openstack/openstack-manuals
Code Issues Proposed changes

Merge "[config-ref] Updates swift config files"

Browse Source
This commit is contained in:
Jenkins 2017-04-07 18:32:44 +00:00 committed by Gerrit Code Review
commit 04ea1886ba
106 changed files with 25 additions and 3659 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
doc/config-reference/source/object-storage.rst
View File

@ -2,28 +2,31 @@
Object Storage service
======================
.. toctree::
:maxdepth: 1
Object Storage (swift) is a robust, highly scalable and fault tolerant storage
platform for unstructured data such as objects. Objects are stored bits,
accessed through a RESTful, HTTP-based interface. You cannot access data at
the block or file level. Object Storage is commonly used to archive and back
up data, with use cases in virtual machine image, photo, video, and music
storage.
object-storage/about.rst
object-storage/general-service-conf.rst
object-storage/object-server.rst
object-storage/object-expirer.rst
object-storage/container-server.rst
object-storage/container-sync-realms.rst
object-storage/container-reconciler.rst
object-storage/account-server.rst
object-storage/proxy-server.rst
object-storage/memcache.rst
object-storage/rsyncd.rst
object-storage/features.rst
object-storage/configure-s3.rst
object-storage/listendpoints.rst
object-storage/logs.rst
tables/conf-changes/swift.rst
Object Storage provides a high degree of availability, throughput, and
performance with its scale out architecture. Each object is replicated across
multiple servers, residing within the same data center or across data centers,
which mitigates the risk of network and hardware failure. In the event of
hardware failure, Object Storage will automatically copy objects to a new
location to ensure that your chosen number of copies are always available.
.. note::
Object Storage also employs erasure coding. Erasure coding is a set of
algorithms that allows the reconstruction of missing data from a set of
original data. In theory, erasure coding uses less storage capacity with
similar durability characteristics as replicas. From an application
perspective, erasure coding support is transparent. Object Storage
implements erasure coding as a Storage Policy.
The common configurations for shared service and libraries,
such as database connections and RPC messaging,
are described at :doc:`common-configurations`.
Object Storage is an eventually consistent distributed storage platform;
it sacrifices consistency for maximum availability and partition tolerance.
Object Storage enables you to create a reliable platform by using commodity
hardware and inexpensive storage.
To view the configuration references for Object Storage, see the
`Common configurations <https://docs.openstack.org/developer/swift/deployment_guide.html#common-configuration>`_.

33
doc/config-reference/source/object-storage/about.rst
View File

@ -1,33 +0,0 @@
==============================
Introduction to Object Storage
==============================
Object Storage (swift) is a robust, highly scalable and fault tolerant storage
platform for unstructured data such as objects. Objects are stored bits,
accessed through a RESTful, HTTP-based interface. You cannot access data at
the block or file level. Object Storage is commonly used to archive and back
up data, with use cases in virtual machine image, photo, video, and music
storage.
Object Storage provides a high degree of availability, throughput, and
performance with its scale out architecture. Each object is replicated across
multiple servers, residing within the same data center or across data centers,
which mitigates the risk of network and hardware failure. In the event of
hardware failure, Object Storage will automatically copy objects to a new
location to ensure that your chosen number of copies are always available.
Object Storage also employs erasure coding. Erasure coding is a set of
algorithms that allows the reconstruction of missing data from a set of
original data. In theory, erasure coding uses less storage capacity with
similar durability characteristics as replicas. From an application
perspective, erasure coding support is transparent. Object Storage
implements erasure coding as a Storage Policy.
Object Storage is an eventually consistent distributed storage platform;
it sacrifices consistency for maximum availability and partition tolerance.
Object Storage enables you to create a reliable platform by using commodity
hardware and inexpensive storage.
For more information, review the key concepts in the developer documentation
at `docs.openstack.org/developer/swift/
<https://docs.openstack.org/developer/swift/>`__.

25
doc/config-reference/source/object-storage/account-server.rst
View File

@ -1,25 +0,0 @@
============================
Account server configuration
============================
Find an example account server configuration at
``etc/account-server.conf-sample`` in the source code repository.
The available configuration options are:
.. include:: ../tables/swift-account-server-DEFAULT.rst
.. include:: ../tables/swift-account-server-app-account-server.rst
.. include:: ../tables/swift-account-server-pipeline-main.rst
.. include:: ../tables/swift-account-server-account-replicator.rst
.. include:: ../tables/swift-account-server-account-auditor.rst
.. include:: ../tables/swift-account-server-account-reaper.rst
.. include:: ../tables/swift-account-server-filter-healthcheck.rst
.. include:: ../tables/swift-account-server-filter-recon.rst
.. include:: ../tables/swift-account-server-filter-xprofile.rst
Sample account server configuration file
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. remote-code-block:: ini
https://git.openstack.org/cgit/openstack/swift/plain/etc/account-server.conf-sample?h=stable/ocata

115
doc/config-reference/source/object-storage/configure-s3.rst
View File

@ -1,115 +0,0 @@
========================================
Configure Object Storage with the S3 API
========================================
The Swift3 middleware emulates the S3 REST API on top of Object Storage.
The following operations are currently supported:
- GET Service
- DELETE Bucket
- GET Bucket (List Objects)
- PUT Bucket
- DELETE Object
- GET Object
- HEAD Object
- PUT Object
- PUT Object (Copy)
To use this middleware, first download the latest version from its repository
to your proxy servers.
.. code-block:: console
$ git clone https://git.openstack.org/openstack/swift3
Then, install it using standard python mechanisms, such as:
.. code-block:: console
# python setup.py install
Alternatively, if you have configured the Ubuntu Cloud Archive, you may use:
.. code-block:: console
# apt-get install swift-plugin-s3
To add this middleware to your configuration, add the swift3 middleware in
front of the swauth middleware, and before any other middleware that looks at
Object Storage requests (like rate limiting).
Ensure that your ``proxy-server.conf`` file contains swift3 in the pipeline and
the ``[filter:swift3]`` section, as shown below:
.. code-block:: ini
[pipeline:main]
pipeline = catch_errors healthcheck cache swift3 swauth proxy-server
[filter:swift3]
use = egg:swift3#swift3
Next, configure the tool that you use to connect to the S3 API. For S3curl, for
example, you must add your host IP information by adding your host IP to the
``@endpoints`` array (line 33 in ``s3curl.pl``):
.. code-block:: perl
my @endpoints = ( '1.2.3.4');
Now you can send commands to the endpoint, such as:
.. code-block:: console
$ ./s3curl.pl - 'a7811544507ebaf6c9a7a8804f47ea1c' \
-key 'a7d8e981-e296-d2ba-cb3b-db7dd23159bd' \
-get - -s -v http://1.2.3.4:8080
To set up your client, ensure you are using the ec2 credentials, which
can be downloaded from the API Endpoints tab of the dashboard. The host
should also point to the Object Storage node's hostname. It also will
have to use the old-style calling format, and not the hostname-based
container format. Here are two examples of client setup using both Python
boto_ library (version 2.45.0) and boto3_(version 1.4.4) library on a locally
installed all-in-one Object Storage installation.
.. code-block:: python
# Connection using boto library
connection = boto.s3.connection.S3Connection(
aws_access_key_id='a7811544507ebaf6c9a7a8804f47ea1c',
aws_secret_access_key='a7d8e981-e296-d2ba-cb3b-db7dd23159bd',
port=8080,
host='127.0.0.1',
is_secure=False)
# Connection using boto3 library
# Create a low-level service client
s3_client = boto3.client(
's3',
aws_access_key_id='a7811544507ebaf6c9a7a8804f47ea1c',
aws_secret_access_key='a7d8e981-e296-d2ba-cb3b-db7dd23159bd',
endpoint_url='http://127.0.0.1:8080'
)
# Create a resource service client
s3_resource = boto3.resource(
's3',
aws_access_key_id='a7811544507ebaf6c9a7a8804f47ea1c',
aws_secret_access_key='a7d8e981-e296-d2ba-cb3b-db7dd23159bd',
endpoint_url='http://127.0.0.1:8080'
)
.. _boto: https://github.com/boto/boto
.. _boto3: https://github.com/boto/boto3/

23
doc/config-reference/source/object-storage/container-reconciler.rst
View File

@ -1,23 +0,0 @@
==================================
Container reconciler configuration
==================================
Find an example container sync realms configuration at
``etc/container-reconciler.conf-sample`` in the source code repository.
The available configuration options are:
.. include:: ../tables/swift-container-reconciler-DEFAULT.rst
.. include:: ../tables/swift-container-reconciler-app-proxy-server.rst
.. include:: ../tables/swift-container-reconciler-container-reconciler.rst
.. include:: ../tables/swift-container-reconciler-filter-cache.rst
.. include:: ../tables/swift-container-reconciler-filter-catch_errors.rst
.. include:: ../tables/swift-container-reconciler-filter-proxy-logging.rst
.. include:: ../tables/swift-container-reconciler-pipeline-main.rst
Sample container sync reconciler configuration file
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. remote-code-block:: ini
https://git.openstack.org/cgit/openstack/swift/plain/etc/container-reconciler.conf-sample?h=stable/ocata

26
doc/config-reference/source/object-storage/container-server.rst
View File

@ -1,26 +0,0 @@
==============================
Container server configuration
==============================
Find an example container server configuration at
``etc/container-server.conf-sample`` in the source code repository.
The available configuration options are:
.. include:: ../tables/swift-container-server-DEFAULT.rst
.. include:: ../tables/swift-container-server-app-container-server.rst
.. include:: ../tables/swift-container-server-pipeline-main.rst
.. include:: ../tables/swift-container-server-container-replicator.rst
.. include:: ../tables/swift-container-server-container-updater.rst
.. include:: ../tables/swift-container-server-container-auditor.rst
.. include:: ../tables/swift-container-server-container-sync.rst
.. include:: ../tables/swift-container-server-filter-healthcheck.rst
.. include:: ../tables/swift-container-server-filter-recon.rst
.. include:: ../tables/swift-container-server-filter-xprofile.rst
Sample container server configuration file
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. remote-code-block:: ini
https://git.openstack.org/cgit/openstack/swift/plain/etc/container-server.conf-sample?h=stable/ocata

19
doc/config-reference/source/object-storage/container-sync-realms.rst
View File

@ -1,19 +0,0 @@
===================================
Container sync realms configuration
===================================
Find an example container sync realms configuration at
``etc/container-sync-realms.conf-sample`` in the source code repository.
The available configuration options are:
.. include:: ../tables/swift-container-sync-realms-DEFAULT.rst
.. include:: ../tables/swift-container-sync-realms-realm1.rst
.. include:: ../tables/swift-container-sync-realms-realm2.rst
Sample container sync realms configuration file
-----------------------------------------------
.. remote-code-block:: ini
https://git.openstack.org/cgit/openstack/swift/plain/etc/container-sync-realms.conf-sample?h=stable/ocata

652
doc/config-reference/source/object-storage/features.rst
View File

@ -1,652 +0,0 @@
=================================
Configure Object Storage features
=================================
Object Storage zones
~~~~~~~~~~~~~~~~~~~~
In OpenStack Object Storage, data is placed across different tiers of failure
domains. First, data is spread across regions, then zones, then servers, and
finally across drives. Data is placed to get the highest failure domain
isolation. If you deploy multiple regions, the Object Storage service places
the data across the regions. Within a region, each replica of the data should
be stored in unique zones, if possible. If there is only one zone, data should
be placed on different servers. And if there is only one server, data should
be placed on different drives.
Regions are widely separated installations with a high-latency or otherwise
constrained network link between them. Zones are arbitrarily assigned, and it
is up to the administrator of the Object Storage cluster to choose an isolation
level and attempt to maintain the isolation level through appropriate zone
assignment. For example, a zone may be defined as a rack with a single power
source. Or a zone may be a DC room with a common utility provider. Servers are
identified by a unique IP/port. Drives are locally attached storage volumes
identified by mount point.
In small clusters (five nodes or fewer), everything is normally in a single
zone. Larger Object Storage deployments may assign zone designations
differently; for example, an entire cabinet or rack of servers may be
designated as a single zone to maintain replica availability if the cabinet
becomes unavailable (for example, due to failure of the top of rack switches or
a dedicated circuit). In very large deployments, such as service provider level
deployments, each zone might have an entirely autonomous switching and power
infrastructure, so that even the loss of an electrical circuit or switching
aggregator would result in the loss of a single replica at most.
Rackspace zone recommendations
------------------------------
For ease of maintenance on OpenStack Object Storage, Rackspace recommends that
you set up at least five nodes. Each node is assigned its own zone (for a total
of five zones), which gives you host level redundancy. This enables you to take
down a single zone for maintenance and still guarantee object availability in
the event that another zone fails during your maintenance.
You could keep each server in its own cabinet to achieve cabinet level
isolation, but you may wish to wait until your Object Storage service is better
established before developing cabinet-level isolation. OpenStack Object Storage
is flexible; if you later decide to change the isolation level, you can take
down one zone at a time and move them to appropriate new homes.
RAID controller configuration
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
OpenStack Object Storage does not require RAID. In fact, most RAID
configurations cause significant performance degradation. The main reason for
using a RAID controller is the battery-backed cache. It is very important for
data integrity reasons that when the operating system confirms a write has been
committed that the write has actually been committed to a persistent location.
Most disks lie about hardware commits by default, instead writing to a faster
write cache for performance reasons. In most cases, that write cache exists
only in non-persistent memory. In the case of a loss of power, this data may
never actually get committed to disk, resulting in discrepancies that the
underlying file system must handle.
OpenStack Object Storage works best on the XFS file system, and this document
assumes that the hardware being used is configured appropriately to be mounted
with the ``nobarriers`` option. For more information, see the `XFS FAQ
<http://xfs.org/index.php/XFS_FAQ>`__.
To get the most out of your hardware, it is essential that every disk used in
OpenStack Object Storage is configured as a standalone, individual RAID 0 disk;
in the case of 6 disks, you would have six RAID 0s or one JBOD. Some RAID
controllers do not support JBOD or do not support battery backed cache with
JBOD. To ensure the integrity of your data, you must ensure that the individual
drive caches are disabled and the battery backed cache in your RAID card is
configured and used. Failure to configure the controller properly in this case
puts data at risk in the case of sudden loss of power.
You can also use hybrid drives or similar options for battery backed up cache
configurations without a RAID controller.
Throttle resources through rate limits
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rate limiting in OpenStack Object Storage is implemented as a pluggable
middleware that you configure on the proxy server. Rate limiting is performed
on requests that result in database writes to the account and container SQLite
databases. It uses memcached and is dependent on the proxy servers having
highly synchronized time. The rate limits are limited by the accuracy of the
proxy server clocks.
Configure rate limiting
-----------------------
All configuration is optional. If no account or container limits are provided,
no rate limiting occurs. Available configuration options include:
.. include:: ../tables/swift-proxy-server-filter-ratelimit.rst
The container rate limits are linearly interpolated from the values given. A
sample container rate limiting could be:
.. code-block:: ini
container_ratelimit_100 = 100
container_ratelimit_200 = 50
container_ratelimit_500 = 20
This would result in:
.. list-table:: Values for Rate Limiting with Sample Configuration Settings
:header-rows: 1
* - Container Size
- Rate Limit
* - 0-99
- No limiting
* - 100
- 100
* - 150
- 75
* - 500
- 20
* - 1000
- 20
Health check
~~~~~~~~~~~~
Provides an easy way to monitor whether the Object Storage proxy server is
alive. If you access the proxy with the path ``/healthcheck``, it responds with
``OK`` in the response body, which monitoring tools can use.
.. include:: ../tables/swift-account-server-filter-healthcheck.rst
Domain remap
~~~~~~~~~~~~
Middleware that translates container and account parts of a domain to path
parameters that the proxy server understands.
.. include:: ../tables/swift-proxy-server-filter-domain_remap.rst
CNAME lookup
~~~~~~~~~~~~
Middleware that translates an unknown domain in the host header to
something that ends with the configured ``storage_domain`` by looking up
the given domain's CNAME record in DNS.
.. include:: ../tables/swift-proxy-server-filter-cname_lookup.rst
Temporary URL
~~~~~~~~~~~~~
Allows the creation of URLs to provide temporary access to objects. For
example, a website may wish to provide a link to download a large object in
OpenStack Object Storage, but the Object Storage account has no public access.
The website can generate a URL that provides GET access for a limited time to
the resource. When the web browser user clicks on the link, the browser
downloads the object directly from Object Storage, eliminating the need for the
website to act as a proxy for the request. If the user shares the link with
all his friends, or accidentally posts it on a forum, the direct access is
limited to the expiration time set when the website created the link.
A temporary URL is the typical URL associated with an object, with two
additional query parameters:
``temp_url_sig``
A cryptographic signature.
``temp_url_expires``
An expiration date, in Unix time.
An example of a temporary URL:
.. code-block:: none
https://swift-cluster.example.com/v1/AUTH_a422b2-91f3-2f46-74b7-d7c9e8958f5d30/container/object?
temp_url_sig=da39a3ee5e6b4b0d3255bfef95601890afd80709&
temp_url_expires=1323479485
To create temporary URLs, first set the ``X-Account-Meta-Temp-URL-Key`` header
on your Object Storage account to an arbitrary string. This string serves as a
secret key. For example, to set a key of ``b3968d0207b54ece87cccc06515a89d4``
by using the ``swift`` command-line tool:
.. code-block:: console
$ swift post -m "Temp-URL-Key:b3968d0207b54ece87cccc06515a89d4"
Next, generate an HMAC-SHA1 (RFC 2104) signature to specify:
- Which HTTP method to allow (typically ``GET`` or ``PUT``).
- The expiry date as a Unix timestamp.
- The full path to the object.
- The secret key set as the ``X-Account-Meta-Temp-URL-Key``.
Here is code generating the signature for a GET for 24 hours on
``/v1/AUTH_account/container/object``:
.. code-block:: python
import hmac
from hashlib import sha1
from time import time
method = 'GET'
duration_in_seconds = 60*60*24
expires = int(time() + duration_in_seconds)
path = '/v1/AUTH_a422b2-91f3-2f46-74b7-d7c9e8958f5d30/container/object'
key = 'mykey'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
s = 'https://{host}/{path}?temp_url_sig={sig}&temp_url_expires={expires}'
url = s.format(host='swift-cluster.example.com', path=path, sig=sig, expires=expires)
Any alteration of the resource path or query arguments results in a 401
Unauthorized error. Similarly, a PUT where GET was the allowed method returns a
401 error. HEAD is allowed if GET or PUT is allowed. Using this in combination
with browser form post translation middleware could also allow
direct-from-browser uploads to specific locations in Object Storage.
.. note::
Changing the ``X-Account-Meta-Temp-URL-Key`` invalidates any previously
generated temporary URLs within 60 seconds, which is the memcache time for
the key. Object Storage supports up to two keys, specified by
``X-Account-Meta-Temp-URL-Key`` and ``X-Account-Meta-Temp-URL-Key-2``.
Signatures are checked against both keys, if present. This process enables
key rotation without invalidating all existing temporary URLs.
Object Storage includes the ``swift-temp-url`` script that generates the
query parameters automatically:
.. code-block:: console
$ bin/swift-temp-url GET 3600 /v1/AUTH_account/container/object mykey\
/v1/AUTH_account/container/object?\
temp_url_sig=5c4cc8886f36a9d0919d708ade98bf0cc71c9e91&\
temp_url_expires=1374497657
Because this command only returns the path, you must prefix the Object Storage
host name (for example, ``https://swift-cluster.example.com``).
With GET Temporary URLs, a ``Content-Disposition`` header is set on the
response so that browsers interpret this as a file attachment to be saved. The
file name chosen is based on the object name, but you can override this with a
``filename`` query parameter. The following example specifies a filename of
``My Test File.pdf``:
.. code-block:: none
https://swift-cluster.example.com/v1/AUTH_a422b2-91f3-2f46-74b7-d7c9e8958f5d30/container/object?
temp_url_sig=da39a3ee5e6b4b0d3255bfef95601890afd80709&
temp_url_expires=1323479485&
filename=My+Test+File.pdf
If you do not want the object to be downloaded, you can cause
``Content-Disposition: inline`` to be set on the response by adding the
``inline`` parameter to the query string, as follows:
.. code-block:: none
https://swift-cluster.example.com/v1/AUTH_account/container/object?
temp_url_sig=da39a3ee5e6b4b0d3255bfef95601890afd80709&
temp_url_expires=1323479485&inline
To enable Temporary URL functionality, edit ``/etc/swift/proxy-server.conf`` to
add ``tempurl`` to the ``pipeline`` variable defined in the ``[pipeline:main]``
section. The ``tempurl`` entry should appear immediately before the
authentication filters in the pipeline, such as ``authtoken``, ``tempauth`` or
``keystoneauth``. For example:
.. code-block:: ini
[pipeline:main]
pipeline = healthcheck cache tempurl authtoken keystoneauth proxy-server
.. include:: ../tables/swift-proxy-server-filter-tempurl.rst
Name check filter
~~~~~~~~~~~~~~~~~
Name Check is a filter that disallows any paths that contain defined forbidden
characters or that exceed a defined length.
.. include:: ../tables/swift-proxy-server-filter-name_check.rst
Constraints
~~~~~~~~~~~
To change the OpenStack Object Storage internal limits, update the values in
the ``swift-constraints`` section in the ``swift.conf`` file. Use caution when
you update these values because they affect the performance in the entire
cluster.
.. include:: ../tables/swift-swift-swift-constraints.rst
Cluster health
~~~~~~~~~~~~~~
Use the ``swift-dispersion-report`` tool to measure overall cluster health.
This tool checks if a set of deliberately distributed containers and objects
are currently in their proper places within the cluster. For instance, a common
deployment has three replicas of each object. The health of that object can be
measured by checking if each replica is in its proper place. If only 2 of the 3
is in place the object's health can be said to be at 66.66%, where 100% would
be perfect. A single object's health, especially an older object, usually
reflects the health of that entire partition the object is in. If you make
enough objects on a distinct percentage of the partitions in the cluster,you
get a good estimate of the overall cluster health.
In practice, about 1% partition coverage seems to balance well between accuracy
and the amount of time it takes to gather results. To provide this health
value, you must create an account solely for this usage. Next, you must place
the containers and objects throughout the system so that they are on distinct
partitions. Use the ``swift-dispersion-populate`` tool to create random
container and object names until they fall on distinct partitions.
Last, and repeatedly for the life of the cluster, you must run the
``swift-dispersion-report`` tool to check the health of each container and
object.
These tools must have direct access to the entire cluster and ring files.
Installing them on a proxy server suffices.
The ``swift-dispersion-populate`` and ``swift-dispersion-report`` commands both
use the same ``/etc/swift/dispersion.conf`` configuration file. Example
``dispersion.conf`` file:
.. code-block:: ini
[dispersion]
auth_url = http://localhost:8080/auth/v1.0
auth_user = test:tester
auth_key = testing
You can use configuration options to specify the dispersion coverage, which
defaults to 1%, retries, concurrency, and so on. However, the defaults are
usually fine. After the configuration is in place, run the
``swift-dispersion-populate`` tool to populate the containers and objects
throughout the cluster. Now that those containers and objects are in place, you
can run the ``swift-dispersion-report`` tool to get a dispersion report or view
the overall health of the cluster. Here is an example of a cluster in perfect
health:
.. code-block:: console
$ swift-dispersion-report
Queried 2621 containers for dispersion reporting, 19s, 0 retries
100.00% of container copies found (7863 of 7863)
Sample represents 1.00% of the container partition space
Queried 2619 objects for dispersion reporting, 7s, 0 retries
100.00% of object copies found (7857 of 7857)
Sample represents 1.00% of the object partition space
Now, deliberately double the weight of a device in the object ring (with
replication turned off) and re-run the dispersion report to show what impact
that has:
.. code-block:: console
$ swift-ring-builder object.builder set_weight d0 200
$ swift-ring-builder object.builder rebalance
...
$ swift-dispersion-report
Queried 2621 containers for dispersion reporting, 8s, 0 retries
100.00% of container copies found (7863 of 7863)
Sample represents 1.00% of the container partition space
Queried 2619 objects for dispersion reporting, 7s, 0 retries
There were 1763 partitions missing one copy.
77.56% of object copies found (6094 of 7857)
Sample represents 1.00% of the object partition space
You can see the health of the objects in the cluster has gone down
significantly. Of course, this test environment has just four devices, in a
production environment with many devices the impact of one device change is
much less. Next, run the replicators to get everything put back into place and
then rerun the dispersion report:
.. code-block:: none
# start object replicators and monitor logs until they're caught up ...
$ swift-dispersion-report
Queried 2621 containers for dispersion reporting, 17s, 0 retries
100.00% of container copies found (7863 of 7863)
Sample represents 1.00% of the container partition space
Queried 2619 objects for dispersion reporting, 7s, 0 retries
100.00% of object copies found (7857 of 7857)
Sample represents 1.00% of the object partition space
Alternatively, the dispersion report can also be output in JSON format. This
allows it to be more easily consumed by third-party utilities:
.. code-block:: console
$ swift-dispersion-report -j
{"object": {"retries:": 0, "missing_two": 0, "copies_found": 7863, "missing_one": 0,
"copies_expected": 7863, "pct_found": 100.0, "overlapping": 0, "missing_all": 0}, "container":
{"retries:": 0, "missing_two": 0, "copies_found": 12534, "missing_one": 0, "copies_expected":
12534, "pct_found": 100.0, "overlapping": 15, "missing_all": 0}}
.. include:: ../tables/swift-dispersion-dispersion.rst
Static Large Object (SLO) support
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This feature is very similar to Dynamic Large Object (DLO) support in that it
enables the user to upload many objects concurrently and afterwards download
them as a single object. It is different in that it does not rely on eventually
consistent container listings to do so. Instead, a user-defined manifest of
the object segments is used.
For more information regarding SLO usage and support, please see: `Static Large
Objects <https://docs.openstack.org/developer/swift/middleware.html#slo-doc>`__.
.. include:: ../tables/swift-proxy-server-filter-slo.rst
Container quotas
~~~~~~~~~~~~~~~~
The ``container_quotas`` middleware implements simple quotas that can be
imposed on Object Storage containers by a user with the ability to set
container metadata, most likely the account administrator. This can be useful
for limiting the scope of containers that are delegated to non-admin users,
exposed to form POST uploads, or just as a self-imposed sanity check.
Any object PUT operations that exceed these quotas return a ``Forbidden (403)``
status code.
Quotas are subject to several limitations: eventual consistency, the timeliness
of the cached container\_info (60 second TTL by default), and it is unable to
reject chunked transfer uploads that exceed the quota (though once the quota is
exceeded, new chunked transfers are refused).
Set quotas by adding meta values to the container. These values are validated
when you set them:
``X-Container-Meta-Quota-Bytes``
Maximum size of the container, in bytes.
``X-Container-Meta-Quota-Count``
Maximum object count of the container.
Account quotas
~~~~~~~~~~~~~~
The ``x-account-meta-quota-bytes`` metadata entry must be requests (PUT, POST)
if a given account quota (in bytes) is exceeded while DELETE requests are still
allowed.
The ``x-account-meta-quota-bytes`` metadata entry must be set to store and
enable the quota. Write requests to this metadata entry are only permitted for
resellers. There is no account quota limitation on a reseller account even if
``x-account-meta-quota-bytes`` is set.
Any object PUT operations that exceed the quota return a 413 response (request
entity too large) with a descriptive body.
The following command uses an admin account that owns the Reseller role to
set a quota on the test account:
.. code-block:: console
$ swift -A http://127.0.0.1:8080/auth/v1.0 -U admin:admin -K admin \
--os-storage-url http://127.0.0.1:8080/v1/AUTH_test post -m quota-bytes:10000
Here is the stat listing of an account where quota has been set:
.. code-block:: console
$ swift -A http://127.0.0.1:8080/auth/v1.0 -U test:tester -K testing stat
Account: AUTH_test
Containers: 0
Objects: 0
Bytes: 0
Meta Quota-Bytes: 10000
X-Timestamp: 1374075958.37454
X-Trans-Id: tx602634cf478546a39b1be-0051e6bc7a
This command removes the account quota:
.. code-block:: console
$ swift -A http://127.0.0.1:8080/auth/v1.0 -U admin:admin -K admin \
--os-storage-url http://127.0.0.1:8080/v1/AUTH_test post -m quota-bytes:
Bulk delete
~~~~~~~~~~~
Use ``bulk-delete`` to delete multiple files from an account with a single
request. Responds to DELETE requests with a header 'X-Bulk-Delete:
true\_value'. The body of the DELETE request is a new line-separated list of
files to delete. The files listed must be URL encoded and in the form:
.. code-block:: none
/container_name/obj_name
If all files are successfully deleted (or did not exist), the operation returns
``HTTPOk``. If any files failed to delete, the operation returns
``HTTPBadGateway``. In both cases, the response body is a JSON dictionary that
shows the number of files that were successfully deleted or not found. The
files that failed are listed.
.. include:: ../tables/swift-proxy-server-filter-bulk.rst
Drive audit
~~~~~~~~~~~
The ``swift-drive-audit`` configuration items reference a script that can be
run by using ``cron`` to watch for bad drives. If errors are detected, it
unmounts the bad drive so that OpenStack Object Storage can work around it. It
takes the following options:
.. include:: ../tables/swift-drive-audit-drive-audit.rst
Form post
~~~~~~~~~
Middleware that enables you to upload objects to a cluster by using an HTML
form POST.
The format of the form is:
.. code-block:: html
<form action="<swift-url>" method="POST"
enctype="multipart/form-data">
<input type="hidden" name="redirect" value="<redirect-url>" />
<input type="hidden" name="max_file_size" value="<bytes>" />
<input type="hidden" name="max_file_count" value="<count>" />
<input type="hidden" name="expires" value="<unix-timestamp>" />
<input type="hidden" name="signature" value="<hmac>" />
<input type="hidden" name="x_delete_at" value="<unix-timestamp>"/>
<input type="hidden" name="x_delete_after" value="<seconds>"/>
<input type="file" name="file1" /><br />
<input type="submit" />
</form>
In the form:
``action="<swift-url>"``
The URL to the Object Storage destination, such as
https://swift-cluster.example.com/v1/AUTH_account/container/object_prefix.
The name of each uploaded file is appended to the specified ``swift-url``.
So, you can upload directly to the root of container with a URL like
https://swift-cluster.example.com/v1/AUTH_account/container/.
Optionally, you can include an object prefix to separate different users'
uploads, such as
https://swift-cluster.example.com/v1/AUTH_account/container/object_prefix.
``method="POST"``
The form ``method`` must be POST.
``enctype="multipart/form-data``
The ``enctype`` must be set to ``multipart/form-data``.
``name="redirect"``
The URL to which to redirect the browser after the upload completes.
The URL has status and message query parameters added to it that
indicate the HTTP status code for the upload and, optionally,
additional error information. The 2\ *nn* status code indicates
success. If an error occurs, the URL might include error information,
such as ``"max_file_size exceeded"``.
``name="max_file_size"``
Required. The maximum number of bytes that can be uploaded in a single file
upload.
``name="max_file_count"``
Required. The maximum number of files that can be uploaded with the form.
``name="expires"``
The expiration date and time for the form in `UNIX Epoch time stamp format
<https://en.wikipedia.org/wiki/Unix_time>`__. After this date and time, the
form is no longer valid.
For example, ``1440619048`` is equivalent to ``Mon, Wed, 26 Aug 2015
19:57:28 GMT``.
``name="signature"``
The HMAC-SHA1 signature of the form. This sample Python code shows
how to compute the signature:
.. code-block:: python
import hmac
from hashlib import sha1
from time import time
path = '/v1/account/container/object_prefix'
redirect = 'https://myserver.com/some-page'
max_file_size = 104857600
max_file_count = 10
expires = int(time() + 600)
key = 'mykey'
hmac_body = '%s\n%s\n%s\n%s\n%s' % (path, redirect,
max_file_size, max_file_count, expires)
signature = hmac.new(key, hmac_body, sha1).hexdigest()
The key is the value of the ``X-Account-Meta-Temp-URL-Key`` header on the
account.
Use the full path from the ``/v1/`` value and onward.
During testing, you can use the ``swift-form-signature`` command-line tool
to compute the ``expires`` and ``signature`` values.
``name="x_delete_at"``
The date and time in `UNIX Epoch time stamp format
<https://en.wikipedia.org/wiki/Unix_time>`__ when the object will be
removed.
For example, ``1440619048`` is equivalent to ``Mon, Wed, 26 Aug 2015
19:57:28 GMT``.
This attribute enables you to specify the ``X-Delete- At`` header value in
the form POST.
``name="x_delete_after"``
The number of seconds after which the object is removed. Internally, the
Object Storage system stores this value in the ``X-Delete-At`` metadata
item. This attribute enables you to specify the ``X-Delete-After`` header
value in the form POST.
``type="file" name="filexx"``
Optional. One or more files to upload. Must appear after the other
attributes to be processed correctly. If attributes come after the ``file``
attribute, they are not sent with the sub- request because on the server
side, all attributes in the file cannot be parsed unless the whole file is
read into memory and the server does not have enough memory to service these
requests. So, attributes that follow the ``file`` attribute are ignored.
.. include:: ../tables/swift-proxy-server-filter-formpost.rst
Static web sites
~~~~~~~~~~~~~~~~
When configured, this middleware serves container data as a static web site
with index file and error file resolution and optional file listings. This mode
is normally only active for anonymous requests.
.. include:: ../tables/swift-proxy-server-filter-staticweb.rst

103
doc/config-reference/source/object-storage/general-service-conf.rst
View File

@ -1,103 +0,0 @@
============================================
Object Storage general service configuration
============================================
Object Storage service uses multiple configuration files for multiple services
and background daemons, and ``paste.deploy`` to manage server configurations.
For more information about ``paste.deploy``, see: http://pythonpaste.org/deploy/.
Default configuration options are set in the ``[DEFAULT]`` section, and any
options specified there can be overridden in any of the other sections when the
syntax ``set option_name = value`` is in place.
Configuration for servers and daemons can be expressed together in the same
file for each type of server, or separately. If a required section for the
service trying to start is missing, there will be an error. Sections not used
by the service are ignored.
Consider the example of an Object Storage node. By convention configuration for
the ``object-server``, ``object-updater``, ``object-replicator``, and
``object-auditor`` exist in a single file ``/etc/swift/object-server.conf``:
.. code-block:: ini
[DEFAULT]
[pipeline:main]
pipeline = object-server
[app:object-server]
use = egg:swift#object
[object-replicator]
reclaim_age = 259200
[object-updater]
[object-auditor]
.. note::
Default constraints can be overridden in ``swift.conf``. For example,
you can change the maximum object size and other variables.
Object Storage services expect a configuration path as the first argument:
.. code-block:: console
$ swift-object-auditor
Usage: swift-object-auditor CONFIG [options]
Error: missing config path argument
If you omit the object-auditor section, this file cannot be used as the
configuration path when starting the ``swift-object-auditor`` daemon:
.. code-block:: console
$ swift-object-auditor /etc/swift/object-server.conf
Unable to find object-auditor config section in /etc/swift/object-server.conf
If the configuration path is a directory instead of a file, all of the files in
the directory with the file extension ``.conf`` will be combined to generate
the configuration object which is delivered to the Object Storage service. This
is referred to generally as directory-based configuration.
Directory-based configuration leverages ``ConfigParser``'s native multi-file
support. Files ending in ``.conf`` in the given directory are parsed in
lexicographical order. File names starting with ``.`` are ignored. A mixture of
file and directory configuration paths is not supported. If the configuration
path is a file, only that file will be parsed.
The Object Storage service management tool ``swift-init`` has adopted the
convention of looking for ``/etc/swift/{type}-server.conf.d/`` if the file
``/etc/swift/{type}-server.conf`` file does not exist.
When using directory-based configuration, if the same option under the same
section appears more than once in different files, the last value parsed is
said to override previous occurrences. You can ensure proper override
precedence by prefixing the files in the configuration directory with numerical
values, as in the following example file layout:
.. code-block:: none
/etc/swift/
default.base
object-server.conf.d/
000_default.conf -> ../default.base
001_default-override.conf
010_server.conf
020_replicator.conf
030_updater.conf
040_auditor.conf
You can inspect the resulting combined configuration object using the
``swift-config`` command-line tool.
All the services of an Object Store deployment share a common configuration in
the ``[swift-hash]`` section of the ``/etc/swift/swift.conf`` file. The
``swift_hash_path_suffix`` and ``swift_hash_path_prefix`` values must be
identical on all the nodes.
.. include:: ../tables/swift-swift-swift-hash.rst

36
doc/config-reference/source/object-storage/listendpoints.rst
View File

@ -1,36 +0,0 @@
===========================
Endpoint listing middleware
===========================
The endpoint listing middleware enables third-party services that use data
locality information to integrate with OpenStack Object Storage. This
middleware reduces network overhead and is designed for third-party services
that run inside the firewall. Deploy this middleware on a proxy server because
usage of this middleware is not authenticated.
Format requests for endpoints, as follows:
.. code-block:: none
/endpoints/{account}/{container}/{object}
/endpoints/{account}/{container}
/endpoints/{account}
Use the ``list_endpoints_path`` configuration option in the
``proxy_server.conf`` file to customize the ``/endpoints/`` path.
Responses are JSON-encoded lists of endpoints, as follows:
.. code-block:: none
http://{server}:{port}/{dev}/{part}/{acc}/{cont}/{obj}
http://{server}:{port}/{dev}/{part}/{acc}/{cont}
http://{server}:{port}/{dev}/{part}/{acc}
An example response is:
.. code-block:: none
http://10.1.1.1:6000/sda1/2/a/c2/o1
http://10.1.1.1:6000/sda1/2/a/c2
http://10.1.1.1:6000/sda1/2/a

7
doc/config-reference/source/object-storage/logs.rst
View File

@ -1,7 +0,0 @@
========================
Object storage log files
========================
The Object Storage sends logs to the system logging facility only. By
default, all Object Storage log files to ``/var/log/swift/swift.log``,
using the local0, local1, and local2 syslog facilities.

17
doc/config-reference/source/object-storage/memcache.rst
View File

@ -1,17 +0,0 @@
===================================
Proxy server memcache configuration
===================================
You can find memcache configuration file examples for the proxy server
at ``etc/memcache.conf-sample`` in the source code repository.
The available configuration options are:
.. include:: ../tables/swift-memcache-memcache.rst
Sample proxy server configuration file
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. remote-code-block:: ini
https://git.openstack.org/cgit/openstack/swift/plain/etc/memcache.conf-sample?h=stable/ocata

23
doc/config-reference/source/object-storage/object-expirer.rst
View File

@ -1,23 +0,0 @@
============================
Object expirer configuration
============================
Find an example object expirer configuration at
``etc/object-expirer.conf-sample`` in the source code repository.
The available configuration options are:
.. include:: ../tables/swift-object-expirer-DEFAULT.rst
.. include:: ../tables/swift-object-expirer-app-proxy-server.rst
.. include:: ../tables/swift-object-expirer-filter-cache.rst
.. include:: ../tables/swift-object-expirer-filter-catch_errors.rst
.. include:: ../tables/swift-object-expirer-filter-proxy-logging.rst
.. include:: ../tables/swift-object-expirer-object-expirer.rst
.. include:: ../tables/swift-object-expirer-pipeline-main.rst
Sample object expirer configuration file
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. remote-code-block:: ini
https://git.openstack.org/cgit/openstack/swift/plain/etc/object-expirer.conf-sample?h=stable/ocata

25
doc/config-reference/source/object-storage/object-server.rst
View File

@ -1,25 +0,0 @@
===========================
Object server configuration
===========================
Find an example object server configuration at
``etc/object-server.conf-sample`` in the source code repository.
The available configuration options are:
.. include:: ../tables/swift-object-server-DEFAULT.rst
.. include:: ../tables/swift-object-server-app-object-server.rst
.. include:: ../tables/swift-object-server-pipeline-main.rst
.. include:: ../tables/swift-object-server-object-replicator.rst
.. include:: ../tables/swift-object-server-object-updater.rst
.. include:: ../tables/swift-object-server-object-auditor.rst
.. include:: ../tables/swift-object-server-filter-healthcheck.rst
.. include:: ../tables/swift-object-server-filter-recon.rst
.. include:: ../tables/swift-object-server-filter-xprofile.rst
Sample object server configuration file
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. remote-code-block:: ini
https://git.openstack.org/cgit/openstack/swift/plain/etc/object-server.conf-sample?h=stable/ocata

32
doc/config-reference/source/object-storage/proxy-server.rst
View File

@ -1,32 +0,0 @@
==========================
Proxy server configuration
==========================
Find an example proxy server configuration at
``etc/proxy-server.conf-sample`` in the source code repository.
The available configuration options are:
.. include:: ../tables/swift-proxy-server-app-proxy-server.rst
.. include:: ../tables/swift-proxy-server-pipeline-main.rst
.. include:: ../tables/swift-proxy-server-filter-account-quotas.rst
.. include:: ../tables/swift-proxy-server-filter-authtoken.rst
.. include:: ../tables/swift-proxy-server-filter-cache.rst
.. include:: ../tables/swift-proxy-server-filter-catch_errors.rst
.. include:: ../tables/swift-proxy-server-filter-container_sync.rst
.. include:: ../tables/swift-proxy-server-filter-dlo.rst
.. include:: ../tables/swift-proxy-server-filter-versioned_writes.rst
.. include:: ../tables/swift-proxy-server-filter-gatekeeper.rst
.. include:: ../tables/swift-proxy-server-filter-healthcheck.rst
.. include:: ../tables/swift-proxy-server-filter-keystoneauth.rst
.. include:: ../tables/swift-proxy-server-filter-list-endpoints.rst
.. include:: ../tables/swift-proxy-server-filter-proxy-logging.rst
.. include:: ../tables/swift-proxy-server-filter-tempauth.rst
.. include:: ../tables/swift-proxy-server-filter-xprofile.rst
Sample proxy server configuration file
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. remote-code-block:: ini
https://git.openstack.org/cgit/openstack/swift/plain/etc/proxy-server.conf-sample?h=stable/ocata

74
doc/config-reference/source/object-storage/rsyncd.rst
View File

@ -1,74 +0,0 @@
====================
Rsyncd configuration
====================
Find an example rsyncd configuration at ``etc/rsyncd.conf-sample`` in
the source code repository.
The available configuration options are:
.. include:: ../tables/swift-rsyncd.rst
If ``rsync_module`` includes the device, you can tune rsyncd to permit 4
connections per device instead of simply allowing 8 connections for all
devices:
.. code-block:: ini
rsync_module = {replication_ip}::object_{device}
If devices in your object ring are named sda, sdb, and sdc:
.. code-block:: ini
[object_sda]
max connections = 4
path = /srv/node
read only = false
lock file = /var/lock/object_sda.lock
[object_sdb]
max connections = 4
path = /srv/node
read only = false
lock file = /var/lock/object_sdb.lock
[object_sdc]
max connections = 4
path = /srv/node
read only = false
lock file = /var/lock/object_sdc.lock
To emulate the deprecated ``vm_test_mode = yes`` option, set:
.. code-block:: ini
rsync_module = {replication_ip}::object{replication_port}
Therefore, on your SAIO, you have to set the following rsyncd configuration:
.. code-block:: ini
[object6010]
max connections = 25
path = /srv/1/node/
read only = false
lock file = /var/lock/object6010.lock
[object6020]
max connections = 25
path = /srv/2/node/
read only = false
lock file = /var/lock/object6020.lock
[object6030]
max connections = 25
path = /srv/3/node/
read only = false
lock file = /var/lock/object6030.lock
[object6040]
max connections = 25
path = /srv/4/node/
read only = false
lock file = /var/lock/object6040.lock

10
doc/config-reference/source/tables/conf-changes/swift.rst
View File

@ -1,10 +0,0 @@
New, updated, and deprecated options in Ocata for OpenStack Object Storage
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
There are no new, updated, and deprecated options
in Ocata for OpenStack Object Storage.

65
doc/config-reference/source/tables/swift-account-server-DEFAULT.rst
View File

@ -1,65 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[DEFAULT]`` in ``account-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``backlog`` = ``4096``
- Maximum number of allowed pending TCP connections
* - ``bind_ip`` = ``0.0.0.0``
- IP Address for server to bind to
* - ``bind_port`` = ``6002``
- Port for server to bind to
* - ``bind_timeout`` = ``30``
- Seconds to attempt bind before giving up
* - ``db_preallocation`` = ``off``
- If you don't mind the extra disk space usage in overhead, you can turn this on to preallocate disk space with SQLite databases to decrease fragmentation. underlying filesystem does not support it. to setup custom log handlers. bytes you'd like fallocate to reserve, whether there is space for the given file size or not. This is useful for systems that behave badly when they completely run out of space; you can make the services pretend they're out of space early. server. For most cases, this should be
* - ``devices`` = ``/srv/node``
- Parent directory of where devices are mounted
* - ``disable_fallocate`` = ``false``
- Disable "fast fail" fallocate checks if the underlying filesystem does not support it.
* - ``eventlet_debug`` = ``false``
- If true, turn on debug logging for eventlet
* - ``fallocate_reserve`` = ``0``
- You can set fallocate_reserve to the number of bytes you'd like fallocate to reserve, whether there is space for the given file size or not. This is useful for systems that behave badly when they completely run out of space; you can make the services pretend they're out of space early. server. For most cases, this should be
* - ``log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``log_custom_handlers`` =
- Comma-separated list of functions to call to setup custom log handlers.
* - ``log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``log_level`` = ``INFO``
- Logging level
* - ``log_max_line_length`` = ``0``
- Caps the length of log lines to the value given; no limit if set to 0, the default.
* - ``log_name`` = ``swift``
- Label used when logging
* - ``log_statsd_default_sample_rate`` = ``1.0``
- Defines the probability of sending a sample for any given event or timing measurement.
* - ``log_statsd_host`` = ``localhost``
- If not set, the StatsD feature is disabled.
* - ``log_statsd_metric_prefix`` =
- Value will be prepended to every metric sent to the StatsD server.
* - ``log_statsd_port`` = ``8125``
- Port value for the StatsD server.
* - ``log_statsd_sample_rate_factor`` = ``1.0``
- Not recommended to set this to a value less than 1.0, if frequency of logging is too high, tune the log_statsd_default_sample_rate instead.
* - ``log_udp_host`` =
- If not set, the UDP receiver for syslog is disabled.
* - ``log_udp_port`` = ``514``
- Port value for UDP receiver, if enabled.
* - ``max_clients`` = ``1024``
- Maximum number of clients one worker can process simultaneously Lowering the number of clients handled per worker, and raising the number of workers can lessen the impact that a CPU intensive, or blocking, request can have on other requests served by the same worker. If the maximum number of clients is set to one, then a given worker will not perform another call while processing, allowing other workers a chance to process it.
* - ``mount_check`` = ``true``
- Whether or not check if the devices are mounted to prevent accidentally writing to the root device
* - ``swift_dir`` = ``/etc/swift``
- Swift configuration directory
* - ``user`` = ``swift``
- User to run as
* - ``workers`` = ``auto``
- a much higher value, one can reduce the impact of slow file system operations in one request from negatively impacting other requests.

25
doc/config-reference/source/tables/swift-account-server-account-auditor.rst
View File

@ -1,25 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[account-auditor]`` in ``account-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``accounts_per_second`` = ``200``
- Maximum accounts audited per second. Should be tuned according to individual system specs. 0 is unlimited.
* - ``interval`` = ``1800``
- Minimum time for a pass to take
* - ``log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``log_level`` = ``INFO``
- Logging level
* - ``log_name`` = ``account-auditor``
- Label used when logging
* - ``recon_cache_path`` = ``/var/cache/swift``
- Directory where stats for a few items will be stored

35
doc/config-reference/source/tables/swift-account-server-account-reaper.rst
View File

@ -1,35 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[account-reaper]`` in ``account-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``concurrency`` = ``25``
- Number of replication workers to spawn
* - ``conn_timeout`` = ``0.5``
- Connection timeout to external services
* - ``delay_reaping`` = ``0``
- Normally, the reaper begins deleting account information for deleted accounts immediately; you can set this to delay its work however. The value is in seconds, 2592000 = 30 days, for example. bind to giving up worker can process simultaneously (it will actually accept(2) N + 1). Setting this to one (1) will only handle one request at a time, without accepting another request concurrently. By increasing the number of workers to a much higher value, one can reduce the impact of slow file system operations in one request from negatively impacting other requests.
* - ``interval`` = ``3600``
- Minimum time for a pass to take
* - ``log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``log_level`` = ``INFO``
- Logging level
* - ``log_name`` = ``account-reaper``
- Label used when logging
* - ``node_timeout`` = ``10``
- Request timeout to external services
* - ``reap_warn_after`` = ``2592000``
- If the account fails to be reaped due to a persistent error, the account reaper will log a message such as:
Account <name> has not been reaped since <date>
You can search logs for this message if space is not being reclaimed after you delete account(s). This is in addition to any time requested by delay_reaping.

41
doc/config-reference/source/tables/swift-account-server-account-replicator.rst
View File

@ -1,41 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[account-replicator]`` in ``account-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``concurrency`` = ``8``
- Number of replication workers to spawn
* - ``conn_timeout`` = ``0.5``
- Connection timeout to external services
* - ``interval`` = ``30``
- Minimum time for a pass to take
* - ``log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``log_level`` = ``INFO``
- Logging level
* - ``log_name`` = ``account-replicator``
- Label used when logging
* - ``max_diffs`` = ``100``
- Caps how long the replicator spends trying to sync a database per pass
* - ``node_timeout`` = ``10``
- Request timeout to external services
* - ``per_diff`` = ``1000``
- Limit number of items to get per diff
* - ``reclaim_age`` = ``604800``
- Time elapsed in seconds before an object can be reclaimed
* - ``recon_cache_path`` = ``/var/cache/swift``
- Directory where stats for a few items will be stored
* - ``rsync_compress`` = ``no``
- Allow rsync to compress data which is transmitted to destination node during sync. However, this is applicable only when destination node is in a different region than the local one.
* - ``rsync_module`` = ``{replication_ip}::account``
- Format of the rsync module where the replicator will send data. The configuration value can include some variables that will be extracted from the ring. Variables must follow the format {NAME} where NAME is one of: ip, port, replication_ip, replication_port, region, zone, device, meta. See etc/rsyncd.conf-sample for some examples. uses what's set here, or what's set in the DEFAULT section, or 10 (though other sections use 3 as the final default).
* - ``run_pause`` = ``30``
- Time in seconds to wait between replication passes

27
doc/config-reference/source/tables/swift-account-server-app-account-server.rst
View File

@ -1,27 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[app-account-server]`` in ``account-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``auto_create_account_prefix`` = ``.``
- Prefix to use when automatically creating accounts
* - ``replication_server`` = ``false``
- If defined, tells server how to handle replication verbs in requests. When set to True (or 1), only replication verbs will be accepted. When set to False, replication verbs will be rejected. When undefined, server will accept any verb in the request.
* - ``set log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``set log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``set log_level`` = ``INFO``
- Log level
* - ``set log_name`` = ``account-server``
- Label to use when logging
* - ``set log_requests`` = ``true``
- Whether or not to log requests
* - ``use`` = ``egg:swift#account``
- Entry point of paste.deploy in the server

15
doc/config-reference/source/tables/swift-account-server-filter-healthcheck.rst
View File

@ -1,15 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-healthcheck]`` in ``account-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``disable_path`` =
- An optional filesystem path, which if present, will cause the healthcheck URL to return "503 Service Unavailable" with a body of "DISABLED BY FILE"
* - ``use`` = ``egg:swift#healthcheck``
- Entry point of paste.deploy in the server

15
doc/config-reference/source/tables/swift-account-server-filter-recon.rst
View File

@ -1,15 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-recon]`` in ``account-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``recon_cache_path`` = ``/var/cache/swift``
- Directory where stats for a few items will be stored
* - ``use`` = ``egg:swift#recon``
- Entry point of paste.deploy in the server

27
doc/config-reference/source/tables/swift-account-server-filter-xprofile.rst
View File

@ -1,27 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-xprofile]`` in ``account-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``dump_interval`` = ``5.0``
- the profile data will be dumped to local disk based on above naming rule in this interval (seconds).
* - ``dump_timestamp`` = ``false``
- Be careful, this option will enable the profiler to dump data into the file with a time stamp which means that there will be lots of files piled up in the directory.
* - ``flush_at_shutdown`` = ``false``
- Clears the data when the wsgi server shutdowns.
* - ``log_filename_prefix`` = ``/tmp/log/swift/profile/default.profile``
- This prefix is used to combine the process ID and timestamp to name the profile data file. Make sure the executing user has permission to write into this path. Any missing path segments will be created, if necessary. When you enable profiling in more than one type of daemon, you must override it with a unique value like: /var/log/swift/profile/accoutn.profile
* - ``path`` = ``/__profile__``
- This is the path of the URL to access the mini web UI.
* - ``profile_module`` = ``eventlet.green.profile``
- This option enables you to switch profilers which inherit from the Python standard profiler. Currently, the supported value can be cProfile, eventlet.green.profile, etc.
* - ``unwind`` = ``false``
- unwind the iterator of applications
* - ``use`` = ``egg:swift#xprofile``
- Entry point of paste.deploy in the server

13
doc/config-reference/source/tables/swift-account-server-pipeline-main.rst
View File

@ -1,13 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[pipeline-main]`` in ``account-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``pipeline`` = ``healthcheck recon account-server``
- Pipeline to use for processing operations.

39
doc/config-reference/source/tables/swift-container-reconciler-DEFAULT.rst
View File

@ -1,39 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[DEFAULT]`` in ``container-reconciler.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``log_custom_handlers`` =
- Comma-separated list of functions to call to setup custom log handlers.
* - ``log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``log_level`` = ``INFO``
- Logging level
* - ``log_name`` = ``swift``
- Label used when logging
* - ``log_statsd_default_sample_rate`` = ``1.0``
- Defines the probability of sending a sample for any given event or timing measurement.
* - ``log_statsd_host`` = ``localhost``
- If not set, the StatsD feature is disabled.
* - ``log_statsd_metric_prefix`` =
- Value will be prepended to every metric sent to the StatsD server.
* - ``log_statsd_port`` = ``8125``
- Port value for the StatsD server.
* - ``log_statsd_sample_rate_factor`` = ``1.0``
- Not recommended to set this to a value less than 1.0, if frequency of logging is too high, tune the log_statsd_default_sample_rate instead.
* - ``log_udp_host`` =
- If not set, the UDP receiver for syslog is disabled.
* - ``log_udp_port`` = ``514``
- Port value for UDP receiver, if enabled.
* - ``swift_dir`` = ``/etc/swift``
- Swift configuration directory
* - ``user`` = ``swift``
- User to run as

13
doc/config-reference/source/tables/swift-container-reconciler-app-proxy-server.rst
View File

@ -1,13 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[app-proxy-server]`` in ``container-reconciler.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``use`` = ``egg:swift#proxy``
- Entry point of paste.deploy in the server

17
doc/config-reference/source/tables/swift-container-reconciler-container-reconciler.rst
View File

@ -1,17 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[container-reconciler]`` in ``container-reconciler.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``interval`` = ``30``
- Minimum time for a pass to take
* - ``reclaim_age`` = ``604800``
- Time elapsed in seconds before an object can be reclaimed
* - ``request_tries`` = ``3``
- Server errors from requests will be retried by default

13
doc/config-reference/source/tables/swift-container-reconciler-filter-cache.rst
View File

@ -1,13 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-cache]`` in ``container-reconciler.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``use`` = ``egg:swift#memcache``
- Entry point of paste.deploy in the server

13
doc/config-reference/source/tables/swift-container-reconciler-filter-catch_errors.rst
View File

@ -1,13 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-catch_errors]`` in ``container-reconciler.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``use`` = ``egg:swift#catch_errors``
- Entry point of paste.deploy in the server

13
doc/config-reference/source/tables/swift-container-reconciler-filter-proxy-logging.rst
View File

@ -1,13 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-proxy-logging]`` in ``container-reconciler.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``use`` = ``egg:swift#proxy_logging``
- Entry point of paste.deploy in the server

13
doc/config-reference/source/tables/swift-container-reconciler-pipeline-main.rst
View File

@ -1,13 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[pipeline-main]`` in ``container-reconciler.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``pipeline`` = ``catch_errors proxy-logging cache proxy-server``
- Pipeline to use for processing operations.

67
doc/config-reference/source/tables/swift-container-server-DEFAULT.rst
View File

@ -1,67 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[DEFAULT]`` in ``container-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``allowed_sync_hosts`` = ``127.0.0.1``
- The list of hosts that are allowed to send syncs to.
* - ``backlog`` = ``4096``
- Maximum number of allowed pending TCP connections
* - ``bind_ip`` = ``0.0.0.0``
- IP Address for server to bind to
* - ``bind_port`` = ``6001``
- Port for server to bind to
* - ``bind_timeout`` = ``30``
- Seconds to attempt bind before giving up
* - ``db_preallocation`` = ``off``
- If you don't mind the extra disk space usage in overhead, you can turn this on to preallocate disk space with SQLite databases to decrease fragmentation. underlying filesystem does not support it. to setup custom log handlers. bytes you'd like fallocate to reserve, whether there is space for the given file size or not. This is useful for systems that behave badly when they completely run out of space; you can make the services pretend they're out of space early. server. For most cases, this should be
* - ``devices`` = ``/srv/node``
- Parent directory of where devices are mounted
* - ``disable_fallocate`` = ``false``
- Disable "fast fail" fallocate checks if the underlying filesystem does not support it.
* - ``eventlet_debug`` = ``false``
- If true, turn on debug logging for eventlet
* - ``fallocate_reserve`` = ``0``
- You can set fallocate_reserve to the number of bytes you'd like fallocate to reserve, whether there is space for the given file size or not. This is useful for systems that behave badly when they completely run out of space; you can make the services pretend they're out of space early. server. For most cases, this should be
* - ``log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``log_custom_handlers`` =
- Comma-separated list of functions to call to setup custom log handlers.
* - ``log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``log_level`` = ``INFO``
- Logging level
* - ``log_max_line_length`` = ``0``
- Caps the length of log lines to the value given; no limit if set to 0, the default.
* - ``log_name`` = ``swift``
- Label used when logging
* - ``log_statsd_default_sample_rate`` = ``1.0``
- Defines the probability of sending a sample for any given event or timing measurement.
* - ``log_statsd_host`` = ``localhost``
- If not set, the StatsD feature is disabled.
* - ``log_statsd_metric_prefix`` =
- Value will be prepended to every metric sent to the StatsD server.
* - ``log_statsd_port`` = ``8125``
- Port value for the StatsD server.
* - ``log_statsd_sample_rate_factor`` = ``1.0``
- Not recommended to set this to a value less than 1.0, if frequency of logging is too high, tune the log_statsd_default_sample_rate instead.
* - ``log_udp_host`` =
- If not set, the UDP receiver for syslog is disabled.
* - ``log_udp_port`` = ``514``
- Port value for UDP receiver, if enabled.
* - ``max_clients`` = ``1024``
- Maximum number of clients one worker can process simultaneously Lowering the number of clients handled per worker, and raising the number of workers can lessen the impact that a CPU intensive, or blocking, request can have on other requests served by the same worker. If the maximum number of clients is set to one, then a given worker will not perform another call while processing, allowing other workers a chance to process it.
* - ``mount_check`` = ``true``
- Whether or not check if the devices are mounted to prevent accidentally writing to the root device
* - ``swift_dir`` = ``/etc/swift``
- Swift configuration directory
* - ``user`` = ``swift``
- User to run as
* - ``workers`` = ``auto``
- a much higher value, one can reduce the impact of slow file system operations in one request from negatively impacting other requests.

33
doc/config-reference/source/tables/swift-container-server-app-container-server.rst
View File

@ -1,33 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[app-container-server]`` in ``container-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``allow_versions`` = ``false``
- Enable/Disable object versioning feature
* - ``auto_create_account_prefix`` = ``.``
- Prefix to use when automatically creating accounts
* - ``conn_timeout`` = ``0.5``
- Connection timeout to external services
* - ``node_timeout`` = ``3``
- Request timeout to external services
* - ``replication_server`` = ``false``
- If defined, tells server how to handle replication verbs in requests. When set to True (or 1), only replication verbs will be accepted. When set to False, replication verbs will be rejected. When undefined, server will accept any verb in the request.
* - ``set log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``set log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``set log_level`` = ``INFO``
- Log level
* - ``set log_name`` = ``container-server``
- Label to use when logging
* - ``set log_requests`` = ``true``
- Whether or not to log requests
* - ``use`` = ``egg:swift#container``
- Entry point of paste.deploy in the server

25
doc/config-reference/source/tables/swift-container-server-container-auditor.rst
View File

@ -1,25 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[container-auditor]`` in ``container-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``containers_per_second`` = ``200``
- Maximum containers audited per second. Should be tuned according to individual system specs. 0 is unlimited. mounted to prevent accidentally writing to the root device process simultaneously (it will actually accept(2) N + 1). Setting this to one (1) will only handle one request at a time, without accepting another request concurrently. By increasing the number of workers to a much higher value, one can reduce the impact of slow file system operations in one request from negatively impacting other requests.
* - ``interval`` = ``1800``
- Minimum time for a pass to take
* - ``log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``log_level`` = ``INFO``
- Logging level
* - ``log_name`` = ``container-auditor``
- Label used when logging
* - ``recon_cache_path`` = ``/var/cache/swift``
- Directory where stats for a few items will be stored

41
doc/config-reference/source/tables/swift-container-server-container-replicator.rst
View File

@ -1,41 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[container-replicator]`` in ``container-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``concurrency`` = ``8``
- Number of replication workers to spawn
* - ``conn_timeout`` = ``0.5``
- Connection timeout to external services
* - ``interval`` = ``30``
- Minimum time for a pass to take
* - ``log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``log_level`` = ``INFO``
- Logging level
* - ``log_name`` = ``container-replicator``
- Label used when logging
* - ``max_diffs`` = ``100``
- Caps how long the replicator spends trying to sync a database per pass
* - ``node_timeout`` = ``10``
- Request timeout to external services
* - ``per_diff`` = ``1000``
- Limit number of items to get per diff
* - ``reclaim_age`` = ``604800``
- Time elapsed in seconds before an object can be reclaimed
* - ``recon_cache_path`` = ``/var/cache/swift``
- Directory where stats for a few items will be stored
* - ``rsync_compress`` = ``no``
- Allow rsync to compress data which is transmitted to destination node during sync. However, this is applicable only when destination node is in a different region than the local one.
* - ``rsync_module`` = ``{replication_ip}::container``
- Format of the rsync module where the replicator will send data. The configuration value can include some variables that will be extracted from the ring. Variables must follow the format {NAME} where NAME is one of: ip, port, replication_ip, replication_port, region, zone, device, meta. See etc/rsyncd.conf-sample for some examples. uses what's set here, or what's set in the DEFAULT section, or 10 (though other sections use 3 as the final default).
* - ``run_pause`` = ``30``
- Time in seconds to wait between replication passes

31
doc/config-reference/source/tables/swift-container-server-container-sync.rst
View File

@ -1,31 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[container-sync]`` in ``container-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``conn_timeout`` = ``5``
- Connection timeout to external services
* - ``container_time`` = ``60``
- Maximum amount of time to spend syncing each container
* - ``internal_client_conf_path`` = ``/etc/swift/internal-client.conf``
- Internal client config file path
* - ``interval`` = ``300``
- Minimum time for a pass to take
* - ``log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``log_level`` = ``INFO``
- Logging level
* - ``log_name`` = ``container-sync``
- Label used when logging
* - ``request_tries`` = ``3``
- Server errors from requests will be retried by default
* - ``sync_proxy`` = ``http://10.1.1.1:8888,http://10.1.1.2:8888``
- If you need to use an HTTP proxy, set it here. Defaults to no proxy.

33
doc/config-reference/source/tables/swift-container-server-container-updater.rst
View File

@ -1,33 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[container-updater]`` in ``container-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``account_suppression_time`` = ``60``
- Seconds to suppress updating an account that has generated an error (timeout, not yet found, etc.)
* - ``concurrency`` = ``4``
- Number of replication workers to spawn
* - ``conn_timeout`` = ``0.5``
- Connection timeout to external services
* - ``interval`` = ``300``
- Minimum time for a pass to take
* - ``log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``log_level`` = ``INFO``
- Logging level
* - ``log_name`` = ``container-updater``
- Label used when logging
* - ``node_timeout`` = ``3``
- Request timeout to external services
* - ``recon_cache_path`` = ``/var/cache/swift``
- Directory where stats for a few items will be stored
* - ``slowdown`` = ``0.01``
- Time in seconds to wait between objects

15
doc/config-reference/source/tables/swift-container-server-filter-healthcheck.rst
View File

@ -1,15 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-healthcheck]`` in ``container-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``disable_path`` =
- An optional filesystem path, which if present, will cause the healthcheck URL to return "503 Service Unavailable" with a body of "DISABLED BY FILE"
* - ``use`` = ``egg:swift#healthcheck``
- Entry point of paste.deploy in the server

15
doc/config-reference/source/tables/swift-container-server-filter-recon.rst
View File

@ -1,15 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-recon]`` in ``container-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``recon_cache_path`` = ``/var/cache/swift``
- Directory where stats for a few items will be stored
* - ``use`` = ``egg:swift#recon``
- Entry point of paste.deploy in the server

27
doc/config-reference/source/tables/swift-container-server-filter-xprofile.rst
View File

@ -1,27 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-xprofile]`` in ``container-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``dump_interval`` = ``5.0``
- the profile data will be dumped to local disk based on above naming rule in this interval (seconds).
* - ``dump_timestamp`` = ``false``
- Be careful, this option will enable the profiler to dump data into the file with a time stamp which means that there will be lots of files piled up in the directory.
* - ``flush_at_shutdown`` = ``false``
- Clears the data when the wsgi server shutdowns.
* - ``log_filename_prefix`` = ``/tmp/log/swift/profile/default.profile``
- This prefix is used to combine the process ID and timestamp to name the profile data file. Make sure the executing user has permission to write into this path. Any missing path segments will be created, if necessary. When you enable profiling in more than one type of daemon, you must override it with a unique value like: /var/log/swift/profile/object.profile
* - ``path`` = ``/__profile__``
- This is the path of the URL to access the mini web UI.
* - ``profile_module`` = ``eventlet.green.profile``
- This option enables you to switch profilers which inherit from the Python standard profiler. Currently, the supported value can be 'cProfile', 'eventlet.green.profile', etc.
* - ``unwind`` = ``false``
- unwind the iterator of applications
* - ``use`` = ``egg:swift#xprofile``
- Entry point of paste.deploy in the server

13
doc/config-reference/source/tables/swift-container-server-pipeline-main.rst
View File

@ -1,13 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[pipeline-main]`` in ``container-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``pipeline`` = ``healthcheck recon container-server``
- Pipeline to use for processing operations.

13
doc/config-reference/source/tables/swift-container-sync-realms-DEFAULT.rst
View File

@ -1,13 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[DEFAULT]`` in ``container-sync-realms.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``mtime_check_interval`` = ``300``
- The number of seconds between checking the modified time of this config file for changes and therefore reloading it.

19
doc/config-reference/source/tables/swift-container-sync-realms-realm1.rst
View File

@ -1,19 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[realm1]`` in ``container-sync-realms.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``cluster_clustername1`` = ``https://host1/v1/``
- Any values in the realm section whose names begin with cluster\_ will indicate the name and endpoint of a cluster and will be used by external users in their containers' X-Container-Sync-To metadata header values with the format "realm_name/cluster_name/container_name". Realm and cluster names are considered case insensitive.
* - ``cluster_clustername2`` = ``https://host2/v1/``
- Any values in the realm section whose names begin with cluster\_ will indicate the name and endpoint of a cluster and will be used by external users in their containers' X-Container-Sync-To metadata header values with the format "realm_name/cluster_name/container_name". Realm and cluster names are considered case insensitive.
* - ``key`` = ``realm1key``
- The key is the overall cluster-to-cluster key used in combination with the external users' key that they set on their containers' X-Container-Sync-Key metadata header values. These keys will be used to sign each request the container sync daemon makes and used to validate each incoming container sync request.
* - ``key2`` = ``realm1key2``
- The key2 is optional and is an additional key incoming requests will be checked against. This is so you can rotate keys if you wish; you move the existing key to key2 and make a new key value.

19
doc/config-reference/source/tables/swift-container-sync-realms-realm2.rst
View File

@ -1,19 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[realm2]`` in ``container-sync-realms.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``cluster_clustername3`` = ``https://host3/v1/``
- Any values in the realm section whose names begin with cluster\_ will indicate the name and endpoint of a cluster and will be used by external users in their containers' X-Container-Sync-To metadata header values with the format "realm_name/cluster_name/container_name". Realm and cluster names are considered case insensitive.
* - ``cluster_clustername4`` = ``https://host4/v1/``
- Any values in the realm section whose names begin with cluster\_ will indicate the name and endpoint of a cluster and will be used by external users in their containers' X-Container-Sync-To metadata header values with the format "realm_name/cluster_name/container_name". Realm and cluster names are considered case insensitive.
* - ``key`` = ``realm2key``
- The key is the overall cluster-to-cluster key used in combination with the external users' key that they set on their containers' X-Container-Sync-Key metadata header values. These keys will be used to sign each request the container sync daemon makes and used to validate each incoming container sync request.
* - ``key2`` = ``realm2key2``
- The key2 is optional and is an additional key incoming requests will be checked against. This is so you can rotate keys if you wish; you move the existing key to key2 and make a new key value.

47
doc/config-reference/source/tables/swift-dispersion-dispersion.rst
View File

@ -1,47 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[dispersion]`` in ``dispersion.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``auth_key`` = ``testing``
- No help text available for this option.
* - ``auth_url`` = ``http://localhost:8080/auth/v1.0``
- Endpoint for auth server, such as keystone
* - ``auth_user`` = ``test:tester``
- Default user for dispersion in this context
* - ``auth_version`` = ``1.0``
- Indicates which version of auth
* - ``concurrency`` = ``25``
- Number of replication workers to spawn
* - ``container_populate`` = ``yes``
- No help text available for this option.
* - ``container_report`` = ``yes``
- No help text available for this option.
* - ``dispersion_coverage`` = ``1.0``
- No help text available for this option.
* - ``dump_json`` = ``no``
- No help text available for this option.
* - ``endpoint_type`` = ``publicURL``
- Indicates whether endpoint for auth is public or internal
* - ``keystone_api_insecure`` = ``no``
- Allow accessing insecure keystone server. The keystone's certificate will not be verified.
* - ``object_populate`` = ``yes``
- No help text available for this option.
* - ``object_report`` = ``yes``
- No help text available for this option.
* - ``project_domain_name`` = ``project_domain``
- No help text available for this option.
* - ``project_name`` = ``project``
- No help text available for this option.
* - ``retries`` = ``5``
- No help text available for this option.
* - ``swift_dir`` = ``/etc/swift``
- Swift configuration directory
* - ``user_domain_name`` = ``user_domain``
- No help text available for this option.

37
doc/config-reference/source/tables/swift-drive-audit-drive-audit.rst
View File

@ -1,37 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[drive-audit]`` in ``drive-audit.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``device_dir`` = ``/srv/node``
- Directory devices are mounted under
* - ``error_limit`` = ``1``
- Number of errors to find before a device is unmounted
* - ``log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``log_file_pattern`` = ``/var/log/kern.*[!.][!g][!z]``
- Location of the log file with globbing pattern to check against device errors locate device blocks with errors in the log file
* - ``log_level`` = ``INFO``
- Logging level
* - ``log_max_line_length`` = ``0``
- Caps the length of log lines to the value given; no limit if set to 0, the default.
* - ``log_name`` = ``drive-audit``
- Label used when logging
* - ``log_to_console`` = ``False``
- No help text available for this option.
* - ``minutes`` = ``60``
- Number of minutes to look back in
* - ``recon_cache_path`` = ``/var/cache/swift``
- Directory where stats for a few items will be stored
* - ``regex_pattern_1`` = ``\berror\b.*\b(dm-[0-9]{1,2}\d?)\b``
- No help text available for this option.
* - ``unmount_failed_device`` = ``True``
- No help text available for this option.

39
doc/config-reference/source/tables/swift-internal-client-DEFAULT.rst
View File

@ -1,39 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[DEFAULT]`` in ``internal-client.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``log_custom_handlers`` = `` ``
- Comma-separated list of functions to call to setup custom log handlers.
* - ``log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``log_level`` = ``INFO``
- Logging level
* - ``log_name`` = ``swift``
- Label used when logging
* - ``log_statsd_default_sample_rate`` = ``1.0``
- Defines the probability of sending a sample for any given event or timing measurement.
* - ``log_statsd_host`` = ``localhost``
- If not set, the StatsD feature is disabled.
* - ``log_statsd_metric_prefix`` = `` ``
- Value will be prepended to every metric sent to the StatsD server.
* - ``log_statsd_port`` = ``8125``
- Port value for the StatsD server.
* - ``log_statsd_sample_rate_factor`` = ``1.0``
- Not recommended to set this to a value less than 1.0, if frequency of logging is too high, tune the log_statsd_default_sample_rate instead.
* - ``log_udp_host`` = `` ``
- If not set, the UDP receiver for syslog is disabled.
* - ``log_udp_port`` = ``514``
- Port value for UDP receiver, if enabled.
* - ``swift_dir`` = ``/etc/swift``
- Swift configuration directory
* - ``user`` = ``swift``
- User to run as

13
doc/config-reference/source/tables/swift-internal-client-app-proxy-server.rst
View File

@ -1,13 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[app-proxy-server]`` in ``internal-client.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``use`` = ``egg:swift#proxy``
- Entry point of paste.deploy in the server

13
doc/config-reference/source/tables/swift-internal-client-filter-cache.rst
View File

@ -1,13 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-cache]`` in ``internal-client.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``use`` = ``egg:swift#memcache``
- Entry point of paste.deploy in the server

13
doc/config-reference/source/tables/swift-internal-client-filter-catch_errors.rst
View File

@ -1,13 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-catch_errors]`` in ``internal-client.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``use`` = ``egg:swift#catch_errors``
- Entry point of paste.deploy in the server

13
doc/config-reference/source/tables/swift-internal-client-filter-proxy-logging.rst
View File

@ -1,13 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-proxy-logging]`` in ``internal-client.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``use`` = ``egg:swift#proxy_logging``
- Entry point of paste.deploy in the server

13
doc/config-reference/source/tables/swift-internal-client-pipeline-main.rst
View File

@ -1,13 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[pipeline-main]`` in ``internal-client.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``pipeline`` = ``catch_errors proxy-logging cache proxy-server``
- No help text available for this option.

25
doc/config-reference/source/tables/swift-memcache-memcache.rst
View File

@ -1,25 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[memcache]`` in ``memcache.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``connect_timeout`` = ``0.3``
- Timeout in seconds (float) for connection.
* - ``io_timeout`` = ``2.0``
- Timeout in seconds (float) for read and write.
* - ``memcache_max_connections`` = ``2``
- Max number of connections to each memcached server per worker services.
* - ``memcache_serialization_support`` = ``2``
- Sets how memcache values are serialized and deserialized.
* - ``memcache_servers`` = ``127.0.0.1:11211``
- Comma-separated list of memcached servers ip:port services.
* - ``pool_timeout`` = ``1.0``
- Timeout in seconds (float) for pooled connection.
* - ``tries`` = ``3``
- Number of servers to retry on failures getting a pooled connection.

41
doc/config-reference/source/tables/swift-object-expirer-DEFAULT.rst
View File

@ -1,41 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[DEFAULT]`` in ``object-expirer.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``log_custom_handlers`` =
- Comma-separated list of functions to call to setup custom log handlers.
* - ``log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``log_level`` = ``INFO``
- Logging level
* - ``log_max_line_length`` = ``0``
- Caps the length of log lines to the value given; no limit if set to 0, the default.
* - ``log_name`` = ``swift``
- Label used when logging
* - ``log_statsd_default_sample_rate`` = ``1.0``
- Defines the probability of sending a sample for any given event or timing measurement.
* - ``log_statsd_host`` = ``localhost``
- If not set, the StatsD feature is disabled.
* - ``log_statsd_metric_prefix`` =
- Value will be prepended to every metric sent to the StatsD server.
* - ``log_statsd_port`` = ``8125``
- Port value for the StatsD server.
* - ``log_statsd_sample_rate_factor`` = ``1.0``
- Not recommended to set this to a value less than 1.0, if frequency of logging is too high, tune the log_statsd_default_sample_rate instead.
* - ``log_udp_host`` =
- If not set, the UDP receiver for syslog is disabled.
* - ``log_udp_port`` = ``514``
- Port value for UDP receiver, if enabled.
* - ``swift_dir`` = ``/etc/swift``
- Swift configuration directory
* - ``user`` = ``swift``
- User to run as

13
doc/config-reference/source/tables/swift-object-expirer-app-proxy-server.rst
View File

@ -1,13 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[app-proxy-server]`` in ``object-expirer.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``use`` = ``egg:swift#proxy``
- Entry point of paste.deploy in the server

13
doc/config-reference/source/tables/swift-object-expirer-filter-cache.rst
View File

@ -1,13 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-cache]`` in ``object-expirer.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``use`` = ``egg:swift#memcache``
- Entry point of paste.deploy in the server

13
doc/config-reference/source/tables/swift-object-expirer-filter-catch_errors.rst
View File

@ -1,13 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-catch_errors]`` in ``object-expirer.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``use`` = ``egg:swift#catch_errors``
- Entry point of paste.deploy in the server

45
doc/config-reference/source/tables/swift-object-expirer-filter-proxy-logging.rst
View File

@ -1,45 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-proxy-logging]`` in ``object-expirer.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``access_log_address`` = ``/dev/log``
- Location where syslog sends the logs to. If not set, logging directives from [DEFAULT] without "access\_" will be used.
* - ``access_log_facility`` = ``LOG_LOCAL0``
- Syslog facility to receive log lines. If not set, logging directives from [DEFAULT] without "access\_" will be used.
* - ``access_log_headers`` = ``false``
- Header to receive log lines. If not set, logging directives from [DEFAULT] without "access\_" will be used.
* - ``access_log_headers_only`` =
- If access_log_headers is True and access_log_headers_only is set only these headers are logged. Multiple headers can be defined as comma separated list like this: access_log_headers_only = Host, X-Object-Meta-Mtime
* - ``access_log_level`` = ``INFO``
- Syslog logging level to receive log lines. If not set, logging directives from [DEFAULT] without "access\_" will be used.
* - ``access_log_name`` = ``swift``
- Label used when logging. If not set, logging directives from [DEFAULT] without "access\_" will be used.
* - ``access_log_statsd_default_sample_rate`` = ``1.0``
- Defines the probability of sending a sample for any given event or timing measurement. If not set, logging directives from [DEFAULT] without "access\_" will be used.
* - ``access_log_statsd_host`` = ``localhost``
- You can use log_statsd_* from [DEFAULT], or override them here. StatsD server. IPv4/IPv6 addresses and hostnames are supported. If a hostname resolves to an IPv4 and IPv6 address, the IPv4 address will be used.
* - ``access_log_statsd_metric_prefix`` =
- Value will be prepended to every metric sent to the StatsD server. If not set, logging directives from [DEFAULT] without "access\_" will be used.
* - ``access_log_statsd_port`` = ``8125``
- Port value for the StatsD server. If not set, logging directives from [DEFAULT] without "access\_" will be used.
* - ``access_log_statsd_sample_rate_factor`` = ``1.0``
- Not recommended to set this to a value less than 1.0, if frequency of logging is too high, tune the log_statsd_default_sample_rate instead. If not set, logging directives from [DEFAULT] without "access\_" will be used.
* - ``access_log_udp_host`` =
- If not set, the UDP receiver for syslog is disabled. If not set, logging directives from [DEFAULT] without "access\_" will be used.
* - ``access_log_udp_port`` = ``514``
- Port value for UDP receiver, if enabled. If not set, logging directives from [DEFAULT] without "access\_" will be used.
* - ``log_statsd_valid_http_methods`` = ``GET,HEAD,POST,PUT,DELETE,COPY,OPTIONS``
- What HTTP methods are allowed for StatsD logging (comma-sep). request methods not in this list will have "BAD_METHOD" for the <verb> portion of the metric.
* - ``reveal_sensitive_prefix`` = ``16``
- By default, the X-Auth-Token is logged. To obscure the value, set reveal_sensitive_prefix to the number of characters to log. For example, if set to 12, only the first 12 characters of the token appear in the log. An unauthorized access of the log file won't allow unauthorized usage of the token. However, the first 12 or so characters is unique enough that you can trace/debug token usage. Set to 0 to suppress the token completely (replaced by '...' in the log).
.. note:: reveal_sensitive_prefix will not affect the value logged with access_log_headers=True.
* - ``use`` = ``egg:swift#proxy_logging``
- Entry point of paste.deploy in the server

29
doc/config-reference/source/tables/swift-object-expirer-object-expirer.rst
View File

@ -1,29 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[object-expirer]`` in ``object-expirer.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``auto_create_account_prefix`` = ``.``
- Prefix to use when automatically creating accounts
* - ``concurrency`` = ``1``
- Number of replication workers to spawn
* - ``expiring_objects_account_name`` = ``expiring_objects``
- Account name for expiring objects.
* - ``interval`` = ``300``
- Minimum time for a pass to take
* - ``process`` = ``0``
- (it will actually accept(2) N + 1). Setting this to one (1) will only handle one request at a time, without accepting another request concurrently.
* - ``processes`` = ``0``
- for each port (disk) in the ring. If you have 24 disks per server, and this setting is 4, then each storage node will have 1 + (24 * 4) = 97 total object-server processes running. This gives complete I/O isolation, drastically reducing the impact of slow disks on storage node performance. The object-replicator and object-reconstructor need to see this setting too, so it must be in the [DEFAULT] section.
* - ``reclaim_age`` = ``604800``
- Time elapsed in seconds before an object can be reclaimed
* - ``recon_cache_path`` = ``/var/cache/swift``
- Directory where stats for a few items will be stored
* - ``report_interval`` = ``300``
- Interval in seconds between reports.

13
doc/config-reference/source/tables/swift-object-expirer-pipeline-main.rst
View File

@ -1,13 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[pipeline-main]`` in ``object-expirer.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``pipeline`` = ``catch_errors proxy-logging cache proxy-server``
- Pipeline to use for processing operations.

82
doc/config-reference/source/tables/swift-object-server-DEFAULT.rst
View File

@ -1,82 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
The tool cannot generate manually created options.
.. list-table:: Description of configuration options for ``[DEFAULT]`` in ``object-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``backlog`` = ``4096``
- Maximum number of allowed pending TCP connections
* - ``bind_ip`` = ``0.0.0.0``
- IP Address for server to bind to
* - ``bind_port`` = ``6000``
- Port for server to bind to
* - ``bind_timeout`` = ``30``
- Seconds to attempt bind before giving up
* - ``client_timeout`` = ``60``
- Timeout to read one chunk from a client external services
* - ``conn_timeout`` = ``0.5``
- Connection timeout to external services
* - ``container_update_timeout`` = ``1.0``
- Time to wait while sending a container update on object update. object server. For most cases, this should be
* - ``devices`` = ``/srv/node``
- Parent directory of where devices are mounted
* - ``disable_fallocate`` = ``false``
- Disable "fast fail" fallocate checks if the underlying filesystem does not support it.
* - ``disk_chunk_size`` = ``65536``
- Size of chunks to read/write to disk
* - ``eventlet_debug`` = ``false``
- If true, turn on debug logging for eventlet
* - ``expiring_objects_account_name`` = ``expiring_objects``
- Account name for the expiring objects
* - ``expiring_objects_container_divisor`` = ``86400``
- Divisor for the expiring objects container
* - ``fallocate_reserve`` = ``0``
- You can set fallocate_reserve to the number of bytes you'd like fallocate to reserve, whether there is space for the given file size or not. This is useful for systems that behave badly when they completely run out of space; you can make the services pretend they're out of space early. server. For most cases, this should be
* - ``log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``log_custom_handlers`` = `` ``
- Comma-separated list of functions to call to setup custom log handlers.
* - ``log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``log_level`` = ``INFO``
- Logging level
* - ``log_max_line_length`` = ``0``
- Caps the length of log lines to the value given; no limit if set to 0, the default.
* - ``log_name`` = ``swift``
- Label used when logging
* - ``log_statsd_default_sample_rate`` = ``1.0``
- Defines the probability of sending a sample for any given event or timing measurement.
* - ``log_statsd_host`` = ``localhost``
- If not set, the StatsD feature is disabled.
* - ``log_statsd_metric_prefix`` = `` ``
- Value will be prepended to every metric sent to the StatsD server.
* - ``log_statsd_port`` = ``8125``
- Port value for the StatsD server.
* - ``log_statsd_sample_rate_factor`` = ``1.0``
- Not recommended to set this to a value less than 1.0, if frequency of logging is too high, tune the log_statsd_default_sample_rate instead.
* - ``log_udp_host`` = `` ``
- If not set, the UDP receiver for syslog is disabled.
* - ``log_udp_port`` = ``514``
- Port value for UDP receiver, if enabled.
* - ``max_clients`` = ``1024``
- Maximum number of clients one worker can process simultaneously Lowering the number of clients handled per worker, and raising the number of workers can lessen the impact that a CPU intensive, or blocking, request can have on other requests served by the same worker. If the maximum number of clients is set to one, then a given worker will not perform another call while processing, allowing other workers a chance to process it.
* - ``mount_check`` = ``true``
- Whether or not check if the devices are mounted to prevent accidentally writing to the root device
* - ``network_chunk_size`` = ``65536``
- Size of chunks to read/write over the network
* - ``node_timeout`` = ``3``
- Request timeout to external services
* - ``servers_per_port`` = ``0``
- If each disk in each storage policy ring has unique port numbers for its "ip" value, you can use this setting to have each object-server worker only service requests for the single disk matching the port in the ring. The value of this setting determines how many worker processes run for each port (disk) in the
* - ``swift_dir`` = ``/etc/swift``
- Swift configuration directory
* - ``user`` = ``swift``
- User to run as
* - ``workers`` = ``auto``
- a much higher value, one can reduce the impact of slow file system operations in one request from negatively impacting other requests.

54
doc/config-reference/source/tables/swift-object-server-app-object-server.rst
View File

@ -1,54 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
The tool cannot generate manually created options.
.. list-table:: Description of configuration options for ``[app-object-server]`` in ``object-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``allowed_headers`` = ``Content-Disposition, Content-Encoding, X-Delete-At, X-Object-Manifest, X-Static-Large-Object``
- Comma-separated list of headers that can be set in metadata of an object
* - ``auto_create_account_prefix`` = ``.``
- Prefix to use when automatically creating accounts
* - ``keep_cache_private`` = ``false``
- Allow non-public objects to stay in kernel's buffer cache
* - ``keep_cache_size`` = ``5242880``
- Largest object size to keep in buffer cache
* - ``max_upload_time`` = ``86400``
- Maximum time allowed to upload an object
* - ``mb_per_sync`` = ``512``
- On PUT requests, sync file every n MB
* - ``replication_concurrency`` = ``4``
- Set to restrict the number of concurrent incoming REPLICATION requests; set to 0 for unlimited
* - ``replication_failure_ratio`` = ``1.0``
- If the value of failures / successes of REPLICATION subrequests exceeds this ratio, the overall REPLICATION request will be aborted
* - ``replication_failure_threshold`` = ``100``
- The number of subrequest failures before the replication_failure_ratio is checked
* - ``replication_lock_timeout`` = ``15``
- Number of seconds to wait for an existing replication device lock before giving up.
* - ``replication_one_per_device`` = ``True``
- Restricts incoming REPLICATION requests to one per device, replication_currency above allowing. This can help control I/O to each device, but you may wish to set this to False to allow multiple REPLICATION requests (up to the above replication_concurrency setting) per device.
* - ``replication_server`` = ``false``
- If defined, tells server how to handle replication verbs in requests. When set to True (or 1), only replication verbs will be accepted. When set to False, replication verbs will be rejected. When undefined, server will accept any verb in the request.
* - ``set log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``set log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``set log_level`` = ``INFO``
- Log level
* - ``set log_name`` = ``object-server``
- Label to use when logging
* - ``set log_requests`` = ``true``
- Whether or not to log requests
* - ``slow`` = ``0``
- If > 0, Minimum time in seconds for a PUT or DELETE request to complete
* - ``splice`` = ``no``
- Use splice() for zero-copy object GETs. This requires Linux kernel version 3.0 or greater. When you set "splice = yes" but the kernel does not support it, error messages will appear in the object server logs at startup, but your object servers should continue to function.
* - ``threads_per_disk`` = ``0``
- Size of the per-disk thread pool used for performing disk I/O. The default of 0 means to not use a per-disk thread pool. It is recommended to keep this value small, as large values can result in high read latencies due to large queue depths. A good starting point is 4 threads per disk.
* - ``use`` = ``egg:swift#object``
- Entry point of paste.deploy in the server

16
doc/config-reference/source/tables/swift-object-server-filter-healthcheck.rst
View File

@ -1,16 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
The tool cannot generate manually created options.
.. list-table:: Description of configuration options for ``[filter-healthcheck]`` in ``object-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``disable_path`` =
- An optional filesystem path, which if present, will cause the healthcheck URL to return "503 Service Unavailable" with a body of "DISABLED BY FILE"
* - ``use`` = ``egg:swift#healthcheck``
- Entry point of paste.deploy in the server

18
doc/config-reference/source/tables/swift-object-server-filter-recon.rst
View File

@ -1,18 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
The tool cannot generate manually created options.
.. list-table:: Description of configuration options for ``[filter-recon]`` in ``object-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``recon_cache_path`` = ``/var/cache/swift``
- Directory where stats for a few items will be stored
* - ``recon_lock_path`` = ``/var/lock``
- Directory where lock files will be stored
* - ``use`` = ``egg:swift#recon``
- Entry point of paste.deploy in the server

28
doc/config-reference/source/tables/swift-object-server-filter-xprofile.rst
View File

@ -1,28 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
The tool cannot generate manually created options.
.. list-table:: Description of configuration options for ``[filter-xprofile]`` in ``object-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``dump_interval`` = ``5.0``
- the profile data will be dumped to local disk based on above naming rule in this interval (seconds).
* - ``dump_timestamp`` = ``false``
- Be careful, this option will enable the profiler to dump data into the file with a time stamp which means that there will be lots of files piled up in the directory.
* - ``flush_at_shutdown`` = ``false``
- Clears the data when the wsgi server shutdowns.
* - ``log_filename_prefix`` = ``/tmp/log/swift/profile/default.profile``
- This prefix is used to combine the process ID and timestamp to name the profile data file. Make sure the executing user has permission to write into this path. Any missing path segments will be created, if necessary. When you enable profiling in more than one type of daemon, you must override it with a unique value like: /var/log/swift/profile/object.profile
* - ``path`` = ``/__profile__``
- This is the path of the URL to access the mini web UI.
* - ``profile_module`` = ``eventlet.green.profile``
- This option enables you to switch profilers which inherit from the Python standard profiler. Currently, the supported value can be 'cProfile', 'eventlet.green.profile', etc.
* - ``unwind`` = ``false``
- unwind the iterator of applications
* - ``use`` = ``egg:swift#xprofile``
- Entry point of paste.deploy in the server

36
doc/config-reference/source/tables/swift-object-server-object-auditor.rst
View File

@ -1,36 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
The tool cannot generate manually created options.
.. list-table:: Description of configuration options for ``[object-auditor]`` in ``object-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``bytes_per_second`` = ``10000000``
- Maximum bytes audited per second. Should be tuned according to individual system specs. 0 is unlimited. mounted to prevent accidentally writing to the root device process simultaneously (it will actually accept(2) N + 1). Setting this to one (1) will only handle one request at a time, without accepting another request concurrently. By increasing the number of workers to a much higher value, one can reduce the impact of slow file system operations in one request from negatively impacting other requests. underlying filesystem does not support it. to setup custom log handlers. bytes you'd like fallocate to reserve, whether there is space for the given file size or not. This is useful for systems that behave badly when they completely run out of space; you can make the services pretend they're out of space early. container server. For most cases, this should be
* - ``concurrency`` = ``1``
- Number of replication workers to spawn
* - ``disk_chunk_size`` = ``65536``
- Size of chunks to read/write to disk
* - ``files_per_second`` = ``20``
- Maximum files audited per second. Should be tuned according to individual system specs. 0 is unlimited.
* - ``log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``log_level`` = ``INFO``
- Logging level
* - ``log_name`` = ``object-auditor``
- Label used when logging
* - ``log_time`` = ``3600``
- Frequency of status logs in seconds.
* - ``object_size_stats`` =
- Takes a comma-separated list of ints. When set, the object auditor will increment a counter for every object whose size is greater or equal to the given breaking points and reports the result after a full scan.
* - ``recon_cache_path`` = ``/var/cache/swift``
- Directory where stats for a few items will be stored
* - ``zero_byte_files_per_second`` = ``50``
- Maximum zero byte files audited per second.

43
doc/config-reference/source/tables/swift-object-server-object-reconstructor.rst
View File

@ -1,43 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[object-reconstructor]`` in ``object-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``concurrency`` = ``1``
- Number of replication workers to spawn
* - ``daemonize`` = ``on``
- Whether or not to run replication as a daemon
* - ``handoffs_first`` = ``False``
- If set to True, partitions that are not supposed to be on the node will be replicated first. The default setting should not be changed, except for extreme situations.
* - ``http_timeout`` = ``60``
- Maximum duration for an HTTP request
* - ``interval`` = ``30``
- Minimum time for a pass to take
* - ``lockup_timeout`` = ``1800``
- Attempts to kill all workers if nothing replications for lockup_timeout seconds
* - ``log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``log_level`` = ``INFO``
- Logging level
* - ``log_name`` = ``object-reconstructor``
- Label used when logging
* - ``node_timeout`` = ``10``
- Request timeout to external services
* - ``reclaim_age`` = ``604800``
- Time elapsed in seconds before an object can be reclaimed
* - ``recon_cache_path`` = ``/var/cache/swift``
- Directory where stats for a few items will be stored
* - ``ring_check_interval`` = ``15``
- How often (in seconds) to check the ring
* - ``run_pause`` = ``30``
- Time in seconds to wait between replication passes
* - ``stats_interval`` = ``300``
- Interval in seconds between logging replication statistics

62
doc/config-reference/source/tables/swift-object-server-object-replicator.rst
View File

@ -1,62 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
The tool cannot generate manually created options.
.. list-table:: Description of configuration options for ``[object-replicator]`` in ``object-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``concurrency`` = ``1``
- Number of replication workers to spawn
* - ``daemonize`` = ``on``
- Whether or not to run replication as a daemon
* - ``handoff_delete`` = ``auto``
- By default handoff partitions will be removed when it has successfully replicated to all the canonical nodes. If set to an integer n, it will remove the partition if it is successfully replicated to n nodes. The default setting should not be changed, except for extremem situations. This uses what's set here, or what's set in the DEFAULT section, or 10 (though other sections use 3 as the final default).
* - ``handoffs_first`` = ``False``
- If set to True, partitions that are not supposed to be on the node will be replicated first. The default setting should not be changed, except for extreme situations.
* - ``http_timeout`` = ``60``
- Maximum duration for an HTTP request
* - ``interval`` = ``30``
- Minimum time for a pass to take
* - ``lockup_timeout`` = ``1800``
- Attempts to kill all workers if nothing replications for lockup_timeout seconds
* - ``log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``log_level`` = ``INFO``
- Logging level
* - ``log_name`` = ``object-replicator``
- Label used when logging
* - ``node_timeout`` = ``<whatever's in the DEFAULT section or 10>``
- Request timeout to external services
* - ``reclaim_age`` = ``604800``
- Time elapsed in seconds before an object can be reclaimed
* - ``recon_cache_path`` = ``/var/cache/swift``
- Directory where stats for a few items will be stored
* - ``ring_check_interval`` = ``15``
- How often (in seconds) to check the ring
* - ``rsync_bwlimit`` = ``0``
- bandwidth limit for rsync in kB/s. 0 means unlimited
* - ``rsync_compress`` = ``no``
- Allows rsync to compress data which is transmitted to the destination node during sync. However, this applies only when the destination node is in a different region than the local one.
.. note:: Objects that are already compressed (for example: .tar.gz, .mp3) might slow down the syncing process.
* - ``rsync_error_log_line_length`` = ``0``
- Limits the length of the rsync error log lines. 0 will log the entire line.
* - ``rsync_io_timeout`` = ``30``
- Passed to rsync for a max duration (seconds) of an I/O op
* - ``rsync_module`` = ``{replication_ip}::object``
- Format of the rsync module where the replicator will send data. The configuration value can include some variables that will be extracted from the ring. Variables must follow the format {NAME} where NAME is one of: ip, port, replication_ip, replication_port, region, zone, device, meta. See etc/rsyncd.conf-sample for some examples. uses what's set here, or what's set in the DEFAULT section, or 10 (though other sections use 3 as the final default).
* - ``rsync_timeout`` = ``900``
- Max duration (seconds) of a partition rsync
* - ``run_pause`` = ``30``
- Time in seconds to wait between replication passes
* - ``stats_interval`` = ``300``
- Interval in seconds between logging replication statistics
* - ``sync_method`` = ``rsync``
- default is rsync, alternative is ssync

29
doc/config-reference/source/tables/swift-object-server-object-updater.rst
View File

@ -1,29 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[object-updater]`` in ``object-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``concurrency`` = ``1``
- Number of replication workers to spawn
* - ``interval`` = ``300``
- Minimum time for a pass to take
* - ``log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``log_level`` = ``INFO``
- Logging level
* - ``log_name`` = ``object-updater``
- Label used when logging
* - ``node_timeout`` = ``<whatever's in the DEFAULT section or 10>``
- Request timeout to external services
* - ``recon_cache_path`` = ``/var/cache/swift``
- Directory where stats for a few items will be stored
* - ``slowdown`` = ``0.01``
- Time in seconds to wait between objects

14
doc/config-reference/source/tables/swift-object-server-pipeline-main.rst
View File

@ -1,14 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
The tool cannot generate manually created options.
.. list-table:: Description of configuration options for ``[pipeline-main]`` in ``object-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``pipeline`` = ``healthcheck recon object-server``
- Pipeline to use for processing operations.

81
doc/config-reference/source/tables/swift-proxy-server-DEFAULT.rst
View File

@ -1,81 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[DEFAULT]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``admin_key`` = ``secret_admin_key``
- To use for admin calls that are HMAC signed. Default is empty, which will disable admin calls to /info.
* - ``backlog`` = ``4096``
- Maximum number of allowed pending TCP connections.
* - ``bind_ip`` = ``0.0.0.0``
- IP Address for server to bind to.
* - ``bind_port`` = ``8080``
- Port for server to bind to.
* - ``bind_timeout`` = ``30``
- Seconds to attempt bind before giving up.
* - ``cert_file`` = ``/etc/swift/proxy.crt``
- To the ssl .crt. This should be enabled for testing purposes only.
* - ``client_timeout`` = ``60``
- Timeout to read one chunk from a client external services.
* - ``cors_allow_origin`` =
- is a list of hosts that are included with any CORS request by default and returned with the Access-Control-Allow-Origin header in addition to what the container has set. to call to setup custom log handlers. for eventlet the proxy server. For most cases, this should be.
* - ``disallowed_sections`` = ``swift.valid_api_versions, container_quotas, tempurl``
- Allows the ability to withhold sections from showing up in the public calls to /info. You can withhold subsections by separating the dict level with a ".". The following would cause the sections 'container_quotas' and 'tempurl' to not be listed, and the key max_failed_deletes would be removed from bulk_delete.
Default value is 'swift.valid_api_versions' which allows all registered features to be listed via HTTP GET /info except swift.valid_api_versions information.
* - ``eventlet_debug`` = ``false``
- If true, turn on debug logging for eventlet.
* - ``expiring_objects_account_name`` = ``expiring_objects``
- Account name for the expiring objects.
* - ``expiring_objects_container_divisor`` = ``86400``
- Divisor for the expiring objects container.
* - ``expose_info`` = ``true``
- Enables exposing configuration settings via HTTP GET /info.
* - ``key_file`` = ``/etc/swift/proxy.key``
- to the ssl .key. This should be enabled for testing purposes only.
* - ``log_address`` = ``/dev/log``
- Location where syslog sends the logs to.
* - ``log_custom_handlers`` =
- Comma-separated list of functions to call to setup custom log handlers.
* - ``log_facility`` = ``LOG_LOCAL0``
- Syslog log facility.
* - ``log_headers`` = ``false``
- Enables the ability to log request headers.
* - ``log_level`` = ``INFO``
- Logging level.
* - ``log_max_line_length`` = ``0``
- Caps the length of log lines to the value given; no limit if set to 0, the default.
* - ``log_name`` = ``swift``
- Label used when logging.
* - ``log_statsd_default_sample_rate`` = ``1.0``
- Defines the probability of sending a sample for any given event or timing measurement.
* - ``log_statsd_host`` = ``localhost``
- If not set, the StatsD feature is disabled.
* - ``log_statsd_metric_prefix`` =
- Value will be prepended to every metric sent to the StatsD server.
* - ``log_statsd_port`` = ``8125``
- Port value for the StatsD server.
* - ``log_statsd_sample_rate_factor`` = ``1.0``
- Not recommended to set this to a value less than 1.0, if frequency of logging is too high, tune the log_statsd_default_sample_rate instead.
* - ``log_udp_host`` =
- If not set, the UDP receiver for syslog is disabled.
* - ``log_udp_port`` = ``514``
- Port value for UDP receiver, if enabled.
* - ``max_clients`` = ``1024``
- Maximum number of clients one worker can process simultaneously Lowering the number of clients handled per worker, and raising the number of workers can lessen the impact that a CPU intensive, or blocking, request can have on other requests served by the same worker. If the maximum number of clients is set to one, then a given worker will not perform another call while processing, allowing other workers a chance to process it.
* - ``strict_cors_mode`` = ``True``
- Enforce CORS.
* - ``swift_dir`` = ``/etc/swift``
- Swift configuration directory.
* - ``trans_id_suffix`` =
- This optional suffix (default is empty) that would be appended to the swift transaction id allows one to easily figure out from which cluster that X-Trans-Id belongs to. This is very useful when one is managing more than one swift cluster.
* - ``user`` = ``swift``
- User to run as.
* - ``workers`` = ``auto``
- a much higher value, one can reduce the impact of slow file system operations in one request from negatively impacting other requests.

81
doc/config-reference/source/tables/swift-proxy-server-app-proxy-server.rst
View File

@ -1,81 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[app-proxy-server]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``account_autocreate`` = ``false``
- If set to 'true' authorized accounts that do not yet exist within the Swift cluster will be automatically created.
* - ``allow_account_management`` = ``false``
- Whether account PUTs and DELETEs are even callable.
* - ``auto_create_account_prefix`` = ``.``
- Prefix to use when automatically creating accounts.
* - ``client_chunk_size`` = ``65536``
- Chunk size to read from clients.
* - ``conn_timeout`` = ``0.5``
- Connection timeout to external services.
* - ``deny_host_headers`` =
- Comma separated list of Host headers to which the proxy will deny requests.
* - ``error_suppression_interval`` = ``60``
- Time in seconds that must elapse since the last error for a node to be considered no longer error limited.
* - ``error_suppression_limit`` = ``10``
- Error count to consider a node error limited.
* - ``log_handoffs`` = ``true``
- Log handoff requests if handoff logging is enabled and the handoff was not expected.
We only log handoffs when we've pushed the handoff count further than we would normally have expected under normal circumstances, that is (request_node_count - num_primaries), when handoffs goes higher than that it means one of the primaries must have been skipped because of error limiting before we consumed all of our nodes_left.
* - ``max_containers_per_account`` = ``0``
- If set to a positive value, trying to create a container when the account already has at least this maximum containers will result in a 403 Forbidden. Note: This is a soft limit, meaning a user might exceed the cap for recheck_account_existence before the 403s kick in.
* - ``max_containers_whitelist`` =
- is a comma separated list of account names that ignore the max_containers_per_account cap.
* - ``node_timeout`` = ``10``
- Request timeout to external services.
* - ``object_chunk_size`` = ``65536``
- Chunk size to read from object servers.
* - ``object_post_as_copy`` = ``true``
- Set object_post_as_copy = false to turn on fast posts where only the metadata changes are stored anew and the original data file is kept in place. This makes for quicker posts; but since the container metadata isn't updated in this mode, features like container sync won't be able to sync posts.
* - ``post_quorum_timeout`` = ``0.5``
- How long to wait for requests to finish after a quorum has been established.
* - ``put_queue_depth`` = ``10``
- Depth of the proxy put queue.
* - ``read_affinity`` = ``r1z1=100, r1z2=200, r2=300``
- Which backend servers to prefer on reads. Format is r<N> for region N or r<N>z<M> for region N, zone M. The value after the equals is the priority; lower numbers are higher priority.
Example: first read from region 1 zone 1, then region 1 zone 2, then anything in region 2, then everything else: read_affinity = r1z1=100, r1z2=200, r2=300
Default is empty, meaning no preference.
* - ``recheck_account_existence`` = ``60``
- Cache timeout in seconds to send memcached for account existence.
* - ``recheck_container_existence`` = ``60``
- Cache timeout in seconds to send memcached for container existence.
* - ``recoverable_node_timeout`` = ``node_timeout``
- Request timeout to external services for requests that, on failure, can be recovered from. For example, object GET. from a client external services.
* - ``request_node_count`` = ``2 * replicas``
- replicas Set to the number of nodes to contact for a normal request. You can use '* replicas' at the end to have it use the number given times the number of replicas for the ring being used for the request. conf file for values will only be shown to the list of swift_owners. The exact default definition of a swift_owner is headers> up to the auth system in use, but usually indicates administrative responsibilities. paste.deploy to use for auth. To use tempauth set to:
* - ``set log_address`` = ``/dev/log``
- Location where syslog sends the logs to.
* - ``set log_facility`` = ``LOG_LOCAL0``
- Syslog log facility.
* - ``set log_level`` = ``INFO``
- Log level.
* - ``set log_name`` = ``proxy-server``
- Label to use when logging.
* - ``sorting_method`` = ``shuffle``
- Storage nodes can be chosen at random (shuffle), by using timing measurements (timing), or by using an explicit match (affinity). Using timing measurements may allow for lower overall latency, while using affinity allows for finer control. In both the timing and affinity cases, equally-sorting nodes are still randomly chosen to spread load.
The valid values for sorting_method are "affinity", "shuffle", or "timing".
* - ``swift_owner_headers`` = ``x-container-read, x-container-write, x-container-sync-key, x-container-sync-to, x-account-meta-temp-url-key, x-account-meta-temp-url-key-2, x-container-meta-temp-url-key, x-container-meta-temp-url-key-2, x-account-access-control``
- These are the headers whose conf file for values will only be shown to the list of swift_owners. The exact default definition of a swift_owner is headers> up to the auth system in use, but usually indicates administrative responsibilities. paste.deploy to use for auth. To use tempauth set to:
* - ``timing_expiry`` = ``300``
- If the "timing" sorting_method is used, the timings will only be valid for the number of seconds configured by timing_expiry.
* - ``use`` = ``egg:swift#proxy``
- Entry point of paste.deploy in the server.
* - ``write_affinity`` = ``r1, r2``
- This setting lets you trade data distribution for throughput. It makes the proxy server prefer local back-end servers for object PUT requests over non-local ones. Note that only object PUT requests are affected by the write_affinity setting; POST, GET, HEAD, DELETE, OPTIONS, and account/container PUT requests are not affected. The format is r<N> for region N or r<N>z<M> for region N, zone M. If this is set, then when handling an object PUT request, some number (see the write_affinity_node_count setting) of local backend servers will be tried before any nonlocal ones. Example: try to write to regions 1 and 2 before writing to any other nodes: write_affinity = r1, r2
* - ``write_affinity_node_count`` = ``2 * replicas``
- This setting is only useful in conjunction with write_affinity; it governs how many local object servers will be tried before falling back to non-local ones. You can use '* replicas' at the end to have it use the number given times the number of replicas for the ring being used for the request: write_affinity_node_count = 2 * replicas

13
doc/config-reference/source/tables/swift-proxy-server-filter-account-quotas.rst
View File

@ -1,13 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-account-quotas]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``use`` = ``egg:swift#account_quotas``
- Entry point of paste.deploy in the server

35
doc/config-reference/source/tables/swift-proxy-server-filter-authtoken.rst
View File

@ -1,35 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-authtoken]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``auth_plugin`` = ``password``
- Authentication module to use.
* - ``auth_uri`` = ``http://keystonehost:5000``
- auth_uri should point to a Keystone service from which users may retrieve tokens. This value is used in the WWW-Authenticate header that auth_token sends with any denial response.
* - ``auth_url`` = ``http://keystonehost:35357``
- auth_url points to the Keystone Admin service. This information is used by the middleware to actually query Keystone about the validity of the authentication tokens. It is not necessary to append any Keystone API version number to this URI.
* - ``cache`` = ``swift.cache``
- ``cache`` is set to ``swift.cache``. This means that the middleware will get the Swift memcache from the request environment.
* - ``delay_auth_decision`` = ``False``
- delay_auth_decision defaults to False, but leaving it as false will prevent other auth systems, staticweb, tempurl, formpost, and ACLs from working. This value must be explicitly set to True.
* - ``include_service_catalog`` = ``False``
- include_service_catalog defaults to True if not set. This means that when validating a token, the service catalog is retrieved and stored in the X-Service-Catalog header. Since Swift does not use the X-Service-Catalog header, there is no point in getting the service catalog. We recommend you set include_service_catalog to False.
* - ``password`` = ``password``
- Password for service user.
* - ``paste.filter_factory`` = ``keystonemiddleware.auth_token:filter_factory``
- Entry point of paste.filter_factory in the server.
* - ``project_domain_id`` = ``default``
- Service project domain.
* - ``project_name`` = ``service``
- Service project name.
* - ``user_domain_id`` = ``default``
- Service user domain.
* - ``username`` = ``swift``
- Service user name.

25
doc/config-reference/source/tables/swift-proxy-server-filter-bulk.rst
View File

@ -1,25 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-bulk]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``delete_container_retry_count`` = ``0``
- The parameter is used during a bulk delete of objects and their container. This would frequently fail because it is very likely that all replicated objects have not been deleted by the time the middleware got a successful response. It can be configured the number of retries. And the number of seconds to wait between each retry will be 1.5**retry.
* - ``max_containers_per_extraction`` = ``10000``
- The maximum numbers of containers per extraction.
* - ``max_deletes_per_request`` = ``10000``
- The maximum numbers of deletion per request.
* - ``max_failed_deletes`` = ``1000``
- The maximum number of tries to delete before failure.
* - ``max_failed_extractions`` = ``1000``
- The maximum number of tries to extract before failure.
* - ``use`` = ``egg:swift#bulk``
- Entry point of paste.deploy in the server.
* - ``yield_frequency`` = ``10``
- In order to keep a connection active during a potentially long bulk request, Swift may return whitespace prepended to the actual response body. This whitespace will be yielded no more than every yield_frequency seconds.

29
doc/config-reference/source/tables/swift-proxy-server-filter-cache.rst
View File

@ -1,29 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-cache]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``memcache_max_connections`` = ``2``
- Max number of connections to each memcached server per worker services
* - ``memcache_serialization_support`` = ``2``
- Sets how memcache values are serialized and deserialized
* - ``memcache_servers`` = ``127.0.0.1:11211``
- Comma-separated list of memcached servers ip:port services
* - ``set log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``set log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``set log_headers`` = ``false``
- If True, log headers in each request
* - ``set log_level`` = ``INFO``
- Log level
* - ``set log_name`` = ``cache``
- Label to use when logging
* - ``use`` = ``egg:swift#memcache``
- Entry point of paste.deploy in the server

23
doc/config-reference/source/tables/swift-proxy-server-filter-catch_errors.rst
View File

@ -1,23 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-catch_errors]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``set log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``set log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``set log_headers`` = ``false``
- If True, log headers in each request
* - ``set log_level`` = ``INFO``
- Log level
* - ``set log_name`` = ``catch_errors``
- Label to use when logging
* - ``use`` = ``egg:swift#catch_errors``
- Entry point of paste.deploy in the server

27
doc/config-reference/source/tables/swift-proxy-server-filter-cname_lookup.rst
View File

@ -1,27 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-cname_lookup]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``lookup_depth`` = ``1``
- Because CNAMES can be recursive, specifies the number of levels through which to search.
* - ``set log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``set log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``set log_headers`` = ``false``
- If True, log headers in each request
* - ``set log_level`` = ``INFO``
- Log level
* - ``set log_name`` = ``cname_lookup``
- Label to use when logging
* - ``storage_domain`` = ``example.com``
- Domain that matches your cloud. Multiple domains can be specified using a comma-separated list.
* - ``use`` = ``egg:swift#cname_lookup``
- Entry point of paste.deploy in the server

13
doc/config-reference/source/tables/swift-proxy-server-filter-container-quotas.rst
View File

@ -1,13 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-container-quotas]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``use`` = ``egg:swift#container_quotas``
- Entry point of paste.deploy in the server

17
doc/config-reference/source/tables/swift-proxy-server-filter-container_sync.rst
View File

@ -1,17 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-container_sync]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``allow_full_urls`` = ``true``
- Set this to false if you want to disallow any full URL values to be set for any new X-Container-Sync-To headers. This will keep any new full URLs from coming in, but won't change any existing values already in the cluster. Updating those will have to be done manually, as knowing what the true realm endpoint should be cannot always be guessed.
* - ``current`` = ``//REALM/CLUSTER``
- Set this to specify this cluster //realm/cluster as "current" in /info.
* - ``use`` = ``egg:swift#container_sync``
- Entry point of paste.deploy in the server.

19
doc/config-reference/source/tables/swift-proxy-server-filter-dlo.rst
View File

@ -1,19 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-dlo]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``max_get_time`` = ``86400``
- Time limit on GET requests (seconds).
* - ``rate_limit_after_segment`` = ``10``
- Rate limit the download of large object segments after this segment is downloaded.
* - ``rate_limit_segments_per_sec`` = ``1``
- Rate limit large object downloads at this rate. contact for a normal request. You can use '* replicas' at the end to have it use the number given times the number of replicas for the ring being used for the request. paste.deploy to use for auth. To use tempauth set to:
* - ``use`` = ``egg:swift#dlo``
- Entry point of paste.deploy in the server.

31
doc/config-reference/source/tables/swift-proxy-server-filter-domain_remap.rst
View File

@ -1,31 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-domain_remap]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``default_reseller_prefix`` =
- If the reseller prefixes do not match, the default reseller prefix is used. When no default reseller prefix is configured, any request with an account prefix not in that list will be ignored by this middleware.
* - ``path_root`` = ``v1``
- Root path.
* - ``reseller_prefixes`` = ``AUTH``
- Browsers can convert a host header to lowercase, so check that reseller prefix on the account is the correct case. This is done by comparing the items in the reseller_prefixes config option to the found prefix. If they match except for case, the item from reseller_prefixes will be used instead of the found reseller prefix.
* - ``set log_address`` = ``/dev/log``
- Location where syslog sends the logs to.
* - ``set log_facility`` = ``LOG_LOCAL0``
- Syslog log facility.
* - ``set log_headers`` = ``false``
- If True, log headers in each request.
* - ``set log_level`` = ``INFO``
- Log level.
* - ``set log_name`` = ``domain_remap``
- Label to use when logging.
* - ``storage_domain`` = ``example.com``
- Domain that matches your cloud. Multiple domains can be specified using a comma-separated list.
* - ``use`` = ``egg:swift#domain_remap``
- Entry point of paste.deploy in the server.

13
doc/config-reference/source/tables/swift-proxy-server-filter-formpost.rst
View File

@ -1,13 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-formpost]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``use`` = ``egg:swift#formpost``
- Entry point of paste.deploy in the server

23
doc/config-reference/source/tables/swift-proxy-server-filter-gatekeeper.rst
View File

@ -1,23 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-gatekeeper]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``set log_address`` = ``/dev/log``
- Location where syslog sends the logs to
* - ``set log_facility`` = ``LOG_LOCAL0``
- Syslog log facility
* - ``set log_headers`` = ``false``
- If True, log headers in each request
* - ``set log_level`` = ``INFO``
- Log level
* - ``set log_name`` = ``gatekeeper``
- Label to use when logging
* - ``use`` = ``egg:swift#gatekeeper``
- Entry point of paste.deploy in the server

15
doc/config-reference/source/tables/swift-proxy-server-filter-healthcheck.rst
View File

@ -1,15 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-healthcheck]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``disable_path`` =
- An optional filesystem path, which if present, will cause the healthcheck URL to return "503 Service Unavailable" with a body of "DISABLED BY FILE".
* - ``use`` = ``egg:swift#healthcheck``
- Entry point of paste.deploy in the server.

29
doc/config-reference/source/tables/swift-proxy-server-filter-keystoneauth.rst
View File

@ -1,29 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-keystoneauth]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``allow_names_in_acls`` = ``true``
- The backwards compatible behavior can be disabled by setting this option to False.
* - ``allow_overrides`` = ``true``
- This option allows middleware higher in the WSGI pipeline to override auth processing, useful for middleware such as tempurl and formpost. If you know you are not going to use such middleware and you want a bit of extra security, you can set this to False.
* - ``default_domain_id`` = ``default``
- Name of the default domain. It is identified by its UUID, which by default has the value "default".
* - ``is_admin`` = ``false``
- If this option is set to True, it allows to give a user whose username is the same as the project name and who has any role in the project access rights elevated to be the same as if the user had one of the operator_roles. Note that the condition compares names rather than UUIDs. This option is deprecated. It is False by default.
* - ``operator_roles`` = ``admin, swiftoperator``
- Operator role defines the user which is allowed to manage a tenant and create containers or give ACL to others. This parameter may be prefixed with an appropriate prefix.
* - ``reseller_admin_role`` = ``ResellerAdmin``
- The reseller admin role gives the ability to create and delete accounts.
* - ``reseller_prefix`` = ``AUTH``
- The naming scope for the auth service.
* - ``service_roles`` =
- When present, this option requires that the X-Service-Token header supplies a token from a user who has a role listed in service_roles. This parameter may be prefixed with an appropriate prefix.
* - ``use`` = ``egg:swift#keystoneauth``
- Entry point of paste.deploy in the server.

15
doc/config-reference/source/tables/swift-proxy-server-filter-list-endpoints.rst
View File

@ -1,15 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-list-endpoints]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``list_endpoints_path`` = ``/endpoints/``
- Path to list endpoints for an object, account or container.
* - ``use`` = ``egg:swift#list_endpoints``
- Entry point of paste.deploy in the server.

19
doc/config-reference/source/tables/swift-proxy-server-filter-name_check.rst
View File

@ -1,19 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-name_check]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``forbidden_chars`` = ``'"`<>``
- Characters that are not allowed in a name
* - ``forbidden_regexp`` = ``/\./|/\.\./|/\.$|/\.\.$``
- Substrings to forbid, using regular expression syntax
* - ``maximum_length`` = ``255``
- Maximum length of a name
* - ``use`` = ``egg:swift#name_check``
- Entry point of paste.deploy in the server

45
doc/config-reference/source/tables/swift-proxy-server-filter-proxy-logging.rst
View File

@ -1,45 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-proxy-logging]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``access_log_address`` = ``/dev/log``
- Location where syslog sends the logs to. If not set, logging directives from [DEFAULT] without "access\_" will be used.
* - ``access_log_facility`` = ``LOG_LOCAL0``
- Syslog facility to receive log lines. If not set, logging directives from [DEFAULT] without "access\_" will be used.
* - ``access_log_headers`` = ``false``
- Header to receive log lines. If not set, logging directives from [DEFAULT] without "access\_" will be used.
* - ``access_log_headers_only`` =
- If access_log_headers is True and access_log_headers_only is set only these headers are logged. Multiple headers can be defined as comma separated list like this: access_log_headers_only = Host, X-Object-Meta-Mtime.
* - ``access_log_level`` = ``INFO``
- Syslog logging level to receive log lines. If not set, logging directives from [DEFAULT] without "access\_" will be used.
* - ``access_log_name`` = ``swift``
- Label used when logging. If not set, logging directives from [DEFAULT] without "access\_" will be used.
* - ``access_log_statsd_default_sample_rate`` = ``1.0``
- Defines the probability of sending a sample for any given event or timing measurement. If not set, logging directives from [DEFAULT] without "access\_" will be used.
* - ``access_log_statsd_host`` = ``localhost``
- You can use log_statsd_* from [DEFAULT], or override them here. StatsD server. IPv4/IPv6 addresses and hostnames are supported. If a hostname resolves to an IPv4 and IPv6 address, the IPv4 address will be used.
* - ``access_log_statsd_metric_prefix`` =
- Value will be prepended to every metric sent to the StatsD server. If not set, logging directives from [DEFAULT] without "access\_" will be used.
* - ``access_log_statsd_port`` = ``8125``
- Port value for the StatsD server. If not set, logging directives from [DEFAULT] without "access\_" will be used.
* - ``access_log_statsd_sample_rate_factor`` = ``1.0``
- Not recommended to set this to a value less than 1.0, if frequency of logging is too high, tune the log_statsd_default_sample_rate instead. If not set, logging directives from [DEFAULT] without "access\_" will be used.
* - ``access_log_udp_host`` =
- If not set, the UDP receiver for syslog is disabled. If not set, logging directives from [DEFAULT] without "access\_" will be used.
* - ``access_log_udp_port`` = ``514``
- Port value for UDP receiver, if enabled. If not set, logging directives from [DEFAULT] without "access\_" will be used.
* - ``log_statsd_valid_http_methods`` = ``GET,HEAD,POST,PUT,DELETE,COPY,OPTIONS``
- What HTTP methods are allowed for StatsD logging (comma-sep). request methods not in this list will have "BAD_METHOD" for the <verb> portion of the metric.
* - ``reveal_sensitive_prefix`` = ``16``
- The X-Auth-Token is sensitive data. If revealed to an unauthorised person, they can now make requests against an account until the token expires. Set reveal_sensitive_prefix to the number of characters of the token that are logged. For example reveal_sensitive_prefix = 12 so only first 12 characters of the token are logged. Or, set to 0 to completely remove the token.
.. note:: reveal_sensitive_prefix will not affect the value logged with access_log_headers=True.
* - ``use`` = ``egg:swift#proxy_logging``
- Entry point of paste.deploy in the server.

49
doc/config-reference/source/tables/swift-proxy-server-filter-ratelimit.rst
View File

@ -1,49 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-ratelimit]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``account_blacklist`` = ``c,d``
- Comma separated lists of account names that will not be allowed. Returns a 497 response. r: for containers of size x, limit requests per second to r. Will limit PUT, DELETE, and POST requests to /a/c/o. container_listing_ratelimit_x = r: for containers of size x, limit listing requests per second to r. Will limit GET requests to /a/c.
* - ``account_ratelimit`` = ``0``
- If set, will limit PUT and DELETE requests to /account_name/container_name. Number is in requests per second.
* - ``account_whitelist`` = ``a,b``
- Comma separated lists of account names that will not be rate limited.
* - ``clock_accuracy`` = ``1000``
- Represents how accurate the proxy servers' system clocks are with each other. 1000 means that all the proxies' clock are accurate to each other within 1 millisecond. No ratelimit should be higher than the clock accuracy.
* - ``container_listing_ratelimit_0`` = ``100``
- with container_listing_ratelimit_x = r, for containers of size x, limit container GET (listing) requests per second to r. The container rate will be linearly interpolated from the values given. With the default values, a container of size 5 will get a rate of 75.
* - ``container_listing_ratelimit_10`` = ``50``
- with container_listing_ratelimit_x = r, for containers of size x, limit container GET (listing) requests per second to r. The container rate will be linearly interpolated from the values given. With the default values, a container of size 5 will get a rate of 75.
* - ``container_listing_ratelimit_50`` = ``20``
- with container_listing_ratelimit_x = r, for containers of size x, limit container GET (listing) requests per second to r. The container rate will be linearly interpolated from the values given. With the default values, a container of size 5 will get a rate of 75.
* - ``container_ratelimit_0`` = ``100``
- with container_ratelimit_x = r, for containers of size x, limit write requests per second to r. The container rate will be linearly interpolated from the values given. With the default values, a container of size 5 will get a rate of 75.
* - ``container_ratelimit_10`` = ``50``
- with container_ratelimit_x = r, for containers of size x, limit write requests per second to r. The container rate will be linearly interpolated from the values given. With the default values, a container of size 5 will get a rate of 75.
* - ``container_ratelimit_50`` = ``20``
- with container_ratelimit_x = r, for containers of size x, limit write requests per second to r. The container rate will be linearly interpolated from the values given. With the default values, a container of size 5 will get a rate of 75.
* - ``log_sleep_time_seconds`` = ``0``
- To allow visibility into rate limiting set this value > 0 and all sleeps greater than the number will be logged.
* - ``max_sleep_time_seconds`` = ``60``
- App will immediately return a 498 response if the necessary sleep time ever exceeds the given max_sleep_time_seconds.
* - ``rate_buffer_seconds`` = ``5``
- Number of seconds the rate counter can drop and be allowed to catch up (at a faster than listed rate). A larger number will result in larger spikes in rate but better average accuracy.
* - ``set log_address`` = ``/dev/log``
- Location where syslog sends the logs to.
* - ``set log_facility`` = ``LOG_LOCAL0``
- Syslog log facility.
* - ``set log_headers`` = ``false``
- If True, log headers in each request.
* - ``set log_level`` = ``INFO``
- Log level.
* - ``set log_name`` = ``ratelimit``
- Label to use when logging.
* - ``use`` = ``egg:swift#ratelimit``
- Entry point of paste.deploy in the server.

25
doc/config-reference/source/tables/swift-proxy-server-filter-slo.rst
View File

@ -1,25 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-slo]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``max_get_time`` = ``86400``
- Time limit on GET requests (seconds)
* - ``max_manifest_segments`` = ``1000``
- Maximum number of segments.
* - ``max_manifest_size`` = ``2097152``
- Maximum size of segments.
* - ``min_segment_size`` = ``1048576``
- Minimum size of segments.
* - ``rate_limit_after_segment`` = ``10``
- Rate limit the download of large object segments after this segment is downloaded.
* - ``rate_limit_segments_per_sec`` = ``0``
- Rate limit large object downloads at this rate. contact for a normal request. You can use '* replicas' at the end to have it use the number given times the number of replicas for the ring being used for the request. paste.deploy to use for auth. To use tempauth set to:
* - ``use`` = ``egg:swift#slo``
- Entry point of paste.deploy in the server.

13
doc/config-reference/source/tables/swift-proxy-server-filter-staticweb.rst
View File

@ -1,13 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-staticweb]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``use`` = ``egg:swift#staticweb``
- Entry point of paste.deploy in the server

45
doc/config-reference/source/tables/swift-proxy-server-filter-tempauth.rst
View File

@ -1,45 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-tempauth]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``allow_overrides`` = ``true``
- This option allows middleware higher in the WSGI pipeline to override auth processing, useful for middleware such as tempurl and formpost. If you know you are not going to use such middleware and you want a bit of extra security, you can set this to False.
* - ``auth_prefix`` = ``/auth/``
- The HTTP request path prefix for the auth service. Swift itself reserves anything beginning with the letter.
* - ``require_group`` =
- The require_group parameter names a group that must be presented by either X-Auth-Token or X-Service-Token. Usually this parameter is used only with multiple reseller prefixes (for example, SERVICE_require_group=blah). By default, no group is needed. Do not use .admin.
* - ``reseller_prefix`` = ``AUTH``
- The naming scope for the auth service.
* - ``set log_address`` = ``/dev/log``
- Location where syslog sends the logs to.
* - ``set log_facility`` = ``LOG_LOCAL0``
- Syslog log facility.
* - ``set log_headers`` = ``false``
- If True, log headers in each request.
* - ``set log_level`` = ``INFO``
- Log level.
* - ``set log_name`` = ``tempauth``
- Label to use when logging.
* - ``storage_url_scheme`` = ``default``
- Scheme to return with storage urls: http, https, or default (chooses based on what the server is running as) This can be useful with an SSL load balancer in front of a non-SSL server.
* - ``token_life`` = ``86400``
- The number of seconds a token is valid.
* - ``use`` = ``egg:swift#tempauth``
- Entry point of paste.deploy in the server.
* - ``user_<account>_<user>`` = ``<key> [group] [group] [...] [storage_url]``
- List of all the accounts and user you want.
The following are example entries required for running the tests:
* ``user_admin_admin`` = ``admin .admin .reseller_admin``
* ``user_test2_tester2`` = ``testing2 .admin``
* ``user_test5_tester5`` = ``testing5 service``
* ``user_test_tester`` = ``testing .admin``
* ``user_test_tester3`` = ``testing3``

23
doc/config-reference/source/tables/swift-proxy-server-filter-tempurl.rst
View File

@ -1,23 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-tempurl]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``incoming_allow_headers`` =
- Headers allowed as exceptions to incoming_remove_headers. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match.
* - ``incoming_remove_headers`` = ``x-timestamp``
- Headers to remove from incoming requests. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match.
* - ``methods`` = ``GET HEAD PUT POST DELETE``
- HTTP methods allowed with Temporary URLs.
* - ``outgoing_allow_headers`` = ``x-object-meta-public-*``
- Headers allowed as exceptions to outgoing_allow_headers. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match.
* - ``outgoing_remove_headers`` = ``x-object-meta-*``
- Headers to remove from outgoing responses. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match.
* - ``use`` = ``egg:swift#tempurl``
- Entry point of paste.deploy in the server.

22
doc/config-reference/source/tables/swift-proxy-server-filter-versioned_writes.rst
View File

@ -1,22 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-versioned_writes]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``allow_versioned_writes`` = ``false``
- Enables using versioned writes middleware and exposing configuration settings via HTTP GET /info.
.. warning::
Setting this option bypasses the ``allow_versions`` option in the
container configuration file, which will be eventually deprecated.
For more details, see `Object Versioning
<http://docs.openstack.org/developer/swift/overview_object_versioning.html>`_.
* - ``use`` = ``egg:swift#versioned_writes``
- Entry point of paste.deploy in the server.

27
doc/config-reference/source/tables/swift-proxy-server-filter-xprofile.rst
View File

@ -1,27 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[filter-xprofile]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``dump_interval`` = ``5.0``
- The profile data will be dumped to local disk based on above naming rule in this interval (seconds).
* - ``dump_timestamp`` = ``false``
- Be careful, this option will enable the profiler to dump data into the file with a time stamp which means that there will be lots of files piled up in the directory.
* - ``flush_at_shutdown`` = ``false``
- Clears the data when the wsgi server shutdowns.
* - ``log_filename_prefix`` = ``/tmp/log/swift/profile/default.profile``
- This prefix is used to combine the process ID and timestamp to name the profile data file. Make sure the executing user has permission to write into this path. Any missing path segments will be created, if necessary. When you enable profiling in more than one type of daemon, you must override it with a unique value like: /var/log/swift/profile/accoutn.profile.
* - ``path`` = ``/__profile__``
- This is the path of the URL to access the mini web UI.
* - ``profile_module`` = ``eventlet.green.profile``
- This option enables you to switch profilers which inherit from the Python standard profiler. Currently, the supported value can be cProfile, eventlet.green.profile, etc.
* - ``unwind`` = ``false``
- Unwind the iterator of applications.
* - ``use`` = ``egg:swift#xprofile``
- Entry point of paste.deploy in the server.

13
doc/config-reference/source/tables/swift-proxy-server-pipeline-main.rst
View File

@ -1,13 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[pipeline-main]`` in ``proxy-server.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``pipeline`` = ``catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit tempauth container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server``
- Pipeline to use for processing operations.

19
doc/config-reference/source/tables/swift-rsyncd-account.rst
View File

@ -1,19 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated and your
changes will be overwritten. The tool to do so lives in the
openstack-doc-tools repository.
.. list-table:: Description of configuration options for ``[account]`` in ``rsyncd.conf``
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``lock file`` = ``/var/lock/account.lock``
- No help text available for this option.
* - ``max connections`` = ``2``
- No help text available for this option.
* - ``path`` = ``/srv/node``
- No help text available for this option.
* - ``read only`` = ``false``
- No help text available for this option.

Some files were not shown because too many files have changed in this diff Show More