177 lines
6.0 KiB
INI
177 lines
6.0 KiB
INI
[ovs]
|
|
# Do not change this parameter unless you have a good reason to.
|
|
# This is the name of the OVS integration bridge. There is one per hypervisor.
|
|
# The integration bridge acts as a virtual "patch bay". All VM VIFs are
|
|
# attached to this bridge and then "patched" according to their network
|
|
# connectivity.
|
|
#
|
|
# integration_bridge = br-int
|
|
|
|
# Only used for the agent if tunnel_id_ranges is not empty for
|
|
# the server. In most cases, the default value should be fine.
|
|
#
|
|
# tunnel_bridge = br-tun
|
|
|
|
# Peer patch port in integration bridge for tunnel bridge
|
|
# int_peer_patch_port = patch-tun
|
|
|
|
# Peer patch port in tunnel bridge for integration bridge
|
|
# tun_peer_patch_port = patch-int
|
|
|
|
# Uncomment this line for the agent if tunnel_id_ranges is not
|
|
# empty for the server. Set local-ip to be the local IP address of
|
|
# this hypervisor.
|
|
#
|
|
# local_ip =
|
|
|
|
# (ListOpt) Comma-separated list of <physical_network>:<bridge> tuples
|
|
# mapping physical network names to the agent's node-specific OVS
|
|
# bridge names to be used for flat and VLAN networks. The length of
|
|
# bridge names should be no more than 11. Each bridge must
|
|
# exist, and should have a physical network interface configured as a
|
|
# port. All physical networks configured on the server should have
|
|
# mappings to appropriate bridges on each agent.
|
|
#
|
|
# Note: If you remove a bridge from this mapping, make sure to disconnect it
|
|
# from the integration bridge as it won't be managed by the agent anymore.
|
|
#
|
|
# bridge_mappings =
|
|
# Example: bridge_mappings = physnet1:br-eth1
|
|
|
|
# (BoolOpt) Use veths instead of patch ports to interconnect the integration
|
|
# bridge to physical networks. Support kernel without ovs patch port support
|
|
# so long as it is set to True.
|
|
# use_veth_interconnection = False
|
|
|
|
# (StrOpt) Which OVSDB backend to use, defaults to 'vsctl'
|
|
# vsctl - The backend based on executing ovs-vsctl
|
|
# native - The backend based on using native OVSDB
|
|
# ovsdb_interface = vsctl
|
|
|
|
# (StrOpt) The connection string for the native OVSDB backend
|
|
# To enable ovsdb-server to listen on port 6640:
|
|
# ovs-vsctl set-manager ptcp:6640:127.0.0.1
|
|
# ovsdb_connection = tcp:127.0.0.1:6640
|
|
|
|
# (StrOpt) OpenFlow interface to use.
|
|
# 'ovs-ofctl' is currently the only available choice.
|
|
# of_interface = ovs-ofctl
|
|
|
|
# (StrOpt) ovs datapath to use.
|
|
# 'system' is the default value and corresponds to the kernel datapath.
|
|
# To enable the userspace datapath set this value to 'netdev'
|
|
# datapath_type = system
|
|
|
|
[agent]
|
|
# Log agent heartbeats from this OVS agent
|
|
# log_agent_heartbeats = False
|
|
|
|
# Agent's polling interval in seconds
|
|
# polling_interval = 2
|
|
|
|
# Minimize polling by monitoring ovsdb for interface changes
|
|
# minimize_polling = True
|
|
|
|
# When minimize_polling = True, the number of seconds to wait before
|
|
# respawning the ovsdb monitor after losing communication with it
|
|
# ovsdb_monitor_respawn_interval = 30
|
|
|
|
# (ListOpt) The types of tenant network tunnels supported by the agent.
|
|
# Setting this will enable tunneling support in the agent. This can be set to
|
|
# either 'gre' or 'vxlan'. If this is unset, it will default to [] and
|
|
# disable tunneling support in the agent.
|
|
# You can specify as many values here as your compute hosts supports.
|
|
#
|
|
# tunnel_types =
|
|
# Example: tunnel_types = gre
|
|
# Example: tunnel_types = vxlan
|
|
# Example: tunnel_types = vxlan, gre
|
|
|
|
# (IntOpt) The port number to utilize if tunnel_types includes 'vxlan'. By
|
|
# default, this will make use of the Open vSwitch default value of '4789' if
|
|
# not specified.
|
|
#
|
|
# vxlan_udp_port =
|
|
# Example: vxlan_udp_port = 8472
|
|
|
|
# (IntOpt) This is the MTU size of veth interfaces.
|
|
# Do not change unless you have a good reason to.
|
|
# The default MTU size of veth interfaces is 1500.
|
|
# This option has no effect if use_veth_interconnection is False
|
|
# veth_mtu =
|
|
# Example: veth_mtu = 1504
|
|
|
|
# (BoolOpt) Flag to enable l2-population extension. This option should only be
|
|
# used in conjunction with ml2 plugin and l2population mechanism driver. It'll
|
|
# enable plugin to populate remote ports macs and IPs (using fdb_add/remove
|
|
# RPC calbbacks instead of tunnel_sync/update) on OVS agents in order to
|
|
# optimize tunnel management.
|
|
#
|
|
# l2_population = False
|
|
|
|
# Enable local ARP responder. Requires OVS 2.1. This is only used by the l2
|
|
# population ML2 MechanismDriver.
|
|
#
|
|
# arp_responder = False
|
|
|
|
# Enable suppression of ARP responses that don't match an IP address that
|
|
# belongs to the port from which they originate.
|
|
# Note: This prevents the VMs attached to this agent from spoofing,
|
|
# it doesn't protect them from other devices which have the capability to spoof
|
|
# (e.g. bare metal or VMs attached to agents without this flag set to True).
|
|
# Requires a version of OVS that can match ARP headers.
|
|
#
|
|
# prevent_arp_spoofing = True
|
|
|
|
# (BoolOpt) Set or un-set the don't fragment (DF) bit on outgoing IP packet
|
|
# carrying GRE/VXLAN tunnel. The default value is True.
|
|
#
|
|
# dont_fragment = True
|
|
|
|
# (BoolOpt) Set to True on L2 agents to enable support
|
|
# for distributed virtual routing.
|
|
#
|
|
# enable_distributed_routing = False
|
|
|
|
# (IntOpt) Set new timeout in seconds for new rpc calls after agent receives
|
|
# SIGTERM. If value is set to 0, rpc timeout won't be changed"
|
|
#
|
|
# quitting_rpc_timeout = 10
|
|
|
|
# (ListOpt) Extensions list to use
|
|
# Example: extensions = qos
|
|
#
|
|
# extensions =
|
|
|
|
[securitygroup]
|
|
# Firewall driver for realizing neutron security group function.
|
|
# firewall_driver = neutron.agent.firewall.NoopFirewallDriver
|
|
# Example: firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
|
|
|
|
# Controls if neutron security group is enabled or not.
|
|
# It should be false when you use nova security group.
|
|
# enable_security_group = True
|
|
|
|
#-----------------------------------------------------------------------------
|
|
# Sample Configurations.
|
|
#-----------------------------------------------------------------------------
|
|
#
|
|
# 1. With VLANs on eth1.
|
|
# [ovs]
|
|
# integration_bridge = br-int
|
|
# bridge_mappings = default:br-eth1
|
|
#
|
|
# 2. With GRE tunneling.
|
|
# [ovs]
|
|
# integration_bridge = br-int
|
|
# tunnel_bridge = br-tun
|
|
# local_ip = 10.0.0.3
|
|
#
|
|
# 3. With VXLAN tunneling.
|
|
# [ovs]
|
|
# integration_bridge = br-int
|
|
# tunnel_bridge = br-tun
|
|
# local_ip = 10.0.0.3
|
|
# [agent]
|
|
# tunnel_types = vxlan
|