Untitled

[DEFAULT]

#
# From neutron.ml2.ovs.agent
#

# Maximum seconds to wait for a response from an RPC call. (integer value)
#rpc_response_max_timeout = 600

#
# From oslo.log
#

# If set to true, the logging level will be set to DEBUG instead of the default
# INFO level. (boolean value)
# Note: This option can be changed without restarting.
#debug = false

# The name of a logging configuration file. This file is appended to any
# existing logging configuration files. For details about logging configuration
# files, see the Python logging module documentation. Note that when logging
# configuration files are used then all logging configuration is set in the
# configuration file and other logging configuration options are ignored (for
# example, log-date-format). (string value)
# Note: This option can be changed without restarting.
# Deprecated group/name - [DEFAULT]/log_config
#log_config_append = <None>

# Defines the format string for %%(asctime)s in log records. Default:
# %(default)s . This option is ignored if log_config_append is set. (string
# value)
#log_date_format = %Y-%m-%d %H:%M:%S

# (Optional) Name of log file to send logging output to. If no default is set,
# logging will go to stderr as defined by use_stderr. This option is ignored if
# log_config_append is set. (string value)
# Deprecated group/name - [DEFAULT]/logfile
#log_file = <None>

# (Optional) The base directory used for relative log_file  paths. This option
# is ignored if log_config_append is set. (string value)
# Deprecated group/name - [DEFAULT]/logdir
#log_dir = <None>

# Uses logging handler designed to watch file system. When log file is moved or
# removed this handler will open a new log file with specified path
# instantaneously. It makes sense only if log_file option is specified and
# Linux platform is used. This option is ignored if log_config_append is set.
# (boolean value)
#watch_log_file = false

# Use syslog for logging. Existing syslog format is DEPRECATED and will be
# changed later to honor RFC5424. This option is ignored if log_config_append
# is set. (boolean value)
#use_syslog = false

# Enable journald for logging. If running in a systemd environment you may wish
# to enable journal support. Doing so will use the journal native protocol
# which includes structured metadata in addition to log messages.This option is
# ignored if log_config_append is set. (boolean value)
#use_journal = false

# Syslog facility to receive log lines. This option is ignored if
# log_config_append is set. (string value)
#syslog_log_facility = LOG_USER

# Use JSON formatting for logging. This option is ignored if log_config_append
# is set. (boolean value)
#use_json = false

# Log output to standard error. This option is ignored if log_config_append is
# set. (boolean value)
#use_stderr = false

# DEPRECATED: Log output to Windows Event Log. (boolean value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Windows support is no longer maintained.
#use_eventlog = false

# The amount of time before the log files are rotated. This option is ignored
# unless log_rotation_type is set to "interval". (integer value)
#log_rotate_interval = 1

# Rotation interval type. The time of the last file change (or the time when
# the service was started) is used when scheduling the next rotation. (string
# value)
# Possible values:
# Seconds - <No description provided>
# Minutes - <No description provided>
# Hours - <No description provided>
# Days - <No description provided>
# Weekday - <No description provided>
# Midnight - <No description provided>
#log_rotate_interval_type = days

# Maximum number of rotated log files. (integer value)
#max_logfile_count = 30

# Log file maximum size in MB. This option is ignored if "log_rotation_type" is
# not set to "size". (integer value)
#max_logfile_size_mb = 200

# Log rotation type. (string value)
# Possible values:
# interval - Rotate logs at predefined time intervals.
# size - Rotate logs once they reach a predefined size.
# none - Do not rotate log files.
#log_rotation_type = none

# Format string to use for log messages with context. Used by
# oslo_log.formatters.ContextFormatter (string value)
#logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(global_request_id)s %(request_id)s %(user_identity)s] %(instance)s%(message)s

# Format string to use for log messages when context is undefined. Used by
# oslo_log.formatters.ContextFormatter (string value)
#logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s

# Additional data to append to log message when logging level for the message
# is DEBUG. Used by oslo_log.formatters.ContextFormatter (string value)
#logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d

# Prefix each line of exception output with this format. Used by
# oslo_log.formatters.ContextFormatter (string value)
#logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s

# Defines the format string for %(user_identity)s that is used in
# logging_context_format_string. Used by oslo_log.formatters.ContextFormatter
# (string value)
#logging_user_identity_format = %(user)s %(project)s %(domain)s %(system_scope)s %(user_domain)s %(project_domain)s

# List of package logging levels in logger=LEVEL pairs. This option is ignored
# if log_config_append is set. (list value)
#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,oslo_messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN,keystoneauth=WARN,oslo.cache=INFO,oslo_policy=INFO,dogpile.core.dogpile=INFO

# Enables or disables publication of error events. (boolean value)
#publish_errors = false

# The format for an instance that is passed with the log message. (string
# value)
#instance_format = "[instance: %(uuid)s] "

# The format for an instance UUID that is passed with the log message. (string
# value)
#instance_uuid_format = "[instance: %(uuid)s] "

# Interval, number of seconds, of log rate limiting. (integer value)
#rate_limit_interval = 0

# Maximum number of logged messages per rate_limit_interval. (integer value)
#rate_limit_burst = 0

# Log level name used by rate limiting: CRITICAL, ERROR, INFO, WARNING, DEBUG
# or empty string. Logs with level greater or equal to rate_limit_except_level
# are not filtered. An empty string means that all levels are filtered. (string
# value)
#rate_limit_except_level = CRITICAL

# Enables or disables fatal status of deprecations. (boolean value)
#fatal_deprecations = false


[agent]

#
# From neutron.ml2.ovs.agent
#

# Minimize polling by monitoring OVSDB for interface changes. (boolean value)
#minimize_polling = true

# The number of seconds to wait before respawning the OVSDB monitor after
# losing communication with it. (integer value)
#ovsdb_monitor_respawn_interval = 30

# Network types supported by the agent (gre, vxlan and/or geneve). (list value)
#tunnel_types =

# The UDP port to use for VXLAN tunnels. (port value)
# Minimum value: 0
# Maximum value: 65535
#vxlan_udp_port = 4789

# Use ML2 l2population mechanism driver to learn remote MAC and IPs and improve
# tunnel scalability. (boolean value)
#l2_population = false

# Enable local ARP responder if it is supported. Requires OVS 2.1 and ML2
# l2population driver. Allows the switch (when supporting an overlay) to
# respond to an ARP request locally without performing a costly ARP broadcast
# into the overlay. NOTE: If enable_distributed_routing is set to True then
# arp_responder will automatically be set to True in the agent, regardless of
# the setting in the config file. (boolean value)
#arp_responder = false

# Set or un-set the do not fragment (DF) bit on outgoing IP packet carrying
# GRE/VXLAN tunnel. (boolean value)
#dont_fragment = true

# Make the l2 agent run in DVR mode. (boolean value)
#enable_distributed_routing = false

# Reset flow table on start. Setting this to True will cause brief traffic
# interruption. (boolean value)
#drop_flows_on_start = false

# Set or un-set the tunnel header checksum on outgoing IP packet carrying
# GRE/VXLAN tunnel. (boolean value)
#tunnel_csum = false

# Enable the agent to process Smart NIC ports. (boolean value)
#baremetal_smartnic = false

# When set to True, the accepted egress unicast traffic will not use action
# NORMAL. The accepted egress packets will be taken care of in the final egress
# tables direct output flows for unicast traffic. (boolean value)
#explicitly_egress_direct = false

# Extensions list to use (list value)
#extensions =
[vxlan]
local_ip = 10.0.0.11
l2_population = true

[dhcp]

#
# From neutron.ml2.ovs.agent
#

# When set to True, the OVS agent DHCP extension will add related flows for
# DHCPv6 packets. (boolean value)
#enable_ipv6 = true

# DHCP renewal time T1 (in seconds). If set to 0, it will default to half of
# the lease time. (integer value)
#dhcp_renewal_time = 0

# DHCP rebinding time T2 (in seconds). If set to 0, it will default to 7/8 of
# the lease time. (integer value)
#dhcp_rebinding_time = 0


[metadata]

#
# From neutron.ml2.ovs.agent
#

# Certificate Authority public key (CA cert) file for ssl (string value)
#auth_ca_cert = <None>

# IP address or DNS name of Nova metadata server. (host address value)
#nova_metadata_host = 127.0.0.1

# TCP Port used by Nova metadata server. (port value)
# Minimum value: 0
# Maximum value: 65535
#nova_metadata_port = 8775

# When proxying metadata requests, Neutron signs the Instance-ID header with a
# shared secret to prevent spoofing. You may select any string for a secret,
# but it must match here and in the configuration used by the Nova metadata
# server. NOTE: Nova uses the same config key, but in [neutron] section.
# (string value)
#metadata_proxy_shared_secret =

# Protocol to access Nova metadata, http or https (string value)
# Possible values:
# http - <No description provided>
# https - <No description provided>
#nova_metadata_protocol = http

# Allow to perform insecure SSL (https) requests to Nova metadata (boolean
# value)
#nova_metadata_insecure = false

# Client certificate for Nova metadata api server. (string value)
#nova_client_cert =

# Private key of client certificate. (string value)
#nova_client_priv_key =


[network_log]

#
# From neutron.ml2.ovs.agent
#

# Maximum packets logging per second. (integer value)
# Minimum value: 100
#rate_limit = 100

# Maximum number of packets per rate_limit. (integer value)
# Minimum value: 25
#burst_limit = 25

# Output logfile path on agent side, default syslog file. (string value)
#local_output_log_base = <None>


[ovs]
bridge_mappings = provider:enp0s25

#
# From neutron.ml2.ovs.agent
#

# Integration bridge to use. Do not change this parameter unless you have a
# good reason to. This is the name of the OVS integration bridge. There is one
# per hypervisor. The integration bridge acts as a virtual 'patch bay'. All VM
# VIFs are attached to this bridge and then 'patched' according to their
# network connectivity. (string value)
#integration_bridge = br-int

# Tunnel bridge to use. (string value)
#tunnel_bridge = br-tun

# Peer patch port in integration bridge for tunnel bridge. (string value)
#int_peer_patch_port = patch-tun

# Peer patch port in tunnel bridge for integration bridge. (string value)
#tun_peer_patch_port = patch-int

# IP address of local overlay (tunnel) network endpoint. Use either an IPv4 or
# IPv6 address that resides on one of the host network interfaces. The IP
# version of this value must match the value of the 'overlay_ip_version' option
# in the ML2 plug-in configuration file on the neutron server node(s). (IP
# address value)
#local_ip = <None>

# Comma-separated list of <physical_network>:<bridge> tuples mapping physical
# network names to the agent's node-specific Open vSwitch bridge names to be
# used for flat and VLAN networks. The length of bridge names should be no more
# than 11. Each bridge must exist, and should have a physical network interface
# configured as a port. All physical networks configured on the server should
# have mappings to appropriate bridges on each agent. Note: If you remove a
# bridge from this mapping, make sure to disconnect it from the integration
# bridge as it won't be managed by the agent anymore. (list value)
#bridge_mappings =

# Comma-separated list of <bridge>:<egress_bw>:<ingress_bw> tuples, showing the
# available bandwidth for the given bridge in the given direction. The
# direction is meant from VM perspective. Bandwidth is measured in kilobits per
# second (kbps). The bridge must appear in bridge_mappings as the value. But
# not all bridges in bridge_mappings must be listed here. For a bridge not
# listed here we neither create a resource provider in placement nor report
# inventories against. An omitted direction means we do not report an inventory
# for the corresponding class. (list value)
#resource_provider_bandwidths =

# Mapping of bridges to hypervisors: <bridge>:<hypervisor>,... hypervisor name
# is used to locate the parent of the resource provider tree. Only needs to be
# set in the rare case when the hypervisor name is different from the
# resource_provider_default_hypervisor config option value as known by the
# nova-compute managing that hypervisor. (dict value)
#resource_provider_hypervisors =

# Comma-separated list of <hypervisor>:<packet_rate> tuples, defining the
# minimum packet rate the OVS backend can guarantee in kilo (1000) packet per
# second. The hypervisor name is used to locate the parent of the resource
# provider tree. Only needs to be set in the rare case when the hypervisor name
# is different from the DEFAULT.host config option value as known by the nova-
# compute managing that hypervisor or if multiple hypervisors are served by the
# same OVS backend. The default is :0 which means no packet processing capacity
# is guaranteed on the hypervisor named according to DEFAULT.host. (list value)
#resource_provider_packet_processing_without_direction =

# Similar to the resource_provider_packet_processing_without_direction but used
# in case the OVS backend has hardware offload capabilities. In this case the
# format is <hypervisor>:<egress_pkt_rate>:<ingress_pkt_rate> which allows
# defining packet processing capacity per traffic direction. The direction is
# meant from the VM perspective. Note that the
# resource_provider_packet_processing_without_direction and the
# resource_provider_packet_processing_with_direction are mutually exclusive
# options. (list value)
#resource_provider_packet_processing_with_direction =

# The default hypervisor name used to locate the parent of the resource
# provider. If this option is not set, canonical name is used (string value)
#resource_provider_default_hypervisor = <None>

# Key:value pairs to specify defaults used while reporting resource provider
# inventories. Possible keys with their types: allocation_ratio:float,
# max_unit:int, min_unit:int, reserved:int, step_size:int, See also:
# https://docs.openstack.org/api-ref/placement/#update-resource-provider-
# inventories (dict value)
#resource_provider_inventory_defaults = allocation_ratio:1.0,min_unit:1,reserved:0,step_size:1

# Key:value pairs to specify defaults used while reporting packet rate
# inventories. Possible keys with their types: allocation_ratio:float,
# max_unit:int, min_unit:int, reserved:int, step_size:int, See also:
# https://docs.openstack.org/api-ref/placement/#update-resource-provider-
# inventories (dict value)
#resource_provider_packet_processing_inventory_defaults = allocation_ratio:1.0,min_unit:1,reserved:0,step_size:1

# OVS datapath to use. 'system' is the default value and corresponds to the
# kernel datapath. To enable the userspace datapath set this value to 'netdev'.
# (string value)
# Possible values:
# system - <No description provided>
# netdev - <No description provided>
#datapath_type = system

# OVS vhost-user socket directory. (string value)
#vhostuser_socket_dir = /var/run/openvswitch

# Address to listen on for OpenFlow connections. (IP address value)
#of_listen_address = 127.0.0.1

# Port to listen on for OpenFlow connections. (port value)
# Minimum value: 0
# Maximum value: 65535
#of_listen_port = 6633

# Timeout in seconds to wait for the local switch connecting the controller.
# (integer value)
#of_connect_timeout = 300

# Timeout in seconds to wait for a single OpenFlow request. (integer value)
#of_request_timeout = 300

# The inactivity_probe interval in seconds for the local switch connection to
# the controller. A value of 0 disables inactivity probes. (integer value)
#of_inactivity_probe = 10

# If enabled, all OpenFlow rules associated to a port are processed at once, in
# one single transaction. That avoids possible inconsistencies during OVS agent
# restart and port updates. If disabled, the flows will be processed in batches
# of ``_constants.AGENT_RES_PROCESSING_STEP`` number of OpenFlow rules.
# (boolean value)
#openflow_processed_per_port = false

# The connection string for the OVSDB backend. Will be used for all OVSDB
# commands and by ovsdb-client when monitoring (string value)
#ovsdb_connection = tcp:127.0.0.1:6640

# The SSL private key file to use when interacting with OVSDB. Required when
# using an "ssl:" prefixed ovsdb_connection (string value)
#ssl_key_file = <None>

# The SSL certificate file to use when interacting with OVSDB. Required when
# using an "ssl:" prefixed ovsdb_connection (string value)
#ssl_cert_file = <None>

# The Certificate Authority (CA) certificate to use when interacting with
# OVSDB. Required when using an "ssl:" prefixed ovsdb_connection (string value)
#ssl_ca_cert_file = <None>

# Enable OVSDB debug logs (boolean value)
#ovsdb_debug = false


[securitygroup]
enable_security_group = true
firewall_driver = openvswitch
#firewall_driver = iptables_hybrid

#
# From neutron.ml2.ovs.agent
#

# Driver for security groups firewall in the L2 agent (string value)
#firewall_driver = <None>

# Controls whether the neutron security group API is enabled in the server. It
# should be false when using no security groups or using the Nova security
# group API. (boolean value)
#enable_security_group = true

# Use IPsets to speed-up the iptables based security groups. Enabling IPset
# support requires that ipset is installed on the L2 agent node. (boolean
# value)
#enable_ipset = true

# Comma-separated list of ethertypes to be permitted, in hexadecimal (starting
# with "0x"). For example, "0x4008" to permit InfiniBand. (list value)
#permitted_ethertypes =