chef/cookbooks/magnum/templates/default/magnum.conf.erb
[DEFAULT]
state_path = /var/lib/magnum
debug = <%= node[:magnum][:debug] %>
verbose = <%= node[:magnum][:verbose] %>
log_dir = /var/log/magnum
use_syslog = <%= node[:magnum][:use_syslog] ? "True" : "False" %>
use_stderr = false
rpc_conn_pool_size = 64
executor_thread_pool_size = 256
transport_url = <%= @rabbit_settings[:url] %>
control_exchange = magnum
host = <%= node["hostname"] %>
[api]
port = <%= @bind_port %>
host = <%= @bind_host %>
<% if @ssl_enabled -%>
enabled_ssl = true
ssl_cert_file = <%= @ssl_settings[:certfile] %>
ssl_key_file = <%= @ssl_settings[:keyfile] %>
<% end -%>
[barbican_client]
region_name = <%= @keystone_settings['endpoint_region'] %>
[certificates]
cert_manager_type = <%= "#{node[:magnum][:cert][:cert_manager_type]}" %>
[cinder_client]
region_name = <%= @keystone_settings['endpoint_region'] %>
[database]
connection = <%= @sql_connection %>
[drivers]
verify_ca = false
[glance_client]
region_name = <%= @keystone_settings['endpoint_region'] %>
insecure = <%= @keystone_settings['insecure'] %>
[heat_client]
region_name = <%= @keystone_settings['endpoint_region'] %>
insecure = <%= @keystone_settings['insecure'] %>
[keystone_auth]
auth_url = <%= @keystone_settings['internal_auth_url'] %>
project_name = <%= @keystone_settings['service_tenant'] %>
username = <%= @keystone_settings['service_user'] %>
password = <%= @keystone_settings['service_password'] %>
insecure = <%= @keystone_settings['insecure'] %>
project_domain_name = <%= @keystone_settings["admin_domain"]%>
user_domain_name = <%= @keystone_settings["admin_domain"] %>
[keystone_authtoken]
www_authenticate_uri = <%= @keystone_settings['public_auth_url'] %>
auth_url = <%= @keystone_settings['internal_auth_url'] %>
auth_version = <%= @keystone_settings['api_version_for_middleware'] %>
insecure = <%= @keystone_settings['insecure'] %>
project_name = <%= @keystone_settings['service_tenant'] %>
username = <%= @keystone_settings['service_user'] %>
password = <%= @keystone_settings['service_password'] %>
region_name = <%= @keystone_settings['endpoint_region'] %>
project_domain_name = <%= @keystone_settings["admin_domain"]%>
user_domain_name = <%= @keystone_settings["admin_domain"] %>
auth_type = password
memcached_servers = <%= @memcached_servers.join(',') %>
memcache_security_strategy = ENCRYPT
memcache_secret_key = <%= node[:magnum][:memcache_secret_key] %>
memcache_pool_socket_timeout = 1
service_token_roles_required = true
service_token_roles = admin
[magnum_client]
region_name = <%= @keystone_settings['endpoint_region'] %>
insecure = <%= @keystone_settings['insecure'] %>
[neutron_client]
region_name = <%= @keystone_settings['endpoint_region'] %>
insecure = <%= @keystone_settings['insecure'] %>
[nova_client]
region_name = <%= @keystone_settings['endpoint_region'] %>
insecure = <%= @keystone_settings['insecure'] %>
[oslo_concurrency]
lock_path = /var/run/magnum
<% if @rabbit_settings[:enable_notifications] -%>
[oslo_messaging_notifications]
driver = messagingv2
<% end -%>
[oslo_messaging_rabbit]
amqp_durable_queues = <%= @rabbit_settings[:durable_queues] %>
rabbit_ha_queues = <%= @rabbit_settings[:ha_queues] %>
ssl = <%= @rabbit_settings[:use_ssl] %>
<% if @rabbit_settings[:client_ca_certs] -%>
ssl_ca_file = <%= @rabbit_settings[:client_ca_certs] %>
<% end -%>
heartbeat_timeout_threshold = <%= @rabbit_settings[:heartbeat_timeout] %>
[oslo_policy]
policy_file = /etc/magnum/policy.json
[trust]
cluster_user_trust = <%= @trustee["cluster_user_trust"] %>
trustee_domain_id = <%= @trustee["domain_id"] %>
trustee_domain_admin_id = <%= @trustee["domain_admin_id"] %>
trustee_domain_admin_password = <%= @trustee["domain_admin_password"] %>
trustee_keystone_interface = <%= @trustee["keystone_interface"] %>
insecure = <%= @keystone_settings['insecure'] %>