From 19fcec84d8d7d21e796c7624e521b60d28ee21ed Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 20:45:59 +0200 Subject: Adding upstream version 16.2.11+ds. Signed-off-by: Daniel Baumann --- qa/qa_scripts/cephscrub.sh | 30 + qa/qa_scripts/openstack/README | 32 + qa/qa_scripts/openstack/ceph_install.sh | 11 + .../openstack/ceph_install_w_ansible/README | 32 + .../ceph_install_w_ansible/ceph_install.sh | 39 + .../openstack/ceph_install_w_ansible/config | 5 + .../openstack/ceph_install_w_ansible/copy_func.sh | 1 + .../ceph_install_w_ansible/execs/cdn_setup.sh | 20 + .../ceph_install_w_ansible/execs/ceph_ansible.sh | 36 + .../execs/edit_ansible_hosts.sh | 17 + .../execs/edit_groupvars_osds.sh | 13 + .../ceph_install_w_ansible/multi_action.sh | 19 + .../openstack/ceph_install_w_ansible/repolocs.sh | 8 + .../openstack/ceph_install_w_ansible/staller.sh | 15 + .../openstack/ceph_install_w_ansible/talknice.sh | 29 + qa/qa_scripts/openstack/connectceph.sh | 44 + qa/qa_scripts/openstack/copy_func.sh | 22 + qa/qa_scripts/openstack/execs/ceph-pool-create.sh | 34 + qa/qa_scripts/openstack/execs/ceph_cluster.sh | 50 + qa/qa_scripts/openstack/execs/libvirt-secret.sh | 19 + .../openstack/execs/openstack-preinstall.sh | 17 + qa/qa_scripts/openstack/execs/run_openstack.sh | 23 + qa/qa_scripts/openstack/execs/start_openstack.sh | 15 + qa/qa_scripts/openstack/files/cinder.template.conf | 3481 ++++++++++++++++++ .../openstack/files/glance-api.template.conf | 1590 +++++++++ qa/qa_scripts/openstack/files/kilo.template.conf | 1077 ++++++ qa/qa_scripts/openstack/files/nova.template.conf | 3698 ++++++++++++++++++++ qa/qa_scripts/openstack/fix_conf_file.sh | 28 + qa/qa_scripts/openstack/image_create.sh | 16 + qa/qa_scripts/openstack/openstack.sh | 28 + qa/qa_scripts/openstack/packstack.sh | 20 + 31 files changed, 10469 insertions(+) create mode 100755 qa/qa_scripts/cephscrub.sh create mode 100644 qa/qa_scripts/openstack/README create mode 100755 qa/qa_scripts/openstack/ceph_install.sh create mode 100644 qa/qa_scripts/openstack/ceph_install_w_ansible/README create mode 100755 qa/qa_scripts/openstack/ceph_install_w_ansible/ceph_install.sh create mode 100644 qa/qa_scripts/openstack/ceph_install_w_ansible/config create mode 120000 qa/qa_scripts/openstack/ceph_install_w_ansible/copy_func.sh create mode 100755 qa/qa_scripts/openstack/ceph_install_w_ansible/execs/cdn_setup.sh create mode 100755 qa/qa_scripts/openstack/ceph_install_w_ansible/execs/ceph_ansible.sh create mode 100755 qa/qa_scripts/openstack/ceph_install_w_ansible/execs/edit_ansible_hosts.sh create mode 100755 qa/qa_scripts/openstack/ceph_install_w_ansible/execs/edit_groupvars_osds.sh create mode 100755 qa/qa_scripts/openstack/ceph_install_w_ansible/multi_action.sh create mode 100755 qa/qa_scripts/openstack/ceph_install_w_ansible/repolocs.sh create mode 100755 qa/qa_scripts/openstack/ceph_install_w_ansible/staller.sh create mode 100755 qa/qa_scripts/openstack/ceph_install_w_ansible/talknice.sh create mode 100755 qa/qa_scripts/openstack/connectceph.sh create mode 100755 qa/qa_scripts/openstack/copy_func.sh create mode 100755 qa/qa_scripts/openstack/execs/ceph-pool-create.sh create mode 100755 qa/qa_scripts/openstack/execs/ceph_cluster.sh create mode 100755 qa/qa_scripts/openstack/execs/libvirt-secret.sh create mode 100755 qa/qa_scripts/openstack/execs/openstack-preinstall.sh create mode 100755 qa/qa_scripts/openstack/execs/run_openstack.sh create mode 100755 qa/qa_scripts/openstack/execs/start_openstack.sh create mode 100644 qa/qa_scripts/openstack/files/cinder.template.conf create mode 100644 qa/qa_scripts/openstack/files/glance-api.template.conf create mode 100644 qa/qa_scripts/openstack/files/kilo.template.conf create mode 100644 qa/qa_scripts/openstack/files/nova.template.conf create mode 100755 qa/qa_scripts/openstack/fix_conf_file.sh create mode 100755 qa/qa_scripts/openstack/image_create.sh create mode 100755 qa/qa_scripts/openstack/openstack.sh create mode 100755 qa/qa_scripts/openstack/packstack.sh (limited to 'qa/qa_scripts') diff --git a/qa/qa_scripts/cephscrub.sh b/qa/qa_scripts/cephscrub.sh new file mode 100755 index 000000000..331d5ce32 --- /dev/null +++ b/qa/qa_scripts/cephscrub.sh @@ -0,0 +1,30 @@ +# remove the ceph directories +sudo rm -rf /var/log/ceph +sudo rm -rf /var/lib/ceph +sudo rm -rf /etc/ceph +sudo rm -rf /var/run/ceph +# remove the ceph packages +sudo apt-get -y purge ceph +sudo apt-get -y purge ceph-dbg +sudo apt-get -y purge ceph-mds +sudo apt-get -y purge ceph-mds-dbg +sudo apt-get -y purge ceph-fuse +sudo apt-get -y purge ceph-fuse-dbg +sudo apt-get -y purge ceph-common +sudo apt-get -y purge ceph-common-dbg +sudo apt-get -y purge ceph-resource-agents +sudo apt-get -y purge librados2 +sudo apt-get -y purge librados2-dbg +sudo apt-get -y purge librados-dev +sudo apt-get -y purge librbd1 +sudo apt-get -y purge librbd1-dbg +sudo apt-get -y purge librbd-dev +sudo apt-get -y purge libcephfs2 +sudo apt-get -y purge libcephfs2-dbg +sudo apt-get -y purge libcephfs-dev +sudo apt-get -y purge radosgw +sudo apt-get -y purge radosgw-dbg +sudo apt-get -y purge obsync +sudo apt-get -y purge python-rados +sudo apt-get -y purge python-rbd +sudo apt-get -y purge python-cephfs diff --git a/qa/qa_scripts/openstack/README b/qa/qa_scripts/openstack/README new file mode 100644 index 000000000..63fe2d973 --- /dev/null +++ b/qa/qa_scripts/openstack/README @@ -0,0 +1,32 @@ +This directory contains scripts to quickly bring up an OpenStack instance, +attach a ceph cluster, create a nova compute node, and store the associated glance images, cinder volumes, nova vm, and cinder backup on ceph via rbd. + +execs is a directory that contains executables that are copied and remotely +run on the OpenStack instance + +files is a directory that contains templates used to initialize OpenStack +conf files. These templates reflect the state of these conf files on 5/17/2016. +If further development is necessary in the future, these templates should +probably be removed and direct editing of the OpenStack conf files should +probably be performed. + +These scripts also assume that either there is a rhel iso file named +rhel-server-7.2-x86_64-boot.iso in the user's home directory, or the +exported variable RHEL_ISO is set to point at an existing rhel iso file. +If one is also running the ceph-deploy based ceph_install.sh, this script +also assumes that there is a file named rhceph-1.3.1-rhel-7-x86_64-dvd.iso +in the files directory. These iso files can be obtained from the rhel site +and are not stored with these scripts. + +To install openstack: +./openstack.sh + +This assumes that the ceph cluster is already set up. + +To setup a ceph-cluster using an iso and ceph-deploy: +./ceph_install.sh + +To setup a ceph-cluster using the cdn and ceph-ansible: +cd ceph_install_w_ansible +./ceph_install.sh + diff --git a/qa/qa_scripts/openstack/ceph_install.sh b/qa/qa_scripts/openstack/ceph_install.sh new file mode 100755 index 000000000..47831bd03 --- /dev/null +++ b/qa/qa_scripts/openstack/ceph_install.sh @@ -0,0 +1,11 @@ +#!/usr/bin/env bash +# +# Install a simple ceph cluster upon which openstack images will be stored. +# +set -fv +ceph_node=${1} +source copy_func.sh +copy_file files/$OS_CEPH_ISO $ceph_node . +copy_file execs/ceph_cluster.sh $ceph_node . 0777 +copy_file execs/ceph-pool-create.sh $ceph_node . 0777 +ssh $ceph_node ./ceph_cluster.sh $* diff --git a/qa/qa_scripts/openstack/ceph_install_w_ansible/README b/qa/qa_scripts/openstack/ceph_install_w_ansible/README new file mode 100644 index 000000000..282c46e48 --- /dev/null +++ b/qa/qa_scripts/openstack/ceph_install_w_ansible/README @@ -0,0 +1,32 @@ + +ceph_install.sh installs a ceph cluster using the cdn and ceph-ansible. + +Right now, it takes 5 parameters -- an admin node, a ceph mon node, and +three osd nodes. + +In order to subscribe to the cdn, in your home directory create a file named +secrets, (~/secrets), that contains the following lines: + +subscrname=Your-Redhat-Cdn-Id +subscrpassword=Your-Redhat-Cdn-Password + +If you want to set the monitor_interface or the public_network values, +in your home directory create a file named ip_info (~/ip_info), that +contains the following lines: + +mon_intf=your-monitor-interface (default is eno1) +pub_netw=public-network (default is 10.8.128.0/21) + +This script first subscribes to the cdn, enables the rhel 7 repos, and does +a yum update. (multi_action.sh performs all the actions on all nodes at once, +staller.sh is used to make sure that all updates are complete before exiting, +and execs/cdn_setup.sh is used to remotely update the cdn information. + +After that, it makes sure that all nodes can connect via passwordless ssh +(using talknice.sh and config) and then installs the appropriate repos and +runs ceph_ansible on the admin node using execs/ceph_ansible.sh, +execs/edit_ansible_hosts.sh and execs/edit_groupvars_osds.sh. + +repolocs.sh contains the locations of repo files. These variables can +be changed if one wishes to use different urls. + diff --git a/qa/qa_scripts/openstack/ceph_install_w_ansible/ceph_install.sh b/qa/qa_scripts/openstack/ceph_install_w_ansible/ceph_install.sh new file mode 100755 index 000000000..b4d14f9c2 --- /dev/null +++ b/qa/qa_scripts/openstack/ceph_install_w_ansible/ceph_install.sh @@ -0,0 +1,39 @@ +#! /usr/bin/env bash +if [ $# -ne 5 ]; then + echo 'Usage: ceph_install.sh ' + exit -1 +fi +allnodes=$* +adminnode=$1 +shift +cephnodes=$* +monnode=$1 +shift +osdnodes=$* +./multi_action.sh cdn_setup.sh $allnodes +./talknice.sh $allnodes +for mac in $allnodes; do + ssh $mac sudo yum -y install yum-utils +done + +source ./repolocs.sh +ssh $adminnode sudo yum-config-manager --add ${CEPH_REPO_TOOLS} +ssh $monnode sudo yum-config-manager --add ${CEPH_REPO_MON} +for mac in $osdnodes; do + ssh $mac sudo yum-config-manager --add ${CEPH_REPO_OSD} +done +ssh $adminnode sudo yum-config-manager --add ${INSTALLER_REPO_LOC} + +for mac in $allnodes; do + ssh $mac sudo sed -i 's/gpgcheck=1/gpgcheck=0/' /etc/yum.conf +done + +source copy_func.sh +copy_file execs/ceph_ansible.sh $adminnode . 0777 ubuntu:ubuntu +copy_file execs/edit_ansible_hosts.sh $adminnode . 0777 ubuntu:ubuntu +copy_file execs/edit_groupvars_osds.sh $adminnode . 0777 ubuntu:ubuntu +copy_file ../execs/ceph-pool-create.sh $monnode . 0777 ubuntu:ubuntu +if [ -e ~/ip_info ]; then + copy_file ~/ip_info $adminnode . 0777 ubuntu:ubuntu +fi +ssh $adminnode ./ceph_ansible.sh $cephnodes diff --git a/qa/qa_scripts/openstack/ceph_install_w_ansible/config b/qa/qa_scripts/openstack/ceph_install_w_ansible/config new file mode 100644 index 000000000..a7d819869 --- /dev/null +++ b/qa/qa_scripts/openstack/ceph_install_w_ansible/config @@ -0,0 +1,5 @@ +Host plana* mira* burnupi* tala* saya* vpm* names* gitbuilder* teuthology gw* senta* vercoi* rex* magna* + ServerAliveInterval 360 + StrictHostKeyChecking no + UserKnownHostsFile=/dev/null + User ubuntu diff --git a/qa/qa_scripts/openstack/ceph_install_w_ansible/copy_func.sh b/qa/qa_scripts/openstack/ceph_install_w_ansible/copy_func.sh new file mode 120000 index 000000000..6a36be7b0 --- /dev/null +++ b/qa/qa_scripts/openstack/ceph_install_w_ansible/copy_func.sh @@ -0,0 +1 @@ +../copy_func.sh \ No newline at end of file diff --git a/qa/qa_scripts/openstack/ceph_install_w_ansible/execs/cdn_setup.sh b/qa/qa_scripts/openstack/ceph_install_w_ansible/execs/cdn_setup.sh new file mode 100755 index 000000000..0c87039db --- /dev/null +++ b/qa/qa_scripts/openstack/ceph_install_w_ansible/execs/cdn_setup.sh @@ -0,0 +1,20 @@ +#! /usr/bin/env bash +if [ -f ~/secrets ]; then + source ~/secrets +fi +subm=`which subscription-manager` +if [ ${#subm} -eq 0 ]; then + sudo yum -y update + exit +fi +subst=`sudo subscription-manager status | grep "^Overall" | awk '{print $NF}'` +if [ $subst == 'Unknown' ]; then + mynameis=${subscrname:-'inigomontoya'} + mypassis=${subscrpassword:-'youkeelmyfatherpreparetodie'} + sudo subscription-manager register --username=$mynameis --password=$mypassis --force + sudo subscription-manager refresh + if [ $? -eq 1 ]; then exit 1; fi + sudo subscription-manager attach --pool=8a85f9823e3d5e43013e3ddd4e2a0977 +fi +sudo subscription-manager repos --enable=rhel-7-server-rpms +sudo yum -y update diff --git a/qa/qa_scripts/openstack/ceph_install_w_ansible/execs/ceph_ansible.sh b/qa/qa_scripts/openstack/ceph_install_w_ansible/execs/ceph_ansible.sh new file mode 100755 index 000000000..8581de601 --- /dev/null +++ b/qa/qa_scripts/openstack/ceph_install_w_ansible/execs/ceph_ansible.sh @@ -0,0 +1,36 @@ +#! /usr/bin/env bash +cephnodes=$* +monnode=$1 +sudo yum -y install ceph-ansible +cd +sudo ./edit_ansible_hosts.sh $cephnodes +mkdir ceph-ansible-keys +cd /usr/share/ceph-ansible/group_vars/ +if [ -f ~/ip_info ]; then + source ~/ip_info +fi +mon_intf=${mon_intf:-'eno1'} +pub_netw=${pub_netw:-'10.8.128.0\/21'} +sudo cp all.sample all +sudo sed -i 's/#ceph_origin:.*/ceph_origin: distro/' all +sudo sed -i 's/#fetch_directory:.*/fetch_directory: ~\/ceph-ansible-keys/' all +sudo sed -i 's/#ceph_stable:.*/ceph_stable: true/' all +sudo sed -i 's/#ceph_stable_rh_storage:.*/ceph_stable_rh_storage: false/' all +sudo sed -i 's/#ceph_stable_rh_storage_cdn_install:.*/ceph_stable_rh_storage_cdn_install: true/' all +sudo sed -i 's/#cephx:.*/cephx: true/' all +sudo sed -i "s/#monitor_interface:.*/monitor_interface: ${mon_intf}/" all +sudo sed -i 's/#journal_size:.*/journal_size: 1024/' all +sudo sed -i "s/#public_network:.*/public_network: ${pub_netw}/" all +sudo cp osds.sample osds +sudo sed -i 's/#fetch_directory:.*/fetch_directory: ~\/ceph-ansible-keys/' osds +sudo sed -i 's/#crush_location:/crush_location:/' osds +sudo sed -i 's/#osd_crush_location:/osd_crush_location:/' osds +sudo sed -i 's/#cephx:/cephx:/' osds +sudo sed -i 's/#devices:/devices:/' osds +sudo sed -i 's/#journal_collocation:.*/journal_collocation: true/' osds +cd +sudo ./edit_groupvars_osds.sh +cd /usr/share/ceph-ansible +sudo cp site.yml.sample site.yml +ansible-playbook site.yml +ssh $monnode ~/ceph-pool-create.sh diff --git a/qa/qa_scripts/openstack/ceph_install_w_ansible/execs/edit_ansible_hosts.sh b/qa/qa_scripts/openstack/ceph_install_w_ansible/execs/edit_ansible_hosts.sh new file mode 100755 index 000000000..7eb0b7011 --- /dev/null +++ b/qa/qa_scripts/openstack/ceph_install_w_ansible/execs/edit_ansible_hosts.sh @@ -0,0 +1,17 @@ +#! /usr/bin/env bash +ed /etc/ansible/hosts << EOF +$ +a + +[mons] +${1} + +[osds] +${2} +${3} +${4} + +. +w +q +EOF diff --git a/qa/qa_scripts/openstack/ceph_install_w_ansible/execs/edit_groupvars_osds.sh b/qa/qa_scripts/openstack/ceph_install_w_ansible/execs/edit_groupvars_osds.sh new file mode 100755 index 000000000..751658b09 --- /dev/null +++ b/qa/qa_scripts/openstack/ceph_install_w_ansible/execs/edit_groupvars_osds.sh @@ -0,0 +1,13 @@ +#! /usr/bin/env bash +ed /usr/share/ceph-ansible/group_vars/osds << EOF +$ +/^devices: +.+1 +i + - /dev/sdb + - /dev/sdc + - /dev/sdd +. +w +q +EOF diff --git a/qa/qa_scripts/openstack/ceph_install_w_ansible/multi_action.sh b/qa/qa_scripts/openstack/ceph_install_w_ansible/multi_action.sh new file mode 100755 index 000000000..abc368b0a --- /dev/null +++ b/qa/qa_scripts/openstack/ceph_install_w_ansible/multi_action.sh @@ -0,0 +1,19 @@ +#! /usr/bin/env bash +source copy_func.sh +allparms=$* +cmdv=$1 +shift +sites=$* +for mac in $sites; do + echo $cmdv $mac + if [ -f ~/secrets ]; then + copy_file ~/secrets $mac . 0777 ubuntu:ubuntu + fi + copy_file execs/${cmdv} $mac . 0777 ubuntu:ubuntu + ssh $mac ./${cmdv} & +done +./staller.sh $allparms +for mac in $sites; do + ssh $mac sudo rm -rf secrets +done +echo "DONE" diff --git a/qa/qa_scripts/openstack/ceph_install_w_ansible/repolocs.sh b/qa/qa_scripts/openstack/ceph_install_w_ansible/repolocs.sh new file mode 100755 index 000000000..5d82f35d9 --- /dev/null +++ b/qa/qa_scripts/openstack/ceph_install_w_ansible/repolocs.sh @@ -0,0 +1,8 @@ +#! /usr/bin/env bash +SPECIFIC_VERSION=latest-Ceph-2-RHEL-7 +#SPECIFIC_VERSION=Ceph-2-RHEL-7-20160630.t.0 +#SPECIFIC_VERSION=Ceph-2.0-RHEL-7-20160718.t.0 +export CEPH_REPO_TOOLS=http://download.eng.bos.redhat.com/rcm-guest/ceph-drops/auto/ceph-2-rhel-7-compose/${SPECIFIC_VERSION}/compose/Tools/x86_64/os/ +export CEPH_REPO_MON=http://download.eng.bos.redhat.com/rcm-guest/ceph-drops/auto/ceph-2-rhel-7-compose/${SPECIFIC_VERSION}/compose/MON/x86_64/os/ +export CEPH_REPO_OSD=http://download.eng.bos.redhat.com/rcm-guest/ceph-drops/auto/ceph-2-rhel-7-compose/${SPECIFIC_VERSION}/compose/OSD/x86_64/os/ +export INSTALLER_REPO_LOC=http://download.eng.bos.redhat.com/rcm-guest/ceph-drops/auto/rhscon-2-rhel-7-compose/latest-RHSCON-2-RHEL-7/compose/Installer/x86_64/os/ diff --git a/qa/qa_scripts/openstack/ceph_install_w_ansible/staller.sh b/qa/qa_scripts/openstack/ceph_install_w_ansible/staller.sh new file mode 100755 index 000000000..99c00da33 --- /dev/null +++ b/qa/qa_scripts/openstack/ceph_install_w_ansible/staller.sh @@ -0,0 +1,15 @@ +#! /usr/bin/env bash +cmd_wait=$1 +shift +sites=$* +donebit=0 +while [ $donebit -ne 1 ]; do + sleep 10 + donebit=1 + for rem in $sites; do + rval=`ssh $rem ps aux | grep $cmd_wait | wc -l` + if [ $rval -gt 0 ]; then + donebit=0 + fi + done +done diff --git a/qa/qa_scripts/openstack/ceph_install_w_ansible/talknice.sh b/qa/qa_scripts/openstack/ceph_install_w_ansible/talknice.sh new file mode 100755 index 000000000..ffed4f1dc --- /dev/null +++ b/qa/qa_scripts/openstack/ceph_install_w_ansible/talknice.sh @@ -0,0 +1,29 @@ +#!/usr/bin/env bash +declare -A rsapub +for fulln in $*; do + sname=`echo $fulln | sed 's/\..*//'` + nhead=`echo $sname | sed 's/[0-9]*//g'` + x=`ssh $fulln "ls .ssh/id_rsa"` + if [ -z $x ]; then + ssh $fulln "ssh-keygen -N '' -f .ssh/id_rsa"; + fi + xx=`ssh $fulln "ls .ssh/config"` + if [ -z $xx ]; then + scp config $fulln:/home/ubuntu/.ssh/config + fi + ssh $fulln "chown ubuntu:ubuntu .ssh/config" + ssh $fulln "chmod 0600 .ssh/config" + rsapub[$fulln]=`ssh $fulln "cat .ssh/id_rsa.pub"` +done +for ii in $*; do + ssh $ii sudo iptables -F + for jj in $*; do + pval=${rsapub[$jj]} + if [ "$ii" != "$jj" ]; then + xxxx=`ssh $ii "grep $jj .ssh/authorized_keys"` + if [ -z "$xxxx" ]; then + ssh $ii "echo '$pval' | sudo tee -a /home/ubuntu/.ssh/authorized_keys" + fi + fi + done; +done diff --git a/qa/qa_scripts/openstack/connectceph.sh b/qa/qa_scripts/openstack/connectceph.sh new file mode 100755 index 000000000..d975daada --- /dev/null +++ b/qa/qa_scripts/openstack/connectceph.sh @@ -0,0 +1,44 @@ +#!/usr/bin/env bash +# +# Connect openstack node just installed to a ceph cluster. +# +# Essentially implements: +# +# http://docs.ceph.com/en/latest/rbd/rbd-openstack/ +# +# The directory named files contains templates for the /etc/glance/glance-api.conf, +# /etc/cinder/cinder.conf, /etc/nova/nova.conf Openstack files +# +set -fv +source ./copy_func.sh +source ./fix_conf_file.sh +openstack_node=${1} +ceph_node=${2} + +scp $ceph_node:/etc/ceph/ceph.conf ./ceph.conf +ssh $openstack_node sudo mkdir /etc/ceph +copy_file ceph.conf $openstack_node /etc/ceph 0644 +rm -f ceph.conf +ssh $openstack_node sudo yum -y install python-rbd +ssh $openstack_node sudo yum -y install ceph-common +ssh $ceph_node "sudo ceph auth get-or-create client.cinder mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=volumes, allow rwx pool=vms, allow rx pool=images'" +ssh $ceph_node "sudo ceph auth get-or-create client.glance mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=images'" +ssh $ceph_node "sudo ceph auth get-or-create client.cinder-backup mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=backups'" +ssh $ceph_node sudo ceph auth get-or-create client.glance mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=images' +ssh $ceph_node sudo ceph auth get-or-create client.cinder-backup mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=backups' +ssh $ceph_node sudo ceph auth get-or-create client.glance | ssh $openstack_node sudo tee /etc/ceph/ceph.client.glance.keyring +ssh $openstack_node sudo chown glance:glance /etc/ceph/ceph.client.glance.keyring +ssh $ceph_node sudo ceph auth get-or-create client.cinder | ssh $openstack_node sudo tee /etc/ceph/ceph.client.cinder.keyring +ssh $openstack_node sudo chown cinder:cinder /etc/ceph/ceph.client.cinder.keyring +ssh $ceph_node sudo ceph auth get-or-create client.cinder-backup | ssh $openstack_node sudo tee /etc/ceph/ceph.client.cinder-backup.keyring +ssh $openstack_node sudo chown cinder:cinder /etc/ceph/ceph.client.cinder-backup.keyring +ssh $ceph_node sudo ceph auth get-key client.cinder | ssh $openstack_node tee client.cinder.key +copy_file execs/libvirt-secret.sh $openstack_node . +secret_msg=`ssh $openstack_node sudo ./libvirt-secret.sh $openstack_node` +secret_virt=`echo $secret_msg | sed 's/.* set //'` +echo $secret_virt +fix_conf_file $openstack_node glance-api /etc/glance +fix_conf_file $openstack_node cinder /etc/cinder $secret_virt +fix_conf_file $openstack_node nova /etc/nova $secret_virt +copy_file execs/start_openstack.sh $openstack_node . 0755 +ssh $openstack_node ./start_openstack.sh diff --git a/qa/qa_scripts/openstack/copy_func.sh b/qa/qa_scripts/openstack/copy_func.sh new file mode 100755 index 000000000..571980262 --- /dev/null +++ b/qa/qa_scripts/openstack/copy_func.sh @@ -0,0 +1,22 @@ +# +# copy_file(, , , [], [] +# +# copy a file -- this is needed because passwordless ssh does not +# work when sudo'ing. +# -- name of local file to be copied +# -- node where we want the file +# -- location where we want the file on +# -- (optional) permissions on the copied file +# -- (optional) owner of the copied file +# +function copy_file() { + fname=`basename ${1}` + scp ${1} ${2}:/tmp/${fname} + ssh ${2} sudo cp /tmp/${fname} ${3} + if [ $# -gt 3 ]; then + ssh ${2} sudo chmod ${4} ${3}/${fname} + fi + if [ $# -gt 4 ]; then + ssh ${2} sudo chown ${5} ${3}/${fname} + fi +} diff --git a/qa/qa_scripts/openstack/execs/ceph-pool-create.sh b/qa/qa_scripts/openstack/execs/ceph-pool-create.sh new file mode 100755 index 000000000..723c83069 --- /dev/null +++ b/qa/qa_scripts/openstack/execs/ceph-pool-create.sh @@ -0,0 +1,34 @@ +#!/usr/bin/env bash +set -f + +# +# On the ceph site, make the pools required for Openstack +# + +# +# Make a pool, if it does not already exist. +# +function make_pool { + if [[ -z `sudo ceph osd lspools | grep " $1,"` ]]; then + echo "making $1" + sudo ceph osd pool create $1 128 + fi +} + +# +# Make sure the pg_num and pgp_num values are good. +# +count=`sudo ceph osd pool get rbd pg_num | sed 's/pg_num: //'` +while [ $count -lt 128 ]; do + sudo ceph osd pool set rbd pg_num $count + count=`expr $count + 32` + sleep 30 +done +sudo ceph osd pool set rbd pg_num 128 +sleep 30 +sudo ceph osd pool set rbd pgp_num 128 +sleep 30 +make_pool volumes +make_pool images +make_pool backups +make_pool vms diff --git a/qa/qa_scripts/openstack/execs/ceph_cluster.sh b/qa/qa_scripts/openstack/execs/ceph_cluster.sh new file mode 100755 index 000000000..5afb3c787 --- /dev/null +++ b/qa/qa_scripts/openstack/execs/ceph_cluster.sh @@ -0,0 +1,50 @@ +#!/usr/bin/env bash +set -f + +echo $OS_CEPH_ISO +if [[ $# -ne 4 ]]; then + echo "Usage: ceph_cluster mon.0 osd.0 osd.1 osd.2" + exit -1 +fi +allsites=$* +mon=$1 +shift +osds=$* +ISOVAL=${OS_CEPH_ISO-rhceph-1.3.1-rhel-7-x86_64-dvd.iso} +sudo mount -o loop ${ISOVAL} /mnt + +fqdn=`hostname -f` +lsetup=`ls /mnt/Installer | grep "^ice_setup"` +sudo yum -y install /mnt/Installer/${lsetup} +sudo ice_setup -d /mnt << EOF +yes +/mnt +$fqdn +http +EOF +ceph-deploy new ${mon} +ceph-deploy install --repo --release=ceph-mon ${mon} +ceph-deploy install --repo --release=ceph-osd ${allsites} +ceph-deploy install --mon ${mon} +ceph-deploy install --osd ${allsites} +ceph-deploy mon create-initial +sudo service ceph -a start osd +for d in b c d; do + for m in $osds; do + ceph-deploy disk zap ${m}:sd${d} + done + for m in $osds; do + ceph-deploy osd prepare ${m}:sd${d} + done + for m in $osds; do + ceph-deploy osd activate ${m}:sd${d}1:sd${d}2 + done +done + +sudo ./ceph-pool-create.sh + +hchk=`sudo ceph health` +while [[ $hchk != 'HEALTH_OK' ]]; do + sleep 30 + hchk=`sudo ceph health` +done diff --git a/qa/qa_scripts/openstack/execs/libvirt-secret.sh b/qa/qa_scripts/openstack/execs/libvirt-secret.sh new file mode 100755 index 000000000..75e9e91a0 --- /dev/null +++ b/qa/qa_scripts/openstack/execs/libvirt-secret.sh @@ -0,0 +1,19 @@ +#!/usr/bin/env bash +set -f + +# +# Generate a libvirt secret on the Openstack node. +# +openstack_node=${1} +uuid=`uuidgen` +cat > secret.xml < + ${uuid} + + client.cinder secret + + +EOF +sudo virsh secret-define --file secret.xml +sudo virsh secret-set-value --secret ${uuid} --base64 $(cat client.cinder.key) +echo ${uuid} diff --git a/qa/qa_scripts/openstack/execs/openstack-preinstall.sh b/qa/qa_scripts/openstack/execs/openstack-preinstall.sh new file mode 100755 index 000000000..a2b235e76 --- /dev/null +++ b/qa/qa_scripts/openstack/execs/openstack-preinstall.sh @@ -0,0 +1,17 @@ +#!/usr/bin/env bash +set -f + +# +# Remotely setup the stuff needed to run packstack. This should do items 1-4 in +# https://docs.google.com/document/d/1us18KR3LuLyINgGk2rmI-SVj9UksCE7y4C2D_68Aa8o/edit?ts=56a78fcb +# +yum remove -y rhos-release +rpm -ivh http://rhos-release.virt.bos.redhat.com/repos/rhos-release/rhos-release-latest.noarch.rpm +rm -rf /etc/yum.repos.d/* +rm -rf /var/cache/yum/* +rhos-release 8 +yum update -y +yum install -y nc puppet vim screen setroubleshoot crudini bpython openstack-packstack +systemctl disable ntpd +systemctl stop ntpd +reboot diff --git a/qa/qa_scripts/openstack/execs/run_openstack.sh b/qa/qa_scripts/openstack/execs/run_openstack.sh new file mode 100755 index 000000000..8764cbeb6 --- /dev/null +++ b/qa/qa_scripts/openstack/execs/run_openstack.sh @@ -0,0 +1,23 @@ +#!/usr/bin/env bash +set -fv + +# +# Create a glance image, a corresponding cinder volume, a nova instance, attach, the cinder volume to the +# nova instance, and create a backup. +# +image_name=${1}X +file_name=${2-rhel-server-7.2-x86_64-boot.iso} +source ./keystonerc_admin +glance image-create --name $image_name --disk-format iso --container-format bare --file $file_name +glance_id=`glance image-list | grep ${image_name} | sed 's/^| //' | sed 's/ |.*//'` +cinder create --image-id ${glance_id} --display-name ${image_name}-volume 8 +nova boot --image ${image_name} --flavor 1 ${image_name}-inst +cinder_id=`cinder list | grep ${image_name} | sed 's/^| //' | sed 's/ |.*//'` +chkr=`cinder list | grep ${image_name}-volume | grep available` +while [ -z "$chkr" ]; do + sleep 30 + chkr=`cinder list | grep ${image_name}-volume | grep available` +done +nova volume-attach ${image_name}-inst ${cinder_id} auto +sleep 30 +cinder backup-create --name ${image_name}-backup ${image_name}-volume --force diff --git a/qa/qa_scripts/openstack/execs/start_openstack.sh b/qa/qa_scripts/openstack/execs/start_openstack.sh new file mode 100755 index 000000000..f5f12fe50 --- /dev/null +++ b/qa/qa_scripts/openstack/execs/start_openstack.sh @@ -0,0 +1,15 @@ +#!/usr/bin/env bash +set -fv + +# +# start the Openstack services +# +sudo cp /root/keystonerc_admin ./keystonerc_admin +sudo chmod 0644 ./keystonerc_admin +source ./keystonerc_admin +sudo service httpd stop +sudo service openstack-keystone restart +sudo service openstack-glance-api restart +sudo service openstack-nova-compute restart +sudo service openstack-cinder-volume restart +sudo service openstack-cinder-backup restart diff --git a/qa/qa_scripts/openstack/files/cinder.template.conf b/qa/qa_scripts/openstack/files/cinder.template.conf new file mode 100644 index 000000000..807125ac3 --- /dev/null +++ b/qa/qa_scripts/openstack/files/cinder.template.conf @@ -0,0 +1,3481 @@ +[DEFAULT] + +# +# From cinder +# + +# Backup metadata version to be used when backing up volume metadata. If this +# number is bumped, make sure the service doing the restore supports the new +# version. (integer value) +#backup_metadata_version = 2 + +# The number of chunks or objects, for which one Ceilometer notification will +# be sent (integer value) +#backup_object_number_per_notification = 10 + +# Interval, in seconds, between two progress notifications reporting the backup +# status (integer value) +#backup_timer_interval = 120 + +# The maximum number of items that a collection resource returns in a single +# response (integer value) +#osapi_max_limit = 1000 + +# Base URL that will be presented to users in links to the OpenStack Volume API +# (string value) +# Deprecated group/name - [DEFAULT]/osapi_compute_link_prefix +#osapi_volume_base_URL = + +# Ceph configuration file to use. (string value) +#backup_ceph_conf = /etc/ceph/ceph.conf +backup_ceph_conf = /etc/ceph/ceph.conf + +# The Ceph user to connect with. Default here is to use the same user as for +# Cinder volumes. If not using cephx this should be set to None. (string value) +#backup_ceph_user = cinder +backup_ceph_user = cinder-backup + +# The chunk size, in bytes, that a backup is broken into before transfer to the +# Ceph object store. (integer value) +#backup_ceph_chunk_size = 134217728 +backup_ceph_chunk_size = 134217728 + +# The Ceph pool where volume backups are stored. (string value) +#backup_ceph_pool = backups +backup_ceph_pool = backups + +# RBD stripe unit to use when creating a backup image. (integer value) +#backup_ceph_stripe_unit = 0 +backup_ceph_stripe_unit = 0 + +# RBD stripe count to use when creating a backup image. (integer value) +#backup_ceph_stripe_count = 0 +backup_ceph_stripe_count = 0 + +# If True, always discard excess bytes when restoring volumes i.e. pad with +# zeroes. (boolean value) +#restore_discard_excess_bytes = true +restore_discard_excess_bytes = true + +# File with the list of available smbfs shares. (string value) +#smbfs_shares_config = /etc/cinder/smbfs_shares + +# Default format that will be used when creating volumes if no volume format is +# specified. (string value) +# Allowed values: raw, qcow2, vhd, vhdx +#smbfs_default_volume_format = qcow2 + +# Create volumes as sparsed files which take no space rather than regular files +# when using raw format, in which case volume creation takes lot of time. +# (boolean value) +#smbfs_sparsed_volumes = true + +# Percent of ACTUAL usage of the underlying volume before no new volumes can be +# allocated to the volume destination. (floating point value) +#smbfs_used_ratio = 0.95 + +# This will compare the allocated to available space on the volume destination. +# If the ratio exceeds this number, the destination will no longer be valid. +# (floating point value) +#smbfs_oversub_ratio = 1.0 + +# Base dir containing mount points for smbfs shares. (string value) +#smbfs_mount_point_base = $state_path/mnt + +# Mount options passed to the smbfs client. See mount.cifs man page for +# details. (string value) +#smbfs_mount_options = noperm,file_mode=0775,dir_mode=0775 + +# Compression algorithm (None to disable) (string value) +#backup_compression_algorithm = zlib + +# Use thin provisioning for SAN volumes? (boolean value) +#san_thin_provision = true + +# IP address of SAN controller (string value) +#san_ip = + +# Username for SAN controller (string value) +#san_login = admin + +# Password for SAN controller (string value) +#san_password = + +# Filename of private key to use for SSH authentication (string value) +#san_private_key = + +# Cluster name to use for creating volumes (string value) +#san_clustername = + +# SSH port to use with SAN (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#san_ssh_port = 22 + +# Execute commands locally instead of over SSH; use if the volume service is +# running on the SAN device (boolean value) +#san_is_local = false + +# SSH connection timeout in seconds (integer value) +#ssh_conn_timeout = 30 + +# Minimum ssh connections in the pool (integer value) +#ssh_min_pool_conn = 1 + +# Maximum ssh connections in the pool (integer value) +#ssh_max_pool_conn = 5 + +# Configuration file for HDS NFS cinder plugin (string value) +#hds_hnas_nfs_config_file = /opt/hds/hnas/cinder_nfs_conf.xml + +# Global backend request timeout, in seconds. (integer value) +#violin_request_timeout = 300 + +# Option to enable strict host key checking. When set to "True" Cinder will +# only connect to systems with a host key present in the configured +# "ssh_hosts_key_file". When set to "False" the host key will be saved upon +# first connection and used for subsequent connections. Default=False (boolean +# value) +#strict_ssh_host_key_policy = false + +# File containing SSH host keys for the systems with which Cinder needs to +# communicate. OPTIONAL: Default=$state_path/ssh_known_hosts (string value) +#ssh_hosts_key_file = $state_path/ssh_known_hosts + +# The storage family type used on the storage system; valid values are +# ontap_7mode for using Data ONTAP operating in 7-Mode, ontap_cluster for using +# clustered Data ONTAP, or eseries for using E-Series. (string value) +# Allowed values: ontap_7mode, ontap_cluster, eseries +#netapp_storage_family = ontap_cluster + +# The storage protocol to be used on the data path with the storage system. +# (string value) +# Allowed values: iscsi, fc, nfs +#netapp_storage_protocol = + +# The hostname (or IP address) for the storage system or proxy server. (string +# value) +#netapp_server_hostname = + +# The TCP port to use for communication with the storage system or proxy +# server. If not specified, Data ONTAP drivers will use 80 for HTTP and 443 for +# HTTPS; E-Series will use 8080 for HTTP and 8443 for HTTPS. (integer value) +#netapp_server_port = + +# The transport protocol used when communicating with the storage system or +# proxy server. (string value) +# Allowed values: http, https +#netapp_transport_type = http + +# Administrative user account name used to access the storage system or proxy +# server. (string value) +#netapp_login = + +# Password for the administrative user account specified in the netapp_login +# option. (string value) +#netapp_password = + +# This option specifies the virtual storage server (Vserver) name on the +# storage cluster on which provisioning of block storage volumes should occur. +# (string value) +#netapp_vserver = + +# The vFiler unit on which provisioning of block storage volumes will be done. +# This option is only used by the driver when connecting to an instance with a +# storage family of Data ONTAP operating in 7-Mode. Only use this option when +# utilizing the MultiStore feature on the NetApp storage system. (string value) +#netapp_vfiler = + +# The name of the config.conf stanza for a Data ONTAP (7-mode) HA partner. +# This option is only used by the driver when connecting to an instance with a +# storage family of Data ONTAP operating in 7-Mode, and it is required if the +# storage protocol selected is FC. (string value) +#netapp_partner_backend_name = + +# The quantity to be multiplied by the requested volume size to ensure enough +# space is available on the virtual storage server (Vserver) to fulfill the +# volume creation request. Note: this option is deprecated and will be removed +# in favor of "reserved_percentage" in the Mitaka release. (floating point +# value) +#netapp_size_multiplier = 1.2 + +# This option determines if storage space is reserved for LUN allocation. If +# enabled, LUNs are thick provisioned. If space reservation is disabled, +# storage space is allocated on demand. (string value) +# Allowed values: enabled, disabled +#netapp_lun_space_reservation = enabled + +# If the percentage of available space for an NFS share has dropped below the +# value specified by this option, the NFS image cache will be cleaned. (integer +# value) +#thres_avl_size_perc_start = 20 + +# When the percentage of available space on an NFS share has reached the +# percentage specified by this option, the driver will stop clearing files from +# the NFS image cache that have not been accessed in the last M minutes, where +# M is the value of the expiry_thres_minutes configuration option. (integer +# value) +#thres_avl_size_perc_stop = 60 + +# This option specifies the threshold for last access time for images in the +# NFS image cache. When a cache cleaning cycle begins, images in the cache that +# have not been accessed in the last M minutes, where M is the value of this +# parameter, will be deleted from the cache to create free space on the NFS +# share. (integer value) +#expiry_thres_minutes = 720 + +# This option is used to specify the path to the E-Series proxy application on +# a proxy server. The value is combined with the value of the +# netapp_transport_type, netapp_server_hostname, and netapp_server_port options +# to create the URL used by the driver to connect to the proxy application. +# (string value) +#netapp_webservice_path = /devmgr/v2 + +# This option is only utilized when the storage family is configured to +# eseries. This option is used to restrict provisioning to the specified +# controllers. Specify the value of this option to be a comma separated list of +# controller hostnames or IP addresses to be used for provisioning. (string +# value) +#netapp_controller_ips = + +# Password for the NetApp E-Series storage array. (string value) +#netapp_sa_password = + +# This option specifies whether the driver should allow operations that require +# multiple attachments to a volume. An example would be live migration of +# servers that have volumes attached. When enabled, this backend is limited to +# 256 total volumes in order to guarantee volumes can be accessed by more than +# one host. (boolean value) +#netapp_enable_multiattach = false + +# This option specifies the path of the NetApp copy offload tool binary. Ensure +# that the binary has execute permissions set which allow the effective user of +# the cinder-volume process to execute the file. (string value) +#netapp_copyoffload_tool_path = + +# This option defines the type of operating system that will access a LUN +# exported from Data ONTAP; it is assigned to the LUN at the time it is +# created. (string value) +#netapp_lun_ostype = + +# This option defines the type of operating system for all initiators that can +# access a LUN. This information is used when mapping LUNs to individual hosts +# or groups of hosts. (string value) +# Deprecated group/name - [DEFAULT]/netapp_eseries_host_type +#netapp_host_type = + +# This option is used to restrict provisioning to the specified pools. Specify +# the value of this option to be a regular expression which will be applied to +# the names of objects from the storage backend which represent pools in +# Cinder. This option is only utilized when the storage protocol is configured +# to use iSCSI or FC. (string value) +# Deprecated group/name - [DEFAULT]/netapp_volume_list +# Deprecated group/name - [DEFAULT]/netapp_storage_pools +#netapp_pool_name_search_pattern = (.+) + +# Base dir containing mount point for gluster share. (string value) +#glusterfs_backup_mount_point = $state_path/backup_mount + +# GlusterFS share in : format. +# Eg: 1.2.3.4:backup_vol (string value) +#glusterfs_backup_share = + +# Volume prefix for the backup id when backing up to TSM (string value) +#backup_tsm_volume_prefix = backup + +# TSM password for the running username (string value) +#backup_tsm_password = password + +# Enable or Disable compression for backups (boolean value) +#backup_tsm_compression = true + +# Request for FC Zone creating host group (boolean value) +#hpxp_zoning_request = false + +# Type of storage command line interface (string value) +#hpxp_storage_cli = + +# ID of storage system (string value) +#hpxp_storage_id = + +# Pool of storage system (string value) +#hpxp_pool = + +# Thin pool of storage system (string value) +#hpxp_thin_pool = + +# Logical device range of storage system (string value) +#hpxp_ldev_range = + +# Default copy method of storage system. There are two valid values: "FULL" +# specifies that a full copy; "THIN" specifies that a thin copy. Default value +# is "FULL" (string value) +#hpxp_default_copy_method = FULL + +# Copy speed of storage system (integer value) +#hpxp_copy_speed = 3 + +# Interval to check copy (integer value) +#hpxp_copy_check_interval = 3 + +# Interval to check copy asynchronously (integer value) +#hpxp_async_copy_check_interval = 10 + +# Target port names for host group or iSCSI target (list value) +#hpxp_target_ports = + +# Target port names of compute node for host group or iSCSI target (list value) +#hpxp_compute_target_ports = + +# Request for creating host group or iSCSI target (boolean value) +#hpxp_group_request = false + +# Instance numbers for HORCM (list value) +#hpxp_horcm_numbers = 200,201 + +# Username of storage system for HORCM (string value) +#hpxp_horcm_user = + +# Add to HORCM configuration (boolean value) +#hpxp_horcm_add_conf = true + +# Resource group name of storage system for HORCM (string value) +#hpxp_horcm_resource_name = meta_resource + +# Only discover a specific name of host group or iSCSI target (boolean value) +#hpxp_horcm_name_only_discovery = false + +# Storage system storage pool for volumes (string value) +#storwize_svc_volpool_name = volpool + +# Storage system space-efficiency parameter for volumes (percentage) (integer +# value) +# Minimum value: -1 +# Maximum value: 100 +#storwize_svc_vol_rsize = 2 + +# Storage system threshold for volume capacity warnings (percentage) (integer +# value) +# Minimum value: -1 +# Maximum value: 100 +#storwize_svc_vol_warning = 0 + +# Storage system autoexpand parameter for volumes (True/False) (boolean value) +#storwize_svc_vol_autoexpand = true + +# Storage system grain size parameter for volumes (32/64/128/256) (integer +# value) +#storwize_svc_vol_grainsize = 256 + +# Storage system compression option for volumes (boolean value) +#storwize_svc_vol_compression = false + +# Enable Easy Tier for volumes (boolean value) +#storwize_svc_vol_easytier = true + +# The I/O group in which to allocate volumes (integer value) +#storwize_svc_vol_iogrp = 0 + +# Maximum number of seconds to wait for FlashCopy to be prepared. (integer +# value) +# Minimum value: 1 +# Maximum value: 600 +#storwize_svc_flashcopy_timeout = 120 + +# Connection protocol (iSCSI/FC) (string value) +#storwize_svc_connection_protocol = iSCSI + +# Configure CHAP authentication for iSCSI connections (Default: Enabled) +# (boolean value) +#storwize_svc_iscsi_chap_enabled = true + +# Connect with multipath (FC only; iSCSI multipath is controlled by Nova) +# (boolean value) +#storwize_svc_multipath_enabled = false + +# Allows vdisk to multi host mapping (boolean value) +#storwize_svc_multihostmap_enabled = true + +# Indicate whether svc driver is compatible for NPIV setup. If it is +# compatible, it will allow no wwpns being returned on get_conn_fc_wwpns during +# initialize_connection. It should always be set to True. It will be deprecated +# and removed in M release. (boolean value) +#storwize_svc_npiv_compatibility_mode = true + +# Allow tenants to specify QOS on create (boolean value) +#storwize_svc_allow_tenant_qos = false + +# If operating in stretched cluster mode, specify the name of the pool in which +# mirrored copies are stored.Example: "pool2" (string value) +#storwize_svc_stretched_cluster_partner = + +# Driver to use for backups. (string value) +#backup_driver = cinder.backup.drivers.swift +backup_driver = cinder.backup.drivers.ceph + +# Offload pending backup delete during backup service startup. (boolean value) +#backup_service_inithost_offload = false + +# Make exception message format errors fatal. (boolean value) +#fatal_exception_format_errors = false + +# IP address of this host (string value) +#my_ip = 10.16.48.99 + +# Default glance host name or IP (string value) +#glance_host = $my_ip +glance_host = VARINET4ADDR + +# Default glance port (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#glance_port = 9292 + +# A list of the glance API servers available to cinder ([hostname|ip]:port) +# (list value) +#glance_api_servers = $glance_host:$glance_port + +# Version of the glance API to use (integer value) +#glance_api_version = 1 + +# Number retries when downloading an image from glance (integer value) +#glance_num_retries = 0 + +# Allow to perform insecure SSL (https) requests to glance (boolean value) +#glance_api_insecure = false + +# Enables or disables negotiation of SSL layer compression. In some cases +# disabling compression can improve data throughput, such as when high network +# bandwidth is available and you use compressed image formats like qcow2. +# (boolean value) +#glance_api_ssl_compression = false + +# Location of ca certificates file to use for glance client requests. (string +# value) +#glance_ca_certificates_file = + +# http/https timeout value for glance operations. If no value (None) is +# supplied here, the glanceclient default value is used. (integer value) +#glance_request_timeout = + +# The topic that scheduler nodes listen on (string value) +#scheduler_topic = cinder-scheduler + +# The topic that volume nodes listen on (string value) +#volume_topic = cinder-volume + +# The topic that volume backup nodes listen on (string value) +#backup_topic = cinder-backup + +# DEPRECATED: Deploy v1 of the Cinder API. (boolean value) +#enable_v1_api = true +enable_v1_api = True + +# Deploy v2 of the Cinder API. (boolean value) +#enable_v2_api = true +enable_v2_api = True + +# Enables or disables rate limit of the API. (boolean value) +#api_rate_limit = true + +# Specify list of extensions to load when using osapi_volume_extension option +# with cinder.api.contrib.select_extensions (list value) +#osapi_volume_ext_list = + +# osapi volume extension to load (multi valued) +#osapi_volume_extension = cinder.api.contrib.standard_extensions + +# Full class name for the Manager for volume (string value) +#volume_manager = cinder.volume.manager.VolumeManager + +# Full class name for the Manager for volume backup (string value) +#backup_manager = cinder.backup.manager.BackupManager + +# Full class name for the Manager for scheduler (string value) +#scheduler_manager = cinder.scheduler.manager.SchedulerManager + +# Name of this node. This can be an opaque identifier. It is not necessarily a +# host name, FQDN, or IP address. (string value) +#host = x86-024.build.eng.bos.redhat.com +host = VARHOSTNAME + +# Availability zone of this node (string value) +#storage_availability_zone = nova +storage_availability_zone = nova + +# Default availability zone for new volumes. If not set, the +# storage_availability_zone option value is used as the default for new +# volumes. (string value) +#default_availability_zone = +default_availability_zone = nova + +# If the requested Cinder availability zone is unavailable, fall back to the +# value of default_availability_zone, then storage_availability_zone, instead +# of failing. (boolean value) +#allow_availability_zone_fallback = false + +# Default volume type to use (string value) +#default_volume_type = + +# Time period for which to generate volume usages. The options are hour, day, +# month, or year. (string value) +#volume_usage_audit_period = month + +# Path to the rootwrap configuration file to use for running commands as root +# (string value) +#rootwrap_config = /etc/cinder/rootwrap.conf + +# Enable monkey patching (boolean value) +#monkey_patch = false + +# List of modules/decorators to monkey patch (list value) +#monkey_patch_modules = + +# Maximum time since last check-in for a service to be considered up (integer +# value) +#service_down_time = 60 + +# The full class name of the volume API class to use (string value) +#volume_api_class = cinder.volume.api.API + +# The full class name of the volume backup API class (string value) +#backup_api_class = cinder.backup.api.API + +# The strategy to use for auth. Supports noauth, keystone, and deprecated. +# (string value) +# Allowed values: noauth, keystone, deprecated +#auth_strategy = keystone +auth_strategy = keystone + +# A list of backend names to use. These backend names should be backed by a +# unique [CONFIG] group with its options (list value) +#enabled_backends = +enabled_backends = ceph + +# Whether snapshots count against gigabyte quota (boolean value) +#no_snapshot_gb_quota = false + +# The full class name of the volume transfer API class (string value) +#transfer_api_class = cinder.transfer.api.API + +# The full class name of the volume replication API class (string value) +#replication_api_class = cinder.replication.api.API + +# The full class name of the consistencygroup API class (string value) +#consistencygroup_api_class = cinder.consistencygroup.api.API + +# OpenStack privileged account username. Used for requests to other services +# (such as Nova) that require an account with special rights. (string value) +#os_privileged_user_name = + +# Password associated with the OpenStack privileged account. (string value) +#os_privileged_user_password = + +# Tenant name associated with the OpenStack privileged account. (string value) +#os_privileged_user_tenant = + +# Auth URL associated with the OpenStack privileged account. (string value) +#os_privileged_user_auth_url = + +# Multiplier used for weighing volume capacity. Negative numbers mean to stack +# vs spread. (floating point value) +#capacity_weight_multiplier = 1.0 + +# Multiplier used for weighing volume capacity. Negative numbers mean to stack +# vs spread. (floating point value) +#allocated_capacity_weight_multiplier = -1.0 + +# IP address of sheep daemon. (string value) +#sheepdog_store_address = 127.0.0.1 + +# Port of sheep daemon. (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#sheepdog_store_port = 7000 + +# Specifies the path of the GPFS directory where Block Storage volume and +# snapshot files are stored. (string value) +#gpfs_mount_point_base = + +# Specifies the path of the Image service repository in GPFS. Leave undefined +# if not storing images in GPFS. (string value) +#gpfs_images_dir = + +# Specifies the type of image copy to be used. Set this when the Image service +# repository also uses GPFS so that image files can be transferred efficiently +# from the Image service to the Block Storage service. There are two valid +# values: "copy" specifies that a full copy of the image is made; +# "copy_on_write" specifies that copy-on-write optimization strategy is used +# and unmodified blocks of the image file are shared efficiently. (string +# value) +# Allowed values: copy, copy_on_write, +#gpfs_images_share_mode = + +# Specifies an upper limit on the number of indirections required to reach a +# specific block due to snapshots or clones. A lengthy chain of copy-on-write +# snapshots or clones can have a negative impact on performance, but improves +# space utilization. 0 indicates unlimited clone depth. (integer value) +#gpfs_max_clone_depth = 0 + +# Specifies that volumes are created as sparse files which initially consume no +# space. If set to False, the volume is created as a fully allocated file, in +# which case, creation may take a significantly longer time. (boolean value) +#gpfs_sparse_volumes = true + +# Specifies the storage pool that volumes are assigned to. By default, the +# system storage pool is used. (string value) +#gpfs_storage_pool = system + +# Set 512 byte emulation on volume creation; (boolean value) +#sf_emulate_512 = true + +# Allow tenants to specify QOS on create (boolean value) +#sf_allow_tenant_qos = false + +# Create SolidFire accounts with this prefix. Any string can be used here, but +# the string "hostname" is special and will create a prefix using the cinder +# node hostname (previous default behavior). The default is NO prefix. (string +# value) +#sf_account_prefix = + +# Account name on the SolidFire Cluster to use as owner of template/cache +# volumes (created if does not exist). (string value) +#sf_template_account_name = openstack-vtemplate + +# Create an internal cache of copy of images when a bootable volume is created +# to eliminate fetch from glance and qemu-conversion on subsequent calls. +# (boolean value) +#sf_allow_template_caching = true + +# Overrides default cluster SVIP with the one specified. This is required or +# deployments that have implemented the use of VLANs for iSCSI networks in +# their cloud. (string value) +#sf_svip = + +# Create an internal mapping of volume IDs and account. Optimizes lookups and +# performance at the expense of memory, very large deployments may want to +# consider setting to False. (boolean value) +#sf_enable_volume_mapping = true + +# SolidFire API port. Useful if the device api is behind a proxy on a different +# port. (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#sf_api_port = 443 + +# IBMNAS platform type to be used as backend storage; valid values are - v7ku : +# for using IBM Storwize V7000 Unified, sonas : for using IBM Scale Out NAS, +# gpfs-nas : for using NFS based IBM GPFS deployments. (string value) +# Allowed values: v7ku, sonas, gpfs-nas +#ibmnas_platform_type = v7ku + +# The URL of the Swift endpoint (string value) +#backup_swift_url = +backup_swift_url = http://VARINET4ADDR:8080/v1/AUTH_ + +# Info to match when looking for swift in the service catalog. Format is: +# separated values of the form: :: - +# Only used if backup_swift_url is unset (string value) +#swift_catalog_info = object-store:swift:publicURL + +# Swift authentication mechanism (string value) +#backup_swift_auth = per_user + +# Swift authentication version. Specify "1" for auth 1.0, or "2" for auth 2.0 +# (string value) +#backup_swift_auth_version = 1 + +# Swift tenant/account name. Required when connecting to an auth 2.0 system +# (string value) +#backup_swift_tenant = + +# Swift user name (string value) +#backup_swift_user = + +# Swift key for authentication (string value) +#backup_swift_key = + +# The default Swift container to use (string value) +#backup_swift_container = volumebackups +backup_swift_container = volumes_backup + +# The size in bytes of Swift backup objects (integer value) +#backup_swift_object_size = 52428800 + +# The size in bytes that changes are tracked for incremental backups. +# backup_swift_object_size has to be multiple of backup_swift_block_size. +# (integer value) +#backup_swift_block_size = 32768 + +# The number of retries to make for Swift operations (integer value) +#backup_swift_retry_attempts = 3 + +# The backoff time in seconds between Swift retries (integer value) +#backup_swift_retry_backoff = 2 + +# Enable or Disable the timer to send the periodic progress notifications to +# Ceilometer when backing up the volume to the Swift backend storage. The +# default value is True to enable the timer. (boolean value) +#backup_swift_enable_progress_timer = true + +# Location of the CA certificate file to use for swift client requests. (string +# value) +#backup_swift_ca_cert_file = + +# These values will be used for CloudByte storage's addQos API call. (dict +# value) +#cb_add_qosgroup = graceallowed:false,iops:10,iopscontrol:true,latency:15,memlimit:0,networkspeed:0,throughput:0,tpcontrol:false + +# These values will be used for CloudByte storage's createVolume API call. +# (dict value) +#cb_create_volume = blocklength:512B,compression:off,deduplication:off,protocoltype:ISCSI,recordsize:16k,sync:always + +# Driver will use this API key to authenticate against the CloudByte storage's +# management interface. (string value) +#cb_apikey = + +# CloudByte storage specific account name. This maps to a project name in +# OpenStack. (string value) +#cb_account_name = + +# This corresponds to the name of Tenant Storage Machine (TSM) in CloudByte +# storage. A volume will be created in this TSM. (string value) +#cb_tsm_name = + +# A retry value in seconds. Will be used by the driver to check if volume +# creation was successful in CloudByte storage. (integer value) +#cb_confirm_volume_create_retry_interval = 5 + +# Will confirm a successful volume creation in CloudByte storage by making this +# many number of attempts. (integer value) +#cb_confirm_volume_create_retries = 3 + +# A retry value in seconds. Will be used by the driver to check if volume +# deletion was successful in CloudByte storage. (integer value) +#cb_confirm_volume_delete_retry_interval = 5 + +# Will confirm a successful volume deletion in CloudByte storage by making this +# many number of attempts. (integer value) +#cb_confirm_volume_delete_retries = 3 + +# This corresponds to the discovery authentication group in CloudByte storage. +# Chap users are added to this group. Driver uses the first user found for this +# group. Default value is None. (string value) +#cb_auth_group = None + +# Interval, in seconds, between nodes reporting state to datastore (integer +# value) +#report_interval = 10 + +# Interval, in seconds, between running periodic tasks (integer value) +#periodic_interval = 60 + +# Range, in seconds, to randomly delay when starting the periodic task +# scheduler to reduce stampeding. (Disable by setting to 0) (integer value) +#periodic_fuzzy_delay = 60 + +# IP address on which OpenStack Volume API listens (string value) +#osapi_volume_listen = 0.0.0.0 +osapi_volume_listen = 0.0.0.0 + +# Port on which OpenStack Volume API listens (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#osapi_volume_listen_port = 8776 + +# Number of workers for OpenStack Volume API service. The default is equal to +# the number of CPUs available. (integer value) +#osapi_volume_workers = +osapi_volume_workers = 12 + +# The full class name of the compute API class to use (string value) +#compute_api_class = cinder.compute.nova.API + +# Number of nodes that should replicate the data. (string value) +#drbdmanage_redundancy = 1 + +# Pool or Vdisk name to use for volume creation. (string value) +#dothill_backend_name = A + +# linear (for Vdisk) or virtual (for Pool). (string value) +# Allowed values: linear, virtual +#dothill_backend_type = virtual + +# DotHill API interface protocol. (string value) +# Allowed values: http, https +#dothill_api_protocol = https + +# Whether to verify DotHill array SSL certificate. (boolean value) +#dothill_verify_certificate = false + +# DotHill array SSL certificate path. (string value) +#dothill_verify_certificate_path = + +# List of comma-separated target iSCSI IP addresses. (list value) +#dothill_iscsi_ips = + +# File with the list of available gluster shares (string value) +#glusterfs_shares_config = /etc/cinder/glusterfs_shares + +# Base dir containing mount points for gluster shares. (string value) +#glusterfs_mount_point_base = $state_path/mnt + +# REST API authorization token. (string value) +#pure_api_token = + +# ID of the project which will be used as the Cinder internal tenant. (string +# value) +#cinder_internal_tenant_project_id = + +# ID of the user to be used in volume operations as the Cinder internal tenant. +# (string value) +#cinder_internal_tenant_user_id = + +# The scheduler host manager class to use (string value) +#scheduler_host_manager = cinder.scheduler.host_manager.HostManager + +# Maximum number of attempts to schedule an volume (integer value) +#scheduler_max_attempts = 3 + +# Path or URL to Scality SOFS configuration file (string value) +#scality_sofs_config = + +# Base dir where Scality SOFS shall be mounted (string value) +#scality_sofs_mount_point = $state_path/scality + +# Path from Scality SOFS root to volume dir (string value) +#scality_sofs_volume_dir = cinder/volumes + +# VNX authentication scope type. (string value) +#storage_vnx_authentication_type = global + +# Directory path that contains the VNX security file. Make sure the security +# file is generated first. (string value) +#storage_vnx_security_file_dir = + +# Naviseccli Path. (string value) +#naviseccli_path = + +# Comma-separated list of storage pool names to be used. (string value) +# Deprecated group/name - [DEFAULT]/storage_vnx_pool_name +#storage_vnx_pool_names = + +# VNX secondary SP IP Address. (string value) +#san_secondary_ip = + +# Default timeout for CLI operations in minutes. For example, LUN migration is +# a typical long running operation, which depends on the LUN size and the load +# of the array. An upper bound in the specific deployment can be set to avoid +# unnecessary long wait. By default, it is 365 days long. (integer value) +#default_timeout = 525600 + +# Default max number of LUNs in a storage group. By default, the value is 255. +# (integer value) +#max_luns_per_storage_group = 255 + +# To destroy storage group when the last LUN is removed from it. By default, +# the value is False. (boolean value) +#destroy_empty_storage_group = false + +# Mapping between hostname and its iSCSI initiator IP addresses. (string value) +#iscsi_initiators = + +# Comma separated iSCSI or FC ports to be used in Nova or Cinder. (string +# value) +#io_port_list = * + +# Automatically register initiators. By default, the value is False. (boolean +# value) +#initiator_auto_registration = false + +# Automatically deregister initiators after the related storage group is +# destroyed. By default, the value is False. (boolean value) +#initiator_auto_deregistration = false + +# Report free_capacity_gb as 0 when the limit to maximum number of pool LUNs is +# reached. By default, the value is False. (boolean value) +#check_max_pool_luns_threshold = false + +# Delete a LUN even if it is in Storage Groups. (boolean value) +#force_delete_lun_in_storagegroup = false + +# Force LUN creation even if the full threshold of pool is reached. (boolean +# value) +#ignore_pool_full_threshold = false + +# IP address for connecting to VMware ESX/vCenter server. (string value) +#vmware_host_ip = + +# Username for authenticating with VMware ESX/vCenter server. (string value) +#vmware_host_username = + +# Password for authenticating with VMware ESX/vCenter server. (string value) +#vmware_host_password = + +# Optional VIM service WSDL Location e.g http:///vimService.wsdl. +# Optional over-ride to default location for bug work-arounds. (string value) +#vmware_wsdl_location = + +# Number of times VMware ESX/vCenter server API must be retried upon connection +# related issues. (integer value) +#vmware_api_retry_count = 10 + +# The interval (in seconds) for polling remote tasks invoked on VMware +# ESX/vCenter server. (floating point value) +#vmware_task_poll_interval = 0.5 + +# Name of the vCenter inventory folder that will contain Cinder volumes. This +# folder will be created under "OpenStack/", where +# project_folder is of format "Project ()". (string value) +#vmware_volume_folder = Volumes + +# Timeout in seconds for VMDK volume transfer between Cinder and Glance. +# (integer value) +#vmware_image_transfer_timeout_secs = 7200 + +# Max number of objects to be retrieved per batch. Query results will be +# obtained in batches from the server and not in one shot. Server may still +# limit the count to something less than the configured value. (integer value) +#vmware_max_objects_retrieval = 100 + +# Optional string specifying the VMware vCenter server version. The driver +# attempts to retrieve the version from VMware vCenter server. Set this +# configuration only if you want to override the vCenter server version. +# (string value) +#vmware_host_version = + +# Directory where virtual disks are stored during volume backup and restore. +# (string value) +#vmware_tmp_dir = /tmp + +# CA bundle file to use in verifying the vCenter server certificate. (string +# value) +#vmware_ca_file = + +# If true, the vCenter server certificate is not verified. If false, then the +# default CA truststore is used for verification. This option is ignored if +# "vmware_ca_file" is set. (boolean value) +#vmware_insecure = false + +# Name of a vCenter compute cluster where volumes should be created. (multi +# valued) +#vmware_cluster_name = + +# Pool or Vdisk name to use for volume creation. (string value) +#lenovo_backend_name = A + +# linear (for VDisk) or virtual (for Pool). (string value) +# Allowed values: linear, virtual +#lenovo_backend_type = virtual + +# Lenovo api interface protocol. (string value) +# Allowed values: http, https +#lenovo_api_protocol = https + +# Whether to verify Lenovo array SSL certificate. (boolean value) +#lenovo_verify_certificate = false + +# Lenovo array SSL certificate path. (string value) +#lenovo_verify_certificate_path = + +# List of comma-separated target iSCSI IP addresses. (list value) +#lenovo_iscsi_ips = + +# The maximum size in bytes of the files used to hold backups. If the volume +# being backed up exceeds this size, then it will be backed up into multiple +# files.backup_file_size must be a multiple of backup_sha_block_size_bytes. +# (integer value) +#backup_file_size = 1999994880 + +# The size in bytes that changes are tracked for incremental backups. +# backup_file_size has to be multiple of backup_sha_block_size_bytes. (integer +# value) +#backup_sha_block_size_bytes = 32768 + +# Enable or Disable the timer to send the periodic progress notifications to +# Ceilometer when backing up the volume to the backend storage. The default +# value is True to enable the timer. (boolean value) +#backup_enable_progress_timer = true + +# Path specifying where to store backups. (string value) +#backup_posix_path = $state_path/backup + +# Custom directory to use for backups. (string value) +#backup_container = + +# REST server port. (string value) +#sio_rest_server_port = 443 + +# Whether to verify server certificate. (boolean value) +#sio_verify_server_certificate = false + +# Server certificate path. (string value) +#sio_server_certificate_path = + +# Whether to round volume capacity. (boolean value) +#sio_round_volume_capacity = true + +# Whether to allow force delete. (boolean value) +#sio_force_delete = false + +# Whether to unmap volume before deletion. (boolean value) +#sio_unmap_volume_before_deletion = false + +# Protection domain id. (string value) +#sio_protection_domain_id = + +# Protection domain name. (string value) +#sio_protection_domain_name = + +# Storage pools. (string value) +#sio_storage_pools = + +# Storage pool name. (string value) +#sio_storage_pool_name = + +# Storage pool id. (string value) +#sio_storage_pool_id = + +# Group name to use for creating volumes. Defaults to "group-0". (string value) +#eqlx_group_name = group-0 + +# Timeout for the Group Manager cli command execution. Default is 30. Note that +# this option is deprecated in favour of "ssh_conn_timeout" as specified in +# cinder/volume/drivers/san/san.py and will be removed in M release. (integer +# value) +#eqlx_cli_timeout = 30 + +# Maximum retry count for reconnection. Default is 5. (integer value) +#eqlx_cli_max_retries = 5 + +# Use CHAP authentication for targets. Note that this option is deprecated in +# favour of "use_chap_auth" as specified in cinder/volume/driver.py and will be +# removed in next release. (boolean value) +#eqlx_use_chap = false + +# Existing CHAP account name. Note that this option is deprecated in favour of +# "chap_username" as specified in cinder/volume/driver.py and will be removed +# in next release. (string value) +#eqlx_chap_login = admin + +# Password for specified CHAP account name. Note that this option is deprecated +# in favour of "chap_password" as specified in cinder/volume/driver.py and will +# be removed in the next release (string value) +#eqlx_chap_password = password + +# Pool in which volumes will be created. Defaults to "default". (string value) +#eqlx_pool = default + +# The number of characters in the salt. (integer value) +#volume_transfer_salt_length = 8 + +# The number of characters in the autogenerated auth key. (integer value) +#volume_transfer_key_length = 16 + +# Services to be added to the available pool on create (boolean value) +#enable_new_services = true + +# Template string to be used to generate volume names (string value) +#volume_name_template = volume-%s + +# Template string to be used to generate snapshot names (string value) +#snapshot_name_template = snapshot-%s + +# Template string to be used to generate backup names (string value) +#backup_name_template = backup-%s + +# Multiplier used for weighing volume number. Negative numbers mean to spread +# vs stack. (floating point value) +#volume_number_multiplier = -1.0 + +# Default storage pool for volumes. (integer value) +#ise_storage_pool = 1 + +# Raid level for ISE volumes. (integer value) +#ise_raid = 1 + +# Number of retries (per port) when establishing connection to ISE management +# port. (integer value) +#ise_connection_retries = 5 + +# Interval (secs) between retries. (integer value) +#ise_retry_interval = 1 + +# Number on retries to get completion status after issuing a command to ISE. +# (integer value) +#ise_completion_retries = 30 + +# Storage pool name. (string value) +#zfssa_pool = + +# Project name. (string value) +#zfssa_project = + +# Block size. (string value) +# Allowed values: 512, 1k, 2k, 4k, 8k, 16k, 32k, 64k, 128k +#zfssa_lun_volblocksize = 8k + +# Flag to enable sparse (thin-provisioned): True, False. (boolean value) +#zfssa_lun_sparse = false + +# Data compression. (string value) +# Allowed values: off, lzjb, gzip-2, gzip, gzip-9 +#zfssa_lun_compression = off + +# Synchronous write bias. (string value) +# Allowed values: latency, throughput +#zfssa_lun_logbias = latency + +# iSCSI initiator group. (string value) +#zfssa_initiator_group = + +# iSCSI initiator IQNs. (comma separated) (string value) +#zfssa_initiator = + +# iSCSI initiator CHAP user (name). (string value) +#zfssa_initiator_user = + +# Secret of the iSCSI initiator CHAP user. (string value) +#zfssa_initiator_password = + +# iSCSI initiators configuration. (string value) +#zfssa_initiator_config = + +# iSCSI target group name. (string value) +#zfssa_target_group = tgt-grp + +# iSCSI target CHAP user (name). (string value) +#zfssa_target_user = + +# Secret of the iSCSI target CHAP user. (string value) +#zfssa_target_password = + +# iSCSI target portal (Data-IP:Port, w.x.y.z:3260). (string value) +#zfssa_target_portal = + +# Network interfaces of iSCSI targets. (comma separated) (string value) +#zfssa_target_interfaces = + +# REST connection timeout. (seconds) (integer value) +#zfssa_rest_timeout = + +# IP address used for replication data. (maybe the same as data ip) (string +# value) +#zfssa_replication_ip = + +# Flag to enable local caching: True, False. (boolean value) +#zfssa_enable_local_cache = true + +# Name of ZFSSA project where cache volumes are stored. (string value) +#zfssa_cache_project = os-cinder-cache + +# Sets the value of TCP_KEEPALIVE (True/False) for each server socket. (boolean +# value) +#tcp_keepalive = true + +# Sets the value of TCP_KEEPIDLE in seconds for each server socket. Not +# supported on OS X. (integer value) +#tcp_keepidle = 600 + +# Sets the value of TCP_KEEPINTVL in seconds for each server socket. Not +# supported on OS X. (integer value) +#tcp_keepalive_interval = + +# Sets the value of TCP_KEEPCNT for each server socket. Not supported on OS X. +# (integer value) +#tcp_keepalive_count = + +# CA certificate file to use to verify connecting clients (string value) +#ssl_ca_file = + +# Certificate file to use when starting the server securely (string value) +#ssl_cert_file = + +# Private key file to use when starting the server securely (string value) +#ssl_key_file = + +# Maximum line size of message headers to be accepted. max_header_line may need +# to be increased when using large tokens (typically those generated by the +# Keystone v3 API with big service catalogs). (integer value) +#max_header_line = 16384 + +# Timeout for client connections' socket operations. If an incoming connection +# is idle for this number of seconds it will be closed. A value of '0' means +# wait forever. (integer value) +#client_socket_timeout = 900 + +# If False, closes the client socket connection explicitly. Setting it to True +# to maintain backward compatibility. Recommended setting is set it to False. +# (boolean value) +#wsgi_keep_alive = true + +# Number of times to attempt to run flakey shell commands (integer value) +#num_shell_tries = 3 + +# The percentage of backend capacity is reserved (integer value) +# Maximum value: 100 +#reserved_percentage = 0 + +# Prefix for iSCSI volumes (string value) +#iscsi_target_prefix = iqn.2010-10.org.openstack: + +# The IP address that the iSCSI daemon is listening on (string value) +#iscsi_ip_address = $my_ip + +# The list of secondary IP addresses of the iSCSI daemon (list value) +#iscsi_secondary_ip_addresses = + +# The port that the iSCSI daemon is listening on (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#iscsi_port = 3260 + +# The maximum number of times to rescan targets to find volume (integer value) +#num_volume_device_scan_tries = 3 + +# The backend name for a given driver implementation (string value) +#volume_backend_name = + +# Do we attach/detach volumes in cinder using multipath for volume to image and +# image to volume transfers? (boolean value) +#use_multipath_for_image_xfer = false + +# If this is set to True, attachment of volumes for image transfer will be +# aborted when multipathd is not running. Otherwise, it will fallback to single +# path. (boolean value) +#enforce_multipath_for_image_xfer = false + +# Method used to wipe old volumes (string value) +# Allowed values: none, zero, shred +#volume_clear = zero + +# Size in MiB to wipe at start of old volumes. 0 => all (integer value) +#volume_clear_size = 0 + +# The flag to pass to ionice to alter the i/o priority of the process used to +# zero a volume after deletion, for example "-c3" for idle only priority. +# (string value) +#volume_clear_ionice = + +# iSCSI target user-land tool to use. tgtadm is default, use lioadm for LIO +# iSCSI support, scstadmin for SCST target support, iseradm for the ISER +# protocol, ietadm for iSCSI Enterprise Target, iscsictl for Chelsio iSCSI +# Target or fake for testing. (string value) +# Allowed values: tgtadm, lioadm, scstadmin, iseradm, iscsictl, ietadm, fake +#iscsi_helper = tgtadm + +# Volume configuration file storage directory (string value) +#volumes_dir = $state_path/volumes + +# IET configuration file (string value) +#iet_conf = /etc/iet/ietd.conf + +# Chiscsi (CXT) global defaults configuration file (string value) +#chiscsi_conf = /etc/chelsio-iscsi/chiscsi.conf + +# Sets the behavior of the iSCSI target to either perform blockio or fileio +# optionally, auto can be set and Cinder will autodetect type of backing device +# (string value) +# Allowed values: blockio, fileio, auto +#iscsi_iotype = fileio + +# The default block size used when copying/clearing volumes (string value) +#volume_dd_blocksize = 1M + +# The blkio cgroup name to be used to limit bandwidth of volume copy (string +# value) +#volume_copy_blkio_cgroup_name = cinder-volume-copy + +# The upper limit of bandwidth of volume copy. 0 => unlimited (integer value) +#volume_copy_bps_limit = 0 + +# Sets the behavior of the iSCSI target to either perform write-back(on) or +# write-through(off). This parameter is valid if iscsi_helper is set to tgtadm +# or iseradm. (string value) +# Allowed values: on, off +#iscsi_write_cache = on + +# Sets the target-specific flags for the iSCSI target. Only used for tgtadm to +# specify backing device flags using bsoflags option. The specified string is +# passed as is to the underlying tool. (string value) +#iscsi_target_flags = + +# Determines the iSCSI protocol for new iSCSI volumes, created with tgtadm or +# lioadm target helpers. In order to enable RDMA, this parameter should be set +# with the value "iser". The supported iSCSI protocol values are "iscsi" and +# "iser". (string value) +# Allowed values: iscsi, iser +#iscsi_protocol = iscsi + +# The path to the client certificate key for verification, if the driver +# supports it. (string value) +#driver_client_cert_key = + +# The path to the client certificate for verification, if the driver supports +# it. (string value) +#driver_client_cert = + +# Tell driver to use SSL for connection to backend storage if the driver +# supports it. (boolean value) +#driver_use_ssl = false + +# Float representation of the over subscription ratio when thin provisioning is +# involved. Default ratio is 20.0, meaning provisioned capacity can be 20 times +# of the total physical capacity. If the ratio is 10.5, it means provisioned +# capacity can be 10.5 times of the total physical capacity. A ratio of 1.0 +# means provisioned capacity cannot exceed the total physical capacity. A ratio +# lower than 1.0 will be ignored and the default value will be used instead. +# (floating point value) +#max_over_subscription_ratio = 20.0 + +# Certain ISCSI targets have predefined target names, SCST target driver uses +# this name. (string value) +#scst_target_iqn_name = + +# SCST target implementation can choose from multiple SCST target drivers. +# (string value) +#scst_target_driver = iscsi + +# Option to enable/disable CHAP authentication for targets. (boolean value) +# Deprecated group/name - [DEFAULT]/eqlx_use_chap +#use_chap_auth = false + +# CHAP user name. (string value) +# Deprecated group/name - [DEFAULT]/eqlx_chap_login +#chap_username = + +# Password for specified CHAP account name. (string value) +# Deprecated group/name - [DEFAULT]/eqlx_chap_password +#chap_password = + +# Namespace for driver private data values to be saved in. (string value) +#driver_data_namespace = + +# String representation for an equation that will be used to filter hosts. Only +# used when the driver filter is set to be used by the Cinder scheduler. +# (string value) +#filter_function = + +# String representation for an equation that will be used to determine the +# goodness of a host. Only used when using the goodness weigher is set to be +# used by the Cinder scheduler. (string value) +#goodness_function = + +# If set to True the http client will validate the SSL certificate of the +# backend endpoint. (boolean value) +#driver_ssl_cert_verify = false + +# List of options that control which trace info is written to the DEBUG log +# level to assist developers. Valid values are method and api. (list value) +#trace_flags = + +# There are two types of target configurations managed (replicate to another +# configured backend) or unmanaged (replicate to a device not managed by +# Cinder). (boolean value) +#managed_replication_target = true + +# List of k/v pairs representing a replication target for this backend device. +# For unmanaged the format is: {'key-1'='val1' 'key-2'='val2'...},{...} and for +# managed devices its simply a list of valid configured backend_names that the +# driver supports replicating to: backend-a,bakcend-b... (list value) +#replication_devices = + +# If set to True, upload-to-image in raw format will create a cloned volume and +# register its location to the image service, instead of uploading the volume +# content. The cinder backend and locations support must be enabled in the +# image service, and glance_api_version must be set to 2. (boolean value) +#image_upload_use_cinder_backend = false + +# If set to True, the image volume created by upload-to-image will be placed in +# the internal tenant. Otherwise, the image volume is created in the current +# context's tenant. (boolean value) +#image_upload_use_internal_tenant = false + +# Enable the image volume cache for this backend. (boolean value) +#image_volume_cache_enabled = false + +# Max size of the image volume cache for this backend in GB. 0 => unlimited. +# (integer value) +#image_volume_cache_max_size_gb = 0 + +# Max number of entries allowed in the image volume cache. 0 => unlimited. +# (integer value) +#image_volume_cache_max_count = 0 + +# The maximum number of times to rescan iSER targetto find volume (integer +# value) +#num_iser_scan_tries = 3 + +# Prefix for iSER volumes (string value) +#iser_target_prefix = iqn.2010-10.org.openstack: + +# The IP address that the iSER daemon is listening on (string value) +#iser_ip_address = $my_ip + +# The port that the iSER daemon is listening on (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#iser_port = 3260 + +# The name of the iSER target user-land tool to use (string value) +#iser_helper = tgtadm + +# Public url to use for versions endpoint. The default is None, which will use +# the request's host_url attribute to populate the URL base. If Cinder is +# operating behind a proxy, you will want to change this to represent the +# proxy's URL. (string value) +#public_endpoint = + +# Nimble Controller pool name (string value) +#nimble_pool_name = default + +# Nimble Subnet Label (string value) +#nimble_subnet_label = * + +# Path to store VHD backed volumes (string value) +#windows_iscsi_lun_path = C:\iSCSIVirtualDisks + +# Pool or Vdisk name to use for volume creation. (string value) +#hpmsa_backend_name = A + +# linear (for Vdisk) or virtual (for Pool). (string value) +# Allowed values: linear, virtual +#hpmsa_backend_type = virtual + +# HPMSA API interface protocol. (string value) +# Allowed values: http, https +#hpmsa_api_protocol = https + +# Whether to verify HPMSA array SSL certificate. (boolean value) +#hpmsa_verify_certificate = false + +# HPMSA array SSL certificate path. (string value) +#hpmsa_verify_certificate_path = + +# List of comma-separated target iSCSI IP addresses. (list value) +#hpmsa_iscsi_ips = + +# A list of url schemes that can be downloaded directly via the direct_url. +# Currently supported schemes: [file]. (list value) +#allowed_direct_url_schemes = + +# Default core properties of image (list value) +#glance_core_properties = checksum,container_format,disk_format,image_name,image_id,min_disk,min_ram,name,size + +# Name for the VG that will contain exported volumes (string value) +#volume_group = cinder-volumes + +# If >0, create LVs with multiple mirrors. Note that this requires lvm_mirrors +# + 2 PVs with available space (integer value) +#lvm_mirrors = 0 + +# Type of LVM volumes to deploy; (default, thin, or auto). Auto defaults to +# thin if thin is supported. (string value) +# Allowed values: default, thin, auto +#lvm_type = default + +# LVM conf file to use for the LVM driver in Cinder; this setting is ignored if +# the specified file does not exist (You can also specify 'None' to not use a +# conf file even if one exists). (string value) +#lvm_conf_file = /etc/cinder/lvm.conf + +# use this file for cinder emc plugin config data (string value) +#cinder_emc_config_file = /etc/cinder/cinder_emc_config.xml + +# IP address or Hostname of NAS system. (string value) +#nas_ip = + +# User name to connect to NAS system. (string value) +#nas_login = admin + +# Password to connect to NAS system. (string value) +#nas_password = + +# SSH port to use to connect to NAS system. (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#nas_ssh_port = 22 + +# Filename of private key to use for SSH authentication. (string value) +#nas_private_key = + +# Allow network-attached storage systems to operate in a secure environment +# where root level access is not permitted. If set to False, access is as the +# root user and insecure. If set to True, access is not as root. If set to +# auto, a check is done to determine if this is a new installation: True is +# used if so, otherwise False. Default is auto. (string value) +#nas_secure_file_operations = auto + +# Set more secure file permissions on network-attached storage volume files to +# restrict broad other/world access. If set to False, volumes are created with +# open permissions. If set to True, volumes are created with permissions for +# the cinder user and group (660). If set to auto, a check is done to determine +# if this is a new installation: True is used if so, otherwise False. Default +# is auto. (string value) +#nas_secure_file_permissions = auto + +# Path to the share to use for storing Cinder volumes. For example: +# "/srv/export1" for an NFS server export available at 10.0.5.10:/srv/export1 . +# (string value) +#nas_share_path = + +# Options used to mount the storage backend file system where Cinder volumes +# are stored. (string value) +#nas_mount_options = + +# Provisioning type that will be used when creating volumes. (string value) +# Allowed values: thin, thick +# Deprecated group/name - [DEFAULT]/glusterfs_sparsed_volumes +# Deprecated group/name - [DEFAULT]/glusterfs_qcow2_volumes +#nas_volume_prov_type = thin + +# IP address or hostname of mg-a (string value) +#gateway_mga = + +# IP address or hostname of mg-b (string value) +#gateway_mgb = + +# Use igroups to manage targets and initiators (boolean value) +#use_igroups = false + +# Global backend request timeout, in seconds (integer value) +#request_timeout = 300 + +# Comma-separated list of REST servers IP to connect to. (eg +# http://IP1/,http://IP2:81/path (string value) +#srb_base_urls = + +# XMS cluster id in multi-cluster environment (string value) +#xtremio_cluster_name = + +# Number of retries in case array is busy (integer value) +#xtremio_array_busy_retry_count = 5 + +# Interval between retries in case array is busy (integer value) +#xtremio_array_busy_retry_interval = 5 + +# Serial number of storage system (string value) +#hitachi_serial_number = + +# Name of an array unit (string value) +#hitachi_unit_name = + +# Pool ID of storage system (integer value) +#hitachi_pool_id = + +# Thin pool ID of storage system (integer value) +#hitachi_thin_pool_id = + +# Range of logical device of storage system (string value) +#hitachi_ldev_range = + +# Default copy method of storage system (string value) +#hitachi_default_copy_method = FULL + +# Copy speed of storage system (integer value) +#hitachi_copy_speed = 3 + +# Interval to check copy (integer value) +#hitachi_copy_check_interval = 3 + +# Interval to check copy asynchronously (integer value) +#hitachi_async_copy_check_interval = 10 + +# Control port names for HostGroup or iSCSI Target (string value) +#hitachi_target_ports = + +# Range of group number (string value) +#hitachi_group_range = + +# Request for creating HostGroup or iSCSI Target (boolean value) +#hitachi_group_request = false + +# Infortrend raid pool name list. It is separated with comma. (string value) +#infortrend_pools_name = + +# The Infortrend CLI absolute path. By default, it is at +# /opt/bin/Infortrend/raidcmd_ESDS10.jar (string value) +#infortrend_cli_path = /opt/bin/Infortrend/raidcmd_ESDS10.jar + +# Maximum retry time for cli. Default is 5. (integer value) +#infortrend_cli_max_retries = 5 + +# Default timeout for CLI copy operations in minutes. Support: migrate volume, +# create cloned volume and create volume from snapshot. By Default, it is 30 +# minutes. (integer value) +#infortrend_cli_timeout = 30 + +# Infortrend raid channel ID list on Slot A for OpenStack usage. It is +# separated with comma. By default, it is the channel 0~7. (string value) +#infortrend_slots_a_channels_id = 0,1,2,3,4,5,6,7 + +# Infortrend raid channel ID list on Slot B for OpenStack usage. It is +# separated with comma. By default, it is the channel 0~7. (string value) +#infortrend_slots_b_channels_id = 0,1,2,3,4,5,6,7 + +# Let the volume use specific provisioning. By default, it is the full +# provisioning. The supported options are full or thin. (string value) +#infortrend_provisioning = full + +# Let the volume use specific tiering level. By default, it is the level 0. The +# supported levels are 0,2,3,4. (string value) +#infortrend_tiering = 0 + +# Configuration file for HDS iSCSI cinder plugin (string value) +#hds_hnas_iscsi_config_file = /opt/hds/hnas/cinder_iscsi_conf.xml + +# The name of ceph cluster (string value) +#rbd_cluster_name = ceph + +# The RADOS pool where rbd volumes are stored (string value) +#rbd_pool = rbd + +# The RADOS client name for accessing rbd volumes - only set when using cephx +# authentication (string value) +#rbd_user = + +# Path to the ceph configuration file (string value) +#rbd_ceph_conf = + +# Flatten volumes created from snapshots to remove dependency from volume to +# snapshot (boolean value) +#rbd_flatten_volume_from_snapshot = false + +# The libvirt uuid of the secret for the rbd_user volumes (string value) +#rbd_secret_uuid = + +# Directory where temporary image files are stored when the volume driver does +# not write them directly to the volume. Warning: this option is now +# deprecated, please use image_conversion_dir instead. (string value) +#volume_tmp_dir = + +# Maximum number of nested volume clones that are taken before a flatten +# occurs. Set to 0 to disable cloning. (integer value) +#rbd_max_clone_depth = 5 + +# Volumes will be chunked into objects of this size (in megabytes). (integer +# value) +#rbd_store_chunk_size = 4 + +# Timeout value (in seconds) used when connecting to ceph cluster. If value < +# 0, no timeout is set and default librados value is used. (integer value) +#rados_connect_timeout = -1 + +# Number of retries if connection to ceph cluster failed. (integer value) +#rados_connection_retries = 3 + +# Interval value (in seconds) between connection retries to ceph cluster. +# (integer value) +#rados_connection_interval = 5 + +# The hostname (or IP address) for the storage system (string value) +#tintri_server_hostname = + +# User name for the storage system (string value) +#tintri_server_username = + +# Password for the storage system (string value) +#tintri_server_password = + +# API version for the storage system (string value) +#tintri_api_version = v310 + +# Instance numbers for HORCM (string value) +#hitachi_horcm_numbers = 200,201 + +# Username of storage system for HORCM (string value) +#hitachi_horcm_user = + +# Password of storage system for HORCM (string value) +#hitachi_horcm_password = + +# Add to HORCM configuration (boolean value) +#hitachi_horcm_add_conf = true + +# Timeout until a resource lock is released, in seconds. The value must be +# between 0 and 7200. (integer value) +#hitachi_horcm_resource_lock_timeout = 600 + +# HP LeftHand WSAPI Server Url like https://:8081/lhos (string +# value) +#hplefthand_api_url = + +# HP LeftHand Super user username (string value) +#hplefthand_username = + +# HP LeftHand Super user password (string value) +#hplefthand_password = + +# HP LeftHand cluster name (string value) +#hplefthand_clustername = + +# Configure CHAP authentication for iSCSI connections (Default: Disabled) +# (boolean value) +#hplefthand_iscsi_chap_enabled = false + +# Enable HTTP debugging to LeftHand (boolean value) +#hplefthand_debug = false + +# Administrative user account name used to access the storage system or proxy +# server. (string value) +#netapp_login = + +# Password for the administrative user account specified in the netapp_login +# option. (string value) +#netapp_password = + +# The hostname (or IP address) for the storage system or proxy server. (string +# value) +#netapp_server_hostname = + +# The TCP port to use for communication with the storage system or proxy +# server. If not specified, Data ONTAP drivers will use 80 for HTTP and 443 for +# HTTPS; E-Series will use 8080 for HTTP and 8443 for HTTPS. (integer value) +#netapp_server_port = + +# This option is used to specify the path to the E-Series proxy application on +# a proxy server. The value is combined with the value of the +# netapp_transport_type, netapp_server_hostname, and netapp_server_port options +# to create the URL used by the driver to connect to the proxy application. +# (string value) +#netapp_webservice_path = /devmgr/v2 + +# This option is only utilized when the storage family is configured to +# eseries. This option is used to restrict provisioning to the specified +# controllers. Specify the value of this option to be a comma separated list of +# controller hostnames or IP addresses to be used for provisioning. (string +# value) +#netapp_controller_ips = + +# Password for the NetApp E-Series storage array. (string value) +#netapp_sa_password = + +# This option specifies whether the driver should allow operations that require +# multiple attachments to a volume. An example would be live migration of +# servers that have volumes attached. When enabled, this backend is limited to +# 256 total volumes in order to guarantee volumes can be accessed by more than +# one host. (boolean value) +#netapp_enable_multiattach = false + +# The transport protocol used when communicating with the storage system or +# proxy server. (string value) +# Allowed values: http, https +#netapp_transport_type = http + +# This option defines the type of operating system that will access a LUN +# exported from Data ONTAP; it is assigned to the LUN at the time it is +# created. (string value) +#netapp_lun_ostype = + +# This option defines the type of operating system for all initiators that can +# access a LUN. This information is used when mapping LUNs to individual hosts +# or groups of hosts. (string value) +# Deprecated group/name - [DEFAULT]/netapp_eseries_host_type +#netapp_host_type = + +# This option is used to restrict provisioning to the specified pools. Specify +# the value of this option to be a regular expression which will be applied to +# the names of objects from the storage backend which represent pools in +# Cinder. This option is only utilized when the storage protocol is configured +# to use iSCSI or FC. (string value) +# Deprecated group/name - [DEFAULT]/netapp_volume_list +# Deprecated group/name - [DEFAULT]/netapp_storage_pools +#netapp_pool_name_search_pattern = (.+) + +# Request for FC Zone creating HostGroup (boolean value) +#hitachi_zoning_request = false + +# Number of volumes allowed per project (integer value) +#quota_volumes = 10 + +# Number of volume snapshots allowed per project (integer value) +#quota_snapshots = 10 + +# Number of consistencygroups allowed per project (integer value) +#quota_consistencygroups = 10 + +# Total amount of storage, in gigabytes, allowed for volumes and snapshots per +# project (integer value) +#quota_gigabytes = 1000 + +# Number of volume backups allowed per project (integer value) +#quota_backups = 10 + +# Total amount of storage, in gigabytes, allowed for backups per project +# (integer value) +#quota_backup_gigabytes = 1000 + +# Number of seconds until a reservation expires (integer value) +#reservation_expire = 86400 + +# Count of reservations until usage is refreshed (integer value) +#until_refresh = 0 + +# Number of seconds between subsequent usage refreshes (integer value) +#max_age = 0 + +# Default driver to use for quota checks (string value) +#quota_driver = cinder.quota.DbQuotaDriver + +# Enables or disables use of default quota class with default quota. (boolean +# value) +#use_default_quota_class = true + +# Max size allowed per volume, in gigabytes (integer value) +#per_volume_size_limit = -1 + +# The configuration file for the Cinder Huawei driver. (string value) +#cinder_huawei_conf_file = /etc/cinder/cinder_huawei_conf.xml + +# Storage Center System Serial Number (integer value) +#dell_sc_ssn = 64702 + +# Dell API port (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#dell_sc_api_port = 3033 + +# Name of the server folder to use on the Storage Center (string value) +#dell_sc_server_folder = openstack + +# Name of the volume folder to use on the Storage Center (string value) +#dell_sc_volume_folder = openstack + +# Enable HTTPS SC certificate verification. (boolean value) +#dell_sc_verify_cert = false + +# Which filter class names to use for filtering hosts when not specified in the +# request. (list value) +#scheduler_default_filters = AvailabilityZoneFilter,CapacityFilter,CapabilitiesFilter + +# Which weigher class names to use for weighing hosts. (list value) +#scheduler_default_weighers = CapacityWeigher + +# Base dir containing mount point for NFS share. (string value) +#backup_mount_point_base = $state_path/backup_mount + +# NFS share in hostname:path, ipv4addr:path, or "[ipv6addr]:path" format. +# (string value) +#backup_share = + +# Mount options passed to the NFS client. See NFS man page for details. (string +# value) +#backup_mount_options = + +# IP address/hostname of Blockbridge API. (string value) +#blockbridge_api_host = + +# Override HTTPS port to connect to Blockbridge API server. (integer value) +#blockbridge_api_port = + +# Blockbridge API authentication scheme (token or password) (string value) +# Allowed values: token, password +#blockbridge_auth_scheme = token + +# Blockbridge API token (for auth scheme 'token') (string value) +#blockbridge_auth_token = + +# Blockbridge API user (for auth scheme 'password') (string value) +#blockbridge_auth_user = + +# Blockbridge API password (for auth scheme 'password') (string value) +#blockbridge_auth_password = + +# Defines the set of exposed pools and their associated backend query strings +# (dict value) +#blockbridge_pools = OpenStack:+openstack + +# Default pool name if unspecified. (string value) +#blockbridge_default_pool = + +# Data path IP address (string value) +#zfssa_data_ip = + +# HTTPS port number (string value) +#zfssa_https_port = 443 + +# Options to be passed while mounting share over nfs (string value) +#zfssa_nfs_mount_options = + +# Storage pool name. (string value) +#zfssa_nfs_pool = + +# Project name. (string value) +#zfssa_nfs_project = NFSProject + +# Share name. (string value) +#zfssa_nfs_share = nfs_share + +# Data compression. (string value) +# Allowed values: off, lzjb, gzip-2, gzip, gzip-9 +#zfssa_nfs_share_compression = off + +# Synchronous write bias-latency, throughput. (string value) +# Allowed values: latency, throughput +#zfssa_nfs_share_logbias = latency + +# REST connection timeout. (seconds) (integer value) +#zfssa_rest_timeout = + +# Flag to enable local caching: True, False. (boolean value) +#zfssa_enable_local_cache = true + +# Name of directory inside zfssa_nfs_share where cache volumes are stored. +# (string value) +#zfssa_cache_directory = os-cinder-cache + +# Space network name to use for data transfer (string value) +#hgst_net = Net 1 (IPv4) + +# Comma separated list of Space storage servers:devices. ex: +# os1_stor:gbd0,os2_stor:gbd0 (string value) +#hgst_storage_servers = os:gbd0 + +# Should spaces be redundantly stored (1/0) (string value) +#hgst_redundancy = 0 + +# User to own created spaces (string value) +#hgst_space_user = root + +# Group to own created spaces (string value) +#hgst_space_group = disk + +# UNIX mode for created spaces (string value) +#hgst_space_mode = 0600 + +# Directory used for temporary storage during image conversion (string value) +#image_conversion_dir = $state_path/conversion + +# Match this value when searching for nova in the service catalog. Format is: +# separated values of the form: :: +# (string value) +#nova_catalog_info = compute:Compute Service:publicURL +nova_catalog_info = compute:nova:publicURL + +# Same as nova_catalog_info, but for admin endpoint. (string value) +#nova_catalog_admin_info = compute:Compute Service:adminURL +nova_catalog_admin_info = compute:nova:adminURL + +# Override service catalog lookup with template for nova endpoint e.g. +# http://localhost:8774/v2/%(project_id)s (string value) +#nova_endpoint_template = + +# Same as nova_endpoint_template, but for admin endpoint. (string value) +#nova_endpoint_admin_template = + +# Region name of this node (string value) +#os_region_name = + +# Location of ca certificates file to use for nova client requests. (string +# value) +#nova_ca_certificates_file = + +# Allow to perform insecure SSL requests to nova (boolean value) +#nova_api_insecure = false + +# Connect with multipath (FC only).(Default is false.) (boolean value) +#flashsystem_multipath_enabled = false + +# DPL pool uuid in which DPL volumes are stored. (string value) +#dpl_pool = + +# DPL port number. (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#dpl_port = 8357 + +# Add CHAP user (boolean value) +#hitachi_add_chap_user = false + +# iSCSI authentication method (string value) +#hitachi_auth_method = + +# iSCSI authentication username (string value) +#hitachi_auth_user = HBSD-CHAP-user + +# iSCSI authentication password (string value) +#hitachi_auth_password = HBSD-CHAP-password + +# Driver to use for volume creation (string value) +#volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver + +# Timeout for creating the volume to migrate to when performing volume +# migration (seconds) (integer value) +#migration_create_volume_timeout_secs = 300 + +# Offload pending volume delete during volume service startup (boolean value) +#volume_service_inithost_offload = false + +# FC Zoning mode configured (string value) +#zoning_mode = none + +# User defined capabilities, a JSON formatted string specifying key/value +# pairs. The key/value pairs can be used by the CapabilitiesFilter to select +# between backends when requests specify volume types. For example, specifying +# a service level or the geographical location of a backend, then creating a +# volume type to allow the user to select by these different properties. +# (string value) +#extra_capabilities = {} + +# Default iSCSI Port ID of FlashSystem. (Default port is 0.) (integer value) +#flashsystem_iscsi_portid = 0 + +# Connection protocol should be FC. (Default is FC.) (string value) +#flashsystem_connection_protocol = FC + +# Allows vdisk to multi host mapping. (Default is True) (boolean value) +#flashsystem_multihostmap_enabled = true + +# 3PAR WSAPI Server Url like https://<3par ip>:8080/api/v1 (string value) +#hp3par_api_url = + +# 3PAR username with the 'edit' role (string value) +#hp3par_username = + +# 3PAR password for the user specified in hp3par_username (string value) +#hp3par_password = + +# List of the CPG(s) to use for volume creation (list value) +#hp3par_cpg = OpenStack + +# The CPG to use for Snapshots for volumes. If empty the userCPG will be used. +# (string value) +#hp3par_cpg_snap = + +# The time in hours to retain a snapshot. You can't delete it before this +# expires. (string value) +#hp3par_snapshot_retention = + +# The time in hours when a snapshot expires and is deleted. This must be +# larger than expiration (string value) +#hp3par_snapshot_expiration = + +# Enable HTTP debugging to 3PAR (boolean value) +#hp3par_debug = false + +# List of target iSCSI addresses to use. (list value) +#hp3par_iscsi_ips = + +# Enable CHAP authentication for iSCSI connections. (boolean value) +#hp3par_iscsi_chap_enabled = false + +# Proxy driver that connects to the IBM Storage Array (string value) +#xiv_ds8k_proxy = xiv_ds8k_openstack.nova_proxy.XIVDS8KNovaProxy + +# Connection type to the IBM Storage Array (string value) +# Allowed values: fibre_channel, iscsi +#xiv_ds8k_connection_type = iscsi + +# CHAP authentication mode, effective only for iscsi (disabled|enabled) (string +# value) +# Allowed values: disabled, enabled +#xiv_chap = disabled + +# List of Management IP addresses (separated by commas) (string value) +#management_ips = + +# DEPRECATED: This will be removed in the Liberty release. Use san_login and +# san_password instead. This directly sets the Datera API token. (string value) +#datera_api_token = + +# Datera API port. (string value) +#datera_api_port = 7717 + +# Datera API version. (string value) +#datera_api_version = 1 + +# Number of replicas to create of an inode. (string value) +#datera_num_replicas = 3 + +# List of all available devices (list value) +#available_devices = + +# URL to the Quobyte volume e.g., quobyte:/// (string +# value) +#quobyte_volume_url = + +# Path to a Quobyte Client configuration file. (string value) +#quobyte_client_cfg = + +# Create volumes as sparse files which take no space. If set to False, volume +# is created as regular file.In such case volume creation takes a lot of time. +# (boolean value) +#quobyte_sparsed_volumes = true + +# Create volumes as QCOW2 files rather than raw files. (boolean value) +#quobyte_qcow2_volumes = true + +# Base dir containing the mount point for the Quobyte volume. (string value) +#quobyte_mount_point_base = $state_path/mnt + +# File with the list of available vzstorage shares. (string value) +#vzstorage_shares_config = /etc/cinder/vzstorage_shares + +# Create volumes as sparsed files which take no space rather than regular files +# when using raw format, in which case volume creation takes lot of time. +# (boolean value) +#vzstorage_sparsed_volumes = true + +# Percent of ACTUAL usage of the underlying volume before no new volumes can be +# allocated to the volume destination. (floating point value) +#vzstorage_used_ratio = 0.95 + +# Base dir containing mount points for vzstorage shares. (string value) +#vzstorage_mount_point_base = $state_path/mnt + +# Mount options passed to the vzstorage client. See section of the pstorage- +# mount man page for details. (list value) +#vzstorage_mount_options = + +# File with the list of available nfs shares (string value) +#nfs_shares_config = /etc/cinder/nfs_shares + +# Create volumes as sparsed files which take no space.If set to False volume is +# created as regular file.In such case volume creation takes a lot of time. +# (boolean value) +#nfs_sparsed_volumes = true + +# Percent of ACTUAL usage of the underlying volume before no new volumes can be +# allocated to the volume destination. Note that this option is deprecated in +# favor of "reserved_percentage" and will be removed in the Mitaka release. +# (floating point value) +#nfs_used_ratio = 0.95 + +# This will compare the allocated to available space on the volume destination. +# If the ratio exceeds this number, the destination will no longer be valid. +# Note that this option is deprecated in favor of "max_oversubscription_ratio" +# and will be removed in the Mitaka release. (floating point value) +#nfs_oversub_ratio = 1.0 + +# Base dir containing mount points for nfs shares. (string value) +#nfs_mount_point_base = $state_path/mnt + +# Mount options passed to the nfs client. See section of the nfs man page for +# details. (string value) +#nfs_mount_options = + +# The number of attempts to mount nfs shares before raising an error. At least +# one attempt will be made to mount an nfs share, regardless of the value +# specified. (integer value) +#nfs_mount_attempts = 3 + +# +# From oslo.log +# + +# Print debugging output (set logging level to DEBUG instead of default INFO +# level). (boolean value) +#debug = false +debug = True + +# If set to false, will disable INFO logging level, making WARNING the default. +# (boolean value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#verbose = true +verbose = True + +# The name of a logging configuration file. This file is appended to any +# existing logging configuration files. For details about logging configuration +# files, see the Python logging module documentation. (string value) +# Deprecated group/name - [DEFAULT]/log_config +#log_config_append = + +# DEPRECATED. A logging.Formatter log message format string which may use any +# of the available logging.LogRecord attributes. This option is deprecated. +# Please use logging_context_format_string and logging_default_format_string +# instead. (string value) +#log_format = + +# Format string for %%(asctime)s in log records. Default: %(default)s . (string +# value) +#log_date_format = %Y-%m-%d %H:%M:%S + +# (Optional) Name of log file to output to. If no default is set, logging will +# go to stdout. (string value) +# Deprecated group/name - [DEFAULT]/logfile +#log_file = + +# (Optional) The base directory used for relative --log-file paths. (string +# value) +# Deprecated group/name - [DEFAULT]/logdir +#log_dir = +log_dir = /var/log/cinder + +# Use syslog for logging. Existing syslog format is DEPRECATED and will be +# changed later to honor RFC5424. (boolean value) +#use_syslog = false + +# (Optional) Enables or disables syslog rfc5424 format for logging. If enabled, +# prefixes the MSG part of the syslog message with APP-NAME (RFC5424). The +# format without the APP-NAME is deprecated in Kilo, and will be removed in +# Mitaka, along with this option. (boolean value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#use_syslog_rfc_format = true + +# Syslog facility to receive log lines. (string value) +#syslog_log_facility = LOG_USER + +# Log output to standard error. (boolean value) +#use_stderr = true + +# Format string to use for log messages with context. (string value) +#logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s + +# Format string to use for log messages without context. (string value) +#logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s + +# Data to append to log format when level is DEBUG. (string value) +#logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d + +# Prefix each line of exception output with this format. (string value) +#logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s + +# List of logger=LEVEL pairs. (list value) +#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN + +# Enables or disables publication of error events. (boolean value) +#publish_errors = false + +# The format for an instance that is passed with the log message. (string +# value) +#instance_format = "[instance: %(uuid)s] " + +# The format for an instance UUID that is passed with the log message. (string +# value) +#instance_uuid_format = "[instance: %(uuid)s] " + +# Enables or disables fatal status of deprecations. (boolean value) +#fatal_deprecations = false + +# +# From oslo.messaging +# + +# Size of RPC connection pool. (integer value) +# Deprecated group/name - [DEFAULT]/rpc_conn_pool_size +#rpc_conn_pool_size = 30 + +# ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP. +# The "host" option should point or resolve to this address. (string value) +#rpc_zmq_bind_address = * + +# MatchMaker driver. (string value) +#rpc_zmq_matchmaker = local + +# ZeroMQ receiver listening port. (integer value) +#rpc_zmq_port = 9501 + +# Number of ZeroMQ contexts, defaults to 1. (integer value) +#rpc_zmq_contexts = 1 + +# Maximum number of ingress messages to locally buffer per topic. Default is +# unlimited. (integer value) +#rpc_zmq_topic_backlog = + +# Directory for holding IPC sockets. (string value) +#rpc_zmq_ipc_dir = /var/run/openstack + +# Name of this node. Must be a valid hostname, FQDN, or IP address. Must match +# "host" option, if running Nova. (string value) +#rpc_zmq_host = localhost + +# Seconds to wait before a cast expires (TTL). Only supported by impl_zmq. +# (integer value) +#rpc_cast_timeout = 30 + +# Heartbeat frequency. (integer value) +#matchmaker_heartbeat_freq = 300 + +# Heartbeat time-to-live. (integer value) +#matchmaker_heartbeat_ttl = 600 + +# Size of executor thread pool. (integer value) +# Deprecated group/name - [DEFAULT]/rpc_thread_pool_size +#executor_thread_pool_size = 64 + +# The Drivers(s) to handle sending notifications. Possible values are +# messaging, messagingv2, routing, log, test, noop (multi valued) +#notification_driver = +notification_driver =messagingv2 + +# AMQP topic used for OpenStack notifications. (list value) +# Deprecated group/name - [rpc_notifier2]/topics +#notification_topics = notifications + +# Seconds to wait for a response from a call. (integer value) +#rpc_response_timeout = 60 + +# A URL representing the messaging driver to use and its full configuration. If +# not set, we fall back to the rpc_backend option and driver specific +# configuration. (string value) +#transport_url = + +# The messaging driver to use, defaults to rabbit. Other drivers include qpid +# and zmq. (string value) +#rpc_backend = rabbit +rpc_backend = rabbit + +# The default exchange under which topics are scoped. May be overridden by an +# exchange name specified in the transport_url option. (string value) +#control_exchange = openstack +control_exchange = openstack + +# +# From oslo.messaging +# + +# Size of RPC connection pool. (integer value) +# Deprecated group/name - [DEFAULT]/rpc_conn_pool_size +#rpc_conn_pool_size = 30 + +# ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP. +# The "host" option should point or resolve to this address. (string value) +#rpc_zmq_bind_address = * + +# MatchMaker driver. (string value) +#rpc_zmq_matchmaker = local + +# ZeroMQ receiver listening port. (integer value) +#rpc_zmq_port = 9501 + +# Number of ZeroMQ contexts, defaults to 1. (integer value) +#rpc_zmq_contexts = 1 + +# Maximum number of ingress messages to locally buffer per topic. Default is +# unlimited. (integer value) +#rpc_zmq_topic_backlog = + +# Directory for holding IPC sockets. (string value) +#rpc_zmq_ipc_dir = /var/run/openstack + +# Name of this node. Must be a valid hostname, FQDN, or IP address. Must match +# "host" option, if running Nova. (string value) +#rpc_zmq_host = localhost + +# Seconds to wait before a cast expires (TTL). Only supported by impl_zmq. +# (integer value) +#rpc_cast_timeout = 30 + +# Heartbeat frequency. (integer value) +#matchmaker_heartbeat_freq = 300 + +# Heartbeat time-to-live. (integer value) +#matchmaker_heartbeat_ttl = 600 + +# Size of executor thread pool. (integer value) +# Deprecated group/name - [DEFAULT]/rpc_thread_pool_size +#executor_thread_pool_size = 64 + +# The Drivers(s) to handle sending notifications. Possible values are +# messaging, messagingv2, routing, log, test, noop (multi valued) +#notification_driver = + +# AMQP topic used for OpenStack notifications. (list value) +# Deprecated group/name - [rpc_notifier2]/topics +#notification_topics = notifications + +# Seconds to wait for a response from a call. (integer value) +#rpc_response_timeout = 60 + +# A URL representing the messaging driver to use and its full configuration. If +# not set, we fall back to the rpc_backend option and driver specific +# configuration. (string value) +#transport_url = + +# The messaging driver to use, defaults to rabbit. Other drivers include qpid +# and zmq. (string value) +#rpc_backend = rabbit + +# The default exchange under which topics are scoped. May be overridden by an +# exchange name specified in the transport_url option. (string value) +#control_exchange = openstack +api_paste_config=/etc/cinder/api-paste.ini + + +[BRCD_FABRIC_EXAMPLE] + +# +# From cinder +# + +# Management IP of fabric (string value) +#fc_fabric_address = + +# Fabric user ID (string value) +#fc_fabric_user = + +# Password for user (string value) +#fc_fabric_password = + +# Connecting port (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#fc_fabric_port = 22 + +# overridden zoning policy (string value) +#zoning_policy = initiator-target + +# overridden zoning activation state (boolean value) +#zone_activate = true + +# overridden zone name prefix (string value) +#zone_name_prefix = + +# Principal switch WWN of the fabric (string value) +#principal_switch_wwn = + + +[CISCO_FABRIC_EXAMPLE] + +# +# From cinder +# + +# Management IP of fabric (string value) +#cisco_fc_fabric_address = + +# Fabric user ID (string value) +#cisco_fc_fabric_user = + +# Password for user (string value) +#cisco_fc_fabric_password = + +# Connecting port (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#cisco_fc_fabric_port = 22 + +# overridden zoning policy (string value) +#cisco_zoning_policy = initiator-target + +# overridden zoning activation state (boolean value) +#cisco_zone_activate = true + +# overridden zone name prefix (string value) +#cisco_zone_name_prefix = + +# VSAN of the Fabric (string value) +#cisco_zoning_vsan = + + +[cors] + +# +# From oslo.middleware +# + +# Indicate whether this resource may be shared with the domain received in the +# requests "origin" header. (string value) +#allowed_origin = + +# Indicate that the actual request can include user credentials (boolean value) +#allow_credentials = true + +# Indicate which headers are safe to expose to the API. Defaults to HTTP Simple +# Headers. (list value) +#expose_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma + +# Maximum cache age of CORS preflight requests. (integer value) +#max_age = 3600 + +# Indicate which methods can be used during the actual request. (list value) +#allow_methods = GET,POST,PUT,DELETE,OPTIONS + +# Indicate which header field names may be used during the actual request. +# (list value) +#allow_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma + + +[cors.subdomain] + +# +# From oslo.middleware +# + +# Indicate whether this resource may be shared with the domain received in the +# requests "origin" header. (string value) +#allowed_origin = + +# Indicate that the actual request can include user credentials (boolean value) +#allow_credentials = true + +# Indicate which headers are safe to expose to the API. Defaults to HTTP Simple +# Headers. (list value) +#expose_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma + +# Maximum cache age of CORS preflight requests. (integer value) +#max_age = 3600 + +# Indicate which methods can be used during the actual request. (list value) +#allow_methods = GET,POST,PUT,DELETE,OPTIONS + +# Indicate which header field names may be used during the actual request. +# (list value) +#allow_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma + + +[database] + +# +# From oslo.db +# + +# The file name to use with SQLite. (string value) +# Deprecated group/name - [DEFAULT]/sqlite_db +#sqlite_db = oslo.sqlite + +# If True, SQLite uses synchronous mode. (boolean value) +# Deprecated group/name - [DEFAULT]/sqlite_synchronous +#sqlite_synchronous = true + +# The back end to use for the database. (string value) +# Deprecated group/name - [DEFAULT]/db_backend +#backend = sqlalchemy + +# The SQLAlchemy connection string to use to connect to the database. (string +# value) +# Deprecated group/name - [DEFAULT]/sql_connection +# Deprecated group/name - [DATABASE]/sql_connection +# Deprecated group/name - [sql]/connection +#connection = +connection = mysql+pymysql://cinder:qum5net@VARINET4ADDR/cinder + +# The SQLAlchemy connection string to use to connect to the slave database. +# (string value) +#slave_connection = + +# The SQL mode to be used for MySQL sessions. This option, including the +# default, overrides any server-set SQL mode. To use whatever SQL mode is set +# by the server configuration, set this to no value. Example: mysql_sql_mode= +# (string value) +#mysql_sql_mode = TRADITIONAL + +# Timeout before idle SQL connections are reaped. (integer value) +# Deprecated group/name - [DEFAULT]/sql_idle_timeout +# Deprecated group/name - [DATABASE]/sql_idle_timeout +# Deprecated group/name - [sql]/idle_timeout +#idle_timeout = 3600 + +# Minimum number of SQL connections to keep open in a pool. (integer value) +# Deprecated group/name - [DEFAULT]/sql_min_pool_size +# Deprecated group/name - [DATABASE]/sql_min_pool_size +#min_pool_size = 1 + +# Maximum number of SQL connections to keep open in a pool. (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_pool_size +# Deprecated group/name - [DATABASE]/sql_max_pool_size +#max_pool_size = + +# Maximum number of database connection retries during startup. Set to -1 to +# specify an infinite retry count. (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_retries +# Deprecated group/name - [DATABASE]/sql_max_retries +#max_retries = 10 + +# Interval between retries of opening a SQL connection. (integer value) +# Deprecated group/name - [DEFAULT]/sql_retry_interval +# Deprecated group/name - [DATABASE]/reconnect_interval +#retry_interval = 10 + +# If set, use this value for max_overflow with SQLAlchemy. (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_overflow +# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow +#max_overflow = + +# Verbosity of SQL debugging information: 0=None, 100=Everything. (integer +# value) +# Deprecated group/name - [DEFAULT]/sql_connection_debug +#connection_debug = 0 + +# Add Python stack traces to SQL as comment strings. (boolean value) +# Deprecated group/name - [DEFAULT]/sql_connection_trace +#connection_trace = false + +# If set, use this value for pool_timeout with SQLAlchemy. (integer value) +# Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout +#pool_timeout = + +# Enable the experimental use of database reconnect on connection lost. +# (boolean value) +#use_db_reconnect = false + +# Seconds between retries of a database transaction. (integer value) +#db_retry_interval = 1 + +# If True, increases the interval between retries of a database operation up to +# db_max_retry_interval. (boolean value) +#db_inc_retry_interval = true + +# If db_inc_retry_interval is set, the maximum seconds between retries of a +# database operation. (integer value) +#db_max_retry_interval = 10 + +# Maximum retries in case of connection error or deadlock error before error is +# raised. Set to -1 to specify an infinite retry count. (integer value) +#db_max_retries = 20 + + +[fc-zone-manager] + +# +# From cinder +# + +# FC Zone Driver responsible for zone management (string value) +#zone_driver = cinder.zonemanager.drivers.brocade.brcd_fc_zone_driver.BrcdFCZoneDriver + +# Zoning policy configured by user; valid values include "initiator-target" or +# "initiator" (string value) +#zoning_policy = initiator-target + +# Comma separated list of Fibre Channel fabric names. This list of names is +# used to retrieve other SAN credentials for connecting to each SAN fabric +# (string value) +#fc_fabric_names = + +# FC SAN Lookup Service (string value) +#fc_san_lookup_service = cinder.zonemanager.drivers.brocade.brcd_fc_san_lookup_service.BrcdFCSanLookupService + +# Southbound connector for zoning operation (string value) +#brcd_sb_connector = cinder.zonemanager.drivers.brocade.brcd_fc_zone_client_cli.BrcdFCZoneClientCLI + +# Southbound connector for zoning operation (string value) +#cisco_sb_connector = cinder.zonemanager.drivers.cisco.cisco_fc_zone_client_cli.CiscoFCZoneClientCLI + + +[keymgr] + +# +# From cinder +# + +# Authentication url for encryption service. (string value) +#encryption_auth_url = http://localhost:5000/v3 + +# Url for encryption service. (string value) +#encryption_api_url = http://localhost:9311/v1 + +# The full class name of the key manager API class (string value) +#api_class = cinder.keymgr.conf_key_mgr.ConfKeyManager + +# Fixed key returned by key manager, specified in hex (string value) +#fixed_key = + + +[keystone_authtoken] + +# +# From keystonemiddleware.auth_token +# + +# Complete public Identity API endpoint. (string value) +#auth_uri = +auth_uri = http://VARINET4ADDR:5000/v2.0 + +# API version of the admin Identity API endpoint. (string value) +#auth_version = + +# Do not handle authorization requests within the middleware, but delegate the +# authorization decision to downstream WSGI components. (boolean value) +#delay_auth_decision = false + +# Request timeout value for communicating with Identity API server. (integer +# value) +#http_connect_timeout = + +# How many times are we trying to reconnect when communicating with Identity +# API Server. (integer value) +#http_request_max_retries = 3 + +# Env key for the swift cache. (string value) +#cache = + +# Required if identity server requires client certificate (string value) +#certfile = + +# Required if identity server requires client certificate (string value) +#keyfile = + +# A PEM encoded Certificate Authority to use when verifying HTTPs connections. +# Defaults to system CAs. (string value) +#cafile = + +# Verify HTTPS connections. (boolean value) +#insecure = false + +# The region in which the identity server can be found. (string value) +#region_name = + +# Directory used to cache files related to PKI tokens. (string value) +#signing_dir = + +# Optionally specify a list of memcached server(s) to use for caching. If left +# undefined, tokens will instead be cached in-process. (list value) +# Deprecated group/name - [DEFAULT]/memcache_servers +#memcached_servers = + +# In order to prevent excessive effort spent validating tokens, the middleware +# caches previously-seen tokens for a configurable duration (in seconds). Set +# to -1 to disable caching completely. (integer value) +#token_cache_time = 300 + +# Determines the frequency at which the list of revoked tokens is retrieved +# from the Identity service (in seconds). A high number of revocation events +# combined with a low cache duration may significantly reduce performance. +# (integer value) +#revocation_cache_time = 10 + +# (Optional) If defined, indicate whether token data should be authenticated or +# authenticated and encrypted. Acceptable values are MAC or ENCRYPT. If MAC, +# token data is authenticated (with HMAC) in the cache. If ENCRYPT, token data +# is encrypted and authenticated in the cache. If the value is not one of these +# options or empty, auth_token will raise an exception on initialization. +# (string value) +#memcache_security_strategy = + +# (Optional, mandatory if memcache_security_strategy is defined) This string is +# used for key derivation. (string value) +#memcache_secret_key = + +# (Optional) Number of seconds memcached server is considered dead before it is +# tried again. (integer value) +#memcache_pool_dead_retry = 300 + +# (Optional) Maximum total number of open connections to every memcached +# server. (integer value) +#memcache_pool_maxsize = 10 + +# (Optional) Socket timeout in seconds for communicating with a memcached +# server. (integer value) +#memcache_pool_socket_timeout = 3 + +# (Optional) Number of seconds a connection to memcached is held unused in the +# pool before it is closed. (integer value) +#memcache_pool_unused_timeout = 60 + +# (Optional) Number of seconds that an operation will wait to get a memcached +# client connection from the pool. (integer value) +#memcache_pool_conn_get_timeout = 10 + +# (Optional) Use the advanced (eventlet safe) memcached client pool. The +# advanced pool will only work under python 2.x. (boolean value) +#memcache_use_advanced_pool = false + +# (Optional) Indicate whether to set the X-Service-Catalog header. If False, +# middleware will not ask for service catalog on token validation and will not +# set the X-Service-Catalog header. (boolean value) +#include_service_catalog = true + +# Used to control the use and type of token binding. Can be set to: "disabled" +# to not check token binding. "permissive" (default) to validate binding +# information if the bind type is of a form known to the server and ignore it +# if not. "strict" like "permissive" but if the bind type is unknown the token +# will be rejected. "required" any form of token binding is needed to be +# allowed. Finally the name of a binding method that must be present in tokens. +# (string value) +#enforce_token_bind = permissive + +# If true, the revocation list will be checked for cached tokens. This requires +# that PKI tokens are configured on the identity server. (boolean value) +#check_revocations_for_cached = false + +# Hash algorithms to use for hashing PKI tokens. This may be a single algorithm +# or multiple. The algorithms are those supported by Python standard +# hashlib.new(). The hashes will be tried in the order given, so put the +# preferred one first for performance. The result of the first hash will be +# stored in the cache. This will typically be set to multiple values only while +# migrating from a less secure algorithm to a more secure one. Once all the old +# tokens are expired this option should be set to a single value for better +# performance. (list value) +#hash_algorithms = md5 + +# Prefix to prepend at the beginning of the path. Deprecated, use identity_uri. +# (string value) +#auth_admin_prefix = + +# Host providing the admin Identity API endpoint. Deprecated, use identity_uri. +# (string value) +#auth_host = 127.0.0.1 + +# Port of the admin Identity API endpoint. Deprecated, use identity_uri. +# (integer value) +#auth_port = 35357 + +# Protocol of the admin Identity API endpoint (http or https). Deprecated, use +# identity_uri. (string value) +#auth_protocol = https + +# Complete admin Identity API endpoint. This should specify the unversioned +# root endpoint e.g. https://localhost:35357/ (string value) +#identity_uri = +identity_uri = http://VARINET4ADDR:35357 + +# This option is deprecated and may be removed in a future release. Single +# shared secret with the Keystone configuration used for bootstrapping a +# Keystone installation, or otherwise bypassing the normal authentication +# process. This option should not be used, use `admin_user` and +# `admin_password` instead. (string value) +#admin_token = + +# Service username. (string value) +#admin_user = +admin_user = cinder + +# Service user password. (string value) +#admin_password = +admin_password = qum5net + +# Service tenant name. (string value) +#admin_tenant_name = admin +admin_tenant_name = services + + +[matchmaker_redis] + +# +# From oslo.messaging +# + +# Host to locate redis. (string value) +#host = 127.0.0.1 + +# Use this port to connect to redis host. (integer value) +#port = 6379 + +# Password for Redis server (optional). (string value) +#password = + +# +# From oslo.messaging +# + +# Host to locate redis. (string value) +#host = 127.0.0.1 + +# Use this port to connect to redis host. (integer value) +#port = 6379 + +# Password for Redis server (optional). (string value) +#password = + + +[matchmaker_ring] + +# +# From oslo.messaging +# + +# Matchmaker ring file (JSON). (string value) +# Deprecated group/name - [DEFAULT]/matchmaker_ringfile +#ringfile = /etc/oslo/matchmaker_ring.json + +# +# From oslo.messaging +# + +# Matchmaker ring file (JSON). (string value) +# Deprecated group/name - [DEFAULT]/matchmaker_ringfile +#ringfile = /etc/oslo/matchmaker_ring.json + + +[oslo_concurrency] + +# +# From oslo.concurrency +# + +# Enables or disables inter-process locks. (boolean value) +# Deprecated group/name - [DEFAULT]/disable_process_locking +#disable_process_locking = false + +# Directory to use for lock files. For security, the specified directory +# should only be writable by the user running the processes that need locking. +# Defaults to environment variable OSLO_LOCK_PATH. If external locks are used, +# a lock path must be set. (string value) +# Deprecated group/name - [DEFAULT]/lock_path +#lock_path = + + +[oslo_messaging_amqp] + +# +# From oslo.messaging +# + +# address prefix used when sending to a specific server (string value) +# Deprecated group/name - [amqp1]/server_request_prefix +#server_request_prefix = exclusive + +# address prefix used when broadcasting to all servers (string value) +# Deprecated group/name - [amqp1]/broadcast_prefix +#broadcast_prefix = broadcast + +# address prefix when sending to any server in group (string value) +# Deprecated group/name - [amqp1]/group_request_prefix +#group_request_prefix = unicast + +# Name for the AMQP container (string value) +# Deprecated group/name - [amqp1]/container_name +#container_name = + +# Timeout for inactive connections (in seconds) (integer value) +# Deprecated group/name - [amqp1]/idle_timeout +#idle_timeout = 0 + +# Debug: dump AMQP frames to stdout (boolean value) +# Deprecated group/name - [amqp1]/trace +#trace = false + +# CA certificate PEM file to verify server certificate (string value) +# Deprecated group/name - [amqp1]/ssl_ca_file +#ssl_ca_file = + +# Identifying certificate PEM file to present to clients (string value) +# Deprecated group/name - [amqp1]/ssl_cert_file +#ssl_cert_file = + +# Private key PEM file used to sign cert_file certificate (string value) +# Deprecated group/name - [amqp1]/ssl_key_file +#ssl_key_file = + +# Password for decrypting ssl_key_file (if encrypted) (string value) +# Deprecated group/name - [amqp1]/ssl_key_password +#ssl_key_password = + +# Accept clients using either SSL or plain TCP (boolean value) +# Deprecated group/name - [amqp1]/allow_insecure_clients +#allow_insecure_clients = false + +# +# From oslo.messaging +# + +# address prefix used when sending to a specific server (string value) +# Deprecated group/name - [amqp1]/server_request_prefix +#server_request_prefix = exclusive + +# address prefix used when broadcasting to all servers (string value) +# Deprecated group/name - [amqp1]/broadcast_prefix +#broadcast_prefix = broadcast + +# address prefix when sending to any server in group (string value) +# Deprecated group/name - [amqp1]/group_request_prefix +#group_request_prefix = unicast + +# Name for the AMQP container (string value) +# Deprecated group/name - [amqp1]/container_name +#container_name = + +# Timeout for inactive connections (in seconds) (integer value) +# Deprecated group/name - [amqp1]/idle_timeout +#idle_timeout = 0 + +# Debug: dump AMQP frames to stdout (boolean value) +# Deprecated group/name - [amqp1]/trace +#trace = false + +# CA certificate PEM file to verify server certificate (string value) +# Deprecated group/name - [amqp1]/ssl_ca_file +#ssl_ca_file = + +# Identifying certificate PEM file to present to clients (string value) +# Deprecated group/name - [amqp1]/ssl_cert_file +#ssl_cert_file = + +# Private key PEM file used to sign cert_file certificate (string value) +# Deprecated group/name - [amqp1]/ssl_key_file +#ssl_key_file = + +# Password for decrypting ssl_key_file (if encrypted) (string value) +# Deprecated group/name - [amqp1]/ssl_key_password +#ssl_key_password = + +# Accept clients using either SSL or plain TCP (boolean value) +# Deprecated group/name - [amqp1]/allow_insecure_clients +#allow_insecure_clients = false + + +[oslo_messaging_qpid] + +# +# From oslo.messaging +# + +# Use durable queues in AMQP. (boolean value) +# Deprecated group/name - [DEFAULT]/amqp_durable_queues +# Deprecated group/name - [DEFAULT]/rabbit_durable_queues +#amqp_durable_queues = false + +# Auto-delete queues in AMQP. (boolean value) +# Deprecated group/name - [DEFAULT]/amqp_auto_delete +#amqp_auto_delete = false + +# Send a single AMQP reply to call message. The current behaviour since oslo- +# incubator is to send two AMQP replies - first one with the payload, a second +# one to ensure the other have finish to send the payload. We are going to +# remove it in the N release, but we must keep backward compatible at the same +# time. This option provides such compatibility - it defaults to False in +# Liberty and can be turned on for early adopters with a new installations or +# for testing. Please note, that this option will be removed in the Mitaka +# release. (boolean value) +#send_single_reply = false + +# Qpid broker hostname. (string value) +# Deprecated group/name - [DEFAULT]/qpid_hostname +#qpid_hostname = localhost + +# Qpid broker port. (integer value) +# Deprecated group/name - [DEFAULT]/qpid_port +#qpid_port = 5672 + +# Qpid HA cluster host:port pairs. (list value) +# Deprecated group/name - [DEFAULT]/qpid_hosts +#qpid_hosts = $qpid_hostname:$qpid_port + +# Username for Qpid connection. (string value) +# Deprecated group/name - [DEFAULT]/qpid_username +#qpid_username = + +# Password for Qpid connection. (string value) +# Deprecated group/name - [DEFAULT]/qpid_password +#qpid_password = + +# Space separated list of SASL mechanisms to use for auth. (string value) +# Deprecated group/name - [DEFAULT]/qpid_sasl_mechanisms +#qpid_sasl_mechanisms = + +# Seconds between connection keepalive heartbeats. (integer value) +# Deprecated group/name - [DEFAULT]/qpid_heartbeat +#qpid_heartbeat = 60 + +# Transport to use, either 'tcp' or 'ssl'. (string value) +# Deprecated group/name - [DEFAULT]/qpid_protocol +#qpid_protocol = tcp + +# Whether to disable the Nagle algorithm. (boolean value) +# Deprecated group/name - [DEFAULT]/qpid_tcp_nodelay +#qpid_tcp_nodelay = true + +# The number of prefetched messages held by receiver. (integer value) +# Deprecated group/name - [DEFAULT]/qpid_receiver_capacity +#qpid_receiver_capacity = 1 + +# The qpid topology version to use. Version 1 is what was originally used by +# impl_qpid. Version 2 includes some backwards-incompatible changes that allow +# broker federation to work. Users should update to version 2 when they are +# able to take everything down, as it requires a clean break. (integer value) +# Deprecated group/name - [DEFAULT]/qpid_topology_version +#qpid_topology_version = 1 + +# +# From oslo.messaging +# + +# Use durable queues in AMQP. (boolean value) +# Deprecated group/name - [DEFAULT]/amqp_durable_queues +# Deprecated group/name - [DEFAULT]/rabbit_durable_queues +#amqp_durable_queues = false + +# Auto-delete queues in AMQP. (boolean value) +# Deprecated group/name - [DEFAULT]/amqp_auto_delete +#amqp_auto_delete = false + +# Send a single AMQP reply to call message. The current behaviour since oslo- +# incubator is to send two AMQP replies - first one with the payload, a second +# one to ensure the other have finish to send the payload. We are going to +# remove it in the N release, but we must keep backward compatible at the same +# time. This option provides such compatibility - it defaults to False in +# Liberty and can be turned on for early adopters with a new installations or +# for testing. Please note, that this option will be removed in the Mitaka +# release. (boolean value) +#send_single_reply = false + +# Qpid broker hostname. (string value) +# Deprecated group/name - [DEFAULT]/qpid_hostname +#qpid_hostname = localhost + +# Qpid broker port. (integer value) +# Deprecated group/name - [DEFAULT]/qpid_port +#qpid_port = 5672 + +# Qpid HA cluster host:port pairs. (list value) +# Deprecated group/name - [DEFAULT]/qpid_hosts +#qpid_hosts = $qpid_hostname:$qpid_port + +# Username for Qpid connection. (string value) +# Deprecated group/name - [DEFAULT]/qpid_username +#qpid_username = + +# Password for Qpid connection. (string value) +# Deprecated group/name - [DEFAULT]/qpid_password +#qpid_password = + +# Space separated list of SASL mechanisms to use for auth. (string value) +# Deprecated group/name - [DEFAULT]/qpid_sasl_mechanisms +#qpid_sasl_mechanisms = + +# Seconds between connection keepalive heartbeats. (integer value) +# Deprecated group/name - [DEFAULT]/qpid_heartbeat +#qpid_heartbeat = 60 + +# Transport to use, either 'tcp' or 'ssl'. (string value) +# Deprecated group/name - [DEFAULT]/qpid_protocol +#qpid_protocol = tcp + +# Whether to disable the Nagle algorithm. (boolean value) +# Deprecated group/name - [DEFAULT]/qpid_tcp_nodelay +#qpid_tcp_nodelay = true + +# The number of prefetched messages held by receiver. (integer value) +# Deprecated group/name - [DEFAULT]/qpid_receiver_capacity +#qpid_receiver_capacity = 1 + +# The qpid topology version to use. Version 1 is what was originally used by +# impl_qpid. Version 2 includes some backwards-incompatible changes that allow +# broker federation to work. Users should update to version 2 when they are +# able to take everything down, as it requires a clean break. (integer value) +# Deprecated group/name - [DEFAULT]/qpid_topology_version +#qpid_topology_version = 1 + + +[oslo_messaging_rabbit] + +# +# From oslo.messaging +# + +# Use durable queues in AMQP. (boolean value) +# Deprecated group/name - [DEFAULT]/amqp_durable_queues +# Deprecated group/name - [DEFAULT]/rabbit_durable_queues +#amqp_durable_queues = false +amqp_durable_queues = False + +# Auto-delete queues in AMQP. (boolean value) +# Deprecated group/name - [DEFAULT]/amqp_auto_delete +#amqp_auto_delete = false + +# Send a single AMQP reply to call message. The current behaviour since oslo- +# incubator is to send two AMQP replies - first one with the payload, a second +# one to ensure the other have finish to send the payload. We are going to +# remove it in the N release, but we must keep backward compatible at the same +# time. This option provides such compatibility - it defaults to False in +# Liberty and can be turned on for early adopters with a new installations or +# for testing. Please note, that this option will be removed in the Mitaka +# release. (boolean value) +#send_single_reply = false + +# SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and +# SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some +# distributions. (string value) +# Deprecated group/name - [DEFAULT]/kombu_ssl_version +#kombu_ssl_version = + +# SSL key file (valid only if SSL enabled). (string value) +# Deprecated group/name - [DEFAULT]/kombu_ssl_keyfile +#kombu_ssl_keyfile = +kombu_ssl_keyfile = + +# SSL cert file (valid only if SSL enabled). (string value) +# Deprecated group/name - [DEFAULT]/kombu_ssl_certfile +#kombu_ssl_certfile = +kombu_ssl_certfile = + +# SSL certification authority file (valid only if SSL enabled). (string value) +# Deprecated group/name - [DEFAULT]/kombu_ssl_ca_certs +#kombu_ssl_ca_certs = +kombu_ssl_ca_certs = + +# How long to wait before reconnecting in response to an AMQP consumer cancel +# notification. (floating point value) +# Deprecated group/name - [DEFAULT]/kombu_reconnect_delay +#kombu_reconnect_delay = 1.0 + +# How long to wait before considering a reconnect attempt to have failed. This +# value should not be longer than rpc_response_timeout. (integer value) +#kombu_reconnect_timeout = 60 + +# The RabbitMQ broker address where a single node is used. (string value) +# Deprecated group/name - [DEFAULT]/rabbit_host +#rabbit_host = localhost +rabbit_host = VARINET4ADDR + +# The RabbitMQ broker port where a single node is used. (integer value) +# Deprecated group/name - [DEFAULT]/rabbit_port +#rabbit_port = 5672 +rabbit_port = 5672 + +# RabbitMQ HA cluster host:port pairs. (list value) +# Deprecated group/name - [DEFAULT]/rabbit_hosts +#rabbit_hosts = $rabbit_host:$rabbit_port +rabbit_hosts = VARINET4ADDR:5672 + +# Connect over SSL for RabbitMQ. (boolean value) +# Deprecated group/name - [DEFAULT]/rabbit_use_ssl +#rabbit_use_ssl = false +rabbit_use_ssl = False + +# The RabbitMQ userid. (string value) +# Deprecated group/name - [DEFAULT]/rabbit_userid +#rabbit_userid = guest +rabbit_userid = guest + +# The RabbitMQ password. (string value) +# Deprecated group/name - [DEFAULT]/rabbit_password +#rabbit_password = guest +rabbit_password = guest + +# The RabbitMQ login method. (string value) +# Deprecated group/name - [DEFAULT]/rabbit_login_method +#rabbit_login_method = AMQPLAIN + +# The RabbitMQ virtual host. (string value) +# Deprecated group/name - [DEFAULT]/rabbit_virtual_host +#rabbit_virtual_host = / +rabbit_virtual_host = / + +# How frequently to retry connecting with RabbitMQ. (integer value) +#rabbit_retry_interval = 1 + +# How long to backoff for between retries when connecting to RabbitMQ. (integer +# value) +# Deprecated group/name - [DEFAULT]/rabbit_retry_backoff +#rabbit_retry_backoff = 2 + +# Maximum number of RabbitMQ connection retries. Default is 0 (infinite retry +# count). (integer value) +# Deprecated group/name - [DEFAULT]/rabbit_max_retries +#rabbit_max_retries = 0 + +# Use HA queues in RabbitMQ (x-ha-policy: all). If you change this option, you +# must wipe the RabbitMQ database. (boolean value) +# Deprecated group/name - [DEFAULT]/rabbit_ha_queues +#rabbit_ha_queues = false +rabbit_ha_queues = False + +# Specifies the number of messages to prefetch. Setting to zero allows +# unlimited messages. (integer value) +#rabbit_qos_prefetch_count = 0 + +# Number of seconds after which the Rabbit broker is considered down if +# heartbeat's keep-alive fails (0 disable the heartbeat). EXPERIMENTAL (integer +# value) +#heartbeat_timeout_threshold = 60 +heartbeat_timeout_threshold = 0 + +# How often times during the heartbeat_timeout_threshold we check the +# heartbeat. (integer value) +#heartbeat_rate = 2 +heartbeat_rate = 2 + +# Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake (boolean value) +# Deprecated group/name - [DEFAULT]/fake_rabbit +#fake_rabbit = false + +# +# From oslo.messaging +# + +# Use durable queues in AMQP. (boolean value) +# Deprecated group/name - [DEFAULT]/amqp_durable_queues +# Deprecated group/name - [DEFAULT]/rabbit_durable_queues +#amqp_durable_queues = false + +# Auto-delete queues in AMQP. (boolean value) +# Deprecated group/name - [DEFAULT]/amqp_auto_delete +#amqp_auto_delete = false + +# Send a single AMQP reply to call message. The current behaviour since oslo- +# incubator is to send two AMQP replies - first one with the payload, a second +# one to ensure the other have finish to send the payload. We are going to +# remove it in the N release, but we must keep backward compatible at the same +# time. This option provides such compatibility - it defaults to False in +# Liberty and can be turned on for early adopters with a new installations or +# for testing. Please note, that this option will be removed in the Mitaka +# release. (boolean value) +#send_single_reply = false + +# SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and +# SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some +# distributions. (string value) +# Deprecated group/name - [DEFAULT]/kombu_ssl_version +#kombu_ssl_version = + +# SSL key file (valid only if SSL enabled). (string value) +# Deprecated group/name - [DEFAULT]/kombu_ssl_keyfile +#kombu_ssl_keyfile = + +# SSL cert file (valid only if SSL enabled). (string value) +# Deprecated group/name - [DEFAULT]/kombu_ssl_certfile +#kombu_ssl_certfile = + +# SSL certification authority file (valid only if SSL enabled). (string value) +# Deprecated group/name - [DEFAULT]/kombu_ssl_ca_certs +#kombu_ssl_ca_certs = + +# How long to wait before reconnecting in response to an AMQP consumer cancel +# notification. (floating point value) +# Deprecated group/name - [DEFAULT]/kombu_reconnect_delay +#kombu_reconnect_delay = 1.0 + +# How long to wait before considering a reconnect attempt to have failed. This +# value should not be longer than rpc_response_timeout. (integer value) +#kombu_reconnect_timeout = 60 + +# The RabbitMQ broker address where a single node is used. (string value) +# Deprecated group/name - [DEFAULT]/rabbit_host +#rabbit_host = localhost + +# The RabbitMQ broker port where a single node is used. (integer value) +# Deprecated group/name - [DEFAULT]/rabbit_port +#rabbit_port = 5672 + +# RabbitMQ HA cluster host:port pairs. (list value) +# Deprecated group/name - [DEFAULT]/rabbit_hosts +#rabbit_hosts = $rabbit_host:$rabbit_port + +# Connect over SSL for RabbitMQ. (boolean value) +# Deprecated group/name - [DEFAULT]/rabbit_use_ssl +#rabbit_use_ssl = false + +# The RabbitMQ userid. (string value) +# Deprecated group/name - [DEFAULT]/rabbit_userid +#rabbit_userid = guest + +# The RabbitMQ password. (string value) +# Deprecated group/name - [DEFAULT]/rabbit_password +#rabbit_password = guest + +# The RabbitMQ login method. (string value) +# Deprecated group/name - [DEFAULT]/rabbit_login_method +#rabbit_login_method = AMQPLAIN + +# The RabbitMQ virtual host. (string value) +# Deprecated group/name - [DEFAULT]/rabbit_virtual_host +#rabbit_virtual_host = / + +# How frequently to retry connecting with RabbitMQ. (integer value) +#rabbit_retry_interval = 1 + +# How long to backoff for between retries when connecting to RabbitMQ. (integer +# value) +# Deprecated group/name - [DEFAULT]/rabbit_retry_backoff +#rabbit_retry_backoff = 2 + +# Maximum number of RabbitMQ connection retries. Default is 0 (infinite retry +# count). (integer value) +# Deprecated group/name - [DEFAULT]/rabbit_max_retries +#rabbit_max_retries = 0 + +# Use HA queues in RabbitMQ (x-ha-policy: all). If you change this option, you +# must wipe the RabbitMQ database. (boolean value) +# Deprecated group/name - [DEFAULT]/rabbit_ha_queues +#rabbit_ha_queues = false + +# Specifies the number of messages to prefetch. Setting to zero allows +# unlimited messages. (integer value) +#rabbit_qos_prefetch_count = 0 + +# Number of seconds after which the Rabbit broker is considered down if +# heartbeat's keep-alive fails (0 disable the heartbeat). EXPERIMENTAL (integer +# value) +#heartbeat_timeout_threshold = 60 + +# How often times during the heartbeat_timeout_threshold we check the +# heartbeat. (integer value) +#heartbeat_rate = 2 + +# Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake (boolean value) +# Deprecated group/name - [DEFAULT]/fake_rabbit +#fake_rabbit = false + + +[oslo_middleware] + +# +# From oslo.middleware +# + +# The maximum body size for each request, in bytes. (integer value) +# Deprecated group/name - [DEFAULT]/osapi_max_request_body_size +# Deprecated group/name - [DEFAULT]/max_request_body_size +#max_request_body_size = 114688 + +# +# From oslo.middleware +# + +# The HTTP Header that will be used to determine what the original request +# protocol scheme was, even if it was hidden by an SSL termination proxy. +# (string value) +#secure_proxy_ssl_header = X-Forwarded-Proto + + +[oslo_policy] + +# +# From oslo.policy +# + +# The JSON file that defines policies. (string value) +# Deprecated group/name - [DEFAULT]/policy_file +#policy_file = policy.json + +# Default rule. Enforced when a requested rule is not found. (string value) +# Deprecated group/name - [DEFAULT]/policy_default_rule +#policy_default_rule = default + +# Directories where policy configuration files are stored. They can be relative +# to any directory in the search path defined by the config_dir option, or +# absolute paths. The file defined by policy_file must exist for these +# directories to be searched. Missing or empty directories are ignored. (multi +# valued) +# Deprecated group/name - [DEFAULT]/policy_dirs +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#policy_dirs = policy.d + + +[oslo_reports] + +# +# From oslo.reports +# + +# Path to a log directory where to create a file (string value) +#log_dir = + + +[profiler] + +# +# From cinder +# + +# If False fully disable profiling feature. (boolean value) +#profiler_enabled = false + +# If False doesn't trace SQL requests. (boolean value) +#trace_sqlalchemy = false + +[lvm] +iscsi_helper=lioadm +volume_group=cinder-volumes +iscsi_ip_address=VARINET4ADDR +volume_driver=cinder.volume.drivers.lvm.LVMVolumeDriver +volumes_dir=/var/lib/cinder/volumes +iscsi_protocol=iscsi +volume_backend_name=lvm + +[ceph] +volume_driver = cinder.volume.drivers.rbd.RBDDriver +rbd_pool = volumes +rbd_ceph_conf = /etc/ceph/ceph.conf +rbd_flatten_volume_from_snapshot = false +rbd_max_clone_depth = 5 +rbd_store_chunk_size = 4 +rados_connect_timeout = -1 +glance_api_version = 2 +rbd_user=cinder +rbd_secret_uuid=RBDSECRET diff --git a/qa/qa_scripts/openstack/files/glance-api.template.conf b/qa/qa_scripts/openstack/files/glance-api.template.conf new file mode 100644 index 000000000..956fb1bf2 --- /dev/null +++ b/qa/qa_scripts/openstack/files/glance-api.template.conf @@ -0,0 +1,1590 @@ +[DEFAULT] + +# +# From glance.api +# + +# When true, this option sets the owner of an image to be the tenant. +# Otherwise, the owner of the image will be the authenticated user +# issuing the request. (boolean value) +#owner_is_tenant=true + +# Role used to identify an authenticated user as administrator. +# (string value) +#admin_role=admin + +# Allow unauthenticated users to access the API with read-only +# privileges. This only applies when using ContextMiddleware. (boolean +# value) +#allow_anonymous_access=false + +# Limits request ID length. (integer value) +#max_request_id_length=64 + +# Public url to use for versions endpoint. The default is None, which +# will use the request's host_url attribute to populate the URL base. +# If Glance is operating behind a proxy, you will want to change this +# to represent the proxy's URL. (string value) +#public_endpoint= + +# Whether to allow users to specify image properties beyond what the +# image schema provides (boolean value) +#allow_additional_image_properties=true + +# Maximum number of image members per image. Negative values evaluate +# to unlimited. (integer value) +#image_member_quota=128 + +# Maximum number of properties allowed on an image. Negative values +# evaluate to unlimited. (integer value) +#image_property_quota=128 + +# Maximum number of tags allowed on an image. Negative values evaluate +# to unlimited. (integer value) +#image_tag_quota=128 + +# Maximum number of locations allowed on an image. Negative values +# evaluate to unlimited. (integer value) +#image_location_quota=10 + +# Python module path of data access API (string value) +#data_api=glance.db.sqlalchemy.api + +# Default value for the number of items returned by a request if not +# specified explicitly in the request (integer value) +#limit_param_default=25 + +# Maximum permissible number of items that could be returned by a +# request (integer value) +#api_limit_max=1000 + +# Whether to include the backend image storage location in image +# properties. Revealing storage location can be a security risk, so +# use this setting with caution! (boolean value) +#show_image_direct_url=false +show_image_direct_url=True + +# Whether to include the backend image locations in image properties. +# For example, if using the file system store a URL of +# "file:///path/to/image" will be returned to the user in the +# 'direct_url' meta-data field. Revealing storage location can be a +# security risk, so use this setting with caution! The overrides +# show_image_direct_url. (boolean value) +#show_multiple_locations=false + +# Maximum size of image a user can upload in bytes. Defaults to +# 1099511627776 bytes (1 TB).WARNING: this value should only be +# increased after careful consideration and must be set to a value +# under 8 EB (9223372036854775808). (integer value) +# Maximum value: 9223372036854775808 +#image_size_cap=1099511627776 + +# Set a system wide quota for every user. This value is the total +# capacity that a user can use across all storage systems. A value of +# 0 means unlimited.Optional unit can be specified for the value. +# Accepted units are B, KB, MB, GB and TB representing Bytes, +# KiloBytes, MegaBytes, GigaBytes and TeraBytes respectively. If no +# unit is specified then Bytes is assumed. Note that there should not +# be any space between value and unit and units are case sensitive. +# (string value) +#user_storage_quota=0 + +# Deploy the v1 OpenStack Images API. (boolean value) +#enable_v1_api=true + +# Deploy the v2 OpenStack Images API. (boolean value) +#enable_v2_api=true + +# Deploy the v3 OpenStack Objects API. (boolean value) +#enable_v3_api=false + +# Deploy the v1 OpenStack Registry API. (boolean value) +#enable_v1_registry=true + +# Deploy the v2 OpenStack Registry API. (boolean value) +#enable_v2_registry=true + +# The hostname/IP of the pydev process listening for debug connections +# (string value) +#pydev_worker_debug_host= + +# The port on which a pydev process is listening for connections. +# (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#pydev_worker_debug_port=5678 + +# AES key for encrypting store 'location' metadata. This includes, if +# used, Swift or S3 credentials. Should be set to a random string of +# length 16, 24 or 32 bytes (string value) +#metadata_encryption_key= + +# Digest algorithm which will be used for digital signature. Use the +# command "openssl list-message-digest-algorithms" to get the +# available algorithmssupported by the version of OpenSSL on the +# platform. Examples are "sha1", "sha256", "sha512", etc. (string +# value) +#digest_algorithm=sha256 + +# This value sets what strategy will be used to determine the image +# location order. Currently two strategies are packaged with Glance +# 'location_order' and 'store_type'. (string value) +# Allowed values: location_order, store_type +#location_strategy=location_order + +# The location of the property protection file.This file contains the +# rules for property protections and the roles/policies associated +# with it. If this config value is not specified, by default, property +# protections won't be enforced. If a value is specified and the file +# is not found, then the glance-api service will not start. (string +# value) +#property_protection_file= + +# This config value indicates whether "roles" or "policies" are used +# in the property protection file. (string value) +# Allowed values: roles, policies +#property_protection_rule_format=roles + +# Modules of exceptions that are permitted to be recreated upon +# receiving exception data from an rpc call. (list value) +#allowed_rpc_exception_modules=glance.common.exception,exceptions + +# Address to bind the server. Useful when selecting a particular +# network interface. (string value) +#bind_host=0.0.0.0 +bind_host=0.0.0.0 + +# The port on which the server will listen. (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#bind_port= +bind_port=9292 + +# The number of child process workers that will be created to service +# requests. The default will be equal to the number of CPUs available. +# (integer value) +#workers=4 +workers=12 + +# Maximum line size of message headers to be accepted. max_header_line +# may need to be increased when using large tokens (typically those +# generated by the Keystone v3 API with big service catalogs (integer +# value) +#max_header_line=16384 + +# If False, server will return the header "Connection: close", If +# True, server will return "Connection: Keep-Alive" in its responses. +# In order to close the client socket connection explicitly after the +# response is sent and read successfully by the client, you simply +# have to set this option to False when you create a wsgi server. +# (boolean value) +#http_keepalive=true + +# Timeout for client connections' socket operations. If an incoming +# connection is idle for this number of seconds it will be closed. A +# value of '0' means wait forever. (integer value) +#client_socket_timeout=900 + +# The backlog value that will be used when creating the TCP listener +# socket. (integer value) +#backlog=4096 +backlog=4096 + +# The value for the socket option TCP_KEEPIDLE. This is the time in +# seconds that the connection must be idle before TCP starts sending +# keepalive probes. (integer value) +#tcp_keepidle=600 + +# CA certificate file to use to verify connecting clients. (string +# value) +#ca_file= + +# Certificate file to use when starting API server securely. (string +# value) +#cert_file= + +# Private key file to use when starting API server securely. (string +# value) +#key_file= + +# If False fully disable profiling feature. (boolean value) +#enabled=false + +# If False doesn't trace SQL requests. (boolean value) +#trace_sqlalchemy=false + +# The path to the sqlite file database that will be used for image +# cache management. (string value) +#image_cache_sqlite_db=cache.db + +# The driver to use for image cache management. (string value) +#image_cache_driver=sqlite + +# The upper limit (the maximum size of accumulated cache in bytes) +# beyond which pruner, if running, starts cleaning the images cache. +# (integer value) +#image_cache_max_size=10737418240 + +# The amount of time to let an image remain in the cache without being +# accessed. (integer value) +#image_cache_stall_time=86400 + +# Base directory that the Image Cache uses. (string value) +#image_cache_dir=/var/lib/glance/image-cache/ +image_cache_dir=/var/lib/glance/image-cache + +# Default publisher_id for outgoing notifications. (string value) +#default_publisher_id=image.localhost + +# List of disabled notifications. A notification can be given either +# as a notification type to disable a single event, or as a +# notification group prefix to disable all events within a group. +# Example: if this config option is set to ["image.create", +# "metadef_namespace"], then "image.create" notification will not be +# sent after image is created and none of the notifications for +# metadefinition namespaces will be sent. (list value) +#disabled_notifications = + +# Address to find the registry server. (string value) +#registry_host=0.0.0.0 +registry_host=0.0.0.0 + +# Port the registry server is listening on. (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#registry_port=9191 +registry_port=9191 + +# Whether to pass through the user token when making requests to the +# registry. To prevent failures with token expiration during big files +# upload, it is recommended to set this parameter to False.If +# "use_user_token" is not in effect, then admin credentials can be +# specified. (boolean value) +#use_user_token=true + +# The administrators user name. If "use_user_token" is not in effect, +# then admin credentials can be specified. (string value) +#admin_user=%SERVICE_USER% + +# The administrators password. If "use_user_token" is not in effect, +# then admin credentials can be specified. (string value) +#admin_password=%SERVICE_PASSWORD% + +# The tenant name of the administrative user. If "use_user_token" is +# not in effect, then admin tenant name can be specified. (string +# value) +#admin_tenant_name=%SERVICE_TENANT_NAME% + +# The URL to the keystone service. If "use_user_token" is not in +# effect and using keystone auth, then URL of keystone can be +# specified. (string value) +#auth_url= + +# The strategy to use for authentication. If "use_user_token" is not +# in effect, then auth strategy can be specified. (string value) +#auth_strategy=noauth + +# The region for the authentication service. If "use_user_token" is +# not in effect and using keystone auth, then region name can be +# specified. (string value) +#auth_region= + +# The protocol to use for communication with the registry server. +# Either http or https. (string value) +#registry_client_protocol=http +registry_client_protocol=http + +# The path to the key file to use in SSL connections to the registry +# server, if any. Alternately, you may set the GLANCE_CLIENT_KEY_FILE +# environment variable to a filepath of the key file (string value) +#registry_client_key_file= + +# The path to the cert file to use in SSL connections to the registry +# server, if any. Alternately, you may set the GLANCE_CLIENT_CERT_FILE +# environment variable to a filepath of the CA cert file (string +# value) +#registry_client_cert_file= + +# The path to the certifying authority cert file to use in SSL +# connections to the registry server, if any. Alternately, you may set +# the GLANCE_CLIENT_CA_FILE environment variable to a filepath of the +# CA cert file. (string value) +#registry_client_ca_file= + +# When using SSL in connections to the registry server, do not require +# validation via a certifying authority. This is the registry's +# equivalent of specifying --insecure on the command line using +# glanceclient for the API. (boolean value) +#registry_client_insecure=false + +# The period of time, in seconds, that the API server will wait for a +# registry request to complete. A value of 0 implies no timeout. +# (integer value) +#registry_client_timeout=600 + +# Whether to pass through headers containing user and tenant +# information when making requests to the registry. This allows the +# registry to use the context middleware without keystonemiddleware's +# auth_token middleware, removing calls to the keystone auth service. +# It is recommended that when using this option, secure communication +# between glance api and glance registry is ensured by means other +# than auth_token middleware. (boolean value) +#send_identity_headers=false + +# The amount of time in seconds to delay before performing a delete. +# (integer value) +#scrub_time=0 + +# The size of thread pool to be used for scrubbing images. The default +# is one, which signifies serial scrubbing. Any value above one +# indicates the max number of images that may be scrubbed in parallel. +# (integer value) +#scrub_pool_size=1 + +# Turn on/off delayed delete. (boolean value) +#delayed_delete=false + +# Role used to identify an authenticated user as administrator. +# (string value) +#admin_role=admin + +# Whether to pass through headers containing user and tenant +# information when making requests to the registry. This allows the +# registry to use the context middleware without keystonemiddleware's +# auth_token middleware, removing calls to the keystone auth service. +# It is recommended that when using this option, secure communication +# between glance api and glance registry is ensured by means other +# than auth_token middleware. (boolean value) +#send_identity_headers=false + +# +# From oslo.log +# + +# Print debugging output (set logging level to DEBUG instead of +# default INFO level). (boolean value) +#debug=False +debug=True + +# If set to false, will disable INFO logging level, making WARNING the +# default. (boolean value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#verbose=True +verbose=True + +# The name of a logging configuration file. This file is appended to +# any existing logging configuration files. For details about logging +# configuration files, see the Python logging module documentation. +# (string value) +# Deprecated group/name - [DEFAULT]/log_config +#log_config_append= + +# DEPRECATED. A logging.Formatter log message format string which may +# use any of the available logging.LogRecord attributes. This option +# is deprecated. Please use logging_context_format_string and +# logging_default_format_string instead. (string value) +#log_format= + +# Format string for %%(asctime)s in log records. Default: %(default)s +# . (string value) +#log_date_format=%Y-%m-%d %H:%M:%S + +# (Optional) Name of log file to output to. If no default is set, +# logging will go to stdout. (string value) +# Deprecated group/name - [DEFAULT]/logfile +#log_file=/var/log/glance/api.log +log_file=/var/log/glance/api.log + +# (Optional) The base directory used for relative --log-file paths. +# (string value) +# Deprecated group/name - [DEFAULT]/logdir +#log_dir= +log_dir=/var/log/glance + +# Use syslog for logging. Existing syslog format is DEPRECATED and +# will be changed later to honor RFC5424. (boolean value) +#use_syslog=false +use_syslog=False + +# (Optional) Enables or disables syslog rfc5424 format for logging. If +# enabled, prefixes the MSG part of the syslog message with APP-NAME +# (RFC5424). The format without the APP-NAME is deprecated in Kilo, +# and will be removed in Mitaka, along with this option. (boolean +# value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#use_syslog_rfc_format=true + +# Syslog facility to receive log lines. (string value) +#syslog_log_facility=LOG_USER +syslog_log_facility=LOG_USER + +# Log output to standard error. (boolean value) +#use_stderr=False +use_stderr=True + +# Format string to use for log messages with context. (string value) +#logging_context_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s + +# Format string to use for log messages without context. (string +# value) +#logging_default_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s + +# Data to append to log format when level is DEBUG. (string value) +#logging_debug_format_suffix=%(funcName)s %(pathname)s:%(lineno)d + +# Prefix each line of exception output with this format. (string +# value) +#logging_exception_prefix=%(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s + +# List of logger=LEVEL pairs. (list value) +#default_log_levels=amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN + +# Enables or disables publication of error events. (boolean value) +#publish_errors=false + +# The format for an instance that is passed with the log message. +# (string value) +#instance_format="[instance: %(uuid)s] " + +# The format for an instance UUID that is passed with the log message. +# (string value) +#instance_uuid_format="[instance: %(uuid)s] " + +# Enables or disables fatal status of deprecations. (boolean value) +#fatal_deprecations=false + +# +# From oslo.messaging +# + +# Size of RPC connection pool. (integer value) +# Deprecated group/name - [DEFAULT]/rpc_conn_pool_size +#rpc_conn_pool_size=30 + +# ZeroMQ bind address. Should be a wildcard (*), an ethernet +# interface, or IP. The "host" option should point or resolve to this +# address. (string value) +#rpc_zmq_bind_address=* + +# MatchMaker driver. (string value) +#rpc_zmq_matchmaker=local + +# ZeroMQ receiver listening port. (integer value) +#rpc_zmq_port=9501 + +# Number of ZeroMQ contexts, defaults to 1. (integer value) +#rpc_zmq_contexts=1 + +# Maximum number of ingress messages to locally buffer per topic. +# Default is unlimited. (integer value) +#rpc_zmq_topic_backlog= + +# Directory for holding IPC sockets. (string value) +#rpc_zmq_ipc_dir=/var/run/openstack + +# Name of this node. Must be a valid hostname, FQDN, or IP address. +# Must match "host" option, if running Nova. (string value) +#rpc_zmq_host=localhost + +# Seconds to wait before a cast expires (TTL). Only supported by +# impl_zmq. (integer value) +#rpc_cast_timeout=30 + +# Heartbeat frequency. (integer value) +#matchmaker_heartbeat_freq=300 + +# Heartbeat time-to-live. (integer value) +#matchmaker_heartbeat_ttl=600 + +# Size of executor thread pool. (integer value) +# Deprecated group/name - [DEFAULT]/rpc_thread_pool_size +#executor_thread_pool_size=64 + +# The Drivers(s) to handle sending notifications. Possible values are +# messaging, messagingv2, routing, log, test, noop (multi valued) +#notification_driver = +notification_driver =messaging + +# AMQP topic used for OpenStack notifications. (list value) +# Deprecated group/name - [rpc_notifier2]/topics +#notification_topics=notifications + +# Seconds to wait for a response from a call. (integer value) +#rpc_response_timeout=60 + +# A URL representing the messaging driver to use and its full +# configuration. If not set, we fall back to the rpc_backend option +# and driver specific configuration. (string value) +#transport_url= + +# The messaging driver to use, defaults to rabbit. Other drivers +# include qpid and zmq. (string value) +#rpc_backend=rabbit + +# The default exchange under which topics are scoped. May be +# overridden by an exchange name specified in the transport_url +# option. (string value) +#control_exchange=openstack +hw_scsi_model=virtio-scsi +hw_disk_bus=scsi +hw_qemu_guest_agent=yes +os_require_quiesce=yes + +[database] + +# +# From oslo.db +# + +# The file name to use with SQLite. (string value) +# Deprecated group/name - [DEFAULT]/sqlite_db +#sqlite_db=oslo.sqlite + +# If True, SQLite uses synchronous mode. (boolean value) +# Deprecated group/name - [DEFAULT]/sqlite_synchronous +#sqlite_synchronous=true + +# The back end to use for the database. (string value) +# Deprecated group/name - [DEFAULT]/db_backend +#backend=sqlalchemy + +# The SQLAlchemy connection string to use to connect to the database. +# (string value) +# Deprecated group/name - [DEFAULT]/sql_connection +# Deprecated group/name - [DATABASE]/sql_connection +# Deprecated group/name - [sql]/connection +#connection=mysql://glance:glance@localhost/glance +connection=mysql+pymysql://glance:qum5net@VARINET4ADDR/glance + +# The SQLAlchemy connection string to use to connect to the slave +# database. (string value) +#slave_connection= + +# The SQL mode to be used for MySQL sessions. This option, including +# the default, overrides any server-set SQL mode. To use whatever SQL +# mode is set by the server configuration, set this to no value. +# Example: mysql_sql_mode= (string value) +#mysql_sql_mode=TRADITIONAL + +# Timeout before idle SQL connections are reaped. (integer value) +# Deprecated group/name - [DEFAULT]/sql_idle_timeout +# Deprecated group/name - [DATABASE]/sql_idle_timeout +# Deprecated group/name - [sql]/idle_timeout +#idle_timeout=3600 +idle_timeout=3600 + +# Minimum number of SQL connections to keep open in a pool. (integer +# value) +# Deprecated group/name - [DEFAULT]/sql_min_pool_size +# Deprecated group/name - [DATABASE]/sql_min_pool_size +#min_pool_size=1 + +# Maximum number of SQL connections to keep open in a pool. (integer +# value) +# Deprecated group/name - [DEFAULT]/sql_max_pool_size +# Deprecated group/name - [DATABASE]/sql_max_pool_size +#max_pool_size= + +# Maximum number of database connection retries during startup. Set to +# -1 to specify an infinite retry count. (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_retries +# Deprecated group/name - [DATABASE]/sql_max_retries +#max_retries=10 + +# Interval between retries of opening a SQL connection. (integer +# value) +# Deprecated group/name - [DEFAULT]/sql_retry_interval +# Deprecated group/name - [DATABASE]/reconnect_interval +#retry_interval=10 + +# If set, use this value for max_overflow with SQLAlchemy. (integer +# value) +# Deprecated group/name - [DEFAULT]/sql_max_overflow +# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow +#max_overflow= + +# Verbosity of SQL debugging information: 0=None, 100=Everything. +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_connection_debug +#connection_debug=0 + +# Add Python stack traces to SQL as comment strings. (boolean value) +# Deprecated group/name - [DEFAULT]/sql_connection_trace +#connection_trace=false + +# If set, use this value for pool_timeout with SQLAlchemy. (integer +# value) +# Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout +#pool_timeout= + +# Enable the experimental use of database reconnect on connection +# lost. (boolean value) +#use_db_reconnect=false + +# Seconds between retries of a database transaction. (integer value) +#db_retry_interval=1 + +# If True, increases the interval between retries of a database +# operation up to db_max_retry_interval. (boolean value) +#db_inc_retry_interval=true + +# If db_inc_retry_interval is set, the maximum seconds between retries +# of a database operation. (integer value) +#db_max_retry_interval=10 + +# Maximum retries in case of connection error or deadlock error before +# error is raised. Set to -1 to specify an infinite retry count. +# (integer value) +#db_max_retries=20 + +# +# From oslo.db.concurrency +# + +# Enable the experimental use of thread pooling for all DB API calls +# (boolean value) +# Deprecated group/name - [DEFAULT]/dbapi_use_tpool +#use_tpool=false + + +[glance_store] + +# +# From glance.store +# + +# List of stores enabled (list value) +#stores=file,http +stores=rbd +default_store=rbd + +# Default scheme to use to store image data. The scheme must be +# registered by one of the stores defined by the 'stores' config +# option. (string value) +#default_store=file + +# Minimum interval seconds to execute updating dynamic storage +# capabilities based on backend status then. It's not a periodic +# routine, the update logic will be executed only when interval +# seconds elapsed and an operation of store has triggered. The feature +# will be enabled only when the option value greater then zero. +# (integer value) +#store_capabilities_update_min_interval=0 + +# +# From glance.store +# + +# Hostname or IP address of the instance to connect to, or a mongodb +# URI, or a list of hostnames / mongodb URIs. If host is an IPv6 +# literal it must be enclosed in '[' and ']' characters following the +# RFC2732 URL syntax (e.g. '[::1]' for localhost) (string value) +#mongodb_store_uri= + +# Database to use (string value) +#mongodb_store_db= + +# Images will be chunked into objects of this size (in megabytes). For +# best performance, this should be a power of two. (integer value) +#sheepdog_store_chunk_size=64 + +# Port of sheep daemon. (integer value) +#sheepdog_store_port=7000 + +# IP address of sheep daemon. (string value) +#sheepdog_store_address=localhost + +# RADOS images will be chunked into objects of this size (in +# megabytes). For best performance, this should be a power of two. +# (integer value) +rbd_store_chunk_size=8 + +# RADOS pool in which images are stored. (string value) +#rbd_store_pool=images +rbd_store_pool=images + +# RADOS user to authenticate as (only applicable if using Cephx. If +# , a default will be chosen based on the client. section in +# rbd_store_ceph_conf) (string value) +rbd_store_user=glance + +# Ceph configuration file path. If , librados will locate the +# default config. If using cephx authentication, this file should +# include a reference to the right keyring in a client. section +# (string value) +#rbd_store_ceph_conf=/etc/ceph/ceph.conf +rbd_store_ceph_conf=/etc/ceph/ceph.conf + +# Timeout value (in seconds) used when connecting to ceph cluster. If +# value <= 0, no timeout is set and default librados value is used. +# (integer value) +#rados_connect_timeout=0 + +# Directory to which the Filesystem backend store writes images. +# (string value) +#filesystem_store_datadir=/var/lib/glance/images/ + +# List of directories and its priorities to which the Filesystem +# backend store writes images. (multi valued) +#filesystem_store_datadirs = + +# The path to a file which contains the metadata to be returned with +# any location associated with this store. The file must contain a +# valid JSON object. The object should contain the keys 'id' and +# 'mountpoint'. The value for both keys should be 'string'. (string +# value) +#filesystem_store_metadata_file= + +# The required permission for created image file. In this way the user +# other service used, e.g. Nova, who consumes the image could be the +# exclusive member of the group that owns the files created. Assigning +# it less then or equal to zero means don't change the default +# permission of the file. This value will be decoded as an octal +# digit. (integer value) +#filesystem_store_file_perm=0 + +# If True, swiftclient won't check for a valid SSL certificate when +# authenticating. (boolean value) +#swift_store_auth_insecure=false + +# A string giving the CA certificate file to use in SSL connections +# for verifying certs. (string value) +#swift_store_cacert= + +# The region of the swift endpoint to be used for single tenant. This +# setting is only necessary if the tenant has multiple swift +# endpoints. (string value) +#swift_store_region= + +# If set, the configured endpoint will be used. If None, the storage +# url from the auth response will be used. (string value) +#swift_store_endpoint= + +# A string giving the endpoint type of the swift service to use +# (publicURL, adminURL or internalURL). This setting is only used if +# swift_store_auth_version is 2. (string value) +#swift_store_endpoint_type=publicURL + +# A string giving the service type of the swift service to use. This +# setting is only used if swift_store_auth_version is 2. (string +# value) +#swift_store_service_type=object-store + +# Container within the account that the account should use for storing +# images in Swift when using single container mode. In multiple +# container mode, this will be the prefix for all containers. (string +# value) +#swift_store_container=glance + +# The size, in MB, that Glance will start chunking image files and do +# a large object manifest in Swift. (integer value) +#swift_store_large_object_size=5120 + +# The amount of data written to a temporary disk buffer during the +# process of chunking the image file. (integer value) +#swift_store_large_object_chunk_size=200 + +# A boolean value that determines if we create the container if it +# does not exist. (boolean value) +#swift_store_create_container_on_put=false + +# If set to True, enables multi-tenant storage mode which causes +# Glance images to be stored in tenant specific Swift accounts. +# (boolean value) +#swift_store_multi_tenant=false + +# When set to 0, a single-tenant store will only use one container to +# store all images. When set to an integer value between 1 and 32, a +# single-tenant store will use multiple containers to store images, +# and this value will determine how many containers are created.Used +# only when swift_store_multi_tenant is disabled. The total number of +# containers that will be used is equal to 16^N, so if this config +# option is set to 2, then 16^2=256 containers will be used to store +# images. (integer value) +#swift_store_multiple_containers_seed=0 + +# A list of tenants that will be granted read/write access on all +# Swift containers created by Glance in multi-tenant mode. (list +# value) +#swift_store_admin_tenants = + +# If set to False, disables SSL layer compression of https swift +# requests. Setting to False may improve performance for images which +# are already in a compressed format, eg qcow2. (boolean value) +#swift_store_ssl_compression=true + +# The number of times a Swift download will be retried before the +# request fails. (integer value) +#swift_store_retry_get_count=0 + +# The reference to the default swift account/backing store parameters +# to use for adding new images. (string value) +#default_swift_reference=ref1 + +# Version of the authentication service to use. Valid versions are 2 +# and 3 for keystone and 1 (deprecated) for swauth and rackspace. +# (deprecated - use "auth_version" in swift_store_config_file) (string +# value) +#swift_store_auth_version=2 + +# The address where the Swift authentication service is listening. +# (deprecated - use "auth_address" in swift_store_config_file) (string +# value) +#swift_store_auth_address= + +# The user to authenticate against the Swift authentication service +# (deprecated - use "user" in swift_store_config_file) (string value) +#swift_store_user= + +# Auth key for the user authenticating against the Swift +# authentication service. (deprecated - use "key" in +# swift_store_config_file) (string value) +#swift_store_key= + +# The config file that has the swift account(s)configs. (string value) +#swift_store_config_file= + +# ESX/ESXi or vCenter Server target system. The server value can be an +# IP address or a DNS name. (string value) +#vmware_server_host= + +# Username for authenticating with VMware ESX/VC server. (string +# value) +#vmware_server_username= + +# Password for authenticating with VMware ESX/VC server. (string +# value) +#vmware_server_password= + +# DEPRECATED. Inventory path to a datacenter. If the +# vmware_server_host specified is an ESX/ESXi, the +# vmware_datacenter_path is optional. If specified, it should be "ha- +# datacenter". This option is deprecated in favor of vmware_datastores +# and will be removed in the Liberty release. (string value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#vmware_datacenter_path=ha-datacenter + +# DEPRECATED. Datastore associated with the datacenter. This option is +# deprecated in favor of vmware_datastores and will be removed in the +# Liberty release. (string value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#vmware_datastore_name= + +# Number of times VMware ESX/VC server API must be retried upon +# connection related issues. (integer value) +#vmware_api_retry_count=10 + +# The interval used for polling remote tasks invoked on VMware ESX/VC +# server. (integer value) +#vmware_task_poll_interval=5 + +# The name of the directory where the glance images will be stored in +# the VMware datastore. (string value) +#vmware_store_image_dir=/openstack_glance + +# Allow to perform insecure SSL requests to ESX/VC. (boolean value) +#vmware_api_insecure=false + +# A list of datastores where the image can be stored. This option may +# be specified multiple times for specifying multiple datastores. +# Either one of vmware_datastore_name or vmware_datastores is +# required. The datastore name should be specified after its +# datacenter path, separated by ":". An optional weight may be given +# after the datastore name, separated again by ":". Thus, the required +# format becomes ::. +# When adding an image, the datastore with highest weight will be +# selected, unless there is not enough free space available in cases +# where the image size is already known. If no weight is given, it is +# assumed to be zero and the directory will be considered for +# selection last. If multiple datastores have the same weight, then +# the one with the most free space available is selected. (multi +# valued) +#vmware_datastores = + +# The host where the S3 server is listening. (string value) +#s3_store_host= + +# The S3 query token access key. (string value) +#s3_store_access_key= + +# The S3 query token secret key. (string value) +#s3_store_secret_key= + +# The S3 bucket to be used to store the Glance data. (string value) +#s3_store_bucket= + +# The local directory where uploads will be staged before they are +# transferred into S3. (string value) +#s3_store_object_buffer_dir= + +# A boolean to determine if the S3 bucket should be created on upload +# if it does not exist or if an error should be returned to the user. +# (boolean value) +#s3_store_create_bucket_on_put=false + +# The S3 calling format used to determine the bucket. Either subdomain +# or path can be used. (string value) +#s3_store_bucket_url_format=subdomain + +# What size, in MB, should S3 start chunking image files and do a +# multipart upload in S3. (integer value) +#s3_store_large_object_size=100 + +# What multipart upload part size, in MB, should S3 use when uploading +# parts. The size must be greater than or equal to 5M. (integer value) +#s3_store_large_object_chunk_size=10 + +# The number of thread pools to perform a multipart upload in S3. +# (integer value) +#s3_store_thread_pools=10 + +# Enable the use of a proxy. (boolean value) +#s3_store_enable_proxy=false + +# Address or hostname for the proxy server. (string value) +#s3_store_proxy_host= + +# The port to use when connecting over a proxy. (integer value) +#s3_store_proxy_port=8080 + +# The username to connect to the proxy. (string value) +#s3_store_proxy_user= + +# The password to use when connecting over a proxy. (string value) +#s3_store_proxy_password= + +# Info to match when looking for cinder in the service catalog. Format +# is : separated values of the form: +# :: (string value) +#cinder_catalog_info=volume:cinder:publicURL + +# Override service catalog lookup with template for cinder endpoint +# e.g. http://localhost:8776/v1/%(project_id)s (string value) +#cinder_endpoint_template= + +# Region name of this node (string value) +#os_region_name= +os_region_name=RegionOne + +# Location of ca certificates file to use for cinder client requests. +# (string value) +#cinder_ca_certificates_file= + +# Number of cinderclient retries on failed http calls (integer value) +#cinder_http_retries=3 + +# Allow to perform insecure SSL requests to cinder (boolean value) +#cinder_api_insecure=false + + +[image_format] + +# +# From glance.api +# + +# Supported values for the 'container_format' image attribute (list +# value) +# Deprecated group/name - [DEFAULT]/container_formats +#container_formats=ami,ari,aki,bare,ovf,ova + +# Supported values for the 'disk_format' image attribute (list value) +# Deprecated group/name - [DEFAULT]/disk_formats +#disk_formats=ami,ari,aki,vhd,vmdk,raw,qcow2,vdi,iso + + +[keystone_authtoken] + +# +# From keystonemiddleware.auth_token +# + +# Complete public Identity API endpoint. (string value) +#auth_uri= +auth_uri=http://VARINET4ADDR:5000/v2.0 + +# API version of the admin Identity API endpoint. (string value) +#auth_version= + +# Do not handle authorization requests within the middleware, but +# delegate the authorization decision to downstream WSGI components. +# (boolean value) +#delay_auth_decision=false + +# Request timeout value for communicating with Identity API server. +# (integer value) +#http_connect_timeout= + +# How many times are we trying to reconnect when communicating with +# Identity API Server. (integer value) +#http_request_max_retries=3 + +# Env key for the swift cache. (string value) +#cache= + +# Required if identity server requires client certificate (string +# value) +#certfile= + +# Required if identity server requires client certificate (string +# value) +#keyfile= + +# A PEM encoded Certificate Authority to use when verifying HTTPs +# connections. Defaults to system CAs. (string value) +#cafile= + +# Verify HTTPS connections. (boolean value) +#insecure=false + +# The region in which the identity server can be found. (string value) +#region_name= + +# Directory used to cache files related to PKI tokens. (string value) +#signing_dir= + +# Optionally specify a list of memcached server(s) to use for caching. +# If left undefined, tokens will instead be cached in-process. (list +# value) +# Deprecated group/name - [DEFAULT]/memcache_servers +#memcached_servers= + +# In order to prevent excessive effort spent validating tokens, the +# middleware caches previously-seen tokens for a configurable duration +# (in seconds). Set to -1 to disable caching completely. (integer +# value) +#token_cache_time=300 + +# Determines the frequency at which the list of revoked tokens is +# retrieved from the Identity service (in seconds). A high number of +# revocation events combined with a low cache duration may +# significantly reduce performance. (integer value) +#revocation_cache_time=10 + +# (Optional) If defined, indicate whether token data should be +# authenticated or authenticated and encrypted. Acceptable values are +# MAC or ENCRYPT. If MAC, token data is authenticated (with HMAC) in +# the cache. If ENCRYPT, token data is encrypted and authenticated in +# the cache. If the value is not one of these options or empty, +# auth_token will raise an exception on initialization. (string value) +#memcache_security_strategy= + +# (Optional, mandatory if memcache_security_strategy is defined) This +# string is used for key derivation. (string value) +#memcache_secret_key= + +# (Optional) Number of seconds memcached server is considered dead +# before it is tried again. (integer value) +#memcache_pool_dead_retry=300 + +# (Optional) Maximum total number of open connections to every +# memcached server. (integer value) +#memcache_pool_maxsize=10 + +# (Optional) Socket timeout in seconds for communicating with a +# memcached server. (integer value) +#memcache_pool_socket_timeout=3 + +# (Optional) Number of seconds a connection to memcached is held +# unused in the pool before it is closed. (integer value) +#memcache_pool_unused_timeout=60 + +# (Optional) Number of seconds that an operation will wait to get a +# memcached client connection from the pool. (integer value) +#memcache_pool_conn_get_timeout=10 + +# (Optional) Use the advanced (eventlet safe) memcached client pool. +# The advanced pool will only work under python 2.x. (boolean value) +#memcache_use_advanced_pool=false + +# (Optional) Indicate whether to set the X-Service-Catalog header. If +# False, middleware will not ask for service catalog on token +# validation and will not set the X-Service-Catalog header. (boolean +# value) +#include_service_catalog=true + +# Used to control the use and type of token binding. Can be set to: +# "disabled" to not check token binding. "permissive" (default) to +# validate binding information if the bind type is of a form known to +# the server and ignore it if not. "strict" like "permissive" but if +# the bind type is unknown the token will be rejected. "required" any +# form of token binding is needed to be allowed. Finally the name of a +# binding method that must be present in tokens. (string value) +#enforce_token_bind=permissive + +# If true, the revocation list will be checked for cached tokens. This +# requires that PKI tokens are configured on the identity server. +# (boolean value) +#check_revocations_for_cached=false + +# Hash algorithms to use for hashing PKI tokens. This may be a single +# algorithm or multiple. The algorithms are those supported by Python +# standard hashlib.new(). The hashes will be tried in the order given, +# so put the preferred one first for performance. The result of the +# first hash will be stored in the cache. This will typically be set +# to multiple values only while migrating from a less secure algorithm +# to a more secure one. Once all the old tokens are expired this +# option should be set to a single value for better performance. (list +# value) +#hash_algorithms=md5 + +# Prefix to prepend at the beginning of the path. Deprecated, use +# identity_uri. (string value) +#auth_admin_prefix = + +# Host providing the admin Identity API endpoint. Deprecated, use +# identity_uri. (string value) +#auth_host=127.0.0.1 + +# Port of the admin Identity API endpoint. Deprecated, use +# identity_uri. (integer value) +#auth_port=35357 + +# Protocol of the admin Identity API endpoint (http or https). +# Deprecated, use identity_uri. (string value) +#auth_protocol=http + +# Complete admin Identity API endpoint. This should specify the +# unversioned root endpoint e.g. https://localhost:35357/ (string +# value) +#identity_uri= +identity_uri=http://VARINET4ADDR:35357 + +# This option is deprecated and may be removed in a future release. +# Single shared secret with the Keystone configuration used for +# bootstrapping a Keystone installation, or otherwise bypassing the +# normal authentication process. This option should not be used, use +# `admin_user` and `admin_password` instead. (string value) +#admin_token= + +# Service username. (string value) +#admin_user= +admin_user=glance + +# Service user password. (string value) +#admin_password= +admin_password=qum5net + +# Service tenant name. (string value) +#admin_tenant_name=admin +admin_tenant_name=services + + +[matchmaker_redis] + +# +# From oslo.messaging +# + +# Host to locate redis. (string value) +#host=127.0.0.1 + +# Use this port to connect to redis host. (integer value) +#port=6379 + +# Password for Redis server (optional). (string value) +#password= + + +[matchmaker_ring] + +# +# From oslo.messaging +# + +# Matchmaker ring file (JSON). (string value) +# Deprecated group/name - [DEFAULT]/matchmaker_ringfile +#ringfile=/etc/oslo/matchmaker_ring.json + + +[oslo_concurrency] + +# +# From oslo.concurrency +# + +# Enables or disables inter-process locks. (boolean value) +# Deprecated group/name - [DEFAULT]/disable_process_locking +#disable_process_locking=false + +# Directory to use for lock files. For security, the specified +# directory should only be writable by the user running the processes +# that need locking. Defaults to environment variable OSLO_LOCK_PATH. +# If external locks are used, a lock path must be set. (string value) +# Deprecated group/name - [DEFAULT]/lock_path +#lock_path= + + +[oslo_messaging_amqp] + +# +# From oslo.messaging +# + +# address prefix used when sending to a specific server (string value) +# Deprecated group/name - [amqp1]/server_request_prefix +#server_request_prefix=exclusive + +# address prefix used when broadcasting to all servers (string value) +# Deprecated group/name - [amqp1]/broadcast_prefix +#broadcast_prefix=broadcast + +# address prefix when sending to any server in group (string value) +# Deprecated group/name - [amqp1]/group_request_prefix +#group_request_prefix=unicast + +# Name for the AMQP container (string value) +# Deprecated group/name - [amqp1]/container_name +#container_name= + +# Timeout for inactive connections (in seconds) (integer value) +# Deprecated group/name - [amqp1]/idle_timeout +#idle_timeout=0 + +# Debug: dump AMQP frames to stdout (boolean value) +# Deprecated group/name - [amqp1]/trace +#trace=false + +# CA certificate PEM file to verify server certificate (string value) +# Deprecated group/name - [amqp1]/ssl_ca_file +#ssl_ca_file = + +# Identifying certificate PEM file to present to clients (string +# value) +# Deprecated group/name - [amqp1]/ssl_cert_file +#ssl_cert_file = + +# Private key PEM file used to sign cert_file certificate (string +# value) +# Deprecated group/name - [amqp1]/ssl_key_file +#ssl_key_file = + +# Password for decrypting ssl_key_file (if encrypted) (string value) +# Deprecated group/name - [amqp1]/ssl_key_password +#ssl_key_password= + +# Accept clients using either SSL or plain TCP (boolean value) +# Deprecated group/name - [amqp1]/allow_insecure_clients +#allow_insecure_clients=false + + +[oslo_messaging_qpid] + +# +# From oslo.messaging +# + +# Use durable queues in AMQP. (boolean value) +# Deprecated group/name - [DEFAULT]/amqp_durable_queues +# Deprecated group/name - [DEFAULT]/rabbit_durable_queues +#amqp_durable_queues=false + +# Auto-delete queues in AMQP. (boolean value) +# Deprecated group/name - [DEFAULT]/amqp_auto_delete +#amqp_auto_delete=false + +# Send a single AMQP reply to call message. The current behaviour +# since oslo-incubator is to send two AMQP replies - first one with +# the payload, a second one to ensure the other have finish to send +# the payload. We are going to remove it in the N release, but we must +# keep backward compatible at the same time. This option provides such +# compatibility - it defaults to False in Liberty and can be turned on +# for early adopters with a new installations or for testing. Please +# note, that this option will be removed in the Mitaka release. +# (boolean value) +#send_single_reply=false + +# Qpid broker hostname. (string value) +# Deprecated group/name - [DEFAULT]/qpid_hostname +#qpid_hostname=localhost + +# Qpid broker port. (integer value) +# Deprecated group/name - [DEFAULT]/qpid_port +#qpid_port=5672 + +# Qpid HA cluster host:port pairs. (list value) +# Deprecated group/name - [DEFAULT]/qpid_hosts +#qpid_hosts=$qpid_hostname:$qpid_port + +# Username for Qpid connection. (string value) +# Deprecated group/name - [DEFAULT]/qpid_username +#qpid_username = + +# Password for Qpid connection. (string value) +# Deprecated group/name - [DEFAULT]/qpid_password +#qpid_password = + +# Space separated list of SASL mechanisms to use for auth. (string +# value) +# Deprecated group/name - [DEFAULT]/qpid_sasl_mechanisms +#qpid_sasl_mechanisms = + +# Seconds between connection keepalive heartbeats. (integer value) +# Deprecated group/name - [DEFAULT]/qpid_heartbeat +#qpid_heartbeat=60 + +# Transport to use, either 'tcp' or 'ssl'. (string value) +# Deprecated group/name - [DEFAULT]/qpid_protocol +#qpid_protocol=tcp + +# Whether to disable the Nagle algorithm. (boolean value) +# Deprecated group/name - [DEFAULT]/qpid_tcp_nodelay +#qpid_tcp_nodelay=true + +# The number of prefetched messages held by receiver. (integer value) +# Deprecated group/name - [DEFAULT]/qpid_receiver_capacity +#qpid_receiver_capacity=1 + +# The qpid topology version to use. Version 1 is what was originally +# used by impl_qpid. Version 2 includes some backwards-incompatible +# changes that allow broker federation to work. Users should update +# to version 2 when they are able to take everything down, as it +# requires a clean break. (integer value) +# Deprecated group/name - [DEFAULT]/qpid_topology_version +#qpid_topology_version=1 + + +[oslo_messaging_rabbit] + +# +# From oslo.messaging +# + +# Use durable queues in AMQP. (boolean value) +# Deprecated group/name - [DEFAULT]/amqp_durable_queues +# Deprecated group/name - [DEFAULT]/rabbit_durable_queues +#amqp_durable_queues=false +amqp_durable_queues=False + +# Auto-delete queues in AMQP. (boolean value) +# Deprecated group/name - [DEFAULT]/amqp_auto_delete +#amqp_auto_delete=false + +# Send a single AMQP reply to call message. The current behaviour +# since oslo-incubator is to send two AMQP replies - first one with +# the payload, a second one to ensure the other have finish to send +# the payload. We are going to remove it in the N release, but we must +# keep backward compatible at the same time. This option provides such +# compatibility - it defaults to False in Liberty and can be turned on +# for early adopters with a new installations or for testing. Please +# note, that this option will be removed in the Mitaka release. +# (boolean value) +#send_single_reply=false + +# SSL version to use (valid only if SSL enabled). Valid values are +# TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be +# available on some distributions. (string value) +# Deprecated group/name - [DEFAULT]/kombu_ssl_version +#kombu_ssl_version = + +# SSL key file (valid only if SSL enabled). (string value) +# Deprecated group/name - [DEFAULT]/kombu_ssl_keyfile +#kombu_ssl_keyfile = + +# SSL cert file (valid only if SSL enabled). (string value) +# Deprecated group/name - [DEFAULT]/kombu_ssl_certfile +#kombu_ssl_certfile = + +# SSL certification authority file (valid only if SSL enabled). +# (string value) +# Deprecated group/name - [DEFAULT]/kombu_ssl_ca_certs +#kombu_ssl_ca_certs = + +# How long to wait before reconnecting in response to an AMQP consumer +# cancel notification. (floating point value) +# Deprecated group/name - [DEFAULT]/kombu_reconnect_delay +#kombu_reconnect_delay=1.0 + +# How long to wait before considering a reconnect attempt to have +# failed. This value should not be longer than rpc_response_timeout. +# (integer value) +#kombu_reconnect_timeout=60 + +# The RabbitMQ broker address where a single node is used. (string +# value) +# Deprecated group/name - [DEFAULT]/rabbit_host +#rabbit_host=localhost +rabbit_host=VARINET4ADDR + +# The RabbitMQ broker port where a single node is used. (integer +# value) +# Deprecated group/name - [DEFAULT]/rabbit_port +#rabbit_port=5672 +rabbit_port=5672 + +# RabbitMQ HA cluster host:port pairs. (list value) +# Deprecated group/name - [DEFAULT]/rabbit_hosts +#rabbit_hosts=$rabbit_host:$rabbit_port +rabbit_hosts=VARINET4ADDR:5672 + +# Connect over SSL for RabbitMQ. (boolean value) +# Deprecated group/name - [DEFAULT]/rabbit_use_ssl +#rabbit_use_ssl=false +rabbit_use_ssl=False + +# The RabbitMQ userid. (string value) +# Deprecated group/name - [DEFAULT]/rabbit_userid +#rabbit_userid=guest +rabbit_userid=guest + +# The RabbitMQ password. (string value) +# Deprecated group/name - [DEFAULT]/rabbit_password +#rabbit_password=guest +rabbit_password=guest + +# The RabbitMQ login method. (string value) +# Deprecated group/name - [DEFAULT]/rabbit_login_method +#rabbit_login_method=AMQPLAIN + +# The RabbitMQ virtual host. (string value) +# Deprecated group/name - [DEFAULT]/rabbit_virtual_host +#rabbit_virtual_host=/ +rabbit_virtual_host=/ + +# How frequently to retry connecting with RabbitMQ. (integer value) +#rabbit_retry_interval=1 + +# How long to backoff for between retries when connecting to RabbitMQ. +# (integer value) +# Deprecated group/name - [DEFAULT]/rabbit_retry_backoff +#rabbit_retry_backoff=2 + +# Maximum number of RabbitMQ connection retries. Default is 0 +# (infinite retry count). (integer value) +# Deprecated group/name - [DEFAULT]/rabbit_max_retries +#rabbit_max_retries=0 + +# Use HA queues in RabbitMQ (x-ha-policy: all). If you change this +# option, you must wipe the RabbitMQ database. (boolean value) +# Deprecated group/name - [DEFAULT]/rabbit_ha_queues +#rabbit_ha_queues=false +rabbit_ha_queues=False + +# Number of seconds after which the Rabbit broker is considered down +# if heartbeat's keep-alive fails (0 disable the heartbeat). +# EXPERIMENTAL (integer value) +#heartbeat_timeout_threshold=60 +heartbeat_timeout_threshold=0 + +# How often times during the heartbeat_timeout_threshold we check the +# heartbeat. (integer value) +#heartbeat_rate=2 +heartbeat_rate=2 + +# Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake +# (boolean value) +# Deprecated group/name - [DEFAULT]/fake_rabbit +#fake_rabbit=false +rabbit_notification_exchange=glance +rabbit_notification_topic=notifications + + +[oslo_policy] + +# +# From oslo.policy +# + +# The JSON file that defines policies. (string value) +# Deprecated group/name - [DEFAULT]/policy_file +#policy_file=policy.json + +# Default rule. Enforced when a requested rule is not found. (string +# value) +# Deprecated group/name - [DEFAULT]/policy_default_rule +#policy_default_rule=default + +# Directories where policy configuration files are stored. They can be +# relative to any directory in the search path defined by the +# config_dir option, or absolute paths. The file defined by +# policy_file must exist for these directories to be searched. +# Missing or empty directories are ignored. (multi valued) +# Deprecated group/name - [DEFAULT]/policy_dirs +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#policy_dirs=policy.d + + +[paste_deploy] + +# +# From glance.api +# + +# Partial name of a pipeline in your paste configuration file with the +# service name removed. For example, if your paste section name is +# [pipeline:glance-api-keystone] use the value "keystone" (string +# value) +#flavor= +flavor=keystone + +# Name of the paste configuration file. (string value) +#config_file=/usr/share/glance/glance-api-dist-paste.ini + + +[store_type_location_strategy] + +# +# From glance.api +# + +# The store names to use to get store preference order. The name must +# be registered by one of the stores defined by the 'stores' config +# option. This option will be applied when you using 'store_type' +# option as image location strategy defined by the 'location_strategy' +# config option. (list value) +#store_type_preference = + + +[task] + +# +# From glance.api +# + +# Time in hours for which a task lives after, either succeeding or +# failing (integer value) +# Deprecated group/name - [DEFAULT]/task_time_to_live +#task_time_to_live=48 + +# Specifies which task executor to be used to run the task scripts. +# (string value) +#task_executor=taskflow + +# Work dir for asynchronous task operations. The directory set here +# will be used to operate over images - normally before they are +# imported in the destination store. When providing work dir, make +# sure enough space is provided for concurrent tasks to run +# efficiently without running out of space. A rough estimation can be +# done by multiplying the number of `max_workers` - or the N of +# workers running - by an average image size (e.g 500MB). The image +# size estimation should be done based on the average size in your +# deployment. Note that depending on the tasks running you may need to +# multiply this number by some factor depending on what the task does. +# For example, you may want to double the available size if image +# conversion is enabled. All this being said, remember these are just +# estimations and you should do them based on the worst case scenario +# and be prepared to act in case they were wrong. (string value) +#work_dir= + + +[taskflow_executor] + +# +# From glance.api +# + +# The mode in which the engine will run. Can be 'serial' or +# 'parallel'. (string value) +# Allowed values: serial, parallel +#engine_mode=parallel + +# The number of parallel activities executed at the same time by the +# engine. The value can be greater than one when the engine mode is +# 'parallel'. (integer value) +# Deprecated group/name - [task]/eventlet_executor_pool_size +#max_workers=10 diff --git a/qa/qa_scripts/openstack/files/kilo.template.conf b/qa/qa_scripts/openstack/files/kilo.template.conf new file mode 100644 index 000000000..35d359c89 --- /dev/null +++ b/qa/qa_scripts/openstack/files/kilo.template.conf @@ -0,0 +1,1077 @@ +[general] + +# Path to a public key to install on servers. If a usable key has not +# been installed on the remote servers, the user is prompted for a +# password and this key is installed so the password will not be +# required again. +CONFIG_SSH_KEY=/root/.ssh/id_rsa.pub + +# Default password to be used everywhere (overridden by passwords set +# for individual services or users). +CONFIG_DEFAULT_PASSWORD= + +# Specify 'y' to install MariaDB. ['y', 'n'] +CONFIG_MARIADB_INSTALL=y + +# Specify 'y' to install OpenStack Image Service (glance). ['y', 'n'] +CONFIG_GLANCE_INSTALL=y + +# Specify 'y' to install OpenStack Block Storage (cinder). ['y', 'n'] +CONFIG_CINDER_INSTALL=y + +# Specify 'y' to install OpenStack Compute (nova). ['y', 'n'] +CONFIG_NOVA_INSTALL=y + +# Specify 'y' to install OpenStack Networking (neutron); otherwise, +# Compute Networking (nova) will be used. ['y', 'n'] +CONFIG_NEUTRON_INSTALL=y + +# Specify 'y' to install OpenStack Dashboard (horizon). ['y', 'n'] +CONFIG_HORIZON_INSTALL=y + +# Specify 'y' to install OpenStack Object Storage (swift). ['y', 'n'] +CONFIG_SWIFT_INSTALL=y + +# Specify 'y' to install OpenStack Metering (ceilometer). ['y', 'n'] +CONFIG_CEILOMETER_INSTALL=y + +# Specify 'y' to install OpenStack Data Processing (sahara). In case +# of sahara installation packstack also installs heat.['y', 'n'] +CONFIG_SAHARA_INSTALL=n + +# Specify 'y' to install OpenStack Orchestration (heat). ['y', 'n'] +CONFIG_HEAT_INSTALL=n + +# Specify 'y' to install OpenStack Database (trove) ['y', 'n'] +CONFIG_TROVE_INSTALL=n + +# Specify 'y' to install OpenStack Bare Metal Provisioning (ironic). +# ['y', 'n'] +CONFIG_IRONIC_INSTALL=n + +# Specify 'y' to install the OpenStack Client packages (command-line +# tools). An admin "rc" file will also be installed. ['y', 'n'] +CONFIG_CLIENT_INSTALL=y + +# Comma-separated list of NTP servers. Leave plain if Packstack +# should not install ntpd on instances. +CONFIG_NTP_SERVERS=clock.redhat.com + +# Specify 'y' to install Nagios to monitor OpenStack hosts. Nagios +# provides additional tools for monitoring the OpenStack environment. +# ['n'] +CONFIG_NAGIOS_INSTALL=n + +# Comma-separated list of servers to be excluded from the +# installation. This is helpful if you are running Packstack a second +# time with the same answer file and do not want Packstack to +# overwrite these server's configurations. Leave empty if you do not +# need to exclude any servers. +EXCLUDE_SERVERS= + +# Specify 'y' if you want to run OpenStack services in debug mode; +# otherwise, specify 'n'. ['y', 'n'] +CONFIG_DEBUG_MODE=y + +# Server on which to install OpenStack services specific to the +# controller role (for example, API servers or dashboard). +CONFIG_CONTROLLER_HOST=VARINET4ADDR + +# List the servers on which to install the Compute service. +CONFIG_COMPUTE_HOSTS=VARINET4ADDR + +# List of servers on which to install the network service such as +# Compute networking (nova network) or OpenStack Networking (neutron). +CONFIG_NETWORK_HOSTS=VARINET4ADDR + +# Specify 'y' if you want to use VMware vCenter as hypervisor and +# storage; otherwise, specify 'n'. ['y', 'n'] +CONFIG_VMWARE_BACKEND=n + +# Specify 'y' if you want to use unsupported parameters. This should +# be used only if you know what you are doing. Issues caused by using +# unsupported options will not be fixed before the next major release. +# ['y', 'n'] +CONFIG_UNSUPPORTED=n + +# Specify 'y' if you want to use subnet addresses (in CIDR format) +# instead of interface names in following options: +# CONFIG_NOVA_COMPUTE_PRIVIF, CONFIG_NOVA_NETWORK_PRIVIF, +# CONFIG_NOVA_NETWORK_PUBIF, CONFIG_NEUTRON_OVS_BRIDGE_IFACES, +# CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS, CONFIG_NEUTRON_OVS_TUNNEL_IF. +# This is useful for cases when interface names are not same on all +# installation hosts. +CONFIG_USE_SUBNETS=n + +# IP address of the VMware vCenter server. +CONFIG_VCENTER_HOST= + +# User name for VMware vCenter server authentication. +CONFIG_VCENTER_USER= + +# Password for VMware vCenter server authentication. +CONFIG_VCENTER_PASSWORD= + +# Comma separated list of names of the VMware vCenter clusters. Note: +# if multiple clusters are specified each one is mapped to one +# compute, otherwise all computes are mapped to same cluster. +CONFIG_VCENTER_CLUSTER_NAMES= + +# (Unsupported!) Server on which to install OpenStack services +# specific to storage servers such as Image or Block Storage services. +CONFIG_STORAGE_HOST=VARINET4ADDR + +# (Unsupported!) Server on which to install OpenStack services +# specific to OpenStack Data Processing (sahara). +CONFIG_SAHARA_HOST=VARINET4ADDR + +# Specify 'y' to enable the EPEL repository (Extra Packages for +# Enterprise Linux). ['y', 'n'] +CONFIG_USE_EPEL=n + +# Comma-separated list of URLs for any additional yum repositories, +# to use for installation. +CONFIG_REPO= + +# Specify 'y' to enable the RDO testing repository. ['y', 'n'] +CONFIG_ENABLE_RDO_TESTING=n + +# To subscribe each server with Red Hat Subscription Manager, include +# this with CONFIG_RH_PW. +CONFIG_RH_USER= + +# To subscribe each server to receive updates from a Satellite +# server, provide the URL of the Satellite server. You must also +# provide a user name (CONFIG_SATELLITE_USERNAME) and password +# (CONFIG_SATELLITE_PASSWORD) or an access key (CONFIG_SATELLITE_AKEY) +# for authentication. +CONFIG_SATELLITE_URL= + +# To subscribe each server with Red Hat Subscription Manager, include +# this with CONFIG_RH_USER. +CONFIG_RH_PW= + +# Specify 'y' to enable RHEL optional repositories. ['y', 'n'] +CONFIG_RH_OPTIONAL=y + +# HTTP proxy to use with Red Hat Subscription Manager. +CONFIG_RH_PROXY= + +# Port to use for Red Hat Subscription Manager's HTTP proxy. +CONFIG_RH_PROXY_PORT= + +# User name to use for Red Hat Subscription Manager's HTTP proxy. +CONFIG_RH_PROXY_USER= + +# Password to use for Red Hat Subscription Manager's HTTP proxy. +CONFIG_RH_PROXY_PW= + +# User name to authenticate with the RHN Satellite server; if you +# intend to use an access key for Satellite authentication, leave this +# blank. +CONFIG_SATELLITE_USER= + +# Password to authenticate with the RHN Satellite server; if you +# intend to use an access key for Satellite authentication, leave this +# blank. +CONFIG_SATELLITE_PW= + +# Access key for the Satellite server; if you intend to use a user +# name and password for Satellite authentication, leave this blank. +CONFIG_SATELLITE_AKEY= + +# Certificate path or URL of the certificate authority to verify that +# the connection with the Satellite server is secure. If you are not +# using Satellite in your deployment, leave this blank. +CONFIG_SATELLITE_CACERT= + +# Profile name that should be used as an identifier for the system in +# RHN Satellite (if required). +CONFIG_SATELLITE_PROFILE= + +# Comma-separated list of flags passed to the rhnreg_ks command. +# Valid flags are: novirtinfo, norhnsd, nopackages ['novirtinfo', +# 'norhnsd', 'nopackages'] +CONFIG_SATELLITE_FLAGS= + +# HTTP proxy to use when connecting to the RHN Satellite server (if +# required). +CONFIG_SATELLITE_PROXY= + +# User name to authenticate with the Satellite-server HTTP proxy. +CONFIG_SATELLITE_PROXY_USER= + +# User password to authenticate with the Satellite-server HTTP proxy. +CONFIG_SATELLITE_PROXY_PW= + +# Specify filepath for CA cert file. If CONFIG_SSL_CACERT_SELFSIGN is +# set to 'n' it has to be preexisting file. +CONFIG_SSL_CACERT_FILE=/etc/pki/tls/certs/selfcert.crt + +# Specify filepath for CA cert key file. If +# CONFIG_SSL_CACERT_SELFSIGN is set to 'n' it has to be preexisting +# file. +CONFIG_SSL_CACERT_KEY_FILE=/etc/pki/tls/private/selfkey.key + +# Enter the path to use to store generated SSL certificates in. +CONFIG_SSL_CERT_DIR=~/packstackca/ + +# Specify 'y' if you want Packstack to pregenerate the CA +# Certificate. +CONFIG_SSL_CACERT_SELFSIGN=y + +# Enter the selfsigned CAcert subject country. +CONFIG_SELFSIGN_CACERT_SUBJECT_C=-- + +# Enter the selfsigned CAcert subject state. +CONFIG_SELFSIGN_CACERT_SUBJECT_ST=State + +# Enter the selfsigned CAcert subject location. +CONFIG_SELFSIGN_CACERT_SUBJECT_L=City + +# Enter the selfsigned CAcert subject organization. +CONFIG_SELFSIGN_CACERT_SUBJECT_O=openstack + +# Enter the selfsigned CAcert subject organizational unit. +CONFIG_SELFSIGN_CACERT_SUBJECT_OU=packstack + +# Enter the selfsigned CAcert subject common name. +CONFIG_SELFSIGN_CACERT_SUBJECT_CN=VARHOSTNAME + +CONFIG_SELFSIGN_CACERT_SUBJECT_MAIL=admin@VARHOSTNAME + +# Service to be used as the AMQP broker. Allowed values are: qpid, +# rabbitmq ['qpid', 'rabbitmq'] +CONFIG_AMQP_BACKEND=rabbitmq + +# IP address of the server on which to install the AMQP service. +CONFIG_AMQP_HOST=VARINET4ADDR + +# Specify 'y' to enable SSL for the AMQP service. ['y', 'n'] +CONFIG_AMQP_ENABLE_SSL=n + +# Specify 'y' to enable authentication for the AMQP service. ['y', +# 'n'] +CONFIG_AMQP_ENABLE_AUTH=n + +# Password for the NSS certificate database of the AMQP service. +CONFIG_AMQP_NSS_CERTDB_PW=PW_PLACEHOLDER + +# User for AMQP authentication. +CONFIG_AMQP_AUTH_USER=amqp_user + +# Password for AMQP authentication. +CONFIG_AMQP_AUTH_PASSWORD=PW_PLACEHOLDER + +# IP address of the server on which to install MariaDB. If a MariaDB +# installation was not specified in CONFIG_MARIADB_INSTALL, specify +# the IP address of an existing database server (a MariaDB cluster can +# also be specified). +CONFIG_MARIADB_HOST=VARINET4ADDR + +# User name for the MariaDB administrative user. +CONFIG_MARIADB_USER=root + +# Password for the MariaDB administrative user. +CONFIG_MARIADB_PW=qum5net + +# Password to use for the Identity service (keystone) to access the +# database. +CONFIG_KEYSTONE_DB_PW=qum5net + +# Enter y if cron job for removing soft deleted DB rows should be +# created. +CONFIG_KEYSTONE_DB_PURGE_ENABLE=True + +# Default region name to use when creating tenants in the Identity +# service. +CONFIG_KEYSTONE_REGION=RegionOne + +# Token to use for the Identity service API. +CONFIG_KEYSTONE_ADMIN_TOKEN=9390caff845749c3ac74453eb4f384e2 + +# Email address for the Identity service 'admin' user. Defaults to +CONFIG_KEYSTONE_ADMIN_EMAIL=root@localhost + +# User name for the Identity service 'admin' user. Defaults to +# 'admin'. +CONFIG_KEYSTONE_ADMIN_USERNAME=admin + +# Password to use for the Identity service 'admin' user. +CONFIG_KEYSTONE_ADMIN_PW=qum5net + +# Password to use for the Identity service 'demo' user. +CONFIG_KEYSTONE_DEMO_PW=qum5net + +# Identity service API version string. ['v2.0', 'v3'] +CONFIG_KEYSTONE_API_VERSION=v2.0 + +# Identity service token format (UUID or PKI). The recommended format +# for new deployments is UUID. ['UUID', 'PKI'] +CONFIG_KEYSTONE_TOKEN_FORMAT=UUID + +# Name of service to use to run the Identity service (keystone or +# httpd). ['keystone', 'httpd'] +CONFIG_KEYSTONE_SERVICE_NAME=httpd + +# Type of Identity service backend (sql or ldap). ['sql', 'ldap'] +CONFIG_KEYSTONE_IDENTITY_BACKEND=sql + +# URL for the Identity service LDAP backend. +CONFIG_KEYSTONE_LDAP_URL=ldap://VARINET4ADDR + +# User DN for the Identity service LDAP backend. Used to bind to the +# LDAP server if the LDAP server does not allow anonymous +# authentication. +CONFIG_KEYSTONE_LDAP_USER_DN= + +# User DN password for the Identity service LDAP backend. +CONFIG_KEYSTONE_LDAP_USER_PASSWORD= + +# Base suffix for the Identity service LDAP backend. +CONFIG_KEYSTONE_LDAP_SUFFIX= + +# Query scope for the Identity service LDAP backend. Use 'one' for +# onelevel/singleLevel or 'sub' for subtree/wholeSubtree ('base' is +# not actually used by the Identity service and is therefore +# deprecated). ['base', 'one', 'sub'] +CONFIG_KEYSTONE_LDAP_QUERY_SCOPE=one + +# Query page size for the Identity service LDAP backend. +CONFIG_KEYSTONE_LDAP_PAGE_SIZE=-1 + +# User subtree for the Identity service LDAP backend. +CONFIG_KEYSTONE_LDAP_USER_SUBTREE= + +# User query filter for the Identity service LDAP backend. +CONFIG_KEYSTONE_LDAP_USER_FILTER= + +# User object class for the Identity service LDAP backend. +CONFIG_KEYSTONE_LDAP_USER_OBJECTCLASS= + +# User ID attribute for the Identity service LDAP backend. +CONFIG_KEYSTONE_LDAP_USER_ID_ATTRIBUTE= + +# User name attribute for the Identity service LDAP backend. +CONFIG_KEYSTONE_LDAP_USER_NAME_ATTRIBUTE= + +# User email address attribute for the Identity service LDAP backend. +CONFIG_KEYSTONE_LDAP_USER_MAIL_ATTRIBUTE= + +# User-enabled attribute for the Identity service LDAP backend. +CONFIG_KEYSTONE_LDAP_USER_ENABLED_ATTRIBUTE= + +# Bit mask integer applied to user-enabled attribute for the Identity +# service LDAP backend. Indicate the bit that the enabled value is +# stored in if the LDAP server represents "enabled" as a bit on an +# integer rather than a boolean. A value of "0" indicates the mask is +# not used (default). If this is not set to "0", the typical value is +# "2", typically used when +# "CONFIG_KEYSTONE_LDAP_USER_ENABLED_ATTRIBUTE = userAccountControl". +CONFIG_KEYSTONE_LDAP_USER_ENABLED_MASK=-1 + +# Value of enabled attribute which indicates user is enabled for the +# Identity service LDAP backend. This should match an appropriate +# integer value if the LDAP server uses non-boolean (bitmask) values +# to indicate whether a user is enabled or disabled. If this is not +# set as 'y', the typical value is "512". This is typically used when +# "CONFIG_KEYSTONE_LDAP_USER_ENABLED_ATTRIBUTE = userAccountControl". +CONFIG_KEYSTONE_LDAP_USER_ENABLED_DEFAULT=TRUE + +# Specify 'y' if users are disabled (not enabled) in the Identity +# service LDAP backend (inverts boolean-enalbed values). Some LDAP +# servers use a boolean lock attribute where "y" means an account is +# disabled. Setting this to 'y' allows these lock attributes to be +# used. This setting will have no effect if +# "CONFIG_KEYSTONE_LDAP_USER_ENABLED_MASK" is in use. ['n', 'y'] +CONFIG_KEYSTONE_LDAP_USER_ENABLED_INVERT=n + +# Comma-separated list of attributes stripped from LDAP user entry +# upon update. +CONFIG_KEYSTONE_LDAP_USER_ATTRIBUTE_IGNORE= + +# Identity service LDAP attribute mapped to default_project_id for +# users. +CONFIG_KEYSTONE_LDAP_USER_DEFAULT_PROJECT_ID_ATTRIBUTE= + +# Specify 'y' if you want to be able to create Identity service users +# through the Identity service interface; specify 'n' if you will +# create directly in the LDAP backend. ['n', 'y'] +CONFIG_KEYSTONE_LDAP_USER_ALLOW_CREATE=n + +# Specify 'y' if you want to be able to update Identity service users +# through the Identity service interface; specify 'n' if you will +# update directly in the LDAP backend. ['n', 'y'] +CONFIG_KEYSTONE_LDAP_USER_ALLOW_UPDATE=n + +# Specify 'y' if you want to be able to delete Identity service users +# through the Identity service interface; specify 'n' if you will +# delete directly in the LDAP backend. ['n', 'y'] +CONFIG_KEYSTONE_LDAP_USER_ALLOW_DELETE=n + +# Identity service LDAP attribute mapped to password. +CONFIG_KEYSTONE_LDAP_USER_PASS_ATTRIBUTE= + +# DN of the group entry to hold enabled LDAP users when using enabled +# emulation. +CONFIG_KEYSTONE_LDAP_USER_ENABLED_EMULATION_DN= + +# List of additional LDAP attributes for mapping additional attribute +# mappings for users. The attribute-mapping format is +# :, where ldap_attr is the attribute in the +# LDAP entry and user_attr is the Identity API attribute. +CONFIG_KEYSTONE_LDAP_USER_ADDITIONAL_ATTRIBUTE_MAPPING= + +# Group subtree for the Identity service LDAP backend. +CONFIG_KEYSTONE_LDAP_GROUP_SUBTREE= + +# Group query filter for the Identity service LDAP backend. +CONFIG_KEYSTONE_LDAP_GROUP_FILTER= + +# Group object class for the Identity service LDAP backend. +CONFIG_KEYSTONE_LDAP_GROUP_OBJECTCLASS= + +# Group ID attribute for the Identity service LDAP backend. +CONFIG_KEYSTONE_LDAP_GROUP_ID_ATTRIBUTE= + +# Group name attribute for the Identity service LDAP backend. +CONFIG_KEYSTONE_LDAP_GROUP_NAME_ATTRIBUTE= + +# Group member attribute for the Identity service LDAP backend. +CONFIG_KEYSTONE_LDAP_GROUP_MEMBER_ATTRIBUTE= + +# Group description attribute for the Identity service LDAP backend. +CONFIG_KEYSTONE_LDAP_GROUP_DESC_ATTRIBUTE= + +# Comma-separated list of attributes stripped from LDAP group entry +# upon update. +CONFIG_KEYSTONE_LDAP_GROUP_ATTRIBUTE_IGNORE= + +# Specify 'y' if you want to be able to create Identity service +# groups through the Identity service interface; specify 'n' if you +# will create directly in the LDAP backend. ['n', 'y'] +CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_CREATE=n + +# Specify 'y' if you want to be able to update Identity service +# groups through the Identity service interface; specify 'n' if you +# will update directly in the LDAP backend. ['n', 'y'] +CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_UPDATE=n + +# Specify 'y' if you want to be able to delete Identity service +# groups through the Identity service interface; specify 'n' if you +# will delete directly in the LDAP backend. ['n', 'y'] +CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_DELETE=n + +# List of additional LDAP attributes used for mapping additional +# attribute mappings for groups. The attribute=mapping format is +# :, where ldap_attr is the attribute in the +# LDAP entry and group_attr is the Identity API attribute. +CONFIG_KEYSTONE_LDAP_GROUP_ADDITIONAL_ATTRIBUTE_MAPPING= + +# Specify 'y' if the Identity service LDAP backend should use TLS. +# ['n', 'y'] +CONFIG_KEYSTONE_LDAP_USE_TLS=n + +# CA certificate directory for Identity service LDAP backend (if TLS +# is used). +CONFIG_KEYSTONE_LDAP_TLS_CACERTDIR= + +# CA certificate file for Identity service LDAP backend (if TLS is +# used). +CONFIG_KEYSTONE_LDAP_TLS_CACERTFILE= + +# Certificate-checking strictness level for Identity service LDAP +# backend; valid options are: never, allow, demand. ['never', 'allow', +# 'demand'] +CONFIG_KEYSTONE_LDAP_TLS_REQ_CERT=demand + +# Password to use for the Image service (glance) to access the +# database. +CONFIG_GLANCE_DB_PW=qum5net + +# Password to use for the Image service to authenticate with the +# Identity service. +CONFIG_GLANCE_KS_PW=qum5net + +# Storage backend for the Image service (controls how the Image +# service stores disk images). Valid options are: file or swift +# (Object Storage). The Object Storage service must be enabled to use +# it as a working backend; otherwise, Packstack falls back to 'file'. +# ['file', 'swift'] +CONFIG_GLANCE_BACKEND=file + +# Password to use for the Block Storage service (cinder) to access +# the database. +CONFIG_CINDER_DB_PW=qum5net + +# Enter y if cron job for removing soft deleted DB rows should be +# created. +CONFIG_CINDER_DB_PURGE_ENABLE=True + +# Password to use for the Block Storage service to authenticate with +# the Identity service. +CONFIG_CINDER_KS_PW=qum5net + +# Storage backend to use for the Block Storage service; valid options +# are: lvm, gluster, nfs, vmdk, netapp. ['lvm', 'gluster', 'nfs', +# 'vmdk', 'netapp'] +CONFIG_CINDER_BACKEND=lvm + +# Specify 'y' to create the Block Storage volumes group. That is, +# Packstack creates a raw disk image in /var/lib/cinder, and mounts it +# using a loopback device. This should only be used for testing on a +# proof-of-concept installation of the Block Storage service (a file- +# backed volume group is not suitable for production usage). ['y', +# 'n'] +CONFIG_CINDER_VOLUMES_CREATE=y + +# Size of Block Storage volumes group. Actual volume size will be +# extended with 3% more space for VG metadata. Remember that the size +# of the volume group will restrict the amount of disk space that you +# can expose to Compute instances, and that the specified amount must +# be available on the device used for /var/lib/cinder. +CONFIG_CINDER_VOLUMES_SIZE=20G + +# A single or comma-separated list of Red Hat Storage (gluster) +# volume shares to mount. Example: 'ip-address:/vol-name', 'domain +# :/vol-name' +CONFIG_CINDER_GLUSTER_MOUNTS= + +# A single or comma-separated list of NFS exports to mount. Example: +# 'ip-address:/export-name' +CONFIG_CINDER_NFS_MOUNTS= + +# Administrative user account name used to access the NetApp storage +# system or proxy server. +CONFIG_CINDER_NETAPP_LOGIN= + +# Password for the NetApp administrative user account specified in +# the CONFIG_CINDER_NETAPP_LOGIN parameter. +CONFIG_CINDER_NETAPP_PASSWORD= + +# Hostname (or IP address) for the NetApp storage system or proxy +# server. +CONFIG_CINDER_NETAPP_HOSTNAME= + +# The TCP port to use for communication with the storage system or +# proxy. If not specified, Data ONTAP drivers will use 80 for HTTP and +# 443 for HTTPS; E-Series will use 8080 for HTTP and 8443 for HTTPS. +# Defaults to 80. +CONFIG_CINDER_NETAPP_SERVER_PORT=80 + +# Storage family type used on the NetApp storage system; valid +# options are ontap_7mode for using Data ONTAP operating in 7-Mode, +# ontap_cluster for using clustered Data ONTAP, or E-Series for NetApp +# E-Series. Defaults to ontap_cluster. ['ontap_7mode', +# 'ontap_cluster', 'eseries'] +CONFIG_CINDER_NETAPP_STORAGE_FAMILY=ontap_cluster + +# The transport protocol used when communicating with the NetApp +# storage system or proxy server. Valid values are http or https. +# Defaults to 'http'. ['http', 'https'] +CONFIG_CINDER_NETAPP_TRANSPORT_TYPE=http + +# Storage protocol to be used on the data path with the NetApp +# storage system; valid options are iscsi, fc, nfs. Defaults to nfs. +# ['iscsi', 'fc', 'nfs'] +CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL=nfs + +# Quantity to be multiplied by the requested volume size to ensure +# enough space is available on the virtual storage server (Vserver) to +# fulfill the volume creation request. Defaults to 1.0. +CONFIG_CINDER_NETAPP_SIZE_MULTIPLIER=1.0 + +# Time period (in minutes) that is allowed to elapse after the image +# is last accessed, before it is deleted from the NFS image cache. +# When a cache-cleaning cycle begins, images in the cache that have +# not been accessed in the last M minutes, where M is the value of +# this parameter, are deleted from the cache to create free space on +# the NFS share. Defaults to 720. +CONFIG_CINDER_NETAPP_EXPIRY_THRES_MINUTES=720 + +# If the percentage of available space for an NFS share has dropped +# below the value specified by this parameter, the NFS image cache is +# cleaned. Defaults to 20. +CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_START=20 + +# When the percentage of available space on an NFS share has reached +# the percentage specified by this parameter, the driver stops +# clearing files from the NFS image cache that have not been accessed +# in the last M minutes, where M is the value of the +# CONFIG_CINDER_NETAPP_EXPIRY_THRES_MINUTES parameter. Defaults to 60. +CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP=60 + +# Single or comma-separated list of NetApp NFS shares for Block +# Storage to use. Format: ip-address:/export-name. Defaults to ''. +CONFIG_CINDER_NETAPP_NFS_SHARES= + +# File with the list of available NFS shares. Defaults to +# '/etc/cinder/shares.conf'. +CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG=/etc/cinder/shares.conf + +# This parameter is only utilized when the storage protocol is +# configured to use iSCSI or FC. This parameter is used to restrict +# provisioning to the specified controller volumes. Specify the value +# of this parameter to be a comma separated list of NetApp controller +# volume names to be used for provisioning. Defaults to ''. +CONFIG_CINDER_NETAPP_VOLUME_LIST= + +# The vFiler unit on which provisioning of block storage volumes will +# be done. This parameter is only used by the driver when connecting +# to an instance with a storage family of Data ONTAP operating in +# 7-Mode Only use this parameter when utilizing the MultiStore feature +# on the NetApp storage system. Defaults to ''. +CONFIG_CINDER_NETAPP_VFILER= + +# The name of the config.conf stanza for a Data ONTAP (7-mode) HA +# partner. This option is only used by the driver when connecting to +# an instance with a storage family of Data ONTAP operating in 7-Mode, +# and it is required if the storage protocol selected is FC. Defaults +# to ''. +CONFIG_CINDER_NETAPP_PARTNER_BACKEND_NAME= + +# This option specifies the virtual storage server (Vserver) name on +# the storage cluster on which provisioning of block storage volumes +# should occur. Defaults to ''. +CONFIG_CINDER_NETAPP_VSERVER= + +# Restricts provisioning to the specified controllers. Value must be +# a comma-separated list of controller hostnames or IP addresses to be +# used for provisioning. This option is only utilized when the storage +# family is configured to use E-Series. Defaults to ''. +CONFIG_CINDER_NETAPP_CONTROLLER_IPS= + +# Password for the NetApp E-Series storage array. Defaults to ''. +CONFIG_CINDER_NETAPP_SA_PASSWORD= + +# This option is used to define how the controllers in the E-Series +# storage array will work with the particular operating system on the +# hosts that are connected to it. Defaults to 'linux_dm_mp' +CONFIG_CINDER_NETAPP_ESERIES_HOST_TYPE=linux_dm_mp + +# Path to the NetApp E-Series proxy application on a proxy server. +# The value is combined with the value of the +# CONFIG_CINDER_NETAPP_TRANSPORT_TYPE, CONFIG_CINDER_NETAPP_HOSTNAME, +# and CONFIG_CINDER_NETAPP_HOSTNAME options to create the URL used by +# the driver to connect to the proxy application. Defaults to +# '/devmgr/v2'. +CONFIG_CINDER_NETAPP_WEBSERVICE_PATH=/devmgr/v2 + +# Restricts provisioning to the specified storage pools. Only dynamic +# disk pools are currently supported. The value must be a comma- +# separated list of disk pool names to be used for provisioning. +# Defaults to ''. +CONFIG_CINDER_NETAPP_STORAGE_POOLS= + +# Password to use for OpenStack Bare Metal Provisioning (ironic) to +# access the database. +CONFIG_IRONIC_DB_PW=PW_PLACEHOLDER + +# Password to use for OpenStack Bare Metal Provisioning to +# authenticate with the Identity service. +CONFIG_IRONIC_KS_PW=PW_PLACEHOLDER + +# Enter y if cron job for removing soft deleted DB rows should be +# created. +CONFIG_NOVA_DB_PURGE_ENABLE=True + +# Password to use for the Compute service (nova) to access the +# database. +CONFIG_NOVA_DB_PW=qum5net + +# Password to use for the Compute service to authenticate with the +# Identity service. +CONFIG_NOVA_KS_PW=qum5net + +# Overcommitment ratio for virtual to physical CPUs. Specify 1.0 to +# disable CPU overcommitment. +CONFIG_NOVA_SCHED_CPU_ALLOC_RATIO=16.0 + +# Overcommitment ratio for virtual to physical RAM. Specify 1.0 to +# disable RAM overcommitment. +CONFIG_NOVA_SCHED_RAM_ALLOC_RATIO=1.5 + +# Protocol used for instance migration. Valid options are: tcp and +# ssh. Note that by default, the Compute user is created with the +# /sbin/nologin shell so that the SSH protocol will not work. To make +# the SSH protocol work, you must configure the Compute user on +# compute hosts manually. ['tcp', 'ssh'] +CONFIG_NOVA_COMPUTE_MIGRATE_PROTOCOL=tcp + +# Manager that runs the Compute service. +CONFIG_NOVA_COMPUTE_MANAGER=nova.compute.manager.ComputeManager + +# PEM encoded certificate to be used for ssl on the https server, +# leave blank if one should be generated, this certificate should not +# require a passphrase. If CONFIG_HORIZON_SSL is set to 'n' this +# parameter is ignored. +CONFIG_VNC_SSL_CERT= + +# SSL keyfile corresponding to the certificate if one was entered. If +# CONFIG_HORIZON_SSL is set to 'n' this parameter is ignored. +CONFIG_VNC_SSL_KEY= + +# Enter the PCI passthrough array of hash in JSON style for +# controller eg. [{"vendor_id":"1234", "product_id":"5678", +# "name":"default"}, {...}] +CONFIG_NOVA_PCI_ALIAS= + +# Enter the PCI passthrough whitelist array of hash in JSON style for +# controller eg. [{"vendor_id":"1234", "product_id":"5678", +# "name':"default"}, {...}] +CONFIG_NOVA_PCI_PASSTHROUGH_WHITELIST= + +# Private interface for flat DHCP on the Compute servers. +CONFIG_NOVA_COMPUTE_PRIVIF= + +# Compute Network Manager. ['^nova\.network\.manager\.\w+Manager$'] +CONFIG_NOVA_NETWORK_MANAGER=nova.network.manager.FlatDHCPManager + +# Public interface on the Compute network server. +CONFIG_NOVA_NETWORK_PUBIF=eth0 + +# Private interface for flat DHCP on the Compute network server. +CONFIG_NOVA_NETWORK_PRIVIF= + +# IP Range for flat DHCP. ['^[\:\.\da-fA-f]+(\/\d+){0,1}$'] +CONFIG_NOVA_NETWORK_FIXEDRANGE=192.168.32.0/22 + +# IP Range for floating IP addresses. ['^[\:\.\da- +# fA-f]+(\/\d+){0,1}$'] +CONFIG_NOVA_NETWORK_FLOATRANGE=10.3.4.0/22 + +# Specify 'y' to automatically assign a floating IP to new instances. +# ['y', 'n'] +CONFIG_NOVA_NETWORK_AUTOASSIGNFLOATINGIP=n + +# First VLAN for private networks (Compute networking). +CONFIG_NOVA_NETWORK_VLAN_START=100 + +# Number of networks to support (Compute networking). +CONFIG_NOVA_NETWORK_NUMBER=1 + +# Number of addresses in each private subnet (Compute networking). +CONFIG_NOVA_NETWORK_SIZE=255 + +# Password to use for OpenStack Networking (neutron) to authenticate +# with the Identity service. +CONFIG_NEUTRON_KS_PW=qum5net + +# The password to use for OpenStack Networking to access the +# database. +CONFIG_NEUTRON_DB_PW=qum5net + +# The name of the Open vSwitch bridge (or empty for linuxbridge) for +# the OpenStack Networking L3 agent to use for external traffic. +# Specify 'provider' if you intend to use a provider network to handle +# external traffic. +CONFIG_NEUTRON_L3_EXT_BRIDGE=br-ex + +# Password for the OpenStack Networking metadata agent. +CONFIG_NEUTRON_METADATA_PW=qum5net + +# Specify 'y' to install OpenStack Networking's Load-Balancing- +# as-a-Service (LBaaS). ['y', 'n'] +CONFIG_LBAAS_INSTALL=n + +# Specify 'y' to install OpenStack Networking's L3 Metering agent +# ['y', 'n'] +CONFIG_NEUTRON_METERING_AGENT_INSTALL=n + +# Specify 'y' to configure OpenStack Networking's Firewall- +# as-a-Service (FWaaS). ['y', 'n'] +CONFIG_NEUTRON_FWAAS=n + +# Specify 'y' to configure OpenStack Networking's VPN-as-a-Service +# (VPNaaS). ['y', 'n'] +CONFIG_NEUTRON_VPNAAS=n + +# Comma-separated list of network-type driver entry points to be +# loaded from the neutron.ml2.type_drivers namespace. ['local', +# 'flat', 'vlan', 'gre', 'vxlan'] +CONFIG_NEUTRON_ML2_TYPE_DRIVERS=vxlan + +# Comma-separated, ordered list of network types to allocate as +# tenant networks. The 'local' value is only useful for single-box +# testing and provides no connectivity between hosts. ['local', +# 'vlan', 'gre', 'vxlan'] +CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=vxlan + +# Comma-separated ordered list of networking mechanism driver entry +# points to be loaded from the neutron.ml2.mechanism_drivers +# namespace. ['logger', 'test', 'linuxbridge', 'openvswitch', +# 'hyperv', 'ncs', 'arista', 'cisco_nexus', 'mlnx', 'l2population', +# 'sriovnicswitch'] +CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch + +# Comma-separated list of physical_network names with which flat +# networks can be created. Use * to allow flat networks with arbitrary +# physical_network names. +CONFIG_NEUTRON_ML2_FLAT_NETWORKS=* + +# Comma-separated list of :: or +# specifying physical_network names usable for VLAN +# provider and tenant networks, as well as ranges of VLAN tags on each +# available for allocation to tenant networks. +CONFIG_NEUTRON_ML2_VLAN_RANGES= + +# Comma-separated list of : tuples enumerating +# ranges of GRE tunnel IDs that are available for tenant-network +# allocation. A tuple must be an array with tun_max +1 - tun_min > +# 1000000. +CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES= + +# Comma-separated list of addresses for VXLAN multicast group. If +# left empty, disables VXLAN from sending allocate broadcast traffic +# (disables multicast VXLAN mode). Should be a Multicast IP (v4 or v6) +# address. +CONFIG_NEUTRON_ML2_VXLAN_GROUP= + +# Comma-separated list of : tuples enumerating +# ranges of VXLAN VNI IDs that are available for tenant network +# allocation. Minimum value is 0 and maximum value is 16777215. +CONFIG_NEUTRON_ML2_VNI_RANGES=10:100 + +# Name of the L2 agent to be used with OpenStack Networking. +# ['linuxbridge', 'openvswitch'] +CONFIG_NEUTRON_L2_AGENT=openvswitch + +# Comma separated list of supported PCI vendor devices defined by +# vendor_id:product_id according to the PCI ID Repository. +CONFIG_NEUTRON_ML2_SUPPORTED_PCI_VENDOR_DEVS=['15b3:1004', '8086:10ca'] + +# Specify 'y' if the sriov agent is required +CONFIG_NEUTRON_ML2_SRIOV_AGENT_REQUIRED=n + +# Comma-separated list of interface mappings for the OpenStack +# Networking ML2 SRIOV agent. Each tuple in the list must be in the +# format :. Example: +# physnet1:eth1,physnet2:eth2,physnet3:eth3. +CONFIG_NEUTRON_ML2_SRIOV_INTERFACE_MAPPINGS= + +# Comma-separated list of interface mappings for the OpenStack +# Networking linuxbridge plugin. Each tuple in the list must be in the +# format :. Example: +# physnet1:eth1,physnet2:eth2,physnet3:eth3. +CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS= + +# Comma-separated list of bridge mappings for the OpenStack +# Networking Open vSwitch plugin. Each tuple in the list must be in +# the format :. Example: physnet1:br- +# eth1,physnet2:br-eth2,physnet3:br-eth3 +CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS= + +# Comma-separated list of colon-separated Open vSwitch +# : pairs. The interface will be added to the +# associated bridge. If you desire the bridge to be persistent a value +# must be added to this directive, also +# CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS must be set in order to create +# the proper port. This can be achieved from the command line by +# issuing the following command: packstack --allinone --os-neutron- +# ovs-bridge-mappings=ext-net:br-ex --os-neutron-ovs-bridge-interfaces +# =br-ex:eth0 +CONFIG_NEUTRON_OVS_BRIDGE_IFACES= + +# Interface for the Open vSwitch tunnel. Packstack overrides the IP +# address used for tunnels on this hypervisor to the IP found on the +# specified interface (for example, eth1). +CONFIG_NEUTRON_OVS_TUNNEL_IF= + +# VXLAN UDP port. +CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789 + +# Specify 'y' to set up Horizon communication over https. ['y', 'n'] +CONFIG_HORIZON_SSL=n + +# Secret key to use for Horizon Secret Encryption Key. +CONFIG_HORIZON_SECRET_KEY=e2ba54f295f84d0c8d645de8e36fcc33 + +# PEM-encoded certificate to be used for SSL connections on the https +# server. To generate a certificate, leave blank. +CONFIG_HORIZON_SSL_CERT= + +# SSL keyfile corresponding to the certificate if one was specified. +# The certificate should not require a passphrase. +CONFIG_HORIZON_SSL_KEY= + +CONFIG_HORIZON_SSL_CACERT= + +# Password to use for the Object Storage service to authenticate with +# the Identity service. +CONFIG_SWIFT_KS_PW=qum5net + +# Comma-separated list of devices to use as storage device for Object +# Storage. Each entry must take the format /path/to/dev (for example, +# specifying /dev/vdb installs /dev/vdb as the Object Storage storage +# device; Packstack does not create the filesystem, you must do this +# first). If left empty, Packstack creates a loopback device for test +# setup. +CONFIG_SWIFT_STORAGES= + +# Number of Object Storage storage zones; this number MUST be no +# larger than the number of configured storage devices. +CONFIG_SWIFT_STORAGE_ZONES=1 + +# Number of Object Storage storage replicas; this number MUST be no +# larger than the number of configured storage zones. +CONFIG_SWIFT_STORAGE_REPLICAS=1 + +# File system type for storage nodes. ['xfs', 'ext4'] +CONFIG_SWIFT_STORAGE_FSTYPE=ext4 + +# Custom seed number to use for swift_hash_path_suffix in +# /etc/swift/swift.conf. If you do not provide a value, a seed number +# is automatically generated. +CONFIG_SWIFT_HASH=54760d6b88814b53 + +# Size of the Object Storage loopback file storage device. +CONFIG_SWIFT_STORAGE_SIZE=2G + +# Password used by Orchestration service user to authenticate against +# the database. +CONFIG_HEAT_DB_PW=PW_PLACEHOLDER + +# Encryption key to use for authentication in the Orchestration +# database (16, 24, or 32 chars). +CONFIG_HEAT_AUTH_ENC_KEY=2e06ca7c4aa3400c + +# Password to use for the Orchestration service to authenticate with +# the Identity service. +CONFIG_HEAT_KS_PW=PW_PLACEHOLDER + +# Specify 'y' to install the Orchestration CloudWatch API. ['y', 'n'] +CONFIG_HEAT_CLOUDWATCH_INSTALL=n + +# Specify 'y' to install the Orchestration CloudFormation API. ['y', +# 'n'] +CONFIG_HEAT_CFN_INSTALL=n + +# Name of the Identity domain for Orchestration. +CONFIG_HEAT_DOMAIN=heat + +# Name of the Identity domain administrative user for Orchestration. +CONFIG_HEAT_DOMAIN_ADMIN=heat_admin + +# Password for the Identity domain administrative user for +# Orchestration. +CONFIG_HEAT_DOMAIN_PASSWORD=PW_PLACEHOLDER + +# Specify 'y' to provision for demo usage and testing. ['y', 'n'] +CONFIG_PROVISION_DEMO=y + +# Specify 'y' to configure the OpenStack Integration Test Suite +# (tempest) for testing. The test suite requires OpenStack Networking +# to be installed. ['y', 'n'] +CONFIG_PROVISION_TEMPEST=n + +# CIDR network address for the floating IP subnet. +CONFIG_PROVISION_DEMO_FLOATRANGE=172.24.4.224/28 + +# The name to be assigned to the demo image in Glance (default +# "cirros"). +CONFIG_PROVISION_IMAGE_NAME=cirros + +# A URL or local file location for an image to download and provision +# in Glance (defaults to a URL for a recent "cirros" image). +CONFIG_PROVISION_IMAGE_URL=http://download.cirros-cloud.net/0.3.3/cirros-0.3.3-x86_64-disk.img + +# Format for the demo image (default "qcow2"). +CONFIG_PROVISION_IMAGE_FORMAT=qcow2 + +# User to use when connecting to instances booted from the demo +# image. +CONFIG_PROVISION_IMAGE_SSH_USER=cirros + +# Name of the Integration Test Suite provisioning user. If you do not +# provide a user name, Tempest is configured in a standalone mode. +CONFIG_PROVISION_TEMPEST_USER= + +# Password to use for the Integration Test Suite provisioning user. +CONFIG_PROVISION_TEMPEST_USER_PW=PW_PLACEHOLDER + +# CIDR network address for the floating IP subnet. +CONFIG_PROVISION_TEMPEST_FLOATRANGE=172.24.4.224/28 + +# URI of the Integration Test Suite git repository. +CONFIG_PROVISION_TEMPEST_REPO_URI=https://github.com/openstack/tempest.git + +# Revision (branch) of the Integration Test Suite git repository. +CONFIG_PROVISION_TEMPEST_REPO_REVISION=master + +# Specify 'y' to configure the Open vSwitch external bridge for an +# all-in-one deployment (the L3 external bridge acts as the gateway +# for virtual machines). ['y', 'n'] +CONFIG_PROVISION_OVS_BRIDGE=y + +# Password to use for OpenStack Data Processing (sahara) to access +# the database. +CONFIG_SAHARA_DB_PW=PW_PLACEHOLDER + +# Password to use for OpenStack Data Processing to authenticate with +# the Identity service. +CONFIG_SAHARA_KS_PW=PW_PLACEHOLDER + +# Secret key for signing Telemetry service (ceilometer) messages. +CONFIG_CEILOMETER_SECRET=d1cd21accf764049 + +# Password to use for Telemetry to authenticate with the Identity +# service. +CONFIG_CEILOMETER_KS_PW=qum5net + +# Backend driver for Telemetry's group membership coordination. +# ['redis', 'none'] +CONFIG_CEILOMETER_COORDINATION_BACKEND=redis + +# IP address of the server on which to install MongoDB. +CONFIG_MONGODB_HOST=VARINET4ADDR + +# IP address of the server on which to install the Redis master +# server. +CONFIG_REDIS_MASTER_HOST=VARINET4ADDR + +# Port on which the Redis server(s) listens. +CONFIG_REDIS_PORT=6379 + +# Specify 'y' to have Redis try to use HA. ['y', 'n'] +CONFIG_REDIS_HA=n + +# Hosts on which to install Redis slaves. +CONFIG_REDIS_SLAVE_HOSTS= + +# Hosts on which to install Redis sentinel servers. +CONFIG_REDIS_SENTINEL_HOSTS= + +# Host to configure as the Redis coordination sentinel. +CONFIG_REDIS_SENTINEL_CONTACT_HOST= + +# Port on which Redis sentinel servers listen. +CONFIG_REDIS_SENTINEL_PORT=26379 + +# Quorum value for Redis sentinel servers. +CONFIG_REDIS_SENTINEL_QUORUM=2 + +# Name of the master server watched by the Redis sentinel. ['[a-z]+'] +CONFIG_REDIS_MASTER_NAME=mymaster + +# Password to use for OpenStack Database-as-a-Service (trove) to +# access the database. +CONFIG_TROVE_DB_PW=PW_PLACEHOLDER + +# Password to use for OpenStack Database-as-a-Service to authenticate +# with the Identity service. +CONFIG_TROVE_KS_PW=PW_PLACEHOLDER + +# User name to use when OpenStack Database-as-a-Service connects to +# the Compute service. +CONFIG_TROVE_NOVA_USER=trove + +# Tenant to use when OpenStack Database-as-a-Service connects to the +# Compute service. +CONFIG_TROVE_NOVA_TENANT=services + +# Password to use when OpenStack Database-as-a-Service connects to +# the Compute service. +CONFIG_TROVE_NOVA_PW=PW_PLACEHOLDER + +# Password of the nagiosadmin user on the Nagios server. +CONFIG_NAGIOS_PW=PW_PLACEHOLDER diff --git a/qa/qa_scripts/openstack/files/nova.template.conf b/qa/qa_scripts/openstack/files/nova.template.conf new file mode 100644 index 000000000..c63c8648f --- /dev/null +++ b/qa/qa_scripts/openstack/files/nova.template.conf @@ -0,0 +1,3698 @@ +[DEFAULT] + +# +# From nova +# + +# Number of times to retry live-migration before failing. If == -1, try until +# out of hosts. If == 0, only try once, no retries. (integer value) +#migrate_max_retries=-1 + +# The topic console auth proxy nodes listen on (string value) +#consoleauth_topic=consoleauth + +# The driver to use for database access (string value) +#db_driver=nova.db + +# Backend to use for IPv6 generation (string value) +#ipv6_backend=rfc2462 + +# The driver for servicegroup service (valid options are: db, zk, mc) (string +# value) +#servicegroup_driver=db + +# The availability_zone to show internal services under (string value) +#internal_service_availability_zone=internal +internal_service_availability_zone=internal + +# Default compute node availability_zone (string value) +#default_availability_zone=nova +default_availability_zone=nova + +# The topic cert nodes listen on (string value) +#cert_topic=cert + +# Image ID used when starting up a cloudpipe vpn server (string value) +#vpn_image_id=0 + +# Flavor for vpn instances (string value) +#vpn_flavor=m1.tiny + +# Template for cloudpipe instance boot script (string value) +#boot_script_template=$pybasedir/nova/cloudpipe/bootscript.template + +# Network to push into openvpn config (string value) +#dmz_net=10.0.0.0 + +# Netmask to push into openvpn config (string value) +#dmz_mask=255.255.255.0 + +# Suffix to add to project name for vpn key and secgroups (string value) +#vpn_key_suffix=-vpn + +# Record sessions to FILE.[session_number] (boolean value) +#record=false + +# Become a daemon (background process) (boolean value) +#daemon=false + +# Disallow non-encrypted connections (boolean value) +#ssl_only=false + +# Source is ipv6 (boolean value) +#source_is_ipv6=false + +# SSL certificate file (string value) +#cert=self.pem + +# SSL key file (if separate from cert) (string value) +#key= + +# Run webserver on same port. Serve files from DIR. (string value) +#web=/usr/share/spice-html5 + +# Host on which to listen for incoming requests (string value) +#novncproxy_host=0.0.0.0 +novncproxy_host=0.0.0.0 + +# Port on which to listen for incoming requests (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#novncproxy_port=6080 +novncproxy_port=6080 + +# Host on which to listen for incoming requests (string value) +#serialproxy_host=0.0.0.0 + +# Port on which to listen for incoming requests (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#serialproxy_port=6083 + +# Host on which to listen for incoming requests (string value) +#html5proxy_host=0.0.0.0 + +# Port on which to listen for incoming requests (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#html5proxy_port=6082 + +# Driver to use for the console proxy (string value) +#console_driver=nova.console.xvp.XVPConsoleProxy + +# Stub calls to compute worker for tests (boolean value) +#stub_compute=false + +# Publicly visible name for this console host (string value) +#console_public_hostname=x86-017.build.eng.bos.redhat.com + +# The topic console proxy nodes listen on (string value) +#console_topic=console + +# XVP conf template (string value) +#console_xvp_conf_template=$pybasedir/nova/console/xvp.conf.template + +# Generated XVP conf file (string value) +#console_xvp_conf=/etc/xvp.conf + +# XVP master process pid file (string value) +#console_xvp_pid=/var/run/xvp.pid + +# XVP log file (string value) +#console_xvp_log=/var/log/xvp.log + +# Port for XVP to multiplex VNC connections on (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#console_xvp_multiplex_port=5900 + +# How many seconds before deleting tokens (integer value) +#console_token_ttl=600 + +# Filename of root CA (string value) +#ca_file=cacert.pem + +# Filename of private key (string value) +#key_file=private/cakey.pem + +# Filename of root Certificate Revocation List (string value) +#crl_file=crl.pem + +# Where we keep our keys (string value) +#keys_path=$state_path/keys + +# Where we keep our root CA (string value) +#ca_path=$state_path/CA + +# Should we use a CA for each project? (boolean value) +#use_project_ca=false + +# Subject for certificate for users, %s for project, user, timestamp (string +# value) +#user_cert_subject=/C=US/ST=California/O=OpenStack/OU=NovaDev/CN=%.16s-%.16s-%s + +# Subject for certificate for projects, %s for project, timestamp (string +# value) +#project_cert_subject=/C=US/ST=California/O=OpenStack/OU=NovaDev/CN=project-ca-%.16s-%s + +# Services to be added to the available pool on create (boolean value) +#enable_new_services=true + +# Template string to be used to generate instance names (string value) +#instance_name_template=instance-%08x + +# Template string to be used to generate snapshot names (string value) +#snapshot_name_template=snapshot-%s + +# When set, compute API will consider duplicate hostnames invalid within the +# specified scope, regardless of case. Should be empty, "project" or "global". +# (string value) +#osapi_compute_unique_server_name_scope = + +# Make exception message format errors fatal (boolean value) +#fatal_exception_format_errors=false + +# Parent directory for tempdir used for image decryption (string value) +#image_decryption_dir=/tmp + +# Hostname or IP for OpenStack to use when accessing the S3 api (string value) +#s3_host=$my_ip + +# Port used when accessing the S3 api (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#s3_port=3333 + +# Access key to use for S3 server for images (string value) +#s3_access_key=notchecked + +# Secret key to use for S3 server for images (string value) +#s3_secret_key=notchecked + +# Whether to use SSL when talking to S3 (boolean value) +#s3_use_ssl=false + +# Whether to affix the tenant id to the access key when downloading from S3 +# (boolean value) +#s3_affix_tenant=false + +# IP address of this host (string value) +#my_ip=10.16.48.92 + +# Block storage IP address of this host (string value) +#my_block_storage_ip=$my_ip + +# Name of this node. This can be an opaque identifier. It is not necessarily +# a hostname, FQDN, or IP address. However, the node name must be valid within +# an AMQP key, and if using ZeroMQ, a valid hostname, FQDN, or IP address +# (string value) +#host=x86-017.build.eng.bos.redhat.com + +# Use IPv6 (boolean value) +#use_ipv6=false +use_ipv6=False + +# If set, send compute.instance.update notifications on instance state changes. +# Valid values are None for no notifications, "vm_state" for notifications on +# VM state changes, or "vm_and_task_state" for notifications on VM and task +# state changes. (string value) +#notify_on_state_change= + +# If set, send api.fault notifications on caught exceptions in the API service. +# (boolean value) +#notify_api_faults=false +notify_api_faults=False + +# Default notification level for outgoing notifications (string value) +# Allowed values: DEBUG, INFO, WARN, ERROR, CRITICAL +#default_notification_level=INFO + +# Default publisher_id for outgoing notifications (string value) +#default_publisher_id= + +# DEPRECATED: THIS VALUE SHOULD BE SET WHEN CREATING THE NETWORK. If True in +# multi_host mode, all compute hosts share the same dhcp address. The same IP +# address used for DHCP will be added on each nova-network node which is only +# visible to the vms on the same host. (boolean value) +#share_dhcp_address=false + +# DEPRECATED: THIS VALUE SHOULD BE SET WHEN CREATING THE NETWORK. MTU setting +# for network interface. (integer value) +#network_device_mtu= + +# Path to S3 buckets (string value) +#buckets_path=$state_path/buckets + +# IP address for S3 API to listen (string value) +#s3_listen=0.0.0.0 + +# Port for S3 API to listen (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#s3_listen_port=3333 + +# Directory where the nova python module is installed (string value) +#pybasedir=/builddir/build/BUILD/nova-12.0.2 + +# Directory where nova binaries are installed (string value) +#bindir=/usr/local/bin + +# Top-level directory for maintaining nova's state (string value) +#state_path=/var/lib/nova +state_path=/var/lib/nova + +# An alias for a PCI passthrough device requirement. This allows users to +# specify the alias in the extra_spec for a flavor, without needing to repeat +# all the PCI property requirements. For example: pci_alias = { "name": +# "QuickAssist", "product_id": "0443", "vendor_id": "8086", +# "device_type": "ACCEL" } defines an alias for the Intel QuickAssist card. +# (multi valued) (multi valued) +#pci_alias = + +# White list of PCI devices available to VMs. For example: +# pci_passthrough_whitelist = [{"vendor_id": "8086", "product_id": "0443"}] +# (multi valued) +#pci_passthrough_whitelist = + +# Number of instances allowed per project (integer value) +#quota_instances=10 + +# Number of instance cores allowed per project (integer value) +#quota_cores=20 + +# Megabytes of instance RAM allowed per project (integer value) +#quota_ram=51200 + +# Number of floating IPs allowed per project (integer value) +#quota_floating_ips=10 + +# Number of fixed IPs allowed per project (this should be at least the number +# of instances allowed) (integer value) +#quota_fixed_ips=-1 + +# Number of metadata items allowed per instance (integer value) +#quota_metadata_items=128 + +# Number of injected files allowed (integer value) +#quota_injected_files=5 + +# Number of bytes allowed per injected file (integer value) +#quota_injected_file_content_bytes=10240 + +# Length of injected file path (integer value) +#quota_injected_file_path_length=255 + +# Number of security groups per project (integer value) +#quota_security_groups=10 + +# Number of security rules per security group (integer value) +#quota_security_group_rules=20 + +# Number of key pairs per user (integer value) +#quota_key_pairs=100 + +# Number of server groups per project (integer value) +#quota_server_groups=10 + +# Number of servers per server group (integer value) +#quota_server_group_members=10 + +# Number of seconds until a reservation expires (integer value) +#reservation_expire=86400 + +# Count of reservations until usage is refreshed. This defaults to 0(off) to +# avoid additional load but it is useful to turn on to help keep quota usage up +# to date and reduce the impact of out of sync usage issues. (integer value) +#until_refresh=0 + +# Number of seconds between subsequent usage refreshes. This defaults to 0(off) +# to avoid additional load but it is useful to turn on to help keep quota usage +# up to date and reduce the impact of out of sync usage issues. Note that +# quotas are not updated on a periodic task, they will update on a new +# reservation if max_age has passed since the last reservation (integer value) +#max_age=0 + +# Default driver to use for quota checks (string value) +#quota_driver=nova.quota.DbQuotaDriver + +# Seconds between nodes reporting state to datastore (integer value) +#report_interval=10 +report_interval=10 + +# Enable periodic tasks (boolean value) +#periodic_enable=true + +# Range of seconds to randomly delay when starting the periodic task scheduler +# to reduce stampeding. (Disable by setting to 0) (integer value) +#periodic_fuzzy_delay=60 + +# A list of APIs to enable by default (list value) +#enabled_apis=ec2,osapi_compute,metadata +enabled_apis=ec2,osapi_compute,metadata + +# A list of APIs with enabled SSL (list value) +#enabled_ssl_apis = + +# The IP address on which the EC2 API will listen. (string value) +#ec2_listen=0.0.0.0 +ec2_listen=0.0.0.0 + +# The port on which the EC2 API will listen. (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#ec2_listen_port=8773 +ec2_listen_port=8773 + +# Number of workers for EC2 API service. The default will be equal to the +# number of CPUs available. (integer value) +#ec2_workers= +ec2_workers=12 + +# The IP address on which the OpenStack API will listen. (string value) +#osapi_compute_listen=0.0.0.0 +osapi_compute_listen=0.0.0.0 + +# The port on which the OpenStack API will listen. (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#osapi_compute_listen_port=8774 +osapi_compute_listen_port=8774 + +# Number of workers for OpenStack API service. The default will be the number +# of CPUs available. (integer value) +#osapi_compute_workers= +osapi_compute_workers=12 + +# OpenStack metadata service manager (string value) +#metadata_manager=nova.api.manager.MetadataManager + +# The IP address on which the metadata API will listen. (string value) +#metadata_listen=0.0.0.0 +metadata_listen=0.0.0.0 + +# The port on which the metadata API will listen. (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#metadata_listen_port=8775 +metadata_listen_port=8775 + +# Number of workers for metadata service. The default will be the number of +# CPUs available. (integer value) +#metadata_workers= +metadata_workers=12 + +# Full class name for the Manager for compute (string value) +#compute_manager=nova.compute.manager.ComputeManager +compute_manager=nova.compute.manager.ComputeManager + +# Full class name for the Manager for console proxy (string value) +#console_manager=nova.console.manager.ConsoleProxyManager + +# Manager for console auth (string value) +#consoleauth_manager=nova.consoleauth.manager.ConsoleAuthManager + +# Full class name for the Manager for cert (string value) +#cert_manager=nova.cert.manager.CertManager + +# Full class name for the Manager for network (string value) +#network_manager=nova.network.manager.FlatDHCPManager + +# Full class name for the Manager for scheduler (string value) +#scheduler_manager=nova.scheduler.manager.SchedulerManager + +# Maximum time since last check-in for up service (integer value) +#service_down_time=60 +service_down_time=60 + +# Whether to log monkey patching (boolean value) +#monkey_patch=false + +# List of modules/decorators to monkey patch (list value) +#monkey_patch_modules=nova.api.ec2.cloud:nova.notifications.notify_decorator,nova.compute.api:nova.notifications.notify_decorator + +# Length of generated instance admin passwords (integer value) +#password_length=12 + +# Time period to generate instance usages for. Time period must be hour, day, +# month or year (string value) +#instance_usage_audit_period=month + +# Start and use a daemon that can run the commands that need to be run with +# root privileges. This option is usually enabled on nodes that run nova +# compute processes (boolean value) +#use_rootwrap_daemon=false + +# Path to the rootwrap configuration file to use for running commands as root +# (string value) +#rootwrap_config=/etc/nova/rootwrap.conf +rootwrap_config=/etc/nova/rootwrap.conf + +# Explicitly specify the temporary working directory (string value) +#tempdir= + +# Port that the XCP VNC proxy should bind to (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#xvpvncproxy_port=6081 + +# Address that the XCP VNC proxy should bind to (string value) +#xvpvncproxy_host=0.0.0.0 + +# The full class name of the volume API class to use (string value) +#volume_api_class=nova.volume.cinder.API +volume_api_class=nova.volume.cinder.API + +# File name for the paste.deploy config for nova-api (string value) +#api_paste_config=api-paste.ini +api_paste_config=api-paste.ini + +# A python format string that is used as the template to generate log lines. +# The following values can be formatted into it: client_ip, date_time, +# request_line, status_code, body_length, wall_seconds. (string value) +#wsgi_log_format=%(client_ip)s "%(request_line)s" status: %(status_code)s len: %(body_length)s time: %(wall_seconds).7f + +# The HTTP header used to determine the scheme for the original request, even +# if it was removed by an SSL terminating proxy. Typical value is +# "HTTP_X_FORWARDED_PROTO". (string value) +#secure_proxy_ssl_header= + +# CA certificate file to use to verify connecting clients (string value) +#ssl_ca_file= + +# SSL certificate of API server (string value) +#ssl_cert_file= + +# SSL private key of API server (string value) +#ssl_key_file= + +# Sets the value of TCP_KEEPIDLE in seconds for each server socket. Not +# supported on OS X. (integer value) +#tcp_keepidle=600 + +# Size of the pool of greenthreads used by wsgi (integer value) +#wsgi_default_pool_size=1000 + +# Maximum line size of message headers to be accepted. max_header_line may need +# to be increased when using large tokens (typically those generated by the +# Keystone v3 API with big service catalogs). (integer value) +#max_header_line=16384 + +# If False, closes the client socket connection explicitly. (boolean value) +#wsgi_keep_alive=true + +# Timeout for client connections' socket operations. If an incoming connection +# is idle for this number of seconds it will be closed. A value of '0' means +# wait forever. (integer value) +#client_socket_timeout=900 + +# +# From nova.api +# + +# File to load JSON formatted vendor data from (string value) +#vendordata_jsonfile_path= + +# Permit instance snapshot operations. (boolean value) +#allow_instance_snapshots=true + +# Whether to use per-user rate limiting for the api. This option is only used +# by v2 api. Rate limiting is removed from v2.1 api. (boolean value) +#api_rate_limit=false + +# +# The strategy to use for auth: keystone or noauth2. noauth2 is designed for +# testing only, as it does no actual credential checking. noauth2 provides +# administrative credentials only if 'admin' is specified as the username. +# (string value) +#auth_strategy=keystone +auth_strategy=keystone + +# Treat X-Forwarded-For as the canonical remote address. Only enable this if +# you have a sanitizing proxy. (boolean value) +#use_forwarded_for=false +use_forwarded_for=False + +# The IP address of the EC2 API server (string value) +#ec2_host=$my_ip + +# The internal IP address of the EC2 API server (string value) +#ec2_dmz_host=$my_ip + +# The port of the EC2 API server (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#ec2_port=8773 + +# The protocol to use when connecting to the EC2 API server (string value) +# Allowed values: http, https +#ec2_scheme=http + +# The path prefix used to call the ec2 API server (string value) +#ec2_path=/ + +# List of region=fqdn pairs separated by commas (list value) +#region_list = + +# Number of failed auths before lockout. (integer value) +#lockout_attempts=5 + +# Number of minutes to lockout if triggered. (integer value) +#lockout_minutes=15 + +# Number of minutes for lockout window. (integer value) +#lockout_window=15 + +# URL to get token from ec2 request. (string value) +#keystone_ec2_url=http://localhost:5000/v2.0/ec2tokens + +# Return the IP address as private dns hostname in describe instances (boolean +# value) +#ec2_private_dns_show_ip=false + +# Validate security group names according to EC2 specification (boolean value) +#ec2_strict_validation=true + +# Time in seconds before ec2 timestamp expires (integer value) +#ec2_timestamp_expiry=300 + +# Disable SSL certificate verification. (boolean value) +#keystone_ec2_insecure=false + +# List of metadata versions to skip placing into the config drive (string +# value) +#config_drive_skip_versions=1.0 2007-01-19 2007-03-01 2007-08-29 2007-10-10 2007-12-15 2008-02-01 2008-09-01 + +# Driver to use for vendor data (string value) +#vendordata_driver=nova.api.metadata.vendordata_json.JsonFileVendorData + +# Time in seconds to cache metadata; 0 to disable metadata caching entirely +# (not recommended). Increasingthis should improve response times of the +# metadata API when under heavy load. Higher values may increase memoryusage +# and result in longer times for host metadata changes to take effect. (integer +# value) +#metadata_cache_expiration=15 + +# The maximum number of items returned in a single response from a collection +# resource (integer value) +#osapi_max_limit=1000 + +# Base URL that will be presented to users in links to the OpenStack Compute +# API (string value) +#osapi_compute_link_prefix= + +# Base URL that will be presented to users in links to glance resources (string +# value) +#osapi_glance_link_prefix= + +# DEPRECATED: Specify list of extensions to load when using +# osapi_compute_extension option with +# nova.api.openstack.compute.legacy_v2.contrib.select_extensions This option +# will be removed in the near future. After that point you have to run all of +# the API. (list value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#osapi_compute_ext_list = + +# Full path to fping. (string value) +#fping_path=/usr/sbin/fping +fping_path=/usr/sbin/fping + +# Enables or disables quota checking for tenant networks (boolean value) +#enable_network_quota=false + +# Control for checking for default networks (string value) +#use_neutron_default_nets=False + +# Default tenant id when creating neutron networks (string value) +#neutron_default_tenant_id=default + +# Number of private networks allowed per project (integer value) +#quota_networks=3 + +# osapi compute extension to load. This option will be removed in the near +# future. After that point you have to run all of the API. (multi valued) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#osapi_compute_extension=nova.api.openstack.compute.legacy_v2.contrib.standard_extensions + +# List of instance states that should hide network info (list value) +#osapi_hide_server_address_states=building + +# Enables returning of the instance password by the relevant server API calls +# such as create, rebuild or rescue, If the hypervisor does not support +# password injection then the password returned will not be correct (boolean +# value) +#enable_instance_password=true + +# +# From nova.compute +# + +# Allow destination machine to match source for resize. Useful when testing in +# single-host environments. (boolean value) +#allow_resize_to_same_host=false +allow_resize_to_same_host=False + +# Availability zone to use when user doesn't specify one (string value) +#default_schedule_zone= + +# These are image properties which a snapshot should not inherit from an +# instance (list value) +#non_inheritable_image_properties=cache_in_nova,bittorrent + +# Kernel image that indicates not to use a kernel, but to use a raw disk image +# instead (string value) +#null_kernel=nokernel + +# When creating multiple instances with a single request using the os-multiple- +# create API extension, this template will be used to build the display name +# for each instance. The benefit is that the instances end up with different +# hostnames. To restore legacy behavior of every instance having the same name, +# set this option to "%(name)s". Valid keys for the template are: name, uuid, +# count. (string value) +#multi_instance_display_name_template=%(name)s-%(count)d + +# Maximum number of devices that will result in a local image being created on +# the hypervisor node. A negative number means unlimited. Setting +# max_local_block_devices to 0 means that any request that attempts to create a +# local disk will fail. This option is meant to limit the number of local discs +# (so root local disc that is the result of --image being used, and any other +# ephemeral and swap disks). 0 does not mean that images will be automatically +# converted to volumes and boot instances from volumes - it just means that all +# requests that attempt to create a local disk will fail. (integer value) +#max_local_block_devices=3 + +# Default flavor to use for the EC2 API only. The Nova API does not support a +# default flavor. (string value) +#default_flavor=m1.small + +# Console proxy host to use to connect to instances on this host. (string +# value) +#console_host=x86-017.build.eng.bos.redhat.com + +# Name of network to use to set access IPs for instances (string value) +#default_access_ip_network_name= + +# Whether to batch up the application of IPTables rules during a host restart +# and apply all at the end of the init phase (boolean value) +#defer_iptables_apply=false + +# Where instances are stored on disk (string value) +#instances_path=$state_path/instances + +# Generate periodic compute.instance.exists notifications (boolean value) +#instance_usage_audit=false + +# Number of 1 second retries needed in live_migration (integer value) +#live_migration_retry_count=30 + +# Whether to start guests that were running before the host rebooted (boolean +# value) +#resume_guests_state_on_host_boot=false + +# Number of times to retry network allocation on failures (integer value) +#network_allocate_retries=0 + +# Maximum number of instance builds to run concurrently (integer value) +#max_concurrent_builds=10 + +# Maximum number of live migrations to run concurrently. This limit is enforced +# to avoid outbound live migrations overwhelming the host/network and causing +# failures. It is not recommended that you change this unless you are very sure +# that doing so is safe and stable in your environment. (integer value) +#max_concurrent_live_migrations=1 + +# Number of times to retry block device allocation on failures (integer value) +#block_device_allocate_retries=60 + +# The number of times to attempt to reap an instance's files. (integer value) +#maximum_instance_delete_attempts=5 + +# Interval to pull network bandwidth usage info. Not supported on all +# hypervisors. Set to -1 to disable. Setting this to 0 will run at the default +# rate. (integer value) +#bandwidth_poll_interval=600 + +# Interval to sync power states between the database and the hypervisor. Set to +# -1 to disable. Setting this to 0 will run at the default rate. (integer +# value) +#sync_power_state_interval=600 + +# Number of seconds between instance network information cache updates (integer +# value) +#heal_instance_info_cache_interval=60 +heal_instance_info_cache_interval=60 + +# Interval in seconds for reclaiming deleted instances (integer value) +#reclaim_instance_interval=0 + +# Interval in seconds for gathering volume usages (integer value) +#volume_usage_poll_interval=0 + +# Interval in seconds for polling shelved instances to offload. Set to -1 to +# disable.Setting this to 0 will run at the default rate. (integer value) +#shelved_poll_interval=3600 + +# Time in seconds before a shelved instance is eligible for removing from a +# host. -1 never offload, 0 offload immediately when shelved (integer value) +#shelved_offload_time=0 + +# Interval in seconds for retrying failed instance file deletes. Set to -1 to +# disable. Setting this to 0 will run at the default rate. (integer value) +#instance_delete_interval=300 + +# Waiting time interval (seconds) between block device allocation retries on +# failures (integer value) +#block_device_allocate_retries_interval=3 + +# Waiting time interval (seconds) between sending the scheduler a list of +# current instance UUIDs to verify that its view of instances is in sync with +# nova. If the CONF option `scheduler_tracks_instance_changes` is False, +# changing this option will have no effect. (integer value) +#scheduler_instance_sync_interval=120 + +# Interval in seconds for updating compute resources. A number less than 0 +# means to disable the task completely. Leaving this at the default of 0 will +# cause this to run at the default periodic interval. Setting it to any +# positive value will cause it to run at approximately that number of seconds. +# (integer value) +#update_resources_interval=0 + +# Action to take if a running deleted instance is detected.Set to 'noop' to +# take no action. (string value) +# Allowed values: noop, log, shutdown, reap +#running_deleted_instance_action=reap + +# Number of seconds to wait between runs of the cleanup task. (integer value) +#running_deleted_instance_poll_interval=1800 + +# Number of seconds after being deleted when a running instance should be +# considered eligible for cleanup. (integer value) +#running_deleted_instance_timeout=0 + +# Automatically hard reboot an instance if it has been stuck in a rebooting +# state longer than N seconds. Set to 0 to disable. (integer value) +#reboot_timeout=0 + +# Amount of time in seconds an instance can be in BUILD before going into ERROR +# status. Set to 0 to disable. (integer value) +#instance_build_timeout=0 + +# Automatically unrescue an instance after N seconds. Set to 0 to disable. +# (integer value) +#rescue_timeout=0 + +# Automatically confirm resizes after N seconds. Set to 0 to disable. (integer +# value) +#resize_confirm_window=0 + +# Total amount of time to wait in seconds for an instance to perform a clean +# shutdown. (integer value) +#shutdown_timeout=60 + +# Monitor classes available to the compute which may be specified more than +# once. This option is DEPRECATED and no longer used. Use setuptools entry +# points to list available monitor plugins. (multi valued) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#compute_available_monitors = + +# A list of monitors that can be used for getting compute metrics. You can use +# the alias/name from the setuptools entry points for nova.compute.monitors.* +# namespaces. If no namespace is supplied, the "cpu." namespace is assumed for +# backwards-compatibility. An example value that would enable both the CPU and +# NUMA memory bandwidth monitors that used the virt driver variant: +# ["cpu.virt_driver", "numa_mem_bw.virt_driver"] (list value) +#compute_monitors = + +# Amount of disk in MB to reserve for the host (integer value) +#reserved_host_disk_mb=0 + +# Amount of memory in MB to reserve for the host (integer value) +#reserved_host_memory_mb=512 +reserved_host_memory_mb=512 + +# Class that will manage stats for the local compute host (string value) +#compute_stats_class=nova.compute.stats.Stats + +# The names of the extra resources to track. (list value) +#compute_resources=vcpu + +# Virtual CPU to physical CPU allocation ratio which affects all CPU filters. +# This configuration specifies a global ratio for CoreFilter. For +# AggregateCoreFilter, it will fall back to this configuration value if no per- +# aggregate setting found. NOTE: This can be set per-compute, or if set to 0.0, +# the value set on the scheduler node(s) will be used and defaulted to 16.0 +# (floating point value) +#cpu_allocation_ratio=0.0 +cpu_allocation_ratio=16.0 + +# Virtual ram to physical ram allocation ratio which affects all ram filters. +# This configuration specifies a global ratio for RamFilter. For +# AggregateRamFilter, it will fall back to this configuration value if no per- +# aggregate setting found. NOTE: This can be set per-compute, or if set to 0.0, +# the value set on the scheduler node(s) will be used and defaulted to 1.5 +# (floating point value) +#ram_allocation_ratio=0.0 +ram_allocation_ratio=1.5 + +# The topic compute nodes listen on (string value) +#compute_topic=compute + +# +# From nova.network +# + +# The full class name of the network API class to use (string value) +#network_api_class=nova.network.api.API +network_api_class=nova.network.neutronv2.api.API + +# Driver to use for network creation (string value) +#network_driver=nova.network.linux_net + +# Default pool for floating IPs (string value) +#default_floating_pool=nova +default_floating_pool=public + +# Autoassigning floating IP to VM (boolean value) +#auto_assign_floating_ip=false + +# Full class name for the DNS Manager for floating IPs (string value) +#floating_ip_dns_manager=nova.network.noop_dns_driver.NoopDNSDriver + +# Full class name for the DNS Manager for instance IPs (string value) +#instance_dns_manager=nova.network.noop_dns_driver.NoopDNSDriver + +# Full class name for the DNS Zone for instance IPs (string value) +#instance_dns_domain = + +# URL for LDAP server which will store DNS entries (string value) +#ldap_dns_url=ldap://ldap.example.com:389 + +# User for LDAP DNS (string value) +#ldap_dns_user=uid=admin,ou=people,dc=example,dc=org + +# Password for LDAP DNS (string value) +#ldap_dns_password=password + +# Hostmaster for LDAP DNS driver Statement of Authority (string value) +#ldap_dns_soa_hostmaster=hostmaster@example.org + +# DNS Servers for LDAP DNS driver (multi valued) +#ldap_dns_servers=dns.example.org + +# Base DN for DNS entries in LDAP (string value) +#ldap_dns_base_dn=ou=hosts,dc=example,dc=org + +# Refresh interval (in seconds) for LDAP DNS driver Statement of Authority +# (string value) +#ldap_dns_soa_refresh=1800 + +# Retry interval (in seconds) for LDAP DNS driver Statement of Authority +# (string value) +#ldap_dns_soa_retry=3600 + +# Expiry interval (in seconds) for LDAP DNS driver Statement of Authority +# (string value) +#ldap_dns_soa_expiry=86400 + +# Minimum interval (in seconds) for LDAP DNS driver Statement of Authority +# (string value) +#ldap_dns_soa_minimum=7200 + +# Location of flagfiles for dhcpbridge (multi valued) +#dhcpbridge_flagfile=/etc/nova/nova.conf + +# Location to keep network config files (string value) +#networks_path=$state_path/networks + +# Interface for public IP addresses (string value) +#public_interface=eth0 + +# Location of nova-dhcpbridge (string value) +#dhcpbridge=/usr/bin/nova-dhcpbridge + +# Public IP of network host (string value) +#routing_source_ip=$my_ip + +# Lifetime of a DHCP lease in seconds (integer value) +#dhcp_lease_time=86400 + +# If set, uses specific DNS server for dnsmasq. Can be specified multiple +# times. (multi valued) +#dns_server = + +# If set, uses the dns1 and dns2 from the network ref. as dns servers. (boolean +# value) +#use_network_dns_servers=false + +# A list of dmz ranges that should be accepted (list value) +#dmz_cidr = + +# Traffic to this range will always be snatted to the fallback ip, even if it +# would normally be bridged out of the node. Can be specified multiple times. +# (multi valued) +#force_snat_range = +force_snat_range =0.0.0.0/0 + +# Override the default dnsmasq settings with this file (string value) +#dnsmasq_config_file = + +# Driver used to create ethernet devices. (string value) +#linuxnet_interface_driver=nova.network.linux_net.LinuxBridgeInterfaceDriver + +# Name of Open vSwitch bridge used with linuxnet (string value) +#linuxnet_ovs_integration_bridge=br-int + +# Send gratuitous ARPs for HA setup (boolean value) +#send_arp_for_ha=false + +# Send this many gratuitous ARPs for HA setup (integer value) +#send_arp_for_ha_count=3 + +# Use single default gateway. Only first nic of vm will get default gateway +# from dhcp server (boolean value) +#use_single_default_gateway=false + +# An interface that bridges can forward to. If this is set to all then all +# traffic will be forwarded. Can be specified multiple times. (multi valued) +#forward_bridge_interface=all + +# The IP address for the metadata API server (string value) +#metadata_host=$my_ip +metadata_host=VARINET4ADDR + +# The port for the metadata API port (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#metadata_port=8775 + +# Regular expression to match the iptables rule that should always be on the +# top. (string value) +#iptables_top_regex = + +# Regular expression to match the iptables rule that should always be on the +# bottom. (string value) +#iptables_bottom_regex = + +# The table that iptables to jump to when a packet is to be dropped. (string +# value) +#iptables_drop_action=DROP + +# Amount of time, in seconds, that ovs_vsctl should wait for a response from +# the database. 0 is to wait forever. (integer value) +#ovs_vsctl_timeout=120 + +# If passed, use fake network devices and addresses (boolean value) +#fake_network=false + +# Number of times to retry ebtables commands on failure. (integer value) +#ebtables_exec_attempts=3 + +# Number of seconds to wait between ebtables retries. (floating point value) +#ebtables_retry_interval=1.0 + +# Bridge for simple network instances (string value) +#flat_network_bridge= + +# DNS server for simple network (string value) +#flat_network_dns=8.8.4.4 + +# Whether to attempt to inject network setup into guest (boolean value) +#flat_injected=false + +# FlatDhcp will bridge into this interface if set (string value) +#flat_interface= + +# First VLAN for private networks (integer value) +# Minimum value: 1 +# Maximum value: 4094 +#vlan_start=100 + +# VLANs will bridge into this interface if set (string value) +#vlan_interface= + +# Number of networks to support (integer value) +#num_networks=1 + +# Public IP for the cloudpipe VPN servers (string value) +#vpn_ip=$my_ip + +# First Vpn port for private networks (integer value) +#vpn_start=1000 + +# Number of addresses in each private subnet (integer value) +#network_size=256 + +# Fixed IPv6 address block (string value) +#fixed_range_v6=fd00::/48 + +# Default IPv4 gateway (string value) +#gateway= + +# Default IPv6 gateway (string value) +#gateway_v6= + +# Number of addresses reserved for vpn clients (integer value) +#cnt_vpn_clients=0 + +# Seconds after which a deallocated IP is disassociated (integer value) +#fixed_ip_disassociate_timeout=600 + +# Number of attempts to create unique mac address (integer value) +#create_unique_mac_address_attempts=5 + +# If True, skip using the queue and make local calls (boolean value) +#fake_call=false + +# If True, unused gateway devices (VLAN and bridge) are deleted in VLAN network +# mode with multi hosted networks (boolean value) +#teardown_unused_network_gateway=false + +# If True, send a dhcp release on instance termination (boolean value) +#force_dhcp_release=True + +# If True, when a DNS entry must be updated, it sends a fanout cast to all +# network hosts to update their DNS entries in multi host mode (boolean value) +#update_dns_entries=false + +# Number of seconds to wait between runs of updates to DNS entries. (integer +# value) +#dns_update_periodic_interval=-1 + +# Domain to use for building the hostnames (string value) +#dhcp_domain=novalocal +dhcp_domain=novalocal + +# Indicates underlying L3 management library (string value) +#l3_lib=nova.network.l3.LinuxNetL3 + +# The topic network nodes listen on (string value) +#network_topic=network + +# Default value for multi_host in networks. Also, if set, some rpc network +# calls will be sent directly to host. (boolean value) +#multi_host=false + +# The full class name of the security API class (string value) +#security_group_api=nova +security_group_api=neutron + +# +# From nova.openstack.common.memorycache +# + +# Memcached servers or None for in process cache. (list value) +#memcached_servers= + +# +# From nova.openstack.common.policy +# + +# The JSON file that defines policies. (string value) +#policy_file=policy.json + +# Default rule. Enforced when a requested rule is not found. (string value) +#policy_default_rule=default + +# Directories where policy configuration files are stored. They can be relative +# to any directory in the search path defined by the config_dir option, or +# absolute paths. The file defined by policy_file must exist for these +# directories to be searched. Missing or empty directories are ignored. (multi +# valued) +#policy_dirs=policy.d + +# +# From nova.scheduler +# + +# Virtual disk to physical disk allocation ratio (floating point value) +#disk_allocation_ratio=1.0 + +# Tells filters to ignore hosts that have this many or more instances currently +# in build, resize, snapshot, migrate, rescue or unshelve task states (integer +# value) +#max_io_ops_per_host=8 + +# Ignore hosts that have too many instances (integer value) +#max_instances_per_host=50 + +# Absolute path to scheduler configuration JSON file. (string value) +#scheduler_json_config_location = + +# The scheduler host manager class to use (string value) +#scheduler_host_manager=nova.scheduler.host_manager.HostManager + +# New instances will be scheduled on a host chosen randomly from a subset of +# the N best hosts. This property defines the subset size that a host is chosen +# from. A value of 1 chooses the first host returned by the weighing functions. +# This value must be at least 1. Any value less than 1 will be ignored, and 1 +# will be used instead (integer value) +#scheduler_host_subset_size=1 + +# Force the filter to consider only keys matching the given namespace. (string +# value) +#aggregate_image_properties_isolation_namespace= + +# The separator used between the namespace and keys (string value) +#aggregate_image_properties_isolation_separator=. + +# Images to run on isolated host (list value) +#isolated_images = + +# Host reserved for specific images (list value) +#isolated_hosts = + +# Whether to force isolated hosts to run only isolated images (boolean value) +#restrict_isolated_hosts_to_isolated_images=true + +# Filter classes available to the scheduler which may be specified more than +# once. An entry of "nova.scheduler.filters.all_filters" maps to all filters +# included with nova. (multi valued) +#scheduler_available_filters=nova.scheduler.filters.all_filters + +# Which filter class names to use for filtering hosts when not specified in the +# request. (list value) +#scheduler_default_filters=RetryFilter,AvailabilityZoneFilter,RamFilter,DiskFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter +scheduler_default_filters=RetryFilter,AvailabilityZoneFilter,RamFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,CoreFilter + +# Which weight class names to use for weighing hosts (list value) +#scheduler_weight_classes=nova.scheduler.weights.all_weighers + +# Determines if the Scheduler tracks changes to instances to help with its +# filtering decisions. (boolean value) +#scheduler_tracks_instance_changes=true + +# Which filter class names to use for filtering baremetal hosts when not +# specified in the request. (list value) +#baremetal_scheduler_default_filters=RetryFilter,AvailabilityZoneFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ExactRamFilter,ExactDiskFilter,ExactCoreFilter + +# Flag to decide whether to use baremetal_scheduler_default_filters or not. +# (boolean value) +#scheduler_use_baremetal_filters=false + +# Default driver to use for the scheduler (string value) +#scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler +scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler + +# How often (in seconds) to run periodic tasks in the scheduler driver of your +# choice. Please note this is likely to interact with the value of +# service_down_time, but exactly how they interact will depend on your choice +# of scheduler driver. (integer value) +#scheduler_driver_task_period=60 + +# The topic scheduler nodes listen on (string value) +#scheduler_topic=scheduler + +# Maximum number of attempts to schedule an instance (integer value) +#scheduler_max_attempts=3 + +# Multiplier used for weighing host io ops. Negative numbers mean a preference +# to choose light workload compute hosts. (floating point value) +#io_ops_weight_multiplier=-1.0 + +# Multiplier used for weighing ram. Negative numbers mean to stack vs spread. +# (floating point value) +#ram_weight_multiplier=1.0 + +# +# From nova.virt +# + +# Config drive format. (string value) +# Allowed values: iso9660, vfat +#config_drive_format=iso9660 + +# Set to "always" to force injection to take place on a config drive. NOTE: The +# "always" will be deprecated in the Liberty release cycle. (string value) +# Allowed values: always, True, False +#force_config_drive= + +# Name and optionally path of the tool used for ISO image creation (string +# value) +#mkisofs_cmd=genisoimage + +# Name of the mkfs commands for ephemeral device. The format is = (multi valued) +#virt_mkfs = + +# Attempt to resize the filesystem by accessing the image over a block device. +# This is done by the host and may not be necessary if the image contains a +# recent version of cloud-init. Possible mechanisms require the nbd driver (for +# qcow and raw), or loop (for raw). (boolean value) +#resize_fs_using_block_device=false + +# Amount of time, in seconds, to wait for NBD device start up. (integer value) +#timeout_nbd=10 + +# Driver to use for controlling virtualization. Options include: +# libvirt.LibvirtDriver, xenapi.XenAPIDriver, fake.FakeDriver, +# ironic.IronicDriver, vmwareapi.VMwareVCDriver, hyperv.HyperVDriver (string +# value) +#compute_driver=libvirt.LibvirtDriver +compute_driver=libvirt.LibvirtDriver + +# The default format an ephemeral_volume will be formatted with on creation. +# (string value) +#default_ephemeral_format= + +# VM image preallocation mode: "none" => no storage provisioning is done up +# front, "space" => storage is fully allocated at instance start (string value) +# Allowed values: none, space +#preallocate_images=none + +# Whether to use cow images (boolean value) +#use_cow_images=true + +# Fail instance boot if vif plugging fails (boolean value) +#vif_plugging_is_fatal=true +vif_plugging_is_fatal=True + +# Number of seconds to wait for neutron vif plugging events to arrive before +# continuing or failing (see vif_plugging_is_fatal). If this is set to zero and +# vif_plugging_is_fatal is False, events should not be expected to arrive at +# all. (integer value) +#vif_plugging_timeout=300 +vif_plugging_timeout=300 + +# Firewall driver (defaults to hypervisor specific iptables driver) (string +# value) +#firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver +firewall_driver=nova.virt.firewall.NoopFirewallDriver + +# Whether to allow network traffic from same network (boolean value) +#allow_same_net_traffic=true + +# Defines which pcpus that instance vcpus can use. For example, "4-12,^8,15" +# (string value) +#vcpu_pin_set= + +# Number of seconds to wait between runs of the image cache manager. Set to -1 +# to disable. Setting this to 0 will run at the default rate. (integer value) +#image_cache_manager_interval=2400 + +# Where cached images are stored under $instances_path. This is NOT the full +# path - just a folder name. For per-compute-host cached images, set to +# _base_$my_ip (string value) +#image_cache_subdirectory_name=_base + +# Should unused base images be removed? (boolean value) +#remove_unused_base_images=true + +# Unused unresized base images younger than this will not be removed (integer +# value) +#remove_unused_original_minimum_age_seconds=86400 + +# Force backing images to raw format (boolean value) +#force_raw_images=true +force_raw_images=True + +# Template file for injected network (string value) +#injected_network_template=/usr/share/nova/interfaces.template + +# +# From oslo.log +# + +# Print debugging output (set logging level to DEBUG instead of default INFO +# level). (boolean value) +#debug=false +debug=True + +# If set to false, will disable INFO logging level, making WARNING the default. +# (boolean value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#verbose=true +verbose=True + +# The name of a logging configuration file. This file is appended to any +# existing logging configuration files. For details about logging configuration +# files, see the Python logging module documentation. (string value) +# Deprecated group;name - DEFAULT;log_config +#log_config_append= + +# DEPRECATED. A logging.Formatter log message format string which may use any +# of the available logging.LogRecord attributes. This option is deprecated. +# Please use logging_context_format_string and logging_default_format_string +# instead. (string value) +#log_format= + +# Format string for %%(asctime)s in log records. Default: %(default)s . (string +# value) +#log_date_format=%Y-%m-%d %H:%M:%S + +# (Optional) Name of log file to output to. If no default is set, logging will +# go to stdout. (string value) +# Deprecated group;name - DEFAULT;logfile +#log_file= + +# (Optional) The base directory used for relative --log-file paths. (string +# value) +# Deprecated group;name - DEFAULT;logdir +#log_dir=/var/log/nova +log_dir=/var/log/nova + +# Use syslog for logging. Existing syslog format is DEPRECATED and will be +# changed later to honor RFC5424. (boolean value) +#use_syslog=false +use_syslog=False + +# (Optional) Enables or disables syslog rfc5424 format for logging. If enabled, +# prefixes the MSG part of the syslog message with APP-NAME (RFC5424). The +# format without the APP-NAME is deprecated in Kilo, and will be removed in +# Mitaka, along with this option. (boolean value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#use_syslog_rfc_format=true + +# Syslog facility to receive log lines. (string value) +#syslog_log_facility=LOG_USER +syslog_log_facility=LOG_USER + +# Log output to standard error. (boolean value) +#use_stderr=False +use_stderr=True + +# Format string to use for log messages with context. (string value) +#logging_context_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s + +# Format string to use for log messages without context. (string value) +#logging_default_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s + +# Data to append to log format when level is DEBUG. (string value) +#logging_debug_format_suffix=%(funcName)s %(pathname)s:%(lineno)d + +# Prefix each line of exception output with this format. (string value) +#logging_exception_prefix=%(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s + +# List of logger=LEVEL pairs. (list value) +#default_log_levels=amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN + +# Enables or disables publication of error events. (boolean value) +#publish_errors=false + +# The format for an instance that is passed with the log message. (string +# value) +#instance_format="[instance: %(uuid)s] " + +# The format for an instance UUID that is passed with the log message. (string +# value) +#instance_uuid_format="[instance: %(uuid)s] " + +# Enables or disables fatal status of deprecations. (boolean value) +#fatal_deprecations=false + +# +# From oslo.messaging +# + +# Size of RPC connection pool. (integer value) +# Deprecated group;name - DEFAULT;rpc_conn_pool_size +#rpc_conn_pool_size=30 + +# ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP. +# The "host" option should point or resolve to this address. (string value) +#rpc_zmq_bind_address=* + +# MatchMaker driver. (string value) +#rpc_zmq_matchmaker=local + +# ZeroMQ receiver listening port. (integer value) +#rpc_zmq_port=9501 + +# Number of ZeroMQ contexts, defaults to 1. (integer value) +#rpc_zmq_contexts=1 + +# Maximum number of ingress messages to locally buffer per topic. Default is +# unlimited. (integer value) +#rpc_zmq_topic_backlog= + +# Directory for holding IPC sockets. (string value) +#rpc_zmq_ipc_dir=/var/run/openstack + +# Name of this node. Must be a valid hostname, FQDN, or IP address. Must match +# "host" option, if running Nova. (string value) +#rpc_zmq_host=localhost + +# Seconds to wait before a cast expires (TTL). Only supported by impl_zmq. +# (integer value) +#rpc_cast_timeout=30 + +# Heartbeat frequency. (integer value) +#matchmaker_heartbeat_freq=300 + +# Heartbeat time-to-live. (integer value) +#matchmaker_heartbeat_ttl=600 + +# Size of executor thread pool. (integer value) +# Deprecated group;name - DEFAULT;rpc_thread_pool_size +#executor_thread_pool_size=64 + +# The Drivers(s) to handle sending notifications. Possible values are +# messaging, messagingv2, routing, log, test, noop (multi valued) +#notification_driver = +notification_driver =nova.openstack.common.notifier.rabbit_notifier,ceilometer.compute.nova_notifier + +# AMQP topic used for OpenStack notifications. (list value) +# Deprecated group;name - [rpc_notifier2]/topics +#notification_topics=notifications +notification_topics=notifications + +# Seconds to wait for a response from a call. (integer value) +#rpc_response_timeout=60 + +# A URL representing the messaging driver to use and its full configuration. If +# not set, we fall back to the rpc_backend option and driver specific +# configuration. (string value) +#transport_url= + +# The messaging driver to use, defaults to rabbit. Other drivers include qpid +# and zmq. (string value) +#rpc_backend=rabbit +rpc_backend=rabbit + +# The default exchange under which topics are scoped. May be overridden by an +# exchange name specified in the transport_url option. (string value) +#control_exchange=openstack + +# +# From oslo.service.periodic_task +# + +# Some periodic tasks can be run in a separate process. Should we run them +# here? (boolean value) +#run_external_periodic_tasks=true + +# +# From oslo.service.service +# + +# Enable eventlet backdoor. Acceptable values are 0, , and +# :, where 0 results in listening on a random tcp port number; +# results in listening on the specified port number (and not enabling +# backdoor if that port is in use); and : results in listening on +# the smallest unused port number within the specified range of port numbers. +# The chosen port is displayed in the service's log file. (string value) +#backdoor_port= + +# Enables or disables logging values of all registered options when starting a +# service (at DEBUG level). (boolean value) +#log_options=true +sql_connection=mysql+pymysql://nova:qum5net@VARINET4ADDR/nova +image_service=nova.image.glance.GlanceImageService +lock_path=/var/lib/nova/tmp +osapi_volume_listen=0.0.0.0 +vncserver_proxyclient_address=VARHOSTNAME.ceph.redhat.com +vnc_keymap=en-us +vnc_enabled=True +vncserver_listen=0.0.0.0 +novncproxy_base_url=http://VARINET4ADDR:6080/vnc_auto.html + +rbd_user = cinder +rbd_secret_uuid = RBDSECRET + +[api_database] + +# +# From nova +# + +# The SQLAlchemy connection string to use to connect to the Nova API database. +# (string value) +#connection=mysql://nova:nova@localhost/nova + +# If True, SQLite uses synchronous mode. (boolean value) +#sqlite_synchronous=true + +# The SQLAlchemy connection string to use to connect to the slave database. +# (string value) +#slave_connection= + +# The SQL mode to be used for MySQL sessions. This option, including the +# default, overrides any server-set SQL mode. To use whatever SQL mode is set +# by the server configuration, set this to no value. Example: mysql_sql_mode= +# (string value) +#mysql_sql_mode=TRADITIONAL + +# Timeout before idle SQL connections are reaped. (integer value) +#idle_timeout=3600 + +# Maximum number of SQL connections to keep open in a pool. (integer value) +#max_pool_size= + +# Maximum number of database connection retries during startup. Set to -1 to +# specify an infinite retry count. (integer value) +#max_retries=-1 + +# Interval between retries of opening a SQL connection. (integer value) +#retry_interval=10 + +# If set, use this value for max_overflow with SQLAlchemy. (integer value) +#max_overflow= + +# Verbosity of SQL debugging information: 0=None, 100=Everything. (integer +# value) +#connection_debug=0 + +# Add Python stack traces to SQL as comment strings. (boolean value) +#connection_trace=false + +# If set, use this value for pool_timeout with SQLAlchemy. (integer value) +#pool_timeout= + + +[barbican] + +# +# From nova +# + +# Info to match when looking for barbican in the service catalog. Format is: +# separated values of the form: :: +# (string value) +#catalog_info=key-manager:barbican:public + +# Override service catalog lookup with template for barbican endpoint e.g. +# http://localhost:9311/v1/%(project_id)s (string value) +#endpoint_template= + +# Region name of this node (string value) +#os_region_name= + + +[cells] + +# +# From nova.cells +# + +# Enable cell functionality (boolean value) +#enable=false + +# The topic cells nodes listen on (string value) +#topic=cells + +# Manager for cells (string value) +#manager=nova.cells.manager.CellsManager + +# Name of this cell (string value) +#name=nova + +# Key/Multi-value list with the capabilities of the cell (list value) +#capabilities=hypervisor=xenserver;kvm,os=linux;windows + +# Seconds to wait for response from a call to a cell. (integer value) +#call_timeout=60 + +# Percentage of cell capacity to hold in reserve. Affects both memory and disk +# utilization (floating point value) +#reserve_percent=10.0 + +# Type of cell (string value) +# Allowed values: api, compute +#cell_type=compute + +# Number of seconds after which a lack of capability and capacity updates +# signals the child cell is to be treated as a mute. (integer value) +#mute_child_interval=300 + +# Seconds between bandwidth updates for cells. (integer value) +#bandwidth_update_interval=600 + +# Cells communication driver to use (string value) +#driver=nova.cells.rpc_driver.CellsRPCDriver + +# Number of seconds after an instance was updated or deleted to continue to +# update cells (integer value) +#instance_updated_at_threshold=3600 + +# Number of instances to update per periodic task run (integer value) +#instance_update_num_instances=1 + +# Maximum number of hops for cells routing. (integer value) +#max_hop_count=10 + +# Cells scheduler to use (string value) +#scheduler=nova.cells.scheduler.CellsScheduler + +# Base queue name to use when communicating between cells. Various topics by +# message type will be appended to this. (string value) +#rpc_driver_queue_base=cells.intercell + +# Filter classes the cells scheduler should use. An entry of +# "nova.cells.filters.all_filters" maps to all cells filters included with +# nova. (list value) +#scheduler_filter_classes=nova.cells.filters.all_filters + +# Weigher classes the cells scheduler should use. An entry of +# "nova.cells.weights.all_weighers" maps to all cell weighers included with +# nova. (list value) +#scheduler_weight_classes=nova.cells.weights.all_weighers + +# How many retries when no cells are available. (integer value) +#scheduler_retries=10 + +# How often to retry in seconds when no cells are available. (integer value) +#scheduler_retry_delay=2 + +# Interval, in seconds, for getting fresh cell information from the database. +# (integer value) +#db_check_interval=60 + +# Configuration file from which to read cells configuration. If given, +# overrides reading cells from the database. (string value) +#cells_config= + +# Multiplier used to weigh mute children. (The value should be negative.) +# (floating point value) +#mute_weight_multiplier=-10000.0 + +# Multiplier used for weighing ram. Negative numbers mean to stack vs spread. +# (floating point value) +#ram_weight_multiplier=10.0 + +# Multiplier used to weigh offset weigher. (floating point value) +#offset_weight_multiplier=1.0 + + +[cinder] + +# +# From nova +# + +# Info to match when looking for cinder in the service catalog. Format is: +# separated values of the form: :: +# (string value) +#catalog_info=volumev2:cinderv2:publicURL +catalog_info=volumev2:cinderv2:publicURL + +# Override service catalog lookup with template for cinder endpoint e.g. +# http://localhost:8776/v1/%(project_id)s (string value) +#endpoint_template= + +# Region name of this node (string value) +#os_region_name= + +# Number of cinderclient retries on failed http calls (integer value) +#http_retries=3 + +# Allow attach between instance and volume in different availability zones. +# (boolean value) +#cross_az_attach=true + + +[conductor] + +# +# From nova +# + +# Perform nova-conductor operations locally (boolean value) +#use_local=false +use_local=False + +# The topic on which conductor nodes listen (string value) +#topic=conductor + +# Full class name for the Manager for conductor (string value) +#manager=nova.conductor.manager.ConductorManager + +# Number of workers for OpenStack Conductor service. The default will be the +# number of CPUs available. (integer value) +#workers= + + +[cors] + +# +# From oslo.middleware +# + +# Indicate whether this resource may be shared with the domain received in the +# requests "origin" header. (string value) +#allowed_origin= + +# Indicate that the actual request can include user credentials (boolean value) +#allow_credentials=true + +# Indicate which headers are safe to expose to the API. Defaults to HTTP Simple +# Headers. (list value) +#expose_headers=Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma + +# Maximum cache age of CORS preflight requests. (integer value) +#max_age=3600 + +# Indicate which methods can be used during the actual request. (list value) +#allow_methods=GET,POST,PUT,DELETE,OPTIONS + +# Indicate which header field names may be used during the actual request. +# (list value) +#allow_headers=Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma + + +[cors.subdomain] + +# +# From oslo.middleware +# + +# Indicate whether this resource may be shared with the domain received in the +# requests "origin" header. (string value) +#allowed_origin= + +# Indicate that the actual request can include user credentials (boolean value) +#allow_credentials=true + +# Indicate which headers are safe to expose to the API. Defaults to HTTP Simple +# Headers. (list value) +#expose_headers=Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma + +# Maximum cache age of CORS preflight requests. (integer value) +#max_age=3600 + +# Indicate which methods can be used during the actual request. (list value) +#allow_methods=GET,POST,PUT,DELETE,OPTIONS + +# Indicate which header field names may be used during the actual request. +# (list value) +#allow_headers=Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma + + +[database] + +# +# From nova +# + +# The file name to use with SQLite. (string value) +# Deprecated group;name - DEFAULT;sqlite_db +#sqlite_db=oslo.sqlite + +# If True, SQLite uses synchronous mode. (boolean value) +# Deprecated group;name - DEFAULT;sqlite_synchronous +#sqlite_synchronous=true + +# The back end to use for the database. (string value) +# Deprecated group;name - DEFAULT;db_backend +#backend=sqlalchemy + +# The SQLAlchemy connection string to use to connect to the database. (string +# value) +# Deprecated group;name - DEFAULT;sql_connection +# Deprecated group;name - [DATABASE]/sql_connection +# Deprecated group;name - [sql]/connection +#connection= + +# The SQLAlchemy connection string to use to connect to the slave database. +# (string value) +#slave_connection= + +# The SQL mode to be used for MySQL sessions. This option, including the +# default, overrides any server-set SQL mode. To use whatever SQL mode is set +# by the server configuration, set this to no value. Example: mysql_sql_mode= +# (string value) +#mysql_sql_mode=TRADITIONAL + +# Timeout before idle SQL connections are reaped. (integer value) +# Deprecated group;name - DEFAULT;sql_idle_timeout +# Deprecated group;name - [DATABASE]/sql_idle_timeout +# Deprecated group;name - [sql]/idle_timeout +#idle_timeout=3600 + +# Minimum number of SQL connections to keep open in a pool. (integer value) +# Deprecated group;name - DEFAULT;sql_min_pool_size +# Deprecated group;name - [DATABASE]/sql_min_pool_size +#min_pool_size=1 + +# Maximum number of SQL connections to keep open in a pool. (integer value) +# Deprecated group;name - DEFAULT;sql_max_pool_size +# Deprecated group;name - [DATABASE]/sql_max_pool_size +#max_pool_size= + +# Maximum number of database connection retries during startup. Set to -1 to +# specify an infinite retry count. (integer value) +# Deprecated group;name - DEFAULT;sql_max_retries +# Deprecated group;name - [DATABASE]/sql_max_retries +#max_retries=10 + +# Interval between retries of opening a SQL connection. (integer value) +# Deprecated group;name - DEFAULT;sql_retry_interval +# Deprecated group;name - [DATABASE]/reconnect_interval +#retry_interval=10 + +# If set, use this value for max_overflow with SQLAlchemy. (integer value) +# Deprecated group;name - DEFAULT;sql_max_overflow +# Deprecated group;name - [DATABASE]/sqlalchemy_max_overflow +#max_overflow= + +# Verbosity of SQL debugging information: 0=None, 100=Everything. (integer +# value) +# Deprecated group;name - DEFAULT;sql_connection_debug +#connection_debug=0 + +# Add Python stack traces to SQL as comment strings. (boolean value) +# Deprecated group;name - DEFAULT;sql_connection_trace +#connection_trace=false + +# If set, use this value for pool_timeout with SQLAlchemy. (integer value) +# Deprecated group;name - [DATABASE]/sqlalchemy_pool_timeout +#pool_timeout= + +# Enable the experimental use of database reconnect on connection lost. +# (boolean value) +#use_db_reconnect=false + +# Seconds between retries of a database transaction. (integer value) +#db_retry_interval=1 + +# If True, increases the interval between retries of a database operation up to +# db_max_retry_interval. (boolean value) +#db_inc_retry_interval=true + +# If db_inc_retry_interval is set, the maximum seconds between retries of a +# database operation. (integer value) +#db_max_retry_interval=10 + +# Maximum retries in case of connection error or deadlock error before error is +# raised. Set to -1 to specify an infinite retry count. (integer value) +#db_max_retries=20 + +# +# From oslo.db +# + +# The file name to use with SQLite. (string value) +# Deprecated group;name - DEFAULT;sqlite_db +#sqlite_db=oslo.sqlite + +# If True, SQLite uses synchronous mode. (boolean value) +# Deprecated group;name - DEFAULT;sqlite_synchronous +#sqlite_synchronous=true + +# The back end to use for the database. (string value) +# Deprecated group;name - DEFAULT;db_backend +#backend=sqlalchemy + +# The SQLAlchemy connection string to use to connect to the database. (string +# value) +# Deprecated group;name - DEFAULT;sql_connection +# Deprecated group;name - [DATABASE]/sql_connection +# Deprecated group;name - [sql]/connection +#connection= + +# The SQLAlchemy connection string to use to connect to the slave database. +# (string value) +#slave_connection= + +# The SQL mode to be used for MySQL sessions. This option, including the +# default, overrides any server-set SQL mode. To use whatever SQL mode is set +# by the server configuration, set this to no value. Example: mysql_sql_mode= +# (string value) +#mysql_sql_mode=TRADITIONAL + +# Timeout before idle SQL connections are reaped. (integer value) +# Deprecated group;name - DEFAULT;sql_idle_timeout +# Deprecated group;name - [DATABASE]/sql_idle_timeout +# Deprecated group;name - [sql]/idle_timeout +#idle_timeout=3600 + +# Minimum number of SQL connections to keep open in a pool. (integer value) +# Deprecated group;name - DEFAULT;sql_min_pool_size +# Deprecated group;name - [DATABASE]/sql_min_pool_size +#min_pool_size=1 + +# Maximum number of SQL connections to keep open in a pool. (integer value) +# Deprecated group;name - DEFAULT;sql_max_pool_size +# Deprecated group;name - [DATABASE]/sql_max_pool_size +#max_pool_size= + +# Maximum number of database connection retries during startup. Set to -1 to +# specify an infinite retry count. (integer value) +# Deprecated group;name - DEFAULT;sql_max_retries +# Deprecated group;name - [DATABASE]/sql_max_retries +#max_retries=10 + +# Interval between retries of opening a SQL connection. (integer value) +# Deprecated group;name - DEFAULT;sql_retry_interval +# Deprecated group;name - [DATABASE]/reconnect_interval +#retry_interval=10 + +# If set, use this value for max_overflow with SQLAlchemy. (integer value) +# Deprecated group;name - DEFAULT;sql_max_overflow +# Deprecated group;name - [DATABASE]/sqlalchemy_max_overflow +#max_overflow= + +# Verbosity of SQL debugging information: 0=None, 100=Everything. (integer +# value) +# Deprecated group;name - DEFAULT;sql_connection_debug +#connection_debug=0 + +# Add Python stack traces to SQL as comment strings. (boolean value) +# Deprecated group;name - DEFAULT;sql_connection_trace +#connection_trace=false + +# If set, use this value for pool_timeout with SQLAlchemy. (integer value) +# Deprecated group;name - [DATABASE]/sqlalchemy_pool_timeout +#pool_timeout= + +# Enable the experimental use of database reconnect on connection lost. +# (boolean value) +#use_db_reconnect=false + +# Seconds between retries of a database transaction. (integer value) +#db_retry_interval=1 + +# If True, increases the interval between retries of a database operation up to +# db_max_retry_interval. (boolean value) +#db_inc_retry_interval=true + +# If db_inc_retry_interval is set, the maximum seconds between retries of a +# database operation. (integer value) +#db_max_retry_interval=10 + +# Maximum retries in case of connection error or deadlock error before error is +# raised. Set to -1 to specify an infinite retry count. (integer value) +#db_max_retries=20 + + +[ephemeral_storage_encryption] + +# +# From nova.compute +# + +# Whether to encrypt ephemeral storage (boolean value) +#enabled=false + +# The cipher and mode to be used to encrypt ephemeral storage. Which ciphers +# are available ciphers depends on kernel support. See /proc/crypto for the +# list of available options. (string value) +#cipher=aes-xts-plain64 + +# The bit length of the encryption key to be used to encrypt ephemeral storage +# (in XTS mode only half of the bits are used for encryption key) (integer +# value) +#key_size=512 + + +[glance] + +# +# From nova +# + +# Default glance hostname or IP address (string value) +#host=$my_ip + +# Default glance port (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#port=9292 + +# Default protocol to use when connecting to glance. Set to https for SSL. +# (string value) +# Allowed values: http, https +#protocol=http + +# A list of the glance api servers available to nova. Prefix with https:// for +# ssl-based glance api servers. ([hostname|ip]:port) (list value) +#api_servers= +api_servers=VARINET4ADDR:9292 + +# Allow to perform insecure SSL (https) requests to glance (boolean value) +#api_insecure=false + +# Number of retries when uploading / downloading an image to / from glance. +# (integer value) +#num_retries=0 + +# A list of url scheme that can be downloaded directly via the direct_url. +# Currently supported schemes: [file]. (list value) +#allowed_direct_url_schemes = + + +[guestfs] + +# +# From nova.virt +# + +# Enable guestfs debug (boolean value) +#debug=false + + +[hyperv] + +# +# From nova.virt +# + +# The name of a Windows share name mapped to the "instances_path" dir and used +# by the resize feature to copy files to the target host. If left blank, an +# administrative share will be used, looking for the same "instances_path" used +# locally (string value) +#instances_path_share = + +# Force V1 WMI utility classes (boolean value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#force_hyperv_utils_v1=false + +# Force V1 volume utility class (boolean value) +#force_volumeutils_v1=false + +# External virtual switch Name, if not provided, the first external virtual +# switch is used (string value) +#vswitch_name= + +# Required for live migration among hosts with different CPU features (boolean +# value) +#limit_cpu_features=false + +# Sets the admin password in the config drive image (boolean value) +#config_drive_inject_password=false + +# Path of qemu-img command which is used to convert between different image +# types (string value) +#qemu_img_cmd=qemu-img.exe + +# Attaches the Config Drive image as a cdrom drive instead of a disk drive +# (boolean value) +#config_drive_cdrom=false + +# Enables metrics collections for an instance by using Hyper-V's metric APIs. +# Collected data can by retrieved by other apps and services, e.g.: Ceilometer. +# Requires Hyper-V / Windows Server 2012 and above (boolean value) +#enable_instance_metrics_collection=false + +# Enables dynamic memory allocation (ballooning) when set to a value greater +# than 1. The value expresses the ratio between the total RAM assigned to an +# instance and its startup RAM amount. For example a ratio of 2.0 for an +# instance with 1024MB of RAM implies 512MB of RAM allocated at startup +# (floating point value) +#dynamic_memory_ratio=1.0 + +# Number of seconds to wait for instance to shut down after soft reboot request +# is made. We fall back to hard reboot if instance does not shutdown within +# this window. (integer value) +#wait_soft_reboot_seconds=60 + +# The number of times to retry to attach a volume (integer value) +#volume_attach_retry_count=10 + +# Interval between volume attachment attempts, in seconds (integer value) +#volume_attach_retry_interval=5 + +# The number of times to retry checking for a disk mounted via iSCSI. (integer +# value) +#mounted_disk_query_retry_count=10 + +# Interval between checks for a mounted iSCSI disk, in seconds. (integer value) +#mounted_disk_query_retry_interval=5 + + +[image_file_url] + +# +# From nova +# + +# List of file systems that are configured in this file in the +# image_file_url: sections (list value) +#filesystems = + + +[ironic] + +# +# From nova.virt +# + +# Version of Ironic API service endpoint. (integer value) +#api_version=1 + +# URL for Ironic API endpoint. (string value) +#api_endpoint= + +# Ironic keystone admin name (string value) +#admin_username= + +# Ironic keystone admin password. (string value) +#admin_password= + +# Ironic keystone auth token.DEPRECATED: use admin_username, admin_password, +# and admin_tenant_name instead (string value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#admin_auth_token= + +# Keystone public API endpoint. (string value) +#admin_url= + +# Log level override for ironicclient. Set this in order to override the global +# "default_log_levels", "verbose", and "debug" settings. DEPRECATED: use +# standard logging configuration. (string value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#client_log_level= + +# Ironic keystone tenant name. (string value) +#admin_tenant_name= + +# How many retries when a request does conflict. If <= 0, only try once, no +# retries. (integer value) +#api_max_retries=60 + +# How often to retry in seconds when a request does conflict (integer value) +#api_retry_interval=2 + + +[keymgr] + +# +# From nova +# + +# Fixed key returned by key manager, specified in hex (string value) +#fixed_key= + +# The full class name of the key manager API class (string value) +#api_class=nova.keymgr.conf_key_mgr.ConfKeyManager + + +[keystone_authtoken] + +# +# From keystonemiddleware.auth_token +# + +# Complete public Identity API endpoint. (string value) +#auth_uri= +auth_uri=http://VARINET4ADDR:5000/v2.0 + +# API version of the admin Identity API endpoint. (string value) +#auth_version= + +# Do not handle authorization requests within the middleware, but delegate the +# authorization decision to downstream WSGI components. (boolean value) +#delay_auth_decision=false + +# Request timeout value for communicating with Identity API server. (integer +# value) +#http_connect_timeout= + +# How many times are we trying to reconnect when communicating with Identity +# API Server. (integer value) +#http_request_max_retries=3 + +# Env key for the swift cache. (string value) +#cache= + +# Required if identity server requires client certificate (string value) +#certfile= + +# Required if identity server requires client certificate (string value) +#keyfile= + +# A PEM encoded Certificate Authority to use when verifying HTTPs connections. +# Defaults to system CAs. (string value) +#cafile= + +# Verify HTTPS connections. (boolean value) +#insecure=false + +# The region in which the identity server can be found. (string value) +#region_name= + +# Directory used to cache files related to PKI tokens. (string value) +#signing_dir= + +# Optionally specify a list of memcached server(s) to use for caching. If left +# undefined, tokens will instead be cached in-process. (list value) +# Deprecated group;name - DEFAULT;memcache_servers +#memcached_servers= + +# In order to prevent excessive effort spent validating tokens, the middleware +# caches previously-seen tokens for a configurable duration (in seconds). Set +# to -1 to disable caching completely. (integer value) +#token_cache_time=300 + +# Determines the frequency at which the list of revoked tokens is retrieved +# from the Identity service (in seconds). A high number of revocation events +# combined with a low cache duration may significantly reduce performance. +# (integer value) +#revocation_cache_time=10 + +# (Optional) If defined, indicate whether token data should be authenticated or +# authenticated and encrypted. Acceptable values are MAC or ENCRYPT. If MAC, +# token data is authenticated (with HMAC) in the cache. If ENCRYPT, token data +# is encrypted and authenticated in the cache. If the value is not one of these +# options or empty, auth_token will raise an exception on initialization. +# (string value) +#memcache_security_strategy= + +# (Optional, mandatory if memcache_security_strategy is defined) This string is +# used for key derivation. (string value) +#memcache_secret_key= + +# (Optional) Number of seconds memcached server is considered dead before it is +# tried again. (integer value) +#memcache_pool_dead_retry=300 + +# (Optional) Maximum total number of open connections to every memcached +# server. (integer value) +#memcache_pool_maxsize=10 + +# (Optional) Socket timeout in seconds for communicating with a memcached +# server. (integer value) +#memcache_pool_socket_timeout=3 + +# (Optional) Number of seconds a connection to memcached is held unused in the +# pool before it is closed. (integer value) +#memcache_pool_unused_timeout=60 + +# (Optional) Number of seconds that an operation will wait to get a memcached +# client connection from the pool. (integer value) +#memcache_pool_conn_get_timeout=10 + +# (Optional) Use the advanced (eventlet safe) memcached client pool. The +# advanced pool will only work under python 2.x. (boolean value) +#memcache_use_advanced_pool=false + +# (Optional) Indicate whether to set the X-Service-Catalog header. If False, +# middleware will not ask for service catalog on token validation and will not +# set the X-Service-Catalog header. (boolean value) +#include_service_catalog=true + +# Used to control the use and type of token binding. Can be set to: "disabled" +# to not check token binding. "permissive" (default) to validate binding +# information if the bind type is of a form known to the server and ignore it +# if not. "strict" like "permissive" but if the bind type is unknown the token +# will be rejected. "required" any form of token binding is needed to be +# allowed. Finally the name of a binding method that must be present in tokens. +# (string value) +#enforce_token_bind=permissive + +# If true, the revocation list will be checked for cached tokens. This requires +# that PKI tokens are configured on the identity server. (boolean value) +#check_revocations_for_cached=false + +# Hash algorithms to use for hashing PKI tokens. This may be a single algorithm +# or multiple. The algorithms are those supported by Python standard +# hashlib.new(). The hashes will be tried in the order given, so put the +# preferred one first for performance. The result of the first hash will be +# stored in the cache. This will typically be set to multiple values only while +# migrating from a less secure algorithm to a more secure one. Once all the old +# tokens are expired this option should be set to a single value for better +# performance. (list value) +#hash_algorithms=md5 + +# Prefix to prepend at the beginning of the path. Deprecated, use identity_uri. +# (string value) +#auth_admin_prefix = + +# Host providing the admin Identity API endpoint. Deprecated, use identity_uri. +# (string value) +#auth_host=127.0.0.1 + +# Port of the admin Identity API endpoint. Deprecated, use identity_uri. +# (integer value) +#auth_port=35357 + +# Protocol of the admin Identity API endpoint (http or https). Deprecated, use +# identity_uri. (string value) +#auth_protocol=http + +# Complete admin Identity API endpoint. This should specify the unversioned +# root endpoint e.g. https://localhost:35357/ (string value) +#identity_uri= +identity_uri=http://VARINET4ADDR:35357 + +# This option is deprecated and may be removed in a future release. Single +# shared secret with the Keystone configuration used for bootstrapping a +# Keystone installation, or otherwise bypassing the normal authentication +# process. This option should not be used, use `admin_user` and +# `admin_password` instead. (string value) +#admin_token= + +# Service username. (string value) +#admin_user= +admin_user=nova + +# Service user password. (string value) +#admin_password= +admin_password=qum5net + +# Service tenant name. (string value) +#admin_tenant_name=admin +admin_tenant_name=services + + +[libvirt] + +# +# From nova.virt +# + +# Rescue ami image. This will not be used if an image id is provided by the +# user. (string value) +#rescue_image_id= + +# Rescue aki image (string value) +#rescue_kernel_id= + +# Rescue ari image (string value) +#rescue_ramdisk_id= + +# Libvirt domain type (string value) +# Allowed values: kvm, lxc, qemu, uml, xen, parallels +#virt_type=kvm +virt_type=kvm + +# Override the default libvirt URI (which is dependent on virt_type) (string +# value) +#connection_uri = + +# Inject the admin password at boot time, without an agent. (boolean value) +#inject_password=false +inject_password=False + +# Inject the ssh public key at boot time (boolean value) +#inject_key=false +inject_key=False + +# The partition to inject to : -2 => disable, -1 => inspect (libguestfs only), +# 0 => not partitioned, >0 => partition number (integer value) +#inject_partition=-2 +inject_partition=-2 + +# Sync virtual and real mouse cursors in Windows VMs (boolean value) +#use_usb_tablet=true + +# Migration target URI (any included "%s" is replaced with the migration target +# hostname) (string value) +#live_migration_uri=qemu+tcp://%s/system +live_migration_uri=qemu+tcp://nova@%s/system + +# Migration flags to be set for live migration (string value) +#live_migration_flag=VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER, VIR_MIGRATE_LIVE, VIR_MIGRATE_TUNNELLED +live_migration_flag="VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER, VIR_MIGRATE_LIVE, VIR_MIGRATE_PERSIST_DEST, VIR_MIGRATE_TUNNELLED" + +# Migration flags to be set for block migration (string value) +#block_migration_flag=VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER, VIR_MIGRATE_LIVE, VIR_MIGRATE_TUNNELLED, VIR_MIGRATE_NON_SHARED_INC + +# Maximum bandwidth(in MiB/s) to be used during migration. If set to 0, will +# choose a suitable default. Some hypervisors do not support this feature and +# will return an error if bandwidth is not 0. Please refer to the libvirt +# documentation for further details (integer value) +#live_migration_bandwidth=0 + +# Maximum permitted downtime, in milliseconds, for live migration switchover. +# Will be rounded up to a minimum of 100ms. Use a large value if guest liveness +# is unimportant. (integer value) +#live_migration_downtime=500 + +# Number of incremental steps to reach max downtime value. Will be rounded up +# to a minimum of 3 steps (integer value) +#live_migration_downtime_steps=10 + +# Time to wait, in seconds, between each step increase of the migration +# downtime. Minimum delay is 10 seconds. Value is per GiB of guest RAM + disk +# to be transferred, with lower bound of a minimum of 2 GiB per device (integer +# value) +#live_migration_downtime_delay=75 + +# Time to wait, in seconds, for migration to successfully complete transferring +# data before aborting the operation. Value is per GiB of guest RAM + disk to +# be transferred, with lower bound of a minimum of 2 GiB. Should usually be +# larger than downtime delay * downtime steps. Set to 0 to disable timeouts. +# (integer value) +#live_migration_completion_timeout=800 + +# Time to wait, in seconds, for migration to make forward progress in +# transferring data before aborting the operation. Set to 0 to disable +# timeouts. (integer value) +#live_migration_progress_timeout=150 + +# Snapshot image format. Defaults to same as source image (string value) +# Allowed values: raw, qcow2, vmdk, vdi +#snapshot_image_format= + +# Override the default disk prefix for the devices attached to a server, which +# is dependent on virt_type. (valid options are: sd, xvd, uvd, vd) (string +# value) +#disk_prefix= + +# Number of seconds to wait for instance to shut down after soft reboot request +# is made. We fall back to hard reboot if instance does not shutdown within +# this window. (integer value) +#wait_soft_reboot_seconds=120 + +# Set to "host-model" to clone the host CPU feature flags; to "host- +# passthrough" to use the host CPU model exactly; to "custom" to use a named +# CPU model; to "none" to not set any CPU model. If virt_type="kvm|qemu", it +# will default to "host-model", otherwise it will default to "none" (string +# value) +# Allowed values: host-model, host-passthrough, custom, none +#cpu_mode= +cpu_mode=host-model + +# Set to a named libvirt CPU model (see names listed in +# /usr/share/libvirt/cpu_map.xml). Only has effect if cpu_mode="custom" and +# virt_type="kvm|qemu" (string value) +#cpu_model= + +# Location where libvirt driver will store snapshots before uploading them to +# image service (string value) +#snapshots_directory=$instances_path/snapshots + +# Location where the Xen hvmloader is kept (string value) +#xen_hvmloader_path=/usr/lib/xen/boot/hvmloader + +# Specific cachemodes to use for different disk types e.g: +# file=directsync,block=none (list value) +#disk_cachemodes = +disk_cachemodes="network=writeback" + +# A path to a device that will be used as source of entropy on the host. +# Permitted options are: /dev/random or /dev/hwrng (string value) +#rng_dev_path= + +# For qemu or KVM guests, set this option to specify a default machine type per +# host architecture. You can find a list of supported machine types in your +# environment by checking the output of the "virsh capabilities"command. The +# format of the value for this config option is host-arch=machine-type. For +# example: x86_64=machinetype1,armv7l=machinetype2 (list value) +#hw_machine_type= + +# The data source used to the populate the host "serial" UUID exposed to guest +# in the virtual BIOS. (string value) +# Allowed values: none, os, hardware, auto +#sysinfo_serial=auto + +# A number of seconds to memory usage statistics period. Zero or negative value +# mean to disable memory usage statistics. (integer value) +#mem_stats_period_seconds=10 + +# List of uid targets and ranges.Syntax is guest-uid:host-uid:countMaximum of 5 +# allowed. (list value) +#uid_maps = + +# List of guid targets and ranges.Syntax is guest-gid:host-gid:countMaximum of +# 5 allowed. (list value) +#gid_maps = + +# In a realtime host context vCPUs for guest will run in that scheduling +# priority. Priority depends on the host kernel (usually 1-99) (integer value) +#realtime_scheduler_priority=1 + +# VM Images format. If default is specified, then use_cow_images flag is used +# instead of this one. (string value) +# Allowed values: raw, qcow2, lvm, rbd, ploop, default +#images_type=default +images_type=rbd + +# LVM Volume Group that is used for VM images, when you specify +# images_type=lvm. (string value) +#images_volume_group= + +# Create sparse logical volumes (with virtualsize) if this flag is set to True. +# (boolean value) +#sparse_logical_volumes=false + +# The RADOS pool in which rbd volumes are stored (string value) +#images_rbd_pool=rbd +images_rbd_pool=vms + +# Path to the ceph configuration file to use (string value) +#images_rbd_ceph_conf = +images_rbd_ceph_conf = /etc/ceph/ceph.conf +rbd_user = cinder +rbd_secret_uuid = RBDSECRET + +# Discard option for nova managed disks. Need Libvirt(1.0.6) Qemu1.5 (raw +# format) Qemu1.6(qcow2 format) (string value) +# Allowed values: ignore, unmap +#hw_disk_discard= +hw_disk_discard=unmap + +# Allows image information files to be stored in non-standard locations (string +# value) +#image_info_filename_pattern=$instances_path/$image_cache_subdirectory_name/%(image)s.info + +# DEPRECATED: Should unused kernel images be removed? This is only safe to +# enable if all compute nodes have been updated to support this option (running +# Grizzly or newer level compute). This will be the default behavior in the +# 13.0.0 release. (boolean value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#remove_unused_kernels=true + +# Unused resized base images younger than this will not be removed (integer +# value) +#remove_unused_resized_minimum_age_seconds=3600 + +# Write a checksum for files in _base to disk (boolean value) +#checksum_base_images=false + +# How frequently to checksum base images (integer value) +#checksum_interval_seconds=3600 + +# Method used to wipe old volumes. (string value) +# Allowed values: none, zero, shred +#volume_clear=zero + +# Size in MiB to wipe at start of old volumes. 0 => all (integer value) +#volume_clear_size=0 + +# Compress snapshot images when possible. This currently applies exclusively to +# qcow2 images (boolean value) +#snapshot_compression=false + +# Use virtio for bridge interfaces with KVM/QEMU (boolean value) +#use_virtio_for_bridges=true + +# Protocols listed here will be accessed directly from QEMU. Currently +# supported protocols: [gluster] (list value) +#qemu_allowed_storage_drivers = +vif_driver=nova.virt.libvirt.vif.LibvirtGenericVIFDriver + + +[matchmaker_redis] + +# +# From oslo.messaging +# + +# Host to locate redis. (string value) +#host=127.0.0.1 + +# Use this port to connect to redis host. (integer value) +#port=6379 + +# Password for Redis server (optional). (string value) +#password= + + +[matchmaker_ring] + +# +# From oslo.messaging +# + +# Matchmaker ring file (JSON). (string value) +# Deprecated group;name - DEFAULT;matchmaker_ringfile +#ringfile=/etc/oslo/matchmaker_ring.json + + +[metrics] + +# +# From nova.scheduler +# + +# Multiplier used for weighing metrics. (floating point value) +#weight_multiplier=1.0 + +# How the metrics are going to be weighed. This should be in the form of +# "=, =, ...", where is one of the +# metrics to be weighed, and is the corresponding ratio. So for +# "name1=1.0, name2=-1.0" The final weight would be name1.value * 1.0 + +# name2.value * -1.0. (list value) +#weight_setting = + +# How to treat the unavailable metrics. When a metric is NOT available for a +# host, if it is set to be True, it would raise an exception, so it is +# recommended to use the scheduler filter MetricFilter to filter out those +# hosts. If it is set to be False, the unavailable metric would be treated as a +# negative factor in weighing process, the returned value would be set by the +# option weight_of_unavailable. (boolean value) +#required=true + +# The final weight value to be returned if required is set to False and any one +# of the metrics set by weight_setting is unavailable. (floating point value) +#weight_of_unavailable=-10000.0 + + +[neutron] + +# +# From nova.api +# + +# Set flag to indicate Neutron will proxy metadata requests and resolve +# instance ids. (boolean value) +#service_metadata_proxy=false +service_metadata_proxy=True + +# Shared secret to validate proxies Neutron metadata requests (string value) +#metadata_proxy_shared_secret = +metadata_proxy_shared_secret =qum5net + +# +# From nova.network +# + +# URL for connecting to neutron (string value) +#url=http://127.0.0.1:9696 +url=http://VARINET4ADDR:9696 + +# User id for connecting to neutron in admin context. DEPRECATED: specify an +# auth_plugin and appropriate credentials instead. (string value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#admin_user_id= + +# Username for connecting to neutron in admin context DEPRECATED: specify an +# auth_plugin and appropriate credentials instead. (string value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#admin_username= +admin_username=neutron + +# Password for connecting to neutron in admin context DEPRECATED: specify an +# auth_plugin and appropriate credentials instead. (string value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#admin_password= +admin_password=qum5net + +# Tenant id for connecting to neutron in admin context DEPRECATED: specify an +# auth_plugin and appropriate credentials instead. (string value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#admin_tenant_id= + +# Tenant name for connecting to neutron in admin context. This option will be +# ignored if neutron_admin_tenant_id is set. Note that with Keystone V3 tenant +# names are only unique within a domain. DEPRECATED: specify an auth_plugin and +# appropriate credentials instead. (string value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#admin_tenant_name= +admin_tenant_name=services + +# Region name for connecting to neutron in admin context (string value) +#region_name= +region_name=RegionOne + +# Authorization URL for connecting to neutron in admin context. DEPRECATED: +# specify an auth_plugin and appropriate credentials instead. (string value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#admin_auth_url=http://localhost:5000/v2.0 +admin_auth_url=http://VARINET4ADDR:5000/v2.0 + +# Authorization strategy for connecting to neutron in admin context. +# DEPRECATED: specify an auth_plugin and appropriate credentials instead. If an +# auth_plugin is specified strategy will be ignored. (string value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#auth_strategy=keystone +auth_strategy=keystone + +# Name of Integration Bridge used by Open vSwitch (string value) +#ovs_bridge=br-int +ovs_bridge=br-int + +# Number of seconds before querying neutron for extensions (integer value) +#extension_sync_interval=600 +extension_sync_interval=600 + +# +# From nova.network.neutronv2 +# + +# Authentication URL (string value) +#auth_url= + +# Name of the plugin to load (string value) +#auth_plugin= + +# PEM encoded Certificate Authority to use when verifying HTTPs connections. +# (string value) +# Deprecated group;name - [neutron]/ca_certificates_file +#cafile= + +# PEM encoded client certificate cert file (string value) +#certfile= + +# Domain ID to scope to (string value) +#domain_id= + +# Domain name to scope to (string value) +#domain_name= + +# Verify HTTPS connections. (boolean value) +# Deprecated group;name - [neutron]/api_insecure +#insecure=false + +# PEM encoded client certificate key file (string value) +#keyfile= + +# User's password (string value) +#password= + +# Domain ID containing project (string value) +#project_domain_id= + +# Domain name containing project (string value) +#project_domain_name= + +# Project ID to scope to (string value) +#project_id= + +# Project name to scope to (string value) +#project_name= + +# Tenant ID to scope to (string value) +#tenant_id= + +# Tenant name to scope to (string value) +#tenant_name= + +# Timeout value for http requests (integer value) +# Deprecated group;name - [neutron]/url_timeout +#timeout= +timeout=30 + +# Trust ID (string value) +#trust_id= + +# User's domain id (string value) +#user_domain_id= + +# User's domain name (string value) +#user_domain_name= + +# User id (string value) +#user_id= + +# Username (string value) +# Deprecated group;name - DEFAULT;username +#username= +default_tenant_id=default + + +[osapi_v21] + +# +# From nova.api +# + +# DEPRECATED: Whether the V2.1 API is enabled or not. This option will be +# removed in the near future. (boolean value) +# Deprecated group;name - [osapi_v21]/enabled +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#enabled=true + +# DEPRECATED: A list of v2.1 API extensions to never load. Specify the +# extension aliases here. This option will be removed in the near future. After +# that point you have to run all of the API. (list value) +# Deprecated group;name - [osapi_v21]/extensions_blacklist +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#extensions_blacklist = + +# DEPRECATED: If the list is not empty then a v2.1 API extension will only be +# loaded if it exists in this list. Specify the extension aliases here. This +# option will be removed in the near future. After that point you have to run +# all of the API. (list value) +# Deprecated group;name - [osapi_v21]/extensions_whitelist +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#extensions_whitelist = + + +[oslo_concurrency] + +# +# From oslo.concurrency +# + +# Enables or disables inter-process locks. (boolean value) +# Deprecated group;name - DEFAULT;disable_process_locking +#disable_process_locking=false + +# Directory to use for lock files. For security, the specified directory +# should only be writable by the user running the processes that need locking. +# Defaults to environment variable OSLO_LOCK_PATH. If external locks are used, +# a lock path must be set. (string value) +# Deprecated group;name - DEFAULT;lock_path +#lock_path=/var/lib/nova/tmp + + +[oslo_messaging_amqp] + +# +# From oslo.messaging +# + +# address prefix used when sending to a specific server (string value) +# Deprecated group;name - [amqp1]/server_request_prefix +#server_request_prefix=exclusive + +# address prefix used when broadcasting to all servers (string value) +# Deprecated group;name - [amqp1]/broadcast_prefix +#broadcast_prefix=broadcast + +# address prefix when sending to any server in group (string value) +# Deprecated group;name - [amqp1]/group_request_prefix +#group_request_prefix=unicast + +# Name for the AMQP container (string value) +# Deprecated group;name - [amqp1]/container_name +#container_name= + +# Timeout for inactive connections (in seconds) (integer value) +# Deprecated group;name - [amqp1]/idle_timeout +#idle_timeout=0 + +# Debug: dump AMQP frames to stdout (boolean value) +# Deprecated group;name - [amqp1]/trace +#trace=false + +# CA certificate PEM file to verify server certificate (string value) +# Deprecated group;name - [amqp1]/ssl_ca_file +#ssl_ca_file = + +# Identifying certificate PEM file to present to clients (string value) +# Deprecated group;name - [amqp1]/ssl_cert_file +#ssl_cert_file = + +# Private key PEM file used to sign cert_file certificate (string value) +# Deprecated group;name - [amqp1]/ssl_key_file +#ssl_key_file = + +# Password for decrypting ssl_key_file (if encrypted) (string value) +# Deprecated group;name - [amqp1]/ssl_key_password +#ssl_key_password= + +# Accept clients using either SSL or plain TCP (boolean value) +# Deprecated group;name - [amqp1]/allow_insecure_clients +#allow_insecure_clients=false + + +[oslo_messaging_qpid] + +# +# From oslo.messaging +# + +# Use durable queues in AMQP. (boolean value) +# Deprecated group;name - DEFAULT;amqp_durable_queues +# Deprecated group;name - DEFAULT;rabbit_durable_queues +#amqp_durable_queues=false + +# Auto-delete queues in AMQP. (boolean value) +# Deprecated group;name - DEFAULT;amqp_auto_delete +#amqp_auto_delete=false + +# Send a single AMQP reply to call message. The current behaviour since oslo- +# incubator is to send two AMQP replies - first one with the payload, a second +# one to ensure the other have finish to send the payload. We are going to +# remove it in the N release, but we must keep backward compatible at the same +# time. This option provides such compatibility - it defaults to False in +# Liberty and can be turned on for early adopters with a new installations or +# for testing. Please note, that this option will be removed in the Mitaka +# release. (boolean value) +#send_single_reply=false + +# Qpid broker hostname. (string value) +# Deprecated group;name - DEFAULT;qpid_hostname +#qpid_hostname=localhost + +# Qpid broker port. (integer value) +# Deprecated group;name - DEFAULT;qpid_port +#qpid_port=5672 + +# Qpid HA cluster host:port pairs. (list value) +# Deprecated group;name - DEFAULT;qpid_hosts +#qpid_hosts=$qpid_hostname:$qpid_port + +# Username for Qpid connection. (string value) +# Deprecated group;name - DEFAULT;qpid_username +#qpid_username = + +# Password for Qpid connection. (string value) +# Deprecated group;name - DEFAULT;qpid_password +#qpid_password = + +# Space separated list of SASL mechanisms to use for auth. (string value) +# Deprecated group;name - DEFAULT;qpid_sasl_mechanisms +#qpid_sasl_mechanisms = + +# Seconds between connection keepalive heartbeats. (integer value) +# Deprecated group;name - DEFAULT;qpid_heartbeat +#qpid_heartbeat=60 + +# Transport to use, either 'tcp' or 'ssl'. (string value) +# Deprecated group;name - DEFAULT;qpid_protocol +#qpid_protocol=tcp + +# Whether to disable the Nagle algorithm. (boolean value) +# Deprecated group;name - DEFAULT;qpid_tcp_nodelay +#qpid_tcp_nodelay=true + +# The number of prefetched messages held by receiver. (integer value) +# Deprecated group;name - DEFAULT;qpid_receiver_capacity +#qpid_receiver_capacity=1 + +# The qpid topology version to use. Version 1 is what was originally used by +# impl_qpid. Version 2 includes some backwards-incompatible changes that allow +# broker federation to work. Users should update to version 2 when they are +# able to take everything down, as it requires a clean break. (integer value) +# Deprecated group;name - DEFAULT;qpid_topology_version +#qpid_topology_version=1 + + +[oslo_messaging_rabbit] + +# +# From oslo.messaging +# + +# Use durable queues in AMQP. (boolean value) +# Deprecated group;name - DEFAULT;amqp_durable_queues +# Deprecated group;name - DEFAULT;rabbit_durable_queues +#amqp_durable_queues=false +amqp_durable_queues=False + +# Auto-delete queues in AMQP. (boolean value) +# Deprecated group;name - DEFAULT;amqp_auto_delete +#amqp_auto_delete=false + +# Send a single AMQP reply to call message. The current behaviour since oslo- +# incubator is to send two AMQP replies - first one with the payload, a second +# one to ensure the other have finish to send the payload. We are going to +# remove it in the N release, but we must keep backward compatible at the same +# time. This option provides such compatibility - it defaults to False in +# Liberty and can be turned on for early adopters with a new installations or +# for testing. Please note, that this option will be removed in the Mitaka +# release. (boolean value) +#send_single_reply=false + +# SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and +# SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some +# distributions. (string value) +# Deprecated group;name - DEFAULT;kombu_ssl_version +#kombu_ssl_version = + +# SSL key file (valid only if SSL enabled). (string value) +# Deprecated group;name - DEFAULT;kombu_ssl_keyfile +#kombu_ssl_keyfile = + +# SSL cert file (valid only if SSL enabled). (string value) +# Deprecated group;name - DEFAULT;kombu_ssl_certfile +#kombu_ssl_certfile = + +# SSL certification authority file (valid only if SSL enabled). (string value) +# Deprecated group;name - DEFAULT;kombu_ssl_ca_certs +#kombu_ssl_ca_certs = + +# How long to wait before reconnecting in response to an AMQP consumer cancel +# notification. (floating point value) +# Deprecated group;name - DEFAULT;kombu_reconnect_delay +#kombu_reconnect_delay=1.0 +kombu_reconnect_delay=1.0 + +# How long to wait before considering a reconnect attempt to have failed. This +# value should not be longer than rpc_response_timeout. (integer value) +#kombu_reconnect_timeout=60 + +# Determines how the next RabbitMQ node is chosen in case the one we are +# currently connected to becomes unavailable. Takes effect only if more than +# one RabbitMQ node is provided in config. (string value) +# Allowed values: round-robin, shuffle +#kombu_failover_strategy=round-robin + +# The RabbitMQ broker address where a single node is used. (string value) +# Deprecated group;name - DEFAULT;rabbit_host +#rabbit_host=localhost +rabbit_host=VARINET4ADDR + +# The RabbitMQ broker port where a single node is used. (integer value) +# Deprecated group;name - DEFAULT;rabbit_port +#rabbit_port=5672 +rabbit_port=5672 + +# RabbitMQ HA cluster host:port pairs. (list value) +# Deprecated group;name - DEFAULT;rabbit_hosts +#rabbit_hosts=$rabbit_host:$rabbit_port +rabbit_hosts=VARINET4ADDR:5672 + +# Connect over SSL for RabbitMQ. (boolean value) +# Deprecated group;name - DEFAULT;rabbit_use_ssl +#rabbit_use_ssl=false +rabbit_use_ssl=False + +# The RabbitMQ userid. (string value) +# Deprecated group;name - DEFAULT;rabbit_userid +#rabbit_userid=guest +rabbit_userid=guest + +# The RabbitMQ password. (string value) +# Deprecated group;name - DEFAULT;rabbit_password +#rabbit_password=guest +rabbit_password=guest + +# The RabbitMQ login method. (string value) +# Deprecated group;name - DEFAULT;rabbit_login_method +#rabbit_login_method=AMQPLAIN + +# The RabbitMQ virtual host. (string value) +# Deprecated group;name - DEFAULT;rabbit_virtual_host +#rabbit_virtual_host=/ +rabbit_virtual_host=/ + +# How frequently to retry connecting with RabbitMQ. (integer value) +#rabbit_retry_interval=1 + +# How long to backoff for between retries when connecting to RabbitMQ. (integer +# value) +# Deprecated group;name - DEFAULT;rabbit_retry_backoff +#rabbit_retry_backoff=2 + +# Maximum number of RabbitMQ connection retries. Default is 0 (infinite retry +# count). (integer value) +# Deprecated group;name - DEFAULT;rabbit_max_retries +#rabbit_max_retries=0 + +# Use HA queues in RabbitMQ (x-ha-policy: all). If you change this option, you +# must wipe the RabbitMQ database. (boolean value) +# Deprecated group;name - DEFAULT;rabbit_ha_queues +#rabbit_ha_queues=false +rabbit_ha_queues=False + +# Specifies the number of messages to prefetch. Setting to zero allows +# unlimited messages. (integer value) +#rabbit_qos_prefetch_count=0 + +# Number of seconds after which the Rabbit broker is considered down if +# heartbeat's keep-alive fails (0 disable the heartbeat). EXPERIMENTAL (integer +# value) +#heartbeat_timeout_threshold=60 +heartbeat_timeout_threshold=0 + +# How often times during the heartbeat_timeout_threshold we check the +# heartbeat. (integer value) +#heartbeat_rate=2 +heartbeat_rate=2 + +# Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake (boolean value) +# Deprecated group;name - DEFAULT;fake_rabbit +#fake_rabbit=false + + +[oslo_middleware] + +# +# From oslo.middleware +# + +# The maximum body size for each request, in bytes. (integer value) +# Deprecated group;name - DEFAULT;osapi_max_request_body_size +# Deprecated group;name - DEFAULT;max_request_body_size +#max_request_body_size=114688 + +# +# From oslo.middleware +# + +# The HTTP Header that will be used to determine what the original request +# protocol scheme was, even if it was hidden by an SSL termination proxy. +# (string value) +#secure_proxy_ssl_header=X-Forwarded-Proto + + +[rdp] + +# +# From nova +# + +# Location of RDP html5 console proxy, in the form "http://127.0.0.1:6083/" +# (string value) +#html5_proxy_base_url=http://127.0.0.1:6083/ + +# Enable RDP related features (boolean value) +#enabled=false + + +[serial_console] + +# +# From nova +# + +# Host on which to listen for incoming requests (string value) +#serialproxy_host=0.0.0.0 + +# Port on which to listen for incoming requests (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#serialproxy_port=6083 + +# Enable serial console related features (boolean value) +#enabled=false + +# Range of TCP ports to use for serial ports on compute hosts (string value) +#port_range=10000:20000 + +# Location of serial console proxy. (string value) +#base_url=ws://127.0.0.1:6083/ + +# IP address on which instance serial console should listen (string value) +#listen=127.0.0.1 + +# The address to which proxy clients (like nova-serialproxy) should connect +# (string value) +#proxyclient_address=127.0.0.1 + + +[spice] + +# +# From nova +# + +# Host on which to listen for incoming requests (string value) +#html5proxy_host=0.0.0.0 + +# Port on which to listen for incoming requests (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#html5proxy_port=6082 + +# Location of spice HTML5 console proxy, in the form +# "http://127.0.0.1:6082/spice_auto.html" (string value) +#html5proxy_base_url=http://127.0.0.1:6082/spice_auto.html + +# IP address on which instance spice server should listen (string value) +#server_listen=127.0.0.1 + +# The address to which proxy clients (like nova-spicehtml5proxy) should connect +# (string value) +#server_proxyclient_address=127.0.0.1 + +# Enable spice related features (boolean value) +#enabled=false + +# Enable spice guest agent support (boolean value) +#agent_enabled=true + +# Keymap for spice (string value) +#keymap=en-us + + +[ssl] + +# +# From oslo.service.sslutils +# + +# CA certificate file to use to verify connecting clients. (string value) +#ca_file= + +# Certificate file to use when starting the server securely. (string value) +#cert_file= + +# Private key file to use when starting the server securely. (string value) +#key_file= + + +[trusted_computing] + +# +# From nova.scheduler +# + +# Attestation server HTTP (string value) +#attestation_server= + +# Attestation server Cert file for Identity verification (string value) +#attestation_server_ca_file= + +# Attestation server port (string value) +#attestation_port=8443 + +# Attestation web API URL (string value) +#attestation_api_url=/OpenAttestationWebServices/V1.0 + +# Attestation authorization blob - must change (string value) +#attestation_auth_blob= + +# Attestation status cache valid period length (integer value) +#attestation_auth_timeout=60 + +# Disable SSL cert verification for Attestation service (boolean value) +#attestation_insecure_ssl=false + + +[upgrade_levels] + +# +# From nova +# + +# Set a version cap for messages sent to the base api in any service (string +# value) +#baseapi= + +# Set a version cap for messages sent to cert services (string value) +#cert= + +# Set a version cap for messages sent to conductor services (string value) +#conductor= + +# Set a version cap for messages sent to console services (string value) +#console= + +# Set a version cap for messages sent to consoleauth services (string value) +#consoleauth= + +# +# From nova.cells +# + +# Set a version cap for messages sent between cells services (string value) +#intercell= + +# Set a version cap for messages sent to local cells services (string value) +#cells= + +# +# From nova.compute +# + +# Set a version cap for messages sent to compute services. If you plan to do a +# live upgrade from an old version to a newer version, you should set this +# option to the old version before beginning the live upgrade procedure. Only +# upgrading to the next version is supported, so you cannot skip a release for +# the live upgrade procedure. (string value) +#compute= + +# +# From nova.network +# + +# Set a version cap for messages sent to network services (string value) +#network= + +# +# From nova.scheduler +# + +# Set a version cap for messages sent to scheduler services (string value) +#scheduler= + + +[vmware] + +# +# From nova.virt +# + +# The maximum number of ObjectContent data objects that should be returned in a +# single result. A positive value will cause the operation to suspend the +# retrieval when the count of objects reaches the specified maximum. The server +# may still limit the count to something less than the configured value. Any +# remaining objects may be retrieved with additional requests. (integer value) +#maximum_objects=100 + +# The PBM status. (boolean value) +#pbm_enabled=false + +# PBM service WSDL file location URL. e.g. +# file:///opt/SDK/spbm/wsdl/pbmService.wsdl Not setting this will disable +# storage policy based placement of instances. (string value) +#pbm_wsdl_location= + +# The PBM default policy. If pbm_wsdl_location is set and there is no defined +# storage policy for the specific request then this policy will be used. +# (string value) +#pbm_default_policy= + +# Hostname or IP address for connection to VMware vCenter host. (string value) +#host_ip= + +# Port for connection to VMware vCenter host. (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#host_port=443 + +# Username for connection to VMware vCenter host. (string value) +#host_username= + +# Password for connection to VMware vCenter host. (string value) +#host_password= + +# Specify a CA bundle file to use in verifying the vCenter server certificate. +# (string value) +#ca_file= + +# If true, the vCenter server certificate is not verified. If false, then the +# default CA truststore is used for verification. This option is ignored if +# "ca_file" is set. (boolean value) +#insecure=false + +# Name of a VMware Cluster ComputeResource. (string value) +#cluster_name= + +# Regex to match the name of a datastore. (string value) +#datastore_regex= + +# The interval used for polling of remote tasks. (floating point value) +#task_poll_interval=0.5 + +# The number of times we retry on failures, e.g., socket error, etc. (integer +# value) +#api_retry_count=10 + +# VNC starting port (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#vnc_port=5900 + +# Total number of VNC ports (integer value) +#vnc_port_total=10000 + +# Whether to use linked clone (boolean value) +#use_linked_clone=true + +# Optional VIM Service WSDL Location e.g http:///vimService.wsdl. +# Optional over-ride to default location for bug work-arounds (string value) +#wsdl_location= + +# Physical ethernet adapter name for vlan networking (string value) +#vlan_interface=vmnic0 + +# Name of Integration Bridge (string value) +#integration_bridge=br-int + +# Set this value if affected by an increased network latency causing repeated +# characters when typing in a remote console. (integer value) +#console_delay_seconds= + +# Identifies the remote system that serial port traffic will be sent to. If +# this is not set, no serial ports will be added to the created VMs. (string +# value) +#serial_port_service_uri= + +# Identifies a proxy service that provides network access to the +# serial_port_service_uri. This option is ignored if serial_port_service_uri is +# not specified. (string value) +#serial_port_proxy_uri= + +# The prefix for where cached images are stored. This is NOT the full path - +# just a folder prefix. This should only be used when a datastore cache should +# be shared between compute nodes. Note: this should only be used when the +# compute nodes have a shared file system. (string value) +#cache_prefix= + + +[vnc] + +# +# From nova +# + +# Location of VNC console proxy, in the form +# "http://127.0.0.1:6080/vnc_auto.html" (string value) +# Deprecated group;name - DEFAULT;novncproxy_base_url +#novncproxy_base_url=http://127.0.0.1:6080/vnc_auto.html + +# Location of nova xvp VNC console proxy, in the form +# "http://127.0.0.1:6081/console" (string value) +# Deprecated group;name - DEFAULT;xvpvncproxy_base_url +#xvpvncproxy_base_url=http://127.0.0.1:6081/console + +# IP address on which instance vncservers should listen (string value) +# Deprecated group;name - DEFAULT;vncserver_listen +#vncserver_listen=127.0.0.1 + +# The address to which proxy clients (like nova-xvpvncproxy) should connect +# (string value) +# Deprecated group;name - DEFAULT;vncserver_proxyclient_address +#vncserver_proxyclient_address=127.0.0.1 + +# Enable VNC related features (boolean value) +# Deprecated group;name - DEFAULT;vnc_enabled +#enabled=true + +# Keymap for VNC (string value) +# Deprecated group;name - DEFAULT;vnc_keymap +#keymap=en-us + + +[workarounds] + +# +# From nova +# + +# This option allows a fallback to sudo for performance reasons. For example +# see https://bugs.launchpad.net/nova/+bug/1415106 (boolean value) +#disable_rootwrap=false + +# When using libvirt 1.2.2 live snapshots fail intermittently under load. This +# config option provides a mechanism to enable live snapshot while this is +# resolved. See https://bugs.launchpad.net/nova/+bug/1334398 (boolean value) +#disable_libvirt_livesnapshot=true + +# DEPRECATED: Whether to destroy instances on startup when we suspect they have +# previously been evacuated. This can result in data loss if undesired. See +# https://launchpad.net/bugs/1419785 (boolean value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#destroy_after_evacuate=true + +# Whether or not to handle events raised from the compute driver's 'emit_event' +# method. These are lifecycle events raised from compute drivers that implement +# the method. An example of a lifecycle event is an instance starting or +# stopping. If the instance is going through task state changes due to an API +# operation, like resize, the events are ignored. However, this is an advanced +# feature which allows the hypervisor to signal to the compute service that an +# unexpected state change has occurred in an instance and the instance can be +# shutdown automatically - which can inherently race in reboot operations or +# when the compute service or host is rebooted, either planned or due to an +# unexpected outage. Care should be taken when using this and +# sync_power_state_interval is negative since then if any instances are out of +# sync between the hypervisor and the Nova database they will have to be +# synchronized manually. See https://bugs.launchpad.net/bugs/1444630 (boolean +# value) +#handle_virt_lifecycle_events=true + + +[xenserver] + +# +# From nova.virt +# + +# Name of Integration Bridge used by Open vSwitch (string value) +#ovs_integration_bridge=xapi1 + +# Number of seconds to wait for agent reply (integer value) +#agent_timeout=30 + +# Number of seconds to wait for agent to be fully operational (integer value) +#agent_version_timeout=300 + +# Number of seconds to wait for agent reply to resetnetwork request (integer +# value) +#agent_resetnetwork_timeout=60 + +# Specifies the path in which the XenAPI guest agent should be located. If the +# agent is present, network configuration is not injected into the image. Used +# if compute_driver=xenapi.XenAPIDriver and flat_injected=True (string value) +#agent_path=usr/sbin/xe-update-networking + +# Disables the use of the XenAPI agent in any image regardless of what image +# properties are present. (boolean value) +#disable_agent=false + +# Determines if the XenAPI agent should be used when the image used does not +# contain a hint to declare if the agent is present or not. The hint is a +# glance property "xenapi_use_agent" that has the value "True" or "False". Note +# that waiting for the agent when it is not present will significantly increase +# server boot times. (boolean value) +#use_agent_default=false + +# Timeout in seconds for XenAPI login. (integer value) +#login_timeout=10 + +# Maximum number of concurrent XenAPI connections. Used only if +# compute_driver=xenapi.XenAPIDriver (integer value) +#connection_concurrent=5 + +# URL for connection to XenServer/Xen Cloud Platform. A special value of +# unix://local can be used to connect to the local unix socket. Required if +# compute_driver=xenapi.XenAPIDriver (string value) +#connection_url= + +# Username for connection to XenServer/Xen Cloud Platform. Used only if +# compute_driver=xenapi.XenAPIDriver (string value) +#connection_username=root + +# Password for connection to XenServer/Xen Cloud Platform. Used only if +# compute_driver=xenapi.XenAPIDriver (string value) +#connection_password= + +# The interval used for polling of coalescing vhds. Used only if +# compute_driver=xenapi.XenAPIDriver (floating point value) +#vhd_coalesce_poll_interval=5.0 + +# Ensure compute service is running on host XenAPI connects to. (boolean value) +#check_host=true + +# Max number of times to poll for VHD to coalesce. Used only if +# compute_driver=xenapi.XenAPIDriver (integer value) +#vhd_coalesce_max_attempts=20 + +# Base path to the storage repository (string value) +#sr_base_path=/var/run/sr-mount + +# The iSCSI Target Host (string value) +#target_host= + +# The iSCSI Target Port, default is port 3260 (string value) +#target_port=3260 + +# IQN Prefix (string value) +#iqn_prefix=iqn.2010-10.org.openstack + +# Used to enable the remapping of VBD dev (Works around an issue in Ubuntu +# Maverick) (boolean value) +#remap_vbd_dev=false + +# Specify prefix to remap VBD dev to (ex. /dev/xvdb -> /dev/sdb) (string value) +#remap_vbd_dev_prefix=sd + +# Base URL for torrent files; must contain a slash character (see RFC 1808, +# step 6) (string value) +#torrent_base_url= + +# Probability that peer will become a seeder. (1.0 = 100%) (floating point +# value) +#torrent_seed_chance=1.0 + +# Number of seconds after downloading an image via BitTorrent that it should be +# seeded for other peers. (integer value) +#torrent_seed_duration=3600 + +# Cached torrent files not accessed within this number of seconds can be reaped +# (integer value) +#torrent_max_last_accessed=86400 + +# Beginning of port range to listen on (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#torrent_listen_port_start=6881 + +# End of port range to listen on (integer value) +# Minimum value: 1 +# Maximum value: 65535 +#torrent_listen_port_end=6891 + +# Number of seconds a download can remain at the same progress percentage w/o +# being considered a stall (integer value) +#torrent_download_stall_cutoff=600 + +# Maximum number of seeder processes to run concurrently within a given dom0. +# (-1 = no limit) (integer value) +#torrent_max_seeder_processes_per_host=1 + +# To use for hosts with different CPUs (boolean value) +#use_join_force=true + +# Cache glance images locally. `all` will cache all images, `some` will only +# cache images that have the image_property `cache_in_nova=True`, and `none` +# turns off caching entirely (string value) +# Allowed values: all, some, none +#cache_images=all + +# Compression level for images, e.g., 9 for gzip -9. Range is 1-9, 9 being most +# compressed but most CPU intensive on dom0. (integer value) +# Minimum value: 1 +# Maximum value: 9 +#image_compression_level= + +# Default OS type (string value) +#default_os_type=linux + +# Time to wait for a block device to be created (integer value) +#block_device_creation_timeout=10 + +# Maximum size in bytes of kernel or ramdisk images (integer value) +#max_kernel_ramdisk_size=16777216 + +# Filter for finding the SR to be used to install guest instances on. To use +# the Local Storage in default XenServer/XCP installations set this flag to +# other-config:i18n-key=local-storage. To select an SR with a different +# matching criteria, you could set it to other-config:my_favorite_sr=true. On +# the other hand, to fall back on the Default SR, as displayed by XenCenter, +# set this flag to: default-sr:true (string value) +#sr_matching_filter=default-sr:true + +# Whether to use sparse_copy for copying data on a resize down (False will use +# standard dd). This speeds up resizes down considerably since large runs of +# zeros won't have to be rsynced (boolean value) +#sparse_copy=true + +# Maximum number of retries to unplug VBD. if <=0, should try once and no retry +# (integer value) +#num_vbd_unplug_retries=10 + +# Whether or not to download images via Bit Torrent. (string value) +# Allowed values: all, some, none +#torrent_images=none + +# Name of network to use for booting iPXE ISOs (string value) +#ipxe_network_name= + +# URL to the iPXE boot menu (string value) +#ipxe_boot_menu_url= + +# Name and optionally path of the tool used for ISO image creation (string +# value) +#ipxe_mkisofs_cmd=mkisofs + +# Number of seconds to wait for instance to go to running state (integer value) +#running_timeout=60 + +# The XenAPI VIF driver using XenServer Network APIs. (string value) +#vif_driver=nova.virt.xenapi.vif.XenAPIBridgeDriver + +# Dom0 plugin driver used to handle image uploads. (string value) +#image_upload_handler=nova.virt.xenapi.image.glance.GlanceStore + +# Number of seconds to wait for an SR to settle if the VDI does not exist when +# first introduced (integer value) +#introduce_vdi_retry_wait=20 + + +[zookeeper] + +# +# From nova +# + +# The ZooKeeper addresses for servicegroup service in the format of +# host1:port,host2:port,host3:port (string value) +#address= + +# The recv_timeout parameter for the zk session (integer value) +#recv_timeout=4000 + +# The prefix used in ZooKeeper to store ephemeral nodes (string value) +#sg_prefix=/servicegroups + +# Number of seconds to wait until retrying to join the session (integer value) +#sg_retry_interval=5 + +[osapi_v3] +enabled=False diff --git a/qa/qa_scripts/openstack/fix_conf_file.sh b/qa/qa_scripts/openstack/fix_conf_file.sh new file mode 100755 index 000000000..8ccd27249 --- /dev/null +++ b/qa/qa_scripts/openstack/fix_conf_file.sh @@ -0,0 +1,28 @@ +source ./copy_func.sh +# +# Take a templated file, modify a local copy, and write it to the +# remote site. +# +# Usage: fix_conf_file [] +# -- site where we want this modified file stored. +# -- name of the remote file. +# -- directory where the file will be stored +# -- (optional) rbd_secret used by libvirt +# +function fix_conf_file() { + if [[ $# < 3 ]]; then + echo 'fix_conf_file: Too few parameters' + exit 1 + fi + openstack_node_local=${1} + cp files/${2}.template.conf ${2}.conf + hostname=`ssh $openstack_node_local hostname` + inet4addr=`ssh $openstack_node_local hostname -i` + sed -i s/VARHOSTNAME/$hostname/g ${2}.conf + sed -i s/VARINET4ADDR/$inet4addr/g ${2}.conf + if [[ $# == 4 ]]; then + sed -i s/RBDSECRET/${4}/g ${2}.conf + fi + copy_file ${2}.conf $openstack_node_local ${3} 0644 "root:root" + rm ${2}.conf +} diff --git a/qa/qa_scripts/openstack/image_create.sh b/qa/qa_scripts/openstack/image_create.sh new file mode 100755 index 000000000..ee7f61f3b --- /dev/null +++ b/qa/qa_scripts/openstack/image_create.sh @@ -0,0 +1,16 @@ +#!/usr/bin/env bash +# +# Set up a vm on packstack. Use the iso in RHEL_ISO (defaults to home dir) +# +set -fv +source ./copy_func.sh +source ./fix_conf_file.sh +openstack_node=${1} +ceph_node=${2} + +RHEL_ISO=${RHEL_ISO:-~/rhel-server-7.2-x86_64-boot.iso} +copy_file ${RHEL_ISO} $openstack_node . +copy_file execs/run_openstack.sh $openstack_node . 0755 +filler=`date +%s` +ssh $openstack_node ./run_openstack.sh "${openstack_node}X${filler}" rhel-server-7.2-x86_64-boot.iso +ssh $ceph_node sudo ceph df diff --git a/qa/qa_scripts/openstack/openstack.sh b/qa/qa_scripts/openstack/openstack.sh new file mode 100755 index 000000000..1c1e6c00f --- /dev/null +++ b/qa/qa_scripts/openstack/openstack.sh @@ -0,0 +1,28 @@ +#!/usr/bin/env bash +# +# Install Openstack. +# Usage: openstack +# +# This script installs Openstack on one node, and connects it to a ceph +# cluster on another set of nodes. It is intended to run from a third +# node. +# +# Assumes a single node Openstack cluster and a single monitor ceph +# cluster. +# +# The execs directory contains scripts to be run on remote sites. +# The files directory contains files to be copied to remote sites. +# + +set -fv +source ./copy_func.sh +source ./fix_conf_file.sh +openstack_node=${1} +ceph_node=${2} +./packstack.sh $openstack_node $ceph_node +echo 'done running packstack' +sleep 60 +./connectceph.sh $openstack_node $ceph_node +echo 'done connecting' +sleep 60 +./image_create.sh $openstack_node $ceph_node diff --git a/qa/qa_scripts/openstack/packstack.sh b/qa/qa_scripts/openstack/packstack.sh new file mode 100755 index 000000000..3f891f98c --- /dev/null +++ b/qa/qa_scripts/openstack/packstack.sh @@ -0,0 +1,20 @@ +#!/usr/bin/env bash +# +# Install openstack by running packstack. +# +# Implements the operations in: +# https://docs.google.com/document/d/1us18KR3LuLyINgGk2rmI-SVj9UksCE7y4C2D_68Aa8o/edit?ts=56a78fcb +# +# The directory named files contains a template for the kilo.conf file used by packstack. +# +set -fv +source ./copy_func.sh +source ./fix_conf_file.sh +openstack_node=${1} +ceph_node=${2} + +copy_file execs/openstack-preinstall.sh $openstack_node . 0777 +fix_conf_file $openstack_node kilo . +ssh $openstack_node sudo ./openstack-preinstall.sh +sleep 240 +ssh $openstack_node sudo packstack --answer-file kilo.conf -- cgit v1.2.3