|
1 [DEFAULT] |
|
2 # Default log level is INFO |
|
3 # verbose and debug has the same result. |
|
4 # One of them will set DEBUG log level output |
|
5 # debug = False |
|
6 # verbose = False |
|
7 |
|
8 # Where to store Neutron state files. This directory must be writable by the |
|
9 # user executing the agent. |
|
10 # state_path = /var/lib/neutron |
|
11 |
|
12 # Where to store lock files |
|
13 lock_path = $state_path/lock |
|
14 |
|
15 # log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s |
|
16 # log_date_format = %Y-%m-%d %H:%M:%S |
|
17 |
|
18 # use_syslog -> syslog |
|
19 # log_file and log_dir -> log_dir/log_file |
|
20 # (not log_file) and log_dir -> log_dir/{binary_name}.log |
|
21 # use_stderr -> stderr |
|
22 # (not user_stderr) and (not log_file) -> stdout |
|
23 # publish_errors -> notification system |
|
24 |
|
25 # use_syslog = False |
|
26 # syslog_log_facility = LOG_USER |
|
27 |
|
28 # use_stderr = True |
|
29 # log_file = |
|
30 # log_dir = |
|
31 |
|
32 # publish_errors = False |
|
33 |
|
34 # Address to bind the API server |
|
35 # bind_host = 0.0.0.0 |
|
36 |
|
37 # Port the bind the API server to |
|
38 # bind_port = 9696 |
|
39 |
|
40 # Path to the extensions. Note that this can be a colon-separated list of |
|
41 # paths. For example: |
|
42 # api_extensions_path = extensions:/path/to/more/extensions:/even/more/extensions |
|
43 # The __path__ of neutron.extensions is appended to this, so if your |
|
44 # extensions are in there you don't need to specify them here |
|
45 # api_extensions_path = |
|
46 |
|
47 # Neutron plugin provider module |
|
48 # The EVSNeutronPluginV2 Neutron plugin connects to the Solaris Elastic |
|
49 # Virtual Switch framework to provide virtual networking between Solaris |
|
50 # Zones. |
|
51 core_plugin = neutron.plugins.evs.plugin.EVSNeutronPluginV2 |
|
52 |
|
53 # Advanced service modules |
|
54 # service_plugins = |
|
55 |
|
56 # Paste configuration file |
|
57 # api_paste_config = api-paste.ini |
|
58 |
|
59 # The strategy to be used for auth. |
|
60 # Supported values are 'keystone'(default), 'noauth'. |
|
61 # auth_strategy = keystone |
|
62 |
|
63 # Base MAC address. The first 3 octets will remain unchanged. If the |
|
64 # 4h octet is not 00, it will also used. The others will be |
|
65 # randomly generated. |
|
66 # 3 octet |
|
67 # base_mac = fa:16:3e:00:00:00 |
|
68 # 4 octet |
|
69 # base_mac = fa:16:3e:4f:00:00 |
|
70 |
|
71 # Maximum amount of retries to generate a unique MAC address |
|
72 # mac_generation_retries = 16 |
|
73 |
|
74 # DHCP Lease duration (in seconds) |
|
75 # dhcp_lease_duration = 86400 |
|
76 |
|
77 # Allow sending resource operation notification to DHCP agent |
|
78 # dhcp_agent_notification = True |
|
79 |
|
80 # Enable or disable bulk create/update/delete operations |
|
81 # allow_bulk = True |
|
82 # Enable or disable pagination |
|
83 # allow_pagination = False |
|
84 # Enable or disable sorting |
|
85 # allow_sorting = False |
|
86 # Enable or disable overlapping IPs for subnets |
|
87 # Attention: the following parameter MUST be set to False if Neutron is |
|
88 # being used in conjunction with nova security groups |
|
89 # allow_overlapping_ips = False |
|
90 # Ensure that configured gateway is on subnet |
|
91 # force_gateway_on_subnet = False |
|
92 |
|
93 |
|
94 # RPC configuration options. Defined in rpc __init__ |
|
95 # The messaging module to use, defaults to kombu. |
|
96 # rpc_backend = neutron.openstack.common.rpc.impl_kombu |
|
97 # Size of RPC thread pool |
|
98 # rpc_thread_pool_size = 64 |
|
99 # Size of RPC connection pool |
|
100 # rpc_conn_pool_size = 30 |
|
101 # Seconds to wait for a response from call or multicall |
|
102 # rpc_response_timeout = 60 |
|
103 # Seconds to wait before a cast expires (TTL). Only supported by impl_zmq. |
|
104 # rpc_cast_timeout = 30 |
|
105 # Modules of exceptions that are permitted to be recreated |
|
106 # upon receiving exception data from an rpc call. |
|
107 # allowed_rpc_exception_modules = neutron.openstack.common.exception, nova.exception |
|
108 # AMQP exchange to connect to if using RabbitMQ or QPID |
|
109 # control_exchange = neutron |
|
110 |
|
111 # If passed, use a fake RabbitMQ provider |
|
112 # fake_rabbit = False |
|
113 |
|
114 # Configuration options if sending notifications via kombu rpc (these are |
|
115 # the defaults) |
|
116 # SSL version to use (valid only if SSL enabled) |
|
117 # kombu_ssl_version = |
|
118 # SSL key file (valid only if SSL enabled) |
|
119 # kombu_ssl_keyfile = |
|
120 # SSL cert file (valid only if SSL enabled) |
|
121 # kombu_ssl_certfile = |
|
122 # SSL certification authority file (valid only if SSL enabled)' |
|
123 # kombu_ssl_ca_certs = |
|
124 # IP address of the RabbitMQ installation |
|
125 # rabbit_host = localhost |
|
126 # Password of the RabbitMQ server |
|
127 # rabbit_password = guest |
|
128 # Port where RabbitMQ server is running/listening |
|
129 # rabbit_port = 5672 |
|
130 # RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) |
|
131 # rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port' |
|
132 # rabbit_hosts = localhost:5672 |
|
133 # User ID used for RabbitMQ connections |
|
134 # rabbit_userid = guest |
|
135 # Location of a virtual RabbitMQ installation. |
|
136 # rabbit_virtual_host = / |
|
137 # Maximum retries with trying to connect to RabbitMQ |
|
138 # (the default of 0 implies an infinite retry count) |
|
139 # rabbit_max_retries = 0 |
|
140 # RabbitMQ connection retry interval |
|
141 # rabbit_retry_interval = 1 |
|
142 # Use HA queues in RabbitMQ (x-ha-policy: all).You need to |
|
143 # wipe RabbitMQ database when changing this option. (boolean value) |
|
144 # rabbit_ha_queues = false |
|
145 |
|
146 # QPID |
|
147 # rpc_backend=neutron.openstack.common.rpc.impl_qpid |
|
148 # Qpid broker hostname |
|
149 # qpid_hostname = localhost |
|
150 # Qpid broker port |
|
151 # qpid_port = 5672 |
|
152 # Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) |
|
153 # qpid_hosts is defaulted to '$qpid_hostname:$qpid_port' |
|
154 # qpid_hosts = localhost:5672 |
|
155 # Username for qpid connection |
|
156 # qpid_username = '' |
|
157 # Password for qpid connection |
|
158 # qpid_password = '' |
|
159 # Space separated list of SASL mechanisms to use for auth |
|
160 # qpid_sasl_mechanisms = '' |
|
161 # Seconds between connection keepalive heartbeats |
|
162 # qpid_heartbeat = 60 |
|
163 # Transport to use, either 'tcp' or 'ssl' |
|
164 # qpid_protocol = tcp |
|
165 # Disable Nagle algorithm |
|
166 # qpid_tcp_nodelay = True |
|
167 |
|
168 # ZMQ |
|
169 # rpc_backend=neutron.openstack.common.rpc.impl_zmq |
|
170 # ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP. |
|
171 # The "host" option should point or resolve to this address. |
|
172 # rpc_zmq_bind_address = * |
|
173 |
|
174 # ============ Notification System Options ===================== |
|
175 |
|
176 # Notifications can be sent when network/subnet/port are create, updated or deleted. |
|
177 # There are three methods of sending notifications: logging (via the |
|
178 # log_file directive), rpc (via a message queue) and |
|
179 # noop (no notifications sent, the default) |
|
180 |
|
181 # Notification_driver can be defined multiple times |
|
182 # Do nothing driver |
|
183 # notification_driver = neutron.openstack.common.notifier.no_op_notifier |
|
184 # Logging driver |
|
185 # notification_driver = neutron.openstack.common.notifier.log_notifier |
|
186 # RPC driver. DHCP agents needs it. |
|
187 notification_driver = neutron.openstack.common.notifier.rpc_notifier |
|
188 |
|
189 # default_notification_level is used to form actual topic name(s) or to set logging level |
|
190 # default_notification_level = INFO |
|
191 |
|
192 # default_publisher_id is a part of the notification payload |
|
193 # host = myhost.com |
|
194 # default_publisher_id = $host |
|
195 |
|
196 # Defined in rpc_notifier, can be comma separated values. |
|
197 # The actual topic names will be %s.%(default_notification_level)s |
|
198 # notification_topics = notifications |
|
199 |
|
200 # Default maximum number of items returned in a single response, |
|
201 # value == infinite and value < 0 means no max limit, and value must |
|
202 # greater than 0. If the number of items requested is greater than |
|
203 # pagination_max_limit, server will just return pagination_max_limit |
|
204 # of number of items. |
|
205 # pagination_max_limit = -1 |
|
206 |
|
207 # Maximum number of DNS nameservers per subnet |
|
208 # max_dns_nameservers = 5 |
|
209 |
|
210 # Maximum number of host routes per subnet |
|
211 # max_subnet_host_routes = 20 |
|
212 |
|
213 # Maximum number of fixed ips per port |
|
214 # max_fixed_ips_per_port = 5 |
|
215 |
|
216 # =========== items for agent management extension ============= |
|
217 # Seconds to regard the agent as down; should be at least twice |
|
218 # report_interval, to be sure the agent is down for good |
|
219 # agent_down_time = 9 |
|
220 # =========== end of items for agent management extension ===== |
|
221 |
|
222 # =========== items for agent scheduler extension ============= |
|
223 # Driver to use for scheduling network to DHCP agent |
|
224 # network_scheduler_driver = neutron.scheduler.dhcp_agent_scheduler.ChanceScheduler |
|
225 # Driver to use for scheduling router to a default L3 agent |
|
226 # router_scheduler_driver = neutron.scheduler.l3_agent_scheduler.ChanceScheduler |
|
227 # Driver to use for scheduling a loadbalancer pool to an lbaas agent |
|
228 # loadbalancer_pool_scheduler_driver = neutron.services.loadbalancer.agent_scheduler.ChanceScheduler |
|
229 |
|
230 # Allow auto scheduling networks to DHCP agent. It will schedule non-hosted |
|
231 # networks to first DHCP agent which sends get_active_networks message to |
|
232 # neutron server |
|
233 # network_auto_schedule = True |
|
234 |
|
235 # Allow auto scheduling routers to L3 agent. It will schedule non-hosted |
|
236 # routers to first L3 agent which sends sync_routers message to neutron server |
|
237 # router_auto_schedule = True |
|
238 |
|
239 # Number of DHCP agents scheduled to host a network. This enables redundant |
|
240 # DHCP agents for configured networks. |
|
241 # dhcp_agents_per_network = 1 |
|
242 |
|
243 # =========== end of items for agent scheduler extension ===== |
|
244 |
|
245 # =========== WSGI parameters related to the API server ============== |
|
246 # Number of separate worker processes to spawn. The default, 0, runs the |
|
247 # worker thread in the current process. Greater than 0 launches that number of |
|
248 # child processes as workers. The parent process manages them. |
|
249 # api_workers = 0 |
|
250 # Sets the value of TCP_KEEPIDLE in seconds to use for each server socket when |
|
251 # starting API server. Not supported on OS X. |
|
252 # tcp_keepidle = 600 |
|
253 |
|
254 # Number of seconds to keep retrying to listen |
|
255 # retry_until_window = 30 |
|
256 |
|
257 # Number of backlog requests to configure the socket with. |
|
258 # backlog = 4096 |
|
259 |
|
260 # Enable SSL on the API server |
|
261 # use_ssl = False |
|
262 |
|
263 # Certificate file to use when starting API server securely |
|
264 # ssl_cert_file = /path/to/certfile |
|
265 |
|
266 # Private key file to use when starting API server securely |
|
267 # ssl_key_file = /path/to/keyfile |
|
268 |
|
269 # CA certificate file to use when starting API server securely to |
|
270 # verify connecting clients. This is an optional parameter only required if |
|
271 # API clients need to authenticate to the API server using SSL certificates |
|
272 # signed by a trusted CA |
|
273 # ssl_ca_file = /path/to/cafile |
|
274 # ======== end of WSGI parameters related to the API server ========== |
|
275 |
|
276 [quotas] |
|
277 # resource name(s) that are supported in quota features |
|
278 # quota_items = network,subnet,port |
|
279 |
|
280 # default number of resource allowed per tenant, minus for unlimited |
|
281 # default_quota = -1 |
|
282 |
|
283 # number of networks allowed per tenant, and minus means unlimited |
|
284 # quota_network = 10 |
|
285 |
|
286 # number of subnets allowed per tenant, and minus means unlimited |
|
287 # quota_subnet = 10 |
|
288 |
|
289 # number of ports allowed per tenant, and minus means unlimited |
|
290 # quota_port = 50 |
|
291 |
|
292 # number of security groups allowed per tenant, and minus means unlimited |
|
293 # quota_security_group = 10 |
|
294 |
|
295 # number of security group rules allowed per tenant, and minus means unlimited |
|
296 # quota_security_group_rule = 100 |
|
297 |
|
298 # default driver to use for quota checks |
|
299 # The default quota driver, neutron.db.quota_db.DbQuotaDriver, supports |
|
300 # static quotas defined in the [quotas] section. The Elastic Virtual |
|
301 # Switch plugin supports per-tenant quota limits via the quota extension |
|
302 # API. To enable per-tenant quotas, the quota_driver should be set to |
|
303 # neutron.plugins.evs.db.quotas_db.EVSDbQuotaDriver. |
|
304 quota_driver = neutron.plugins.evs.db.quotas_db.EVSDbQuotaDriver |
|
305 |
|
306 [agent] |
|
307 # Use "sudo neutron-rootwrap /etc/neutron/rootwrap.conf" to use the real |
|
308 # root filter facility. |
|
309 # Change to "sudo" to skip the filtering and just run the comand directly |
|
310 # root_helper = sudo |
|
311 |
|
312 # =========== items for agent management extension ============= |
|
313 # seconds between nodes reporting state to server; should be less than |
|
314 # agent_down_time, best if it is half or less than agent_down_time |
|
315 # report_interval = 4 |
|
316 |
|
317 # =========== end of items for agent management extension ===== |
|
318 |
|
319 [keystone_authtoken] |
|
320 auth_uri = http://127.0.0.1:5000/v2.0 |
|
321 identity_uri = http://127.0.0.1:35357 |
|
322 admin_tenant_name = %SERVICE_TENANT_NAME% |
|
323 admin_user = %SERVICE_USER% |
|
324 admin_password = %SERVICE_PASSWORD% |
|
325 signing_dir = $state_path/keystone-signing |
|
326 |
|
327 [database] |
|
328 # This line MUST be changed to actually run the plugin. |
|
329 # Example: |
|
330 # connection = mysql://root:[email protected]:3306/neutron |
|
331 # Replace 127.0.0.1 above with the IP address of the database used by the |
|
332 # main neutron server. (Leave it as is if the database runs on this host.) |
|
333 # connection = sqlite:// |
|
334 |
|
335 # The SQLAlchemy connection string used to connect to the slave database |
|
336 # slave_connection = |
|
337 |
|
338 # Database reconnection retry times - in event connectivity is lost |
|
339 # set to -1 implies an infinite retry count |
|
340 # max_retries = 10 |
|
341 |
|
342 # Database reconnection interval in seconds - if the initial connection to the |
|
343 # database fails |
|
344 # retry_interval = 10 |
|
345 |
|
346 # Minimum number of SQL connections to keep open in a pool |
|
347 # min_pool_size = 1 |
|
348 |
|
349 # Maximum number of SQL connections to keep open in a pool |
|
350 # max_pool_size = 10 |
|
351 |
|
352 # Timeout in seconds before idle sql connections are reaped |
|
353 # idle_timeout = 3600 |
|
354 |
|
355 # If set, use this value for max_overflow with sqlalchemy |
|
356 # max_overflow = 20 |
|
357 |
|
358 # Verbosity of SQL debugging information. 0=None, 100=Everything |
|
359 # connection_debug = 0 |
|
360 |
|
361 # Add python stack traces to SQL as comment strings |
|
362 # connection_trace = False |
|
363 |
|
364 # If set, use this value for pool_timeout with sqlalchemy |
|
365 # pool_timeout = 10 |
|
366 |
|
367 [service_providers] |
|
368 # Specify service providers (drivers) for advanced services like loadbalancer, VPN, Firewall. |
|
369 # Must be in form: |
|
370 # service_provider=<service_type>:<name>:<driver>[:default] |
|
371 # List of allowed service type include LOADBALANCER, FIREWALL, VPN |
|
372 # Combination of <service type> and <name> must be unique; <driver> must also be unique |
|
373 # this is multiline option, example for default provider: |
|
374 # service_provider=LOADBALANCER:name:lbaas_plugin_driver_path:default |
|
375 # example of non-default provider: |
|
376 # service_provider=FIREWALL:name2:firewall_driver_path |
|
377 # --- Reference implementations --- |
|
378 service_provider=LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default |