5368af6302
Ensure that only the swift-proxy units and swift-storage peers have access to direct communication with swift storage daemons. Charm-helpers sync to include ufw module and the ingress_address and iter_units_for_relation_name functions. Please review and merge first: https://github.com/juju/charm-helpers/pull/35 Closes-Bug: #1727463 Change-Id: Id5677edbc40b0b891cbe66867d39d076a94c5436
185 lines
6.5 KiB
YAML
185 lines
6.5 KiB
YAML
options:
|
|
openstack-origin:
|
|
default: distro
|
|
type: string
|
|
description: |
|
|
Repository from which to install. May be one of the following:
|
|
distro (default), ppa:somecustom/ppa, a deb url sources entry,
|
|
or a supported Cloud Archive release pocket.
|
|
|
|
Supported Cloud Archive sources include:
|
|
|
|
cloud:<series>-<openstack-release>
|
|
cloud:<series>-<openstack-release>/updates
|
|
cloud:<series>-<openstack-release>/staging
|
|
cloud:<series>-<openstack-release>/proposed
|
|
|
|
For series=Precise we support cloud archives for openstack-release:
|
|
* icehouse
|
|
|
|
For series=Trusty we support cloud archives for openstack-release:
|
|
* juno
|
|
* kilo
|
|
* ...
|
|
|
|
NOTE: updating this setting to a source that is known to provide
|
|
a later version of OpenStack will trigger a software upgrade.
|
|
block-device:
|
|
default: sdb
|
|
type: string
|
|
description: |
|
|
Device to be used to back Swift storage. May be any valid block
|
|
device or a path and size to a local file (/path/to/file.img|$sizeG),
|
|
which will be created and used as a loopback device (for testing only).
|
|
Multiple devices may be specified as a space-separated list of devices.
|
|
If set to "guess", the charm will attempt to format and mount all extra
|
|
block devices (this is currently experimental and potentially dangerous).
|
|
overwrite:
|
|
default: "false"
|
|
type: string
|
|
description: |
|
|
If true, charm will attempt to unmount and overwrite existing and in-use
|
|
block-devices (WARNING).
|
|
zone:
|
|
default: 1
|
|
type: int
|
|
description: |
|
|
Swift storage zone to request membership. Relevant only when the
|
|
swift-proxy charm has been configured for manual zone assignment
|
|
(the default). This should be changed for every service unit.
|
|
object-server-port:
|
|
default: 6000
|
|
type: int
|
|
description: Listening port of the swift-object-server.
|
|
container-server-port:
|
|
default: 6001
|
|
type: int
|
|
description: Listening port of the swift-container-server.
|
|
account-server-port:
|
|
default: 6002
|
|
type: int
|
|
description: Listening port of the swift-account-server.
|
|
worker-multiplier:
|
|
default: 1.0
|
|
type: float
|
|
description: |
|
|
The CPU multiplier to use when configuring worker processes for the
|
|
account, container and object server processes.
|
|
object-server-threads-per-disk:
|
|
default: 4
|
|
type: int
|
|
description: |
|
|
Size of the per-disk thread pool used for performing disk I/O. 0 means
|
|
to not use a per-disk thread pool. It is recommended to keep this value
|
|
small, as large values can result in high read latencies due to large
|
|
queue depths. A good starting point is 4 threads per disk.
|
|
prefer-ipv6:
|
|
type: boolean
|
|
default: False
|
|
description: |
|
|
If True enables IPv6 support. The charm will expect network interfaces
|
|
to be configured with an IPv6 address. If set to False (default) IPv4
|
|
is expected.
|
|
|
|
NOTE: these charms do not currently support IPv6 privacy extension. In
|
|
order for this charm to function correctly, the privacy extension must be
|
|
disabled and a non-temporary address must be configured/available on
|
|
your network interface.
|
|
account-max-connections:
|
|
default: 2
|
|
type: int
|
|
description: |
|
|
Number of connections allowed to the account rsync stanza.
|
|
container-max-connections:
|
|
default: 2
|
|
type: int
|
|
description: |
|
|
Number of connections allowed to the container rsync stanza.
|
|
object-max-connections:
|
|
default: 2
|
|
type: int
|
|
description: |
|
|
Number of connections allowed to the object rsync stanza.
|
|
object-replicator-concurrency:
|
|
default: 1
|
|
type: int
|
|
description: |
|
|
Number of replication workers to spawn.
|
|
object-rsync-timeout:
|
|
default: 900
|
|
type: int
|
|
description: |
|
|
Max duration of a partition rsync (in seconds).
|
|
nagios-check-params:
|
|
default: "-m -r 60 180 10 20"
|
|
type: string
|
|
description: String appended to nagios check
|
|
nagios_context:
|
|
default: "juju"
|
|
type: string
|
|
description: |
|
|
Used by the nrpe-external-master subordinate charm.
|
|
A string that will be prepended to instance name to set the host name
|
|
in nagios. So for instance the hostname would be something like:
|
|
juju-myservice-0
|
|
If you're running multiple environments with the same services in them
|
|
this allows you to differentiate between them.
|
|
nagios_servicegroups:
|
|
default: ""
|
|
type: string
|
|
description: |
|
|
A comma-separated list of nagios servicegroups.
|
|
If left empty, the nagios_context will be used as the servicegroup
|
|
action-managed-upgrade:
|
|
type: boolean
|
|
default: False
|
|
description: |
|
|
If True enables openstack upgrades for this charm via juju actions.
|
|
You will still need to set openstack-origin to the new repository but
|
|
instead of an upgrade running automatically across all units, it will
|
|
wait for you to execute the openstack-upgrade action for this charm on
|
|
each unit. If False it will revert to existing behavior of upgrading
|
|
all units on config change.
|
|
harden:
|
|
default:
|
|
type: string
|
|
description: |
|
|
Apply system hardening. Supports a space-delimited list of modules
|
|
to run. Supported modules currently include os, ssh, apache and mysql.
|
|
sysctl:
|
|
type: string
|
|
default:
|
|
description: |
|
|
YAML formatted associative array of sysctl values, e.g.:
|
|
'{ kernel.pid_max : 4194303 }'
|
|
statsd-host:
|
|
default: ''
|
|
type: string
|
|
description: |
|
|
Enable statsd metrics to be sent to the specified host.
|
|
If this value is empty, statsd logging will be disabled.
|
|
statsd-port:
|
|
default: 3125
|
|
type: int
|
|
description: |
|
|
Destination port on the provided statsd host to send samples to.
|
|
Only takes effect if statsd-host is set.
|
|
statsd-sample-rate:
|
|
default: 1.0
|
|
type: float
|
|
description: |
|
|
Sample rate determines what percentage of the metric points a
|
|
client should send to the server.
|
|
Only takes effect if statsd-host is set.
|
|
allow-ufw-ip6-softfail:
|
|
description: |
|
|
When this option is set to True the charm will disable the IPv6
|
|
support in ufw in case ip6tables couldn't be activated, situations
|
|
where this could happen is in a LXC container running on top of a
|
|
host that doesn't have loaded the ip6_tables.
|
|
|
|
If this option is False (the default) and ip6_tables module couldn't
|
|
be loaded, the charm will fail to install.
|
|
type: boolean
|
|
default: False
|