]>
Commit | Line | Data |
---|---|---|
7c673cae FG |
1 | [DEFAULT] |
2 | ||
3 | # | |
4 | # From glance.api | |
5 | # | |
6 | ||
7 | # When true, this option sets the owner of an image to be the tenant. | |
8 | # Otherwise, the owner of the image will be the authenticated user | |
9 | # issuing the request. (boolean value) | |
10 | #owner_is_tenant=true | |
11 | ||
12 | # Role used to identify an authenticated user as administrator. | |
13 | # (string value) | |
14 | #admin_role=admin | |
15 | ||
16 | # Allow unauthenticated users to access the API with read-only | |
17 | # privileges. This only applies when using ContextMiddleware. (boolean | |
18 | # value) | |
19 | #allow_anonymous_access=false | |
20 | ||
21 | # Limits request ID length. (integer value) | |
22 | #max_request_id_length=64 | |
23 | ||
24 | # Public url to use for versions endpoint. The default is None, which | |
25 | # will use the request's host_url attribute to populate the URL base. | |
26 | # If Glance is operating behind a proxy, you will want to change this | |
27 | # to represent the proxy's URL. (string value) | |
28 | #public_endpoint=<None> | |
29 | ||
30 | # Whether to allow users to specify image properties beyond what the | |
31 | # image schema provides (boolean value) | |
32 | #allow_additional_image_properties=true | |
33 | ||
34 | # Maximum number of image members per image. Negative values evaluate | |
35 | # to unlimited. (integer value) | |
36 | #image_member_quota=128 | |
37 | ||
38 | # Maximum number of properties allowed on an image. Negative values | |
39 | # evaluate to unlimited. (integer value) | |
40 | #image_property_quota=128 | |
41 | ||
42 | # Maximum number of tags allowed on an image. Negative values evaluate | |
43 | # to unlimited. (integer value) | |
44 | #image_tag_quota=128 | |
45 | ||
46 | # Maximum number of locations allowed on an image. Negative values | |
47 | # evaluate to unlimited. (integer value) | |
48 | #image_location_quota=10 | |
49 | ||
50 | # Python module path of data access API (string value) | |
51 | #data_api=glance.db.sqlalchemy.api | |
52 | ||
53 | # Default value for the number of items returned by a request if not | |
54 | # specified explicitly in the request (integer value) | |
55 | #limit_param_default=25 | |
56 | ||
57 | # Maximum permissible number of items that could be returned by a | |
58 | # request (integer value) | |
59 | #api_limit_max=1000 | |
60 | ||
61 | # Whether to include the backend image storage location in image | |
62 | # properties. Revealing storage location can be a security risk, so | |
63 | # use this setting with caution! (boolean value) | |
64 | #show_image_direct_url=false | |
65 | show_image_direct_url=True | |
66 | ||
67 | # Whether to include the backend image locations in image properties. | |
68 | # For example, if using the file system store a URL of | |
69 | # "file:///path/to/image" will be returned to the user in the | |
70 | # 'direct_url' meta-data field. Revealing storage location can be a | |
71 | # security risk, so use this setting with caution! The overrides | |
72 | # show_image_direct_url. (boolean value) | |
73 | #show_multiple_locations=false | |
74 | ||
75 | # Maximum size of image a user can upload in bytes. Defaults to | |
76 | # 1099511627776 bytes (1 TB).WARNING: this value should only be | |
77 | # increased after careful consideration and must be set to a value | |
78 | # under 8 EB (9223372036854775808). (integer value) | |
79 | # Maximum value: 9223372036854775808 | |
80 | #image_size_cap=1099511627776 | |
81 | ||
82 | # Set a system wide quota for every user. This value is the total | |
83 | # capacity that a user can use across all storage systems. A value of | |
84 | # 0 means unlimited.Optional unit can be specified for the value. | |
85 | # Accepted units are B, KB, MB, GB and TB representing Bytes, | |
86 | # KiloBytes, MegaBytes, GigaBytes and TeraBytes respectively. If no | |
87 | # unit is specified then Bytes is assumed. Note that there should not | |
88 | # be any space between value and unit and units are case sensitive. | |
89 | # (string value) | |
90 | #user_storage_quota=0 | |
91 | ||
92 | # Deploy the v1 OpenStack Images API. (boolean value) | |
93 | #enable_v1_api=true | |
94 | ||
95 | # Deploy the v2 OpenStack Images API. (boolean value) | |
96 | #enable_v2_api=true | |
97 | ||
98 | # Deploy the v3 OpenStack Objects API. (boolean value) | |
99 | #enable_v3_api=false | |
100 | ||
101 | # Deploy the v1 OpenStack Registry API. (boolean value) | |
102 | #enable_v1_registry=true | |
103 | ||
104 | # Deploy the v2 OpenStack Registry API. (boolean value) | |
105 | #enable_v2_registry=true | |
106 | ||
107 | # The hostname/IP of the pydev process listening for debug connections | |
108 | # (string value) | |
109 | #pydev_worker_debug_host=<None> | |
110 | ||
111 | # The port on which a pydev process is listening for connections. | |
112 | # (integer value) | |
113 | # Minimum value: 1 | |
114 | # Maximum value: 65535 | |
115 | #pydev_worker_debug_port=5678 | |
116 | ||
117 | # AES key for encrypting store 'location' metadata. This includes, if | |
118 | # used, Swift or S3 credentials. Should be set to a random string of | |
119 | # length 16, 24 or 32 bytes (string value) | |
120 | #metadata_encryption_key=<None> | |
121 | ||
122 | # Digest algorithm which will be used for digital signature. Use the | |
123 | # command "openssl list-message-digest-algorithms" to get the | |
124 | # available algorithmssupported by the version of OpenSSL on the | |
125 | # platform. Examples are "sha1", "sha256", "sha512", etc. (string | |
126 | # value) | |
127 | #digest_algorithm=sha256 | |
128 | ||
129 | # This value sets what strategy will be used to determine the image | |
130 | # location order. Currently two strategies are packaged with Glance | |
131 | # 'location_order' and 'store_type'. (string value) | |
132 | # Allowed values: location_order, store_type | |
133 | #location_strategy=location_order | |
134 | ||
135 | # The location of the property protection file.This file contains the | |
136 | # rules for property protections and the roles/policies associated | |
137 | # with it. If this config value is not specified, by default, property | |
138 | # protections won't be enforced. If a value is specified and the file | |
139 | # is not found, then the glance-api service will not start. (string | |
140 | # value) | |
141 | #property_protection_file=<None> | |
142 | ||
143 | # This config value indicates whether "roles" or "policies" are used | |
144 | # in the property protection file. (string value) | |
145 | # Allowed values: roles, policies | |
146 | #property_protection_rule_format=roles | |
147 | ||
148 | # Modules of exceptions that are permitted to be recreated upon | |
149 | # receiving exception data from an rpc call. (list value) | |
150 | #allowed_rpc_exception_modules=glance.common.exception,exceptions | |
151 | ||
152 | # Address to bind the server. Useful when selecting a particular | |
153 | # network interface. (string value) | |
154 | #bind_host=0.0.0.0 | |
155 | bind_host=0.0.0.0 | |
156 | ||
157 | # The port on which the server will listen. (integer value) | |
158 | # Minimum value: 1 | |
159 | # Maximum value: 65535 | |
160 | #bind_port=<None> | |
161 | bind_port=9292 | |
162 | ||
163 | # The number of child process workers that will be created to service | |
164 | # requests. The default will be equal to the number of CPUs available. | |
165 | # (integer value) | |
166 | #workers=4 | |
167 | workers=12 | |
168 | ||
169 | # Maximum line size of message headers to be accepted. max_header_line | |
170 | # may need to be increased when using large tokens (typically those | |
171 | # generated by the Keystone v3 API with big service catalogs (integer | |
172 | # value) | |
173 | #max_header_line=16384 | |
174 | ||
175 | # If False, server will return the header "Connection: close", If | |
176 | # True, server will return "Connection: Keep-Alive" in its responses. | |
177 | # In order to close the client socket connection explicitly after the | |
178 | # response is sent and read successfully by the client, you simply | |
179 | # have to set this option to False when you create a wsgi server. | |
180 | # (boolean value) | |
181 | #http_keepalive=true | |
182 | ||
183 | # Timeout for client connections' socket operations. If an incoming | |
184 | # connection is idle for this number of seconds it will be closed. A | |
185 | # value of '0' means wait forever. (integer value) | |
186 | #client_socket_timeout=900 | |
187 | ||
188 | # The backlog value that will be used when creating the TCP listener | |
189 | # socket. (integer value) | |
190 | #backlog=4096 | |
191 | backlog=4096 | |
192 | ||
193 | # The value for the socket option TCP_KEEPIDLE. This is the time in | |
194 | # seconds that the connection must be idle before TCP starts sending | |
195 | # keepalive probes. (integer value) | |
196 | #tcp_keepidle=600 | |
197 | ||
198 | # CA certificate file to use to verify connecting clients. (string | |
199 | # value) | |
200 | #ca_file=<None> | |
201 | ||
202 | # Certificate file to use when starting API server securely. (string | |
203 | # value) | |
204 | #cert_file=<None> | |
205 | ||
206 | # Private key file to use when starting API server securely. (string | |
207 | # value) | |
208 | #key_file=<None> | |
209 | ||
210 | # If False fully disable profiling feature. (boolean value) | |
211 | #enabled=false | |
212 | ||
213 | # If False doesn't trace SQL requests. (boolean value) | |
214 | #trace_sqlalchemy=false | |
215 | ||
216 | # The path to the sqlite file database that will be used for image | |
217 | # cache management. (string value) | |
218 | #image_cache_sqlite_db=cache.db | |
219 | ||
220 | # The driver to use for image cache management. (string value) | |
221 | #image_cache_driver=sqlite | |
222 | ||
223 | # The upper limit (the maximum size of accumulated cache in bytes) | |
224 | # beyond which pruner, if running, starts cleaning the images cache. | |
225 | # (integer value) | |
226 | #image_cache_max_size=10737418240 | |
227 | ||
228 | # The amount of time to let an image remain in the cache without being | |
229 | # accessed. (integer value) | |
230 | #image_cache_stall_time=86400 | |
231 | ||
232 | # Base directory that the Image Cache uses. (string value) | |
233 | #image_cache_dir=/var/lib/glance/image-cache/ | |
234 | image_cache_dir=/var/lib/glance/image-cache | |
235 | ||
236 | # Default publisher_id for outgoing notifications. (string value) | |
237 | #default_publisher_id=image.localhost | |
238 | ||
239 | # List of disabled notifications. A notification can be given either | |
240 | # as a notification type to disable a single event, or as a | |
241 | # notification group prefix to disable all events within a group. | |
242 | # Example: if this config option is set to ["image.create", | |
243 | # "metadef_namespace"], then "image.create" notification will not be | |
244 | # sent after image is created and none of the notifications for | |
245 | # metadefinition namespaces will be sent. (list value) | |
246 | #disabled_notifications = | |
247 | ||
248 | # Address to find the registry server. (string value) | |
249 | #registry_host=0.0.0.0 | |
250 | registry_host=0.0.0.0 | |
251 | ||
252 | # Port the registry server is listening on. (integer value) | |
253 | # Minimum value: 1 | |
254 | # Maximum value: 65535 | |
255 | #registry_port=9191 | |
256 | registry_port=9191 | |
257 | ||
258 | # Whether to pass through the user token when making requests to the | |
259 | # registry. To prevent failures with token expiration during big files | |
260 | # upload, it is recommended to set this parameter to False.If | |
261 | # "use_user_token" is not in effect, then admin credentials can be | |
262 | # specified. (boolean value) | |
263 | #use_user_token=true | |
264 | ||
265 | # The administrators user name. If "use_user_token" is not in effect, | |
266 | # then admin credentials can be specified. (string value) | |
267 | #admin_user=%SERVICE_USER% | |
268 | ||
269 | # The administrators password. If "use_user_token" is not in effect, | |
270 | # then admin credentials can be specified. (string value) | |
271 | #admin_password=%SERVICE_PASSWORD% | |
272 | ||
273 | # The tenant name of the administrative user. If "use_user_token" is | |
274 | # not in effect, then admin tenant name can be specified. (string | |
275 | # value) | |
276 | #admin_tenant_name=%SERVICE_TENANT_NAME% | |
277 | ||
278 | # The URL to the keystone service. If "use_user_token" is not in | |
279 | # effect and using keystone auth, then URL of keystone can be | |
280 | # specified. (string value) | |
281 | #auth_url=<None> | |
282 | ||
283 | # The strategy to use for authentication. If "use_user_token" is not | |
284 | # in effect, then auth strategy can be specified. (string value) | |
285 | #auth_strategy=noauth | |
286 | ||
287 | # The region for the authentication service. If "use_user_token" is | |
288 | # not in effect and using keystone auth, then region name can be | |
289 | # specified. (string value) | |
290 | #auth_region=<None> | |
291 | ||
292 | # The protocol to use for communication with the registry server. | |
293 | # Either http or https. (string value) | |
294 | #registry_client_protocol=http | |
295 | registry_client_protocol=http | |
296 | ||
297 | # The path to the key file to use in SSL connections to the registry | |
298 | # server, if any. Alternately, you may set the GLANCE_CLIENT_KEY_FILE | |
299 | # environment variable to a filepath of the key file (string value) | |
300 | #registry_client_key_file=<None> | |
301 | ||
302 | # The path to the cert file to use in SSL connections to the registry | |
303 | # server, if any. Alternately, you may set the GLANCE_CLIENT_CERT_FILE | |
304 | # environment variable to a filepath of the CA cert file (string | |
305 | # value) | |
306 | #registry_client_cert_file=<None> | |
307 | ||
308 | # The path to the certifying authority cert file to use in SSL | |
309 | # connections to the registry server, if any. Alternately, you may set | |
310 | # the GLANCE_CLIENT_CA_FILE environment variable to a filepath of the | |
311 | # CA cert file. (string value) | |
312 | #registry_client_ca_file=<None> | |
313 | ||
314 | # When using SSL in connections to the registry server, do not require | |
315 | # validation via a certifying authority. This is the registry's | |
316 | # equivalent of specifying --insecure on the command line using | |
317 | # glanceclient for the API. (boolean value) | |
318 | #registry_client_insecure=false | |
319 | ||
320 | # The period of time, in seconds, that the API server will wait for a | |
321 | # registry request to complete. A value of 0 implies no timeout. | |
322 | # (integer value) | |
323 | #registry_client_timeout=600 | |
324 | ||
325 | # Whether to pass through headers containing user and tenant | |
326 | # information when making requests to the registry. This allows the | |
327 | # registry to use the context middleware without keystonemiddleware's | |
328 | # auth_token middleware, removing calls to the keystone auth service. | |
329 | # It is recommended that when using this option, secure communication | |
330 | # between glance api and glance registry is ensured by means other | |
331 | # than auth_token middleware. (boolean value) | |
332 | #send_identity_headers=false | |
333 | ||
334 | # The amount of time in seconds to delay before performing a delete. | |
335 | # (integer value) | |
336 | #scrub_time=0 | |
337 | ||
338 | # The size of thread pool to be used for scrubbing images. The default | |
339 | # is one, which signifies serial scrubbing. Any value above one | |
340 | # indicates the max number of images that may be scrubbed in parallel. | |
341 | # (integer value) | |
342 | #scrub_pool_size=1 | |
343 | ||
344 | # Turn on/off delayed delete. (boolean value) | |
345 | #delayed_delete=false | |
346 | ||
347 | # Role used to identify an authenticated user as administrator. | |
348 | # (string value) | |
349 | #admin_role=admin | |
350 | ||
351 | # Whether to pass through headers containing user and tenant | |
352 | # information when making requests to the registry. This allows the | |
353 | # registry to use the context middleware without keystonemiddleware's | |
354 | # auth_token middleware, removing calls to the keystone auth service. | |
355 | # It is recommended that when using this option, secure communication | |
356 | # between glance api and glance registry is ensured by means other | |
357 | # than auth_token middleware. (boolean value) | |
358 | #send_identity_headers=false | |
359 | ||
360 | # | |
361 | # From oslo.log | |
362 | # | |
363 | ||
364 | # Print debugging output (set logging level to DEBUG instead of | |
365 | # default INFO level). (boolean value) | |
366 | #debug=False | |
367 | debug=True | |
368 | ||
369 | # If set to false, will disable INFO logging level, making WARNING the | |
370 | # default. (boolean value) | |
371 | # This option is deprecated for removal. | |
372 | # Its value may be silently ignored in the future. | |
373 | #verbose=True | |
374 | verbose=True | |
375 | ||
376 | # The name of a logging configuration file. This file is appended to | |
377 | # any existing logging configuration files. For details about logging | |
378 | # configuration files, see the Python logging module documentation. | |
379 | # (string value) | |
380 | # Deprecated group/name - [DEFAULT]/log_config | |
381 | #log_config_append=<None> | |
382 | ||
383 | # DEPRECATED. A logging.Formatter log message format string which may | |
384 | # use any of the available logging.LogRecord attributes. This option | |
385 | # is deprecated. Please use logging_context_format_string and | |
386 | # logging_default_format_string instead. (string value) | |
387 | #log_format=<None> | |
388 | ||
389 | # Format string for %%(asctime)s in log records. Default: %(default)s | |
390 | # . (string value) | |
391 | #log_date_format=%Y-%m-%d %H:%M:%S | |
392 | ||
393 | # (Optional) Name of log file to output to. If no default is set, | |
394 | # logging will go to stdout. (string value) | |
395 | # Deprecated group/name - [DEFAULT]/logfile | |
396 | #log_file=/var/log/glance/api.log | |
397 | log_file=/var/log/glance/api.log | |
398 | ||
399 | # (Optional) The base directory used for relative --log-file paths. | |
400 | # (string value) | |
401 | # Deprecated group/name - [DEFAULT]/logdir | |
402 | #log_dir=<None> | |
403 | log_dir=/var/log/glance | |
404 | ||
405 | # Use syslog for logging. Existing syslog format is DEPRECATED and | |
406 | # will be changed later to honor RFC5424. (boolean value) | |
407 | #use_syslog=false | |
408 | use_syslog=False | |
409 | ||
410 | # (Optional) Enables or disables syslog rfc5424 format for logging. If | |
411 | # enabled, prefixes the MSG part of the syslog message with APP-NAME | |
412 | # (RFC5424). The format without the APP-NAME is deprecated in Kilo, | |
413 | # and will be removed in Mitaka, along with this option. (boolean | |
414 | # value) | |
415 | # This option is deprecated for removal. | |
416 | # Its value may be silently ignored in the future. | |
417 | #use_syslog_rfc_format=true | |
418 | ||
419 | # Syslog facility to receive log lines. (string value) | |
420 | #syslog_log_facility=LOG_USER | |
421 | syslog_log_facility=LOG_USER | |
422 | ||
423 | # Log output to standard error. (boolean value) | |
424 | #use_stderr=False | |
425 | use_stderr=True | |
426 | ||
427 | # Format string to use for log messages with context. (string value) | |
428 | #logging_context_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s | |
429 | ||
430 | # Format string to use for log messages without context. (string | |
431 | # value) | |
432 | #logging_default_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s | |
433 | ||
434 | # Data to append to log format when level is DEBUG. (string value) | |
435 | #logging_debug_format_suffix=%(funcName)s %(pathname)s:%(lineno)d | |
436 | ||
437 | # Prefix each line of exception output with this format. (string | |
438 | # value) | |
439 | #logging_exception_prefix=%(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s | |
440 | ||
441 | # List of logger=LEVEL pairs. (list value) | |
442 | #default_log_levels=amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN | |
443 | ||
444 | # Enables or disables publication of error events. (boolean value) | |
445 | #publish_errors=false | |
446 | ||
447 | # The format for an instance that is passed with the log message. | |
448 | # (string value) | |
449 | #instance_format="[instance: %(uuid)s] " | |
450 | ||
451 | # The format for an instance UUID that is passed with the log message. | |
452 | # (string value) | |
453 | #instance_uuid_format="[instance: %(uuid)s] " | |
454 | ||
455 | # Enables or disables fatal status of deprecations. (boolean value) | |
456 | #fatal_deprecations=false | |
457 | ||
458 | # | |
459 | # From oslo.messaging | |
460 | # | |
461 | ||
462 | # Size of RPC connection pool. (integer value) | |
463 | # Deprecated group/name - [DEFAULT]/rpc_conn_pool_size | |
464 | #rpc_conn_pool_size=30 | |
465 | ||
466 | # ZeroMQ bind address. Should be a wildcard (*), an ethernet | |
467 | # interface, or IP. The "host" option should point or resolve to this | |
468 | # address. (string value) | |
469 | #rpc_zmq_bind_address=* | |
470 | ||
471 | # MatchMaker driver. (string value) | |
472 | #rpc_zmq_matchmaker=local | |
473 | ||
474 | # ZeroMQ receiver listening port. (integer value) | |
475 | #rpc_zmq_port=9501 | |
476 | ||
477 | # Number of ZeroMQ contexts, defaults to 1. (integer value) | |
478 | #rpc_zmq_contexts=1 | |
479 | ||
480 | # Maximum number of ingress messages to locally buffer per topic. | |
481 | # Default is unlimited. (integer value) | |
482 | #rpc_zmq_topic_backlog=<None> | |
483 | ||
484 | # Directory for holding IPC sockets. (string value) | |
485 | #rpc_zmq_ipc_dir=/var/run/openstack | |
486 | ||
487 | # Name of this node. Must be a valid hostname, FQDN, or IP address. | |
488 | # Must match "host" option, if running Nova. (string value) | |
489 | #rpc_zmq_host=localhost | |
490 | ||
491 | # Seconds to wait before a cast expires (TTL). Only supported by | |
492 | # impl_zmq. (integer value) | |
493 | #rpc_cast_timeout=30 | |
494 | ||
495 | # Heartbeat frequency. (integer value) | |
496 | #matchmaker_heartbeat_freq=300 | |
497 | ||
498 | # Heartbeat time-to-live. (integer value) | |
499 | #matchmaker_heartbeat_ttl=600 | |
500 | ||
501 | # Size of executor thread pool. (integer value) | |
502 | # Deprecated group/name - [DEFAULT]/rpc_thread_pool_size | |
503 | #executor_thread_pool_size=64 | |
504 | ||
505 | # The Drivers(s) to handle sending notifications. Possible values are | |
506 | # messaging, messagingv2, routing, log, test, noop (multi valued) | |
507 | #notification_driver = | |
508 | notification_driver =messaging | |
509 | ||
510 | # AMQP topic used for OpenStack notifications. (list value) | |
511 | # Deprecated group/name - [rpc_notifier2]/topics | |
512 | #notification_topics=notifications | |
513 | ||
514 | # Seconds to wait for a response from a call. (integer value) | |
515 | #rpc_response_timeout=60 | |
516 | ||
517 | # A URL representing the messaging driver to use and its full | |
518 | # configuration. If not set, we fall back to the rpc_backend option | |
519 | # and driver specific configuration. (string value) | |
520 | #transport_url=<None> | |
521 | ||
522 | # The messaging driver to use, defaults to rabbit. Other drivers | |
523 | # include qpid and zmq. (string value) | |
524 | #rpc_backend=rabbit | |
525 | ||
526 | # The default exchange under which topics are scoped. May be | |
527 | # overridden by an exchange name specified in the transport_url | |
528 | # option. (string value) | |
529 | #control_exchange=openstack | |
530 | hw_scsi_model=virtio-scsi | |
531 | hw_disk_bus=scsi | |
532 | hw_qemu_guest_agent=yes | |
533 | os_require_quiesce=yes | |
534 | ||
535 | [database] | |
536 | ||
537 | # | |
538 | # From oslo.db | |
539 | # | |
540 | ||
541 | # The file name to use with SQLite. (string value) | |
542 | # Deprecated group/name - [DEFAULT]/sqlite_db | |
543 | #sqlite_db=oslo.sqlite | |
544 | ||
545 | # If True, SQLite uses synchronous mode. (boolean value) | |
546 | # Deprecated group/name - [DEFAULT]/sqlite_synchronous | |
547 | #sqlite_synchronous=true | |
548 | ||
549 | # The back end to use for the database. (string value) | |
550 | # Deprecated group/name - [DEFAULT]/db_backend | |
551 | #backend=sqlalchemy | |
552 | ||
553 | # The SQLAlchemy connection string to use to connect to the database. | |
554 | # (string value) | |
555 | # Deprecated group/name - [DEFAULT]/sql_connection | |
556 | # Deprecated group/name - [DATABASE]/sql_connection | |
557 | # Deprecated group/name - [sql]/connection | |
558 | #connection=mysql://glance:glance@localhost/glance | |
559 | connection=mysql+pymysql://glance:qum5net@VARINET4ADDR/glance | |
560 | ||
561 | # The SQLAlchemy connection string to use to connect to the slave | |
562 | # database. (string value) | |
563 | #slave_connection=<None> | |
564 | ||
565 | # The SQL mode to be used for MySQL sessions. This option, including | |
566 | # the default, overrides any server-set SQL mode. To use whatever SQL | |
567 | # mode is set by the server configuration, set this to no value. | |
568 | # Example: mysql_sql_mode= (string value) | |
569 | #mysql_sql_mode=TRADITIONAL | |
570 | ||
571 | # Timeout before idle SQL connections are reaped. (integer value) | |
572 | # Deprecated group/name - [DEFAULT]/sql_idle_timeout | |
573 | # Deprecated group/name - [DATABASE]/sql_idle_timeout | |
574 | # Deprecated group/name - [sql]/idle_timeout | |
575 | #idle_timeout=3600 | |
576 | idle_timeout=3600 | |
577 | ||
578 | # Minimum number of SQL connections to keep open in a pool. (integer | |
579 | # value) | |
580 | # Deprecated group/name - [DEFAULT]/sql_min_pool_size | |
581 | # Deprecated group/name - [DATABASE]/sql_min_pool_size | |
582 | #min_pool_size=1 | |
583 | ||
584 | # Maximum number of SQL connections to keep open in a pool. (integer | |
585 | # value) | |
586 | # Deprecated group/name - [DEFAULT]/sql_max_pool_size | |
587 | # Deprecated group/name - [DATABASE]/sql_max_pool_size | |
588 | #max_pool_size=<None> | |
589 | ||
590 | # Maximum number of database connection retries during startup. Set to | |
591 | # -1 to specify an infinite retry count. (integer value) | |
592 | # Deprecated group/name - [DEFAULT]/sql_max_retries | |
593 | # Deprecated group/name - [DATABASE]/sql_max_retries | |
594 | #max_retries=10 | |
595 | ||
596 | # Interval between retries of opening a SQL connection. (integer | |
597 | # value) | |
598 | # Deprecated group/name - [DEFAULT]/sql_retry_interval | |
599 | # Deprecated group/name - [DATABASE]/reconnect_interval | |
600 | #retry_interval=10 | |
601 | ||
602 | # If set, use this value for max_overflow with SQLAlchemy. (integer | |
603 | # value) | |
604 | # Deprecated group/name - [DEFAULT]/sql_max_overflow | |
605 | # Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow | |
606 | #max_overflow=<None> | |
607 | ||
608 | # Verbosity of SQL debugging information: 0=None, 100=Everything. | |
609 | # (integer value) | |
610 | # Deprecated group/name - [DEFAULT]/sql_connection_debug | |
611 | #connection_debug=0 | |
612 | ||
613 | # Add Python stack traces to SQL as comment strings. (boolean value) | |
614 | # Deprecated group/name - [DEFAULT]/sql_connection_trace | |
615 | #connection_trace=false | |
616 | ||
617 | # If set, use this value for pool_timeout with SQLAlchemy. (integer | |
618 | # value) | |
619 | # Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout | |
620 | #pool_timeout=<None> | |
621 | ||
622 | # Enable the experimental use of database reconnect on connection | |
623 | # lost. (boolean value) | |
624 | #use_db_reconnect=false | |
625 | ||
626 | # Seconds between retries of a database transaction. (integer value) | |
627 | #db_retry_interval=1 | |
628 | ||
629 | # If True, increases the interval between retries of a database | |
630 | # operation up to db_max_retry_interval. (boolean value) | |
631 | #db_inc_retry_interval=true | |
632 | ||
633 | # If db_inc_retry_interval is set, the maximum seconds between retries | |
634 | # of a database operation. (integer value) | |
635 | #db_max_retry_interval=10 | |
636 | ||
637 | # Maximum retries in case of connection error or deadlock error before | |
638 | # error is raised. Set to -1 to specify an infinite retry count. | |
639 | # (integer value) | |
640 | #db_max_retries=20 | |
641 | ||
642 | # | |
643 | # From oslo.db.concurrency | |
644 | # | |
645 | ||
646 | # Enable the experimental use of thread pooling for all DB API calls | |
647 | # (boolean value) | |
648 | # Deprecated group/name - [DEFAULT]/dbapi_use_tpool | |
649 | #use_tpool=false | |
650 | ||
651 | ||
652 | [glance_store] | |
653 | ||
654 | # | |
655 | # From glance.store | |
656 | # | |
657 | ||
658 | # List of stores enabled (list value) | |
659 | #stores=file,http | |
660 | stores=rbd | |
661 | default_store=rbd | |
662 | ||
663 | # Default scheme to use to store image data. The scheme must be | |
664 | # registered by one of the stores defined by the 'stores' config | |
665 | # option. (string value) | |
666 | #default_store=file | |
667 | ||
668 | # Minimum interval seconds to execute updating dynamic storage | |
669 | # capabilities based on backend status then. It's not a periodic | |
670 | # routine, the update logic will be executed only when interval | |
671 | # seconds elapsed and an operation of store has triggered. The feature | |
672 | # will be enabled only when the option value greater then zero. | |
673 | # (integer value) | |
674 | #store_capabilities_update_min_interval=0 | |
675 | ||
676 | # | |
677 | # From glance.store | |
678 | # | |
679 | ||
680 | # Hostname or IP address of the instance to connect to, or a mongodb | |
681 | # URI, or a list of hostnames / mongodb URIs. If host is an IPv6 | |
682 | # literal it must be enclosed in '[' and ']' characters following the | |
683 | # RFC2732 URL syntax (e.g. '[::1]' for localhost) (string value) | |
684 | #mongodb_store_uri=<None> | |
685 | ||
686 | # Database to use (string value) | |
687 | #mongodb_store_db=<None> | |
688 | ||
689 | # Images will be chunked into objects of this size (in megabytes). For | |
690 | # best performance, this should be a power of two. (integer value) | |
691 | #sheepdog_store_chunk_size=64 | |
692 | ||
693 | # Port of sheep daemon. (integer value) | |
694 | #sheepdog_store_port=7000 | |
695 | ||
696 | # IP address of sheep daemon. (string value) | |
697 | #sheepdog_store_address=localhost | |
698 | ||
699 | # RADOS images will be chunked into objects of this size (in | |
700 | # megabytes). For best performance, this should be a power of two. | |
701 | # (integer value) | |
702 | rbd_store_chunk_size=8 | |
703 | ||
704 | # RADOS pool in which images are stored. (string value) | |
705 | #rbd_store_pool=images | |
706 | rbd_store_pool=images | |
707 | ||
708 | # RADOS user to authenticate as (only applicable if using Cephx. If | |
709 | # <None>, a default will be chosen based on the client. section in | |
710 | # rbd_store_ceph_conf) (string value) | |
711 | rbd_store_user=glance | |
712 | ||
713 | # Ceph configuration file path. If <None>, librados will locate the | |
714 | # default config. If using cephx authentication, this file should | |
715 | # include a reference to the right keyring in a client.<USER> section | |
716 | # (string value) | |
717 | #rbd_store_ceph_conf=/etc/ceph/ceph.conf | |
718 | rbd_store_ceph_conf=/etc/ceph/ceph.conf | |
719 | ||
720 | # Timeout value (in seconds) used when connecting to ceph cluster. If | |
721 | # value <= 0, no timeout is set and default librados value is used. | |
722 | # (integer value) | |
723 | #rados_connect_timeout=0 | |
724 | ||
725 | # Directory to which the Filesystem backend store writes images. | |
726 | # (string value) | |
727 | #filesystem_store_datadir=/var/lib/glance/images/ | |
728 | ||
729 | # List of directories and its priorities to which the Filesystem | |
730 | # backend store writes images. (multi valued) | |
731 | #filesystem_store_datadirs = | |
732 | ||
733 | # The path to a file which contains the metadata to be returned with | |
734 | # any location associated with this store. The file must contain a | |
735 | # valid JSON object. The object should contain the keys 'id' and | |
736 | # 'mountpoint'. The value for both keys should be 'string'. (string | |
737 | # value) | |
738 | #filesystem_store_metadata_file=<None> | |
739 | ||
740 | # The required permission for created image file. In this way the user | |
741 | # other service used, e.g. Nova, who consumes the image could be the | |
742 | # exclusive member of the group that owns the files created. Assigning | |
743 | # it less then or equal to zero means don't change the default | |
744 | # permission of the file. This value will be decoded as an octal | |
745 | # digit. (integer value) | |
746 | #filesystem_store_file_perm=0 | |
747 | ||
748 | # If True, swiftclient won't check for a valid SSL certificate when | |
749 | # authenticating. (boolean value) | |
750 | #swift_store_auth_insecure=false | |
751 | ||
752 | # A string giving the CA certificate file to use in SSL connections | |
753 | # for verifying certs. (string value) | |
754 | #swift_store_cacert=<None> | |
755 | ||
756 | # The region of the swift endpoint to be used for single tenant. This | |
757 | # setting is only necessary if the tenant has multiple swift | |
758 | # endpoints. (string value) | |
759 | #swift_store_region=<None> | |
760 | ||
761 | # If set, the configured endpoint will be used. If None, the storage | |
762 | # url from the auth response will be used. (string value) | |
763 | #swift_store_endpoint=<None> | |
764 | ||
765 | # A string giving the endpoint type of the swift service to use | |
766 | # (publicURL, adminURL or internalURL). This setting is only used if | |
767 | # swift_store_auth_version is 2. (string value) | |
768 | #swift_store_endpoint_type=publicURL | |
769 | ||
770 | # A string giving the service type of the swift service to use. This | |
771 | # setting is only used if swift_store_auth_version is 2. (string | |
772 | # value) | |
773 | #swift_store_service_type=object-store | |
774 | ||
775 | # Container within the account that the account should use for storing | |
776 | # images in Swift when using single container mode. In multiple | |
777 | # container mode, this will be the prefix for all containers. (string | |
778 | # value) | |
779 | #swift_store_container=glance | |
780 | ||
781 | # The size, in MB, that Glance will start chunking image files and do | |
782 | # a large object manifest in Swift. (integer value) | |
783 | #swift_store_large_object_size=5120 | |
784 | ||
785 | # The amount of data written to a temporary disk buffer during the | |
786 | # process of chunking the image file. (integer value) | |
787 | #swift_store_large_object_chunk_size=200 | |
788 | ||
789 | # A boolean value that determines if we create the container if it | |
790 | # does not exist. (boolean value) | |
791 | #swift_store_create_container_on_put=false | |
792 | ||
793 | # If set to True, enables multi-tenant storage mode which causes | |
794 | # Glance images to be stored in tenant specific Swift accounts. | |
795 | # (boolean value) | |
796 | #swift_store_multi_tenant=false | |
797 | ||
798 | # When set to 0, a single-tenant store will only use one container to | |
799 | # store all images. When set to an integer value between 1 and 32, a | |
800 | # single-tenant store will use multiple containers to store images, | |
801 | # and this value will determine how many containers are created.Used | |
802 | # only when swift_store_multi_tenant is disabled. The total number of | |
803 | # containers that will be used is equal to 16^N, so if this config | |
804 | # option is set to 2, then 16^2=256 containers will be used to store | |
805 | # images. (integer value) | |
806 | #swift_store_multiple_containers_seed=0 | |
807 | ||
808 | # A list of tenants that will be granted read/write access on all | |
809 | # Swift containers created by Glance in multi-tenant mode. (list | |
810 | # value) | |
811 | #swift_store_admin_tenants = | |
812 | ||
813 | # If set to False, disables SSL layer compression of https swift | |
814 | # requests. Setting to False may improve performance for images which | |
815 | # are already in a compressed format, eg qcow2. (boolean value) | |
816 | #swift_store_ssl_compression=true | |
817 | ||
818 | # The number of times a Swift download will be retried before the | |
819 | # request fails. (integer value) | |
820 | #swift_store_retry_get_count=0 | |
821 | ||
822 | # The reference to the default swift account/backing store parameters | |
823 | # to use for adding new images. (string value) | |
824 | #default_swift_reference=ref1 | |
825 | ||
826 | # Version of the authentication service to use. Valid versions are 2 | |
827 | # and 3 for keystone and 1 (deprecated) for swauth and rackspace. | |
828 | # (deprecated - use "auth_version" in swift_store_config_file) (string | |
829 | # value) | |
830 | #swift_store_auth_version=2 | |
831 | ||
832 | # The address where the Swift authentication service is listening. | |
833 | # (deprecated - use "auth_address" in swift_store_config_file) (string | |
834 | # value) | |
835 | #swift_store_auth_address=<None> | |
836 | ||
837 | # The user to authenticate against the Swift authentication service | |
838 | # (deprecated - use "user" in swift_store_config_file) (string value) | |
839 | #swift_store_user=<None> | |
840 | ||
841 | # Auth key for the user authenticating against the Swift | |
842 | # authentication service. (deprecated - use "key" in | |
843 | # swift_store_config_file) (string value) | |
844 | #swift_store_key=<None> | |
845 | ||
846 | # The config file that has the swift account(s)configs. (string value) | |
847 | #swift_store_config_file=<None> | |
848 | ||
849 | # ESX/ESXi or vCenter Server target system. The server value can be an | |
850 | # IP address or a DNS name. (string value) | |
851 | #vmware_server_host=<None> | |
852 | ||
853 | # Username for authenticating with VMware ESX/VC server. (string | |
854 | # value) | |
855 | #vmware_server_username=<None> | |
856 | ||
857 | # Password for authenticating with VMware ESX/VC server. (string | |
858 | # value) | |
859 | #vmware_server_password=<None> | |
860 | ||
861 | # DEPRECATED. Inventory path to a datacenter. If the | |
862 | # vmware_server_host specified is an ESX/ESXi, the | |
863 | # vmware_datacenter_path is optional. If specified, it should be "ha- | |
864 | # datacenter". This option is deprecated in favor of vmware_datastores | |
865 | # and will be removed in the Liberty release. (string value) | |
866 | # This option is deprecated for removal. | |
867 | # Its value may be silently ignored in the future. | |
868 | #vmware_datacenter_path=ha-datacenter | |
869 | ||
870 | # DEPRECATED. Datastore associated with the datacenter. This option is | |
871 | # deprecated in favor of vmware_datastores and will be removed in the | |
872 | # Liberty release. (string value) | |
873 | # This option is deprecated for removal. | |
874 | # Its value may be silently ignored in the future. | |
875 | #vmware_datastore_name=<None> | |
876 | ||
877 | # Number of times VMware ESX/VC server API must be retried upon | |
878 | # connection related issues. (integer value) | |
879 | #vmware_api_retry_count=10 | |
880 | ||
881 | # The interval used for polling remote tasks invoked on VMware ESX/VC | |
882 | # server. (integer value) | |
883 | #vmware_task_poll_interval=5 | |
884 | ||
885 | # The name of the directory where the glance images will be stored in | |
886 | # the VMware datastore. (string value) | |
887 | #vmware_store_image_dir=/openstack_glance | |
888 | ||
889 | # Allow to perform insecure SSL requests to ESX/VC. (boolean value) | |
890 | #vmware_api_insecure=false | |
891 | ||
892 | # A list of datastores where the image can be stored. This option may | |
893 | # be specified multiple times for specifying multiple datastores. | |
894 | # Either one of vmware_datastore_name or vmware_datastores is | |
895 | # required. The datastore name should be specified after its | |
11fdf7f2 TL |
896 | # datacenter path, separated by ":". An optional weight may be given |
897 | # after the datastore name, separated again by ":". Thus, the required | |
7c673cae FG |
898 | # format becomes <datacenter_path>:<datastore_name>:<optional_weight>. |
899 | # When adding an image, the datastore with highest weight will be | |
900 | # selected, unless there is not enough free space available in cases | |
901 | # where the image size is already known. If no weight is given, it is | |
902 | # assumed to be zero and the directory will be considered for | |
903 | # selection last. If multiple datastores have the same weight, then | |
904 | # the one with the most free space available is selected. (multi | |
905 | # valued) | |
906 | #vmware_datastores = | |
907 | ||
908 | # The host where the S3 server is listening. (string value) | |
909 | #s3_store_host=<None> | |
910 | ||
911 | # The S3 query token access key. (string value) | |
912 | #s3_store_access_key=<None> | |
913 | ||
914 | # The S3 query token secret key. (string value) | |
915 | #s3_store_secret_key=<None> | |
916 | ||
917 | # The S3 bucket to be used to store the Glance data. (string value) | |
918 | #s3_store_bucket=<None> | |
919 | ||
920 | # The local directory where uploads will be staged before they are | |
921 | # transferred into S3. (string value) | |
922 | #s3_store_object_buffer_dir=<None> | |
923 | ||
924 | # A boolean to determine if the S3 bucket should be created on upload | |
925 | # if it does not exist or if an error should be returned to the user. | |
926 | # (boolean value) | |
927 | #s3_store_create_bucket_on_put=false | |
928 | ||
929 | # The S3 calling format used to determine the bucket. Either subdomain | |
930 | # or path can be used. (string value) | |
931 | #s3_store_bucket_url_format=subdomain | |
932 | ||
933 | # What size, in MB, should S3 start chunking image files and do a | |
934 | # multipart upload in S3. (integer value) | |
935 | #s3_store_large_object_size=100 | |
936 | ||
937 | # What multipart upload part size, in MB, should S3 use when uploading | |
938 | # parts. The size must be greater than or equal to 5M. (integer value) | |
939 | #s3_store_large_object_chunk_size=10 | |
940 | ||
941 | # The number of thread pools to perform a multipart upload in S3. | |
942 | # (integer value) | |
943 | #s3_store_thread_pools=10 | |
944 | ||
945 | # Enable the use of a proxy. (boolean value) | |
946 | #s3_store_enable_proxy=false | |
947 | ||
948 | # Address or hostname for the proxy server. (string value) | |
949 | #s3_store_proxy_host=<None> | |
950 | ||
951 | # The port to use when connecting over a proxy. (integer value) | |
952 | #s3_store_proxy_port=8080 | |
953 | ||
954 | # The username to connect to the proxy. (string value) | |
955 | #s3_store_proxy_user=<None> | |
956 | ||
957 | # The password to use when connecting over a proxy. (string value) | |
958 | #s3_store_proxy_password=<None> | |
959 | ||
960 | # Info to match when looking for cinder in the service catalog. Format | |
961 | # is : separated values of the form: | |
962 | # <service_type>:<service_name>:<endpoint_type> (string value) | |
963 | #cinder_catalog_info=volume:cinder:publicURL | |
964 | ||
965 | # Override service catalog lookup with template for cinder endpoint | |
966 | # e.g. http://localhost:8776/v1/%(project_id)s (string value) | |
967 | #cinder_endpoint_template=<None> | |
968 | ||
969 | # Region name of this node (string value) | |
970 | #os_region_name=<None> | |
971 | os_region_name=RegionOne | |
972 | ||
11fdf7f2 | 973 | # Location of ca certificates file to use for cinder client requests. |
7c673cae FG |
974 | # (string value) |
975 | #cinder_ca_certificates_file=<None> | |
976 | ||
977 | # Number of cinderclient retries on failed http calls (integer value) | |
978 | #cinder_http_retries=3 | |
979 | ||
980 | # Allow to perform insecure SSL requests to cinder (boolean value) | |
981 | #cinder_api_insecure=false | |
982 | ||
983 | ||
984 | [image_format] | |
985 | ||
986 | # | |
987 | # From glance.api | |
988 | # | |
989 | ||
990 | # Supported values for the 'container_format' image attribute (list | |
991 | # value) | |
992 | # Deprecated group/name - [DEFAULT]/container_formats | |
993 | #container_formats=ami,ari,aki,bare,ovf,ova | |
994 | ||
995 | # Supported values for the 'disk_format' image attribute (list value) | |
996 | # Deprecated group/name - [DEFAULT]/disk_formats | |
997 | #disk_formats=ami,ari,aki,vhd,vmdk,raw,qcow2,vdi,iso | |
998 | ||
999 | ||
1000 | [keystone_authtoken] | |
1001 | ||
1002 | # | |
1003 | # From keystonemiddleware.auth_token | |
1004 | # | |
1005 | ||
1006 | # Complete public Identity API endpoint. (string value) | |
1007 | #auth_uri=<None> | |
1008 | auth_uri=http://VARINET4ADDR:5000/v2.0 | |
1009 | ||
1010 | # API version of the admin Identity API endpoint. (string value) | |
1011 | #auth_version=<None> | |
1012 | ||
1013 | # Do not handle authorization requests within the middleware, but | |
1014 | # delegate the authorization decision to downstream WSGI components. | |
1015 | # (boolean value) | |
1016 | #delay_auth_decision=false | |
1017 | ||
1018 | # Request timeout value for communicating with Identity API server. | |
1019 | # (integer value) | |
1020 | #http_connect_timeout=<None> | |
1021 | ||
1022 | # How many times are we trying to reconnect when communicating with | |
1023 | # Identity API Server. (integer value) | |
1024 | #http_request_max_retries=3 | |
1025 | ||
1026 | # Env key for the swift cache. (string value) | |
1027 | #cache=<None> | |
1028 | ||
1029 | # Required if identity server requires client certificate (string | |
1030 | # value) | |
1031 | #certfile=<None> | |
1032 | ||
1033 | # Required if identity server requires client certificate (string | |
1034 | # value) | |
1035 | #keyfile=<None> | |
1036 | ||
1037 | # A PEM encoded Certificate Authority to use when verifying HTTPs | |
1038 | # connections. Defaults to system CAs. (string value) | |
1039 | #cafile=<None> | |
1040 | ||
1041 | # Verify HTTPS connections. (boolean value) | |
1042 | #insecure=false | |
1043 | ||
1044 | # The region in which the identity server can be found. (string value) | |
1045 | #region_name=<None> | |
1046 | ||
1047 | # Directory used to cache files related to PKI tokens. (string value) | |
1048 | #signing_dir=<None> | |
1049 | ||
1050 | # Optionally specify a list of memcached server(s) to use for caching. | |
1051 | # If left undefined, tokens will instead be cached in-process. (list | |
1052 | # value) | |
1053 | # Deprecated group/name - [DEFAULT]/memcache_servers | |
1054 | #memcached_servers=<None> | |
1055 | ||
1056 | # In order to prevent excessive effort spent validating tokens, the | |
1057 | # middleware caches previously-seen tokens for a configurable duration | |
1058 | # (in seconds). Set to -1 to disable caching completely. (integer | |
1059 | # value) | |
1060 | #token_cache_time=300 | |
1061 | ||
1062 | # Determines the frequency at which the list of revoked tokens is | |
1063 | # retrieved from the Identity service (in seconds). A high number of | |
1064 | # revocation events combined with a low cache duration may | |
1065 | # significantly reduce performance. (integer value) | |
1066 | #revocation_cache_time=10 | |
1067 | ||
1068 | # (Optional) If defined, indicate whether token data should be | |
1069 | # authenticated or authenticated and encrypted. Acceptable values are | |
1070 | # MAC or ENCRYPT. If MAC, token data is authenticated (with HMAC) in | |
1071 | # the cache. If ENCRYPT, token data is encrypted and authenticated in | |
1072 | # the cache. If the value is not one of these options or empty, | |
1073 | # auth_token will raise an exception on initialization. (string value) | |
1074 | #memcache_security_strategy=<None> | |
1075 | ||
1076 | # (Optional, mandatory if memcache_security_strategy is defined) This | |
1077 | # string is used for key derivation. (string value) | |
1078 | #memcache_secret_key=<None> | |
1079 | ||
1080 | # (Optional) Number of seconds memcached server is considered dead | |
1081 | # before it is tried again. (integer value) | |
1082 | #memcache_pool_dead_retry=300 | |
1083 | ||
1084 | # (Optional) Maximum total number of open connections to every | |
1085 | # memcached server. (integer value) | |
1086 | #memcache_pool_maxsize=10 | |
1087 | ||
1088 | # (Optional) Socket timeout in seconds for communicating with a | |
1089 | # memcached server. (integer value) | |
1090 | #memcache_pool_socket_timeout=3 | |
1091 | ||
1092 | # (Optional) Number of seconds a connection to memcached is held | |
1093 | # unused in the pool before it is closed. (integer value) | |
1094 | #memcache_pool_unused_timeout=60 | |
1095 | ||
1096 | # (Optional) Number of seconds that an operation will wait to get a | |
1097 | # memcached client connection from the pool. (integer value) | |
1098 | #memcache_pool_conn_get_timeout=10 | |
1099 | ||
1100 | # (Optional) Use the advanced (eventlet safe) memcached client pool. | |
1101 | # The advanced pool will only work under python 2.x. (boolean value) | |
1102 | #memcache_use_advanced_pool=false | |
1103 | ||
1104 | # (Optional) Indicate whether to set the X-Service-Catalog header. If | |
1105 | # False, middleware will not ask for service catalog on token | |
1106 | # validation and will not set the X-Service-Catalog header. (boolean | |
1107 | # value) | |
1108 | #include_service_catalog=true | |
1109 | ||
1110 | # Used to control the use and type of token binding. Can be set to: | |
1111 | # "disabled" to not check token binding. "permissive" (default) to | |
1112 | # validate binding information if the bind type is of a form known to | |
1113 | # the server and ignore it if not. "strict" like "permissive" but if | |
1114 | # the bind type is unknown the token will be rejected. "required" any | |
1115 | # form of token binding is needed to be allowed. Finally the name of a | |
1116 | # binding method that must be present in tokens. (string value) | |
1117 | #enforce_token_bind=permissive | |
1118 | ||
1119 | # If true, the revocation list will be checked for cached tokens. This | |
1120 | # requires that PKI tokens are configured on the identity server. | |
1121 | # (boolean value) | |
1122 | #check_revocations_for_cached=false | |
1123 | ||
1124 | # Hash algorithms to use for hashing PKI tokens. This may be a single | |
1125 | # algorithm or multiple. The algorithms are those supported by Python | |
1126 | # standard hashlib.new(). The hashes will be tried in the order given, | |
1127 | # so put the preferred one first for performance. The result of the | |
1128 | # first hash will be stored in the cache. This will typically be set | |
1129 | # to multiple values only while migrating from a less secure algorithm | |
1130 | # to a more secure one. Once all the old tokens are expired this | |
1131 | # option should be set to a single value for better performance. (list | |
1132 | # value) | |
1133 | #hash_algorithms=md5 | |
1134 | ||
1135 | # Prefix to prepend at the beginning of the path. Deprecated, use | |
1136 | # identity_uri. (string value) | |
1137 | #auth_admin_prefix = | |
1138 | ||
1139 | # Host providing the admin Identity API endpoint. Deprecated, use | |
1140 | # identity_uri. (string value) | |
1141 | #auth_host=127.0.0.1 | |
1142 | ||
1143 | # Port of the admin Identity API endpoint. Deprecated, use | |
1144 | # identity_uri. (integer value) | |
1145 | #auth_port=35357 | |
1146 | ||
1147 | # Protocol of the admin Identity API endpoint (http or https). | |
1148 | # Deprecated, use identity_uri. (string value) | |
1149 | #auth_protocol=http | |
1150 | ||
1151 | # Complete admin Identity API endpoint. This should specify the | |
1152 | # unversioned root endpoint e.g. https://localhost:35357/ (string | |
1153 | # value) | |
1154 | #identity_uri=<None> | |
1155 | identity_uri=http://VARINET4ADDR:35357 | |
1156 | ||
1157 | # This option is deprecated and may be removed in a future release. | |
1158 | # Single shared secret with the Keystone configuration used for | |
1159 | # bootstrapping a Keystone installation, or otherwise bypassing the | |
1160 | # normal authentication process. This option should not be used, use | |
1161 | # `admin_user` and `admin_password` instead. (string value) | |
1162 | #admin_token=<None> | |
1163 | ||
1164 | # Service username. (string value) | |
1165 | #admin_user=<None> | |
1166 | admin_user=glance | |
1167 | ||
1168 | # Service user password. (string value) | |
1169 | #admin_password=<None> | |
1170 | admin_password=qum5net | |
1171 | ||
1172 | # Service tenant name. (string value) | |
1173 | #admin_tenant_name=admin | |
1174 | admin_tenant_name=services | |
1175 | ||
1176 | ||
1177 | [matchmaker_redis] | |
1178 | ||
1179 | # | |
1180 | # From oslo.messaging | |
1181 | # | |
1182 | ||
1183 | # Host to locate redis. (string value) | |
1184 | #host=127.0.0.1 | |
1185 | ||
1186 | # Use this port to connect to redis host. (integer value) | |
1187 | #port=6379 | |
1188 | ||
1189 | # Password for Redis server (optional). (string value) | |
1190 | #password=<None> | |
1191 | ||
1192 | ||
1193 | [matchmaker_ring] | |
1194 | ||
1195 | # | |
1196 | # From oslo.messaging | |
1197 | # | |
1198 | ||
1199 | # Matchmaker ring file (JSON). (string value) | |
1200 | # Deprecated group/name - [DEFAULT]/matchmaker_ringfile | |
1201 | #ringfile=/etc/oslo/matchmaker_ring.json | |
1202 | ||
1203 | ||
1204 | [oslo_concurrency] | |
1205 | ||
1206 | # | |
1207 | # From oslo.concurrency | |
1208 | # | |
1209 | ||
1210 | # Enables or disables inter-process locks. (boolean value) | |
1211 | # Deprecated group/name - [DEFAULT]/disable_process_locking | |
1212 | #disable_process_locking=false | |
1213 | ||
1214 | # Directory to use for lock files. For security, the specified | |
1215 | # directory should only be writable by the user running the processes | |
1216 | # that need locking. Defaults to environment variable OSLO_LOCK_PATH. | |
1217 | # If external locks are used, a lock path must be set. (string value) | |
1218 | # Deprecated group/name - [DEFAULT]/lock_path | |
1219 | #lock_path=<None> | |
1220 | ||
1221 | ||
1222 | [oslo_messaging_amqp] | |
1223 | ||
1224 | # | |
1225 | # From oslo.messaging | |
1226 | # | |
1227 | ||
1228 | # address prefix used when sending to a specific server (string value) | |
1229 | # Deprecated group/name - [amqp1]/server_request_prefix | |
1230 | #server_request_prefix=exclusive | |
1231 | ||
1232 | # address prefix used when broadcasting to all servers (string value) | |
1233 | # Deprecated group/name - [amqp1]/broadcast_prefix | |
1234 | #broadcast_prefix=broadcast | |
1235 | ||
1236 | # address prefix when sending to any server in group (string value) | |
1237 | # Deprecated group/name - [amqp1]/group_request_prefix | |
1238 | #group_request_prefix=unicast | |
1239 | ||
1240 | # Name for the AMQP container (string value) | |
1241 | # Deprecated group/name - [amqp1]/container_name | |
1242 | #container_name=<None> | |
1243 | ||
1244 | # Timeout for inactive connections (in seconds) (integer value) | |
1245 | # Deprecated group/name - [amqp1]/idle_timeout | |
1246 | #idle_timeout=0 | |
1247 | ||
1248 | # Debug: dump AMQP frames to stdout (boolean value) | |
1249 | # Deprecated group/name - [amqp1]/trace | |
1250 | #trace=false | |
1251 | ||
1252 | # CA certificate PEM file to verify server certificate (string value) | |
1253 | # Deprecated group/name - [amqp1]/ssl_ca_file | |
1254 | #ssl_ca_file = | |
1255 | ||
1256 | # Identifying certificate PEM file to present to clients (string | |
1257 | # value) | |
1258 | # Deprecated group/name - [amqp1]/ssl_cert_file | |
1259 | #ssl_cert_file = | |
1260 | ||
1261 | # Private key PEM file used to sign cert_file certificate (string | |
1262 | # value) | |
1263 | # Deprecated group/name - [amqp1]/ssl_key_file | |
1264 | #ssl_key_file = | |
1265 | ||
1266 | # Password for decrypting ssl_key_file (if encrypted) (string value) | |
1267 | # Deprecated group/name - [amqp1]/ssl_key_password | |
1268 | #ssl_key_password=<None> | |
1269 | ||
1270 | # Accept clients using either SSL or plain TCP (boolean value) | |
1271 | # Deprecated group/name - [amqp1]/allow_insecure_clients | |
1272 | #allow_insecure_clients=false | |
1273 | ||
1274 | ||
1275 | [oslo_messaging_qpid] | |
1276 | ||
1277 | # | |
1278 | # From oslo.messaging | |
1279 | # | |
1280 | ||
1281 | # Use durable queues in AMQP. (boolean value) | |
1282 | # Deprecated group/name - [DEFAULT]/amqp_durable_queues | |
1283 | # Deprecated group/name - [DEFAULT]/rabbit_durable_queues | |
1284 | #amqp_durable_queues=false | |
1285 | ||
1286 | # Auto-delete queues in AMQP. (boolean value) | |
1287 | # Deprecated group/name - [DEFAULT]/amqp_auto_delete | |
1288 | #amqp_auto_delete=false | |
1289 | ||
1290 | # Send a single AMQP reply to call message. The current behaviour | |
1291 | # since oslo-incubator is to send two AMQP replies - first one with | |
1292 | # the payload, a second one to ensure the other have finish to send | |
1293 | # the payload. We are going to remove it in the N release, but we must | |
1294 | # keep backward compatible at the same time. This option provides such | |
1295 | # compatibility - it defaults to False in Liberty and can be turned on | |
1296 | # for early adopters with a new installations or for testing. Please | |
1297 | # note, that this option will be removed in the Mitaka release. | |
1298 | # (boolean value) | |
1299 | #send_single_reply=false | |
1300 | ||
1301 | # Qpid broker hostname. (string value) | |
1302 | # Deprecated group/name - [DEFAULT]/qpid_hostname | |
1303 | #qpid_hostname=localhost | |
1304 | ||
1305 | # Qpid broker port. (integer value) | |
1306 | # Deprecated group/name - [DEFAULT]/qpid_port | |
1307 | #qpid_port=5672 | |
1308 | ||
1309 | # Qpid HA cluster host:port pairs. (list value) | |
1310 | # Deprecated group/name - [DEFAULT]/qpid_hosts | |
1311 | #qpid_hosts=$qpid_hostname:$qpid_port | |
1312 | ||
1313 | # Username for Qpid connection. (string value) | |
1314 | # Deprecated group/name - [DEFAULT]/qpid_username | |
1315 | #qpid_username = | |
1316 | ||
1317 | # Password for Qpid connection. (string value) | |
1318 | # Deprecated group/name - [DEFAULT]/qpid_password | |
1319 | #qpid_password = | |
1320 | ||
1321 | # Space separated list of SASL mechanisms to use for auth. (string | |
1322 | # value) | |
1323 | # Deprecated group/name - [DEFAULT]/qpid_sasl_mechanisms | |
1324 | #qpid_sasl_mechanisms = | |
1325 | ||
1326 | # Seconds between connection keepalive heartbeats. (integer value) | |
1327 | # Deprecated group/name - [DEFAULT]/qpid_heartbeat | |
1328 | #qpid_heartbeat=60 | |
1329 | ||
1330 | # Transport to use, either 'tcp' or 'ssl'. (string value) | |
1331 | # Deprecated group/name - [DEFAULT]/qpid_protocol | |
1332 | #qpid_protocol=tcp | |
1333 | ||
1334 | # Whether to disable the Nagle algorithm. (boolean value) | |
1335 | # Deprecated group/name - [DEFAULT]/qpid_tcp_nodelay | |
1336 | #qpid_tcp_nodelay=true | |
1337 | ||
1338 | # The number of prefetched messages held by receiver. (integer value) | |
1339 | # Deprecated group/name - [DEFAULT]/qpid_receiver_capacity | |
1340 | #qpid_receiver_capacity=1 | |
1341 | ||
1342 | # The qpid topology version to use. Version 1 is what was originally | |
1343 | # used by impl_qpid. Version 2 includes some backwards-incompatible | |
1344 | # changes that allow broker federation to work. Users should update | |
1345 | # to version 2 when they are able to take everything down, as it | |
1346 | # requires a clean break. (integer value) | |
1347 | # Deprecated group/name - [DEFAULT]/qpid_topology_version | |
1348 | #qpid_topology_version=1 | |
1349 | ||
1350 | ||
1351 | [oslo_messaging_rabbit] | |
1352 | ||
1353 | # | |
1354 | # From oslo.messaging | |
1355 | # | |
1356 | ||
1357 | # Use durable queues in AMQP. (boolean value) | |
1358 | # Deprecated group/name - [DEFAULT]/amqp_durable_queues | |
1359 | # Deprecated group/name - [DEFAULT]/rabbit_durable_queues | |
1360 | #amqp_durable_queues=false | |
1361 | amqp_durable_queues=False | |
1362 | ||
1363 | # Auto-delete queues in AMQP. (boolean value) | |
1364 | # Deprecated group/name - [DEFAULT]/amqp_auto_delete | |
1365 | #amqp_auto_delete=false | |
1366 | ||
1367 | # Send a single AMQP reply to call message. The current behaviour | |
1368 | # since oslo-incubator is to send two AMQP replies - first one with | |
1369 | # the payload, a second one to ensure the other have finish to send | |
1370 | # the payload. We are going to remove it in the N release, but we must | |
1371 | # keep backward compatible at the same time. This option provides such | |
1372 | # compatibility - it defaults to False in Liberty and can be turned on | |
1373 | # for early adopters with a new installations or for testing. Please | |
1374 | # note, that this option will be removed in the Mitaka release. | |
1375 | # (boolean value) | |
1376 | #send_single_reply=false | |
1377 | ||
1378 | # SSL version to use (valid only if SSL enabled). Valid values are | |
1379 | # TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be | |
1380 | # available on some distributions. (string value) | |
1381 | # Deprecated group/name - [DEFAULT]/kombu_ssl_version | |
1382 | #kombu_ssl_version = | |
1383 | ||
1384 | # SSL key file (valid only if SSL enabled). (string value) | |
1385 | # Deprecated group/name - [DEFAULT]/kombu_ssl_keyfile | |
1386 | #kombu_ssl_keyfile = | |
1387 | ||
1388 | # SSL cert file (valid only if SSL enabled). (string value) | |
1389 | # Deprecated group/name - [DEFAULT]/kombu_ssl_certfile | |
1390 | #kombu_ssl_certfile = | |
1391 | ||
1392 | # SSL certification authority file (valid only if SSL enabled). | |
1393 | # (string value) | |
1394 | # Deprecated group/name - [DEFAULT]/kombu_ssl_ca_certs | |
1395 | #kombu_ssl_ca_certs = | |
1396 | ||
1397 | # How long to wait before reconnecting in response to an AMQP consumer | |
1398 | # cancel notification. (floating point value) | |
1399 | # Deprecated group/name - [DEFAULT]/kombu_reconnect_delay | |
1400 | #kombu_reconnect_delay=1.0 | |
1401 | ||
1402 | # How long to wait before considering a reconnect attempt to have | |
1403 | # failed. This value should not be longer than rpc_response_timeout. | |
1404 | # (integer value) | |
1405 | #kombu_reconnect_timeout=60 | |
1406 | ||
1407 | # The RabbitMQ broker address where a single node is used. (string | |
1408 | # value) | |
1409 | # Deprecated group/name - [DEFAULT]/rabbit_host | |
1410 | #rabbit_host=localhost | |
1411 | rabbit_host=VARINET4ADDR | |
1412 | ||
1413 | # The RabbitMQ broker port where a single node is used. (integer | |
1414 | # value) | |
1415 | # Deprecated group/name - [DEFAULT]/rabbit_port | |
1416 | #rabbit_port=5672 | |
1417 | rabbit_port=5672 | |
1418 | ||
1419 | # RabbitMQ HA cluster host:port pairs. (list value) | |
1420 | # Deprecated group/name - [DEFAULT]/rabbit_hosts | |
1421 | #rabbit_hosts=$rabbit_host:$rabbit_port | |
1422 | rabbit_hosts=VARINET4ADDR:5672 | |
1423 | ||
1424 | # Connect over SSL for RabbitMQ. (boolean value) | |
1425 | # Deprecated group/name - [DEFAULT]/rabbit_use_ssl | |
1426 | #rabbit_use_ssl=false | |
1427 | rabbit_use_ssl=False | |
1428 | ||
1429 | # The RabbitMQ userid. (string value) | |
1430 | # Deprecated group/name - [DEFAULT]/rabbit_userid | |
1431 | #rabbit_userid=guest | |
1432 | rabbit_userid=guest | |
1433 | ||
1434 | # The RabbitMQ password. (string value) | |
1435 | # Deprecated group/name - [DEFAULT]/rabbit_password | |
1436 | #rabbit_password=guest | |
1437 | rabbit_password=guest | |
1438 | ||
1439 | # The RabbitMQ login method. (string value) | |
1440 | # Deprecated group/name - [DEFAULT]/rabbit_login_method | |
1441 | #rabbit_login_method=AMQPLAIN | |
1442 | ||
1443 | # The RabbitMQ virtual host. (string value) | |
1444 | # Deprecated group/name - [DEFAULT]/rabbit_virtual_host | |
1445 | #rabbit_virtual_host=/ | |
1446 | rabbit_virtual_host=/ | |
1447 | ||
1448 | # How frequently to retry connecting with RabbitMQ. (integer value) | |
1449 | #rabbit_retry_interval=1 | |
1450 | ||
1451 | # How long to backoff for between retries when connecting to RabbitMQ. | |
1452 | # (integer value) | |
1453 | # Deprecated group/name - [DEFAULT]/rabbit_retry_backoff | |
1454 | #rabbit_retry_backoff=2 | |
1455 | ||
1456 | # Maximum number of RabbitMQ connection retries. Default is 0 | |
1457 | # (infinite retry count). (integer value) | |
1458 | # Deprecated group/name - [DEFAULT]/rabbit_max_retries | |
1459 | #rabbit_max_retries=0 | |
1460 | ||
1461 | # Use HA queues in RabbitMQ (x-ha-policy: all). If you change this | |
1462 | # option, you must wipe the RabbitMQ database. (boolean value) | |
1463 | # Deprecated group/name - [DEFAULT]/rabbit_ha_queues | |
1464 | #rabbit_ha_queues=false | |
1465 | rabbit_ha_queues=False | |
1466 | ||
1467 | # Number of seconds after which the Rabbit broker is considered down | |
1468 | # if heartbeat's keep-alive fails (0 disable the heartbeat). | |
1469 | # EXPERIMENTAL (integer value) | |
1470 | #heartbeat_timeout_threshold=60 | |
1471 | heartbeat_timeout_threshold=0 | |
1472 | ||
1473 | # How often times during the heartbeat_timeout_threshold we check the | |
1474 | # heartbeat. (integer value) | |
1475 | #heartbeat_rate=2 | |
1476 | heartbeat_rate=2 | |
1477 | ||
1478 | # Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake | |
1479 | # (boolean value) | |
1480 | # Deprecated group/name - [DEFAULT]/fake_rabbit | |
1481 | #fake_rabbit=false | |
1482 | rabbit_notification_exchange=glance | |
1483 | rabbit_notification_topic=notifications | |
1484 | ||
1485 | ||
1486 | [oslo_policy] | |
1487 | ||
1488 | # | |
1489 | # From oslo.policy | |
1490 | # | |
1491 | ||
1492 | # The JSON file that defines policies. (string value) | |
1493 | # Deprecated group/name - [DEFAULT]/policy_file | |
1494 | #policy_file=policy.json | |
1495 | ||
1496 | # Default rule. Enforced when a requested rule is not found. (string | |
1497 | # value) | |
1498 | # Deprecated group/name - [DEFAULT]/policy_default_rule | |
1499 | #policy_default_rule=default | |
1500 | ||
1501 | # Directories where policy configuration files are stored. They can be | |
1502 | # relative to any directory in the search path defined by the | |
1503 | # config_dir option, or absolute paths. The file defined by | |
1504 | # policy_file must exist for these directories to be searched. | |
1505 | # Missing or empty directories are ignored. (multi valued) | |
1506 | # Deprecated group/name - [DEFAULT]/policy_dirs | |
1507 | # This option is deprecated for removal. | |
1508 | # Its value may be silently ignored in the future. | |
1509 | #policy_dirs=policy.d | |
1510 | ||
1511 | ||
1512 | [paste_deploy] | |
1513 | ||
1514 | # | |
1515 | # From glance.api | |
1516 | # | |
1517 | ||
1518 | # Partial name of a pipeline in your paste configuration file with the | |
1519 | # service name removed. For example, if your paste section name is | |
1520 | # [pipeline:glance-api-keystone] use the value "keystone" (string | |
1521 | # value) | |
1522 | #flavor=<None> | |
1523 | flavor=keystone | |
1524 | ||
1525 | # Name of the paste configuration file. (string value) | |
1526 | #config_file=/usr/share/glance/glance-api-dist-paste.ini | |
1527 | ||
1528 | ||
1529 | [store_type_location_strategy] | |
1530 | ||
1531 | # | |
1532 | # From glance.api | |
1533 | # | |
1534 | ||
1535 | # The store names to use to get store preference order. The name must | |
1536 | # be registered by one of the stores defined by the 'stores' config | |
1537 | # option. This option will be applied when you using 'store_type' | |
1538 | # option as image location strategy defined by the 'location_strategy' | |
1539 | # config option. (list value) | |
1540 | #store_type_preference = | |
1541 | ||
1542 | ||
1543 | [task] | |
1544 | ||
1545 | # | |
1546 | # From glance.api | |
1547 | # | |
1548 | ||
1549 | # Time in hours for which a task lives after, either succeeding or | |
1550 | # failing (integer value) | |
1551 | # Deprecated group/name - [DEFAULT]/task_time_to_live | |
1552 | #task_time_to_live=48 | |
1553 | ||
1554 | # Specifies which task executor to be used to run the task scripts. | |
1555 | # (string value) | |
1556 | #task_executor=taskflow | |
1557 | ||
1558 | # Work dir for asynchronous task operations. The directory set here | |
1559 | # will be used to operate over images - normally before they are | |
1560 | # imported in the destination store. When providing work dir, make | |
1561 | # sure enough space is provided for concurrent tasks to run | |
1562 | # efficiently without running out of space. A rough estimation can be | |
1563 | # done by multiplying the number of `max_workers` - or the N of | |
1564 | # workers running - by an average image size (e.g 500MB). The image | |
1565 | # size estimation should be done based on the average size in your | |
1566 | # deployment. Note that depending on the tasks running you may need to | |
1567 | # multiply this number by some factor depending on what the task does. | |
1568 | # For example, you may want to double the available size if image | |
1569 | # conversion is enabled. All this being said, remember these are just | |
1570 | # estimations and you should do them based on the worst case scenario | |
1571 | # and be prepared to act in case they were wrong. (string value) | |
1572 | #work_dir=<None> | |
1573 | ||
1574 | ||
1575 | [taskflow_executor] | |
1576 | ||
1577 | # | |
1578 | # From glance.api | |
1579 | # | |
1580 | ||
1581 | # The mode in which the engine will run. Can be 'serial' or | |
1582 | # 'parallel'. (string value) | |
1583 | # Allowed values: serial, parallel | |
1584 | #engine_mode=parallel | |
1585 | ||
1586 | # The number of parallel activities executed at the same time by the | |
1587 | # engine. The value can be greater than one when the engine mode is | |
1588 | # 'parallel'. (integer value) | |
1589 | # Deprecated group/name - [task]/eventlet_executor_pool_size | |
1590 | #max_workers=10 |