<%= node["openstack"]["image"]["custom_template_banner"] %> [DEFAULT] # Show more verbose log output (sets INFO log level output) verbose = <%= node["openstack"]["image"]["verbose"] %> # Show debugging output in logs (sets DEBUG log level output) debug = <%= node["openstack"]["image"]["debug"] %> # Which backend store should Glance use by default is not specified # in a request to add a new image to Glance? Default: 'file' # Available choices are 'file', 'swift', and 's3' default_store = <%= node["openstack"]["image"]["api"]["default_store"] %> # Address to bind the API server bind_host = <%= @api_bind_address %> # Port the bind the API server to bind_port = <%= @api_bind_port %> # Backlog requests when creating socket backlog = 4096 # Number of Glance API worker processes to start. # On machines with more than one CPU increasing this value # may improve performance (especially if using SSL with # compression turned on). It is typically recommended to set # this value to the number of CPUs present on your machine. workers = <%= node["cpu"]["total"] %> # SQLAlchemy connection string for the reference implementation # registry server. Any valid SQLAlchemy connection string is fine. # See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine sql_connection = <%= @sql_connection %> # Role used to identify an authenticated user as administrator #admin_role = admin # ================= Syslog Options ============================ <% if node["openstack"]["image"]["syslog"]["use"] %> log_config = /etc/openstack/logging.conf <% else %> # Log to this file. Make sure you do not set the same log # file for both the API and registry servers! log_file = /var/log/glance/api.log <% end %> # ================= SSL Options =============================== # Certificate file to use when starting API server securely # cert_file = /path/to/certfile # Private key file to use when starting API server securely # key_file = /path/to/keyfile # ================= Security Options ========================== # AES key for encrypting store 'location' metadata, including # -- if used -- Swift or S3 credentials # Should be set to a random string of length 16, 24 or 32 bytes # metadata_encryption_key = <16, 24 or 32 char registry metadata key> # ============ Registry Options =============================== # Address to find the registry server registry_host = <%= @registry_ip_address %> # Port the registry server is listening on registry_port = <%= @registry_port %> # What protocol to use when connecting to the registry server? # Set to https for secure HTTP communication registry_client_protocol = http # The path to the key file to use in SSL connections to the # registry server, if any. Alternately, you may set the # GLANCE_CLIENT_KEY_FILE environ variable to a filepath of the key file # registry_client_key_file = /path/to/key/file # The path to the cert file to use in SSL connections to the # registry server, if any. Alternately, you may set the # GLANCE_CLIENT_CERT_FILE environ variable to a filepath of the cert file # registry_client_cert_file = /path/to/cert/file # The path to the certifying authority cert file to use in SSL connections # to the registry server, if any. Alternately, you may set the # GLANCE_CLIENT_CA_FILE environ variable to a filepath of the CA cert file # registry_client_ca_file = /path/to/ca/file # ============ Notification System Options ===================== # Notifications can be sent when images are create, updated or deleted. # There are three methods of sending notifications, logging (via the # log_file directive), rabbit (via a rabbitmq queue), qpid (via a Qpid # message queue), or noop (no notifications sent, the default) notifier_strategy = <%= node["openstack"]["image"]["mq"]["notifier_strategy"] %> <% if node["openstack"]["image"]["mq"]["service_type"] == "rabbitmq" %> #### RABBITMQ ##### rabbit_host = localhost rabbit_port = 5672 rabbit_use_ssl = false rabbit_userid = guest rabbit_password = guest rabbit_virtual_host = / rabbit_notification_exchange = glance rabbit_notification_topic = glance_notifications <% end %> <% if node["openstack"]["image"]["mq"]["service_type"] == "qpid" %> ##### QPID ##### rpc_backend=nova.openstack.common.rpc.impl_qpid qpid_notification_exchange = glance qpid_notification_topic = glance_notifications qpid_hostname=<%= node["openstack"]["image"]["mq"]["qpid"]["host"] %> qpid_port=<%= node["openstack"]["image"]["mq"]["qpid"]["port"] %> qpid_password=<%= node["openstack"]["image"]["mq"]["qpid"]["password"] %> qpid_username=<%= node["openstack"]["image"]["mq"]["qpid"]["username"] %> qpid_sasl_mechanisms=<%= node["openstack"]["image"]["mq"]["qpid"]["sasl_mechanisms"] %> qpid_reconnect=<%= node["openstack"]["image"]["mq"]["qpid"]["reconnect"] %> qpid_reconnect_timeout=<%= node["openstack"]["image"]["mq"]["qpid"]["reconnect_timeout"] %> qpid_reconnect_limit=<%= node["openstack"]["image"]["mq"]["qpid"]["reconnect_limit"] %> qpid_reconnect_interval_min=<%= node["openstack"]["image"]["mq"]["qpid"]["reconnect_interval_min"] %> qpid_reconnect_interval_max=<%= node["openstack"]["image"]["mq"]["qpid"]["reconnect_interval_max"] %> qpid_reconnect_interval=<%= node["openstack"]["image"]["mq"]["qpid"]["reconnect_interval"] %> qpid_heartbeat=<%= node["openstack"]["image"]["mq"]["qpid"]["heartbeat"] %> # qpid protocol. default 'tcp'. set to 'ssl' to enable SSL qpid_protocol=<%= node["openstack"]["image"]["mq"]["qpid"]["protocol"] %> qpid_tcp_nodelay=<%= node["openstack"]["image"]["mq"]["qpid"]["tcp_nodelay"] %> <% end %> # ============ Filesystem Store Options ======================== # Directory that the Filesystem backend store # writes image data to filesystem_store_datadir = <%= node["openstack"]["image"]["filesystem_store_datadir"] %> # ============ Swift Store Options ============================= # Address where the Swift authentication service lives # Valid schemes are 'http://' and 'https://' # If no scheme specified, default to 'https://' swift_store_auth_address = <%= @swift_store_auth_address %> # Authentication version to use. Current Rackspace CloudFiles supports # Version 1 while swift backed with keystone supports Version 2. swift_store_auth_version = <%= @swift_store_auth_version %> # User to authenticate against the Swift authentication service # If you use Swift authentication service, set it to 'account':'user' # where 'account' is a Swift storage account and 'user' # is a user in that account swift_store_user = <%= @swift_user_tenant %>:<%= @swift_store_user %> # Auth key for the user authenticating against the # Swift authentication service swift_store_key = <%= @swift_store_key %> # Container within the account that the account should use # for storing images in Swift swift_store_container = <%= node["openstack"]["image"]["api"]["swift"]["container"] %> # Do we create the container if it does not exist? swift_store_create_container_on_put = True # What size, in MB, should Glance start chunking image files # and do a large object manifest in Swift? By default, this is # the maximum object size in Swift, which is 5GB swift_store_large_object_size = <%= node["openstack"]["image"]["api"]["swift"]["large_object_size"] %> # When doing a large object manifest, what size, in MB, should # Glance write chunks to Swift? This amount of data is written # to a temporary disk buffer during the process of chunking # the image file, and the default is 200MB swift_store_large_object_chunk_size = <%= node["openstack"]["image"]["api"]["swift"]["large_object_chunk_size"] %> # Whether to use ServiceNET to communicate with the Swift storage servers. # (If you aren't RACKSPACE, leave this False!) # # To use ServiceNET for authentication, prefix hostname of # `swift_store_auth_address` with 'snet-'. # Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/ swift_enable_snet = False # ============ S3 Store Options ============================= # Address where the S3 authentication service lives # Valid schemes are 'http://' and 'https://' # If no scheme specified, default to 'http://' s3_store_host = 127.0.0.1:8080/v1.0/ # User to authenticate against the S3 authentication service s3_store_access_key = <20-char AWS access key> # Auth key for the user authenticating against the # S3 authentication service s3_store_secret_key = <40-char AWS secret key> # Container within the account that the account should use # for storing images in S3. Note that S3 has a flat namespace, # so you need a unique bucket name for your glance images. An # easy way to do this is append your AWS access key to "glance". # S3 buckets in AWS *must* be lowercased, so remember to lowercase # your AWS access key if you use it in your bucket name below! s3_store_bucket = glance # Do we create the bucket if it does not exist? s3_store_create_bucket_on_put = False # When sending images to S3, the data will first be written to a # temporary buffer on disk. By default the platform's temporary directory # will be used. If required, an alternative directory can be specified here. # s3_store_object_buffer_dir = /path/to/dir # ============ RBD Store Options ============================= # Ceph configuration file path # If using cephx authentication, this file should # include a reference to the right keyring # in a client. section rbd_store_ceph_conf = <%= node["openstack"]["image"]["api"]["rbd"]["rbd_store_ceph_conf"] %> # RADOS user to authenticate as (only applicable if using cephx) rbd_store_user = <%= node["openstack"]["image"]["api"]["rbd"]["rbd_store_user"] %> # RADOS pool in which images are stored rbd_store_pool = <%= node["openstack"]["image"]["api"]["rbd"]["rbd_store_pool"] %> # Images will be chunked into objects of this size (in megabytes). # For best performance, this should be a power of two rbd_store_chunk_size = <%= node["openstack"]["image"]["api"]["rbd"]["rbd_store_chunk_size"] %> # ============ Delayed Delete Options ============================= # Turn on/off delayed delete delayed_delete = False # Delayed delete time in seconds scrub_time = 43200 # Directory that the scrubber will use to remind itself of what to delete # Make sure this is also set in glance-scrubber.conf scrubber_datadir = /var/lib/glance/scrubber # =============== Image Cache Options ============================= # Base directory that the Image Cache uses image_cache_dir = /var/lib/glance/image-cache/ [keystone_authtoken] auth_uri = <%= @auth_uri %> auth_host = <%= @identity_admin_endpoint.host %> auth_port = <%= @identity_admin_endpoint.port %> auth_protocol = <%= @identity_admin_endpoint.scheme %> <% if node["openstack"]["image"]["api"]["auth"]["version"] != "v2.0" %> auth_version = <%= node["openstack"]["image"]["api"]["auth"]["version"] %> <% end %> admin_tenant_name = <%= node["openstack"]["image"]["service_tenant_name"] %> admin_user = <%= node["openstack"]["image"]["service_user"] %> admin_password = <%= @service_pass %> signing_dir = <%= node["openstack"]["image"]["api"]["auth"]["cache_dir"] %> [paste_deploy] # Partial name of a pipeline in your paste configuration file with the # service name removed. For example, if your paste section name is # [pipeline:glance-api-keystone], you would configure the flavor below # as 'keystone'. flavor = <%= @glance_flavor %>