openstack-helm/nova/values.yaml
Artur Korzeniewski aaedb4a150 Neutron: add linuxbridge daemonset and config script
Adding daemonset for Linux bridge. Using node selector
"linuxbridge enabled".

network.backend added in neutron/values.yaml to support scenario for
different SDNs using the same networking software, like OVS is used
for reference Neutron L2 agent, ODL, OVN and SONA. The other option for
network.backend can be linuxbridge and calico.
network.backend impacts configuration of DHCP, L3 and metadata agents.
Those agents are dependent on ovsdb_connection flag (officially it is
placed in openvswitch_agent.ini file).

Added daemonset_lb_agent flag in manifests section. Currently
OVS and LinuxBridge L2 agents can be turned on/off to be deployed.
OVS L2 agent and OVS as a network virtualization SW can be deployed
independently.

Removed conf.neutron.default.neutron.interface_driver, since it was not
used anywhere.

Marked places in neutron/values.yaml where changes are needed in order
to use linuxbridge for:
- neutron.conf interface_driver
- ML2 mechanism driver
- dhcp and l3 agents interface_driver

Added example of neutron values overrides in:
tools/overrides/mvp/neutron-linuxbridge.yaml

Change-Id: I7cdcfaa9a73af392a0d45f7df29b7b3ae3cc4c76
Implements: blueprint support-linux-bridge-on-neutron
2017-08-29 11:51:42 +02:00

1038 lines
31 KiB
YAML

# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Default values for nova.
# This is a YAML-formatted file.
# Declare name/value pairs to be passed into your templates.
# name: value
release_group: null
labels:
agent:
compute:
node_selector_key: openstack-compute-node
node_selector_value: enabled
libvirt:
node_selector_key: openstack-compute-node
node_selector_value: enabled
conductor:
node_selector_key: openstack-control-plane
node_selector_value: enabled
consoleauth:
node_selector_key: openstack-control-plane
node_selector_value: enabled
scheduler:
node_selector_key: openstack-control-plane
node_selector_value: enabled
osapi:
node_selector_key: openstack-control-plane
node_selector_value: enabled
api_metadata:
node_selector_key: openstack-control-plane
node_selector_value: enabled
job:
node_selector_key: openstack-control-plane
node_selector_value: enabled
novncproxy:
node_selector_key: openstack-control-plane
node_selector_value: enabled
images:
test: docker.io/kolla/ubuntu-source-rally:4.0.0
db_init: docker.io/kolla/ubuntu-source-nova-api:3.0.3
db_sync: docker.io/kolla/ubuntu-source-nova-api:3.0.3
ks_user: docker.io/kolla/ubuntu-source-kolla-toolbox:3.0.3
ks_service: docker.io/kolla/ubuntu-source-kolla-toolbox:3.0.3
ks_endpoints: docker.io/kolla/ubuntu-source-kolla-toolbox:3.0.3
api: docker.io/kolla/ubuntu-source-nova-api:3.0.3
conductor: docker.io/kolla/ubuntu-source-nova-conductor:3.0.3
scheduler: docker.io/kolla/ubuntu-source-nova-scheduler:3.0.3
novncproxy: docker.io/kolla/ubuntu-source-nova-novncproxy:3.0.3
novncproxy_assets: docker.io/kolla/ubuntu-source-nova-novncproxy:3.0.3
consoleauth: docker.io/kolla/ubuntu-source-nova-consoleauth:3.0.3
compute: docker.io/kolla/ubuntu-source-nova-compute:3.0.3
libvirt: docker.io/kolla/ubuntu-source-nova-libvirt:3.0.3
bootstrap: docker.io/kolla/ubuntu-source-nova-api:3.0.3
dep_check: docker.io/kolla/ubuntu-source-kubernetes-entrypoint:4.0.0
pull_policy: "IfNotPresent"
bootstrap:
enabled: true
script: null
flavors:
enabled: true
options:
m1_tiny:
name: "m1.tiny"
id: "auto"
ram: 512
disk: 1
vcpus: 1
m1_small:
name: "m1.small"
id: "auto"
ram: 2048
disk: 20
vcpus: 1
m1_medium:
name: "m1.medium"
id: "auto"
ram: 4096
disk: 40
vcpus: 2
m1_large:
name: "m1.large"
id: "auto"
ram: 8192
disk: 80
vcpus: 4
m1_xlarge:
name: "m1.xlarge"
id: "auto"
ram: 16384
disk: 160
vcpus: 8
network:
osapi:
port: 8774
ingress:
public: true
node_port:
enabled: false
port: 30774
metadata:
ip: 10.97.120.234
port: 8775
ingress:
public: true
node_port:
enabled: false
port: 30775
novncproxy:
name: "nova-novncproxy"
node_port:
enabled: false
port: 36080
port: 6080
targetPort: 6080
ceph:
enabled: true
monitors: []
cinder_user: "admin"
cinder_keyring: null
secret_uuid: 457eb676-33da-42ec-9a8c-9293d545c337
libvirt:
listen_addr: 0.0.0.0
log_level: 3
dependencies:
api:
jobs:
- nova-db-sync
- nova-ks-user
- nova-ks-endpoints
services:
- service: oslo_messaging
endpoint: internal
- service: oslo_db
endpoint: internal
- service: identity
endpoint: internal
db_init:
services:
- service: oslo_db
endpoint: internal
db_sync:
jobs:
- nova-db-init
services:
- service: oslo_db
endpoint: internal
bootstrap:
services:
- service: identity
endpoint: internal
- service: compute
endpoint: internal
ks_user:
services:
- service: identity
endpoint: internal
ks_service:
services:
- service: identity
endpoint: internal
ks_endpoints:
jobs:
- nova-ks-service
services:
- service: identity
endpoint: internal
compute:
jobs:
- nova-db-sync
services:
- service: oslo_messaging
endpoint: internal
- service: image
endpoint: internal
- service: compute
endpoint: internal
- service: network
endpoint: internal
daemonset:
# this should be set to corresponding neutron L2 agent
- ovs-agent
libvirt:
jobs:
- nova-db-sync
consoleauth:
jobs:
- nova-db-sync
services:
- service: oslo_messaging
endpoint: internal
- service: oslo_db
endpoint: internal
- service: identity
endpoint: internal
- service: compute
endpoint: internal
scheduler:
jobs:
- nova-db-sync
services:
- service: oslo_messaging
endpoint: internal
- service: oslo_db
endpoint: internal
- service: identity
endpoint: internal
- service: compute
endpoint: internal
conductor:
jobs:
- nova-db-sync
services:
- service: oslo_messaging
endpoint: internal
- service: oslo_db
endpoint: internal
- service: identity
endpoint: internal
- service: compute
endpoint: internal
tests:
service:
- service: image
endpoint: internal
- service: compute
endpoint: internal
- service: network
endpoint: internal
novncproxy:
jobs:
- nova-db-sync
services:
- service: oslo_db
endpoint: internal
console:
# serial | spice | novnc | none
console_kind: novnc
serial:
spice:
novnc:
compute:
# IF blank, search default routing interface
vncserver_proxyclient_interface:
vncproxy:
# IF blank, search default routing interface
vncserver_proxyclient_interface:
conf:
rally_tests:
run_tempest: false
override:
append:
paste:
override:
append:
policy:
os_compute_api:os-admin-actions:discoverable: "@"
os_compute_api:os-admin-actions:reset_state: rule:admin_api
os_compute_api:os-admin-actions:inject_network_info: rule:admin_api
os_compute_api:os-admin-actions: rule:admin_api
os_compute_api:os-admin-actions:reset_network: rule:admin_api
os_compute_api:os-admin-password:discoverable: "@"
os_compute_api:os-admin-password: rule:admin_or_owner
os_compute_api:os-agents: rule:admin_api
os_compute_api:os-agents:discoverable: "@"
os_compute_api:os-aggregates:set_metadata: rule:admin_api
os_compute_api:os-aggregates:add_host: rule:admin_api
os_compute_api:os-aggregates:discoverable: "@"
os_compute_api:os-aggregates:create: rule:admin_api
os_compute_api:os-aggregates:remove_host: rule:admin_api
os_compute_api:os-aggregates:update: rule:admin_api
os_compute_api:os-aggregates:index: rule:admin_api
os_compute_api:os-aggregates:delete: rule:admin_api
os_compute_api:os-aggregates:show: rule:admin_api
os_compute_api:os-assisted-volume-snapshots:create: rule:admin_api
os_compute_api:os-assisted-volume-snapshots:delete: rule:admin_api
os_compute_api:os-assisted-volume-snapshots:discoverable: "@"
os_compute_api:os-attach-interfaces: rule:admin_or_owner
os_compute_api:os-attach-interfaces:discoverable: "@"
os_compute_api:os-attach-interfaces:create: rule:admin_or_owner
os_compute_api:os-attach-interfaces:delete: rule:admin_or_owner
os_compute_api:os-availability-zone:list: rule:admin_or_owner
os_compute_api:os-availability-zone:discoverable: "@"
os_compute_api:os-availability-zone:detail: rule:admin_api
os_compute_api:os-baremetal-nodes:discoverable: "@"
os_compute_api:os-baremetal-nodes: rule:admin_api
context_is_admin: role:admin
admin_or_owner: is_admin:True or project_id:%(project_id)s
admin_api: is_admin:True
network:attach_external_network: is_admin:True
os_compute_api:os-block-device-mapping:discoverable: "@"
os_compute_api:os-block-device-mapping-v1:discoverable: "@"
os_compute_api:os-cells:discoverable: "@"
os_compute_api:os-cells:update: rule:admin_api
os_compute_api:os-cells:create: rule:admin_api
os_compute_api:os-cells: rule:admin_api
os_compute_api:os-cells:sync_instances: rule:admin_api
os_compute_api:os-cells:delete: rule:admin_api
cells_scheduler_filter:DifferentCellFilter: is_admin:True
cells_scheduler_filter:TargetCellFilter: is_admin:True
os_compute_api:os-certificates:discoverable: "@"
os_compute_api:os-certificates:create: rule:admin_or_owner
os_compute_api:os-certificates:show: rule:admin_or_owner
os_compute_api:os-cloudpipe: rule:admin_api
os_compute_api:os-cloudpipe:discoverable: "@"
os_compute_api:os-config-drive:discoverable: "@"
os_compute_api:os-config-drive: rule:admin_or_owner
os_compute_api:os-console-auth-tokens:discoverable: "@"
os_compute_api:os-console-auth-tokens: rule:admin_api
os_compute_api:os-console-output:discoverable: "@"
os_compute_api:os-console-output: rule:admin_or_owner
os_compute_api:os-consoles:create: rule:admin_or_owner
os_compute_api:os-consoles:show: rule:admin_or_owner
os_compute_api:os-consoles:delete: rule:admin_or_owner
os_compute_api:os-consoles:discoverable: "@"
os_compute_api:os-consoles:index: rule:admin_or_owner
os_compute_api:os-create-backup:discoverable: "@"
os_compute_api:os-create-backup: rule:admin_or_owner
os_compute_api:os-deferred-delete:discoverable: "@"
os_compute_api:os-deferred-delete: rule:admin_or_owner
os_compute_api:os-evacuate:discoverable: "@"
os_compute_api:os-evacuate: rule:admin_api
os_compute_api:os-extended-availability-zone: rule:admin_or_owner
os_compute_api:os-extended-availability-zone:discoverable: "@"
os_compute_api:os-extended-server-attributes: rule:admin_api
os_compute_api:os-extended-server-attributes:discoverable: "@"
os_compute_api:os-extended-status:discoverable: "@"
os_compute_api:os-extended-status: rule:admin_or_owner
os_compute_api:os-extended-volumes: rule:admin_or_owner
os_compute_api:os-extended-volumes:discoverable: "@"
os_compute_api:extension_info:discoverable: "@"
os_compute_api:extensions: rule:admin_or_owner
os_compute_api:extensions:discoverable: "@"
os_compute_api:os-fixed-ips:discoverable: "@"
os_compute_api:os-fixed-ips: rule:admin_api
os_compute_api:os-flavor-access:add_tenant_access: rule:admin_api
os_compute_api:os-flavor-access:discoverable: "@"
os_compute_api:os-flavor-access:remove_tenant_access: rule:admin_api
os_compute_api:os-flavor-access: rule:admin_or_owner
os_compute_api:os-flavor-extra-specs:show: rule:admin_or_owner
os_compute_api:os-flavor-extra-specs:create: rule:admin_api
os_compute_api:os-flavor-extra-specs:discoverable: "@"
os_compute_api:os-flavor-extra-specs:update: rule:admin_api
os_compute_api:os-flavor-extra-specs:delete: rule:admin_api
os_compute_api:os-flavor-extra-specs:index: rule:admin_or_owner
os_compute_api:os-flavor-manage: rule:admin_api
os_compute_api:os-flavor-manage:discoverable: "@"
os_compute_api:os-flavor-rxtx: rule:admin_or_owner
os_compute_api:os-flavor-rxtx:discoverable: "@"
os_compute_api:flavors:discoverable: "@"
os_compute_api:flavors: rule:admin_or_owner
os_compute_api:os-floating-ip-dns: rule:admin_or_owner
os_compute_api:os-floating-ip-dns:domain:update: rule:admin_api
os_compute_api:os-floating-ip-dns:discoverable: "@"
os_compute_api:os-floating-ip-dns:domain:delete: rule:admin_api
os_compute_api:os-floating-ip-pools:discoverable: "@"
os_compute_api:os-floating-ip-pools: rule:admin_or_owner
os_compute_api:os-floating-ips: rule:admin_or_owner
os_compute_api:os-floating-ips:discoverable: "@"
os_compute_api:os-floating-ips-bulk:discoverable: "@"
os_compute_api:os-floating-ips-bulk: rule:admin_api
os_compute_api:os-fping:all_tenants: rule:admin_api
os_compute_api:os-fping:discoverable: "@"
os_compute_api:os-fping: rule:admin_or_owner
os_compute_api:os-hide-server-addresses:discoverable: "@"
os_compute_api:os-hide-server-addresses: is_admin:False
os_compute_api:os-hosts:discoverable: "@"
os_compute_api:os-hosts: rule:admin_api
os_compute_api:os-hypervisors:discoverable: "@"
os_compute_api:os-hypervisors: rule:admin_api
os_compute_api:image-metadata:discoverable: "@"
os_compute_api:image-size:discoverable: "@"
os_compute_api:image-size: rule:admin_or_owner
os_compute_api:images:discoverable: "@"
os_compute_api:os-instance-actions:events: rule:admin_api
os_compute_api:os-instance-actions: rule:admin_or_owner
os_compute_api:os-instance-actions:discoverable: "@"
os_compute_api:os-instance-usage-audit-log: rule:admin_api
os_compute_api:os-instance-usage-audit-log:discoverable: "@"
os_compute_api:ips:discoverable: "@"
os_compute_api:ips:show: rule:admin_or_owner
os_compute_api:ips:index: rule:admin_or_owner
os_compute_api:os-keypairs:discoverable: "@"
os_compute_api:os-keypairs:index: rule:admin_api or user_id:%(user_id)s
os_compute_api:os-keypairs:create: rule:admin_api or user_id:%(user_id)s
os_compute_api:os-keypairs:delete: rule:admin_api or user_id:%(user_id)s
os_compute_api:os-keypairs:show: rule:admin_api or user_id:%(user_id)s
os_compute_api:os-keypairs: rule:admin_or_owner
os_compute_api:limits:discoverable: "@"
os_compute_api:limits: rule:admin_or_owner
os_compute_api:os-lock-server:discoverable: "@"
os_compute_api:os-lock-server:lock: rule:admin_or_owner
os_compute_api:os-lock-server:unlock:unlock_override: rule:admin_api
os_compute_api:os-lock-server:unlock: rule:admin_or_owner
os_compute_api:os-migrate-server:migrate: rule:admin_api
os_compute_api:os-migrate-server:discoverable: "@"
os_compute_api:os-migrate-server:migrate_live: rule:admin_api
os_compute_api:os-migrations:index: rule:admin_api
os_compute_api:os-migrations:discoverable: "@"
os_compute_api:os-multinic: rule:admin_or_owner
os_compute_api:os-multinic:discoverable: "@"
os_compute_api:os-multiple-create:discoverable: "@"
os_compute_api:os-networks:discoverable: "@"
os_compute_api:os-networks: rule:admin_api
os_compute_api:os-networks:view: rule:admin_or_owner
os_compute_api:os-networks-associate: rule:admin_api
os_compute_api:os-networks-associate:discoverable: "@"
os_compute_api:os-pause-server:unpause: rule:admin_or_owner
os_compute_api:os-pause-server:discoverable: "@"
os_compute_api:os-pause-server:pause: rule:admin_or_owner
os_compute_api:os-pci:index: rule:admin_api
os_compute_api:os-pci:detail: rule:admin_api
os_compute_api:os-pci:pci_servers: rule:admin_or_owner
os_compute_api:os-pci:show: rule:admin_api
os_compute_api:os-pci:discoverable: "@"
os_compute_api:os-quota-class-sets:show: is_admin:True or quota_class:%(quota_class)s
os_compute_api:os-quota-class-sets:discoverable: "@"
os_compute_api:os-quota-class-sets:update: rule:admin_api
os_compute_api:os-quota-sets:update: rule:admin_api
os_compute_api:os-quota-sets:defaults: "@"
os_compute_api:os-quota-sets:show: rule:admin_or_owner
os_compute_api:os-quota-sets:delete: rule:admin_api
os_compute_api:os-quota-sets:discoverable: "@"
os_compute_api:os-quota-sets:detail: rule:admin_api
os_compute_api:os-remote-consoles: rule:admin_or_owner
os_compute_api:os-remote-consoles:discoverable: "@"
os_compute_api:os-rescue:discoverable: "@"
os_compute_api:os-rescue: rule:admin_or_owner
os_compute_api:os-scheduler-hints:discoverable: "@"
os_compute_api:os-security-group-default-rules:discoverable: "@"
os_compute_api:os-security-group-default-rules: rule:admin_api
os_compute_api:os-security-groups: rule:admin_or_owner
os_compute_api:os-security-groups:discoverable: "@"
os_compute_api:os-server-diagnostics: rule:admin_api
os_compute_api:os-server-diagnostics:discoverable: "@"
os_compute_api:os-server-external-events:create: rule:admin_api
os_compute_api:os-server-external-events:discoverable: "@"
os_compute_api:os-server-groups:discoverable: "@"
os_compute_api:os-server-groups: rule:admin_or_owner
os_compute_api:server-metadata:index: rule:admin_or_owner
os_compute_api:server-metadata:show: rule:admin_or_owner
os_compute_api:server-metadata:create: rule:admin_or_owner
os_compute_api:server-metadata:discoverable: "@"
os_compute_api:server-metadata:update_all: rule:admin_or_owner
os_compute_api:server-metadata:delete: rule:admin_or_owner
os_compute_api:server-metadata:update: rule:admin_or_owner
os_compute_api:os-server-password: rule:admin_or_owner
os_compute_api:os-server-password:discoverable: "@"
os_compute_api:os-server-tags:delete_all: "@"
os_compute_api:os-server-tags:index: "@"
os_compute_api:os-server-tags:update_all: "@"
os_compute_api:os-server-tags:delete: "@"
os_compute_api:os-server-tags:update: "@"
os_compute_api:os-server-tags:show: "@"
os_compute_api:os-server-tags:discoverable: "@"
os_compute_api:os-server-usage: rule:admin_or_owner
os_compute_api:os-server-usage:discoverable: "@"
os_compute_api:servers:index: rule:admin_or_owner
os_compute_api:servers:detail: rule:admin_or_owner
os_compute_api:servers:detail:get_all_tenants: rule:admin_api
os_compute_api:servers:index:get_all_tenants: rule:admin_api
os_compute_api:servers:show: rule:admin_or_owner
os_compute_api:servers:show:host_status: rule:admin_api
os_compute_api:servers:create: rule:admin_or_owner
os_compute_api:servers:create:forced_host: rule:admin_api
os_compute_api:servers:create:attach_volume: rule:admin_or_owner
os_compute_api:servers:create:attach_network: rule:admin_or_owner
os_compute_api:servers:delete: rule:admin_or_owner
os_compute_api:servers:update: rule:admin_or_owner
os_compute_api:servers:confirm_resize: rule:admin_or_owner
os_compute_api:servers:revert_resize: rule:admin_or_owner
os_compute_api:servers:reboot: rule:admin_or_owner
os_compute_api:servers:resize: rule:admin_or_owner
os_compute_api:servers:rebuild: rule:admin_or_owner
os_compute_api:servers:create_image: rule:admin_or_owner
os_compute_api:servers:create_image:allow_volume_backed: rule:admin_or_owner
os_compute_api:servers:start: rule:admin_or_owner
os_compute_api:servers:stop: rule:admin_or_owner
os_compute_api:servers:trigger_crash_dump: rule:admin_or_owner
os_compute_api:servers:discoverable: "@"
os_compute_api:servers:migrations:show: rule:admin_api
os_compute_api:servers:migrations:force_complete: rule:admin_api
os_compute_api:servers:migrations:delete: rule:admin_api
os_compute_api:servers:migrations:index: rule:admin_api
os_compute_api:server-migrations:discoverable: "@"
os_compute_api:os-services: rule:admin_api
os_compute_api:os-services:discoverable: "@"
os_compute_api:os-shelve:shelve: rule:admin_or_owner
os_compute_api:os-shelve:unshelve: rule:admin_or_owner
os_compute_api:os-shelve:shelve_offload: rule:admin_api
os_compute_api:os-shelve:discoverable: "@"
os_compute_api:os-simple-tenant-usage:show: rule:admin_or_owner
os_compute_api:os-simple-tenant-usage:list: rule:admin_api
os_compute_api:os-simple-tenant-usage:discoverable: "@"
os_compute_api:os-suspend-server:resume: rule:admin_or_owner
os_compute_api:os-suspend-server:suspend: rule:admin_or_owner
os_compute_api:os-suspend-server:discoverable: "@"
os_compute_api:os-tenant-networks: rule:admin_or_owner
os_compute_api:os-tenant-networks:discoverable: "@"
os_compute_api:os-used-limits:discoverable: "@"
os_compute_api:os-used-limits: rule:admin_api
os_compute_api:os-user-data:discoverable: "@"
os_compute_api:versions:discoverable: "@"
os_compute_api:os-virtual-interfaces:discoverable: "@"
os_compute_api:os-virtual-interfaces: rule:admin_or_owner
os_compute_api:os-volumes:discoverable: "@"
os_compute_api:os-volumes: rule:admin_or_owner
os_compute_api:os-volumes-attachments:index: rule:admin_or_owner
os_compute_api:os-volumes-attachments:create: rule:admin_or_owner
os_compute_api:os-volumes-attachments:show: rule:admin_or_owner
os_compute_api:os-volumes-attachments:discoverable: "@"
os_compute_api:os-volumes-attachments:update: rule:admin_api
os_compute_api:os-volumes-attachments:delete: rule:admin_or_owner
nova_sudoers:
override:
append:
rootwrap:
override:
append:
rootwrap_filters:
api_metadata:
override:
append:
compute:
override:
append:
network:
override:
append:
libvirtd:
override:
append:
qemu:
override:
append:
nova:
override:
append:
default:
nova:
conf:
default_ephemeral_format: ext4
ram_allocation_ratio: 1.0
disk_allocation_ratio: 1.0
cpu_allocation_ratio: 3.0
force_config_drive: true
state_path: /var/lib/nova
osapi_compute_listen: 0.0.0.0
osapi_compute_listen_port: 8774
osapi_compute_workers: 1
metadata_workers: 1
use_neutron: true
firewall_driver: nova.virt.firewall.NoopFirewallDriver
linuxnet_interface_driver: openvswitch
allow_resize_to_same_host: true
compute_driver: libvirt.LibvirtDriver
my_ip: 0.0.0.0
spice:
serial:
vnc:
nova:
conf:
novncproxy_host: 0.0.0.0
novncproxy_port: 6080
vncserver_listen: 0.0.0.0
# leave blank, this should be set by each compute nodes's ip
vncserver_proxyclient_address:
# set management or lb address
novncproxy_base_url: http://nova-novncproxy:6080/vnc_auto.html
vncproxy:
conf:
# IF blank, search default routing interface's ip
vncserver_listen:
vncserver_proxyclient_address:
conductor:
nova:
conf:
workers: 1
oslo_policy:
oslo:
policy:
policy_file: /etc/nova/policy.yaml
oslo_concurrency:
oslo:
concurrency:
lock_path: /var/lib/nova/tmp
oslo_middleware:
oslo:
middleware:
enable_proxy_headers_parsing: true
glance:
nova:
conf:
num_retries: 3
cinder:
nova:
conf:
catalog_info: volumev2:cinder:internalURL
neutron:
nova:
conf:
metadata_proxy_shared_secret: "password"
service_metadata_proxy: True
auth_type: password
auth_version: v3
region_name: RegionOne
project_name: service
project_domain_name: default
user_domain_name: default
username: neutron
password: password
database:
oslo:
db:
max_retries: -1
api_database:
oslo:
db:
max_retries: -1
keystone_authtoken:
keystonemiddleware:
auth_token:
auth_type: password
auth_version: v3
memcache_security_strategy: ENCRYPT
libvirt:
nova:
conf:
connection_uri: "qemu+tcp://127.0.0.1/system"
images_type: qcow2
images_rbd_pool: vms
images_rbd_ceph_conf: /etc/ceph/ceph.conf
rbd_user: admin
rbd_secret_uuid: 457eb676-33da-42ec-9a8c-9293d545c337
disk_cachemodes: "network=writeback"
hw_disk_discard: unmap
upgrade_levels:
nova:
conf:
compute: auto
cache:
nova:
conf:
enabled: true
backend: oslo_cache.memcache_pool
wsgi:
nova:
conf:
api_paste_config: /etc/nova/api-paste.ini
# Names of secrets used by bootstrap and environmental checks
secrets:
identity:
admin: nova-keystone-admin
user: nova-keystone-user
oslo_db:
admin: nova-db-admin
user: nova-db-user
oslo_db_api:
admin: nova-db-api-admin
user: nova-db-api-user
# typically overriden by environmental
# values, but should include all endpoints
# required by this chart
endpoints:
oslo_db:
auth:
admin:
username: root
password: password
user:
username: nova
password: password
hosts:
default: mariadb
path: /nova
scheme: mysql+pymysql
port:
mysql:
default: 3306
oslo_db_api:
auth:
admin:
username: root
password: password
user:
username: nova
password: password
hosts:
default: mariadb
path: /nova_api
scheme: mysql+pymysql
port:
mysql:
default: 3306
oslo_messaging:
auth:
admin:
username: admin
password: password
user:
username: rabbitmq
password: password
hosts:
default: rabbitmq
path: /
scheme: rabbit
port:
amqp:
default: 5672
oslo_cache:
hosts:
default: memcached
port:
memcache:
default: 11211
identity:
name: keystone
auth:
admin:
region_name: RegionOne
username: admin
password: password
project_name: admin
user_domain_name: default
project_domain_name: default
user:
role: admin
region_name: RegionOne
username: nova
password: password
project_name: service
user_domain_name: default
project_domain_name: default
hosts:
default: keystone-api
public: keystone
path:
default: /v3
scheme:
default: http
port:
admin:
default: 35357
api:
default: 80
image:
name: glance
hosts:
default: glance-api
public: glance
path:
default: null
scheme:
default: http
port:
api:
default: 9292
public: 80
compute:
name: nova
hosts:
default: nova-api
public: nova
path:
default: "/v2/%(tenant_id)s"
scheme:
default: 'http'
port:
api:
default: 8774
public: 80
novncproxy:
default: 6080
compute_metadata:
name: nova
hosts:
default: nova-metadata
public: metadata
path:
default: /
scheme:
default: 'http'
port:
metadata:
default: 8775
public: 80
network:
name: neutron
hosts:
default: neutron-server
public: neutron
path:
default: null
scheme:
default: 'http'
port:
api:
default: 9696
public: 80
pod:
user:
nova:
uid: 1000
affinity:
anti:
type:
default: preferredDuringSchedulingIgnoredDuringExecution
topologyKey:
default: kubernetes.io/hostname
mounts:
nova_compute:
init_container: null
nova_compute:
nova_libvirt:
init_container: null
nova_libvirt:
nova_api_metadata:
init_container: null
nova_api_metadata:
nova_api_osapi:
init_container: null
nova_api_osapi:
nova_consoleauth:
init_container: null
nova_consoleauth:
nova_conductor:
init_container: null
nova_conductor:
nova_scheduler:
init_container: null
nova_scheduler:
nova_bootstrap:
init_container: null
nova_bootstrap:
nova_tests:
init_container: null
nova_tests:
nova_novncproxy:
init_novncproxy: null
nova_novncproxy:
replicas:
api_metadata: 1
osapi: 1
conductor: 1
consoleauth: 1
scheduler: 1
novncproxy: 1
lifecycle:
upgrades:
deployments:
revision_history: 3
pod_replacement_strategy: RollingUpdate
rolling_update:
max_unavailable: 1
max_surge: 3
daemonsets:
pod_replacement_strategy: RollingUpdate
compute:
enabled: true
min_ready_seconds: 0
max_unavailable: 1
libvirt:
enabled: true
min_ready_seconds: 0
max_unavailable: 1
disruption_budget:
metadata:
min_available: 0
osapi:
min_available: 0
termination_grace_period:
metadata:
timeout: 30
osapi:
timeout: 30
resources:
enabled: false
compute:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
libvirt:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
api_metadata:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
api:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
conductor:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
consoleauth:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
scheduler:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
novncproxy:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
jobs:
bootstrap:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
db_init:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
db_sync:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
ks_endpoints:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
ks_service:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
ks_user:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
tests:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
manifests:
configmap_bin: true
configmap_etc: true
daemonset_compute: true
daemonset_libvirt: true
deployment_api_metadata: true
deployment_api_osapi: true
deployment_conductor: true
deployment_consoleauth: true
deployment_novncproxy: true
deployment_scheduler: true
ingress_metadata: true
ingress_osapi: true
job_bootstrap: true
job_db_init: true
job_db_sync: true
job_ks_endpoints: true
job_ks_service: true
job_ks_user: true
pdb_metadata: true
pdb_osapi: true
pod_rally_test: true
secret_db_api: true
secret_db: true
secret_keystone: true
service_ingress_metadata: true
service_ingress_osapi: true
service_metadata: true
service_novncproxy: true
service_osapi: true