Mohammed Naser | b7b97d6 | 2022-03-12 16:30:00 -0500 | [diff] [blame] | 1 | # Copyright (c) 2022 VEXXHOST, Inc. |
| 2 | # |
| 3 | # Licensed under the Apache License, Version 2.0 (the "License"); you may |
| 4 | # not use this file except in compliance with the License. You may obtain |
| 5 | # a copy of the License at |
| 6 | # |
| 7 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 8 | # |
| 9 | # Unless required by applicable law or agreed to in writing, software |
| 10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| 11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the |
| 12 | # License for the specific language governing permissions and limitations |
| 13 | # under the License. |
| 14 | |
Mohammed Naser | 2145fc3 | 2023-01-29 23:23:03 +0000 | [diff] [blame] | 15 | _nova_helm_values: |
Mohammed Naser | b7b97d6 | 2022-03-12 16:30:00 -0500 | [diff] [blame] | 16 | endpoints: "{{ openstack_helm_endpoints }}" |
| 17 | labels: |
| 18 | agent: |
| 19 | compute_ironic: |
| 20 | node_selector_key: openstack-control-plane |
| 21 | node_selector_value: enabled |
| 22 | images: |
Michiel Piscaer | 60d09f9 | 2023-01-20 18:58:55 +0100 | [diff] [blame] | 23 | tags: "{{ atmosphere_images | vexxhost.atmosphere.openstack_helm_image_tags('nova') }}" |
Mohammed Naser | 0133832 | 2022-03-22 14:51:31 -0400 | [diff] [blame] | 24 | network: |
Mohammed Naser | d6db245 | 2023-07-23 14:34:59 +0000 | [diff] [blame] | 25 | backend: |
| 26 | - "{{ atmosphere_network_backend | default('openvswitch') }}" |
Mohammed Naser | 0133832 | 2022-03-22 14:51:31 -0400 | [diff] [blame] | 27 | ssh: |
| 28 | enabled: true |
| 29 | public_key: "{{ _nova_ssh_publickey.public_key }}" |
Mohammed Naser | 2145fc3 | 2023-01-29 23:23:03 +0000 | [diff] [blame] | 30 | private_key: "{{ nova_ssh_key }}" |
Mohammed Naser | b7b97d6 | 2022-03-12 16:30:00 -0500 | [diff] [blame] | 31 | bootstrap: |
| 32 | structured: |
| 33 | flavors: |
| 34 | enabled: false |
| 35 | pod: |
Mohammed Naser | c639230 | 2024-01-04 00:43:02 -0500 | [diff] [blame] | 36 | useHostNetwork: |
| 37 | novncproxy: false |
Mohammed Naser | b7b97d6 | 2022-03-12 16:30:00 -0500 | [diff] [blame] | 38 | replicas: |
| 39 | api_metadata: 3 |
| 40 | osapi: 3 |
| 41 | conductor: 3 |
| 42 | scheduler: 3 |
| 43 | novncproxy: 3 |
| 44 | spiceproxy: 3 |
| 45 | conf: |
Mohammed Naser | 92f1150 | 2022-08-10 17:24:32 -0400 | [diff] [blame] | 46 | ceph: |
| 47 | enabled: "{{ atmosphere_ceph_enabled | default(true) | bool }}" |
Mohammed Naser | b7b97d6 | 2022-03-12 16:30:00 -0500 | [diff] [blame] | 48 | nova: |
| 49 | DEFAULT: |
Oleksandr K. | bb5bb96 | 2024-12-23 04:33:13 -0800 | [diff] [blame] | 50 | log_config_append: null |
okozachenko | 7cda09a | 2022-04-07 23:25:03 +1000 | [diff] [blame] | 51 | allow_resize_to_same_host: true |
Mohammed Naser | b7b97d6 | 2022-03-12 16:30:00 -0500 | [diff] [blame] | 52 | cpu_allocation_ratio: 4.5 |
| 53 | ram_allocation_ratio: 0.9 |
| 54 | disk_allocation_ratio: 3.0 |
| 55 | resume_guests_state_on_host_boot: true |
| 56 | osapi_compute_workers: 8 |
| 57 | metadata_workers: 8 |
Mohammed Naser | e936b49 | 2023-07-19 15:16:06 +0200 | [diff] [blame] | 58 | api: |
| 59 | list_records_by_skipping_down_cells: false |
ricolin | 6120249 | 2023-06-01 12:38:10 +0800 | [diff] [blame] | 60 | barbican: |
| 61 | barbican_endpoint_type: internal |
Mohammed Naser | b7b97d6 | 2022-03-12 16:30:00 -0500 | [diff] [blame] | 62 | cache: |
| 63 | backend: oslo_cache.memcache_pool |
| 64 | cinder: |
Mohammed Naser | 0a5b2e4 | 2025-01-31 10:58:24 -0500 | [diff] [blame] | 65 | auth_type: password |
Mohammed Naser | b7b97d6 | 2022-03-12 16:30:00 -0500 | [diff] [blame] | 66 | conductor: |
| 67 | workers: 8 |
guilhermesteinmuller | 72a48af | 2022-05-06 12:29:11 -0300 | [diff] [blame] | 68 | compute: |
| 69 | consecutive_build_service_disable_threshold: 0 |
Mohammed Naser | b7b97d6 | 2022-03-12 16:30:00 -0500 | [diff] [blame] | 70 | cors: |
| 71 | allowed_origin: "*" |
| 72 | allow_headers: "X-Auth-Token,X-OpenStack-Nova-API-Version" |
Mohammed Naser | c6e431b | 2024-03-15 01:21:44 -0400 | [diff] [blame] | 73 | database: |
Mohammed Naser | 66c3d0e | 2024-08-10 06:01:40 -0700 | [diff] [blame] | 74 | connection_recycle_time: 600 |
| 75 | max_overflow: 50 |
| 76 | max_pool_size: 5 |
| 77 | pool_timeout: 30 |
Mohammed Naser | b7b97d6 | 2022-03-12 16:30:00 -0500 | [diff] [blame] | 78 | filter_scheduler: |
Oleksandr K. | 66bb947 | 2024-07-18 01:25:23 +0200 | [diff] [blame] | 79 | available_filters: |
| 80 | type: multistring |
| 81 | values: |
| 82 | - nova.scheduler.filters.all_filters |
| 83 | - nova_scheduler_filters.failure_domain_filter.FailureDomainFilter |
Mohammed Naser | 511c3fa | 2022-03-17 17:54:10 -0400 | [diff] [blame] | 84 | enabled_filters: |
| 85 | ComputeFilter, |
| 86 | AggregateTypeAffinityFilter, |
| 87 | ComputeCapabilitiesFilter, |
| 88 | PciPassthroughFilter, |
| 89 | ImagePropertiesFilter, |
| 90 | ServerGroupAntiAffinityFilter, |
Oleksandr K. | 66bb947 | 2024-07-18 01:25:23 +0200 | [diff] [blame] | 91 | ServerGroupAffinityFilter, |
| 92 | FailureDomainFilter |
Mohammed Naser | b7b97d6 | 2022-03-12 16:30:00 -0500 | [diff] [blame] | 93 | image_properties_default_architecture: x86_64 |
| 94 | max_instances_per_host: 200 |
| 95 | glance: |
| 96 | enable_rbd_download: true |
Mohammed Naser | f799a7b | 2023-07-10 18:06:38 -0400 | [diff] [blame] | 97 | libvirt: |
Mohammed Naser | f799a7b | 2023-07-10 18:06:38 -0400 | [diff] [blame] | 98 | live_migration_scheme: tls |
Mohammed Naser | a4cbb61 | 2023-07-10 20:59:58 -0400 | [diff] [blame] | 99 | # TODO(mnaser): We should enable this once we figure out how to "inject" |
| 100 | # the certificates into the existing "qemu-kvm" processes. |
| 101 | # live_migration_with_native_tls: true |
Dong Ma | 2d802ca | 2024-11-07 07:34:54 +0800 | [diff] [blame] | 102 | swtpm_enabled: true |
| 103 | swtpm_user: swtpm |
| 104 | swtpm_group: swtpm |
Mohammed Naser | b7b97d6 | 2022-03-12 16:30:00 -0500 | [diff] [blame] | 105 | neutron: |
| 106 | metadata_proxy_shared_secret: "{{ openstack_helm_endpoints['compute_metadata']['secret'] }}" |
ricolin | 2d8dd48 | 2022-07-07 06:55:02 +0800 | [diff] [blame] | 107 | oslo_messaging_notifications: |
| 108 | driver: noop |
Mohammed Naser | d6db245 | 2023-07-23 14:34:59 +0000 | [diff] [blame] | 109 | os_vif_ovs: |
| 110 | ovsdb_connection: unix:/run/openvswitch/db.sock |
Mohammed Naser | 0a5b2e4 | 2025-01-31 10:58:24 -0500 | [diff] [blame] | 111 | privsep_osbrick: |
| 112 | helper_command: sudo nova-rootwrap /etc/nova/rootwrap.conf privsep-helper --config-file /etc/nova/nova.conf |
Mohammed Naser | b7b97d6 | 2022-03-12 16:30:00 -0500 | [diff] [blame] | 113 | scheduler: |
Oleksandr K. | 24c88fd | 2024-12-08 22:28:50 -0800 | [diff] [blame] | 114 | max_attempts: 3 |
Mohammed Naser | b7b97d6 | 2022-03-12 16:30:00 -0500 | [diff] [blame] | 115 | workers: 8 |
Yaguang Tang | e9f1a37 | 2024-08-10 12:38:34 +0800 | [diff] [blame] | 116 | discover_hosts_in_cells_interval: 30 |
Mohammed Naser | 10c23f3 | 2023-07-10 17:24:59 -0400 | [diff] [blame] | 117 | vnc: |
| 118 | auth_schemes: vencrypt,none |
Yaguang Tang | 2fab49f | 2024-07-04 21:57:37 +0800 | [diff] [blame] | 119 | # NOTE(yaguang): This is not safe but a workaround before upstream bug 2039803 is fixed. |
| 120 | workarounds: |
| 121 | skip_cpu_compare_on_dest: true |
Mohammed Naser | b7b97d6 | 2022-03-12 16:30:00 -0500 | [diff] [blame] | 122 | nova_ironic: |
| 123 | DEFAULT: |
Mohammed Naser | b7b97d6 | 2022-03-12 16:30:00 -0500 | [diff] [blame] | 124 | force_config_drive: true |
Oleksandr K. | 24c88fd | 2024-12-08 22:28:50 -0800 | [diff] [blame] | 125 | nova_api_uwsgi: |
| 126 | uwsgi: |
| 127 | chunked-input-limit: "4096000" |
| 128 | http-auto-chunked: true |
| 129 | http-raw-body: true |
| 130 | need-app: true |
| 131 | socket-timeout: 10 |
| 132 | nova_metadata_uwsgi: |
| 133 | uwsgi: |
| 134 | chunked-input-limit: "4096000" |
| 135 | http-auto-chunked: true |
| 136 | http-raw-body: true |
| 137 | need-app: true |
| 138 | socket-timeout: 10 |
Mohammed Naser | b7b97d6 | 2022-03-12 16:30:00 -0500 | [diff] [blame] | 139 | manifests: |
| 140 | deployment_consoleauth: false |
| 141 | deployment_placement: false |
| 142 | ingress_metadata: false |
| 143 | ingress_novncproxy: false |
| 144 | ingress_osapi: false |
| 145 | ingress_placement: false |
Oleksandr K. | 24c88fd | 2024-12-08 22:28:50 -0800 | [diff] [blame] | 146 | ingress_spiceproxy: false |
Mohammed Naser | b7b97d6 | 2022-03-12 16:30:00 -0500 | [diff] [blame] | 147 | job_db_init_placement: false |
| 148 | job_ks_placement_endpoints: false |
| 149 | job_ks_placement_service: false |
| 150 | job_ks_placement_user: false |
Oleksandr K. | 24c88fd | 2024-12-08 22:28:50 -0800 | [diff] [blame] | 151 | job_storage_init: false |
Mohammed Naser | b7b97d6 | 2022-03-12 16:30:00 -0500 | [diff] [blame] | 152 | secret_keystone_placement: false |
| 153 | service_ingress_metadata: false |
| 154 | service_ingress_novncproxy: false |
| 155 | service_ingress_osapi: false |
| 156 | service_ingress_placement: false |
| 157 | service_placement: false |
Oleksandr K. | 24c88fd | 2024-12-08 22:28:50 -0800 | [diff] [blame] | 158 | service_ingress_spiceproxy: false |
Mohammed Naser | a523966 | 2022-05-28 18:08:12 +0200 | [diff] [blame] | 159 | # NOTE(mnaser): Enable this once we've got Ironic deployed. |
| 160 | statefulset_compute_ironic: false |
Oleksandr Kozachenko | af9972f | 2023-10-17 19:25:12 +0200 | [diff] [blame] | 161 | |
| 162 | _nova_novnc_ingress_annotations: |
| 163 | nginx.ingress.kubernetes.io/proxy-read-timeout: "3600" |
| 164 | nginx.ingress.kubernetes.io/proxy-send-timeout: "3600" |