ovn.ini¶
DEFAULT¶
- debug¶
- Type
boolean
- Default
False
- Mutable
This option can be changed without restarting.
If set to true, the logging level will be set to DEBUG instead of the default INFO level.
- log_config_append¶
- Type
string
- Default
<None>
- Mutable
This option can be changed without restarting.
The name of a logging configuration file. This file is appended to any existing logging configuration files. For details about logging configuration files, see the Python logging module documentation. Note that when logging configuration files are used then all logging configuration is set in the configuration file and other logging configuration options are ignored (for example, log-date-format).
¶ Group
Name
DEFAULT
log-config
DEFAULT
log_config
- log_date_format¶
- Type
string
- Default
%Y-%m-%d %H:%M:%S
Defines the format string for %(asctime)s in log records. Default: the value above . This option is ignored if log_config_append is set.
- log_file¶
- Type
string
- Default
<None>
(Optional) Name of log file to send logging output to. If no default is set, logging will go to stderr as defined by use_stderr. This option is ignored if log_config_append is set.
¶ Group
Name
DEFAULT
logfile
- log_dir¶
- Type
string
- Default
<None>
(Optional) The base directory used for relative log_file paths. This option is ignored if log_config_append is set.
¶ Group
Name
DEFAULT
logdir
- watch_log_file¶
- Type
boolean
- Default
False
Uses logging handler designed to watch file system. When log file is moved or removed this handler will open a new log file with specified path instantaneously. It makes sense only if log_file option is specified and Linux platform is used. This option is ignored if log_config_append is set.
- use_syslog¶
- Type
boolean
- Default
False
Use syslog for logging. Existing syslog format is DEPRECATED and will be changed later to honor RFC5424. This option is ignored if log_config_append is set.
- use_journal¶
- Type
boolean
- Default
False
Enable journald for logging. If running in a systemd environment you may wish to enable journal support. Doing so will use the journal native protocol which includes structured metadata in addition to log messages.This option is ignored if log_config_append is set.
- syslog_log_facility¶
- Type
string
- Default
LOG_USER
Syslog facility to receive log lines. This option is ignored if log_config_append is set.
- use_json¶
- Type
boolean
- Default
False
Use JSON formatting for logging. This option is ignored if log_config_append is set.
- use_stderr¶
- Type
boolean
- Default
False
Log output to standard error. This option is ignored if log_config_append is set.
- use_eventlog¶
- Type
boolean
- Default
False
Log output to Windows Event Log.
- log_rotate_interval¶
- Type
integer
- Default
1
The amount of time before the log files are rotated. This option is ignored unless log_rotation_type is set to “interval”.
- log_rotate_interval_type¶
- Type
string
- Default
days
- Valid Values
Seconds, Minutes, Hours, Days, Weekday, Midnight
Rotation interval type. The time of the last file change (or the time when the service was started) is used when scheduling the next rotation.
- max_logfile_count¶
- Type
integer
- Default
30
Maximum number of rotated log files.
- max_logfile_size_mb¶
- Type
integer
- Default
200
Log file maximum size in MB. This option is ignored if “log_rotation_type” is not set to “size”.
- log_rotation_type¶
- Type
string
- Default
none
- Valid Values
interval, size, none
Log rotation type.
Possible values
- interval
Rotate logs at predefined time intervals.
- size
Rotate logs once they reach a predefined size.
- none
Do not rotate log files.
- logging_context_format_string¶
- Type
string
- Default
%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(global_request_id)s %(request_id)s %(user_identity)s] %(instance)s%(message)s
Format string to use for log messages with context. Used by oslo_log.formatters.ContextFormatter
- logging_default_format_string¶
- Type
string
- Default
%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s
Format string to use for log messages when context is undefined. Used by oslo_log.formatters.ContextFormatter
- logging_debug_format_suffix¶
- Type
string
- Default
%(funcName)s %(pathname)s:%(lineno)d
Additional data to append to log message when logging level for the message is DEBUG. Used by oslo_log.formatters.ContextFormatter
- logging_exception_prefix¶
- Type
string
- Default
%(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s
Prefix each line of exception output with this format. Used by oslo_log.formatters.ContextFormatter
- logging_user_identity_format¶
- Type
string
- Default
%(user)s %(project)s %(domain)s %(system_scope)s %(user_domain)s %(project_domain)s
Defines the format string for %(user_identity)s that is used in logging_context_format_string. Used by oslo_log.formatters.ContextFormatter
- default_log_levels¶
- Type
list
- Default
['amqp=WARN', 'amqplib=WARN', 'boto=WARN', 'qpid=WARN', 'sqlalchemy=WARN', 'suds=INFO', 'oslo.messaging=INFO', 'oslo_messaging=INFO', 'iso8601=WARN', 'requests.packages.urllib3.connectionpool=WARN', 'urllib3.connectionpool=WARN', 'websocket=WARN', 'requests.packages.urllib3.util.retry=WARN', 'urllib3.util.retry=WARN', 'keystonemiddleware=WARN', 'routes.middleware=WARN', 'stevedore=WARN', 'taskflow=WARN', 'keystoneauth=WARN', 'oslo.cache=INFO', 'oslo_policy=INFO', 'dogpile.core.dogpile=INFO']
List of package logging levels in logger=LEVEL pairs. This option is ignored if log_config_append is set.
- publish_errors¶
- Type
boolean
- Default
False
Enables or disables publication of error events.
- instance_format¶
- Type
string
- Default
"[instance: %(uuid)s] "
The format for an instance that is passed with the log message.
- instance_uuid_format¶
- Type
string
- Default
"[instance: %(uuid)s] "
The format for an instance UUID that is passed with the log message.
- rate_limit_interval¶
- Type
integer
- Default
0
Interval, number of seconds, of log rate limiting.
- rate_limit_burst¶
- Type
integer
- Default
0
Maximum number of logged messages per rate_limit_interval.
- rate_limit_except_level¶
- Type
string
- Default
CRITICAL
Log level name used by rate limiting: CRITICAL, ERROR, INFO, WARNING, DEBUG or empty string. Logs with level greater or equal to rate_limit_except_level are not filtered. An empty string means that all levels are filtered.
- fatal_deprecations¶
- Type
boolean
- Default
False
Enables or disables fatal status of deprecations.
ovn¶
- ovn_nb_connection¶
- Type
string
- Default
tcp:127.0.0.1:6641
The connection string for the OVN_Northbound OVSDB. Use tcp:IP:PORT for TCP connection. Use ssl:IP:PORT for SSL connection. The ovn_nb_private_key, ovn_nb_certificate and ovn_nb_ca_cert are mandatory. Use unix:FILE for unix domain socket connection. Multiple connection can be specified by a comma separated string. See also: https://github.com/openvswitch/ovs/blob/ab4d3bfbef37c31331db5a9dbe7c22eb8d5e5e5f/python/ovs/db/idl.py#L215-L216
- ovn_nb_private_key¶
- Type
string
- Default
''
The PEM file with private key for SSL connection to OVN-NB-DB
- ovn_nb_certificate¶
- Type
string
- Default
''
The PEM file with certificate that certifies the private key specified in ovn_nb_private_key
- ovn_nb_ca_cert¶
- Type
string
- Default
''
The PEM file with CA certificate that OVN should use to verify certificates presented to it by SSL peers
- ovn_sb_connection¶
- Type
string
- Default
tcp:127.0.0.1:6642
The connection string for the OVN_Southbound OVSDB. Use tcp:IP:PORT for TCP connection. Use ssl:IP:PORT for SSL connection. The ovn_sb_private_key, ovn_sb_certificate and ovn_sb_ca_cert are mandatory. Use unix:FILE for unix domain socket connection. Multiple connection can be specified by a comma separated string. See also: https://github.com/openvswitch/ovs/blob/ab4d3bfbef37c31331db5a9dbe7c22eb8d5e5e5f/python/ovs/db/idl.py#L215-L216
- ovn_sb_private_key¶
- Type
string
- Default
''
The PEM file with private key for SSL connection to OVN-SB-DB
- ovn_sb_certificate¶
- Type
string
- Default
''
The PEM file with certificate that certifies the private key specified in ovn_sb_private_key
- ovn_sb_ca_cert¶
- Type
string
- Default
''
The PEM file with CA certificate that OVN should use to verify certificates presented to it by SSL peers
- ovsdb_connection_timeout¶
- Type
integer
- Default
180
Timeout in seconds for the OVSDB connection transaction
- ovsdb_retry_max_interval¶
- Type
integer
- Default
180
Max interval in seconds between each retry to get the OVN NB and SB IDLs
- ovsdb_probe_interval¶
- Type
integer
- Default
60000
- Minimum Value
0
The probe interval in for the OVSDB session in milliseconds. If this is zero, it disables the connection keepalive feature. If non-zero the value will be forced to at least 1000 milliseconds. Defaults to 60 seconds.
- neutron_sync_mode¶
- Type
string
- Default
log
- Valid Values
off, log, repair, migrate
The synchronization mode of OVN_Northbound OVSDB with Neutron DB. off - synchronization is off log - during neutron-server startup, check to see if OVN is in sync with the Neutron database. Log warnings for any inconsistencies found so that an admin can investigate repair - during neutron-server startup, automatically create resources found in Neutron but not in OVN. Also remove resources from OVN that are no longer in Neutron.migrate - This mode is to OVS to OVN migration. It will sync the DB just like repair mode but it will additionally fix the Neutron DB resource from OVS to OVN.
- ovn_l3_mode¶
- Type
boolean
- Default
True
Whether to use OVN native L3 support. Do not change the value for existing deployments that contain routers.
Warning
This option is deprecated for removal. Its value may be silently ignored in the future.
- Reason
This option is no longer used. Native L3 support in OVN is always used.
- ovn_l3_scheduler¶
- Type
string
- Default
leastloaded
- Valid Values
leastloaded, chance
The OVN L3 Scheduler type used to schedule router gateway ports on hypervisors/chassis. leastloaded - chassis with fewest gateway ports selected chance - chassis randomly selected
- enable_distributed_floating_ip¶
- Type
boolean
- Default
False
Enable distributed floating IP support. If True, the NAT action for floating IPs will be done locally and not in the centralized gateway. This saves the path to the external network. This requires the user to configure the physical network map (i.e. ovn-bridge-mappings) on each compute node.
- vif_type¶
- Type
string
- Default
ovs
- Valid Values
ovs, vhostuser
Type of VIF to be used for ports valid values are (ovs, vhostuser) default ovs
Warning
This option is deprecated for removal. Its value may be silently ignored in the future.
- Reason
The port VIF type is now determined based on the OVN chassis information when the port is bound to a host.
- vhost_sock_dir¶
- Type
string
- Default
/var/run/openvswitch
The directory in which vhost virtio socket is created by all the vswitch daemons
- dhcp_default_lease_time¶
- Type
integer
- Default
43200
Default least time (in seconds) to use with OVN’s native DHCP service.
- ovsdb_log_level¶
- Type
string
- Default
INFO
- Valid Values
CRITICAL, ERROR, WARNING, INFO, DEBUG
The log level used for OVSDB
- ovn_metadata_enabled¶
- Type
boolean
- Default
False
Whether to use metadata service.
- dns_servers¶
- Type
list
- Default
[]
Comma-separated list of the DNS servers which will be used as forwarders if a subnet’s dns_nameservers field is empty. If both subnet’s dns_nameservers and this option is empty, then the DNS resolvers on the host running the neutron server will be used.
- ovn_dhcp4_global_options¶
- Type
dict
- Default
{}
Dictionary of global DHCPv4 options which will be automatically set on each subnet upon creation and on all existing subnets when Neutron starts. An empty value for a DHCP option will cause that option to be unset globally. EXAMPLES: - ntp_server:1.2.3.4,wpad:1.2.3.5 - Set ntp_server and wpad - ntp_server:,wpad:1.2.3.5 - Unset ntp_server and set wpad See the ovn-nb(5) man page for available options.
- ovn_dhcp6_global_options¶
- Type
dict
- Default
{}
Dictionary of global DHCPv6 options which will be automatically set on each subnet upon creation and on all existing subnets when Neutron starts. An empty value for a DHCP option will cause that option to be unset globally. EXAMPLES: - ntp_server:1.2.3.4,wpad:1.2.3.5 - Set ntp_server and wpad - ntp_server:,wpad:1.2.3.5 - Unset ntp_server and set wpad See the ovn-nb(5) man page for available options.
- ovn_emit_need_to_frag¶
- Type
boolean
- Default
False
Configure OVN to emit “need to frag” packets in case of MTU mismatch. Before enabling this configuration make sure that its supported by the host kernel (version >= 5.2) or by checking the output of the following command: ovs-appctl -t ovs-vswitchd dpif/show-dp-features br-int | grep “Check pkt length action”.
- disable_ovn_dhcp_for_baremetal_ports¶
- Type
boolean
- Default
False
Disable OVN’s built-in DHCP for baremetal ports (VNIC type “baremetal”). This alllow operators to plug their own DHCP server of choice for PXE booting baremetal nodes. Defaults to False.
- allow_stateless_action_supported¶
- Type
boolean
- Default
True
If OVN older than 21.06 is used together with Neutron, this option should be set to
False
in order to disablestateful-security-group
API extension asallow-stateless
keyword is only supported by OVN >= 21.06.Warning
This option is deprecated for removal since 2023.1. Its value may be silently ignored in the future.
ovs¶
- ovsdb_timeout¶
- Type
integer
- Default
10
Timeout in seconds for ovsdb commands. If the timeout expires, ovsdb commands will fail with ALARMCLOCK error.
- bridge_mac_table_size¶
- Type
integer
- Default
50000
The maximum number of MAC addresses to learn on a bridge managed by the Neutron OVS agent. Values outside a reasonable range (10 to 1,000,000) might be overridden by Open vSwitch according to the documentation.
- igmp_snooping_enable¶
- Type
boolean
- Default
False
Enable IGMP snooping for integration bridge. If this option is set to True, support for Internet Group Management Protocol (IGMP) is enabled in integration bridge. Setting this option to True will also enable Open vSwitch mcast-snooping-disable-flood-unregistered flag. This option will disable flooding of unregistered multicast packets to all ports. The switch will send unregistered multicast packets only to ports connected to multicast routers.