55167764ae
re-run the tool with latest version. Closes-Bug: #1638004 Change-Id: I13a4e53c403e189839d04a0376bc0db1cf0ef049
25 KiB
| Configuration option = Default value | Description |
|---|---|
| [DEFAULT] | |
|
(Boolean) Determine whether to allow network traffic from same network. When set to true, hosts on the same subnet are not filtered and are allowed to pass all types of traffic between them. On a flat network, this allows all instances from all projects unfiltered communication. With VLAN networking, this allows access between instances within the same project. This option only applies when using the Possible values:
Interdependencies to other options:
|
|
(Boolean) Autoassigning floating IP to VM When set to True, floating IP is auto allocated and associated to the VM upon creation. |
|
(Integer) This option represents the number of IP addresses to reserve at the top of the address range for VPN clients. It also will be ignored if the configuration option for network_manager is not set to the default of 'nova.network.manager.VlanManager'. Possible values:
Related options:
|
|
(Integer) This option determines how many times nova-network will attempt to create a unique MAC address before giving up and raising a VirtualInterfaceMacAddressException error. Possible values:
Related options:
|
|
(String) Name of the network to be used to set access IPs for instances. If there are multiple IPs to choose from, an arbitrary one will be chosen. Possible values:
|
|
(String) Default pool for floating IPs. This option specifies the default floating IP pool for allocating floating IPs. While allocating a floating ip, users can optionally pass in the name of the pool they want to allocate from, otherwise it will be pulled from the default pool. If this option is not set, then 'nova' is used as default floating pool. Possible values:
|
defer_iptables_apply = False |
(Boolean) Whether to batch up the application of IPTables rules during a host restart and apply all at the end of the init phase. |
|
(String) This option allows you to specify the domain for the DHCP server. Possible values:
Related options:
|
|
(Integer) The lifetime of a DHCP lease, in seconds. The default is 86400 (one day). Possible values:
|
|
(String) The location of the binary nova-dhcpbridge. By default it is the binary named 'nova-dhcpbridge' that is installed with all the other nova binaries. Possible values:
|
|
(Multi-valued) This option is a list of full paths to one or more configuration files for dhcpbridge. In most cases the default path of '/etc/nova/nova-dhcpbridge.conf' should be sufficient, but if you have special needs for configuring dhcpbridge, you can change or add to this list. Possible values
|
|
(Multi-valued) Despite the singular form of the name of this option, it is actually a list of zero or more server addresses that dnsmasq will use for DNS nameservers. If this is not empty, dnsmasq will not read /etc/resolv.conf, but will only use the servers specified in this option. If the option use_network_dns_servers is True, the dns1 and dns2 servers from the network will be appended to this list, and will be used as DNS servers, too. Possible values:
Related options:
|
|
(Integer) This option determines the time, in seconds, to wait between refreshing DNS entries for the network. Possible values:
Related options:
|
|
(String) The path to the custom dnsmasq configuration file, if any. Possible values:
|
|
(Integer) This option determines the number of times to retry ebtables commands before giving up. The minimum number of retries is 1. Possible values:
Related options:
|
|
(Floating point) This option determines the time, in seconds, that the system will sleep in between ebtables retries. Note that each successive retry waits a multiple of this value, so for example, if this is set to the default of 1.0 seconds, and ebtables_exec_attempts is 4, after the first failure, the system will sleep for 1
Possible values:
Related options:
|
|
(String) Firewall driver to use with This option only applies when using the If unset (the default), this will default to the hypervisor-specified default driver. Possible values:
Interdependencies to other options:
|
|
(Integer) This is the number of seconds to wait before disassociating a deallocated fixed IP address. This is only used with the nova-network service, and has no effect when using neutron for networking. Possible values:
Related options:
|
flat_injected = False |
(Boolean) This option determines whether the network setup information is injected into the VM before it is booted. While it was originally designed to be used only by nova-network, it is also used by the vmware and xenapi virt drivers to control whether network information is injected into a VM. |
|
(String) This option is the name of the virtual interface of the VM on which the bridge will be built. While it was originally designed to be used only by nova-network, it is also used by libvirt for the bridge interface name. Possible values:
|
|
(String) This option determines the bridge used for simple network interfaces when no bridge is specified in the VM creation request. Please note that this option is only used when using nova-network instead of Neutron in your deployment. Possible values:
Related options:
|
|
(String) This is the address of the DNS server for a simple network. If this option is not specified, the default of '8.8.4.4' is used. Please note that this option is only used when using nova-network instead of Neutron in your deployment. Possible values:
Related options:
|
|
(String) Full class name for the DNS Manager for floating IPs. This option specifies the class of the driver that provides functionality to manage DNS entries associated with floating IPs. When a user adds a DNS entry for a specified domain to a floating IP, nova will add a DNS entry using the specified floating DNS driver. When a floating IP is deallocated, its DNS entry will automatically be deleted. Possible values:
|
|
(Boolean) When this option is True, a call is made to release the DHCP for the instance when that instance is terminated. Related options:
|
|
(Multi-valued) This is a list of zero or more IP ranges that traffic from the routing_source_ip will be SNATted to. If the list is empty, then no SNAT rules are created. Possible values:
Related options:
|
|
(Multi-valued) One or more interfaces that bridges can forward traffic to. If any of the items in this list is the special keyword 'all', then all traffic will be forwarded. Possible values:
|
|
(String) This is the default IPv4 gateway. It is used only in the testing suite. Please note that this option is only used when using nova-network instead of Neutron in your deployment. Possible values:
Related options:
|
injected_network_template =
$pybasedir/nova/virt/interfaces.template |
(String) Template file for injected network |
instance_dns_domain = |
(String) If specified, Nova checks if the availability_zone of every instance matches what the database says the availability_zone should be for the specified dns_domain. |
|
(String) Full class name for the DNS Manager for instance IPs. This option specifies the class of the driver that provides functionality to manage DNS entries for instances. On instance creation, nova will add DNS entries for the instance name and id, using the specified instance DNS driver and domain. On instance deletion, nova will remove the DNS entries. Possible values:
|
|
(String) This expression, if defined, will select any matching iptables rules and place them at the bottom when applying metadata changes to the rules. Possible values:
Related options:
|
|
(String) By default, packets that do not pass the firewall are DROPped. In many cases, though, an operator may find it more useful to change this from DROP to REJECT, so that the user issuing those packets may have a better idea as to what's going on, or LOGDROP in order to record the blocked traffic before DROPping. Possible values:
|
|
(String) This expression, if defined, will select any matching iptables rules and place them at the top when applying metadata changes to the rules. Possible values:
Related options:
|
|
(String) This option allows you to specify the L3 management library to be used. Possible values:
Related options:
|
|
(String) This is the class used as the ethernet device driver for linuxnet bridge operations. The default value should be all you need for most cases, but if you wish to use a customized class, set this option to the full dot-separated import path for that class. Possible values:
|
|
(String) The name of the Open vSwitch bridge that is used with linuxnet when connecting with Open vSwitch." Possible values:
|
multi_host = False |
(Boolean) Default value for multi_host in networks. Also, if set, some rpc network calls will be sent directly to host. |
|
(Integer) Number of times to retry network allocation. It is required to attempt network allocation retries if the virtual interface plug fails. Possible values:
|
network_driver =
nova.network.linux_net |
(String) Driver to use for network creation |
network_manager =
nova.network.manager.VlanManager |
(String) Full class name for the Manager for network |
|
(Integer) This option determines the number of addresses in each private subnet. Please note that this option is only used when using nova-network instead of Neutron in your deployment. Possible values:
Related options:
|
network_topic = network |
(String) The topic network nodes listen on |
|
(String) The location where the network configuration files will be kept. The default is the 'networks' directory off of the location where nova's Python module is installed. Possible values
|
|
(Integer) This option represents the number of networks to create if not explicitly specified when the network is created. The only time this is used is if a CIDR is specified, but an explicit network_size is not. In that case, the subnets are created by diving the IP address space of the CIDR by num_networks. The resulting subnet sizes cannot be larger than the configuration option network_size; in that event, they are reduced to network_size, and a warning is logged. Please note that this option is only used when using nova-network instead of Neutron in your deployment. Possible values:
Related options:
|
|
(Integer) This option represents the period of time, in seconds, that the ovs_vsctl calls will wait for a response from the database before timing out. A setting of 0 means that the utility should wait forever for a response. Possible values:
|
|
(String) This is the name of the network interface for public IP addresses. The default is 'eth0'. Possible values:
|
|
(String) This is the public IP address of the network host. It is used when creating a SNAT rule. Possible values:
Related options:
|
|
(Boolean) When True, when a device starts up, and upon binding floating IP addresses, arp messages will be sent to ensure that the arp caches on the compute hosts are up-to-date. Related options:
|
|
(Integer) When arp messages are configured to be sent, they will be sent with the count set to the value of this option. Of course, if this is set to zero, no arp messages will be sent. Possible values:
Related options:
|
|
(Boolean) DEPRECATED: THIS VALUE SHOULD BE SET WHEN CREATING THE NETWORK. If True in multi_host mode, all compute hosts share the same dhcp address. The same IP address used for DHCP will be added on each nova-network node which is only visible to the VMs on the same host. The use of this configuration has been deprecated and may be removed in any release after Mitaka. It is recommended that instead of relying on this option, an explicit value should be passed to 'create_networks()' as a keyword argument with the name 'share_address'. |
|
(Boolean) Determines whether unused gateway devices, both VLAN and bridge, are deleted if the network is in nova-network VLAN mode and is multi-hosted. Related options:
|
|
(Boolean) When this option is True, whenever a DNS entry must be updated, a fanout cast message is sent to all network hosts to update their DNS entries in multi-host mode. Related options:
|
|
(Boolean) When this option is set to True, the dns1 and dns2 servers for the network specified by the user on boot will be used for DNS, as well as any specified in the dns_server option. Related options:
|
use_neutron = False |
(Boolean) Whether to use Neutron or Nova Network as the back end for networking. Defaults to False (indicating Nova network).Set to True to use neutron. |
|
(Boolean) When True, the TenantNetworkController will query the Neutron API to get the default networks to use. Related options:
|
use_single_default_gateway = False |
(Boolean) When set to True, only the firt nic of a VM will get its default gateway from the DHCP server. |
|
(String) This option is the name of the virtual interface of the VM on which the VLAN bridge will be built. While it was originally designed to be used only by nova-network, it is also used by libvirt and xenapi for the bridge interface name. Please note that this setting will be ignored in nova-network if the configuration option for network_manager is not set to the default of 'nova.network.manager.VlanManager'. Possible values:
|
|
(Integer) This is the VLAN number used for private networks. Note that the when creating the networks, if the specified number has already been assigned, nova-network will increment this number until it finds an available VLAN. Please note that this option is only used when using nova-network instead of Neutron in your deployment. It also will be ignored if the configuration option for network_manager is not set to the default of 'nova.network.manager.VlanManager'. Possible values:
Related options:
|
| [libvirt] | |
remote_filesystem_transport = ssh |
(String) Use ssh or rsync transport for creating, copying, removing files on the remote host. |
| [os_vif_linux_bridge] | |
flat_interface = None |
(String) FlatDhcp will bridge into this interface if set |
forward_bridge_interface = ['all'] |
(Multi-valued) An interface that bridges can forward to. If this is set to all then all traffic will be forwarded. Can be specified multiple times. |
iptables_bottom_regex = |
(String) Regular expression to match the iptables rule that should always be on the bottom. |
iptables_drop_action = DROP |
(String) The table that iptables to jump to when a packet is to be dropped. |
iptables_top_regex = |
(String) Regular expression to match the iptables rule that should always be on the top. |
network_device_mtu = 1500 |
(Integer) MTU setting for network interface. |
use_ipv6 = False |
(Boolean) Use IPv6 |
vlan_interface = None |
(String) VLANs will bridge into this interface if set |
| [os_vif_ovs] | |
network_device_mtu = 1500 |
(Integer) MTU setting for network interface. |
ovs_vsctl_timeout = 120 |
(Integer) Amount of time, in seconds, that ovs_vsctl should wait for a response from the database. 0 is to wait forever. |
| [vif_plug_linux_bridge_privileged] | |
capabilities = [] |
(Unknown) List of Linux capabilities retained by the privsep daemon. |
group = None |
(String) Group that the privsep daemon should run as. |
helper_command = None |
(String) Command to invoke to start the privsep daemon if not using the "fork" method. If not specified, a default is generated using "sudo privsep-helper" and arguments designed to recreate the current configuration. This command must accept suitable --privsep_context and --privsep_sock_path arguments. |
user = None |
(String) User that the privsep daemon should run as. |
| [vif_plug_ovs_privileged] | |
capabilities = [] |
(Unknown) List of Linux capabilities retained by the privsep daemon. |
group = None |
(String) Group that the privsep daemon should run as. |
helper_command = None |
(String) Command to invoke to start the privsep daemon if not using the "fork" method. If not specified, a default is generated using "sudo privsep-helper" and arguments designed to recreate the current configuration. This command must accept suitable --privsep_context and --privsep_sock_path arguments. |
user = None |
(String) User that the privsep daemon should run as. |
| [vmware] | |
|
(String) This option specifies the physical ethernet adapter name for VLAN networking. Set the vlan_interface configuration option to match the ESX host interface that handles VLAN-tagged VM traffic. Possible values:
|