Chapter 18. Managing tenant quotas

18.1. Configuring tenant quotas

OpenStack Networking (neutron) supports the use of quotas to constrain the number of resources created by tenants/projects.

  • You can set tenant quotas for various network components in the /var/lib/config-data/neutron/etc/neutron/neutron.conf file.

    For example, to limit the number of routers that a tenant can create, change the quota_router value:

    quota_router = 10

    In this example, each tenant is limited to a maximum of 10 routers.

For a listing of the quota settings, see sections that immediately follow.

18.2. L3 quota options

Here are quota options available for layer 3 (L3) networking:

  • quota_floatingip - The number of floating IPs available to a tenant.
  • quota_network - The number of networks available to a tenant.
  • quota_port - The number of ports available to a tenant.
  • quota_router - The number of routers available to a tenant.
  • quota_subnet - The number of subnets available to a tenant.
  • quota_vip - The number of virtual IP addresses available to a tenant.

18.3. Firewall quota options

Here are quota options available for managing firewalls for tenants:

  • quota_firewall - The number of firewalls available to a tenant.
  • quota_firewall_policy - The number of firewall policies available to a tenant.
  • quota_firewall_rule - The number of firewall rules available to a tenant.

18.4. Security group quota options

Here are quota options available for managing the number of security groups that tenants can create:

  • quota_security_group - The number of security groups available to a tenant.
  • quota_security_group_rule - The number of security group rules available to a tenant.

18.5. Management quota options

Here are additonal options available to administrators for managing quotas for tenants:

  • default_quota* - The default number of resources available to a tenant.
  • quota_health_monitor* - The number of health monitors available to a tenant.

    Health monitors do not consume resources, however the quota option is available because OpenStack Networking considers health monitors as resource consumers.

  • quota_member - The number of pool members available to a tenant.

    Pool members do not consume resources, however the quota option is available because OpenStack Networking considers pool members as resource consumers.

  • quota_pool - The number of pools available to a tenant.