diff --git a/etc/keystone.conf.sample b/etc/keystone.conf.sample index 0d2f95ce6e..771e301f62 100644 --- a/etc/keystone.conf.sample +++ b/etc/keystone.conf.sample @@ -291,32 +291,6 @@ # exchange name specified in the transport_url option. (string value) #control_exchange = keystone -# -# From oslo.service.service -# - -# Enable eventlet backdoor. Acceptable values are 0, , and -# :, where 0 results in listening on a random tcp port number; -# results in listening on the specified port number (and not enabling -# backdoor if that port is in use); and : results in listening on -# the smallest unused port number within the specified range of port numbers. -# The chosen port is displayed in the service's log file. (string value) -#backdoor_port = - -# Enable eventlet backdoor, using the provided path as a unix socket that can -# receive connections. This option is mutually exclusive with 'backdoor_port' -# in that only one should be provided. If both are provided then the existence -# of this option overrides the usage of that option. (string value) -#backdoor_socket = - -# Enables or disables logging values of all registered options when starting a -# service (at DEBUG level). (boolean value) -#log_options = true - -# Specify a timeout after which a gracefully shutdown server will exit. Zero -# value means endless wait. (integer value) -#graceful_shutdown_timeout = 60 - [assignment] @@ -396,7 +370,7 @@ #proxies = # Global toggle for caching. (boolean value) -#enabled = false +#enabled = true # Extra debugging from the cache backend (cache keys, get/set/delete/etc # calls). This is only really useful if you need to see the specific cache- @@ -683,26 +657,15 @@ # From keystone # -# The number of worker processes to serve the public eventlet application. -# Defaults to number of CPUs (minimum of 2). (integer value) -# Deprecated group/name - [DEFAULT]/public_workers -# This option is deprecated for removal. -# Its value may be silently ignored in the future. -#public_workers = - -# The number of worker processes to serve the admin eventlet application. -# Defaults to number of CPUs (minimum of 2). (integer value) -# Deprecated group/name - [DEFAULT]/admin_workers -# This option is deprecated for removal. -# Its value may be silently ignored in the future. -#admin_workers = - # The IP address of the network interface for the public service to listen on. # (string value) # Deprecated group/name - [DEFAULT]/bind_host # Deprecated group/name - [DEFAULT]/public_bind_host # This option is deprecated for removal. # Its value may be silently ignored in the future. +# Reason: Support for running keystone under eventlet has been removed in the N +# release. These options remain for backwards compatibility because they are +# used for URL substitutions. #public_bind_host = 0.0.0.0 # The port number which the public service listens on. (port value) @@ -711,6 +674,9 @@ # Deprecated group/name - [DEFAULT]/public_port # This option is deprecated for removal. # Its value may be silently ignored in the future. +# Reason: Support for running keystone under eventlet has been removed in the N +# release. These options remain for backwards compatibility because they are +# used for URL substitutions. #public_port = 5000 # The IP address of the network interface for the admin service to listen on. @@ -719,6 +685,9 @@ # Deprecated group/name - [DEFAULT]/admin_bind_host # This option is deprecated for removal. # Its value may be silently ignored in the future. +# Reason: Support for running keystone under eventlet has been removed in the N +# release. These options remain for backwards compatibility because they are +# used for URL substitutions. #admin_bind_host = 0.0.0.0 # The port number which the admin service listens on. (port value) @@ -729,70 +698,6 @@ # Its value may be silently ignored in the future. #admin_port = 35357 -# If set to false, disables keepalives on the server; all connections will be -# closed after serving one request. (boolean value) -#wsgi_keep_alive = true - -# Timeout for socket operations on a client connection. If an incoming -# connection is idle for this number of seconds it will be closed. A value of -# "0" means wait forever. (integer value) -#client_socket_timeout = 900 - -# Set this to true if you want to enable TCP_KEEPALIVE on server sockets, i.e. -# sockets used by the Keystone wsgi server for client connections. (boolean -# value) -# Deprecated group/name - [DEFAULT]/tcp_keepalive -# This option is deprecated for removal. -# Its value may be silently ignored in the future. -#tcp_keepalive = false - -# Sets the value of TCP_KEEPIDLE in seconds for each server socket. Only -# applies if tcp_keepalive is true. Ignored if system does not support it. -# (integer value) -# Deprecated group/name - [DEFAULT]/tcp_keepidle -# This option is deprecated for removal. -# Its value may be silently ignored in the future. -#tcp_keepidle = 600 - - -[eventlet_server_ssl] - -# -# From keystone -# - -# Toggle for SSL support on the Keystone eventlet servers. (boolean value) -# Deprecated group/name - [ssl]/enable -# This option is deprecated for removal. -# Its value may be silently ignored in the future. -#enable = false - -# Path of the certfile for SSL. For non-production environments, you may be -# interested in using `keystone-manage ssl_setup` to generate self-signed -# certificates. (string value) -# Deprecated group/name - [ssl]/certfile -# This option is deprecated for removal. -# Its value may be silently ignored in the future. -#certfile = /etc/keystone/ssl/certs/keystone.pem - -# Path of the keyfile for SSL. (string value) -# Deprecated group/name - [ssl]/keyfile -# This option is deprecated for removal. -# Its value may be silently ignored in the future. -#keyfile = /etc/keystone/ssl/private/keystonekey.pem - -# Path of the CA cert file for SSL. (string value) -# Deprecated group/name - [ssl]/ca_certs -# This option is deprecated for removal. -# Its value may be silently ignored in the future. -#ca_certs = /etc/keystone/ssl/certs/ca.pem - -# Require client certificate. (boolean value) -# Deprecated group/name - [ssl]/cert_required -# This option is deprecated for removal. -# Its value may be silently ignored in the future. -#cert_required = false - [federation]