chef/cookbooks/neutron/templates/default/neutron.conf.erb
[DEFAULT]
bind_host = <%= @bind_host %>
bind_port = <%= @bind_port %>
auth_strategy = keystone
core_plugin = <%= @core_plugin %>
service_plugins = <%= @service_plugins %>
dns_domain = <%= @dns_domain %>
allow_overlapping_ips = <%= @allow_overlapping_ips ? "True" : "False" %>
<% unless @ipam_driver.nil? -%>
ipam_driver = <%= @ipam_driver %>
<% end -%>
global_physnet_mtu = <%= @mtu_value %>
use_ssl = <%= @ssl_enabled ? "True" : "False" %>
api_workers = <%= [node["cpu"]["total"] / 2, 1, 16].sort[1] %>
rpc_workers = <%= @rpc_workers %>
dhcp_agents_per_network = <%= (@network_nodes_count + 1) / 2 %>
<% if @dvr_enabled -%>
router_distributed = True
<% end -%>
<% if @l3_ha_enabled -%>
l3_ha = True
max_l3_agents_per_router = <%= (@network_nodes_count + 1) / 2 %>
<% end -%>
debug = <%= @debug ? "True" : "False" %>
log_dir = /var/log/neutron
use_syslog = <%= @use_syslog ? "True" : "False" %>
use_stderr = false
transport_url = <%= @rabbit_settings[:url] %>
control_exchange = neutron
max_header_line = <%= node[:neutron][:max_header_line] %>
wsgi_keep_alive = false
<% unless @default_log_levels.length.zero? -%>
default_log_levels = <%= @default_log_levels.join(", ") %>
<% end -%>
<%if @designate_enabled -%>
external_dns_driver = designate
[designate]
auth_type = password
url = <%= @designate_public_uri %>
username = <%= @keystone_settings['service_user'] %>
password = <%= @keystone_settings['service_password'] %>
auth_url = <%= @keystone_settings['internal_auth_url'] %>
region_name = <%= @keystone_settings['endpoint_region'] %>
project_domain_name = <%= @keystone_settings['default_user_domain'] %>
user_domain_name = <%= @keystone_settings['default_user_domain'] %>
project_name = <%= @keystone_settings['service_tenant'] %>
allow_reverse_dns_lookup = False
<% end -%>
[agent]
root_helper = sudo neutron-rootwrap /etc/neutron/rootwrap.conf
root_helper_daemon = sudo neutron-rootwrap-daemon /etc/neutron/rootwrap.conf
[database]
<% unless @sql_connection.nil? || @sql_connection.empty? -%>
connection = <%= @sql_connection %>
<% end -%>
max_pool_size = <%= @sql_max_pool_size %>
max_overflow = <%= @sql_max_pool_overflow %>
pool_timeout = <%= @sql_pool_timeout %>
[keystone_authtoken]
auth_type = password
www_authenticate_uri = <%= @keystone_settings['public_auth_url'] %>
auth_url = <%= @keystone_settings['internal_auth_url'] %>
auth_version = <%= @keystone_settings['api_version_for_middleware'] %>
insecure = <%= @keystone_settings['insecure'] %>
region_name = <%= @keystone_settings['endpoint_region'] %>
username = <%= @keystone_settings['service_user'] %>
password = <%= @keystone_settings['service_password'] %>
project_name = <%= @keystone_settings['service_tenant'] %>
project_domain_name = <%= @keystone_settings['admin_domain'] %>
user_domain_name = <%= @keystone_settings['admin_domain'] %>
memcached_servers = <%= @memcached_servers.join(',') %>
memcache_security_strategy = ENCRYPT
memcache_secret_key = <%= node[:neutron][:memcache_secret_key] %>
memcache_pool_socket_timeout = 1
service_token_roles_required = true
service_token_roles = admin
<% if @use_apic_gbp -%>
[apic_aim_auth]
auth_plugin = v3password
auth_url = <%= @keystone_settings['internal_auth_url'] %>
user_domain_name = <%= @keystone_settings['admin_domain'] %>
project_name = <%= @keystone_settings['service_tenant'] %>
project_domain_name = <%= @keystone_settings['admin_domain'] %>
username = <%= @keystone_settings['service_user'] %>
password = <%= @keystone_settings['service_password'] %>
<% end -%>
[nova]
region_name = <%= @keystone_settings['endpoint_region'] %>
endpoint_type = internal
auth_url = "<%= @keystone_settings["protocol"] %>://<%= @keystone_settings["internal_url_host"] %>:<%= @keystone_settings["service_port"] %>"
auth_type = password
<% if @nova_insecure -%>
insecure = <%= @nova_insecure %>
<% end -%>
password = <%= @keystone_settings['service_password'] %>
project_name = <%= @keystone_settings['service_tenant'] %>
username = <%= @keystone_settings['service_user'] %>
project_domain_name = <%= @keystone_settings['default_user_domain'] %>
user_domain_name = <%= @keystone_settings['default_user_domain'] %>
[oslo_concurrency]
lock_path = /var/run/neutron
<% if @rabbit_settings[:enable_notifications] -%>
[oslo_messaging_notifications]
driver = messagingv2
<% end -%>
[oslo_messaging_rabbit]
amqp_durable_queues = <%= @rabbit_settings[:durable_queues] %>
rabbit_ha_queues = <%= @rabbit_settings[:ha_queues] %>
ssl = <%= @rabbit_settings[:use_ssl] %>
<% if @rabbit_settings[:client_ca_certs] -%>
ssl_ca_file = <%= @rabbit_settings[:client_ca_certs] %>
<% end -%>
heartbeat_timeout_threshold = <%= @rabbit_settings[:heartbeat_timeout] %>
[ssl]
<% if @ssl_cert_required -%>
ca_file = <%= @ssl_ca_file %>
<% end -%>
cert_file = <%= @ssl_cert_file %>
key_file = <%= @ssl_key_file %>
<% if @infoblox -%>
[infoblox]
cloud_data_center_id = <%= @infoblox[:cloud_data_center_id] %>
ipam_agent_workers = <%= @infoblox[:ipam_agent_workers] %>
<% @infoblox[:grids].each_index do |grid| -%>
# Per-grid configuration for infoblox grid <%= grid %>
[infoblox-dc:<%= grid + 1 %>]
admin_user_name = <%= @infoblox[:grids][grid][:admin_user_name] %>
admin_password = <%= @infoblox[:grids][grid][:admin_password] %>
grid_master_name = <%= @infoblox[:grids][grid][:grid_master_name] %>
grid_master_host = <%= @infoblox[:grids][grid][:grid_master_host] %>
data_center_name = <%= @infoblox[:grids][grid][:data_center_name] %>
wapi_version = <%= @infoblox[:grids][grid][:wapi_version] %>
wapi_max_results = <%= @infoblox[:grids][grid][:wapi_max_results] %>
ssl_verify = <%= @infoblox[:grids][grid][:ssl_verify] %>
http_pool_connections = <%= @infoblox[:grids][grid][:http_pool_connections] %>
http_pool_maxsize = <%= @infoblox[:grids][grid][:http_pool_maxsize] %>
http_request_timeout = <%= @infoblox[:grids][grid][:http_request_timeout] %>
<% end -%>
<% end -%>
<% if @profiler_settings[:enabled] -%>
[profiler]
enabled = true
trace_sqlalchemy = <%= @profiler_settings[:trace_sqlalchemy] ? "true" : "false" %>
hmac_keys = <%= @profiler_settings[:hmac_keys].join(",") %>
connection_string = <%= @profiler_settings[:connection_string] %>
<% end -%>
<% if @octavia_admin_uri %>
[octavia]
base_url = <%= @octavia_admin_uri %>
<% end %>