charm-swift-storage/config.yaml

293 lines
11 KiB
YAML

options:
openstack-origin:
default: bobcat
type: string
description: |
Repository from which to install. May be one of the following:
distro (default), ppa:somecustom/ppa, a deb url sources entry,
or a supported Ubuntu Cloud Archive release pocket.
Supported Ubuntu Cloud Archive sources include:
cloud:<series>-<openstack-release>
cloud:<series>-<openstack-release>/updates
cloud:<series>-<openstack-release>/staging
cloud:<series>-<openstack-release>/proposed
NOTE: updating this setting to a source that is known to provide
a later version of OpenStack will trigger a software upgrade unless
the action-managed-upgrade configuration option is in play.
block-device:
default: sdb
type: string
description: |
Device to be used to back Swift storage. May be any valid block
device or a path and size to a local file (/path/to/file.img|$sizeG),
which will be created and used as a loopback device (for testing only).
Multiple devices may be specified as a space-separated list of devices.
If set to "guess", the charm will attempt to format and mount all extra
block devices (this is currently experimental and potentially dangerous).
overwrite:
default: "false"
type: string
description: |
If true, charm will attempt to unmount and overwrite existing and in-use
block-devices (WARNING).
ephemeral-unmount:
type: string
default:
description: |
Cloud instances provide ephermeral storage which is normally mounted
on /mnt.
.
Setting this option to the path of the ephemeral mountpoint will force
an unmount of the corresponding device so that it can be used as a swift
storage device. This is useful for testing purposes (cloud deployment
is not a typical use case).
zone:
default: 1
type: int
description: |
Swift storage zone to request membership. Relevant only when the
swift-proxy charm has been configured for manual zone assignment
(the default). This should be changed for every service unit.
object-server-port:
default: 6000
type: int
description: Listening port of the swift-object-server.
container-server-port:
default: 6001
type: int
description: Listening port of the swift-container-server.
account-server-port:
default: 6002
type: int
description: Listening port of the swift-account-server.
worker-multiplier:
default: 1.0
type: float
description: |
The CPU multiplier to use when configuring worker processes for the
account, container and object server processes.
object-server-threads-per-disk:
default: 4
type: int
description: |
Size of the per-disk thread pool used for performing disk I/O. 0 means
to not use a per-disk thread pool. It is recommended to keep this value
small, as large values can result in high read latencies due to large
queue depths. A good starting point is 4 threads per disk.
prefer-ipv6:
type: boolean
default: False
description: |
If True enables IPv6 support. The charm will expect network interfaces
to be configured with an IPv6 address. If set to False (default) IPv4
is expected.
NOTE: these charms do not currently support IPv6 privacy extension. In
order for this charm to function correctly, the privacy extension must be
disabled and a non-temporary address must be configured/available on
your network interface.
account-max-connections:
default: 2
type: int
description: |
Number of connections allowed to the account rsync stanza.
container-max-connections:
default: 2
type: int
description: |
Number of connections allowed to the container rsync stanza.
object-max-connections:
default: 2
type: int
description: |
Number of connections allowed to the object rsync stanza.
object-replicator-concurrency:
default: 1
type: int
description: |
Number of replication workers to spawn.
object-rsync-timeout:
default: 900
type: int
description: |
Max duration of a partition rsync (in seconds).
object-lockup-timeout:
default: 1800
type: int
description: |
Attempt to kill all workers if nothing replicates for this amount of seconds
Note: this will always be set to no less than 2*object-rsync-timeout.
object-handoffs-first:
type: boolean
default: False
description: |
If set to True, partitions that are not supposed to be on the node will
be replicated first. The default setting should not be changed, except
for extreme situations.
node-timeout:
default:
type: int
description: |
Timeout value used when copying account/container/object data between nodes.
file-allocation-reserve:
default: 0
type: int
description: |
Set the reserve space for the swift filesystem mounts.
If a disk has less than this amount of space (in bytes) free, writes
will be handed off to another disk in the ring.
nagios-check-params:
default: "-m -r 60 180 10 20"
type: string
description: String appended to nagios check
nagios-replication-check-params:
default: "replicated 15 2 1"
type: string
description: |
Space delimited parameters for check_swift_replicator_logs.sh.
search_pattern
interval_in_minutes
minimum_hits_before_warning
minimum_hits_before_critical
Default of "replicated 15 2 1" leads to warning alert when there
have not been at least 2 lines matching "replicated" in the last 15
minutes, and critical if there have been no matching lines in the
last 15 minutes.
Set to blank string "" to disable the check.
nagios_context:
default: "juju"
type: string
description: |
Used by the nrpe-external-master subordinate charm.
A string that will be prepended to instance name to set the host name
in nagios. So for instance the hostname would be something like:
juju-myservice-0
If you're running multiple environments with the same services in them
this allows you to differentiate between them.
nagios_servicegroups:
default: ""
type: string
description: |
A comma-separated list of nagios servicegroups.
If left empty, the nagios_context will be used as the servicegroup
action-managed-upgrade:
type: boolean
default: False
description: |
If True enables openstack upgrades for this charm via juju actions.
You will still need to set openstack-origin to the new repository but
instead of an upgrade running automatically across all units, it will
wait for you to execute the openstack-upgrade action for this charm on
each unit. If False it will revert to existing behavior of upgrading
all units on config change.
harden:
default:
type: string
description: |
Apply system hardening. Supports a space-delimited list of modules
to run. Supported modules currently include os, ssh, apache and mysql.
sysctl:
type: string
default: |
{ net.ipv4.neigh.default.gc_thresh1 : 128,
net.ipv4.neigh.default.gc_thresh2 : 28672,
net.ipv4.neigh.default.gc_thresh3 : 32768,
net.ipv6.neigh.default.gc_thresh1 : 128,
net.ipv6.neigh.default.gc_thresh2 : 28672,
net.ipv6.neigh.default.gc_thresh3 : 32768,
net.nf_conntrack_max : 1000000,
net.netfilter.nf_conntrack_buckets : 204800,
net.netfilter.nf_conntrack_max : 1000000 }
description: |
YAML formatted associative array of sysctl values, e.g.:
'{ kernel.pid_max : 4194303 }'
statsd-host:
default: ''
type: string
description: |
Enable statsd metrics to be sent to the specified host.
If this value is empty, statsd logging will be disabled.
statsd-port:
default: 3125
type: int
description: |
Destination port on the provided statsd host to send samples to.
Only takes effect if statsd-host is set.
statsd-sample-rate:
default: 1.0
type: float
description: |
Sample rate determines what percentage of the metric points a
client should send to the server.
Only takes effect if statsd-host is set.
enable-firewall:
type: boolean
default: True
description: |
By default the swift-storage charm will use the UFW firewall to
protect storage daemons. This option allows the administrator to
disable this feature.
allow-ufw-ip6-softfail:
description: |
When this option is set to True the charm will disable the IPv6
support in ufw in case ip6tables couldn't be activated, situations
where this could happen is in a LXC container running on top of a
host that doesn't have loaded the ip6_tables.
If this option is False (the default) and ip6_tables module couldn't
be loaded, the charm will fail to install.
type: boolean
default: False
encrypt:
default: false
type: boolean
description: |
Encrypt block devices used by swift using dm-crypt, making use of
vault for encryption key management; requires a relation to vault.
xfs-inode-size:
default:
type: int
description: |
XFS inode size to use for block devices;
The value must be between 256-2048.
If left unset or an invalid size is used,
the default mkfs.xfs value is selected.
storage-region:
default: 1
type: int
description: |
Swift storage region to request membership. Relevant only when the
swift-proxy charm has been configured with the Swift Global
Cluster feature.
object-server-port-rep:
default: 6010
type: int
description: Listening port of the swift-object-replicator server.
container-server-port-rep:
default: 6011
type: int
description: Listening port of the swift-container-replicator server.
account-server-port-rep:
default: 6012
type: int
description: Listening port of the swift-account-replicator server.
tune-watermark-scale-factor:
type: boolean
default: False
description: |
Whether to tune vm.watermark_scale_factor.
.
In some high memory pressure scenarios, a memory shortage may require
synchronous reclaim in order to allocate higher order pages.
Additionally in some cases the default vm.watermark_scale_factor sysctl value
yields a gap between min<->low<->high watermarks that is too small to
wake up kswapd (asynchronous reclaim) before synchronous reclaim is necessary.
This will fine-tune sysctl vm.watermark_scale_factor at runtime such that the
watermark gap is 1GB to wake kswapd earlier and alleviate issues arising
from this situation.
.
NOTE: Only affects baremetal hosts and kernels 4.15 and later.