--- /dev/null
+Description: Better config defaults
+ This patch makes the default config closer to the install-guide, in order to
+ minimize the efforts needed to be done by newbies.
+Author: Thomas Goirand <zigo@debian.org>
+Forwarded: not-needed
+Last-Update: 2015-02-12
+
+--- neutron-2015.1~b2.orig/etc/metadata_agent.ini
++++ neutron-2015.1~b2/etc/metadata_agent.ini
+@@ -23,7 +23,7 @@ admin_password = %SERVICE_PASSWORD%
+ # nova_metadata_port = 8775
+
+ # Which protocol to use for requests to Nova metadata server, http or https
+-# nova_metadata_protocol = http
++nova_metadata_protocol = http
+
+ # Whether insecure SSL connection should be accepted for Nova metadata server
+ # requests
+--- neutron-2015.1~b2.orig/etc/l3_agent.ini
++++ neutron-2015.1~b2/etc/l3_agent.ini
+@@ -4,11 +4,10 @@
+
+ # L3 requires that an interface driver be set. Choose the one that best
+ # matches your plugin.
+-# interface_driver =
+
+ # Example of interface_driver option for OVS based plugins (OVS, Ryu, NEC)
+ # that supports L3 agent
+-# interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
++interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
+
+ # Use veth for an OVS interface or not.
+ # Support kernels with limited namespace support
+@@ -20,7 +19,7 @@
+
+ # Allow overlapping IP (Must have kernel build with CONFIG_NET_NS=y and
+ # iproute2 package that supports namespaces).
+-# use_namespaces = True
++use_namespaces = True
+
+ # If use_namespaces is set as False then the agent can only configure one router.
+
+@@ -38,12 +37,12 @@
+ # an external network gateway configured. This option should be True only
+ # for a single agent in a Neutron deployment, and may be False for all agents
+ # if all routers must have an external network gateway
+-# handle_internal_only_routers = True
++handle_internal_only_routers = True
+
+ # Name of bridge used for external network traffic. This should be set to
+ # empty value for the linux bridge. when this parameter is set, each L3 agent
+ # can be associated with no more than one external network.
+-# external_network_bridge = br-ex
++external_network_bridge = br-ex
+
+ # TCP Port used by Neutron metadata server
+ # metadata_port = 9697
+@@ -69,7 +68,7 @@
+
+ # enable_metadata_proxy, which is true by default, can be set to False
+ # if the Nova metadata server is not available
+-# enable_metadata_proxy = True
++enable_metadata_proxy = True
+
+ # Iptables mangle mark used to mark metadata valid requests
+ # metadata_access_mark = 0x1
+@@ -83,7 +82,7 @@
+ # utility mentioned in https://bugs.launchpad.net/neutron/+bug/1052535 and
+ # you are sure that your version of iproute does not suffer from the problem.
+ # If True, namespaces will be deleted when a router is destroyed.
+-# router_delete_namespaces = False
++router_delete_namespaces = False
+
+ # Timeout for ovs-vsctl commands.
+ # If the timeout expires, ovs commands will fail with ALARMCLOCK error.
+@@ -98,7 +97,7 @@
+ # - dvr_snat: this enables centralized SNAT support in conjunction with
+ # DVR. This mode must be used for an L3 agent running on a centralized
+ # node (or in single-host deployments, e.g. devstack).
+-# agent_mode = legacy
++agent_mode = legacy
+
+ # Location to store keepalived and all HA configurations
+ # ha_confs_path = $state_path/ha_confs
+@@ -111,3 +110,5 @@
+
+ # The advertisement interval in seconds
+ # ha_vrrp_advert_int = 2
++
++allow_automatic_l3agent_failover=False
+--- neutron-2015.1~b2.orig/etc/dhcp_agent.ini
++++ neutron-2015.1~b2/etc/dhcp_agent.ini
+@@ -9,14 +9,13 @@
+
+ # The DHCP agent requires an interface driver be set. Choose the one that best
+ # matches your plugin.
+-# interface_driver =
+
+ # Example of interface_driver option for OVS based plugins(OVS, Ryu, NEC, NVP,
+ # BigSwitch/Floodlight)
+-# interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
++interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
+
+ # Name of Open vSwitch bridge to use
+-# ovs_integration_bridge = br-int
++ovs_integration_bridge = br-int
+
+ # Use veth for an OVS interface or not.
+ # Support kernels with limited namespace support
+@@ -28,18 +27,18 @@
+
+ # The agent can use other DHCP drivers. Dnsmasq is the simplest and requires
+ # no additional setup of the DHCP server.
+-# dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
++dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
+
+ # Allow overlapping IP (Must have kernel build with CONFIG_NET_NS=y and
+ # iproute2 package that supports namespaces).
+-# use_namespaces = True
++use_namespaces = True
+
+ # The DHCP server can assist with providing metadata support on isolated
+ # networks. Setting this value to True will cause the DHCP server to append
+ # specific host routes to the DHCP request. The metadata service will only
+ # be activated when the subnet does not contain any router port. The guest
+ # instance must be configured to request host routes via DHCP (Option 121).
+-# enable_isolated_metadata = False
++enable_isolated_metadata = False
+
+ # Allows for serving metadata requests coming from a dedicated metadata
+ # access network whose cidr is 169.254.169.254/16 (or larger prefix), and
+@@ -47,7 +46,7 @@
+ # request. In this case DHCP Option 121 will not be injected in VMs, as
+ # they will be able to reach 169.254.169.254 through a router.
+ # This option requires enable_isolated_metadata = True
+-# enable_metadata_network = False
++enable_metadata_network = False
+
+ # Number of threads to use during sync process. Should not exceed connection
+ # pool size configured on server.
+@@ -60,7 +59,7 @@
+ # dhcp_domain = openstacklocal
+
+ # Override the default dnsmasq settings with this file
+-# dnsmasq_config_file =
++dnsmasq_config_file = /etc/neutron/dnsmasq-neutron.conf
+
+ # Comma-separated list of DNS servers which will be used by dnsmasq
+ # as forwarders.
+--- neutron-2015.1~b2.orig/etc/neutron.conf
++++ neutron-2015.1~b2/etc/neutron.conf
+@@ -60,8 +60,8 @@ lock_path = $state_path/lock
+ # previous versions, the class name of a plugin can be specified instead of its
+ # entrypoint name.
+ #
+-# core_plugin =
+ # Example: core_plugin = ml2
++core_plugin = neutron.plugins.ml2.plugin.Ml2Plugin
+
+ # (ListOpt) List of service plugin entrypoints to be loaded from the
+ # neutron.service_plugins namespace. See setup.cfg for the entrypoint names of
+@@ -69,8 +69,8 @@ lock_path = $state_path/lock
+ # with previous versions, the class name of a plugin can be specified instead
+ # of its entrypoint name.
+ #
+-# service_plugins =
+ # Example: service_plugins = router,firewall,lbaas,vpnaas,metering
++service_plugins = neutron.services.loadbalancer.plugin.LoadBalancerPlugin,neutron.services.metering.metering_plugin.MeteringPlugin,neutron.services.l3_router.l3_router_plugin.L3RouterPlugin
+
+ # Paste configuration file
+ # api_paste_config = api-paste.ini
+@@ -84,7 +84,7 @@ lock_path = $state_path/lock
+
+ # The strategy to be used for auth.
+ # Supported values are 'keystone'(default), 'noauth'.
+-# auth_strategy = keystone
++auth_strategy = keystone
+
+ # Base MAC address. The first 3 octets will remain unchanged. If the
+ # 4h octet is not 00, it will also be used. The others will be
+@@ -121,7 +121,7 @@ lock_path = $state_path/lock
+ # Enable or disable overlapping IPs for subnets
+ # Attention: the following parameter MUST be set to False if Neutron is
+ # being used in conjunction with nova security groups
+-# allow_overlapping_ips = False
++allow_overlapping_ips = True
+ # Ensure that configured gateway is on subnet. For IPv6, validate only if
+ # gateway is not a link local address. Deprecated, to be removed during the
+ # K release, at which point the check will be mandatory.
+@@ -257,20 +257,20 @@ lock_path = $state_path/lock
+
+ # ======== neutron nova interactions ==========
+ # Send notification to nova when port status is active.
+-# notify_nova_on_port_status_changes = True
++notify_nova_on_port_status_changes = True
+
+ # Send notifications to nova when port data (fixed_ips/floatingips) change
+ # so nova can update it's cache.
+-# notify_nova_on_port_data_changes = True
++notify_nova_on_port_data_changes = True
+
+ # URL for connection to nova (Only supports one nova region currently).
+ # nova_url = http://127.0.0.1:8774/v2
+
+ # Name of nova region to use. Useful if keystone manages more than one region
+-# nova_region_name =
++nova_region_name = regionOne
+
+ # Username for connection to nova in admin context
+-# nova_admin_username =
++nova_admin_username = admin
+
+ # The uuid of the admin nova tenant
+ # nova_admin_tenant_id =
+@@ -369,7 +369,7 @@ lock_path = $state_path/lock
+
+ # The RabbitMQ broker address where a single node is used.
+ # (string value)
+-#rabbit_host=localhost
++rabbit_host=localhost
+
+ # The RabbitMQ broker port where a single node is used.
+ # (integer value)
+@@ -382,10 +382,10 @@ lock_path = $state_path/lock
+ #rabbit_use_ssl=false
+
+ # The RabbitMQ userid. (string value)
+-#rabbit_userid=guest
++rabbit_userid=guest
+
+ # The RabbitMQ password. (string value)
+-#rabbit_password=guest
++rabbit_password=guest
+
+ # the RabbitMQ login method (string value)
+ #rabbit_login_method=AMQPLAIN
+@@ -470,7 +470,7 @@ lock_path = $state_path/lock
+
+ # The messaging driver to use, defaults to rabbit. Other
+ # drivers include qpid and zmq. (string value)
+-#rpc_backend=rabbit
++rpc_backend=rabbit
+
+ # The default exchange under which topics are scoped. May be
+ # overridden by an exchange name specified in the
+@@ -582,7 +582,7 @@ lock_path = $state_path/lock
+ # Use "sudo neutron-rootwrap /etc/neutron/rootwrap.conf" to use the real
+ # root filter facility.
+ # Change to "sudo" to skip the filtering and just run the comand directly
+-# root_helper = sudo
++root_helper = sudo neutron-rootwrap /etc/neutron/rootwrap.conf
+
+ # Set to true to add comments to generated iptables rules that describe
+ # each rule's purpose. (System must support the iptables comments module.)
+@@ -619,14 +619,13 @@ admin_password = %SERVICE_PASSWORD%
+ [database]
+ # This line MUST be changed to actually run the plugin.
+ # Example:
+-# connection = mysql://root:pass@127.0.0.1:3306/neutron
+ # Replace 127.0.0.1 above with the IP address of the database used by the
+ # main neutron server. (Leave it as is if the database runs on this host.)
+-# connection = sqlite://
+ # NOTE: In deployment the [database] section and its connection attribute may
+ # be set in the corresponding core plugin '.ini' file. However, it is suggested
+ # to put the [database] section and its connection attribute in this
+ # configuration file.
++connection = sqlite:///var/lib/neutron/neutrondb
+
+ # Database engine for which script will be generated when using offline
+ # migration
+--- neutron-2015.1~b2.orig/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini
++++ neutron-2015.1~b2/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini
+@@ -5,7 +5,7 @@
+ # attached to this bridge and then "patched" according to their network
+ # connectivity.
+ #
+-# integration_bridge = br-int
++integration_bridge = br-int
+
+ # Only used for the agent if tunnel_id_ranges is not empty for
+ # the server. In most cases, the default value should be fine.
+@@ -32,8 +32,8 @@
+ # port. All physical networks configured on the server should have
+ # mappings to appropriate bridges on each agent.
+ #
+-# bridge_mappings =
+ # Example: bridge_mappings = physnet1:br-eth1
++bridge_mappings = external:br-ex
+
+ # (BoolOpt) Use veths instead of patch ports to interconnect the integration
+ # bridge to physical networks. Support kernel without ovs patch port support
+@@ -42,7 +42,7 @@
+
+ [agent]
+ # Agent's polling interval in seconds
+-# polling_interval = 2
++polling_interval = 15
+
+ # Minimize polling by monitoring ovsdb for interface changes
+ # minimize_polling = True
+@@ -57,10 +57,10 @@
+ # disable tunneling support in the agent.
+ # You can specify as many values here as your compute hosts supports.
+ #
+-# tunnel_types =
+ # Example: tunnel_types = gre
+ # Example: tunnel_types = vxlan
+ # Example: tunnel_types = vxlan, gre
++tunnel_types = gre
+
+ # (IntOpt) The port number to utilize if tunnel_types includes 'vxlan'. By
+ # default, this will make use of the Open vSwitch default value of '4789' if
+@@ -82,12 +82,12 @@
+ # RPC calbbacks instead of tunnel_sync/update) on OVS agents in order to
+ # optimize tunnel management.
+ #
+-# l2_population = False
++l2_population = True
+
+ # Enable local ARP responder. Requires OVS 2.1. This is only used by the l2
+ # population ML2 MechanismDriver.
+ #
+-# arp_responder = False
++arp_responder = False
+
+ # (BoolOpt) Set or un-set the don't fragment (DF) bit on outgoing IP packet
+ # carrying GRE/VXLAN tunnel. The default value is True.
+@@ -97,7 +97,7 @@
+ # (BoolOpt) Set to True on L2 agents to enable support
+ # for distributed virtual routing.
+ #
+-# enable_distributed_routing = False
++enable_distributed_routing = False
+
+ # (IntOpt) Set new timeout in seconds for new rpc calls after agent receives
+ # SIGTERM. If value is set to 0, rpc timeout won't be changed"
+@@ -106,32 +106,10 @@
+
+ [securitygroup]
+ # Firewall driver for realizing neutron security group function.
+-# firewall_driver = neutron.agent.firewall.NoopFirewallDriver
+ # Example: firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
++firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
+
+ # Controls if neutron security group is enabled or not.
+ # It should be false when you use nova security group.
+ # enable_security_group = True
+
+-#-----------------------------------------------------------------------------
+-# Sample Configurations.
+-#-----------------------------------------------------------------------------
+-#
+-# 1. With VLANs on eth1.
+-# [ovs]
+-# integration_bridge = br-int
+-# bridge_mappings = default:br-eth1
+-#
+-# 2. With GRE tunneling.
+-# [ovs]
+-# integration_bridge = br-int
+-# tunnel_bridge = br-tun
+-# local_ip = 10.0.0.3
+-#
+-# 3. With VXLAN tunneling.
+-# [ovs]
+-# integration_bridge = br-int
+-# tunnel_bridge = br-tun
+-# local_ip = 10.0.0.3
+-# [agent]
+-# tunnel_types = vxlan
+--- neutron-2015.1~b2.orig/etc/neutron/plugins/ml2/ml2_conf.ini
++++ neutron-2015.1~b2/etc/neutron/plugins/ml2/ml2_conf.ini
+@@ -2,24 +2,24 @@
+ # (ListOpt) List of network type driver entrypoints to be loaded from
+ # the neutron.ml2.type_drivers namespace.
+ #
+-# type_drivers = local,flat,vlan,gre,vxlan
+-# Example: type_drivers = flat,vlan,gre,vxlan
++# Example: type_drivers = local,flat,vlan,gre,vxlan
++type_drivers = flat,gre
+
+ # (ListOpt) Ordered list of network_types to allocate as tenant
+ # networks. The default value 'local' is useful for single-box testing
+ # but provides no connectivity between hosts.
+ #
+-# tenant_network_types = local
+ # Example: tenant_network_types = vlan,gre,vxlan
++tenant_network_types = gre
+
+ # (ListOpt) Ordered list of networking mechanism driver entrypoints
+ # to be loaded from the neutron.ml2.mechanism_drivers namespace.
+-# mechanism_drivers =
+ # Example: mechanism_drivers = openvswitch,mlnx
+ # Example: mechanism_drivers = arista
+ # Example: mechanism_drivers = cisco,logger
+ # Example: mechanism_drivers = openvswitch,brocade
+ # Example: mechanism_drivers = linuxbridge,brocade
++mechanism_drivers = openvswitch,l2population
+
+ # (ListOpt) Ordered list of extension driver entrypoints
+ # to be loaded from the neutron.ml2.extension_drivers namespace.
+@@ -31,9 +31,9 @@
+ # can be created. Use * to allow flat networks with arbitrary
+ # physical_network names.
+ #
+-# flat_networks =
+ # Example:flat_networks = physnet1,physnet2
+ # Example:flat_networks = *
++flat_networks = external
+
+ [ml2_type_vlan]
+ # (ListOpt) List of <physical_network>[:<vlan_min>:<vlan_max>] tuples
+@@ -46,7 +46,7 @@
+
+ [ml2_type_gre]
+ # (ListOpt) Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges of GRE tunnel IDs that are available for tenant network allocation
+-# tunnel_id_ranges =
++tunnel_id_ranges = 1:1000
+
+ [ml2_type_vxlan]
+ # (ListOpt) Comma-separated list of <vni_min>:<vni_max> tuples enumerating
+@@ -64,8 +64,8 @@
+ [securitygroup]
+ # Controls if neutron security group is enabled or not.
+ # It should be false when you use nova security group.
+-# enable_security_group = True
++enable_security_group = True
+
+ # Use ipset to speed-up the iptables security groups. Enabling ipset support
+ # requires that ipset is installed on L2 agent node.
+-# enable_ipset = True
++enable_ipset = True
Code Review / openstack-build / neutron-build.git / commitdiff