· 9 years ago · Nov 17, 2016, 11:56 PM
1[root@controller keystone]# cat /etc/glance/glance-api.conf
2[DEFAULT]
3
4#
5# From glance.api
6#
7
8#
9# Set the image owner to tenant or the authenticated user.
10#
11# Assign a boolean value to determine the owner of an image. When set to
12# True, the owner of the image is the tenant. When set to False, the
13# owner of the image will be the authenticated user issuing the request.
14# Setting it to False makes the image private to the associated user and
15# sharing with other users within the same tenant (or "project")
16# requires explicit image sharing via image membership.
17#
18# Possible values:
19# * True
20# * False
21#
22# Related options:
23# * None
24#
25# (boolean value)
26#owner_is_tenant = true
27
28#
29# Role used to identify an authenticated user as administrator.
30#
31# Provide a string value representing a Keystone role to identify an
32# administrative user. Users with this role will be granted
33# administrative privileges. The default value for this option is
34# 'admin'.
35#
36# Possible values:
37# * A string value which is a valid Keystone role
38#
39# Related options:
40# * None
41#
42# (string value)
43#admin_role = admin
44
45#
46# Allow limited access to unauthenticated users.
47#
48# Assign a boolean to determine API access for unathenticated
49# users. When set to False, the API cannot be accessed by
50# unauthenticated users. When set to True, unauthenticated users can
51# access the API with read-only privileges. This however only applies
52# when using ContextMiddleware.
53#
54# Possible values:
55# * True
56# * False
57#
58# Related options:
59# * None
60#
61# (boolean value)
62#allow_anonymous_access = false
63
64#
65# Limit the request ID length.
66#
67# Provide an integer value to limit the length of the request ID to
68# the specified length. The default value is 64. Users can change this
69# to any ineteger value between 0 and 16384 however keeping in mind that
70# a larger value may flood the logs.
71#
72# Possible values:
73# * Integer value between 0 and 16384
74#
75# Related options:
76# * None
77#
78# (integer value)
79# Minimum value: 0
80#max_request_id_length = 64
81
82#
83# Public url endpoint to use for Glance/Glare versions response.
84#
85# This is the public url endpoint that will appear in the Glance/Glare
86# "versions" response. If no value is specified, the endpoint that is
87# displayed in the version's response is that of the host running the
88# API service. Change the endpoint to represent the proxy URL if the
89# API service is running behind a proxy. If the service is running
90# behind a load balancer, add the load balancer's URL for this value.
91#
92# Possible values:
93# * None
94# * Proxy URL
95# * Load balancer URL
96#
97# Related options:
98# * None
99#
100# (string value)
101#public_endpoint = <None>
102
103#
104# Allow users to add additional/custom properties to images.
105#
106# Glance defines a standard set of properties (in its schema) that
107# appear on every image. These properties are also known as
108# ``base properties``. In addition to these properties, Glance
109# allows users to add custom properties to images. These are known
110# as ``additional properties``.
111#
112# By default, this configuration option is set to ``True`` and users
113# are allowed to add additional properties. The number of additional
114# properties that can be added to an image can be controlled via
115# ``image_property_quota`` configuration option.
116#
117# Possible values:
118# * True
119# * False
120#
121# Related options:
122# * image_property_quota
123#
124# (boolean value)
125#allow_additional_image_properties = true
126
127#
128# Maximum number of image members per image.
129#
130# This limits the maximum of users an image can be shared with. Any negative
131# value is interpreted as unlimited.
132#
133# Related options:
134# * None
135#
136# (integer value)
137#image_member_quota = 128
138
139#
140# Maximum number of properties allowed on an image.
141#
142# This enforces an upper limit on the number of additional properties an image
143# can have. Any negative value is interpreted as unlimited.
144#
145# NOTE: This won't have any impact if additional properties are disabled. Please
146# refer to ``allow_additional_image_properties``.
147#
148# Related options:
149# * ``allow_additional_image_properties``
150#
151# (integer value)
152#image_property_quota = 128
153
154#
155# Maximum number of tags allowed on an image.
156#
157# Any negative value is interpreted as unlimited.
158#
159# Related options:
160# * None
161#
162# (integer value)
163#image_tag_quota = 128
164
165#
166# Maximum number of locations allowed on an image.
167#
168# Any negative value is interpreted as unlimited.
169#
170# Related options:
171# * None
172#
173# (integer value)
174#image_location_quota = 10
175
176#
177# Python module path of data access API.
178#
179# Specifies the path to the API to use for accessing the data model.
180# This option determines how the image catalog data will be accessed.
181#
182# Possible values:
183# * glance.db.sqlalchemy.api
184# * glance.db.registry.api
185# * glance.db.simple.api
186#
187# If this option is set to ``glance.db.sqlalchemy.api`` then the image
188# catalog data is stored in and read from the database via the
189# SQLAlchemy Core and ORM APIs.
190#
191# Setting this option to ``glance.db.registry.api`` will force all
192# database access requests to be routed through the Registry service.
193# This avoids data access from the Glance API nodes for an added layer
194# of security, scalability and manageability.
195#
196# NOTE: In v2 OpenStack Images API, the registry service is optional.
197# In order to use the Registry API in v2, the option
198# ``enable_v2_registry`` must be set to ``True``.
199#
200# Finally, when this configuration option is set to
201# ``glance.db.simple.api``, image catalog data is stored in and read
202# from an in-memory data structure. This is primarily used for testing.
203#
204# Related options:
205# * enable_v2_api
206# * enable_v2_registry
207#
208# (string value)
209#data_api = glance.db.sqlalchemy.api
210
211#
212# The default number of results to return for a request.
213#
214# Responses to certain API requests, like list images, may return
215# multiple items. The number of results returned can be explicitly
216# controlled by specifying the ``limit`` parameter in the API request.
217# However, if a ``limit`` parameter is not specified, this
218# configuration value will be used as the default number of results to
219# be returned for any API request.
220#
221# NOTES:
222# * The value of this configuration option may not be greater than
223# the value specified by ``api_limit_max``.
224# * Setting this to a very large value may slow down database
225# queries and increase response times. Setting this to a
226# very low value may result in poor user experience.
227#
228# Possible values:
229# * Any positive integer
230#
231# Related options:
232# * api_limit_max
233#
234# (integer value)
235# Minimum value: 1
236#limit_param_default = 25
237
238#
239# Maximum number of results that could be returned by a request.
240#
241# As described in the help text of ``limit_param_default``, some
242# requests may return multiple results. The number of results to be
243# returned are governed either by the ``limit`` parameter in the
244# request or the ``limit_param_default`` configuration option.
245# The value in either case, can't be greater than the absolute maximum
246# defined by this configuration option. Anything greater than this
247# value is trimmed down to the maximum value defined here.
248#
249# NOTE: Setting this to a very large value may slow down database
250# queries and increase response times. Setting this to a
251# very low value may result in poor user experience.
252#
253# Possible values:
254# * Any positive integer
255#
256# Related options:
257# * limit_param_default
258#
259# (integer value)
260# Minimum value: 1
261#api_limit_max = 1000
262
263#
264# Show direct image location when returning an image.
265#
266# This configuration option indicates whether to show the direct image
267# location when returning image details to the user. The direct image
268# location is where the image data is stored in backend storage. This
269# image location is shown under the image property ``direct_url``.
270#
271# When multiple image locations exist for an image, the best location
272# is displayed based on the location strategy indicated by the
273# configuration option ``location_strategy``.
274#
275# NOTES:
276# * Revealing image locations can present a GRAVE SECURITY RISK as
277# image locations can sometimes include credentials. Hence, this
278# is set to ``False`` by default. Set this to ``True`` with
279# EXTREME CAUTION and ONLY IF you know what you are doing!
280# * If an operator wishes to avoid showing any image location(s)
281# to the user, then both this option and
282# ``show_multiple_locations`` MUST be set to ``False``.
283#
284# Possible values:
285# * True
286# * False
287#
288# Related options:
289# * show_multiple_locations
290# * location_strategy
291#
292# (boolean value)
293#show_image_direct_url = false
294
295# DEPRECATED:
296# Show all image locations when returning an image.
297#
298# This configuration option indicates whether to show all the image
299# locations when returning image details to the user. When multiple
300# image locations exist for an image, the locations are ordered based
301# on the location strategy indicated by the configuration opt
302# ``location_strategy``. The image locations are shown under the
303# image property ``locations``.
304#
305# NOTES:
306# * Revealing image locations can present a GRAVE SECURITY RISK as
307# image locations can sometimes include credentials. Hence, this
308# is set to ``False`` by default. Set this to ``True`` with
309# EXTREME CAUTION and ONLY IF you know what you are doing!
310# * If an operator wishes to avoid showing any image location(s)
311# to the user, then both this option and
312# ``show_image_direct_url`` MUST be set to ``False``.
313#
314# Possible values:
315# * True
316# * False
317#
318# Related options:
319# * show_image_direct_url
320# * location_strategy
321#
322# (boolean value)
323# This option is deprecated for removal since Newton.
324# Its value may be silently ignored in the future.
325# Reason: This option will be removed in the Ocata release because the same
326# functionality can be achieved with greater granularity by using policies.
327# Please see the Newton release notes for more information.
328#show_multiple_locations = false
329
330#
331# Maximum size of image a user can upload in bytes.
332#
333# An image upload greater than the size mentioned here would result
334# in an image creation failure. This configuration option defaults to
335# 1099511627776 bytes (1 TiB).
336#
337# NOTES:
338# * This value should only be increased after careful
339# consideration and must be set less than or equal to
340# 8 EiB (9223372036854775808).
341# * This value must be set with careful consideration of the
342# backend storage capacity. Setting this to a very low value
343# may result in a large number of image failures. And, setting
344# this to a very large value may result in faster consumption
345# of storage. Hence, this must be set according to the nature of
346# images created and storage capacity available.
347#
348# Possible values:
349# * Any positive number less than or equal to 9223372036854775808
350#
351# (integer value)
352# Minimum value: 1
353# Maximum value: 9223372036854775808
354#image_size_cap = 1099511627776
355
356#
357# Maximum amount of image storage per tenant.
358#
359# This enforces an upper limit on the cumulative storage consumed by all images
360# of a tenant across all stores. This is a per-tenant limit.
361#
362# The default unit for this configuration option is Bytes. However, storage
363# units can be specified using case-sensitive literals ``B``, ``KB``, ``MB``,
364# ``GB`` and ``TB`` representing Bytes, KiloBytes, MegaBytes, GigaBytes and
365# TeraBytes respectively. Note that there should not be any space between the
366# value and unit. Value ``0`` signifies no quota enforcement. Negative values
367# are invalid and result in errors.
368#
369# Possible values:
370# * A string that is a valid concatenation of a non-negative integer
371# representing the storage value and an optional string literal
372# representing storage units as mentioned above.
373#
374# Related options:
375# * None
376#
377# (string value)
378#user_storage_quota = 0
379
380#
381# Deploy the v1 OpenStack Images API.
382#
383# When this option is set to ``True``, Glance service will respond to
384# requests on registered endpoints conforming to the v1 OpenStack
385# Images API.
386#
387# NOTES:
388# * If this option is enabled, then ``enable_v1_registry`` must
389# also be set to ``True`` to enable mandatory usage of Registry
390# service with v1 API.
391#
392# * If this option is disabled, then the ``enable_v1_registry``
393# option, which is enabled by default, is also recommended
394# to be disabled.
395#
396# * This option is separate from ``enable_v2_api``, both v1 and v2
397# OpenStack Images API can be deployed independent of each
398# other.
399#
400# * If deploying only the v2 Images API, this option, which is
401# enabled by default, should be disabled.
402#
403# Possible values:
404# * True
405# * False
406#
407# Related options:
408# * enable_v1_registry
409# * enable_v2_api
410#
411# (boolean value)
412#enable_v1_api = true
413
414#
415# Deploy the v2 OpenStack Images API.
416#
417# When this option is set to ``True``, Glance service will respond
418# to requests on registered endpoints conforming to the v2 OpenStack
419# Images API.
420#
421# NOTES:
422# * If this option is disabled, then the ``enable_v2_registry``
423# option, which is enabled by default, is also recommended
424# to be disabled.
425#
426# * This option is separate from ``enable_v1_api``, both v1 and v2
427# OpenStack Images API can be deployed independent of each
428# other.
429#
430# * If deploying only the v1 Images API, this option, which is
431# enabled by default, should be disabled.
432#
433# Possible values:
434# * True
435# * False
436#
437# Related options:
438# * enable_v2_registry
439# * enable_v1_api
440#
441# (boolean value)
442#enable_v2_api = true
443
444#
445# Deploy the v1 API Registry service.
446#
447# When this option is set to ``True``, the Registry service
448# will be enabled in Glance for v1 API requests.
449#
450# NOTES:
451# * Use of Registry is mandatory in v1 API, so this option must
452# be set to ``True`` if the ``enable_v1_api`` option is enabled.
453#
454# * If deploying only the v2 OpenStack Images API, this option,
455# which is enabled by default, should be disabled.
456#
457# Possible values:
458# * True
459# * False
460#
461# Related options:
462# * enable_v1_api
463#
464# (boolean value)
465#enable_v1_registry = true
466
467#
468# Deploy the v2 API Registry service.
469#
470# When this option is set to ``True``, the Registry service
471# will be enabled in Glance for v2 API requests.
472#
473# NOTES:
474# * Use of Registry is optional in v2 API, so this option
475# must only be enabled if both ``enable_v2_api`` is set to
476# ``True`` and the ``data_api`` option is set to
477# ``glance.db.registry.api``.
478#
479# * If deploying only the v1 OpenStack Images API, this option,
480# which is enabled by default, should be disabled.
481#
482# Possible values:
483# * True
484# * False
485#
486# Related options:
487# * enable_v2_api
488# * data_api
489#
490# (boolean value)
491#enable_v2_registry = true
492
493#
494# Host address of the pydev server.
495#
496# Provide a string value representing the hostname or IP of the
497# pydev server to use for debugging. The pydev server listens for
498# debug connections on this address, facilitating remote debugging
499# in Glance.
500#
501# Possible values:
502# * Valid hostname
503# * Valid IP address
504#
505# Related options:
506# * None
507#
508# (string value)
509#pydev_worker_debug_host = localhost
510
511#
512# Port number that the pydev server will listen on.
513#
514# Provide a port number to bind the pydev server to. The pydev
515# process accepts debug connections on this port and facilitates
516# remote debugging in Glance.
517#
518# Possible values:
519# * A valid port number
520#
521# Related options:
522# * None
523#
524# (port value)
525# Minimum value: 0
526# Maximum value: 65535
527#pydev_worker_debug_port = 5678
528
529#
530# AES key for encrypting store location metadata.
531#
532# Provide a string value representing the AES cipher to use for
533# encrypting Glance store metadata.
534#
535# NOTE: The AES key to use must be set to a random string of length
536# 16, 24 or 32 bytes.
537#
538# Possible values:
539# * String value representing a valid AES key
540#
541# Related options:
542# * None
543#
544# (string value)
545#metadata_encryption_key = <None>
546
547#
548# Digest algorithm to use for digital signature.
549#
550# Provide a string value representing the digest algorithm to
551# use for generating digital signatures. By default, ``sha256``
552# is used.
553#
554# To get a list of the available algorithms supported by the version
555# of OpenSSL on your platform, run the command:
556# ``openssl list-message-digest-algorithms``.
557# Examples are 'sha1', 'sha256', and 'sha512'.
558#
559# NOTE: ``digest_algorithm`` is not related to Glance's image signing
560# and verification. It is only used to sign the universally unique
561# identifier (UUID) as a part of the certificate file and key file
562# validation.
563#
564# Possible values:
565# * An OpenSSL message digest algorithm identifier
566#
567# Relation options:
568# * None
569#
570# (string value)
571#digest_algorithm = sha256
572
573#
574# Strategy to determine the preference order of image locations.
575#
576# This configuration option indicates the strategy to determine
577# the order in which an image's locations must be accessed to
578# serve the image's data. Glance then retrieves the image data
579# from the first responsive active location it finds in this list.
580#
581# This option takes one of two possible values ``location_order``
582# and ``store_type``. The default value is ``location_order``,
583# which suggests that image data be served by using locations in
584# the order they are stored in Glance. The ``store_type`` value
585# sets the image location preference based on the order in which
586# the storage backends are listed as a comma separated list for
587# the configuration option ``store_type_preference``.
588#
589# Possible values:
590# * location_order
591# * store_type
592#
593# Related options:
594# * store_type_preference
595#
596# (string value)
597# Allowed values: location_order, store_type
598#location_strategy = location_order
599
600#
601# The location of the property protection file.
602#
603# Provide a valid path to the property protection file which contains
604# the rules for property protections and the roles/policies associated
605# with them.
606#
607# A property protection file, when set, restricts the Glance image
608# properties to be created, read, updated and/or deleted by a specific
609# set of users that are identified by either roles or policies.
610# If this configuration option is not set, by default, property
611# protections won't be enforced. If a value is specified and the file
612# is not found, the glance-api service will fail to start.
613# More information on property protections can be found at:
614# http://docs.openstack.org/developer/glance/property-protections.html
615#
616# Possible values:
617# * Empty string
618# * Valid path to the property protection configuration file
619#
620# Related options:
621# * property_protection_rule_format
622#
623# (string value)
624#property_protection_file = <None>
625
626#
627# Rule format for property protection.
628#
629# Provide the desired way to set property protection on Glance
630# image properties. The two permissible values are ``roles``
631# and ``policies``. The default value is ``roles``.
632#
633# If the value is ``roles``, the property protection file must
634# contain a comma separated list of user roles indicating
635# permissions for each of the CRUD operations on each property
636# being protected. If set to ``policies``, a policy defined in
637# policy.json is used to express property protections for each
638# of the CRUD operations. Examples of how property protections
639# are enforced based on ``roles`` or ``policies`` can be found at:
640# http://docs.openstack.org/developer/glance/property-protections.html#examples
641#
642# Possible values:
643# * roles
644# * policies
645#
646# Related options:
647# * property_protection_file
648#
649# (string value)
650# Allowed values: roles, policies
651#property_protection_rule_format = roles
652
653#
654# List of allowed exception modules to handle RPC exceptions.
655#
656# Provide a comma separated list of modules whose exceptions are
657# permitted to be recreated upon receiving exception data via an RPC
658# call made to Glance. The default list includes
659# ``glance.common.exception``, ``builtins``, and ``exceptions``.
660#
661# The RPC protocol permits interaction with Glance via calls across a
662# network or within the same system. Including a list of exception
663# namespaces with this option enables RPC to propagate the exceptions
664# back to the users.
665#
666# Possible values:
667# * A comma separated list of valid exception modules
668#
669# Related options:
670# * None
671# (list value)
672#allowed_rpc_exception_modules = glance.common.exception,builtins,exceptions
673
674#
675# IP address to bind the glance servers to.
676#
677# Provide an IP address to bind the glance server to. The default
678# value is ``0.0.0.0``.
679#
680# Edit this option to enable the server to listen on one particular
681# IP address on the network card. This facilitates selection of a
682# particular network interface for the server.
683#
684# Possible values:
685# * A valid IPv4 address
686# * A valid IPv6 address
687#
688# Related options:
689# * None
690#
691# (string value)
692#bind_host = 0.0.0.0
693
694#
695# Port number on which the server will listen.
696#
697# Provide a valid port number to bind the server's socket to. This
698# port is then set to identify processes and forward network messages
699# that arrive at the server. The default bind_port value for the API
700# server is 9292 and for the registry server is 9191.
701#
702# Possible values:
703# * A valid port number (0 to 65535)
704#
705# Related options:
706# * None
707#
708# (port value)
709# Minimum value: 0
710# Maximum value: 65535
711#bind_port = <None>
712
713#
714# Number of Glance worker processes to start.
715#
716# Provide a non-negative integer value to set the number of child
717# process workers to service requests. By default, the number of CPUs
718# available is set as the value for ``workers``.
719#
720# Each worker process is made to listen on the port set in the
721# configuration file and contains a greenthread pool of size 1000.
722#
723# NOTE: Setting the number of workers to zero, triggers the creation
724# of a single API process with a greenthread pool of size 1000.
725#
726# Possible values:
727# * 0
728# * Positive integer value (typically equal to the number of CPUs)
729#
730# Related options:
731# * None
732#
733# (integer value)
734# Minimum value: 0
735#workers = <None>
736
737#
738# Maximum line size of message headers.
739#
740# Provide an integer value representing a length to limit the size of
741# message headers. The default value is 16384.
742#
743# NOTE: ``max_header_line`` may need to be increased when using large
744# tokens (typically those generated by the Keystone v3 API with big
745# service catalogs). However, it is to be kept in mind that larger
746# values for ``max_header_line`` would flood the logs.
747#
748# Setting ``max_header_line`` to 0 sets no limit for the line size of
749# message headers.
750#
751# Possible values:
752# * 0
753# * Positive integer
754#
755# Related options:
756# * None
757#
758# (integer value)
759# Minimum value: 0
760#max_header_line = 16384
761
762#
763# Set keep alive option for HTTP over TCP.
764#
765# Provide a boolean value to determine sending of keep alive packets.
766# If set to ``False``, the server returns the header
767# "Connection: close". If set to ``True``, the server returns a
768# "Connection: Keep-Alive" in its responses. This enables retention of
769# the same TCP connection for HTTP conversations instead of opening a
770# new one with each new request.
771#
772# This option must be set to ``False`` if the client socket connection
773# needs to be closed explicitly after the response is received and
774# read successfully by the client.
775#
776# Possible values:
777# * True
778# * False
779#
780# Related options:
781# * None
782#
783# (boolean value)
784#http_keepalive = true
785
786#
787# Timeout for client connections' socket operations.
788#
789# Provide a valid integer value representing time in seconds to set
790# the period of wait before an incoming connection can be closed. The
791# default value is 900 seconds.
792#
793# The value zero implies wait forever.
794#
795# Possible values:
796# * Zero
797# * Positive integer
798#
799# Related options:
800# * None
801#
802# (integer value)
803# Minimum value: 0
804#client_socket_timeout = 900
805
806#
807# Set the number of incoming connection requests.
808#
809# Provide a positive integer value to limit the number of requests in
810# the backlog queue. The default queue size is 4096.
811#
812# An incoming connection to a TCP listener socket is queued before a
813# connection can be established with the server. Setting the backlog
814# for a TCP socket ensures a limited queue size for incoming traffic.
815#
816# Possible values:
817# * Positive integer
818#
819# Related options:
820# * None
821#
822# (integer value)
823# Minimum value: 1
824#backlog = 4096
825
826#
827# Set the wait time before a connection recheck.
828#
829# Provide a positive integer value representing time in seconds which
830# is set as the idle wait time before a TCP keep alive packet can be
831# sent to the host. The default value is 600 seconds.
832#
833# Setting ``tcp_keepidle`` helps verify at regular intervals that a
834# connection is intact and prevents frequent TCP connection
835# reestablishment.
836#
837# Possible values:
838# * Positive integer value representing time in seconds
839#
840# Related options:
841# * None
842#
843# (integer value)
844# Minimum value: 1
845#tcp_keepidle = 600
846
847#
848# Absolute path to the CA file.
849#
850# Provide a string value representing a valid absolute path to
851# the Certificate Authority file to use for client authentication.
852#
853# A CA file typically contains necessary trusted certificates to
854# use for the client authentication. This is essential to ensure
855# that a secure connection is established to the server via the
856# internet.
857#
858# Possible values:
859# * Valid absolute path to the CA file
860#
861# Related options:
862# * None
863#
864# (string value)
865#ca_file = /etc/ssl/cafile
866
867#
868# Absolute path to the certificate file.
869#
870# Provide a string value representing a valid absolute path to the
871# certificate file which is required to start the API service
872# securely.
873#
874# A certificate file typically is a public key container and includes
875# the server's public key, server name, server information and the
876# signature which was a result of the verification process using the
877# CA certificate. This is required for a secure connection
878# establishment.
879#
880# Possible values:
881# * Valid absolute path to the certificate file
882#
883# Related options:
884# * None
885#
886# (string value)
887#cert_file = /etc/ssl/certs
888
889#
890# Absolute path to a private key file.
891#
892# Provide a string value representing a valid absolute path to a
893# private key file which is required to establish the client-server
894# connection.
895#
896# Possible values:
897# * Absolute path to the private key file
898#
899# Related options:
900# * None
901#
902# (string value)
903#key_file = /etc/ssl/key/key-file.pem
904
905# DEPRECATED: The HTTP header used to determine the scheme for the original
906# request, even if it was removed by an SSL terminating proxy. Typical value is
907# "HTTP_X_FORWARDED_PROTO". (string value)
908# This option is deprecated for removal.
909# Its value may be silently ignored in the future.
910# Reason: Use the http_proxy_to_wsgi middleware instead.
911#secure_proxy_ssl_header = <None>
912
913#
914# The relative path to sqlite file database that will be used for image cache
915# management.
916#
917# This is a relative path to the sqlite file database that tracks the age and
918# usage statistics of image cache. The path is relative to image cache base
919# directory, specified by the configuration option ``image_cache_dir``.
920#
921# This is a lightweight database with just one table.
922#
923# Possible values:
924# * A valid relative path to sqlite file database
925#
926# Related options:
927# * ``image_cache_dir``
928#
929# (string value)
930#image_cache_sqlite_db = cache.db
931
932#
933# The driver to use for image cache management.
934#
935# This configuration option provides the flexibility to choose between the
936# different image-cache drivers available. An image-cache driver is responsible
937# for providing the essential functions of image-cache like write images to/read
938# images from cache, track age and usage of cached images, provide a list of
939# cached images, fetch size of the cache, queue images for caching and clean up
940# the cache, etc.
941#
942# The essential functions of a driver are defined in the base class
943# ``glance.image_cache.drivers.base.Driver``. All image-cache drivers (existing
944# and prospective) must implement this interface. Currently available drivers
945# are ``sqlite`` and ``xattr``. These drivers primarily differ in the way they
946# store the information about cached images:
947# * The ``sqlite`` driver uses a sqlite database (which sits on every glance
948# node locally) to track the usage of cached images.
949# * The ``xattr`` driver uses the extended attributes of files to store this
950# information. It also requires a filesystem that sets ``atime`` on the
951# files
952# when accessed.
953#
954# Possible values:
955# * sqlite
956# * xattr
957#
958# Related options:
959# * None
960#
961# (string value)
962# Allowed values: sqlite, xattr
963#image_cache_driver = sqlite
964
965#
966# The upper limit on cache size, in bytes, after which the cache-pruner cleans
967# up the image cache.
968#
969# NOTE: This is just a threshold for cache-pruner to act upon. It is NOT a
970# hard limit beyond which the image cache would never grow. In fact, depending
971# on how often the cache-pruner runs and how quickly the cache fills, the image
972# cache can far exceed the size specified here very easily. Hence, care must be
973# taken to appropriately schedule the cache-pruner and in setting this limit.
974#
975# Glance caches an image when it is downloaded. Consequently, the size of the
976# image cache grows over time as the number of downloads increases. To keep the
977# cache size from becoming unmanageable, it is recommended to run the
978# cache-pruner as a periodic task. When the cache pruner is kicked off, it
979# compares the current size of image cache and triggers a cleanup if the image
980# cache grew beyond the size specified here. After the cleanup, the size of
981# cache is less than or equal to size specified here.
982#
983# Possible values:
984# * Any non-negative integer
985#
986# Related options:
987# * None
988#
989# (integer value)
990# Minimum value: 0
991#image_cache_max_size = 10737418240
992
993#
994# The amount of time, in seconds, an incomplete image remains in the cache.
995#
996# Incomplete images are images for which download is in progress. Please see the
997# description of configuration option ``image_cache_dir`` for more detail.
998# Sometimes, due to various reasons, it is possible the download may hang and
999# the incompletely downloaded image remains in the ``incomplete`` directory.
1000# This configuration option sets a time limit on how long the incomplete images
1001# should remain in the ``incomplete`` directory before they are cleaned up.
1002# Once an incomplete image spends more time than is specified here, it'll be
1003# removed by cache-cleaner on its next run.
1004#
1005# It is recommended to run cache-cleaner as a periodic task on the Glance API
1006# nodes to keep the incomplete images from occupying disk space.
1007#
1008# Possible values:
1009# * Any non-negative integer
1010#
1011# Related options:
1012# * None
1013#
1014# (integer value)
1015# Minimum value: 0
1016#image_cache_stall_time = 86400
1017
1018#
1019# Base directory for image cache.
1020#
1021# This is the location where image data is cached and served out of. All cached
1022# images are stored directly under this directory. This directory also contains
1023# three subdirectories, namely, ``incomplete``, ``invalid`` and ``queue``.
1024#
1025# The ``incomplete`` subdirectory is the staging area for downloading images. An
1026# image is first downloaded to this directory. When the image download is
1027# successful it is moved to the base directory. However, if the download fails,
1028# the partially downloaded image file is moved to the ``invalid`` subdirectory.
1029#
1030# The ``queue``subdirectory is used for queuing images for download. This is
1031# used primarily by the cache-prefetcher, which can be scheduled as a periodic
1032# task like cache-pruner and cache-cleaner, to cache images ahead of their
1033# usage.
1034# Upon receiving the request to cache an image, Glance touches a file in the
1035# ``queue`` directory with the image id as the file name. The cache-prefetcher,
1036# when running, polls for the files in ``queue`` directory and starts
1037# downloading them in the order they were created. When the download is
1038# successful, the zero-sized file is deleted from the ``queue`` directory.
1039# If the download fails, the zero-sized file remains and it'll be retried the
1040# next time cache-prefetcher runs.
1041#
1042# Possible values:
1043# * A valid path
1044#
1045# Related options:
1046# * ``image_cache_sqlite_db``
1047#
1048# (string value)
1049#image_cache_dir = <None>
1050
1051#
1052# Default publisher_id for outgoing Glance notifications.
1053#
1054# This is the value that the notification driver will use to identify
1055# messages for events originating from the Glance service. Typically,
1056# this is the hostname of the instance that generated the message.
1057#
1058# Possible values:
1059# * Any reasonable instance identifier, for example: image.host1
1060#
1061# Related options:
1062# * None
1063#
1064# (string value)
1065#default_publisher_id = image.localhost
1066
1067#
1068# List of notifications to be disabled.
1069#
1070# Specify a list of notifications that should not be emitted.
1071# A notification can be given either as a notification type to
1072# disable a single event notification, or as a notification group
1073# prefix to disable all event notifications within a group.
1074#
1075# Possible values:
1076# A comma-separated list of individual notification types or
1077# notification groups to be disabled. Currently supported groups:
1078# * image
1079# * image.member
1080# * task
1081# * metadef_namespace
1082# * metadef_object
1083# * metadef_property
1084# * metadef_resource_type
1085# * metadef_tag
1086# For a complete listing and description of each event refer to:
1087# http://docs.openstack.org/developer/glance/notifications.html
1088#
1089# The values must be specified as: <group_name>.<event_name>
1090# For example: image.create,task.success,metadef_tag
1091#
1092# Related options:
1093# * None
1094#
1095# (list value)
1096#disabled_notifications =
1097
1098#
1099# Address the registry server is hosted on.
1100#
1101# Possible values:
1102# * A valid IP or hostname
1103#
1104# Related options:
1105# * None
1106#
1107# (string value)
1108#registry_host = 0.0.0.0
1109
1110#
1111# Port the registry server is listening on.
1112#
1113# Possible values:
1114# * A valid port number
1115#
1116# Related options:
1117# * None
1118#
1119# (port value)
1120# Minimum value: 0
1121# Maximum value: 65535
1122#registry_port = 9191
1123
1124# DEPRECATED: Whether to pass through the user token when making requests to the
1125# registry. To prevent failures with token expiration during big files upload,
1126# it is recommended to set this parameter to False.If "use_user_token" is not in
1127# effect, then admin credentials can be specified. (boolean value)
1128# This option is deprecated for removal.
1129# Its value may be silently ignored in the future.
1130# Reason: This option was considered harmful and has been deprecated in M
1131# release. It will be removed in O release. For more information read OSSN-0060.
1132# Related functionality with uploading big images has been implemented with
1133# Keystone trusts support.
1134#use_user_token = true
1135
1136# DEPRECATED: The administrators user name. If "use_user_token" is not in
1137# effect, then admin credentials can be specified. (string value)
1138# This option is deprecated for removal.
1139# Its value may be silently ignored in the future.
1140# Reason: This option was considered harmful and has been deprecated in M
1141# release. It will be removed in O release. For more information read OSSN-0060.
1142# Related functionality with uploading big images has been implemented with
1143# Keystone trusts support.
1144#admin_user = <None>
1145
1146# DEPRECATED: The administrators password. If "use_user_token" is not in effect,
1147# then admin credentials can be specified. (string value)
1148# This option is deprecated for removal.
1149# Its value may be silently ignored in the future.
1150# Reason: This option was considered harmful and has been deprecated in M
1151# release. It will be removed in O release. For more information read OSSN-0060.
1152# Related functionality with uploading big images has been implemented with
1153# Keystone trusts support.
1154#admin_password = <None>
1155
1156# DEPRECATED: The tenant name of the administrative user. If "use_user_token" is
1157# not in effect, then admin tenant name can be specified. (string value)
1158# This option is deprecated for removal.
1159# Its value may be silently ignored in the future.
1160# Reason: This option was considered harmful and has been deprecated in M
1161# release. It will be removed in O release. For more information read OSSN-0060.
1162# Related functionality with uploading big images has been implemented with
1163# Keystone trusts support.
1164#admin_tenant_name = <None>
1165
1166# DEPRECATED: The URL to the keystone service. If "use_user_token" is not in
1167# effect and using keystone auth, then URL of keystone can be specified. (string
1168# value)
1169# This option is deprecated for removal.
1170# Its value may be silently ignored in the future.
1171# Reason: This option was considered harmful and has been deprecated in M
1172# release. It will be removed in O release. For more information read OSSN-0060.
1173# Related functionality with uploading big images has been implemented with
1174# Keystone trusts support.
1175#auth_url = <None>
1176
1177# DEPRECATED: The strategy to use for authentication. If "use_user_token" is not
1178# in effect, then auth strategy can be specified. (string value)
1179# This option is deprecated for removal.
1180# Its value may be silently ignored in the future.
1181# Reason: This option was considered harmful and has been deprecated in M
1182# release. It will be removed in O release. For more information read OSSN-0060.
1183# Related functionality with uploading big images has been implemented with
1184# Keystone trusts support.
1185#auth_strategy = noauth
1186
1187# DEPRECATED: The region for the authentication service. If "use_user_token" is
1188# not in effect and using keystone auth, then region name can be specified.
1189# (string value)
1190# This option is deprecated for removal.
1191# Its value may be silently ignored in the future.
1192# Reason: This option was considered harmful and has been deprecated in M
1193# release. It will be removed in O release. For more information read OSSN-0060.
1194# Related functionality with uploading big images has been implemented with
1195# Keystone trusts support.
1196#auth_region = <None>
1197
1198#
1199# Protocol to use for communication with the registry server.
1200#
1201# Provide a string value representing the protocol to use for
1202# communication with the registry server. By default, this option is
1203# set to ``http`` and the connection is not secure.
1204#
1205# This option can be set to ``https`` to establish a secure connection
1206# to the registry server. In this case, provide a key to use for the
1207# SSL connection using the ``registry_client_key_file`` option. Also
1208# include the CA file and cert file using the options
1209# ``registry_client_ca_file`` and ``registry_client_cert_file``
1210# respectively.
1211#
1212# Possible values:
1213# * http
1214# * https
1215#
1216# Related options:
1217# * registry_client_key_file
1218# * registry_client_cert_file
1219# * registry_client_ca_file
1220#
1221# (string value)
1222# Allowed values: http, https
1223#registry_client_protocol = http
1224
1225#
1226# Absolute path to the private key file.
1227#
1228# Provide a string value representing a valid absolute path to the
1229# private key file to use for establishing a secure connection to
1230# the registry server.
1231#
1232# NOTE: This option must be set if ``registry_client_protocol`` is
1233# set to ``https``. Alternatively, the GLANCE_CLIENT_KEY_FILE
1234# environment variable may be set to a filepath of the key file.
1235#
1236# Possible values:
1237# * String value representing a valid absolute path to the key
1238# file.
1239#
1240# Related options:
1241# * registry_client_protocol
1242#
1243# (string value)
1244#registry_client_key_file = /etc/ssl/key/key-file.pem
1245
1246#
1247# Absolute path to the certificate file.
1248#
1249# Provide a string value representing a valid absolute path to the
1250# certificate file to use for establishing a secure connection to
1251# the registry server.
1252#
1253# NOTE: This option must be set if ``registry_client_protocol`` is
1254# set to ``https``. Alternatively, the GLANCE_CLIENT_CERT_FILE
1255# environment variable may be set to a filepath of the certificate
1256# file.
1257#
1258# Possible values:
1259# * String value representing a valid absolute path to the
1260# certificate file.
1261#
1262# Related options:
1263# * registry_client_protocol
1264#
1265# (string value)
1266#registry_client_cert_file = /etc/ssl/certs/file.crt
1267
1268#
1269# Absolute path to the Certificate Authority file.
1270#
1271# Provide a string value representing a valid absolute path to the
1272# certificate authority file to use for establishing a secure
1273# connection to the registry server.
1274#
1275# NOTE: This option must be set if ``registry_client_protocol`` is
1276# set to ``https``. Alternatively, the GLANCE_CLIENT_CA_FILE
1277# environment variable may be set to a filepath of the CA file.
1278# This option is ignored if the ``registry_client_insecure`` option
1279# is set to ``True``.
1280#
1281# Possible values:
1282# * String value representing a valid absolute path to the CA
1283# file.
1284#
1285# Related options:
1286# * registry_client_protocol
1287# * registry_client_insecure
1288#
1289# (string value)
1290#registry_client_ca_file = /etc/ssl/cafile/file.ca
1291
1292#
1293# Set verification of the registry server certificate.
1294#
1295# Provide a boolean value to determine whether or not to validate
1296# SSL connections to the registry server. By default, this option
1297# is set to ``False`` and the SSL connections are validated.
1298#
1299# If set to ``True``, the connection to the registry server is not
1300# validated via a certifying authority and the
1301# ``registry_client_ca_file`` option is ignored. This is the
1302# registry's equivalent of specifying --insecure on the command line
1303# using glanceclient for the API.
1304#
1305# Possible values:
1306# * True
1307# * False
1308#
1309# Related options:
1310# * registry_client_protocol
1311# * registry_client_ca_file
1312#
1313# (boolean value)
1314#registry_client_insecure = false
1315
1316#
1317# Timeout value for registry requests.
1318#
1319# Provide an integer value representing the period of time in seconds
1320# that the API server will wait for a registry request to complete.
1321# The default value is 600 seconds.
1322#
1323# A value of 0 implies that a request will never timeout.
1324#
1325# Possible values:
1326# * Zero
1327# * Positive integer
1328#
1329# Related options:
1330# * None
1331#
1332# (integer value)
1333# Minimum value: 0
1334#registry_client_timeout = 600
1335
1336#
1337# Send headers received from identity when making requests to
1338# registry.
1339#
1340# Typically, Glance registry can be deployed in multiple flavors,
1341# which may or may not include authentication. For example,
1342# ``trusted-auth`` is a flavor that does not require the registry
1343# service to authenticate the requests it receives. However, the
1344# registry service may still need a user context to be populated to
1345# serve the requests. This can be achieved by the caller
1346# (the Glance API usually) passing through the headers it received
1347# from authenticating with identity for the same request. The typical
1348# headers sent are ``X-User-Id``, ``X-Tenant-Id``, ``X-Roles``,
1349# ``X-Identity-Status`` and ``X-Service-Catalog``.
1350#
1351# Provide a boolean value to determine whether to send the identity
1352# headers to provide tenant and user information along with the
1353# requests to registry service. By default, this option is set to
1354# ``False``, which means that user and tenant information is not
1355# available readily. It must be obtained by authenticating. Hence, if
1356# this is set to ``False``, ``flavor`` must be set to value that
1357# either includes authentication or authenticated user context.
1358#
1359# Possible values:
1360# * True
1361# * False
1362#
1363# Related options:
1364# * flavor
1365#
1366# (boolean value)
1367#send_identity_headers = false
1368
1369#
1370# The amount of time, in seconds, to delay image scrubbing.
1371#
1372# When delayed delete is turned on, an image is put into ``pending_delete``
1373# state upon deletion until the scrubber deletes its image data. Typically, soon
1374# after the image is put into ``pending_delete`` state, it is available for
1375# scrubbing. However, scrubbing can be delayed until a later point using this
1376# configuration option. This option denotes the time period an image spends in
1377# ``pending_delete`` state before it is available for scrubbing.
1378#
1379# It is important to realize that this has storage implications. The larger the
1380# ``scrub_time``, the longer the time to reclaim backend storage from deleted
1381# images.
1382#
1383# Possible values:
1384# * Any non-negative integer
1385#
1386# Related options:
1387# * ``delayed_delete``
1388#
1389# (integer value)
1390# Minimum value: 0
1391#scrub_time = 0
1392
1393#
1394# The size of thread pool to be used for scrubbing images.
1395#
1396# When there are a large number of images to scrub, it is beneficial to scrub
1397# images in parallel so that the scrub queue stays in control and the backend
1398# storage is reclaimed in a timely fashion. This configuration option denotes
1399# the maximum number of images to be scrubbed in parallel. The default value is
1400# one, which signifies serial scrubbing. Any value above one indicates parallel
1401# scrubbing.
1402#
1403# Possible values:
1404# * Any non-zero positive integer
1405#
1406# Related options:
1407# * ``delayed_delete``
1408#
1409# (integer value)
1410# Minimum value: 1
1411#scrub_pool_size = 1
1412
1413#
1414# Turn on/off delayed delete.
1415#
1416# Typically when an image is deleted, the ``glance-api`` service puts the image
1417# into ``deleted`` state and deletes its data at the same time. Delayed delete
1418# is a feature in Glance that delays the actual deletion of image data until a
1419# later point in time (as determined by the configuration option
1420# ``scrub_time``).
1421# When delayed delete is turned on, the ``glance-api`` service puts the image
1422# into ``pending_delete`` state upon deletion and leaves the image data in the
1423# storage backend for the image scrubber to delete at a later time. The image
1424# scrubber will move the image into ``deleted`` state upon successful deletion
1425# of image data.
1426#
1427# NOTE: When delayed delete is turned on, image scrubber MUST be running as a
1428# periodic task to prevent the backend storage from filling up with undesired
1429# usage.
1430#
1431# Possible values:
1432# * True
1433# * False
1434#
1435# Related options:
1436# * ``scrub_time``
1437# * ``wakeup_time``
1438# * ``scrub_pool_size``
1439#
1440# (boolean value)
1441#delayed_delete = false
1442
1443#
1444# From oslo.log
1445#
1446
1447# If set to true, the logging level will be set to DEBUG instead of the default
1448# INFO level. (boolean value)
1449# Note: This option can be changed without restarting.
1450#debug = false
1451
1452# DEPRECATED: If set to false, the logging level will be set to WARNING instead
1453# of the default INFO level. (boolean value)
1454# This option is deprecated for removal.
1455# Its value may be silently ignored in the future.
1456#verbose = true
1457
1458# The name of a logging configuration file. This file is appended to any
1459# existing logging configuration files. For details about logging configuration
1460# files, see the Python logging module documentation. Note that when logging
1461# configuration files are used then all logging configuration is set in the
1462# configuration file and other logging configuration options are ignored (for
1463# example, logging_context_format_string). (string value)
1464# Note: This option can be changed without restarting.
1465# Deprecated group/name - [DEFAULT]/log_config
1466#log_config_append = <None>
1467
1468# Defines the format string for %%(asctime)s in log records. Default:
1469# %(default)s . This option is ignored if log_config_append is set. (string
1470# value)
1471#log_date_format = %Y-%m-%d %H:%M:%S
1472
1473# (Optional) Name of log file to send logging output to. If no default is set,
1474# logging will go to stderr as defined by use_stderr. This option is ignored if
1475# log_config_append is set. (string value)
1476# Deprecated group/name - [DEFAULT]/logfile
1477#log_file = <None>
1478
1479# (Optional) The base directory used for relative log_file paths. This option
1480# is ignored if log_config_append is set. (string value)
1481# Deprecated group/name - [DEFAULT]/logdir
1482#log_dir = <None>
1483
1484# Uses logging handler designed to watch file system. When log file is moved or
1485# removed this handler will open a new log file with specified path
1486# instantaneously. It makes sense only if log_file option is specified and Linux
1487# platform is used. This option is ignored if log_config_append is set. (boolean
1488# value)
1489#watch_log_file = false
1490
1491# Use syslog for logging. Existing syslog format is DEPRECATED and will be
1492# changed later to honor RFC5424. This option is ignored if log_config_append is
1493# set. (boolean value)
1494#use_syslog = false
1495
1496# Syslog facility to receive log lines. This option is ignored if
1497# log_config_append is set. (string value)
1498#syslog_log_facility = LOG_USER
1499
1500# Log output to standard error. This option is ignored if log_config_append is
1501# set. (boolean value)
1502#use_stderr = true
1503
1504# Format string to use for log messages with context. (string value)
1505#logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s
1506
1507# Format string to use for log messages when context is undefined. (string
1508# value)
1509#logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s
1510
1511# Additional data to append to log message when logging level for the message is
1512# DEBUG. (string value)
1513#logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d
1514
1515# Prefix each line of exception output with this format. (string value)
1516#logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s
1517
1518# Defines the format string for %(user_identity)s that is used in
1519# logging_context_format_string. (string value)
1520#logging_user_identity_format = %(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s
1521
1522# List of package logging levels in logger=LEVEL pairs. This option is ignored
1523# if log_config_append is set. (list value)
1524#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN,keystoneauth=WARN,oslo.cache=INFO,dogpile.core.dogpile=INFO
1525
1526# Enables or disables publication of error events. (boolean value)
1527#publish_errors = false
1528
1529# The format for an instance that is passed with the log message. (string value)
1530#instance_format = "[instance: %(uuid)s] "
1531
1532# The format for an instance UUID that is passed with the log message. (string
1533# value)
1534#instance_uuid_format = "[instance: %(uuid)s] "
1535
1536# Enables or disables fatal status of deprecations. (boolean value)
1537#fatal_deprecations = false
1538
1539#
1540# From oslo.messaging
1541#
1542
1543# Size of RPC connection pool. (integer value)
1544# Deprecated group/name - [DEFAULT]/rpc_conn_pool_size
1545#rpc_conn_pool_size = 30
1546
1547# The pool size limit for connections expiration policy (integer value)
1548#conn_pool_min_size = 2
1549
1550# The time-to-live in sec of idle connections in the pool (integer value)
1551#conn_pool_ttl = 1200
1552
1553# ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP.
1554# The "host" option should point or resolve to this address. (string value)
1555# Deprecated group/name - [DEFAULT]/rpc_zmq_bind_address
1556#rpc_zmq_bind_address = *
1557
1558# MatchMaker driver. (string value)
1559# Allowed values: redis, dummy
1560# Deprecated group/name - [DEFAULT]/rpc_zmq_matchmaker
1561#rpc_zmq_matchmaker = redis
1562
1563# Number of ZeroMQ contexts, defaults to 1. (integer value)
1564# Deprecated group/name - [DEFAULT]/rpc_zmq_contexts
1565#rpc_zmq_contexts = 1
1566
1567# Maximum number of ingress messages to locally buffer per topic. Default is
1568# unlimited. (integer value)
1569# Deprecated group/name - [DEFAULT]/rpc_zmq_topic_backlog
1570#rpc_zmq_topic_backlog = <None>
1571
1572# Directory for holding IPC sockets. (string value)
1573# Deprecated group/name - [DEFAULT]/rpc_zmq_ipc_dir
1574#rpc_zmq_ipc_dir = /var/run/openstack
1575
1576# Name of this node. Must be a valid hostname, FQDN, or IP address. Must match
1577# "host" option, if running Nova. (string value)
1578# Deprecated group/name - [DEFAULT]/rpc_zmq_host
1579#rpc_zmq_host = localhost
1580
1581# Seconds to wait before a cast expires (TTL). The default value of -1 specifies
1582# an infinite linger period. The value of 0 specifies no linger period. Pending
1583# messages shall be discarded immediately when the socket is closed. Only
1584# supported by impl_zmq. (integer value)
1585# Deprecated group/name - [DEFAULT]/rpc_cast_timeout
1586#rpc_cast_timeout = -1
1587
1588# The default number of seconds that poll should wait. Poll raises timeout
1589# exception when timeout expired. (integer value)
1590# Deprecated group/name - [DEFAULT]/rpc_poll_timeout
1591#rpc_poll_timeout = 1
1592
1593# Expiration timeout in seconds of a name service record about existing target (
1594# < 0 means no timeout). (integer value)
1595# Deprecated group/name - [DEFAULT]/zmq_target_expire
1596#zmq_target_expire = 300
1597
1598# Update period in seconds of a name service record about existing target.
1599# (integer value)
1600# Deprecated group/name - [DEFAULT]/zmq_target_update
1601#zmq_target_update = 180
1602
1603# Use PUB/SUB pattern for fanout methods. PUB/SUB always uses proxy. (boolean
1604# value)
1605# Deprecated group/name - [DEFAULT]/use_pub_sub
1606#use_pub_sub = true
1607
1608# Use ROUTER remote proxy. (boolean value)
1609# Deprecated group/name - [DEFAULT]/use_router_proxy
1610#use_router_proxy = true
1611
1612# Minimal port number for random ports range. (port value)
1613# Minimum value: 0
1614# Maximum value: 65535
1615# Deprecated group/name - [DEFAULT]/rpc_zmq_min_port
1616#rpc_zmq_min_port = 49153
1617
1618# Maximal port number for random ports range. (integer value)
1619# Minimum value: 1
1620# Maximum value: 65536
1621# Deprecated group/name - [DEFAULT]/rpc_zmq_max_port
1622#rpc_zmq_max_port = 65536
1623
1624# Number of retries to find free port number before fail with ZMQBindError.
1625# (integer value)
1626# Deprecated group/name - [DEFAULT]/rpc_zmq_bind_port_retries
1627#rpc_zmq_bind_port_retries = 100
1628
1629# Default serialization mechanism for serializing/deserializing
1630# outgoing/incoming messages (string value)
1631# Allowed values: json, msgpack
1632# Deprecated group/name - [DEFAULT]/rpc_zmq_serialization
1633#rpc_zmq_serialization = json
1634
1635# This option configures round-robin mode in zmq socket. True means not keeping
1636# a queue when server side disconnects. False means to keep queue and messages
1637# even if server is disconnected, when the server appears we send all
1638# accumulated messages to it. (boolean value)
1639#zmq_immediate = false
1640
1641# Size of executor thread pool. (integer value)
1642# Deprecated group/name - [DEFAULT]/rpc_thread_pool_size
1643#executor_thread_pool_size = 64
1644
1645# Seconds to wait for a response from a call. (integer value)
1646#rpc_response_timeout = 60
1647
1648# A URL representing the messaging driver to use and its full configuration.
1649# (string value)
1650#transport_url = <None>
1651
1652# DEPRECATED: The messaging driver to use, defaults to rabbit. Other drivers
1653# include amqp and zmq. (string value)
1654# This option is deprecated for removal.
1655# Its value may be silently ignored in the future.
1656# Reason: Replaced by [DEFAULT]/transport_url
1657#rpc_backend = rabbit
1658
1659# The default exchange under which topics are scoped. May be overridden by an
1660# exchange name specified in the transport_url option. (string value)
1661#control_exchange = openstack
1662
1663
1664[cors]
1665
1666#
1667# From oslo.middleware.cors
1668#
1669
1670# Indicate whether this resource may be shared with the domain received in the
1671# requests "origin" header. Format: "<protocol>://<host>[:<port>]", no trailing
1672# slash. Example: https://horizon.example.com (list value)
1673#allowed_origin = <None>
1674
1675# Indicate that the actual request can include user credentials (boolean value)
1676#allow_credentials = true
1677
1678# Indicate which headers are safe to expose to the API. Defaults to HTTP Simple
1679# Headers. (list value)
1680#expose_headers = X-Image-Meta-Checksum,X-Auth-Token,X-Subject-Token,X-Service-Token,X-OpenStack-Request-ID
1681
1682# Maximum cache age of CORS preflight requests. (integer value)
1683#max_age = 3600
1684
1685# Indicate which methods can be used during the actual request. (list value)
1686#allow_methods = GET,PUT,POST,DELETE,PATCH
1687
1688# Indicate which header field names may be used during the actual request. (list
1689# value)
1690#allow_headers = Content-MD5,X-Image-Meta-Checksum,X-Storage-Token,Accept-Encoding,X-Auth-Token,X-Identity-Status,X-Roles,X-Service-Catalog,X-User-Id,X-Tenant-Id,X-OpenStack-Request-ID
1691
1692
1693[cors.subdomain]
1694
1695#
1696# From oslo.middleware.cors
1697#
1698
1699# Indicate whether this resource may be shared with the domain received in the
1700# requests "origin" header. Format: "<protocol>://<host>[:<port>]", no trailing
1701# slash. Example: https://horizon.example.com (list value)
1702#allowed_origin = <None>
1703
1704# Indicate that the actual request can include user credentials (boolean value)
1705#allow_credentials = true
1706
1707# Indicate which headers are safe to expose to the API. Defaults to HTTP Simple
1708# Headers. (list value)
1709#expose_headers = X-Image-Meta-Checksum,X-Auth-Token,X-Subject-Token,X-Service-Token,X-OpenStack-Request-ID
1710
1711# Maximum cache age of CORS preflight requests. (integer value)
1712#max_age = 3600
1713
1714# Indicate which methods can be used during the actual request. (list value)
1715#allow_methods = GET,PUT,POST,DELETE,PATCH
1716
1717# Indicate which header field names may be used during the actual request. (list
1718# value)
1719#allow_headers = Content-MD5,X-Image-Meta-Checksum,X-Storage-Token,Accept-Encoding,X-Auth-Token,X-Identity-Status,X-Roles,X-Service-Catalog,X-User-Id,X-Tenant-Id,X-OpenStack-Request-ID
1720
1721
1722[database]
1723
1724#
1725# From oslo.db
1726#
1727
1728# DEPRECATED: The file name to use with SQLite. (string value)
1729# Deprecated group/name - [DEFAULT]/sqlite_db
1730# This option is deprecated for removal.
1731# Its value may be silently ignored in the future.
1732# Reason: Should use config option connection or slave_connection to connect the
1733# database.
1734#sqlite_db = oslo.sqlite
1735
1736# If True, SQLite uses synchronous mode. (boolean value)
1737# Deprecated group/name - [DEFAULT]/sqlite_synchronous
1738#sqlite_synchronous = true
1739
1740# The back end to use for the database. (string value)
1741# Deprecated group/name - [DEFAULT]/db_backend
1742#backend = sqlalchemy
1743
1744# The SQLAlchemy connection string to use to connect to the database. (string
1745# value)
1746# Deprecated group/name - [DEFAULT]/sql_connection
1747# Deprecated group/name - [DATABASE]/sql_connection
1748# Deprecated group/name - [sql]/connection
1749#connection = <None>
1750
1751# The SQLAlchemy connection string to use to connect to the slave database.
1752# (string value)
1753#slave_connection = <None>
1754
1755# The SQL mode to be used for MySQL sessions. This option, including the
1756# default, overrides any server-set SQL mode. To use whatever SQL mode is set by
1757# the server configuration, set this to no value. Example: mysql_sql_mode=
1758# (string value)
1759#mysql_sql_mode = TRADITIONAL
1760
1761# Timeout before idle SQL connections are reaped. (integer value)
1762# Deprecated group/name - [DEFAULT]/sql_idle_timeout
1763# Deprecated group/name - [DATABASE]/sql_idle_timeout
1764# Deprecated group/name - [sql]/idle_timeout
1765#idle_timeout = 3600
1766
1767# Minimum number of SQL connections to keep open in a pool. (integer value)
1768# Deprecated group/name - [DEFAULT]/sql_min_pool_size
1769# Deprecated group/name - [DATABASE]/sql_min_pool_size
1770#min_pool_size = 1
1771
1772# Maximum number of SQL connections to keep open in a pool. Setting a value of 0
1773# indicates no limit. (integer value)
1774# Deprecated group/name - [DEFAULT]/sql_max_pool_size
1775# Deprecated group/name - [DATABASE]/sql_max_pool_size
1776#max_pool_size = 5
1777
1778# Maximum number of database connection retries during startup. Set to -1 to
1779# specify an infinite retry count. (integer value)
1780# Deprecated group/name - [DEFAULT]/sql_max_retries
1781# Deprecated group/name - [DATABASE]/sql_max_retries
1782#max_retries = 10
1783
1784# Interval between retries of opening a SQL connection. (integer value)
1785# Deprecated group/name - [DEFAULT]/sql_retry_interval
1786# Deprecated group/name - [DATABASE]/reconnect_interval
1787#retry_interval = 10
1788
1789# If set, use this value for max_overflow with SQLAlchemy. (integer value)
1790# Deprecated group/name - [DEFAULT]/sql_max_overflow
1791# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow
1792#max_overflow = 50
1793
1794# Verbosity of SQL debugging information: 0=None, 100=Everything. (integer
1795# value)
1796# Minimum value: 0
1797# Maximum value: 100
1798# Deprecated group/name - [DEFAULT]/sql_connection_debug
1799#connection_debug = 0
1800
1801# Add Python stack traces to SQL as comment strings. (boolean value)
1802# Deprecated group/name - [DEFAULT]/sql_connection_trace
1803#connection_trace = false
1804
1805# If set, use this value for pool_timeout with SQLAlchemy. (integer value)
1806# Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout
1807#pool_timeout = <None>
1808
1809# Enable the experimental use of database reconnect on connection lost. (boolean
1810# value)
1811#use_db_reconnect = false
1812
1813# Seconds between retries of a database transaction. (integer value)
1814#db_retry_interval = 1
1815
1816# If True, increases the interval between retries of a database operation up to
1817# db_max_retry_interval. (boolean value)
1818#db_inc_retry_interval = true
1819
1820# If db_inc_retry_interval is set, the maximum seconds between retries of a
1821# database operation. (integer value)
1822#db_max_retry_interval = 10
1823
1824# Maximum retries in case of connection error or deadlock error before error is
1825# raised. Set to -1 to specify an infinite retry count. (integer value)
1826#db_max_retries = 20
1827
1828#
1829# From oslo.db.concurrency
1830#
1831
1832# Enable the experimental use of thread pooling for all DB API calls (boolean
1833# value)
1834# Deprecated group/name - [DEFAULT]/dbapi_use_tpool
1835#use_tpool = false
1836
1837connection = mysql+pymysql://glance:xa1234@controller/glance
1838
1839[glance_store]
1840
1841#
1842# From glance.store
1843#
1844
1845#
1846# List of enabled Glance stores.
1847#
1848# Register the storage backends to use for storing disk images
1849# as a comma separated list. The default stores enabled for
1850# storing disk images with Glance are ``file`` and ``http``.
1851#
1852# Possible values:
1853# * A comma separated list that could include:
1854# * file
1855# * http
1856# * swift
1857# * rbd
1858# * sheepdog
1859# * cinder
1860# * vmware
1861#
1862# Related Options:
1863# * default_store
1864#
1865# (list value)
1866#stores = file,http
1867
1868#
1869# The default scheme to use for storing images.
1870#
1871# Provide a string value representing the default scheme to use for
1872# storing images. If not set, Glance uses ``file`` as the default
1873# scheme to store images with the ``file`` store.
1874#
1875# NOTE: The value given for this configuration option must be a valid
1876# scheme for a store registered with the ``stores`` configuration
1877# option.
1878#
1879# Possible values:
1880# * file
1881# * filesystem
1882# * http
1883# * https
1884# * swift
1885# * swift+http
1886# * swift+https
1887# * swift+config
1888# * rbd
1889# * sheepdog
1890# * cinder
1891# * vsphere
1892#
1893# Related Options:
1894# * stores
1895#
1896# (string value)
1897# Allowed values: file, filesystem, http, https, swift, swift+http, swift+https, swift+config, rbd, sheepdog, cinder, vsphere
1898#default_store = file
1899
1900#
1901# Minimum interval in seconds to execute updating dynamic storage
1902# capabilities based on current backend status.
1903#
1904# Provide an integer value representing time in seconds to set the
1905# minimum interval before an update of dynamic storage capabilities
1906# for a storage backend can be attempted. Setting
1907# ``store_capabilities_update_min_interval`` does not mean updates
1908# occur periodically based on the set interval. Rather, the update
1909# is performed at the elapse of this interval set, if an operation
1910# of the store is triggered.
1911#
1912# By default, this option is set to zero and is disabled. Provide an
1913# integer value greater than zero to enable this option.
1914#
1915# NOTE: For more information on store capabilities and their updates,
1916# please visit: https://specs.openstack.org/openstack/glance-specs/specs/kilo
1917# /store-capabilities.html
1918#
1919# For more information on setting up a particular store in your
1920# deplyment and help with the usage of this feature, please contact
1921# the storage driver maintainers listed here:
1922# http://docs.openstack.org/developer/glance_store/drivers/index.html
1923#
1924# Possible values:
1925# * Zero
1926# * Positive integer
1927#
1928# Related Options:
1929# * None
1930#
1931# (integer value)
1932# Minimum value: 0
1933#store_capabilities_update_min_interval = 0
1934
1935#
1936# Information to match when looking for cinder in the service catalog.
1937#
1938# When the ``cinder_endpoint_template`` is not set and any of
1939# ``cinder_store_auth_address``, ``cinder_store_user_name``,
1940# ``cinder_store_project_name``, ``cinder_store_password`` is not set,
1941# cinder store uses this information to lookup cinder endpoint from the service
1942# catalog in the current context. ``cinder_os_region_name``, if set, is taken
1943# into consideration to fetch the appropriate endpoint.
1944#
1945# The service catalog can be listed by the ``openstack catalog list`` command.
1946#
1947# Possible values:
1948# * A string of of the following form:
1949# ``<service_type>:<service_name>:<endpoint_type>``
1950# At least ``service_type`` and ``endpoint_type`` should be specified.
1951# ``service_name`` can be omitted.
1952#
1953# Related options:
1954# * cinder_os_region_name
1955# * cinder_endpoint_template
1956# * cinder_store_auth_address
1957# * cinder_store_user_name
1958# * cinder_store_project_name
1959# * cinder_store_password
1960#
1961# (string value)
1962#cinder_catalog_info = volumev2::publicURL
1963
1964#
1965# Override service catalog lookup with template for cinder endpoint.
1966#
1967# When this option is set, this value is used to generate cinder endpoint,
1968# instead of looking up from the service catalog.
1969# This value is ignored if ``cinder_store_auth_address``,
1970# ``cinder_store_user_name``, ``cinder_store_project_name``, and
1971# ``cinder_store_password`` are specified.
1972#
1973# If this configuration option is set, ``cinder_catalog_info`` will be ignored.
1974#
1975# Possible values:
1976# * URL template string for cinder endpoint, where ``%%(tenant)s`` is
1977# replaced with the current tenant (project) name.
1978# For example: ``http://cinder.openstack.example.org/v2/%%(tenant)s``
1979#
1980# Related options:
1981# * cinder_store_auth_address
1982# * cinder_store_user_name
1983# * cinder_store_project_name
1984# * cinder_store_password
1985# * cinder_catalog_info
1986#
1987# (string value)
1988#cinder_endpoint_template = <None>
1989
1990#
1991# Region name to lookup cinder service from the service catalog.
1992#
1993# This is used only when ``cinder_catalog_info`` is used for determining the
1994# endpoint. If set, the lookup for cinder endpoint by this node is filtered to
1995# the specified region. It is useful when multiple regions are listed in the
1996# catalog. If this is not set, the endpoint is looked up from every region.
1997#
1998# Possible values:
1999# * A string that is a valid region name.
2000#
2001# Related options:
2002# * cinder_catalog_info
2003#
2004# (string value)
2005# Deprecated group/name - [glance_store]/os_region_name
2006#cinder_os_region_name = <None>
2007
2008#
2009# Location of a CA certificates file used for cinder client requests.
2010#
2011# The specified CA certificates file, if set, is used to verify cinder
2012# connections via HTTPS endpoint. If the endpoint is HTTP, this value is
2013# ignored.
2014# ``cinder_api_insecure`` must be set to ``True`` to enable the verification.
2015#
2016# Possible values:
2017# * Path to a ca certificates file
2018#
2019# Related options:
2020# * cinder_api_insecure
2021#
2022# (string value)
2023#cinder_ca_certificates_file = <None>
2024
2025#
2026# Number of cinderclient retries on failed http calls.
2027#
2028# When a call failed by any errors, cinderclient will retry the call up to the
2029# specified times after sleeping a few seconds.
2030#
2031# Possible values:
2032# * A positive integer
2033#
2034# Related options:
2035# * None
2036#
2037# (integer value)
2038# Minimum value: 0
2039#cinder_http_retries = 3
2040
2041#
2042# Time period, in seconds, to wait for a cinder volume transition to
2043# complete.
2044#
2045# When the cinder volume is created, deleted, or attached to the glance node to
2046# read/write the volume data, the volume's state is changed. For example, the
2047# newly created volume status changes from ``creating`` to ``available`` after
2048# the creation process is completed. This specifies the maximum time to wait for
2049# the status change. If a timeout occurs while waiting, or the status is changed
2050# to an unexpected value (e.g. `error``), the image creation fails.
2051#
2052# Possible values:
2053# * A positive integer
2054#
2055# Related options:
2056# * None
2057#
2058# (integer value)
2059# Minimum value: 0
2060#cinder_state_transition_timeout = 300
2061
2062#
2063# Allow to perform insecure SSL requests to cinder.
2064#
2065# If this option is set to True, HTTPS endpoint connection is verified using the
2066# CA certificates file specified by ``cinder_ca_certificates_file`` option.
2067#
2068# Possible values:
2069# * True
2070# * False
2071#
2072# Related options:
2073# * cinder_ca_certificates_file
2074#
2075# (boolean value)
2076#cinder_api_insecure = false
2077
2078#
2079# The address where the cinder authentication service is listening.
2080#
2081# When all of ``cinder_store_auth_address``, ``cinder_store_user_name``,
2082# ``cinder_store_project_name``, and ``cinder_store_password`` options are
2083# specified, the specified values are always used for the authentication.
2084# This is useful to hide the image volumes from users by storing them in a
2085# project/tenant specific to the image service. It also enables users to share
2086# the image volume among other projects under the control of glance's ACL.
2087#
2088# If either of these options are not set, the cinder endpoint is looked up
2089# from the service catalog, and current context's user and project are used.
2090#
2091# Possible values:
2092# * A valid authentication service address, for example:
2093# ``http://openstack.example.org/identity/v2.0``
2094#
2095# Related options:
2096# * cinder_store_user_name
2097# * cinder_store_password
2098# * cinder_store_project_name
2099#
2100# (string value)
2101#cinder_store_auth_address = <None>
2102
2103#
2104# User name to authenticate against cinder.
2105#
2106# This must be used with all the following related options. If any of these are
2107# not specified, the user of the current context is used.
2108#
2109# Possible values:
2110# * A valid user name
2111#
2112# Related options:
2113# * cinder_store_auth_address
2114# * cinder_store_password
2115# * cinder_store_project_name
2116#
2117# (string value)
2118#cinder_store_user_name = <None>
2119
2120#
2121# Password for the user authenticating against cinder.
2122#
2123# This must be used with all the following related options. If any of these are
2124# not specified, the user of the current context is used.
2125#
2126# Possible values:
2127# * A valid password for the user specified by ``cinder_store_user_name``
2128#
2129# Related options:
2130# * cinder_store_auth_address
2131# * cinder_store_user_name
2132# * cinder_store_project_name
2133#
2134# (string value)
2135#cinder_store_password = <None>
2136
2137#
2138# Project name where the image volume is stored in cinder.
2139#
2140# If this configuration option is not set, the project in current context is
2141# used.
2142#
2143# This must be used with all the following related options. If any of these are
2144# not specified, the project of the current context is used.
2145#
2146# Possible values:
2147# * A valid project name
2148#
2149# Related options:
2150# * ``cinder_store_auth_address``
2151# * ``cinder_store_user_name``
2152# * ``cinder_store_password``
2153#
2154# (string value)
2155#cinder_store_project_name = <None>
2156
2157#
2158# Path to the rootwrap configuration file to use for running commands as root.
2159#
2160# The cinder store requires root privileges to operate the image volumes (for
2161# connecting to iSCSI/FC volumes and reading/writing the volume data, etc.).
2162# The configuration file should allow the required commands by cinder store and
2163# os-brick library.
2164#
2165# Possible values:
2166# * Path to the rootwrap config file
2167#
2168# Related options:
2169# * None
2170#
2171# (string value)
2172#rootwrap_config = /etc/glance/rootwrap.conf
2173
2174#
2175# Directory to which the filesystem backend store writes images.
2176#
2177# Upon start up, Glance creates the directory if it doesn't already
2178# exist and verifies write access to the user under which
2179# ``glance-api`` runs. If the write access isn't available, a
2180# ``BadStoreConfiguration`` exception is raised and the filesystem
2181# store may not be available for adding new images.
2182#
2183# NOTE: This directory is used only when filesystem store is used as a
2184# storage backend. Either ``filesystem_store_datadir`` or
2185# ``filesystem_store_datadirs`` option must be specified in
2186# ``glance-api.conf``. If both options are specified, a
2187# ``BadStoreConfiguration`` will be raised and the filesystem store
2188# may not be available for adding new images.
2189#
2190# Possible values:
2191# * A valid path to a directory
2192#
2193# Related options:
2194# * ``filesystem_store_datadirs``
2195# * ``filesystem_store_file_perm``
2196#
2197# (string value)
2198#filesystem_store_datadir = /var/lib/glance/images
2199
2200#
2201# List of directories and their priorities to which the filesystem
2202# backend store writes images.
2203#
2204# The filesystem store can be configured to store images in multiple
2205# directories as opposed to using a single directory specified by the
2206# ``filesystem_store_datadir`` configuration option. When using
2207# multiple directories, each directory can be given an optional
2208# priority to specify the preference order in which they should
2209# be used. Priority is an integer that is concatenated to the
2210# directory path with a colon where a higher value indicates higher
2211# priority. When two directories have the same priority, the directory
2212# with most free space is used. When no priority is specified, it
2213# defaults to zero.
2214#
2215# More information on configuring filesystem store with multiple store
2216# directories can be found at
2217# http://docs.openstack.org/developer/glance/configuring.html
2218#
2219# NOTE: This directory is used only when filesystem store is used as a
2220# storage backend. Either ``filesystem_store_datadir`` or
2221# ``filesystem_store_datadirs`` option must be specified in
2222# ``glance-api.conf``. If both options are specified, a
2223# ``BadStoreConfiguration`` will be raised and the filesystem store
2224# may not be available for adding new images.
2225#
2226# Possible values:
2227# * List of strings of the following form:
2228# * ``<a valid directory path>:<optional integer priority>``
2229#
2230# Related options:
2231# * ``filesystem_store_datadir``
2232# * ``filesystem_store_file_perm``
2233#
2234# (multi valued)
2235#filesystem_store_datadirs =
2236
2237#
2238# Filesystem store metadata file.
2239#
2240# The path to a file which contains the metadata to be returned with
2241# any location associated with the filesystem store. The file must
2242# contain a valid JSON object. The object should contain the keys
2243# ``id`` and ``mountpoint``. The value for both keys should be a
2244# string.
2245#
2246# Possible values:
2247# * A valid path to the store metadata file
2248#
2249# Related options:
2250# * None
2251#
2252# (string value)
2253#filesystem_store_metadata_file = <None>
2254
2255#
2256# File access permissions for the image files.
2257#
2258# Set the intended file access permissions for image data. This provides
2259# a way to enable other services, e.g. Nova, to consume images directly
2260# from the filesystem store. The users running the services that are
2261# intended to be given access to could be made a member of the group
2262# that owns the files created. Assigning a value less then or equal to
2263# zero for this configuration option signifies that no changes be made
2264# to the default permissions. This value will be decoded as an octal
2265# digit.
2266#
2267# For more information, please refer the documentation at
2268# http://docs.openstack.org/developer/glance/configuring.html
2269#
2270# Possible values:
2271# * A valid file access permission
2272# * Zero
2273# * Any negative integer
2274#
2275# Related options:
2276# * None
2277#
2278# (integer value)
2279#filesystem_store_file_perm = 0
2280
2281#
2282# Path to the CA bundle file.
2283#
2284# This configuration option enables the operator to use a custom
2285# Certificate Authority file to verify the remote server certificate. If
2286# this option is set, the ``https_insecure`` option will be ignored and
2287# the CA file specified will be used to authenticate the server
2288# certificate and establish a secure connection to the server.
2289#
2290# Possible values:
2291# * A valid path to a CA file
2292#
2293# Related options:
2294# * https_insecure
2295#
2296# (string value)
2297#https_ca_certificates_file = <None>
2298
2299#
2300# Set verification of the remote server certificate.
2301#
2302# This configuration option takes in a boolean value to determine
2303# whether or not to verify the remote server certificate. If set to
2304# True, the remote server certificate is not verified. If the option is
2305# set to False, then the default CA truststore is used for verification.
2306#
2307# This option is ignored if ``https_ca_certificates_file`` is set.
2308# The remote server certificate will then be verified using the file
2309# specified using the ``https_ca_certificates_file`` option.
2310#
2311# Possible values:
2312# * True
2313# * False
2314#
2315# Related options:
2316# * https_ca_certificates_file
2317#
2318# (boolean value)
2319#https_insecure = true
2320
2321#
2322# The http/https proxy information to be used to connect to the remote
2323# server.
2324#
2325# This configuration option specifies the http/https proxy information
2326# that should be used to connect to the remote server. The proxy
2327# information should be a key value pair of the scheme and proxy, for
2328# example, http:10.0.0.1:3128. You can also specify proxies for multiple
2329# schemes by separating the key value pairs with a comma, for example,
2330# http:10.0.0.1:3128, https:10.0.0.1:1080.
2331#
2332# Possible values:
2333# * A comma separated list of scheme:proxy pairs as described above
2334#
2335# Related options:
2336# * None
2337#
2338# (dict value)
2339#http_proxy_information =
2340
2341#
2342# Size, in megabytes, to chunk RADOS images into.
2343#
2344# Provide an integer value representing the size in megabytes to chunk
2345# Glance images into. The default chunk size is 8 megabytes. For optimal
2346# performance, the value should be a power of two.
2347#
2348# When Ceph's RBD object storage system is used as the storage backend
2349# for storing Glance images, the images are chunked into objects of the
2350# size set using this option. These chunked objects are then stored
2351# across the distributed block data store to use for Glance.
2352#
2353# Possible Values:
2354# * Any positive integer value
2355#
2356# Related options:
2357# * None
2358#
2359# (integer value)
2360# Minimum value: 1
2361#rbd_store_chunk_size = 8
2362
2363#
2364# RADOS pool in which images are stored.
2365#
2366# When RBD is used as the storage backend for storing Glance images, the
2367# images are stored by means of logical grouping of the objects (chunks
2368# of images) into a ``pool``. Each pool is defined with the number of
2369# placement groups it can contain. The default pool that is used is
2370# 'images'.
2371#
2372# More information on the RBD storage backend can be found here:
2373# http://ceph.com/planet/how-data-is-stored-in-ceph-cluster/
2374#
2375# Possible Values:
2376# * A valid pool name
2377#
2378# Related options:
2379# * None
2380#
2381# (string value)
2382#rbd_store_pool = images
2383
2384#
2385# RADOS user to authenticate as.
2386#
2387# This configuration option takes in the RADOS user to authenticate as.
2388# This is only needed when RADOS authentication is enabled and is
2389# applicable only if the user is using Cephx authentication. If the
2390# value for this option is not set by the user or is set to None, a
2391# default value will be chosen, which will be based on the client.
2392# section in rbd_store_ceph_conf.
2393#
2394# Possible Values:
2395# * A valid RADOS user
2396#
2397# Related options:
2398# * rbd_store_ceph_conf
2399#
2400# (string value)
2401#rbd_store_user = <None>
2402
2403#
2404# Ceph configuration file path.
2405#
2406# This configuration option takes in the path to the Ceph configuration
2407# file to be used. If the value for this option is not set by the user
2408# or is set to None, librados will locate the default configuration file
2409# which is located at /etc/ceph/ceph.conf. If using Cephx
2410# authentication, this file should include a reference to the right
2411# keyring in a client.<USER> section
2412#
2413# Possible Values:
2414# * A valid path to a configuration file
2415#
2416# Related options:
2417# * rbd_store_user
2418#
2419# (string value)
2420#rbd_store_ceph_conf = /etc/ceph/ceph.conf
2421
2422#
2423# Timeout value for connecting to Ceph cluster.
2424#
2425# This configuration option takes in the timeout value in seconds used
2426# when connecting to the Ceph cluster i.e. it sets the time to wait for
2427# glance-api before closing the connection. This prevents glance-api
2428# hangups during the connection to RBD. If the value for this option
2429# is set to less than or equal to 0, no timeout is set and the default
2430# librados value is used.
2431#
2432# Possible Values:
2433# * Any integer value
2434#
2435# Related options:
2436# * None
2437#
2438# (integer value)
2439#rados_connect_timeout = 0
2440
2441#
2442# Chunk size for images to be stored in Sheepdog data store.
2443#
2444# Provide an integer value representing the size in mebibyte
2445# (1048576 bytes) to chunk Glance images into. The default
2446# chunk size is 64 mebibytes.
2447#
2448# When using Sheepdog distributed storage system, the images are
2449# chunked into objects of this size and then stored across the
2450# distributed data store to use for Glance.
2451#
2452# Chunk sizes, if a power of two, help avoid fragmentation and
2453# enable improved performance.
2454#
2455# Possible values:
2456# * Positive integer value representing size in mebibytes.
2457#
2458# Related Options:
2459# * None
2460#
2461# (integer value)
2462# Minimum value: 1
2463#sheepdog_store_chunk_size = 64
2464
2465#
2466# Port number on which the sheep daemon will listen.
2467#
2468# Provide an integer value representing a valid port number on
2469# which you want the Sheepdog daemon to listen on. The default
2470# port is 7000.
2471#
2472# The Sheepdog daemon, also called 'sheep', manages the storage
2473# in the distributed cluster by writing objects across the storage
2474# network. It identifies and acts on the messages it receives on
2475# the port number set using ``sheepdog_store_port`` option to store
2476# chunks of Glance images.
2477#
2478# Possible values:
2479# * A valid port number (0 to 65535)
2480#
2481# Related Options:
2482# * sheepdog_store_address
2483#
2484# (port value)
2485# Minimum value: 0
2486# Maximum value: 65535
2487#sheepdog_store_port = 7000
2488
2489#
2490# Address to bind the Sheepdog daemon to.
2491#
2492# Provide a string value representing the address to bind the
2493# Sheepdog daemon to. The default address set for the 'sheep'
2494# is 127.0.0.1.
2495#
2496# The Sheepdog daemon, also called 'sheep', manages the storage
2497# in the distributed cluster by writing objects across the storage
2498# network. It identifies and acts on the messages directed to the
2499# address set using ``sheepdog_store_address`` option to store
2500# chunks of Glance images.
2501#
2502# Possible values:
2503# * A valid IPv4 address
2504# * A valid IPv6 address
2505# * A valid hostname
2506#
2507# Related Options:
2508# * sheepdog_store_port
2509#
2510# (string value)
2511#sheepdog_store_address = 127.0.0.1
2512
2513#
2514# Set verification of the server certificate.
2515#
2516# This boolean determines whether or not to verify the server
2517# certificate. If this option is set to True, swiftclient won't check
2518# for a valid SSL certificate when authenticating. If the option is set
2519# to False, then the default CA truststore is used for verification.
2520#
2521# Possible values:
2522# * True
2523# * False
2524#
2525# Related options:
2526# * swift_store_cacert
2527#
2528# (boolean value)
2529#swift_store_auth_insecure = false
2530
2531#
2532# Path to the CA bundle file.
2533#
2534# This configuration option enables the operator to specify the path to
2535# a custom Certificate Authority file for SSL verification when
2536# connecting to Swift.
2537#
2538# Possible values:
2539# * A valid path to a CA file
2540#
2541# Related options:
2542# * swift_store_auth_insecure
2543#
2544# (string value)
2545#swift_store_cacert = /etc/ssl/certs/ca-certificates.crt
2546
2547#
2548# The region of Swift endpoint to use by Glance.
2549#
2550# Provide a string value representing a Swift region where Glance
2551# can connect to for image storage. By default, there is no region
2552# set.
2553#
2554# When Glance uses Swift as the storage backend to store images
2555# for a specific tenant that has multiple endpoints, setting of a
2556# Swift region with ``swift_store_region`` allows Glance to connect
2557# to Swift in the specified region as opposed to a single region
2558# connectivity.
2559#
2560# This option can be configured for both single-tenant and
2561# multi-tenant storage.
2562#
2563# NOTE: Setting the region with ``swift_store_region`` is
2564# tenant-specific and is necessary ``only if`` the tenant has
2565# multiple endpoints across different regions.
2566#
2567# Possible values:
2568# * A string value representing a valid Swift region.
2569#
2570# Related Options:
2571# * None
2572#
2573# (string value)
2574#swift_store_region = RegionTwo
2575
2576#
2577# The URL endpoint to use for Swift backend storage.
2578#
2579# Provide a string value representing the URL endpoint to use for
2580# storing Glance images in Swift store. By default, an endpoint
2581# is not set and the storage URL returned by ``auth`` is used.
2582# Setting an endpoint with ``swift_store_endpoint`` overrides the
2583# storage URL and is used for Glance image storage.
2584#
2585# NOTE: The URL should include the path up to, but excluding the
2586# container. The location of an object is obtained by appending
2587# the container and object to the configured URL.
2588#
2589# Possible values:
2590# * String value representing a valid URL path up to a Swift container
2591#
2592# Related Options:
2593# * None
2594#
2595# (string value)
2596#swift_store_endpoint = https://swift.openstack.example.org/v1/path_not_including_container_name
2597
2598#
2599# Endpoint Type of Swift service.
2600#
2601# This string value indicates the endpoint type to use to fetch the
2602# Swift endpoint. The endpoint type determines the actions the user will
2603# be allowed to perform, for instance, reading and writing to the Store.
2604# This setting is only used if swift_store_auth_version is greater than
2605# 1.
2606#
2607# Possible values:
2608# * publicURL
2609# * adminURL
2610# * internalURL
2611#
2612# Related options:
2613# * swift_store_endpoint
2614#
2615# (string value)
2616# Allowed values: publicURL, adminURL, internalURL
2617#swift_store_endpoint_type = publicURL
2618
2619#
2620# Type of Swift service to use.
2621#
2622# Provide a string value representing the service type to use for
2623# storing images while using Swift backend storage. The default
2624# service type is set to ``object-store``.
2625#
2626# NOTE: If ``swift_store_auth_version`` is set to 2, the value for
2627# this configuration option needs to be ``object-store``. If using
2628# a higher version of Keystone or a different auth scheme, this
2629# option may be modified.
2630#
2631# Possible values:
2632# * A string representing a valid service type for Swift storage.
2633#
2634# Related Options:
2635# * None
2636#
2637# (string value)
2638#swift_store_service_type = object-store
2639
2640#
2641# Name of single container to store images/name prefix for multiple containers
2642#
2643# When a single container is being used to store images, this configuration
2644# option indicates the container within the Glance account to be used for
2645# storing all images. When multiple containers are used to store images, this
2646# will be the name prefix for all containers. Usage of single/multiple
2647# containers can be controlled using the configuration option
2648# ``swift_store_multiple_containers_seed``.
2649#
2650# When using multiple containers, the containers will be named after the value
2651# set for this configuration option with the first N chars of the image UUID
2652# as the suffix delimited by an underscore (where N is specified by
2653# ``swift_store_multiple_containers_seed``).
2654#
2655# Example: if the seed is set to 3 and swift_store_container = ``glance``, then
2656# an image with UUID ``fdae39a1-bac5-4238-aba4-69bcc726e848`` would be placed in
2657# the container ``glance_fda``. All dashes in the UUID are included when
2658# creating the container name but do not count toward the character limit, so
2659# when N=10 the container name would be ``glance_fdae39a1-ba.``
2660#
2661# Possible values:
2662# * If using single container, this configuration option can be any string
2663# that is a valid swift container name in Glance's Swift account
2664# * If using multiple containers, this configuration option can be any
2665# string as long as it satisfies the container naming rules enforced by
2666# Swift. The value of ``swift_store_multiple_containers_seed`` should be
2667# taken into account as well.
2668#
2669# Related options:
2670# * ``swift_store_multiple_containers_seed``
2671# * ``swift_store_multi_tenant``
2672# * ``swift_store_create_container_on_put``
2673#
2674# (string value)
2675#swift_store_container = glance
2676
2677#
2678# The size threshold, in MB, after which Glance will start segmenting image
2679# data.
2680#
2681# Swift has an upper limit on the size of a single uploaded object. By default,
2682# this is 5GB. To upload objects bigger than this limit, objects are segmented
2683# into multiple smaller objects that are tied together with a manifest file.
2684# For more detail, refer to
2685# http://docs.openstack.org/developer/swift/overview_large_objects.html
2686#
2687# This configuration option specifies the size threshold over which the Swift
2688# driver will start segmenting image data into multiple smaller files.
2689# Currently, the Swift driver only supports creating Dynamic Large Objects.
2690#
2691# NOTE: This should be set by taking into account the large object limit
2692# enforced by the Swift cluster in consideration.
2693#
2694# Possible values:
2695# * A positive integer that is less than or equal to the large object limit
2696# enforced by the Swift cluster in consideration.
2697#
2698# Related options:
2699# * ``swift_store_large_object_chunk_size``
2700#
2701# (integer value)
2702# Minimum value: 1
2703#swift_store_large_object_size = 5120
2704
2705#
2706# The maximum size, in MB, of the segments when image data is segmented.
2707#
2708# When image data is segmented to upload images that are larger than the limit
2709# enforced by the Swift cluster, image data is broken into segments that are no
2710# bigger than the size specified by this configuration option.
2711# Refer to ``swift_store_large_object_size`` for more detail.
2712#
2713# For example: if ``swift_store_large_object_size`` is 5GB and
2714# ``swift_store_large_object_chunk_size`` is 1GB, an image of size 6.2GB will be
2715# segmented into 7 segments where the first six segments will be 1GB in size and
2716# the seventh segment will be 0.2GB.
2717#
2718# Possible values:
2719# * A positive integer that is less than or equal to the large object limit
2720# enforced by Swift cluster in consideration.
2721#
2722# Related options:
2723# * ``swift_store_large_object_size``
2724#
2725# (integer value)
2726# Minimum value: 1
2727#swift_store_large_object_chunk_size = 200
2728
2729#
2730# Create container, if it doesn't already exist, when uploading image.
2731#
2732# At the time of uploading an image, if the corresponding container doesn't
2733# exist, it will be created provided this configuration option is set to True.
2734# By default, it won't be created. This behavior is applicable for both single
2735# and multiple containers mode.
2736#
2737# Possible values:
2738# * True
2739# * False
2740#
2741# Related options:
2742# * None
2743#
2744# (boolean value)
2745#swift_store_create_container_on_put = false
2746
2747#
2748# Store images in tenant's Swift account.
2749#
2750# This enables multi-tenant storage mode which causes Glance images to be stored
2751# in tenant specific Swift accounts. If this is disabled, Glance stores all
2752# images in its own account. More details multi-tenant store can be found at
2753# https://wiki.openstack.org/wiki/GlanceSwiftTenantSpecificStorage
2754#
2755# Possible values:
2756# * True
2757# * False
2758#
2759# Related options:
2760# * None
2761#
2762# (boolean value)
2763#swift_store_multi_tenant = false
2764
2765#
2766# Seed indicating the number of containers to use for storing images.
2767#
2768# When using a single-tenant store, images can be stored in one or more than one
2769# containers. When set to 0, all images will be stored in one single container.
2770# When set to an integer value between 1 and 32, multiple containers will be
2771# used to store images. This configuration option will determine how many
2772# containers are created. The total number of containers that will be used is
2773# equal to 16^N, so if this config option is set to 2, then 16^2=256 containers
2774# will be used to store images.
2775#
2776# Please refer to ``swift_store_container`` for more detail on the naming
2777# convention. More detail about using multiple containers can be found at
2778# https://specs.openstack.org/openstack/glance-specs/specs/kilo/swift-store-
2779# multiple-containers.html
2780#
2781# NOTE: This is used only when swift_store_multi_tenant is disabled.
2782#
2783# Possible values:
2784# * A non-negative integer less than or equal to 32
2785#
2786# Related options:
2787# * ``swift_store_container``
2788# * ``swift_store_multi_tenant``
2789# * ``swift_store_create_container_on_put``
2790#
2791# (integer value)
2792# Minimum value: 0
2793# Maximum value: 32
2794#swift_store_multiple_containers_seed = 0
2795
2796#
2797# List of tenants that will be granted admin access.
2798#
2799# This is a list of tenants that will be granted read/write access on
2800# all Swift containers created by Glance in multi-tenant mode. The
2801# default value is an empty list.
2802#
2803# Possible values:
2804# * A comma separated list of strings representing UUIDs of Keystone
2805# projects/tenants
2806#
2807# Related options:
2808# * None
2809#
2810# (list value)
2811#swift_store_admin_tenants =
2812
2813#
2814# SSL layer compression for HTTPS Swift requests.
2815#
2816# Provide a boolean value to determine whether or not to compress
2817# HTTPS Swift requests for images at the SSL layer. By default,
2818# compression is enabled.
2819#
2820# When using Swift as the backend store for Glance image storage,
2821# SSL layer compression of HTTPS Swift requests can be set using
2822# this option. If set to False, SSL layer compression of HTTPS
2823# Swift requests is disabled. Disabling this option may improve
2824# performance for images which are already in a compressed format,
2825# for example, qcow2.
2826#
2827# Possible values:
2828# * True
2829# * False
2830#
2831# Related Options:
2832# * None
2833#
2834# (boolean value)
2835#swift_store_ssl_compression = true
2836
2837#
2838# The number of times a Swift download will be retried before the
2839# request fails.
2840#
2841# Provide an integer value representing the number of times an image
2842# download must be retried before erroring out. The default value is
2843# zero (no retry on a failed image download). When set to a positive
2844# integer value, ``swift_store_retry_get_count`` ensures that the
2845# download is attempted this many more times upon a download failure
2846# before sending an error message.
2847#
2848# Possible values:
2849# * Zero
2850# * Positive integer value
2851#
2852# Related Options:
2853# * None
2854#
2855# (integer value)
2856# Minimum value: 0
2857#swift_store_retry_get_count = 0
2858
2859#
2860# Time in seconds defining the size of the window in which a new
2861# token may be requested before the current token is due to expire.
2862#
2863# Typically, the Swift storage driver fetches a new token upon the
2864# expiration of the current token to ensure continued access to
2865# Swift. However, some Swift transactions (like uploading image
2866# segments) may not recover well if the token expires on the fly.
2867#
2868# Hence, by fetching a new token before the current token expiration,
2869# we make sure that the token does not expire or is close to expiry
2870# before a transaction is attempted. By default, the Swift storage
2871# driver requests for a new token 60 seconds or less before the
2872# current token expiration.
2873#
2874# Possible values:
2875# * Zero
2876# * Positive integer value
2877#
2878# Related Options:
2879# * None
2880#
2881# (integer value)
2882# Minimum value: 0
2883#swift_store_expire_soon_interval = 60
2884
2885#
2886# Use trusts for multi-tenant Swift store.
2887#
2888# This option instructs the Swift store to create a trust for each
2889# add/get request when the multi-tenant store is in use. Using trusts
2890# allows the Swift store to avoid problems that can be caused by an
2891# authentication token expiring during the upload or download of data.
2892#
2893# By default, ``swift_store_use_trusts`` is set to ``True``(use of
2894# trusts is enabled). If set to ``False``, a user token is used for
2895# the Swift connection instead, eliminating the overhead of trust
2896# creation.
2897#
2898# NOTE: This option is considered only when
2899# ``swift_store_multi_tenant`` is set to ``True``
2900#
2901# Possible values:
2902# * True
2903# * False
2904#
2905# Related options:
2906# * swift_store_multi_tenant
2907#
2908# (boolean value)
2909#swift_store_use_trusts = true
2910
2911#
2912# Reference to default Swift account/backing store parameters.
2913#
2914# Provide a string value representing a reference to the default set
2915# of parameters required for using swift account/backing store for
2916# image storage. The default reference value for this configuration
2917# option is 'ref1'. This configuration option dereferences the
2918# parameters and facilitates image storage in Swift storage backend
2919# every time a new image is added.
2920#
2921# Possible values:
2922# * A valid string value
2923#
2924# Related options:
2925# * None
2926#
2927# (string value)
2928#default_swift_reference = ref1
2929
2930# DEPRECATED: Version of the authentication service to use. Valid versions are 2
2931# and 3 for keystone and 1 (deprecated) for swauth and rackspace. (string value)
2932# This option is deprecated for removal.
2933# Its value may be silently ignored in the future.
2934# Reason:
2935# The option 'auth_version' in the Swift back-end configuration file is
2936# used instead.
2937#swift_store_auth_version = 2
2938
2939# DEPRECATED: The address where the Swift authentication service is listening.
2940# (string value)
2941# This option is deprecated for removal.
2942# Its value may be silently ignored in the future.
2943# Reason:
2944# The option 'auth_address' in the Swift back-end configuration file is
2945# used instead.
2946#swift_store_auth_address = <None>
2947
2948# DEPRECATED: The user to authenticate against the Swift authentication service.
2949# (string value)
2950# This option is deprecated for removal.
2951# Its value may be silently ignored in the future.
2952# Reason:
2953# The option 'user' in the Swift back-end configuration file is set instead.
2954#swift_store_user = <None>
2955
2956# DEPRECATED: Auth key for the user authenticating against the Swift
2957# authentication service. (string value)
2958# This option is deprecated for removal.
2959# Its value may be silently ignored in the future.
2960# Reason:
2961# The option 'key' in the Swift back-end configuration file is used
2962# to set the authentication key instead.
2963#swift_store_key = <None>
2964
2965#
2966# Absolute path to the file containing the swift account(s)
2967# configurations.
2968#
2969# Include a string value representing the path to a configuration
2970# file that has references for each of the configured Swift
2971# account(s)/backing stores. By default, no file path is specified
2972# and customized Swift referencing is disabled. Configuring this
2973# option is highly recommended while using Swift storage backend for
2974# image storage as it avoids storage of credentials in the database.
2975#
2976# Possible values:
2977# * String value representing an absolute path on the glance-api
2978# node
2979#
2980# Related options:
2981# * None
2982#
2983# (string value)
2984#swift_store_config_file = <None>
2985
2986#
2987# Address of the ESX/ESXi or vCenter Server target system.
2988#
2989# This configuration option sets the address of the ESX/ESXi or vCenter
2990# Server target system. This option is required when using the VMware
2991# storage backend. The address can contain an IP address (127.0.0.1) or
2992# a DNS name (www.my-domain.com).
2993#
2994# Possible Values:
2995# * A valid IPv4 or IPv6 address
2996# * A valid DNS name
2997#
2998# Related options:
2999# * vmware_server_username
3000# * vmware_server_password
3001#
3002# (string value)
3003#vmware_server_host = 127.0.0.1
3004
3005#
3006# Server username.
3007#
3008# This configuration option takes the username for authenticating with
3009# the VMware ESX/ESXi or vCenter Server. This option is required when
3010# using the VMware storage backend.
3011#
3012# Possible Values:
3013# * Any string that is the username for a user with appropriate
3014# privileges
3015#
3016# Related options:
3017# * vmware_server_host
3018# * vmware_server_password
3019#
3020# (string value)
3021#vmware_server_username = root
3022
3023#
3024# Server password.
3025#
3026# This configuration option takes the password for authenticating with
3027# the VMware ESX/ESXi or vCenter Server. This option is required when
3028# using the VMware storage backend.
3029#
3030# Possible Values:
3031# * Any string that is a password corresponding to the username
3032# specified using the "vmware_server_username" option
3033#
3034# Related options:
3035# * vmware_server_host
3036# * vmware_server_username
3037#
3038# (string value)
3039#vmware_server_password = vmware
3040
3041#
3042# The number of VMware API retries.
3043#
3044# This configuration option specifies the number of times the VMware
3045# ESX/VC server API must be retried upon connection related issues or
3046# server API call overload. It is not possible to specify 'retry
3047# forever'.
3048#
3049# Possible Values:
3050# * Any positive integer value
3051#
3052# Related options:
3053# * None
3054#
3055# (integer value)
3056# Minimum value: 1
3057#vmware_api_retry_count = 10
3058
3059#
3060# Interval in seconds used for polling remote tasks invoked on VMware
3061# ESX/VC server.
3062#
3063# This configuration option takes in the sleep time in seconds for polling an
3064# on-going async task as part of the VMWare ESX/VC server API call.
3065#
3066# Possible Values:
3067# * Any positive integer value
3068#
3069# Related options:
3070# * None
3071#
3072# (integer value)
3073# Minimum value: 1
3074#vmware_task_poll_interval = 5
3075
3076#
3077# The directory where the glance images will be stored in the datastore.
3078#
3079# This configuration option specifies the path to the directory where the
3080# glance images will be stored in the VMware datastore. If this option
3081# is not set, the default directory where the glance images are stored
3082# is openstack_glance.
3083#
3084# Possible Values:
3085# * Any string that is a valid path to a directory
3086#
3087# Related options:
3088# * None
3089#
3090# (string value)
3091#vmware_store_image_dir = /openstack_glance
3092
3093#
3094# Set verification of the ESX/vCenter server certificate.
3095#
3096# This configuration option takes a boolean value to determine
3097# whether or not to verify the ESX/vCenter server certificate. If this
3098# option is set to True, the ESX/vCenter server certificate is not
3099# verified. If this option is set to False, then the default CA
3100# truststore is used for verification.
3101#
3102# This option is ignored if the "vmware_ca_file" option is set. In that
3103# case, the ESX/vCenter server certificate will then be verified using
3104# the file specified using the "vmware_ca_file" option .
3105#
3106# Possible Values:
3107# * True
3108# * False
3109#
3110# Related options:
3111# * vmware_ca_file
3112#
3113# (boolean value)
3114# Deprecated group/name - [glance_store]/vmware_api_insecure
3115#vmware_insecure = false
3116
3117#
3118# Absolute path to the CA bundle file.
3119#
3120# This configuration option enables the operator to use a custom
3121# Cerificate Authority File to verify the ESX/vCenter certificate.
3122#
3123# If this option is set, the "vmware_insecure" option will be ignored
3124# and the CA file specified will be used to authenticate the ESX/vCenter
3125# server certificate and establish a secure connection to the server.
3126#
3127# Possible Values:
3128# * Any string that is a valid absolute path to a CA file
3129#
3130# Related options:
3131# * vmware_insecure
3132#
3133# (string value)
3134#vmware_ca_file = /etc/ssl/certs/ca-certificates.crt
3135
3136#
3137# The datastores where the image can be stored.
3138#
3139# This configuration option specifies the datastores where the image can
3140# be stored in the VMWare store backend. This option may be specified
3141# multiple times for specifying multiple datastores. The datastore name
3142# should be specified after its datacenter path, separated by ":". An
3143# optional weight may be given after the datastore name, separated again
3144# by ":" to specify the priority. Thus, the required format becomes
3145# <datacenter_path>:<datastore_name>:<optional_weight>.
3146#
3147# When adding an image, the datastore with highest weight will be
3148# selected, unless there is not enough free space available in cases
3149# where the image size is already known. If no weight is given, it is
3150# assumed to be zero and the directory will be considered for selection
3151# last. If multiple datastores have the same weight, then the one with
3152# the most free space available is selected.
3153#
3154# Possible Values:
3155# * Any string of the format:
3156# <datacenter_path>:<datastore_name>:<optional_weight>
3157#
3158# Related options:
3159# * None
3160#
3161# (multi valued)
3162#vmware_datastores =
3163
3164
3165[image_format]
3166
3167#
3168# From glance.api
3169#
3170
3171# Supported values for the 'container_format' image attribute (list value)
3172# Deprecated group/name - [DEFAULT]/container_formats
3173#container_formats = ami,ari,aki,bare,ovf,ova,docker
3174
3175# Supported values for the 'disk_format' image attribute (list value)
3176# Deprecated group/name - [DEFAULT]/disk_formats
3177#disk_formats = ami,ari,aki,vhd,vhdx,vmdk,raw,qcow2,vdi,iso
3178
3179stores = file,http
3180default_store = file
3181filesystem_store_datadir = /var/lib/glance/images/
3182
3183[keystone_authtoken]
3184
3185auth_uri = http://controller:5000
3186auth_url = http://controller:35357
3187memcached_servers = controller:11211
3188auth_type = password
3189project_domain_name = default
3190user_domain_name = default
3191project_name = service
3192username = glance
3193password = xa1234
3194
3195[matchmaker_redis]
3196
3197#
3198# From oslo.messaging
3199#
3200
3201# DEPRECATED: Host to locate redis. (string value)
3202# This option is deprecated for removal.
3203# Its value may be silently ignored in the future.
3204# Reason: Replaced by [DEFAULT]/transport_url
3205#host = 127.0.0.1
3206
3207# DEPRECATED: Use this port to connect to redis host. (port value)
3208# Minimum value: 0
3209# Maximum value: 65535
3210# This option is deprecated for removal.
3211# Its value may be silently ignored in the future.
3212# Reason: Replaced by [DEFAULT]/transport_url
3213#port = 6379
3214
3215# DEPRECATED: Password for Redis server (optional). (string value)
3216# This option is deprecated for removal.
3217# Its value may be silently ignored in the future.
3218# Reason: Replaced by [DEFAULT]/transport_url
3219#password =
3220
3221# DEPRECATED: List of Redis Sentinel hosts (fault tolerance mode) e.g.
3222# [host:port, host1:port ... ] (list value)
3223# This option is deprecated for removal.
3224# Its value may be silently ignored in the future.
3225# Reason: Replaced by [DEFAULT]/transport_url
3226#sentinel_hosts =
3227
3228# Redis replica set name. (string value)
3229#sentinel_group_name = oslo-messaging-zeromq
3230
3231# Time in ms to wait between connection attempts. (integer value)
3232#wait_timeout = 2000
3233
3234# Time in ms to wait before the transaction is killed. (integer value)
3235#check_timeout = 20000
3236
3237# Timeout in ms on blocking socket operations (integer value)
3238#socket_timeout = 10000
3239
3240
3241[oslo_concurrency]
3242
3243#
3244# From oslo.concurrency
3245#
3246
3247# Enables or disables inter-process locks. (boolean value)
3248# Deprecated group/name - [DEFAULT]/disable_process_locking
3249#disable_process_locking = false
3250
3251# Directory to use for lock files. For security, the specified directory should
3252# only be writable by the user running the processes that need locking. Defaults
3253# to environment variable OSLO_LOCK_PATH. If external locks are used, a lock
3254# path must be set. (string value)
3255# Deprecated group/name - [DEFAULT]/lock_path
3256#lock_path = <None>
3257
3258
3259[oslo_messaging_amqp]
3260
3261#
3262# From oslo.messaging
3263#
3264
3265# Name for the AMQP container. must be globally unique. Defaults to a generated
3266# UUID (string value)
3267# Deprecated group/name - [amqp1]/container_name
3268#container_name = <None>
3269
3270# Timeout for inactive connections (in seconds) (integer value)
3271# Deprecated group/name - [amqp1]/idle_timeout
3272#idle_timeout = 0
3273
3274# Debug: dump AMQP frames to stdout (boolean value)
3275# Deprecated group/name - [amqp1]/trace
3276#trace = false
3277
3278# CA certificate PEM file to verify server certificate (string value)
3279# Deprecated group/name - [amqp1]/ssl_ca_file
3280#ssl_ca_file =
3281
3282# Identifying certificate PEM file to present to clients (string value)
3283# Deprecated group/name - [amqp1]/ssl_cert_file
3284#ssl_cert_file =
3285
3286# Private key PEM file used to sign cert_file certificate (string value)
3287# Deprecated group/name - [amqp1]/ssl_key_file
3288#ssl_key_file =
3289
3290# Password for decrypting ssl_key_file (if encrypted) (string value)
3291# Deprecated group/name - [amqp1]/ssl_key_password
3292#ssl_key_password = <None>
3293
3294# Accept clients using either SSL or plain TCP (boolean value)
3295# Deprecated group/name - [amqp1]/allow_insecure_clients
3296#allow_insecure_clients = false
3297
3298# Space separated list of acceptable SASL mechanisms (string value)
3299# Deprecated group/name - [amqp1]/sasl_mechanisms
3300#sasl_mechanisms =
3301
3302# Path to directory that contains the SASL configuration (string value)
3303# Deprecated group/name - [amqp1]/sasl_config_dir
3304#sasl_config_dir =
3305
3306# Name of configuration file (without .conf suffix) (string value)
3307# Deprecated group/name - [amqp1]/sasl_config_name
3308#sasl_config_name =
3309
3310# User name for message broker authentication (string value)
3311# Deprecated group/name - [amqp1]/username
3312#username =
3313
3314# Password for message broker authentication (string value)
3315# Deprecated group/name - [amqp1]/password
3316#password =
3317
3318# Seconds to pause before attempting to re-connect. (integer value)
3319# Minimum value: 1
3320#connection_retry_interval = 1
3321
3322# Increase the connection_retry_interval by this many seconds after each
3323# unsuccessful failover attempt. (integer value)
3324# Minimum value: 0
3325#connection_retry_backoff = 2
3326
3327# Maximum limit for connection_retry_interval + connection_retry_backoff
3328# (integer value)
3329# Minimum value: 1
3330#connection_retry_interval_max = 30
3331
3332# Time to pause between re-connecting an AMQP 1.0 link that failed due to a
3333# recoverable error. (integer value)
3334# Minimum value: 1
3335#link_retry_delay = 10
3336
3337# The deadline for an rpc reply message delivery. Only used when caller does not
3338# provide a timeout expiry. (integer value)
3339# Minimum value: 5
3340#default_reply_timeout = 30
3341
3342# The deadline for an rpc cast or call message delivery. Only used when caller
3343# does not provide a timeout expiry. (integer value)
3344# Minimum value: 5
3345#default_send_timeout = 30
3346
3347# The deadline for a sent notification message delivery. Only used when caller
3348# does not provide a timeout expiry. (integer value)
3349# Minimum value: 5
3350#default_notify_timeout = 30
3351
3352# Indicates the addressing mode used by the driver.
3353# Permitted values:
3354# 'legacy' - use legacy non-routable addressing
3355# 'routable' - use routable addresses
3356# 'dynamic' - use legacy addresses if the message bus does not support routing
3357# otherwise use routable addressing (string value)
3358#addressing_mode = dynamic
3359
3360# address prefix used when sending to a specific server (string value)
3361# Deprecated group/name - [amqp1]/server_request_prefix
3362#server_request_prefix = exclusive
3363
3364# address prefix used when broadcasting to all servers (string value)
3365# Deprecated group/name - [amqp1]/broadcast_prefix
3366#broadcast_prefix = broadcast
3367
3368# address prefix when sending to any server in group (string value)
3369# Deprecated group/name - [amqp1]/group_request_prefix
3370#group_request_prefix = unicast
3371
3372# Address prefix for all generated RPC addresses (string value)
3373#rpc_address_prefix = openstack.org/om/rpc
3374
3375# Address prefix for all generated Notification addresses (string value)
3376#notify_address_prefix = openstack.org/om/notify
3377
3378# Appended to the address prefix when sending a fanout message. Used by the
3379# message bus to identify fanout messages. (string value)
3380#multicast_address = multicast
3381
3382# Appended to the address prefix when sending to a particular RPC/Notification
3383# server. Used by the message bus to identify messages sent to a single
3384# destination. (string value)
3385#unicast_address = unicast
3386
3387# Appended to the address prefix when sending to a group of consumers. Used by
3388# the message bus to identify messages that should be delivered in a round-robin
3389# fashion across consumers. (string value)
3390#anycast_address = anycast
3391
3392# Exchange name used in notification addresses.
3393# Exchange name resolution precedence:
3394# Target.exchange if set
3395# else default_notification_exchange if set
3396# else control_exchange if set
3397# else 'notify' (string value)
3398#default_notification_exchange = <None>
3399
3400# Exchange name used in RPC addresses.
3401# Exchange name resolution precedence:
3402# Target.exchange if set
3403# else default_rpc_exchange if set
3404# else control_exchange if set
3405# else 'rpc' (string value)
3406#default_rpc_exchange = <None>
3407
3408# Window size for incoming RPC Reply messages. (integer value)
3409# Minimum value: 1
3410#reply_link_credit = 200
3411
3412# Window size for incoming RPC Request messages (integer value)
3413# Minimum value: 1
3414#rpc_server_credit = 100
3415
3416# Window size for incoming Notification messages (integer value)
3417# Minimum value: 1
3418#notify_server_credit = 100
3419
3420
3421[oslo_messaging_notifications]
3422
3423#
3424# From oslo.messaging
3425#
3426
3427# The Drivers(s) to handle sending notifications. Possible values are messaging,
3428# messagingv2, routing, log, test, noop (multi valued)
3429# Deprecated group/name - [DEFAULT]/notification_driver
3430#driver =
3431
3432# A URL representing the messaging driver to use for notifications. If not set,
3433# we fall back to the same configuration used for RPC. (string value)
3434# Deprecated group/name - [DEFAULT]/notification_transport_url
3435#transport_url = <None>
3436
3437# AMQP topic used for OpenStack notifications. (list value)
3438# Deprecated group/name - [rpc_notifier2]/topics
3439# Deprecated group/name - [DEFAULT]/notification_topics
3440#topics = notifications
3441
3442
3443[oslo_messaging_rabbit]
3444
3445#
3446# From oslo.messaging
3447#
3448
3449# Use durable queues in AMQP. (boolean value)
3450# Deprecated group/name - [DEFAULT]/amqp_durable_queues
3451# Deprecated group/name - [DEFAULT]/rabbit_durable_queues
3452#amqp_durable_queues = false
3453
3454# Auto-delete queues in AMQP. (boolean value)
3455# Deprecated group/name - [DEFAULT]/amqp_auto_delete
3456#amqp_auto_delete = false
3457
3458# SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and
3459# SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some
3460# distributions. (string value)
3461# Deprecated group/name - [DEFAULT]/kombu_ssl_version
3462#kombu_ssl_version =
3463
3464# SSL key file (valid only if SSL enabled). (string value)
3465# Deprecated group/name - [DEFAULT]/kombu_ssl_keyfile
3466#kombu_ssl_keyfile =
3467
3468# SSL cert file (valid only if SSL enabled). (string value)
3469# Deprecated group/name - [DEFAULT]/kombu_ssl_certfile
3470#kombu_ssl_certfile =
3471
3472# SSL certification authority file (valid only if SSL enabled). (string value)
3473# Deprecated group/name - [DEFAULT]/kombu_ssl_ca_certs
3474#kombu_ssl_ca_certs =
3475
3476# How long to wait before reconnecting in response to an AMQP consumer cancel
3477# notification. (floating point value)
3478# Deprecated group/name - [DEFAULT]/kombu_reconnect_delay
3479#kombu_reconnect_delay = 1.0
3480
3481# EXPERIMENTAL: Possible values are: gzip, bz2. If not set compression will not
3482# be used. This option may not be available in future versions. (string value)
3483#kombu_compression = <None>
3484
3485# How long to wait a missing client before abandoning to send it its replies.
3486# This value should not be longer than rpc_response_timeout. (integer value)
3487# Deprecated group/name - [oslo_messaging_rabbit]/kombu_reconnect_timeout
3488#kombu_missing_consumer_retry_timeout = 60
3489
3490# Determines how the next RabbitMQ node is chosen in case the one we are
3491# currently connected to becomes unavailable. Takes effect only if more than one
3492# RabbitMQ node is provided in config. (string value)
3493# Allowed values: round-robin, shuffle
3494#kombu_failover_strategy = round-robin
3495
3496# DEPRECATED: The RabbitMQ broker address where a single node is used. (string
3497# value)
3498# Deprecated group/name - [DEFAULT]/rabbit_host
3499# This option is deprecated for removal.
3500# Its value may be silently ignored in the future.
3501# Reason: Replaced by [DEFAULT]/transport_url
3502#rabbit_host = localhost
3503
3504# DEPRECATED: The RabbitMQ broker port where a single node is used. (port value)
3505# Minimum value: 0
3506# Maximum value: 65535
3507# Deprecated group/name - [DEFAULT]/rabbit_port
3508# This option is deprecated for removal.
3509# Its value may be silently ignored in the future.
3510# Reason: Replaced by [DEFAULT]/transport_url
3511#rabbit_port = 5672
3512
3513# DEPRECATED: RabbitMQ HA cluster host:port pairs. (list value)
3514# Deprecated group/name - [DEFAULT]/rabbit_hosts
3515# This option is deprecated for removal.
3516# Its value may be silently ignored in the future.
3517# Reason: Replaced by [DEFAULT]/transport_url
3518#rabbit_hosts = $rabbit_host:$rabbit_port
3519
3520# Connect over SSL for RabbitMQ. (boolean value)
3521# Deprecated group/name - [DEFAULT]/rabbit_use_ssl
3522#rabbit_use_ssl = false
3523
3524# DEPRECATED: The RabbitMQ userid. (string value)
3525# Deprecated group/name - [DEFAULT]/rabbit_userid
3526# This option is deprecated for removal.
3527# Its value may be silently ignored in the future.
3528# Reason: Replaced by [DEFAULT]/transport_url
3529#rabbit_userid = guest
3530
3531# DEPRECATED: The RabbitMQ password. (string value)
3532# Deprecated group/name - [DEFAULT]/rabbit_password
3533# This option is deprecated for removal.
3534# Its value may be silently ignored in the future.
3535# Reason: Replaced by [DEFAULT]/transport_url
3536#rabbit_password = guest
3537
3538# The RabbitMQ login method. (string value)
3539# Deprecated group/name - [DEFAULT]/rabbit_login_method
3540#rabbit_login_method = AMQPLAIN
3541
3542# DEPRECATED: The RabbitMQ virtual host. (string value)
3543# Deprecated group/name - [DEFAULT]/rabbit_virtual_host
3544# This option is deprecated for removal.
3545# Its value may be silently ignored in the future.
3546# Reason: Replaced by [DEFAULT]/transport_url
3547#rabbit_virtual_host = /
3548
3549# How frequently to retry connecting with RabbitMQ. (integer value)
3550#rabbit_retry_interval = 1
3551
3552# How long to backoff for between retries when connecting to RabbitMQ. (integer
3553# value)
3554# Deprecated group/name - [DEFAULT]/rabbit_retry_backoff
3555#rabbit_retry_backoff = 2
3556
3557# Maximum interval of RabbitMQ connection retries. Default is 30 seconds.
3558# (integer value)
3559#rabbit_interval_max = 30
3560
3561# DEPRECATED: Maximum number of RabbitMQ connection retries. Default is 0
3562# (infinite retry count). (integer value)
3563# Deprecated group/name - [DEFAULT]/rabbit_max_retries
3564# This option is deprecated for removal.
3565# Its value may be silently ignored in the future.
3566#rabbit_max_retries = 0
3567
3568# Try to use HA queues in RabbitMQ (x-ha-policy: all). If you change this
3569# option, you must wipe the RabbitMQ database. In RabbitMQ 3.0, queue mirroring
3570# is no longer controlled by the x-ha-policy argument when declaring a queue. If
3571# you just want to make sure that all queues (except those with auto-generated
3572# names) are mirrored across all nodes, run: "rabbitmqctl set_policy HA
3573# '^(?!amq\.).*' '{"ha-mode": "all"}' " (boolean value)
3574# Deprecated group/name - [DEFAULT]/rabbit_ha_queues
3575#rabbit_ha_queues = false
3576
3577# Positive integer representing duration in seconds for queue TTL (x-expires).
3578# Queues which are unused for the duration of the TTL are automatically deleted.
3579# The parameter affects only reply and fanout queues. (integer value)
3580# Minimum value: 1
3581#rabbit_transient_queues_ttl = 1800
3582
3583# Specifies the number of messages to prefetch. Setting to zero allows unlimited
3584# messages. (integer value)
3585#rabbit_qos_prefetch_count = 0
3586
3587# Number of seconds after which the Rabbit broker is considered down if
3588# heartbeat's keep-alive fails (0 disable the heartbeat). EXPERIMENTAL (integer
3589# value)
3590#heartbeat_timeout_threshold = 60
3591
3592# How often times during the heartbeat_timeout_threshold we check the heartbeat.
3593# (integer value)
3594#heartbeat_rate = 2
3595
3596# Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake (boolean value)
3597# Deprecated group/name - [DEFAULT]/fake_rabbit
3598#fake_rabbit = false
3599
3600# Maximum number of channels to allow (integer value)
3601#channel_max = <None>
3602
3603# The maximum byte size for an AMQP frame (integer value)
3604#frame_max = <None>
3605
3606# How often to send heartbeats for consumer's connections (integer value)
3607#heartbeat_interval = 3
3608
3609# Enable SSL (boolean value)
3610#ssl = <None>
3611
3612# Arguments passed to ssl.wrap_socket (dict value)
3613#ssl_options = <None>
3614
3615# Set socket timeout in seconds for connection's socket (floating point value)
3616#socket_timeout = 0.25
3617
3618# Set TCP_USER_TIMEOUT in seconds for connection's socket (floating point value)
3619#tcp_user_timeout = 0.25
3620
3621# Set delay for reconnection to some host which has connection error (floating
3622# point value)
3623#host_connection_reconnect_delay = 0.25
3624
3625# Connection factory implementation (string value)
3626# Allowed values: new, single, read_write
3627#connection_factory = single
3628
3629# Maximum number of connections to keep queued. (integer value)
3630#pool_max_size = 30
3631
3632# Maximum number of connections to create above `pool_max_size`. (integer value)
3633#pool_max_overflow = 0
3634
3635# Default number of seconds to wait for a connections to available (integer
3636# value)
3637#pool_timeout = 30
3638
3639# Lifetime of a connection (since creation) in seconds or None for no recycling.
3640# Expired connections are closed on acquire. (integer value)
3641#pool_recycle = 600
3642
3643# Threshold at which inactive (since release) connections are considered stale
3644# in seconds or None for no staleness. Stale connections are closed on acquire.
3645# (integer value)
3646#pool_stale = 60
3647
3648# Persist notification messages. (boolean value)
3649#notification_persistence = false
3650
3651# Exchange name for sending notifications (string value)
3652#default_notification_exchange = ${control_exchange}_notification
3653
3654# Max number of not acknowledged message which RabbitMQ can send to notification
3655# listener. (integer value)
3656#notification_listener_prefetch_count = 100
3657
3658# Reconnecting retry count in case of connectivity problem during sending
3659# notification, -1 means infinite retry. (integer value)
3660#default_notification_retry_attempts = -1
3661
3662# Reconnecting retry delay in case of connectivity problem during sending
3663# notification message (floating point value)
3664#notification_retry_delay = 0.25
3665
3666# Time to live for rpc queues without consumers in seconds. (integer value)
3667#rpc_queue_expiration = 60
3668
3669# Exchange name for sending RPC messages (string value)
3670#default_rpc_exchange = ${control_exchange}_rpc
3671
3672# Exchange name for receiving RPC replies (string value)
3673#rpc_reply_exchange = ${control_exchange}_rpc_reply
3674
3675# Max number of not acknowledged message which RabbitMQ can send to rpc
3676# listener. (integer value)
3677#rpc_listener_prefetch_count = 100
3678
3679# Max number of not acknowledged message which RabbitMQ can send to rpc reply
3680# listener. (integer value)
3681#rpc_reply_listener_prefetch_count = 100
3682
3683# Reconnecting retry count in case of connectivity problem during sending reply.
3684# -1 means infinite retry during rpc_timeout (integer value)
3685#rpc_reply_retry_attempts = -1
3686
3687# Reconnecting retry delay in case of connectivity problem during sending reply.
3688# (floating point value)
3689#rpc_reply_retry_delay = 0.25
3690
3691# Reconnecting retry count in case of connectivity problem during sending RPC
3692# message, -1 means infinite retry. If actual retry attempts in not 0 the rpc
3693# request could be processed more then one time (integer value)
3694#default_rpc_retry_attempts = -1
3695
3696# Reconnecting retry delay in case of connectivity problem during sending RPC
3697# message (floating point value)
3698#rpc_retry_delay = 0.25
3699
3700
3701[oslo_messaging_zmq]
3702
3703#
3704# From oslo.messaging
3705#
3706
3707# ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP.
3708# The "host" option should point or resolve to this address. (string value)
3709# Deprecated group/name - [DEFAULT]/rpc_zmq_bind_address
3710#rpc_zmq_bind_address = *
3711
3712# MatchMaker driver. (string value)
3713# Allowed values: redis, dummy
3714# Deprecated group/name - [DEFAULT]/rpc_zmq_matchmaker
3715#rpc_zmq_matchmaker = redis
3716
3717# Number of ZeroMQ contexts, defaults to 1. (integer value)
3718# Deprecated group/name - [DEFAULT]/rpc_zmq_contexts
3719#rpc_zmq_contexts = 1
3720
3721# Maximum number of ingress messages to locally buffer per topic. Default is
3722# unlimited. (integer value)
3723# Deprecated group/name - [DEFAULT]/rpc_zmq_topic_backlog
3724#rpc_zmq_topic_backlog = <None>
3725
3726# Directory for holding IPC sockets. (string value)
3727# Deprecated group/name - [DEFAULT]/rpc_zmq_ipc_dir
3728#rpc_zmq_ipc_dir = /var/run/openstack
3729
3730# Name of this node. Must be a valid hostname, FQDN, or IP address. Must match
3731# "host" option, if running Nova. (string value)
3732# Deprecated group/name - [DEFAULT]/rpc_zmq_host
3733#rpc_zmq_host = localhost
3734
3735# Seconds to wait before a cast expires (TTL). The default value of -1 specifies
3736# an infinite linger period. The value of 0 specifies no linger period. Pending
3737# messages shall be discarded immediately when the socket is closed. Only
3738# supported by impl_zmq. (integer value)
3739# Deprecated group/name - [DEFAULT]/rpc_cast_timeout
3740#rpc_cast_timeout = -1
3741
3742# The default number of seconds that poll should wait. Poll raises timeout
3743# exception when timeout expired. (integer value)
3744# Deprecated group/name - [DEFAULT]/rpc_poll_timeout
3745#rpc_poll_timeout = 1
3746
3747# Expiration timeout in seconds of a name service record about existing target (
3748# < 0 means no timeout). (integer value)
3749# Deprecated group/name - [DEFAULT]/zmq_target_expire
3750#zmq_target_expire = 300
3751
3752# Update period in seconds of a name service record about existing target.
3753# (integer value)
3754# Deprecated group/name - [DEFAULT]/zmq_target_update
3755#zmq_target_update = 180
3756
3757# Use PUB/SUB pattern for fanout methods. PUB/SUB always uses proxy. (boolean
3758# value)
3759# Deprecated group/name - [DEFAULT]/use_pub_sub
3760#use_pub_sub = true
3761
3762# Use ROUTER remote proxy. (boolean value)
3763# Deprecated group/name - [DEFAULT]/use_router_proxy
3764#use_router_proxy = true
3765
3766# Minimal port number for random ports range. (port value)
3767# Minimum value: 0
3768# Maximum value: 65535
3769# Deprecated group/name - [DEFAULT]/rpc_zmq_min_port
3770#rpc_zmq_min_port = 49153
3771
3772# Maximal port number for random ports range. (integer value)
3773# Minimum value: 1
3774# Maximum value: 65536
3775# Deprecated group/name - [DEFAULT]/rpc_zmq_max_port
3776#rpc_zmq_max_port = 65536
3777
3778# Number of retries to find free port number before fail with ZMQBindError.
3779# (integer value)
3780# Deprecated group/name - [DEFAULT]/rpc_zmq_bind_port_retries
3781#rpc_zmq_bind_port_retries = 100
3782
3783# Default serialization mechanism for serializing/deserializing
3784# outgoing/incoming messages (string value)
3785# Allowed values: json, msgpack
3786# Deprecated group/name - [DEFAULT]/rpc_zmq_serialization
3787#rpc_zmq_serialization = json
3788
3789# This option configures round-robin mode in zmq socket. True means not keeping
3790# a queue when server side disconnects. False means to keep queue and messages
3791# even if server is disconnected, when the server appears we send all
3792# accumulated messages to it. (boolean value)
3793#zmq_immediate = false
3794
3795
3796[oslo_middleware]
3797
3798#
3799# From oslo.middleware.http_proxy_to_wsgi
3800#
3801
3802# Whether the application is behind a proxy or not. This determines if the
3803# middleware should parse the headers or not. (boolean value)
3804#enable_proxy_headers_parsing = false
3805
3806
3807[oslo_policy]
3808
3809#
3810# From oslo.policy
3811#
3812
3813# The JSON file that defines policies. (string value)
3814# Deprecated group/name - [DEFAULT]/policy_file
3815#policy_file = policy.json
3816
3817# Default rule. Enforced when a requested rule is not found. (string value)
3818# Deprecated group/name - [DEFAULT]/policy_default_rule
3819#policy_default_rule = default
3820
3821# Directories where policy configuration files are stored. They can be relative
3822# to any directory in the search path defined by the config_dir option, or
3823# absolute paths. The file defined by policy_file must exist for these
3824# directories to be searched. Missing or empty directories are ignored. (multi
3825# valued)
3826# Deprecated group/name - [DEFAULT]/policy_dirs
3827#policy_dirs = policy.d
3828
3829
3830[paste_deploy]
3831
3832#
3833# From glance.api
3834#
3835
3836#
3837# Deployment flavor to use in the server application pipeline.
3838#
3839# Provide a string value representing the appropriate deployment
3840# flavor used in the server application pipleline. This is typically
3841# the partial name of a pipeline in the paste configuration file with
3842# the service name removed.
3843#
3844# For example, if your paste section name in the paste configuration
3845# file is [pipeline:glance-api-keystone], set ``flavor`` to
3846# ``keystone``.
3847#
3848# Possible values:
3849# * String value representing a partial pipeline name.
3850#
3851# Related Options:
3852# * config_file
3853#
3854# (string value)
3855#flavor = keystone
3856
3857#
3858# Name of the paste configuration file.
3859#
3860# Provide a string value representing the name of the paste
3861# configuration file to use for configuring piplelines for
3862# server application deployments.
3863#
3864# NOTES:
3865# * Provide the name or the path relative to the glance directory
3866# for the paste configuration file and not the absolute path.
3867# * The sample paste configuration file shipped with Glance need
3868# not be edited in most cases as it comes with ready-made
3869# pipelines for all common deployment flavors.
3870#
3871# If no value is specified for this option, the ``paste.ini`` file
3872# with the prefix of the corresponding Glance service's configuration
3873# file name will be searched for in the known configuration
3874# directories. (For example, if this option is missing from or has no
3875# value set in ``glance-api.conf``, the service will look for a file
3876# named ``glance-api-paste.ini``.) If the paste configuration file is
3877# not found, the service will not start.
3878#
3879# Possible values:
3880# * A string value representing the name of the paste configuration
3881# file.
3882#
3883# Related Options:
3884# * flavor
3885#
3886# (string value)
3887#config_file = glance-api-paste.ini
3888
3889flavor = keystone
3890
3891[profiler]
3892
3893#
3894# From glance.api
3895#
3896
3897#
3898# Enables the profiling for all services on this node. Default value is False
3899# (fully disable the profiling feature).
3900#
3901# Possible values:
3902#
3903# * True: Enables the feature
3904# * False: Disables the feature. The profiling cannot be started via this
3905# project
3906# operations. If the profiling is triggered by another project, this project
3907# part
3908# will be empty.
3909# (boolean value)
3910# Deprecated group/name - [profiler]/profiler_enabled
3911#enabled = false
3912
3913#
3914# Enables SQL requests profiling in services. Default value is False (SQL
3915# requests won't be traced).
3916#
3917# Possible values:
3918#
3919# * True: Enables SQL requests profiling. Each SQL query will be part of the
3920# trace and can the be analyzed by how much time was spent for that.
3921# * False: Disables SQL requests profiling. The spent time is only shown on a
3922# higher level of operations. Single SQL queries cannot be analyzed this
3923# way.
3924# (boolean value)
3925#trace_sqlalchemy = false
3926
3927#
3928# Secret key(s) to use for encrypting context data for performance profiling.
3929# This string value should have the following format: <key1>[,<key2>,...<keyn>],
3930# where each key is some random string. A user who triggers the profiling via
3931# the REST API has to set one of these keys in the headers of the REST API call
3932# to include profiling results of this node for this particular project.
3933#
3934# Both "enabled" flag and "hmac_keys" config options should be set to enable
3935# profiling. Also, to generate correct profiling information across all services
3936# at least one key needs to be consistent between OpenStack projects. This
3937# ensures it can be used from client side to generate the trace, containing
3938# information from all possible resources. (string value)
3939#hmac_keys = SECRET_KEY
3940
3941#
3942# Connection string for a notifier backend. Default value is messaging:// which
3943# sets the notifier to oslo_messaging.
3944#
3945# Examples of possible values:
3946#
3947# * messaging://: use oslo_messaging driver for sending notifications.
3948# (string value)
3949#connection_string = messaging://
3950
3951
3952[store_type_location_strategy]
3953
3954#
3955# From glance.api
3956#
3957
3958#
3959# Preference order of storage backends.
3960#
3961# Provide a comma separated list of store names in the order in
3962# which images should be retrieved from storage backends.
3963# These store names must be registered with the ``stores``
3964# configuration option.
3965#
3966# NOTE: The ``store_type_preference`` configuration option is applied
3967# only if ``store_type`` is chosen as a value for the
3968# ``location_strategy`` configuration option. An empty list will not
3969# change the location order.
3970#
3971# Possible values:
3972# * Empty list
3973# * Comma separated list of registered store names. Legal values are:
3974# * file
3975# * http
3976# * rbd
3977# * swift
3978# * sheepdog
3979# * cinder
3980# * vmware
3981#
3982# Related options:
3983# * location_strategy
3984# * stores
3985#
3986# (list value)
3987#store_type_preference =
3988
3989
3990[task]
3991
3992#
3993# From glance.api
3994#
3995
3996# Time in hours for which a task lives after, either succeeding or failing
3997# (integer value)
3998# Deprecated group/name - [DEFAULT]/task_time_to_live
3999#task_time_to_live = 48
4000
4001#
4002# Task executor to be used to run task scripts.
4003#
4004# Provide a string value representing the executor to use for task
4005# executions. By default, ``TaskFlow`` executor is used.
4006#
4007# ``TaskFlow`` helps make task executions easy, consistent, scalable
4008# and reliable. It also enables creation of lightweight task objects
4009# and/or functions that are combined together into flows in a
4010# declarative manner.
4011#
4012# Possible values:
4013# * taskflow
4014#
4015# Related Options:
4016# * None
4017#
4018# (string value)
4019#task_executor = taskflow
4020
4021#
4022# Absolute path to the work directory to use for asynchronous
4023# task operations.
4024#
4025# The directory set here will be used to operate over images -
4026# normally before they are imported in the destination store.
4027#
4028# NOTE: When providing a value for ``work_dir``, please make sure
4029# that enough space is provided for concurrent tasks to run
4030# efficiently without running out of space.
4031#
4032# A rough estimation can be done by multiplying the number of
4033# ``max_workers`` with an average image size (e.g 500MB). The image
4034# size estimation should be done based on the average size in your
4035# deployment. Note that depending on the tasks running you may need
4036# to multiply this number by some factor depending on what the task
4037# does. For example, you may want to double the available size if
4038# image conversion is enabled. All this being said, remember these
4039# are just estimations and you should do them based on the worst
4040# case scenario and be prepared to act in case they were wrong.
4041#
4042# Possible values:
4043# * String value representing the absolute path to the working
4044# directory
4045#
4046# Related Options:
4047# * None
4048#
4049# (string value)
4050#work_dir = /work_dir
4051
4052
4053[taskflow_executor]
4054
4055#
4056# From glance.api
4057#
4058
4059#
4060# Set the taskflow engine mode.
4061#
4062# Provide a string type value to set the mode in which the taskflow
4063# engine would schedule tasks to the workers on the hosts. Based on
4064# this mode, the engine executes tasks either in single or multiple
4065# threads. The possible values for this configuration option are:
4066# ``serial`` and ``parallel``. When set to ``serial``, the engine runs
4067# all the tasks in a single thread which results in serial execution
4068# of tasks. Setting this to ``parallel`` makes the engine run tasks in
4069# multiple threads. This results in parallel execution of tasks.
4070#
4071# Possible values:
4072# * serial
4073# * parallel
4074#
4075# Related options:
4076# * max_workers
4077#
4078# (string value)
4079# Allowed values: serial, parallel
4080#engine_mode = parallel
4081
4082#
4083# Set the number of engine executable tasks.
4084#
4085# Provide an integer value to limit the number of workers that can be
4086# instantiated on the hosts. In other words, this number defines the
4087# number of parallel tasks that can be executed at the same time by
4088# the taskflow engine. This value can be greater than one when the
4089# engine mode is set to parallel.
4090#
4091# Possible values:
4092# * Integer value greater than or equal to 1
4093#
4094# Related options:
4095# * engine_mode
4096#
4097# (integer value)
4098# Minimum value: 1
4099# Deprecated group/name - [task]/eventlet_executor_pool_size
4100#max_workers = 10
4101
4102#
4103# Set the desired image conversion format.
4104#
4105# Provide a valid image format to which you want images to be
4106# converted before they are stored for consumption by Glance.
4107# Appropriate image format conversions are desirable for specific
4108# storage backends in order to facilitate efficient handling of
4109# bandwidth and usage of the storage infrastructure.
4110#
4111# By default, ``conversion_format`` is not set and must be set
4112# explicitly in the configuration file.
4113#
4114# The allowed values for this option are ``raw``, ``qcow2`` and
4115# ``vmdk``. The ``raw`` format is the unstructured disk format and
4116# should be chosen when RBD or Ceph storage backends are used for
4117# image storage. ``qcow2`` is supported by the QEMU emulator that
4118# expands dynamically and supports Copy on Write. The ``vmdk`` is
4119# another common disk format supported by many common virtual machine
4120# monitors like VMWare Workstation.
4121#
4122# Possible values:
4123# * qcow2
4124# * raw
4125# * vmdk
4126#
4127# Related options:
4128# * disk_formats
4129#
4130# (string value)
4131# Allowed values: qcow2, raw, vmdk
4132#conversion_format = raw