openvswitch_agent.ini

DEFAULT

rpc_response_max_timeout
Type

integer

Default

600

Maximum seconds to wait for a response from an RPC call.

debug
Type

boolean

Default

False

Mutable

This option can be changed without restarting.

If set to true, the logging level will be set to DEBUG instead of the default INFO level.

log_config_append
Type

string

Default

<None>

Mutable

This option can be changed without restarting.

The name of a logging configuration file. This file is appended to any existing logging configuration files. For details about logging configuration files, see the Python logging module documentation. Note that when logging configuration files are used then all logging configuration is set in the configuration file and other logging configuration options are ignored (for example, log-date-format).

Deprecated Variations

Group

Name

DEFAULT

log-config

DEFAULT

log_config

log_date_format
Type

string

Default

%Y-%m-%d %H:%M:%S

Defines the format string for %(asctime)s in log records. Default: the value above . This option is ignored if log_config_append is set.

log_file
Type

string

Default

<None>

(Optional) Name of log file to send logging output to. If no default is set, logging will go to stderr as defined by use_stderr. This option is ignored if log_config_append is set.

Deprecated Variations

Group

Name

DEFAULT

logfile

log_dir
Type

string

Default

<None>

(Optional) The base directory used for relative log_file paths. This option is ignored if log_config_append is set.

Deprecated Variations

Group

Name

DEFAULT

logdir

watch_log_file
Type

boolean

Default

False

Uses logging handler designed to watch file system. When log file is moved or removed this handler will open a new log file with specified path instantaneously. It makes sense only if log_file option is specified and Linux platform is used. This option is ignored if log_config_append is set.

use_syslog
Type

boolean

Default

False

Use syslog for logging. Existing syslog format is DEPRECATED and will be changed later to honor RFC5424. This option is ignored if log_config_append is set.

use_journal
Type

boolean

Default

False

Enable journald for logging. If running in a systemd environment you may wish to enable journal support. Doing so will use the journal native protocol which includes structured metadata in addition to log messages.This option is ignored if log_config_append is set.

syslog_log_facility
Type

string

Default

LOG_USER

Syslog facility to receive log lines. This option is ignored if log_config_append is set.

use_json
Type

boolean

Default

False

Use JSON formatting for logging. This option is ignored if log_config_append is set.

use_stderr
Type

boolean

Default

False

Log output to standard error. This option is ignored if log_config_append is set.

use_eventlog
Type

boolean

Default

False

Log output to Windows Event Log.

log_rotate_interval
Type

integer

Default

1

The amount of time before the log files are rotated. This option is ignored unless log_rotation_type is set to “interval”.

log_rotate_interval_type
Type

string

Default

days

Valid Values

Seconds, Minutes, Hours, Days, Weekday, Midnight

Rotation interval type. The time of the last file change (or the time when the service was started) is used when scheduling the next rotation.

max_logfile_count
Type

integer

Default

30

Maximum number of rotated log files.

max_logfile_size_mb
Type

integer

Default

200

Log file maximum size in MB. This option is ignored if “log_rotation_type” is not set to “size”.

log_rotation_type
Type

string

Default

none

Valid Values

interval, size, none

Log rotation type.

Possible values

interval

Rotate logs at predefined time intervals.

size

Rotate logs once they reach a predefined size.

none

Do not rotate log files.

logging_context_format_string
Type

string

Default

%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(global_request_id)s %(request_id)s %(user_identity)s] %(instance)s%(message)s

Format string to use for log messages with context. Used by oslo_log.formatters.ContextFormatter

logging_default_format_string
Type

string

Default

%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s

Format string to use for log messages when context is undefined. Used by oslo_log.formatters.ContextFormatter

logging_debug_format_suffix
Type

string

Default

%(funcName)s %(pathname)s:%(lineno)d

Additional data to append to log message when logging level for the message is DEBUG. Used by oslo_log.formatters.ContextFormatter

logging_exception_prefix
Type

string

Default

%(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s

Prefix each line of exception output with this format. Used by oslo_log.formatters.ContextFormatter

logging_user_identity_format
Type

string

Default

%(user)s %(project)s %(domain)s %(system_scope)s %(user_domain)s %(project_domain)s

Defines the format string for %(user_identity)s that is used in logging_context_format_string. Used by oslo_log.formatters.ContextFormatter

default_log_levels
Type

list

Default

['amqp=WARN', 'amqplib=WARN', 'boto=WARN', 'qpid=WARN', 'sqlalchemy=WARN', 'suds=INFO', 'oslo.messaging=INFO', 'oslo_messaging=INFO', 'iso8601=WARN', 'requests.packages.urllib3.connectionpool=WARN', 'urllib3.connectionpool=WARN', 'websocket=WARN', 'requests.packages.urllib3.util.retry=WARN', 'urllib3.util.retry=WARN', 'keystonemiddleware=WARN', 'routes.middleware=WARN', 'stevedore=WARN', 'taskflow=WARN', 'keystoneauth=WARN', 'oslo.cache=INFO', 'oslo_policy=INFO', 'dogpile.core.dogpile=INFO']

List of package logging levels in logger=LEVEL pairs. This option is ignored if log_config_append is set.

publish_errors
Type

boolean

Default

False

Enables or disables publication of error events.

instance_format
Type

string

Default

"[instance: %(uuid)s] "

The format for an instance that is passed with the log message.

instance_uuid_format
Type

string

Default

"[instance: %(uuid)s] "

The format for an instance UUID that is passed with the log message.

rate_limit_interval
Type

integer

Default

0

Interval, number of seconds, of log rate limiting.

rate_limit_burst
Type

integer

Default

0

Maximum number of logged messages per rate_limit_interval.

rate_limit_except_level
Type

string

Default

CRITICAL

Log level name used by rate limiting: CRITICAL, ERROR, INFO, WARNING, DEBUG or empty string. Logs with level greater or equal to rate_limit_except_level are not filtered. An empty string means that all levels are filtered.

fatal_deprecations
Type

boolean

Default

False

Enables or disables fatal status of deprecations.

agent

minimize_polling
Type

boolean

Default

True

Minimize polling by monitoring ovsdb for interface changes.

ovsdb_monitor_respawn_interval
Type

integer

Default

30

The number of seconds to wait before respawning the ovsdb monitor after losing communication with it.

tunnel_types
Type

list

Default

[]

Network types supported by the agent (gre, vxlan and/or geneve).

vxlan_udp_port
Type

port number

Default

4789

Minimum Value

0

Maximum Value

65535

The UDP port to use for VXLAN tunnels.

veth_mtu
Type

integer

Default

9000

MTU size of veth interfaces

Warning

This option is deprecated for removal since Yoga. Its value may be silently ignored in the future.

Reason

This parameter has had no effect since the Wallaby release.

l2_population
Type

boolean

Default

False

Use ML2 l2population mechanism driver to learn remote MAC and IPs and improve tunnel scalability.

arp_responder
Type

boolean

Default

False

Enable local ARP responder if it is supported. Requires OVS 2.1 and ML2 l2population driver. Allows the switch (when supporting an overlay) to respond to an ARP request locally without performing a costly ARP broadcast into the overlay. NOTE: If enable_distributed_routing is set to True then arp_responder will automatically be set to True in the agent, regardless of the setting in the config file.

dont_fragment
Type

boolean

Default

True

Set or un-set the don’t fragment (DF) bit on outgoing IP packet carrying GRE/VXLAN tunnel.

enable_distributed_routing
Type

boolean

Default

False

Make the l2 agent run in DVR mode.

drop_flows_on_start
Type

boolean

Default

False

Reset flow table on start. Setting this to True will cause brief traffic interruption.

tunnel_csum
Type

boolean

Default

False

Set or un-set the tunnel header checksum on outgoing IP packet carrying GRE/VXLAN tunnel.

baremetal_smartnic
Type

boolean

Default

False

Enable the agent to process Smart NIC ports.

explicitly_egress_direct
Type

boolean

Default

False

When set to True, the accepted egress unicast traffic will not use action NORMAL. The accepted egress packets will be taken care of in the final egress tables direct output flows for unicast traffic.

extensions
Type

list

Default

[]

Extensions list to use

dhcp

enable_ipv6
Type

boolean

Default

True

When set to True, the OVS agent DHCP extension will add related flows for DHCPv6 packets.

dhcp_renewal_time
Type

integer

Default

0

DHCP renewal time T1 (in seconds). If set to 0, it will default to half of the lease time.

dhcp_rebinding_time
Type

integer

Default

0

DHCP rebinding time T2 (in seconds). If set to 0, it will default to 7/8 of the lease time.

network_log

rate_limit
Type

integer

Default

100

Minimum Value

100

Maximum packets logging per second.

burst_limit
Type

integer

Default

25

Minimum Value

25

Maximum number of packets per rate_limit.

local_output_log_base
Type

string

Default

<None>

Output logfile path on agent side, default syslog file.

ovs

integration_bridge
Type

string

Default

br-int

Integration bridge to use. Do not change this parameter unless you have a good reason to. This is the name of the OVS integration bridge. There is one per hypervisor. The integration bridge acts as a virtual ‘patch bay’. All VM VIFs are attached to this bridge and then ‘patched’ according to their network connectivity.

Deprecated Variations

Group

Name

ovs

ovs_integration_bridge

tunnel_bridge
Type

string

Default

br-tun

Tunnel bridge to use.

int_peer_patch_port
Type

string

Default

patch-tun

Peer patch port in integration bridge for tunnel bridge.

tun_peer_patch_port
Type

string

Default

patch-int

Peer patch port in tunnel bridge for integration bridge.

local_ip
Type

ip address

Default

<None>

IP address of local overlay (tunnel) network endpoint. Use either an IPv4 or IPv6 address that resides on one of the host network interfaces. The IP version of this value must match the value of the ‘overlay_ip_version’ option in the ML2 plug-in configuration file on the neutron server node(s).

bridge_mappings
Type

list

Default

[]

Comma-separated list of <physical_network>:<bridge> tuples mapping physical network names to the agent’s node-specific Open vSwitch bridge names to be used for flat and VLAN networks. The length of bridge names should be no more than 11. Each bridge must exist, and should have a physical network interface configured as a port. All physical networks configured on the server should have mappings to appropriate bridges on each agent. Note: If you remove a bridge from this mapping, make sure to disconnect it from the integration bridge as it won’t be managed by the agent anymore.

resource_provider_bandwidths
Type

list

Default

[]

Comma-separated list of <bridge>:<egress_bw>:<ingress_bw> tuples, showing the available bandwidth for the given bridge in the given direction. The direction is meant from VM perspective. Bandwidth is measured in kilobits per second (kbps). The bridge must appear in bridge_mappings as the value. But not all bridges in bridge_mappings must be listed here. For a bridge not listed here we neither create a resource provider in placement nor report inventories against. An omitted direction means we do not report an inventory for the corresponding class.

resource_provider_hypervisors
Type

dict

Default

{}

Mapping of bridges to hypervisors: <bridge>:<hypervisor>,… hypervisor name is used to locate the parent of the resource provider tree. Only needs to be set in the rare case when the hypervisor name is different from the resource_provider_default_hypervisor config option value as known by the nova-compute managing that hypervisor.

resource_provider_packet_processing_without_direction
Type

list

Default

[]

Comma-separated list of <hypervisor>:<packet_rate> tuples, defining the minimum packet rate the OVS backend can guarantee in kilo (1000) packet per second. The hypervisor name is used to locate the parent of the resource provider tree. Only needs to be set in the rare case when the hypervisor name is different from the DEFAULT.host config option value as known by the nova-compute managing that hypervisor or if multiple hypervisors are served by the same OVS backend. The default is :0 which means no packet processing capacity is guaranteed on the hypervisor named according to DEFAULT.host.

resource_provider_packet_processing_with_direction
Type

list

Default

[]

Similar to the resource_provider_packet_processing_without_direction but used in case the OVS backend has hardware offload capabilities. In this case the format is <hypervisor>:<egress_pkt_rate>:<ingress_pkt_rate> which allows defining packet processing capacity per traffic direction. The direction is meant from the VM perspective. Note that the resource_provider_packet_processing_without_direction and the resource_provider_packet_processing_with_direction are mutually exclusive options.

resource_provider_default_hypervisor
Type

string

Default

<None>

The default hypervisor name used to locate the parent of the resource provider. If this option is not set, canonical name is used

resource_provider_inventory_defaults
Type

dict

Default

{'allocation_ratio': 1.0, 'min_unit': 1, 'step_size': 1, 'reserved': 0}

Key:value pairs to specify defaults used while reporting resource provider inventories. Possible keys with their types: allocation_ratio:float, max_unit:int, min_unit:int, reserved:int, step_size:int, See also: https://docs.openstack.org/api-ref/placement/#update-resource-provider-inventories

resource_provider_packet_processing_inventory_defaults
Type

dict

Default

{'allocation_ratio': 1.0, 'min_unit': 1, 'step_size': 1, 'reserved': 0}

Key:value pairs to specify defaults used while reporting packet rate inventories. Possible keys with their types: allocation_ratio:float, max_unit:int, min_unit:int, reserved:int, step_size:int, See also: https://docs.openstack.org/api-ref/placement/#update-resource-provider-inventories

datapath_type
Type

string

Default

system

Valid Values

system, netdev

OVS datapath to use. ‘system’ is the default value and corresponds to the kernel datapath. To enable the userspace datapath set this value to ‘netdev’.

vhostuser_socket_dir
Type

string

Default

/var/run/openvswitch

OVS vhost-user socket directory.

of_listen_address
Type

ip address

Default

127.0.0.1

Address to listen on for OpenFlow connections.

of_listen_port
Type

port number

Default

6633

Minimum Value

0

Maximum Value

65535

Port to listen on for OpenFlow connections.

of_connect_timeout
Type

integer

Default

300

Timeout in seconds to wait for the local switch connecting the controller.

of_request_timeout
Type

integer

Default

300

Timeout in seconds to wait for a single OpenFlow request.

of_inactivity_probe
Type

integer

Default

10

The inactivity_probe interval in seconds for the local switch connection to the controller. A value of 0 disables inactivity probes.

openflow_processed_per_port
Type

boolean

Default

False

If enabled, all OpenFlow rules associated to a port are processed at once, in one single transaction. That avoids possible inconsistencies during OVS agent restart and port updates. If disabled, the flows will be processed in batches of _constants.AGENT_RES_PROCESSING_STEP number of OpenFlow rules.

ovsdb_connection
Type

string

Default

tcp:127.0.0.1:6640

The connection string for the OVSDB backend. Will be used for all ovsdb commands and by ovsdb-client when monitoring

ssl_key_file
Type

string

Default

<None>

The SSL private key file to use when interacting with OVSDB. Required when using an “ssl:” prefixed ovsdb_connection

ssl_cert_file
Type

string

Default

<None>

The SSL certificate file to use when interacting with OVSDB. Required when using an “ssl:” prefixed ovsdb_connection

ssl_ca_cert_file
Type

string

Default

<None>

The Certificate Authority (CA) certificate to use when interacting with OVSDB. Required when using an “ssl:” prefixed ovsdb_connection

ovsdb_debug
Type

boolean

Default

False

Enable OVSDB debug logs

securitygroup

firewall_driver
Type

string

Default

<None>

Driver for security groups firewall in the L2 agent

enable_security_group
Type

boolean

Default

True

Controls whether the neutron security group API is enabled in the server. It should be false when using no security groups or using the nova security group API.

enable_ipset
Type

boolean

Default

True

Use ipset to speed-up the iptables based security groups. Enabling ipset support requires that ipset is installed on L2 agent node.

permitted_ethertypes
Type

list

Default

[]

Comma-separated list of ethertypes to be permitted, in hexadecimal (starting with “0x”). For example, “0x4008” to permit InfiniBand.