summaryrefslogtreecommitdiff
path: root/etc/neutron.conf
diff options
context:
space:
mode:
authorMartin Hickey <martin.hickey@ie.ibm.com>2015-11-30 13:06:53 +0000
committerMartin Hickey <martin.hickey@ie.ibm.com>2015-11-30 13:06:53 +0000
commit112c8dd11d6f746b2b478f83061b63842838b495 (patch)
tree4cb67fa24c586d05ad36ce9d3a6ea443ee2491e8 /etc/neutron.conf
parent21ca26e50acc29125281116e23579982f720c05d (diff)
Remove Neutron core static example configuration files
Oslo config generator was introduced in patch [1] to automatically generate the sample Neutron core configuration files. This patch removes the static example configuration files from the repository as they are now redundant. [1] https://review.openstack.org/#/c/204206/ DocImpact Change-Id: Ic7ae2e038b5bd7b215c65c9c565bfe31ef551520 Partially-Implements: blueprint autogen-neutron-conf-file Closes-bug: #1199963 Depends-On: Ic37a16b6cf8eb92030649f1fc8b198738a8cc104
Notes
Notes (review): Verified+2: Jenkins Code-Review-1: Tom Fifield <tom@openstack.org> Code-Review-1: Hirofumi Ichihara <ichihara.hirofumi@lab.ntt.co.jp> Code-Review+2: Cedric Brandily <zzelle@gmail.com> Workflow+1: Cedric Brandily <zzelle@gmail.com> Code-Review+2: Ihar Hrachyshka <ihrachys@redhat.com> Code-Review+1: Brandon Palm <bapalm@us.ibm.com> Submitted-by: Jenkins Submitted-at: Thu, 03 Dec 2015 21:13:30 +0000 Reviewed-on: https://review.openstack.org/251348 Project: openstack/neutron Branch: refs/heads/master
Diffstat (limited to 'etc/neutron.conf')
-rw-r--r--etc/neutron.conf1076
1 files changed, 0 insertions, 1076 deletions
diff --git a/etc/neutron.conf b/etc/neutron.conf
deleted file mode 100644
index f03723b..0000000
--- a/etc/neutron.conf
+++ /dev/null
@@ -1,1076 +0,0 @@
1[DEFAULT]
2# Print more verbose output (set logging level to INFO instead of default WARNING level).
3# verbose = False
4
5# =========Start Global Config Option for Distributed L3 Router===============
6# Setting the "router_distributed" flag to "True" will default to the creation
7# of distributed tenant routers. The admin can override this flag by specifying
8# the type of the router on the create request (admin-only attribute). Default
9# value is "False" to support legacy mode (centralized) routers.
10#
11# router_distributed = False
12#
13# ===========End Global Config Option for Distributed L3 Router===============
14
15# Print debugging output (set logging level to DEBUG instead of default WARNING level).
16# debug = False
17
18# Where to store Neutron state files. This directory must be writable by the
19# user executing the agent.
20# state_path = /var/lib/neutron
21
22# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s
23# log_date_format = %Y-%m-%d %H:%M:%S
24
25# use_syslog -> syslog
26# log_file and log_dir -> log_dir/log_file
27# (not log_file) and log_dir -> log_dir/{binary_name}.log
28# use_stderr -> stderr
29# (not user_stderr) and (not log_file) -> stdout
30# publish_errors -> notification system
31
32# use_syslog = False
33# syslog_log_facility = LOG_USER
34
35# use_stderr = True
36# log_file =
37# log_dir =
38
39# publish_errors = False
40
41# Address to bind the API server to
42# bind_host = 0.0.0.0
43
44# Port the bind the API server to
45# bind_port = 9696
46
47# Path to the extensions. Note that this can be a colon-separated list of
48# paths. For example:
49# api_extensions_path = extensions:/path/to/more/extensions:/even/more/extensions
50# The __path__ of neutron.extensions is appended to this, so if your
51# extensions are in there you don't need to specify them here
52# api_extensions_path =
53
54# (StrOpt) Neutron core plugin entrypoint to be loaded from the
55# neutron.core_plugins namespace. See setup.cfg for the entrypoint names of the
56# plugins included in the neutron source distribution. For compatibility with
57# previous versions, the class name of a plugin can be specified instead of its
58# entrypoint name.
59#
60# core_plugin =
61# Example: core_plugin = ml2
62
63# (StrOpt) Neutron IPAM (IP address management) driver to be loaded from the
64# neutron.ipam_drivers namespace. See setup.cfg for the entry point names.
65# If ipam_driver is not set (default behavior), no ipam driver is used.
66# Example: ipam_driver =
67# In order to use the reference implementation of neutron ipam driver, use
68# 'internal'.
69# Example: ipam_driver = internal
70
71# (ListOpt) List of service plugin entrypoints to be loaded from the
72# neutron.service_plugins namespace. See setup.cfg for the entrypoint names of
73# the plugins included in the neutron source distribution. For compatibility
74# with previous versions, the class name of a plugin can be specified instead
75# of its entrypoint name.
76#
77# service_plugins =
78# Example: service_plugins = router,firewall,lbaas,vpnaas,metering,qos
79
80# Paste configuration file
81# api_paste_config = api-paste.ini
82
83# (StrOpt) Hostname to be used by the neutron server, agents and services
84# running on this machine. All the agents and services running on this machine
85# must use the same host value.
86# The default value is hostname of the machine.
87#
88# host =
89
90# The strategy to be used for auth.
91# Supported values are 'keystone'(default), 'noauth'.
92# auth_strategy = keystone
93
94# Base MAC address. The first 3 octets will remain unchanged. If the
95# 4h octet is not 00, it will also be used. The others will be
96# randomly generated.
97# 3 octet
98# base_mac = fa:16:3e:00:00:00
99# 4 octet
100# base_mac = fa:16:3e:4f:00:00
101
102# DVR Base MAC address. The first 3 octets will remain unchanged. If the
103# 4th octet is not 00, it will also be used. The others will be randomly
104# generated. The 'dvr_base_mac' *must* be different from 'base_mac' to
105# avoid mixing them up with MAC's allocated for tenant ports.
106# A 4 octet example would be dvr_base_mac = fa:16:3f:4f:00:00
107# The default is 3 octet
108# dvr_base_mac = fa:16:3f:00:00:00
109
110# Maximum amount of retries to generate a unique MAC address
111# mac_generation_retries = 16
112
113# DHCP Lease duration (in seconds). Use -1 to
114# tell dnsmasq to use infinite lease times.
115# dhcp_lease_duration = 86400
116
117# Domain to use for building the hostnames
118# dns_domain = openstacklocal
119
120# Allow sending resource operation notification to DHCP agent
121# dhcp_agent_notification = True
122
123# Enable or disable bulk create/update/delete operations
124# allow_bulk = True
125# Enable or disable pagination
126# allow_pagination = False
127# Enable or disable sorting
128# allow_sorting = False
129# Enable or disable overlapping IPs for subnets
130# Attention: the following parameter MUST be set to False if Neutron is
131# being used in conjunction with nova security groups
132# allow_overlapping_ips = False
133# Ensure that configured gateway is on subnet. For IPv6, validate only if
134# gateway is not a link local address. Deprecated, to be removed during the
135# K release, at which point the check will be mandatory.
136# force_gateway_on_subnet = True
137
138# Default maximum number of items returned in a single response,
139# value == infinite and value < 0 means no max limit, and value must
140# be greater than 0. If the number of items requested is greater than
141# pagination_max_limit, server will just return pagination_max_limit
142# of number of items.
143# pagination_max_limit = -1
144
145# Maximum number of DNS nameservers per subnet
146# max_dns_nameservers = 5
147
148# Maximum number of host routes per subnet
149# max_subnet_host_routes = 20
150
151# Maximum number of fixed ips per port
152# Deprecated: will be removed in N
153# max_fixed_ips_per_port = 5
154
155# Maximum number of routes per router
156# max_routes = 30
157
158# Default Subnet Pool to be used for IPv4 subnet-allocation.
159# Specifies by UUID the pool to be used in case of subnet-create being called
160# without a subnet-pool ID. The default of None means that no pool will be
161# used unless passed explicitly to subnet create. If no pool is used, then a
162# CIDR must be passed to create a subnet and that subnet will not be allocated
163# from any pool; it will be considered part of the tenant's private address
164# space.
165# This option is deprecated for removal in the N release. Please refrain from
166# using it.
167# default_ipv4_subnet_pool =
168
169# Default Subnet Pool to be used for IPv6 subnet-allocation.
170# Specifies by UUID the pool to be used in case of subnet-create being
171# called without a subnet-pool ID. See the description for
172# default_ipv4_subnet_pool for more information.
173# This option is deprecated for removal in the N release. Please refrain from
174# using it.
175# default_ipv6_subnet_pool =
176
177# Set to True to enable IPv6 Prefix Delegation for subnet-allocation in a
178# PD-capable environment. Users making subnet-create requests for v6 subnets
179# without providing a cidr or subnetpool ID will be given a cidr via the Prefix
180# Delegation mechanism. Note that enabling PD will override the behavior of
181# the default IPv6 subnetpool.
182# ipv6_pd_enabled =
183
184# =========== items for MTU selection and advertisement =============
185# Advertise MTU. If True, effort is made to advertise MTU
186# settings to VMs via network methods (ie. DHCP and RA MTU options)
187# when the network's preferred MTU is known.
188# advertise_mtu = False
189# ======== end of items for MTU selection and advertisement =========
190
191# =========== items for agent management extension =============
192# Seconds to regard the agent as down; should be at least twice
193# report_interval, to be sure the agent is down for good
194# agent_down_time = 75
195
196# Agent starts with admin_state_up=False when enable_new_agents=False.
197# In the case, user's resources will not be scheduled automatically to the
198# agent until admin changes admin_state_up to True.
199# enable_new_agents = True
200# =========== end of items for agent management extension =====
201
202# =========== items for agent scheduler extension =============
203# Driver to use for scheduling network to DHCP agent
204# network_scheduler_driver = neutron.scheduler.dhcp_agent_scheduler.WeightScheduler
205# Driver to use for scheduling router to a default L3 agent
206# router_scheduler_driver = neutron.scheduler.l3_agent_scheduler.LeastRoutersScheduler
207# Driver to use for scheduling a loadbalancer pool to an lbaas agent
208# loadbalancer_pool_scheduler_driver = neutron.services.loadbalancer.agent_scheduler.ChanceScheduler
209
210# (StrOpt) Representing the resource type whose load is being reported by
211# the agent.
212# This can be 'networks','subnets' or 'ports'. When specified (Default is networks),
213# the server will extract particular load sent as part of its agent configuration object
214# from the agent report state, which is the number of resources being consumed, at
215# every report_interval.
216# dhcp_load_type can be used in combination with network_scheduler_driver =
217# neutron.scheduler.dhcp_agent_scheduler.WeightScheduler
218# When the network_scheduler_driver is WeightScheduler, dhcp_load_type can
219# be configured to represent the choice for the resource being balanced.
220# Example: dhcp_load_type = networks
221# Values:
222# networks - number of networks hosted on the agent
223# subnets - number of subnets associated with the networks hosted on the agent
224# ports - number of ports associated with the networks hosted on the agent
225# dhcp_load_type = networks
226
227# Availability Zone support
228#
229# Default value of availability zone hints. The availability zone aware
230# schedulers use this when the resources availability_zone_hints is empty.
231# Multiple availability zones can be specified by a comma separated string.
232# This value can be empty. In this case, even if availability_zone_hints for
233# a resource is empty, availability zone is considered for high availability
234# while scheduling the resource.
235# default_availability_zones =
236#
237# Make network scheduler availability zone aware.
238# If multiple availability zones are used, set network_scheduler_driver =
239# neutron.scheduler.dhcp_agent_scheduler.AZAwareWeightScheduler
240# This scheduler selects agent depending on WeightScheduler logic within an
241# availability zone so that considers the weight of agent.
242
243# Allow auto scheduling networks to DHCP agent. It will schedule non-hosted
244# networks to first DHCP agent which sends get_active_networks message to
245# neutron server
246# network_auto_schedule = True
247
248# Allow auto scheduling routers to L3 agent. It will schedule non-hosted
249# routers to first L3 agent which sends sync_routers message to neutron server
250# router_auto_schedule = True
251
252# Allow automatic rescheduling of routers from dead L3 agents with
253# admin_state_up set to True to alive agents.
254# allow_automatic_l3agent_failover = False
255
256# Allow automatic removal of networks from dead DHCP agents with
257# admin_state_up set to True.
258# Networks could then be rescheduled if network_auto_schedule is True
259# allow_automatic_dhcp_failover = True
260
261# Number of DHCP agents scheduled to host a tenant network.
262# If this number is greater than 1, the scheduler automatically
263# assigns multiple DHCP agents for a given tenant network,
264# providing high availability for DHCP service.
265# dhcp_agents_per_network = 1
266
267# Enable services on agents with admin_state_up False.
268# If this option is False, when admin_state_up of an agent is turned to
269# False, services on it will be disabled. If this option is True, services
270# on agents with admin_state_up False keep available and manual scheduling
271# to such agents is available. Agents with admin_state_up False are not
272# selected for automatic scheduling regardless of this option.
273# enable_services_on_agents_with_admin_state_down = False
274
275# =========== end of items for agent scheduler extension =====
276
277# =========== items for l3 extension ==============
278# Enable high availability for virtual routers.
279# l3_ha = False
280#
281# Maximum number of l3 agents which a HA router will be scheduled on. If it
282# is set to 0 the router will be scheduled on every agent.
283# max_l3_agents_per_router = 3
284#
285# Minimum number of l3 agents which a HA router will be scheduled on. The
286# default value is 2.
287# min_l3_agents_per_router = 2
288#
289# CIDR of the administrative network if HA mode is enabled
290# l3_ha_net_cidr = 169.254.192.0/18
291#
292# Enable snat by default on external gateway when available
293# enable_snat_by_default = True
294#
295# The network type to use when creating the HA network for an HA router.
296# By default or if empty, the first 'tenant_network_types'
297# is used. This is helpful when the VRRP traffic should use a specific
298# network which not the default one.
299# ha_network_type =
300# Example: ha_network_type = flat
301#
302# The physical network name with which the HA network can be created.
303# ha_network_physical_name =
304# Example: ha_network_physical_name = physnet1
305# =========== end of items for l3 extension =======
306
307# =========== items for metadata proxy configuration ==============
308# User (uid or name) running metadata proxy after its initialization
309# (if empty: agent effective user)
310# metadata_proxy_user =
311
312# Group (gid or name) running metadata proxy after its initialization
313# (if empty: agent effective group)
314# metadata_proxy_group =
315
316# Enable/Disable log watch by metadata proxy, it should be disabled when
317# metadata_proxy_user/group is not allowed to read/write its log file and
318# 'copytruncate' logrotate option must be used if logrotate is enabled on
319# metadata proxy log files. Option default value is deduced from
320# metadata_proxy_user: watch log is enabled if metadata_proxy_user is agent
321# effective user id/name.
322# metadata_proxy_watch_log =
323
324# Location of Metadata Proxy UNIX domain socket
325# metadata_proxy_socket = $state_path/metadata_proxy
326# =========== end of items for metadata proxy configuration ==============
327
328# ========== items for VLAN trunking networks ==========
329# Setting this flag to True will allow plugins that support it to
330# create VLAN transparent networks. This flag has no effect for
331# plugins that do not support VLAN transparent networks.
332# vlan_transparent = False
333# ========== end of items for VLAN trunking networks ==========
334
335# =========== WSGI parameters related to the API server ==============
336# Number of separate API worker processes to spawn. If not specified or < 1,
337# the default value is equal to the number of CPUs available.
338# api_workers = <number of CPUs>
339
340# Number of separate RPC worker processes to spawn.
341# rpc_workers = 1
342
343# Number of separate RPC worker processes for processing state report queue.
344# Increasing this parameter makes sense when neutron-server handles
345# hundreds of agents.
346# rpc_state_report_workers = 1
347
348# Timeout for client connections socket operations. If an
349# incoming connection is idle for this number of seconds it
350# will be closed. A value of '0' means wait forever. (integer
351# value)
352# client_socket_timeout = 900
353
354# wsgi keepalive option. Determines if connections are allowed to be held open
355# by clients after a request is fulfilled. A value of False will ensure that
356# the socket connection will be explicitly closed once a response has been
357# sent to the client.
358# wsgi_keep_alive = True
359
360# Sets the value of TCP_KEEPIDLE in seconds to use for each server socket when
361# starting API server. Not supported on OS X.
362# tcp_keepidle = 600
363
364# Number of seconds to keep retrying to listen
365# retry_until_window = 30
366
367# Number of backlog requests to configure the socket with.
368# backlog = 4096
369
370# Max header line to accommodate large tokens
371# max_header_line = 16384
372
373# Enable SSL on the API server
374# use_ssl = False
375
376# Certificate file to use when starting API server securely
377# This option is deprecated for removal in the N release, please
378# use cert_file option from [ssl] section instead.
379# ssl_cert_file = /path/to/certfile
380
381# Private key file to use when starting API server securely
382# This option is deprecated for removal in the N release, please
383# use key_file option from [ssl] section instead.
384# ssl_key_file = /path/to/keyfile
385
386# CA certificate file to use when starting API server securely to
387# verify connecting clients. This is an optional parameter only required if
388# API clients need to authenticate to the API server using SSL certificates
389# signed by a trusted CA
390# This option is deprecated for removal in the N release, please
391# use ca_file option from [ssl] section instead.
392# ssl_ca_file = /path/to/cafile
393# ======== end of WSGI parameters related to the API server ==========
394
395# ======== neutron nova interactions ==========
396# Send notification to nova when port status is active.
397# notify_nova_on_port_status_changes = True
398
399# Send notifications to nova when port data (fixed_ips/floatingips) change
400# so nova can update it's cache.
401# notify_nova_on_port_data_changes = True
402
403# Number of seconds between sending events to nova if there are any events to send
404# send_events_interval = 2
405
406# ======== end of neutron nova interactions ==========
407
408#
409# Options defined in oslo.messaging
410#
411
412# Use durable queues in amqp. (boolean value)
413# Deprecated group/name - [DEFAULT]/rabbit_durable_queues
414# amqp_durable_queues=false
415
416# Auto-delete queues in amqp. (boolean value)
417# amqp_auto_delete=false
418
419# Size of RPC connection pool. (integer value)
420# rpc_conn_pool_size=30
421
422# Qpid broker hostname. (string value)
423# qpid_hostname=localhost
424
425# Qpid broker port. (integer value)
426# qpid_port=5672
427
428# Qpid HA cluster host:port pairs. (list value)
429# qpid_hosts=$qpid_hostname:$qpid_port
430
431# Username for Qpid connection. (string value)
432# qpid_username=
433
434# Password for Qpid connection. (string value)
435# qpid_password=
436
437# Space separated list of SASL mechanisms to use for auth.
438# (string value)
439# qpid_sasl_mechanisms=
440
441# Seconds between connection keepalive heartbeats. (integer
442# value)
443# qpid_heartbeat=60
444
445# Transport to use, either 'tcp' or 'ssl'. (string value)
446# qpid_protocol=tcp
447
448# Whether to disable the Nagle algorithm. (boolean value)
449# qpid_tcp_nodelay=true
450
451# The qpid topology version to use. Version 1 is what was
452# originally used by impl_qpid. Version 2 includes some
453# backwards-incompatible changes that allow broker federation
454# to work. Users should update to version 2 when they are
455# able to take everything down, as it requires a clean break.
456# (integer value)
457# qpid_topology_version=1
458
459# SSL version to use (valid only if SSL enabled). valid values
460# are TLSv1, SSLv23 and SSLv3. SSLv2 may be available on some
461# distributions. (string value)
462# kombu_ssl_version=
463
464# SSL key file (valid only if SSL enabled). (string value)
465# kombu_ssl_keyfile=
466
467# SSL cert file (valid only if SSL enabled). (string value)
468# kombu_ssl_certfile=
469
470# SSL certification authority file (valid only if SSL
471# enabled). (string value)
472# kombu_ssl_ca_certs=
473
474# How long to wait before reconnecting in response to an AMQP
475# consumer cancel notification. (floating point value)
476# kombu_reconnect_delay=1.0
477
478# The RabbitMQ broker address where a single node is used.
479# (string value)
480# rabbit_host=localhost
481
482# The RabbitMQ broker port where a single node is used.
483# (integer value)
484# rabbit_port=5672
485
486# RabbitMQ HA cluster host:port pairs. (list value)
487# rabbit_hosts=$rabbit_host:$rabbit_port
488
489# Connect over SSL for RabbitMQ. (boolean value)
490# rabbit_use_ssl=false
491
492# The RabbitMQ userid. (string value)
493# rabbit_userid=guest
494
495# The RabbitMQ password. (string value)
496# rabbit_password=guest
497
498# the RabbitMQ login method (string value)
499# rabbit_login_method=AMQPLAIN
500
501# The RabbitMQ virtual host. (string value)
502# rabbit_virtual_host=/
503
504# How frequently to retry connecting with RabbitMQ. (integer
505# value)
506# rabbit_retry_interval=1
507
508# How long to backoff for between retries when connecting to
509# RabbitMQ. (integer value)
510# rabbit_retry_backoff=2
511
512# Maximum number of RabbitMQ connection retries. Default is 0
513# (infinite retry count). (integer value)
514# rabbit_max_retries=0
515
516# Use HA queues in RabbitMQ (x-ha-policy: all). If you change
517# this option, you must wipe the RabbitMQ database. (boolean
518# value)
519# rabbit_ha_queues=false
520
521# If passed, use a fake RabbitMQ provider. (boolean value)
522# fake_rabbit=false
523
524# ZeroMQ bind address. Should be a wildcard (*), an ethernet
525# interface, or IP. The "host" option should point or resolve
526# to this address. (string value)
527# rpc_zmq_bind_address=*
528
529# MatchMaker driver. (string value)
530# rpc_zmq_matchmaker=oslo.messaging._drivers.matchmaker.MatchMakerLocalhost
531
532# ZeroMQ receiver listening port. (integer value)
533# rpc_zmq_port=9501
534
535# Number of ZeroMQ contexts, defaults to 1. (integer value)
536# rpc_zmq_contexts=1
537
538# Maximum number of ingress messages to locally buffer per
539# topic. Default is unlimited. (integer value)
540# rpc_zmq_topic_backlog=
541
542# Directory for holding IPC sockets. (string value)
543# rpc_zmq_ipc_dir=/var/run/openstack
544
545# Name of this node. Must be a valid hostname, FQDN, or IP
546# address. Must match "host" option, if running Nova. (string
547# value)
548# rpc_zmq_host=oslo
549
550# Seconds to wait before a cast expires (TTL). Only supported
551# by impl_zmq. (integer value)
552# rpc_cast_timeout=30
553
554# Heartbeat frequency. (integer value)
555# matchmaker_heartbeat_freq=300
556
557# Heartbeat time-to-live. (integer value)
558# matchmaker_heartbeat_ttl=600
559
560# Size of RPC greenthread pool. (integer value)
561# rpc_thread_pool_size=64
562
563# Driver(s) to handle sending notifications to be loaded from
564# the oslo.messaging.notify.drivers namespace. (multi valued)
565# See setup.cfg in oslo.messaging Repo:
566# https://github.com/openstack/oslo.messaging/blob/master/setup.cfg
567# The default value is an empty string,
568# which means notifications will be disabled.
569# Possible values: messaging, messagingv2, routing, log, test, noop.
570# Example: notification_driver = messaging
571# notification_driver=
572
573# AMQP topic used for OpenStack notifications. (list value)
574# Deprecated group/name - [rpc_notifier2]/topics
575# notification_topics=notifications
576
577# Seconds to wait for a response from a call. (integer value)
578# rpc_response_timeout=60
579
580# A URL representing the messaging driver to use and its full
581# configuration. If not set, we fall back to the rpc_backend
582# option and driver specific configuration. (string value)
583# transport_url=
584
585# The messaging driver to use, defaults to rabbit. Other
586# drivers include qpid and zmq. (string value)
587# rpc_backend=rabbit
588
589# The default exchange under which topics are scoped. May be
590# overridden by an exchange name specified in the
591# transport_url option. (string value)
592# control_exchange=openstack
593
594
595[matchmaker_redis]
596
597#
598# Options defined in oslo.messaging
599#
600
601# Host to locate redis. (string value)
602# host=127.0.0.1
603
604# Use this port to connect to redis host. (integer value)
605# port=6379
606
607# Password for Redis server (optional). (string value)
608# password=
609
610
611[matchmaker_ring]
612
613#
614# Options defined in oslo.messaging
615#
616
617# Matchmaker ring file (JSON). (string value)
618# Deprecated group/name - [DEFAULT]/matchmaker_ringfile
619# ringfile=/etc/oslo/matchmaker_ring.json
620
621[quotas]
622# Default driver to use for quota checks
623# quota_driver = neutron.db.quota.driver.DbQuotaDriver
624
625# Keep in track in the database of current resource
626# quota usage. Plugins which do not leverage the
627# neutron database should set this flag to False
628# track_quota_usage = True
629
630# Resource name(s) that are supported in quota features
631# This option is deprecated for removal in the M release, please refrain from using it
632# quota_items = network,subnet,port
633
634# Default number of resource allowed per tenant. A negative value means
635# unlimited.
636# default_quota = -1
637
638# Number of networks allowed per tenant. A negative value means unlimited.
639# quota_network = 10
640
641# Number of subnets allowed per tenant. A negative value means unlimited.
642# quota_subnet = 10
643
644# Number of ports allowed per tenant. A negative value means unlimited.
645# quota_port = 50
646
647# Number of security groups allowed per tenant. A negative value means
648# unlimited.
649# quota_security_group = 10
650
651# Number of security group rules allowed per tenant. A negative value means
652# unlimited.
653# quota_security_group_rule = 100
654
655# Number of vips allowed per tenant. A negative value means unlimited.
656# quota_vip = 10
657
658# Number of pools allowed per tenant. A negative value means unlimited.
659# quota_pool = 10
660
661# Number of pool members allowed per tenant. A negative value means unlimited.
662# The default is unlimited because a member is not a real resource consumer
663# on OpenStack. However, on back-end, a member is a resource consumer
664# and that is the reason why quota is possible.
665# quota_member = -1
666
667# Number of health monitors allowed per tenant. A negative value means
668# unlimited.
669# The default is unlimited because a health monitor is not a real resource
670# consumer on OpenStack. However, on back-end, a member is a resource consumer
671# and that is the reason why quota is possible.
672# quota_health_monitor = -1
673
674# Number of loadbalancers allowed per tenant. A negative value means unlimited.
675# quota_loadbalancer = 10
676
677# Number of listeners allowed per tenant. A negative value means unlimited.
678# quota_listener = -1
679
680# Number of v2 health monitors allowed per tenant. A negative value means
681# unlimited. These health monitors exist under the lbaas v2 API
682# quota_healthmonitor = -1
683
684# Number of routers allowed per tenant. A negative value means unlimited.
685# quota_router = 10
686
687# Number of floating IPs allowed per tenant. A negative value means unlimited.
688# quota_floatingip = 50
689
690# Number of firewalls allowed per tenant. A negative value means unlimited.
691# quota_firewall = 1
692
693# Number of firewall policies allowed per tenant. A negative value means
694# unlimited.
695# quota_firewall_policy = 1
696
697# Number of firewall rules allowed per tenant. A negative value means
698# unlimited.
699# quota_firewall_rule = 100
700
701[agent]
702# Use "sudo neutron-rootwrap /etc/neutron/rootwrap.conf" to use the real
703# root filter facility.
704# Change to "sudo" to skip the filtering and just run the command directly
705# root_helper = sudo
706
707# Set to true to add comments to generated iptables rules that describe
708# each rule's purpose. (System must support the iptables comments module.)
709# comment_iptables_rules = True
710
711# Root helper daemon application to use when possible.
712# root_helper_daemon =
713
714# Use the root helper when listing the namespaces on a system. This may not
715# be required depending on the security configuration. If the root helper is
716# not required, set this to False for a performance improvement.
717# use_helper_for_ns_read = True
718
719# The interval to check external processes for failure in seconds (0=disabled)
720# check_child_processes_interval = 60
721
722# Action to take when an external process spawned by an agent dies
723# Values:
724# respawn - Respawns the external process
725# exit - Exits the agent
726# check_child_processes_action = respawn
727
728# Availability zone of this node.
729# availability_zone = nova
730
731# =========== items for agent management extension =============
732# seconds between nodes reporting state to server; should be less than
733# agent_down_time, best if it is half or less than agent_down_time
734# report_interval = 30
735
736# =========== end of items for agent management extension =====
737
738[keystone_authtoken]
739auth_uri = http://127.0.0.1:35357/v2.0/
740identity_uri = http://127.0.0.1:5000
741admin_tenant_name = %SERVICE_TENANT_NAME%
742admin_user = %SERVICE_USER%
743admin_password = %SERVICE_PASSWORD%
744
745[database]
746# This line MUST be changed to actually run the plugin.
747# Example:
748# connection = mysql+pymysql://root:pass@127.0.0.1:3306/neutron
749# Replace 127.0.0.1 above with the IP address of the database used by the
750# main neutron server. (Leave it as is if the database runs on this host.)
751# connection = sqlite://
752# NOTE: In deployment the [database] section and its connection attribute may
753# be set in the corresponding core plugin '.ini' file. However, it is suggested
754# to put the [database] section and its connection attribute in this
755# configuration file.
756
757# Database engine for which script will be generated when using offline
758# migration
759# engine =
760
761# The SQLAlchemy connection string used to connect to the slave database
762# slave_connection =
763
764# Database reconnection retry times - in event connectivity is lost
765# set to -1 implies an infinite retry count
766# max_retries = 10
767
768# Database reconnection interval in seconds - if the initial connection to the
769# database fails
770# retry_interval = 10
771
772# Minimum number of SQL connections to keep open in a pool
773# min_pool_size = 1
774
775# Maximum number of SQL connections to keep open in a pool
776# max_pool_size = 10
777
778# Timeout in seconds before idle sql connections are reaped
779# idle_timeout = 3600
780
781# If set, use this value for max_overflow with sqlalchemy
782# max_overflow = 20
783
784# Verbosity of SQL debugging information. 0=None, 100=Everything
785# connection_debug = 0
786
787# Add python stack traces to SQL as comment strings
788# connection_trace = False
789
790# If set, use this value for pool_timeout with sqlalchemy
791# pool_timeout = 10
792
793[nova]
794# Name of the plugin to load
795# auth_plugin =
796
797# Config Section from which to load plugin specific options
798# auth_section =
799
800# PEM encoded Certificate Authority to use when verifying HTTPs connections.
801# cafile =
802
803# PEM encoded client certificate cert file
804# certfile =
805
806# Verify HTTPS connections.
807# insecure = False
808
809# PEM encoded client certificate key file
810# keyfile =
811
812# Name of nova region to use. Useful if keystone manages more than one region.
813# region_name =
814
815# Timeout value for http requests
816# timeout =
817
818[oslo_concurrency]
819
820# Directory to use for lock files. For security, the specified directory should
821# only be writable by the user running the processes that need locking.
822# Defaults to environment variable OSLO_LOCK_PATH. If external locks are used,
823# a lock path must be set.
824lock_path = $state_path/lock
825
826# Enables or disables inter-process locks.
827# disable_process_locking = False
828
829[oslo_policy]
830
831# The JSON file that defines policies.
832# policy_file = policy.json
833
834# Default rule. Enforced when a requested rule is not found.
835# policy_default_rule = default
836
837# Directories where policy configuration files are stored.
838# They can be relative to any directory in the search path defined by the
839# config_dir option, or absolute paths. The file defined by policy_file
840# must exist for these directories to be searched. Missing or empty
841# directories are ignored.
842# policy_dirs = policy.d
843
844[oslo_messaging_amqp]
845
846#
847# From oslo.messaging
848#
849
850# Address prefix used when sending to a specific server (string value)
851# Deprecated group/name - [amqp1]/server_request_prefix
852# server_request_prefix = exclusive
853
854# Address prefix used when broadcasting to all servers (string value)
855# Deprecated group/name - [amqp1]/broadcast_prefix
856# broadcast_prefix = broadcast
857
858# Address prefix when sending to any server in group (string value)
859# Deprecated group/name - [amqp1]/group_request_prefix
860# group_request_prefix = unicast
861
862# Name for the AMQP container (string value)
863# Deprecated group/name - [amqp1]/container_name
864# container_name =
865
866# Timeout for inactive connections (in seconds) (integer value)
867# Deprecated group/name - [amqp1]/idle_timeout
868# idle_timeout = 0
869
870# Debug: dump AMQP frames to stdout (boolean value)
871# Deprecated group/name - [amqp1]/trace
872# trace = false
873
874# CA certificate PEM file for verifing server certificate (string value)
875# Deprecated group/name - [amqp1]/ssl_ca_file
876# ssl_ca_file =
877
878# Identifying certificate PEM file to present to clients (string value)
879# Deprecated group/name - [amqp1]/ssl_cert_file
880# ssl_cert_file =
881
882# Private key PEM file used to sign cert_file certificate (string value)
883# Deprecated group/name - [amqp1]/ssl_key_file
884# ssl_key_file =
885
886# Password for decrypting ssl_key_file (if encrypted) (string value)
887# Deprecated group/name - [amqp1]/ssl_key_password
888# ssl_key_password =
889
890# Accept clients using either SSL or plain TCP (boolean value)
891# Deprecated group/name - [amqp1]/allow_insecure_clients
892# allow_insecure_clients = false
893
894
895[oslo_messaging_qpid]
896
897#
898# From oslo.messaging
899#
900
901# Use durable queues in AMQP. (boolean value)
902# Deprecated group/name - [DEFAULT]/rabbit_durable_queues
903# amqp_durable_queues = false
904
905# Auto-delete queues in AMQP. (boolean value)
906# Deprecated group/name - [DEFAULT]/amqp_auto_delete
907# amqp_auto_delete = false
908
909# Size of RPC connection pool. (integer value)
910# Deprecated group/name - [DEFAULT]/rpc_conn_pool_size
911# rpc_conn_pool_size = 30
912
913# Qpid broker hostname. (string value)
914# Deprecated group/name - [DEFAULT]/qpid_hostname
915# qpid_hostname = localhost
916
917# Qpid broker port. (integer value)
918# Deprecated group/name - [DEFAULT]/qpid_port
919# qpid_port = 5672
920
921# Qpid HA cluster host:port pairs. (list value)
922# Deprecated group/name - [DEFAULT]/qpid_hosts
923# qpid_hosts = $qpid_hostname:$qpid_port
924
925# Username for Qpid connection. (string value)
926# Deprecated group/name - [DEFAULT]/qpid_username
927# qpid_username =
928
929# Password for Qpid connection. (string value)
930# Deprecated group/name - [DEFAULT]/qpid_password
931# qpid_password =
932
933# Space separated list of SASL mechanisms to use for auth. (string value)
934# Deprecated group/name - [DEFAULT]/qpid_sasl_mechanisms
935# qpid_sasl_mechanisms =
936
937# Seconds between connection keepalive heartbeats. (integer value)
938# Deprecated group/name - [DEFAULT]/qpid_heartbeat
939# qpid_heartbeat = 60
940
941# Transport to use, either 'tcp' or 'ssl'. (string value)
942# Deprecated group/name - [DEFAULT]/qpid_protocol
943# qpid_protocol = tcp
944
945# Whether to disable the Nagle algorithm. (boolean value)
946# Deprecated group/name - [DEFAULT]/qpid_tcp_nodelay
947# qpid_tcp_nodelay = true
948
949# The number of prefetched messages held by receiver. (integer value)
950# Deprecated group/name - [DEFAULT]/qpid_receiver_capacity
951# qpid_receiver_capacity = 1
952
953# The qpid topology version to use. Version 1 is what was originally used by
954# impl_qpid. Version 2 includes some backwards-incompatible changes that allow
955# broker federation to work. Users should update to version 2 when they are
956# able to take everything down, as it requires a clean break. (integer value)
957# Deprecated group/name - [DEFAULT]/qpid_topology_version
958# qpid_topology_version = 1
959
960
961[oslo_messaging_rabbit]
962
963#
964# From oslo.messaging
965#
966
967# Use durable queues in AMQP. (boolean value)
968# Deprecated group/name - [DEFAULT]/rabbit_durable_queues
969# amqp_durable_queues = false
970
971# Auto-delete queues in AMQP. (boolean value)
972# Deprecated group/name - [DEFAULT]/amqp_auto_delete
973# amqp_auto_delete = false
974
975# Size of RPC connection pool. (integer value)
976# Deprecated group/name - [DEFAULT]/rpc_conn_pool_size
977# rpc_conn_pool_size = 30
978
979# SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and
980# SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some
981# distributions. (string value)
982# Deprecated group/name - [DEFAULT]/kombu_ssl_version
983# kombu_ssl_version =
984
985# SSL key file (valid only if SSL enabled). (string value)
986# Deprecated group/name - [DEFAULT]/kombu_ssl_keyfile
987# kombu_ssl_keyfile =
988
989# SSL cert file (valid only if SSL enabled). (string value)
990# Deprecated group/name - [DEFAULT]/kombu_ssl_certfile
991# kombu_ssl_certfile =
992
993# SSL certification authority file (valid only if SSL enabled). (string value)
994# Deprecated group/name - [DEFAULT]/kombu_ssl_ca_certs
995# kombu_ssl_ca_certs =
996
997# How long to wait before reconnecting in response to an AMQP consumer cancel
998# notification. (floating point value)
999# Deprecated group/name - [DEFAULT]/kombu_reconnect_delay
1000# kombu_reconnect_delay = 1.0
1001
1002# The RabbitMQ broker address where a single node is used. (string value)
1003# Deprecated group/name - [DEFAULT]/rabbit_host
1004# rabbit_host = localhost
1005
1006# The RabbitMQ broker port where a single node is used. (integer value)
1007# Deprecated group/name - [DEFAULT]/rabbit_port
1008# rabbit_port = 5672
1009
1010# RabbitMQ HA cluster host:port pairs. (list value)
1011# Deprecated group/name - [DEFAULT]/rabbit_hosts
1012# rabbit_hosts = $rabbit_host:$rabbit_port
1013
1014# Connect over SSL for RabbitMQ. (boolean value)
1015# Deprecated group/name - [DEFAULT]/rabbit_use_ssl
1016# rabbit_use_ssl = false
1017
1018# The RabbitMQ userid. (string value)
1019# Deprecated group/name - [DEFAULT]/rabbit_userid
1020# rabbit_userid = guest
1021
1022# The RabbitMQ password. (string value)
1023# Deprecated group/name - [DEFAULT]/rabbit_password
1024# rabbit_password = guest
1025
1026# The RabbitMQ login method. (string value)
1027# Deprecated group/name - [DEFAULT]/rabbit_login_method
1028# rabbit_login_method = AMQPLAIN
1029
1030# The RabbitMQ virtual host. (string value)
1031# Deprecated group/name - [DEFAULT]/rabbit_virtual_host
1032# rabbit_virtual_host = /
1033
1034# How frequently to retry connecting with RabbitMQ. (integer value)
1035# rabbit_retry_interval = 1
1036
1037# How long to backoff for between retries when connecting to RabbitMQ. (integer
1038# value)
1039# Deprecated group/name - [DEFAULT]/rabbit_retry_backoff
1040# rabbit_retry_backoff = 2
1041
1042# Maximum number of RabbitMQ connection retries. Default is 0 (infinite retry
1043# count). (integer value)
1044# Deprecated group/name - [DEFAULT]/rabbit_max_retries
1045# rabbit_max_retries = 0
1046
1047# Use HA queues in RabbitMQ (x-ha-policy: all). If you change this option, you
1048# must wipe the RabbitMQ database. (boolean value)
1049# Deprecated group/name - [DEFAULT]/rabbit_ha_queues
1050# rabbit_ha_queues = false
1051
1052# Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake (boolean value)
1053# Deprecated group/name - [DEFAULT]/fake_rabbit
1054# fake_rabbit = false
1055
1056[qos]
1057# Drivers list to use to send the update notification
1058# notification_drivers = message_queue
1059
1060[ssl]
1061
1062#
1063# From oslo.service.sslutils
1064#
1065
1066# CA certificate file to use to verify connecting clients. (string
1067# value)
1068#ca_file = <None>
1069
1070# Certificate file to use when starting the server securely. (string
1071# value)
1072#cert_file = <None>
1073
1074# Private key file to use when starting the server securely. (string
1075# value)
1076#key_file = <None>