363 lines
13 KiB
Plaintext
363 lines
13 KiB
Plaintext
<%= node["openstack"]["image"]["custom_template_banner"] %>
|
|
|
|
[DEFAULT]
|
|
# Show more verbose log output (sets INFO log level output)
|
|
#verbose = False
|
|
verbose = <%= node["openstack"]["image"]["verbose"] %>
|
|
|
|
# Show debugging output in logs (sets DEBUG log level output)
|
|
#debug = False
|
|
debug = <%= node["openstack"]["image"]["debug"] %>
|
|
|
|
# Address to bind the registry server
|
|
#bind_host = 0.0.0.0
|
|
bind_host = <%= @registry_bind_address %>
|
|
|
|
# Port the bind the registry server to
|
|
#bind_port = 9191
|
|
bind_port = <%= @registry_bind_port %>
|
|
|
|
# Log to this file. Make sure you do not set the same log file for both the API
|
|
# and registry servers!
|
|
#
|
|
# If `log_file` is omitted and `use_syslog` is false, then log messages are
|
|
# sent to stdout as a fallback.
|
|
log_file = /var/log/glance/registry.log
|
|
|
|
# Backlog requests when creating socket
|
|
backlog = 4096
|
|
|
|
# TCP_KEEPIDLE value in seconds when creating socket.
|
|
# Not supported on OS X.
|
|
#tcp_keepidle = 600
|
|
|
|
# API to use for accessing data. Default value points to sqlalchemy
|
|
# package.
|
|
#data_api = glance.db.sqlalchemy.api
|
|
data_api = <%= node["openstack"]["image"]["data_api"] %>
|
|
|
|
# The number of child process workers that will be
|
|
# created to service Registry requests. The default will be
|
|
# equal to the number of CPUs available. (integer value)
|
|
#workers = None
|
|
workers = <%= node["openstack"]["image"]["registry"]["workers"] %>
|
|
|
|
# Enable Registry API versions individually or simultaneously
|
|
#enable_v1_registry = True
|
|
#enable_v2_registry = True
|
|
|
|
# Limit the api to return `param_limit_max` items in a call to a container. If
|
|
# a larger `limit` query param is provided, it will be reduced to this value.
|
|
api_limit_max = 1000
|
|
|
|
# If a `limit` query param is not provided in an api request, it will
|
|
# default to `limit_param_default`
|
|
limit_param_default = 25
|
|
|
|
# Role used to identify an authenticated user as administrator
|
|
#admin_role = admin
|
|
|
|
# Whether to automatically create the database tables.
|
|
# Default: False
|
|
#db_auto_create = False
|
|
|
|
# Enable DEBUG log messages from sqlalchemy which prints every database
|
|
# query and response.
|
|
# Default: False
|
|
#sqlalchemy_debug = True
|
|
|
|
# ================= Syslog Options ============================
|
|
|
|
# Send logs to syslog (/dev/log) instead of to file specified
|
|
# by `log_file`
|
|
#use_syslog = False
|
|
|
|
# Facility to use. If unset defaults to LOG_USER.
|
|
#syslog_log_facility = LOG_LOCAL1
|
|
|
|
<% if node["openstack"]["image"]["syslog"]["use"] %>
|
|
log_config = /etc/openstack/logging.conf
|
|
<% else %>
|
|
# Log to this file. Make sure you do not set the same log
|
|
# file for both the API and registry servers!
|
|
log_file = /var/log/glance/registry.log
|
|
<% end %>
|
|
|
|
# ================= SSL Options ===============================
|
|
|
|
<% if node['openstack']['image']['ssl']['enabled'] -%>
|
|
# Certificate file to use when starting registry server securely
|
|
cert_file = <%= node['openstack']['image']['ssl']['cert_file'] %>
|
|
|
|
# Private key file to use when starting registry server securely
|
|
key_file = <%= node['openstack']['image']['ssl']['key_file'] %>
|
|
|
|
<% if node['openstack']['image']['ssl']['cert_required'] -%>
|
|
# CA certificate file to use to verify connecting clients
|
|
ca_file = <%= node['openstack']['image']['ssl']['ca_file'] %>
|
|
<% end -%>
|
|
<% end -%>
|
|
# ============ Notification System Options =====================
|
|
|
|
# Driver or drivers to handle sending notifications. Set to
|
|
# 'messaging' to send notifications to a message queue.
|
|
# notification_driver = noop
|
|
notifier_strategy=<%= node["openstack"]["mq"]["image"]["notifier_strategy"] %>
|
|
notification_driver=<%= @notification_driver %>
|
|
|
|
<% if @notification_driver == "messaging" %>
|
|
# Default publisher_id for outgoing notifications.
|
|
# default_publisher_id = image.localhost
|
|
|
|
# Messaging driver used for 'messaging' notifications driver
|
|
#rpc_backend=rabbit
|
|
rpc_backend=<%= node["openstack"]["image"]["rpc_backend"] %>
|
|
|
|
# Size of RPC greenthread pool. (integer value)
|
|
#rpc_thread_pool_size=64
|
|
rpc_thread_pool_size=<%= node["openstack"]["image"]["rpc_thread_pool_size"] %>
|
|
|
|
# Seconds to wait for a response from a call. (integer value)
|
|
#rpc_response_timeout=60
|
|
rpc_response_timeout=<%= node["openstack"]["image"]["rpc_response_timeout"] %>
|
|
|
|
|
|
# The default exchange under which topics are scoped. May be
|
|
# overridden by an exchange name specified in the
|
|
# transport_url option. (string value)
|
|
#control_exchange=openstack
|
|
control_exchange=<%= node["openstack"]["image"]["control_exchange"] %>
|
|
|
|
<% end %>
|
|
|
|
# ================= Database Options ==========================
|
|
|
|
[database]
|
|
# The file name to use with SQLite (string value)
|
|
#sqlite_db = glance.sqlite
|
|
|
|
# If True, SQLite uses synchronous mode (boolean value)
|
|
#sqlite_synchronous = True
|
|
|
|
# The backend to use for db (string value)
|
|
# Deprecated group/name - [DEFAULT]/db_backend
|
|
#backend = sqlalchemy
|
|
|
|
# The SQLAlchemy connection string used to connect to the
|
|
# database (string value)
|
|
# Deprecated group/name - [DEFAULT]/sql_connection
|
|
# Deprecated group/name - [DATABASE]/sql_connection
|
|
# Deprecated group/name - [sql]/connection
|
|
#connection = <None>
|
|
connection = <%= @sql_connection %>
|
|
|
|
# The SQL mode to be used for MySQL sessions. This option,
|
|
# including the default, overrides any server-set SQL mode. To
|
|
# use whatever SQL mode is set by the server configuration,
|
|
# set this to no value. Example: mysql_sql_mode= (string
|
|
# value)
|
|
#mysql_sql_mode = TRADITIONAL
|
|
|
|
# Timeout before idle sql connections are reaped (integer
|
|
# value)
|
|
# Deprecated group/name - [DEFAULT]/sql_idle_timeout
|
|
# Deprecated group/name - [DATABASE]/sql_idle_timeout
|
|
# Deprecated group/name - [sql]/idle_timeout
|
|
#idle_timeout = 3600
|
|
|
|
# Minimum number of SQL connections to keep open in a pool
|
|
# (integer value)
|
|
# Deprecated group/name - [DEFAULT]/sql_min_pool_size
|
|
# Deprecated group/name - [DATABASE]/sql_min_pool_size
|
|
#min_pool_size = 1
|
|
|
|
# Maximum number of SQL connections to keep open in a pool
|
|
# (integer value)
|
|
# Deprecated group/name - [DEFAULT]/sql_max_pool_size
|
|
# Deprecated group/name - [DATABASE]/sql_max_pool_size
|
|
#max_pool_size = <None>
|
|
|
|
# Maximum db connection retries during startup. (setting -1
|
|
# implies an infinite retry count) (integer value)
|
|
# Deprecated group/name - [DEFAULT]/sql_max_retries
|
|
# Deprecated group/name - [DATABASE]/sql_max_retries
|
|
#max_retries = 10
|
|
|
|
# Interval between retries of opening a sql connection
|
|
# (integer value)
|
|
# Deprecated group/name - [DEFAULT]/sql_retry_interval
|
|
# Deprecated group/name - [DATABASE]/reconnect_interval
|
|
#retry_interval = 10
|
|
|
|
# If set, use this value for max_overflow with sqlalchemy
|
|
# (integer value)
|
|
# Deprecated group/name - [DEFAULT]/sql_max_overflow
|
|
# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow
|
|
#max_overflow = <None>
|
|
|
|
# Verbosity of SQL debugging information. 0=None,
|
|
# 100=Everything (integer value)
|
|
# Deprecated group/name - [DEFAULT]/sql_connection_debug
|
|
#connection_debug = 0
|
|
|
|
# Add python stack traces to SQL as comment strings (boolean
|
|
# value)
|
|
# Deprecated group/name - [DEFAULT]/sql_connection_trace
|
|
#connection_trace = False
|
|
|
|
# If set, use this value for pool_timeout with sqlalchemy
|
|
# (integer value)
|
|
# Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout
|
|
#pool_timeout = <None>
|
|
|
|
# Enable the experimental use of database reconnect on
|
|
# connection lost (boolean value)
|
|
#use_db_reconnect = False
|
|
|
|
# seconds between db connection retries (integer value)
|
|
#db_retry_interval = 1
|
|
|
|
# Whether to increase interval between db connection retries,
|
|
# up to db_max_retry_interval (boolean value)
|
|
#db_inc_retry_interval = True
|
|
|
|
# max seconds between db connection retries, if
|
|
# db_inc_retry_interval is enabled (integer value)
|
|
#db_max_retry_interval = 10
|
|
|
|
# maximum db connection retries before error is raised.
|
|
# (setting -1 implies an infinite retry count) (integer value)
|
|
#db_max_retries = 20
|
|
|
|
# ================= Keystone authtoken ===============================
|
|
[keystone_authtoken]
|
|
auth_uri = <%= @auth_uri %>
|
|
identity_uri = <%= @identity_uri %>
|
|
auth_version = <%= node['openstack']['image']['registry']['auth']['version'] %>
|
|
admin_tenant_name = <%= node["openstack"]["image"]["service_tenant_name"] %>
|
|
admin_user = <%= node["openstack"]["image"]["service_user"] %>
|
|
admin_password = <%= @service_pass %>
|
|
signing_dir = <%= node["openstack"]["image"]["registry"]["auth"]["cache_dir"] %>
|
|
insecure = <%= node['openstack']['image']['registry']['auth']['insecure'] %>
|
|
|
|
# A list of memcached server(s) to use for caching.
|
|
<% if node['openstack']['image']['registry']['auth']['memcached_servers'] %>
|
|
memcached_servers = <%= node['openstack']['image']['registry']['auth']['memcached_servers'] %>
|
|
<% end %>
|
|
|
|
# Whether token data should be authenticated or authenticated and encrypted. Acceptable values are MAC or ENCRYPT.
|
|
<% if node['openstack']['image']['registry']['auth']['memcache_security_strategy'] %>
|
|
memcache_security_strategy = <%= node['openstack']['image']['registry']['auth']['memcache_security_strategy'] %>
|
|
<% end %>
|
|
|
|
# This string is used for key derivation.
|
|
<% if node['openstack']['image']['registry']['auth']['memcache_secret_key'] %>
|
|
memcache_secret_key = <%= node['openstack']['image']['registry']['auth']['memcache_secret_key'] %>
|
|
<% end %>
|
|
|
|
# Hash algorithms to use for hashing PKI tokens.
|
|
hash_algorithms = <%= node['openstack']['image']['registry']['auth']['hash_algorithms'] %>
|
|
|
|
# A PEM encoded Certificate Authority to use when verifying HTTPs connections.
|
|
<% if node['openstack']['image']['registry']['auth']['cafile'] %>
|
|
cafile = <%= node['openstack']['image']['registry']['auth']['cafile'] %>
|
|
<% end %>
|
|
|
|
# Verify HTTPS connections. (boolean value)
|
|
insecure = <%= node['openstack']['image']['registry']['auth']['insecure'] %>
|
|
|
|
[oslo_messaging_qpid]
|
|
|
|
#
|
|
# From oslo.messaging
|
|
#
|
|
|
|
<% if @notification_driver == "messaging" && @mq_service_type == "qpid" %>
|
|
|
|
# Use durable queues in AMQP. (boolean value)
|
|
# Deprecated group/name - [DEFAULT]/rabbit_durable_queues
|
|
amqp_durable_queues=<%= node["openstack"]["mq"]["image"]["durable_queues"] %>
|
|
|
|
# Auto-delete queues in AMQP. (boolean value)
|
|
# Deprecated group/name - [DEFAULT]/amqp_auto_delete
|
|
amqp_auto_delete=<%= node["openstack"]["mq"]["image"]["auto_delete"] %>
|
|
|
|
# Size of RPC connection pool. (integer value)
|
|
#rpc_conn_pool_size=30
|
|
rpc_conn_pool_size=<%= node["openstack"]["image"]["rpc_conn_pool_size"] %>
|
|
|
|
# Configuration options if sending notifications via Qpid (these are
|
|
# the defaults)
|
|
transport_url = qpid://
|
|
notification_topics=<%= node["openstack"]["mq"]["image"]["qpid"]["notification_topic"] %>
|
|
qpid_hostname=<%= node["openstack"]["mq"]["image"]["qpid"]["host"] %>
|
|
qpid_port=<%= node["openstack"]["mq"]["image"]["qpid"]["port"] %>
|
|
qpid_username=<%= node["openstack"]["mq"]["image"]["qpid"]["username"] %>
|
|
qpid_password=<%= @mq_password %>
|
|
qpid_sasl_mechanisms=<%= node["openstack"]["mq"]["image"]["qpid"]["sasl_mechanisms"] %>
|
|
qpid_reconnect=<%= node["openstack"]["mq"]["image"]["qpid"]["reconnect"] %>
|
|
qpid_reconnect_timeout=<%= node["openstack"]["mq"]["image"]["qpid"]["reconnect_timeout"] %>
|
|
qpid_reconnect_limit=<%= node["openstack"]["mq"]["image"]["qpid"]["reconnect_limit"] %>
|
|
qpid_reconnect_interval_min=<%= node["openstack"]["mq"]["image"]["qpid"]["reconnect_interval_min"] %>
|
|
qpid_reconnect_interval_max=<%= node["openstack"]["mq"]["image"]["qpid"]["reconnect_interval_max"] %>
|
|
qpid_reconnect_interval=<%= node["openstack"]["mq"]["image"]["qpid"]["reconnect_interval"] %>
|
|
qpid_heartbeat=<%= node["openstack"]["mq"]["image"]["qpid"]["heartbeat"] %>
|
|
# Set to 'ssl' to enable SSL
|
|
qpid_protocol=<%= node["openstack"]["mq"]["image"]["qpid"]["protocol"] %>
|
|
qpid_tcp_nodelay=<%= node["openstack"]["mq"]["image"]["qpid"]["tcp_nodelay"] %>
|
|
qpid_topology_version=<%= node["openstack"]["mq"]["image"]["qpid"]["topology_version"] %>
|
|
<% end %>
|
|
|
|
[oslo_messaging_rabbit]
|
|
|
|
#
|
|
# From oslo.messaging
|
|
#
|
|
|
|
<% if @notification_driver == "messaging" && @mq_service_type == "rabbitmq" %>
|
|
|
|
# Use durable queues in AMQP. (boolean value)
|
|
# Deprecated group/name - [DEFAULT]/rabbit_durable_queues
|
|
amqp_durable_queues=<%= node["openstack"]["mq"]["image"]["durable_queues"] %>
|
|
|
|
# Auto-delete queues in AMQP. (boolean value)
|
|
# Deprecated group/name - [DEFAULT]/amqp_auto_delete
|
|
amqp_auto_delete=<%= node["openstack"]["mq"]["image"]["auto_delete"] %>
|
|
|
|
# Size of RPC connection pool. (integer value)
|
|
#rpc_conn_pool_size=30
|
|
rpc_conn_pool_size=<%= node["openstack"]["image"]["rpc_conn_pool_size"] %>
|
|
|
|
<% if node["openstack"]["mq"]["image"]["rabbit"]["use_ssl"] && node["openstack"]["mq"]["image"]["rabbit"]["kombu_ssl_version"] %>
|
|
kombu_ssl_version=<%= node["openstack"]["mq"]["image"]["rabbit"]["kombu_ssl_version"] %>
|
|
<% end -%>
|
|
# Configuration options if sending notifications via rabbitmq (these are
|
|
# the defaults)
|
|
transport_url = rabbit://
|
|
|
|
<% if node["openstack"]["mq"]["image"]["rabbit"]["ha"] -%>
|
|
rabbit_hosts=<%= @rabbit_hosts %>
|
|
rabbit_ha_queues=True
|
|
<% else -%>
|
|
rabbit_host = <%= node["openstack"]["mq"]["image"]["rabbit"]["host"] %>
|
|
rabbit_port = <%= node["openstack"]["mq"]["image"]["rabbit"]["port"] %>
|
|
<% end -%>
|
|
|
|
rabbit_use_ssl = <%= node["openstack"]["mq"]["image"]["rabbit"]["use_ssl"] %>
|
|
rabbit_userid = <%= node["openstack"]["mq"]["image"]["rabbit"]["userid"] %>
|
|
rabbit_password = <%= @mq_password %>
|
|
rabbit_virtual_host = <%= node["openstack"]["mq"]["image"]["rabbit"]["vhost"] %>
|
|
notification_topics = <%= node["openstack"]["mq"]["image"]["rabbit"]["notification_topic"] %>
|
|
<% end -%>
|
|
|
|
[paste_deploy]
|
|
# Name of the paste configuration file that defines the available pipelines
|
|
#config_file = glance-registry-paste.ini
|
|
|
|
# Partial name of a pipeline in your paste configuration file with the
|
|
# service name removed. For example, if your paste section name is
|
|
# [pipeline:glance-registry-keystone], you would configure the flavor below
|
|
# as 'keystone'.
|
|
#flavor=
|
|
flavor = keystone
|