Merge "Avoid usability regression when generating config"
This commit is contained in:
Jenkins
Gerrit Code Review
commit
f428567ec0
@ -132,12 +132,19 @@ common_opts = [
|
||||
'caution!')),
|
||||
cfg.BoolOpt('show_multiple_locations', default=False,
|
||||
help=_('Whether to include the backend image locations '
|
||||
'in image properties. Revealing storage location can '
|
||||
'in image properties. '
|
||||
'For example, if using the file system store a URL of '
|
||||
'"file:///path/to/image" will be returned to the user '
|
||||
'in the \'direct_url\' meta-data field. '
|
||||
'Revealing storage location can '
|
||||
'be a security risk, so use this setting with '
|
||||
'caution! The overrides show_image_direct_url.')),
|
||||
cfg.IntOpt('image_size_cap', default=1099511627776,
|
||||
help=_("Maximum size of image a user can upload in bytes. "
|
||||
"Defaults to 1099511627776 bytes (1 TB).")),
|
||||
"Defaults to 1099511627776 bytes (1 TB)."
|
||||
"WARNING: this value should only be increased after "
|
||||
"careful consideration and must be set to a value under "
|
||||
"8 EB (9223372036854775808).")),
|
||||
cfg.StrOpt('user_storage_quota', default='0',
|
||||
help=_("Set a system wide quota for every user. This value is "
|
||||
"the total capacity that a user can use across "
|
||||
@ -163,8 +170,10 @@ common_opts = [
|
||||
help=_('The port on which a pydev process is listening for '
|
||||
'connections.')),
|
||||
cfg.StrOpt('metadata_encryption_key', secret=True,
|
||||
help=_('Key used for encrypting sensitive metadata while '
|
||||
'talking to the registry or database.')),
|
||||
help=_('AES key for encrypting store \'location\' metadata. '
|
||||
'This includes, if used, Swift or S3 credentials. '
|
||||
'Should be set to a random string of length 16, 24 or '
|
||||
'32 bytes')),
|
||||
cfg.StrOpt('digest_algorithm', default='sha1',
|
||||
help=_('Digest algorithm which will be used for digital '
|
||||
'signature; the default is sha1 the default in Kilo '
|
||||
|
||||
@ -36,7 +36,13 @@ _LE = i18n._LE
|
||||
|
||||
property_opts = [
|
||||
cfg.StrOpt('property_protection_file',
|
||||
help=_('The location of the property protection file.')),
|
||||
help=_('The location of the property protection file.'
|
||||
'This file contains the rules for property protections '
|
||||
'and the roles/policies associated with it. If this '
|
||||
'config value is not specified, by default, property '
|
||||
'protections won\'t be enforced. If a value is '
|
||||
'specified and the file is not found, then the '
|
||||
'glance-api service will not start.')),
|
||||
cfg.StrOpt('property_protection_rule_format',
|
||||
default='roles',
|
||||
help=_('This config value indicates whether "roles" or '
|
||||
|
||||
@ -91,8 +91,14 @@ eventlet_opts = [
|
||||
'large tokens (typically those generated by the '
|
||||
'Keystone v3 API with big service catalogs')),
|
||||
cfg.BoolOpt('http_keepalive', default=True,
|
||||
help=_('If False, closes the client socket connection '
|
||||
'explicitly.')),
|
||||
help=_('If False, server will return the header '
|
||||
'"Connection: close", '
|
||||
'If True, server will return "Connection: Keep-Alive" '
|
||||
'in its responses. In order to close the client socket '
|
||||
'connection explicitly after the response is sent and '
|
||||
'read successfully by the client, you simply have to '
|
||||
'set this option to False when you create a wsgi '
|
||||
'server.')),
|
||||
]
|
||||
|
||||
profiler_opts = [
|
||||
|
||||
@ -25,17 +25,26 @@ registry_client_opts = [
|
||||
'registry server. Either http or https.')),
|
||||
cfg.StrOpt('registry_client_key_file',
|
||||
help=_('The path to the key file to use in SSL connections '
|
||||
'to the registry server.')),
|
||||
'to the registry server, if any. Alternately, you may '
|
||||
'set the GLANCE_CLIENT_KEY_FILE environment variable to '
|
||||
'a filepath of the key file')),
|
||||
cfg.StrOpt('registry_client_cert_file',
|
||||
help=_('The path to the cert file to use in SSL connections '
|
||||
'to the registry server.')),
|
||||
'to the registry server, if any. Alternately, you may '
|
||||
'set the GLANCE_CLIENT_CERT_FILE environment variable '
|
||||
'to a filepath of the CA cert file')),
|
||||
cfg.StrOpt('registry_client_ca_file',
|
||||
help=_('The path to the certifying authority cert file to '
|
||||
'use in SSL connections to the registry server.')),
|
||||
help=_('The path to the certifying authority cert file to use '
|
||||
'in SSL connections to the registry server, if any. '
|
||||
'Alternately, you may set the GLANCE_CLIENT_CA_FILE '
|
||||
'environment variable to a filepath of the CA cert '
|
||||
'file.')),
|
||||
cfg.BoolOpt('registry_client_insecure', default=False,
|
||||
help=_('When using SSL in connections to the registry server, '
|
||||
'do not require validation via a certifying '
|
||||
'authority.')),
|
||||
'authority. This is the registry\'s equivalent of '
|
||||
'specifying --insecure on the command line using '
|
||||
'glanceclient for the API.')),
|
||||
cfg.IntOpt('registry_client_timeout', default=600,
|
||||
help=_('The period of time, in seconds, that the API server '
|
||||
'will wait for a registry request to complete. A '
|
||||
|
||||
Loading…
Reference in New Issue
Block a user