openstack
/
glance
Code Issues Proposed changes

Refresh some config files based on bug fixes 

Change IDs I123be151fdda8037e62ba21600e63c45fdc90c8d and
Ie332236d6e11e0cb63114bc1c68c3a8691f1f1ae fix adding some missing config
options to be included as a part of the sample configs. We need to
refresh the configs to include those to be part of the latest sample
set. This commit refreshes some of the config for that purpose.

This change has been inspired while writing release notes here
If0b8b731c2a1a1c41fc612d506c350073d832efa . It was observed that the
bugs mentioned missing config opts in the sample files and have been
marked fixed. However, in order to make the release notes consistent
with that claim and to mention, as a part of the release notes, that
those bugs have been fixed, refreshing this has become important.

Change-Id: I534a0dc2d9f82ab70517cde12bfd40d4f5ae69e2
Related-Bug: 1568723
Related-Bug: 1568894
This commit is contained in:
Nikhil Komawar 2016-06-01 05:14:38 +00:00
parent 5308ec65a1
commit b5f31eef57
4 changed files with 1843 additions and 289 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

799
etc/glance-api.conf
View File

File diff suppressed because it is too large Load Diff

608
etc/glance-cache.conf
View File

@ -99,24 +99,205 @@
# value)
#digest_algorithm = sha256
# The path to the sqlite file database that will be used for image
# cache management. (string value)
#
# The relative path to sqlite file database that will be used for
# image cache
# management.
#
# This is a relative path to the sqlite file database that tracks the
# age and
# usage statistics of image cache. The path is relative to image cache
# base
# directory, specified by the configuration option
# ``image_cache_dir``.
#
# This is a lightweight database with just one table.
#
# Services which consume this:
# * glance-api
#
# Possible values:
# * A valid relative path to sqlite file database
#
# Related options:
# * ``image_cache_dir``
#
# (string value)
#image_cache_sqlite_db = cache.db
# The driver to use for image cache management. (string value)
#
# The driver to use for image cache management.
#
# This configuration option provides the flexibility to choose between
# the
# different image-cache drivers available. An image-cache driver is
# responsible
# for providing the essential functions of image-cache like write
# images to/read
# images from cache, track age and usage of cached images, provide a
# list of
# cached images, fetch size of the cache, queue images for caching and
# clean up
# the cache, etc.
#
# The essential functions of a driver are defined in the base class
# ``glance.image_cache.drivers.base.Driver``. All image-cache drivers
# (existing
# and prospective) must implement this interface. Currently available
# drivers
# are ``sqlite`` and ``xattr``. These drivers primarily differ in the
# way they
# store the information about cached images:
# * The ``sqlite`` driver uses a sqlite database (which sits on
# every glance
# node locally) to track the usage of cached images.
# * The ``xattr`` driver uses the extended attributes of files to
# store this
# information. It also requires a filesystem that sets ``atime``
# on the files
# when accessed.
#
# Services which consume this:
# * glance-api
#
# Possible values:
# * sqlite
# * xattr
#
# Related options:
# * None
#
# (string value)
# Allowed values: sqlite, xattr
#image_cache_driver = sqlite
# The upper limit (the maximum size of accumulated cache in bytes)
# beyond which the cache pruner, if running, starts cleaning the image
# cache. (integer value)
#
# The upper limit on cache size, in bytes, after which the cache-
# pruner cleans
# up the image cache.
#
# NOTE: This is just a threshold for cache-pruner to act upon. It is
# NOT a
# hard limit beyond which the image cache would never grow. In fact,
# depending
# on how often the cache-pruner runs and how quickly the cache fills,
# the image
# cache can far exceed the size specified here very easily. Hence,
# care must be
# taken to appropriately schedule the cache-pruner and in setting this
# limit.
#
# Glance caches an image when it is downloaded. Consequently, the size
# of the
# image cache grows over time as the number of downloads increases. To
# keep the
# cache size from becoming unmanageable, it is recommended to run the
# cache-pruner as a periodic task. When the cache pruner is kicked
# off, it
# compares the current size of image cache and triggers a cleanup if
# the image
# cache grew beyond the size specified here. After the cleanup, the
# size of
# cache is less than or equal to size specified here.
#
# Services which consume this:
# * None (consumed by cache-pruner, an independent periodic task)
#
# Possible values:
# * Any non-negative integer
#
# Related options:
# * None
#
# (integer value)
# Minimum value: 0
#image_cache_max_size = 10737418240
# The amount of time to let an incomplete image remain in the cache,
# before the cache cleaner, if running, will remove the incomplete
# image. (integer value)
#
# The amount of time, in seconds, an incomplete image remains in the
# cache.
#
# Incomplete images are images for which download is in progress.
# Please see the
# description of configuration option ``image_cache_dir`` for more
# detail.
# Sometimes, due to various reasons, it is possible the download may
# hang and
# the incompletely downloaded image remains in the ``incomplete``
# directory.
# This configuration option sets a time limit on how long the
# incomplete images
# should remain in the ``incomplete`` directory before they are
# cleaned up.
# Once an incomplete image spends more time than is specified here,
# it'll be
# removed by cache-cleaner on its next run.
#
# It is recommended to run cache-cleaner as a periodic task on the
# Glance API
# nodes to keep the incomplete images from occupying disk space.
#
# Services which consume this:
# * None (consumed by cache-cleaner, an independent periodic task)
#
# Possible values:
# * Any non-negative integer
#
# Related options:
# * None
#
# (integer value)
# Minimum value: 0
#image_cache_stall_time = 86400
# Base directory that the image cache uses. (string value)
#
# Base directory for image cache.
#
# This is the location where image data is cached and served out of.
# All cached
# images are stored directly under this directory. This directory also
# contains
# three subdirectories, namely, ``incomplete``, ``invalid`` and
# ``queue``.
#
# The ``incomplete`` subdirectory is the staging area for downloading
# images. An
# image is first downloaded to this directory. When the image download
# is
# successful it is moved to the base directory. However, if the
# download fails,
# the partially downloaded image file is moved to the ``invalid``
# subdirectory.
#
# The ``queue``subdirectory is used for queuing images for download.
# This is
# used primarily by the cache-prefetcher, which can be scheduled as a
# periodic
# task like cache-pruner and cache-cleaner, to cache images ahead of
# their usage.
# Upon receiving the request to cache an image, Glance touches a file
# in the
# ``queue`` directory with the image id as the file name. The cache-
# prefetcher,
# when running, polls for the files in ``queue`` directory and starts
# downloading them in the order they were created. When the download
# is
# successful, the zero-sized file is deleted from the ``queue``
# directory.
# If the download fails, the zero-sized file remains and it'll be
# retried the
# next time cache-prefetcher runs.
#
# Services which consume this:
# * glance-api
#
# Possible values:
# * A valid path
#
# Related options:
# * ``image_cache_sqlite_db``
#
# (string value)
#image_cache_dir = <None>
# Address to find the registry server. (string value)
@ -127,11 +308,11 @@
# Maximum value: 65535
#registry_port = 9191
# Whether to pass through the user token when making requests to the
# registry. To prevent failures with token expiration during big files
# upload, it is recommended to set this parameter to False.If
# "use_user_token" is not in effect, then admin credentials can be
# specified. (boolean value)
# DEPRECATED: Whether to pass through the user token when making
# requests to the registry. To prevent failures with token expiration
# during big files upload, it is recommended to set this parameter to
# False.If "use_user_token" is not in effect, then admin credentials
# can be specified. (boolean value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: This option was considered harmful and has been deprecated
@ -140,8 +321,8 @@
# been implemented with Keystone trusts support.
#use_user_token = true
# The administrators user name. If "use_user_token" is not in effect,
# then admin credentials can be specified. (string value)
# DEPRECATED: The administrators user name. If "use_user_token" is not
# in effect, then admin credentials can be specified. (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: This option was considered harmful and has been deprecated
@ -150,8 +331,8 @@
# been implemented with Keystone trusts support.
#admin_user = <None>
# The administrators password. If "use_user_token" is not in effect,
# then admin credentials can be specified. (string value)
# DEPRECATED: The administrators password. If "use_user_token" is not
# in effect, then admin credentials can be specified. (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: This option was considered harmful and has been deprecated
@ -160,9 +341,9 @@
# been implemented with Keystone trusts support.
#admin_password = <None>
# The tenant name of the administrative user. If "use_user_token" is
# not in effect, then admin tenant name can be specified. (string
# value)
# DEPRECATED: The tenant name of the administrative user. If
# "use_user_token" is not in effect, then admin tenant name can be
# specified. (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: This option was considered harmful and has been deprecated
@ -171,8 +352,8 @@
# been implemented with Keystone trusts support.
#admin_tenant_name = <None>
# The URL to the keystone service. If "use_user_token" is not in
# effect and using keystone auth, then URL of keystone can be
# DEPRECATED: The URL to the keystone service. If "use_user_token" is
# not in effect and using keystone auth, then URL of keystone can be
# specified. (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
@ -182,8 +363,9 @@
# been implemented with Keystone trusts support.
#auth_url = <None>
# The strategy to use for authentication. If "use_user_token" is not
# in effect, then auth strategy can be specified. (string value)
# DEPRECATED: The strategy to use for authentication. If
# "use_user_token" is not in effect, then auth strategy can be
# specified. (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: This option was considered harmful and has been deprecated
@ -192,9 +374,9 @@
# been implemented with Keystone trusts support.
#auth_strategy = noauth
# The region for the authentication service. If "use_user_token" is
# not in effect and using keystone auth, then region name can be
# specified. (string value)
# DEPRECATED: The region for the authentication service. If
# "use_user_token" is not in effect and using keystone auth, then
# region name can be specified. (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: This option was considered harmful and has been deprecated
@ -209,10 +391,11 @@
# If set to true, the logging level will be set to DEBUG instead of
# the default INFO level. (boolean value)
# Note: This option can be changed without restarting.
#debug = false
# If set to false, the logging level will be set to WARNING instead of
# the default INFO level. (boolean value)
# DEPRECATED: If set to false, the logging level will be set to
# WARNING instead of the default INFO level. (boolean value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#verbose = true
@ -224,6 +407,7 @@
# configuration is set in the configuration file and other logging
# configuration options are ignored (for example,
# logging_context_format_string). (string value)
# Note: This option can be changed without restarting.
# Deprecated group/name - [DEFAULT]/log_config
#log_config_append = <None>
@ -301,6 +485,368 @@
#fatal_deprecations = false
[glance_store]
#
# From glance.store
#
# List of stores enabled. Valid stores are: cinder, file, http, rbd,
# sheepdog, swift, s3, vsphere (list value)
#stores = file,http
# Default scheme to use to store image data. The scheme must be
# registered by one of the stores defined by the 'stores' config
# option. (string value)
#default_store = file
# Minimum interval seconds to execute updating dynamic storage
# capabilities based on backend status then. It's not a periodic
# routine, the update logic will be executed only when interval
# seconds elapsed and an operation of store has triggered. The feature
# will be enabled only when the option value greater then zero.
# (integer value)
#store_capabilities_update_min_interval = 0
# Specify the path to the CA bundle file to use in verifying the
# remote server certificate. (string value)
#https_ca_certificates_file = <None>
# If true, the remote server certificate is not verified. If false,
# then the default CA truststore is used for verification. This option
# is ignored if "https_ca_certificates_file" is set. (boolean value)
#https_insecure = true
# Specify the http/https proxy information that should be used to
# connect to the remote server. The proxy information should be a key
# value pair of the scheme and proxy. e.g. http:10.0.0.1:3128. You can
# specify proxies for multiple schemes by seperating the key value
# pairs with a comma.e.g. http:10.0.0.1:3128, https:10.0.0.1:1080.
# (dict value)
#http_proxy_information =
# If True, swiftclient won't check for a valid SSL certificate when
# authenticating. (boolean value)
#swift_store_auth_insecure = false
# A string giving the CA certificate file to use in SSL connections
# for verifying certs. (string value)
#swift_store_cacert = <None>
# The region of the swift endpoint to be used for single tenant. This
# setting is only necessary if the tenant has multiple swift
# endpoints. (string value)
#swift_store_region = <None>
# If set, the configured endpoint will be used. If None, the storage
# url from the auth response will be used. (string value)
#swift_store_endpoint = <None>
# A string giving the endpoint type of the swift service to use
# (publicURL, adminURL or internalURL). This setting is only used if
# swift_store_auth_version is 2. (string value)
#swift_store_endpoint_type = publicURL
# A string giving the service type of the swift service to use. This
# setting is only used if swift_store_auth_version is 2. (string
# value)
#swift_store_service_type = object-store
# Container within the account that the account should use for storing
# images in Swift when using single container mode. In multiple
# container mode, this will be the prefix for all containers. (string
# value)
#swift_store_container = glance
# The size, in MB, that Glance will start chunking image files and do
# a large object manifest in Swift. (integer value)
#swift_store_large_object_size = 5120
# The amount of data written to a temporary disk buffer during the
# process of chunking the image file. (integer value)
#swift_store_large_object_chunk_size = 200
# A boolean value that determines if we create the container if it
# does not exist. (boolean value)
#swift_store_create_container_on_put = false
# If set to True, enables multi-tenant storage mode which causes
# Glance images to be stored in tenant specific Swift accounts.
# (boolean value)
#swift_store_multi_tenant = false
# When set to 0, a single-tenant store will only use one container to
# store all images. When set to an integer value between 1 and 32, a
# single-tenant store will use multiple containers to store images,
# and this value will determine how many containers are created.Used
# only when swift_store_multi_tenant is disabled. The total number of
# containers that will be used is equal to 16^N, so if this config
# option is set to 2, then 16^2=256 containers will be used to store
# images. (integer value)
#swift_store_multiple_containers_seed = 0
# A list of tenants that will be granted read/write access on all
# Swift containers created by Glance in multi-tenant mode. (list
# value)
#swift_store_admin_tenants =
# If set to False, disables SSL layer compression of https swift
# requests. Setting to False may improve performance for images which
# are already in a compressed format, eg qcow2. (boolean value)
#swift_store_ssl_compression = true
# The number of times a Swift download will be retried before the
# request fails. (integer value)
#swift_store_retry_get_count = 0
# The period of time (in seconds) before token expirationwhen
# glance_store will try to reques new user token. Default value 60 sec
# means that if token is going to expire in 1 min then glance_store
# request new user token. (integer value)
#swift_store_expire_soon_interval = 60
# If set to True create a trust for each add/get request to Multi-
# tenant store in order to prevent authentication token to be expired
# during uploading/downloading data. If set to False then user token
# is used for Swift connection (so no overhead on trust creation).
# Please note that this option is considered only and only if
# swift_store_multi_tenant=True (boolean value)
#swift_store_use_trusts = true
# The reference to the default swift account/backing store parameters
# to use for adding new images. (string value)
#default_swift_reference = ref1
# Version of the authentication service to use. Valid versions are 2
# and 3 for keystone and 1 (deprecated) for swauth and rackspace.
# (deprecated - use "auth_version" in swift_store_config_file) (string
# value)
#swift_store_auth_version = 2
# The address where the Swift authentication service is listening.
# (deprecated - use "auth_address" in swift_store_config_file) (string
# value)
#swift_store_auth_address = <None>
# The user to authenticate against the Swift authentication service
# (deprecated - use "user" in swift_store_config_file) (string value)
#swift_store_user = <None>
# Auth key for the user authenticating against the Swift
# authentication service. (deprecated - use "key" in
# swift_store_config_file) (string value)
#swift_store_key = <None>
# The config file that has the swift account(s)configs. (string value)
#swift_store_config_file = <None>
# Directory to which the Filesystem backend store writes images.
# (string value)
#filesystem_store_datadir = /var/lib/glance/images
# List of directories and its priorities to which the Filesystem
# backend store writes images. (multi valued)
#filesystem_store_datadirs =
# The path to a file which contains the metadata to be returned with
# any location associated with this store. The file must contain a
# valid JSON object. The object should contain the keys 'id' and
# 'mountpoint'. The value for both keys should be 'string'. (string
# value)
#filesystem_store_metadata_file = <None>
# The required permission for created image file. In this way the user
# other service used, e.g. Nova, who consumes the image could be the
# exclusive member of the group that owns the files created. Assigning
# it less then or equal to zero means don't change the default
# permission of the file. This value will be decoded as an octal
# digit. (integer value)
#filesystem_store_file_perm = 0
# The host where the S3 server is listening. (string value)
#s3_store_host = <None>
# The S3 query token access key. (string value)
#s3_store_access_key = <None>
# The S3 query token secret key. (string value)
#s3_store_secret_key = <None>
# The S3 bucket to be used to store the Glance data. (string value)
#s3_store_bucket = <None>
# The local directory where uploads will be staged before they are
# transferred into S3. (string value)
#s3_store_object_buffer_dir = <None>
# A boolean to determine if the S3 bucket should be created on upload
# if it does not exist or if an error should be returned to the user.
# (boolean value)
#s3_store_create_bucket_on_put = false
# The S3 calling format used to determine the bucket. Either subdomain
# or path can be used. (string value)
#s3_store_bucket_url_format = subdomain
# What size, in MB, should S3 start chunking image files and do a
# multipart upload in S3. (integer value)
#s3_store_large_object_size = 100
# What multipart upload part size, in MB, should S3 use when uploading
# parts. The size must be greater than or equal to 5M. (integer value)
#s3_store_large_object_chunk_size = 10
# The number of thread pools to perform a multipart upload in S3.
# (integer value)
#s3_store_thread_pools = 10
# Enable the use of a proxy. (boolean value)
#s3_store_enable_proxy = false
# Address or hostname for the proxy server. (string value)
#s3_store_proxy_host = <None>
# The port to use when connecting over a proxy. (integer value)
#s3_store_proxy_port = 8080
# The username to connect to the proxy. (string value)
#s3_store_proxy_user = <None>
# The password to use when connecting over a proxy. (string value)
#s3_store_proxy_password = <None>
# Info to match when looking for cinder in the service catalog. Format
# is : separated values of the form:
# <service_type>:<service_name>:<endpoint_type> (string value)
#cinder_catalog_info = volumev2::publicURL
# Override service catalog lookup with template for cinder endpoint
# e.g. http://localhost:8776/v2/%(tenant)s (string value)
#cinder_endpoint_template = <None>
# Region name of this node. If specified, it will be used to locate
# OpenStack services for stores. (string value)
# Deprecated group/name - [glance_store]/os_region_name
#cinder_os_region_name = <None>
# Location of ca certicates file to use for cinder client requests.
# (string value)
#cinder_ca_certificates_file = <None>
# Number of cinderclient retries on failed http calls (integer value)
#cinder_http_retries = 3
# Time period of time in seconds to wait for a cinder volume
# transition to complete. (integer value)
#cinder_state_transition_timeout = 300
# Allow to perform insecure SSL requests to cinder (boolean value)
#cinder_api_insecure = false
# The address where the Cinder authentication service is listening. If
# <None>, the cinder endpoint in the service catalog is used. (string
# value)
#cinder_store_auth_address = <None>
# User name to authenticate against Cinder. If <None>, the user of
# current context is used. (string value)
#cinder_store_user_name = <None>
# Password for the user authenticating against Cinder. If <None>, the
# current context auth token is used. (string value)
#cinder_store_password = <None>
# Project name where the image is stored in Cinder. If <None>, the
# project in current context is used. (string value)
#cinder_store_project_name = <None>
# Path to the rootwrap configuration file to use for running commands
# as root. (string value)
#rootwrap_config = /etc/glance/rootwrap.conf
# ESX/ESXi or vCenter Server target system. The server value can be an
# IP address or a DNS name. (string value)
#vmware_server_host = <None>
# Username for authenticating with VMware ESX/VC server. (string
# value)
#vmware_server_username = <None>
# Password for authenticating with VMware ESX/VC server. (string
# value)
#vmware_server_password = <None>
# Number of times VMware ESX/VC server API must be retried upon
# connection related issues. (integer value)
#vmware_api_retry_count = 10
# The interval used for polling remote tasks invoked on VMware ESX/VC
# server. (integer value)
#vmware_task_poll_interval = 5
# The name of the directory where the glance images will be stored in
# the VMware datastore. (string value)
#vmware_store_image_dir = /openstack_glance
# If true, the ESX/vCenter server certificate is not verified. If
# false, then the default CA truststore is used for verification. This
# option is ignored if "vmware_ca_file" is set. (boolean value)
# Deprecated group/name - [glance_store]/vmware_api_insecure
#vmware_insecure = false
# Specify a CA bundle file to use in verifying the ESX/vCenter server
# certificate. (string value)
#vmware_ca_file = <None>
# A list of datastores where the image can be stored. This option may
# be specified multiple times for specifying multiple datastores. The
# datastore name should be specified after its datacenter path,
# seperated by ":". An optional weight may be given after the
# datastore name, seperated again by ":". Thus, the required format
# becomes <datacenter_path>:<datastore_name>:<optional_weight>. When
# adding an image, the datastore with highest weight will be selected,
# unless there is not enough free space available in cases where the
# image size is already known. If no weight is given, it is assumed to
# be zero and the directory will be considered for selection last. If
# multiple datastores have the same weight, then the one with the most
# free space available is selected. (multi valued)
#vmware_datastores =
# Images will be chunked into objects of this size (in megabytes). For
# best performance, this should be a power of two. (integer value)
#sheepdog_store_chunk_size = 64
# Port of sheep daemon. (integer value)
#sheepdog_store_port = 7000
# IP address of sheep daemon. (string value)
#sheepdog_store_address = localhost
# RADOS images will be chunked into objects of this size (in
# megabytes). For best performance, this should be a power of two.
# (integer value)
#rbd_store_chunk_size = 8
# RADOS pool in which images are stored. (string value)
#rbd_store_pool = images
# RADOS user to authenticate as (only applicable if using Cephx. If
# <None>, a default will be chosen based on the client. section in
# rbd_store_ceph_conf) (string value)
#rbd_store_user = <None>
# Ceph configuration file path. If <None>, librados will locate the
# default config. If using cephx authentication, this file should
# include a reference to the right keyring in a client.<USER> section
# (string value)
#rbd_store_ceph_conf = /etc/ceph/ceph.conf
# Timeout value (in seconds) used when connecting to ceph cluster. If
# value <= 0, no timeout is set and default librados value is used.
# (integer value)
#rados_connect_timeout = 0
[oslo_policy]
#

291
etc/glance-registry.conf
View File

@ -4,21 +4,103 @@
# From glance.registry
#
# When true, this option sets the owner of an image to be the tenant.
# Otherwise, the owner of the image will be the authenticated user
# issuing the request. (boolean value)
#
# Set the image owner to tenant or the authenticated user.
#
# Assign a boolean value to determine the owner of an image. When set
# to
# True, the owner of the image is the tenant. When set to False, the
# owner of the image will be the authenticated user issuing the
# request.
# Setting it to False makes the image private to the associated user
# and
# sharing with other users within the same tenant (or "project")
# requires explicit image sharing via image membership.
#
# Services which consume this:
# * glance-api
# * glare-api
# * glance-registry
#
# Possible values:
# * True
# * False
#
# Related options:
# * None
#
# (boolean value)
#owner_is_tenant = true
#
# Role used to identify an authenticated user as administrator.
# (string value)
#
# Provide a string value representing a Keystone role to identify an
# administrative user. Users with this role will be granted
# administrative privileges. The default value for this option is
# 'admin'.
#
# Services which consume this:
# * glance-api
# * glare-api
# * glance-registry
# * glance-scrubber
#
# Possible values:
# * A string value which is a valid Keystone role
#
# Related options:
# * None
#
# (string value)
#admin_role = admin
# Allow unauthenticated users to access the API with read-only
# privileges. This only applies when using ContextMiddleware. (boolean
# value)
#
# Allow limited access to unauthenticated users.
#
# Assign a boolean to determine API access for unathenticated
# users. When set to False, the API cannot be accessed by
# unauthenticated users. When set to True, unauthenticated users can
# access the API with read-only privileges. This however only applies
# when using ContextMiddleware.
#
# Services which consumes this:
# * glance-api
# * glare-api
# * glance-registry
#
# Possible values:
# * True
# * False
#
# Related options:
# * None
#
# (boolean value)
#allow_anonymous_access = false
# Limits request ID length. (integer value)
#
# Limit the request ID length.
#
# Provide an integer value to limit the length of the request ID to
# the specified length. The default value is 64. Users can change this
# to any ineteger value between 0 and 16384 however keeping in mind
# that
# a larger value may flood the logs.
#
# Services which consumes this:
# * glance-api
# * glare-api
# * glance-registry
#
# Possible values:
# * Integer value between 0 and 16384
#
# Related options:
# * None
#
# (integer value)
# Minimum value: 0
#max_request_id_length = 64
# Whether to allow users to specify image properties beyond what the
@ -146,9 +228,12 @@
# value)
#key_file = <None>
# The HTTP header used to determine the scheme for the original
# request, even if it was removed by an SSL terminating proxy. Typical
# value is "HTTP_X_FORWARDED_PROTO". (string value)
# DEPRECATED: The HTTP header used to determine the scheme for the
# original request, even if it was removed by an SSL terminating
# proxy. Typical value is "HTTP_X_FORWARDED_PROTO". (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Use the http_proxy_to_wsgi middleware instead.
#secure_proxy_ssl_header = <None>
# The number of child process workers that will be created to service
@ -181,10 +266,11 @@
# If set to true, the logging level will be set to DEBUG instead of
# the default INFO level. (boolean value)
# Note: This option can be changed without restarting.
#debug = false
# If set to false, the logging level will be set to WARNING instead of
# the default INFO level. (boolean value)
# DEPRECATED: If set to false, the logging level will be set to
# WARNING instead of the default INFO level. (boolean value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#verbose = true
@ -196,6 +282,7 @@
# configuration is set in the configuration file and other logging
# configuration options are ignored (for example,
# logging_context_format_string). (string value)
# Note: This option can be changed without restarting.
# Deprecated group/name - [DEFAULT]/log_config
#log_config_append = <None>
@ -289,10 +376,6 @@
# Allowed values: redis, dummy
#rpc_zmq_matchmaker = redis
# Type of concurrency used. Either "native" or "eventlet" (string
# value)
#rpc_zmq_concurrency = eventlet
# Number of ZeroMQ contexts, defaults to 1. (integer value)
#rpc_zmq_contexts = 1
@ -319,16 +402,23 @@
# Expiration timeout in seconds of a name service record about
# existing target ( < 0 means no timeout). (integer value)
#zmq_target_expire = 120
#zmq_target_expire = 300
# Update period in seconds of a name service record about existing
# target. (integer value)
#zmq_target_update = 180
# Use PUB/SUB pattern for fanout methods. PUB/SUB always uses proxy.
# (boolean value)
#use_pub_sub = true
# Use ROUTER remote proxy. (boolean value)
#use_router_proxy = true
# Minimal port number for random ports range. (port value)
# Minimum value: 0
# Maximum value: 65535
#rpc_zmq_min_port = 49152
#rpc_zmq_min_port = 49153
# Maximal port number for random ports range. (integer value)
# Minimum value: 1
@ -347,12 +437,14 @@
#rpc_response_timeout = 60
# A URL representing the messaging driver to use and its full
# configuration. If not set, we fall back to the rpc_backend option
# and driver specific configuration. (string value)
# configuration. (string value)
#transport_url = <None>
# The messaging driver to use, defaults to rabbit. Other drivers
# include amqp and zmq. (string value)
# DEPRECATED: The messaging driver to use, defaults to rabbit. Other
# drivers include amqp and zmq. (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Replaced by [DEFAULT]/transport_url
#rpc_backend = rabbit
# The default exchange under which topics are scoped. May be
@ -367,8 +459,12 @@
# From oslo.db
#
# The file name to use with SQLite. (string value)
# DEPRECATED: The file name to use with SQLite. (string value)
# Deprecated group/name - [DEFAULT]/sqlite_db
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Should use config option connection or slave_connection to
# connect the database.
#sqlite_db = oslo.sqlite
# If True, SQLite uses synchronous mode. (boolean value)
@ -482,7 +578,14 @@
# From keystonemiddleware.auth_token
#
# Complete public Identity API endpoint. (string value)
# Complete "public" Identity API endpoint. This endpoint should not be
# an "admin" endpoint, as it should be accessible by all end users.
# Unauthenticated clients are redirected to this endpoint to
# authenticate. Although this endpoint should ideally be unversioned,
# client support in the wild varies. If you're using a versioned v2
# endpoint here, then this should *not* be the same endpoint the
# service user utilizes for validating tokens, because normal end
# users may not be able to reach that endpoint. (string value)
#auth_uri = <None>
# API version of the admin Identity API endpoint. (string value)
@ -528,7 +631,7 @@
# Optionally specify a list of memcached server(s) to use for caching.
# If left undefined, tokens will instead be cached in-process. (list
# value)
# Deprecated group/name - [DEFAULT]/memcache_servers
# Deprecated group/name - [keystone_authtoken]/memcache_servers
#memcached_servers = <None>
# In order to prevent excessive effort spent validating tokens, the
@ -540,7 +643,8 @@
# Determines the frequency at which the list of revoked tokens is
# retrieved from the Identity service (in seconds). A high number of
# revocation events combined with a low cache duration may
# significantly reduce performance. (integer value)
# significantly reduce performance. Only valid for PKI tokens.
# (integer value)
#revocation_cache_time = 10
# (Optional) If defined, indicate whether token data should be
@ -611,11 +715,11 @@
# value)
#hash_algorithms = md5
# Authentication type to load (unknown value)
# Deprecated group/name - [DEFAULT]/auth_plugin
# Authentication type to load (string value)
# Deprecated group/name - [keystone_authtoken]/auth_plugin
#auth_type = <None>
# Config Section from which to load plugin specific options (unknown
# Config Section from which to load plugin specific options (string
# value)
#auth_section = <None>
@ -626,32 +730,44 @@
# From oslo.messaging
#
# Host to locate redis. (string value)
# DEPRECATED: Host to locate redis. (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Replaced by [DEFAULT]/transport_url
#host = 127.0.0.1
# Use this port to connect to redis host. (port value)
# DEPRECATED: Use this port to connect to redis host. (port value)
# Minimum value: 0
# Maximum value: 65535
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Replaced by [DEFAULT]/transport_url
#port = 6379
# Password for Redis server (optional). (string value)
# DEPRECATED: Password for Redis server (optional). (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Replaced by [DEFAULT]/transport_url
#password =
# List of Redis Sentinel hosts (fault tolerance mode) e.g.
# DEPRECATED: List of Redis Sentinel hosts (fault tolerance mode) e.g.
# [host:port, host1:port ... ] (list value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Replaced by [DEFAULT]/transport_url
#sentinel_hosts =
# Redis replica set name. (string value)
#sentinel_group_name = oslo-messaging-zeromq
# Time in ms to wait between connection attempts. (integer value)
#wait_timeout = 500
#wait_timeout = 5000
# Time in ms to wait before the transaction is killed. (integer value)
#check_timeout = 20000
#check_timeout = 60000
# Timeout in ms on blocking socket operations (integer value)
#socket_timeout = 1000
#socket_timeout = 10000
[oslo_messaging_amqp]
@ -798,7 +914,7 @@
# How long to wait a missing client beforce abandoning to send it its
# replies. This value should not be longer than rpc_response_timeout.
# (integer value)
# Deprecated group/name - [DEFAULT]/kombu_reconnect_timeout
# Deprecated group/name - [oslo_messaging_rabbit]/kombu_reconnect_timeout
#kombu_missing_consumer_retry_timeout = 60
# Determines how the next RabbitMQ node is chosen in case the one we
@ -807,39 +923,58 @@
# Allowed values: round-robin, shuffle
#kombu_failover_strategy = round-robin
# The RabbitMQ broker address where a single node is used. (string
# value)
# DEPRECATED: The RabbitMQ broker address where a single node is used.
# (string value)
# Deprecated group/name - [DEFAULT]/rabbit_host
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Replaced by [DEFAULT]/transport_url
#rabbit_host = localhost
# The RabbitMQ broker port where a single node is used. (port value)
# DEPRECATED: The RabbitMQ broker port where a single node is used.
# (port value)
# Minimum value: 0
# Maximum value: 65535
# Deprecated group/name - [DEFAULT]/rabbit_port
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Replaced by [DEFAULT]/transport_url
#rabbit_port = 5672
# RabbitMQ HA cluster host:port pairs. (list value)
# DEPRECATED: RabbitMQ HA cluster host:port pairs. (list value)
# Deprecated group/name - [DEFAULT]/rabbit_hosts
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Replaced by [DEFAULT]/transport_url
#rabbit_hosts = $rabbit_host:$rabbit_port
# Connect over SSL for RabbitMQ. (boolean value)
# Deprecated group/name - [DEFAULT]/rabbit_use_ssl
#rabbit_use_ssl = false
# The RabbitMQ userid. (string value)
# DEPRECATED: The RabbitMQ userid. (string value)
# Deprecated group/name - [DEFAULT]/rabbit_userid
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Replaced by [DEFAULT]/transport_url
#rabbit_userid = guest
# The RabbitMQ password. (string value)
# DEPRECATED: The RabbitMQ password. (string value)
# Deprecated group/name - [DEFAULT]/rabbit_password
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Replaced by [DEFAULT]/transport_url
#rabbit_password = guest
# The RabbitMQ login method. (string value)
# Deprecated group/name - [DEFAULT]/rabbit_login_method
#rabbit_login_method = AMQPLAIN
# The RabbitMQ virtual host. (string value)
# DEPRECATED: The RabbitMQ virtual host. (string value)
# Deprecated group/name - [DEFAULT]/rabbit_virtual_host
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Replaced by [DEFAULT]/transport_url
#rabbit_virtual_host = /
# How frequently to retry connecting with RabbitMQ. (integer value)
@ -902,7 +1037,7 @@
# How often to send heartbeats for consumer's connections (integer
# value)
#heartbeat_interval = 1
#heartbeat_interval = 3
# Enable SSL (boolean value)
#ssl = <None>
@ -922,8 +1057,12 @@
# (floating point value)
#host_connection_reconnect_delay = 0.25
# Connection factory implementation (string value)
# Allowed values: new, single, read_write
#connection_factory = single
# Maximum number of connections to keep queued. (integer value)
#pool_max_size = 10
#pool_max_size = 30
# Maximum number of connections to create above `pool_max_size`.
# (integer value)
@ -946,7 +1085,7 @@
# Persist notification messages. (boolean value)
#notification_persistence = false
# Exchange name for for sending notifications (string value)
# Exchange name for sending notifications (string value)
#default_notification_exchange = ${control_exchange}_notification
# Max number of not acknowledged message which RabbitMQ can send to
@ -1045,12 +1184,60 @@
# From glance.registry
#
# If False fully disable profiling feature. (boolean value)
#
# Enables the profiling for all services on this node. Default value
# is False
# (fully disable the profiling feature).
#
# Possible values:
#
# * True: Enables the feature
# * False: Disables the feature. The profiling cannot be started via
# this project
# operations. If the profiling is triggered by another project, this
# project part
# will be empty.
# (boolean value)
# Deprecated group/name - [profiler]/profiler_enabled
#enabled = false
# If False doesn't trace SQL requests. (boolean value)
#
# Enables SQL requests profiling in services. Default value is False
# (SQL
# requests won't be traced).
#
# Possible values:
#
# * True: Enables SQL requests profiling. Each SQL query will be part
# of the
# trace and can the be analyzed by how much time was spent for that.
# * False: Disables SQL requests profiling. The spent time is only
# shown on a
# higher level of operations. Single SQL queries cannot be analyzed
# this
# way.
# (boolean value)
#trace_sqlalchemy = false
# Secret key to use to sign Glance API and Glance Registry services
# tracing messages. (string value)
#
# Secret key(s) to use for encrypting context data for performance
# profiling.
# This string value should have the following format:
# <key1>[,<key2>,...<keyn>],
# where each key is some random string. A user who triggers the
# profiling via
# the REST API has to set one of these keys in the headers of the REST
# API call
# to include profiling results of this node for this particular
# project.
#
# Both "enabled" flag and "hmac_keys" config options should be set to
# enable
# profiling. Also, to generate correct profiling information across
# all services
# at least one key needs to be consistent between OpenStack projects.
# This
# ensures it can be used from client side to generate the trace,
# containing
# information from all possible resources. (string value)
#hmac_keys = SECRET_KEY

434
etc/glance-scrubber.conf
View File

@ -112,8 +112,27 @@
# Turn on/off delayed delete. (boolean value)
#delayed_delete = false
#
# Role used to identify an authenticated user as administrator.
# (string value)
#
# Provide a string value representing a Keystone role to identify an
# administrative user. Users with this role will be granted
# administrative privileges. The default value for this option is
# 'admin'.
#
# Services which consume this:
# * glance-api
# * glare-api
# * glance-registry
# * glance-scrubber
#
# Possible values:
# * A string value which is a valid Keystone role
#
# Related options:
# * None
#
# (string value)
#admin_role = admin
# Whether to pass through headers containing user and tenant
@ -167,11 +186,11 @@
# (integer value)
#registry_client_timeout = 600
# Whether to pass through the user token when making requests to the
# registry. To prevent failures with token expiration during big files
# upload, it is recommended to set this parameter to False.If
# "use_user_token" is not in effect, then admin credentials can be
# specified. (boolean value)
# DEPRECATED: Whether to pass through the user token when making
# requests to the registry. To prevent failures with token expiration
# during big files upload, it is recommended to set this parameter to
# False.If "use_user_token" is not in effect, then admin credentials
# can be specified. (boolean value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: This option was considered harmful and has been deprecated
@ -180,8 +199,8 @@
# been implemented with Keystone trusts support.
#use_user_token = true
# The administrators user name. If "use_user_token" is not in effect,
# then admin credentials can be specified. (string value)
# DEPRECATED: The administrators user name. If "use_user_token" is not
# in effect, then admin credentials can be specified. (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: This option was considered harmful and has been deprecated
@ -190,8 +209,8 @@
# been implemented with Keystone trusts support.
#admin_user = <None>
# The administrators password. If "use_user_token" is not in effect,
# then admin credentials can be specified. (string value)
# DEPRECATED: The administrators password. If "use_user_token" is not
# in effect, then admin credentials can be specified. (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: This option was considered harmful and has been deprecated
@ -200,9 +219,9 @@
# been implemented with Keystone trusts support.
#admin_password = <None>
# The tenant name of the administrative user. If "use_user_token" is
# not in effect, then admin tenant name can be specified. (string
# value)
# DEPRECATED: The tenant name of the administrative user. If
# "use_user_token" is not in effect, then admin tenant name can be
# specified. (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: This option was considered harmful and has been deprecated
@ -211,8 +230,8 @@
# been implemented with Keystone trusts support.
#admin_tenant_name = <None>
# The URL to the keystone service. If "use_user_token" is not in
# effect and using keystone auth, then URL of keystone can be
# DEPRECATED: The URL to the keystone service. If "use_user_token" is
# not in effect and using keystone auth, then URL of keystone can be
# specified. (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
@ -222,8 +241,9 @@
# been implemented with Keystone trusts support.
#auth_url = <None>
# The strategy to use for authentication. If "use_user_token" is not
# in effect, then auth strategy can be specified. (string value)
# DEPRECATED: The strategy to use for authentication. If
# "use_user_token" is not in effect, then auth strategy can be
# specified. (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: This option was considered harmful and has been deprecated
@ -232,9 +252,9 @@
# been implemented with Keystone trusts support.
#auth_strategy = noauth
# The region for the authentication service. If "use_user_token" is
# not in effect and using keystone auth, then region name can be
# specified. (string value)
# DEPRECATED: The region for the authentication service. If
# "use_user_token" is not in effect and using keystone auth, then
# region name can be specified. (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: This option was considered harmful and has been deprecated
@ -257,10 +277,11 @@
# If set to true, the logging level will be set to DEBUG instead of
# the default INFO level. (boolean value)
# Note: This option can be changed without restarting.
#debug = false
# If set to false, the logging level will be set to WARNING instead of
# the default INFO level. (boolean value)
# DEPRECATED: If set to false, the logging level will be set to
# WARNING instead of the default INFO level. (boolean value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#verbose = true
@ -272,6 +293,7 @@
# configuration is set in the configuration file and other logging
# configuration options are ignored (for example,
# logging_context_format_string). (string value)
# Note: This option can be changed without restarting.
# Deprecated group/name - [DEFAULT]/log_config
#log_config_append = <None>
@ -355,8 +377,12 @@
# From oslo.db
#
# The file name to use with SQLite. (string value)
# DEPRECATED: The file name to use with SQLite. (string value)
# Deprecated group/name - [DEFAULT]/sqlite_db
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: Should use config option connection or slave_connection to
# connect the database.
#sqlite_db = oslo.sqlite
# If True, SQLite uses synchronous mode. (boolean value)
@ -464,6 +490,368 @@
#use_tpool = false
[glance_store]
#
# From glance.store
#
# List of stores enabled. Valid stores are: cinder, file, http, rbd,
# sheepdog, swift, s3, vsphere (list value)
#stores = file,http
# Default scheme to use to store image data. The scheme must be
# registered by one of the stores defined by the 'stores' config
# option. (string value)
#default_store = file
# Minimum interval seconds to execute updating dynamic storage
# capabilities based on backend status then. It's not a periodic
# routine, the update logic will be executed only when interval
# seconds elapsed and an operation of store has triggered. The feature
# will be enabled only when the option value greater then zero.
# (integer value)
#store_capabilities_update_min_interval = 0
# Specify the path to the CA bundle file to use in verifying the
# remote server certificate. (string value)
#https_ca_certificates_file = <None>
# If true, the remote server certificate is not verified. If false,
# then the default CA truststore is used for verification. This option
# is ignored if "https_ca_certificates_file" is set. (boolean value)
#https_insecure = true
# Specify the http/https proxy information that should be used to
# connect to the remote server. The proxy information should be a key
# value pair of the scheme and proxy. e.g. http:10.0.0.1:3128. You can
# specify proxies for multiple schemes by seperating the key value
# pairs with a comma.e.g. http:10.0.0.1:3128, https:10.0.0.1:1080.
# (dict value)
#http_proxy_information =
# If True, swiftclient won't check for a valid SSL certificate when
# authenticating. (boolean value)
#swift_store_auth_insecure = false
# A string giving the CA certificate file to use in SSL connections
# for verifying certs. (string value)
#swift_store_cacert = <None>
# The region of the swift endpoint to be used for single tenant. This
# setting is only necessary if the tenant has multiple swift
# endpoints. (string value)
#swift_store_region = <None>
# If set, the configured endpoint will be used. If None, the storage
# url from the auth response will be used. (string value)
#swift_store_endpoint = <None>
# A string giving the endpoint type of the swift service to use
# (publicURL, adminURL or internalURL). This setting is only used if
# swift_store_auth_version is 2. (string value)
#swift_store_endpoint_type = publicURL
# A string giving the service type of the swift service to use. This
# setting is only used if swift_store_auth_version is 2. (string
# value)
#swift_store_service_type = object-store
# Container within the account that the account should use for storing
# images in Swift when using single container mode. In multiple
# container mode, this will be the prefix for all containers. (string
# value)
#swift_store_container = glance
# The size, in MB, that Glance will start chunking image files and do
# a large object manifest in Swift. (integer value)
#swift_store_large_object_size = 5120
# The amount of data written to a temporary disk buffer during the
# process of chunking the image file. (integer value)
#swift_store_large_object_chunk_size = 200
# A boolean value that determines if we create the container if it
# does not exist. (boolean value)
#swift_store_create_container_on_put = false
# If set to True, enables multi-tenant storage mode which causes
# Glance images to be stored in tenant specific Swift accounts.
# (boolean value)
#swift_store_multi_tenant = false
# When set to 0, a single-tenant store will only use one container to
# store all images. When set to an integer value between 1 and 32, a
# single-tenant store will use multiple containers to store images,
# and this value will determine how many containers are created.Used
# only when swift_store_multi_tenant is disabled. The total number of
# containers that will be used is equal to 16^N, so if this config
# option is set to 2, then 16^2=256 containers will be used to store
# images. (integer value)
#swift_store_multiple_containers_seed = 0
# A list of tenants that will be granted read/write access on all
# Swift containers created by Glance in multi-tenant mode. (list
# value)
#swift_store_admin_tenants =
# If set to False, disables SSL layer compression of https swift
# requests. Setting to False may improve performance for images which
# are already in a compressed format, eg qcow2. (boolean value)
#swift_store_ssl_compression = true
# The number of times a Swift download will be retried before the
# request fails. (integer value)
#swift_store_retry_get_count = 0
# The period of time (in seconds) before token expirationwhen
# glance_store will try to reques new user token. Default value 60 sec
# means that if token is going to expire in 1 min then glance_store
# request new user token. (integer value)
#swift_store_expire_soon_interval = 60
# If set to True create a trust for each add/get request to Multi-
# tenant store in order to prevent authentication token to be expired
# during uploading/downloading data. If set to False then user token
# is used for Swift connection (so no overhead on trust creation).
# Please note that this option is considered only and only if
# swift_store_multi_tenant=True (boolean value)
#swift_store_use_trusts = true
# The reference to the default swift account/backing store parameters
# to use for adding new images. (string value)
#default_swift_reference = ref1
# Version of the authentication service to use. Valid versions are 2
# and 3 for keystone and 1 (deprecated) for swauth and rackspace.
# (deprecated - use "auth_version" in swift_store_config_file) (string
# value)
#swift_store_auth_version = 2
# The address where the Swift authentication service is listening.
# (deprecated - use "auth_address" in swift_store_config_file) (string
# value)
#swift_store_auth_address = <None>
# The user to authenticate against the Swift authentication service
# (deprecated - use "user" in swift_store_config_file) (string value)
#swift_store_user = <None>
# Auth key for the user authenticating against the Swift
# authentication service. (deprecated - use "key" in
# swift_store_config_file) (string value)
#swift_store_key = <None>
# The config file that has the swift account(s)configs. (string value)
#swift_store_config_file = <None>
# Directory to which the Filesystem backend store writes images.
# (string value)
#filesystem_store_datadir = /var/lib/glance/images
# List of directories and its priorities to which the Filesystem
# backend store writes images. (multi valued)
#filesystem_store_datadirs =
# The path to a file which contains the metadata to be returned with
# any location associated with this store. The file must contain a
# valid JSON object. The object should contain the keys 'id' and
# 'mountpoint'. The value for both keys should be 'string'. (string
# value)
#filesystem_store_metadata_file = <None>
# The required permission for created image file. In this way the user
# other service used, e.g. Nova, who consumes the image could be the
# exclusive member of the group that owns the files created. Assigning
# it less then or equal to zero means don't change the default
# permission of the file. This value will be decoded as an octal
# digit. (integer value)
#filesystem_store_file_perm = 0
# The host where the S3 server is listening. (string value)
#s3_store_host = <None>
# The S3 query token access key. (string value)
#s3_store_access_key = <None>
# The S3 query token secret key. (string value)
#s3_store_secret_key = <None>
# The S3 bucket to be used to store the Glance data. (string value)
#s3_store_bucket = <None>
# The local directory where uploads will be staged before they are
# transferred into S3. (string value)
#s3_store_object_buffer_dir = <None>
# A boolean to determine if the S3 bucket should be created on upload
# if it does not exist or if an error should be returned to the user.
# (boolean value)
#s3_store_create_bucket_on_put = false
# The S3 calling format used to determine the bucket. Either subdomain
# or path can be used. (string value)
#s3_store_bucket_url_format = subdomain
# What size, in MB, should S3 start chunking image files and do a
# multipart upload in S3. (integer value)
#s3_store_large_object_size = 100
# What multipart upload part size, in MB, should S3 use when uploading
# parts. The size must be greater than or equal to 5M. (integer value)
#s3_store_large_object_chunk_size = 10
# The number of thread pools to perform a multipart upload in S3.
# (integer value)
#s3_store_thread_pools = 10
# Enable the use of a proxy. (boolean value)
#s3_store_enable_proxy = false
# Address or hostname for the proxy server. (string value)
#s3_store_proxy_host = <None>
# The port to use when connecting over a proxy. (integer value)
#s3_store_proxy_port = 8080
# The username to connect to the proxy. (string value)
#s3_store_proxy_user = <None>
# The password to use when connecting over a proxy. (string value)
#s3_store_proxy_password = <None>
# Info to match when looking for cinder in the service catalog. Format
# is : separated values of the form:
# <service_type>:<service_name>:<endpoint_type> (string value)
#cinder_catalog_info = volumev2::publicURL
# Override service catalog lookup with template for cinder endpoint
# e.g. http://localhost:8776/v2/%(tenant)s (string value)
#cinder_endpoint_template = <None>
# Region name of this node. If specified, it will be used to locate
# OpenStack services for stores. (string value)
# Deprecated group/name - [glance_store]/os_region_name
#cinder_os_region_name = <None>
# Location of ca certicates file to use for cinder client requests.
# (string value)
#cinder_ca_certificates_file = <None>
# Number of cinderclient retries on failed http calls (integer value)
#cinder_http_retries = 3
# Time period of time in seconds to wait for a cinder volume
# transition to complete. (integer value)
#cinder_state_transition_timeout = 300
# Allow to perform insecure SSL requests to cinder (boolean value)
#cinder_api_insecure = false
# The address where the Cinder authentication service is listening. If
# <None>, the cinder endpoint in the service catalog is used. (string
# value)
#cinder_store_auth_address = <None>
# User name to authenticate against Cinder. If <None>, the user of
# current context is used. (string value)
#cinder_store_user_name = <None>
# Password for the user authenticating against Cinder. If <None>, the
# current context auth token is used. (string value)
#cinder_store_password = <None>
# Project name where the image is stored in Cinder. If <None>, the
# project in current context is used. (string value)
#cinder_store_project_name = <None>
# Path to the rootwrap configuration file to use for running commands
# as root. (string value)
#rootwrap_config = /etc/glance/rootwrap.conf
# ESX/ESXi or vCenter Server target system. The server value can be an
# IP address or a DNS name. (string value)
#vmware_server_host = <None>
# Username for authenticating with VMware ESX/VC server. (string
# value)
#vmware_server_username = <None>
# Password for authenticating with VMware ESX/VC server. (string
# value)
#vmware_server_password = <None>
# Number of times VMware ESX/VC server API must be retried upon
# connection related issues. (integer value)
#vmware_api_retry_count = 10
# The interval used for polling remote tasks invoked on VMware ESX/VC
# server. (integer value)
#vmware_task_poll_interval = 5
# The name of the directory where the glance images will be stored in
# the VMware datastore. (string value)
#vmware_store_image_dir = /openstack_glance
# If true, the ESX/vCenter server certificate is not verified. If
# false, then the default CA truststore is used for verification. This
# option is ignored if "vmware_ca_file" is set. (boolean value)
# Deprecated group/name - [glance_store]/vmware_api_insecure
#vmware_insecure = false
# Specify a CA bundle file to use in verifying the ESX/vCenter server
# certificate. (string value)
#vmware_ca_file = <None>
# A list of datastores where the image can be stored. This option may
# be specified multiple times for specifying multiple datastores. The
# datastore name should be specified after its datacenter path,
# seperated by ":". An optional weight may be given after the
# datastore name, seperated again by ":". Thus, the required format
# becomes <datacenter_path>:<datastore_name>:<optional_weight>. When
# adding an image, the datastore with highest weight will be selected,
# unless there is not enough free space available in cases where the
# image size is already known. If no weight is given, it is assumed to
# be zero and the directory will be considered for selection last. If
# multiple datastores have the same weight, then the one with the most
# free space available is selected. (multi valued)
#vmware_datastores =
# Images will be chunked into objects of this size (in megabytes). For
# best performance, this should be a power of two. (integer value)
#sheepdog_store_chunk_size = 64
# Port of sheep daemon. (integer value)
#sheepdog_store_port = 7000
# IP address of sheep daemon. (string value)
#sheepdog_store_address = localhost
# RADOS images will be chunked into objects of this size (in
# megabytes). For best performance, this should be a power of two.
# (integer value)
#rbd_store_chunk_size = 8
# RADOS pool in which images are stored. (string value)
#rbd_store_pool = images
# RADOS user to authenticate as (only applicable if using Cephx. If
# <None>, a default will be chosen based on the client. section in
# rbd_store_ceph_conf) (string value)
#rbd_store_user = <None>
# Ceph configuration file path. If <None>, librados will locate the
# default config. If using cephx authentication, this file should
# include a reference to the right keyring in a client.<USER> section
# (string value)
#rbd_store_ceph_conf = /etc/ceph/ceph.conf
# Timeout value (in seconds) used when connecting to ceph cluster. If
# value <= 0, no timeout is set and default librados value is used.
# (integer value)
#rados_connect_timeout = 0
[oslo_concurrency]
#