From 482f20609e68364c32c57bb8460698ef5099ccd8 Mon Sep 17 00:00:00 2001
From: Pedro Alvarez <pedro.alvarez@codethink.co.uk>
Date: Tue, 14 Apr 2015 12:01:49 +0000
Subject: Openstack: Make Neutron configurable

Change-Id: I517142d6879f4cfce821a21a5fe2b661e184ce53
Signed-off-by: Pedro Alvarez <pedro.alvarez@codethink.co.uk>
Signed-off-by: Francisco Redondo Marchena <francisco.marchena@codethink.co.uk>
Signed-off-by: Richard Maw <richard.maw@codethink.co.uk>
---
 openstack/usr/share/openstack/neutron/neutron.conf | 57 ++++++++++++----------
 1 file changed, 30 insertions(+), 27 deletions(-)

(limited to 'openstack/usr/share/openstack/neutron/neutron.conf')

diff --git a/openstack/usr/share/openstack/neutron/neutron.conf b/openstack/usr/share/openstack/neutron/neutron.conf
index 08366264..51de7464 100644
--- a/openstack/usr/share/openstack/neutron/neutron.conf
+++ b/openstack/usr/share/openstack/neutron/neutron.conf
@@ -17,7 +17,7 @@
 
 # Where to store Neutron state files.  This directory must be writable by the
 # user executing the agent.
-# state_path = /var/lib/neutron
+state_path = /var/lib/neutron
 
 # Where to store lock files
 lock_path = $state_path/lock
@@ -32,7 +32,8 @@ lock_path = $state_path/lock
 # (not user_stderr) and (not log_file) -> stdout
 # publish_errors                       -> notification system
 
-# use_syslog = False
+use_syslog = True
+
 # syslog_log_facility = LOG_USER
 
 # use_stderr = True
@@ -60,7 +61,7 @@ lock_path = $state_path/lock
 # previous versions, the class name of a plugin can be specified instead of its
 # entrypoint name.
 #
-# core_plugin =
+core_plugin = ml2
 # Example: core_plugin = ml2
 
 # (ListOpt) List of service plugin entrypoints to be loaded from the
@@ -69,15 +70,15 @@ lock_path = $state_path/lock
 # with previous versions, the class name of a plugin can be specified instead
 # of its entrypoint name.
 #
-# service_plugins =
+service_plugins = router
 # Example: service_plugins = router,firewall,lbaas,vpnaas,metering
 
 # Paste configuration file
-# api_paste_config = api-paste.ini
+api_paste_config = api-paste.ini
 
 # The strategy to be used for auth.
 # Supported values are 'keystone'(default), 'noauth'.
-# auth_strategy = keystone
+auth_strategy = keystone
 
 # Base MAC address. The first 3 octets will remain unchanged. If the
 # 4h octet is not 00, it will also be used. The others will be
@@ -114,7 +115,7 @@ lock_path = $state_path/lock
 # Enable or disable overlapping IPs for subnets
 # Attention: the following parameter MUST be set to False if Neutron is
 # being used in conjunction with nova security groups
-# allow_overlapping_ips = False
+allow_overlapping_ips = True
 # Ensure that configured gateway is on subnet. For IPv6, validate only if
 # gateway is not a link local address. Deprecated, to be removed during the
 # K release, at which point the check will be mandatory.
@@ -233,29 +234,29 @@ lock_path = $state_path/lock
 
 # ======== neutron nova interactions ==========
 # Send notification to nova when port status is active.
-# notify_nova_on_port_status_changes = True
+notify_nova_on_port_status_changes = True
 
 # Send notifications to nova when port data (fixed_ips/floatingips) change
 # so nova can update it's cache.
-# notify_nova_on_port_data_changes = True
+notify_nova_on_port_data_changes = True
 
 # URL for connection to nova (Only supports one nova region currently).
-# nova_url = http://127.0.0.1:8774/v2
+nova_url = http://{{ CONTROLLER_HOST_ADDRESS  }}:8774/v2
 
 # Name of nova region to use. Useful if keystone manages more than one region
-# nova_region_name =
+nova_region_name = regionOne
 
 # Username for connection to nova in admin context
-# nova_admin_username =
+nova_admin_username = {{ NOVA_SERVICE_USER }}
 
 # The uuid of the admin nova tenant
-# nova_admin_tenant_id =
+nova_admin_tenant_id = {{ SERVICE_TENANT_ID }}
 
 # Password for connection to nova in admin context.
-# nova_admin_password =
+nova_admin_password = {{ NOVA_SERVICE_PASSWORD }}
 
 # Authorization URL for connection to nova in admin context.
-# nova_admin_auth_url =
+nova_admin_auth_url = http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0
 
 # CA file for novaclient to verify server certificates
 # nova_ca_certificates_file =
@@ -340,11 +341,11 @@ lock_path = $state_path/lock
 
 # The RabbitMQ broker address where a single node is used.
 # (string value)
-#rabbit_host=localhost
+rabbit_host={{ RABBITMQ_HOST }}
 
 # The RabbitMQ broker port where a single node is used.
 # (integer value)
-#rabbit_port=5672
+rabbit_port={{ RABBITMQ_PORT }}
 
 # RabbitMQ HA cluster host:port pairs. (list value)
 #rabbit_hosts=$rabbit_host:$rabbit_port
@@ -353,10 +354,10 @@ lock_path = $state_path/lock
 #rabbit_use_ssl=false
 
 # The RabbitMQ userid. (string value)
-#rabbit_userid=guest
+rabbit_userid={{ RABBITMQ_USER }}
 
 # The RabbitMQ password. (string value)
-#rabbit_password=guest
+rabbit_password={{ RABBITMQ_PASSWORD }}
 
 # the RabbitMQ login method (string value)
 #rabbit_login_method=AMQPLAIN
@@ -425,7 +426,7 @@ lock_path = $state_path/lock
 
 # Driver or drivers to handle sending notifications. (multi
 # valued)
-#notification_driver=
+notification_driver=neutron.openstack.common.notifier.rpc_notifier
 
 # AMQP topic used for OpenStack notifications. (list value)
 # Deprecated group/name - [rpc_notifier2]/topics
@@ -441,7 +442,7 @@ lock_path = $state_path/lock
 
 # The messaging driver to use, defaults to rabbit. Other
 # drivers include qpid and zmq. (string value)
-#rpc_backend=rabbit
+rpc_backend=rabbit
 
 # The default exchange under which topics are scoped. May be
 # overridden by an exchange name specified in the
@@ -544,6 +545,7 @@ lock_path = $state_path/lock
 # root filter facility.
 # Change to "sudo" to skip the filtering and just run the comand directly
 # root_helper = sudo
+root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
 
 # =========== items for agent management extension =============
 # seconds between nodes reporting state to server; should be less than
@@ -553,12 +555,11 @@ lock_path = $state_path/lock
 # ===========  end of items for agent management extension =====
 
 [keystone_authtoken]
-auth_host = 127.0.0.1
-auth_port = 35357
-auth_protocol = http
-admin_tenant_name = %SERVICE_TENANT_NAME%
-admin_user = %SERVICE_USER%
-admin_password = %SERVICE_PASSWORD%
+auth_uri =  http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0
+identity_uri  =  http://{{ CONTROLLER_HOST_ADDRESS }}:35357
+admin_tenant_name = service
+admin_user = {{ NEUTRON_SERVICE_USER }}
+admin_password = {{ NEUTRON_SERVICE_PASSWORD }}
 
 [database]
 # This line MUST be changed to actually run the plugin.
@@ -571,6 +572,8 @@ admin_password = %SERVICE_PASSWORD%
 # be set in the corresponding core plugin '.ini' file. However, it is suggested
 # to put the [database] section and its connection attribute in this
 # configuration file.
+#connection=sqlite:////var/lib/neutron/neutron.sqlite
+connection=postgresql://{{ NEUTRON_DB_USER }}:{{ NEUTRON_DB_PASSWORD }}@{{ CONTROLLER_HOST_ADDRESS }}/neutron
 
 # Database engine for which script will be generated when using offline
 # migration
-- 
cgit v1.2.1