openstack/openstack-manuals
Code Issues Proposed changes

Merge "[config-ref] new/updated options for liberty"

Browse Source
This commit is contained in:
Jenkins 2015-08-21 11:33:21 +00:00 committed by Gerrit Code Review
commit 69fa5b72b9
12 changed files with 1591 additions and 4378 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
doc/config-reference/ch_baremetalconfigure.xml
View File

@ -48,4 +48,5 @@
<xi:include href="../common/tables/ironic-virtualbox.xml"/>
<xi:include href="../common/tables/ironic-zeromq.xml"/>
<xi:include href="conf-changes/ironic.xml"/>
</chapter>

483
doc/config-reference/conf-changes/ceilometer.xml
View File

@ -1,7 +1,7 @@
<?xml version='1.0' encoding='UTF-8'?>
<section xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="ceilometer-conf-changes-kilo">
<section xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="ceilometer-conf-changes-liberty">
<!-- Warning: Do not edit this file. It is automatically generated and your changes will be overwritten. The tool to do so lives in the openstack-doc-tools repository. -->
<title>New, updated and deprecated options in Kilo for Telemetry</title>
<title>New, updated and deprecated options in Liberty for Telemetry</title>
<table>
<caption>New options</caption>
<col width="50%"/>
@ -13,356 +13,156 @@
</tr>
</thead>
<tr>
<td>[DEFAULT] api_workers = 1</td>
<td>(IntOpt) Number of workers for Ceilometer API server.</td>
<td>[DEFAULT] batch_polled_samples = True</td>
<td>(BoolOpt) To reduce polling agent load, samples are sent to the notification agent in a batch. To gain higher throughput at the cost of load set this to False.</td>
</tr>
<tr>
<td>[DEFAULT] event_pipeline_cfg_file = event_pipeline.yaml</td>
<td>(StrOpt) Configuration file for event pipeline definition.</td>
<td>[DEFAULT] ceilometer_control_exchange = ceilometer</td>
<td>(StrOpt) Exchange name for ceilometer notifications.</td>
</tr>
<tr>
<td>[DEFAULT] magnetodb_control_exchange = magnetodb</td>
<td>(StrOpt) Exchange name for Magnetodb notifications.</td>
<td>[DEFAULT] dns_control_exchange = central</td>
<td>(StrOpt) Exchange name for DNS notifications.</td>
</tr>
<tr>
<td>[DEFAULT] polling_namespaces = ['compute', 'central']</td>
<td>(MultiChoicesOpt) Polling namespace(s) to be used while resource polling</td>
<td>[DEFAULT] executor_thread_pool_size = 64</td>
<td>(IntOpt) Size of executor thread pool.</td>
</tr>
<tr>
<td>[DEFAULT] pollster_list = []</td>
<td>(MultiChoicesOpt) List of pollsters (or wildcard templates) to be used while polling</td>
<td>[DEFAULT] pipeline_polling_interval = 20</td>
<td>(IntOpt) Polling interval for pipeline file configuration in seconds.</td>
</tr>
<tr>
<td>[DEFAULT] reserved_metadata_keys = </td>
<td>(ListOpt) List of metadata keys reserved for metering use. And these keys are additional to the ones included in the namespace.</td>
<td>[DEFAULT] refresh_pipeline_cfg = False</td>
<td>(BoolOpt) Refresh Pipeline configuration on-the-fly.</td>
</tr>
<tr>
<td>[DEFAULT] shuffle_time_before_polling_task = 0</td>
<td>(IntOpt) To reduce large requests at same time to Nova or other components from different compute agents, shuffle start time of polling task.</td>
<td>[DEFAULT] rpc_conn_pool_size = 30</td>
<td>(IntOpt) Size of RPC connection pool.</td>
</tr>
<tr>
<td>[DEFAULT] sql_expire_samples_only = False</td>
<td>(BoolOpt) Indicates if expirer expires only samples. If set true, expired samples will be deleted, but residual resource and meter definition data will remain.</td>
<td>[alarm] alarm_max_actions = -1</td>
<td>(IntOpt) Maximum count of actions for each state of an alarm, non-positive number means no limit.</td>
</tr>
<tr>
<td>[DEFAULT] swift_control_exchange = swift</td>
<td>(StrOpt) Exchange name for Swift notifications.</td>
<td>[api] aodh_is_enabled = None</td>
<td>(BoolOpt) Set True to redirect alarms URLs to aodh. Default autodetection by querying keystone.</td>
</tr>
<tr>
<td>[DEFAULT] zaqar_control_exchange = zaqar</td>
<td>(StrOpt) Exchange name for Messaging service notifications.</td>
<td>[api] aodh_url = None</td>
<td>(StrOpt) The endpoint of Aodh to redirect alarms URLs to Aodh API. Default autodetection by querying keystone.</td>
</tr>
<tr>
<td>[alarms] gnocchi_url = http://localhost:8041</td>
<td>[api] default_api_return_limit = 1000</td>
<td>(IntOpt) Default maximum number of items returned by API request.</td>
</tr>
<tr>
<td>[api] gnocchi_is_enabled = None</td>
<td>(BoolOpt) Set True to disable resource/meter/sample URLs. Default autodetection by querying keystone.</td>
</tr>
<tr>
<td>[cors] allow_credentials = True</td>
<td>(BoolOpt) Indicate that the actual request can include user credentials</td>
</tr>
<tr>
<td>[cors] allow_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which header field names may be used during the actual request.</td>
</tr>
<tr>
<td>[cors] allow_methods = GET, POST, PUT, DELETE, OPTIONS</td>
<td>(ListOpt) Indicate which methods can be used during the actual request.</td>
</tr>
<tr>
<td>[cors] allowed_origin = None</td>
<td>(StrOpt) Indicate whether this resource may be shared with the domain received in the requests "origin" header.</td>
</tr>
<tr>
<td>[cors] expose_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which headers are safe to expose to the API. Defaults to HTTP Simple Headers.</td>
</tr>
<tr>
<td>[cors] max_age = 3600</td>
<td>(IntOpt) Maximum cache age of CORS preflight requests.</td>
</tr>
<tr>
<td>[cors.subdomain] allow_credentials = True</td>
<td>(BoolOpt) Indicate that the actual request can include user credentials</td>
</tr>
<tr>
<td>[cors.subdomain] allow_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which header field names may be used during the actual request.</td>
</tr>
<tr>
<td>[cors.subdomain] allow_methods = GET, POST, PUT, DELETE, OPTIONS</td>
<td>(ListOpt) Indicate which methods can be used during the actual request.</td>
</tr>
<tr>
<td>[cors.subdomain] allowed_origin = None</td>
<td>(StrOpt) Indicate whether this resource may be shared with the domain received in the requests "origin" header.</td>
</tr>
<tr>
<td>[cors.subdomain] expose_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which headers are safe to expose to the API. Defaults to HTTP Simple Headers.</td>
</tr>
<tr>
<td>[cors.subdomain] max_age = 3600</td>
<td>(IntOpt) Maximum cache age of CORS preflight requests.</td>
</tr>
<tr>
<td>[database] alarm_history_time_to_live = -1</td>
<td>(IntOpt) Number of seconds that alarm histories are kept in the database for (&lt;= 0 means forever).</td>
</tr>
<tr>
<td>[dispatcher_gnocchi] archive_policy = low</td>
<td>(StrOpt) The archive policy to use when the dispatcher create a new metric.</td>
</tr>
<tr>
<td>[dispatcher_gnocchi] archive_policy_file = gnocchi_archive_policy_map.yaml</td>
<td>(StrOpt) The Yaml file that defines per metric archive policies.</td>
</tr>
<tr>
<td>[dispatcher_gnocchi] filter_project = gnocchi</td>
<td>(StrOpt) Gnocchi project used to filter out samples generated by Gnocchi service activity</td>
</tr>
<tr>
<td>[dispatcher_gnocchi] filter_service_activity = True</td>
<td>(BoolOpt) Filter out samples generated by Gnocchi service activity</td>
</tr>
<tr>
<td>[dispatcher_gnocchi] resources_definition_file = gnocchi_resources.yaml</td>
<td>(StrOpt) The Yaml file that defines mapping between samples and gnocchi resources/metrics</td>
</tr>
<tr>
<td>[dispatcher_gnocchi] url = http://localhost:8041</td>
<td>(StrOpt) URL to Gnocchi.</td>
</tr>
<tr>
<td>[collector] requeue_event_on_dispatcher_error = False</td>
<td>(BoolOpt) Requeue the event on the collector event queue when the collector fails to dispatch it.</td>
<td>[meter] meter_definitions_cfg_file = meters.yaml</td>
<td>(StrOpt) Configuration file for defining meter notifications.</td>
</tr>
<tr>
<td>[coordination] check_watchers = 10.0</td>
<td>(FloatOpt) Number of seconds between checks to see if group membership has changed</td>
<td>[oslo_messaging_qpid] send_single_reply = False</td>
<td>(BoolOpt) Send a single AMQP reply to call message. The current behaviour since oslo-incubator is to send two AMQP replies - first one with the payload, a second one to ensure the other have finish to send the payload. We are going to remove it in the N release, but we must keep backward compatible at the same time. This option provides such compatibility - it defaults to False in Liberty and can be turned on for early adopters with a new installations or for testing. Please note, that this option will be removed in M release.</td>
</tr>
<tr>
<td>[database] db2nosql_resource_id_maxlen = 512</td>
<td>(IntOpt) The max length of resources id in DB2 nosql, the value should be larger than len(hostname) * 2 as compute node's resource id is &lt;hostname&gt;_&lt;nodename&gt;.</td>
<td>[oslo_messaging_rabbit] kombu_reconnect_timeout = 60</td>
<td>(IntOpt) How long to wait before considering a reconnect attempt to have failed. This value should not be longer than rpc_response_timeout.</td>
</tr>
<tr>
<td>[database] event_connection = None</td>
<td>(StrOpt) The connection string used to connect to the event database. (if unset, connection is used)</td>
<td>[oslo_messaging_rabbit] send_single_reply = False</td>
<td>(BoolOpt) Send a single AMQP reply to call message. The current behaviour since oslo-incubator is to send two AMQP replies - first one with the payload, a second one to ensure the other have finish to send the payload. We are going to remove it in the N release, but we must keep backward compatible at the same time. This option provides such compatibility - it defaults to False in Liberty and can be turned on for early adopters with a new installations or for testing. Please note, that this option will be removed in M release.</td>
</tr>
<tr>
<td>[database] event_time_to_live = -1</td>
<td>(IntOpt) Number of seconds that events are kept in the database for (&lt;= 0 means forever).</td>
<td>[oslo_middleware] secure_proxy_ssl_header = X-Forwarded-Proto</td>
<td>(StrOpt) The HTTP Header that will be used to determine what the original request protocol scheme was, even if it was hidden by an SSL termination proxy.</td>
</tr>
<tr>
<td>[database] metering_time_to_live = -1</td>
<td>(IntOpt) Number of seconds that samples are kept in the database for (&lt;= 0 means forever).</td>
<td>[vmware] ca_file = None</td>
<td>(StrOpt) CA bundle file to use in verifying the vCenter server certificate.</td>
</tr>
<tr>
<td>[database] mongodb_replica_set = </td>
<td>(StrOpt) The name of the replica set which is used to connect to MongoDB database. If it is set, MongoReplicaSetClient will be used instead of MongoClient.</td>
</tr>
<tr>
<td>[dispatcher_http] cadf_only = False</td>
<td>(BoolOpt) The flag that indicates if only cadf message should be posted. If false, all meters will be posted.</td>
</tr>
<tr>
<td>[dispatcher_http] event_target = None</td>
<td>(StrOpt) The target for event data where the http request will be sent to. If this is not set, it will default to same as Sample target.</td>
</tr>
<tr>
<td>[dispatcher_http] target = </td>
<td>(StrOpt) The target where the http request will be sent. If this is not set, no data will be posted. For example: target = http://hostname:1234/path</td>
</tr>
<tr>
<td>[dispatcher_http] timeout = 5</td>
<td>(IntOpt) The max time in seconds to wait for a request to timeout.</td>
</tr>
<tr>
<td>[event] store_raw = []</td>
<td>(MultiStrOpt) Store the raw notification for select priority levels (info and/or error). By default, raw details are not captured.</td>
</tr>
<tr>
<td>[ipmi] polling_retry = 3</td>
<td>(IntOpt) Tolerance of IPMI/NM polling failures before disable this pollster. Negative indicates retrying forever.</td>
</tr>
<tr>
<td>[notification] disable_non_metric_meters = False</td>
<td>(BoolOpt) WARNING: Ceilometer historically offered the ability to store events as meters. This usage is NOT advised as it can flood the metering database and cause performance degradation. This option disables the collection of non-metric meters and will be the default behavior in Liberty.</td>
</tr>
<tr>
<td>[notification] workload_partitioning = False</td>
<td>(BoolOpt) Enable workload partitioning, allowing multiple notification agents to be run simultaneously.</td>
</tr>
<tr>
<td>[oslo_concurrency] disable_process_locking = False</td>
<td>(BoolOpt) Enables or disables inter-process locks.</td>
</tr>
<tr>
<td>[oslo_concurrency] lock_path = None</td>
<td>(StrOpt) Directory to use for lock files. For security, the specified directory should only be writable by the user running the processes that need locking. Defaults to environment variable OSLO_LOCK_PATH. If external locks are used, a lock path must be set.</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] allow_insecure_clients = False</td>
<td>(BoolOpt) Accept clients using either SSL or plain TCP</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] broadcast_prefix = broadcast</td>
<td>(StrOpt) address prefix used when broadcasting to all servers</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] container_name = None</td>
<td>(StrOpt) Name for the AMQP container</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] group_request_prefix = unicast</td>
<td>(StrOpt) address prefix when sending to any server in group</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] idle_timeout = 0</td>
<td>(IntOpt) Timeout for inactive connections (in seconds)</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] server_request_prefix = exclusive</td>
<td>(StrOpt) address prefix used when sending to a specific server</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_ca_file = </td>
<td>(StrOpt) CA certificate PEM file to verify server certificate</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_cert_file = </td>
<td>(StrOpt) Identifying certificate PEM file to present to clients</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_key_file = </td>
<td>(StrOpt) Private key PEM file used to sign cert_file certificate</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_key_password = None</td>
<td>(StrOpt) Password for decrypting ssl_key_file (if encrypted)</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] trace = False</td>
<td>(BoolOpt) Debug: dump AMQP frames to stdout</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] amqp_auto_delete = False</td>
<td>(BoolOpt) Auto-delete queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] amqp_durable_queues = False</td>
<td>(BoolOpt) Use durable queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_heartbeat = 60</td>
<td>(IntOpt) Seconds between connection keepalive heartbeats.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_hostname = localhost</td>
<td>(StrOpt) Qpid broker hostname.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_hosts = $qpid_hostname:$qpid_port</td>
<td>(ListOpt) Qpid HA cluster host:port pairs.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_password = </td>
<td>(StrOpt) Password for Qpid connection.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_port = 5672</td>
<td>(IntOpt) Qpid broker port.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_protocol = tcp</td>
<td>(StrOpt) Transport to use, either 'tcp' or 'ssl'.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_receiver_capacity = 1</td>
<td>(IntOpt) The number of prefetched messages held by receiver.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_sasl_mechanisms = </td>
<td>(StrOpt) Space separated list of SASL mechanisms to use for auth.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_tcp_nodelay = True</td>
<td>(BoolOpt) Whether to disable the Nagle algorithm.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_topology_version = 1</td>
<td>(IntOpt) The qpid topology version to use. Version 1 is what was originally used by impl_qpid. Version 2 includes some backwards-incompatible changes that allow broker federation to work. Users should update to version 2 when they are able to take everything down, as it requires a clean break.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_username = </td>
<td>(StrOpt) Username for Qpid connection.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] rpc_conn_pool_size = 30</td>
<td>(IntOpt) Size of RPC connection pool.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] amqp_auto_delete = False</td>
<td>(BoolOpt) Auto-delete queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] amqp_durable_queues = False</td>
<td>(BoolOpt) Use durable queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] fake_rabbit = False</td>
<td>(BoolOpt) Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_rate = 2</td>
<td>(IntOpt) How often times during the heartbeat_timeout_threshold we check the heartbeat.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_timeout_threshold = 0</td>
<td>(IntOpt) Number of seconds after which the Rabbit broker is considered down if heartbeat's keep-alive fails (0 disables the heartbeat, &gt;0 enables it. Enabling heartbeats requires kombu&gt;=3.0.7 and amqp&gt;=1.4.0). EXPERIMENTAL</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_reconnect_delay = 1.0</td>
<td>(FloatOpt) How long to wait before reconnecting in response to an AMQP consumer cancel notification.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_ca_certs = </td>
<td>(StrOpt) SSL certification authority file (valid only if SSL enabled).</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_certfile = </td>
<td>(StrOpt) SSL cert file (valid only if SSL enabled).</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_keyfile = </td>
<td>(StrOpt) SSL key file (valid only if SSL enabled).</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_version = </td>
<td>(StrOpt) SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some distributions.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_ha_queues = False</td>
<td>(BoolOpt) Use HA queues in RabbitMQ (x-ha-policy: all). If you change this option, you must wipe the RabbitMQ database.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_host = localhost</td>
<td>(StrOpt) The RabbitMQ broker address where a single node is used.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_hosts = $rabbit_host:$rabbit_port</td>
<td>(ListOpt) RabbitMQ HA cluster host:port pairs.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_login_method = AMQPLAIN</td>
<td>(StrOpt) The RabbitMQ login method.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_max_retries = 0</td>
<td>(IntOpt) Maximum number of RabbitMQ connection retries. Default is 0 (infinite retry count).</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_password = guest</td>
<td>(StrOpt) The RabbitMQ password.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_port = 5672</td>
<td>(IntOpt) The RabbitMQ broker port where a single node is used.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_retry_backoff = 2</td>
<td>(IntOpt) How long to backoff for between retries when connecting to RabbitMQ.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_retry_interval = 1</td>
<td>(IntOpt) How frequently to retry connecting with RabbitMQ.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_use_ssl = False</td>
<td>(BoolOpt) Connect over SSL for RabbitMQ.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_userid = guest</td>
<td>(StrOpt) The RabbitMQ userid.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_virtual_host = /</td>
<td>(StrOpt) The RabbitMQ virtual host.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rpc_conn_pool_size = 30</td>
<td>(IntOpt) Size of RPC connection pool.</td>
</tr>
<tr>
<td>[oslo_middleware] max_request_body_size = 114688</td>
<td>(IntOpt) The maximum body size for each request, in bytes.</td>
</tr>
<tr>
<td>[oslo_policy] policy_default_rule = default</td>
<td>(StrOpt) Default rule. Enforced when a requested rule is not found.</td>
</tr>
<tr>
<td>[oslo_policy] policy_dirs = ['policy.d']</td>
<td>(MultiStrOpt) Directories where policy configuration files are stored. They can be relative to any directory in the search path defined by the config_dir option, or absolute paths. The file defined by policy_file must exist for these directories to be searched. Missing or empty directories are ignored.</td>
</tr>
<tr>
<td>[oslo_policy] policy_file = policy.json</td>
<td>(StrOpt) The JSON file that defines policies.</td>
</tr>
<tr>
<td>[polling] partitioning_group_prefix = None</td>
<td>(StrOpt) Work-load partitioning group prefix. Use only if you want to run multiple polling agents with different config files. For each sub-group of the agent pool with the same partitioning_group_prefix a disjoint subset of pollsters should be loaded.</td>
</tr>
<tr>
<td>[publisher] telemetry_secret = change this for valid signing</td>
<td>(StrOpt) Secret value for signing messages. Set value empty if signing is not required to avoid computational overhead.</td>
</tr>
<tr>
<td>[publisher_notifier] event_topic = event</td>
<td>(StrOpt) The topic that ceilometer uses for event notifications.</td>
</tr>
<tr>
<td>[publisher_notifier] telemetry_driver = messagingv2</td>
<td>(StrOpt) The driver that ceilometer uses for metering notifications.</td>
</tr>
<tr>
<td>[rgw_admin_credentials] access_key = None</td>
<td>(StrOpt) Access key for Radosgw Admin.</td>
</tr>
<tr>
<td>[rgw_admin_credentials] secret_key = None</td>
<td>(StrOpt) Secret key for Radosgw Admin.</td>
</tr>
<tr>
<td>[service_types] radosgw = object-store</td>
<td>(StrOpt) Radosgw service type.</td>
</tr>
<tr>
<td>[vmware] host_port = 443</td>
<td>(IntOpt) Port of the VMware Vsphere host.</td>
<td>[vmware] insecure = False</td>
<td>(BoolOpt) If true, the vCenter server certificate is not verified. If false, then the default CA truststore is used for verification. This option is ignored if "ca_file" is set.</td>
</tr>
</table>
<table>
@ -378,9 +178,34 @@
</tr>
</thead>
<tr>
<td>[DEFAULT] rpc_zmq_matchmaker</td>
<td>oslo.messaging._drivers.matchmaker.MatchMakerLocalhost</td>
<td>local</td>
<td>[DEFAULT] default_log_levels</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN, websocket=WARN, keystonemiddleware=WARN, routes.middleware=WARN, stevedore=WARN</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN, websocket=WARN, requests.packages.urllib3.util.retry=WARN, urllib3.util.retry=WARN, keystonemiddleware=WARN, routes.middleware=WARN, stevedore=WARN, taskflow=WARN</td>
</tr>
<tr>
<td>[DEFAULT] logging_exception_prefix</td>
<td>%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s</td>
<td>%(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s</td>
</tr>
<tr>
<td>[DEFAULT] use_syslog_rfc_format</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[DEFAULT] verbose</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[notification] disable_non_metric_meters</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_timeout_threshold</td>
<td>0</td>
<td>60</td>
</tr>
</table>
<table>
@ -393,28 +218,16 @@
<td>New Option</td>
</tr>
</thead>
<tr>
<td>[alarm] evaluation_service</td>
<td>None</td>
</tr>
<tr>
<td>[DEFAULT] log_format</td>
<td>None</td>
</tr>
<tr>
<td>[database] time_to_live</td>
<td>[database] metering_time_to_live</td>
</tr>
<tr>
<td>[DEFAULT] database_connection</td>
<td>None</td>
</tr>
<tr>
<td>[publisher] metering_secret</td>
<td>[publisher] telemetry_secret</td>
<td>[DEFAULT] rpc_thread_pool_size</td>
<td>[DEFAULT] executor_thread_pool_size</td>
</tr>
<tr>
<td>[alarm] partition_rpc_topic</td>
<td>[DEFAULT] log_format</td>
<td>None</td>
</tr>
<tr>

753
doc/config-reference/conf-changes/cinder.xml
View File

File diff suppressed because it is too large Load Diff

527
doc/config-reference/conf-changes/glance.xml
View File

@ -1,7 +1,7 @@
<?xml version='1.0' encoding='UTF-8'?>
<section xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="glance-conf-changes-kilo">
<section xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="glance-conf-changes-liberty">
<!-- Warning: Do not edit this file. It is automatically generated and your changes will be overwritten. The tool to do so lives in the openstack-doc-tools repository. -->
<title>New, updated and deprecated options in Kilo for OpenStack Image service</title>
<title>New, updated and deprecated options in Liberty for OpenStack Image service</title>
<table>
<caption>New options</caption>
<col width="50%"/>
@ -13,476 +13,84 @@
</tr>
</thead>
<tr>
<td>[DEFAULT] args = None</td>
<td>(ListOpt) Arguments for the command</td>
<td>[DEFAULT] enable_v3_api = True</td>
<td>(BoolOpt) Deploy the v3 OpenStack Objects API.</td>
</tr>
<tr>
<td>[DEFAULT] available_plugins = </td>
<td>(ListOpt) A list of artifacts that are allowed in the format name or name-version. Empty list means that any artifact can be loaded.</td>
<td>[DEFAULT] executor_thread_pool_size = 64</td>
<td>(IntOpt) Size of executor thread pool.</td>
</tr>
<tr>
<td>[DEFAULT] backdoor_port = None</td>
<td>(StrOpt) Enable eventlet backdoor. Acceptable values are 0, &lt;port&gt;, and &lt;start&gt;:&lt;end&gt;, where 0 results in listening on a random tcp port number; &lt;port&gt; results in listening on the specified port number (and not enabling backdoor if that port is in use); and &lt;start&gt;:&lt;end&gt; results in listening on the smallest unused port number within the specified range of port numbers. The chosen port is displayed in the service's log file.</td>
</tr>
<tr>
<td>[DEFAULT] chunksize = 65536</td>
<td>(IntOpt) Amount of data to transfer per HTTP write.</td>
</tr>
<tr>
<td>[DEFAULT] command = None</td>
<td>(StrOpt) Command to be given to replicator</td>
</tr>
<tr>
<td>[DEFAULT] digest_algorithm = sha1</td>
<td>(StrOpt) Digest algorithm which will be used for digital signature; the default is sha1 the default in Kilo for a smooth upgrade process, and it will be updated with sha256 in next release(L). Use the command "openssl list-message-digest-algorithms" to get the available algorithms supported by the version of OpenSSL on the platform. Examples are "sha1", "sha256", "sha512", etc.</td>
</tr>
<tr>
<td>[DEFAULT] disabled_notifications = </td>
<td>(ListOpt) List of disabled notifications. A notification can be given either as a notification type to disable a single event, or as a notification group prefix to disable all events within a group. Example: if this config option is set to ["image.create", "metadef_namespace"], then "image.create" notification will not be sent after image is created and none of the notifications for metadefinition namespaces will be sent.</td>
</tr>
<tr>
<td>[DEFAULT] dontreplicate = created_at date deleted_at location updated_at</td>
<td>(StrOpt) List of fields to not replicate.</td>
</tr>
<tr>
<td>[DEFAULT] host = localhost</td>
<td>(StrOpt) Name of this node, which must be valid in an AMQP key. Can be an opaque identifier. For ZeroMQ only, must be a valid host name, FQDN, or IP address.</td>
</tr>
<tr>
<td>[DEFAULT] http_keepalive = True</td>
<td>(BoolOpt) If False, server will return the header "Connection: close", If True, server will return "Connection: Keep-Alive" in its responses. In order to close the client socket connection explicitly after the response is sent and read successfully by the client, you simply have to set this option to False when you create a wsgi server.</td>
</tr>
<tr>
<td>[DEFAULT] http_timeout = 600</td>
<td>(IntOpt) Timeout seconds for HTTP requests. Set it to None to disable timeout.</td>
</tr>
<tr>
<td>[DEFAULT] listener_workers = 1</td>
<td>(IntOpt) Number of workers for notification service. A single notification agent is enabled by default.</td>
</tr>
<tr>
<td>[DEFAULT] load_enabled = True</td>
<td>(BoolOpt) When false, no artifacts can be loaded regardless of available_plugins. When true, artifacts can be loaded.</td>
</tr>
<tr>
<td>[DEFAULT] log-config-append = None</td>
<td>(StrOpt) The name of a logging configuration file. This file is appended to any existing logging configuration files. For details about logging configuration files, see the Python logging module documentation.</td>
</tr>
<tr>
<td>[DEFAULT] log-date-format = %Y-%m-%d %H:%M:%S</td>
<td>(StrOpt) Format string for %%(asctime)s in log records. Default: %(default)s .</td>
</tr>
<tr>
<td>[DEFAULT] log-dir = None</td>
<td>(StrOpt) (Optional) The base directory used for relative --log-file paths.</td>
</tr>
<tr>
<td>[DEFAULT] log-file = None</td>
<td>(StrOpt) (Optional) Name of log file to output to. If no default is set, logging will go to stdout.</td>
</tr>
<tr>
<td>[DEFAULT] log-format = None</td>
<td>(StrOpt) DEPRECATED. A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes. This option is deprecated. Please use logging_context_format_string and logging_default_format_string instead.</td>
</tr>
<tr>
<td>[DEFAULT] mastertoken = </td>
<td>(StrOpt) Pass in your authentication token if you have one. This is the token used for the master.</td>
</tr>
<tr>
<td>[DEFAULT] metaonly = False</td>
<td>(BoolOpt) Only replicate metadata, not images.</td>
</tr>
<tr>
<td>[DEFAULT] public_endpoint = None</td>
<td>(StrOpt) Public url to use for versions endpoint. The default is None, which will use the request's host_url attribute to populate the URL base. If Glance is operating behind a proxy, you will want to change this to represent the proxy's URL.</td>
</tr>
<tr>
<td>[DEFAULT] slavetoken = </td>
<td>(StrOpt) Pass in your authentication token if you have one. This is the token used for the slave.</td>
</tr>
<tr>
<td>[DEFAULT] syslog-log-facility = LOG_USER</td>
<td>(StrOpt) Syslog facility to receive log lines.</td>
</tr>
<tr>
<td>[DEFAULT] token = </td>
<td>(StrOpt) Pass in your authentication token if you have one. If you use this option the same token is used for both the master and the slave.</td>
</tr>
<tr>
<td>[DEFAULT] use-syslog = False</td>
<td>(BoolOpt) Use syslog for logging. Existing syslog format is DEPRECATED during I, and will change in J to honor RFC5424.</td>
</tr>
<tr>
<td>[DEFAULT] use-syslog-rfc-format = False</td>
<td>(BoolOpt) (Optional) Enables or disables syslog rfc5424 format for logging. If enabled, prefixes the MSG part of the syslog message with APP-NAME (RFC5424). The format without the APP-NAME is deprecated in I, and will be removed in J.</td>
</tr>
<tr>
<td>[database] backend = sqlalchemy</td>
<td>(StrOpt) The back end to use for the database.</td>
</tr>
<tr>
<td>[database] connection = None</td>
<td>(StrOpt) The SQLAlchemy connection string to use to connect to the database.</td>
</tr>
<tr>
<td>[database] connection_debug = 0</td>
<td>(IntOpt) Verbosity of SQL debugging information: 0=None, 100=Everything.</td>
</tr>
<tr>
<td>[database] connection_trace = False</td>
<td>(BoolOpt) Add Python stack traces to SQL as comment strings.</td>
</tr>
<tr>
<td>[database] db_inc_retry_interval = True</td>
<td>(BoolOpt) If True, increases the interval between retries of a database operation up to db_max_retry_interval.</td>
</tr>
<tr>
<td>[database] db_max_retries = 20</td>
<td>(IntOpt) Maximum retries in case of connection error or deadlock error before error is raised. Set to -1 to specify an infinite retry count.</td>
</tr>
<tr>
<td>[database] db_max_retry_interval = 10</td>
<td>(IntOpt) If db_inc_retry_interval is set, the maximum seconds between retries of a database operation.</td>
</tr>
<tr>
<td>[database] db_retry_interval = 1</td>
<td>(IntOpt) Seconds between retries of a database transaction.</td>
</tr>
<tr>
<td>[database] idle_timeout = 3600</td>
<td>(IntOpt) Timeout before idle SQL connections are reaped.</td>
</tr>
<tr>
<td>[database] max_overflow = None</td>
<td>(IntOpt) If set, use this value for max_overflow with SQLAlchemy.</td>
</tr>
<tr>
<td>[database] max_pool_size = None</td>
<td>(IntOpt) Maximum number of SQL connections to keep open in a pool.</td>
</tr>
<tr>
<td>[database] max_retries = 10</td>
<td>(IntOpt) Maximum number of database connection retries during startup. Set to -1 to specify an infinite retry count.</td>
</tr>
<tr>
<td>[database] min_pool_size = 1</td>
<td>(IntOpt) Minimum number of SQL connections to keep open in a pool.</td>
</tr>
<tr>
<td>[database] mysql_sql_mode = TRADITIONAL</td>
<td>(StrOpt) The SQL mode to be used for MySQL sessions. This option, including the default, overrides any server-set SQL mode. To use whatever SQL mode is set by the server configuration, set this to no value. Example: mysql_sql_mode=</td>
</tr>
<tr>
<td>[database] pool_timeout = None</td>
<td>(IntOpt) If set, use this value for pool_timeout with SQLAlchemy.</td>
</tr>
<tr>
<td>[database] retry_interval = 10</td>
<td>(IntOpt) Interval between retries of opening a SQL connection.</td>
</tr>
<tr>
<td>[database] slave_connection = None</td>
<td>(StrOpt) The SQLAlchemy connection string to use to connect to the slave database.</td>
</tr>
<tr>
<td>[database] sqlite_db = oslo.sqlite</td>
<td>(StrOpt) The file name to use with SQLite.</td>
</tr>
<tr>
<td>[database] sqlite_synchronous = True</td>
<td>(BoolOpt) If True, SQLite uses synchronous mode.</td>
</tr>
<tr>
<td>[database] use_db_reconnect = False</td>
<td>(BoolOpt) Enable the experimental use of database reconnect on connection lost.</td>
</tr>
<tr>
<td>[elasticsearch] hosts = 127.0.0.1:9200</td>
<td>(ListOpt) List of nodes where Elasticsearch instances are running. A single node should be defined as an IP address and port number.</td>
</tr>
<tr>
<td>[glance_store] store_capabilities_update_min_interval = 0</td>
<td>(IntOpt) Minimum interval seconds to execute updating dynamic storage capabilities based on backend status then. It's not a periodic routine, the update logic will be executed only when interval seconds elapsed and an operation of store has triggered. The feature will be enabled only when the option value greater then zero.</td>
</tr>
<tr>
<td>[glance_store] swift_store_cacert = None</td>
<td>(StrOpt) A string giving the CA certificate file to use in SSL connections for verifying certs.</td>
</tr>
<tr>
<td>[glance_store] swift_store_endpoint = None</td>
<td>(StrOpt) If set, the configured endpoint will be used. If None, the storage url from the auth response will be used.</td>
</tr>
<tr>
<td>[glance_store] swift_store_multiple_containers_seed = 0</td>
<td>(IntOpt) When set to 0, a single-tenant store will only use one container to store all images. When set to an integer value between 1 and 32, a single-tenant store will use multiple containers to store images, and this value will determine how many containers are created.Used only when swift_store_multi_tenant is disabled. The total number of containers that will be used is equal to 16^N, so if this config option is set to 2, then 16^2=256 containers will be used to store images.</td>
</tr>
<tr>
<td>[glance_store] vmware_datastores = None</td>
<td>(MultiStrOpt) A list of datastores where the image can be stored. This option may be specified multiple times for specifying multiple datastores. Either one of vmware_datastore_name or vmware_datastores is required. The datastore name should be specified after its datacenter path, seperated by ":". An optional weight may be given after the datastore name, seperated again by ":". Thus, the required format becomes &lt;datacenter_path&gt;:&lt;datastore_name&gt;:&lt;optional_weight&gt;. When adding an image, the datastore with highest weight will be selected, unless there is not enough free space available in cases where the image size is already known. If no weight is given, it is assumed to be zero and the directory will be considered for selection last. If multiple datastores have the same weight, then the one with the most free space available is selected.</td>
</tr>
<tr>
<td>[oslo_concurrency] disable_process_locking = False</td>
<td>(BoolOpt) Enables or disables inter-process locks.</td>
</tr>
<tr>
<td>[oslo_concurrency] lock_path = None</td>
<td>(StrOpt) Directory to use for lock files. For security, the specified directory should only be writable by the user running the processes that need locking. Defaults to environment variable OSLO_LOCK_PATH. If external locks are used, a lock path must be set.</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] allow_insecure_clients = False</td>
<td>(BoolOpt) Accept clients using either SSL or plain TCP</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] broadcast_prefix = broadcast</td>
<td>(StrOpt) address prefix used when broadcasting to all servers</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] container_name = None</td>
<td>(StrOpt) Name for the AMQP container</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] group_request_prefix = unicast</td>
<td>(StrOpt) address prefix when sending to any server in group</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] idle_timeout = 0</td>
<td>(IntOpt) Timeout for inactive connections (in seconds)</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] server_request_prefix = exclusive</td>
<td>(StrOpt) address prefix used when sending to a specific server</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_ca_file = </td>
<td>(StrOpt) CA certificate PEM file to verify server certificate</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_cert_file = </td>
<td>(StrOpt) Identifying certificate PEM file to present to clients</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_key_file = </td>
<td>(StrOpt) Private key PEM file used to sign cert_file certificate</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_key_password = None</td>
<td>(StrOpt) Password for decrypting ssl_key_file (if encrypted)</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] trace = False</td>
<td>(BoolOpt) Debug: dump AMQP frames to stdout</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] amqp_auto_delete = False</td>
<td>(BoolOpt) Auto-delete queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] amqp_durable_queues = False</td>
<td>(BoolOpt) Use durable queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_heartbeat = 60</td>
<td>(IntOpt) Seconds between connection keepalive heartbeats.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_hostname = localhost</td>
<td>(StrOpt) Qpid broker hostname.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_hosts = $qpid_hostname:$qpid_port</td>
<td>(ListOpt) Qpid HA cluster host:port pairs.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_password = </td>
<td>(StrOpt) Password for Qpid connection.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_port = 5672</td>
<td>(IntOpt) Qpid broker port.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_protocol = tcp</td>
<td>(StrOpt) Transport to use, either 'tcp' or 'ssl'.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_receiver_capacity = 1</td>
<td>(IntOpt) The number of prefetched messages held by receiver.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_sasl_mechanisms = </td>
<td>(StrOpt) Space separated list of SASL mechanisms to use for auth.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_tcp_nodelay = True</td>
<td>(BoolOpt) Whether to disable the Nagle algorithm.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_topology_version = 1</td>
<td>(IntOpt) The qpid topology version to use. Version 1 is what was originally used by impl_qpid. Version 2 includes some backwards-incompatible changes that allow broker federation to work. Users should update to version 2 when they are able to take everything down, as it requires a clean break.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_username = </td>
<td>(StrOpt) Username for Qpid connection.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] rpc_conn_pool_size = 30</td>
<td>[DEFAULT] rpc_conn_pool_size = 30</td>
<td>(IntOpt) Size of RPC connection pool.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] amqp_auto_delete = False</td>
<td>(BoolOpt) Auto-delete queues in AMQP.</td>
<td>[cors] allow_credentials = True</td>
<td>(BoolOpt) Indicate that the actual request can include user credentials</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] amqp_durable_queues = False</td>
<td>(BoolOpt) Use durable queues in AMQP.</td>
<td>[cors] allow_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which header field names may be used during the actual request.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] fake_rabbit = False</td>
<td>(BoolOpt) Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake</td>
<td>[cors] allow_methods = GET, POST, PUT, DELETE, OPTIONS</td>
<td>(ListOpt) Indicate which methods can be used during the actual request.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_rate = 2</td>
<td>(IntOpt) How often times during the heartbeat_timeout_threshold we check the heartbeat.</td>
<td>[cors] allowed_origin = None</td>
<td>(StrOpt) Indicate whether this resource may be shared with the domain received in the requests "origin" header.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_timeout_threshold = 0</td>
<td>(IntOpt) Number of seconds after which the Rabbit broker is considered down if heartbeat's keep-alive fails (0 disables the heartbeat, &gt;0 enables it. Enabling heartbeats requires kombu&gt;=3.0.7 and amqp&gt;=1.4.0). EXPERIMENTAL</td>
<td>[cors] expose_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which headers are safe to expose to the API. Defaults to HTTP Simple Headers.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_reconnect_delay = 1.0</td>
<td>(FloatOpt) How long to wait before reconnecting in response to an AMQP consumer cancel notification.</td>
<td>[cors] max_age = 3600</td>
<td>(IntOpt) Maximum cache age of CORS preflight requests.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_ca_certs = </td>
<td>(StrOpt) SSL certification authority file (valid only if SSL enabled).</td>
<td>[cors.subdomain] allow_credentials = True</td>
<td>(BoolOpt) Indicate that the actual request can include user credentials</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_certfile = </td>
<td>(StrOpt) SSL cert file (valid only if SSL enabled).</td>
<td>[cors.subdomain] allow_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which header field names may be used during the actual request.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_keyfile = </td>
<td>(StrOpt) SSL key file (valid only if SSL enabled).</td>
<td>[cors.subdomain] allow_methods = GET, POST, PUT, DELETE, OPTIONS</td>
<td>(ListOpt) Indicate which methods can be used during the actual request.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_version = </td>
<td>(StrOpt) SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some distributions.</td>
<td>[cors.subdomain] allowed_origin = None</td>
<td>(StrOpt) Indicate whether this resource may be shared with the domain received in the requests "origin" header.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_ha_queues = False</td>
<td>(BoolOpt) Use HA queues in RabbitMQ (x-ha-policy: all). If you change this option, you must wipe the RabbitMQ database.</td>
<td>[cors.subdomain] expose_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which headers are safe to expose to the API. Defaults to HTTP Simple Headers.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_host = localhost</td>
<td>(StrOpt) The RabbitMQ broker address where a single node is used.</td>
<td>[cors.subdomain] max_age = 3600</td>
<td>(IntOpt) Maximum cache age of CORS preflight requests.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_hosts = $rabbit_host:$rabbit_port</td>
<td>(ListOpt) RabbitMQ HA cluster host:port pairs.</td>
<td>[oslo_messaging_qpid] send_single_reply = False</td>
<td>(BoolOpt) Send a single AMQP reply to call message. The current behaviour since oslo-incubator is to send two AMQP replies - first one with the payload, a second one to ensure the other have finish to send the payload. We are going to remove it in the N release, but we must keep backward compatible at the same time. This option provides such compatibility - it defaults to False in Liberty and can be turned on for early adopters with a new installations or for testing. Please note, that this option will be removed in M release.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_login_method = AMQPLAIN</td>
<td>(StrOpt) The RabbitMQ login method.</td>
<td>[oslo_messaging_rabbit] kombu_reconnect_timeout = 60</td>
<td>(IntOpt) How long to wait before considering a reconnect attempt to have failed. This value should not be longer than rpc_response_timeout.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_max_retries = 0</td>
<td>(IntOpt) Maximum number of RabbitMQ connection retries. Default is 0 (infinite retry count).</td>
<td>[oslo_messaging_rabbit] send_single_reply = False</td>
<td>(BoolOpt) Send a single AMQP reply to call message. The current behaviour since oslo-incubator is to send two AMQP replies - first one with the payload, a second one to ensure the other have finish to send the payload. We are going to remove it in the N release, but we must keep backward compatible at the same time. This option provides such compatibility - it defaults to False in Liberty and can be turned on for early adopters with a new installations or for testing. Please note, that this option will be removed in M release.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_password = guest</td>
<td>(StrOpt) The RabbitMQ password.</td>
<td>[oslo_middleware] max_request_body_size = 114688</td>
<td>(IntOpt) The maximum body size for each request, in bytes.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_port = 5672</td>
<td>(IntOpt) The RabbitMQ broker port where a single node is used.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_retry_backoff = 2</td>
<td>(IntOpt) How long to backoff for between retries when connecting to RabbitMQ.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_retry_interval = 1</td>
<td>(IntOpt) How frequently to retry connecting with RabbitMQ.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_use_ssl = False</td>
<td>(BoolOpt) Connect over SSL for RabbitMQ.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_userid = guest</td>
<td>(StrOpt) The RabbitMQ userid.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_virtual_host = /</td>
<td>(StrOpt) The RabbitMQ virtual host.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rpc_conn_pool_size = 30</td>
<td>(IntOpt) Size of RPC connection pool.</td>
</tr>
<tr>
<td>[oslo_policy] policy_default_rule = default</td>
<td>(StrOpt) Default rule. Enforced when a requested rule is not found.</td>
</tr>
<tr>
<td>[oslo_policy] policy_dirs = ['policy.d']</td>
<td>(MultiStrOpt) Directories where policy configuration files are stored. They can be relative to any directory in the search path defined by the config_dir option, or absolute paths. The file defined by policy_file must exist for these directories to be searched. Missing or empty directories are ignored.</td>
</tr>
<tr>
<td>[oslo_policy] policy_file = policy.json</td>
<td>(StrOpt) The JSON file that defines policies.</td>
</tr>
<tr>
<td>[service_credentials] insecure = False</td>
<td>(BoolOpt) Disables X.509 certificate validation when an SSL connection to Identity Service is established.</td>
</tr>
<tr>
<td>[service_credentials] os_auth_url = http://localhost:5000/v2.0</td>
<td>(StrOpt) Auth URL to use for OpenStack service access.</td>
</tr>
<tr>
<td>[service_credentials] os_cacert = None</td>
<td>(StrOpt) Certificate chain for SSL validation.</td>
</tr>
<tr>
<td>[service_credentials] os_endpoint_type = publicURL</td>
<td>(StrOpt) Type of endpoint in Identity service catalog to use for communication with OpenStack services.</td>
</tr>
<tr>
<td>[service_credentials] os_password = admin</td>
<td>(StrOpt) Password to use for OpenStack service access.</td>
</tr>
<tr>
<td>[service_credentials] os_region_name = None</td>
<td>(StrOpt) Region name to use for OpenStack service endpoints.</td>
</tr>
<tr>
<td>[service_credentials] os_tenant_id = </td>
<td>(StrOpt) Tenant ID to use for OpenStack service access.</td>
</tr>
<tr>
<td>[service_credentials] os_tenant_name = admin</td>
<td>(StrOpt) Tenant name to use for OpenStack service access.</td>
</tr>
<tr>
<td>[service_credentials] os_username = glance</td>
<td>(StrOpt) User name to use for OpenStack service access.</td>
</tr>
<tr>
<td>[task] work_dir = None</td>
<td>(StrOpt) Work dir for asynchronous task operations. The directory set here will be used to operate over images - normally before they are imported in the destination store. When providing work dir, make sure enough space is provided for concurrent tasks to run efficiently without running out of space. A rough estimation can be done by multiplying the number of `max_workers` - or the N of workers running - by an average image size (e.g 500MB). The image size estimation should be done based on the average size in your deployment. Note that depending on the tasks running you may need to multiply this number by some factor depending on what the task does. For example, you may want to double the available size if image conversion is enabled. All this being said, remember these are just estimations and you should do them based on the worst case scenario and be prepared to act in case they were wrong.</td>
</tr>
<tr>
<td>[taskflow_executor] conversion_format = None</td>
<td>(StrOpt) The format to which images will be automatically converted. Can be 'qcow2' or 'raw'.</td>
</tr>
<tr>
<td>[taskflow_executor] engine_mode = parallel</td>
<td>(StrOpt) The mode in which the engine will run. Can be 'serial' or 'parallel'.</td>
</tr>
<tr>
<td>[taskflow_executor] max_workers = 10</td>
<td>(IntOpt) The number of parallel activities executed at the same time by the engine. The value can be greater than one when the engine mode is 'parallel'.</td>
<td>[oslo_middleware] secure_proxy_ssl_header = X-Forwarded-Proto</td>
<td>(StrOpt) The HTTP Header that will be used to determine what the original request protocol scheme was, even if it was hidden by an SSL termination proxy.</td>
</tr>
</table>
<table>
@ -497,20 +105,45 @@
<td>New default value</td>
</tr>
</thead>
<tr>
<td>[DEFAULT] allowed_rpc_exception_modules</td>
<td>openstack.common.exception, glance.common.exception, exceptions</td>
<td>glance.common.exception, exceptions</td>
</tr>
<tr>
<td>[DEFAULT] client_socket_timeout</td>
<td>0</td>
<td>900</td>
</tr>
<tr>
<td>[DEFAULT] default_log_levels</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN, websocket=WARN, requests.packages.urllib3.util.retry=WARN, urllib3.util.retry=WARN, keystonemiddleware=WARN, routes.middleware=WARN, stevedore=WARN</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN, websocket=WARN, requests.packages.urllib3.util.retry=WARN, urllib3.util.retry=WARN, keystonemiddleware=WARN, routes.middleware=WARN, stevedore=WARN, taskflow=WARN</td>
</tr>
<tr>
<td>[DEFAULT] rpc_zmq_matchmaker</td>
<td>oslo.messaging._drivers.matchmaker.MatchMakerLocalhost</td>
<td>local</td>
<td>[DEFAULT] digest_algorithm</td>
<td>sha1</td>
<td>sha256</td>
</tr>
<tr>
<td>[task] task_executor</td>
<td>eventlet</td>
<td>taskflow</td>
<td>[DEFAULT] logging_exception_prefix</td>
<td>%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s</td>
<td>%(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s</td>
</tr>
<tr>
<td>[DEFAULT] use_syslog_rfc_format</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[DEFAULT] verbose</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_timeout_threshold</td>
<td>0</td>
<td>60</td>
</tr>
</table>
<table>
@ -523,10 +156,6 @@
<td>New Option</td>
</tr>
</thead>
<tr>
<td>[DEFAULT] log-format</td>
<td>None</td>
</tr>
<tr>
<td>[glance_store] vmware_datacenter_path</td>
<td>None</td>
@ -536,20 +165,16 @@
<td>None</td>
</tr>
<tr>
<td>[DEFAULT] use-syslog</td>
<td>[DEFAULT] use_syslog</td>
<td>None</td>
</tr>
<tr>
<td>[task] eventlet_executor_pool_size</td>
<td>[taskflow_executor] max_workers</td>
<td>[DEFAULT] rpc_thread_pool_size</td>
<td>[DEFAULT] executor_thread_pool_size</td>
</tr>
<tr>
<td>[glance_store] vmware_datastore_name</td>
<td>None</td>
</tr>
<tr>
<td>[DEFAULT] use_syslog</td>
<td>None</td>
</tr>
</table>
</section>

525
doc/config-reference/conf-changes/heat.xml
View File

@ -1,7 +1,7 @@
<?xml version='1.0' encoding='UTF-8'?>
<section xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="heat-conf-changes-kilo">
<section xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="heat-conf-changes-liberty">
<!-- Warning: Do not edit this file. It is automatically generated and your changes will be overwritten. The tool to do so lives in the openstack-doc-tools repository. -->
<title>New, updated and deprecated options in Kilo for Orchestration</title>
<title>New, updated and deprecated options in Liberty for Orchestration</title>
<table>
<caption>New options</caption>
<col width="50%"/>
@ -13,305 +13,181 @@
</tr>
</thead>
<tr>
<td>[DEFAULT] convergence_engine = False</td>
<td>(BoolOpt) Enables engine with convergence architecture. All stacks with this option will be created using convergence engine .</td>
<td>[DEFAULT] encrypt_parameters_and_properties = False</td>
<td>(BoolOpt) Encrypt template parameters that were marked as hidden and also all the resource properties before storing them in database.</td>
</tr>
<tr>
<td>[DEFAULT] default_deployment_signal_transport = CFN_SIGNAL</td>
<td>(StrOpt) Template default for how the server should signal to heat with the deployment output values. CFN_SIGNAL will allow an HTTP POST to a CFN keypair signed URL (requires enabled heat-api-cfn). TEMP_URL_SIGNAL will create a Swift TempURL to be signaled via HTTP PUT (requires object-store endpoint which supports TempURL). HEAT_SIGNAL will allow calls to the Heat API resource-signal using the provided keystone credentials</td>
<td>[DEFAULT] executor_thread_pool_size = 64</td>
<td>(IntOpt) Size of executor thread pool.</td>
</tr>
<tr>
<td>[DEFAULT] default_software_config_transport = POLL_SERVER_CFN</td>
<td>(StrOpt) Template default for how the server should receive the metadata required for software configuration. POLL_SERVER_CFN will allow calls to the cfn API action DescribeStackResource authenticated with the provided keypair (requires enabled heat-api-cfn). POLL_SERVER_HEAT will allow calls to the Heat API resource-show using the provided keystone credentials (requires keystone v3 API, and configured stack_user_* config options). POLL_TEMP_URL will create and populate a Swift TempURL with metadata for polling (requires object-store endpoint which supports TempURL).</td>
<td>[DEFAULT] hidden_stack_tags = </td>
<td>(ListOpt) Stacks containing these tag names will be hidden. Multiple tags should be given in a comma-delimited list (eg. hidden_stack_tags=hide_me,me_too).</td>
</tr>
<tr>
<td>[DEFAULT] error_wait_time = 240</td>
<td>(IntOpt) Error wait time in seconds for stack action (ie. create or update).</td>
<td>[DEFAULT] rpc_conn_pool_size = 30</td>
<td>(IntOpt) Size of RPC connection pool.</td>
</tr>
<tr>
<td>[DEFAULT] fatal_exception_format_errors = False</td>
<td>[cache] backend = dogpile.cache.null</td>
<td>(StrOpt) Dogpile.cache backend module. It is recommended that Memcache with pooling (oslo_cache.memcache_pool) or Redis (dogpile.cache.redis) be used in production deployments. Small workloads (single process) like devstack can use the dogpile.cache.memory backend.</td>
</tr>
<tr>
<td>[cache] backend_argument = []</td>
<td>(MultiStrOpt) Arguments supplied to the backend module. Specify this option once per argument to be passed to the dogpile.cache backend. Example format: "&lt;argname&gt;:&lt;value&gt;".</td>
</tr>
<tr>
<td>[cache] config_prefix = cache.oslo</td>
<td>(StrOpt) Prefix for building the configuration dictionary for the cache region. This should not need to be changed unless there is another dogpile.cache region with the same configuration name.</td>
</tr>
<tr>
<td>[cache] debug_cache_backend = False</td>
<td>(BoolOpt) Extra debugging from the cache backend (cache keys, get/set/delete/etc calls). This is only really useful if you need to see the specific cache-backend get/set/delete calls with the keys/values. Typically this should be left set to false.</td>
</tr>
<tr>
<td>[cache] enabled = False</td>
<td>(BoolOpt) Global toggle for caching.</td>
</tr>
<tr>
<td>[cache] expiration_time = 600</td>
<td>(IntOpt) Default TTL, in seconds, for any cached item in the dogpile.cache region. This applies to any cached method that doesn't have an explicit cache expiration time defined for it.</td>
</tr>
<tr>
<td>[cache] memcache_dead_retry = 300</td>
<td>(IntOpt) Number of seconds memcached server is considered dead before it is tried again. (dogpile.cache.memcache and oslo_cache.memcache_pool backends only).</td>
</tr>
<tr>
<td>[cache] memcache_pool_connection_get_timeout = 10</td>
<td>(IntOpt) Number of seconds that an operation will wait to get a memcache client connection.</td>
</tr>
<tr>
<td>[cache] memcache_pool_maxsize = 10</td>
<td>(IntOpt) Max total number of open connections to every memcached server. (oslo_cache.memcache_pool backend only).</td>
</tr>
<tr>
<td>[cache] memcache_pool_unused_timeout = 60</td>
<td>(IntOpt) Number of seconds a connection to memcached is held unused in the pool before it is closed. (oslo_cache.memcache_pool backend only).</td>
</tr>
<tr>
<td>[cache] memcache_servers = localhost:11211</td>
<td>(ListOpt) Memcache servers in the format of "host:port". (dogpile.cache.memcache and oslo_cache.memcache_pool backends only).</td>
</tr>
<tr>
<td>[cache] memcache_socket_timeout = 3</td>
<td>(IntOpt) Timeout in seconds for every call to a server. (dogpile.cache.memcache and oslo_cache.memcache_pool backends only).</td>
</tr>
<tr>
<td>[cache] proxies = </td>
<td>(ListOpt) Proxy classes to import that will affect the way the dogpile.cache backend functions. See the dogpile.cache documentation on changing-backend-behavior.</td>
</tr>
<tr>
<td>[constraint_validation_cache] caching = True</td>
<td>(BoolOpt) Toggle to enable/disable caching when Orchestration Engine validates property constraints of stack.During property validation with constraints Orchestration Engine caches requests to other OpenStack services. Please note that the global toggle for oslo.cache(enabled=True in [cache] group) must be enabled to use this feature.</td>
</tr>
<tr>
<td>[constraint_validation_cache] expiration_time = 60</td>
<td>(IntOpt) TTL, in seconds, for any cached item in the dogpile.cache region used for caching of validation constraints.</td>
</tr>
<tr>
<td>[cors] allow_credentials = True</td>
<td>(BoolOpt) Indicate that the actual request can include user credentials</td>
</tr>
<tr>
<td>[cors] allow_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which header field names may be used during the actual request.</td>
</tr>
<tr>
<td>[cors] allow_methods = GET, POST, PUT, DELETE, OPTIONS</td>
<td>(ListOpt) Indicate which methods can be used during the actual request.</td>
</tr>
<tr>
<td>[cors] allowed_origin = None</td>
<td>(StrOpt) Indicate whether this resource may be shared with the domain received in the requests "origin" header.</td>
</tr>
<tr>
<td>[cors] expose_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which headers are safe to expose to the API. Defaults to HTTP Simple Headers.</td>
</tr>
<tr>
<td>[cors] max_age = 3600</td>
<td>(IntOpt) Maximum cache age of CORS preflight requests.</td>
</tr>
<tr>
<td>[cors.subdomain] allow_credentials = True</td>
<td>(BoolOpt) Indicate that the actual request can include user credentials</td>
</tr>
<tr>
<td>[cors.subdomain] allow_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which header field names may be used during the actual request.</td>
</tr>
<tr>
<td>[cors.subdomain] allow_methods = GET, POST, PUT, DELETE, OPTIONS</td>
<td>(ListOpt) Indicate which methods can be used during the actual request.</td>
</tr>
<tr>
<td>[cors.subdomain] allowed_origin = None</td>
<td>(StrOpt) Indicate whether this resource may be shared with the domain received in the requests "origin" header.</td>
</tr>
<tr>
<td>[cors.subdomain] expose_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which headers are safe to expose to the API. Defaults to HTTP Simple Headers.</td>
</tr>
<tr>
<td>[cors.subdomain] max_age = 3600</td>
<td>(IntOpt) Maximum cache age of CORS preflight requests.</td>
</tr>
<tr>
<td>[eventlet_opts] client_socket_timeout = 900</td>
<td>(IntOpt) Timeout for client connections' socket operations. If an incoming connection is idle for this number of seconds it will be closed. A value of '0' means wait forever.</td>
</tr>
<tr>
<td>[eventlet_opts] wsgi_keep_alive = True</td>
<td>(BoolOpt) If False, closes the client socket connection explicitly.</td>
</tr>
<tr>
<td>[heat_api] tcp_keepidle = 600</td>
<td>(IntOpt) The value for the socket option TCP_KEEPIDLE. This is the time in seconds that the connection must be idle before TCP starts sending keepalive probes.</td>
</tr>
<tr>
<td>[heat_api_cfn] tcp_keepidle = 600</td>
<td>(IntOpt) The value for the socket option TCP_KEEPIDLE. This is the time in seconds that the connection must be idle before TCP starts sending keepalive probes.</td>
</tr>
<tr>
<td>[heat_api_cloudwatch] tcp_keepidle = 600</td>
<td>(IntOpt) The value for the socket option TCP_KEEPIDLE. This is the time in seconds that the connection must be idle before TCP starts sending keepalive probes.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] send_single_reply = False</td>
<td>(BoolOpt) Send a single AMQP reply to call message. The current behaviour since oslo-incubator is to send two AMQP replies - first one with the payload, a second one to ensure the other have finish to send the payload. We are going to remove it in the N release, but we must keep backward compatible at the same time. This option provides such compatibility - it defaults to False in Liberty and can be turned on for early adopters with a new installations or for testing. Please note, that this option will be removed in M release.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_reconnect_timeout = 60</td>
<td>(IntOpt) How long to wait before considering a reconnect attempt to have failed. This value should not be longer than rpc_response_timeout.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] send_single_reply = False</td>
<td>(BoolOpt) Send a single AMQP reply to call message. The current behaviour since oslo-incubator is to send two AMQP replies - first one with the payload, a second one to ensure the other have finish to send the payload. We are going to remove it in the N release, but we must keep backward compatible at the same time. This option provides such compatibility - it defaults to False in Liberty and can be turned on for early adopters with a new installations or for testing. Please note, that this option will be removed in M release.</td>
</tr>
<tr>
<td>[oslo_middleware] secure_proxy_ssl_header = X-Forwarded-Proto</td>
<td>(StrOpt) The HTTP Header that will be used to determine what the original request protocol scheme was, even if it was hidden by an SSL termination proxy.</td>
</tr>
<tr>
<td>[oslo_policy] policy_default_rule = default</td>
<td>(StrOpt) Default rule. Enforced when a requested rule is not found.</td>
</tr>
<tr>
<td>[oslo_policy] policy_dirs = ['policy.d']</td>
<td>(MultiStrOpt) Directories where policy configuration files are stored. They can be relative to any directory in the search path defined by the config_dir option, or absolute paths. The file defined by policy_file must exist for these directories to be searched. Missing or empty directories are ignored.</td>
</tr>
<tr>
<td>[oslo_policy] policy_file = policy.json</td>
<td>(StrOpt) The JSON file that defines policies.</td>
</tr>
<tr>
<td>[oslo_versionedobjects] fatal_exception_format_errors = False</td>
<td>(BoolOpt) Make exception message format errors fatal</td>
</tr>
<tr>
<td>[DEFAULT] log-config-append = None</td>
<td>(StrOpt) The name of a logging configuration file. This file is appended to any existing logging configuration files. For details about logging configuration files, see the Python logging module documentation.</td>
</tr>
<tr>
<td>[DEFAULT] log-date-format = %Y-%m-%d %H:%M:%S</td>
<td>(StrOpt) Format string for %%(asctime)s in log records. Default: %(default)s .</td>
</tr>
<tr>
<td>[DEFAULT] log-dir = None</td>
<td>(StrOpt) (Optional) The base directory used for relative --log-file paths.</td>
</tr>
<tr>
<td>[DEFAULT] log-file = None</td>
<td>(StrOpt) (Optional) Name of log file to output to. If no default is set, logging will go to stdout.</td>
</tr>
<tr>
<td>[DEFAULT] log-format = None</td>
<td>(StrOpt) DEPRECATED. A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes. This option is deprecated. Please use logging_context_format_string and logging_default_format_string instead.</td>
</tr>
<tr>
<td>[DEFAULT] policy_dirs = ['policy.d']</td>
<td>(MultiStrOpt) Directories where policy configuration files are stored. They can be relative to any directory in the search path defined by the config_dir option, or absolute paths. The file defined by policy_file must exist for these directories to be searched.</td>
</tr>
<tr>
<td>[DEFAULT] stack_scheduler_hints = False</td>
<td>(BoolOpt) When this feature is enabled, scheduler hints identifying the heat stack context of a server resource are passed to the configured schedulers in nova, for server creates done using heat resource types OS::Nova::Server and AWS::EC2::Instance. heat_root_stack_id will be set to the id of the root stack of the resource, heat_stack_id will be set to the id of the resource's parent stack, heat_stack_name will be set to the name of the resource's parent stack, heat_path_in_stack will be set to a list of tuples, (stackresourcename, stackname) with list[0] being (None, rootstackname), and heat_resource_name will be set to the resource's name.</td>
</tr>
<tr>
<td>[DEFAULT] syslog-log-facility = LOG_USER</td>
<td>(StrOpt) Syslog facility to receive log lines.</td>
</tr>
<tr>
<td>[DEFAULT] use-syslog = False</td>
<td>(BoolOpt) Use syslog for logging. Existing syslog format is DEPRECATED during I, and will change in J to honor RFC5424.</td>
</tr>
<tr>
<td>[DEFAULT] use-syslog-rfc-format = False</td>
<td>(BoolOpt) (Optional) Enables or disables syslog rfc5424 format for logging. If enabled, prefixes the MSG part of the syslog message with APP-NAME (RFC5424). The format without the APP-NAME is deprecated in I, and will be removed in J.</td>
</tr>
<tr>
<td>[clients_sahara] ca_file = None</td>
<td>(StrOpt) Optional CA cert file to use in SSL connections.</td>
</tr>
<tr>
<td>[clients_sahara] cert_file = None</td>
<td>(StrOpt) Optional PEM-formatted certificate chain file.</td>
</tr>
<tr>
<td>[clients_sahara] endpoint_type = None</td>
<td>(StrOpt) Type of endpoint in Identity service catalog to use for communication with the OpenStack service.</td>
</tr>
<tr>
<td>[clients_sahara] insecure = None</td>
<td>(BoolOpt) If set, then the server's certificate will not be verified.</td>
</tr>
<tr>
<td>[clients_sahara] key_file = None</td>
<td>(StrOpt) Optional PEM-formatted file that contains the private key.</td>
</tr>
<tr>
<td>[ec2authtoken] ca_file = None</td>
<td>(StrOpt) Optional CA cert file to use in SSL connections.</td>
</tr>
<tr>
<td>[ec2authtoken] cert_file = None</td>
<td>(StrOpt) Optional PEM-formatted certificate chain file.</td>
</tr>
<tr>
<td>[ec2authtoken] insecure = False</td>
<td>(BoolOpt) If set, then the server's certificate will not be verified.</td>
</tr>
<tr>
<td>[ec2authtoken] key_file = None</td>
<td>(StrOpt) Optional PEM-formatted file that contains the private key.</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] allow_insecure_clients = False</td>
<td>(BoolOpt) Accept clients using either SSL or plain TCP</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] broadcast_prefix = broadcast</td>
<td>(StrOpt) address prefix used when broadcasting to all servers</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] container_name = None</td>
<td>(StrOpt) Name for the AMQP container</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] group_request_prefix = unicast</td>
<td>(StrOpt) address prefix when sending to any server in group</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] idle_timeout = 0</td>
<td>(IntOpt) Timeout for inactive connections (in seconds)</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] server_request_prefix = exclusive</td>
<td>(StrOpt) address prefix used when sending to a specific server</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_ca_file = </td>
<td>(StrOpt) CA certificate PEM file to verify server certificate</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_cert_file = </td>
<td>(StrOpt) Identifying certificate PEM file to present to clients</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_key_file = </td>
<td>(StrOpt) Private key PEM file used to sign cert_file certificate</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_key_password = None</td>
<td>(StrOpt) Password for decrypting ssl_key_file (if encrypted)</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] trace = False</td>
<td>(BoolOpt) Debug: dump AMQP frames to stdout</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] amqp_auto_delete = False</td>
<td>(BoolOpt) Auto-delete queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] amqp_durable_queues = False</td>
<td>(BoolOpt) Use durable queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_heartbeat = 60</td>
<td>(IntOpt) Seconds between connection keepalive heartbeats.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_hostname = localhost</td>
<td>(StrOpt) Qpid broker hostname.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_hosts = $qpid_hostname:$qpid_port</td>
<td>(ListOpt) Qpid HA cluster host:port pairs.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_password = </td>
<td>(StrOpt) Password for Qpid connection.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_port = 5672</td>
<td>(IntOpt) Qpid broker port.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_protocol = tcp</td>
<td>(StrOpt) Transport to use, either 'tcp' or 'ssl'.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_receiver_capacity = 1</td>
<td>(IntOpt) The number of prefetched messages held by receiver.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_sasl_mechanisms = </td>
<td>(StrOpt) Space separated list of SASL mechanisms to use for auth.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_tcp_nodelay = True</td>
<td>(BoolOpt) Whether to disable the Nagle algorithm.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_topology_version = 1</td>
<td>(IntOpt) The qpid topology version to use. Version 1 is what was originally used by impl_qpid. Version 2 includes some backwards-incompatible changes that allow broker federation to work. Users should update to version 2 when they are able to take everything down, as it requires a clean break.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_username = </td>
<td>(StrOpt) Username for Qpid connection.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] rpc_conn_pool_size = 30</td>
<td>(IntOpt) Size of RPC connection pool.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] amqp_auto_delete = False</td>
<td>(BoolOpt) Auto-delete queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] amqp_durable_queues = False</td>
<td>(BoolOpt) Use durable queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] fake_rabbit = False</td>
<td>(BoolOpt) Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_rate = 2</td>
<td>(IntOpt) How often times during the heartbeat_timeout_threshold we check the heartbeat.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_timeout_threshold = 0</td>
<td>(IntOpt) Number of seconds after which the Rabbit broker is considered down if heartbeat's keep-alive fails (0 disables the heartbeat, &gt;0 enables it. Enabling heartbeats requires kombu&gt;=3.0.7 and amqp&gt;=1.4.0). EXPERIMENTAL</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_reconnect_delay = 1.0</td>
<td>(FloatOpt) How long to wait before reconnecting in response to an AMQP consumer cancel notification.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_ca_certs = </td>
<td>(StrOpt) SSL certification authority file (valid only if SSL enabled).</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_certfile = </td>
<td>(StrOpt) SSL cert file (valid only if SSL enabled).</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_keyfile = </td>
<td>(StrOpt) SSL key file (valid only if SSL enabled).</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_version = </td>
<td>(StrOpt) SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some distributions.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_ha_queues = False</td>
<td>(BoolOpt) Use HA queues in RabbitMQ (x-ha-policy: all). If you change this option, you must wipe the RabbitMQ database.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_host = localhost</td>
<td>(StrOpt) The RabbitMQ broker address where a single node is used.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_hosts = $rabbit_host:$rabbit_port</td>
<td>(ListOpt) RabbitMQ HA cluster host:port pairs.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_login_method = AMQPLAIN</td>
<td>(StrOpt) The RabbitMQ login method.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_max_retries = 0</td>
<td>(IntOpt) Maximum number of RabbitMQ connection retries. Default is 0 (infinite retry count).</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_password = guest</td>
<td>(StrOpt) The RabbitMQ password.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_port = 5672</td>
<td>(IntOpt) The RabbitMQ broker port where a single node is used.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_retry_backoff = 2</td>
<td>(IntOpt) How long to backoff for between retries when connecting to RabbitMQ.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_retry_interval = 1</td>
<td>(IntOpt) How frequently to retry connecting with RabbitMQ.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_use_ssl = False</td>
<td>(BoolOpt) Connect over SSL for RabbitMQ.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_userid = guest</td>
<td>(StrOpt) The RabbitMQ userid.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_virtual_host = /</td>
<td>(StrOpt) The RabbitMQ virtual host.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rpc_conn_pool_size = 30</td>
<td>(IntOpt) Size of RPC connection pool.</td>
</tr>
<tr>
<td>[oslo_middleware] max_request_body_size = 114688</td>
<td>(IntOpt) The maximum body size for each request, in bytes.</td>
</tr>
<tr>
<td>[profiler] profiler_enabled = False</td>
<td>(BoolOpt) If False fully disable profiling feature.</td>
</tr>
<tr>
<td>[profiler] trace_sqlalchemy = False</td>
<td>(BoolOpt) If False do not trace SQL requests.</td>
</tr>
</table>
<table>
<caption>New default values</caption>
@ -325,45 +201,50 @@
<td>New default value</td>
</tr>
</thead>
<tr>
<td>[DEFAULT] auth_encryption_key</td>
<td>notgood but just long enough i think</td>
<td>notgood but just long enough i t</td>
</tr>
<tr>
<td>[DEFAULT] default_log_levels</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN, websocket=WARN, requests.packages.urllib3.util.retry=WARN, urllib3.util.retry=WARN, keystonemiddleware=WARN, routes.middleware=WARN, stevedore=WARN</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN, websocket=WARN, requests.packages.urllib3.util.retry=WARN, urllib3.util.retry=WARN, keystonemiddleware=WARN, routes.middleware=WARN, stevedore=WARN, taskflow=WARN</td>
</tr>
<tr>
<td>[DEFAULT] deferred_auth_method</td>
<td>password</td>
<td>trusts</td>
<td>[DEFAULT] enable_cloud_watch_lite</td>
<td>True</td>
<td>False</td>
</tr>
<tr>
<td>[DEFAULT] max_nested_stack_depth</td>
<td>3</td>
<td>5</td>
<td>[DEFAULT] heat_waitcondition_server_url</td>
<td></td>
<td>None</td>
</tr>
<tr>
<td>[DEFAULT] num_engine_workers</td>
<td>1</td>
<td>[DEFAULT] instance_user</td>
<td>ec2-user</td>
<td></td>
</tr>
<tr>
<td>[DEFAULT] logging_exception_prefix</td>
<td>%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s</td>
<td>%(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s</td>
</tr>
<tr>
<td>[DEFAULT] use_syslog_rfc_format</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[DEFAULT] verbose</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[heat_api] workers</td>
<td>0</td>
<td>4</td>
</tr>
<tr>
<td>[DEFAULT] plugin_dirs</td>
<td>/usr/lib64/heat, /usr/lib/heat</td>
<td>/usr/lib64/heat, /usr/lib/heat, /usr/local/lib/heat, /usr/local/lib64/heat</td>
</tr>
<tr>
<td>[DEFAULT] rpc_zmq_matchmaker</td>
<td>oslo.messaging._drivers.matchmaker.MatchMakerLocalhost</td>
<td>local</td>
</tr>
<tr>
<td>[DEFAULT] trusts_delegated_roles</td>
<td>heat_stack_owner</td>
<td></td>
<td>[oslo_messaging_rabbit] heartbeat_timeout_threshold</td>
<td>0</td>
<td>60</td>
</tr>
</table>
<table>
@ -377,15 +258,15 @@
</tr>
</thead>
<tr>
<td>[DEFAULT] log-format</td>
<td>[DEFAULT] use_syslog</td>
<td>None</td>
</tr>
<tr>
<td>[DEFAULT] use-syslog</td>
<td>None</td>
<td>[DEFAULT] rpc_thread_pool_size</td>
<td>[DEFAULT] executor_thread_pool_size</td>
</tr>
<tr>
<td>[DEFAULT] list_notifier_drivers</td>
<td>[DEFAULT] log_format</td>
<td>None</td>
</tr>
</table>

182
doc/config-reference/conf-changes/ironic.xml Normal file
View File

@ -0,0 +1,182 @@
<?xml version='1.0' encoding='UTF-8'?>
<section xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="ironic-conf-changes-liberty">
<!-- Warning: Do not edit this file. It is automatically generated and your changes will be overwritten. The tool to do so lives in the openstack-doc-tools repository. -->
<title>New, updated and deprecated options in Liberty for Bare metal service</title>
<table>
<caption>New options</caption>
<col width="50%"/>
<col width="50%"/>
<thead>
<tr>
<td>Option = default value</td>
<td>(Type) Help string</td>
</tr>
</thead>
<tr>
<td>[DEFAULT] executor_thread_pool_size = 64</td>
<td>(IntOpt) Size of executor thread pool.</td>
</tr>
<tr>
<td>[DEFAULT] rpc_conn_pool_size = 30</td>
<td>(IntOpt) Size of RPC connection pool.</td>
</tr>
<tr>
<td>[agent] agent_erase_devices_iterations = 1</td>
<td>(IntOpt) Number of iterations to be run for erasing devices.</td>
</tr>
<tr>
<td>[agent] post_deploy_get_power_state_retries = 6</td>
<td>(IntOpt) Number of times to retry getting power state to check if bare metal node has been powered off after a soft power off.</td>
</tr>
<tr>
<td>[agent] post_deploy_get_power_state_retry_interval = 5</td>
<td>(IntOpt) Amount of time (in seconds) to wait between polling power state after trigger soft poweroff.</td>
</tr>
<tr>
<td>[cisco_ucs] action_interval = 5</td>
<td>(IntOpt) Amount of time in seconds to wait in between power operations</td>
</tr>
<tr>
<td>[cisco_ucs] max_retry = 6</td>
<td>(IntOpt) Number of times a power operation needs to be retried</td>
</tr>
<tr>
<td>[deploy] http_root = /httpboot</td>
<td>(StrOpt) ironic-conductor node's HTTP root path.</td>
</tr>
<tr>
<td>[deploy] http_url = None</td>
<td>(StrOpt) ironic-conductor node's HTTP server URL. Example: http://192.1.2.3:8080</td>
</tr>
<tr>
<td>[drac] client_retry_count = 5</td>
<td>(IntOpt) In case there is a communication failure, the DRAC client is going to resend the request as many times as defined in this setting.</td>
</tr>
<tr>
<td>[drac] client_retry_delay = 5</td>
<td>(IntOpt) In case there is a communication failure, the DRAC client is going to wait for as many seconds as defined in this setting before resending the request.</td>
</tr>
<tr>
<td>[inspector] enabled = False</td>
<td>(BoolOpt) whether to enable inspection using ironic-inspector</td>
</tr>
<tr>
<td>[inspector] service_url = None</td>
<td>(StrOpt) ironic-inspector HTTP endpoint. If this is not set, the ironic-inspector client default (http://127.0.0.1:5050) will be used.</td>
</tr>
<tr>
<td>[inspector] status_check_period = 60</td>
<td>(IntOpt) period (in seconds) to check status of nodes on inspection</td>
</tr>
<tr>
<td>[irmc] remote_image_server = None</td>
<td>(StrOpt) IP of remote image server</td>
</tr>
<tr>
<td>[irmc] remote_image_share_name = share</td>
<td>(StrOpt) share name of remote_image_server</td>
</tr>
<tr>
<td>[irmc] remote_image_share_root = /remote_image_share_root</td>
<td>(StrOpt) Ironic conductor node's "NFS" or "CIFS" root path</td>
</tr>
<tr>
<td>[irmc] remote_image_share_type = CIFS</td>
<td>(StrOpt) Share type of virtual media, either "NFS" or "CIFS"</td>
</tr>
<tr>
<td>[irmc] remote_image_user_domain = </td>
<td>(StrOpt) Domain name of remote_image_user_name</td>
</tr>
<tr>
<td>[irmc] remote_image_user_name = None</td>
<td>(StrOpt) User name of remote_image_server</td>
</tr>
<tr>
<td>[irmc] remote_image_user_password = None</td>
<td>(StrOpt) Password of remote_image_user_name</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] send_single_reply = False</td>
<td>(BoolOpt) Send a single AMQP reply to call message. The current behaviour since oslo-incubator is to send two AMQP replies - first one with the payload, a second one to ensure the other have finish to send the payload. We are going to remove it in the N release, but we must keep backward compatible at the same time. This option provides such compatibility - it defaults to False in Liberty and can be turned on for early adopters with a new installations or for testing. Please note, that this option will be removed in M release.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_reconnect_timeout = 60</td>
<td>(IntOpt) How long to wait before considering a reconnect attempt to have failed. This value should not be longer than rpc_response_timeout.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] send_single_reply = False</td>
<td>(BoolOpt) Send a single AMQP reply to call message. The current behaviour since oslo-incubator is to send two AMQP replies - first one with the payload, a second one to ensure the other have finish to send the payload. We are going to remove it in the N release, but we must keep backward compatible at the same time. This option provides such compatibility - it defaults to False in Liberty and can be turned on for early adopters with a new installations or for testing. Please note, that this option will be removed in M release.</td>
</tr>
<tr>
<td>[oslo_versionedobjects] fatal_exception_format_errors = False</td>
<td>(BoolOpt) Make exception message format errors fatal</td>
</tr>
</table>
<table>
<caption>New default values</caption>
<col width="33%"/>
<col width="33%"/>
<col width="33%"/>
<thead>
<tr>
<td>Option</td>
<td>Previous default value</td>
<td>New default value</td>
</tr>
</thead>
<tr>
<td>[DEFAULT] default_log_levels</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN, websocket=WARN, keystonemiddleware=WARN, routes.middleware=WARN, stevedore=WARN</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN, websocket=WARN, requests.packages.urllib3.util.retry=WARN, urllib3.util.retry=WARN, keystonemiddleware=WARN, routes.middleware=WARN, stevedore=WARN, taskflow=WARN</td>
</tr>
<tr>
<td>[DEFAULT] logging_exception_prefix</td>
<td>%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s</td>
<td>%(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s</td>
</tr>
<tr>
<td>[DEFAULT] tempdir</td>
<td>None</td>
<td>/tmp</td>
</tr>
<tr>
<td>[DEFAULT] use_syslog_rfc_format</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[DEFAULT] verbose</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_timeout_threshold</td>
<td>0</td>
<td>60</td>
</tr>
</table>
<table>
<caption>Deprecated options</caption>
<col width="50%"/>
<col width="50%"/>
<thead>
<tr>
<td>Deprecated option</td>
<td>New Option</td>
</tr>
</thead>
<tr>
<td>[DEFAULT] rpc_thread_pool_size</td>
<td>[DEFAULT] executor_thread_pool_size</td>
</tr>
<tr>
<td>[DEFAULT] log_format</td>
<td>None</td>
</tr>
<tr>
<td>[DEFAULT] use_syslog</td>
<td>None</td>
</tr>
</table>
</section>

604
doc/config-reference/conf-changes/keystone.xml
View File

@ -1,7 +1,7 @@
<?xml version='1.0' encoding='UTF-8'?>
<section xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="keystone-conf-changes-kilo">
<section xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="keystone-conf-changes-liberty">
<!-- Warning: Do not edit this file. It is automatically generated and your changes will be overwritten. The tool to do so lives in the openstack-doc-tools repository. -->
<title>New, updated and deprecated options in Kilo for OpenStack Identity</title>
<title>New, updated and deprecated options in Liberty for OpenStack Identity</title>
<table>
<caption>New options</caption>
<col width="50%"/>
@ -13,412 +13,80 @@
</tr>
</thead>
<tr>
<td>[DEFAULT] log-config-append = None</td>
<td>(StrOpt) The name of a logging configuration file. This file is appended to any existing logging configuration files. For details about logging configuration files, see the Python logging module documentation.</td>
<td>[DEFAULT] executor_thread_pool_size = 64</td>
<td>(IntOpt) Size of executor thread pool.</td>
</tr>
<tr>
<td>[DEFAULT] log-date-format = %Y-%m-%d %H:%M:%S</td>
<td>(StrOpt) Format string for %%(asctime)s in log records. Default: %(default)s .</td>
</tr>
<tr>
<td>[DEFAULT] log-dir = None</td>
<td>(StrOpt) (Optional) The base directory used for relative --log-file paths.</td>
</tr>
<tr>
<td>[DEFAULT] log-file = None</td>
<td>(StrOpt) (Optional) Name of log file to output to. If no default is set, logging will go to stdout.</td>
</tr>
<tr>
<td>[DEFAULT] log-format = None</td>
<td>(StrOpt) DEPRECATED. A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes. This option is deprecated. Please use logging_context_format_string and logging_default_format_string instead.</td>
</tr>
<tr>
<td>[DEFAULT] max_project_tree_depth = 5</td>
<td>(IntOpt) Maximum depth of the project hierarchy. WARNING: setting it to a large value may adversely impact performance.</td>
</tr>
<tr>
<td>[DEFAULT] notification_format = basic</td>
<td>(StrOpt) Define the notification format for Identity Service events. A "basic" notification has information about the resource being operated on. A "cadf" notification has the same information, as well as information about the initiator of the event. Valid options are: basic and cadf</td>
</tr>
<tr>
<td>[DEFAULT] secure_proxy_ssl_header = None</td>
<td>(StrOpt) The HTTP header used to determine the scheme for the original request, even if it was removed by an SSL terminating proxy. Typical value is "HTTP_X_FORWARDED_PROTO".</td>
</tr>
<tr>
<td>[DEFAULT] syslog-log-facility = LOG_USER</td>
<td>(StrOpt) Syslog facility to receive log lines.</td>
</tr>
<tr>
<td>[DEFAULT] use-syslog = False</td>
<td>(BoolOpt) Use syslog for logging. Existing syslog format is DEPRECATED during I, and will change in J to honor RFC5424.</td>
</tr>
<tr>
<td>[DEFAULT] use-syslog-rfc-format = False</td>
<td>(BoolOpt) (Optional) Enables or disables syslog rfc5424 format for logging. If enabled, prefixes the MSG part of the syslog message with APP-NAME (RFC5424). The format without the APP-NAME is deprecated in I, and will be removed in J.</td>
</tr>
<tr>
<td>[auth] oauth1 = keystone.auth.plugins.oauth1.OAuth</td>
<td>(StrOpt) The oAuth1.0 auth plugin module.</td>
</tr>
<tr>
<td>[domain_config] cache_time = 300</td>
<td>(IntOpt) TTL (in seconds) to cache domain config data. This has no effect unless domain config caching is enabled.</td>
</tr>
<tr>
<td>[domain_config] caching = True</td>
<td>(BoolOpt) Toggle for domain config caching. This has no effect unless global caching is enabled.</td>
</tr>
<tr>
<td>[domain_config] driver = keystone.resource.config_backends.sql.DomainConfig</td>
<td>(StrOpt) Domain config backend driver.</td>
</tr>
<tr>
<td>[eventlet_server] admin_bind_host = 0.0.0.0</td>
<td>(StrOpt) The IP address of the network interface for the admin service to listen on.</td>
</tr>
<tr>
<td>[eventlet_server] admin_port = 35357</td>
<td>(IntOpt) The port number which the admin service listens on.</td>
</tr>
<tr>
<td>[eventlet_server] admin_workers = None</td>
<td>(IntOpt) The number of worker processes to serve the admin eventlet application. Defaults to number of CPUs (minimum of 2).</td>
</tr>
<tr>
<td>[eventlet_server] public_bind_host = 0.0.0.0</td>
<td>(StrOpt) The IP address of the network interface for the public service to listen on.</td>
</tr>
<tr>
<td>[eventlet_server] public_port = 5000</td>
<td>(IntOpt) The port number which the public service listens on.</td>
</tr>
<tr>
<td>[eventlet_server] public_workers = None</td>
<td>(IntOpt) The number of worker processes to serve the public eventlet application. Defaults to number of CPUs (minimum of 2).</td>
</tr>
<tr>
<td>[eventlet_server] tcp_keepalive = False</td>
<td>(BoolOpt) Set this to true if you want to enable TCP_KEEPALIVE on server sockets, i.e. sockets used by the Keystone wsgi server for client connections.</td>
</tr>
<tr>
<td>[eventlet_server] tcp_keepidle = 600</td>
<td>(IntOpt) Sets the value of TCP_KEEPIDLE in seconds for each server socket. Only applies if tcp_keepalive is true.</td>
</tr>
<tr>
<td>[eventlet_server_ssl] ca_certs = /etc/keystone/ssl/certs/ca.pem</td>
<td>(StrOpt) Path of the CA cert file for SSL.</td>
</tr>
<tr>
<td>[eventlet_server_ssl] cert_required = False</td>
<td>(BoolOpt) Require client certificate.</td>
</tr>
<tr>
<td>[eventlet_server_ssl] certfile = /etc/keystone/ssl/certs/keystone.pem</td>
<td>(StrOpt) Path of the certfile for SSL. For non-production environments, you may be interested in using `keystone-manage ssl_setup` to generate self-signed certificates.</td>
</tr>
<tr>
<td>[eventlet_server_ssl] enable = False</td>
<td>(BoolOpt) Toggle for SSL support on the Keystone eventlet servers.</td>
</tr>
<tr>
<td>[eventlet_server_ssl] keyfile = /etc/keystone/ssl/private/keystonekey.pem</td>
<td>(StrOpt) Path of the keyfile for SSL.</td>
</tr>
<tr>
<td>[federation] federated_domain_name = Federated</td>
<td>(StrOpt) A domain name that is reserved to allow federated ephemeral users to have a domain concept. Note that an admin will not be able to create a domain with this name or update an existing domain to this name. You are not advised to change this value unless you really have to. Changing this option to empty string or None will not have any impact and default name will be used.</td>
</tr>
<tr>
<td>[federation] remote_id_attribute = None</td>
<td>(StrOpt) Value to be used to obtain the entity ID of the Identity Provider from the environment (e.g. if using the mod_shib plugin this value is `Shib-Identity-Provider`).</td>
</tr>
<tr>
<td>[federation] sso_callback_template = /etc/keystone/sso_callback_template.html</td>
<td>(StrOpt) Location of Single Sign-On callback handler, will return a token to a trusted dashboard host.</td>
</tr>
<tr>
<td>[federation] trusted_dashboard = []</td>
<td>(MultiStrOpt) A list of trusted dashboard hosts. Before accepting a Single Sign-On request to return a token, the origin host must be a member of the trusted_dashboard list. This configuration option may be repeated for multiple values. For example: trusted_dashboard=http://acme.com trusted_dashboard=http://beta.com</td>
</tr>
<tr>
<td>[fernet_tokens] key_repository = /etc/keystone/fernet-keys/</td>
<td>(StrOpt) Directory containing Fernet token keys.</td>
</tr>
<tr>
<td>[fernet_tokens] max_active_keys = 3</td>
<td>(IntOpt) This controls how many keys are held in rotation by keystone-manage fernet_rotate before they are discarded. The default value of 3 means that keystone will maintain one staged key, one primary key, and one secondary key. Increasing this value means that additional secondary keys will be kept in the rotation.</td>
</tr>
<tr>
<td>[identity] cache_time = 600</td>
<td>(IntOpt) Time to cache identity data (in seconds). This has no effect unless global and identity caching are enabled.</td>
</tr>
<tr>
<td>[identity] caching = True</td>
<td>(BoolOpt) Toggle for identity caching. This has no effect unless global caching is enabled.</td>
</tr>
<tr>
<td>[identity] domain_configurations_from_database = False</td>
<td>(BoolOpt) Extract the domain specific configuration options from the resource backend where they have been stored with the domain data. This feature is disabled by default (in which case the domain specific options will be loaded from files in the domain configuration directory); set to true to enable.</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] allow_insecure_clients = False</td>
<td>(BoolOpt) Accept clients using either SSL or plain TCP</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] broadcast_prefix = broadcast</td>
<td>(StrOpt) address prefix used when broadcasting to all servers</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] container_name = None</td>
<td>(StrOpt) Name for the AMQP container</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] group_request_prefix = unicast</td>
<td>(StrOpt) address prefix when sending to any server in group</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] idle_timeout = 0</td>
<td>(IntOpt) Timeout for inactive connections (in seconds)</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] server_request_prefix = exclusive</td>
<td>(StrOpt) address prefix used when sending to a specific server</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_ca_file = </td>
<td>(StrOpt) CA certificate PEM file to verify server certificate</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_cert_file = </td>
<td>(StrOpt) Identifying certificate PEM file to present to clients</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_key_file = </td>
<td>(StrOpt) Private key PEM file used to sign cert_file certificate</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_key_password = None</td>
<td>(StrOpt) Password for decrypting ssl_key_file (if encrypted)</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] trace = False</td>
<td>(BoolOpt) Debug: dump AMQP frames to stdout</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] amqp_auto_delete = False</td>
<td>(BoolOpt) Auto-delete queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] amqp_durable_queues = False</td>
<td>(BoolOpt) Use durable queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_heartbeat = 60</td>
<td>(IntOpt) Seconds between connection keepalive heartbeats.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_hostname = localhost</td>
<td>(StrOpt) Qpid broker hostname.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_hosts = $qpid_hostname:$qpid_port</td>
<td>(ListOpt) Qpid HA cluster host:port pairs.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_password = </td>
<td>(StrOpt) Password for Qpid connection.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_port = 5672</td>
<td>(IntOpt) Qpid broker port.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_protocol = tcp</td>
<td>(StrOpt) Transport to use, either 'tcp' or 'ssl'.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_receiver_capacity = 1</td>
<td>(IntOpt) The number of prefetched messages held by receiver.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_sasl_mechanisms = </td>
<td>(StrOpt) Space separated list of SASL mechanisms to use for auth.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_tcp_nodelay = True</td>
<td>(BoolOpt) Whether to disable the Nagle algorithm.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_topology_version = 1</td>
<td>(IntOpt) The qpid topology version to use. Version 1 is what was originally used by impl_qpid. Version 2 includes some backwards-incompatible changes that allow broker federation to work. Users should update to version 2 when they are able to take everything down, as it requires a clean break.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_username = </td>
<td>(StrOpt) Username for Qpid connection.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] rpc_conn_pool_size = 30</td>
<td>[DEFAULT] rpc_conn_pool_size = 30</td>
<td>(IntOpt) Size of RPC connection pool.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] amqp_auto_delete = False</td>
<td>(BoolOpt) Auto-delete queues in AMQP.</td>
<td>[cors] allow_credentials = True</td>
<td>(BoolOpt) Indicate that the actual request can include user credentials</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] amqp_durable_queues = False</td>
<td>(BoolOpt) Use durable queues in AMQP.</td>
<td>[cors] allow_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which header field names may be used during the actual request.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] fake_rabbit = False</td>
<td>(BoolOpt) Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake</td>
<td>[cors] allow_methods = GET, POST, PUT, DELETE, OPTIONS</td>
<td>(ListOpt) Indicate which methods can be used during the actual request.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_rate = 2</td>
<td>(IntOpt) How often times during the heartbeat_timeout_threshold we check the heartbeat.</td>
<td>[cors] allowed_origin = None</td>
<td>(StrOpt) Indicate whether this resource may be shared with the domain received in the requests "origin" header.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_timeout_threshold = 0</td>
<td>(IntOpt) Number of seconds after which the Rabbit broker is considered down if heartbeat's keep-alive fails (0 disables the heartbeat, &gt;0 enables it. Enabling heartbeats requires kombu&gt;=3.0.7 and amqp&gt;=1.4.0). EXPERIMENTAL</td>
<td>[cors] expose_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which headers are safe to expose to the API. Defaults to HTTP Simple Headers.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_reconnect_delay = 1.0</td>
<td>(FloatOpt) How long to wait before reconnecting in response to an AMQP consumer cancel notification.</td>
<td>[cors] max_age = 3600</td>
<td>(IntOpt) Maximum cache age of CORS preflight requests.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_ca_certs = </td>
<td>(StrOpt) SSL certification authority file (valid only if SSL enabled).</td>
<td>[cors.subdomain] allow_credentials = True</td>
<td>(BoolOpt) Indicate that the actual request can include user credentials</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_certfile = </td>
<td>(StrOpt) SSL cert file (valid only if SSL enabled).</td>
<td>[cors.subdomain] allow_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which header field names may be used during the actual request.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_keyfile = </td>
<td>(StrOpt) SSL key file (valid only if SSL enabled).</td>
<td>[cors.subdomain] allow_methods = GET, POST, PUT, DELETE, OPTIONS</td>
<td>(ListOpt) Indicate which methods can be used during the actual request.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_version = </td>
<td>(StrOpt) SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some distributions.</td>
<td>[cors.subdomain] allowed_origin = None</td>
<td>(StrOpt) Indicate whether this resource may be shared with the domain received in the requests "origin" header.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_ha_queues = False</td>
<td>(BoolOpt) Use HA queues in RabbitMQ (x-ha-policy: all). If you change this option, you must wipe the RabbitMQ database.</td>
<td>[cors.subdomain] expose_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which headers are safe to expose to the API. Defaults to HTTP Simple Headers.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_host = localhost</td>
<td>(StrOpt) The RabbitMQ broker address where a single node is used.</td>
<td>[cors.subdomain] max_age = 3600</td>
<td>(IntOpt) Maximum cache age of CORS preflight requests.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_hosts = $rabbit_host:$rabbit_port</td>
<td>(ListOpt) RabbitMQ HA cluster host:port pairs.</td>
<td>[endpoint_policy] enabled = True</td>
<td>(BoolOpt) Enable endpoint_policy functionality.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_login_method = AMQPLAIN</td>
<td>(StrOpt) The RabbitMQ login method.</td>
<td>[oslo_messaging_qpid] send_single_reply = False</td>
<td>(BoolOpt) Send a single AMQP reply to call message. The current behaviour since oslo-incubator is to send two AMQP replies - first one with the payload, a second one to ensure the other have finish to send the payload. We are going to remove it in the N release, but we must keep backward compatible at the same time. This option provides such compatibility - it defaults to False in Liberty and can be turned on for early adopters with a new installations or for testing. Please note, that this option will be removed in M release.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_max_retries = 0</td>
<td>(IntOpt) Maximum number of RabbitMQ connection retries. Default is 0 (infinite retry count).</td>
<td>[oslo_messaging_rabbit] kombu_reconnect_timeout = 60</td>
<td>(IntOpt) How long to wait before considering a reconnect attempt to have failed. This value should not be longer than rpc_response_timeout.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_password = guest</td>
<td>(StrOpt) The RabbitMQ password.</td>
<td>[oslo_messaging_rabbit] send_single_reply = False</td>
<td>(BoolOpt) Send a single AMQP reply to call message. The current behaviour since oslo-incubator is to send two AMQP replies - first one with the payload, a second one to ensure the other have finish to send the payload. We are going to remove it in the N release, but we must keep backward compatible at the same time. This option provides such compatibility - it defaults to False in Liberty and can be turned on for early adopters with a new installations or for testing. Please note, that this option will be removed in M release.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_port = 5672</td>
<td>(IntOpt) The RabbitMQ broker port where a single node is used.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_retry_backoff = 2</td>
<td>(IntOpt) How long to backoff for between retries when connecting to RabbitMQ.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_retry_interval = 1</td>
<td>(IntOpt) How frequently to retry connecting with RabbitMQ.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_use_ssl = False</td>
<td>(BoolOpt) Connect over SSL for RabbitMQ.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_userid = guest</td>
<td>(StrOpt) The RabbitMQ userid.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_virtual_host = /</td>
<td>(StrOpt) The RabbitMQ virtual host.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rpc_conn_pool_size = 30</td>
<td>(IntOpt) Size of RPC connection pool.</td>
</tr>
<tr>
<td>[oslo_middleware] max_request_body_size = 114688</td>
<td>(IntOpt) The maximum body size for each request, in bytes.</td>
</tr>
<tr>
<td>[oslo_policy] policy_default_rule = default</td>
<td>(StrOpt) Default rule. Enforced when a requested rule is not found.</td>
</tr>
<tr>
<td>[oslo_policy] policy_dirs = ['policy.d']</td>
<td>(MultiStrOpt) Directories where policy configuration files are stored. They can be relative to any directory in the search path defined by the config_dir option, or absolute paths. The file defined by policy_file must exist for these directories to be searched. Missing or empty directories are ignored.</td>
</tr>
<tr>
<td>[oslo_policy] policy_file = policy.json</td>
<td>(StrOpt) The JSON file that defines policies.</td>
</tr>
<tr>
<td>[resource] cache_time = None</td>
<td>(IntOpt) TTL (in seconds) to cache resource data. This has no effect unless global caching is enabled.</td>
</tr>
<tr>
<td>[resource] caching = True</td>
<td>(BoolOpt) Toggle for resource caching. This has no effect unless global caching is enabled.</td>
</tr>
<tr>
<td>[resource] driver = None</td>
<td>(StrOpt) Resource backend driver. If a resource driver is not specified, the assignment driver will choose the resource driver.</td>
</tr>
<tr>
<td>[resource] list_limit = None</td>
<td>(IntOpt) Maximum number of entities that will be returned in a resource collection.</td>
</tr>
<tr>
<td>[revoke] cache_time = 3600</td>
<td>(IntOpt) Time to cache the revocation list and the revocation events (in seconds). This has no effect unless global and token caching are enabled.</td>
</tr>
<tr>
<td>[role] cache_time = None</td>
<td>(IntOpt) TTL (in seconds) to cache role data. This has no effect unless global caching is enabled.</td>
</tr>
<tr>
<td>[role] caching = True</td>
<td>(BoolOpt) Toggle for role caching. This has no effect unless global caching is enabled.</td>
</tr>
<tr>
<td>[role] driver = None</td>
<td>(StrOpt) Role backend driver.</td>
</tr>
<tr>
<td>[role] list_limit = None</td>
<td>(IntOpt) Maximum number of entities that will be returned in a role collection.</td>
</tr>
<tr>
<td>[saml] relay_state_prefix = ss:mem:</td>
<td>(StrOpt) The prefix to use for the RelayState SAML attribute, used when generating ECP wrapped assertions.</td>
</tr>
<tr>
<td>[token] allow_rescope_scoped_token = True</td>
<td>(BoolOpt) Allow rescoping of scoped token. Setting allow_rescoped_scoped_token to false prevents a user from exchanging a scoped token for any other token.</td>
</tr>
<tr>
<td>[trust] allow_redelegation = False</td>
<td>(BoolOpt) Enable redelegation feature.</td>
</tr>
<tr>
<td>[trust] max_redelegation_count = 3</td>
<td>(IntOpt) Maximum depth of trust redelegation.</td>
<td>[oslo_middleware] secure_proxy_ssl_header = X-Forwarded-Proto</td>
<td>(StrOpt) The HTTP Header that will be used to determine what the original request protocol scheme was, even if it was hidden by an SSL termination proxy.</td>
</tr>
</table>
<table>
@ -433,30 +101,130 @@
<td>New default value</td>
</tr>
</thead>
<tr>
<td>[DEFAULT] crypt_strength</td>
<td>40000</td>
<td>10000</td>
</tr>
<tr>
<td>[DEFAULT] default_log_levels</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN, websocket=WARN, keystonemiddleware=WARN, routes.middleware=WARN, stevedore=WARN</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN, websocket=WARN, requests.packages.urllib3.util.retry=WARN, urllib3.util.retry=WARN, keystonemiddleware=WARN, routes.middleware=WARN, stevedore=WARN</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN, websocket=WARN, requests.packages.urllib3.util.retry=WARN, urllib3.util.retry=WARN, keystonemiddleware=WARN, routes.middleware=WARN, stevedore=WARN, taskflow=WARN</td>
</tr>
<tr>
<td>[DEFAULT] rpc_zmq_matchmaker</td>
<td>oslo.messaging._drivers.matchmaker.MatchMakerLocalhost</td>
<td>local</td>
<td>[DEFAULT] logging_exception_prefix</td>
<td>%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s</td>
<td>%(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s</td>
</tr>
<tr>
<td>[auth] methods</td>
<td>external, password, token</td>
<td>external, password, token, oauth1</td>
<td>[DEFAULT] use_syslog_rfc_format</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[DEFAULT] verbose</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[auth] external</td>
<td>keystone.auth.plugins.external.DefaultDomain</td>
<td>None</td>
</tr>
<tr>
<td>[auth] oauth1</td>
<td>keystone.auth.plugins.oauth1.OAuth</td>
<td>None</td>
</tr>
<tr>
<td>[auth] password</td>
<td>keystone.auth.plugins.password.Password</td>
<td>None</td>
</tr>
<tr>
<td>[auth] token</td>
<td>keystone.auth.plugins.token.Token</td>
<td>None</td>
</tr>
<tr>
<td>[catalog] driver</td>
<td>keystone.catalog.backends.sql.Catalog</td>
<td>sql</td>
</tr>
<tr>
<td>[credential] driver</td>
<td>keystone.credential.backends.sql.Credential</td>
<td>sql</td>
</tr>
<tr>
<td>[domain_config] driver</td>
<td>keystone.resource.config_backends.sql.DomainConfig</td>
<td>sql</td>
</tr>
<tr>
<td>[endpoint_filter] driver</td>
<td>keystone.contrib.endpoint_filter.backends.sql.EndpointFilter</td>
<td>sql</td>
</tr>
<tr>
<td>[endpoint_policy] driver</td>
<td>keystone.contrib.endpoint_policy.backends.sql.EndpointPolicy</td>
<td>sql</td>
</tr>
<tr>
<td>[federation] driver</td>
<td>keystone.contrib.federation.backends.sql.Federation</td>
<td>sql</td>
</tr>
<tr>
<td>[identity] driver</td>
<td>keystone.identity.backends.sql.Identity</td>
<td>sql</td>
</tr>
<tr>
<td>[identity_mapping] driver</td>
<td>keystone.identity.mapping_backends.sql.Mapping</td>
<td>sql</td>
</tr>
<tr>
<td>[identity_mapping] generator</td>
<td>keystone.identity.id_generators.sha256.Generator</td>
<td>sha256</td>
</tr>
<tr>
<td>[oauth1] driver</td>
<td>keystone.contrib.oauth1.backends.sql.OAuth1</td>
<td>sql</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_timeout_threshold</td>
<td>0</td>
<td>60</td>
</tr>
<tr>
<td>[policy] driver</td>
<td>keystone.policy.backends.sql.Policy</td>
<td>sql</td>
</tr>
<tr>
<td>[revoke] driver</td>
<td>keystone.contrib.revoke.backends.kvs.Revoke</td>
<td>keystone.contrib.revoke.backends.sql.Revoke</td>
<td>sql</td>
</tr>
<tr>
<td>[token] driver</td>
<td>keystone.token.persistence.backends.sql.Token</td>
<td>sql</td>
</tr>
<tr>
<td>[token] provider</td>
<td>None</td>
<td>keystone.token.providers.uuid.Provider</td>
<td>uuid</td>
</tr>
<tr>
<td>[trust] driver</td>
<td>keystone.trust.backends.sql.Trust</td>
<td>sql</td>
</tr>
</table>
<table>
@ -470,84 +238,16 @@
</tr>
</thead>
<tr>
<td>[DEFAULT] admin_bind_host</td>
<td>[eventlet_server] admin_bind_host</td>
</tr>
<tr>
<td>[DEFAULT] log-format</td>
<td>[DEFAULT] use_syslog</td>
<td>None</td>
</tr>
<tr>
<td>[DEFAULT] use-syslog</td>
<td>[DEFAULT] log_format</td>
<td>None</td>
</tr>
<tr>
<td>[DEFAULT] admin_workers</td>
<td>[eventlet_server] admin_workers</td>
</tr>
<tr>
<td>[assignment] list_limit</td>
<td>[resource] list_limit</td>
</tr>
<tr>
<td>[DEFAULT] admin_port</td>
<td>[eventlet_server] admin_port</td>
</tr>
<tr>
<td>[assignment] caching</td>
<td>[resource] caching</td>
</tr>
<tr>
<td>[DEFAULT] max_request_body_size</td>
<td>[oslo_middleware] max_request_body_size</td>
</tr>
<tr>
<td>[assignment] cache_time</td>
<td>[resource] cache_time</td>
</tr>
<tr>
<td>[DEFAULT] tcp_keepidle</td>
<td>[eventlet_server] tcp_keepidle</td>
</tr>
<tr>
<td>[ssl] cert_required</td>
<td>[eventlet_server_ssl] cert_required</td>
</tr>
<tr>
<td>[DEFAULT] public_port</td>
<td>[eventlet_server] public_port</td>
</tr>
<tr>
<td>[DEFAULT] public_bind_host</td>
<td>[eventlet_server] public_bind_host</td>
</tr>
<tr>
<td>[DEFAULT] tcp_keepalive</td>
<td>[eventlet_server] tcp_keepalive</td>
</tr>
<tr>
<td>[token] revocation_cache_time</td>
<td>[revoke] cache_time</td>
</tr>
<tr>
<td>[DEFAULT] public_workers</td>
<td>[eventlet_server] public_workers</td>
</tr>
<tr>
<td>[ssl] keyfile</td>
<td>[eventlet_server_ssl] keyfile</td>
</tr>
<tr>
<td>[ssl] ca_certs</td>
<td>[eventlet_server_ssl] ca_certs</td>
</tr>
<tr>
<td>[ssl] enable</td>
<td>[eventlet_server_ssl] enable</td>
</tr>
<tr>
<td>[ssl] certfile</td>
<td>[eventlet_server_ssl] certfile</td>
<td>[DEFAULT] rpc_thread_pool_size</td>
<td>[DEFAULT] executor_thread_pool_size</td>
</tr>
</table>
</section>

963
doc/config-reference/conf-changes/neutron.xml
View File

File diff suppressed because it is too large Load Diff

679
doc/config-reference/conf-changes/nova.xml
View File

@ -1,7 +1,7 @@
<?xml version='1.0' encoding='UTF-8'?>
<section xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="nova-conf-changes-kilo">
<section xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="nova-conf-changes-liberty">
<!-- Warning: Do not edit this file. It is automatically generated and your changes will be overwritten. The tool to do so lives in the openstack-doc-tools repository. -->
<title>New, updated and deprecated options in Kilo for OpenStack Compute</title>
<title>New, updated and deprecated options in Liberty for OpenStack Compute</title>
<table>
<caption>New options</caption>
<col width="50%"/>
@ -13,560 +13,152 @@
</tr>
</thead>
<tr>
<td>[DEFAULT] ebtables_exec_attempts = 3</td>
<td>(IntOpt) Number of times to retry ebtables commands on failure.</td>
<td>[DEFAULT] executor_thread_pool_size = 64</td>
<td>(IntOpt) Size of executor thread pool.</td>
</tr>
<tr>
<td>[DEFAULT] ebtables_retry_interval = 1.0</td>
<td>(FloatOpt) Number of seconds to wait between ebtables retries.</td>
</tr>
<tr>
<td>[DEFAULT] io_ops_weight_multiplier = -1.0</td>
<td>(FloatOpt) Multiplier used for weighing host io ops. Negative numbers mean a preference to choose light workload compute hosts.</td>
</tr>
<tr>
<td>[DEFAULT] keystone_ec2_insecure = False</td>
<td>(BoolOpt) Disable SSL certificate verification.</td>
</tr>
<tr>
<td>[DEFAULT] log-config-append = None</td>
<td>(StrOpt) The name of a logging configuration file. This file is appended to any existing logging configuration files. For details about logging configuration files, see the Python logging module documentation.</td>
</tr>
<tr>
<td>[DEFAULT] log-date-format = %Y-%m-%d %H:%M:%S</td>
<td>(StrOpt) Format string for %%(asctime)s in log records. Default: %(default)s .</td>
</tr>
<tr>
<td>[DEFAULT] log-dir = None</td>
<td>(StrOpt) (Optional) The base directory used for relative --log-file paths.</td>
</tr>
<tr>
<td>[DEFAULT] log-file = None</td>
<td>(StrOpt) (Optional) Name of log file to output to. If no default is set, logging will go to stdout.</td>
</tr>
<tr>
<td>[DEFAULT] log-format = None</td>
<td>(StrOpt) DEPRECATED. A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes. This option is deprecated. Please use logging_context_format_string and logging_default_format_string instead.</td>
</tr>
<tr>
<td>[DEFAULT] max_concurrent_builds = 10</td>
<td>(IntOpt) Maximum number of instance builds to run concurrently</td>
</tr>
<tr>
<td>[DEFAULT] metadata_cache_expiration = 15</td>
<td>(IntOpt) Time in seconds to cache metadata; 0 to disable metadata caching entirely (not recommended). Increasingthis should improve response times of the metadata API when under heavy load. Higher values may increase memoryusage and result in longer times for host metadata changes to take effect.</td>
</tr>
<tr>
<td>[DEFAULT] my_block_storage_ip = $my_ip</td>
<td>(StrOpt) Block storage IP address of this host</td>
</tr>
<tr>
<td>[DEFAULT] novncproxy_host = 0.0.0.0</td>
<td>(StrOpt) Host on which to listen for incoming requests</td>
</tr>
<tr>
<td>[DEFAULT] novncproxy_port = 6080</td>
<td>(IntOpt) Port on which to listen for incoming requests</td>
</tr>
<tr>
<td>[DEFAULT] policy_dirs = ['policy.d']</td>
<td>(MultiStrOpt) Directories where policy configuration files are stored. They can be relative to any directory in the search path defined by the config_dir option, or absolute paths. The file defined by policy_file must exist for these directories to be searched. Missing or empty directories are ignored.</td>
</tr>
<tr>
<td>[DEFAULT] quota_networks = 3</td>
<td>(IntOpt) Number of private networks allowed per project</td>
</tr>
<tr>
<td>[DEFAULT] scheduler_instance_sync_interval = 120</td>
<td>(IntOpt) Waiting time interval (seconds) between sending the scheduler a list of current instance UUIDs to verify that its view of instances is in sync with nova. If the CONF option `scheduler_tracks_instance_changes` is False, changing this option will have no effect.</td>
</tr>
<tr>
<td>[DEFAULT] scheduler_tracks_instance_changes = True</td>
<td>(BoolOpt) Determines if the Scheduler tracks changes to instances to help with its filtering decisions.</td>
</tr>
<tr>
<td>[DEFAULT] syslog-log-facility = LOG_USER</td>
<td>(StrOpt) Syslog facility to receive log lines.</td>
</tr>
<tr>
<td>[DEFAULT] use-syslog = False</td>
<td>(BoolOpt) Use syslog for logging. Existing syslog format is DEPRECATED during I, and will change in J to honor RFC5424.</td>
</tr>
<tr>
<td>[DEFAULT] use-syslog-rfc-format = False</td>
<td>(BoolOpt) (Optional) Enables or disables syslog rfc5424 format for logging. If enabled, prefixes the MSG part of the syslog message with APP-NAME (RFC5424). The format without the APP-NAME is deprecated in I, and will be removed in J.</td>
</tr>
<tr>
<td>[api_database] connection = None</td>
<td>(StrOpt) The SQLAlchemy connection string to use to connect to the Nova API database.</td>
</tr>
<tr>
<td>[api_database] connection_debug = 0</td>
<td>(IntOpt) Verbosity of SQL debugging information: 0=None, 100=Everything.</td>
</tr>
<tr>
<td>[api_database] connection_trace = False</td>
<td>(BoolOpt) Add Python stack traces to SQL as comment strings.</td>
</tr>
<tr>
<td>[api_database] idle_timeout = 3600</td>
<td>(IntOpt) Timeout before idle SQL connections are reaped.</td>
</tr>
<tr>
<td>[api_database] max_overflow = None</td>
<td>(IntOpt) If set, use this value for max_overflow with SQLAlchemy.</td>
</tr>
<tr>
<td>[api_database] max_pool_size = None</td>
<td>(IntOpt) Maximum number of SQL connections to keep open in a pool.</td>
</tr>
<tr>
<td>[api_database] max_retries = 10</td>
<td>(IntOpt) Maximum number of database connection retries during startup. Set to -1 to specify an infinite retry count.</td>
</tr>
<tr>
<td>[api_database] mysql_sql_mode = TRADITIONAL</td>
<td>(StrOpt) The SQL mode to be used for MySQL sessions. This option, including the default, overrides any server-set SQL mode. To use whatever SQL mode is set by the server configuration, set this to no value. Example: mysql_sql_mode=</td>
</tr>
<tr>
<td>[api_database] pool_timeout = None</td>
<td>(IntOpt) If set, use this value for pool_timeout with SQLAlchemy.</td>
</tr>
<tr>
<td>[api_database] retry_interval = 10</td>
<td>(IntOpt) Interval between retries of opening a SQL connection.</td>
</tr>
<tr>
<td>[api_database] slave_connection = None</td>
<td>(StrOpt) The SQLAlchemy connection string to use to connect to the slave database.</td>
</tr>
<tr>
<td>[api_database] sqlite_synchronous = True</td>
<td>(BoolOpt) If True, SQLite uses synchronous mode.</td>
</tr>
<tr>
<td>[barbican] cafile = None</td>
<td>(StrOpt) PEM encoded Certificate Authority to use when verifying HTTPs connections.</td>
</tr>
<tr>
<td>[barbican] catalog_info = key-manager:barbican:public</td>
<td>(StrOpt) Info to match when looking for barbican in the service catalog. Format is: separated values of the form: &lt;service_type&gt;:&lt;service_name&gt;:&lt;endpoint_type&gt;</td>
</tr>
<tr>
<td>[barbican] certfile = None</td>
<td>(StrOpt) PEM encoded client certificate cert file</td>
</tr>
<tr>
<td>[barbican] endpoint_template = None</td>
<td>(StrOpt) Override service catalog lookup with template for barbican endpoint e.g. http://localhost:9311/v1/%(project_id)s</td>
</tr>
<tr>
<td>[barbican] insecure = False</td>
<td>(BoolOpt) Verify HTTPS connections.</td>
</tr>
<tr>
<td>[barbican] keyfile = None</td>
<td>(StrOpt) PEM encoded client certificate key file</td>
</tr>
<tr>
<td>[barbican] os_region_name = None</td>
<td>(StrOpt) Region name of this node</td>
</tr>
<tr>
<td>[barbican] timeout = None</td>
<td>(IntOpt) Timeout value for http requests</td>
</tr>
<tr>
<td>[cinder] cafile = None</td>
<td>(StrOpt) PEM encoded Certificate Authority to use when verifying HTTPs connections.</td>
</tr>
<tr>
<td>[cinder] certfile = None</td>
<td>(StrOpt) PEM encoded client certificate cert file</td>
</tr>
<tr>
<td>[cinder] insecure = False</td>
<td>(BoolOpt) Verify HTTPS connections.</td>
</tr>
<tr>
<td>[cinder] keyfile = None</td>
<td>(StrOpt) PEM encoded client certificate key file</td>
</tr>
<tr>
<td>[cinder] timeout = None</td>
<td>(IntOpt) Timeout value for http requests</td>
</tr>
<tr>
<td>[database] backend = sqlalchemy</td>
<td>(StrOpt) The back end to use for the database.</td>
</tr>
<tr>
<td>[database] connection = None</td>
<td>(StrOpt) The SQLAlchemy connection string to use to connect to the database.</td>
</tr>
<tr>
<td>[database] connection_debug = 0</td>
<td>(IntOpt) Verbosity of SQL debugging information: 0=None, 100=Everything.</td>
</tr>
<tr>
<td>[database] connection_trace = False</td>
<td>(BoolOpt) Add Python stack traces to SQL as comment strings.</td>
</tr>
<tr>
<td>[database] db_inc_retry_interval = True</td>
<td>(BoolOpt) If True, increases the interval between retries of a database operation up to db_max_retry_interval.</td>
</tr>
<tr>
<td>[database] db_max_retries = 20</td>
<td>(IntOpt) Maximum retries in case of connection error or deadlock error before error is raised. Set to -1 to specify an infinite retry count.</td>
</tr>
<tr>
<td>[database] db_max_retry_interval = 10</td>
<td>(IntOpt) If db_inc_retry_interval is set, the maximum seconds between retries of a database operation.</td>
</tr>
<tr>
<td>[database] db_retry_interval = 1</td>
<td>(IntOpt) Seconds between retries of a database transaction.</td>
</tr>
<tr>
<td>[database] idle_timeout = 3600</td>
<td>(IntOpt) Timeout before idle SQL connections are reaped.</td>
</tr>
<tr>
<td>[database] max_overflow = None</td>
<td>(IntOpt) If set, use this value for max_overflow with SQLAlchemy.</td>
</tr>
<tr>
<td>[database] max_pool_size = None</td>
<td>(IntOpt) Maximum number of SQL connections to keep open in a pool.</td>
</tr>
<tr>
<td>[database] max_retries = 10</td>
<td>(IntOpt) Maximum number of database connection retries during startup. Set to -1 to specify an infinite retry count.</td>
</tr>
<tr>
<td>[database] min_pool_size = 1</td>
<td>(IntOpt) Minimum number of SQL connections to keep open in a pool.</td>
</tr>
<tr>
<td>[database] mysql_sql_mode = TRADITIONAL</td>
<td>(StrOpt) The SQL mode to be used for MySQL sessions. This option, including the default, overrides any server-set SQL mode. To use whatever SQL mode is set by the server configuration, set this to no value. Example: mysql_sql_mode=</td>
</tr>
<tr>
<td>[database] pool_timeout = None</td>
<td>(IntOpt) If set, use this value for pool_timeout with SQLAlchemy.</td>
</tr>
<tr>
<td>[database] retry_interval = 10</td>
<td>(IntOpt) Interval between retries of opening a SQL connection.</td>
</tr>
<tr>
<td>[database] slave_connection = None</td>
<td>(StrOpt) The SQLAlchemy connection string to use to connect to the slave database.</td>
</tr>
<tr>
<td>[database] sqlite_db = oslo.sqlite</td>
<td>(StrOpt) The file name to use with SQLite.</td>
</tr>
<tr>
<td>[database] sqlite_synchronous = True</td>
<td>(BoolOpt) If True, SQLite uses synchronous mode.</td>
</tr>
<tr>
<td>[database] use_db_reconnect = False</td>
<td>(BoolOpt) Enable the experimental use of database reconnect on connection lost.</td>
</tr>
<tr>
<td>[guestfs] debug = False</td>
<td>(BoolOpt) Enable guestfs debug</td>
</tr>
<tr>
<td>[libvirt] iscsi_iface = None</td>
<td>(StrOpt) The iSCSI transport iface to use to connect to target in case offload support is desired. Supported transports are be2iscsi, bnx2i, cxgb3i, cxgb4i, qla4xxx and ocs. Default format is transport_name.hwaddress and can be generated manually or via iscsiadm -m iface</td>
</tr>
<tr>
<td>[libvirt] quobyte_client_cfg = None</td>
<td>(StrOpt) Path to a Quobyte Client configuration file.</td>
</tr>
<tr>
<td>[libvirt] quobyte_mount_point_base = $state_path/mnt</td>
<td>(StrOpt) Directory where the Quobyte volume is mounted on the compute node</td>
</tr>
<tr>
<td>[libvirt] smbfs_mount_options = </td>
<td>(StrOpt) Mount options passed to the SMBFS client. See mount.cifs man page for details. Note that the libvirt-qemu uid and gid must be specified.</td>
</tr>
<tr>
<td>[libvirt] smbfs_mount_point_base = $state_path/mnt</td>
<td>(StrOpt) Directory where the SMBFS shares are mounted on the compute node</td>
</tr>
<tr>
<td>[neutron] auth_plugin = None</td>
<td>(StrOpt) Name of the plugin to load</td>
</tr>
<tr>
<td>[neutron] auth_section = None</td>
<td>(StrOpt) Config Section from which to load plugin specific options</td>
</tr>
<tr>
<td>[neutron] cafile = None</td>
<td>(StrOpt) PEM encoded Certificate Authority to use when verifying HTTPs connections.</td>
</tr>
<tr>
<td>[neutron] certfile = None</td>
<td>(StrOpt) PEM encoded client certificate cert file</td>
</tr>
<tr>
<td>[neutron] insecure = False</td>
<td>(BoolOpt) Verify HTTPS connections.</td>
</tr>
<tr>
<td>[neutron] keyfile = None</td>
<td>(StrOpt) PEM encoded client certificate key file</td>
</tr>
<tr>
<td>[neutron] timeout = None</td>
<td>(IntOpt) Timeout value for http requests</td>
</tr>
<tr>
<td>[oslo_concurrency] disable_process_locking = False</td>
<td>(BoolOpt) Enables or disables inter-process locks.</td>
</tr>
<tr>
<td>[oslo_concurrency] lock_path = None</td>
<td>(StrOpt) Directory to use for lock files. For security, the specified directory should only be writable by the user running the processes that need locking. Defaults to environment variable OSLO_LOCK_PATH. If external locks are used, a lock path must be set.</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] allow_insecure_clients = False</td>
<td>(BoolOpt) Accept clients using either SSL or plain TCP</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] broadcast_prefix = broadcast</td>
<td>(StrOpt) address prefix used when broadcasting to all servers</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] container_name = None</td>
<td>(StrOpt) Name for the AMQP container</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] group_request_prefix = unicast</td>
<td>(StrOpt) address prefix when sending to any server in group</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] idle_timeout = 0</td>
<td>(IntOpt) Timeout for inactive connections (in seconds)</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] server_request_prefix = exclusive</td>
<td>(StrOpt) address prefix used when sending to a specific server</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_ca_file = </td>
<td>(StrOpt) CA certificate PEM file to verify server certificate</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_cert_file = </td>
<td>(StrOpt) Identifying certificate PEM file to present to clients</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_key_file = </td>
<td>(StrOpt) Private key PEM file used to sign cert_file certificate</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_key_password = None</td>
<td>(StrOpt) Password for decrypting ssl_key_file (if encrypted)</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] trace = False</td>
<td>(BoolOpt) Debug: dump AMQP frames to stdout</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] amqp_auto_delete = False</td>
<td>(BoolOpt) Auto-delete queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] amqp_durable_queues = False</td>
<td>(BoolOpt) Use durable queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_heartbeat = 60</td>
<td>(IntOpt) Seconds between connection keepalive heartbeats.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_hostname = localhost</td>
<td>(StrOpt) Qpid broker hostname.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_hosts = $qpid_hostname:$qpid_port</td>
<td>(ListOpt) Qpid HA cluster host:port pairs.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_password = </td>
<td>(StrOpt) Password for Qpid connection.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_port = 5672</td>
<td>(IntOpt) Qpid broker port.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_protocol = tcp</td>
<td>(StrOpt) Transport to use, either 'tcp' or 'ssl'.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_receiver_capacity = 1</td>
<td>(IntOpt) The number of prefetched messages held by receiver.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_sasl_mechanisms = </td>
<td>(StrOpt) Space separated list of SASL mechanisms to use for auth.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_tcp_nodelay = True</td>
<td>(BoolOpt) Whether to disable the Nagle algorithm.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_topology_version = 1</td>
<td>(IntOpt) The qpid topology version to use. Version 1 is what was originally used by impl_qpid. Version 2 includes some backwards-incompatible changes that allow broker federation to work. Users should update to version 2 when they are able to take everything down, as it requires a clean break.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_username = </td>
<td>(StrOpt) Username for Qpid connection.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] rpc_conn_pool_size = 30</td>
<td>[DEFAULT] rpc_conn_pool_size = 30</td>
<td>(IntOpt) Size of RPC connection pool.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] amqp_auto_delete = False</td>
<td>(BoolOpt) Auto-delete queues in AMQP.</td>
<td>[DEFAULT] secure_proxy_ssl_header = None</td>
<td>(StrOpt) The HTTP header used to determine the scheme for the original request, even if it was removed by an SSL terminating proxy. Typical value is "HTTP_X_FORWARDED_PROTO".</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] amqp_durable_queues = False</td>
<td>(BoolOpt) Use durable queues in AMQP.</td>
<td>[DEFAULT] update_resources_interval = 0</td>
<td>(IntOpt) Interval in seconds for updating compute resources. A number less than 0 means to disable the task completely. Leaving this at the default of 0 will cause this to run at the default periodic interval. Setting it to any positive value will cause it to run at approximately that number of seconds.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] fake_rabbit = False</td>
<td>(BoolOpt) Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake</td>
<td>[cors] allow_credentials = True</td>
<td>(BoolOpt) Indicate that the actual request can include user credentials</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_rate = 2</td>
<td>(IntOpt) How often times during the heartbeat_timeout_threshold we check the heartbeat.</td>
<td>[cors] allow_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which header field names may be used during the actual request.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_timeout_threshold = 0</td>
<td>(IntOpt) Number of seconds after which the Rabbit broker is considered down if heartbeat's keep-alive fails (0 disables the heartbeat, &gt;0 enables it. Enabling heartbeats requires kombu&gt;=3.0.7 and amqp&gt;=1.4.0). EXPERIMENTAL</td>
<td>[cors] allow_methods = GET, POST, PUT, DELETE, OPTIONS</td>
<td>(ListOpt) Indicate which methods can be used during the actual request.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_reconnect_delay = 1.0</td>
<td>(FloatOpt) How long to wait before reconnecting in response to an AMQP consumer cancel notification.</td>
<td>[cors] allowed_origin = None</td>
<td>(StrOpt) Indicate whether this resource may be shared with the domain received in the requests "origin" header.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_ca_certs = </td>
<td>(StrOpt) SSL certification authority file (valid only if SSL enabled).</td>
<td>[cors] expose_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which headers are safe to expose to the API. Defaults to HTTP Simple Headers.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_certfile = </td>
<td>(StrOpt) SSL cert file (valid only if SSL enabled).</td>
<td>[cors] max_age = 3600</td>
<td>(IntOpt) Maximum cache age of CORS preflight requests.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_keyfile = </td>
<td>(StrOpt) SSL key file (valid only if SSL enabled).</td>
<td>[cors.subdomain] allow_credentials = True</td>
<td>(BoolOpt) Indicate that the actual request can include user credentials</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_version = </td>
<td>(StrOpt) SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some distributions.</td>
<td>[cors.subdomain] allow_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which header field names may be used during the actual request.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_ha_queues = False</td>
<td>(BoolOpt) Use HA queues in RabbitMQ (x-ha-policy: all). If you change this option, you must wipe the RabbitMQ database.</td>
<td>[cors.subdomain] allow_methods = GET, POST, PUT, DELETE, OPTIONS</td>
<td>(ListOpt) Indicate which methods can be used during the actual request.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_host = localhost</td>
<td>(StrOpt) The RabbitMQ broker address where a single node is used.</td>
<td>[cors.subdomain] allowed_origin = None</td>
<td>(StrOpt) Indicate whether this resource may be shared with the domain received in the requests "origin" header.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_hosts = $rabbit_host:$rabbit_port</td>
<td>(ListOpt) RabbitMQ HA cluster host:port pairs.</td>
<td>[cors.subdomain] expose_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which headers are safe to expose to the API. Defaults to HTTP Simple Headers.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_login_method = AMQPLAIN</td>
<td>(StrOpt) The RabbitMQ login method.</td>
<td>[cors.subdomain] max_age = 3600</td>
<td>(IntOpt) Maximum cache age of CORS preflight requests.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_max_retries = 0</td>
<td>(IntOpt) Maximum number of RabbitMQ connection retries. Default is 0 (infinite retry count).</td>
<td>[hyperv] power_state_check_timeframe = 60</td>
<td>(IntOpt) The timeframe to be checked for instance power state changes.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_password = guest</td>
<td>(StrOpt) The RabbitMQ password.</td>
<td>[hyperv] power_state_event_polling_interval = 2</td>
<td>(IntOpt) Instance power state change event polling frequency.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_port = 5672</td>
<td>(IntOpt) The RabbitMQ broker port where a single node is used.</td>
<td>[mks] enabled = False</td>
<td>(BoolOpt) Enable MKS related features</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_retry_backoff = 2</td>
<td>(IntOpt) How long to backoff for between retries when connecting to RabbitMQ.</td>
<td>[mks] mksproxy_base_url = http://127.0.0.1:6090/</td>
<td>(StrOpt) Location of MKS web console proxy, in the form "http://127.0.0.1:6090/"</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_retry_interval = 1</td>
<td>(IntOpt) How frequently to retry connecting with RabbitMQ.</td>
<td>[oslo_messaging_qpid] send_single_reply = False</td>
<td>(BoolOpt) Send a single AMQP reply to call message. The current behaviour since oslo-incubator is to send two AMQP replies - first one with the payload, a second one to ensure the other have finish to send the payload. We are going to remove it in the N release, but we must keep backward compatible at the same time. This option provides such compatibility - it defaults to False in Liberty and can be turned on for early adopters with a new installations or for testing. Please note, that this option will be removed in M release.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_use_ssl = False</td>
<td>(BoolOpt) Connect over SSL for RabbitMQ.</td>
<td>[oslo_messaging_rabbit] kombu_reconnect_timeout = 60</td>
<td>(IntOpt) How long to wait before considering a reconnect attempt to have failed. This value should not be longer than rpc_response_timeout.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_userid = guest</td>
<td>(StrOpt) The RabbitMQ userid.</td>
<td>[oslo_messaging_rabbit] send_single_reply = False</td>
<td>(BoolOpt) Send a single AMQP reply to call message. The current behaviour since oslo-incubator is to send two AMQP replies - first one with the payload, a second one to ensure the other have finish to send the payload. We are going to remove it in the N release, but we must keep backward compatible at the same time. This option provides such compatibility - it defaults to False in Liberty and can be turned on for early adopters with a new installations or for testing. Please note, that this option will be removed in M release.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_virtual_host = /</td>
<td>(StrOpt) The RabbitMQ virtual host.</td>
<td>[oslo_middleware] secure_proxy_ssl_header = X-Forwarded-Proto</td>
<td>(StrOpt) The HTTP Header that will be used to determine what the original request protocol scheme was, even if it was hidden by an SSL termination proxy.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rpc_conn_pool_size = 30</td>
<td>(IntOpt) Size of RPC connection pool.</td>
<td>[oslo_versionedobjects] fatal_exception_format_errors = False</td>
<td>(BoolOpt) Make exception message format errors fatal</td>
</tr>
<tr>
<td>[oslo_middleware] max_request_body_size = 114688</td>
<td>(IntOpt) The maximum body size for each request, in bytes.</td>
<td>[vmware] ca_file = None</td>
<td>(StrOpt) Specify a CA bundle file to use in verifying the vCenter server certificate.</td>
</tr>
<tr>
<td>[serial_console] serialproxy_host = 0.0.0.0</td>
<td>(StrOpt) Host on which to listen for incoming requests</td>
<td>[vmware] console_delay_seconds = None</td>
<td>(IntOpt) Set this value if affected by an increased network latency causing repeated characters when typing in a remote console.</td>
</tr>
<tr>
<td>[serial_console] serialproxy_port = 6083</td>
<td>(IntOpt) Port on which to listen for incoming requests</td>
<td>[vmware] insecure = False</td>
<td>(BoolOpt) If true, the vCenter server certificate is not verified. If false, then the default CA truststore is used for verification. This option is ignored if "ca_file" is set.</td>
</tr>
<tr>
<td>[vmware] cache_prefix = None</td>
<td>(StrOpt) The prefix for Where cached images are stored. This is NOT the full path - just a folder prefix. This should only be used when a datastore cache should be shared between compute nodes. Note: this should only be used when the compute nodes have a shared file system.</td>
<td>[vmware] serial_port_proxy_uri = None</td>
<td>(StrOpt) Identifies a proxy service that provides network access to the serial_port_service_uri. This option is ignored if serial_port_service_uri is not specified.</td>
</tr>
<tr>
<td>[vmware] pbm_default_policy = None</td>
<td>(StrOpt) The PBM default policy. If pbm_wsdl_location is set and there is no defined storage policy for the specific request then this policy will be used.</td>
<td>[vmware] serial_port_service_uri = None</td>
<td>(StrOpt) Identifies the remote system that serial port traffic will be sent to. If this is not set, no serial ports will be added to the created VMs.</td>
</tr>
<tr>
<td>[vmware] pbm_enabled = False</td>
<td>(BoolOpt) The PBM status.</td>
<td>[vnc] enabled = True</td>
<td>(BoolOpt) Enable VNC related features</td>
</tr>
<tr>
<td>[vmware] pbm_wsdl_location = None</td>
<td>(StrOpt) PBM service WSDL file location URL. e.g. file:///opt/SDK/spbm/wsdl/pbmService.wsdl Not setting this will disable storage policy based placement of instances.</td>
<td>[vnc] keymap = en-us</td>
<td>(StrOpt) Keymap for VNC</td>
</tr>
<tr>
<td>[workarounds] destroy_after_evacuate = True</td>
<td>(BoolOpt) Whether to destroy instances on startup when we suspect they have previously been evacuated. This can result in data loss if undesired. See https://launchpad.net/bugs/1419785</td>
<td>[vnc] novncproxy_base_url = http://127.0.0.1:6080/vnc_auto.html</td>
<td>(StrOpt) Location of VNC console proxy, in the form "http://127.0.0.1:6080/vnc_auto.html"</td>
</tr>
<tr>
<td>[workarounds] disable_libvirt_livesnapshot = True</td>
<td>(BoolOpt) When using libvirt 1.2.2 fails live snapshots intermittently under load. This config option provides mechanism to disable livesnapshot while this is resolved. See https://bugs.launchpad.net/nova/+bug/1334398</td>
<td>[vnc] vncserver_listen = 127.0.0.1</td>
<td>(StrOpt) IP address on which instance vncservers should listen</td>
</tr>
<tr>
<td>[workarounds] disable_rootwrap = False</td>
<td>(BoolOpt) This option allows a fallback to sudo for performance reasons. For example see https://bugs.launchpad.net/nova/+bug/1415106</td>
<td>[vnc] vncserver_proxyclient_address = 127.0.0.1</td>
<td>(StrOpt) The address to which proxy clients (like nova-xvpvncproxy) should connect</td>
</tr>
<tr>
<td>[vnc] xvpvncproxy_base_url = http://127.0.0.1:6081/console</td>
<td>(StrOpt) Location of nova xvp VNC console proxy, in the form "http://127.0.0.1:6081/console"</td>
</tr>
<tr>
<td>[workarounds] handle_virt_lifecycle_events = True</td>
<td>(BoolOpt) Whether or not to handle events raised from the compute driver's 'emit_event' method. These are lifecycle events raised from compute drivers that implement the method. An example of a lifecycle event is an instance starting or stopping. If the instance is going through task state changes due to an API operation, like resize, the events are ignored. However, this is an advanced feature which allows the hypervisor to signal to the compute service that an unexpected state change has occurred in an instance and the instance can be shutdown automatically - which can inherently race in reboot operations or when the compute service or host is rebooted, either planned or due to an unexpected outage. Care should be taken when using this and sync_power_state_interval is negative since then if any instances are out of sync between the hypervisor and the Nova database they will have to be synchronized manually. See https://bugs.launchpad.net/bugs/1444630</td>
</tr>
</table>
<table>
@ -582,34 +174,49 @@
</tr>
</thead>
<tr>
<td>[DEFAULT] client_socket_timeout</td>
<td>0</td>
<td>900</td>
<td>[DEFAULT] compute_available_monitors</td>
<td>['nova.compute.monitors.all_monitors']</td>
<td>None</td>
</tr>
<tr>
<td>[DEFAULT] default_log_levels</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN, websocket=WARN, keystonemiddleware=WARN, routes.middleware=WARN, stevedore=WARN</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN, websocket=WARN, requests.packages.urllib3.util.retry=WARN, urllib3.util.retry=WARN, keystonemiddleware=WARN, routes.middleware=WARN, stevedore=WARN</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN, websocket=WARN, requests.packages.urllib3.util.retry=WARN, urllib3.util.retry=WARN, keystonemiddleware=WARN, routes.middleware=WARN, stevedore=WARN, taskflow=WARN</td>
</tr>
<tr>
<td>[DEFAULT] ec2_path</td>
<td>/services/Cloud</td>
<td>/</td>
<td>[DEFAULT] logging_exception_prefix</td>
<td>%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s</td>
<td>%(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s</td>
</tr>
<tr>
<td>[DEFAULT] multi_instance_display_name_template</td>
<td>%(name)s-%(uuid)s</td>
<td>%(name)s-%(count)d</td>
<td>[DEFAULT] use_syslog_rfc_format</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[DEFAULT] rpc_zmq_matchmaker</td>
<td>oslo.messaging._drivers.matchmaker.MatchMakerLocalhost</td>
<td>local</td>
<td>[DEFAULT] verbose</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[cinder] catalog_info</td>
<td>volume:cinder:publicURL</td>
<td>volumev2:cinderv2:publicURL</td>
<td>[cells] mute_weight_multiplier</td>
<td>-10.0</td>
<td>-10000.0</td>
</tr>
<tr>
<td>[libvirt] remove_unused_kernels</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[osapi_v3] enabled</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_timeout_threshold</td>
<td>0</td>
<td>60</td>
</tr>
</table>
<table>
@ -627,21 +234,25 @@
<td>None</td>
</tr>
<tr>
<td>[DEFAULT] log-format</td>
<td>[DEFAULT] vnc_keymap</td>
<td>[vnc] keymap</td>
</tr>
<tr>
<td>[ironic] admin_auth_token</td>
<td>None</td>
</tr>
<tr>
<td>[DEFAULT] use-syslog</td>
<td>None</td>
</tr>
<tr>
<td>[cinder] http_timeout</td>
<td>[cinder] timeout</td>
<td>[DEFAULT] vnc_enabled</td>
<td>[vnc] enabled</td>
</tr>
<tr>
<td>[DEFAULT] use_syslog</td>
<td>None</td>
</tr>
<tr>
<td>[DEFAULT] xvpvncproxy_base_url</td>
<td>[vnc] xvpvncproxy_base_url</td>
</tr>
<tr>
<td>[ironic] client_log_level</td>
<td>None</td>
@ -650,18 +261,18 @@
<td>[neutron] admin_username</td>
<td>None</td>
</tr>
<tr>
<td>[DEFAULT] osapi_max_request_body_size</td>
<td>[oslo_middleware] max_request_body_size</td>
</tr>
<tr>
<td>[neutron] ca_certificates_file</td>
<td>[neutron] cafile</td>
</tr>
<tr>
<td>[neutron] auth_strategy</td>
<td>None</td>
</tr>
<tr>
<td>[DEFAULT] novncproxy_base_url</td>
<td>[vnc] novncproxy_base_url</td>
</tr>
<tr>
<td>[DEFAULT] compute_available_monitors</td>
<td>None</td>
</tr>
<tr>
<td>[neutron] admin_user_id</td>
<td>None</td>
@ -675,13 +286,29 @@
<td>None</td>
</tr>
<tr>
<td>[cinder] api_insecure</td>
<td>[cinder] insecure</td>
<td>[DEFAULT] vncserver_proxyclient_address</td>
<td>[vnc] vncserver_proxyclient_address</td>
</tr>
<tr>
<td>[workarounds] destroy_after_evacuate</td>
<td>None</td>
</tr>
<tr>
<td>[neutron] admin_tenant_name</td>
<td>None</td>
</tr>
<tr>
<td>[osapi_v3] enabled</td>
<td>None</td>
</tr>
<tr>
<td>[DEFAULT] rpc_thread_pool_size</td>
<td>[DEFAULT] executor_thread_pool_size</td>
</tr>
<tr>
<td>[DEFAULT] vncserver_listen</td>
<td>[vnc] vncserver_listen</td>
</tr>
<tr>
<td>[neutron] admin_password</td>
<td>None</td>
@ -691,20 +318,12 @@
<td>None</td>
</tr>
<tr>
<td>[neutron] api_insecure</td>
<td>[neutron] insecure</td>
</tr>
<tr>
<td>[cinder] ca_certificates_file</td>
<td>[cinder] cafile</td>
<td>[libvirt] remove_unused_kernels</td>
<td>None</td>
</tr>
<tr>
<td>[neutron] admin_auth_url</td>
<td>None</td>
</tr>
<tr>
<td>[neutron] url_timeout</td>
<td>[neutron] timeout</td>
</tr>
</table>
</section>

419
doc/config-reference/conf-changes/sahara.xml
View File

@ -1,7 +1,7 @@
<?xml version='1.0' encoding='UTF-8'?>
<section xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="sahara-conf-changes-kilo">
<section xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="sahara-conf-changes-liberty">
<!-- Warning: Do not edit this file. It is automatically generated and your changes will be overwritten. The tool to do so lives in the openstack-doc-tools repository. -->
<title>New, updated and deprecated options in Kilo for Data Processing service</title>
<title>New, updated and deprecated options in Liberty for Data Processing service</title>
<table>
<caption>New options</caption>
<col width="50%"/>
@ -13,380 +13,104 @@
</tr>
</thead>
<tr>
<td>[DEFAULT] admin_project_domain_name = default</td>
<td>(StrOpt) The name of the domain for the service project(ex. tenant).</td>
<td>[DEFAULT] cluster_operation_trust_expiration_hours = 24</td>
<td>(IntOpt) Defines the period of time (in hours) after which trusts created to allow sahara to create or scale a cluster will expire. Note that this value should be significantly larger than the value of the cleanup_time_for_incomplete_clusters configuration key if use of the cluster cleanup feature is desired (the trust must last at least as long as a cluster could validly take to stall in its creation, plus the timeout value set in that key, plus one hour for the period of the cleanup job).</td>
</tr>
<tr>
<td>[DEFAULT] admin_user_domain_name = default</td>
<td>(StrOpt) The name of the domain to which the admin user belongs.</td>
<td>[DEFAULT] default_ntp_server = pool.ntp.org</td>
<td>(StrOpt) Default ntp server for time sync</td>
</tr>
<tr>
<td>[DEFAULT] api_workers = 0</td>
<td>(IntOpt) Number of workers for Sahara API service (0 means all-in-one-thread configuration).</td>
<td>[DEFAULT] executor_thread_pool_size = 64</td>
<td>(IntOpt) Size of executor thread pool.</td>
</tr>
<tr>
<td>[DEFAULT] cleanup_time_for_incomplete_clusters = 0</td>
<td>(IntOpt) Maximal time (in hours) for clusters allowed to be in states other than "Active", "Deleting" or "Error". If a cluster is not in "Active", "Deleting" or "Error" state and last update of it was longer than "cleanup_time_for_incomplete_clusters" hours ago then it will be deleted automatically. (0 value means that automatic clean up is disabled).</td>
</tr>
<tr>
<td>[DEFAULT] disable_event_log = False</td>
<td>(BoolOpt) Disables event log feature.</td>
</tr>
<tr>
<td>[DEFAULT] job_canceling_timeout = 300</td>
<td>(IntOpt) Timeout for canceling job execution (in seconds). Sahara will try to cancel job execution during this time.</td>
</tr>
<tr>
<td>[DEFAULT] log-config-append = None</td>
<td>(StrOpt) The name of a logging configuration file. This file is appended to any existing logging configuration files. For details about logging configuration files, see the Python logging module documentation.</td>
</tr>
<tr>
<td>[DEFAULT] log-date-format = %Y-%m-%d %H:%M:%S</td>
<td>(StrOpt) Format string for %%(asctime)s in log records. Default: %(default)s .</td>
</tr>
<tr>
<td>[DEFAULT] log-dir = None</td>
<td>(StrOpt) (Optional) The base directory used for relative --log-file paths.</td>
</tr>
<tr>
<td>[DEFAULT] log-file = None</td>
<td>(StrOpt) (Optional) Name of log file to output to. If no default is set, logging will go to stdout.</td>
</tr>
<tr>
<td>[DEFAULT] log-format = None</td>
<td>(StrOpt) DEPRECATED. A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes. This option is deprecated. Please use logging_context_format_string and logging_default_format_string instead.</td>
</tr>
<tr>
<td>[DEFAULT] max_header_line = 16384</td>
<td>(IntOpt) Maximum line size of message headers to be accepted. max_header_line may need to be increased when using large tokens (typically those generated by the Keystone v3 API with big service catalogs).</td>
</tr>
<tr>
<td>[DEFAULT] proxy_command = </td>
<td>(StrOpt) Proxy command used to connect to instances. If set, this command should open a netcat socket, that Sahara will use for SSH and HTTP connections. Use {host} and {port} to describe the destination. Other available keywords: {tenant_id}, {network_id}, {router_id}.</td>
</tr>
<tr>
<td>[DEFAULT] rootwrap_command = sudo sahara-rootwrap /etc/sahara/rootwrap.conf</td>
<td>(StrOpt) Rootwrap command to leverage. Use in conjunction with use_rootwrap=True</td>
</tr>
<tr>
<td>[DEFAULT] syslog-log-facility = LOG_USER</td>
<td>(StrOpt) Syslog facility to receive log lines.</td>
</tr>
<tr>
<td>[DEFAULT] use-syslog = False</td>
<td>(BoolOpt) Use syslog for logging. Existing syslog format is DEPRECATED during I, and will change in J to honor RFC5424.</td>
</tr>
<tr>
<td>[DEFAULT] use-syslog-rfc-format = False</td>
<td>(BoolOpt) (Optional) Enables or disables syslog rfc5424 format for logging. If enabled, prefixes the MSG part of the syslog message with APP-NAME (RFC5424). The format without the APP-NAME is deprecated in I, and will be removed in J.</td>
</tr>
<tr>
<td>[DEFAULT] use_external_key_manager = False</td>
<td>(BoolOpt) Enable Sahara to use an external key manager service provided by the identity service catalog. Sahara will store all keys with the manager service.</td>
</tr>
<tr>
<td>[DEFAULT] use_rootwrap = False</td>
<td>(BoolOpt) Use rootwrap facility to allow non-root users to run the sahara-all server instance and access private network IPs (only valid to use in conjunction with use_namespaces=True)</td>
</tr>
<tr>
<td>[cinder] api_insecure = False</td>
<td>(BoolOpt) Allow to perform insecure SSL requests to cinder.</td>
</tr>
<tr>
<td>[cinder] api_version = 2</td>
<td>(IntOpt) Version of the Cinder API to use.</td>
</tr>
<tr>
<td>[cinder] ca_file = None</td>
<td>(StrOpt) Location of ca certificates file to use for cinder client requests.</td>
</tr>
<tr>
<td>[heat] api_insecure = False</td>
<td>(BoolOpt) Allow to perform insecure SSL requests to heat.</td>
</tr>
<tr>
<td>[heat] ca_file = None</td>
<td>(StrOpt) Location of ca certificates file to use for heat client requests.</td>
</tr>
<tr>
<td>[keystone] api_insecure = False</td>
<td>(BoolOpt) Allow to perform insecure SSL requests to keystone.</td>
</tr>
<tr>
<td>[keystone] ca_file = None</td>
<td>(StrOpt) Location of ca certificates file to use for keystone client requests.</td>
</tr>
<tr>
<td>[neutron] api_insecure = False</td>
<td>(BoolOpt) Allow to perform insecure SSL requests to neutron.</td>
</tr>
<tr>
<td>[neutron] ca_file = None</td>
<td>(StrOpt) Location of ca certificates file to use for neutron client requests.</td>
</tr>
<tr>
<td>[nova] api_insecure = False</td>
<td>(BoolOpt) Allow to perform insecure SSL requests to nova.</td>
</tr>
<tr>
<td>[nova] ca_file = None</td>
<td>(StrOpt) Location of ca certificates file to use for nova client requests.</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] allow_insecure_clients = False</td>
<td>(BoolOpt) Accept clients using either SSL or plain TCP</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] broadcast_prefix = broadcast</td>
<td>(StrOpt) address prefix used when broadcasting to all servers</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] container_name = None</td>
<td>(StrOpt) Name for the AMQP container</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] group_request_prefix = unicast</td>
<td>(StrOpt) address prefix when sending to any server in group</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] idle_timeout = 0</td>
<td>(IntOpt) Timeout for inactive connections (in seconds)</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] server_request_prefix = exclusive</td>
<td>(StrOpt) address prefix used when sending to a specific server</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_ca_file = </td>
<td>(StrOpt) CA certificate PEM file to verify server certificate</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_cert_file = </td>
<td>(StrOpt) Identifying certificate PEM file to present to clients</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_key_file = </td>
<td>(StrOpt) Private key PEM file used to sign cert_file certificate</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_key_password = None</td>
<td>(StrOpt) Password for decrypting ssl_key_file (if encrypted)</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] trace = False</td>
<td>(BoolOpt) Debug: dump AMQP frames to stdout</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] amqp_auto_delete = False</td>
<td>(BoolOpt) Auto-delete queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] amqp_durable_queues = False</td>
<td>(BoolOpt) Use durable queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_heartbeat = 60</td>
<td>(IntOpt) Seconds between connection keepalive heartbeats.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_hostname = localhost</td>
<td>(StrOpt) Qpid broker hostname.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_hosts = $qpid_hostname:$qpid_port</td>
<td>(ListOpt) Qpid HA cluster host:port pairs.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_password = </td>
<td>(StrOpt) Password for Qpid connection.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_port = 5672</td>
<td>(IntOpt) Qpid broker port.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_protocol = tcp</td>
<td>(StrOpt) Transport to use, either 'tcp' or 'ssl'.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_receiver_capacity = 1</td>
<td>(IntOpt) The number of prefetched messages held by receiver.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_sasl_mechanisms = </td>
<td>(StrOpt) Space separated list of SASL mechanisms to use for auth.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_tcp_nodelay = True</td>
<td>(BoolOpt) Whether to disable the Nagle algorithm.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_topology_version = 1</td>
<td>(IntOpt) The qpid topology version to use. Version 1 is what was originally used by impl_qpid. Version 2 includes some backwards-incompatible changes that allow broker federation to work. Users should update to version 2 when they are able to take everything down, as it requires a clean break.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_username = </td>
<td>(StrOpt) Username for Qpid connection.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] rpc_conn_pool_size = 30</td>
<td>[DEFAULT] rpc_conn_pool_size = 30</td>
<td>(IntOpt) Size of RPC connection pool.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] amqp_auto_delete = False</td>
<td>(BoolOpt) Auto-delete queues in AMQP.</td>
<td>[cors] allow_credentials = True</td>
<td>(BoolOpt) Indicate that the actual request can include user credentials</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] amqp_durable_queues = False</td>
<td>(BoolOpt) Use durable queues in AMQP.</td>
<td>[cors] allow_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which header field names may be used during the actual request.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] fake_rabbit = False</td>
<td>(BoolOpt) Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake</td>
<td>[cors] allow_methods = GET, POST, PUT, DELETE, OPTIONS</td>
<td>(ListOpt) Indicate which methods can be used during the actual request.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_rate = 2</td>
<td>(IntOpt) How often times during the heartbeat_timeout_threshold we check the heartbeat.</td>
<td>[cors] allowed_origin = None</td>
<td>(StrOpt) Indicate whether this resource may be shared with the domain received in the requests "origin" header.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_timeout_threshold = 0</td>
<td>(IntOpt) Number of seconds after which the Rabbit broker is considered down if heartbeat's keep-alive fails (0 disables the heartbeat, &gt;0 enables it. Enabling heartbeats requires kombu&gt;=3.0.7 and amqp&gt;=1.4.0). EXPERIMENTAL</td>
<td>[cors] expose_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which headers are safe to expose to the API. Defaults to HTTP Simple Headers.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_reconnect_delay = 1.0</td>
<td>(FloatOpt) How long to wait before reconnecting in response to an AMQP consumer cancel notification.</td>
<td>[cors] max_age = 3600</td>
<td>(IntOpt) Maximum cache age of CORS preflight requests.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_ca_certs = </td>
<td>(StrOpt) SSL certification authority file (valid only if SSL enabled).</td>
<td>[cors.subdomain] allow_credentials = True</td>
<td>(BoolOpt) Indicate that the actual request can include user credentials</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_certfile = </td>
<td>(StrOpt) SSL cert file (valid only if SSL enabled).</td>
<td>[cors.subdomain] allow_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which header field names may be used during the actual request.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_keyfile = </td>
<td>(StrOpt) SSL key file (valid only if SSL enabled).</td>
<td>[cors.subdomain] allow_methods = GET, POST, PUT, DELETE, OPTIONS</td>
<td>(ListOpt) Indicate which methods can be used during the actual request.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_version = </td>
<td>(StrOpt) SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some distributions.</td>
<td>[cors.subdomain] allowed_origin = None</td>
<td>(StrOpt) Indicate whether this resource may be shared with the domain received in the requests "origin" header.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_ha_queues = False</td>
<td>(BoolOpt) Use HA queues in RabbitMQ (x-ha-policy: all). If you change this option, you must wipe the RabbitMQ database.</td>
<td>[cors.subdomain] expose_headers = Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma</td>
<td>(ListOpt) Indicate which headers are safe to expose to the API. Defaults to HTTP Simple Headers.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_host = localhost</td>
<td>(StrOpt) The RabbitMQ broker address where a single node is used.</td>
<td>[cors.subdomain] max_age = 3600</td>
<td>(IntOpt) Maximum cache age of CORS preflight requests.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_hosts = $rabbit_host:$rabbit_port</td>
<td>(ListOpt) RabbitMQ HA cluster host:port pairs.</td>
<td>[manila] api_insecure = True</td>
<td>(BoolOpt) Allow to perform insecure SSL requests to manila.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_login_method = AMQPLAIN</td>
<td>(StrOpt) The RabbitMQ login method.</td>
<td>[manila] api_version = 1</td>
<td>(IntOpt) Version of the manila API to use.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_max_retries = 0</td>
<td>(IntOpt) Maximum number of RabbitMQ connection retries. Default is 0 (infinite retry count).</td>
<td>[manila] ca_file = None</td>
<td>(StrOpt) Location of ca certificates file to use for manila client requests.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_password = guest</td>
<td>(StrOpt) The RabbitMQ password.</td>
<td>[oslo_messaging_qpid] send_single_reply = False</td>
<td>(BoolOpt) Send a single AMQP reply to call message. The current behaviour since oslo-incubator is to send two AMQP replies - first one with the payload, a second one to ensure the other have finish to send the payload. We are going to remove it in the N release, but we must keep backward compatible at the same time. This option provides such compatibility - it defaults to False in Liberty and can be turned on for early adopters with a new installations or for testing. Please note, that this option will be removed in M release.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_port = 5672</td>
<td>(IntOpt) The RabbitMQ broker port where a single node is used.</td>
<td>[oslo_messaging_rabbit] kombu_reconnect_timeout = 60</td>
<td>(IntOpt) How long to wait before considering a reconnect attempt to have failed. This value should not be longer than rpc_response_timeout.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_retry_backoff = 2</td>
<td>(IntOpt) How long to backoff for between retries when connecting to RabbitMQ.</td>
<td>[oslo_messaging_rabbit] send_single_reply = False</td>
<td>(BoolOpt) Send a single AMQP reply to call message. The current behaviour since oslo-incubator is to send two AMQP replies - first one with the payload, a second one to ensure the other have finish to send the payload. We are going to remove it in the N release, but we must keep backward compatible at the same time. This option provides such compatibility - it defaults to False in Liberty and can be turned on for early adopters with a new installations or for testing. Please note, that this option will be removed in M release.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_retry_interval = 1</td>
<td>(IntOpt) How frequently to retry connecting with RabbitMQ.</td>
<td>[oslo_middleware] secure_proxy_ssl_header = X-Forwarded-Proto</td>
<td>(StrOpt) The HTTP Header that will be used to determine what the original request protocol scheme was, even if it was hidden by an SSL termination proxy.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_use_ssl = False</td>
<td>(BoolOpt) Connect over SSL for RabbitMQ.</td>
<td>[retries] retries_number = 5</td>
<td>(IntOpt) Number of times to retry the request to client before failing</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_userid = guest</td>
<td>(StrOpt) The RabbitMQ userid.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_virtual_host = /</td>
<td>(StrOpt) The RabbitMQ virtual host.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rpc_conn_pool_size = 30</td>
<td>(IntOpt) Size of RPC connection pool.</td>
</tr>
<tr>
<td>[oslo_middleware] max_request_body_size = 114688</td>
<td>(IntOpt) The maximum body size for each request, in bytes.</td>
</tr>
<tr>
<td>[oslo_policy] policy_default_rule = default</td>
<td>(StrOpt) Default rule. Enforced when a requested rule is not found.</td>
</tr>
<tr>
<td>[oslo_policy] policy_dirs = ['policy.d']</td>
<td>(MultiStrOpt) Directories where policy configuration files are stored. They can be relative to any directory in the search path defined by the config_dir option, or absolute paths. The file defined by policy_file must exist for these directories to be searched. Missing or empty directories are ignored.</td>
</tr>
<tr>
<td>[oslo_policy] policy_file = policy.json</td>
<td>(StrOpt) The JSON file that defines policies.</td>
</tr>
<tr>
<td>[ssl] ca_file = None</td>
<td>(StrOpt) CA certificate file to use to verify connecting clients.</td>
</tr>
<tr>
<td>[ssl] cert_file = None</td>
<td>(StrOpt) Certificate file to use when starting the server securely.</td>
</tr>
<tr>
<td>[ssl] key_file = None</td>
<td>(StrOpt) Private key file to use when starting the server securely.</td>
</tr>
<tr>
<td>[swift] api_insecure = False</td>
<td>(BoolOpt) Allow to perform insecure SSL requests to swift.</td>
</tr>
<tr>
<td>[swift] ca_file = None</td>
<td>(StrOpt) Location of ca certificates file to use for swift client requests.</td>
</tr>
<tr>
<td>[timeouts] await_attach_volumes = 10</td>
<td>(IntOpt) Wait for attaching volumes to instances, in seconds</td>
</tr>
<tr>
<td>[timeouts] await_for_instances_active = 10800</td>
<td>(IntOpt) Wait for instances to become active, in seconds</td>
</tr>
<tr>
<td>[timeouts] delete_instances_timeout = 10800</td>
<td>(IntOpt) Wait for instances to be deleted, in seconds</td>
</tr>
<tr>
<td>[timeouts] detach_volume_timeout = 300</td>
<td>(IntOpt) Timeout for detaching volumes from instance, in seconds</td>
</tr>
<tr>
<td>[timeouts] ips_assign_timeout = 10800</td>
<td>(IntOpt) Assign IPs timeout, in seconds</td>
</tr>
<tr>
<td>[timeouts] volume_available_timeout = 10800</td>
<td>(IntOpt) Wait for volumes to become available, in seconds</td>
</tr>
<tr>
<td>[timeouts] wait_until_accessible = 10800</td>
<td>(IntOpt) Wait for instance accessibility, in seconds</td>
<td>[retries] retry_after = 10</td>
<td>(IntOpt) Time between the retries to client (in seconds).</td>
</tr>
</table>
<table>
@ -403,18 +127,33 @@
</thead>
<tr>
<td>[DEFAULT] default_log_levels</td>
<td>amqplib=WARN, qpid.messaging=INFO, stevedore=INFO, eventlet.wsgi.server=WARN, sqlalchemy=WARN, boto=WARN, suds=INFO, keystone=INFO, paramiko=WARN, requests=WARN, iso8601=WARN</td>
<td>amqplib=WARN, qpid.messaging=INFO, stevedore=INFO, eventlet.wsgi.server=WARN, sqlalchemy=WARN, boto=WARN, suds=INFO, keystone=INFO, paramiko=WARN, requests=WARN, iso8601=WARN, oslo_messaging=INFO</td>
<td>amqplib=WARN, qpid.messaging=INFO, stevedore=INFO, eventlet.wsgi.server=WARN, sqlalchemy=WARN, boto=WARN, suds=INFO, keystone=INFO, paramiko=WARN, requests=WARN, iso8601=WARN, oslo_messaging=INFO, neutronclient=INFO</td>
</tr>
<tr>
<td>[DEFAULT] plugins</td>
<td>vanilla, hdp, spark</td>
<td>vanilla, hdp, spark, cdh</td>
<td>[DEFAULT] infrastructure_engine</td>
<td>direct</td>
<td>heat</td>
</tr>
<tr>
<td>[DEFAULT] rpc_zmq_matchmaker</td>
<td>oslo.messaging._drivers.matchmaker.MatchMakerLocalhost</td>
<td>local</td>
<td>[DEFAULT] logging_exception_prefix</td>
<td>%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s</td>
<td>%(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s</td>
</tr>
<tr>
<td>[DEFAULT] use_syslog_rfc_format</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[DEFAULT] verbose</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_timeout_threshold</td>
<td>0</td>
<td>60</td>
</tr>
</table>
<table>
@ -428,16 +167,8 @@
</tr>
</thead>
<tr>
<td>[DEFAULT] log-format</td>
<td>None</td>
</tr>
<tr>
<td>[DEFAULT] use-syslog</td>
<td>None</td>
</tr>
<tr>
<td>[DEFAULT] detach_volume_timeout</td>
<td>[timeouts] detach_volume_timeout</td>
<td>[DEFAULT] rpc_thread_pool_size</td>
<td>[DEFAULT] executor_thread_pool_size</td>
</tr>
<tr>
<td>[DEFAULT] log_format</td>

297
doc/config-reference/conf-changes/swift.xml
View File

@ -1,297 +1,6 @@
<?xml version='1.0' encoding='UTF-8'?>
<section xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="swift-conf-changes-kilo">
<section xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="swift-conf-changes-liberty">
<!-- Warning: Do not edit this file. It is automatically generated and your changes will be overwritten. The tool to do so lives in the openstack-doc-tools repository. -->
<title>New, updated and deprecated options in Kilo for OpenStack Object Storage</title>
<table>
<caption>New options</caption>
<col width="50%"/>
<col width="50%"/>
<thead>
<tr>
<td>Option = default value</td>
<td>(Type) Help string</td>
</tr>
</thead>
<tr>
<td>container-server.conf: [container-sync] conn_timeout = 5</td>
<td>(StrOpt) Connection timeout to external services</td>
</tr>
<tr>
<td>container-server.conf: [container-sync] internal_client_conf_path = /etc/swift/internal-client.conf</td>
<td>(StrOpt) No help text available for this option.</td>
</tr>
<tr>
<td>container-server.conf: [container-sync] request_tries = 3</td>
<td>(StrOpt) No help text available for this option.</td>
</tr>
<tr>
<td>drive-audit.conf: [drive-audit] log_to_console = False</td>
<td>(StrOpt) No help text available for this option.</td>
</tr>
<tr>
<td>drive-audit.conf: [drive-audit] recon_cache_path = /var/cache/swift</td>
<td>(StrOpt) Directory where stats for a few items will be stored</td>
</tr>
<tr>
<td>drive-audit.conf: [drive-audit] unmount_failed_device = True</td>
<td>(StrOpt) No help text available for this option.</td>
</tr>
<tr>
<td>internal-client.conf: [DEFAULT] log_address = /dev/log</td>
<td>(StrOpt) Location where syslog sends the logs to</td>
</tr>
<tr>
<td>internal-client.conf: [DEFAULT] log_custom_handlers = </td>
<td>(StrOpt) Comma-separated list of functions to call to setup custom log handlers.</td>
</tr>
<tr>
<td>internal-client.conf: [DEFAULT] log_facility = LOG_LOCAL0</td>
<td>(StrOpt) Syslog log facility</td>
</tr>
<tr>
<td>internal-client.conf: [DEFAULT] log_level = INFO</td>
<td>(StrOpt) Logging level</td>
</tr>
<tr>
<td>internal-client.conf: [DEFAULT] log_name = swift</td>
<td>(StrOpt) Label used when logging</td>
</tr>
<tr>
<td>internal-client.conf: [DEFAULT] log_statsd_default_sample_rate = 1.0</td>
<td>(StrOpt) Defines the probability of sending a sample for any given event or
timing measurement.</td>
</tr>
<tr>
<td>internal-client.conf: [DEFAULT] log_statsd_host = localhost</td>
<td>(StrOpt) If not set, the StatsD feature is disabled.</td>
</tr>
<tr>
<td>internal-client.conf: [DEFAULT] log_statsd_metric_prefix = </td>
<td>(StrOpt) Value will be prepended to every metric sent to the StatsD server.</td>
</tr>
<tr>
<td>internal-client.conf: [DEFAULT] log_statsd_port = 8125</td>
<td>(StrOpt) Port value for the StatsD server.</td>
</tr>
<tr>
<td>internal-client.conf: [DEFAULT] log_statsd_sample_rate_factor = 1.0</td>
<td>(StrOpt) Not recommended to set this to a value less than 1.0, if frequency
of logging is too high, tune the
log_statsd_default_sample_rate instead.</td>
</tr>
<tr>
<td>internal-client.conf: [DEFAULT] log_udp_host = </td>
<td>(StrOpt) If not set, the UDP receiver for syslog is disabled.</td>
</tr>
<tr>
<td>internal-client.conf: [DEFAULT] log_udp_port = 514</td>
<td>(StrOpt) Port value for UDP receiver, if enabled.</td>
</tr>
<tr>
<td>internal-client.conf: [DEFAULT] swift_dir = /etc/swift</td>
<td>(StrOpt) Swift configuration directory</td>
</tr>
<tr>
<td>internal-client.conf: [DEFAULT] user = swift</td>
<td>(StrOpt) User to run as</td>
</tr>
<tr>
<td>internal-client.conf: [app-proxy-server] use = egg:swift#proxy</td>
<td>(StrOpt) Entry point of paste.deploy in the server</td>
</tr>
<tr>
<td>internal-client.conf: [filter-cache] use = egg:swift#memcache</td>
<td>(StrOpt) Entry point of paste.deploy in the server</td>
</tr>
<tr>
<td>internal-client.conf: [filter-catch_errors] use = egg:swift#catch_errors</td>
<td>(StrOpt) Entry point of paste.deploy in the server</td>
</tr>
<tr>
<td>internal-client.conf: [filter-proxy-logging] use = egg:swift#proxy_logging</td>
<td>(StrOpt) Entry point of paste.deploy in the server</td>
</tr>
<tr>
<td>internal-client.conf: [pipeline-main] pipeline = catch_errors proxy-logging cache proxy-server</td>
<td>(StrOpt) No help text available for this option.</td>
</tr>
<tr>
<td>memcache.conf: [memcache] connect_timeout = 0.3</td>
<td>(StrOpt) Timeout in seconds (float) for connection</td>
</tr>
<tr>
<td>memcache.conf: [memcache] io_timeout = 2.0</td>
<td>(StrOpt) Timeout in seconds (float) for read and write</td>
</tr>
<tr>
<td>memcache.conf: [memcache] pool_timeout = 1.0</td>
<td>(StrOpt) Timeout in seconds (float) for pooled connection</td>
</tr>
<tr>
<td>memcache.conf: [memcache] tries = 3</td>
<td>(StrOpt) Number of servers to retry on failures getting a pooled connection</td>
</tr>
<tr>
<td>object-server.conf: [object-reconstructor] concurrency = 1</td>
<td>(StrOpt) Number of replication workers to spawn</td>
</tr>
<tr>
<td>object-server.conf: [object-reconstructor] daemonize = on</td>
<td>(StrOpt) Whether or not to run replication as a daemon</td>
</tr>
<tr>
<td>object-server.conf: [object-reconstructor] handoffs_first = False</td>
<td>(StrOpt) If set to True, partitions that are not supposed to be on the node will be replicated first. The default setting should not be changed, except for extreme situations.</td>
</tr>
<tr>
<td>object-server.conf: [object-reconstructor] http_timeout = 60</td>
<td>(StrOpt) Maximum duration for an HTTP request</td>
</tr>
<tr>
<td>object-server.conf: [object-reconstructor] lockup_timeout = 1800</td>
<td>(StrOpt) Attempts to kill all workers if nothing replications for lockup_timeout seconds</td>
</tr>
<tr>
<td>object-server.conf: [object-reconstructor] log_address = /dev/log</td>
<td>(StrOpt) Location where syslog sends the logs to</td>
</tr>
<tr>
<td>object-server.conf: [object-reconstructor] log_facility = LOG_LOCAL0</td>
<td>(StrOpt) Syslog log facility</td>
</tr>
<tr>
<td>object-server.conf: [object-reconstructor] log_level = INFO</td>
<td>(StrOpt) Logging level</td>
</tr>
<tr>
<td>object-server.conf: [object-reconstructor] log_name = object-reconstructor</td>
<td>(StrOpt) Label used when logging</td>
</tr>
<tr>
<td>object-server.conf: [object-reconstructor] node_timeout = 10</td>
<td>(StrOpt) Request timeout to external services</td>
</tr>
<tr>
<td>object-server.conf: [object-reconstructor] reclaim_age = 604800</td>
<td>(StrOpt) Time elapsed in seconds before an object can be reclaimed</td>
</tr>
<tr>
<td>object-server.conf: [object-reconstructor] recon_cache_path = /var/cache/swift</td>
<td>(StrOpt) Directory where stats for a few items will be stored</td>
</tr>
<tr>
<td>object-server.conf: [object-reconstructor] ring_check_interval = 15</td>
<td>(StrOpt) How often (in seconds) to check the ring</td>
</tr>
<tr>
<td>object-server.conf: [object-reconstructor] run_pause = 30</td>
<td>(StrOpt) Time in seconds to wait between replication passes</td>
</tr>
<tr>
<td>object-server.conf: [object-reconstructor] stats_interval = 300</td>
<td>(StrOpt) Interval in seconds between logging replication statistics</td>
</tr>
<tr>
<td>proxy-server.conf: [filter-authtoken] identity_uri = http://keystonehost:35357/</td>
<td>(StrOpt) No help text available for this option.</td>
</tr>
<tr>
<td>proxy-server.conf: [filter-keystoneauth] allow_overrides = true</td>
<td>(StrOpt) This option allows middleware higher in the WSGI pipeline to override auth
processing, useful for middleware such as tempurl and formpost. If you know
you are not going to use such middleware and you want a bit of extra security,
you can set this to False.</td>
</tr>
<tr>
<td>proxy-server.conf: [filter-keystoneauth] is_admin = false</td>
<td>(StrOpt) If this option is set to True, it allows to give a user whose username is the same as the project name and who has any role in the project access rights elevated to be the same as if the user had one of the operator_roles. Note that the condition compares names rather than
UUIDs. This option is deprecated. It is False by default.</td>
</tr>
<tr>
<td>proxy-server.conf: [filter-keystoneauth] reseller_prefix = AUTH</td>
<td>(StrOpt) The naming scope for the auth service. Swift</td>
</tr>
<tr>
<td>proxy-server.conf: [filter-keystoneauth] service_roles = </td>
<td>(StrOpt) When present, this option requires that the X-Service-Token header supplies a token from a user who has a role listed in service_roles. This parameter may be prefixed with an appropriate
prefix.</td>
</tr>
<tr>
<td>proxy-server.conf: [filter-tempauth] require_group = </td>
<td>(StrOpt) No help text available for this option.</td>
</tr>
<tr>
<td>proxy-server.conf: [filter-tempauth] user_test5_tester5 = testing5 service</td>
<td>(StrOpt) No help text available for this option.</td>
</tr>
<tr>
<td>swift.conf: [storage-policy-0] policy_type = replication</td>
<td>(StrOpt) No help text available for this option.</td>
</tr>
<tr>
<td>swift.conf: [storage-policy-1] policy_type = replication</td>
<td>(StrOpt) No help text available for this option.</td>
</tr>
<tr>
<td>swift.conf: [storage-policy-2] ec_num_data_fragments = 10</td>
<td>(StrOpt) No help text available for this option.</td>
</tr>
<tr>
<td>swift.conf: [storage-policy-2] ec_num_parity_fragments = 4</td>
<td>(StrOpt) No help text available for this option.</td>
</tr>
<tr>
<td>swift.conf: [storage-policy-2] ec_object_segment_size = 1048576</td>
<td>(StrOpt) No help text available for this option.</td>
</tr>
<tr>
<td>swift.conf: [storage-policy-2] ec_type = jerasure_rs_vand</td>
<td>(StrOpt) No help text available for this option.</td>
</tr>
<tr>
<td>swift.conf: [storage-policy-2] name = deepfreeze10-4</td>
<td>(StrOpt) No help text available for this option.</td>
</tr>
<tr>
<td>swift.conf: [storage-policy-2] policy_type = erasure_coding</td>
<td>(StrOpt) No help text available for this option.</td>
</tr>
<tr>
<td>swift.conf: [swift-constraints] valid_api_versions = v0,v1,v2</td>
<td>(StrOpt) No help text available for this option.</td>
</tr>
</table>
<table>
<caption>New default values</caption>
<col width="33%"/>
<col width="33%"/>
<col width="33%"/>
<thead>
<tr>
<td>Option</td>
<td>Previous default value</td>
<td>New default value</td>
</tr>
</thead>
<tr>
<td>object-server.conf: [app-object-server] keep_cache_size</td>
<td>5424880</td>
<td>5242880</td>
</tr>
<tr>
<td>proxy-server.conf: [DEFAULT] disallowed_sections</td>
<td>container_quotas, tempurl, bulk_delete.max_failed_deletes</td>
<td>swift.valid_api_versions, container_quotas, tempurl</td>
</tr>
<tr>
<td>proxy-server.conf: [app-proxy-server] swift_owner_headers</td>
<td>x-container-read, x-container-write, x-container-sync-key, x-container-sync-to, x-account-meta-temp-url-key, x-account-meta-temp-url-key-2, x-account-access-control</td>
<td>x-container-read, x-container-write, x-container-sync-key, x-container-sync-to, x-account-meta-temp-url-key, x-account-meta-temp-url-key-2, x-container-meta-temp-url-key, x-container-meta-temp-url-key-2, x-account-access-control</td>
</tr>
<tr>
<td>proxy-server.conf: [filter-authtoken] delay_auth_decision</td>
<td>1</td>
<td>False</td>
</tr>
</table>
<title>New, updated and deprecated options in Liberty for OpenStack Object Storage</title>
<para>There are no new, updated and deprecated options in Liberty for OpenStack Object Storage.</para>
</section>

536
doc/config-reference/conf-changes/trove.xml
View File

@ -1,7 +1,7 @@
<?xml version='1.0' encoding='UTF-8'?>
<section xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="trove-conf-changes-kilo">
<section xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="trove-conf-changes-liberty">
<!-- Warning: Do not edit this file. It is automatically generated and your changes will be overwritten. The tool to do so lives in the openstack-doc-tools repository. -->
<title>New, updated and deprecated options in Kilo for Database service</title>
<title>New, updated and deprecated options in Liberty for Database service</title>
<table>
<caption>New options</caption>
<col width="50%"/>
@ -13,420 +13,48 @@
</tr>
</thead>
<tr>
<td>[DEFAULT] agent_heartbeat_expiry = 60</td>
<td>(IntOpt) Time (in seconds) after which a guest is considered unreachable</td>
<td>[DEFAULT] executor_thread_pool_size = 64</td>
<td>(IntOpt) Size of executor thread pool.</td>
</tr>
<tr>
<td>[DEFAULT] cinder_endpoint_type = publicURL</td>
<td>(StrOpt) Service endpoint type to use when searching catalog.</td>
<td>[DEFAULT] exists_notification_interval = 3600</td>
<td>(IntOpt) Seconds to wait between pushing events.</td>
</tr>
<tr>
<td>[DEFAULT] guest_info = guest_info.conf</td>
<td>(StrOpt) The guest info filename found in the injected config location. If a full path is specified then it will be used as the path to the guest info file</td>
<td>[DEFAULT] nova_proxy_admin_tenant_id = </td>
<td>(StrOpt) Admin tenant ID used to connect to Nova.</td>
</tr>
<tr>
<td>[DEFAULT] heat_endpoint_type = publicURL</td>
<td>(StrOpt) Service endpoint type to use when searching catalog.</td>
</tr>
<tr>
<td>[DEFAULT] injected_config_location = /etc/trove/conf.d</td>
<td>(StrOpt) Path to folder on the Guest where config files will be injected during instance creation.</td>
</tr>
<tr>
<td>[DEFAULT] neutron_endpoint_type = publicURL</td>
<td>(StrOpt) Service endpoint type to use when searching catalog.</td>
</tr>
<tr>
<td>[DEFAULT] nova_compute_endpoint_type = publicURL</td>
<td>(StrOpt) Service endpoint type to use when searching catalog.</td>
</tr>
<tr>
<td>[DEFAULT] swift_endpoint_type = publicURL</td>
<td>(StrOpt) Service endpoint type to use when searching catalog.</td>
</tr>
<tr>
<td>[DEFAULT] transport_url = None</td>
<td>(StrOpt) A URL representing the messaging driver to use and its full configuration. If not set, we fall back to the rpc_backend option and driver specific configuration.</td>
</tr>
<tr>
<td>[couchdb] backup_incremental_strategy = {}</td>
<td>(DictOpt) Incremental Backup Runner based on the default strategy. For strategies that do not implement an incremental, the runner will use the default full backup.</td>
</tr>
<tr>
<td>[couchdb] backup_namespace = None</td>
<td>(StrOpt) Namespace to load backup strategies from.</td>
</tr>
<tr>
<td>[couchdb] backup_strategy = None</td>
<td>(StrOpt) Default strategy to perform backups.</td>
</tr>
<tr>
<td>[couchdb] device_path = /dev/vdb</td>
<td>(StrOpt) Device path for volume if volume support is enabled.</td>
</tr>
<tr>
<td>[couchdb] mount_point = /var/lib/couchdb</td>
<td>(StrOpt) Filesystem path for mounting volumes if volume support is enabled.</td>
</tr>
<tr>
<td>[couchdb] replication_strategy = None</td>
<td>(StrOpt) Default strategy for replication.</td>
</tr>
<tr>
<td>[couchdb] restore_namespace = None</td>
<td>(StrOpt) Namespace to load restore strategies from.</td>
</tr>
<tr>
<td>[couchdb] root_on_create = False</td>
<td>(BoolOpt) Enable the automatic creation of the root user for the service during instance-create. The generated password for the root user is immediately returned in the response of instance-create as the "password" field.</td>
</tr>
<tr>
<td>[couchdb] tcp_ports = 5984</td>
<td>(ListOpt) List of TCP ports and/or port ranges to open in the security group (only applicable if trove_security_groups_support is True).</td>
</tr>
<tr>
<td>[couchdb] udp_ports = </td>
<td>(ListOpt) List of UDP ports and/or port ranges to open in the security group (only applicable if trove_security_groups_support is True).</td>
</tr>
<tr>
<td>[couchdb] volume_support = True</td>
<td>(BoolOpt) Whether to provision a Cinder volume for datadir.</td>
</tr>
<tr>
<td>[database] connection = sqlite:///trove_test.sqlite</td>
<td>(StrOpt) SQL Connection.</td>
</tr>
<tr>
<td>[database] idle_timeout = 3600</td>
<td>(IntOpt) None</td>
</tr>
<tr>
<td>[database] query_log = False</td>
<td>(BoolOpt) None</td>
</tr>
<tr>
<td>[db2] backup_incremental_strategy = {}</td>
<td>(DictOpt) Incremental Backup Runner based on the default strategy. For strategies that do not implement an incremental, the runner will use the default full backup.</td>
</tr>
<tr>
<td>[db2] backup_namespace = None</td>
<td>(StrOpt) Namespace to load backup strategies from.</td>
</tr>
<tr>
<td>[db2] backup_strategy = None</td>
<td>(StrOpt) Default strategy to perform backups.</td>
</tr>
<tr>
<td>[db2] device_path = /dev/vdb</td>
<td>(StrOpt) Device path for volume if volume support is enabled.</td>
</tr>
<tr>
<td>[db2] ignore_users = PUBLIC, DB2INST1</td>
<td>(ListOpt) None</td>
</tr>
<tr>
<td>[db2] mount_point = /home/db2inst1/db2inst1</td>
<td>(StrOpt) Filesystem path for mounting volumes if volume support is enabled.</td>
</tr>
<tr>
<td>[db2] replication_strategy = None</td>
<td>(StrOpt) Default strategy for replication.</td>
</tr>
<tr>
<td>[db2] restore_namespace = None</td>
<td>(StrOpt) Namespace to load restore strategies from.</td>
</tr>
<tr>
<td>[db2] root_on_create = False</td>
<td>(BoolOpt) Enable the automatic creation of the root user for the service during instance-create. The generated password for the root user is immediately returned in the response of instance-create as the 'password' field.</td>
</tr>
<tr>
<td>[db2] tcp_ports = 50000</td>
<td>(ListOpt) List of TCP ports and/or port ranges to open in the security group (only applicable if trove_security_groups_support is True).</td>
</tr>
<tr>
<td>[db2] udp_ports = </td>
<td>(ListOpt) List of UDP ports and/or port ranges to open in the security group (only applicable if trove_security_groups_support is True).</td>
</tr>
<tr>
<td>[db2] volume_support = True</td>
<td>(BoolOpt) Whether to provision a Cinder volume for datadir.</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] allow_insecure_clients = False</td>
<td>(BoolOpt) Accept clients using either SSL or plain TCP</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] broadcast_prefix = broadcast</td>
<td>(StrOpt) address prefix used when broadcasting to all servers</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] container_name = None</td>
<td>(StrOpt) Name for the AMQP container</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] group_request_prefix = unicast</td>
<td>(StrOpt) address prefix when sending to any server in group</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] idle_timeout = 0</td>
<td>(IntOpt) Timeout for inactive connections (in seconds)</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] server_request_prefix = exclusive</td>
<td>(StrOpt) address prefix used when sending to a specific server</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_ca_file = </td>
<td>(StrOpt) CA certificate PEM file to verify server certificate</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_cert_file = </td>
<td>(StrOpt) Identifying certificate PEM file to present to clients</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_key_file = </td>
<td>(StrOpt) Private key PEM file used to sign cert_file certificate</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] ssl_key_password = None</td>
<td>(StrOpt) Password for decrypting ssl_key_file (if encrypted)</td>
</tr>
<tr>
<td>[oslo_messaging_amqp] trace = False</td>
<td>(BoolOpt) Debug: dump AMQP frames to stdout</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] amqp_auto_delete = False</td>
<td>(BoolOpt) Auto-delete queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] amqp_durable_queues = False</td>
<td>(BoolOpt) Use durable queues in AMQP.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_heartbeat = 60</td>
<td>(IntOpt) Seconds between connection keepalive heartbeats.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_hostname = localhost</td>
<td>(StrOpt) Qpid broker hostname.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_hosts = $qpid_hostname:$qpid_port</td>
<td>(ListOpt) Qpid HA cluster host:port pairs.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_password = </td>
<td>(StrOpt) Password for Qpid connection.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_port = 5672</td>
<td>(IntOpt) Qpid broker port.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_protocol = tcp</td>
<td>(StrOpt) Transport to use, either 'tcp' or 'ssl'.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_receiver_capacity = 1</td>
<td>(IntOpt) The number of prefetched messages held by receiver.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_sasl_mechanisms = </td>
<td>(StrOpt) Space separated list of SASL mechanisms to use for auth.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_tcp_nodelay = True</td>
<td>(BoolOpt) Whether to disable the Nagle algorithm.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_topology_version = 1</td>
<td>(IntOpt) The qpid topology version to use. Version 1 is what was originally used by impl_qpid. Version 2 includes some backwards-incompatible changes that allow broker federation to work. Users should update to version 2 when they are able to take everything down, as it requires a clean break.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] qpid_username = </td>
<td>(StrOpt) Username for Qpid connection.</td>
</tr>
<tr>
<td>[oslo_messaging_qpid] rpc_conn_pool_size = 30</td>
<td>[DEFAULT] rpc_conn_pool_size = 30</td>
<td>(IntOpt) Size of RPC connection pool.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] amqp_auto_delete = False</td>
<td>(BoolOpt) Auto-delete queues in AMQP.</td>
<td>[mongodb] configsvr_port = 27019</td>
<td>(IntOpt) Port for instances running as config servers.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] amqp_durable_queues = False</td>
<td>(BoolOpt) Use durable queues in AMQP.</td>
<td>[mongodb] ignore_dbs = admin, local, config</td>
<td>(ListOpt) Databases to exclude when listing databases.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] fake_rabbit = False</td>
<td>(BoolOpt) Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake</td>
<td>[mongodb] ignore_users = admin.os_admin, admin.root</td>
<td>(ListOpt) Users to exclude when listing users.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_rate = 2</td>
<td>(IntOpt) How often times during the heartbeat_timeout_threshold we check the heartbeat.</td>
<td>[mongodb] mongodb_port = 27017</td>
<td>(IntOpt) Port for mongod and mongos instances.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] heartbeat_timeout_threshold = 0</td>
<td>(IntOpt) Number of seconds after which the Rabbit broker is considered down if heartbeat's keep-alive fails (0 disables the heartbeat, &gt;0 enables it. Enabling heartbeats requires kombu&gt;=3.0.7 and amqp&gt;=1.4.0). EXPERIMENTAL</td>
<td>[oslo_messaging_qpid] send_single_reply = False</td>
<td>(BoolOpt) Send a single AMQP reply to call message. The current behaviour since oslo-incubator is to send two AMQP replies - first one with the payload, a second one to ensure the other have finish to send the payload. We are going to remove it in the N release, but we must keep backward compatible at the same time. This option provides such compatibility - it defaults to False in Liberty and can be turned on for early adopters with a new installations or for testing. Please note, that this option will be removed in M release.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_reconnect_delay = 1.0</td>
<td>(FloatOpt) How long to wait before reconnecting in response to an AMQP consumer cancel notification.</td>
<td>[oslo_messaging_rabbit] kombu_reconnect_timeout = 60</td>
<td>(IntOpt) How long to wait before considering a reconnect attempt to have failed. This value should not be longer than rpc_response_timeout.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_ca_certs = </td>
<td>(StrOpt) SSL certification authority file (valid only if SSL enabled).</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_certfile = </td>
<td>(StrOpt) SSL cert file (valid only if SSL enabled).</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_keyfile = </td>
<td>(StrOpt) SSL key file (valid only if SSL enabled).</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] kombu_ssl_version = </td>
<td>(StrOpt) SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some distributions.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_ha_queues = False</td>
<td>(BoolOpt) Use HA queues in RabbitMQ (x-ha-policy: all). If you change this option, you must wipe the RabbitMQ database.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_host = localhost</td>
<td>(StrOpt) The RabbitMQ broker address where a single node is used.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_hosts = $rabbit_host:$rabbit_port</td>
<td>(ListOpt) RabbitMQ HA cluster host:port pairs.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_login_method = AMQPLAIN</td>
<td>(StrOpt) The RabbitMQ login method.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_max_retries = 0</td>
<td>(IntOpt) Maximum number of RabbitMQ connection retries. Default is 0 (infinite retry count).</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_password = guest</td>
<td>(StrOpt) The RabbitMQ password.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_port = 5672</td>
<td>(IntOpt) The RabbitMQ broker port where a single node is used.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_retry_backoff = 2</td>
<td>(IntOpt) How long to backoff for between retries when connecting to RabbitMQ.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_retry_interval = 1</td>
<td>(IntOpt) How frequently to retry connecting with RabbitMQ.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_use_ssl = False</td>
<td>(BoolOpt) Connect over SSL for RabbitMQ.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_userid = guest</td>
<td>(StrOpt) The RabbitMQ userid.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rabbit_virtual_host = /</td>
<td>(StrOpt) The RabbitMQ virtual host.</td>
</tr>
<tr>
<td>[oslo_messaging_rabbit] rpc_conn_pool_size = 30</td>
<td>(IntOpt) Size of RPC connection pool.</td>
</tr>
<tr>
<td>[profiler] enabled = False</td>
<td>(BoolOpt) If False fully disable profiling feature.</td>
</tr>
<tr>
<td>[profiler] trace_sqlalchemy = True</td>
<td>(BoolOpt) If False doesn't trace SQL requests.</td>
</tr>
<tr>
<td>[upgrade_levels] conductor = icehouse</td>
<td>(StrOpt) Set a version cap for messages sent to conductor services</td>
</tr>
<tr>
<td>[upgrade_levels] guestagent = icehouse</td>
<td>(StrOpt) Set a version cap for messages sent to guestagent services</td>
</tr>
<tr>
<td>[upgrade_levels] taskmanager = icehouse</td>
<td>(StrOpt) Set a version cap for messages sent to taskmanager services</td>
</tr>
<tr>
<td>[vertica] api_strategy = trove.common.strategies.cluster.experimental.vertica.api.VerticaAPIStrategy</td>
<td>(StrOpt) Class that implements datastore-specific API logic.</td>
</tr>
<tr>
<td>[vertica] backup_incremental_strategy = {}</td>
<td>(DictOpt) Incremental Backup Runner based on the default strategy. For strategies that do not implement an incremental, the runner will use the default full backup.</td>
</tr>
<tr>
<td>[vertica] backup_namespace = None</td>
<td>(StrOpt) Namespace to load backup strategies from.</td>
</tr>
<tr>
<td>[vertica] backup_strategy = None</td>
<td>(StrOpt) Default strategy to perform backups.</td>
</tr>
<tr>
<td>[vertica] cluster_member_count = 3</td>
<td>(IntOpt) Number of members in Vertica cluster.</td>
</tr>
<tr>
<td>[vertica] cluster_support = True</td>
<td>(BoolOpt) Enable clusters to be created and managed.</td>
</tr>
<tr>
<td>[vertica] device_path = /dev/vdb</td>
<td>(StrOpt) Device path for volume if volume support is enabled.</td>
</tr>
<tr>
<td>[vertica] guestagent_strategy = trove.common.strategies.cluster.experimental.vertica.guestagent.VerticaGuestAgentStrategy</td>
<td>(StrOpt) Class that implements datastore-specific Guest Agent API logic.</td>
</tr>
<tr>
<td>[vertica] mount_point = /var/lib/vertica</td>
<td>(StrOpt) Filesystem path for mounting volumes if volume support is enabled.</td>
</tr>
<tr>
<td>[vertica] readahead_size = 2048</td>
<td>(IntOpt) Size(MB) to be set as readahead_size for data volume</td>
</tr>
<tr>
<td>[vertica] replication_strategy = None</td>
<td>(StrOpt) Default strategy for replication.</td>
</tr>
<tr>
<td>[vertica] restore_namespace = None</td>
<td>(StrOpt) Namespace to load restore strategies from.</td>
</tr>
<tr>
<td>[vertica] taskmanager_strategy = trove.common.strategies.cluster.experimental.vertica.taskmanager.VerticaTaskManagerStrategy</td>
<td>(StrOpt) Class that implements datastore-specific task manager logic.</td>
</tr>
<tr>
<td>[vertica] tcp_ports = 5433, 5434, 22, 5444, 5450, 4803</td>
<td>(ListOpt) List of TCP ports and/or port ranges to open in the security group (only applicable if trove_security_groups_support is True).</td>
</tr>
<tr>
<td>[vertica] udp_ports = 5433, 4803, 4804, 6453</td>
<td>(ListOpt) List of UDP ports and/or port ranges to open in the security group (only applicable if trove_security_groups_support is True).</td>
</tr>
<tr>
<td>[vertica] volume_support = True</td>
<td>(BoolOpt) Whether to provision a Cinder volume for datadir.</td>
<td>[oslo_messaging_rabbit] send_single_reply = False</td>
<td>(BoolOpt) Send a single AMQP reply to call message. The current behaviour since oslo-incubator is to send two AMQP replies - first one with the payload, a second one to ensure the other have finish to send the payload. We are going to remove it in the N release, but we must keep backward compatible at the same time. This option provides such compatibility - it defaults to False in Liberty and can be turned on for early adopters with a new installations or for testing. Please note, that this option will be removed in M release.</td>
</tr>
</table>
<table>
@ -443,93 +71,53 @@
</thead>
<tr>
<td>[DEFAULT] default_log_levels</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN, websocket=WARN</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN, websocket=WARN, keystonemiddleware=WARN, routes.middleware=WARN, stevedore=WARN</td>
<td>amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN, websocket=WARN, requests.packages.urllib3.util.retry=WARN, urllib3.util.retry=WARN, keystonemiddleware=WARN, routes.middleware=WARN, stevedore=WARN, taskflow=WARN</td>
</tr>
<tr>
<td>[DEFAULT] guest_config</td>
<td>$pybasedir/etc/trove/trove-guestagent.conf.sample</td>
<td>/etc/trove/trove-guestagent.conf</td>
</tr>
<tr>
<td>[DEFAULT] ignore_dbs</td>
<td>lost+found, mysql, information_schema</td>
<td>lost+found, #mysql50#lost+found, mysql, information_schema</td>
<td>[DEFAULT] logging_exception_prefix</td>
<td>%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s</td>
<td>%(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s</td>
</tr>
<tr>
<td>[DEFAULT] notification_service_id</td>
<td>{'postgresql': 'ac277e0d-4f21-40aa-b347-1ea31e571720', 'couchbase': 'fa62fe68-74d9-4779-a24e-36f19602c415', 'mongodb': 'c8c907af-7375-456f-b929-b637ff9209ee', 'redis': 'b216ffc5-1947-456c-a4cf-70f94c05f7d0', 'mysql': '2f3ff068-2bfb-4f70-9a9d-a6bb65bc084b', 'cassandra': '459a230d-4e97-4344-9067-2a54a310b0ed'}</td>
<td>{'vertica': 'a8d805ae-a3b2-c4fd-gb23-b62cee5201ae', 'db2': 'e040cd37-263d-4869-aaa6-c62aa97523b5', 'postgresql': 'ac277e0d-4f21-40aa-b347-1ea31e571720', 'mysql': '2f3ff068-2bfb-4f70-9a9d-a6bb65bc084b', 'couchbase': 'fa62fe68-74d9-4779-a24e-36f19602c415', 'mongodb': 'c8c907af-7375-456f-b929-b637ff9209ee', 'couchdb': 'f0a9ab7b-66f7-4352-93d7-071521d44c7c', 'redis': 'b216ffc5-1947-456c-a4cf-70f94c05f7d0', 'cassandra': '459a230d-4e97-4344-9067-2a54a310b0ed'}</td>
<td>{'vertica': 'a8d805ae-a3b2-c4fd-gb23-b62cee5201ae', 'db2': 'e040cd37-263d-4869-aaa6-c62aa97523b5', 'percona': 'fd1723f5-68d2-409c-994f-a4a197892a17', 'postgresql': 'ac277e0d-4f21-40aa-b347-1ea31e571720', 'mysql': '2f3ff068-2bfb-4f70-9a9d-a6bb65bc084b', 'couchbase': 'fa62fe68-74d9-4779-a24e-36f19602c415', 'mongodb': 'c8c907af-7375-456f-b929-b637ff9209ee', 'couchdb': 'f0a9ab7b-66f7-4352-93d7-071521d44c7c', 'redis': 'b216ffc5-1947-456c-a4cf-70f94c05f7d0', 'cassandra': '459a230d-4e97-4344-9067-2a54a310b0ed'}</td>
</tr>
<tr>
<td>[DEFAULT] os_region_name</td>
<td>[DEFAULT] report_interval</td>
<td>10</td>
<td>30</td>
</tr>
<tr>
<td>[DEFAULT] use_syslog_rfc_format</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[DEFAULT] verbose</td>
<td>False</td>
<td>True</td>
</tr>
<tr>
<td>[mongodb] backup_namespace</td>
<td>None</td>
<td>RegionOne</td>
<td>trove.guestagent.strategies.backup.experimental.mongo_impl</td>
</tr>
<tr>
<td>[DEFAULT] rpc_backend</td>
<td>trove.openstack.common.rpc.impl_kombu</td>
<td>rabbit</td>
<td>[mongodb] backup_strategy</td>
<td>None</td>
<td>MongoDump</td>
</tr>
<tr>
<td>[DEFAULT] rpc_zmq_matchmaker</td>
<td>trove.openstack.common.rpc.matchmaker.MatchMakerLocalhost</td>
<td>local</td>
<td>[mongodb] restore_namespace</td>
<td>None</td>
<td>trove.guestagent.strategies.restore.experimental.mongo_impl</td>
</tr>
<tr>
<td>[couchbase] backup_namespace</td>
<td>trove.guestagent.strategies.backup.couchbase_impl</td>
<td>trove.guestagent.strategies.backup.experimental.couchbase_impl</td>
</tr>
<tr>
<td>[couchbase] restore_namespace</td>
<td>trove.guestagent.strategies.restore.couchbase_impl</td>
<td>trove.guestagent.strategies.restore.experimental.couchbase_impl</td>
</tr>
<tr>
<td>[mongodb] api_strategy</td>
<td>trove.common.strategies.mongodb.api.MongoDbAPIStrategy</td>
<td>trove.common.strategies.cluster.experimental.mongodb.api.MongoDbAPIStrategy</td>
</tr>
<tr>
<td>[mongodb] guestagent_strategy</td>
<td>trove.common.strategies.mongodb.guestagent.MongoDbGuestAgentStrategy</td>
<td>trove.common.strategies.cluster.experimental.mongodb.guestagent.MongoDbGuestAgentStrategy</td>
</tr>
<tr>
<td>[mongodb] taskmanager_strategy</td>
<td>trove.common.strategies.mongodb.taskmanager.MongoDbTaskManagerStrategy</td>
<td>trove.common.strategies.cluster.experimental.mongodb.taskmanager.MongoDbTaskManagerStrategy</td>
</tr>
<tr>
<td>[mysql] replication_namespace</td>
<td>trove.guestagent.strategies.replication.mysql_binlog</td>
<td>trove.guestagent.strategies.replication.mysql_gtid</td>
</tr>
<tr>
<td>[mysql] replication_strategy</td>
<td>MysqlBinlogReplication</td>
<td>MysqlGTIDReplication</td>
</tr>
<tr>
<td>[percona] replication_namespace</td>
<td>trove.guestagent.strategies.replication.mysql_binlog</td>
<td>trove.guestagent.strategies.replication.mysql_gtid</td>
</tr>
<tr>
<td>[percona] replication_strategy</td>
<td>MysqlBinlogReplication</td>
<td>MysqlGTIDReplication</td>
</tr>
<tr>
<td>[postgresql] backup_namespace</td>
<td>trove.guestagent.strategies.backup.postgresql_impl</td>
<td>trove.guestagent.strategies.backup.experimental.postgresql_impl</td>
</tr>
<tr>
<td>[postgresql] restore_namespace</td>
<td>trove.guestagent.strategies.restore.postgresql_impl</td>
<td>trove.guestagent.strategies.restore.experimental.postgresql_impl</td>
<td>[oslo_messaging_rabbit] heartbeat_timeout_threshold</td>
<td>0</td>
<td>60</td>
</tr>
</table>
<table>
@ -547,20 +135,12 @@
<td>None</td>
</tr>
<tr>
<td>[rpc_notifier2] topics</td>
<td>[DEFAULT] notification_topics</td>
<td>[DEFAULT] rpc_thread_pool_size</td>
<td>[DEFAULT] executor_thread_pool_size</td>
</tr>
<tr>
<td>[DEFAULT] sql_query_log</td>
<td>[database] query_log</td>
</tr>
<tr>
<td>[DEFAULT] sql_connection</td>
<td>[database] connection</td>
</tr>
<tr>
<td>[DEFAULT] sql_idle_timeout</td>
<td>[database] idle_timeout</td>
<td>[DEFAULT] nova_proxy_admin_tenant_name</td>
<td>[DEFAULT] nova_proxy_admin_tenant_id</td>
</tr>
<tr>
<td>[DEFAULT] log_format</td>