# Config file for neutron-proxy-plugin. [restproxy] # All configuration for this plugin is in section '[restproxy]' # # The following parameters are supported: # servers : [,]* (Error if not set) # server_auth : (default: no auth) # server_ssl : True | False (default: True) # ssl_cert_directory : (default: /etc/neutron/plugins/bigswitch/ssl) # no_ssl_validation : True | False (default: False) # ssl_sticky : True | False (default: True) # sync_data : True | False (default: False) # auto_sync_on_failure : True | False (default: True) # consistency_interval : (default: 60 seconds) # server_timeout : (default: 10 seconds) # neutron_id : (default: neutron-) # add_meta_server_route : True | False (default: True) # thread_pool_size : (default: 4) # A comma separated list of BigSwitch or Floodlight servers and port numbers. The plugin proxies the requests to the BigSwitch/Floodlight server, which performs the networking configuration. Note that only one server is needed per deployment, but you may wish to deploy multiple servers to support failover. servers=127.0.0.1:8080 # The username and password for authenticating against the BigSwitch or Floodlight controller. # server_auth=username:password # Use SSL when connecting to the BigSwitch or Floodlight controller. # server_ssl=True # Directory which contains the ca_certs and host_certs to be used to validate # controller certificates. # ssl_cert_directory=/etc/neutron/plugins/bigswitch/ssl/ # If a certificate does not exist for a controller, trust and store the first # certificate received for that controller and use it to validate future # connections to that controller. # ssl_sticky=True # Do not validate the controller certificates for SSL # Warning: This will not provide protection against man-in-the-middle attacks # no_ssl_validation=False # Sync data on connect # sync_data=False # If neutron fails to create a resource because the backend controller # doesn't know of a dependency, automatically trigger a full data # synchronization to the controller. # auto_sync_on_failure=True # Time between verifications that the backend controller # database is consistent with Neutron. (0 to disable) # consistency_interval = 60 # Maximum number of seconds to wait for proxy request to connect and complete. # server_timeout=10 # User defined identifier for this Neutron deployment # neutron_id = # Flag to decide if a route to the metadata server should be injected into the VM # add_meta_server_route = True # Number of threads to use to handle large volumes of port creation requests # thread_pool_size = 4 [nova] # Specify the VIF_TYPE that will be controlled on the Nova compute instances # options: ivs or ovs # default: ovs # vif_type = ovs # Overrides for vif types based on nova compute node host IDs # Comma separated list of host IDs to fix to a specific VIF type # The VIF type is taken from the end of the configuration item # node_override_vif_ # For example, the following would set the VIF type to IVS for # host-id1 and host-id2 # node_overrride_vif_ivs=host-id1,host-id2 [router] # Specify the default router rules installed in newly created tenant routers # Specify multiple times for multiple rules # Format is ::: # Optionally, a comma-separated list of nexthops may be included after # Use an * to specify default for all tenants # Default is any any allow for all tenants # tenant_default_router_rule=*:any:any:permit # Maximum number of rules that a single router may have # Default is 200 # max_router_rules=200 [restproxyagent] # Specify the name of the bridge used on compute nodes # for attachment. # Default: br-int # integration_bridge=br-int # Change the frequency of polling by the restproxy agent. # Value is seconds # Default: 5 # polling_interval=5 # Virtual switch type on the compute node. # Options: ovs or ivs # Default: ovs # virtual_switch_type = ovs [securitygroup] # Controls if neutron security group is enabled or not. # It should be false when you use nova security group. # enable_security_group = True