From: Thomas Goirand Date: Thu, 12 Feb 2015 21:46:27 +0000 (+0100) Subject: Forwarded ported the better-config-defaults.patch from Juno X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=b16a729a31c65ecc7e87c7ca2ff8663987fdb3de;p=openstack-build%2Fneutron-build.git Forwarded ported the better-config-defaults.patch from Juno Rewritten-From: ea3a4409b1a7e0b9db5bf91c2e34ef865f33c59c --- diff --git a/trusty/debian/patches/better-config-defaults.patch b/trusty/debian/patches/better-config-defaults.patch new file mode 100644 index 000000000..6ad67b2b5 --- /dev/null +++ b/trusty/debian/patches/better-config-defaults.patch @@ -0,0 +1,432 @@ +Description: Better config defaults + This patch makes the default config closer to the install-guide, in order to + minimize the efforts needed to be done by newbies. +Author: Thomas Goirand +Forwarded: not-needed +Last-Update: 2015-02-12 + +--- neutron-2015.1~b2.orig/etc/metadata_agent.ini ++++ neutron-2015.1~b2/etc/metadata_agent.ini +@@ -23,7 +23,7 @@ admin_password = %SERVICE_PASSWORD% + # nova_metadata_port = 8775 + + # Which protocol to use for requests to Nova metadata server, http or https +-# nova_metadata_protocol = http ++nova_metadata_protocol = http + + # Whether insecure SSL connection should be accepted for Nova metadata server + # requests +--- neutron-2015.1~b2.orig/etc/l3_agent.ini ++++ neutron-2015.1~b2/etc/l3_agent.ini +@@ -4,11 +4,10 @@ + + # L3 requires that an interface driver be set. Choose the one that best + # matches your plugin. +-# interface_driver = + + # Example of interface_driver option for OVS based plugins (OVS, Ryu, NEC) + # that supports L3 agent +-# interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver ++interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver + + # Use veth for an OVS interface or not. + # Support kernels with limited namespace support +@@ -20,7 +19,7 @@ + + # Allow overlapping IP (Must have kernel build with CONFIG_NET_NS=y and + # iproute2 package that supports namespaces). +-# use_namespaces = True ++use_namespaces = True + + # If use_namespaces is set as False then the agent can only configure one router. + +@@ -38,12 +37,12 @@ + # an external network gateway configured. This option should be True only + # for a single agent in a Neutron deployment, and may be False for all agents + # if all routers must have an external network gateway +-# handle_internal_only_routers = True ++handle_internal_only_routers = True + + # Name of bridge used for external network traffic. This should be set to + # empty value for the linux bridge. when this parameter is set, each L3 agent + # can be associated with no more than one external network. +-# external_network_bridge = br-ex ++external_network_bridge = br-ex + + # TCP Port used by Neutron metadata server + # metadata_port = 9697 +@@ -69,7 +68,7 @@ + + # enable_metadata_proxy, which is true by default, can be set to False + # if the Nova metadata server is not available +-# enable_metadata_proxy = True ++enable_metadata_proxy = True + + # Iptables mangle mark used to mark metadata valid requests + # metadata_access_mark = 0x1 +@@ -83,7 +82,7 @@ + # utility mentioned in https://bugs.launchpad.net/neutron/+bug/1052535 and + # you are sure that your version of iproute does not suffer from the problem. + # If True, namespaces will be deleted when a router is destroyed. +-# router_delete_namespaces = False ++router_delete_namespaces = False + + # Timeout for ovs-vsctl commands. + # If the timeout expires, ovs commands will fail with ALARMCLOCK error. +@@ -98,7 +97,7 @@ + # - dvr_snat: this enables centralized SNAT support in conjunction with + # DVR. This mode must be used for an L3 agent running on a centralized + # node (or in single-host deployments, e.g. devstack). +-# agent_mode = legacy ++agent_mode = legacy + + # Location to store keepalived and all HA configurations + # ha_confs_path = $state_path/ha_confs +@@ -111,3 +110,5 @@ + + # The advertisement interval in seconds + # ha_vrrp_advert_int = 2 ++ ++allow_automatic_l3agent_failover=False +--- neutron-2015.1~b2.orig/etc/dhcp_agent.ini ++++ neutron-2015.1~b2/etc/dhcp_agent.ini +@@ -9,14 +9,13 @@ + + # The DHCP agent requires an interface driver be set. Choose the one that best + # matches your plugin. +-# interface_driver = + + # Example of interface_driver option for OVS based plugins(OVS, Ryu, NEC, NVP, + # BigSwitch/Floodlight) +-# interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver ++interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver + + # Name of Open vSwitch bridge to use +-# ovs_integration_bridge = br-int ++ovs_integration_bridge = br-int + + # Use veth for an OVS interface or not. + # Support kernels with limited namespace support +@@ -28,18 +27,18 @@ + + # The agent can use other DHCP drivers. Dnsmasq is the simplest and requires + # no additional setup of the DHCP server. +-# dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq ++dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq + + # Allow overlapping IP (Must have kernel build with CONFIG_NET_NS=y and + # iproute2 package that supports namespaces). +-# use_namespaces = True ++use_namespaces = True + + # The DHCP server can assist with providing metadata support on isolated + # networks. Setting this value to True will cause the DHCP server to append + # specific host routes to the DHCP request. The metadata service will only + # be activated when the subnet does not contain any router port. The guest + # instance must be configured to request host routes via DHCP (Option 121). +-# enable_isolated_metadata = False ++enable_isolated_metadata = False + + # Allows for serving metadata requests coming from a dedicated metadata + # access network whose cidr is 169.254.169.254/16 (or larger prefix), and +@@ -47,7 +46,7 @@ + # request. In this case DHCP Option 121 will not be injected in VMs, as + # they will be able to reach 169.254.169.254 through a router. + # This option requires enable_isolated_metadata = True +-# enable_metadata_network = False ++enable_metadata_network = False + + # Number of threads to use during sync process. Should not exceed connection + # pool size configured on server. +@@ -60,7 +59,7 @@ + # dhcp_domain = openstacklocal + + # Override the default dnsmasq settings with this file +-# dnsmasq_config_file = ++dnsmasq_config_file = /etc/neutron/dnsmasq-neutron.conf + + # Comma-separated list of DNS servers which will be used by dnsmasq + # as forwarders. +--- neutron-2015.1~b2.orig/etc/neutron.conf ++++ neutron-2015.1~b2/etc/neutron.conf +@@ -60,8 +60,8 @@ lock_path = $state_path/lock + # previous versions, the class name of a plugin can be specified instead of its + # entrypoint name. + # +-# core_plugin = + # Example: core_plugin = ml2 ++core_plugin = neutron.plugins.ml2.plugin.Ml2Plugin + + # (ListOpt) List of service plugin entrypoints to be loaded from the + # neutron.service_plugins namespace. See setup.cfg for the entrypoint names of +@@ -69,8 +69,8 @@ lock_path = $state_path/lock + # with previous versions, the class name of a plugin can be specified instead + # of its entrypoint name. + # +-# service_plugins = + # Example: service_plugins = router,firewall,lbaas,vpnaas,metering ++service_plugins = neutron.services.loadbalancer.plugin.LoadBalancerPlugin,neutron.services.metering.metering_plugin.MeteringPlugin,neutron.services.l3_router.l3_router_plugin.L3RouterPlugin + + # Paste configuration file + # api_paste_config = api-paste.ini +@@ -84,7 +84,7 @@ lock_path = $state_path/lock + + # The strategy to be used for auth. + # Supported values are 'keystone'(default), 'noauth'. +-# auth_strategy = keystone ++auth_strategy = keystone + + # Base MAC address. The first 3 octets will remain unchanged. If the + # 4h octet is not 00, it will also be used. The others will be +@@ -121,7 +121,7 @@ lock_path = $state_path/lock + # Enable or disable overlapping IPs for subnets + # Attention: the following parameter MUST be set to False if Neutron is + # being used in conjunction with nova security groups +-# allow_overlapping_ips = False ++allow_overlapping_ips = True + # Ensure that configured gateway is on subnet. For IPv6, validate only if + # gateway is not a link local address. Deprecated, to be removed during the + # K release, at which point the check will be mandatory. +@@ -257,20 +257,20 @@ lock_path = $state_path/lock + + # ======== neutron nova interactions ========== + # Send notification to nova when port status is active. +-# notify_nova_on_port_status_changes = True ++notify_nova_on_port_status_changes = True + + # Send notifications to nova when port data (fixed_ips/floatingips) change + # so nova can update it's cache. +-# notify_nova_on_port_data_changes = True ++notify_nova_on_port_data_changes = True + + # URL for connection to nova (Only supports one nova region currently). + # nova_url = http://127.0.0.1:8774/v2 + + # Name of nova region to use. Useful if keystone manages more than one region +-# nova_region_name = ++nova_region_name = regionOne + + # Username for connection to nova in admin context +-# nova_admin_username = ++nova_admin_username = admin + + # The uuid of the admin nova tenant + # nova_admin_tenant_id = +@@ -369,7 +369,7 @@ lock_path = $state_path/lock + + # The RabbitMQ broker address where a single node is used. + # (string value) +-#rabbit_host=localhost ++rabbit_host=localhost + + # The RabbitMQ broker port where a single node is used. + # (integer value) +@@ -382,10 +382,10 @@ lock_path = $state_path/lock + #rabbit_use_ssl=false + + # The RabbitMQ userid. (string value) +-#rabbit_userid=guest ++rabbit_userid=guest + + # The RabbitMQ password. (string value) +-#rabbit_password=guest ++rabbit_password=guest + + # the RabbitMQ login method (string value) + #rabbit_login_method=AMQPLAIN +@@ -470,7 +470,7 @@ lock_path = $state_path/lock + + # The messaging driver to use, defaults to rabbit. Other + # drivers include qpid and zmq. (string value) +-#rpc_backend=rabbit ++rpc_backend=rabbit + + # The default exchange under which topics are scoped. May be + # overridden by an exchange name specified in the +@@ -582,7 +582,7 @@ lock_path = $state_path/lock + # Use "sudo neutron-rootwrap /etc/neutron/rootwrap.conf" to use the real + # root filter facility. + # Change to "sudo" to skip the filtering and just run the comand directly +-# root_helper = sudo ++root_helper = sudo neutron-rootwrap /etc/neutron/rootwrap.conf + + # Set to true to add comments to generated iptables rules that describe + # each rule's purpose. (System must support the iptables comments module.) +@@ -619,14 +619,13 @@ admin_password = %SERVICE_PASSWORD% + [database] + # This line MUST be changed to actually run the plugin. + # Example: +-# connection = mysql://root:pass@127.0.0.1:3306/neutron + # Replace 127.0.0.1 above with the IP address of the database used by the + # main neutron server. (Leave it as is if the database runs on this host.) +-# connection = sqlite:// + # NOTE: In deployment the [database] section and its connection attribute may + # be set in the corresponding core plugin '.ini' file. However, it is suggested + # to put the [database] section and its connection attribute in this + # configuration file. ++connection = sqlite:///var/lib/neutron/neutrondb + + # Database engine for which script will be generated when using offline + # migration +--- neutron-2015.1~b2.orig/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini ++++ neutron-2015.1~b2/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini +@@ -5,7 +5,7 @@ + # attached to this bridge and then "patched" according to their network + # connectivity. + # +-# integration_bridge = br-int ++integration_bridge = br-int + + # Only used for the agent if tunnel_id_ranges is not empty for + # the server. In most cases, the default value should be fine. +@@ -32,8 +32,8 @@ + # port. All physical networks configured on the server should have + # mappings to appropriate bridges on each agent. + # +-# bridge_mappings = + # Example: bridge_mappings = physnet1:br-eth1 ++bridge_mappings = external:br-ex + + # (BoolOpt) Use veths instead of patch ports to interconnect the integration + # bridge to physical networks. Support kernel without ovs patch port support +@@ -42,7 +42,7 @@ + + [agent] + # Agent's polling interval in seconds +-# polling_interval = 2 ++polling_interval = 15 + + # Minimize polling by monitoring ovsdb for interface changes + # minimize_polling = True +@@ -57,10 +57,10 @@ + # disable tunneling support in the agent. + # You can specify as many values here as your compute hosts supports. + # +-# tunnel_types = + # Example: tunnel_types = gre + # Example: tunnel_types = vxlan + # Example: tunnel_types = vxlan, gre ++tunnel_types = gre + + # (IntOpt) The port number to utilize if tunnel_types includes 'vxlan'. By + # default, this will make use of the Open vSwitch default value of '4789' if +@@ -82,12 +82,12 @@ + # RPC calbbacks instead of tunnel_sync/update) on OVS agents in order to + # optimize tunnel management. + # +-# l2_population = False ++l2_population = True + + # Enable local ARP responder. Requires OVS 2.1. This is only used by the l2 + # population ML2 MechanismDriver. + # +-# arp_responder = False ++arp_responder = False + + # (BoolOpt) Set or un-set the don't fragment (DF) bit on outgoing IP packet + # carrying GRE/VXLAN tunnel. The default value is True. +@@ -97,7 +97,7 @@ + # (BoolOpt) Set to True on L2 agents to enable support + # for distributed virtual routing. + # +-# enable_distributed_routing = False ++enable_distributed_routing = False + + # (IntOpt) Set new timeout in seconds for new rpc calls after agent receives + # SIGTERM. If value is set to 0, rpc timeout won't be changed" +@@ -106,32 +106,10 @@ + + [securitygroup] + # Firewall driver for realizing neutron security group function. +-# firewall_driver = neutron.agent.firewall.NoopFirewallDriver + # Example: firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver ++firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver + + # Controls if neutron security group is enabled or not. + # It should be false when you use nova security group. + # enable_security_group = True + +-#----------------------------------------------------------------------------- +-# Sample Configurations. +-#----------------------------------------------------------------------------- +-# +-# 1. With VLANs on eth1. +-# [ovs] +-# integration_bridge = br-int +-# bridge_mappings = default:br-eth1 +-# +-# 2. With GRE tunneling. +-# [ovs] +-# integration_bridge = br-int +-# tunnel_bridge = br-tun +-# local_ip = 10.0.0.3 +-# +-# 3. With VXLAN tunneling. +-# [ovs] +-# integration_bridge = br-int +-# tunnel_bridge = br-tun +-# local_ip = 10.0.0.3 +-# [agent] +-# tunnel_types = vxlan +--- neutron-2015.1~b2.orig/etc/neutron/plugins/ml2/ml2_conf.ini ++++ neutron-2015.1~b2/etc/neutron/plugins/ml2/ml2_conf.ini +@@ -2,24 +2,24 @@ + # (ListOpt) List of network type driver entrypoints to be loaded from + # the neutron.ml2.type_drivers namespace. + # +-# type_drivers = local,flat,vlan,gre,vxlan +-# Example: type_drivers = flat,vlan,gre,vxlan ++# Example: type_drivers = local,flat,vlan,gre,vxlan ++type_drivers = flat,gre + + # (ListOpt) Ordered list of network_types to allocate as tenant + # networks. The default value 'local' is useful for single-box testing + # but provides no connectivity between hosts. + # +-# tenant_network_types = local + # Example: tenant_network_types = vlan,gre,vxlan ++tenant_network_types = gre + + # (ListOpt) Ordered list of networking mechanism driver entrypoints + # to be loaded from the neutron.ml2.mechanism_drivers namespace. +-# mechanism_drivers = + # Example: mechanism_drivers = openvswitch,mlnx + # Example: mechanism_drivers = arista + # Example: mechanism_drivers = cisco,logger + # Example: mechanism_drivers = openvswitch,brocade + # Example: mechanism_drivers = linuxbridge,brocade ++mechanism_drivers = openvswitch,l2population + + # (ListOpt) Ordered list of extension driver entrypoints + # to be loaded from the neutron.ml2.extension_drivers namespace. +@@ -31,9 +31,9 @@ + # can be created. Use * to allow flat networks with arbitrary + # physical_network names. + # +-# flat_networks = + # Example:flat_networks = physnet1,physnet2 + # Example:flat_networks = * ++flat_networks = external + + [ml2_type_vlan] + # (ListOpt) List of [::] tuples +@@ -46,7 +46,7 @@ + + [ml2_type_gre] + # (ListOpt) Comma-separated list of : tuples enumerating ranges of GRE tunnel IDs that are available for tenant network allocation +-# tunnel_id_ranges = ++tunnel_id_ranges = 1:1000 + + [ml2_type_vxlan] + # (ListOpt) Comma-separated list of : tuples enumerating +@@ -64,8 +64,8 @@ + [securitygroup] + # Controls if neutron security group is enabled or not. + # It should be false when you use nova security group. +-# enable_security_group = True ++enable_security_group = True + + # Use ipset to speed-up the iptables security groups. Enabling ipset support + # requires that ipset is installed on L2 agent node. +-# enable_ipset = True ++enable_ipset = True diff --git a/trusty/debian/patches/series b/trusty/debian/patches/series index 3ee86a43f..faed02f1f 100644 --- a/trusty/debian/patches/series +++ b/trusty/debian/patches/series @@ -1 +1,2 @@ fix-alembic-migrations-with-sqlite.patch +better-config-defaults.patch