b7197041fe
Since we can now configure Keystone's auth_token middleware using our own config files, we should ship our example config to show how this is done. This moves the auth_* variables out of glance-api-paste.ini and glance-registry-paste.ini into glance-api.conf and glance-registry.conf. Fixes bug 1043490 Change-Id: Ibdaf8b2ef0f55e5e892fbd1b994dceb323f07c7b
77 lines
2.4 KiB
Plaintext
77 lines
2.4 KiB
Plaintext
[DEFAULT]
|
|
# Show more verbose log output (sets INFO log level output)
|
|
verbose = True
|
|
|
|
# Show debugging output in logs (sets DEBUG log level output)
|
|
debug = False
|
|
|
|
# Address to bind the registry server
|
|
bind_host = 0.0.0.0
|
|
|
|
# Port the bind the registry server to
|
|
bind_port = 9191
|
|
|
|
# Log to this file. Make sure you do not set the same log
|
|
# file for both the API and registry servers!
|
|
log_file = /var/log/glance/registry.log
|
|
|
|
# Backlog requests when creating socket
|
|
backlog = 4096
|
|
|
|
# TCP_KEEPIDLE value in seconds when creating socket.
|
|
# Not supported on OS X.
|
|
# tcp_keepidle = 600
|
|
|
|
# SQLAlchemy connection string for the reference implementation
|
|
# registry server. Any valid SQLAlchemy connection string is fine.
|
|
# See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine
|
|
sql_connection = sqlite:///glance.sqlite
|
|
|
|
# Period in seconds after which SQLAlchemy should reestablish its connection
|
|
# to the database.
|
|
#
|
|
# MySQL uses a default `wait_timeout` of 8 hours, after which it will drop
|
|
# idle connections. This can result in 'MySQL Gone Away' exceptions. If you
|
|
# notice this, you can lower this value to ensure that SQLAlchemy reconnects
|
|
# before MySQL can drop the connection.
|
|
sql_idle_timeout = 3600
|
|
|
|
# Limit the api to return `param_limit_max` items in a call to a container. If
|
|
# a larger `limit` query param is provided, it will be reduced to this value.
|
|
api_limit_max = 1000
|
|
|
|
# If a `limit` query param is not provided in an api request, it will
|
|
# default to `limit_param_default`
|
|
limit_param_default = 25
|
|
|
|
# Role used to identify an authenticated user as administrator
|
|
#admin_role = admin
|
|
|
|
# ================= Syslog Options ============================
|
|
|
|
# Send logs to syslog (/dev/log) instead of to file specified
|
|
# by `log_file`
|
|
use_syslog = False
|
|
|
|
# Facility to use. If unset defaults to LOG_USER.
|
|
# syslog_log_facility = LOG_LOCAL1
|
|
|
|
# ================= SSL Options ===============================
|
|
|
|
# Certificate file to use when starting registry server securely
|
|
# cert_file = /path/to/certfile
|
|
|
|
# Private key file to use when starting registry server securely
|
|
# key_file = /path/to/keyfile
|
|
|
|
# CA certificate file to use to verify connecting clients
|
|
# ca_file = /path/to/cafile
|
|
|
|
[keystone_authtoken]
|
|
auth_host = 127.0.0.1
|
|
auth_port = 35357
|
|
auth_protocol = http
|
|
admin_tenant_name = %SERVICE_TENANT_NAME%
|
|
admin_user = %SERVICE_USER%
|
|
admin_password = %SERVICE_PASSWORD%
|