[DEFAULT] # # From ironic_inspector # # IP to listen on. (string value) # Deprecated group/name - [discoverd]/listen_address #listen_address = 0.0.0.0 # Port to listen on. (integer value) # Deprecated group/name - [discoverd]/listen_port #listen_port = 5050 # Authentication method used on the ironic-inspector API. Either # "noauth" or "keystone" are currently valid options. "noauth" will # disable all authentication. (string value) # Allowed values: keystone, noauth #auth_strategy = keystone # DEPRECATED: use auth_strategy. (boolean value) # Deprecated group/name - [discoverd]/authenticate # This option is deprecated for removal. # Its value may be silently ignored in the future. #authenticate = # Timeout after which introspection is considered failed, set to 0 to # disable. (integer value) # Deprecated group/name - [discoverd]/timeout #timeout = 3600 # For how much time (in seconds) to keep status information about # nodes after introspection was finished for them. Default value is 1 # week. (integer value) # Deprecated group/name - [discoverd]/node_status_keep_time #node_status_keep_time = 604800 # Amount of time in seconds, after which repeat clean up of timed out # nodes and old nodes status information. (integer value) # Deprecated group/name - [discoverd]/clean_up_period #clean_up_period = 60 # SSL Enabled/Disabled (boolean value) #use_ssl = false # Path to SSL certificate (string value) #ssl_cert_path = # Path to SSL key (string value) #ssl_key_path = # The green thread pool size. (integer value) #max_concurrency = 1000 # Delay (in seconds) between two introspections. (integer value) #introspection_delay = 5 # Only node with drivers matching this regular expression will be # affected by introspection_delay setting. (string value) #introspection_delay_drivers = ^.*_ssh$ # Ironic driver_info fields that are equivalent to ipmi_address. (list # value) #ipmi_address_fields = ilo_address,drac_host,cimc_address # Path to the rootwrap configuration file to use for running commands # as root (string value) #rootwrap_config = /etc/ironic-inspector/rootwrap.conf # # From oslo.log # # If set to true, the logging level will be set to DEBUG instead of # the default INFO level. (boolean value) #debug = false # If set to false, the logging level will be set to WARNING instead of # the default INFO level. (boolean value) # This option is deprecated for removal. # Its value may be silently ignored in the future. #verbose = true # The name of a logging configuration file. This file is appended to # any existing logging configuration files. For details about logging # configuration files, see the Python logging module documentation. # Note that when logging configuration files are used all logging # configuration is defined in the configuration file and other logging # configuration options are ignored (for example, log_format). (string # value) # Deprecated group/name - [DEFAULT]/log_config #log_config_append = # DEPRECATED. A logging.Formatter log message format string which may # use any of the available logging.LogRecord attributes. This option # is deprecated. Please use logging_context_format_string and # logging_default_format_string instead. This option is ignored if # log_config_append is set. (string value) #log_format = # Defines the format string for %%(asctime)s in log records. Default: # %(default)s . This option is ignored if log_config_append is set. # (string value) #log_date_format = %Y-%m-%d %H:%M:%S # (Optional) Name of log file to send logging output to. If no default # is set, logging will go to stderr as defined by use_stderr. This # option is ignored if log_config_append is set. (string value) # Deprecated group/name - [DEFAULT]/logfile #log_file = # (Optional) The base directory used for relative log_file paths. # This option is ignored if log_config_append is set. (string value) # Deprecated group/name - [DEFAULT]/logdir #log_dir = # Uses logging handler designed to watch file system. When log file is # moved or removed this handler will open a new log file with # specified path instantaneously. It makes sense only if log_file # option is specified and Linux platform is used. This option is # ignored if log_config_append is set. (boolean value) #watch_log_file = false # Use syslog for logging. Existing syslog format is DEPRECATED and # will be changed later to honor RFC5424. This option is ignored if # log_config_append is set. (boolean value) #use_syslog = false # Enables or disables syslog rfc5424 format for logging. If enabled, # prefixes the MSG part of the syslog message with APP-NAME (RFC5424). # The format without the APP-NAME is deprecated in Kilo, and will be # removed in Mitaka, along with this option. This option is ignored if # log_config_append is set. (boolean value) # This option is deprecated for removal. # Its value may be silently ignored in the future. #use_syslog_rfc_format = true # Syslog facility to receive log lines. This option is ignored if # log_config_append is set. (string value) #syslog_log_facility = LOG_USER # Log output to standard error. This option is ignored if # log_config_append is set. (boolean value) #use_stderr = true # Format string to use for log messages with context. (string value) #logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s # Format string to use for log messages when context is undefined. # (string value) #logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s # Additional data to append to log message when logging level for the # message is DEBUG. (string value) #logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d # Prefix each line of exception output with this format. (string # value) #logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s # Defines the format string for %(user_identity)s that is used in # logging_context_format_string. (string value) #logging_user_identity_format = %(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s # List of package logging levels in logger=LEVEL pairs. This option is # ignored if log_config_append is set. (list value) #default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN,keystoneauth=WARN # Enables or disables publication of error events. (boolean value) #publish_errors = false # The format for an instance that is passed with the log message. # (string value) #instance_format = "[instance: %(uuid)s] " # The format for an instance UUID that is passed with the log message. # (string value) #instance_uuid_format = "[instance: %(uuid)s] " # Enables or disables fatal status of deprecations. (boolean value) #fatal_deprecations = false [database] # # From oslo.db # # The file name to use with SQLite. (string value) # Deprecated group/name - [DEFAULT]/sqlite_db #sqlite_db = oslo.sqlite # If True, SQLite uses synchronous mode. (boolean value) # Deprecated group/name - [DEFAULT]/sqlite_synchronous #sqlite_synchronous = true # The back end to use for the database. (string value) # Deprecated group/name - [DEFAULT]/db_backend #backend = sqlalchemy # The SQLAlchemy connection string to use to connect to the database. # (string value) # Deprecated group/name - [DEFAULT]/sql_connection # Deprecated group/name - [DATABASE]/sql_connection # Deprecated group/name - [sql]/connection #connection = # The SQLAlchemy connection string to use to connect to the slave # database. (string value) #slave_connection = # The SQL mode to be used for MySQL sessions. This option, including # the default, overrides any server-set SQL mode. To use whatever SQL # mode is set by the server configuration, set this to no value. # Example: mysql_sql_mode= (string value) #mysql_sql_mode = TRADITIONAL # Timeout before idle SQL connections are reaped. (integer value) # Deprecated group/name - [DEFAULT]/sql_idle_timeout # Deprecated group/name - [DATABASE]/sql_idle_timeout # Deprecated group/name - [sql]/idle_timeout #idle_timeout = 3600 # Minimum number of SQL connections to keep open in a pool. (integer # value) # Deprecated group/name - [DEFAULT]/sql_min_pool_size # Deprecated group/name - [DATABASE]/sql_min_pool_size #min_pool_size = 1 # Maximum number of SQL connections to keep open in a pool. (integer # value) # Deprecated group/name - [DEFAULT]/sql_max_pool_size # Deprecated group/name - [DATABASE]/sql_max_pool_size #max_pool_size = # Maximum number of database connection retries during startup. Set to # -1 to specify an infinite retry count. (integer value) # Deprecated group/name - [DEFAULT]/sql_max_retries # Deprecated group/name - [DATABASE]/sql_max_retries #max_retries = 10 # Interval between retries of opening a SQL connection. (integer # value) # Deprecated group/name - [DEFAULT]/sql_retry_interval # Deprecated group/name - [DATABASE]/reconnect_interval #retry_interval = 10 # If set, use this value for max_overflow with SQLAlchemy. (integer # value) # Deprecated group/name - [DEFAULT]/sql_max_overflow # Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow #max_overflow = # Verbosity of SQL debugging information: 0=None, 100=Everything. # (integer value) # Deprecated group/name - [DEFAULT]/sql_connection_debug #connection_debug = 0 # Add Python stack traces to SQL as comment strings. (boolean value) # Deprecated group/name - [DEFAULT]/sql_connection_trace #connection_trace = false # If set, use this value for pool_timeout with SQLAlchemy. (integer # value) # Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout #pool_timeout = # Enable the experimental use of database reconnect on connection # lost. (boolean value) #use_db_reconnect = false # Seconds between retries of a database transaction. (integer value) #db_retry_interval = 1 # If True, increases the interval between retries of a database # operation up to db_max_retry_interval. (boolean value) #db_inc_retry_interval = true # If db_inc_retry_interval is set, the maximum seconds between retries # of a database operation. (integer value) #db_max_retry_interval = 10 # Maximum retries in case of connection error or deadlock error before # error is raised. Set to -1 to specify an infinite retry count. # (integer value) #db_max_retries = 20 [discoverd] # # From ironic_inspector # # SQLite3 database to store nodes under introspection, required. Do # not use :memory: here, it won't work. DEPRECATED: use # [database]/connection. (string value) # This option is deprecated for removal. # Its value may be silently ignored in the future. #database = [discovery] # # From ironic_inspector.plugins.discovery # # The name of the Ironic driver used by the enroll hook when creating # a new node in Ironic. (string value) #enroll_node_driver = fake [firewall] # # From ironic_inspector # # Whether to manage firewall rules for PXE port. (boolean value) # Deprecated group/name - [discoverd]/manage_firewall #manage_firewall = true # Interface on which dnsmasq listens, the default is for VM's. (string # value) # Deprecated group/name - [discoverd]/dnsmasq_interface #dnsmasq_interface = br-ctlplane # Amount of time in seconds, after which repeat periodic update of # firewall. (integer value) # Deprecated group/name - [discoverd]/firewall_update_period #firewall_update_period = 15 # iptables chain name to use. (string value) #firewall_chain = ironic-inspector [ironic] # # From ironic_inspector # # Keystone authentication endpoint for accessing Ironic API. Use # [keystone_authtoken]/auth_uri for keystone authentication. (string # value) # Deprecated group/name - [discoverd]/os_auth_url #os_auth_url = # User name for accessing Ironic API. Use # [keystone_authtoken]/admin_user for keystone authentication. (string # value) # Deprecated group/name - [discoverd]/os_username #os_username = # Password for accessing Ironic API. Use # [keystone_authtoken]/admin_password for keystone authentication. # (string value) # Deprecated group/name - [discoverd]/os_password #os_password = # Tenant name for accessing Ironic API. Use # [keystone_authtoken]/admin_tenant_name for keystone authentication. # (string value) # Deprecated group/name - [discoverd]/os_tenant_name #os_tenant_name = # Keystone admin endpoint. DEPRECATED: use # [keystone_authtoken]/identity_uri. (string value) # Deprecated group/name - [discoverd]/identity_uri # This option is deprecated for removal. # Its value may be silently ignored in the future. #identity_uri = # Method to use for authentication: noauth or keystone. (string value) # Allowed values: keystone, noauth #auth_strategy = keystone # Ironic API URL, used to set Ironic API URL when auth_strategy option # is noauth to work with standalone Ironic without keystone. (string # value) #ironic_url = http://localhost:6385/ # Ironic service type. (string value) #os_service_type = baremetal # Ironic endpoint type. (string value) #os_endpoint_type = internalURL # Interval between retries in case of conflict error (HTTP 409). # (integer value) #retry_interval = 2 # Maximum number of retries in case of conflict error (HTTP 409). # (integer value) #max_retries = 30 [keystone_authtoken] # # From keystonemiddleware.auth_token # # Complete public Identity API endpoint. (string value) #auth_uri = # API version of the admin Identity API endpoint. (string value) #auth_version = # Do not handle authorization requests within the middleware, but # delegate the authorization decision to downstream WSGI components. # (boolean value) #delay_auth_decision = false # Request timeout value for communicating with Identity API server. # (integer value) #http_connect_timeout = # How many times are we trying to reconnect when communicating with # Identity API Server. (integer value) #http_request_max_retries = 3 # Env key for the swift cache. (string value) #cache = # Required if identity server requires client certificate (string # value) #certfile = # Required if identity server requires client certificate (string # value) #keyfile = # A PEM encoded Certificate Authority to use when verifying HTTPs # connections. Defaults to system CAs. (string value) #cafile = # Verify HTTPS connections. (boolean value) #insecure = false # The region in which the identity server can be found. (string value) #region_name = # Directory used to cache files related to PKI tokens. (string value) #signing_dir = # Optionally specify a list of memcached server(s) to use for caching. # If left undefined, tokens will instead be cached in-process. (list # value) # Deprecated group/name - [DEFAULT]/memcache_servers #memcached_servers = # In order to prevent excessive effort spent validating tokens, the # middleware caches previously-seen tokens for a configurable duration # (in seconds). Set to -1 to disable caching completely. (integer # value) #token_cache_time = 300 # Determines the frequency at which the list of revoked tokens is # retrieved from the Identity service (in seconds). A high number of # revocation events combined with a low cache duration may # significantly reduce performance. (integer value) #revocation_cache_time = 10 # (Optional) If defined, indicate whether token data should be # authenticated or authenticated and encrypted. If MAC, token data is # authenticated (with HMAC) in the cache. If ENCRYPT, token data is # encrypted and authenticated in the cache. If the value is not one of # these options or empty, auth_token will raise an exception on # initialization. (string value) # Allowed values: None, MAC, ENCRYPT #memcache_security_strategy = None # (Optional, mandatory if memcache_security_strategy is defined) This # string is used for key derivation. (string value) #memcache_secret_key = # (Optional) Number of seconds memcached server is considered dead # before it is tried again. (integer value) #memcache_pool_dead_retry = 300 # (Optional) Maximum total number of open connections to every # memcached server. (integer value) #memcache_pool_maxsize = 10 # (Optional) Socket timeout in seconds for communicating with a # memcached server. (integer value) #memcache_pool_socket_timeout = 3 # (Optional) Number of seconds a connection to memcached is held # unused in the pool before it is closed. (integer value) #memcache_pool_unused_timeout = 60 # (Optional) Number of seconds that an operation will wait to get a # memcached client connection from the pool. (integer value) #memcache_pool_conn_get_timeout = 10 # (Optional) Use the advanced (eventlet safe) memcached client pool. # The advanced pool will only work under python 2.x. (boolean value) #memcache_use_advanced_pool = false # (Optional) Indicate whether to set the X-Service-Catalog header. If # False, middleware will not ask for service catalog on token # validation and will not set the X-Service-Catalog header. (boolean # value) #include_service_catalog = true # Used to control the use and type of token binding. Can be set to: # "disabled" to not check token binding. "permissive" (default) to # validate binding information if the bind type is of a form known to # the server and ignore it if not. "strict" like "permissive" but if # the bind type is unknown the token will be rejected. "required" any # form of token binding is needed to be allowed. Finally the name of a # binding method that must be present in tokens. (string value) #enforce_token_bind = permissive # If true, the revocation list will be checked for cached tokens. This # requires that PKI tokens are configured on the identity server. # (boolean value) #check_revocations_for_cached = false # Hash algorithms to use for hashing PKI tokens. This may be a single # algorithm or multiple. The algorithms are those supported by Python # standard hashlib.new(). The hashes will be tried in the order given, # so put the preferred one first for performance. The result of the # first hash will be stored in the cache. This will typically be set # to multiple values only while migrating from a less secure algorithm # to a more secure one. Once all the old tokens are expired this # option should be set to a single value for better performance. (list # value) #hash_algorithms = md5 # Authentication type to load (unknown value) # Deprecated group/name - [DEFAULT]/auth_plugin #auth_type = # Config Section from which to load plugin specific options (unknown # value) #auth_section = [processing] # # From ironic_inspector # # Which MAC addresses to add as ports during introspection. Possible # values: all (all MAC addresses), active (MAC addresses of NIC with # IP addresses), pxe (only MAC address of NIC node PXE booted from, # falls back to "active" if PXE MAC is not supplied by the ramdisk). # (string value) # Allowed values: all, active, pxe # Deprecated group/name - [discoverd]/add_ports #add_ports = pxe # Which ports (already present on a node) to keep after introspection. # Possible values: all (do not delete anything), present (keep ports # which MACs were present in introspection data), added (keep only # MACs that we added during introspection). (string value) # Allowed values: all, present, added # Deprecated group/name - [discoverd]/keep_ports #keep_ports = all # Whether to overwrite existing values in node database. Disable this # option to make introspection a non-destructive operation. (boolean # value) # Deprecated group/name - [discoverd]/overwrite_existing #overwrite_existing = true # Whether to enable setting IPMI credentials during introspection. # This is an experimental and not well tested feature, use at your own # risk. (boolean value) # Deprecated group/name - [discoverd]/enable_setting_ipmi_credentials #enable_setting_ipmi_credentials = false # Comma-separated list of default hooks for processing pipeline. Hook # 'scheduler' updates the node with the minimum properties required by # the Nova scheduler. Hook 'validate_interfaces' ensures that valid # NIC data was provided by the ramdisk.Do not exclude these two unless # you really know what you're doing. (string value) #default_processing_hooks = ramdisk_error,root_disk_selection,scheduler,validate_interfaces # Comma-separated list of enabled hooks for processing pipeline. The # default for this is $default_processing_hooks, hooks can be added # before or after the defaults like this: # "prehook,$default_processing_hooks,posthook". (string value) # Deprecated group/name - [discoverd]/processing_hooks #processing_hooks = $default_processing_hooks # If set, logs from ramdisk will be stored in this directory. (string # value) # Deprecated group/name - [discoverd]/ramdisk_logs_dir #ramdisk_logs_dir = # Whether to store ramdisk logs even if it did not return an error # message (dependent upon "ramdisk_logs_dir" option being set). # (boolean value) # Deprecated group/name - [discoverd]/always_store_ramdisk_logs #always_store_ramdisk_logs = false # The name of the hook to run when inspector receives inspection # information from a node it isn't already aware of. This hook is # ignored by default. (string value) #node_not_found_hook = # Method for storing introspection data. If set to 'none', # introspection data will not be stored. (string value) # Allowed values: none, swift #store_data = none # Name of the key to store the location of stored data in the extra # column of the Ironic database. (string value) #store_data_location = # Whether to leave 1 GiB of disk size untouched for partitioning. Only # has effect when used with the IPA as a ramdisk, for older ramdisk # local_gb is calculated on the ramdisk side. (boolean value) #disk_partitioning_spacing = true # Whether to log node BMC address with every message during # processing. (boolean value) #log_bmc_address = true [swift] # # From ironic_inspector.common.swift # # Maximum number of times to retry a Swift request, before failing. # (integer value) #max_retries = 2 # Number of seconds that the Swift object will last before being # deleted. (set to 0 to never delete the object). (integer value) #delete_after = 0 # Default Swift container to use when creating objects. (string value) #container = ironic-inspector # User name for accessing Swift API. (string value) #username = # Password for accessing Swift API. (string value) #password = # Tenant name for accessing Swift API. (string value) #tenant_name = # Keystone authentication API version (string value) #os_auth_version = 2 # Keystone authentication URL (string value) #os_auth_url = # Swift service type. (string value) #os_service_type = object-store # Swift endpoint type. (string value) #os_endpoint_type = internalURL