openstack-manuals/doc/config-reference/conf-changes/neutron.xml
Gauvain Pocentek f2f3d99f92 [config-ref] Reorganise conf-changes tables
Move the *conf-changes.xml tables in their own directory.

Closes-Bug: #1474544

Change-Id: Ic306df5de6cac6427d6fab6ebbbd964fdba81f2f
2015-07-19 12:21:24 +02:00

915 lines
37 KiB
XML

<?xml version='1.0' encoding='UTF-8'?>
<section xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="neutron-conf-changes-kilo">
<!-- Warning: Do not edit this file. It is automatically generated and your changes will be overwritten. The tool to do so lives in the openstack-doc-tools repository. -->
<title>New, updated and deprecated options in Kilo for OpenStack Networking</title>
<table>
<caption>New options</caption>
<col width="50%"/>
<col width="50%"/>
<thead>
<tr>
<td>Option = default value</td>
<td>(Type) Help string</td>
</tr>
</thead>
<tr>
<td>[DEFAULT] advertise_mtu = False</td>
<td>(BoolOpt) If True, effort is made to advertise MTU settings to VMs via network methods (DHCP and RA MTU options) when the network's preferred MTU is known.</td>
</tr>
<tr>
<td>[DEFAULT] allow_automatic_dhcp_failover = True</td>
<td>(BoolOpt) Automatically remove networks from offline DHCP agents.</td>
</tr>
<tr>
<td>[DEFAULT] conn_idle_timeout = 900</td>
<td>(IntOpt) Reconnect connection to nsx if not used within this amount of time.</td>
</tr>
<tr>
<td>[DEFAULT] default_ipv4_subnet_pool = None</td>
<td>(StrOpt) Default IPv4 subnet-pool to be used for automatic subnet CIDR allocation</td>
</tr>
<tr>
<td>[DEFAULT] default_ipv6_subnet_pool = None</td>
<td>(StrOpt) Default IPv6 subnet-pool to be used for automatic subnet CIDR allocation</td>
</tr>
<tr>
<td>[DEFAULT] dhcp_broadcast_reply = False</td>
<td>(BoolOpt) Use broadcast in DHCP replies</td>
</tr>
<tr>
<td>[DEFAULT] dhcp_load_type = networks</td>
<td>(StrOpt) Representing the resource type whose load is being reported by the agent. This can be "networks", "subnets" or "ports". When specified (Default is networks), the server will extract particular load sent as part of its agent configuration object from the agent report state, which is the number of resources being consumed, at every report_interval.dhcp_load_type can be used in combination with network_scheduler_driver = neutron.scheduler.dhcp_agent_scheduler.WeightScheduler When the network_scheduler_driver is WeightScheduler, dhcp_load_type can be configured to represent the choice for the resource being balanced. Example: dhcp_load_type=networks</td>
</tr>
<tr>
<td>[DEFAULT] enable_services_on_agents_with_admin_state_down = False</td>
<td>(BoolOpt) Enable services on an agent with admin_state_up False. If this option is False, when admin_state_up of an agent is turned False, services on it will be disabled. Agents with admin_state_up False are not selected for automatic scheduling regardless of this option. But manual scheduling to such agents is available if this option is True.</td>
</tr>
<tr>
<td>[DEFAULT] external_ingress_mark = 0x2</td>
<td>(StrOpt) Iptables mangle mark used to mark ingress from external network</td>
</tr>
<tr>
<td>[DEFAULT] ipv6_gateway = </td>
<td>(StrOpt) With IPv6, the network used for the external gateway does not need to have an associated subnet, since the automatically assigned link-local address (LLA) can be used. However, an IPv6 gateway address is needed for use as the next-hop for the default route. If no IPv6 gateway address is configured here, (and only then) the neutron router will be configured to get its default route from router advertisements (RAs) from the upstream router; in which case the upstream router must also be configured to send these RAs. The ipv6_gateway, when configured, should be the LLA of the interface on the upstream router. If a next-hop using a global unique address (GUA) is desired, it needs to be done via a subnet allocated to the network and not through this parameter.</td>
</tr>
<tr>
<td>[DEFAULT] log-config-append = None</td>
<td>(StrOpt) The name of a logging configuration file. This file is appended to any existing logging configuration files. For details about logging configuration files, see the Python logging module documentation.</td>
</tr>
<tr>
<td>[DEFAULT] log-date-format = %Y-%m-%d %H:%M:%S</td>
<td>(StrOpt) Format string for %%(asctime)s in log records. Default: %(default)s .</td>
</tr>
<tr>
<td>[DEFAULT] log-dir = None</td>
<td>(StrOpt) (Optional) The base directory used for relative --log-file paths.</td>
</tr>
<tr>
<td>[DEFAULT] log-file = None</td>
<td>(StrOpt) (Optional) Name of log file to output to. If no default is set, logging will go to stdout.</td>
</tr>
<tr>
<td>[DEFAULT] log-format = None</td>
<td>(StrOpt) DEPRECATED. A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes. This option is deprecated. Please use logging_context_format_string and logging_default_format_string instead.</td>
</tr>
<tr>
<td>[DEFAULT] metadata_access_mark = 0x1</td>
<td>(StrOpt) Iptables mangle mark used to mark metadata valid requests</td>
</tr>
<tr>
<td>[DEFAULT] metadata_proxy_group = </td>
<td>(StrOpt) Group (gid or name) running metadata proxy after its initialization (if empty: agent effective group).</td>
</tr>
<tr>
<td>[DEFAULT] metadata_proxy_socket_mode = deduce</td>
<td>(StrOpt) Metadata Proxy UNIX domain socket mode, 3 values allowed: 'deduce': deduce mode from metadata_proxy_user/group values, 'user': set metadata proxy socket mode to 0o644, to use when metadata_proxy_user is agent effective user or root, 'group': set metadata proxy socket mode to 0o664, to use when metadata_proxy_group is agent effective group or root, 'all': set metadata proxy socket mode to 0o666, to use otherwise.</td>
</tr>
<tr>
<td>[DEFAULT] metadata_proxy_user = </td>
<td>(StrOpt) User (uid or name) running metadata proxy after its initialization (if empty: agent effective user).</td>
</tr>
<tr>
<td>[DEFAULT] metadata_proxy_watch_log = None</td>
<td>(BoolOpt) Enable/Disable log watch by metadata proxy. It should be disabled when metadata_proxy_user/group is not allowed to read/write its log file and copytruncate logrotate option must be used if logrotate is enabled on metadata proxy log files. Option default value is deduced from metadata_proxy_user: watch log is enabled if metadata_proxy_user is agent effective user id/name.</td>
</tr>
<tr>
<td>[DEFAULT] nova_admin_tenant_name = None</td>
<td>(StrOpt) The name of the admin nova tenant. Deprecated in favour of an auth plugin in [nova].</td>
</tr>
<tr>
<td>[DEFAULT] policy_default_rule = default</td>
<td>(StrOpt) Default rule. Enforced when a requested rule is not found.</td>
</tr>
<tr>
<td>[DEFAULT] policy_dirs = ['policy.d']</td>
<td>(MultiStrOpt) Directories where policy configuration files are stored. They can be relative to any directory in the search path defined by the config_dir option, or absolute paths. The file defined by policy_file must exist for these directories to be searched. Missing or empty directories are ignored.</td>
</tr>
<tr>
<td>[DEFAULT] syslog-log-facility = LOG_USER</td>
<td>(StrOpt) Syslog facility to receive log lines.</td>
</tr>
<tr>
<td>[DEFAULT] use-syslog = False</td>
<td>(BoolOpt) Use syslog for logging. Existing syslog format is DEPRECATED during I, and will change in J to honor RFC5424.</td>
</tr>
<tr>
<td>[DEFAULT] use-syslog-rfc-format = False</td>
<td>(BoolOpt) (Optional) Enables or disables syslog rfc5424 format for logging. If enabled, prefixes the MSG part of the syslog message with APP-NAME (RFC5424). The format without the APP-NAME is deprecated in I, and will be removed in J.</td>
</tr>
<tr>
<td>[DEFAULT] vlan_transparent = False</td>
<td>(BoolOpt) If True, then allow plugins that support it to create VLAN transparent networks.</td>
</tr>
<tr>
<td>[AGENT] check_child_processes_action = respawn</td>
<td>(StrOpt) Action to be executed when a child process dies</td>
</tr>
<tr>
<td>[AGENT] check_child_processes_interval = 60</td>
<td>(IntOpt) Interval between checks of child process liveness (seconds), use 0 to disable</td>
</tr>
<tr>
<td>[AGENT] comment_iptables_rules = True</td>
<td>(BoolOpt) Add comments to iptables rules.</td>
</tr>
<tr>
<td>[AGENT] prevent_arp_spoofing = False</td>
<td>(BoolOpt) Enable suppression of ARP responses that don't match an IP address that belongs to the port from which they originate. Note: This prevents the VMs attached to this agent from spoofing, it doesn't protect them from other devices which have the capability to spoof (e.g. bare metal or VMs attached to agents without this flag set to True). Spoofing rules will not be added to any ports that have port security disabled. This requires a version of OVS that supports matching ARP headers.</td>
</tr>
<tr>
<td>[AGENT] root_helper_daemon = None</td>
<td>(StrOpt) Root helper daemon application to use when possible.</td>
</tr>
<tr>
<td>[AGENT] use_helper_for_ns_read = True</td>
<td>(BoolOpt) Use the root helper to read the namespaces from the operating system.</td>
</tr>
<tr>
<td>[MIDONET] client = midonet.neutron.client.api.MidonetApiClient</td>
<td>(StrOpt) MidoNet client used to access MidoNet data storage.</td>
</tr>
<tr>
<td>[MIDONET] cluster_ip = localhost</td>
<td>(StrOpt) IP that the cluster service can be reached on</td>
</tr>
<tr>
<td>[MIDONET] cluster_port = 8088</td>
<td>(StrOpt) Port that the cluster service can be reached on</td>
</tr>
<tr>
<td>[MIDONET] tunnel_protocol = vxlan</td>
<td>(StrOpt) Tunnel protocol used by Midonet</td>
</tr>
<tr>
<td>[OFC] support_packet_filter_on_ofc_router = True</td>
<td>(BoolOpt) Support packet filter on OFC router interface.</td>
</tr>
<tr>
<td>[OVSVAPP] agent_driver = networking_vsphere.agent.ovsvapp_agent.OVSvAppL2Agent</td>
<td>(StrOpt) OVSvApp Agent implementation.</td>
</tr>
<tr>
<td>[OVSVAPP] agent_maintenance = False</td>
<td>(BoolOpt) Turn on this flag during agent updates to help prevent datapath outage.</td>
</tr>
<tr>
<td>[OVSVAPP] bridge_mappings = </td>
<td>(ListOpt) Bridge mappings.</td>
</tr>
<tr>
<td>[OVSVAPP] dont_fragment = True</td>
<td>(IntOpt) Do not fragment.</td>
</tr>
<tr>
<td>[OVSVAPP] integration_bridge = br-int</td>
<td>(StrOpt) Integration Bridge.</td>
</tr>
<tr>
<td>[OVSVAPP] local_ip = </td>
<td>(StrOpt) Local IP address of VXLAN tunnel endpoint.</td>
</tr>
<tr>
<td>[OVSVAPP] network_manager = networking_vsphere.drivers.manager.VcenterManager</td>
<td>(StrOpt) Driver Manager implementation for NetworkDriver.</td>
</tr>
<tr>
<td>[OVSVAPP] polling_interval = 2</td>
<td>(IntOpt) The number of seconds the agent will wait between polling for local device changes.</td>
</tr>
<tr>
<td>[OVSVAPP] report_interval = 4</td>
<td>(IntOpt) Seconds between nodes reporting state to server.</td>
</tr>
<tr>
<td>[OVSVAPP] tenant_network_type = vlan</td>
<td>(StrOpt) Network type for tenant networks</td>
</tr>
<tr>
<td>[OVSVAPP] tunnel_bridge = br-tun</td>
<td>(StrOpt) Tunnel Bridge for tunneling.</td>
</tr>
<tr>
<td>[OVSVAPP] tunnel_types = vxlan</td>
<td>(ListOpt) Tunnel network types supported by the OVSvApp Agent.</td>
</tr>
<tr>
<td>[OVSVAPP] veth_mtu = 1500</td>
<td>(IntOpt) MTU size of veth interfaces.</td>
</tr>
<tr>
<td>[OVSVAPP] vxlan_udp_port = 4789</td>
<td>(IntOpt) The UDP port to use for VXLAN tunnels.</td>
</tr>
<tr>
<td>[SECURITYGROUP] defer_apply = True</td>
<td>(BoolOpt) Enable defer_apply on security bridge.</td>
</tr>
<tr>
<td>[SECURITYGROUP] ovsvapp_firewall_driver = networking_vsphere.drivers.ovs_firewall.OVSFirewallDriver</td>
<td>(StrOpt) DriverManager implementation for OVS based Firewall.</td>
</tr>
<tr>
<td>[SECURITYGROUP] security_bridge_mapping = br-sec</td>
<td>(StrOpt) &lt;security_bridge&gt;:&lt;phy_interface&gt;</td>
</tr>
<tr>
<td>[VMWARE] cert_check = False</td>
<td>(BoolOpt) Enable SSL certificate check for vCenter.</td>
</tr>
<tr>
<td>[VMWARE] cert_path = /etc/ssl/certs/certs.pem</td>
<td>(StrOpt) Certificate chain path containing cacert of vCenters.</td>
</tr>
<tr>
<td>[VMWARE] cluster_dvs_mapping = ['']</td>
<td>(MultiStrOpt) vCenter cluster to DVS mapping.</td>
</tr>
<tr>
<td>[VMWARE] esx_hostname = None</td>
<td>(StrOpt) ESX host name where this OVSvApp is hosted.</td>
</tr>
<tr>
<td>[VMWARE] esx_maintenance_mode = True</td>
<td>(BoolOpt) Set host into maintenance mode.</td>
</tr>
<tr>
<td>[VMWARE] https_port = 443</td>
<td>(IntOpt) Customized https_port for vCenter communication.</td>
</tr>
<tr>
<td>[VMWARE] vcenter_api_retry_count = 5</td>
<td>(StrOpt) Number of retries while connecting to vcenter server.</td>
</tr>
<tr>
<td>[VMWARE] vcenter_id = None</td>
<td>(StrOpt) Unique ID of the vCenter Server on which this OVSvApp ishosted</td>
</tr>
<tr>
<td>[VMWARE] vcenter_ip = None</td>
<td>(StrOpt) vCenter server IP.</td>
</tr>
<tr>
<td>[VMWARE] vcenter_password = None</td>
<td>(StrOpt) vCenter server password.</td>
</tr>
<tr>
<td>[VMWARE] vcenter_username = None</td>
<td>(StrOpt) vCenter server user name.</td>
</tr>
<tr>
<td>[VMWARE] wsdl_location = None</td>
<td>(StrOpt) vCenter server wsdl location.</td>
</tr>
<tr>
<td>[VROUTER] flavor = 2</td>
<td>(StrOpt) Nova VM flavor for instances of Vyatta vRouter.</td>
</tr>
<tr>
<td>[VROUTER] image_id = None</td>
<td>(StrOpt) Nova image id for instances of Vyatta vRouter.</td>
</tr>
<tr>
<td>[VROUTER] keystone_url = None</td>
<td>(StrOpt) Keystone URL.</td>
</tr>
<tr>
<td>[VROUTER] management_network_id = None</td>
<td>(StrOpt) Vyatta vRouter management network id.</td>
</tr>
<tr>
<td>[VROUTER] nova_poll_interval = 5</td>
<td>(IntOpt) Number of seconds between consecutive Nova queries when waiting for router instance status change.</td>
</tr>
<tr>
<td>[VROUTER] nova_spawn_timeout = 300</td>
<td>(IntOpt) Number of seconds to wait for Nova to activate instance before setting resource to error state.</td>
</tr>
<tr>
<td>[VROUTER] tenant_admin_name = None</td>
<td>(StrOpt) Name of tenant admin user.</td>
</tr>
<tr>
<td>[VROUTER] tenant_admin_password = None</td>
<td>(StrOpt) Tenant admin password.</td>
</tr>
<tr>
<td>[VROUTER] tenant_id = None</td>
<td>(StrOpt) UUID of tenant that holds Vyatta vRouter instances.</td>
</tr>
<tr>
<td>[VROUTER] vrouter_boot_timeout = 300</td>
<td>(IntOpt) Number of seconds to wait for Vyatta vRouter to boot before setting resource to error state.</td>
</tr>
<tr>
<td>[VROUTER] vrouter_credentials = vyatta:vyatta</td>
<td>(StrOpt) Vyatta vRouter login credentials</td>
</tr>
<tr>
<td>[VROUTER] vrouter_poll_interval = 5</td>
<td>(IntOpt) Number of seconds between consecutive Vyatta vRouter queries when waiting for router instance boot.</td>
</tr>
<tr>
<td>[l3_brocade_mlx] switch_names = </td>
<td>(StrOpt) Switches connected to the compute nodes</td>
</tr>
<tr>
<td>[ml2] path_mtu = 0</td>
<td>(IntOpt) The maximum permissible size of an unfragmented packet travelling from and to addresses where encapsulated Neutron traffic is sent. If &lt;= 0, the path MTU is indeterminate.</td>
</tr>
<tr>
<td>[ml2] physical_network_mtus = </td>
<td>(ListOpt) A list of mappings of physical networks to MTU values. The format of the mapping is &lt;physnet&gt;:&lt;mtu val&gt;. This mapping allows specifying a physical network MTU value that differs from the default segment_mtu value.</td>
</tr>
<tr>
<td>[ml2] segment_mtu = 0</td>
<td>(IntOpt) The maximum permissible size of an unfragmented packet travelling a L2 network segment. If &lt;= 0, the segment MTU is indeterminate.</td>
</tr>
<tr>
<td>[ml2_brocade] rbridge_id = 1</td>
<td>(StrOpt) Rbridge id of provider edge router(s)</td>
</tr>
<tr>
<td>[ml2_brocade_fi_ni] switch_names = </td>
<td>(StrOpt) Switches connected to the compute nodes</td>
</tr>
<tr>
<td>[ml2_cisco] host_key_checks = False</td>
<td>(BoolOpt) Enable strict host key checks when connecting to Nexus switches</td>
</tr>
<tr>
<td>[ml2_cisco] persistent_switch_config = False</td>
<td>(BoolOpt) To make Nexus configuration persistent</td>
</tr>
<tr>
<td>[ml2_cisco] provider_vlan_auto_create = True</td>
<td>(BoolOpt) Provider VLANs are automatically created as needed on the Nexus switch</td>
</tr>
<tr>
<td>[ml2_cisco] provider_vlan_auto_trunk = True</td>
<td>(BoolOpt) Provider VLANs are automatically trunked as needed on the ports of the Nexus switch</td>
</tr>
<tr>
<td>[ml2_cisco] provider_vlan_name_prefix = p-</td>
<td>(StrOpt) VLAN Name prefix for provider vlans</td>
</tr>
<tr>
<td>[ml2_cisco] switch_heartbeat_time = 0</td>
<td>(IntOpt) Periodic time to check switch connection. (0=disabled)</td>
</tr>
<tr>
<td>[ml2_cisco] switch_replay_count = 3</td>
<td>(IntOpt) Number of times to attempt config replay with switch.</td>
</tr>
<tr>
<td>[ml2_cisco] vxlan_global_config = False</td>
<td>(BoolOpt) Create and delete Nexus switch VXLAN global settings; feature nv overlay, feature vn-segment-vlan-based, interface nve + source-interface loopback</td>
</tr>
<tr>
<td>[ml2_cisco_n1kv] default_policy_profile = default-pp</td>
<td>(StrOpt) Cisco Nexus1000V default policy profile.</td>
</tr>
<tr>
<td>[ml2_cisco_n1kv] default_vlan_network_profile = default-vlan-np</td>
<td>(StrOpt) Cisco Nexus1000V default network profile for VLAN networks.</td>
</tr>
<tr>
<td>[ml2_cisco_n1kv] default_vxlan_network_profile = default-vxlan-np</td>
<td>(StrOpt) Cisco Nexus1000V default network profile for VXLAN networks.</td>
</tr>
<tr>
<td>[ml2_cisco_n1kv] http_pool_size = 4</td>
<td>(IntOpt) Number of threads to use to make HTTP requests.</td>
</tr>
<tr>
<td>[ml2_cisco_n1kv] http_timeout = 15</td>
<td>(IntOpt) HTTP timeout, in seconds, for connections to the Cisco Nexus1000V VSMs.</td>
</tr>
<tr>
<td>[ml2_cisco_n1kv] n1kv_vsm_ips = None</td>
<td>(ListOpt) Comma Separated IP Addresses of the Cisco Nexus1000V VSMs.</td>
</tr>
<tr>
<td>[ml2_cisco_n1kv] password = None</td>
<td>(StrOpt) Password for all configured Cisco Nexus1000V VSMs.</td>
</tr>
<tr>
<td>[ml2_cisco_n1kv] poll_duration = 60</td>
<td>(IntOpt) Cisco Nexus1000V policy profile polling duration in seconds.</td>
</tr>
<tr>
<td>[ml2_cisco_n1kv] restrict_policy_profiles = False</td>
<td>(BoolOpt) Restrict the visibility of policy profiles to the tenants.</td>
</tr>
<tr>
<td>[ml2_cisco_n1kv] sync_interval = 300</td>
<td>(IntOpt) Time interval between consecutive neutron-VSM syncs.</td>
</tr>
<tr>
<td>[ml2_cisco_n1kv] username = None</td>
<td>(StrOpt) Username for all configured Cisco Nexus1000V VSMs.</td>
</tr>
<tr>
<td>[ml2_cisco_ucsm] supported_pci_devs = 1137:0071, 8086:10c9</td>
<td>(ListOpt) List of comma separated vendor_id:product_id of SR_IOV capable devices supported by this MD. This MD supports both VM-FEX and SR-IOV devices.</td>
</tr>
<tr>
<td>[ml2_cisco_ucsm] ucsm_host_list = None</td>
<td>(ListOpt) List of comma separated Host:Service Profile tuples providing the Service Profile associated with each Host to be supported by this MD.</td>
</tr>
<tr>
<td>[ml2_cisco_ucsm] ucsm_ip = None</td>
<td>(StrOpt) Cisco UCS Manager IP address. This is a required field to communicate with a Cisco UCS Manager.</td>
</tr>
<tr>
<td>[ml2_cisco_ucsm] ucsm_password = None</td>
<td>(StrOpt) Password for UCS Manager. This is a required field to communicate with a Cisco UCS Manager.</td>
</tr>
<tr>
<td>[ml2_cisco_ucsm] ucsm_username = None</td>
<td>(StrOpt) Username for UCS Manager. This is a required field to communicate with a Cisco UCS Manager.</td>
</tr>
<tr>
<td>[nova] auth_plugin = None</td>
<td>(StrOpt) Name of the plugin to load</td>
</tr>
<tr>
<td>[nova] auth_section = None</td>
<td>(StrOpt) Config Section from which to load plugin specific options</td>
</tr>
<tr>
<td>[nova] cafile = None</td>
<td>(StrOpt) PEM encoded Certificate Authority to use when verifying HTTPs connections.</td>
</tr>
<tr>
<td>[nova] certfile = None</td>
<td>(StrOpt) PEM encoded client certificate cert file</td>
</tr>
<tr>
<td>[nova] insecure = False</td>
<td>(BoolOpt) Verify HTTPS connections.</td>
</tr>
<tr>
<td>[nova] keyfile = None</td>
<td>(StrOpt) PEM encoded client certificate key file</td>
</tr>
<tr>
<td>[nova] region_name = None</td>
<td>(StrOpt) Name of nova region to use. Useful if keystone manages more than one region.</td>
</tr>
<tr>
<td>[nova] timeout = None</td>
<td>(IntOpt) Timeout value for http requests</td>
</tr>
<tr>
<td>[nsx_v3] default_edge_cluster_uuid = None</td>
<td>(StrOpt) Default edge cluster identifier</td>
</tr>
<tr>
<td>[nsxv] backup_edge_pool = service:large:4:10, service:compact:4:10, vdr:large:4:10</td>
<td>(ListOpt) Defines edge pool using the format: &lt;edge_type&gt;:[edge_size]:&lt;min_edges&gt;:&lt;max_edges&gt;.edge_type: service,vdr. edge_size: compact, large, xlarge, quadlarge and default is large.</td>
</tr>
<tr>
<td>[nsxv] cluster_moid = </td>
<td>(ListOpt) Parameter listing the IDs of the clusters which are used by OpenStack.</td>
</tr>
<tr>
<td>[nsxv] datacenter_moid = None</td>
<td>(StrOpt) Optional parameter identifying the ID of datacenter to deploy NSX Edges</td>
</tr>
<tr>
<td>[nsxv] datastore_id = None</td>
<td>(StrOpt) Optional parameter identifying the ID of datastore to deploy NSX Edges</td>
</tr>
<tr>
<td>[nsxv] deployment_container_id = None</td>
<td>(StrOpt) Optional parameter identifying the ID of datastore to deploy NSX Edges</td>
</tr>
<tr>
<td>[nsxv] dvs_id = None</td>
<td>(StrOpt) DVS ID for VLANs</td>
</tr>
<tr>
<td>[nsxv] external_network = None</td>
<td>(StrOpt) Network ID for physical network connectivity</td>
</tr>
<tr>
<td>[nsxv] manager_uri = None</td>
<td>(StrOpt) uri for vsm</td>
</tr>
<tr>
<td>[nsxv] maximum_tunnels_per_vnic = 20</td>
<td>(IntOpt) Maximum number of sub interfaces supported per vnic in edge. The value should be in 1-110.</td>
</tr>
<tr>
<td>[nsxv] metadata_shared_secret = None</td>
<td>(StrOpt) Shared secret to sign metadata requests</td>
</tr>
<tr>
<td>[nsxv] mgt_net_default_gateway = None</td>
<td>(StrOpt) Management network default gateway for metadata proxy</td>
</tr>
<tr>
<td>[nsxv] mgt_net_moid = None</td>
<td>(StrOpt) Network ID for management network connectivity</td>
</tr>
<tr>
<td>[nsxv] mgt_net_proxy_ips = None</td>
<td>(ListOpt) Management network IP address for metadata proxy</td>
</tr>
<tr>
<td>[nsxv] mgt_net_proxy_netmask = None</td>
<td>(StrOpt) Management network netmask for metadata proxy</td>
</tr>
<tr>
<td>[nsxv] nova_metadata_ips = None</td>
<td>(ListOpt) IP addresses used by Nova metadata service</td>
</tr>
<tr>
<td>[nsxv] nova_metadata_port = 8775</td>
<td>(IntOpt) TCP Port used by Nova metadata server</td>
</tr>
<tr>
<td>[nsxv] password = default</td>
<td>(StrOpt) Password for vsm</td>
</tr>
<tr>
<td>[nsxv] resource_pool_id = None</td>
<td>(StrOpt) Optional parameter identifying the ID of resource to deploy NSX Edges</td>
</tr>
<tr>
<td>[nsxv] retries = 10</td>
<td>(IntOpt) Maximum number of API retries on endpoint.</td>
</tr>
<tr>
<td>[nsxv] spoofguard_enabled = True</td>
<td>(BoolOpt) If True then plugin will use NSXV spoofguard component for port-security feature.</td>
</tr>
<tr>
<td>[nsxv] task_status_check_interval = 2000</td>
<td>(IntOpt) Task status check interval</td>
</tr>
<tr>
<td>[nsxv] tenant_router_types = shared, distributed, exclusive</td>
<td>(ListOpt) Ordered list of router_types to allocate as tenant routers.</td>
</tr>
<tr>
<td>[nsxv] user = admin</td>
<td>(StrOpt) User name for vsm</td>
</tr>
<tr>
<td>[nsxv] vdn_scope_id = None</td>
<td>(StrOpt) Network scope ID for VXLAN virtual wires</td>
</tr>
<tr>
<td>[oslo_concurrency] disable_process_locking = False</td>
<td>(BoolOpt) Enables or disables inter-process locks.</td>
</tr>
<tr>
<td>[oslo_concurrency] lock_path = None</td>
<td>(StrOpt) Directory to use for lock files. For security, the specified directory should only be writable by the user running the processes that need locking. Defaults to environment variable OSLO_LOCK_PATH. If external locks are used, a lock path must be set.</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] allow_insecure_clients = False</td>
<td>(BoolOpt) Accept clients using either SSL or plain TCP</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] broadcast_prefix = broadcast</td>
<td>(StrOpt) address prefix used when broadcasting to all servers</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] container_name = None</td>
<td>(StrOpt) Name for the AMQP container</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] group_request_prefix = unicast</td>
<td>(StrOpt) address prefix when sending to any server in group</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] idle_timeout = 0</td>
<td>(IntOpt) Timeout for inactive connections (in seconds)</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] server_request_prefix = exclusive</td>
<td>(StrOpt) address prefix used when sending to a specific server</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_ca_file = </td>
<td>(StrOpt) CA certificate PEM file to verify server certificate</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_cert_file = </td>
<td>(StrOpt) Identifying certificate PEM file to present to clients</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_key_file = </td>
<td>(StrOpt) Private key PEM file used to sign cert_file certificate</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_key_password = None</td>
<td>(StrOpt) Password for decrypting ssl_key_file (if encrypted)</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] trace = False</td>
<td>(BoolOpt) Debug: dump AMQP frames to stdout</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] amqp_auto_delete = False</td>
<td>(BoolOpt) Auto-delete queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] amqp_durable_queues = False</td>
<td>(BoolOpt) Use durable queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_heartbeat = 60</td>
<td>(IntOpt) Seconds between connection keepalive heartbeats.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_hostname = localhost</td>
<td>(StrOpt) Qpid broker hostname.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_hosts = $qpid_hostname:$qpid_port</td>
<td>(ListOpt) Qpid HA cluster host:port pairs.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_password = </td>
<td>(StrOpt) Password for Qpid connection.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_port = 5672</td>
<td>(IntOpt) Qpid broker port.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_protocol = tcp</td>
<td>(StrOpt) Transport to use, either 'tcp' or 'ssl'.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_receiver_capacity = 1</td>
<td>(IntOpt) The number of prefetched messages held by receiver.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_sasl_mechanisms = </td>
<td>(StrOpt) Space separated list of SASL mechanisms to use for auth.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_tcp_nodelay = True</td>
<td>(BoolOpt) Whether to disable the Nagle algorithm.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_topology_version = 1</td>
<td>(IntOpt) The qpid topology version to use. Version 1 is what was originally used by impl_qpid. Version 2 includes some backwards-incompatible changes that allow broker federation to work. Users should update to version 2 when they are able to take everything down, as it requires a clean break.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_username = </td>
<td>(StrOpt) Username for Qpid connection.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] rpc_conn_pool_size = 30</td>
<td>(IntOpt) Size of RPC connection pool.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] amqp_auto_delete = False</td>
<td>(BoolOpt) Auto-delete queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] amqp_durable_queues = False</td>
<td>(BoolOpt) Use durable queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] fake_rabbit = False</td>
<td>(BoolOpt) Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_rate = 2</td>
<td>(IntOpt) How often times during the heartbeat_timeout_threshold we check the heartbeat.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_timeout_threshold = 0</td>
<td>(IntOpt) Number of seconds after which the Rabbit broker is considered down if heartbeat's keep-alive fails (0 disables the heartbeat, &gt;0 enables it. Enabling heartbeats requires kombu&gt;=3.0.7 and amqp&gt;=1.4.0). EXPERIMENTAL</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_reconnect_delay = 1.0</td>
<td>(FloatOpt) How long to wait before reconnecting in response to an AMQP consumer cancel notification.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_ca_certs = </td>
<td>(StrOpt) SSL certification authority file (valid only if SSL enabled).</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_certfile = </td>
<td>(StrOpt) SSL cert file (valid only if SSL enabled).</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_keyfile = </td>
<td>(StrOpt) SSL key file (valid only if SSL enabled).</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_version = </td>
<td>(StrOpt) SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some distributions.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_ha_queues = False</td>
<td>(BoolOpt) Use HA queues in RabbitMQ (x-ha-policy: all). If you change this option, you must wipe the RabbitMQ database.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_host = localhost</td>
<td>(StrOpt) The RabbitMQ broker address where a single node is used.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_hosts = $rabbit_host:$rabbit_port</td>
<td>(ListOpt) RabbitMQ HA cluster host:port pairs.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_login_method = AMQPLAIN</td>
<td>(StrOpt) The RabbitMQ login method.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_max_retries = 0</td>
<td>(IntOpt) Maximum number of RabbitMQ connection retries. Default is 0 (infinite retry count).</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_password = guest</td>
<td>(StrOpt) The RabbitMQ password.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_port = 5672</td>
<td>(IntOpt) The RabbitMQ broker port where a single node is used.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_retry_backoff = 2</td>
<td>(IntOpt) How long to backoff for between retries when connecting to RabbitMQ.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_retry_interval = 1</td>
<td>(IntOpt) How frequently to retry connecting with RabbitMQ.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_use_ssl = False</td>
<td>(BoolOpt) Connect over SSL for RabbitMQ.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_userid = guest</td>
<td>(StrOpt) The RabbitMQ userid.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_virtual_host = /</td>
<td>(StrOpt) The RabbitMQ virtual host.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rpc_conn_pool_size = 30</td>
<td>(IntOpt) Size of RPC connection pool.</td>
</tr>
<tr>
<td>[oslo_middleware] max_request_body_size = 114688</td>
<td>(IntOpt) The maximum body size for each request, in bytes.</td>
</tr>
</table>
<table>
<caption>New default values</caption>
<col width="33%"/>
<col width="33%"/>
<col width="33%"/>
<thead>
<tr>
<td>Option</td>
<td>Previous default value</td>
<td>New default value</td>
</tr>
</thead>
<tr>
<td>[DEFAULT] default_log_levels</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN, websocket=WARN, requests.packages.urllib3.util.retry=WARN, urllib3.util.retry=WARN, keystonemiddleware=WARN, routes.middleware=WARN, stevedore=WARN</td>
</tr>
<tr>
<td>[DEFAULT] rpc_zmq_matchmaker</td>
<td>oslo.messaging._drivers.matchmaker.MatchMakerLocalhost</td>
<td>local</td>
</tr>
<tr>
<td>[CISCO_N1K] restrict_network_profiles</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[NOVA] vif_type</td>
<td>ovs</td>
<td>ivs</td>
</tr>
<tr>
<td>[OVS] local_ip</td>
<td></td>
<td>None</td>
</tr>
<tr>
<td>[OVS] ovsdb_interface</td>
<td>None</td>
<td>vsctl</td>
</tr>
<tr>
<td>[RESTPROXYAGENT] virtual_switch_type</td>
<td>ovs</td>
<td>ivs</td>
</tr>
<tr>
<td>[VXLAN] enable_vxlan</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[VXLAN] local_ip</td>
<td></td>
<td>None</td>
</tr>
<tr>
<td>[hosting_devices] csr1kv_cfgagent_router_driver</td>
<td>neutron.plugins.cisco.cfg_agent.device_drivers.csr1kv.csr1kv_routing_driver.CSR1kvRoutingDriver</td>
<td>networking_cisco.plugins.cisco.cfg_agent.device_drivers.csr1kv.csr1kv_routing_driver.CSR1kvRoutingDriver</td>
</tr>
<tr>
<td>[hosting_devices] csr1kv_device_driver</td>
<td>neutron.plugins.cisco.l3.hosting_device_drivers.csr1kv_hd_driver.CSR1kvHostingDeviceDriver</td>
<td>networking_cisco.plugins.cisco.l3.hosting_device_drivers.csr1kv_hd_driver.CSR1kvHostingDeviceDriver</td>
</tr>
<tr>
<td>[hosting_devices] csr1kv_plugging_driver</td>
<td>neutron.plugins.cisco.l3.plugging_drivers.n1kv_trunking_driver.N1kvTrunkingPlugDriver</td>
<td>networking_cisco.plugins.cisco.l3.plugging_drivers.n1kv_trunking_driver.N1kvTrunkingPlugDriver</td>
</tr>
<tr>
<td>[ml2_sriov] supported_pci_vendor_devs</td>
<td>15b3:1004, 8086:10c9</td>
<td>15b3:1004, 8086:10ca</td>
</tr>
<tr>
<td>[plumgriddirector] driver</td>
<td>neutron.plugins.plumgrid.drivers.plumlib.Plumlib</td>
<td>networking_plumgrid.neutron.plugins.drivers.plumlib.Plumlib</td>
</tr>
</table>
<table>
<caption>Deprecated options</caption>
<col width="50%"/>
<col width="50%"/>
<thead>
<tr>
<td>Deprecated option</td>
<td>New Option</td>
</tr>
</thead>
<tr>
<td>[DEFAULT] use-syslog</td>
<td>None</td>
</tr>
<tr>
<td>[DEFAULT] use_syslog</td>
<td>None</td>
</tr>
<tr>
<td>[DEFAULT] max_request_body_size</td>
<td>[oslo_middleware] max_request_body_size</td>
</tr>
<tr>
<td>[DEFAULT] nova_api_insecure</td>
<td>[nova] insecure</td>
</tr>
<tr>
<td>[DEFAULT] log-format</td>
<td>None</td>
</tr>
<tr>
<td>[DEFAULT] nova_ca_certificates_file</td>
<td>[nova] cafile</td>
</tr>
<tr>
<td>[DEFAULT] nova_region_name</td>
<td>[nova] region_name</td>
</tr>
<tr>
<td>[DEFAULT] log_format</td>
<td>None</td>
</tr>
</table>
</section>