2521N/A# Show debugging output in log (sets DEBUG log level output)
2892N/A# L3 requires that an interface driver be set. Choose the one that best
5403N/A# Example of interface_driver option for OVS based plugins (OVS, Ryu, NEC)
6029N/A# Interface driver for Solaris Open vSwitch
6029N/A# Name of Open vSwitch bridge to use
6029N/A# ovs_integration_bridge = br_int0
5403N/A# Use veth for an OVS interface or not.
5403N/A# Support kernels with limited namespace support
5403N/A# (
e.g. RHEL 6.5) so long as ovs_use_veth is set to True.
5403N/A# Example of interface_driver option for LinuxBridge
5403N/A# Interface driver for Solaris Elastic Virtual Switch (EVS)
2521N/A# Allow overlapping IP (Must have kernel build with CONFIG_NET_NS=y and
5403N/A# iproute2 package that supports namespaces). This option is deprecated and
5403N/A# will be removed in a future release, at which point the old behavior of
5403N/A# use_namespaces = True will be enforced.
2521N/A# If use_namespaces is set as False then the agent can only configure one
2892N/A# This is done by setting the specific router_id.
3998N/A# When external_network_bridge is set, each L3 agent can be associated
3998N/A# with no more than one external network. This value should be set to the UUID
3998N/A# of that external network. To allow L3 agent support multiple external
3998N/A# networks, both the external_network_bridge and gateway_external_network_id
2521N/A# gateway_external_network_id =
5403N/A# With IPv6, the network used for the external gateway does not need
5403N/A# to have an associated subnet, since the automatically assigned
5403N/A# link-local address (LLA) can be used. However, an IPv6 gateway address
5403N/A# is needed for use as the next-hop for the default route. If no IPv6
5403N/A# gateway address is configured here, (and only then) the neutron router
5403N/A# will be configured to get its default route from router advertisements (RAs)
5403N/A# from the upstream router; in which case the upstream router must also be
5403N/A# configured to send these RAs.
5403N/A# The ipv6_gateway, when configured, should be the LLA of the interface
5403N/A# on the upstream router. If a next-hop using a global unique address (GUA)
5403N/A# is desired, it needs to be done via a subnet allocated to the network
5403N/A# and not through this parameter.
2521N/A# Indicates that this L3 agent should also handle routers that do not have
2521N/A# an external network gateway configured. This option should be True only
2892N/A# for a single agent in a Neutron deployment, and may be False for all agents
2521N/A# if all routers must have an external network gateway
2521N/A# handle_internal_only_routers = True
2521N/A# Name of bridge used for external network traffic. This should be set to
3998N/A# empty value for the linux bridge. when this parameter is set, each L3 agent
3998N/A# can be associated with no more than one external network.
3998N/A# TCP Port used by Neutron metadata server
3998N/A# Send this many gratuitous ARPs for HA setup. Set it below or equal to 0
2521N/A# seconds between re-sync routers' data if needed
2521N/A# seconds to start to sync routers' data after
2892N/A# enable_metadata_proxy, which is true by default, can be set to False
2892N/A# if the Nova metadata server is not available
5403N/A# enable_metadata_proxy = True
5403N/A# Iptables mangle mark used to mark metadata valid requests
5403N/A# metadata_access_mark = 0x1
5403N/A# Iptables mangle mark used to mark ingress from external network
5403N/A# external_ingress_mark = 0x2
3998N/A# router_delete_namespaces, which is false by default, can be set to True if
3998N/A# namespaces can be deleted cleanly on the host running the L3 agent.
3998N/A# Do not enable this until you understand the problem with the Linux iproute
3998N/A# you are sure that your version of iproute does not suffer from the problem.
3998N/A# If True, namespaces will be deleted when a router is destroyed.
3998N/A# router_delete_namespaces = False
5403N/A# Timeout for ovs-vsctl commands.
5403N/A# If the timeout expires, ovs commands will fail with ALARMCLOCK error.
3998N/A# The working mode for the agent. Allowed values are:
3998N/A# - legacy: this preserves the existing behavior where the L3 agent is
3998N/A# deployed on a centralized networking node to provide L3 services
3998N/A# like DNAT, and SNAT. Use this mode if you do not want to adopt DVR.
3998N/A# - dvr: this mode enables DVR functionality, and must be used for an L3
3998N/A# agent that runs on a compute host.
3998N/A# - dvr_snat: this enables centralized SNAT support in conjunction with
3998N/A# DVR. This mode must be used for an L3 agent running on a centralized
3998N/A# node (or in single-host deployments,
e.g. devstack).
3998N/A# Location to store keepalived and all HA configurations
3998N/A# VRRP authentication password
3998N/A# The advertisement interval in seconds
2521N/A# Name of the datalink that connects to an external network. By default it's
2521N/A# external_network_datalink = net0
2521N/A# Allow forwarding of packets between tenant's networks
2521N/A# allow_forwarding_between_networks = False
2521N/A# An URI that specifies an EVS controller. It is of the form
2521N/A# ssh://user@hostname, where user is the username to use to connect
2521N/A# to EVS controller specified by hostname. By default it's set to
2521N/A# evs_controller = ssh://evsuser@localhost
6174N/Aadmin_password = %SERVICE_PASSWORD%
6174N/Aadmin_tenant_name = %SERVICE_PASSWORD%
6174N/A# The type of authentication to use
6174N/A# Network service endpoint type to pull from the keystone catalog