upstream/oracle/userland-gate: comparison components/openstack/neutron/files/neutron.conf

equal deleted inserted replaced

-:57069587975f
+:8e252a37ed0d
 [DEFAULT]
-# Print more verbose output (set logging level to INFO instead of default WARNING level).
-# verbose = False
+#
+# From neutron
-# =========Start Global Config Option for Distributed L3 Router===============
+#
-# Setting the "router_distributed" flag to "True" will default to the creation
-# of distributed tenant routers. The admin can override this flag by specifying
+# Where to store Neutron state files. This directory must be writable by the
-# the type of the router on the create request (admin-only attribute). Default
+# agent. (string value)
-# value is "False" to support legacy mode (centralized) routers.
+#state_path = /var/lib/neutron
-#
-# router_distributed = False
+# The host IP to bind to (string value)
-#
+#bind_host = 0.0.0.0
-# ===========End Global Config Option for Distributed L3 Router===============
+# The port to bind to (port value)
-# Print debugging output (set logging level to DEBUG instead of default WARNING level).
+# Minimum value: 0
-# debug = False
+# Maximum value: 65535
+#bind_port = 9696
-# Where to store Neutron state files.  This directory must be writable by the
-# user executing the agent.
+# The path for API extensions. Note that this can be a colon-separated list of
-# state_path = /var/lib/neutron
+# paths. For example: api_extensions_path =
+# extensions:/path/to/more/exts:/even/more/exts. The __path__ of
-# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s
+# neutron.extensions is appended to this, so if your extensions are in there
-# log_date_format = %Y-%m-%d %H:%M:%S
+# you don't need to specify them here. (string value)
+#api_extensions_path =
-# use_syslog                           -> syslog
-# log_file and log_dir                 -> log_dir/log_file
+# The type of authentication to use (string value)
-# (not log_file) and log_dir           -> log_dir/{binary_name}.log
+#auth_strategy = keystone
-# use_stderr                           -> stderr
-# (not user_stderr) and (not log_file) -> stdout
+# The core plugin Neutron will use (string value)
-# publish_errors                       -> notification system
+#
+# The ML2 plugin provides support for heterogenous networking technologies in
-# use_syslog = False
+# the cloud.
-# syslog_log_facility = LOG_USER
+core_plugin = ml2
-# use_stderr = True
+# The service plugins Neutron will use (list value)
-# log_file =
+#
-# log_dir =
+# This option must be set when the core_plugin is set to 'ml2' and the
+# supported values are 'router' and 'vpnaas'.
-# publish_errors = False
+service_plugins = router
-# Address to bind the API server to
+# The base MAC address Neutron will use for VIFs. The first 3 octets will
-# bind_host = 0.0.0.0
+# remain unchanged. If the 4th octet is not 00, it will also be used. The
+# others will be randomly generated. (string value)
-# Port the bind the API server to
+#base_mac = fa:16:3e:00:00:00
-# bind_port = 9696
+# How many times Neutron will retry MAC generation (integer value)
-# Path to the extensions.  Note that this can be a colon-separated list of
+#mac_generation_retries = 16
-# paths.  For example:
-# api_extensions_path = extensions:/path/to/more/extensions:/even/more/extensions
+# Allow the usage of the bulk API (boolean value)
-# The __path__ of neutron.extensions is appended to this, so if your
+#allow_bulk = true
-# extensions are in there you don't need to specify them here
-# api_extensions_path =
+# Allow the usage of the pagination (boolean value)
+#allow_pagination = false
-# (StrOpt) Neutron core plugin entrypoint to be loaded from the
-# neutron.core_plugins namespace. See setup.cfg for the entrypoint names of the
+# Allow the usage of the sorting (boolean value)
-# plugins included in the neutron source distribution. For compatibility with
+#allow_sorting = false
-# previous versions, the class name of a plugin can be specified instead of its
-# entrypoint name.
+# The maximum number of items returned in a single response, value was
-#
+# 'infinite' or negative integer means no limit (string value)
-# The ML2 plugin provides support for heterogenous networking technologies
+#pagination_max_limit = -1
-# in the cloud.
-#
+# Default value of availability zone hints. The availability zone aware
-# core_plugin =
+# schedulers use this when the resources availability_zone_hints is empty.
-# Example: core_plugin = ml2
+# Multiple availability zones can be specified by a comma separated string.
-# core_plugin = ml2
+# This value can be empty. In this case, even if availability_zone_hints for a
+# resource is empty, availability zone is considered for high availability
-# The EVSNeutronPluginV2 Neutron plugin connects to the Solaris Elastic
+# while scheduling the resource. (list value)
-# Virtual Switch framework to provide virtual networking between Solaris
+#default_availability_zones =
-# Zones.
-core_plugin = neutron.plugins.evs.plugin.EVSNeutronPluginV2
+# Maximum number of DNS nameservers per subnet (integer value)
+#max_dns_nameservers = 5
-# (ListOpt) List of service plugin entrypoints to be loaded from the
-# neutron.service_plugins namespace. See setup.cfg for the entrypoint names of
+# Maximum number of host routes per subnet (integer value)
-# the plugins included in the neutron source distribution. For compatibility
+#max_subnet_host_routes = 20
-# with previous versions, the class name of a plugin can be specified instead
-# of its entrypoint name.
+# Maximum number of fixed ips per port. This option is deprecated and will be
-#
+# removed in the N release. (integer value)
-# This option must be set when the core_plugin is set to ML2 and the
+# This option is deprecated for removal.
-# supported values are router and vpnaas.
+# Its value may be silently ignored in the future.
-#
+#max_fixed_ips_per_port = 5
-# service_plugins =
-# Example: service_plugins = router,firewall,lbaas,vpnaas,metering
+# Default IPv4 subnet pool to be used for automatic subnet CIDR allocation.
-# service_plugins = router
+# Specifies by UUID the pool to be used in case where creation of a subnet is
+# being called without a subnet pool ID. If not set then no pool will be used
-# Paste configuration file
+# unless passed explicitly to the subnet create. If no pool is used, then a
-# api_paste_config = api-paste.ini
+# CIDR must be passed to create a subnet and that subnet will not be allocated
+# from any pool; it will be considered part of the tenant's private address
-# (StrOpt) Hostname to be used by the neutron server, agents and services
+# space. This option is deprecated for removal in the N release. (string value)
-# running on this machine. All the agents and services running on this machine
+# This option is deprecated for removal.
-# must use the same host value.
+# Its value may be silently ignored in the future.
-# The default value is hostname of the machine.
+#default_ipv4_subnet_pool = <None>
-#
-# host =
+# Default IPv6 subnet pool to be used for automatic subnet CIDR allocation.
+# Specifies by UUID the pool to be used in case where creation of a subnet is
-# The strategy to be used for auth.
+# being called without a subnet pool ID. See the description for
-# Supported values are 'keystone'(default), 'noauth'.
+# default_ipv4_subnet_pool for more information. This option is deprecated for
-# auth_strategy = keystone
+# removal in the N release. (string value)
+# This option is deprecated for removal.
-# Base MAC address. The first 3 octets will remain unchanged. If the
+# Its value may be silently ignored in the future.
-# 4h octet is not 00, it will also be used. The others will be
+#default_ipv6_subnet_pool = <None>
-# randomly generated.
-# 3 octet
+# Enables IPv6 Prefix Delegation for automatic subnet CIDR allocation. Set to
-# base_mac = fa:16:3e:00:00:00
+# True to enable IPv6 Prefix Delegation for subnet allocation in a PD-capable
-# 4 octet
+# environment. Users making subnet creation requests for IPv6 subnets without
-# base_mac = fa:16:3e:4f:00:00
+# providing a CIDR or subnetpool ID will be given a CIDR via the Prefix
+# Delegation mechanism. Note that enabling PD will override the behavior of the
-# DVR Base MAC address. The first 3 octets will remain unchanged. If the
+# default IPv6 subnetpool. (boolean value)
-# 4th octet is not 00, it will also be used.  The others will be randomly
+#ipv6_pd_enabled = false
-# generated. The 'dvr_base_mac' *must* be different from 'base_mac' to
-# avoid mixing them up with MAC's allocated for tenant ports.
+# DHCP lease duration (in seconds). Use -1 to tell dnsmasq to use infinite
-# A 4 octet example would be dvr_base_mac = fa:16:3f:4f:00:00
+# lease times. (integer value)
-# The default is 3 octet
+# Deprecated group/name - [DEFAULT]/dhcp_lease_time
-# dvr_base_mac = fa:16:3f:00:00:00
+#dhcp_lease_duration = 86400
-# Maximum amount of retries to generate a unique MAC address
+# Domain to use for building the hostnames (string value)
-# mac_generation_retries = 16
+#dns_domain = openstacklocal
-# DHCP Lease duration (in seconds).  Use -1 to
+# Driver for external DNS integration. (string value)
-# tell dnsmasq to use infinite lease times.
+#external_dns_driver = <None>
-# dhcp_lease_duration = 86400
+# Allow sending resource operation notification to DHCP agent (boolean value)
-# Allow sending resource operation notification to DHCP agent
+#dhcp_agent_notification = true
-# dhcp_agent_notification = True
+# Allow overlapping IP support in Neutron. Attention: the following parameter
-# Enable or disable bulk create/update/delete operations
+# MUST be set to False if Neutron is being used in conjunction with Nova
-# allow_bulk = True
+# security groups. (boolean value)
-# Enable or disable pagination
+#allow_overlapping_ips = false
-# allow_pagination = False
-# Enable or disable sorting
+# Hostname to be used by the Neutron server, agents and services running on
-# allow_sorting = False
+# this machine. All the agents and services running on this machine must use
-# Enable or disable overlapping IPs for subnets
+# the same host value. (string value)
-# Attention: the following parameter MUST be set to False if Neutron is
+#host = example.domain
-# being used in conjunction with nova security groups
-# allow_overlapping_ips = False
 # Ensure that configured gateway is on subnet. For IPv6, validate only if
 # gateway is not a link local address. Deprecated, to be removed during the
-# K release, at which point the check will be mandatory.
+# Newton release, at which point the gateway will not be forced on to subnet.
-# force_gateway_on_subnet = True
+# (boolean value)
+# This option is deprecated for removal.
-# Default maximum number of items returned in a single response,
+# Its value may be silently ignored in the future.
-# value == infinite and value < 0 means no max limit, and value must
+#force_gateway_on_subnet = true
-# be greater than 0. If the number of items requested is greater than
-# pagination_max_limit, server will just return pagination_max_limit
+# Send notification to nova when port status changes (boolean value)
-# of number of items.
+#notify_nova_on_port_status_changes = true
-# pagination_max_limit = -1
+# Send notification to nova when port data (fixed_ips/floatingip) changes so
-# Maximum number of DNS nameservers per subnet
+# nova can update its cache. (boolean value)
-# max_dns_nameservers = 5
+#notify_nova_on_port_data_changes = true
-# Maximum number of host routes per subnet
+# Number of seconds between sending events to nova if there are any events to
-# max_subnet_host_routes = 20
+# send. (integer value)
+#send_events_interval = 2
-# Maximum number of fixed ips per port
-# max_fixed_ips_per_port = 5
+# If True, advertise network MTU values if core plugin calculates them. MTU is
+# advertised to running instances via DHCP and RA MTU options. (boolean value)
-# Maximum number of routes per router
+#advertise_mtu = true
-# max_routes = 30
+# Neutron IPAM (IP address management) driver to use. If ipam_driver is not set
-# Default Subnet Pool to be used for IPv4 subnet-allocation.
+# (default behavior), no IPAM driver is used. In order to use the reference
-# Specifies by UUID the pool to be used in case of subnet-create being called
+# implementation of Neutron IPAM driver, use 'internal'. (string value)
-# without a subnet-pool ID.  The default of None means that no pool will be
+#ipam_driver = <None>
-# used unless passed explicitly to subnet create.  If no pool is used, then a
-# CIDR must be passed to create a subnet and that subnet will not be allocated
+# If True, then allow plugins that support it to create VLAN transparent
-# from any pool; it will be considered part of the tenant's private address
+# networks. (boolean value)
-# space.
+#vlan_transparent = false
-# default_ipv4_subnet_pool =
+# This will choose the web framework in which to run the Neutron API server.
-# Default Subnet Pool to be used for IPv6 subnet-allocation.
+# 'pecan' is a new experiemental rewrite of the API server. (string value)
-# Specifies by UUID the pool to be used in case of subnet-create being
+# Allowed values: legacy, pecan
-# called without a subnet-pool ID.  Set to "prefix_delegation"
+#web_framework = legacy
-# to enable IPv6 Prefix Delegation in a PD-capable environment.
-# See the description for default_ipv4_subnet_pool for more information.
+# MTU of the underlying physical network. Neutron uses this value to calculate
-# default_ipv6_subnet_pool =
+# MTU for all virtual network components. For flat and VLAN networks, neutron
+# uses this value without modification. For overlay networks such as VXLAN,
-# =========== items for MTU selection and advertisement =============
+# neutron automatically subtracts the overlay protocol overhead from this
-# Advertise MTU.  If True, effort is made to advertise MTU
+# value. Defaults to 1500, the standard value for Ethernet. Also consider
-# settings to VMs via network methods (ie. DHCP and RA MTU options)
+# setting the path_mtu ml2 configuration value to the global_physnet_mtu value
-# when the network's preferred MTU is known.
+# when using the ml2 plug-in. Otherwise the global_physnet_mtu value might get
-# advertise_mtu = False
+# overridden by a smaller path_mtu value and hence have no effect on
-# ======== end of items for MTU selection and advertisement =========
+# overlay/tunnel networks but only flat and VLAN networks. (integer value)
+# Deprecated group/name - [ml2]/segment_mtu
-# =========== items for agent management extension =============
+#global_physnet_mtu = 1500
-# Seconds to regard the agent as down; should be at least twice
-# report_interval, to be sure the agent is down for good
+# Number of backlog requests to configure the socket with (integer value)
-# agent_down_time = 75
+#backlog = 4096
-# ===========  end of items for agent management extension =====
+# Number of seconds to keep retrying to listen (integer value)
-# =========== items for agent scheduler extension =============
+#retry_until_window = 30
-# Driver to use for scheduling network to DHCP agent
-# network_scheduler_driver = neutron.scheduler.dhcp_agent_scheduler.ChanceScheduler
+# Enable SSL on the API server (boolean value)
-# Driver to use for scheduling router to a default L3 agent
+#use_ssl = false
-# router_scheduler_driver = neutron.scheduler.l3_agent_scheduler.ChanceScheduler
-# Driver to use for scheduling a loadbalancer pool to an lbaas agent
+# Seconds between running periodic tasks (integer value)
-# loadbalancer_pool_scheduler_driver = neutron.services.loadbalancer.agent_scheduler.ChanceScheduler
+#periodic_interval = 40
-# (StrOpt) Representing the resource type whose load is being reported by
+# Number of separate API worker processes for service. If not specified, the
-# the agent.
+# default is equal to the number of CPUs available for best performance.
-# This can be 'networks','subnets' or 'ports'. When specified (Default is networks),
+# (integer value)
-# the server will extract particular load sent as part of its agent configuration object
+api_workers = 1
-# from the agent report state, which is the number of resources being consumed, at
-# every report_interval.
+# Number of RPC worker processes for service (integer value)
-# dhcp_load_type can be used in combination with network_scheduler_driver =
+#rpc_workers = 1
-# neutron.scheduler.dhcp_agent_scheduler.WeightScheduler
-# When the network_scheduler_driver is WeightScheduler, dhcp_load_type can
+# Number of RPC worker processes dedicated to state reports queue (integer
-# be configured to represent the choice for the resource being balanced.
+# value)
-# Example: dhcp_load_type = networks
+#rpc_state_report_workers = 1
-# Values:
-#   networks - number of networks hosted on the agent
+# Range of seconds to randomly delay when starting the periodic task scheduler
-#   subnets -  number of subnets associated with the networks hosted on the agent
+# to reduce stampeding. (Disable by setting to 0) (integer value)
-#   ports   -  number of ports associated with the networks hosted on the agent
+#periodic_fuzzy_delay = 5
-# dhcp_load_type = networks
+#
-# Allow auto scheduling networks to DHCP agent. It will schedule non-hosted
+# From neutron.agent
-# networks to first DHCP agent which sends get_active_networks message to
+#
-# neutron server
-# network_auto_schedule = True
+# The driver used to manage the virtual interface. (string value)
+#interface_driver = <None>
-# Allow auto scheduling routers to L3 agent. It will schedule non-hosted
-# routers to first L3 agent which sends sync_routers message to neutron server
+# Location for Metadata Proxy UNIX domain socket. (string value)
-# router_auto_schedule = True
+#metadata_proxy_socket = $state_path/metadata_proxy
-# Allow automatic rescheduling of routers from dead L3 agents with
+# User (uid or name) running metadata proxy after its initialization (if empty:
-# admin_state_up set to True to alive agents.
+# agent effective user). (string value)
-# allow_automatic_l3agent_failover = False
+#metadata_proxy_user =
-# Allow automatic removal of networks from dead DHCP agents with
+# Group (gid or name) running metadata proxy after its initialization (if
-# admin_state_up set to True.
+# empty: agent effective group). (string value)
-# Networks could then be rescheduled if network_auto_schedule is True
+#metadata_proxy_group =
-# allow_automatic_dhcp_failover = True
+# Enable/Disable log watch by metadata proxy. It should be disabled when
-# Number of DHCP agents scheduled to host a network. This enables redundant
-# DHCP agents for configured networks.
-# dhcp_agents_per_network = 1
-# Enable services on agents with admin_state_up False.
-# If this option is False, when admin_state_up of an agent is turned to
-# False, services on it will be disabled. If this option is True, services
-# on agents with admin_state_up False keep available and manual scheduling
-# to such agents is available. Agents with admin_state_up False are not
-# selected for automatic scheduling regardless of this option.
-# enable_services_on_agents_with_admin_state_down = False
-# ===========  end of items for agent scheduler extension =====
-# =========== items for l3 extension ==============
-# Enable high availability for virtual routers.
-# l3_ha = False
-#
-# Maximum number of l3 agents which a HA router will be scheduled on. If it
-# is set to 0 the router will be scheduled on every agent.
-# max_l3_agents_per_router = 3
-#
-# Minimum number of l3 agents which a HA router will be scheduled on. The
-# default value is 2.
-# min_l3_agents_per_router = 2
-#
-# CIDR of the administrative network if HA mode is enabled
-# l3_ha_net_cidr = 169.254.192.0/18
-#
-# The network type to use when creating the HA network for an HA router.
-# By default or if empty, the first 'tenant_network_types'
-# is used. This is helpful when the VRRP traffic should use a specific
-# network which not the default one.
-# ha_network_type =
-# Example: ha_network_type = flat
-#
-# The physical network name with which the HA network can be created.
-# ha_network_physical_name =
-# Example: ha_network_physical_name = physnet1
-# =========== end of items for l3 extension =======
-# =========== items for metadata proxy configuration ==============
-# User (uid or name) running metadata proxy after its initialization
-# (if empty: agent effective user)
-# metadata_proxy_user =
-# Group (gid or name) running metadata proxy after its initialization
-# (if empty: agent effective group)
-# metadata_proxy_group =
-# Enable/Disable log watch by metadata proxy, it should be disabled when
 # metadata_proxy_user/group is not allowed to read/write its log file and
-# 'copytruncate' logrotate option must be used if logrotate is enabled on
+# copytruncate logrotate option must be used if logrotate is enabled on
 # metadata proxy log files. Option default value is deduced from
 # metadata_proxy_user: watch log is enabled if metadata_proxy_user is agent
-# effective user id/name.
+# effective user id/name. (boolean value)
-# metadata_proxy_watch_log =
+#metadata_proxy_watch_log = <None>
-# Location of Metadata Proxy UNIX domain socket
+#
-# metadata_proxy_socket = $state_path/metadata_proxy
+# From neutron.db
-# =========== end of items for metadata proxy configuration ==============
+#
-# ========== items for VLAN trunking networks ==========
+# Seconds to regard the agent is down; should be at least twice
-# Setting this flag to True will allow plugins that support it to
+# report_interval, to be sure the agent is down for good. (integer value)
-# create VLAN transparent networks. This flag has no effect for
+#agent_down_time = 75
-# plugins that do not support VLAN transparent networks.
-# vlan_transparent = False
+# Representing the resource type whose load is being reported by the agent.
-# ========== end of items for VLAN trunking networks ==========
+# This can be "networks", "subnets" or "ports". When specified (Default is
+# networks), the server will extract particular load sent as part of its agent
-# =========== WSGI parameters related to the API server ==============
+# configuration object from the agent report state, which is the number of
-# Number of separate worker processes to spawn.  The default, 0, runs the
+# resources being consumed, at every report_interval.dhcp_load_type can be used
-# worker thread in the current process.  Greater than 0 launches that number of
+# in combination with network_scheduler_driver =
-# child processes as workers.  The parent process manages them.
+# neutron.scheduler.dhcp_agent_scheduler.WeightScheduler When the
-# api_workers = 0
+# network_scheduler_driver is WeightScheduler, dhcp_load_type can be configured
+# to represent the choice for the resource being balanced. Example:
-# Number of separate RPC worker processes to spawn.  The default, 0, runs the
+# dhcp_load_type=networks (string value)
-# worker thread in the current process.  Greater than 0 launches that number of
+# Allowed values: networks, subnets, ports
-# child processes as RPC workers.  The parent process manages them.
+#dhcp_load_type = networks
-# This feature is experimental until issues are addressed and testing has been
-# enabled for various plugins for compatibility.
+# Agent starts with admin_state_up=False when enable_new_agents=False. In the
-# rpc_workers = 0
+# case, user's resources will not be scheduled automatically to the agent until
+# admin changes admin_state_up to True. (boolean value)
-# Timeout for client connections socket operations. If an
+#enable_new_agents = true
-# incoming connection is idle for this number of seconds it
-# will be closed. A value of '0' means wait forever. (integer
+# Maximum number of routes per router (integer value)
-# value)
+#max_routes = 30
-# client_socket_timeout = 900
+# Define the default value of enable_snat if not provided in
-# wsgi keepalive option. Determines if connections are allowed to be held open
+# external_gateway_info. (boolean value)
-# by clients after a request is fulfilled. A value of False will ensure that
+#enable_snat_by_default = true
-# the socket connection will be explicitly closed once a response has been
-# sent to the client.
+# Driver to use for scheduling network to DHCP agent (string value)
-# wsgi_keep_alive = True
+#network_scheduler_driver = neutron.scheduler.dhcp_agent_scheduler.WeightScheduler
-# Sets the value of TCP_KEEPIDLE in seconds to use for each server socket when
+# Allow auto scheduling networks to DHCP agent. (boolean value)
-# starting API server. Not supported on OS X.
+#network_auto_schedule = true
-# tcp_keepidle = 600
+# Automatically remove networks from offline DHCP agents. (boolean value)
-# Number of seconds to keep retrying to listen
+#allow_automatic_dhcp_failover = true
-# retry_until_window = 30
+# Number of DHCP agents scheduled to host a tenant network. If this number is
-# Number of backlog requests to configure the socket with.
+# greater than 1, the scheduler automatically assigns multiple DHCP agents for
-# backlog = 4096
+# a given tenant network, providing high availability for DHCP service.
+# (integer value)
-# Max header line to accommodate large tokens
+#dhcp_agents_per_network = 1
-# max_header_line = 16384
+# Enable services on an agent with admin_state_up False. If this option is
-# Enable SSL on the API server
+# False, when admin_state_up of an agent is turned False, services on it will
-# use_ssl = False
+# be disabled. Agents with admin_state_up False are not selected for automatic
+# scheduling regardless of this option. But manual scheduling to such agents is
-# Certificate file to use when starting API server securely
+# available if this option is True. (boolean value)
-# ssl_cert_file = /path/to/certfile
+#enable_services_on_agents_with_admin_state_down = false
-# Private key file to use when starting API server securely
+# The base mac address used for unique DVR instances by Neutron. The first 3
-# ssl_key_file = /path/to/keyfile
+# octets will remain unchanged. If the 4th octet is not 00, it will also be
+# used. The others will be randomly generated. The 'dvr_base_mac' *must* be
-# CA certificate file to use when starting API server securely to
+# different from 'base_mac' to avoid mixing them up with MAC's allocated for
-# verify connecting clients. This is an optional parameter only required if
+# tenant ports. A 4 octet example would be dvr_base_mac = fa:16:3f:4f:00:00.
-# API clients need to authenticate to the API server using SSL certificates
+# The default is 3 octet (string value)
-# signed by a trusted CA
+#dvr_base_mac = fa:16:3f:00:00:00
-# ssl_ca_file = /path/to/cafile
-# ======== end of WSGI parameters related to the API server ==========
+# System-wide flag to determine the type of router that tenants can create.
+# Only admin can override. (boolean value)
-# ======== neutron nova interactions ==========
+#router_distributed = false
-# Send notification to nova when port status is active.
-# notify_nova_on_port_status_changes = True
+# Driver to use for scheduling router to a default L3 agent (string value)
+#router_scheduler_driver = neutron.scheduler.l3_agent_scheduler.LeastRoutersScheduler
-# Send notifications to nova when port data (fixed_ips/floatingips) change
-# so nova can update it's cache.
+# Allow auto scheduling of routers to L3 agent. (boolean value)
-# notify_nova_on_port_data_changes = True
+#router_auto_schedule = true
-# URL for connection to nova (Only supports one nova region currently).
+# Automatically reschedule routers from offline L3 agents to online L3 agents.
-# nova_url = http://127.0.0.1:8774/v2
+# (boolean value)
+#allow_automatic_l3agent_failover = false
-# Name of nova region to use. Useful if keystone manages more than one region
-# nova_region_name =
+# Enable HA mode for virtual routers. (boolean value)
+#l3_ha = false
-# Username for connection to nova in admin context
-# nova_admin_username =
+# Maximum number of L3 agents which a HA router will be scheduled on. If it is
+# set to 0 then the router will be scheduled on every agent. (integer value)
-# The uuid of the admin nova tenant
+#max_l3_agents_per_router = 3
-# nova_admin_tenant_id =
+# Minimum number of L3 agents which a HA router will be scheduled on. If it is
-# The name of the admin nova tenant. If the uuid of the admin nova tenant
+# set to 0 then the router will be scheduled on every agent. (integer value)
-# is set, this is optional.  Useful for cases where the uuid of the admin
+#min_l3_agents_per_router = 2
-# nova tenant is not available when configuration is being done.
-# nova_admin_tenant_name =
+# Subnet used for the l3 HA admin network. (string value)
+#l3_ha_net_cidr = 169.254.192.0/18
-# Password for connection to nova in admin context.
-# nova_admin_password =
+# The network type to use when creating the HA network for an HA router. By
+# default or if empty, the first 'tenant_network_types' is used. This is
-# Authorization URL for connection to nova in admin context.
+# helpful when the VRRP traffic should use a specific network which is not the
-# nova_admin_auth_url = http://localhost:5000/v2.0
+# default one. (string value)
+#l3_ha_network_type =
-# CA file for novaclient to verify server certificates
-# nova_ca_certificates_file =
+# The physical network name with which the HA network can be created. (string
+# value)
-# Boolean to control ignoring SSL errors on the nova url
+#l3_ha_network_physical_name =
-# nova_api_insecure = False
+#
-# Number of seconds between sending events to nova if there are any events to send
+# From neutron.extensions
-# send_events_interval = 2
+#
-# ======== end of neutron nova interactions ==========
+# Maximum number of allowed address pairs (integer value)
+#max_allowed_address_pair = 10
-#
-# Options defined in oslo.messaging
+#
-#
+# From neutron.qos
+#
-# Use durable queues in amqp. (boolean value)
-# Deprecated group/name - [DEFAULT]/rabbit_durable_queues
+# Drivers list to use to send the update notification (list value)
-# amqp_durable_queues=false
+#notification_drivers = message_queue
-# Auto-delete queues in amqp. (boolean value)
+#
-# amqp_auto_delete=false
+# From oslo.log
+#
+# If set to true, the logging level will be set to DEBUG instead of the default
+# INFO level. (boolean value)
+#debug = false
+# If set to false, the logging level will be set to WARNING instead of the
+# default INFO level. (boolean value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+#verbose = true
+# The name of a logging configuration file. This file is appended to any
+# existing logging configuration files. For details about logging configuration
+# files, see the Python logging module documentation. Note that when logging
+# configuration files are used then all logging configuration is set in the
+# configuration file and other logging configuration options are ignored (for
+# example, logging_context_format_string). (string value)
+# Deprecated group/name - [DEFAULT]/log_config
+#log_config_append = <None>
+# Defines the format string for %%(asctime)s in log records. Default:
+# %(default)s . This option is ignored if log_config_append is set. (string
+# value)
+#log_date_format = %Y-%m-%d %H:%M:%S
+# (Optional) Name of log file to send logging output to. If no default is set,
+# logging will go to stderr as defined by use_stderr. This option is ignored if
+# log_config_append is set. (string value)
+# Deprecated group/name - [DEFAULT]/logfile
+#log_file = <None>
+# (Optional) The base directory used for relative log_file  paths. This option
+# is ignored if log_config_append is set. (string value)
+# Deprecated group/name - [DEFAULT]/logdir
+#log_dir = <None>
+# Uses logging handler designed to watch file system. When log file is moved or
+# removed this handler will open a new log file with specified path
+# instantaneously. It makes sense only if log_file option is specified and
+# Linux platform is used. This option is ignored if log_config_append is set.
+# (boolean value)
+#watch_log_file = false
+# Use syslog for logging. Existing syslog format is DEPRECATED and will be
+# changed later to honor RFC5424. This option is ignored if log_config_append
+# is set. (boolean value)
+#use_syslog = false
+# Syslog facility to receive log lines. This option is ignored if
+# log_config_append is set. (string value)
+#syslog_log_facility = LOG_USER
+# Log output to standard error. This option is ignored if log_config_append is
+# set. (boolean value)
+#use_stderr = true
+# Format string to use for log messages with context. (string value)
+#logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s
+# Format string to use for log messages when context is undefined. (string
+# value)
+#logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s
+# Additional data to append to log message when logging level for the message
+# is DEBUG. (string value)
+#logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d
+# Prefix each line of exception output with this format. (string value)
+#logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s
+# Defines the format string for %(user_identity)s that is used in
+# logging_context_format_string. (string value)
+#logging_user_identity_format = %(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s
+# List of package logging levels in logger=LEVEL pairs. This option is ignored
+# if log_config_append is set. (list value)
+#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN,keystoneauth=WARN,oslo.cache=INFO,dogpile.core.dogpile=INFO
+# Enables or disables publication of error events. (boolean value)
+#publish_errors = false
+# The format for an instance that is passed with the log message. (string
+# value)
+#instance_format = "[instance: %(uuid)s] "
+# The format for an instance UUID that is passed with the log message. (string
+# value)
+#instance_uuid_format = "[instance: %(uuid)s] "
+# Enables or disables fatal status of deprecations. (boolean value)
+#fatal_deprecations = false
+#
+# From oslo.messaging
+#
 # Size of RPC connection pool. (integer value)
-# rpc_conn_pool_size=30
+# Deprecated group/name - [DEFAULT]/rpc_conn_pool_size
+#rpc_conn_pool_size = 30
-# Qpid broker hostname. (string value)
-# qpid_hostname=localhost
+# ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP.
+# The "host" option should point or resolve to this address. (string value)
-# Qpid broker port. (integer value)
+#rpc_zmq_bind_address = *
-# qpid_port=5672
+# MatchMaker driver. (string value)
-# Qpid HA cluster host:port pairs. (list value)
+# Allowed values: redis, dummy
-# qpid_hosts=$qpid_hostname:$qpid_port
+#rpc_zmq_matchmaker = redis
-# Username for Qpid connection. (string value)
+# Type of concurrency used. Either "native" or "eventlet" (string value)
-# qpid_username=
+#rpc_zmq_concurrency = eventlet
-# Password for Qpid connection. (string value)
+# Number of ZeroMQ contexts, defaults to 1. (integer value)
-# qpid_password=
+#rpc_zmq_contexts = 1
-# Space separated list of SASL mechanisms to use for auth.
+# Maximum number of ingress messages to locally buffer per topic. Default is
+# unlimited. (integer value)
+#rpc_zmq_topic_backlog = <None>
+# Directory for holding IPC sockets. (string value)
+#rpc_zmq_ipc_dir = /var/run/openstack
+# Name of this node. Must be a valid hostname, FQDN, or IP address. Must match
+# "host" option, if running Nova. (string value)
+#rpc_zmq_host = localhost
+# Seconds to wait before a cast expires (TTL). The default value of -1
+# specifies an infinite linger period. The value of 0 specifies no linger
+# period. Pending messages shall be discarded immediately when the socket is
+# closed. Only supported by impl_zmq. (integer value)
+#rpc_cast_timeout = -1
+# The default number of seconds that poll should wait. Poll raises timeout
+# exception when timeout expired. (integer value)
+#rpc_poll_timeout = 1
+# Expiration timeout in seconds of a name service record about existing target
+# ( < 0 means no timeout). (integer value)
+#zmq_target_expire = 120
+# Use PUB/SUB pattern for fanout methods. PUB/SUB always uses proxy. (boolean
+# value)
+#use_pub_sub = true
+# Minimal port number for random ports range. (port value)
+# Minimum value: 0
+# Maximum value: 65535
+#rpc_zmq_min_port = 49152
+# Maximal port number for random ports range. (integer value)
+# Minimum value: 1
+# Maximum value: 65536
+#rpc_zmq_max_port = 65536
+# Number of retries to find free port number before fail with ZMQBindError.
+# (integer value)
+#rpc_zmq_bind_port_retries = 100
+# Size of executor thread pool. (integer value)
+# Deprecated group/name - [DEFAULT]/rpc_thread_pool_size
+#executor_thread_pool_size = 64
+# Seconds to wait for a response from a call. (integer value)
+#rpc_response_timeout = 60
+# A URL representing the messaging driver to use and its full configuration. If
+# not set, we fall back to the rpc_backend option and driver specific
+# configuration. (string value)
+#transport_url = <None>
+# The messaging driver to use, defaults to rabbit. Other drivers include amqp
+# and zmq. (string value)
+#rpc_backend = rabbit
+# The default exchange under which topics are scoped. May be overridden by an
+# exchange name specified in the transport_url option. (string value)
+#control_exchange = neutron
+#
+# From oslo.service.wsgi
+#
+# File name for the paste.deploy config for api service (string value)
+#api_paste_config = api-paste.ini
+# A python format string that is used as the template to generate log lines.
+# The following values can beformatted into it: client_ip, date_time,
+# request_line, status_code, body_length, wall_seconds. (string value)
+#wsgi_log_format = %(client_ip)s "%(request_line)s" status: %(status_code)s  len: %(body_length)s time: %(wall_seconds).7f
+# Sets the value of TCP_KEEPIDLE in seconds for each server socket. Not
+# supported on OS X. (integer value)
+#tcp_keepidle = 600
+# Size of the pool of greenthreads used by wsgi (integer value)
+#wsgi_default_pool_size = 100
+# Maximum line size of message headers to be accepted. max_header_line may need
+# to be increased when using large tokens (typically those generated when
+# keystone is configured to use PKI tokens with big service catalogs). (integer
+# value)
+#max_header_line = 16384
+# If False, closes the client socket connection explicitly. (boolean value)
+#wsgi_keep_alive = true
+# Timeout for client connections' socket operations. If an incoming connection
+# is idle for this number of seconds it will be closed. A value of '0' means
+# wait forever. (integer value)
+#client_socket_timeout = 900
+[agent]
+#
+# From neutron.agent
+#
+# Root helper application. Use 'sudo neutron-rootwrap
+# /etc/neutron/rootwrap.conf' to use the real root filter facility. Change to
+# 'sudo' to skip the filtering and just run the command directly. (string
+# value)
+root_helper =
+# Use the root helper when listing the namespaces on a system. This may not be
+# required depending on the security configuration. If the root helper is not
+# required, set this to False for a performance improvement. (boolean value)
+#use_helper_for_ns_read = true
+# Root helper daemon application to use when possible. (string value)
+#root_helper_daemon = <None>
+# Seconds between nodes reporting state to server; should be less than
+# agent_down_time, best if it is half or less than agent_down_time. (floating
+# point value)
+#report_interval = 30
+# Log agent heartbeats (boolean value)
+#log_agent_heartbeats = false
+# Add comments to iptables rules. Set to false to disallow the addition of
+# comments to generated iptables rules that describe each rule's purpose.
+# System must support the iptables comments module for addition of comments.
+# (boolean value)
+#comment_iptables_rules = true
+# Action to be executed when a child process dies (string value)
+# Allowed values: respawn, exit
+#check_child_processes_action = respawn
+# Interval between checks of child process liveness (seconds), use 0 to disable
+# (integer value)
+#check_child_processes_interval = 60
+# Availability zone of this node (string value)
+#availability_zone = nova
+[cors]
+#
+# From oslo.middleware.cors
+#
+# Indicate whether this resource may be shared with the domain received in the
+# requests "origin" header. (list value)
+#allowed_origin = <None>
+# Indicate that the actual request can include user credentials (boolean value)
+#allow_credentials = true
+# Indicate which headers are safe to expose to the API. Defaults to HTTP Simple
+# Headers. (list value)
+#expose_headers = X-Auth-Token,X-Subject-Token,X-Service-Token,X-OpenStack-Request-ID,OpenStack-Volume-microversion
+# Maximum cache age of CORS preflight requests. (integer value)
+#max_age = 3600
+# Indicate which methods can be used during the actual request. (list value)
+#allow_methods = GET,PUT,POST,DELETE,PATCH
+# Indicate which header field names may be used during the actual request.
+# (list value)
+#allow_headers = X-Auth-Token,X-Identity-Status,X-Roles,X-Service-Catalog,X-User-Id,X-Tenant-Id,X-OpenStack-Request-ID
+[cors.subdomain]
+#
+# From oslo.middleware.cors
+#
+# Indicate whether this resource may be shared with the domain received in the
+# requests "origin" header. (list value)
+#allowed_origin = <None>
+# Indicate that the actual request can include user credentials (boolean value)
+#allow_credentials = true
+# Indicate which headers are safe to expose to the API. Defaults to HTTP Simple
+# Headers. (list value)
+#expose_headers = X-Auth-Token,X-Subject-Token,X-Service-Token,X-OpenStack-Request-ID,OpenStack-Volume-microversion
+# Maximum cache age of CORS preflight requests. (integer value)
+#max_age = 3600
+# Indicate which methods can be used during the actual request. (list value)
+#allow_methods = GET,PUT,POST,DELETE,PATCH
+# Indicate which header field names may be used during the actual request.
+# (list value)
+#allow_headers = X-Auth-Token,X-Identity-Status,X-Roles,X-Service-Catalog,X-User-Id,X-Tenant-Id,X-OpenStack-Request-ID
+[database]
+#
+# From neutron.db
+#
+# Database engine for which script will be generated when using offline
+# migration. (string value)
+#engine =
+#
+# From oslo.db
+#
+# The file name to use with SQLite. (string value)
+# Deprecated group/name - [DEFAULT]/sqlite_db
+#sqlite_db = oslo.sqlite
+# If True, SQLite uses synchronous mode. (boolean value)
+# Deprecated group/name - [DEFAULT]/sqlite_synchronous
+#sqlite_synchronous = true
+# The back end to use for the database. (string value)
+# Deprecated group/name - [DEFAULT]/db_backend
+#backend = sqlalchemy
+# The SQLAlchemy connection string to use to connect to the database. (string
+# value)
+# Deprecated group/name - [DEFAULT]/sql_connection
+# Deprecated group/name - [DATABASE]/sql_connection
+# Deprecated group/name - [sql]/connection
+connection = mysql://%SERVICE_USER%:%SERVICE_PASSWORD%@localhost/neutron
+# The SQLAlchemy connection string to use to connect to the slave database.
 # (string value)
-# qpid_sasl_mechanisms=
+#slave_connection = <None>
-# Seconds between connection keepalive heartbeats. (integer
+# The SQL mode to be used for MySQL sessions. This option, including the
-# value)
+# default, overrides any server-set SQL mode. To use whatever SQL mode is set
-# qpid_heartbeat=60
+# by the server configuration, set this to no value. Example: mysql_sql_mode=
+# (string value)
-# Transport to use, either 'tcp' or 'ssl'. (string value)
+#mysql_sql_mode = TRADITIONAL
-# qpid_protocol=tcp
+# Timeout before idle SQL connections are reaped. (integer value)
-# Whether to disable the Nagle algorithm. (boolean value)
+# Deprecated group/name - [DEFAULT]/sql_idle_timeout
-# qpid_tcp_nodelay=true
+# Deprecated group/name - [DATABASE]/sql_idle_timeout
+# Deprecated group/name - [sql]/idle_timeout
-# The qpid topology version to use.  Version 1 is what was
+#idle_timeout = 3600
-# originally used by impl_qpid.  Version 2 includes some
-# backwards-incompatible changes that allow broker federation
+# Minimum number of SQL connections to keep open in a pool. (integer value)
-# to work.  Users should update to version 2 when they are
+# Deprecated group/name - [DEFAULT]/sql_min_pool_size
-# able to take everything down, as it requires a clean break.
+# Deprecated group/name - [DATABASE]/sql_min_pool_size
+#min_pool_size = 1
+# Maximum number of SQL connections to keep open in a pool. (integer value)
+# Deprecated group/name - [DEFAULT]/sql_max_pool_size
+# Deprecated group/name - [DATABASE]/sql_max_pool_size
+#max_pool_size = <None>
+# Maximum number of database connection retries during startup. Set to -1 to
+# specify an infinite retry count. (integer value)
+# Deprecated group/name - [DEFAULT]/sql_max_retries
+# Deprecated group/name - [DATABASE]/sql_max_retries
+#max_retries = 10
+# Interval between retries of opening a SQL connection. (integer value)
+# Deprecated group/name - [DEFAULT]/sql_retry_interval
+# Deprecated group/name - [DATABASE]/reconnect_interval
+#retry_interval = 10
+# If set, use this value for max_overflow with SQLAlchemy. (integer value)
+# Deprecated group/name - [DEFAULT]/sql_max_overflow
+# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow
+#max_overflow = 50
+# Verbosity of SQL debugging information: 0=None, 100=Everything. (integer
+# value)
+# Deprecated group/name - [DEFAULT]/sql_connection_debug
+#connection_debug = 0
+# Add Python stack traces to SQL as comment strings. (boolean value)
+# Deprecated group/name - [DEFAULT]/sql_connection_trace
+#connection_trace = false
+# If set, use this value for pool_timeout with SQLAlchemy. (integer value)
+# Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout
+#pool_timeout = <None>
+# Enable the experimental use of database reconnect on connection lost.
+# (boolean value)
+#use_db_reconnect = false
+# Seconds between retries of a database transaction. (integer value)
+#db_retry_interval = 1
+# If True, increases the interval between retries of a database operation up to
+# db_max_retry_interval. (boolean value)
+#db_inc_retry_interval = true
+# If db_inc_retry_interval is set, the maximum seconds between retries of a
+# database operation. (integer value)
+#db_max_retry_interval = 10
+# Maximum retries in case of connection error or deadlock error before error is
+# raised. Set to -1 to specify an infinite retry count. (integer value)
+#db_max_retries = 20
+[keystone_authtoken]
+#
+# From keystonemiddleware.auth_token
+#
+# Complete public Identity API endpoint. (string value)
+auth_uri = http://127.0.0.1:5000/v2.0/
+# API version of the admin Identity API endpoint. (string value)
+#auth_version = <None>
+# Do not handle authorization requests within the middleware, but delegate the
+# authorization decision to downstream WSGI components. (boolean value)
+#delay_auth_decision = false
+# Request timeout value for communicating with Identity API server. (integer
+# value)
+#http_connect_timeout = <None>
+# How many times are we trying to reconnect when communicating with Identity
+# API Server. (integer value)
+#http_request_max_retries = 3
+# Env key for the swift cache. (string value)
+#cache = <None>
+# Required if identity server requires client certificate (string value)
+#certfile = <None>
+# Required if identity server requires client certificate (string value)
+#keyfile = <None>
+# A PEM encoded Certificate Authority to use when verifying HTTPs connections.
+# Defaults to system CAs. (string value)
+#cafile = <None>
+# Verify HTTPS connections. (boolean value)
+#insecure = false
+# The region in which the identity server can be found. (string value)
+#region_name = <None>
+# Directory used to cache files related to PKI tokens. (string value)
+signing_dir = $state_path/keystone-signing
+# Optionally specify a list of memcached server(s) to use for caching. If left
+# undefined, tokens will instead be cached in-process. (list value)
+# Deprecated group/name - [DEFAULT]/memcache_servers
+#memcached_servers = <None>
+# In order to prevent excessive effort spent validating tokens, the middleware
+# caches previously-seen tokens for a configurable duration (in seconds). Set
+# to -1 to disable caching completely. (integer value)
+#token_cache_time = 300
+# Determines the frequency at which the list of revoked tokens is retrieved
+# from the Identity service (in seconds). A high number of revocation events
+# combined with a low cache duration may significantly reduce performance.
 # (integer value)
-# qpid_topology_version=1
+#revocation_cache_time = 10
-# SSL version to use (valid only if SSL enabled). valid values
+# (Optional) If defined, indicate whether token data should be authenticated or
-# are TLSv1, SSLv23 and SSLv3. SSLv2 may be available on some
+# authenticated and encrypted. If MAC, token data is authenticated (with HMAC)
-# distributions. (string value)
+# in the cache. If ENCRYPT, token data is encrypted and authenticated in the
-# kombu_ssl_version=
+# cache. If the value is not one of these options or empty, auth_token will
+# raise an exception on initialization. (string value)
-# SSL key file (valid only if SSL enabled). (string value)
+# Allowed values: None, MAC, ENCRYPT
-# kombu_ssl_keyfile=
+#memcache_security_strategy = None
-# SSL cert file (valid only if SSL enabled). (string value)
+# (Optional, mandatory if memcache_security_strategy is defined) This string is
-# kombu_ssl_certfile=
+# used for key derivation. (string value)
+#memcache_secret_key = <None>
-# SSL certification authority file (valid only if SSL
-# enabled). (string value)
+# (Optional) Number of seconds memcached server is considered dead before it is
-# kombu_ssl_ca_certs=
+# tried again. (integer value)
+#memcache_pool_dead_retry = 300
-# How long to wait before reconnecting in response to an AMQP
-# consumer cancel notification. (floating point value)
+# (Optional) Maximum total number of open connections to every memcached
-# kombu_reconnect_delay=1.0
+# server. (integer value)
+#memcache_pool_maxsize = 10
-# The RabbitMQ broker address where a single node is used.
+# (Optional) Socket timeout in seconds for communicating with a memcached
+# server. (integer value)
+#memcache_pool_socket_timeout = 3
+# (Optional) Number of seconds a connection to memcached is held unused in the
+# pool before it is closed. (integer value)
+#memcache_pool_unused_timeout = 60
+# (Optional) Number of seconds that an operation will wait to get a memcached
+# client connection from the pool. (integer value)
+#memcache_pool_conn_get_timeout = 10
+# (Optional) Use the advanced (eventlet safe) memcached client pool. The
+# advanced pool will only work under python 2.x. (boolean value)
+#memcache_use_advanced_pool = false
+# (Optional) Indicate whether to set the X-Service-Catalog header. If False,
+# middleware will not ask for service catalog on token validation and will not
+# set the X-Service-Catalog header. (boolean value)
+#include_service_catalog = true
+# Used to control the use and type of token binding. Can be set to: "disabled"
+# to not check token binding. "permissive" (default) to validate binding
+# information if the bind type is of a form known to the server and ignore it
+# if not. "strict" like "permissive" but if the bind type is unknown the token
+# will be rejected. "required" any form of token binding is needed to be
+# allowed. Finally the name of a binding method that must be present in tokens.
 # (string value)
-# rabbit_host=localhost
+#enforce_token_bind = permissive
-# The RabbitMQ broker port where a single node is used.
+# If true, the revocation list will be checked for cached tokens. This requires
-# (integer value)
+# that PKI tokens are configured on the identity server. (boolean value)
-# rabbit_port=5672
+#check_revocations_for_cached = false
-# RabbitMQ HA cluster host:port pairs. (list value)
+# Hash algorithms to use for hashing PKI tokens. This may be a single algorithm
-# rabbit_hosts=$rabbit_host:$rabbit_port
+# or multiple. The algorithms are those supported by Python standard
+# hashlib.new(). The hashes will be tried in the order given, so put the
-# Connect over SSL for RabbitMQ. (boolean value)
+# preferred one first for performance. The result of the first hash will be
-# rabbit_use_ssl=false
+# stored in the cache. This will typically be set to multiple values only while
+# migrating from a less secure algorithm to a more secure one. Once all the old
-# The RabbitMQ userid. (string value)
+# tokens are expired this option should be set to a single value for better
-# rabbit_userid=guest
+# performance. (list value)
+#hash_algorithms = md5
-# The RabbitMQ password. (string value)
-# rabbit_password=guest
+# Authentication type to load (unknown value)
+# Deprecated group/name - [DEFAULT]/auth_plugin
-# the RabbitMQ login method (string value)
+#auth_type = <None>
-# rabbit_login_method=AMQPLAIN
+# Config Section from which to load plugin specific options (unknown value)
-# The RabbitMQ virtual host. (string value)
+#auth_section = <None>
-# rabbit_virtual_host=/
+# Complete admin Identity API endpoint. This should specify the unversioned
-# How frequently to retry connecting with RabbitMQ. (integer
+# root endpoint e.g. https://localhost:35357/ (string value)
-# value)
+identity_uri = http://127.0.0.1:35357/
-# rabbit_retry_interval=1
+# Service username. (string value)
-# How long to backoff for between retries when connecting to
+admin_user = %SERVICE_USER%
-# RabbitMQ. (integer value)
-# rabbit_retry_backoff=2
+# Service user password. (string value)
+admin_password = %SERVICE_PASSWORD%
-# Maximum number of RabbitMQ connection retries. Default is 0
-# (infinite retry count). (integer value)
+# Service tenant name. (string value)
-# rabbit_max_retries=0
+admin_tenant_name = %SERVICE_TENANT_NAME%
-# Use HA queues in RabbitMQ (x-ha-policy: all). If you change
-# this option, you must wipe the RabbitMQ database. (boolean
+[matchmaker_redis]
-# value)
-# rabbit_ha_queues=false
+#
+# From oslo.messaging
-# If passed, use a fake RabbitMQ provider. (boolean value)
+#
-# fake_rabbit=false
+# Host to locate redis. (string value)
-# ZeroMQ bind address. Should be a wildcard (*), an ethernet
+#host = 127.0.0.1
-# interface, or IP. The "host" option should point or resolve
-# to this address. (string value)
+# Use this port to connect to redis host. (port value)
-# rpc_zmq_bind_address=*
+# Minimum value: 0
+# Maximum value: 65535
-# MatchMaker driver. (string value)
+#port = 6379
-# rpc_zmq_matchmaker=oslo.messaging._drivers.matchmaker.MatchMakerLocalhost
+# Password for Redis server (optional). (string value)
-# ZeroMQ receiver listening port. (integer value)
+#password =
-# rpc_zmq_port=9501
+# List of Redis Sentinel hosts (fault tolerance mode) e.g.
-# Number of ZeroMQ contexts, defaults to 1. (integer value)
+# [host:port, host1:port ... ] (list value)
-# rpc_zmq_contexts=1
+#sentinel_hosts =
-# Maximum number of ingress messages to locally buffer per
+# Redis replica set name. (string value)
-# topic. Default is unlimited. (integer value)
+#sentinel_group_name = oslo-messaging-zeromq
-# rpc_zmq_topic_backlog=
+# Time in ms to wait between connection attempts. (integer value)
-# Directory for holding IPC sockets. (string value)
+#wait_timeout = 500
-# rpc_zmq_ipc_dir=/var/run/openstack
+# Time in ms to wait before the transaction is killed. (integer value)
-# Name of this node. Must be a valid hostname, FQDN, or IP
+#check_timeout = 20000
-# address. Must match "host" option, if running Nova. (string
-# value)
+# Timeout in ms on blocking socket operations (integer value)
-# rpc_zmq_host=oslo
+#socket_timeout = 1000
-# Seconds to wait before a cast expires (TTL). Only supported
-# by impl_zmq. (integer value)
+[nova]
-# rpc_cast_timeout=30
+#
-# Heartbeat frequency. (integer value)
+# From neutron
-# matchmaker_heartbeat_freq=300
+#
-# Heartbeat time-to-live. (integer value)
+# Name of nova region to use. Useful if keystone manages more than one region.
-# matchmaker_heartbeat_ttl=600
+# (string value)
+#region_name = <None>
-# Size of RPC greenthread pool. (integer value)
-# rpc_thread_pool_size=64
+# Type of the nova endpoint to use.  This endpoint will be looked up in the
+# keystone catalog and should be one of public, internal or admin. (string
-# Driver or drivers to handle sending notifications. (multi
+# value)
-# valued)
+# Allowed values: public, admin, internal
-# notification_driver=
+#endpoint_type = public
+#
+# From nova.auth
+#
+# Authentication URL (unknown value)
+auth_url = http://127.0.0.1:5000/v2.0/
+# Authentication type to load (unknown value)
+# Deprecated group/name - [DEFAULT]/auth_plugin
+auth_type = v2password
+# PEM encoded Certificate Authority to use when verifying HTTPs connections.
+# (string value)
+#cafile = <None>
+# PEM encoded client certificate cert file (string value)
+#certfile = <None>
+# Optional domain ID to use with v3 and v2 parameters. It will be used for both
+# the user and project domain in v3 and ignored in v2 authentication. (unknown
+# value)
+#default_domain_id = <None>
+# Optional domain name to use with v3 API and v2 parameters. It will be used
+# for both the user and project domain in v3 and ignored in v2 authentication.
+# (unknown value)
+#default_domain_name = <None>
+# Domain ID to scope to (unknown value)
+#domain_id = <None>
+# Domain name to scope to (unknown value)
+#domain_name = <None>
+# Verify HTTPS connections. (boolean value)
+#insecure = false
+# PEM encoded client certificate key file (string value)
+#keyfile = <None>
+# User's password (unknown value)
+password = %SERVICE_PASSWORD%
+# Domain ID containing project (unknown value)
+#project_domain_id = <None>
+# Domain name containing project (unknown value)
+#project_domain_name = <None>
+# Project ID to scope to (unknown value)
+# Deprecated group/name - [DEFAULT]/tenant-id
+#project_id = <None>
+# Project name to scope to (unknown value)
+# Deprecated group/name - [DEFAULT]/tenant-name
+#project_name = <None>
+# Tenant ID (unknown value)
+#tenant_id = <None>
+# Tenant Name (unknown value)
+tenant_name = %SERVICE_TENANT_NAME%
+# Timeout value for http requests (integer value)
+#timeout = <None>
+# Trust ID (unknown value)
+#trust_id = <None>
+# User's domain id (unknown value)
+#user_domain_id = <None>
+# User's domain name (unknown value)
+#user_domain_name = <None>
+# User id (unknown value)
+#user_id = <None>
+# Username (unknown value)
+# Deprecated group/name - [DEFAULT]/user-name
+username = %SERVICE_USER%
+[oslo_concurrency]
+#
+# From oslo.concurrency
+#
+# Enables or disables inter-process locks. (boolean value)
+# Deprecated group/name - [DEFAULT]/disable_process_locking
+#disable_process_locking = false
+# Directory to use for lock files.  For security, the specified directory
+# should only be writable by the user running the processes that need locking.
+# Defaults to environment variable OSLO_LOCK_PATH. If external locks are used,
+# a lock path must be set. (string value)
+# Deprecated group/name - [DEFAULT]/lock_path
+lock_path = $state_path/lock
+[oslo_messaging_amqp]
+#
+# From oslo.messaging
+#
+# address prefix used when sending to a specific server (string value)
+# Deprecated group/name - [amqp1]/server_request_prefix
+#server_request_prefix = exclusive
+# address prefix used when broadcasting to all servers (string value)
+# Deprecated group/name - [amqp1]/broadcast_prefix
+#broadcast_prefix = broadcast
+# address prefix when sending to any server in group (string value)
+# Deprecated group/name - [amqp1]/group_request_prefix
+#group_request_prefix = unicast
+# Name for the AMQP container (string value)
+# Deprecated group/name - [amqp1]/container_name
+#container_name = <None>
+# Timeout for inactive connections (in seconds) (integer value)
+# Deprecated group/name - [amqp1]/idle_timeout
+#idle_timeout = 0
+# Debug: dump AMQP frames to stdout (boolean value)
+# Deprecated group/name - [amqp1]/trace
+#trace = false
+# CA certificate PEM file to verify server certificate (string value)
+# Deprecated group/name - [amqp1]/ssl_ca_file
+#ssl_ca_file =
+# Identifying certificate PEM file to present to clients (string value)
+# Deprecated group/name - [amqp1]/ssl_cert_file
+#ssl_cert_file =
+# Private key PEM file used to sign cert_file certificate (string value)
+# Deprecated group/name - [amqp1]/ssl_key_file
+#ssl_key_file =
+# Password for decrypting ssl_key_file (if encrypted) (string value)
+# Deprecated group/name - [amqp1]/ssl_key_password
+#ssl_key_password = <None>
+# Accept clients using either SSL or plain TCP (boolean value)
+# Deprecated group/name - [amqp1]/allow_insecure_clients
+#allow_insecure_clients = false
+# Space separated list of acceptable SASL mechanisms (string value)
+# Deprecated group/name - [amqp1]/sasl_mechanisms
+#sasl_mechanisms =
+# Path to directory that contains the SASL configuration (string value)
+# Deprecated group/name - [amqp1]/sasl_config_dir
+#sasl_config_dir =
+# Name of configuration file (without .conf suffix) (string value)
+# Deprecated group/name - [amqp1]/sasl_config_name
+#sasl_config_name =
+# User name for message broker authentication (string value)
+# Deprecated group/name - [amqp1]/username
+#username =
+# Password for message broker authentication (string value)
+# Deprecated group/name - [amqp1]/password
+#password =
+[oslo_messaging_notifications]
+#
+# From oslo.messaging
+#
+# The Drivers(s) to handle sending notifications. Possible values are
+# messaging, messagingv2, routing, log, test, noop (multi valued)
+# Deprecated group/name - [DEFAULT]/notification_driver
+#driver =
+# A URL representing the messaging driver to use for notifications. If not set,
+# we fall back to the same configuration used for RPC. (string value)
+# Deprecated group/name - [DEFAULT]/notification_transport_url
+#transport_url = <None>
 # AMQP topic used for OpenStack notifications. (list value)
 # Deprecated group/name - [rpc_notifier2]/topics
-# notification_topics=notifications
+# Deprecated group/name - [DEFAULT]/notification_topics
+#topics = notifications
-# Seconds to wait for a response from a call. (integer value)
-# rpc_response_timeout=60
+[oslo_messaging_rabbit]
-# A URL representing the messaging driver to use and its full
-# configuration. If not set, we fall back to the rpc_backend
-# option and driver specific configuration. (string value)
-# transport_url=
-# The messaging driver to use, defaults to rabbit. Other
-# drivers include qpid and zmq. (string value)
-# rpc_backend=rabbit
-# The default exchange under which topics are scoped. May be
-# overridden by an exchange name specified in the
-# transport_url option. (string value)
-# control_exchange=openstack
-[matchmaker_redis]
-#
-# Options defined in oslo.messaging
-#
-# Host to locate redis. (string value)
-# host=127.0.0.1
-# Use this port to connect to redis host. (integer value)
-# port=6379
-# Password for Redis server (optional). (string value)
-# password=
-[matchmaker_ring]
-#
-# Options defined in oslo.messaging
-#
-# Matchmaker ring file (JSON). (string value)
-# Deprecated group/name - [DEFAULT]/matchmaker_ringfile
-# ringfile=/etc/oslo/matchmaker_ring.json
-[quotas]
-# Default driver to use for quota checks
-# quota_driver = neutron.db.quota_db.DbQuotaDriver
-# Resource name(s) that are supported in quota features
-# quota_items = network,subnet,port
-# Default number of resource allowed per tenant. A negative value means
-# unlimited.
-# default_quota = -1
-# Number of networks allowed per tenant. A negative value means unlimited.
-# quota_network = 10
-# Number of subnets allowed per tenant. A negative value means unlimited.
-# quota_subnet = 10
-# Number of ports allowed per tenant. A negative value means unlimited.
-# quota_port = 50
-# Number of security groups allowed per tenant. A negative value means
-# unlimited.
-# quota_security_group = 10
-# Number of security group rules allowed per tenant. A negative value means
-# unlimited.
-# quota_security_group_rule = 100
-# Number of vips allowed per tenant. A negative value means unlimited.
-# quota_vip = 10
-# Number of pools allowed per tenant. A negative value means unlimited.
-# quota_pool = 10
-# Number of pool members allowed per tenant. A negative value means unlimited.
-# The default is unlimited because a member is not a real resource consumer
-# on Openstack. However, on back-end, a member is a resource consumer
-# and that is the reason why quota is possible.
-# quota_member = -1
-# Number of health monitors allowed per tenant. A negative value means
-# unlimited.
-# The default is unlimited because a health monitor is not a real resource
-# consumer on Openstack. However, on back-end, a member is a resource consumer
-# and that is the reason why quota is possible.
-# quota_health_monitor = -1
-# Number of loadbalancers allowed per tenant. A negative value means unlimited.
-# quota_loadbalancer = 10
-# Number of listeners allowed per tenant. A negative value means unlimited.
-# quota_listener = -1
-# Number of v2 health monitors allowed per tenant. A negative value means
-# unlimited. These health monitors exist under the lbaas v2 API
-# quota_healthmonitor = -1
-# Number of routers allowed per tenant. A negative value means unlimited.
-# quota_router = 10
-# Number of floating IPs allowed per tenant. A negative value means unlimited.
-# quota_floatingip = 50
-# Number of firewalls allowed per tenant. A negative value means unlimited.
-# quota_firewall = 1
-# Number of firewall policies allowed per tenant. A negative value means
-# unlimited.
-# quota_firewall_policy = 1
-# Number of firewall rules allowed per tenant. A negative value means
-# unlimited.
-# quota_firewall_rule = 100
-[agent]
-# Use "sudo neutron-rootwrap /etc/neutron/rootwrap.conf" to use the real
-# root filter facility.
-# Change to "sudo" to skip the filtering and just run the command directly
-root_helper =
-# Set to true to add comments to generated iptables rules that describe
-# each rule's purpose. (System must support the iptables comments module.)
-# comment_iptables_rules = True
-# Root helper daemon application to use when possible.
-# root_helper_daemon =
-# Use the root helper when listing the namespaces on a system. This may not
-# be required depending on the security configuration. If the root helper is
-# not required, set this to False for a performance improvement.
-# use_helper_for_ns_read = True
-# The interval to check external processes for failure in seconds (0=disabled)
-# check_child_processes_interval = 60
-# Action to take when an external process spawned by an agent dies
-# Values:
-#   respawn - Respawns the external process
-#   exit - Exits the agent
-# check_child_processes_action = respawn
-# =========== items for agent management extension =============
-# seconds between nodes reporting state to server; should be less than
-# agent_down_time, best if it is half or less than agent_down_time
-# report_interval = 30
-# ===========  end of items for agent management extension =====
-[keystone_authtoken]
-auth_uri = http://127.0.0.1:5000/v2.0/
-identity_uri = http://127.0.0.1:35357/
-admin_tenant_name = %SERVICE_TENANT_NAME%
-admin_user = %SERVICE_USER%
-admin_password = %SERVICE_PASSWORD%
-signing_dir = $state_path/keystone-signing
-[database]
-# This line MUST be changed to actually run the plugin.
-# Example:
-# connection = mysql://root:[email protected]:3306/neutron
-# Replace 127.0.0.1 above with the IP address of the database used by the
-# main neutron server. (Leave it as is if the database runs on this host.)
-# connection = sqlite://
-# NOTE: In deployment the [database] section and its connection attribute may
-# be set in the corresponding core plugin '.ini' file. However, it is suggested
-# to put the [database] section and its connection attribute in this
-# configuration file.
-connection = mysql://%SERVICE_USER%:%SERVICE_PASSWORD%@localhost/neutron
-# Database engine for which script will be generated when using offline
-# migration
-# engine =
-# The SQLAlchemy connection string used to connect to the slave database
-# slave_connection =
-# This configures the MySQL storage engine. This allows for OpenStack to
-# support different storage engines such as InnoDB, NDB, etc. By Default,
-# this value will be set to InnoDB. For MySQL Cluster, set to NDBCLUSTER.
-# Example: mysql_storage_engine=(string value)
-mysql_storage_engine = InnoDB
-# Database reconnection retry times - in event connectivity is lost
-# set to -1 implies an infinite retry count
-# max_retries = 10
-# Database reconnection interval in seconds - if the initial connection to the
-# database fails
-# retry_interval = 10
-# Minimum number of SQL connections to keep open in a pool
-# min_pool_size = 1
-# Maximum number of SQL connections to keep open in a pool
-# max_pool_size = 10
-# Timeout in seconds before idle sql connections are reaped
-# idle_timeout = 3600
-# If set, use this value for max_overflow with sqlalchemy
-# max_overflow = 20
-# Verbosity of SQL debugging information. 0=None, 100=Everything
-# connection_debug = 0
-# Add python stack traces to SQL as comment strings
-# connection_trace = False
-# If set, use this value for pool_timeout with sqlalchemy
-# pool_timeout = 10
-[nova]
-# Name of the plugin to load
-# auth_plugin =
-# Config Section from which to load plugin specific options
-# auth_section =
-# PEM encoded Certificate Authority to use when verifying HTTPs connections.
-# cafile =
-# PEM encoded client certificate cert file
-# certfile =
-# Verify HTTPS connections.
-# insecure = False
-# PEM encoded client certificate key file
-# keyfile =
-# Name of nova region to use. Useful if keystone manages more than one region.
-# region_name =
-# Timeout value for http requests
-# timeout =
-[oslo_concurrency]
-# Directory to use for lock files. For security, the specified directory should
-# only be writable by the user running the processes that need locking.
-# Defaults to environment variable OSLO_LOCK_PATH. If external locks are used,
-# a lock path must be set.
-lock_path = $state_path/lock
-# Enables or disables inter-process locks.
-# disable_process_locking = False
-[oslo_policy]
-# The JSON file that defines policies.
-# policy_file = policy.json
-# Default rule. Enforced when a requested rule is not found.
-# policy_default_rule = default
-# Directories where policy configuration files are stored.
-# They can be relative to any directory in the search path defined by the
-# config_dir option, or absolute paths. The file defined by policy_file
-# must exist for these directories to be searched. Missing or empty
-# directories are ignored.
-# policy_dirs = policy.d
-[oslo_messaging_amqp]
 #
 # From oslo.messaging
 #
-# Address prefix used when sending to a specific server (string value)
-# Deprecated group/name - [amqp1]/server_request_prefix
-# server_request_prefix = exclusive
-# Address prefix used when broadcasting to all servers (string value)
-# Deprecated group/name - [amqp1]/broadcast_prefix
-# broadcast_prefix = broadcast
-# Address prefix when sending to any server in group (string value)
-# Deprecated group/name - [amqp1]/group_request_prefix
-# group_request_prefix = unicast
-# Name for the AMQP container (string value)
-# Deprecated group/name - [amqp1]/container_name
-# container_name =
-# Timeout for inactive connections (in seconds) (integer value)
-# Deprecated group/name - [amqp1]/idle_timeout
-# idle_timeout = 0
-# Debug: dump AMQP frames to stdout (boolean value)
-# Deprecated group/name - [amqp1]/trace
-# trace = false
-# CA certificate PEM file for verifing server certificate (string value)
-# Deprecated group/name - [amqp1]/ssl_ca_file
-# ssl_ca_file =
-# Identifying certificate PEM file to present to clients (string value)
-# Deprecated group/name - [amqp1]/ssl_cert_file
-# ssl_cert_file =
-# Private key PEM file used to sign cert_file certificate (string value)
-# Deprecated group/name - [amqp1]/ssl_key_file
-# ssl_key_file =
-# Password for decrypting ssl_key_file (if encrypted) (string value)
-# Deprecated group/name - [amqp1]/ssl_key_password
-# ssl_key_password =
-# Accept clients using either SSL or plain TCP (boolean value)
-# Deprecated group/name - [amqp1]/allow_insecure_clients
-# allow_insecure_clients = false
-[oslo_messaging_qpid]
-#
-# From oslo.messaging
-#
 # Use durable queues in AMQP. (boolean value)
+# Deprecated group/name - [DEFAULT]/amqp_durable_queues
 # Deprecated group/name - [DEFAULT]/rabbit_durable_queues
-# amqp_durable_queues = false
+#amqp_durable_queues = false
 # Auto-delete queues in AMQP. (boolean value)
 # Deprecated group/name - [DEFAULT]/amqp_auto_delete
-# amqp_auto_delete = false
+#amqp_auto_delete = false
-# Size of RPC connection pool. (integer value)
-# Deprecated group/name - [DEFAULT]/rpc_conn_pool_size
-# rpc_conn_pool_size = 30
-# Qpid broker hostname. (string value)
-# Deprecated group/name - [DEFAULT]/qpid_hostname
-# qpid_hostname = localhost
-# Qpid broker port. (integer value)
-# Deprecated group/name - [DEFAULT]/qpid_port
-# qpid_port = 5672
-# Qpid HA cluster host:port pairs. (list value)
-# Deprecated group/name - [DEFAULT]/qpid_hosts
-# qpid_hosts = $qpid_hostname:$qpid_port
-# Username for Qpid connection. (string value)
-# Deprecated group/name - [DEFAULT]/qpid_username
-# qpid_username =
-# Password for Qpid connection. (string value)
-# Deprecated group/name - [DEFAULT]/qpid_password
-# qpid_password =
-# Space separated list of SASL mechanisms to use for auth. (string value)
-# Deprecated group/name - [DEFAULT]/qpid_sasl_mechanisms
-# qpid_sasl_mechanisms =
-# Seconds between connection keepalive heartbeats. (integer value)
-# Deprecated group/name - [DEFAULT]/qpid_heartbeat
-# qpid_heartbeat = 60
-# Transport to use, either 'tcp' or 'ssl'. (string value)
-# Deprecated group/name - [DEFAULT]/qpid_protocol
-# qpid_protocol = tcp
-# Whether to disable the Nagle algorithm. (boolean value)
-# Deprecated group/name - [DEFAULT]/qpid_tcp_nodelay
-# qpid_tcp_nodelay = true
-# The number of prefetched messages held by receiver. (integer value)
-# Deprecated group/name - [DEFAULT]/qpid_receiver_capacity
-# qpid_receiver_capacity = 1
-# The qpid topology version to use.  Version 1 is what was originally used by
-# impl_qpid.  Version 2 includes some backwards-incompatible changes that allow
-# broker federation to work.  Users should update to version 2 when they are
-# able to take everything down, as it requires a clean break. (integer value)
-# Deprecated group/name - [DEFAULT]/qpid_topology_version
-# qpid_topology_version = 1
-[oslo_messaging_rabbit]
-#
-# From oslo.messaging
-#
-# Use durable queues in AMQP. (boolean value)
-# Deprecated group/name - [DEFAULT]/rabbit_durable_queues
-# amqp_durable_queues = false
-# Auto-delete queues in AMQP. (boolean value)
-# Deprecated group/name - [DEFAULT]/amqp_auto_delete
-# amqp_auto_delete = false
-# Size of RPC connection pool. (integer value)
-# Deprecated group/name - [DEFAULT]/rpc_conn_pool_size
-# rpc_conn_pool_size = 30
 # SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and
 # SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some
 # distributions. (string value)
 # Deprecated group/name - [DEFAULT]/kombu_ssl_version
-# kombu_ssl_version =
+#kombu_ssl_version =
 # SSL key file (valid only if SSL enabled). (string value)
 # Deprecated group/name - [DEFAULT]/kombu_ssl_keyfile
-# kombu_ssl_keyfile =
+#kombu_ssl_keyfile =
 # SSL cert file (valid only if SSL enabled). (string value)
 # Deprecated group/name - [DEFAULT]/kombu_ssl_certfile
-# kombu_ssl_certfile =
+#kombu_ssl_certfile =
 # SSL certification authority file (valid only if SSL enabled). (string value)
 # Deprecated group/name - [DEFAULT]/kombu_ssl_ca_certs
-# kombu_ssl_ca_certs =
+#kombu_ssl_ca_certs =
 # How long to wait before reconnecting in response to an AMQP consumer cancel
 # notification. (floating point value)
 # Deprecated group/name - [DEFAULT]/kombu_reconnect_delay
-# kombu_reconnect_delay = 1.0
+#kombu_reconnect_delay = 1.0
+# EXPERIMENTAL: Possible values are: gzip, bz2. If not set compression will not
+# be used. This option may notbe available in future versions. (string value)
+#kombu_compression = <None>
+# How long to wait a missing client beforce abandoning to send it its replies.
+# This value should not be longer than rpc_response_timeout. (integer value)
+# Deprecated group/name - [DEFAULT]/kombu_reconnect_timeout
+#kombu_missing_consumer_retry_timeout = 60
+# Determines how the next RabbitMQ node is chosen in case the one we are
+# currently connected to becomes unavailable. Takes effect only if more than
+# one RabbitMQ node is provided in config. (string value)
+# Allowed values: round-robin, shuffle
+#kombu_failover_strategy = round-robin
 # The RabbitMQ broker address where a single node is used. (string value)
 # Deprecated group/name - [DEFAULT]/rabbit_host
-# rabbit_host = localhost
+#rabbit_host = localhost
-# The RabbitMQ broker port where a single node is used. (integer value)
+# The RabbitMQ broker port where a single node is used. (port value)
+# Minimum value: 0
+# Maximum value: 65535
 # Deprecated group/name - [DEFAULT]/rabbit_port
-# rabbit_port = 5672
+#rabbit_port = 5672
 # RabbitMQ HA cluster host:port pairs. (list value)
 # Deprecated group/name - [DEFAULT]/rabbit_hosts
-# rabbit_hosts = $rabbit_host:$rabbit_port
+#rabbit_hosts = $rabbit_host:$rabbit_port
 # Connect over SSL for RabbitMQ. (boolean value)
 # Deprecated group/name - [DEFAULT]/rabbit_use_ssl
-# rabbit_use_ssl = false
+#rabbit_use_ssl = false
 # The RabbitMQ userid. (string value)
 # Deprecated group/name - [DEFAULT]/rabbit_userid
-# rabbit_userid = guest
+#rabbit_userid = guest
 # The RabbitMQ password. (string value)
 # Deprecated group/name - [DEFAULT]/rabbit_password
-# rabbit_password = guest
+#rabbit_password = guest
 # The RabbitMQ login method. (string value)
 # Deprecated group/name - [DEFAULT]/rabbit_login_method
-# rabbit_login_method = AMQPLAIN
+#rabbit_login_method = AMQPLAIN
 # The RabbitMQ virtual host. (string value)
 # Deprecated group/name - [DEFAULT]/rabbit_virtual_host
-# rabbit_virtual_host = /
+#rabbit_virtual_host = /
 # How frequently to retry connecting with RabbitMQ. (integer value)
-# rabbit_retry_interval = 1
+#rabbit_retry_interval = 1
 # How long to backoff for between retries when connecting to RabbitMQ. (integer
 # value)
 # Deprecated group/name - [DEFAULT]/rabbit_retry_backoff
-# rabbit_retry_backoff = 2
+#rabbit_retry_backoff = 2
+# Maximum interval of RabbitMQ connection retries. Default is 30 seconds.
+# (integer value)
+#rabbit_interval_max = 30
 # Maximum number of RabbitMQ connection retries. Default is 0 (infinite retry
 # count). (integer value)
 # Deprecated group/name - [DEFAULT]/rabbit_max_retries
-# rabbit_max_retries = 0
+#rabbit_max_retries = 0
-# Use HA queues in RabbitMQ (x-ha-policy: all). If you change this option, you
+# Try to use HA queues in RabbitMQ (x-ha-policy: all). If you change this
-# must wipe the RabbitMQ database. (boolean value)
+# option, you must wipe the RabbitMQ database. In RabbitMQ 3.0, queue mirroring
+# is no longer controlled by the x-ha-policy argument when declaring a queue.
+# If you just want to make sure that all queues (except  those with auto-
+# generated names) are mirrored across all nodes, run: "rabbitmqctl set_policy
+# HA '^(?!amq\.).*' '{"ha-mode": "all"}' " (boolean value)
 # Deprecated group/name - [DEFAULT]/rabbit_ha_queues
-# rabbit_ha_queues = false
+#rabbit_ha_queues = false
+# Positive integer representing duration in seconds for queue TTL (x-expires).
+# Queues which are unused for the duration of the TTL are automatically
+# deleted. The parameter affects only reply and fanout queues. (integer value)
+# Minimum value: 1
+#rabbit_transient_queues_ttl = 1800
+# Specifies the number of messages to prefetch. Setting to zero allows
+# unlimited messages. (integer value)
+#rabbit_qos_prefetch_count = 0
+# Number of seconds after which the Rabbit broker is considered down if
+# heartbeat's keep-alive fails (0 disable the heartbeat). EXPERIMENTAL (integer
+# value)
+#heartbeat_timeout_threshold = 60
+# How often times during the heartbeat_timeout_threshold we check the
+# heartbeat. (integer value)
+#heartbeat_rate = 2
 # Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake (boolean value)
 # Deprecated group/name - [DEFAULT]/fake_rabbit
-# fake_rabbit = false
+#fake_rabbit = false
+# Maximum number of channels to allow (integer value)
+#channel_max = <None>
+# The maximum byte size for an AMQP frame (integer value)
+#frame_max = <None>
+# How often to send heartbeats for consumer's connections (integer value)
+#heartbeat_interval = 1
+# Enable SSL (boolean value)
+#ssl = <None>
+# Arguments passed to ssl.wrap_socket (dict value)
+#ssl_options = <None>
+# Set socket timeout in seconds for connection's socket (floating point value)
+#socket_timeout = 0.25
+# Set TCP_USER_TIMEOUT in seconds for connection's socket (floating point
+# value)
+#tcp_user_timeout = 0.25
+# Set delay for reconnection to some host which has connection error (floating
+# point value)
+#host_connection_reconnect_delay = 0.25
+# Maximum number of connections to keep queued. (integer value)
+#pool_max_size = 10
+# Maximum number of connections to create above `pool_max_size`. (integer
+# value)
+#pool_max_overflow = 0
+# Default number of seconds to wait for a connections to available (integer
+# value)
+#pool_timeout = 30
+# Lifetime of a connection (since creation) in seconds or None for no
+# recycling. Expired connections are closed on acquire. (integer value)
+#pool_recycle = 600
+# Threshold at which inactive (since release) connections are considered stale
+# in seconds or None for no staleness. Stale connections are closed on acquire.
+# (integer value)
+#pool_stale = 60
+# Persist notification messages. (boolean value)
+#notification_persistence = false
+# Exchange name for for sending notifications (string value)
+#default_notification_exchange = ${control_exchange}_notification
+# Max number of not acknowledged message which RabbitMQ can send to
+# notification listener. (integer value)
+#notification_listener_prefetch_count = 100
+# Reconnecting retry count in case of connectivity problem during sending
+# notification, -1 means infinite retry. (integer value)
+#default_notification_retry_attempts = -1
+# Reconnecting retry delay in case of connectivity problem during sending
+# notification message (floating point value)
+#notification_retry_delay = 0.25
+# Time to live for rpc queues without consumers in seconds. (integer value)
+#rpc_queue_expiration = 60
+# Exchange name for sending RPC messages (string value)
+#default_rpc_exchange = ${control_exchange}_rpc
+# Exchange name for receiving RPC replies (string value)
+#rpc_reply_exchange = ${control_exchange}_rpc_reply
+# Max number of not acknowledged message which RabbitMQ can send to rpc
+# listener. (integer value)
+#rpc_listener_prefetch_count = 100
+# Max number of not acknowledged message which RabbitMQ can send to rpc reply
+# listener. (integer value)
+#rpc_reply_listener_prefetch_count = 100
+# Reconnecting retry count in case of connectivity problem during sending
+# reply. -1 means infinite retry during rpc_timeout (integer value)
+#rpc_reply_retry_attempts = -1
+# Reconnecting retry delay in case of connectivity problem during sending
+# reply. (floating point value)
+#rpc_reply_retry_delay = 0.25
+# Reconnecting retry count in case of connectivity problem during sending RPC
+# message, -1 means infinite retry. If actual retry attempts in not 0 the rpc
+# request could be processed more then one time (integer value)
+#default_rpc_retry_attempts = -1
+# Reconnecting retry delay in case of connectivity problem during sending RPC
+# message (floating point value)
+#rpc_retry_delay = 0.25
+[oslo_policy]
+#
+# From oslo.policy
+#
+# The JSON file that defines policies. (string value)
+# Deprecated group/name - [DEFAULT]/policy_file
+#policy_file = policy.json
+# Default rule. Enforced when a requested rule is not found. (string value)
+# Deprecated group/name - [DEFAULT]/policy_default_rule
+#policy_default_rule = default
+# Directories where policy configuration files are stored. They can be relative
+# to any directory in the search path defined by the config_dir option, or
+# absolute paths. The file defined by policy_file must exist for these
+# directories to be searched.  Missing or empty directories are ignored. (multi
+# valued)
+# Deprecated group/name - [DEFAULT]/policy_dirs
+#policy_dirs = policy.d
+[quotas]
+#
+# From neutron
+#
+# Resource name(s) that are supported in quota features. This option is now
+# deprecated for removal. (list value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+#quota_items = network,subnet,port
+# Default number of resource allowed per tenant. A negative value means
+# unlimited. (integer value)
+#default_quota = -1
+# Number of networks allowed per tenant. A negative value means unlimited.
+# (integer value)
+#quota_network = 10
+# Number of subnets allowed per tenant, A negative value means unlimited.
+# (integer value)
+#quota_subnet = 10
+# Number of ports allowed per tenant. A negative value means unlimited.
+# (integer value)
+#quota_port = 50
+# Default driver to use for quota checks (string value)
+#quota_driver = neutron.db.quota.driver.DbQuotaDriver
+# Keep in track in the database of current resourcequota usage. Plugins which
+# do not leverage the neutron database should set this flag to False (boolean
+# value)
+#track_quota_usage = true
+#
+# From neutron.extensions
+#
+# Number of routers allowed per tenant. A negative value means unlimited.
+# (integer value)
+#quota_router = 10
+# Number of floating IPs allowed per tenant. A negative value means unlimited.
+# (integer value)
+#quota_floatingip = 50
+# Number of security groups allowed per tenant. A negative value means
+# unlimited. (integer value)
+#quota_security_group = 10
+# Number of security rules allowed per tenant. A negative value means
+# unlimited. (integer value)
+#quota_security_group_rule = 100
+[ssl]
+#
+# From oslo.service.sslutils
+#
+# CA certificate file to use to verify connecting clients. (string value)
+# Deprecated group/name - [DEFAULT]/ssl_ca_file
+#ca_file = <None>
+# Certificate file to use when starting the server securely. (string value)
+# Deprecated group/name - [DEFAULT]/ssl_cert_file
+#cert_file = <None>
+# Private key file to use when starting the server securely. (string value)
+# Deprecated group/name - [DEFAULT]/ssl_key_file
+#key_file = <None>
+# SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and
+# SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some
+# distributions. (string value)
+#version = <None>
+# Sets the list of available ciphers. value should be a string in the OpenSSL
+# cipher list format. (string value)
+#ciphers = <None>

changeset 6848	8e252a37ed0d
parent 6635	32a659a16875
child 6866	4c1935f5ec9a