311 lines
14 KiB
Python
311 lines
14 KiB
Python
# Copyright 2011 OpenStack Foundation
|
|
# All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
"""
|
|
Routines for configuring Glance
|
|
"""
|
|
|
|
import logging
|
|
import logging.config
|
|
import logging.handlers
|
|
import os
|
|
|
|
from oslo_config import cfg
|
|
from oslo_middleware import cors
|
|
from oslo_policy import policy
|
|
from paste import deploy
|
|
|
|
from glance.i18n import _
|
|
from glance.version import version_info as version
|
|
|
|
paste_deploy_opts = [
|
|
cfg.StrOpt('flavor',
|
|
help=_('Partial name of a pipeline in your paste configuration '
|
|
'file with the service name removed. For example, if '
|
|
'your paste section name is '
|
|
'[pipeline:glance-api-keystone] use the value '
|
|
'"keystone"')),
|
|
cfg.StrOpt('config_file',
|
|
help=_('Name of the paste configuration file.')),
|
|
]
|
|
image_format_opts = [
|
|
cfg.ListOpt('container_formats',
|
|
default=['ami', 'ari', 'aki', 'bare', 'ovf', 'ova', 'docker'],
|
|
help=_("Supported values for the 'container_format' "
|
|
"image attribute"),
|
|
deprecated_opts=[cfg.DeprecatedOpt('container_formats',
|
|
group='DEFAULT')]),
|
|
cfg.ListOpt('disk_formats',
|
|
default=['ami', 'ari', 'aki', 'vhd', 'vmdk', 'raw', 'qcow2',
|
|
'vdi', 'iso'],
|
|
help=_("Supported values for the 'disk_format' "
|
|
"image attribute"),
|
|
deprecated_opts=[cfg.DeprecatedOpt('disk_formats',
|
|
group='DEFAULT')]),
|
|
]
|
|
task_opts = [
|
|
cfg.IntOpt('task_time_to_live',
|
|
default=48,
|
|
help=_("Time in hours for which a task lives after, either "
|
|
"succeeding or failing"),
|
|
deprecated_opts=[cfg.DeprecatedOpt('task_time_to_live',
|
|
group='DEFAULT')]),
|
|
cfg.StrOpt('task_executor',
|
|
default='taskflow',
|
|
help=_("Specifies which task executor to be used to run the "
|
|
"task scripts.")),
|
|
cfg.StrOpt('work_dir',
|
|
help=_('Work dir for asynchronous task operations. '
|
|
'The directory set here will be used to operate over '
|
|
'images - normally before they are imported in the '
|
|
'destination store. When providing work dir, make sure '
|
|
'enough space is provided for concurrent tasks to run '
|
|
'efficiently without running out of space. A rough '
|
|
'estimation can be done by multiplying the number of '
|
|
'`max_workers` - or the N of workers running - by an '
|
|
'average image size (e.g 500MB). The image size '
|
|
'estimation should be done based on the average size in '
|
|
'your deployment. Note that depending on the tasks '
|
|
'running you may need to multiply this number by some '
|
|
'factor depending on what the task does. For example, '
|
|
'you may want to double the available size if image '
|
|
'conversion is enabled. All this being said, remember '
|
|
'these are just estimations and you should do them '
|
|
'based on the worst case scenario and be prepared to '
|
|
'act in case they were wrong.')),
|
|
]
|
|
common_opts = [
|
|
cfg.BoolOpt('allow_additional_image_properties', default=True,
|
|
help=_('Whether to allow users to specify image properties '
|
|
'beyond what the image schema provides')),
|
|
cfg.IntOpt('image_member_quota', default=128,
|
|
help=_('Maximum number of image members per image. '
|
|
'Negative values evaluate to unlimited.')),
|
|
cfg.IntOpt('image_property_quota', default=128,
|
|
help=_('Maximum number of properties allowed on an image. '
|
|
'Negative values evaluate to unlimited.')),
|
|
cfg.IntOpt('image_tag_quota', default=128,
|
|
help=_('Maximum number of tags allowed on an image. '
|
|
'Negative values evaluate to unlimited.')),
|
|
cfg.IntOpt('image_location_quota', default=10,
|
|
help=_('Maximum number of locations allowed on an image. '
|
|
'Negative values evaluate to unlimited.')),
|
|
cfg.StrOpt('data_api', default='glance.db.sqlalchemy.api',
|
|
help=_('Python module path of data access API')),
|
|
cfg.IntOpt('limit_param_default', default=25,
|
|
help=_('Default value for the number of items returned by a '
|
|
'request if not specified explicitly in the request')),
|
|
cfg.IntOpt('api_limit_max', default=1000,
|
|
help=_('Maximum permissible number of items that could be '
|
|
'returned by a request')),
|
|
cfg.BoolOpt('show_image_direct_url', default=False,
|
|
help=_('Whether to include the backend image storage location '
|
|
'in image properties. Revealing storage location can '
|
|
'be a security risk, so use this setting with '
|
|
'caution!')),
|
|
cfg.BoolOpt('show_multiple_locations', default=False,
|
|
help=_('Whether to include the backend image locations '
|
|
'in image properties. '
|
|
'For example, if using the file system store a URL of '
|
|
'"file:///path/to/image" will be returned to the user '
|
|
'in the \'direct_url\' meta-data field. '
|
|
'Revealing storage location can '
|
|
'be a security risk, so use this setting with '
|
|
'caution! '
|
|
'Setting this to true overrides the '
|
|
'show_image_direct_url option.')),
|
|
cfg.IntOpt('image_size_cap', default=1099511627776,
|
|
max=9223372036854775808,
|
|
help=_("Maximum size of image a user can upload in bytes. "
|
|
"Defaults to 1099511627776 bytes (1 TB)."
|
|
"WARNING: this value should only be increased after "
|
|
"careful consideration and must be set to a value under "
|
|
"8 EB (9223372036854775808).")),
|
|
cfg.StrOpt('user_storage_quota', default='0',
|
|
help=_("Set a system wide quota for every user. This value is "
|
|
"the total capacity that a user can use across "
|
|
"all storage systems. A value of 0 means unlimited."
|
|
"Optional unit can be specified for the value. Accepted "
|
|
"units are B, KB, MB, GB and TB representing "
|
|
"Bytes, KiloBytes, MegaBytes, GigaBytes and TeraBytes "
|
|
"respectively. If no unit is specified then Bytes is "
|
|
"assumed. Note that there should not be any space "
|
|
"between value and unit and units are case sensitive.")),
|
|
cfg.BoolOpt('enable_v1_api', default=True,
|
|
help=_("Deploy the v1 OpenStack Images API.")),
|
|
cfg.BoolOpt('enable_v2_api', default=True,
|
|
help=_("Deploy the v2 OpenStack Images API.")),
|
|
cfg.BoolOpt('enable_v3_api', default=False,
|
|
help=_("Deploy the v3 OpenStack Objects API."),
|
|
deprecated_for_removal=True),
|
|
cfg.BoolOpt('enable_v1_registry', default=True,
|
|
help=_("Deploy the v1 OpenStack Registry API.")),
|
|
cfg.BoolOpt('enable_v2_registry', default=True,
|
|
help=_("Deploy the v2 OpenStack Registry API.")),
|
|
cfg.StrOpt('pydev_worker_debug_host',
|
|
help=_('The hostname/IP of the pydev process listening for '
|
|
'debug connections')),
|
|
cfg.PortOpt('pydev_worker_debug_port', default=5678,
|
|
help=_('The port on which a pydev process is listening for '
|
|
'connections.')),
|
|
cfg.StrOpt('metadata_encryption_key', secret=True,
|
|
help=_('AES key for encrypting store \'location\' metadata. '
|
|
'This includes, if used, Swift or S3 credentials. '
|
|
'Should be set to a random string of length 16, 24 or '
|
|
'32 bytes')),
|
|
cfg.StrOpt('digest_algorithm', default='sha256',
|
|
help=_('Digest algorithm which will be used for digital '
|
|
'signature. Use the command "openssl list-message-'
|
|
'digest-algorithms" to get the available algorithms '
|
|
'supported by the version of OpenSSL on the platform.'
|
|
' Examples are "sha1", "sha256", "sha512", etc.')),
|
|
]
|
|
|
|
CONF = cfg.CONF
|
|
CONF.register_opts(paste_deploy_opts, group='paste_deploy')
|
|
CONF.register_opts(image_format_opts, group='image_format')
|
|
CONF.register_opts(task_opts, group='task')
|
|
CONF.register_opts(common_opts)
|
|
policy.Enforcer(CONF)
|
|
|
|
|
|
def parse_args(args=None, usage=None, default_config_files=None):
|
|
CONF(args=args,
|
|
project='glance',
|
|
version=version.cached_version_string(),
|
|
usage=usage,
|
|
default_config_files=default_config_files)
|
|
|
|
|
|
def parse_cache_args(args=None):
|
|
config_files = cfg.find_config_files(project='glance', prog='glance-cache')
|
|
parse_args(args=args, default_config_files=config_files)
|
|
|
|
|
|
def _get_deployment_flavor(flavor=None):
|
|
"""
|
|
Retrieve the paste_deploy.flavor config item, formatted appropriately
|
|
for appending to the application name.
|
|
|
|
:param flavor: if specified, use this setting rather than the
|
|
paste_deploy.flavor configuration setting
|
|
"""
|
|
if not flavor:
|
|
flavor = CONF.paste_deploy.flavor
|
|
return '' if not flavor else ('-' + flavor)
|
|
|
|
|
|
def _get_paste_config_path():
|
|
paste_suffix = '-paste.ini'
|
|
conf_suffix = '.conf'
|
|
if CONF.config_file:
|
|
# Assume paste config is in a paste.ini file corresponding
|
|
# to the last config file
|
|
path = CONF.config_file[-1].replace(conf_suffix, paste_suffix)
|
|
else:
|
|
path = CONF.prog + paste_suffix
|
|
return CONF.find_file(os.path.basename(path))
|
|
|
|
|
|
def _get_deployment_config_file():
|
|
"""
|
|
Retrieve the deployment_config_file config item, formatted as an
|
|
absolute pathname.
|
|
"""
|
|
path = CONF.paste_deploy.config_file
|
|
if not path:
|
|
path = _get_paste_config_path()
|
|
if not path:
|
|
msg = _("Unable to locate paste config file for %s.") % CONF.prog
|
|
raise RuntimeError(msg)
|
|
return os.path.abspath(path)
|
|
|
|
|
|
def load_paste_app(app_name, flavor=None, conf_file=None):
|
|
"""
|
|
Builds and returns a WSGI app from a paste config file.
|
|
|
|
We assume the last config file specified in the supplied ConfigOpts
|
|
object is the paste config file, if conf_file is None.
|
|
|
|
:param app_name: name of the application to load
|
|
:param flavor: name of the variant of the application to load
|
|
:param conf_file: path to the paste config file
|
|
|
|
:raises: RuntimeError when config file cannot be located or application
|
|
cannot be loaded from config file
|
|
"""
|
|
# append the deployment flavor to the application name,
|
|
# in order to identify the appropriate paste pipeline
|
|
app_name += _get_deployment_flavor(flavor)
|
|
|
|
if not conf_file:
|
|
conf_file = _get_deployment_config_file()
|
|
|
|
try:
|
|
logger = logging.getLogger(__name__)
|
|
logger.debug("Loading %(app_name)s from %(conf_file)s",
|
|
{'conf_file': conf_file, 'app_name': app_name})
|
|
|
|
app = deploy.loadapp("config:%s" % conf_file, name=app_name)
|
|
|
|
# Log the options used when starting if we're in debug mode...
|
|
if CONF.debug:
|
|
CONF.log_opt_values(logger, logging.DEBUG)
|
|
|
|
return app
|
|
except (LookupError, ImportError) as e:
|
|
msg = (_("Unable to load %(app_name)s from "
|
|
"configuration file %(conf_file)s."
|
|
"\nGot: %(e)r") % {'app_name': app_name,
|
|
'conf_file': conf_file,
|
|
'e': e})
|
|
logger.error(msg)
|
|
raise RuntimeError(msg)
|
|
|
|
|
|
def set_config_defaults():
|
|
"""This method updates all configuration default values."""
|
|
set_cors_middleware_defaults()
|
|
|
|
|
|
def set_cors_middleware_defaults():
|
|
"""Update default configuration options for oslo.middleware."""
|
|
# CORS Defaults
|
|
# TODO(krotscheck): Update with https://review.openstack.org/#/c/285368/
|
|
cfg.set_defaults(cors.CORS_OPTS,
|
|
allow_headers=['Content-MD5',
|
|
'X-Image-Meta-Checksum',
|
|
'X-Storage-Token',
|
|
'Accept-Encoding',
|
|
'X-Auth-Token',
|
|
'X-Identity-Status',
|
|
'X-Roles',
|
|
'X-Service-Catalog',
|
|
'X-User-Id',
|
|
'X-Tenant-Id',
|
|
'X-OpenStack-Request-ID'],
|
|
expose_headers=['X-Image-Meta-Checksum',
|
|
'X-Auth-Token',
|
|
'X-Subject-Token',
|
|
'X-Service-Token',
|
|
'X-OpenStack-Request-ID'],
|
|
allow_methods=['GET',
|
|
'PUT',
|
|
'POST',
|
|
'DELETE',
|
|
'PATCH']
|
|
)
|