Configuration File

Configuration File Reference

The configuration file is a YAML file that controls every aspect of the OpenStack deployment. It can be generated automatically with:

deploystack deploy --allinone --generate-only

Or as an empty template to fill in manually with:

deploystack generate-config ~/openstack-config.yaml

Once ready, start the deployment with:

deploystack deploy --config-file <path>

---

Table of Contents

• passwords
• network
• public_network
• neutron
  • Open vSwitch bridge architecture
• cinder
• compute
• optional_services
• openstack

---

passwords

All passwords used during deployment. All fields must be filled in before starting the deployment.

Key	Description
ADMIN_PASSWORD	Password for the OpenStack admin user.
SERVICE_PASSWORD	Shared password for internal OpenStack services (Nova, Neutron, Cinder, etc.).
RABBITMQ_PASSWORD	Password for the RabbitMQ message broker.
DATABASE_PASSWORD	Password for the MariaDB/MySQL OpenStack services databases.
DEMO_PASSWORD	Password for the demo user.

Example:

passwords:
  ADMIN_PASSWORD: "MyAdminSecret"
  SERVICE_PASSWORD: "MyServiceSecret"
  RABBITMQ_PASSWORD: "MyRabbitSecret"
  DATABASE_PASSWORD: "MyDBSecret"
  DEMO_PASSWORD: "MyDemoSecret"

---

network

Host network configuration. These values are automatically populated when using --allinone, as the tool auto-detects the active network interface.

Key	Description
HOST_IP	IP address of the host machine (e.g. 192.168.1.100).
HOST_IP_NETMASK	Netmask of the host network (e.g. 255.255.255.0).
HOST_IP_CIDR	Host IP in CIDR notation (e.g. 192.168.1.100/24).
HOST_IP_GATEWAY	The host's IP address gateway (e.g. 192.168.1.1)
HOST_MGMT_INTERFACE	Name of the host’s management network interface (e.g., ens33, eth0).

Example:

network:
  HOST_IP: "192.168.1.100"
  HOST_IP_NETMASK: "255.255.255.0"
  HOST_IP_CIDR: "192.168.1.100/24"
  HOST_IP_GATEWAY: "192.168.1.1"
  HOST_MGMT_INTERFACE: "eth0"

⚠️ Warning:
If HOST_MGMT_INTERFACE is different from OVN_PUBLIC_BRIDGE_INTERFACE or OVS_PUBLIC_BRIDGE_INTERFACE, a dual-NIC setup will be automatically configured.

---

public_network

Defines the external provider network that Neutron will use to allocate floating IPs. This must match your actual physical network.

Key	Description
PUBLIC_SUBNET_CIDR	CIDR of the public subnet (e.g. 192.168.1.0/24).
PUBLIC_SUBNET_RANGE_START	First IP of the floating IP pool (e.g. 192.168.1.200).
PUBLIC_SUBNET_RANGE_END	Last IP of the floating IP pool (e.g. 192.168.1.250).
PUBLIC_SUBNET_GATEWAY	Gateway of the public subnet (e.g. 192.168.1.1).
PUBLIC_SUBNET_DNS_SERVERS	DNS server(s) for instances (e.g. 8.8.8.8).

Example:

public_network:
  PUBLIC_SUBNET_CIDR: "192.168.1.0/24"
  PUBLIC_SUBNET_RANGE_START: "192.168.1.200"
  PUBLIC_SUBNET_RANGE_END: "192.168.1.250"
  PUBLIC_SUBNET_GATEWAY: "192.168.1.1"
  PUBLIC_SUBNET_DNS_SERVERS: 
  - 8.8.8.8

---

neutron

Neutron network service configuration. Supports two drivers: OVS (Open vSwitch) and OVN (Open Virtual Network).

Key	Values	Description
DRIVER	ovs, ovn	Network driver to use for Neutron.

neutron.ovs — OVS-specific settings

Used only when DRIVER is set to ovs.

Key	Default	Description
CREATE_BRIDGES	yes	Automatically create OVS bridges during deployment.
PUBLIC_BRIDGE_INTERFACE	—	Physical network interface to attach to the public bridge (auto-detected with --allinone).
PUBLIC_BRIDGE	br-ex	Name of the OVS bridge for the external/public network.
INTERNAL_BRIDGE	br-internal	Name of the OVS bridge for the internal flat tenant network. Not used with OVN.
TUNNEL_BRIDGE	br-tun	Name of the OVS bridge used for tunnel-based tenant networks (VXLAN/GRE). Required when using tunneling; not used for flat or VLAN networks.

neutron.ovn — OVN-specific settings

Used only when DRIVER is set to ovn.

Key	Default	Description
CREATE_BRIDGES	yes	Automatically create OVS/OVN bridges during deployment.
OVN_NB_PORT	6641	Port for the OVN Northbound database.
OVN_SB_PORT	6642	Port for the OVN Southbound database.
OVN_PUBLIC_BRIDGE_INTERFACE	—	Physical interface to attach to the OVN public bridge.
OVN_PUBLIC_BRIDGE	br-ex	Name of the bridge for the external network.
OVN_ENCAP_TYPE	geneve	Encapsulation type: geneve or vxlan.
OVN_L3_SCHEDULER	leastloaded	L3 scheduling algorithm: leastloaded or chance.
ENABLE_DISTRIBUTED_FLOATING_IP	no	Enable distributed floating IPs (DVR-like with OVN).

neutron.tenant_network — Tenant network settings

Common to both OVS and OVN.

Key	Default	Description
TYPE	geneve	Tenant network type. OVN supports geneve, vxlan, flat ; OVS supports vxlan, vlan, flat.
VNI_RANGE	1:65536	Range of VNI (Virtual Network Identifier) values.

neutron.provider_networks — Provider networks

Defines the physical network mappings for Neutron. By default, a single public flat network is mapped to br-ex.

provider_networks:
  - name: "public"
    bridge: "br-ex"
    type: "flat"
  # Add more if you have multiple physnets:
  # - name: "internal"
  #   bridge: "br-internal"
  #   type: "flat"

Note: If the OVS driver is used with tenant_network.TYPE: vxlan, DeployStack creates the standard OpenStack bridges br-int, br-tun, and br-ex. The optional br-internal bridge is not created because VXLAN tenant networks do not require a dedicated internal flat-network bridge.

Open vSwitch Bridge Architecture

When using the OVS Neutron driver, DeployStack may create several Open vSwitch bridges depending on the selected tenant network type:

Bridge	Purpose
br-int	OpenStack integration bridge. Connects virtual machine ports, routers, DHCP agents, and other Neutron components.
br-tun	Tunnel bridge used for VXLAN and GRE tenant networks.
br-ex	External/provider network bridge used for floating IPs and external connectivity.
br-internal	Optional provider bridge for internal flat networks.

Note: br-int is the standard OpenStack integration bridge and is always required when using the OVS driver.

Note: When tenant_network.TYPE is set to vxlan, DeployStack does not create the optional br-internal bridge. VXLAN tenant traffic is handled through the standard OpenStack OVS architecture using br-int and br-tun, making an additional internal flat-network bridge unnecessary.

⚠️ Current limitation: DeployStack currently supports only one external provider bridge (br-ex) and one optional internal provider bridge (br-internal). Additional entries defined in provider_networks are ignored and will not be created automatically.

Future releases are expected to add support for multiple provider networks and bridge mappings.

---

cinder

Block storage configuration for the Cinder service. Uses LVM as the backend.

Note: Cinder is only deployed if optional_services.INSTALL_CINDER is set to yes.

cinder.lvm

Key	Default	Description
PHYSICAL_VOLUME	—	Path to a real physical volume to use as LVM backend (e.g. /dev/sdb). Leave empty to use a loopback file instead.
CINDER_VOLUME_LVM_PHYSICAL_PV_LOOP_PATH	/dev/loop0	Loopback device path. Used only if PHYSICAL_VOLUME is not set.
CINDER_VOLUME_LVM_IMAGE_FILE_PATH	/var/lib/cinder/cinder-volumes.img	Path of the loopback image file on disk.
CINDER_VOLUME_LVM_IMAGE_SIZE_IN_GB	5	Size of the LVM image in GB. Ignored if a physical volume is specified.

Example (loopback):

cinder:
  lvm:
    PHYSICAL_VOLUME: ""
    CINDER_VOLUME_LVM_PHYSICAL_PV_LOOP_PATH: "/dev/loop0"
    CINDER_VOLUME_LVM_IMAGE_FILE_PATH: "/var/lib/cinder/cinder-volumes.img"
    CINDER_VOLUME_LVM_IMAGE_SIZE_IN_GB: "20"

Example (physical volume):

cinder:
  lvm:
    PHYSICAL_VOLUME: "/dev/sdb"

---

compute

Nova compute configuration.

Key	Default	Description
NOVA_COMPUTE_VIRT_TYPE	kvm	Virtualization type. Use kvm on bare metal, qemu inside a virtual machine (nested virtualization).
CPU_ALLOCATION_RATIO	4.0	Overcommit ratio for vCPUs (e.g. 4.0 means 4 vCPUs per physical core).
RAM_ALLOCATION_RATIO	1.5	Overcommit ratio for RAM.
DISK_ALLOCATION_RATIO	1.5	Overcommit ratio for disk.

---

optional_services

Controls which optional OpenStack services are installed.

Key	Default	Description
INSTALL_CINDER	no	Install the Cinder block storage service.
INSTALL_HORIZON	yes	Install the Horizon web dashboard.

Coming soon: Heat (Orchestration), Octavia (Load Balancer), Barbican (Key Manager).

---

openstack

General OpenStack deployment settings.

Key	Default	Description
OPENSTACK_RELEASE	caracal	OpenStack release to deploy.
REGION_NAME	RegionOne	Name of the OpenStack region.

---

For issues or contributions, visit the project repository.