[DEFAULT] # # From magnum # # This option enables or disables user authentication via Keystone. # Default value is True. (boolean value) #enable_authentication = true # Directory where the magnum python module is installed. (string # value) #pybasedir = /opt/stack/magnum/magnum # Directory where magnum binaries are installed. (string value) #bindir = $pybasedir/bin # Top-level directory for maintaining magnum's state. (string value) #state_path = $pybasedir # Path to the rootwrap configuration file to use for running commands # as root. (string value) #rootwrap_config = /etc/magnum/rootwrap.conf # Explicitly specify the temporary working directory. (string value) #tempdir = # Enable periodic tasks. (boolean value) #periodic_enable = true # Max interval size between periodic tasks execution in seconds. # (integer value) #periodic_interval_max = 60 # Name of this node. This can be an opaque identifier. It is not # necessarily a hostname, FQDN, or IP address. However, the node name # must be valid within an AMQP key, and if using ZeroMQ, a valid # hostname, FQDN, or IP address. (string value) #host = localhost # # From oslo.log # # Print debugging output (set logging level to DEBUG instead of # default INFO level). (boolean value) #debug = false # If set to false, will disable INFO logging level, making WARNING the # default. (boolean value) # This option is deprecated for removal. # Its value may be silently ignored in the future. #verbose = true # The name of a logging configuration file. This file is appended to # any existing logging configuration files. For details about logging # configuration files, see the Python logging module documentation. # Note that when logging configuration files are used then all logging # configuration is set in the configuration file and other logging # configuration options are ignored (for example, log_format). (string # value) # Deprecated group/name - [DEFAULT]/log_config #log_config_append = # DEPRECATED. A logging.Formatter log message format string which may # use any of the available logging.LogRecord attributes. This option # is deprecated. Please use logging_context_format_string and # logging_default_format_string instead. This option is ignored if # log_config_append is set. (string value) #log_format = # Format string for %%(asctime)s in log records. Default: %(default)s # . This option is ignored if log_config_append is set. (string value) #log_date_format = %Y-%m-%d %H:%M:%S # (Optional) Name of log file to output to. If no default is set, # logging will go to stdout. This option is ignored if # log_config_append is set. (string value) # Deprecated group/name - [DEFAULT]/logfile #log_file = # (Optional) The base directory used for relative --log-file paths. # This option is ignored if log_config_append is set. (string value) # Deprecated group/name - [DEFAULT]/logdir #log_dir = # (Optional) Uses logging handler designed to watch file system. When # log file is moved or removed this handler will open a new log file # with specified path instantaneously. It makes sense only if log-file # option is specified and Linux platform is used. This option is # ignored if log_config_append is set. (boolean value) #watch_log_file = false # Use syslog for logging. Existing syslog format is DEPRECATED and # will be changed later to honor RFC5424. This option is ignored if # log_config_append is set. (boolean value) #use_syslog = false # (Optional) Enables or disables syslog rfc5424 format for logging. If # enabled, prefixes the MSG part of the syslog message with APP-NAME # (RFC5424). The format without the APP-NAME is deprecated in Kilo, # and will be removed in Mitaka, along with this option. This option # is ignored if log_config_append is set. (boolean value) # This option is deprecated for removal. # Its value may be silently ignored in the future. #use_syslog_rfc_format = true # Syslog facility to receive log lines. This option is ignored if # log_config_append is set. (string value) #syslog_log_facility = LOG_USER # Log output to standard error. This option is ignored if # log_config_append is set. (boolean value) #use_stderr = true # Format string to use for log messages with context. (string value) #logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s # Format string to use for log messages without context. (string # value) #logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s # Data to append to log format when level is DEBUG. (string value) #logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d # Prefix each line of exception output with this format. (string # value) #logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s # List of logger=LEVEL pairs. This option is ignored if # log_config_append is set. (list value) #default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN # Enables or disables publication of error events. (boolean value) #publish_errors = false # The format for an instance that is passed with the log message. # (string value) #instance_format = "[instance: %(uuid)s] " # The format for an instance UUID that is passed with the log message. # (string value) #instance_uuid_format = "[instance: %(uuid)s] " # Format string for user_identity field of the # logging_context_format_string (string value) #logging_user_identity_format = %(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s # Enables or disables fatal status of deprecations. (boolean value) #fatal_deprecations = false # # From oslo.messaging # # Size of RPC connection pool. (integer value) # Deprecated group/name - [DEFAULT]/rpc_conn_pool_size #rpc_conn_pool_size = 30 # ZeroMQ bind address. Should be a wildcard (*), an ethernet # interface, or IP. The "host" option should point or resolve to this # address. (string value) #rpc_zmq_bind_address = * # MatchMaker driver. (string value) #rpc_zmq_matchmaker = redis # Use REQ/REP pattern for all methods CALL/CAST/FANOUT. (boolean # value) #rpc_zmq_all_req_rep = true # Type of concurrency used. Either "native" or "eventlet" (string # value) #rpc_zmq_concurrency = eventlet # Number of ZeroMQ contexts, defaults to 1. (integer value) #rpc_zmq_contexts = 1 # Maximum number of ingress messages to locally buffer per topic. # Default is unlimited. (integer value) #rpc_zmq_topic_backlog = # Directory for holding IPC sockets. (string value) #rpc_zmq_ipc_dir = /var/run/openstack # Name of this node. Must be a valid hostname, FQDN, or IP address. # Must match "host" option, if running Nova. (string value) #rpc_zmq_host = localhost # Seconds to wait before a cast expires (TTL). Only supported by # impl_zmq. (integer value) #rpc_cast_timeout = 30 # The default number of seconds that poll should wait. Poll raises # timeout exception when timeout expired. (integer value) #rpc_poll_timeout = 1 # Shows whether zmq-messaging uses broker or not. (boolean value) #zmq_use_broker = true # Minimal port number for random ports range. (integer value) #rpc_zmq_min_port = 49152 # Maximal port number for random ports range. (integer value) #rpc_zmq_max_port = 65536 # Number of retries to find free port number before fail with # ZMQBindError. (integer value) #rpc_zmq_bind_port_retries = 100 # Host to locate redis. (string value) #host = 127.0.0.1 # Use this port to connect to redis host. (integer value) #port = 6379 # Password for Redis server (optional). (string value) #password = # Size of executor thread pool. (integer value) # Deprecated group/name - [DEFAULT]/rpc_thread_pool_size #executor_thread_pool_size = 64 # A URL representing the messaging driver to use for notifications. If # not set, we fall back to the same configuration used for RPC. # (string value) #notification_transport_url = # AMQP topic used for OpenStack notifications. (list value) # Deprecated group/name - [rpc_notifier2]/topics #notification_topics = notifications # Seconds to wait for a response from a call. (integer value) #rpc_response_timeout = 60 # A URL representing the messaging driver to use and its full # configuration. If not set, we fall back to the rpc_backend option # and driver specific configuration. (string value) #transport_url = # The messaging driver to use, defaults to rabbit. Other drivers # include qpid and zmq. (string value) #rpc_backend = rabbit # The default exchange under which topics are scoped. May be # overridden by an exchange name specified in the transport_url # option. (string value) #control_exchange = openstack # # From oslo.service.periodic_task # # Some periodic tasks can be run in a separate process. Should we run # them here? (boolean value) #run_external_periodic_tasks = true # # From oslo.service.service # # Enable eventlet backdoor. Acceptable values are 0, , and # :, where 0 results in listening on a random tcp port # number; results in listening on the specified port number # (and not enabling backdoor if that port is in use); and # : results in listening on the smallest unused port # number within the specified range of port numbers. The chosen port # is displayed in the service's log file. (string value) #backdoor_port = # Enables or disables logging values of all registered options when # starting a service (at DEBUG level). (boolean value) #log_options = true # Specify a timeout after which a gracefully shutdown server will # exit. Zero value means endless wait. (integer value) #graceful_shutdown_timeout = 60 [api] # # From magnum # # The port for the Magnum API server. (port value) # Minimum value: 1 # Maximum value: 65535 #port = 9511 # The listen IP for the Magnum API server. (ip address value) #host = 127.0.0.1 # The maximum number of items returned in a single response from a # collection resource. (integer value) #max_limit = 1000 [barbican_client] # # From magnum # # Region in Identity service catalog to use for communication with the # OpenStack service. (string value) #region_name = # Type of endpoint in Identity service catalog to use for # communication with the OpenStack service. (string value) #endpoint_type = publicURL [bay] # # From magnum # # Location of template to build a k8s cluster on atomic. (string # value) # Deprecated group/name - [bay_heat]/template_path #k8s_atomic_template_path = $pybasedir/templates/kubernetes/kubecluster.yaml # Location of template to build a k8s cluster on CoreOS. (string # value) #k8s_coreos_template_path = $pybasedir/templates/kubernetes/kubecluster-coreos.yaml # Url for etcd public discovery endpoint. (string value) #etcd_discovery_service_endpoint_format = https://discovery.etcd.io/new?size=%(size)d # coreos discovery token url. (string value) # Deprecated group/name - [bay_heat]/discovery_token_url #coreos_discovery_token_url = # Location of template to build a swarm cluster on atomic. (string # value) #swarm_atomic_template_path = $pybasedir/templates/swarm/swarmcluster.yaml # Location of template to build a Mesos cluster on Ubuntu. (string # value) #mesos_ubuntu_template_path = $pybasedir/templates/mesos/mesoscluster.yaml # Enabled bay definition entry points. (list value) #enabled_definitions = magnum_vm_atomic_k8s,magnum_vm_coreos_k8s,magnum_vm_atomic_swarm,magnum_vm_ubuntu_mesos [bay_heat] # # From magnum # # Number of attempts to query the Heat stack for finding out the # status of the created stack and getting template outputs. This # value is ignored during bay creation if timeout is set as the poll # will continue until bay creation either ends or times out. (integer # value) #max_attempts = 2000 # Sleep time interval between two attempts of querying the Heat stack. # This interval is in seconds. (integer value) #wait_interval = 1 # The length of time to let bay creation continue. This interval is # in minutes. The default is no timeout. (integer value) #bay_create_timeout = [baymodel] # # From magnum # # Allowed network drivers for kubernetes baymodels. Use 'all' keyword # to allow all drivers supported for kubernetes baymodels. Supported # network drivers include flannel. (list value) #kubernetes_allowed_network_drivers = all # Default network driver for kubernetes baymodels. (string value) #kubernetes_default_network_driver = flannel # Allowed network drivers for docker swarm baymodels. Use 'all' # keyword to allow all drivers supported for swarm baymodels. # Supported network drivers include docker and flannel. (list value) #swarm_allowed_network_drivers = all # Default network driver for docker swarm baymodels. (string value) #swarm_default_network_driver = docker # Allowed network drivers for mesos baymodels. Use 'all' keyword to # allow all drivers supported for mesos baymodels. Supported network # drivers include docker. (list value) #mesos_allowed_network_drivers = all # Default network driver for mesos baymodels. (string value) #mesos_default_network_driver = docker [certificates] # # From magnum # # Certificate Manager plugin. Defaults to barbican. (string value) #cert_manager_type = barbican # Absolute path of the certificate storage directory. Defaults to # /var/lib/magnum/certificates/. (string value) #storage_path = /var/lib/magnum/certificates/ [conductor] # # From magnum # # The queue to add conductor tasks to. (string value) #topic = magnum-conductor # RPC timeout for the conductor liveness check that is used for bay # locking. (integer value) #conductor_life_check_timeout = 4 [cors] # # From oslo.middleware.cors # # Indicate whether this resource may be shared with the domain # received in the requests "origin" header. (list value) #allowed_origin = # Indicate that the actual request can include user credentials # (boolean value) #allow_credentials = true # Indicate which headers are safe to expose to the API. Defaults to # HTTP Simple Headers. (list value) #expose_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma # Maximum cache age of CORS preflight requests. (integer value) #max_age = 3600 # Indicate which methods can be used during the actual request. (list # value) #allow_methods = GET,POST,PUT,DELETE,OPTIONS # Indicate which header field names may be used during the actual # request. (list value) #allow_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma [cors.subdomain] # # From oslo.middleware.cors # # Indicate whether this resource may be shared with the domain # received in the requests "origin" header. (list value) #allowed_origin = # Indicate that the actual request can include user credentials # (boolean value) #allow_credentials = true # Indicate which headers are safe to expose to the API. Defaults to # HTTP Simple Headers. (list value) #expose_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma # Maximum cache age of CORS preflight requests. (integer value) #max_age = 3600 # Indicate which methods can be used during the actual request. (list # value) #allow_methods = GET,POST,PUT,DELETE,OPTIONS # Indicate which header field names may be used during the actual # request. (list value) #allow_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma [database] # # From magnum # # MySQL engine to use. (string value) #mysql_engine = InnoDB # # From oslo.db # # The file name to use with SQLite. (string value) # Deprecated group/name - [DEFAULT]/sqlite_db #sqlite_db = oslo.sqlite # If True, SQLite uses synchronous mode. (boolean value) # Deprecated group/name - [DEFAULT]/sqlite_synchronous #sqlite_synchronous = true # The back end to use for the database. (string value) # Deprecated group/name - [DEFAULT]/db_backend #backend = sqlalchemy # The SQLAlchemy connection string to use to connect to the database. # (string value) # Deprecated group/name - [DEFAULT]/sql_connection # Deprecated group/name - [DATABASE]/sql_connection # Deprecated group/name - [sql]/connection #connection = # The SQLAlchemy connection string to use to connect to the slave # database. (string value) #slave_connection = # The SQL mode to be used for MySQL sessions. This option, including # the default, overrides any server-set SQL mode. To use whatever SQL # mode is set by the server configuration, set this to no value. # Example: mysql_sql_mode= (string value) #mysql_sql_mode = TRADITIONAL # Timeout before idle SQL connections are reaped. (integer value) # Deprecated group/name - [DEFAULT]/sql_idle_timeout # Deprecated group/name - [DATABASE]/sql_idle_timeout # Deprecated group/name - [sql]/idle_timeout #idle_timeout = 3600 # Minimum number of SQL connections to keep open in a pool. (integer # value) # Deprecated group/name - [DEFAULT]/sql_min_pool_size # Deprecated group/name - [DATABASE]/sql_min_pool_size #min_pool_size = 1 # Maximum number of SQL connections to keep open in a pool. (integer # value) # Deprecated group/name - [DEFAULT]/sql_max_pool_size # Deprecated group/name - [DATABASE]/sql_max_pool_size #max_pool_size = # Maximum number of database connection retries during startup. Set to # -1 to specify an infinite retry count. (integer value) # Deprecated group/name - [DEFAULT]/sql_max_retries # Deprecated group/name - [DATABASE]/sql_max_retries #max_retries = 10 # Interval between retries of opening a SQL connection. (integer # value) # Deprecated group/name - [DEFAULT]/sql_retry_interval # Deprecated group/name - [DATABASE]/reconnect_interval #retry_interval = 10 # If set, use this value for max_overflow with SQLAlchemy. (integer # value) # Deprecated group/name - [DEFAULT]/sql_max_overflow # Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow #max_overflow = # Verbosity of SQL debugging information: 0=None, 100=Everything. # (integer value) # Deprecated group/name - [DEFAULT]/sql_connection_debug #connection_debug = 0 # Add Python stack traces to SQL as comment strings. (boolean value) # Deprecated group/name - [DEFAULT]/sql_connection_trace #connection_trace = false # If set, use this value for pool_timeout with SQLAlchemy. (integer # value) # Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout #pool_timeout = # Enable the experimental use of database reconnect on connection # lost. (boolean value) #use_db_reconnect = false # Seconds between retries of a database transaction. (integer value) #db_retry_interval = 1 # If True, increases the interval between retries of a database # operation up to db_max_retry_interval. (boolean value) #db_inc_retry_interval = true # If db_inc_retry_interval is set, the maximum seconds between retries # of a database operation. (integer value) #db_max_retry_interval = 10 # Maximum retries in case of connection error or deadlock error before # error is raised. Set to -1 to specify an infinite retry count. # (integer value) #db_max_retries = 20 [docker] # # From magnum # # Docker remote api version. Override it according to specific docker # api version in your environment. (string value) #docker_remote_api_version = 1.17 # Default timeout in seconds for docker client operations. (integer # value) #default_timeout = 60 # If set, ignore any SSL validation issues (boolean value) #api_insecure = false # Location of CA certificates file for securing docker api requests # (tlscacert). (string value) #ca_file = # Location of TLS certificate file for securing docker api requests # (tlscert). (string value) #cert_file = # Location of TLS private key file for securing docker api requests # (tlskey). (string value) #key_file = [docker_registry] # # From magnum # # User id of the trustee (string value) #trustee_user_id = # The roles which are delegated to the trustee by the trustor. (list # value) #trust_roles = registry_user [glance_client] # # From magnum # # Region in Identity service catalog to use for communication with the # OpenStack service. (string value) #region_name = # Type of endpoint in Identity service catalog to use for # communication with the OpenStack service. (string value) #endpoint_type = publicURL # Version of Glance API to use in glanceclient. (string value) #api_version = 2 [heat_client] # # From magnum # # Region in Identity service catalog to use for communication with the # OpenStack service. (string value) #region_name = # Type of endpoint in Identity service catalog to use for # communication with the OpenStack service. (string value) #endpoint_type = publicURL # Optional CA cert file to use in SSL connections. (string value) #ca_file = # Optional PEM-formatted certificate chain file. (string value) #cert_file = # Optional PEM-formatted file that contains the private key. (string # value) #key_file = # If set, then the server's certificate will not be verified. (boolean # value) #insecure = false # Version of Heat API to use in heatclient. (string value) #api_version = 1 [keystone_authtoken] # # From keystonemiddleware.auth_token # # Complete public Identity API endpoint. (string value) #auth_uri = # API version of the admin Identity API endpoint. (string value) #auth_version = # Do not handle authorization requests within the middleware, but # delegate the authorization decision to downstream WSGI components. # (boolean value) #delay_auth_decision = false # Request timeout value for communicating with Identity API server. # (integer value) #http_connect_timeout = # How many times are we trying to reconnect when communicating with # Identity API Server. (integer value) #http_request_max_retries = 3 # Env key for the swift cache. (string value) #cache = # Required if identity server requires client certificate (string # value) #certfile = # Required if identity server requires client certificate (string # value) #keyfile = # A PEM encoded Certificate Authority to use when verifying HTTPs # connections. Defaults to system CAs. (string value) #cafile = # Verify HTTPS connections. (boolean value) #insecure = false # The region in which the identity server can be found. (string value) #region_name = # Directory used to cache files related to PKI tokens. (string value) #signing_dir = # Optionally specify a list of memcached server(s) to use for caching. # If left undefined, tokens will instead be cached in-process. (list # value) # Deprecated group/name - [DEFAULT]/memcache_servers #memcached_servers = # In order to prevent excessive effort spent validating tokens, the # middleware caches previously-seen tokens for a configurable duration # (in seconds). Set to -1 to disable caching completely. (integer # value) #token_cache_time = 300 # Determines the frequency at which the list of revoked tokens is # retrieved from the Identity service (in seconds). A high number of # revocation events combined with a low cache duration may # significantly reduce performance. (integer value) #revocation_cache_time = 10 # (Optional) If defined, indicate whether token data should be # authenticated or authenticated and encrypted. Acceptable values are # MAC or ENCRYPT. If MAC, token data is authenticated (with HMAC) in # the cache. If ENCRYPT, token data is encrypted and authenticated in # the cache. If the value is not one of these options or empty, # auth_token will raise an exception on initialization. (string value) #memcache_security_strategy = # (Optional, mandatory if memcache_security_strategy is defined) This # string is used for key derivation. (string value) #memcache_secret_key = # (Optional) Number of seconds memcached server is considered dead # before it is tried again. (integer value) #memcache_pool_dead_retry = 300 # (Optional) Maximum total number of open connections to every # memcached server. (integer value) #memcache_pool_maxsize = 10 # (Optional) Socket timeout in seconds for communicating with a # memcached server. (integer value) #memcache_pool_socket_timeout = 3 # (Optional) Number of seconds a connection to memcached is held # unused in the pool before it is closed. (integer value) #memcache_pool_unused_timeout = 60 # (Optional) Number of seconds that an operation will wait to get a # memcached client connection from the pool. (integer value) #memcache_pool_conn_get_timeout = 10 # (Optional) Use the advanced (eventlet safe) memcached client pool. # The advanced pool will only work under python 2.x. (boolean value) #memcache_use_advanced_pool = false # (Optional) Indicate whether to set the X-Service-Catalog header. If # False, middleware will not ask for service catalog on token # validation and will not set the X-Service-Catalog header. (boolean # value) #include_service_catalog = true # Used to control the use and type of token binding. Can be set to: # "disabled" to not check token binding. "permissive" (default) to # validate binding information if the bind type is of a form known to # the server and ignore it if not. "strict" like "permissive" but if # the bind type is unknown the token will be rejected. "required" any # form of token binding is needed to be allowed. Finally the name of a # binding method that must be present in tokens. (string value) #enforce_token_bind = permissive # If true, the revocation list will be checked for cached tokens. This # requires that PKI tokens are configured on the identity server. # (boolean value) #check_revocations_for_cached = false # Hash algorithms to use for hashing PKI tokens. This may be a single # algorithm or multiple. The algorithms are those supported by Python # standard hashlib.new(). The hashes will be tried in the order given, # so put the preferred one first for performance. The result of the # first hash will be stored in the cache. This will typically be set # to multiple values only while migrating from a less secure algorithm # to a more secure one. Once all the old tokens are expired this # option should be set to a single value for better performance. (list # value) #hash_algorithms = md5 # Prefix to prepend at the beginning of the path. Deprecated, use # identity_uri. (string value) #auth_admin_prefix = # Host providing the admin Identity API endpoint. Deprecated, use # identity_uri. (string value) #auth_host = 127.0.0.1 # Port of the admin Identity API endpoint. Deprecated, use # identity_uri. (integer value) #auth_port = 35357 # Protocol of the admin Identity API endpoint (http or https). # Deprecated, use identity_uri. (string value) #auth_protocol = https # Complete admin Identity API endpoint. This should specify the # unversioned root endpoint e.g. https://localhost:35357/ (string # value) #identity_uri = # This option is deprecated and may be removed in a future release. # Single shared secret with the Keystone configuration used for # bootstrapping a Keystone installation, or otherwise bypassing the # normal authentication process. This option should not be used, use # `admin_user` and `admin_password` instead. (string value) #admin_token = # Service username. (string value) #admin_user = # Service user password. (string value) #admin_password = # Service tenant name. (string value) #admin_tenant_name = admin # Authentication type to load (unknown value) # Deprecated group/name - [DEFAULT]/auth_plugin #auth_type = # Config Section from which to load plugin specific options (unknown # value) #auth_section = [magnum_client] # # From magnum # # Region in Identity service catalog to use for communication with the # OpenStack service. (string value) #region_name = # Type of endpoint in Identity service catalog to use for # communication with the OpenStack service. (string value) #endpoint_type = publicURL [matchmaker_redis] # # From oslo.messaging # # Host to locate redis. (string value) #host = 127.0.0.1 # Use this port to connect to redis host. (integer value) #port = 6379 # Password for Redis server (optional). (string value) #password = [neutron_client] # # From magnum # # Region in Identity service catalog to use for communication with the # OpenStack service. (string value) #region_name = # Type of endpoint in Identity service catalog to use for # communication with the OpenStack service. (string value) #endpoint_type = publicURL [nova_client] # # From magnum # # Region in Identity service catalog to use for communication with the # OpenStack service. (string value) #region_name = # Type of endpoint in Identity service catalog to use for # communication with the OpenStack service. (string value) #endpoint_type = publicURL # Version of Nova API to use in novaclient. (string value) #api_version = 2 [oslo_concurrency] # # From oslo.concurrency # # Enables or disables inter-process locks. (boolean value) # Deprecated group/name - [DEFAULT]/disable_process_locking #disable_process_locking = false # Directory to use for lock files. For security, the specified # directory should only be writable by the user running the processes # that need locking. Defaults to environment variable OSLO_LOCK_PATH. # If external locks are used, a lock path must be set. (string value) # Deprecated group/name - [DEFAULT]/lock_path #lock_path = [oslo_messaging_amqp] # # From oslo.messaging # # address prefix used when sending to a specific server (string value) # Deprecated group/name - [amqp1]/server_request_prefix #server_request_prefix = exclusive # address prefix used when broadcasting to all servers (string value) # Deprecated group/name - [amqp1]/broadcast_prefix #broadcast_prefix = broadcast # address prefix when sending to any server in group (string value) # Deprecated group/name - [amqp1]/group_request_prefix #group_request_prefix = unicast # Name for the AMQP container (string value) # Deprecated group/name - [amqp1]/container_name #container_name = # Timeout for inactive connections (in seconds) (integer value) # Deprecated group/name - [amqp1]/idle_timeout #idle_timeout = 0 # Debug: dump AMQP frames to stdout (boolean value) # Deprecated group/name - [amqp1]/trace #trace = false # CA certificate PEM file to verify server certificate (string value) # Deprecated group/name - [amqp1]/ssl_ca_file #ssl_ca_file = # Identifying certificate PEM file to present to clients (string # value) # Deprecated group/name - [amqp1]/ssl_cert_file #ssl_cert_file = # Private key PEM file used to sign cert_file certificate (string # value) # Deprecated group/name - [amqp1]/ssl_key_file #ssl_key_file = # Password for decrypting ssl_key_file (if encrypted) (string value) # Deprecated group/name - [amqp1]/ssl_key_password #ssl_key_password = # Accept clients using either SSL or plain TCP (boolean value) # Deprecated group/name - [amqp1]/allow_insecure_clients #allow_insecure_clients = false # Space separated list of acceptable SASL mechanisms (string value) # Deprecated group/name - [amqp1]/sasl_mechanisms #sasl_mechanisms = # Path to directory that contains the SASL configuration (string # value) # Deprecated group/name - [amqp1]/sasl_config_dir #sasl_config_dir = # Name of configuration file (without .conf suffix) (string value) # Deprecated group/name - [amqp1]/sasl_config_name #sasl_config_name = # User name for message broker authentication (string value) # Deprecated group/name - [amqp1]/username #username = # Password for message broker authentication (string value) # Deprecated group/name - [amqp1]/password #password = [oslo_messaging_qpid] # # From oslo.messaging # # Use durable queues in AMQP. (boolean value) # Deprecated group/name - [DEFAULT]/amqp_durable_queues # Deprecated group/name - [DEFAULT]/rabbit_durable_queues #amqp_durable_queues = false # Auto-delete queues in AMQP. (boolean value) # Deprecated group/name - [DEFAULT]/amqp_auto_delete #amqp_auto_delete = false # Send a single AMQP reply to call message. The current behaviour # since oslo-incubator is to send two AMQP replies - first one with # the payload, a second one to ensure the other have finish to send # the payload. We are going to remove it in the N release, but we must # keep backward compatible at the same time. This option provides such # compatibility - it defaults to False in Liberty and can be turned on # for early adopters with a new installations or for testing. Please # note, that this option will be removed in the Mitaka release. # (boolean value) #send_single_reply = false # Qpid broker hostname. (string value) # Deprecated group/name - [DEFAULT]/qpid_hostname #qpid_hostname = localhost # Qpid broker port. (integer value) # Deprecated group/name - [DEFAULT]/qpid_port #qpid_port = 5672 # Qpid HA cluster host:port pairs. (list value) # Deprecated group/name - [DEFAULT]/qpid_hosts #qpid_hosts = $qpid_hostname:$qpid_port # Username for Qpid connection. (string value) # Deprecated group/name - [DEFAULT]/qpid_username #qpid_username = # Password for Qpid connection. (string value) # Deprecated group/name - [DEFAULT]/qpid_password #qpid_password = # Space separated list of SASL mechanisms to use for auth. (string # value) # Deprecated group/name - [DEFAULT]/qpid_sasl_mechanisms #qpid_sasl_mechanisms = # Seconds between connection keepalive heartbeats. (integer value) # Deprecated group/name - [DEFAULT]/qpid_heartbeat #qpid_heartbeat = 60 # Transport to use, either 'tcp' or 'ssl'. (string value) # Deprecated group/name - [DEFAULT]/qpid_protocol #qpid_protocol = tcp # Whether to disable the Nagle algorithm. (boolean value) # Deprecated group/name - [DEFAULT]/qpid_tcp_nodelay #qpid_tcp_nodelay = true # The number of prefetched messages held by receiver. (integer value) # Deprecated group/name - [DEFAULT]/qpid_receiver_capacity #qpid_receiver_capacity = 1 # The qpid topology version to use. Version 1 is what was originally # used by impl_qpid. Version 2 includes some backwards-incompatible # changes that allow broker federation to work. Users should update # to version 2 when they are able to take everything down, as it # requires a clean break. (integer value) # Deprecated group/name - [DEFAULT]/qpid_topology_version #qpid_topology_version = 1 [oslo_messaging_rabbit] # # From oslo.messaging # # Use durable queues in AMQP. (boolean value) # Deprecated group/name - [DEFAULT]/amqp_durable_queues # Deprecated group/name - [DEFAULT]/rabbit_durable_queues #amqp_durable_queues = false # Auto-delete queues in AMQP. (boolean value) # Deprecated group/name - [DEFAULT]/amqp_auto_delete #amqp_auto_delete = false # Send a single AMQP reply to call message. The current behaviour # since oslo-incubator is to send two AMQP replies - first one with # the payload, a second one to ensure the other have finish to send # the payload. We are going to remove it in the N release, but we must # keep backward compatible at the same time. This option provides such # compatibility - it defaults to False in Liberty and can be turned on # for early adopters with a new installations or for testing. Please # note, that this option will be removed in the Mitaka release. # (boolean value) #send_single_reply = false # SSL version to use (valid only if SSL enabled). Valid values are # TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be # available on some distributions. (string value) # Deprecated group/name - [DEFAULT]/kombu_ssl_version #kombu_ssl_version = # SSL key file (valid only if SSL enabled). (string value) # Deprecated group/name - [DEFAULT]/kombu_ssl_keyfile #kombu_ssl_keyfile = # SSL cert file (valid only if SSL enabled). (string value) # Deprecated group/name - [DEFAULT]/kombu_ssl_certfile #kombu_ssl_certfile = # SSL certification authority file (valid only if SSL enabled). # (string value) # Deprecated group/name - [DEFAULT]/kombu_ssl_ca_certs #kombu_ssl_ca_certs = # How long to wait before reconnecting in response to an AMQP consumer # cancel notification. (floating point value) # Deprecated group/name - [DEFAULT]/kombu_reconnect_delay #kombu_reconnect_delay = 1.0 # How long to wait before considering a reconnect attempt to have # failed. This value should not be longer than rpc_response_timeout. # (integer value) #kombu_reconnect_timeout = 60 # The RabbitMQ broker address where a single node is used. (string # value) # Deprecated group/name - [DEFAULT]/rabbit_host #rabbit_host = localhost # The RabbitMQ broker port where a single node is used. (integer # value) # Deprecated group/name - [DEFAULT]/rabbit_port #rabbit_port = 5672 # RabbitMQ HA cluster host:port pairs. (list value) # Deprecated group/name - [DEFAULT]/rabbit_hosts #rabbit_hosts = $rabbit_host:$rabbit_port # Connect over SSL for RabbitMQ. (boolean value) # Deprecated group/name - [DEFAULT]/rabbit_use_ssl #rabbit_use_ssl = false # The RabbitMQ userid. (string value) # Deprecated group/name - [DEFAULT]/rabbit_userid #rabbit_userid = guest # The RabbitMQ password. (string value) # Deprecated group/name - [DEFAULT]/rabbit_password #rabbit_password = guest # The RabbitMQ login method. (string value) # Deprecated group/name - [DEFAULT]/rabbit_login_method #rabbit_login_method = AMQPLAIN # The RabbitMQ virtual host. (string value) # Deprecated group/name - [DEFAULT]/rabbit_virtual_host #rabbit_virtual_host = / # How frequently to retry connecting with RabbitMQ. (integer value) #rabbit_retry_interval = 1 # How long to backoff for between retries when connecting to RabbitMQ. # (integer value) # Deprecated group/name - [DEFAULT]/rabbit_retry_backoff #rabbit_retry_backoff = 2 # Maximum number of RabbitMQ connection retries. Default is 0 # (infinite retry count). (integer value) # Deprecated group/name - [DEFAULT]/rabbit_max_retries #rabbit_max_retries = 0 # Use HA queues in RabbitMQ (x-ha-policy: all). If you change this # option, you must wipe the RabbitMQ database. (boolean value) # Deprecated group/name - [DEFAULT]/rabbit_ha_queues #rabbit_ha_queues = false # Number of seconds after which the Rabbit broker is considered down # if heartbeat's keep-alive fails (0 disable the heartbeat). # EXPERIMENTAL (integer value) #heartbeat_timeout_threshold = 60 # How often times during the heartbeat_timeout_threshold we check the # heartbeat. (integer value) #heartbeat_rate = 2 # Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake # (boolean value) # Deprecated group/name - [DEFAULT]/fake_rabbit #fake_rabbit = false [oslo_messaging_notifications] # The Drivers(s) to handle sending notifications. Possible values are # messaging, messagingv2, routing, log, test, noop (multi valued) # Deprecated group/name - [DEFAULT]/notification_driver #driver = [oslo_policy] # # From oslo.policy # # The JSON file that defines policies. (string value) # Deprecated group/name - [DEFAULT]/policy_file #policy_file = policy.json # Default rule. Enforced when a requested rule is not found. (string # value) # Deprecated group/name - [DEFAULT]/policy_default_rule #policy_default_rule = default # Directories where policy configuration files are stored. They can be # relative to any directory in the search path defined by the # config_dir option, or absolute paths. The file defined by # policy_file must exist for these directories to be searched. # Missing or empty directories are ignored. (multi valued) # Deprecated group/name - [DEFAULT]/policy_dirs #policy_dirs = policy.d [x509] # # From magnum # # Certificate can get the CA flag in x509 extensions. (boolean value) #allow_ca = false # List of allowed x509 extensions. Available values: # "authorityKeyIdentifier", "subjectKeyIdentifier", # "authorityInfoAccess", "basicConstraints", "cRLDistributionPoints", # "certificatePolicies", "extendedKeyUsage", "OCSPNoCheck", # "inhibitAnyPolicy", "keyUsage", "nameConstraints", "subjectAltName", # "issuerAltName" (list value) #allowed_extensions = keyUsage,extendedKeyUsage,subjectAltName,basicConstraints,subjectKeyIdentifier # List of allowed x509 key usage. Available values: "Digital # Signature", "Non Repudiation", "Key Encipherment", "Data # Encipherment", "Key Agreement", "Certificate Sign", "CRL Sign", # "Encipher Only", "Decipher Only" (list value) #allowed_key_usage = Digital Signature,Key Encipherment,Non Repudiation # Number of days for which a certificate is valid. (integer value) #term_of_validity = 1825 # Size of generated private key. (integer value) #rsa_key_size = 2048