin authentication URL option
auth_url = {{ keystone_service_adminurl }}
insecure = {{ keystone_service_adminuri_insecure | bool }}

[oneview]

[oslo_concurrency]
lock_path = /var/lock/ironic

[oslo_messaging_amqp]

[oslo_messaging_notifications]

[oslo_messaging_rabbit]
rabbit_port = {{ rabbitmq_port }}
rabbit_userid = {{ ironic_rabbitmq_userid }}
rabbit_password = {{ ironic_rabbitmq_password }}
rabbit_virtual_host = {{ ironic_rabbitmq_vhost }}
rabbit_hosts = {{ rabbitmq_servers }}
rabbit_use_ssl = {{ rabbitmq_use_ssl }}
pool_max_size = {{ ironic_wsgi_processes }}


[oslo_policy]

[pxe]

[seamicro]

[snmp]

[ssh]

[ssl]

[swift]

[virtualbox]