charm-neutron-api/templates/mitaka/neutron.conf
Vladimir Grevtsev 47a2b8fbb4 Enable support for security group logging
Add support to enable logging of security groups for
OpenStack Queens or later; this feature is enabled via
the neutron-api charm, with local configuration options
provided in the neutron-openvswitch charm.

The feature is only compatible with the openvswitch firewall
driver and will not be enabled if this configuration option
is not set in the neutron-openvswitch charm.

This change is removing unnecessary Neutron config
option "neutron_firewall_driver" since FW drivers are
being handled on agents side (not on API server) since
Mitaka release.

Change-Id: Icadb055b2c5c3216b6d086b44a4823595b2baffa
Closes-Bug: #1787397
2018-10-09 12:01:03 +03:00

117 lines
2.9 KiB
Plaintext

# mitaka
###############################################################################
# [ WARNING ]
# Configuration file maintained by Juju. Local changes may be overwritten.
# Restart trigger {{ restart_trigger }}
###############################################################################
[DEFAULT]
verbose = {{ verbose }}
debug = {{ debug }}
use_syslog = {{ use_syslog }}
state_path = /var/lib/neutron
bind_host = {{ bind_host }}
auth_strategy = keystone
api_workers = {{ workers }}
rpc_workers = {{ workers }}
router_distributed = {{ enable_dvr }}
{% if dns_domain -%}
dns_domain = {{ dns_domain }}
{% endif -%}
l3_ha = {{ l3_ha }}
{% if l3_ha -%}
max_l3_agents_per_router = {{ max_l3_agents_per_router }}
min_l3_agents_per_router = {{ min_l3_agents_per_router }}
{% endif -%}
{% if neutron_bind_port -%}
bind_port = {{ neutron_bind_port }}
{% else -%}
bind_port = 9696
{% endif -%}
{% if core_plugin -%}
core_plugin = {{ core_plugin }}
{% if service_plugins -%}
service_plugins = {{ service_plugins }}
{% endif -%}
{% endif -%}
{% if neutron_security_groups -%}
allow_overlapping_ips = True
{% endif -%}
dhcp_agents_per_network = {{ dhcp_agents_per_network }}
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
{% if sections and 'DEFAULT' in sections -%}
{% for key, value in sections['DEFAULT'] -%}
{{ key }} = {{ value }}
{% endfor -%}
{% endif %}
{% if user_config_flags -%}
{% for key, value in user_config_flags.items() -%}
{{ key }} = {{ value }}
{% endfor -%}
{% endif -%}
{% if global_physnet_mtu -%}
global_physnet_mtu = {{ global_physnet_mtu }}
{% endif -%}
{% if enable_designate -%}
external_dns_driver = designate
{% endif -%}
{% include "section-zeromq" %}
[quotas]
{% if quota_driver -%}
quota_driver = {{ quota_driver }}
{% else -%}
quota_driver = neutron.db.quota_db.DbQuotaDriver
{% endif -%}
{% if neutron_security_groups -%}
quota_items = network,subnet,port,security_group,security_group_rule
quota_security_group = {{ quota_security_group }}
quota_security_group_rule = {{ quota_security_group_rule }}
{% else -%}
quota_items = network,subnet,port
{% endif -%}
quota_network = {{ quota_network }}
quota_subnet = {{ quota_subnet }}
quota_port = {{ quota_port }}
quota_vip = {{ quota_vip }}
quota_pool = {{ quota_pool }}
quota_member = {{ quota_member }}
quota_health_monitors = {{ quota_health_monitors }}
quota_router = {{ quota_router }}
quota_floatingip = {{ quota_floatingip }}
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
{% include "section-keystone-authtoken-mitaka" %}
{% include "parts/section-database" %}
{% include "section-rabbitmq-oslo" %}
{% include "section-oslo-notifications" %}
[oslo_concurrency]
lock_path = $state_path/lock
{% include "parts/section-nova" %}
{% if enable_designate -%}
{% include "parts/section-designate" %}
{% endif -%}
{% include "section-oslo-middleware" %}