summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPedro Alvarez <pedro.alvarez@codethink.co.uk>2015-04-14 09:51:00 (GMT)
committerPedro Alvarez <pedro.alvarez@codethink.co.uk>2015-04-16 16:26:06 (GMT)
commit7a7c07591f05aeb124d229794c04bd933859c61a (patch)
tree7238dac9478e49f48c9cea39ee875a12c39ba090
parent93a6551b87e8a722b7d0f5b851a3c6c1f67da1e8 (diff)
downloaddefinitions-7a7c07591f05aeb124d229794c04bd933859c61a.tar.gz
Openstack: Make Nova configurable
Change-Id: Ia5e2450351359d35fd2aa37b75534178d8305936 Signed-off-by: Pedro Alvarez <pedro.alvarez@codethink.co.uk> Signed-off-by: Francisco Redondo Marchena <francisco.marchena@codethink.co.uk> Signed-off-by: Richard Maw <richard.maw@codethink.co.uk>
-rw-r--r--openstack-nova.configure115
-rw-r--r--openstack/manifest17
-rw-r--r--openstack/usr/lib/systemd/system/openstack-nova-api.service12
-rw-r--r--openstack/usr/lib/systemd/system/openstack-nova-cert.service12
-rw-r--r--openstack/usr/lib/systemd/system/openstack-nova-compute.service13
-rw-r--r--openstack/usr/lib/systemd/system/openstack-nova-conductor.service13
-rw-r--r--openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service12
-rw-r--r--openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service12
-rw-r--r--openstack/usr/lib/systemd/system/openstack-nova-scheduler.service12
-rw-r--r--openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service12
-rw-r--r--openstack/usr/lib/systemd/system/openstack-nova-setup.service9
-rw-r--r--openstack/usr/share/openstack/nova.yml102
-rw-r--r--openstack/usr/share/openstack/nova/nova-compute.conf4
-rw-r--r--openstack/usr/share/openstack/nova/nova.conf112
-rw-r--r--systems/openstack-system-x86_64.morph1
15 files changed, 404 insertions, 54 deletions
diff --git a/openstack-nova.configure b/openstack-nova.configure
new file mode 100644
index 0000000..3605f8b
--- /dev/null
+++ b/openstack-nova.configure
@@ -0,0 +1,115 @@
+#!/bin/sh
+
+# Copyright (C) 2014-2015 Codethink Limited
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program. If not, see <http://www.gnu.org/licenses/>.
+
+set -e
+
+ROOT="$1"
+
+##########################################################################
+
+ln -sf "/usr/lib/systemd/system/openstack-nova-setup.service" \
+ "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-nova-setup.service"
+
+##########################################################################
+# Enable libvirtd and libvirt-guests services
+##########################################################################
+
+wants_dir="$ROOT"/usr/lib/systemd/system/multi-user.target.wants
+mkdir -p "$wants_dir"
+mkdir -p "$ROOT"/var/lock/subsys
+ln -sf ../libvirtd.service "$wants_dir/libvirtd.service"
+
+##########################################################################
+# Change iprange for the interal libvirt to avoid clashes
+# with eth0 ip range
+##########################################################################
+
+sed -i "s/192\.168\.122\./192\.168\.1\./g" \
+ "$ROOT"/etc/libvirt/qemu/networks/default.xml
+
+##########################################################################
+# Check variables
+##########################################################################
+
+
+if [ -z "$NOVA_SERVICE_USER" -a \
+ -z "$NOVA_SERVICE_PASSWORD" -a \
+ -z "$NOVA_DB_USER" -a \
+ -z "$NOVA_DB_PASSWORD" -a \
+ -z "$NOVA_VIRT_TYPE" -a \
+ -z "$NEUTRON_SERVICE_USER" -a \
+ -z "$NEUTRON_SERVICE_PASSWORD" -a \
+ -z "$METADATA_PROXY_SHARED_SECRET" -a \
+ -z "$RABBITMQ_HOST" -a \
+ -z "$RABBITMQ_USER" -a \
+ -z "$RABBITMQ_PASSWORD" -a \
+ -z "$RABBITMQ_PORT" -a \
+ -z "$CONTROLLER_HOST_ADDRESS" -a \
+ -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -a \
+ -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" ]; then
+ # No NOVA options defined, do nothing.
+ exit 0
+fi
+
+if [ -z "$NOVA_SERVICE_USER" -o \
+ -z "$NOVA_SERVICE_PASSWORD" -o \
+ -z "$NOVA_DB_USER" -o \
+ -z "$NOVA_DB_PASSWORD" -o \
+ -z "$NOVA_VIRT_TYPE" -o \
+ -z "$NEUTRON_SERVICE_USER" -o \
+ -z "$NEUTRON_SERVICE_PASSWORD" -o \
+ -z "$METADATA_PROXY_SHARED_SECRET" -o \
+ -z "$RABBITMQ_HOST" -o \
+ -z "$RABBITMQ_USER" -o \
+ -z "$RABBITMQ_PASSWORD" -o \
+ -z "$RABBITMQ_PORT" -o \
+ -z "$CONTROLLER_HOST_ADDRESS" -o \
+ -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -o \
+ -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" ]; then
+ echo Some options required for Nova were defined, but not all.
+ exit 1
+fi
+
+##########################################################################
+# Generate configuration file
+##########################################################################
+
+OPENSTACK_DATA="$ROOT/etc/openstack"
+mkdir -p "$OPENSTACK_DATA"
+
+python <<'EOF' >"$OPENSTACK_DATA/nova.conf"
+import os, sys, yaml
+
+nova_configuration={
+ 'NOVA_SERVICE_USER': os.environ['NOVA_SERVICE_USER'],
+ 'NOVA_SERVICE_PASSWORD': os.environ['NOVA_SERVICE_PASSWORD'],
+ 'NOVA_DB_USER': os.environ['NOVA_DB_USER'],
+ 'NOVA_DB_PASSWORD': os.environ['NOVA_DB_PASSWORD'],
+ 'NOVA_VIRT_TYPE': os.environ['NOVA_VIRT_TYPE'],
+ 'NEUTRON_SERVICE_USER': os.environ['NEUTRON_SERVICE_USER'],
+ 'NEUTRON_SERVICE_PASSWORD': os.environ['NEUTRON_SERVICE_PASSWORD'],
+ 'METADATA_PROXY_SHARED_SECRET': os.environ['METADATA_PROXY_SHARED_SECRET'],
+ 'RABBITMQ_HOST': os.environ['RABBITMQ_HOST'],
+ 'RABBITMQ_USER': os.environ['RABBITMQ_USER'],
+ 'RABBITMQ_PASSWORD': os.environ['RABBITMQ_PASSWORD'],
+ 'RABBITMQ_PORT': os.environ['RABBITMQ_PORT'],
+ 'CONTROLLER_HOST_ADDRESS': os.environ['CONTROLLER_HOST_ADDRESS'],
+ 'MANAGEMENT_INTERFACE_IP_ADDRESS': os.environ['MANAGEMENT_INTERFACE_IP_ADDRESS'],
+ 'KEYSTONE_TEMPORARY_ADMIN_TOKEN': os.environ['KEYSTONE_TEMPORARY_ADMIN_TOKEN'],
+}
+
+yaml.dump(nova_configuration, sys.stdout, default_flow_style=False)
+EOF
diff --git a/openstack/manifest b/openstack/manifest
index 02155ed..6876f1b 100644
--- a/openstack/manifest
+++ b/openstack/manifest
@@ -22,6 +22,14 @@
0100644 0 0 /usr/share/openstack/keystone/keystone.conf
0100644 0 0 /usr/share/openstack/keystone/policy.json
0100644 0 0 /usr/share/openstack/keystone/keystone-paste.ini
+0040755 0 0 /usr/share/openstack/nova
+0100644 0 0 /usr/share/openstack/nova.yml
+0100644 0 0 /usr/share/openstack/nova/logging.conf
+0100644 0 0 /usr/share/openstack/nova/nova.conf
+0100644 0 0 /usr/share/openstack/nova/nova-compute.conf
+0100644 0 0 /usr/share/openstack/nova/policy.json
+0100644 0 0 /usr/share/openstack/nova/cells.json
+0100644 0 0 /usr/share/openstack/nova/api-paste.ini
0040755 0 0 /usr/share/openstack/postgres
0100644 0 0 /usr/share/openstack/postgres/pg_hba.conf
0100644 0 0 /usr/share/openstack/postgres/postgresql.conf
@@ -33,6 +41,15 @@
0100644 0 0 /usr/lib/systemd/system/openstack-glance-setup.service
0100644 0 0 /usr/lib/systemd/system/openstack-glance-api.service
0100644 0 0 /usr/lib/systemd/system/openstack-glance-registry.service
+0100644 0 0 /usr/lib/systemd/system/openstack-nova-setup.service
+0100644 0 0 /usr/lib/systemd/system/openstack-nova-compute.service
+0100644 0 0 /usr/lib/systemd/system/openstack-nova-conductor.service
+0100644 0 0 /usr/lib/systemd/system/openstack-nova-api.service
+0100644 0 0 /usr/lib/systemd/system/openstack-nova-scheduler.service
+0100644 0 0 /usr/lib/systemd/system/openstack-nova-consoleauth.service
+0100644 0 0 /usr/lib/systemd/system/openstack-nova-novncproxy.service
+0100644 0 0 /usr/lib/systemd/system/openstack-nova-cert.service
+0100644 0 0 /usr/lib/systemd/system/openstack-nova-serialproxy.service
0100644 0 0 /usr/lib/systemd/system/rabbitmq-server.service
0100644 0 0 /usr/lib/systemd/system/openstack-cinder-setup.service
0100644 0 0 /usr/lib/systemd/system/openstack-cinder-api.service
diff --git a/openstack/usr/lib/systemd/system/openstack-nova-api.service b/openstack/usr/lib/systemd/system/openstack-nova-api.service
new file mode 100644
index 0000000..8ee9cef
--- /dev/null
+++ b/openstack/usr/lib/systemd/system/openstack-nova-api.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=OpenStack Compute Service (code-named Nova) API server
+After=syslog.target network-online.target
+Wants=network-online.target
+
+[Service]
+Type=simple
+User=nova
+ExecStart=/usr/bin/nova-api --config-file /etc/nova/nova.conf
+
+[Install]
+WantedBy=multi-user.target
diff --git a/openstack/usr/lib/systemd/system/openstack-nova-cert.service b/openstack/usr/lib/systemd/system/openstack-nova-cert.service
new file mode 100644
index 0000000..b2a2e1c
--- /dev/null
+++ b/openstack/usr/lib/systemd/system/openstack-nova-cert.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=OpenStack Nova Cert
+After=syslog.target network-online.target
+Wants=network-online.target
+
+[Service]
+Type=simple
+User=nova
+ExecStart=/usr/bin/nova-cert --config-file /etc/nova/nova.conf
+
+[Install]
+WantedBy=multi-user.target
diff --git a/openstack/usr/lib/systemd/system/openstack-nova-compute.service b/openstack/usr/lib/systemd/system/openstack-nova-compute.service
new file mode 100644
index 0000000..95a3a87
--- /dev/null
+++ b/openstack/usr/lib/systemd/system/openstack-nova-compute.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=OpenStack Compute Service (code-named Nova) compute server
+After=syslog.target network-online.target libvirtd.service
+Wants=network-online.target
+Requires=libvirtd.service
+
+[Service]
+Type=simple
+User=nova
+ExecStart=/usr/bin/nova-compute --config-file /etc/nova/nova.conf --config-file /etc/nova/nova-compute.conf
+
+[Install]
+WantedBy=multi-user.target
diff --git a/openstack/usr/lib/systemd/system/openstack-nova-conductor.service b/openstack/usr/lib/systemd/system/openstack-nova-conductor.service
new file mode 100644
index 0000000..1d2ece6
--- /dev/null
+++ b/openstack/usr/lib/systemd/system/openstack-nova-conductor.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=Database-access support for Compute nodes (nova-conductor)
+After=syslog.target network-online.target libvirtd.service
+Wants=network-online.target
+Requires=libvirtd.service
+
+[Service]
+Type=simple
+User=nova
+ExecStart=/usr/bin/nova-conductor --config-file /etc/nova/nova.conf --logfile /var/log/nova/conductor.log
+
+[Install]
+WantedBy=multi-user.target
diff --git a/openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service b/openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service
new file mode 100644
index 0000000..66442d1
--- /dev/null
+++ b/openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=Openstack Console Auth (nova-consoleauth)
+After=syslog.target network-online.target
+Wants=network-online.target
+
+[Service]
+Type=simple
+User=nova
+ExecStart=/usr/bin/nova-consoleauth --config-file /etc/nova/nova.conf
+
+[Install]
+WantedBy=multi-user.target
diff --git a/openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service b/openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service
new file mode 100644
index 0000000..597f357
--- /dev/null
+++ b/openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=OpenStack Nova NoVNC proxy
+After=syslog.target network-online.target
+Wants=network-online.target
+
+[Service]
+Type=simple
+User=nova
+ExecStart=/usr/bin/nova-novncproxy --config-file /etc/nova/nova.conf --web /usr/share/novnc
+
+[Install]
+WantedBy=multi-user.target
diff --git a/openstack/usr/lib/systemd/system/openstack-nova-scheduler.service b/openstack/usr/lib/systemd/system/openstack-nova-scheduler.service
new file mode 100644
index 0000000..d317b62
--- /dev/null
+++ b/openstack/usr/lib/systemd/system/openstack-nova-scheduler.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=OpenStack Nova Scheduler
+After=syslog.target network-online.target
+Wants=network-online.target
+
+[Service]
+Type=simple
+User=nova
+ExecStart=/usr/bin/nova-scheduler --config-file /etc/nova/nova.conf
+
+[Install]
+WantedBy=multi-user.target
diff --git a/openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service b/openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service
new file mode 100644
index 0000000..2d95c1f
--- /dev/null
+++ b/openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=OpenStack Nova Serial Proxy
+After=syslog.target network-online.target
+Wants=network-online.target
+
+[Service]
+Type=simple
+User=nova
+ExecStart=/usr/bin/nova-serialproxy --config-file /etc/nova/nova.conf
+
+[Install]
+WantedBy=multi-user.target
diff --git a/openstack/usr/lib/systemd/system/openstack-nova-setup.service b/openstack/usr/lib/systemd/system/openstack-nova-setup.service
new file mode 100644
index 0000000..a4ad6ae
--- /dev/null
+++ b/openstack/usr/lib/systemd/system/openstack-nova-setup.service
@@ -0,0 +1,9 @@
+[Unit]
+Description=Run nova-setup Ansible scripts
+After=local-fs.target libvirtd.service openstack-keystone-setup.service postgres-server.service
+
+[Service]
+ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/nova.yml
+
+[Install]
+WantedBy=multi-user.target
diff --git a/openstack/usr/share/openstack/nova.yml b/openstack/usr/share/openstack/nova.yml
new file mode 100644
index 0000000..c1122c6
--- /dev/null
+++ b/openstack/usr/share/openstack/nova.yml
@@ -0,0 +1,102 @@
+---
+- hosts: localhost
+ vars_files:
+ - "/etc/openstack/nova.conf"
+ tasks:
+ - name: Create the nova user.
+ user:
+ name: nova
+ comment: Openstack Nova Daemons
+ shell: /sbin/nologin
+ home: /var/lib/nova
+ groups: libvirt
+ append: yes
+
+ - name: Create the /var folders for nova
+ file:
+ path: "{{ item }}"
+ state: directory
+ owner: nova
+ group: nova
+ with_items:
+ - /var/run/nova
+ - /var/lock/nova
+ - /var/log/nova
+ - /var/lib/nova
+ - /var/lib/nova/instances
+
+ - file: path=/etc/nova state=directory
+ - name: Add the configuration needed for nova in /etc/nova using templates
+ template:
+ src: /usr/share/openstack/nova/{{ item }}
+ dest: /etc/nova/{{ item }}
+ with_lines:
+ - cd /usr/share/openstack/nova && find -type f
+
+ - name: Create nova service user in service tenant
+ keystone_user:
+ user: "{{ NOVA_SERVICE_USER }}"
+ password: "{{ NOVA_SERVICE_PASSWORD }}"
+ tenant: service
+ token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}"
+
+ - name: Assign admin role to nova service user in the service tenant
+ keystone_user:
+ role: admin
+ user: "{{ NOVA_SERVICE_USER }}"
+ tenant: service
+ token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}"
+
+ - name: Add nova endpoint
+ keystone_service:
+ name: nova
+ type: compute
+ description: Openstack Compute Service
+ publicurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s'
+ internalurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s'
+ adminurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s'
+ region: 'regionOne'
+ token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}"
+
+ - name: Create postgresql user for nova
+ postgresql_user:
+ name: "{{ NOVA_DB_USER }}"
+ login_host: "{{ CONTROLLER_HOST_ADDRESS }}"
+ password: "{{ NOVA_DB_PASSWORD }}"
+ sudo: yes
+ sudo_user: nova
+
+ - name: Create database for nova services
+ postgresql_db:
+ name: nova
+ owner: "{{ NOVA_DB_USER }}"
+ login_host: "{{ CONTROLLER_HOST_ADDRESS }}"
+ sudo: yes
+ sudo_user: nova
+
+ - name: Initiate nova database
+ nova_manage:
+ action: dbsync
+ sudo: yes
+ sudo_user: nova
+
+
+
+# [1] Never enable openstack-nova-conductor service in a node with
+# openstack-nova-compute or the security benefits of removing
+# database access from nova-compute will be negated
+#systemctl start openstack-nova-conductor
+ - name: Enable and start openstack-nova services
+ service:
+ name: "{{ item }}"
+ enabled: yes
+ state: started
+ with_items:
+ - openstack-nova-api.service
+ - openstack-nova-cert.service
+ - openstack-nova-compute.service
+ - openstack-nova-consoleauth.service
+ - openstack-nova-novncproxy.service
+ - openstack-nova-scheduler.service
+ - openstack-nova-serialproxy.service
+# - openstack-nova-conductor.service
diff --git a/openstack/usr/share/openstack/nova/nova-compute.conf b/openstack/usr/share/openstack/nova/nova-compute.conf
new file mode 100644
index 0000000..b19de1d
--- /dev/null
+++ b/openstack/usr/share/openstack/nova/nova-compute.conf
@@ -0,0 +1,4 @@
+[DEFAULT]
+compute_driver=libvirt.LibvirtDriver
+[libvirt]
+virt_type={{ NOVA_VIRT_TYPE }}
diff --git a/openstack/usr/share/openstack/nova/nova.conf b/openstack/usr/share/openstack/nova/nova.conf
index abda215..04cec1c 100644
--- a/openstack/usr/share/openstack/nova/nova.conf
+++ b/openstack/usr/share/openstack/nova/nova.conf
@@ -76,23 +76,23 @@
# The RabbitMQ broker address where a single node is used.
# (string value)
-#rabbit_host=localhost
+rabbit_host={{ RABBITMQ_HOST }}
# The RabbitMQ broker port where a single node is used.
# (integer value)
-#rabbit_port=5672
+rabbit_port={{ RABBITMQ_PORT }}
# RabbitMQ HA cluster host:port pairs. (list value)
#rabbit_hosts=$rabbit_host:$rabbit_port
# Connect over SSL for RabbitMQ. (boolean value)
-#rabbit_use_ssl=false
+rabbit_use_ssl=false
# The RabbitMQ userid. (string value)
-#rabbit_userid=guest
+rabbit_userid={{ RABBITMQ_USER }}
# The RabbitMQ password. (string value)
-#rabbit_password=guest
+rabbit_password={{ RABBITMQ_PASSWORD }}
# the RabbitMQ login method (string value)
#rabbit_login_method=AMQPLAIN
@@ -177,7 +177,7 @@
# The messaging driver to use, defaults to rabbit. Other
# drivers include qpid and zmq. (string value)
-#rpc_backend=rabbit
+rpc_backend=rabbit
# The default exchange under which topics are scoped. May be
# overridden by an exchange name specified in the
@@ -241,7 +241,7 @@
#
# IP address of this host (string value)
-#my_ip=10.0.0.1
+my_ip={{ MANAGEMENT_INTERFACE_IP_ADDRESS }}
# Name of this node. This can be an opaque identifier. It is
# not necessarily a hostname, FQDN, or IP address. However,
@@ -290,7 +290,7 @@
# Top-level directory for maintaining nova's state (string
# value)
-#state_path=$pybasedir
+state_path=/var/lib/nova
#
@@ -376,7 +376,7 @@
#periodic_fuzzy_delay=60
# A list of APIs to enable by default (list value)
-#enabled_apis=ec2,osapi_compute,metadata
+enabled_apis=ec2,osapi_compute,metadata
# A list of APIs with enabled SSL (list value)
#enabled_ssl_apis=
@@ -470,7 +470,7 @@
# Path to the rootwrap configuration file to use for running
# commands as root (string value)
-#rootwrap_config=/etc/nova/rootwrap.conf
+rootwrap_config=/etc/nova/rootwrap.conf
# Explicitly specify the temporary working directory (string
# value)
@@ -483,7 +483,7 @@
# File name for the paste.deploy config for nova-api (string
# value)
-#api_paste_config=api-paste.ini
+api_paste_config=api-paste.ini
# A python format string that is used as the template to
# generate log lines. The following values can be formatted
@@ -527,7 +527,7 @@
# The strategy to use for auth: noauth or keystone. (string
# value)
-#auth_strategy=keystone
+auth_strategy=keystone
# Treat X-Forwarded-For as the canonical remote address. Only
# enable this if you have a sanitizing proxy. (boolean value)
@@ -640,7 +640,7 @@
# osapi_compute_extension option with
# nova.api.openstack.compute.contrib.select_extensions (list
# value)
-#osapi_compute_ext_list=
+osapi_compute_extension=nova.api.openstack.compute.contrib.standard_extensions
#
@@ -1078,11 +1078,11 @@
# Template string to be used to generate instance names
# (string value)
-#instance_name_template=instance-%08x
+instance_name_template=instance-%08x
# Template string to be used to generate snapshot names
# (string value)
-#snapshot_name_template=snapshot-%s
+snapshot_name_template=snapshot-%s
#
@@ -1146,7 +1146,7 @@
# The full class name of the network API class to use (string
# value)
-#network_api_class=nova.network.api.API
+network_api_class=nova.network.neutronv2.api.API
#
@@ -1264,7 +1264,7 @@
#dnsmasq_config_file=
# Driver used to create ethernet devices. (string value)
-#linuxnet_interface_driver=nova.network.linux_net.LinuxBridgeInterfaceDriver
+linuxnet_interface_driver=nova.network.linux_net.LinuxOVSInterfaceDriver
# Name of Open vSwitch bridge used with linuxnet (string
# value)
@@ -1416,7 +1416,7 @@
#
# The full class name of the security API class (string value)
-#security_group_api=nova
+security_group_api=neutron
#
@@ -1472,7 +1472,7 @@
#disable_process_locking=false
# Directory to use for lock files. (string value)
-#lock_path=<None>
+lock_path=/var/lock/nova
#
@@ -1556,7 +1556,7 @@
# Use syslog for logging. Existing syslog format is DEPRECATED
# during I, and will change in J to honor RFC5424. (boolean
# value)
-#use_syslog=false
+use_syslog=True
# (Optional) Enables or disables syslog rfc5424 format for
# logging. If enabled, prefixes the MSG part of the syslog
@@ -1734,7 +1734,7 @@
# Which filter class names to use for filtering hosts when not
# specified in the request. (list value)
-#scheduler_default_filters=RetryFilter,AvailabilityZoneFilter,RamFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter
+scheduler_default_filters=RetryFilter,AvailabilityZoneFilter,RamFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter
# Which weight class names to use for weighing hosts (list
# value)
@@ -1759,7 +1759,7 @@
#
# Default driver to use for the scheduler (string value)
-#scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler
+scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler
# How often (in seconds) to run periodic tasks in the
# scheduler driver of your choice. Please note this is likely
@@ -1867,7 +1867,7 @@
# include: libvirt.LibvirtDriver, xenapi.XenAPIDriver,
# fake.FakeDriver, baremetal.BareMetalDriver,
# vmwareapi.VMwareVCDriver, hyperv.HyperVDriver (string value)
-#compute_driver=<None>
+compute_driver=libvirt.LibvirtDriver
# The default format an ephemeral_volume will be formatted
# with on creation. (string value)
@@ -1898,7 +1898,7 @@
# Firewall driver (defaults to hypervisor specific iptables
# driver) (string value)
-#firewall_driver=<None>
+firewall_driver=nova.virt.firewall.NoopFirewallDriver
# Whether to allow network traffic from same network (boolean
# value)
@@ -1959,7 +1959,7 @@
# Location of VNC console proxy, in the form
# "http://127.0.0.1:6080/vnc_auto.html" (string value)
-#novncproxy_base_url=http://127.0.0.1:6080/vnc_auto.html
+novncproxy_base_url=http://{{ MANAGEMENT_INTERFACE_IP_ADDRESS }}:6080/vnc_auto.html
# Location of nova xvp VNC console proxy, in the form
# "http://127.0.0.1:6081/console" (string value)
@@ -1967,17 +1967,17 @@
# IP address on which instance vncservers should listen
# (string value)
-#vncserver_listen=127.0.0.1
+vncserver_listen=0.0.0.0
# The address to which proxy clients (like nova-xvpvncproxy)
# should connect (string value)
-#vncserver_proxyclient_address=127.0.0.1
+vncserver_proxyclient_address={{ MANAGEMENT_INTERFACE_IP_ADDRESS }}
# Enable VNC related features (boolean value)
-#vnc_enabled=true
+vnc_enabled=true
# Keymap for VNC (string value)
-#vnc_keymap=en-us
+vnc_keymap=en-us
#
@@ -2366,7 +2366,7 @@
#
# Perform nova-conductor operations locally (boolean value)
-#use_local=false
+use_local=true
# The topic on which conductor nodes listen (string value)
#topic=conductor
@@ -2409,22 +2409,22 @@
# Default glance hostname or IP address (string value)
# Deprecated group/name - [DEFAULT]/glance_host
-#host=$my_ip
+host={{ CONTROLLER_HOST_ADDRESS }}
# Default glance port (integer value)
# Deprecated group/name - [DEFAULT]/glance_port
-#port=9292
+port=9292
# Default protocol to use when connecting to glance. Set to
# https for SSL. (string value)
# Deprecated group/name - [DEFAULT]/glance_protocol
-#protocol=http
+protocol=http
# A list of the glance api servers available to nova. Prefix
# with https:// for ssl-based glance api servers.
# ([hostname|ip]:port) (list value)
# Deprecated group/name - [DEFAULT]/glance_api_servers
-#api_servers=<None>
+api_servers=$host:$port
# Allow to perform insecure SSL (https) requests to glance
# (boolean value)
@@ -2626,23 +2626,23 @@
# Port of the admin Identity API endpoint. Deprecated, use
# identity_uri. (integer value)
-#auth_port=35357
+auth_port=35357
# Protocol of the admin Identity API endpoint (http or https).
# Deprecated, use identity_uri. (string value)
-#auth_protocol=https
+auth_protocol=http
# Complete public Identity API endpoint (string value)
-#auth_uri=<None>
+auth_uri=http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0
# Complete admin Identity API endpoint. This should specify
# the unversioned root endpoint e.g. https://localhost:35357/
# (string value)
-#identity_uri=<None>
+identity_uri=http://{{ CONTROLLER_HOST_ADDRESS }}:35357
# API version of the admin Identity API endpoint (string
# value)
-#auth_version=<None>
+auth_version=v2.0
# Do not handle authorization requests within the middleware,
# but delegate the authorization decision to downstream WSGI
@@ -2666,14 +2666,14 @@
#admin_token=<None>
# Keystone account username (string value)
-#admin_user=<None>
+admin_user={{ NOVA_SERVICE_USER }}
# Keystone account password (string value)
-#admin_password=<None>
+admin_password={{ NOVA_SERVICE_PASSWORD }}
# Keystone service account tenant name to validate user tokens
# (string value)
-#admin_tenant_name=admin
+admin_tenant_name=service
# Env key for the swift cache (string value)
#cache=<None>
@@ -2809,7 +2809,7 @@
# Libvirt domain type (valid options are: kvm, lxc, qemu, uml,
# xen) (string value)
-#virt_type=kvm
+virt_type={{ NOVA_VIRT_TYPE }}
# Override the default libvirt URI (which is dependent on
# virt_type) (string value)
@@ -3126,12 +3126,12 @@
# Set flag to indicate Neutron will proxy metadata requests
# and resolve instance ids. (boolean value)
# Deprecated group/name - [DEFAULT]/service_neutron_metadata_proxy
-#service_metadata_proxy=false
+service_metadata_proxy=True
# Shared secret to validate proxies Neutron metadata requests
# (string value)
# Deprecated group/name - [DEFAULT]/neutron_metadata_proxy_shared_secret
-#metadata_proxy_shared_secret=
+metadata_proxy_shared_secret={{ METADATA_PROXY_SHARED_SECRET }}
#
@@ -3140,7 +3140,7 @@
# URL for connecting to neutron (string value)
# Deprecated group/name - [DEFAULT]/neutron_url
-#url=http://127.0.0.1:9696
+url=http://{{ CONTROLLER_HOST_ADDRESS }}:9696
# Timeout value for connecting to neutron in seconds (integer
# value)
@@ -3154,12 +3154,12 @@
# Username for connecting to neutron in admin context (string
# value)
# Deprecated group/name - [DEFAULT]/neutron_admin_username
-#admin_username=<None>
+admin_username={{ NEUTRON_SERVICE_USER }}
# Password for connecting to neutron in admin context (string
# value)
# Deprecated group/name - [DEFAULT]/neutron_admin_password
-#admin_password=<None>
+admin_password={{ NEUTRON_SERVICE_PASSWORD }}
# Tenant id for connecting to neutron in admin context (string
# value)
@@ -3171,7 +3171,7 @@
# Note that with Keystone V3 tenant names are only unique
# within a domain. (string value)
# Deprecated group/name - [DEFAULT]/neutron_admin_tenant_name
-#admin_tenant_name=<None>
+admin_tenant_name=service
# Region name for connecting to neutron in admin context
# (string value)
@@ -3181,7 +3181,7 @@
# Authorization URL for connecting to neutron in admin context
# (string value)
# Deprecated group/name - [DEFAULT]/neutron_admin_auth_url
-#admin_auth_url=http://localhost:5000/v2.0
+admin_auth_url=http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0
# If set, ignore any SSL validation issues (boolean value)
# Deprecated group/name - [DEFAULT]/neutron_api_insecure
@@ -3190,7 +3190,7 @@
# Authorization strategy for connecting to neutron in admin
# context (string value)
# Deprecated group/name - [DEFAULT]/neutron_auth_strategy
-#auth_strategy=keystone
+auth_strategy=keystone
# Name of Integration Bridge used by Open vSwitch (string
# value)
@@ -3252,7 +3252,7 @@
#
# Host on which to listen for incoming requests (string value)
-#serialproxy_host=0.0.0.0
+serialproxy_host=127.0.0.1
# Port on which to listen for incoming requests (integer
# value)
@@ -3264,7 +3264,7 @@
#
# Enable serial console related features (boolean value)
-#enabled=false
+enabled=false
# Range of TCP ports to use for serial ports on compute hosts
# (string value)
@@ -3315,7 +3315,7 @@
#server_proxyclient_address=127.0.0.1
# Enable spice related features (boolean value)
-#enabled=false
+enabled=false
# Enable spice guest agent support (boolean value)
#agent_enabled=true
@@ -3802,4 +3802,8 @@
# (integer value)
#sg_retry_interval=5
+[database]
+# The SQLAlchemy connection string to use to connect to the
+# database. (string value)
+connection=postgresql://{{ NOVA_DB_USER }}:{{ NOVA_DB_PASSWORD }}@{{ CONTROLLER_HOST_ADDRESS }}/nova
diff --git a/systems/openstack-system-x86_64.morph b/systems/openstack-system-x86_64.morph
index 1b53df0..17c1bbf 100644
--- a/systems/openstack-system-x86_64.morph
+++ b/systems/openstack-system-x86_64.morph
@@ -66,3 +66,4 @@ configuration-extensions:
- openstack-keystone
- openstack-glance
- openstack-cinder
+- openstack-nova