f8f7c40295
This is patchset 2 of 2 for OVN driver handling of security-group-logging.
It includes the core changes and tests for this feature.
This feature requires OVN 20.12 [0] or newer. Functional test will be
skipped for non-supported versions.
Related-Bug: 1468366
Closes-Bug: 1914757
[0]: 880dca99ea
Change-Id: Ic86fa70eb34c9b178267b80de1f8883a3ef03e98
Signed-off-by: Flavio Fernandes <flaviof@redhat.com>
173 lines
6.3 KiB
Plaintext
173 lines
6.3 KiB
Plaintext
#
|
|
# Sample DevStack local.conf.
|
|
#
|
|
# This sample file is intended to be used for your typical DevStack environment
|
|
# that's running all of OpenStack on a single host. This can also be used as
|
|
# the first host of a multi-host test environment.
|
|
#
|
|
# No changes to this sample configuration are required for this to work.
|
|
#
|
|
|
|
[[local|localrc]]
|
|
|
|
DATABASE_PASSWORD=password
|
|
RABBIT_PASSWORD=password
|
|
SERVICE_PASSWORD=password
|
|
SERVICE_TOKEN=password
|
|
ADMIN_PASSWORD=password
|
|
|
|
Q_AGENT=ovn
|
|
Q_ML2_PLUGIN_MECHANISM_DRIVERS=ovn,logger
|
|
Q_ML2_PLUGIN_TYPE_DRIVERS=local,flat,vlan,geneve
|
|
Q_ML2_TENANT_NETWORK_TYPE="geneve"
|
|
|
|
# Enable devstack spawn logging
|
|
LOGFILE=$DEST/logs/stack.sh.log
|
|
|
|
enable_service ovn-northd
|
|
enable_service ovn-controller
|
|
enable_service q-ovn-metadata-agent
|
|
|
|
# Use Neutron
|
|
enable_service q-svc
|
|
|
|
# Disable Neutron agents not used with OVN.
|
|
disable_service q-agt
|
|
disable_service q-l3
|
|
disable_service q-dhcp
|
|
disable_service q-meta
|
|
|
|
# Enable services, these services depend on neutron plugin.
|
|
enable_plugin neutron https://opendev.org/openstack/neutron
|
|
enable_service q-trunk
|
|
enable_service q-dns
|
|
enable_service q-port-forwarding
|
|
enable_service q-qos
|
|
enable_service neutron-segments
|
|
enable_service q-log
|
|
|
|
# Enable neutron tempest plugin tests
|
|
enable_plugin neutron-tempest-plugin https://opendev.org/openstack/neutron-tempest-plugin
|
|
|
|
# Horizon (the web UI) is enabled by default. You may want to disable
|
|
# it here to speed up DevStack a bit.
|
|
enable_service horizon
|
|
#disable_service horizon
|
|
|
|
# Cinder (OpenStack Block Storage) is disabled by default to speed up
|
|
# DevStack a bit. You may enable it here if you would like to use it.
|
|
disable_service cinder c-sch c-api c-vol
|
|
#enable_service cinder c-sch c-api c-vol
|
|
|
|
# To enable Rally, uncomment the line below
|
|
#enable_plugin rally https://github.com/openstack/rally master
|
|
|
|
# How to connect to ovsdb-server hosting the OVN NB database.
|
|
#OVN_NB_REMOTE=tcp:$SERVICE_HOST:6641
|
|
|
|
# How to connect to ovsdb-server hosting the OVN SB database.
|
|
#OVN_SB_REMOTE=tcp:$SERVICE_HOST:6642
|
|
|
|
# A UUID to uniquely identify this system. If one is not specified, a random
|
|
# one will be generated and saved in the file 'ovn-uuid' for re-use in future
|
|
# DevStack runs.
|
|
#OVN_UUID=
|
|
|
|
# If using the OVN native layer-3 service, choose a router scheduler to
|
|
# manage the distribution of router gateways on hypervisors/chassis.
|
|
# Default value is leastloaded.
|
|
#OVN_L3_SCHEDULER=leastloaded
|
|
|
|
# The DevStack plugin defaults to using the ovn branch from the official ovs
|
|
# repo. You can optionally use a different one. For example, you may want to
|
|
# use the latest patches in blp's ovn branch (and see OVN_BUILD_FROM_SOURCE):
|
|
#OVN_REPO=https://github.com/blp/ovs-reviews.git
|
|
#OVN_BRANCH=ovn
|
|
|
|
# NOTE: When specifying the branch, as shown above, you must also enable this!
|
|
# By default, OVN will be installed from packages. In order to build OVN from
|
|
# source, set OVN_BUILD_FROM_SOURCE=True
|
|
#OVN_BUILD_FROM_SOURCE=False
|
|
|
|
# Whether or not to build custom openvswitch kernel modules from the ovs git
|
|
# tree. This is disabled by default. This is required unless your distro kernel
|
|
# includes ovs+conntrack support. This support was first released in Linux 4.3,
|
|
# and will likely be backported by some distros.
|
|
# NOTE(mjozefcz): We need to compile the module for Ubuntu Bionic, because default
|
|
# shipped kernel module doesn't openflow meter action support.
|
|
OVN_BUILD_MODULES=True
|
|
|
|
# Skydive
|
|
#enable_plugin skydive https://github.com/redhat-cip/skydive.git
|
|
#enable_service skydive-analyzer
|
|
#enable_service skydive-agent
|
|
|
|
# Octavia with OVN provider driver. OVN provider driver uses the OVN native
|
|
# load balancer and it only supports L4 TCP load balancer and doesn't support
|
|
# health check monitor and other advanced features supported by Octavia
|
|
# amphore driver. If you want to enable Octavia amphore driver, please see
|
|
# http://opendev.org/openstack/networking-ovn/tree/devstack/ovn-octavia-provider.conf.sample
|
|
|
|
# If you want to enable a provider network instead of the default private
|
|
# network after your DevStack environment installation, you *must* set
|
|
# the Q_USE_PROVIDER_NETWORKING to True, and also give FIXED_RANGE,
|
|
# NETWORK_GATEWAY and ALLOCATION_POOL option to the correct value that can
|
|
# be used in your environment. Specifying Q_AGENT is needed to allow devstack
|
|
# to run various "ip link set" and "ovs-vsctl" commands for the provider
|
|
# network setup.
|
|
#Q_AGENT=openvswitch
|
|
#Q_USE_PROVIDER_NETWORKING=True
|
|
#PHYSICAL_NETWORK=providernet
|
|
#PROVIDER_NETWORK_TYPE=flat
|
|
#PUBLIC_INTERFACE=<public interface>
|
|
#OVS_PHYSICAL_BRIDGE=br-provider
|
|
#PROVIDER_SUBNET_NAME=provider-subnet
|
|
|
|
# If the admin wants to enable this chassis to host gateway routers for
|
|
# external connectivity, then set ENABLE_CHASSIS_AS_GW to True.
|
|
# Then devstack will set ovn-cms-options with enable-chassis-as-gw
|
|
# in Open_vSwitch table's external_ids column.
|
|
# If this option is not set on any chassis, all the of them with bridge
|
|
# mappings configured will be eligible to host a gateway.
|
|
ENABLE_CHASSIS_AS_GW=True
|
|
|
|
# use the following for IPv4
|
|
#IP_VERSION=4
|
|
#FIXED_RANGE=<CIDR for the Provider Network>
|
|
#NETWORK_GATEWAY=<Provider Network Gateway>
|
|
#ALLOCATION_POOL=<Provider Network Allocation Pool>
|
|
# use the following for IPv4+IPv6
|
|
#IP_VERSION=4+6
|
|
#FIXED_RANGE=<CIDR for the Provider Network>
|
|
#NETWORK_GATEWAY=<Provider Network Gateway>
|
|
#ALLOCATION_POOL=<Provider Network Allocation Pool>
|
|
# IPV6_PROVIDER_FIXED_RANGE=<v6 CDIR for the Provider Network>
|
|
# IPV6_PROVIDER_NETWORK_GATEWAY=<v6 Gateway for the Provider Network>
|
|
|
|
# If you wish to use the provider network for public access to the cloud,
|
|
# set the following
|
|
#Q_USE_PROVIDERNET_FOR_PUBLIC=True
|
|
#PUBLIC_NETWORK_NAME=<Provider network name>
|
|
#PUBLIC_NETWORK_GATEWAY=<Provider network gateway>
|
|
#PUBLIC_PHYSICAL_NETWORK=<Provider network name>
|
|
#IP_VERSION=4
|
|
#PUBLIC_SUBNET_NAME=<provider subnet name>
|
|
#Q_FLOATING_ALLOCATION_POOL=<Provider Network Allocation Pool>
|
|
#FLOATING_RANGE=<CIDR for the Provider Network>
|
|
|
|
# NOTE: DO NOT MOVE THESE SECTIONS FROM THE END OF THIS FILE
|
|
# IF YOU DO, THEY WON'T WORK!!!!!
|
|
#
|
|
|
|
# Enable Nova automatic host discovery for cell every 2 seconds
|
|
# Only needed in case of multinode devstack, as otherwise there will be issues
|
|
# when the 2nd compute node goes online.
|
|
|
|
# The next line is used to insert extra configuration here from the vagrant
|
|
# script, please don't modify or remove, keep it before any post-config items
|
|
#EXTRA_CONFIG
|
|
|
|
[[post-config|$NOVA_CONF]]
|
|
[scheduler]
|
|
discover_hosts_in_cells_interval = 2
|