openstack/openstack-manuals
Code Issues Proposed changes
77ff96074a
openstack-manuals/doc/common/tables/neutron-conf-changes.xml
Gauvain Pocentek ca63837991 Automatic update of the new/updated options for kilo 
Change-Id: I60f1d90a8b6c6699c2e6f6da365052bd780432c2
2015-04-02 15:55:36 +02:00

429 lines
18 KiB
XML
Raw Blame History

<?xml version='1.0' encoding='UTF-8'?>
<section xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="neutron-conf-changes-kilo">
<!-- Warning: Do not edit this file. It is automatically generated and your changes will be overwritten. The tool to do so lives in the openstack-doc-tools repository. -->
<title>New, updated and deprecated options in Kilo for OpenStack Networking</title>
<table>
<caption>New options</caption>
<col width="50%"/>
<col width="50%"/>
<thead>
<tr>
<td>Option = default value</td>
<td>(Type) Help string</td>
</tr>
</thead>
<tr>
<td>[DEFAULT] advertise_mtu = False</td>
<td>(BoolOpt) If True, effort is made to advertise MTU settings to VMs via network methods (DHCP and RA MTU options) when the network's preferred MTU is known.</td>
</tr>
<tr>
<td>[DEFAULT] allow_automatic_dhcp_failover = True</td>
<td>(BoolOpt) Automatically remove networks from offline DHCP agents.</td>
</tr>
<tr>
<td>[DEFAULT] default_ipv4_subnet_pool = None</td>
<td>(StrOpt) Default IPv4 subnet-pool to be used for automatic subnet CIDR allocation</td>
</tr>
<tr>
<td>[DEFAULT] default_ipv6_subnet_pool = None</td>
<td>(StrOpt) Default IPv6 subnet-pool to be used for automatic subnet CIDR allocation</td>
</tr>
<tr>
<td>[DEFAULT] dhcp_broadcast_reply = False</td>
<td>(BoolOpt) Use broadcast in DHCP replies</td>
</tr>
<tr>
<td>[DEFAULT] dhcp_load_type = networks</td>
<td>(StrOpt) Representing the resource type whose load is being reported by the agent. This can be "networks", "subnets" or "ports". When specified (Default is networks), the server will extract particular load sent as part of its agent configuration object from the agent report state, which is the number of resources being consumed, at every report_interval.dhcp_load_type can be used in combination with network_scheduler_driver = neutron.scheduler.dhcp_agent_scheduler.WeightScheduler When the network_scheduler_driver is WeightScheduler, dhcp_load_type can be configured to represent the choice for the resource being balanced. Example: dhcp_load_type=networks</td>
</tr>
<tr>
<td>[DEFAULT] enable_services_on_agents_with_admin_state_down = False</td>
<td>(BoolOpt) Enable services on an agent with admin_state_up False. If this option is False, when admin_state_up of an agent is turned False, services on it will be disabled. Agents with admin_state_up False are not selected for automatic scheduling regardless of this option. But manual scheduling to such agents is available if this option is True.</td>
</tr>
<tr>
<td>[DEFAULT] external_ingress_mark = 0x2</td>
<td>(StrOpt) Iptables mangle mark used to mark ingress from external network</td>
</tr>
<tr>
<td>[DEFAULT] ipv6_gateway = </td>
<td>(StrOpt) With IPv6, the network used for the external gateway does not need to have an associated subnet, since the automatically assigned link-local address (LLA) can be used. However, an IPv6 gateway address is needed for use as the next-hop for the default route. If no IPv6 gateway address is configured here, (and only then) the neutron router will be configured to get its default route from router advertisements (RAs) from the upstream router; in which case the upstream router must also be configured to send these RAs. The ipv6_gateway, when configured, should be the LLA of the interface on the upstream router. If a next-hop using a global unique address (GUA) is desired, it needs to be done via a subnet allocated to the network and not through this parameter.</td>
</tr>
<tr>
<td>[DEFAULT] metadata_access_mark = 0x1</td>
<td>(StrOpt) Iptables mangle mark used to mark metadata valid requests</td>
</tr>
<tr>
<td>[DEFAULT] metadata_proxy_group = </td>
<td>(StrOpt) Group (gid or name) running metadata proxy after its initialization (if empty: agent effective group)</td>
</tr>
<tr>
<td>[DEFAULT] metadata_proxy_user = </td>
<td>(StrOpt) User (uid or name) running metadata proxy after its initialization (if empty: agent effective user)</td>
</tr>
<tr>
<td>[DEFAULT] metadata_proxy_watch_log = None</td>
<td>(BoolOpt) Enable/Disable log watch by metadata proxy. It should be disabled when metadata_proxy_user/group is not allowed to read/write its log file and copytruncate logrotate option must be used if logrotate is enabled on metadata proxy log files. Option default value is deduced from metadata_proxy_user: watch log is enabled if metadata_proxy_user is agent effective user id/name.</td>
</tr>
<tr>
<td>[DEFAULT] nova_admin_tenant_name = None</td>
<td>(StrOpt) The name of the admin nova tenant. Deprecated in favour of an auth plugin in [nova].</td>
</tr>
<tr>
<td>[DEFAULT] policy_default_rule = default</td>
<td>(StrOpt) Default rule. Enforced when a requested rule is not found.</td>
</tr>
<tr>
<td>[DEFAULT] policy_dirs = ['policy.d']</td>
<td>(MultiStrOpt) Directories where policy configuration files are stored. They can be relative to any directory in the search path defined by the config_dir option, or absolute paths. The file defined by policy_file must exist for these directories to be searched. Missing or empty directories are ignored.</td>
</tr>
<tr>
<td>[DEFAULT] vlan_transparent = False</td>
<td>(BoolOpt) If True, then allow plugins that support it to create VLAN transparent networks.</td>
</tr>
<tr>
<td>[AGENT] check_child_processes_action = respawn</td>
<td>(StrOpt) Action to be executed when a child process dies</td>
</tr>
<tr>
<td>[AGENT] check_child_processes_interval = 60</td>
<td>(IntOpt) Interval between checks of child process liveness (seconds), use 0 to disable</td>
</tr>
<tr>
<td>[AGENT] comment_iptables_rules = True</td>
<td>(BoolOpt) Add comments to iptables rules.</td>
</tr>
<tr>
<td>[AGENT] root_helper_daemon = None</td>
<td>(StrOpt) Root helper daemon application to use when possible.</td>
</tr>
<tr>
<td>[AGENT] use_helper_for_ns_read = True</td>
<td>(BoolOpt) Use the root helper to read the namespaces from the operating system.</td>
</tr>
<tr>
<td>[OFC] support_packet_filter_on_ofc_router = True</td>
<td>(BoolOpt) Support packet filter on OFC router interface.</td>
</tr>
<tr>
<td>[ml2] path_mtu = 0</td>
<td>(IntOpt) The maximum permissible size of an unfragmented packet travelling from and to addresses where encapsulated Neutron traffic is sent. If &lt;= 0, the path MTU is indeterminate.</td>
</tr>
<tr>
<td>[ml2] physical_network_mtus = </td>
<td>(ListOpt) A list of mappings of physical networks to MTU values. The format of the mapping is &lt;physnet&gt;:&lt;mtu val&gt;. This mapping allows specifying a physical network MTU value that differs from the default segment_mtu value.</td>
</tr>
<tr>
<td>[ml2] segment_mtu = 0</td>
<td>(IntOpt) The maximum permissible size of an unfragmented packet travelling a L2 network segment. If &lt;= 0, the segment MTU is indeterminate.</td>
</tr>
<tr>
<td>[nova] auth_plugin = None</td>
<td>(StrOpt) Name of the plugin to load</td>
</tr>
<tr>
<td>[nova] auth_section = None</td>
<td>(StrOpt) Config Section from which to load plugin specific options</td>
</tr>
<tr>
<td>[nova] cafile = None</td>
<td>(StrOpt) PEM encoded Certificate Authority to use when verifying HTTPs connections.</td>
</tr>
<tr>
<td>[nova] certfile = None</td>
<td>(StrOpt) PEM encoded client certificate cert file</td>
</tr>
<tr>
<td>[nova] insecure = False</td>
<td>(BoolOpt) Verify HTTPS connections.</td>
</tr>
<tr>
<td>[nova] keyfile = None</td>
<td>(StrOpt) PEM encoded client certificate key file</td>
</tr>
<tr>
<td>[nova] region_name = None</td>
<td>(StrOpt) Name of nova region to use. Useful if keystone manages more than one region.</td>
</tr>
<tr>
<td>[nova] timeout = None</td>
<td>(IntOpt) Timeout value for http requests</td>
</tr>
<tr>
<td>[oslo_concurrency] disable_process_locking = False</td>
<td>(BoolOpt) Enables or disables inter-process locks.</td>
</tr>
<tr>
<td>[oslo_concurrency] lock_path = None</td>
<td>(StrOpt) Directory to use for lock files. For security, the specified directory should only be writable by the user running the processes that need locking. Defaults to environment variable OSLO_LOCK_PATH. If external locks are used, a lock path must be set.</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] allow_insecure_clients = False</td>
<td>(BoolOpt) Accept clients using either SSL or plain TCP</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] broadcast_prefix = broadcast</td>
<td>(StrOpt) address prefix used when broadcasting to all servers</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] container_name = None</td>
<td>(StrOpt) Name for the AMQP container</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] group_request_prefix = unicast</td>
<td>(StrOpt) address prefix when sending to any server in group</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] idle_timeout = 0</td>
<td>(IntOpt) Timeout for inactive connections (in seconds)</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] server_request_prefix = exclusive</td>
<td>(StrOpt) address prefix used when sending to a specific server</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_ca_file = </td>
<td>(StrOpt) CA certificate PEM file for verifing server certificate</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_cert_file = </td>
<td>(StrOpt) Identifying certificate PEM file to present to clients</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_key_file = </td>
<td>(StrOpt) Private key PEM file used to sign cert_file certificate</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_key_password = None</td>
<td>(StrOpt) Password for decrypting ssl_key_file (if encrypted)</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] trace = False</td>
<td>(BoolOpt) Debug: dump AMQP frames to stdout</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] amqp_auto_delete = False</td>
<td>(BoolOpt) Auto-delete queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] amqp_durable_queues = False</td>
<td>(BoolOpt) Use durable queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_heartbeat = 60</td>
<td>(IntOpt) Seconds between connection keepalive heartbeats.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_hostname = localhost</td>
<td>(StrOpt) Qpid broker hostname.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_hosts = $qpid_hostname:$qpid_port</td>
<td>(ListOpt) Qpid HA cluster host:port pairs.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_password = </td>
<td>(StrOpt) Password for Qpid connection.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_port = 5672</td>
<td>(IntOpt) Qpid broker port.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_protocol = tcp</td>
<td>(StrOpt) Transport to use, either 'tcp' or 'ssl'.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_receiver_capacity = 1</td>
<td>(IntOpt) The number of prefetched messages held by receiver.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_sasl_mechanisms = </td>
<td>(StrOpt) Space separated list of SASL mechanisms to use for auth.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_tcp_nodelay = True</td>
<td>(BoolOpt) Whether to disable the Nagle algorithm.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_topology_version = 1</td>
<td>(IntOpt) The qpid topology version to use. Version 1 is what was originally used by impl_qpid. Version 2 includes some backwards-incompatible changes that allow broker federation to work. Users should update to version 2 when they are able to take everything down, as it requires a clean break.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_username = </td>
<td>(StrOpt) Username for Qpid connection.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] rpc_conn_pool_size = 30</td>
<td>(IntOpt) Size of RPC connection pool.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] amqp_auto_delete = False</td>
<td>(BoolOpt) Auto-delete queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] amqp_durable_queues = False</td>
<td>(BoolOpt) Use durable queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] fake_rabbit = False</td>
<td>(BoolOpt) Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_rate = 2</td>
<td>(IntOpt) How often times during the heartbeat_timeout_threshold we check the heartbeat.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_timeout_threshold = 60</td>
<td>(IntOpt) Number of seconds after which the Rabbit broker is considered down if heartbeat's keep-alive fails (0 disable the heartbeat).</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_reconnect_delay = 1.0</td>
<td>(FloatOpt) How long to wait before reconnecting in response to an AMQP consumer cancel notification.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_ca_certs = </td>
<td>(StrOpt) SSL certification authority file (valid only if SSL enabled).</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_certfile = </td>
<td>(StrOpt) SSL cert file (valid only if SSL enabled).</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_keyfile = </td>
<td>(StrOpt) SSL key file (valid only if SSL enabled).</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_version = </td>
<td>(StrOpt) SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some distributions.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_ha_queues = False</td>
<td>(BoolOpt) Use HA queues in RabbitMQ (x-ha-policy: all). If you change this option, you must wipe the RabbitMQ database.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_host = localhost</td>
<td>(StrOpt) The RabbitMQ broker address where a single node is used.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_hosts = $rabbit_host:$rabbit_port</td>
<td>(ListOpt) RabbitMQ HA cluster host:port pairs.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_login_method = AMQPLAIN</td>
<td>(StrOpt) The RabbitMQ login method.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_max_retries = 0</td>
<td>(IntOpt) Maximum number of RabbitMQ connection retries. Default is 0 (infinite retry count).</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_password = guest</td>
<td>(StrOpt) The RabbitMQ password.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_port = 5672</td>
<td>(IntOpt) The RabbitMQ broker port where a single node is used.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_retry_backoff = 2</td>
<td>(IntOpt) How long to backoff for between retries when connecting to RabbitMQ.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_retry_interval = 1</td>
<td>(IntOpt) How frequently to retry connecting with RabbitMQ.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_use_ssl = False</td>
<td>(BoolOpt) Connect over SSL for RabbitMQ.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_userid = guest</td>
<td>(StrOpt) The RabbitMQ userid.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_virtual_host = /</td>
<td>(StrOpt) The RabbitMQ virtual host.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rpc_conn_pool_size = 30</td>
<td>(IntOpt) Size of RPC connection pool.</td>
</tr>
</table>
<table>
<caption>New default values</caption>
<col width="33%"/>
<col width="33%"/>
<col width="33%"/>
<thead>
<tr>
<td>Option</td>
<td>Previous default value</td>
<td>New default value</td>
</tr>
</thead>
<tr>
<td>[DEFAULT] default_log_levels</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN, websocket=WARN, requests.packages.urllib3.util.retry=WARN, urllib3.util.retry=WARN, keystonemiddleware=WARN, routes.middleware=WARN, stevedore=WARN</td>
</tr>
<tr>
<td>[DEFAULT] rpc_zmq_matchmaker</td>
<td>oslo.messaging._drivers.matchmaker.MatchMakerLocalhost</td>
<td>oslo_messaging._drivers.matchmaker.MatchMakerLocalhost</td>
</tr>
<tr>
<td>[CISCO_N1K] restrict_network_profiles</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[OVS] local_ip</td>
<td></td>
<td>None</td>
</tr>
<tr>
<td>[OVS] ovsdb_interface</td>
<td>None</td>
<td>vsctl</td>
</tr>
<tr>
<td>[VXLAN] enable_vxlan</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[VXLAN] local_ip</td>
<td></td>
<td>None</td>
</tr>
<tr>
<td>[ml2_sriov] supported_pci_vendor_devs</td>
<td>15b3:1004, 8086:10c9</td>
<td>15b3:1004, 8086:10ca</td>
</tr>
</table>
<table>
<caption>Deprecated options</caption>
<col width="50%"/>
<col width="50%"/>
<thead>
<tr>
<td>Deprecated option</td>
<td>New Option</td>
</tr>
</thead>
<tr>
<td>[DEFAULT] nova_ca_certificates_file</td>
<td>[nova] cafile</td>
</tr>
<tr>
<td>[DEFAULT] nova_api_insecure</td>
<td>[nova] insecure</td>
</tr>
<tr>
<td>[DEFAULT] nova_region_name</td>
<td>[nova] region_name</td>
</tr>
</table>
</section>
View Git Blame Copy Permalink