Browse Source

Remove vmware-nsx's static example configuration file

This patch is a follow up to the auto generate config file patch[1]
which removes the static example nsx.ini file from the repo as
it is now redundant.

[1]: https://review.openstack.org/#/c/303673/

Depends-On: Iff4ea37b52616295b262ead53947acb5b0cd9cd7

Change-Id: I61ee6fe873cfeac9dfe6d9eb7b0f90dd7c251d51
Partial-bug: #1568215
changes/30/304330/2
Abhishek Raut 6 years ago
parent
commit
5f1a62a0f1
  1. 431
      etc/nsx.ini
  2. 2
      setup.cfg

431
etc/nsx.ini

@ -1,431 +0,0 @@
[DEFAULT]
# User name for NSX controller
# nsx_user = admin
# Password for NSX controller
# nsx_password = admin
# Time before aborting a request on an unresponsive controller (Seconds)
# http_timeout = 75
# Maximum number of times a particular request should be retried
# retries = 2
# Maximum number of times a redirect response should be followed
# redirects = 2
# Comma-separated list of NSX controller endpoints (<ip>:<port>). When port
# is omitted, 443 is assumed. This option MUST be specified, e.g.:
# nsx_controllers = xx.yy.zz.ww:443, aa.bb.cc.dd, ee.ff.gg.hh.ee:80
# UUID of the pre-existing default NSX Transport zone to be used for creating
# tunneled isolated "Neutron" networks. This option MUST be specified, e.g.:
# default_tz_uuid = 1e8e52cf-fa7f-46b0-a14a-f99835a9cb53
# (Optional) UUID for the default l3 gateway service to use with this cluster.
# To be specified if planning to use logical routers with external gateways.
# default_l3_gw_service_uuid =
# (Optional) UUID for the default l2 gateway service to use with this cluster.
# To be specified for providing a predefined gateway tenant for connecting their networks.
# default_l2_gw_service_uuid =
# (Optional) UUID for the default service cluster. A service cluster is introduced to
# represent a group of gateways and it is needed in order to use Logical Services like
# dhcp and metadata in the logical space. NOTE: If agent_mode is set to 'agentless' this
# config parameter *MUST BE* set to a valid pre-existent service cluster uuid.
# default_service_cluster_uuid =
# Name of the default interface name to be used on network-gateway. This value
# will be used for any device associated with a network gateway for which an
# interface name was not specified
# nsx_default_interface_name = breth0
# Reconnect connection to nsx if not used within this amount of time.
# conn_idle_timeout = 900
# Specify the class path for the Layer 2 gateway backend driver(i.e. NSXv3/NSX-V).
# This field will be used when a L2 Gateway service plugin is configured.
# nsx_l2gw_driver =
# (Optional) URL for distributed locking coordination resource for lock manager
# This value is passed as a parameter to tooz coordinator.
# By default, value is None and oslo_concurrency is used for single-node
# lock management.
# locking_coordinator_url =
[quotas]
# number of network gateways allowed per tenant, -1 means unlimited
# quota_network_gateway = 5
[nsxv]
# URL for NSXv manager
# manager_uri = https://management_ip
# User name for NSXv manager
# user = admin
# Password for NSXv manager
# password = default
# Specify a CA bundle file to use in verifying the NSXv server certificate.
# ca_file =
# If True, the NSXv server certificate is not verified. If False,
# then the default CA truststore is used for verification. This option
# is ignored if "ca_file" is set.
# insecure = True
# (Required) Datacenter MoRef ID for Edge deployment
# datacenter_moid =
# (Required) Cluster MoRef IDs for OpenStack compute clusters, comma separated
# cluster_moid =
# (Optional) Deployment Container MoRef ID for NSX Edge deployment
# If not specified, either a default global container will be used, or
# the resource pool and datastore specified below will be used
# deployment_container_id =
# (Optional) Resource pool MoRef ID for NSX Edge deployment
# resource_pool_id =
# (Optional) Datastore MoRef ID for NSX Edge deployment
# datastore_id =
# (Required) Portgroup MoRef ID for Edge physical network connectivity
# external_network =
# (Optional) Asynchronous task status check interval
# default is 2000 (millisecond)
# task_status_check_interval = 2000
# (Optional) Transport Zone MoRef ID for VXLAN logical networks
# vdn_scope_id =
# (Optional) DVS MoRef ID for DVS connected to Management / Edge cluster
# dvs_id =
# (ListOpt) Define backup edge pool's management range with the four-tuple:
# <edge_type>:[edge_size]:<minimum_pooled_edges>:<maximum_pooled_edges>.
# edge_type:'service'(service edge) or 'vdr'(distributed edge).
# edge_size: 'compact', 'large'(by default), 'xlarge' or 'quadlarge'.
#
# By default, edge pool manager would manage service edge
# with compact&&large size and distributed edge with large size as following:
# backup_edge_pool = service:large:4:10,service:compact:4:10,vdr:large:4:10
# (Optional) Maximum number of sub interfaces supported per vnic in edge
# default is 20
# maximum_tunnels_per_vnic = 20
# Maximum number of API retries
# retries = 10
# (Optional) Portgroup MoRef ID for metadata proxy management network
# mgt_net_moid =
# (Optional) Management network IP address for metadata proxy, comma separated
# mgt_net_proxy_ips =
# (Optional) Management network netmask for metadata proxy
# mgt_net_proxy_netmask =
# (Optional) Management network default gateway for metadata proxy
# mgt_net_default_gateway =
# (Optional) IP addresses used by Nova metadata service
# nova_metadata_ips =
# (Optional) TCP Port used by Nova metadata server
# nova_metadata_port = 8775
# (Optional) Shared secret to sign metadata requests
# metadata_shared_secret =
# (Optional) If True, the end to end connection for metadata service is
# not verified. If False, the default CA truststore is used for verification.
# metadata_insecure =
# (Optional) Comma separated list of tcp ports, to be allowed access to the
# metadata proxy, in addition to the default 80,443,8775 tcp ports
# metadata_service_allowed_ports =
# (Optional) Client certificate to use when metadata connection is to be
# verified. If not provided, a self signed certificate will be used.
# metadata_nova_client_cert =
# (Optional) Private key to use for client certificate
# metadata_nova_client_priv_key =
# (Optional) Indicates if Nsxv spoofguard component is used to implement
# port-security feature.
# spoofguard_enabled = True
# (Optional) Deploys NSX Edges in HA mode
# edge_ha = False
# (Optional) Edge appliance size to be used for creating exclusive router.
# Valid values: ['compact', 'large', 'xlarge', 'quadlarge']
# This exclusive_router_appliance_size will be picked up if --router-size
# parameter is not specified while doing neutron router-create
# exclusive_router_appliance_size = compact
# (ListOpt) Ordered list of router_types to allocate as tenant routers.
# It limits the router types that the Nsxv can support for tenants:
# distributed: router is supported by distributed edge at the backend.
# shared: multiple routers share the same service edge at the backend.
# exclusive: router exclusively occupies one service edge at the backend.
# Nsxv would select the first available router type from tenant_router_types
# list if router-type is not specified.
# If the tenant defines the router type with "--distributed",
# "--router_type exclusive" or "--router_type shared", Nsxv would verify that
# the router type is in tenant_router_types.
# Admin supports all these three router types
#
# tenant_router_types = shared, distributed, exclusive
# Example: tenant_router_types = distributed, shared
# (Optional) Enable an administrator to configure the edge user and password
# Username to configure for Edge appliance login
# edge_appliance_user =
# (Optional) Password to configure for Edge appliance login
# edge_appliance_password =
# (Optional) DHCP lease time
# dhcp_lease_time = 86400
# (Optional) Indicates whether distributed-firewall rule for security-groups
# blocked traffic is logged.
# log_security_groups_blocked_traffic = False
# (Optional) Indicates whether distributed-firewall security-groups rules are
# logged.
# log_security_groups_allowed_traffic = False
# (Optional) In some cases the Neutron router is not present to provide the
# metadata IP but the DHCP server can be used to provide this info. Setting
# this value will force the DHCP edge server to append specific host routes
# to the DHCP request. If this option is set, then the metadata service will
# be activated for all the dhcp enabled networks.
# Note: this option can only be supported at NSX manager version 6.2.3 or
# higher
# dhcp_force_metadata = True
[nsx]
# Maximum number of ports for each bridged logical switch
# The recommended value for this parameter varies with NSX version
# Please use:
# NSX 2.x -> 64
# NSX 3.0, 3.1 -> 5000
# NSX 3.2 -> 10000
# max_lp_per_bridged_ls = 5000
# Maximum number of ports for each overlay (stt, gre) logical switch
# max_lp_per_overlay_ls = 256
# Number of connections to each controller node.
# default is 10
# concurrent_connections = 10
# Number of seconds a generation id should be valid for (default -1 meaning do not time out)
# nsx_gen_timeout = -1
# Acceptable values for 'metadata_mode' are:
# - 'access_network': this enables a dedicated connection to the metadata
# proxy for metadata server access via Neutron router.
# - 'dhcp_host_route': this enables host route injection via the dhcp agent.
# This option is only useful if running on a host that does not support
# namespaces otherwise access_network should be used.
# metadata_mode = access_network
# The default network transport type to use (stt, gre, bridge, ipsec_gre, or ipsec_stt)
# default_transport_type = stt
# Specifies in which mode the plugin needs to operate in order to provide DHCP and
# metadata proxy services to tenant instances. If 'agent' is chosen (default)
# the NSX plugin relies on external RPC agents (i.e. dhcp and metadata agents) to
# provide such services. In this mode, the plugin supports API extensions 'agent'
# and 'dhcp_agent_scheduler'. If 'agentless' is chosen (experimental in Icehouse),
# the plugin will use NSX logical services for DHCP and metadata proxy. This
# simplifies the deployment model for Neutron, in that the plugin no longer requires
# the RPC agents to operate. When 'agentless' is chosen, the config option metadata_mode
# becomes ineffective. The 'agentless' mode works only on NSX 4.1.
# Furthermore, a 'combined' mode is also provided and is used to support existing
# deployments that want to adopt the agentless mode. With this mode, existing networks
# keep being served by the existing infrastructure (thus preserving backward
# compatibility, whereas new networks will be served by the new infrastructure.
# Migration tools are provided to 'move' one network from one model to another; with
# agent_mode set to 'combined', option 'network_auto_schedule' in neutron.conf is
# ignored, as new networks will no longer be scheduled to existing dhcp agents.
# agent_mode = agent
# Specifies which mode packet replication should be done in. If set to service
# a service node is required in order to perform packet replication. This can
# also be set to source if one wants replication to be performed locally (NOTE:
# usually only useful for testing if one does not want to deploy a service node).
# In order to leverage distributed routers, replication_mode should be set to
# "service".
# replication_mode = service
[nsx_sync]
# Interval in seconds between runs of the status synchronization task.
# The plugin will aim at resynchronizing operational status for all
# resources in this interval, and it should be therefore large enough
# to ensure the task is feasible. Otherwise the plugin will be
# constantly synchronizing resource status, ie: a new task is started
# as soon as the previous is completed.
# If this value is set to 0, the state synchronization thread for this
# Neutron instance will be disabled.
# state_sync_interval = 10
# Random additional delay between two runs of the state synchronization task.
# An additional wait time between 0 and max_random_sync_delay seconds
# will be added on top of state_sync_interval.
# max_random_sync_delay = 0
# Minimum delay, in seconds, between two status synchronization requests for NSX.
# Depending on chunk size, controller load, and other factors, state
# synchronization requests might be pretty heavy. This means the
# controller might take time to respond, and its load might be quite
# increased by them. This parameter allows to specify a minimum
# interval between two subsequent requests.
# The value for this parameter must never exceed state_sync_interval.
# If this does, an error will be raised at startup.
# min_sync_req_delay = 1
# Minimum number of resources to be retrieved from NSX in a single status
# synchronization request.
# The actual size of the chunk will increase if the number of resources is such
# that using the minimum chunk size will cause the interval between two
# requests to be less than min_sync_req_delay
# min_chunk_size = 500
# Enable this option to allow punctual state synchronization on show
# operations. In this way, show operations will always fetch the operational
# status of the resource from the NSX backend, and this might have
# a considerable impact on overall performance.
# always_read_status = False
[nsx_lsn]
# Pull LSN information from NSX in case it is missing from the local
# data store. This is useful to rebuild the local store in case of
# server recovery
# sync_on_missing_data = False
[nsx_dhcp]
# (Optional) Comma separated list of additional dns servers. Default is an empty list
# extra_domain_name_servers =
# Domain to use for building the hostnames
# domain_name = openstacklocal
# Default DHCP lease time
# default_lease_time = 43200
[nsx_metadata]
# IP address used by Metadata server
# metadata_server_address = 127.0.0.1
# TCP Port used by Metadata server
# metadata_server_port = 8775
# When proxying metadata requests, Neutron signs the Instance-ID header with a
# shared secret to prevent spoofing. You may select any string for a secret,
# but it MUST match with the configuration used by the Metadata server
# metadata_shared_secret =
[nsx_v3]
# IP address of one or more NSX managers separated by commas.
# The IP address should be of the form:
# [<scheme>://]<ip_adress>[:<port>]
# If scheme is not provided https is used. If port is not provided
# port 80 is used for http and port 443 for https.
# nsx_api_managers = 1.2.3.4
# User name of NSX Manager
# nsx_api_user = admin
# Password of NSX Manager
# nsx_api_password = default
# UUID of the default NSX overlay transport zone that will be used for creating
# tunneled isolated Neutron networks. If no physical network is specified when
# creating a logical network, this transport zone will be used by default
# default_overlay_tz_uuid = afc40f8a-4967-477e-a17a-9d560d1786c7
# (Optional) Only required when creating VLAN or flat provider networks. UUID
# of default NSX VLAN transport zone that will be used for bridging between
# Neutron networks, if no physical network has been specified
# default_vlan_tz_uuid = afc40f8a-4967-477e-a17a-9d560d1786c7
# Maximum number of times to retry API requests upon stale revision errors.
# retries = 10
# Specify a CA bundle file to use in verifying the NSX Manager
# server certificate. This option is ignored if "insecure" is set to True.
# If "insecure" is set to False and ca_file is unset, the system root CAs
# will be used to verify the server certificate.
# ca_file =
# If true, the NSX Manager server certificate is not verified. If false
# the CA bundle specified via "ca_file" will be used or if unset the
# default system root CAs will be used.
# insecure = True
# The time in seconds before aborting a HTTP connection to a NSX manager.
# http_timeout = 10
# The time in seconds before aborting a HTTP read response from a NSX manager.
# http_read_timeout = 180
# Maximum number of times to retry a HTTP connection.
# http_retries = 3
# Maximum number of connection connections to each NSX manager.
# concurrent_connections = 10
# The amount of time in seconds to wait before ensuring connectivity to
# the NSX manager if no manager connection has been used.
# conn_idle_timeout = 10
# UUID of the default tier0 router that will be used for connecting to
# tier1 logical routers and configuring external networks
# default_tier0_router_uuid = 412983fd-9016-45e5-93f2-48ba2a931225
# (Optional) UUID of the default NSX bridge cluster that will be used to
# perform L2 gateway bridging between VXLAN and VLAN networks. It is an
# optional field. If default bridge cluster UUID is not specified, admin will
# have to manually create a L2 gateway corresponding to a NSX Bridge Cluster
# using L2 gateway APIs. This field must be specified on one of the active
# neutron servers only.
# default_bridge_cluster_uuid =
# (Optional) The number of nested groups which are used by the plugin,
# each Neutron security-groups is added to one nested group, and each nested
# group can contain as maximum as 500 security-groups, therefore, the maximum
# number of security groups that can be created is
# 500 * number_of_nested_groups.
# The default is 8 nested groups, which allows a maximum of 4k security-groups,
# to allow creation of more security-groups, modify this figure.
# number_of_nested_groups =
# Acceptable values for 'metadata_mode' are:
# - 'access_network': this enables a dedicated connection to the metadata
# proxy for metadata server access via Neutron router.
# - 'dhcp_host_route': this enables host route injection via the dhcp agent.
# This option is only useful if running on a host that does not support
# namespaces otherwise access_network should be used.
# metadata_mode = access_network
# If True, an internal metadata network will be created for a router only when
# the router is attached to a DHCP-disabled subnet.
# metadata_on_demand = False
# (Optional) Indicates whether distributed-firewall rule for security-groups
# blocked traffic is logged.
# log_security_groups_blocked_traffic = False
# (Optional) Indicates whether distributed-firewall security-groups rules are
# logged.
# log_security_groups_allowed_traffic = False

2
setup.cfg

@ -21,8 +21,6 @@ classifier =
[files]
packages =
vmware_nsx
data_files =
etc/neutron/plugins/vmware = etc/nsx.ini
[entry_points]
console_scripts =

Loading…
Cancel
Save