Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / neutron / f4a05e1c820a70344270257c9093a3eccbc9c86d / . / README.rst
blob: 9cbd45abb8406964b14e3657111cac90b0f38659 [file] [log] [blame]
Aleš Komárek41e82312017-04-11 13:37:44 +0200[diff] [blame]1===============
2Neutron Formula
3===============
Filip Pytlouncd028e42015-10-06 16:28:32 +0200[diff] [blame]4
Jakub Pavlik9ecf0262016-05-20 11:20:58 +0200[diff] [blame]5Neutron is an OpenStack project to provide "networking as a service" between
6interface devices (e.g., vNICs) managed by other Openstack services (e.g.,
7nova).
Filip Pytlouncd028e42015-10-06 16:28:32 +0200[diff] [blame]8
Jakub Pavlik9ecf0262016-05-20 11:20:58 +0200[diff] [blame]9Starting in the Folsom release, Neutron is a core and supported part of the
10OpenStack platform (for Essex, we were an "incubated" project, which means use
Vasyl Saienko2fffc842017-06-14 10:35:26 +0300[diff] [blame]11is suggested only for those who really know what they're doing with Neutron).
Filip Pytlouncd028e42015-10-06 16:28:32 +0200[diff] [blame]12
Aleš Komárek41e82312017-04-11 13:37:44 +0200[diff] [blame]13Sample Pillars
Filip Pytlouncd028e42015-10-06 16:28:32 +0200[diff] [blame]14==============
15
16Neutron Server on the controller node
17
18.. code-block:: yaml
19
20 neutron:
21 server:
22 enabled: true
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]23 version: mitaka
Swann Croiset9407daf2017-02-02 15:27:56 +0100[diff] [blame]24 allow_pagination: true
25 pagination_max_limit: 100
Mykyta Karpin253406d2017-12-08 17:01:37 +0200[diff] [blame]26 api_workers: 2
27 rpc_workers: 2
28 rpc_state_report_workers: 2
Michael Polenchuk1ff88652018-03-06 16:15:57 +0400[diff] [blame]29 root_helper_daemon: false
Filip Pytlouncd028e42015-10-06 16:28:32 +0200[diff] [blame]30 bind:
31 address: 172.20.0.1
32 port: 9696
Filip Pytlouncd028e42015-10-06 16:28:32 +0200[diff] [blame]33 database:
34 engine: mysql
35 host: 127.0.0.1
36 port: 3306
37 name: neutron
38 user: neutron
39 password: pwd
40 identity:
41 engine: keystone
42 host: 127.0.0.1
43 port: 35357
44 user: neutron
45 password: pwd
46 tenant: service
Dennis Dmitriev37114722017-03-06 16:52:26 +0200[diff] [blame]47 endpoint_type: internal
Filip Pytlouncd028e42015-10-06 16:28:32 +0200[diff] [blame]48 message_queue:
49 engine: rabbitmq
50 host: 127.0.0.1
51 port: 5672
52 user: openstack
53 password: pwd
54 virtual_host: '/openstack'
55 metadata:
56 host: 127.0.0.1
57 port: 8775
58 password: pass
Mykyta Karpin253406d2017-12-08 17:01:37 +0200[diff] [blame]59 workers: 2
Petr Michalec61f7ab22016-11-29 16:29:09 +0100[diff] [blame]60 audit:
61 enabled: false
Filip Pytlouncd028e42015-10-06 16:28:32 +0200[diff] [blame]62
Swann Croiset9407daf2017-02-02 15:27:56 +0100[diff] [blame]63Note: The pagination is useful to retrieve a large bunch of resources,
64because a single request may fail (timeout). This is enabled with both
65parameters *allow_pagination* and *pagination_max_limit* as shown above.
66
Dmitry Ukov596ddcf2017-05-04 18:16:16 +0400[diff] [blame]67
68Configuration of policy.json file
69
70.. code-block:: yaml
71
72 neutron:
73 server:
74 ....
75 policy:
76 create_subnet: 'rule:admin_or_network_owner'
77 'get_network:queue_id': 'rule:admin_only'
78 # Add key without value to remove line from policy.json
79 'create_network:shared':
80
Elena Ezhovacd67cfe2017-06-16 23:35:07 +0400[diff] [blame]81Neutron LBaaSv2 enablement
82--------------------------
Ondrej Smola314eee22017-03-08 21:21:16 +0100[diff] [blame]83
84.. code-block:: yaml
85
86 neutron:
87 server:
88 lbaas:
89 enabled: true
90 providers:
Elena Ezhovacd67cfe2017-06-16 23:35:07 +0400[diff] [blame]91 octavia:
92 engine: octavia
93 driver_path: 'neutron_lbaas.drivers.octavia.driver.OctaviaDriver'
94 base_url: 'http://127.0.0.1:9876'
Ondrej Smola314eee22017-03-08 21:21:16 +0100[diff] [blame]95 avi_adc:
Ondrej Smola314eee22017-03-08 21:21:16 +0100[diff] [blame]96 engine: avinetworks
Elena Ezhovacd67cfe2017-06-16 23:35:07 +0400[diff] [blame]97 driver_path: 'avi_lbaasv2.avi_driver.AviDriver'
Ondrej Smola314eee22017-03-08 21:21:16 +0100[diff] [blame]98 controller_address: 10.182.129.239
99 controller_user: admin
100 controller_password: Cloudlab2016
101 controller_cloud_name: Default-Cloud
102 avi_adc2:
103 engine: avinetworks
104 ...
105
Elena Ezhovacd67cfe2017-06-16 23:35:07 +0400[diff] [blame]106Note: If the Contrail backend is set, Opencontrail loadbalancer would be enabled
107automatically. In this case lbaas should disabled in pillar:
Ondrej Smola314eee22017-03-08 21:21:16 +0100[diff] [blame]108
109.. code-block:: yaml
110
111 neutron:
112 server:
113 lbaas:
Elena Ezhovacd67cfe2017-06-16 23:35:07 +0400[diff] [blame]114 enabled: false
Ondrej Smola314eee22017-03-08 21:21:16 +0100[diff] [blame]115
Elena Ezhova166d4012017-08-17 12:53:52 +0400[diff] [blame]116
117Neutron FWaaSv1 enablement
118--------------------------
119
120.. code-block:: yaml
121
122 neutron:
123 fwaas:
124 enabled: true
125 version: ocata
126 api_version: v1
127
128
Ondrej Smola12ff8192017-04-28 12:39:11 +0200[diff] [blame]129Enable CORS parameters
Elena Ezhova166d4012017-08-17 12:53:52 +0400[diff] [blame]130----------------------
Ondrej Smola12ff8192017-04-28 12:39:11 +0200[diff] [blame]131
132.. code-block:: yaml
133
134 neutron:
135 server:
136 cors:
137 allowed_origin: https:localhost.local,http:localhost.local
138 expose_headers: X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token
139 allow_methods: GET,PUT,POST,DELETE,PATCH
140 allow_headers: X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token
141 allow_credentials: True
142 max_age: 86400
143
144
Aleš Komárek41e82312017-04-11 13:37:44 +0200[diff] [blame]145Neutron VXLAN tenant networks with Network nodes
146------------------------------------------------
Swann Croiset9407daf2017-02-02 15:27:56 +0100[diff] [blame]147
Aleš Komárek41e82312017-04-11 13:37:44 +0200[diff] [blame]148With DVR for East-West and Network node for North-South.
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]149
150This use case describes a model utilising VxLAN overlay with DVR. The DVR
Aleš Komárek41e82312017-04-11 13:37:44 +0200[diff] [blame]151routers will only be utilized for traffic that is router within the cloud
Vasyl Saienko2fffc842017-06-14 10:35:26 +0300[diff] [blame]152infrastructure and that remains encapsulated. External traffic will be
153routed to via the network nodes.
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]154
Vasyl Saienko2fffc842017-06-14 10:35:26 +0300[diff] [blame]155The intention is that each tenant will require at least two (2) vrouters
156one to be utilised
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]157
Aleš Komárek41e82312017-04-11 13:37:44 +0200[diff] [blame]158Neutron Server
marcoa4428a32016-06-10 11:50:16 +0200[diff] [blame]159
160.. code-block:: yaml
161
162 neutron:
163 server:
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]164 version: mitaka
Dmitry Stremkouski3c1be3e2017-11-18 11:04:20 +0300[diff] [blame]165 path_mtu: 1500
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]166 bind:
167 address: 172.20.0.1
168 port: 9696
169 database:
170 engine: mysql
171 host: 127.0.0.1
172 port: 3306
173 name: neutron
174 user: neutron
175 password: pwd
176 identity:
177 engine: keystone
178 host: 127.0.0.1
179 port: 35357
180 user: neutron
181 password: pwd
182 tenant: service
Dennis Dmitriev37114722017-03-06 16:52:26 +0200[diff] [blame]183 endpoint_type: internal
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]184 message_queue:
185 engine: rabbitmq
186 host: 127.0.0.1
187 port: 5672
188 user: openstack
189 password: pwd
190 virtual_host: '/openstack'
191 global_physnet_mtu: 9000
192 l3_ha: False # Which type of router will be created by default
193 dvr: True # disabled for non DVR use case
194 backend:
195 engine: ml2
196 tenant_network_types: "flat,vxlan"
197 external_mtu: 9000
198 mechanism:
Elena Ezhovad6a080c2017-10-09 15:25:16 +0400[diff] [blame]199 ovs:
200 driver: openvswitch
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]201
Aleš Komárek41e82312017-04-11 13:37:44 +0200[diff] [blame]202Network Node
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]203
204.. code-block:: yaml
205
206 neutron:
207 gateway:
208 enabled: True
209 version: mitaka
210 message_queue:
211 engine: rabbitmq
212 host: 127.0.0.1
213 port: 5672
214 user: openstack
215 password: pwd
216 virtual_host: '/openstack'
217 local_ip: 192.168.20.20 # br-mesh ip address
218 dvr: True # disabled for non DVR use case
219 agent_mode: dvr_snat
220 metadata:
221 host: 127.0.0.1
222 password: pass
223 backend:
224 engine: ml2
225 tenant_network_types: "flat,vxlan"
226 mechanism:
Elena Ezhovad6a080c2017-10-09 15:25:16 +0400[diff] [blame]227 ovs:
228 driver: openvswitch
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]229
230Compute Node
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]231
232.. code-block:: yaml
233
234 neutron:
235 compute:
236 enabled: True
237 version: mitaka
238 message_queue:
239 engine: rabbitmq
240 host: 127.0.0.1
241 port: 5672
242 user: openstack
243 password: pwd
244 virtual_host: '/openstack'
245 local_ip: 192.168.20.20 # br-mesh ip address
246 dvr: True # disabled for non DVR use case
247 agent_mode: dvr
248 external_access: false # Compute node with DVR for east-west only, Network Node has True as default
249 metadata:
250 host: 127.0.0.1
Vasyl Saienko2fffc842017-06-14 10:35:26 +0300[diff] [blame]251 password: pass
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]252 backend:
253 engine: ml2
254 tenant_network_types: "flat,vxlan"
255 mechanism:
Elena Ezhovad6a080c2017-10-09 15:25:16 +0400[diff] [blame]256 ovs:
257 driver: openvswitch
Petr Michalec61f7ab22016-11-29 16:29:09 +0100[diff] [blame]258 audit:
259 enabled: false
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]260
Aleš Komárek41e82312017-04-11 13:37:44 +0200[diff] [blame]261
Dmitry Stremkouskia3a4ab42017-10-23 17:37:12 +0300[diff] [blame]262Disable physnet1 bridge
263-----------------------
264
265By default we have external access turned on, so among any physnets in
266your reclass there would be additional one: physnet1, which is mapped to
267br-floating
268
269If you need internal nets only without this bridge, remove br-floating
270and configurations mappings. Disable mappings for this bridge on
271neutron-servers:
272
273.. code-block:: yaml
274
275 neutron:
276 server:
277 external_access: false
278
279gateways:
280
281.. code-block:: yaml
282
283 neutron:
284 gateway:
285 external_access: false
286
287compute nodes:
288
289.. code-block:: yaml
290
291 neutron:
292 compute:
293 external_access: false
294
295
Marcin Iwinskic50137a2018-01-22 14:18:24 +0100[diff] [blame]296Add additional bridge mappings for OVS bridges
297----------------------------------------------
298
299By default we have external access turned on, so among any physnets in
300your reclass there would be additional one: physnet1, which is mapped to
301br-floating
302
303If you need to add extra non-default bridge mappings they can be defined
304separately for both gateways and compute nodes:
305
306gateways:
307
308.. code-block:: yaml
309
310 neutron:
311 gateway:
312 bridge_mappings:
313 physnet4: br-floating-internet
314
315compute nodes:
316
317.. code-block:: yaml
318
319 neutron:
320 compute:
321 bridge_mappings:
322 physnet4: br-floating-internet
323
324
Dmitry Stremkouski4b410222017-11-18 11:29:55 +0300[diff] [blame]325Specify different mtu values for different physnets
326---------------------------------------------------
327
328Neutron Server
329
330.. code-block:: yaml
331
332 neutron:
333 server:
334 version: mitaka
335 backend:
336 external_mtu: 1500
337 tenant_net_mtu: 9000
338 ironic_net_mtu: 9000
339
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]340Neutron VXLAN tenant networks with Network Nodes (non DVR)
Aleš Komárek41e82312017-04-11 13:37:44 +0200[diff] [blame]341----------------------------------------------------------
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]342
343This section describes a network solution that utilises VxLAN overlay
344 networks without DVR with all routers being managed on the network nodes.
345
Aleš Komárek41e82312017-04-11 13:37:44 +0200[diff] [blame]346Neutron Server
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]347
348.. code-block:: yaml
349
350 neutron:
351 server:
352 version: mitaka
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]353 bind:
354 address: 172.20.0.1
355 port: 9696
356 database:
357 engine: mysql
358 host: 127.0.0.1
359 port: 3306
360 name: neutron
361 user: neutron
362 password: pwd
363 identity:
364 engine: keystone
365 host: 127.0.0.1
366 port: 35357
367 user: neutron
368 password: pwd
369 tenant: service
Dennis Dmitriev37114722017-03-06 16:52:26 +0200[diff] [blame]370 endpoint_type: internal
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]371 message_queue:
372 engine: rabbitmq
373 host: 127.0.0.1
374 port: 5672
375 user: openstack
376 password: pwd
377 virtual_host: '/openstack'
378 global_physnet_mtu: 9000
379 l3_ha: True
380 dvr: False
381 backend:
382 engine: ml2
383 tenant_network_types= "flat,vxlan"
384 external_mtu: 9000
385 mechanism:
Elena Ezhovad6a080c2017-10-09 15:25:16 +0400[diff] [blame]386 ovs:
387 driver: openvswitch
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]388
Aleš Komárek41e82312017-04-11 13:37:44 +0200[diff] [blame]389Network Node
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]390
391.. code-block:: yaml
392
393 neutron:
394 gateway:
395 enabled: True
396 version: mitaka
397 message_queue:
398 engine: rabbitmq
399 host: 127.0.0.1
400 port: 5672
401 user: openstack
402 password: pwd
403 virtual_host: '/openstack'
404 local_ip: 192.168.20.20 # br-mesh ip address
405 dvr: False
406 agent_mode: legacy
Simon Pasquierc03af112017-04-10 10:35:14 +0200[diff] [blame]407 availability_zone: az1
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]408 metadata:
409 host: 127.0.0.1
410 password: pass
411 backend:
412 engine: ml2
413 tenant_network_types: "flat,vxlan"
414 mechanism:
Elena Ezhovad6a080c2017-10-09 15:25:16 +0400[diff] [blame]415 ovs:
416 driver: openvswitch
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]417
418Compute Node
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]419
420.. code-block:: yaml
421
422 neutron:
423 compute:
424 enabled: True
425 version: mitaka
426 message_queue:
427 engine: rabbitmq
428 host: 127.0.0.1
429 port: 5672
430 user: openstack
431 password: pwd
432 virtual_host: '/openstack'
433 local_ip: 192.168.20.20 # br-mesh ip address
434 external_access: False
Vasyl Saienko2fffc842017-06-14 10:35:26 +0300[diff] [blame]435 dvr: False
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]436 backend:
437 engine: ml2
438 tenant_network_types: "flat,vxlan"
439 mechanism:
Elena Ezhovad6a080c2017-10-09 15:25:16 +0400[diff] [blame]440 ovs:
441 driver: openvswitch
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]442
Aleš Komárek41e82312017-04-11 13:37:44 +0200[diff] [blame]443Neutron VXLAN tenant networks with Network Nodes with DVR
444---------------------------------------------------------
445
446With DVR for East-West and North-South, DVR everywhere, Network node for SNAT.
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]447
Vasyl Saienko2fffc842017-06-14 10:35:26 +0300[diff] [blame]448This section describes a network solution that utilises VxLAN
449overlay networks with DVR with North-South and East-West. Network
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]450Node is used only for SNAT.
451
Aleš Komárek41e82312017-04-11 13:37:44 +0200[diff] [blame]452Neutron Server
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]453
454.. code-block:: yaml
455
456 neutron:
457 server:
458 version: mitaka
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]459 bind:
460 address: 172.20.0.1
461 port: 9696
462 database:
463 engine: mysql
464 host: 127.0.0.1
465 port: 3306
466 name: neutron
467 user: neutron
468 password: pwd
469 identity:
470 engine: keystone
471 host: 127.0.0.1
472 port: 35357
473 user: neutron
474 password: pwd
475 tenant: service
Dennis Dmitriev37114722017-03-06 16:52:26 +0200[diff] [blame]476 endpoint_type: internal
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]477 message_queue:
478 engine: rabbitmq
479 host: 127.0.0.1
480 port: 5672
481 user: openstack
482 password: pwd
483 virtual_host: '/openstack'
484 global_physnet_mtu: 9000
485 l3_ha: False
486 dvr: True
487 backend:
488 engine: ml2
489 tenant_network_types= "flat,vxlan"
490 external_mtu: 9000
491 mechanism:
Elena Ezhovad6a080c2017-10-09 15:25:16 +0400[diff] [blame]492 ovs:
493 driver: openvswitch
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]494
Aleš Komárek41e82312017-04-11 13:37:44 +0200[diff] [blame]495Network Node
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]496
497.. code-block:: yaml
498
499 neutron:
500 gateway:
501 enabled: True
502 version: mitaka
503 message_queue:
504 engine: rabbitmq
505 host: 127.0.0.1
506 port: 5672
507 user: openstack
508 password: pwd
509 virtual_host: '/openstack'
510 local_ip: 192.168.20.20 # br-mesh ip address
511 dvr: True
512 agent_mode: dvr_snat
Simon Pasquierc03af112017-04-10 10:35:14 +0200[diff] [blame]513 availability_zone: az1
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]514 metadata:
515 host: 127.0.0.1
516 password: pass
517 backend:
518 engine: ml2
519 tenant_network_types: "flat,vxlan"
520 mechanism:
Elena Ezhovad6a080c2017-10-09 15:25:16 +0400[diff] [blame]521 ovs:
522 driver: openvswitch
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]523
524Compute Node
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]525
526.. code-block:: yaml
527
528 neutron:
529 compute:
530 enabled: True
531 version: mitaka
532 message_queue:
533 engine: rabbitmq
534 host: 127.0.0.1
535 port: 5672
536 user: openstack
537 password: pwd
538 virtual_host: '/openstack'
539 local_ip: 192.168.20.20 # br-mesh ip address
540 dvr: True
Vasyl Saienko2fffc842017-06-14 10:35:26 +0300[diff] [blame]541 external_access: True
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]542 agent_mode: dvr
Simon Pasquierc03af112017-04-10 10:35:14 +0200[diff] [blame]543 availability_zone: az1
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]544 metadata:
545 host: 127.0.0.1
546 password: pass
547 backend:
548 engine: ml2
549 tenant_network_types: "flat,vxlan"
550 mechanism:
Elena Ezhovad6a080c2017-10-09 15:25:16 +0400[diff] [blame]551 ovs:
552 driver: openvswitch
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]553
554Sample Linux network configuration for DVR
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]555
556.. code-block:: yaml
557
558 linux:
559 network:
560 bridge: openvswitch
561 interface:
562 eth1:
563 enabled: true
564 type: eth
565 mtu: 9000
566 proto: manual
567 eth2:
568 enabled: true
569 type: eth
570 mtu: 9000
571 proto: manual
572 eth3:
573 enabled: true
574 type: eth
575 mtu: 9000
576 proto: manual
577 br-int:
578 enabled: true
579 mtu: 9000
580 type: ovs_bridge
581 br-floating:
582 enabled: true
583 mtu: 9000
584 type: ovs_bridge
585 float-to-ex:
586 enabled: true
587 type: ovs_port
588 mtu: 65000
589 bridge: br-floating
590 br-mgmt:
591 enabled: true
592 type: bridge
593 mtu: 9000
594 address: ${_param:single_address}
595 netmask: 255.255.255.0
596 use_interfaces:
597 - eth1
598 br-mesh:
599 enabled: true
600 type: bridge
601 mtu: 9000
602 address: ${_param:tenant_address}
603 netmask: 255.255.255.0
604 use_interfaces:
605 - eth2
606 br-ex:
607 enabled: true
608 type: bridge
609 mtu: 9000
610 address: ${_param:external_address}
611 netmask: 255.255.255.0
612 use_interfaces:
613 - eth3
614 use_ovs_ports:
615 - float-to-ex
616
Thom Gerdes3282d072017-05-30 22:06:04 +0000[diff] [blame]617Additonal VXLAN tenant network settings
618---------------------------------------
619
620The default multicast group of 224.0.0.1 only multicasts to a single subnet.
621Allow overriding it to allow larger underlay network topologies.
622
623Neutron Server
624
625.. code-block:: yaml
626
627 neutron:
628 server:
629 vxlan:
630 group: 239.0.0.0/8
631 vni_ranges: "2:65535"
632
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]633Neutron VLAN tenant networks with Network Nodes
Aleš Komárek41e82312017-04-11 13:37:44 +0200[diff] [blame]634-----------------------------------------------
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]635
636VLAN tenant provider
637
638Neutron Server only
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]639
640.. code-block:: yaml
641
642 neutron:
643 server:
644 version: mitaka
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]645 ...
646 global_physnet_mtu: 9000
647 l3_ha: False
648 dvr: True
649 backend:
650 engine: ml2
651 tenant_network_types: "flat,vlan" # Can be mixed flat,vlan,vxlan
652 tenant_vlan_range: "1000:2000"
653 external_vlan_range: "100:200" # Does not have to be defined.
654 external_mtu: 9000
655 mechanism:
Elena Ezhovad6a080c2017-10-09 15:25:16 +0400[diff] [blame]656 ovs:
657 driver: openvswitch
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]658
659Compute node
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]660
661.. code-block:: yaml
662
663 neutron:
664 compute:
665 version: mitaka
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]666 ...
667 dvr: True
668 agent_mode: dvr
669 external_access: False
670 backend:
671 engine: ml2
672 tenant_network_types: "flat,vlan" # Can be mixed flat,vlan,vxlan
673 mechanism:
Elena Ezhovad6a080c2017-10-09 15:25:16 +0400[diff] [blame]674 ovs:
675 driver: openvswitch
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]676
Oleg Bondarevada324f2018-06-04 14:55:38 +0400[diff] [blame]677Neutron with additional physical networks
678-----------------------------------------
679
680Neutron Server only
681
682.. code-block:: yaml
683
684 neutron:
685 server:
686 version: ocata
687 ...
688 backend:
689 engine: ml2
690 tenant_network_types: "flat,vlan" # Can be mixed flat,vlan,vxlan
691 ...
692 # also need to configure corresponding additional bridge_mappings on
693 # compute and gateway nodes
694 physnets:
695 sriov_net:
696 mtu: 9000 # Optional, defaults to 1500
697 vlan_range: '100:200' # Optional
698 ext_net2:
699 mtu: 1500
700 mechanism:
701 ovs:
702 driver: openvswitch
703
Aleš Komárek41e82312017-04-11 13:37:44 +0200[diff] [blame]704Advanced Neutron Features (DPDK, SR-IOV)
Oleg Bondarev0575ae42017-07-28 16:36:25 +0400[diff] [blame]705----------------------------------------
Aleš Komárek41e82312017-04-11 13:37:44 +0200[diff] [blame]706
Jakub Pavlik8f83ccc2017-02-27 11:15:39 +0100[diff] [blame]707Neutron OVS DPDK
Jakub Pavlik8f83ccc2017-02-27 11:15:39 +0100[diff] [blame]708
709Enable datapath netdev for neutron openvswitch agent
710
711.. code-block:: yaml
712
713 neutron:
714 server:
715 version: mitaka
716 ...
717 dpdk: True
718 ...
719
720 neutron:
721 compute:
722 version: mitaka
Jakub Pavlik8f83ccc2017-02-27 11:15:39 +0100[diff] [blame]723 dpdk: True
Michael Polenchuk52911652018-04-12 22:09:49 +0400[diff] [blame]724 vhost_mode: client # options: client|server (default)
Oleg Bondarevee7e8302017-10-16 17:20:38 +0400[diff] [blame]725 vhost_socket_dir: /var/run/openvswitch
Jakub Pavlik8f83ccc2017-02-27 11:15:39 +0100[diff] [blame]726 backend:
727 engine: ml2
728 ...
729 mechanism:
Elena Ezhovad6a080c2017-10-09 15:25:16 +0400[diff] [blame]730 ovs:
731 driver: openvswitch
Jakub Pavlik8f83ccc2017-02-27 11:15:39 +0100[diff] [blame]732
Jakub Pavlik70555cb2017-02-26 18:48:02 +0100[diff] [blame]733Neutron OVS SR-IOV
Jakub Pavlik70555cb2017-02-26 18:48:02 +0100[diff] [blame]734
735.. code-block:: yaml
736
737 neutron:
738 server:
739 version: mitaka
Jakub Pavlik70555cb2017-02-26 18:48:02 +0100[diff] [blame]740 backend:
741 engine: ml2
742 ...
743 mechanism:
Elena Ezhovad6a080c2017-10-09 15:25:16 +0400[diff] [blame]744 ovs:
745 driver: openvswitch
746 sriov:
747 driver: sriovnicswitch
Jakub Pavlik70555cb2017-02-26 18:48:02 +0100[diff] [blame]748
749 neutron:
750 compute:
751 version: mitaka
Jakub Pavlik70555cb2017-02-26 18:48:02 +0100[diff] [blame]752 ...
753 backend:
754 engine: ml2
755 tenant_network_types: "flat,vlan" # Can be mixed flat,vlan,vxlan
756 sriov:
757 nic_one:
758 devname: eth1
759 physical_network: physnet3
760 mechanism:
Elena Ezhovad6a080c2017-10-09 15:25:16 +0400[diff] [blame]761 ovs:
762 driver: openvswitch
Jakub Pavlik70555cb2017-02-26 18:48:02 +0100[diff] [blame]763
Ilya Chukhnakovf4c2bb32017-06-08 02:03:15 +0300[diff] [blame]764Neutron with VLAN-aware-VMs
Oleg Bondarev0575ae42017-07-28 16:36:25 +0400[diff] [blame]765---------------------------
Ilya Chukhnakovf4c2bb32017-06-08 02:03:15 +0300[diff] [blame]766
767.. code-block:: yaml
768
769 neutron:
770 server:
771 vlan_aware_vms: true
772 ....
773 compute:
774 vlan_aware_vms: true
775 ....
776 gateway:
777 vlan_aware_vms: true
778
Oleg Bondarevacb2e532018-03-06 10:43:59 +0400[diff] [blame]779Neutron with BGP VPN (BaGPipe driver)
Oleg Bondarevb63d27f2018-02-14 19:21:06 +0400[diff] [blame]780---------------------------
781
782.. code-block:: yaml
783
784 neutron:
785 server:
786 version: pike
787 bgp_vpn:
Oleg Bondarevacb2e532018-03-06 10:43:59 +0400[diff] [blame]788 enabled: true
Oleg Bondarevb63d27f2018-02-14 19:21:06 +0400[diff] [blame]789 driver: bagpipe # Options: bagpipe/opencontrail/opendaylight
790 ....
791 compute:
792 version: pike
793 bgp_vpn:
Oleg Bondarevacb2e532018-03-06 10:43:59 +0400[diff] [blame]794 enabled: true
Oleg Bondarevb63d27f2018-02-14 19:21:06 +0400[diff] [blame]795 driver: bagpipe # Options: bagpipe/opencontrail/opendaylight
Oleg Bondarevacb2e532018-03-06 10:43:59 +0400[diff] [blame]796 bagpipe:
797 local_address: 192.168.20.20 # IP address for mpls/gre tunnels
798 peers: 192.168.20.30 # IP addresses of BGP peers
799 autonomous_system: 64512 # Autonomous System number
800 enable_rtc: True # Enable RT Constraint (RFC4684)
Oleg Bondarevb63d27f2018-02-14 19:21:06 +0400[diff] [blame]801 backend:
Oleg Bondarev878ac462018-04-23 17:48:15 +0400[diff] [blame]802 ovs_extension: # for OVS agent only, not supported in SRIOV agent
Oleg Bondarevb63d27f2018-02-14 19:21:06 +0400[diff] [blame]803 bagpipe_bgpvpn:
804 enabled: True
805
Oleksii Chupryn16cb4e02018-02-26 14:20:39 +0200[diff] [blame]806Neutron with DHCP agent on compute node
807---------------------------------------
808
809.. code-block:: yaml
810
811 neutron:
812 ....
813 compute:
814 dhcp_agent_enabled: true
815 ....
816
Oleg Bondarev0575ae42017-07-28 16:36:25 +0400[diff] [blame]817Neutron with OVN
818----------------
819
820Control node:
821
822.. code-block:: yaml
823
824 neutron:
825 server:
826 backend:
827 engine: ovn
828 mechanism:
829 ovn:
830 driver: ovn
831 tenant_network_types: "geneve,flat"
Michael Polenchuka3d492b2017-12-27 15:49:43 +0400[diff] [blame]832 ovn_ctl_opts:
833 db-nb-create-insecure-remote: 'yes'
834 db-sb-create-insecure-remote: 'yes'
Oleg Bondarev0575ae42017-07-28 16:36:25 +0400[diff] [blame]835
836Compute node:
837
838.. code-block:: yaml
839
840 neutron:
841 compute:
842 local_ip: 10.2.0.105
843 controller_vip: 10.1.0.101
844 external_access: false
845 backend:
846 engine: ovn
847
Michael Polenchukcccd1a52018-02-02 17:41:16 +0400[diff] [blame]848
849Neutron L2 Gateway
850----------------
851
852Control node:
853
854.. code-block:: yaml
855
856 neutron:
857 server:
858 version: pike
859 l2gw:
860 enabled: true
861 periodic_monitoring_interval: 5
862 quota_l2_gateway: 20
863 # service_provider=<service_type>:<name>:<driver>[:default]
864 service_provider: L2GW:OpenDaylight:networking_odl.l2gateway.driver.OpenDaylightL2gwDriver:default
865 backend:
866 engine: ml2
867
868Network/Gateway node:
869
870.. code-block:: yaml
871
872 neutron:
873 gateway:
874 version: pike
875 l2gw:
876 enabled: true
877 debug: true
878 socket_timeout: 20
879 ovsdb_hosts:
880 # <ovsdb_name>: <ip address>:<port>
881 # - ovsdb_name: a user defined symbolic identifier of physical switch
882 # - ip address: the address or dns name for the OVSDB server (i.e. pointer to the switch)
883 ovsdb1: 10.164.5.33:6632
884 ovsdb2: 10.164.4.33:6632
885
886
Michael Polenchuk87d2b742017-06-29 12:05:25 +0400[diff] [blame]887OpenDaylight integration
888------------------------
889
890Control node:
891
892.. code-block:: yaml
893
894 neutron:
895 server:
896 backend:
897 opendaylight: true
898 router: odl-router_v2
899 host: 10.20.0.77
900 rest_api_port: 8282
901 user: admin
902 password: admin
903 ovsdb_connection: tcp:127.0.0.1:6639
904 enable_websocket: true
905 enable_dhcp_service: false
906 mechanism:
907 ovs:
908 driver: opendaylight_v2
909
910Network/Gateway node:
911
912.. code-block:: yaml
913
914 neutron:
915 gateway:
916 backend:
917 router: odl-router_v2
918 ovsdb_connection: tcp:127.0.0.1:6639
919 opendaylight:
920 ovsdb_server_iface: ptcp:6639:127.0.0.1
921 ovsdb_odl_iface: tcp:10.20.0.77:6640
922 tunnel_ip: 10.1.0.110
923 provider_mappings: physnet1:br-floating
924
925Compute node:
926
927.. code-block:: yaml
928
929 neutron:
930 compute:
931 opendaylight:
932 ovsdb_server_iface: ptcp:6639:127.0.0.1
933 ovsdb_odl_iface: tcp:10.20.0.77:6640
934 tunnel_ip: 10.1.0.105
935 provider_mappings: physnet1:br-floating
936
937
Aleš Komárek41e82312017-04-11 13:37:44 +0200[diff] [blame]938Neutron Server
939--------------
940
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]941Neutron Server with OpenContrail
Jiri Broulik74f61112016-11-21 20:23:47 +0100[diff] [blame]942
943.. code-block:: yaml
944
945 neutron:
946 server:
marcoa4428a32016-06-10 11:50:16 +0200[diff] [blame]947 backend:
948 engine: contrail
949 host: contrail_discovery_host
950 port: 8082
951 user: admin
952 password: password
953 tenant: admin
954 token: token
955
956Neutron Server with Midonet
957
958.. code-block:: yaml
959
960 neutron:
961 server:
962 backend:
963 engine: midonet
964 host: midonet_api_host
965 port: 8181
966 user: admin
967 password: password
968
Jakub Pavlik6dd5c0a2016-03-09 14:18:15 +0100[diff] [blame]969Neutron Keystone region
970
971.. code-block:: yaml
972
973 neutron:
974 server:
975 enabled: true
976 version: kilo
977 ...
978 identity:
979 region: RegionTwo
980 ...
981 compute:
982 region: RegionTwo
983 ...
984
Jiri Konecny93b19992016-04-12 11:15:39 +0200[diff] [blame]985Client-side RabbitMQ HA setup
986
987.. code-block:: yaml
988
989 neutron:
990 server:
991 ....
992 message_queue:
993 engine: rabbitmq
994 members:
995 - host: 10.0.16.1
996 - host: 10.0.16.2
997 - host: 10.0.16.3
998 user: openstack
999 password: pwd
1000 virtual_host: '/openstack'
1001 ....
1002
Kirill Bespalov8fffe022017-08-03 17:55:02 +0300[diff] [blame]1003
Kirill Bespalovdd748b62017-11-21 10:42:57 +0300[diff] [blame]1004Configuring TLS communications
1005------------------------------
Kirill Bespalov8fffe022017-08-03 17:55:02 +0300[diff] [blame]1006
Kirill Bespalov8fffe022017-08-03 17:55:02 +0300[diff] [blame]1007
Kirill Bespalovdd748b62017-11-21 10:42:57 +0300[diff] [blame]1008**Note:** by default system wide installed CA certs are used, so ``cacert_file`` param is optional, as well as ``cacert``.
1009
1010
1011- **RabbitMQ TLS**
Kirill Bespalov8fffe022017-08-03 17:55:02 +0300[diff] [blame]1012
1013.. code-block:: yaml
1014
Kirill Bespalovdd748b62017-11-21 10:42:57 +0300[diff] [blame]1015 neutron:
1016 server, gateway, compute:
Kirill Bespalov8fffe022017-08-03 17:55:02 +0300[diff] [blame]1017 message_queue:
Kirill Bespalovdd748b62017-11-21 10:42:57 +0300[diff] [blame]1018 port: 5671
Kirill Bespalov8fffe022017-08-03 17:55:02 +0300[diff] [blame]1019 ssl:
1020 enabled: True
Kirill Bespalovdd748b62017-11-21 10:42:57 +0300[diff] [blame]1021 (optional) cacert: cert body if the cacert_file does not exists
1022 (optional) cacert_file: /etc/openstack/rabbitmq-ca.pem
1023 (optional) version: TLSv1_2
Kirill Bespalov8fffe022017-08-03 17:55:02 +0300[diff] [blame]1024
1025
Kirill Bespalovdd748b62017-11-21 10:42:57 +0300[diff] [blame]1026- **MySQL TLS**
Kirill Bespalov8fffe022017-08-03 17:55:02 +0300[diff] [blame]1027
1028.. code-block:: yaml
1029
Kirill Bespalovdd748b62017-11-21 10:42:57 +0300[diff] [blame]1030 neutron:
1031 server:
1032 database:
Kirill Bespalov8fffe022017-08-03 17:55:02 +0300[diff] [blame]1033 ssl:
1034 enabled: True
Kirill Bespalovdd748b62017-11-21 10:42:57 +0300[diff] [blame]1035 (optional) cacert: cert body if the cacert_file does not exists
1036 (optional) cacert_file: /etc/openstack/mysql-ca.pem
Kirill Bespalov8fffe022017-08-03 17:55:02 +0300[diff] [blame]1037
Kirill Bespalovdd748b62017-11-21 10:42:57 +0300[diff] [blame]1038- **Openstack HTTPS API**
1039
Kirill Bespalov8fffe022017-08-03 17:55:02 +0300[diff] [blame]1040
1041.. code-block:: yaml
1042
Kirill Bespalovdd748b62017-11-21 10:42:57 +0300[diff] [blame]1043 neutron:
1044 server:
1045 identity:
1046 protocol: https
1047 (optional) cacert_file: /etc/openstack/proxy.pem
Kirill Bespalov8fffe022017-08-03 17:55:02 +0300[diff] [blame]1048
1049
Petr Michalec61f7ab22016-11-29 16:29:09 +0100[diff] [blame]1050Enable auditing filter, ie: CADF
1051
1052.. code-block:: yaml
1053
1054 neutron:
1055 server:
1056 audit:
1057 enabled: true
1058 ....
1059 filter_factory: 'keystonemiddleware.audit:filter_factory'
1060 map_file: '/etc/pycadf/neutron_api_audit_map.conf'
1061 ....
1062 compute:
1063 audit:
1064 enabled: true
1065 ....
1066 filter_factory: 'keystonemiddleware.audit:filter_factory'
1067 map_file: '/etc/pycadf/neutron_api_audit_map.conf'
1068 ....
Jiri Konecny93b19992016-04-12 11:15:39 +0200[diff] [blame]1069
Oleg Bondarev98870a32017-05-29 16:53:19 +0400[diff] [blame]1070Neutron with security groups disabled
1071
1072.. code-block:: yaml
1073
1074 neutron:
1075 server:
1076 security_groups_enabled: False
1077 ....
1078 compute:
1079 security_groups_enabled: False
1080 ....
1081 gateway:
1082 security_groups_enabled: False
1083
Jiri Konecny93b19992016-04-12 11:15:39 +0200[diff] [blame]1084
Aleš Komárek41e82312017-04-11 13:37:44 +0200[diff] [blame]1085Neutron Client
1086--------------
Jiri Broulik5368cc52017-02-08 18:53:59 +0100[diff] [blame]1087
1088Neutron networks
1089
1090.. code-block:: yaml
1091
1092 neutron:
1093 client:
1094 enabled: true
1095 server:
1096 identity:
Richard Felklaac256a2017-03-23 15:43:49 +0100[diff] [blame]1097 endpoint_type: internalURL
Jiri Broulik5368cc52017-02-08 18:53:59 +0100[diff] [blame]1098 network:
1099 inet1:
1100 tenant: demo
1101 shared: False
1102 admin_state_up: True
1103 router_external: True
1104 provider_physical_network: inet
1105 provider_network_type: flat
1106 provider_segmentation_id: 2
1107 subnet:
1108 inet1-subnet1:
1109 cidr: 192.168.90.0/24
1110 enable_dhcp: False
1111 inet2:
1112 tenant: admin
1113 shared: False
1114 router_external: True
1115 provider_network_type: "vlan"
1116 subnet:
1117 inet2-subnet1:
1118 cidr: 192.168.92.0/24
1119 enable_dhcp: False
1120 inet2-subnet2:
1121 cidr: 192.168.94.0/24
1122 enable_dhcp: True
1123 identity1:
1124 network:
1125 ...
1126
Jiri Broulik5368cc52017-02-08 18:53:59 +0100[diff] [blame]1127Neutron routers
1128
1129.. code-block:: yaml
1130
1131 neutron:
1132 client:
1133 enabled: true
1134 server:
1135 identity:
Richard Felklaac256a2017-03-23 15:43:49 +0100[diff] [blame]1136 endpoint_type: internalURL
Jiri Broulik5368cc52017-02-08 18:53:59 +0100[diff] [blame]1137 router:
1138 inet1-router:
1139 tenant: demo
1140 admin_state_up: True
1141 gateway_network: inet
1142 interfaces:
1143 - inet1-subnet1
1144 - inet1-subnet2
1145 identity1:
1146 router:
1147 ...
1148
1149 TODO: implement adding new interfaces to a router while updating it
1150
1151
1152Neutron security groups
1153
1154.. code-block:: yaml
1155
1156 neutron:
1157 client:
1158 enabled: true
1159 server:
1160 identity:
Richard Felklaac256a2017-03-23 15:43:49 +0100[diff] [blame]1161 endpoint_type: internalURL
Jiri Broulik5368cc52017-02-08 18:53:59 +0100[diff] [blame]1162 security_group:
1163 security_group1:
1164 tenant: demo
1165 description: security group 1
1166 rules:
1167 - direction: ingress
1168 ethertype: IPv4
1169 protocol: TCP
1170 port_range_min: 1
1171 port_range_max: 65535
1172 remote_ip_prefix: 0.0.0.0/0
1173 - direction: ingress
1174 ethertype: IPv4
1175 protocol: UDP
1176 port_range_min: 1
1177 port_range_max: 65535
1178 remote_ip_prefix: 0.0.0.0/0
1179 - direction: ingress
1180 protocol: ICMP
1181 remote_ip_prefix: 0.0.0.0/0
1182 identity1:
1183 security_group:
1184 ...
1185
1186 TODO: implement updating existing security rules (now it adds new rule if trying to update existing one)
1187
Jiri Broulikde2e2902017-02-13 15:03:47 +0100[diff] [blame]1188
1189Floating IP addresses
1190
1191.. code-block:: yaml
1192
1193 neutron:
1194 client:
1195 enabled: true
1196 server:
1197 identity:
Richard Felklaac256a2017-03-23 15:43:49 +0100[diff] [blame]1198 endpoint_type: internalURL
Jiri Broulikde2e2902017-02-13 15:03:47 +0100[diff] [blame]1199 floating_ip:
1200 prx01-instance:
1201 server: prx01.mk22-lab-basic.local
1202 subnet: private-subnet1
1203 network: public-net1
1204 tenant: demo
1205 gtw01-instance:
1206 ...
1207
1208.. note:: The network must have flag router:external set to True.
1209 Instance port in the stated subnet will be associated with the dynamically generated floating IP.
1210
1211
Oleg Iurchenkode71cc22017-09-18 17:58:56 +0300[diff] [blame]1212
1213Enable Neutron extensions (QoS, DNS, etc.)
1214------------------------------------------
1215.. code-block:: yaml
1216
1217 neutron:
1218 server:
1219 backend:
1220 extension:
Oleg Iurchenkoac17f4f2017-10-06 11:24:27 +0300[diff] [blame]1221 dns:
1222 enabled: True
1223 host: 127.0.0.1
1224 port: 9001
1225 protocol: http
1226 ....
1227 qos
1228 enabled: True
Oleg Iurchenkode71cc22017-09-18 17:58:56 +0300[diff] [blame]1229
Oleg Bondarev878ac462018-04-23 17:48:15 +0400[diff] [blame]1230Different Neutron extensions for different agents
1231-------------------------------------------------
1232.. code-block:: yaml
1233
1234 neutron:
1235 server:
1236 backend:
1237 extension: # common extensions for OVS and SRIOV agents
1238 dns:
1239 enabled: True
1240 ...
1241 qos
1242 enabled: True
1243 ovs_extension: # OVS specific extensions
1244 bagpipe_bgpvpn:
1245 enabled: True
1246 sriov_extension: # SRIOV specific extensions
1247 dummy:
1248 enabled: True
Oleg Iurchenkode71cc22017-09-18 17:58:56 +0300[diff] [blame]1249
Oleg Iurchenko8cf6cf52017-09-18 15:44:03 +0300[diff] [blame]1250
1251Neutron with Designate
1252-----------------------------------------
1253.. code-block:: yaml
1254
1255 neutron:
1256 server:
1257 backend:
1258 extension:
1259 dns:
1260 enabled: True
1261 host: 127.0.0.1
1262 port: 9001
1263 protocol: http
1264
Marek Celoud67ce2062018-01-31 13:44:55 +0100[diff] [blame]1265Enable RBAC for OpenContrail engine
1266-----------------------------------
1267.. code-block:: yaml
1268
1269 neutron:
1270 server:
1271 backend:
1272 engine: contrail
1273 rbac:
1274 enabled: True
Oleg Iurchenko8cf6cf52017-09-18 15:44:03 +0300[diff] [blame]1275
Dmitry Kalashnik35dd0e02017-12-07 14:16:25 +0400[diff] [blame]1276Enhanced logging with logging.conf
1277----------------------------------
1278
1279By default logging.conf is disabled.
1280
1281That is possible to enable per-binary logging.conf with new variables:
1282 * openstack_log_appender - set it to true to enable log_config_append for all OpenStack services;
1283 * openstack_fluentd_handler_enabled - set to true to enable FluentHandler for all Openstack services.
Oleksii Chupryn156c5f42018-02-07 10:06:50 +0200[diff] [blame]1284 * openstack_ossyslog_handler_enabled - set to true to enable OSSysLogHandler for all Openstack services.
Dmitry Kalashnik35dd0e02017-12-07 14:16:25 +0400[diff] [blame]1285
Oleksii Chupryn156c5f42018-02-07 10:06:50 +0200[diff] [blame]1286Only WatchedFileHandler, OSSysLogHandler and FluentHandler are available.
Dmitry Kalashnik35dd0e02017-12-07 14:16:25 +0400[diff] [blame]1287
1288Also it is possible to configure this with pillar:
1289
1290.. code-block:: yaml
1291
1292 neutron:
1293 server:
1294 logging:
1295 log_appender: true
1296 log_handlers:
1297 watchedfile:
1298 enabled: true
1299 fluentd:
1300 enabled: true
Oleksii Chupryn156c5f42018-02-07 10:06:50 +0200[diff] [blame]1301 ossyslog:
1302 enabled: true
Dmitry Kalashnik35dd0e02017-12-07 14:16:25 +0400[diff] [blame]1303 ....
1304 compute:
1305 logging:
1306 log_appender: true
1307 log_handlers:
1308 watchedfile:
1309 enabled: true
1310 fluentd:
1311 enabled: true
Oleksii Chupryn156c5f42018-02-07 10:06:50 +0200[diff] [blame]1312 ossyslog:
1313 enabled: true
Dmitry Kalashnik35dd0e02017-12-07 14:16:25 +0400[diff] [blame]1314 ....
1315 gateway:
1316 logging:
1317 log_appender: true
1318 log_handlers:
1319 watchedfile:
1320 enabled: true
1321 fluentd:
1322 enabled: true
Oleksii Chupryn156c5f42018-02-07 10:06:50 +0200[diff] [blame]1323 ossyslog:
1324 enabled: true
Oleg Iurchenko8cf6cf52017-09-18 15:44:03 +0300[diff] [blame]1325
Oleksii Grudevfe73ee52018-05-14 14:08:11 +0300[diff] [blame]1326Logging levels pillar example:
1327
1328.. code-block:: yaml
1329
1330 neutron:
1331 server:
1332 logging:
1333 log_appender: true
1334 loggers:
1335 root:
1336 level: 'DEBUG'
1337 neutron:
1338 level: 'DEBUG'
1339 amqplib:
1340 level: 'DEBUG'
1341 sqlalchemy:
1342 level: 'DEBUG'
1343 boto:
1344 level: 'DEBUG'
1345 suds:
1346 level: 'DEBUG'
1347 eventletwsgi:
1348 level: 'DEBUG'
1349 ......
1350
1351
Filip Pytloun20c0a442017-02-02 13:05:13 +0100[diff] [blame]1352Documentation and Bugs
1353======================
1354
1355To learn how to install and update salt-formulas, consult the documentation
1356available online at:
1357
1358 http://salt-formulas.readthedocs.io/
1359
1360In the unfortunate event that bugs are discovered, they should be reported to
1361the appropriate issue tracker. Use Github issue tracker for specific salt
1362formula:
1363
1364 https://github.com/salt-formulas/salt-formula-neutron/issues
1365
1366For feature requests, bug reports or blueprints affecting entire ecosystem,
1367use Launchpad salt-formulas project:
1368
1369 https://launchpad.net/salt-formulas
1370
1371You can also join salt-formulas-users team and subscribe to mailing list:
1372
1373 https://launchpad.net/~salt-formulas-users
1374
1375Developers wishing to work on the salt-formulas projects should always base
1376their work on master branch and submit pull request against specific formula.
1377
1378 https://github.com/salt-formulas/salt-formula-neutron
1379
1380Any questions or feedback is always welcome so feel free to join our IRC
1381channel:
1382
1383 #salt-formulas @ irc.freenode.net