# Copyright 2016 RIFT.IO Inc # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. [DEFAULT] # # From glance.api # # When true, this option sets the owner of an image to be the tenant. # Otherwise, the owner of the image will be the authenticated user # issuing the request. (boolean value) #owner_is_tenant = true # Role used to identify an authenticated user as administrator. # (string value) #admin_role = admin # Allow unauthenticated users to access the API with read-only # privileges. This only applies when using ContextMiddleware. (boolean # value) allow_anonymous_access = True # Limits request ID length. (integer value) #max_request_id_length = 64 # Public url to use for versions endpoint. The default is None, which # will use the request's host_url attribute to populate the URL base. # If Glance is operating behind a proxy, you will want to change this # to represent the proxy's URL. (string value) #public_endpoint = # Whether to allow users to specify image properties beyond what the # image schema provides (boolean value) #allow_additional_image_properties = true # Maximum number of image members per image. Negative values evaluate # to unlimited. (integer value) #image_member_quota = 128 # Maximum number of properties allowed on an image. Negative values # evaluate to unlimited. (integer value) #image_property_quota = 128 # Maximum number of tags allowed on an image. Negative values evaluate # to unlimited. (integer value) #image_tag_quota = 128 # Maximum number of locations allowed on an image. Negative values # evaluate to unlimited. (integer value) #image_location_quota = 10 # Python module path of data access API (string value) data_api = glance.db.sqlalchemy.api # Default value for the number of items returned by a request if not # specified explicitly in the request (integer value) #limit_param_default = 25 # Maximum permissible number of items that could be returned by a # request (integer value) #api_limit_max = 1000 # Whether to include the backend image storage location in image # properties. Revealing storage location can be a security risk, so # use this setting with caution! (boolean value) #show_image_direct_url = false # Whether to include the backend image locations in image properties. # For example, if using the file system store a URL of # "file:///path/to/image" will be returned to the user in the # 'direct_url' meta-data field. Revealing storage location can be a # security risk, so use this setting with caution! Setting this to # true overrides the show_image_direct_url option. (boolean value) #show_multiple_locations = false # Maximum size of image a user can upload in bytes. Defaults to # 1099511627776 bytes (1 TB).WARNING: this value should only be # increased after careful consideration and must be set to a value # under 8 EB (9223372036854775808). (integer value) # Maximum value: 9223372036854775808 #image_size_cap = 1099511627776 # Set a system wide quota for every user. This value is the total # capacity that a user can use across all storage systems. A value of # 0 means unlimited.Optional unit can be specified for the value. # Accepted units are B, KB, MB, GB and TB representing Bytes, # KiloBytes, MegaBytes, GigaBytes and TeraBytes respectively. If no # unit is specified then Bytes is assumed. Note that there should not # be any space between value and unit and units are case sensitive. # (string value) #user_storage_quota = 0 # Deploy the v1 OpenStack Images API. (boolean value) enable_v1_api = true # Deploy the v2 OpenStack Images API. (boolean value) enable_v2_api = true # Deploy the v1 OpenStack Registry API. (boolean value) enable_v1_registry = true # Deploy the v2 OpenStack Registry API. (boolean value) enable_v2_registry = true # The hostname/IP of the pydev process listening for debug connections # (string value) #pydev_worker_debug_host = # The port on which a pydev process is listening for connections. # (port value) # Minimum value: 0 # Maximum value: 65535 #pydev_worker_debug_port = 5678 # AES key for encrypting store 'location' metadata. This includes, if # used, Swift or S3 credentials. Should be set to a random string of # length 16, 24 or 32 bytes (string value) #metadata_encryption_key = # Digest algorithm which will be used for digital signature. Use the # command "openssl list-message-digest-algorithms" to get the # available algorithms supported by the version of OpenSSL on the # platform. Examples are "sha1", "sha256", "sha512", etc. (string # value) #digest_algorithm = sha256 # This value sets what strategy will be used to determine the image # location order. Currently two strategies are packaged with Glance # 'location_order' and 'store_type'. (string value) # Allowed values: location_order, store_type #location_strategy = location_order # The location of the property protection file.This file contains the # rules for property protections and the roles/policies associated # with it. If this config value is not specified, by default, property # protections won't be enforced. If a value is specified and the file # is not found, then the glance-api service will not start. (string # value) #property_protection_file = # This config value indicates whether "roles" or "policies" are used # in the property protection file. (string value) # Allowed values: roles, policies #property_protection_rule_format = roles # Modules of exceptions that are permitted to be recreated upon # receiving exception data from an rpc call. (list value) #allowed_rpc_exception_modules = glance.common.exception,builtins,exceptions # Address to bind the server. Useful when selecting a particular # network interface. (string value) bind_host = 127.0.0.1 # The port on which the server will listen. (port value) # Minimum value: 0 # Maximum value: 65535 bind_port = 9292 # The number of child process workers that will be created to service # requests. The default will be equal to the number of CPUs available. # (integer value) workers = 1 # Maximum line size of message headers to be accepted. max_header_line # may need to be increased when using large tokens (typically those # generated by the Keystone v3 API with big service catalogs (integer # value) #max_header_line = 16384 # If False, server will return the header "Connection: close", If # True, server will return "Connection: Keep-Alive" in its responses. # In order to close the client socket connection explicitly after the # response is sent and read successfully by the client, you simply # have to set this option to False when you create a wsgi server. # (boolean value) #http_keepalive = true # Timeout for client connections' socket operations. If an incoming # connection is idle for this number of seconds it will be closed. A # value of '0' means wait forever. (integer value) #client_socket_timeout = 900 # The backlog value that will be used when creating the TCP listener # socket. (integer value) #backlog = 4096 # The value for the socket option TCP_KEEPIDLE. This is the time in # seconds that the connection must be idle before TCP starts sending # keepalive probes. (integer value) #tcp_keepidle = 600 # CA certificate file to use to verify connecting clients. (string # value) #ca_file = # Certificate file to use when starting API server securely. (string # value) #cert_file = # Private key file to use when starting API server securely. (string # value) #key_file = # The path to the sqlite file database that will be used for image # cache management. (string value) #image_cache_sqlite_db = cache.db # The driver to use for image cache management. (string value) #image_cache_driver = sqlite # The upper limit (the maximum size of accumulated cache in bytes) # beyond which the cache pruner, if running, starts cleaning the image # cache. (integer value) #image_cache_max_size = 10737418240 # The amount of time to let an incomplete image remain in the cache, # before the cache cleaner, if running, will remove the incomplete # image. (integer value) #image_cache_stall_time = 86400 # Base directory that the image cache uses. (string value) image_cache_dir = {RIFT_VAR_ROOT}/glance/image-cache/ # Default publisher_id for outgoing notifications. (string value) #default_publisher_id = image.localhost # List of disabled notifications. A notification can be given either # as a notification type to disable a single event, or as a # notification group prefix to disable all events within a group. # Example: if this config option is set to ["image.create", # "metadef_namespace"], then "image.create" notification will not be # sent after image is created and none of the notifications for # metadefinition namespaces will be sent. (list value) #disabled_notifications = # Address to find the registry server. (string value) registry_host = 0.0.0.0 # Port the registry server is listening on. (port value) # Minimum value: 0 # Maximum value: 65535 registry_port = 9191 # Whether to pass through the user token when making requests to the # registry. To prevent failures with token expiration during big files # upload, it is recommended to set this parameter to False.If # "use_user_token" is not in effect, then admin credentials can be # specified. (boolean value) # This option is deprecated for removal. # Its value may be silently ignored in the future. # Reason: This option was considered harmful and has been deprecated # in M release. It will be removed in O release. For more information # read OSSN-0060. Related functionality with uploading big images has # been implemented with Keystone trusts support. #use_user_token = true # The administrators user name. If "use_user_token" is not in effect, # then admin credentials can be specified. (string value) # This option is deprecated for removal. # Its value may be silently ignored in the future. # Reason: This option was considered harmful and has been deprecated # in M release. It will be removed in O release. For more information # read OSSN-0060. Related functionality with uploading big images has # been implemented with Keystone trusts support. #admin_user = # The administrators password. If "use_user_token" is not in effect, # then admin credentials can be specified. (string value) # This option is deprecated for removal. # Its value may be silently ignored in the future. # Reason: This option was considered harmful and has been deprecated # in M release. It will be removed in O release. For more information # read OSSN-0060. Related functionality with uploading big images has # been implemented with Keystone trusts support. #admin_password = # The tenant name of the administrative user. If "use_user_token" is # not in effect, then admin tenant name can be specified. (string # value) # This option is deprecated for removal. # Its value may be silently ignored in the future. # Reason: This option was considered harmful and has been deprecated # in M release. It will be removed in O release. For more information # read OSSN-0060. Related functionality with uploading big images has # been implemented with Keystone trusts support. #admin_tenant_name = # The URL to the keystone service. If "use_user_token" is not in # effect and using keystone auth, then URL of keystone can be # specified. (string value) # This option is deprecated for removal. # Its value may be silently ignored in the future. # Reason: This option was considered harmful and has been deprecated # in M release. It will be removed in O release. For more information # read OSSN-0060. Related functionality with uploading big images has # been implemented with Keystone trusts support. #auth_url = # The strategy to use for authentication. If "use_user_token" is not # in effect, then auth strategy can be specified. (string value) # This option is deprecated for removal. # Its value may be silently ignored in the future. # Reason: This option was considered harmful and has been deprecated # in M release. It will be removed in O release. For more information # read OSSN-0060. Related functionality with uploading big images has # been implemented with Keystone trusts support. #auth_strategy = noauth # The region for the authentication service. If "use_user_token" is # not in effect and using keystone auth, then region name can be # specified. (string value) # This option is deprecated for removal. # Its value may be silently ignored in the future. # Reason: This option was considered harmful and has been deprecated # in M release. It will be removed in O release. For more information # read OSSN-0060. Related functionality with uploading big images has # been implemented with Keystone trusts support. #auth_region = # The protocol to use for communication with the registry server. # Either http or https. (string value) #registry_client_protocol = http # The path to the key file to use in SSL connections to the registry # server, if any. Alternately, you may set the GLANCE_CLIENT_KEY_FILE # environment variable to a filepath of the key file (string value) #registry_client_key_file = # The path to the cert file to use in SSL connections to the registry # server, if any. Alternately, you may set the GLANCE_CLIENT_CERT_FILE # environment variable to a filepath of the CA cert file (string # value) #registry_client_cert_file = # The path to the certifying authority cert file to use in SSL # connections to the registry server, if any. Alternately, you may set # the GLANCE_CLIENT_CA_FILE environment variable to a filepath of the # CA cert file. (string value) #registry_client_ca_file = # When using SSL in connections to the registry server, do not require # validation via a certifying authority. This is the registry's # equivalent of specifying --insecure on the command line using # glanceclient for the API. (boolean value) #registry_client_insecure = false # The period of time, in seconds, that the API server will wait for a # registry request to complete. A value of 0 implies no timeout. # (integer value) #registry_client_timeout = 600 # Whether to pass through headers containing user and tenant # information when making requests to the registry. This allows the # registry to use the context middleware without keystonemiddleware's # auth_token middleware, removing calls to the keystone auth service. # It is recommended that when using this option, secure communication # between glance api and glance registry is ensured by means other # than auth_token middleware. (boolean value) #send_identity_headers = false # The amount of time in seconds to delay before performing a delete. # (integer value) #scrub_time = 0 # The size of thread pool to be used for scrubbing images. The default # is one, which signifies serial scrubbing. Any value above one # indicates the max number of images that may be scrubbed in parallel. # (integer value) #scrub_pool_size = 1 # Turn on/off delayed delete. (boolean value) #delayed_delete = false # # From oslo.log # # If set to true, the logging level will be set to DEBUG instead of # the default INFO level. (boolean value) debug = True # If set to false, the logging level will be set to WARNING instead of # the default INFO level. (boolean value) # This option is deprecated for removal. # Its value may be silently ignored in the future. verbose = True # The name of a logging configuration file. This file is appended to # any existing logging configuration files. For details about logging # configuration files, see the Python logging module documentation. # Note that when logging configuration files are used then all logging # configuration is set in the configuration file and other logging # configuration options are ignored (for example, # logging_context_format_string). (string value) # Deprecated group/name - [DEFAULT]/log_config #log_config_append = # Defines the format string for %%(asctime)s in log records. Default: # %(default)s . This option is ignored if log_config_append is set. # (string value) #log_date_format = %Y-%m-%d %H:%M:%S # (Optional) Name of log file to send logging output to. If no default # is set, logging will go to stderr as defined by use_stderr. This # option is ignored if log_config_append is set. (string value) # Deprecated group/name - [DEFAULT]/logfile log_file = {RIFT_VAR_ROOT}/log/glance/glance-api.log # (Optional) The base directory used for relative log_file paths. # This option is ignored if log_config_append is set. (string value) # Deprecated group/name - [DEFAULT]/logdir #log_dir = # Uses logging handler designed to watch file system. When log file is # moved or removed this handler will open a new log file with # specified path instantaneously. It makes sense only if log_file # option is specified and Linux platform is used. This option is # ignored if log_config_append is set. (boolean value) #watch_log_file = false # Use syslog for logging. Existing syslog format is DEPRECATED and # will be changed later to honor RFC5424. This option is ignored if # log_config_append is set. (boolean value) #use_syslog = false # Syslog facility to receive log lines. This option is ignored if # log_config_append is set. (string value) #syslog_log_facility = LOG_USER # Log output to standard error. This option is ignored if # log_config_append is set. (boolean value) #use_stderr = true # Format string to use for log messages with context. (string value) #logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s # Format string to use for log messages when context is undefined. # (string value) #logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s # Additional data to append to log message when logging level for the # message is DEBUG. (string value) #logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d # Prefix each line of exception output with this format. (string # value) #logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s # Defines the format string for %(user_identity)s that is used in # logging_context_format_string. (string value) #logging_user_identity_format = %(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s # List of package logging levels in logger=LEVEL pairs. This option is # ignored if log_config_append is set. (list value) #default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN,keystoneauth=WARN,oslo.cache=INFO,dogpile.core.dogpile=INFO # Enables or disables publication of error events. (boolean value) #publish_errors = false # The format for an instance that is passed with the log message. # (string value) #instance_format = "[instance: %(uuid)s] " # The format for an instance UUID that is passed with the log message. # (string value) #instance_uuid_format = "[instance: %(uuid)s] " # Enables or disables fatal status of deprecations. (boolean value) #fatal_deprecations = false # # From oslo.messaging # # Size of RPC connection pool. (integer value) # Deprecated group/name - [DEFAULT]/rpc_conn_pool_size #rpc_conn_pool_size = 30 # ZeroMQ bind address. Should be a wildcard (*), an ethernet # interface, or IP. The "host" option should point or resolve to this # address. (string value) #rpc_zmq_bind_address = * # MatchMaker driver. (string value) # Allowed values: redis, dummy #rpc_zmq_matchmaker = redis # Type of concurrency used. Either "native" or "eventlet" (string # value) #rpc_zmq_concurrency = eventlet # Number of ZeroMQ contexts, defaults to 1. (integer value) #rpc_zmq_contexts = 1 # Maximum number of ingress messages to locally buffer per topic. # Default is unlimited. (integer value) #rpc_zmq_topic_backlog = # Directory for holding IPC sockets. (string value) #rpc_zmq_ipc_dir = /var/run/openstack # Name of this node. Must be a valid hostname, FQDN, or IP address. # Must match "host" option, if running Nova. (string value) #rpc_zmq_host = localhost # Seconds to wait before a cast expires (TTL). The default value of -1 # specifies an infinite linger period. The value of 0 specifies no # linger period. Pending messages shall be discarded immediately when # the socket is closed. Only supported by impl_zmq. (integer value) #rpc_cast_timeout = -1 # The default number of seconds that poll should wait. Poll raises # timeout exception when timeout expired. (integer value) #rpc_poll_timeout = 1 # Expiration timeout in seconds of a name service record about # existing target ( < 0 means no timeout). (integer value) #zmq_target_expire = 120 # Use PUB/SUB pattern for fanout methods. PUB/SUB always uses proxy. # (boolean value) #use_pub_sub = true # Minimal port number for random ports range. (port value) # Minimum value: 0 # Maximum value: 65535 #rpc_zmq_min_port = 49152 # Maximal port number for random ports range. (integer value) # Minimum value: 1 # Maximum value: 65536 #rpc_zmq_max_port = 65536 # Number of retries to find free port number before fail with # ZMQBindError. (integer value) #rpc_zmq_bind_port_retries = 100 # Size of executor thread pool. (integer value) # Deprecated group/name - [DEFAULT]/rpc_thread_pool_size #executor_thread_pool_size = 64 # Seconds to wait for a response from a call. (integer value) #rpc_response_timeout = 60 # A URL representing the messaging driver to use and its full # configuration. If not set, we fall back to the rpc_backend option # and driver specific configuration. (string value) #transport_url = # The messaging driver to use, defaults to rabbit. Other drivers # include amqp and zmq. (string value) #rpc_backend = rabbit # The default exchange under which topics are scoped. May be # overridden by an exchange name specified in the transport_url # option. (string value) #control_exchange = openstack [cors] # # From oslo.middleware.cors # # Indicate whether this resource may be shared with the domain # received in the requests "origin" header. (list value) #allowed_origin = # Indicate that the actual request can include user credentials # (boolean value) #allow_credentials = true # Indicate which headers are safe to expose to the API. Defaults to # HTTP Simple Headers. (list value) #expose_headers = X-Image-Meta-Checksum,X-Auth-Token,X-Subject-Token,X-Service-Token,X-OpenStack-Request-ID # Maximum cache age of CORS preflight requests. (integer value) #max_age = 3600 # Indicate which methods can be used during the actual request. (list # value) #allow_methods = GET,PUT,POST,DELETE,PATCH # Indicate which header field names may be used during the actual # request. (list value) #allow_headers = Content-MD5,X-Image-Meta-Checksum,X-Storage-Token,Accept-Encoding,X-Auth-Token,X-Identity-Status,X-Roles,X-Service-Catalog,X-User-Id,X-Tenant-Id,X-OpenStack-Request-ID [cors.subdomain] # # From oslo.middleware.cors # # Indicate whether this resource may be shared with the domain # received in the requests "origin" header. (list value) #allowed_origin = # Indicate that the actual request can include user credentials # (boolean value) #allow_credentials = true # Indicate which headers are safe to expose to the API. Defaults to # HTTP Simple Headers. (list value) #expose_headers = X-Image-Meta-Checksum,X-Auth-Token,X-Subject-Token,X-Service-Token,X-OpenStack-Request-ID # Maximum cache age of CORS preflight requests. (integer value) #max_age = 3600 # Indicate which methods can be used during the actual request. (list # value) #allow_methods = GET,PUT,POST,DELETE,PATCH # Indicate which header field names may be used during the actual # request. (list value) #allow_headers = Content-MD5,X-Image-Meta-Checksum,X-Storage-Token,Accept-Encoding,X-Auth-Token,X-Identity-Status,X-Roles,X-Service-Catalog,X-User-Id,X-Tenant-Id,X-OpenStack-Request-ID [database] # # From oslo.db # # The file name to use with SQLite. (string value) # Deprecated group/name - [DEFAULT]/sqlite_db sqlite_db = {RIFT_VAR_ROOT}/glance/glance-api.db # If True, SQLite uses synchronous mode. (boolean value) # Deprecated group/name - [DEFAULT]/sqlite_synchronous #sqlite_synchronous = true # The back end to use for the database. (string value) # Deprecated group/name - [DEFAULT]/db_backend backend = sqlalchemy # The SQLAlchemy connection string to use to connect to the database. # (string value) # Deprecated group/name - [DEFAULT]/sql_connection # Deprecated group/name - [DATABASE]/sql_connection # Deprecated group/name - [sql]/connection #connection = # The SQLAlchemy connection string to use to connect to the slave # database. (string value) #slave_connection = # The SQL mode to be used for MySQL sessions. This option, including # the default, overrides any server-set SQL mode. To use whatever SQL # mode is set by the server configuration, set this to no value. # Example: mysql_sql_mode= (string value) #mysql_sql_mode = TRADITIONAL # Timeout before idle SQL connections are reaped. (integer value) # Deprecated group/name - [DEFAULT]/sql_idle_timeout # Deprecated group/name - [DATABASE]/sql_idle_timeout # Deprecated group/name - [sql]/idle_timeout idle_timeout = 3600 # Minimum number of SQL connections to keep open in a pool. (integer # value) # Deprecated group/name - [DEFAULT]/sql_min_pool_size # Deprecated group/name - [DATABASE]/sql_min_pool_size #min_pool_size = 1 # Maximum number of SQL connections to keep open in a pool. (integer # value) # Deprecated group/name - [DEFAULT]/sql_max_pool_size # Deprecated group/name - [DATABASE]/sql_max_pool_size #max_pool_size = # Maximum number of database connection retries during startup. Set to # -1 to specify an infinite retry count. (integer value) # Deprecated group/name - [DEFAULT]/sql_max_retries # Deprecated group/name - [DATABASE]/sql_max_retries #max_retries = 10 # Interval between retries of opening a SQL connection. (integer # value) # Deprecated group/name - [DEFAULT]/sql_retry_interval # Deprecated group/name - [DATABASE]/reconnect_interval #retry_interval = 10 # If set, use this value for max_overflow with SQLAlchemy. (integer # value) # Deprecated group/name - [DEFAULT]/sql_max_overflow # Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow #max_overflow = 50 # Verbosity of SQL debugging information: 0=None, 100=Everything. # (integer value) # Deprecated group/name - [DEFAULT]/sql_connection_debug #connection_debug = 0 # Add Python stack traces to SQL as comment strings. (boolean value) # Deprecated group/name - [DEFAULT]/sql_connection_trace #connection_trace = false # If set, use this value for pool_timeout with SQLAlchemy. (integer # value) # Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout #pool_timeout = # Enable the experimental use of database reconnect on connection # lost. (boolean value) #use_db_reconnect = false # Seconds between retries of a database transaction. (integer value) #db_retry_interval = 1 # If True, increases the interval between retries of a database # operation up to db_max_retry_interval. (boolean value) #db_inc_retry_interval = true # If db_inc_retry_interval is set, the maximum seconds between retries # of a database operation. (integer value) #db_max_retry_interval = 10 # Maximum retries in case of connection error or deadlock error before # error is raised. Set to -1 to specify an infinite retry count. # (integer value) #db_max_retries = 20 # # From oslo.db.concurrency # # Enable the experimental use of thread pooling for all DB API calls # (boolean value) # Deprecated group/name - [DEFAULT]/dbapi_use_tpool #use_tpool = false [glance_store] # # From glance.store # # List of stores enabled. Valid stores are: cinder, file, http, rbd, # sheepdog, swift, s3, vsphere (list value) stores = file,http # Default scheme to use to store image data. The scheme must be # registered by one of the stores defined by the 'stores' config # option. (string value) default_store = file # Minimum interval seconds to execute updating dynamic storage # capabilities based on backend status then. It's not a periodic # routine, the update logic will be executed only when interval # seconds elapsed and an operation of store has triggered. The feature # will be enabled only when the option value greater then zero. # (integer value) #store_capabilities_update_min_interval = 0 # Specify the path to the CA bundle file to use in verifying the # remote server certificate. (string value) #https_ca_certificates_file = # If true, the remote server certificate is not verified. If false, # then the default CA truststore is used for verification. This option # is ignored if "https_ca_certificates_file" is set. (boolean value) #https_insecure = true # Specify the http/https proxy information that should be used to # connect to the remote server. The proxy information should be a key # value pair of the scheme and proxy. e.g. http:10.0.0.1:3128. You can # specify proxies for multiple schemes by seperating the key value # pairs with a comma.e.g. http:10.0.0.1:3128, https:10.0.0.1:1080. # (dict value) #http_proxy_information = # If True, swiftclient won't check for a valid SSL certificate when # authenticating. (boolean value) #swift_store_auth_insecure = false # A string giving the CA certificate file to use in SSL connections # for verifying certs. (string value) #swift_store_cacert = # The region of the swift endpoint to be used for single tenant. This # setting is only necessary if the tenant has multiple swift # endpoints. (string value) #swift_store_region = # If set, the configured endpoint will be used. If None, the storage # url from the auth response will be used. (string value) #swift_store_endpoint = # A string giving the endpoint type of the swift service to use # (publicURL, adminURL or internalURL). This setting is only used if # swift_store_auth_version is 2. (string value) #swift_store_endpoint_type = publicURL # A string giving the service type of the swift service to use. This # setting is only used if swift_store_auth_version is 2. (string # value) #swift_store_service_type = object-store # Container within the account that the account should use for storing # images in Swift when using single container mode. In multiple # container mode, this will be the prefix for all containers. (string # value) #swift_store_container = glance # The size, in MB, that Glance will start chunking image files and do # a large object manifest in Swift. (integer value) #swift_store_large_object_size = 5120 # The amount of data written to a temporary disk buffer during the # process of chunking the image file. (integer value) #swift_store_large_object_chunk_size = 200 # A boolean value that determines if we create the container if it # does not exist. (boolean value) #swift_store_create_container_on_put = false # If set to True, enables multi-tenant storage mode which causes # Glance images to be stored in tenant specific Swift accounts. # (boolean value) #swift_store_multi_tenant = false # When set to 0, a single-tenant store will only use one container to # store all images. When set to an integer value between 1 and 32, a # single-tenant store will use multiple containers to store images, # and this value will determine how many containers are created.Used # only when swift_store_multi_tenant is disabled. The total number of # containers that will be used is equal to 16^N, so if this config # option is set to 2, then 16^2=256 containers will be used to store # images. (integer value) #swift_store_multiple_containers_seed = 0 # A list of tenants that will be granted read/write access on all # Swift containers created by Glance in multi-tenant mode. (list # value) #swift_store_admin_tenants = # If set to False, disables SSL layer compression of https swift # requests. Setting to False may improve performance for images which # are already in a compressed format, eg qcow2. (boolean value) #swift_store_ssl_compression = true # The number of times a Swift download will be retried before the # request fails. (integer value) #swift_store_retry_get_count = 0 # The period of time (in seconds) before token expirationwhen # glance_store will try to reques new user token. Default value 60 sec # means that if token is going to expire in 1 min then glance_store # request new user token. (integer value) #swift_store_expire_soon_interval = 60 # If set to True create a trust for each add/get request to Multi- # tenant store in order to prevent authentication token to be expired # during uploading/downloading data. If set to False then user token # is used for Swift connection (so no overhead on trust creation). # Please note that this option is considered only and only if # swift_store_multi_tenant=True (boolean value) #swift_store_use_trusts = true # The reference to the default swift account/backing store parameters # to use for adding new images. (string value) #default_swift_reference = ref1 # Version of the authentication service to use. Valid versions are 2 # and 3 for keystone and 1 (deprecated) for swauth and rackspace. # (deprecated - use "auth_version" in swift_store_config_file) (string # value) #swift_store_auth_version = 2 # The address where the Swift authentication service is listening. # (deprecated - use "auth_address" in swift_store_config_file) (string # value) #swift_store_auth_address = # The user to authenticate against the Swift authentication service # (deprecated - use "user" in swift_store_config_file) (string value) #swift_store_user = # Auth key for the user authenticating against the Swift # authentication service. (deprecated - use "key" in # swift_store_config_file) (string value) #swift_store_key = # The config file that has the swift account(s)configs. (string value) #swift_store_config_file = # RADOS images will be chunked into objects of this size (in # megabytes). For best performance, this should be a power of two. # (integer value) #rbd_store_chunk_size = 8 # RADOS pool in which images are stored. (string value) #rbd_store_pool = images # RADOS user to authenticate as (only applicable if using Cephx. If # , a default will be chosen based on the client. section in # rbd_store_ceph_conf) (string value) #rbd_store_user = # Ceph configuration file path. If , librados will locate the # default config. If using cephx authentication, this file should # include a reference to the right keyring in a client. section # (string value) #rbd_store_ceph_conf = /etc/ceph/ceph.conf # Timeout value (in seconds) used when connecting to ceph cluster. If # value <= 0, no timeout is set and default librados value is used. # (integer value) #rados_connect_timeout = 0 # Info to match when looking for cinder in the service catalog. Format # is : separated values of the form: # :: (string value) #cinder_catalog_info = volumev2::publicURL # Override service catalog lookup with template for cinder endpoint # e.g. http://localhost:8776/v2/%(tenant)s (string value) #cinder_endpoint_template = # Region name of this node. If specified, it will be used to locate # OpenStack services for stores. (string value) # Deprecated group/name - [DEFAULT]/os_region_name #cinder_os_region_name = # Location of ca certicates file to use for cinder client requests. # (string value) #cinder_ca_certificates_file = # Number of cinderclient retries on failed http calls (integer value) #cinder_http_retries = 3 # Time period of time in seconds to wait for a cinder volume # transition to complete. (integer value) #cinder_state_transition_timeout = 300 # Allow to perform insecure SSL requests to cinder (boolean value) #cinder_api_insecure = false # The address where the Cinder authentication service is listening. If # , the cinder endpoint in the service catalog is used. (string # value) #cinder_store_auth_address = # User name to authenticate against Cinder. If , the user of # current context is used. (string value) #cinder_store_user_name = # Password for the user authenticating against Cinder. If , the # current context auth token is used. (string value) #cinder_store_password = # Project name where the image is stored in Cinder. If , the # project in current context is used. (string value) #cinder_store_project_name = # Path to the rootwrap configuration file to use for running commands # as root. (string value) #rootwrap_config = /etc/glance/rootwrap.conf # The host where the S3 server is listening. (string value) #s3_store_host = # The S3 query token access key. (string value) #s3_store_access_key = # The S3 query token secret key. (string value) #s3_store_secret_key = # The S3 bucket to be used to store the Glance data. (string value) #s3_store_bucket = # The local directory where uploads will be staged before they are # transferred into S3. (string value) #s3_store_object_buffer_dir = # A boolean to determine if the S3 bucket should be created on upload # if it does not exist or if an error should be returned to the user. # (boolean value) #s3_store_create_bucket_on_put = false # The S3 calling format used to determine the bucket. Either subdomain # or path can be used. (string value) #s3_store_bucket_url_format = subdomain # What size, in MB, should S3 start chunking image files and do a # multipart upload in S3. (integer value) #s3_store_large_object_size = 100 # What multipart upload part size, in MB, should S3 use when uploading # parts. The size must be greater than or equal to 5M. (integer value) #s3_store_large_object_chunk_size = 10 # The number of thread pools to perform a multipart upload in S3. # (integer value) #s3_store_thread_pools = 10 # Enable the use of a proxy. (boolean value) #s3_store_enable_proxy = false # Address or hostname for the proxy server. (string value) #s3_store_proxy_host = # The port to use when connecting over a proxy. (integer value) #s3_store_proxy_port = 8080 # The username to connect to the proxy. (string value) #s3_store_proxy_user = # The password to use when connecting over a proxy. (string value) #s3_store_proxy_password = # Images will be chunked into objects of this size (in megabytes). For # best performance, this should be a power of two. (integer value) #sheepdog_store_chunk_size = 64 # Port of sheep daemon. (integer value) #sheepdog_store_port = 7000 # IP address of sheep daemon. (string value) #sheepdog_store_address = localhost # Directory to which the Filesystem backend store writes images. # (string value) filesystem_store_datadir = {RIFT_VAR_ROOT}/glance/images/ # List of directories and its priorities to which the Filesystem # backend store writes images. (multi valued) #filesystem_store_datadirs = # The path to a file which contains the metadata to be returned with # any location associated with this store. The file must contain a # valid JSON object. The object should contain the keys 'id' and # 'mountpoint'. The value for both keys should be 'string'. (string # value) #filesystem_store_metadata_file = # The required permission for created image file. In this way the user # other service used, e.g. Nova, who consumes the image could be the # exclusive member of the group that owns the files created. Assigning # it less then or equal to zero means don't change the default # permission of the file. This value will be decoded as an octal # digit. (integer value) #filesystem_store_file_perm = 0 # ESX/ESXi or vCenter Server target system. The server value can be an # IP address or a DNS name. (string value) #vmware_server_host = # Username for authenticating with VMware ESX/VC server. (string # value) #vmware_server_username = # Password for authenticating with VMware ESX/VC server. (string # value) #vmware_server_password = # Number of times VMware ESX/VC server API must be retried upon # connection related issues. (integer value) #vmware_api_retry_count = 10 # The interval used for polling remote tasks invoked on VMware ESX/VC # server. (integer value) #vmware_task_poll_interval = 5 # The name of the directory where the glance images will be stored in # the VMware datastore. (string value) #vmware_store_image_dir = /openstack_glance # If true, the ESX/vCenter server certificate is not verified. If # false, then the default CA truststore is used for verification. This # option is ignored if "vmware_ca_file" is set. (boolean value) # Deprecated group/name - [DEFAULT]/vmware_api_insecure #vmware_insecure = false # Specify a CA bundle file to use in verifying the ESX/vCenter server # certificate. (string value) #vmware_ca_file = # A list of datastores where the image can be stored. This option may # be specified multiple times for specifying multiple datastores. The # datastore name should be specified after its datacenter path, # seperated by ":". An optional weight may be given after the # datastore name, seperated again by ":". Thus, the required format # becomes ::. When # adding an image, the datastore with highest weight will be selected, # unless there is not enough free space available in cases where the # image size is already known. If no weight is given, it is assumed to # be zero and the directory will be considered for selection last. If # multiple datastores have the same weight, then the one with the most # free space available is selected. (multi valued) #vmware_datastores = [image_format] # # From glance.api # # Supported values for the 'container_format' image attribute (list # value) # Deprecated group/name - [DEFAULT]/container_formats container_formats = ami,ari,aki,bare,ovf,ova,docker # Supported values for the 'disk_format' image attribute (list value) # Deprecated group/name - [DEFAULT]/disk_formats disk_formats = ami,ari,aki,vhd,vmdk,raw,qcow2,vdi,iso [keystone_authtoken] # # From keystonemiddleware.auth_token # # Complete public Identity API endpoint. (string value) #auth_uri = # API version of the admin Identity API endpoint. (string value) #auth_version = # Do not handle authorization requests within the middleware, but # delegate the authorization decision to downstream WSGI components. # (boolean value) #delay_auth_decision = false # Request timeout value for communicating with Identity API server. # (integer value) #http_connect_timeout = # How many times are we trying to reconnect when communicating with # Identity API Server. (integer value) #http_request_max_retries = 3 # Env key for the swift cache. (string value) #cache = # Required if identity server requires client certificate (string # value) #certfile = # Required if identity server requires client certificate (string # value) #keyfile = # A PEM encoded Certificate Authority to use when verifying HTTPs # connections. Defaults to system CAs. (string value) #cafile = # Verify HTTPS connections. (boolean value) #insecure = false # The region in which the identity server can be found. (string value) #region_name = # Directory used to cache files related to PKI tokens. (string value) #signing_dir = # Optionally specify a list of memcached server(s) to use for caching. # If left undefined, tokens will instead be cached in-process. (list # value) # Deprecated group/name - [DEFAULT]/memcache_servers #memcached_servers = # In order to prevent excessive effort spent validating tokens, the # middleware caches previously-seen tokens for a configurable duration # (in seconds). Set to -1 to disable caching completely. (integer # value) #token_cache_time = 300 # Determines the frequency at which the list of revoked tokens is # retrieved from the Identity service (in seconds). A high number of # revocation events combined with a low cache duration may # significantly reduce performance. (integer value) #revocation_cache_time = 10 # (Optional) If defined, indicate whether token data should be # authenticated or authenticated and encrypted. If MAC, token data is # authenticated (with HMAC) in the cache. If ENCRYPT, token data is # encrypted and authenticated in the cache. If the value is not one of # these options or empty, auth_token will raise an exception on # initialization. (string value) # Allowed values: None, MAC, ENCRYPT #memcache_security_strategy = None # (Optional, mandatory if memcache_security_strategy is defined) This # string is used for key derivation. (string value) #memcache_secret_key = # (Optional) Number of seconds memcached server is considered dead # before it is tried again. (integer value) #memcache_pool_dead_retry = 300 # (Optional) Maximum total number of open connections to every # memcached server. (integer value) #memcache_pool_maxsize = 10 # (Optional) Socket timeout in seconds for communicating with a # memcached server. (integer value) #memcache_pool_socket_timeout = 3 # (Optional) Number of seconds a connection to memcached is held # unused in the pool before it is closed. (integer value) #memcache_pool_unused_timeout = 60 # (Optional) Number of seconds that an operation will wait to get a # memcached client connection from the pool. (integer value) #memcache_pool_conn_get_timeout = 10 # (Optional) Use the advanced (eventlet safe) memcached client pool. # The advanced pool will only work under python 2.x. (boolean value) #memcache_use_advanced_pool = false # (Optional) Indicate whether to set the X-Service-Catalog header. If # False, middleware will not ask for service catalog on token # validation and will not set the X-Service-Catalog header. (boolean # value) #include_service_catalog = true # Used to control the use and type of token binding. Can be set to: # "disabled" to not check token binding. "permissive" (default) to # validate binding information if the bind type is of a form known to # the server and ignore it if not. "strict" like "permissive" but if # the bind type is unknown the token will be rejected. "required" any # form of token binding is needed to be allowed. Finally the name of a # binding method that must be present in tokens. (string value) #enforce_token_bind = permissive # If true, the revocation list will be checked for cached tokens. This # requires that PKI tokens are configured on the identity server. # (boolean value) #check_revocations_for_cached = false # Hash algorithms to use for hashing PKI tokens. This may be a single # algorithm or multiple. The algorithms are those supported by Python # standard hashlib.new(). The hashes will be tried in the order given, # so put the preferred one first for performance. The result of the # first hash will be stored in the cache. This will typically be set # to multiple values only while migrating from a less secure algorithm # to a more secure one. Once all the old tokens are expired this # option should be set to a single value for better performance. (list # value) #hash_algorithms = md5 # Authentication type to load (unknown value) # Deprecated group/name - [DEFAULT]/auth_plugin #auth_type = # Config Section from which to load plugin specific options (unknown # value) #auth_section = [matchmaker_redis] # # From oslo.messaging # # Host to locate redis. (string value) #host = 127.0.0.1 # Use this port to connect to redis host. (port value) # Minimum value: 0 # Maximum value: 65535 #port = 6379 # Password for Redis server (optional). (string value) #password = # List of Redis Sentinel hosts (fault tolerance mode) e.g. # [host:port, host1:port ... ] (list value) #sentinel_hosts = # Redis replica set name. (string value) #sentinel_group_name = oslo-messaging-zeromq # Time in ms to wait between connection attempts. (integer value) #wait_timeout = 500 # Time in ms to wait before the transaction is killed. (integer value) #check_timeout = 20000 # Timeout in ms on blocking socket operations (integer value) #socket_timeout = 1000 [oslo_concurrency] # # From oslo.concurrency # # Enables or disables inter-process locks. (boolean value) # Deprecated group/name - [DEFAULT]/disable_process_locking #disable_process_locking = false # Directory to use for lock files. For security, the specified # directory should only be writable by the user running the processes # that need locking. Defaults to environment variable OSLO_LOCK_PATH. # If external locks are used, a lock path must be set. (string value) # Deprecated group/name - [DEFAULT]/lock_path #lock_path = [oslo_messaging_amqp] # # From oslo.messaging # # address prefix used when sending to a specific server (string value) # Deprecated group/name - [amqp1]/server_request_prefix #server_request_prefix = exclusive # address prefix used when broadcasting to all servers (string value) # Deprecated group/name - [amqp1]/broadcast_prefix #broadcast_prefix = broadcast # address prefix when sending to any server in group (string value) # Deprecated group/name - [amqp1]/group_request_prefix #group_request_prefix = unicast # Name for the AMQP container (string value) # Deprecated group/name - [amqp1]/container_name #container_name = # Timeout for inactive connections (in seconds) (integer value) # Deprecated group/name - [amqp1]/idle_timeout #idle_timeout = 0 # Debug: dump AMQP frames to stdout (boolean value) # Deprecated group/name - [amqp1]/trace #trace = false # CA certificate PEM file to verify server certificate (string value) # Deprecated group/name - [amqp1]/ssl_ca_file #ssl_ca_file = # Identifying certificate PEM file to present to clients (string # value) # Deprecated group/name - [amqp1]/ssl_cert_file #ssl_cert_file = # Private key PEM file used to sign cert_file certificate (string # value) # Deprecated group/name - [amqp1]/ssl_key_file #ssl_key_file = # Password for decrypting ssl_key_file (if encrypted) (string value) # Deprecated group/name - [amqp1]/ssl_key_password #ssl_key_password = # Accept clients using either SSL or plain TCP (boolean value) # Deprecated group/name - [amqp1]/allow_insecure_clients #allow_insecure_clients = false # Space separated list of acceptable SASL mechanisms (string value) # Deprecated group/name - [amqp1]/sasl_mechanisms #sasl_mechanisms = # Path to directory that contains the SASL configuration (string # value) # Deprecated group/name - [amqp1]/sasl_config_dir #sasl_config_dir = # Name of configuration file (without .conf suffix) (string value) # Deprecated group/name - [amqp1]/sasl_config_name #sasl_config_name = # User name for message broker authentication (string value) # Deprecated group/name - [amqp1]/username #username = # Password for message broker authentication (string value) # Deprecated group/name - [amqp1]/password #password = [oslo_messaging_notifications] # # From oslo.messaging # # The Drivers(s) to handle sending notifications. Possible values are # messaging, messagingv2, routing, log, test, noop (multi valued) # Deprecated group/name - [DEFAULT]/notification_driver #driver = # A URL representing the messaging driver to use for notifications. If # not set, we fall back to the same configuration used for RPC. # (string value) # Deprecated group/name - [DEFAULT]/notification_transport_url #transport_url = # AMQP topic used for OpenStack notifications. (list value) # Deprecated group/name - [rpc_notifier2]/topics # Deprecated group/name - [DEFAULT]/notification_topics #topics = notifications [oslo_messaging_rabbit] # # From oslo.messaging # # Use durable queues in AMQP. (boolean value) # Deprecated group/name - [DEFAULT]/amqp_durable_queues # Deprecated group/name - [DEFAULT]/rabbit_durable_queues #amqp_durable_queues = false # Auto-delete queues in AMQP. (boolean value) # Deprecated group/name - [DEFAULT]/amqp_auto_delete #amqp_auto_delete = false # SSL version to use (valid only if SSL enabled). Valid values are # TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be # available on some distributions. (string value) # Deprecated group/name - [DEFAULT]/kombu_ssl_version #kombu_ssl_version = # SSL key file (valid only if SSL enabled). (string value) # Deprecated group/name - [DEFAULT]/kombu_ssl_keyfile #kombu_ssl_keyfile = # SSL cert file (valid only if SSL enabled). (string value) # Deprecated group/name - [DEFAULT]/kombu_ssl_certfile #kombu_ssl_certfile = # SSL certification authority file (valid only if SSL enabled). # (string value) # Deprecated group/name - [DEFAULT]/kombu_ssl_ca_certs #kombu_ssl_ca_certs = # How long to wait before reconnecting in response to an AMQP consumer # cancel notification. (floating point value) # Deprecated group/name - [DEFAULT]/kombu_reconnect_delay #kombu_reconnect_delay = 1.0 # EXPERIMENTAL: Possible values are: gzip, bz2. If not set compression # will not be used. This option may notbe available in future # versions. (string value) #kombu_compression = # How long to wait a missing client beforce abandoning to send it its # replies. This value should not be longer than rpc_response_timeout. # (integer value) # Deprecated group/name - [DEFAULT]/kombu_reconnect_timeout #kombu_missing_consumer_retry_timeout = 60 # Determines how the next RabbitMQ node is chosen in case the one we # are currently connected to becomes unavailable. Takes effect only if # more than one RabbitMQ node is provided in config. (string value) # Allowed values: round-robin, shuffle #kombu_failover_strategy = round-robin # The RabbitMQ broker address where a single node is used. (string # value) # Deprecated group/name - [DEFAULT]/rabbit_host #rabbit_host = localhost # The RabbitMQ broker port where a single node is used. (port value) # Minimum value: 0 # Maximum value: 65535 # Deprecated group/name - [DEFAULT]/rabbit_port #rabbit_port = 5672 # RabbitMQ HA cluster host:port pairs. (list value) # Deprecated group/name - [DEFAULT]/rabbit_hosts #rabbit_hosts = $rabbit_host:$rabbit_port # Connect over SSL for RabbitMQ. (boolean value) # Deprecated group/name - [DEFAULT]/rabbit_use_ssl #rabbit_use_ssl = false # The RabbitMQ userid. (string value) # Deprecated group/name - [DEFAULT]/rabbit_userid #rabbit_userid = guest # The RabbitMQ password. (string value) # Deprecated group/name - [DEFAULT]/rabbit_password #rabbit_password = guest # The RabbitMQ login method. (string value) # Deprecated group/name - [DEFAULT]/rabbit_login_method #rabbit_login_method = AMQPLAIN # The RabbitMQ virtual host. (string value) # Deprecated group/name - [DEFAULT]/rabbit_virtual_host #rabbit_virtual_host = / # How frequently to retry connecting with RabbitMQ. (integer value) #rabbit_retry_interval = 1 # How long to backoff for between retries when connecting to RabbitMQ. # (integer value) # Deprecated group/name - [DEFAULT]/rabbit_retry_backoff #rabbit_retry_backoff = 2 # Maximum interval of RabbitMQ connection retries. Default is 30 # seconds. (integer value) #rabbit_interval_max = 30 # Maximum number of RabbitMQ connection retries. Default is 0 # (infinite retry count). (integer value) # Deprecated group/name - [DEFAULT]/rabbit_max_retries #rabbit_max_retries = 0 # Try to use HA queues in RabbitMQ (x-ha-policy: all). If you change # this option, you must wipe the RabbitMQ database. In RabbitMQ 3.0, # queue mirroring is no longer controlled by the x-ha-policy argument # when declaring a queue. If you just want to make sure that all # queues (except those with auto-generated names) are mirrored across # all nodes, run: "rabbitmqctl set_policy HA '^(?!amq\.).*' '{"ha- # mode": "all"}' " (boolean value) # Deprecated group/name - [DEFAULT]/rabbit_ha_queues #rabbit_ha_queues = false # Positive integer representing duration in seconds for queue TTL # (x-expires). Queues which are unused for the duration of the TTL are # automatically deleted. The parameter affects only reply and fanout # queues. (integer value) # Minimum value: 1 #rabbit_transient_queues_ttl = 600 # Specifies the number of messages to prefetch. Setting to zero allows # unlimited messages. (integer value) #rabbit_qos_prefetch_count = 0 # Number of seconds after which the Rabbit broker is considered down # if heartbeat's keep-alive fails (0 disable the heartbeat). # EXPERIMENTAL (integer value) #heartbeat_timeout_threshold = 60 # How often times during the heartbeat_timeout_threshold we check the # heartbeat. (integer value) #heartbeat_rate = 2 # Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake # (boolean value) # Deprecated group/name - [DEFAULT]/fake_rabbit #fake_rabbit = false # Maximum number of channels to allow (integer value) #channel_max = # The maximum byte size for an AMQP frame (integer value) #frame_max = # How often to send heartbeats for consumer's connections (integer # value) #heartbeat_interval = 1 # Enable SSL (boolean value) #ssl = # Arguments passed to ssl.wrap_socket (dict value) #ssl_options = # Set socket timeout in seconds for connection's socket (floating # point value) #socket_timeout = 0.25 # Set TCP_USER_TIMEOUT in seconds for connection's socket (floating # point value) #tcp_user_timeout = 0.25 # Set delay for reconnection to some host which has connection error # (floating point value) #host_connection_reconnect_delay = 0.25 # Maximum number of connections to keep queued. (integer value) #pool_max_size = 10 # Maximum number of connections to create above `pool_max_size`. # (integer value) #pool_max_overflow = 0 # Default number of seconds to wait for a connections to available # (integer value) #pool_timeout = 30 # Lifetime of a connection (since creation) in seconds or None for no # recycling. Expired connections are closed on acquire. (integer # value) #pool_recycle = 600 # Threshold at which inactive (since release) connections are # considered stale in seconds or None for no staleness. Stale # connections are closed on acquire. (integer value) #pool_stale = 60 # Persist notification messages. (boolean value) #notification_persistence = false # Exchange name for for sending notifications (string value) #default_notification_exchange = ${control_exchange}_notification # Max number of not acknowledged message which RabbitMQ can send to # notification listener. (integer value) #notification_listener_prefetch_count = 100 # Reconnecting retry count in case of connectivity problem during # sending notification, -1 means infinite retry. (integer value) #default_notification_retry_attempts = -1 # Reconnecting retry delay in case of connectivity problem during # sending notification message (floating point value) #notification_retry_delay = 0.25 # Time to live for rpc queues without consumers in seconds. (integer # value) #rpc_queue_expiration = 60 # Exchange name for sending RPC messages (string value) #default_rpc_exchange = ${control_exchange}_rpc # Exchange name for receiving RPC replies (string value) #rpc_reply_exchange = ${control_exchange}_rpc_reply # Max number of not acknowledged message which RabbitMQ can send to # rpc listener. (integer value) #rpc_listener_prefetch_count = 100 # Max number of not acknowledged message which RabbitMQ can send to # rpc reply listener. (integer value) #rpc_reply_listener_prefetch_count = 100 # Reconnecting retry count in case of connectivity problem during # sending reply. -1 means infinite retry during rpc_timeout (integer # value) #rpc_reply_retry_attempts = -1 # Reconnecting retry delay in case of connectivity problem during # sending reply. (floating point value) #rpc_reply_retry_delay = 0.25 # Reconnecting retry count in case of connectivity problem during # sending RPC message, -1 means infinite retry. If actual retry # attempts in not 0 the rpc request could be processed more then one # time (integer value) #default_rpc_retry_attempts = -1 # Reconnecting retry delay in case of connectivity problem during # sending RPC message (floating point value) #rpc_retry_delay = 0.25 [oslo_policy] # # From oslo.policy # # The JSON file that defines policies. (string value) # Deprecated group/name - [DEFAULT]/policy_file #policy_file = policy.json # Default rule. Enforced when a requested rule is not found. (string # value) # Deprecated group/name - [DEFAULT]/policy_default_rule #policy_default_rule = default # Directories where policy configuration files are stored. They can be # relative to any directory in the search path defined by the # config_dir option, or absolute paths. The file defined by # policy_file must exist for these directories to be searched. # Missing or empty directories are ignored. (multi valued) # Deprecated group/name - [DEFAULT]/policy_dirs #policy_dirs = policy.d [paste_deploy] # # From glance.api # # Partial name of a pipeline in your paste configuration file with the # service name removed. For example, if your paste section name is # [pipeline:glance-api-keystone] use the value "keystone" (string # value) flavor = # Name of the paste configuration file. (string value) config_file = {RIFT_INSTALL}/etc/glance/glance-api-paste.ini [profiler] # # From glance.api # # If False fully disable profiling feature. (boolean value) #enabled = false # If False doesn't trace SQL requests. (boolean value) #trace_sqlalchemy = false # Secret key to use to sign Glance API and Glance Registry services # tracing messages. (string value) #hmac_keys = SECRET_KEY [store_type_location_strategy] # # From glance.api # # The store names to use to get store preference order. The name must # be registered by one of the stores defined by the 'stores' config # option. This option will be applied when you using 'store_type' # option as image location strategy defined by the 'location_strategy' # config option. (list value) #store_type_preference = [task] # # From glance.api # # Time in hours for which a task lives after, either succeeding or # failing (integer value) # Deprecated group/name - [DEFAULT]/task_time_to_live #task_time_to_live = 48 # Specifies which task executor to be used to run the task scripts. # (string value) #task_executor = taskflow # Work dir for asynchronous task operations. The directory set here # will be used to operate over images - normally before they are # imported in the destination store. When providing work dir, make # sure enough space is provided for concurrent tasks to run # efficiently without running out of space. A rough estimation can be # done by multiplying the number of `max_workers` - or the N of # workers running - by an average image size (e.g 500MB). The image # size estimation should be done based on the average size in your # deployment. Note that depending on the tasks running you may need to # multiply this number by some factor depending on what the task does. # For example, you may want to double the available size if image # conversion is enabled. All this being said, remember these are just # estimations and you should do them based on the worst case scenario # and be prepared to act in case they were wrong. (string value) #work_dir = [taskflow_executor] # # From glance.api # # The mode in which the engine will run. Can be 'serial' or # 'parallel'. (string value) # Allowed values: serial, parallel #engine_mode = parallel # The number of parallel activities executed at the same time by the # engine. The value can be greater than one when the engine mode is # 'parallel'. (integer value) # Deprecated group/name - [task]/eventlet_executor_pool_size #max_workers = 10