openstack/openstack-manuals
Code Issues Proposed changes

Whitespace patrol

Browse Source 
Remove extra whitespace that slipped through.

Also, reformat config-reference/identity/section_keystone-token-binding.xml
since it was missing the usual indentations.

Change-Id: I7988f9ccaf738b6c15001947b993f0699e0a04be
This commit is contained in:
Andreas Jaeger 2013-12-20 21:24:14 +01:00
parent 3d7b745a9d
commit 7eee093761
7 changed files with 57 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
doc/admin-guide-cloud/ch_compute.xml
View File

@ -151,44 +151,44 @@
</section>
<section xml:id="section_images-and-instances">
<title>Images and instances</title>
<para> Disk images provide templates for virtual machine file systems.
The Glance service manages storage and management of images. </para>
<para> Instances are the individual virtual machines that run on
<para>Disk images provide templates for virtual machine file systems.
The Glance service manages storage and management of images.</para>
<para>Instances are the individual virtual machines that run on
physical compute nodes. Users can launch any number of instances
from the same image. Each launched instance runs from a copy of the
base image so that any changes made to the instance do not affect
the base image. You can take snapshots of running instances to
create an image based on the current disk state of a particular
instance. The Compute services manages instances.</para>
<para> For more information about creating and troubleshooting images,
<para>For more information about creating and troubleshooting images,
see the <link
xlink:href="http://docs.openstack.org/user-guide-admin/content/cli_manage_images.html"
>Manage Images</link> section of the <citetitle>OpenStack Admin
User Guide</citetitle>. </para>
<para> For more information about image configuration options, see the
User Guide</citetitle>.</para>
<para>For more information about image configuration options, see the
<link
xlink:href="http://docs.openstack.org/trunk/config-reference/content/ch_configuring-openstack-image-service.html"
>Image Services</link> section of the <citetitle>OpenStack
Configuration Reference</citetitle>. </para>
<para> When you launch an instance, you must choose a
Configuration Reference</citetitle>.</para>
<para>When you launch an instance, you must choose a
<literal>flavor</literal>, which represents a set of virtual
resources. Flavors define how many virtual CPUs an instance has and
the amount of RAM and size of its ephemeral disks. OpenStack
provides a number of predefined flavors that you can edit or add to.
Users must select from the set of available flavors defined on their
cloud.</para>
<para> For more information about flavors, see the <link
<para>For more information about flavors, see the <link
xlink:href="http://docs.openstack.org/trunk/openstack-ops/content/flavors.html"
>Flavors</link> section in the <citetitle>OpenStack Operations
Guide</citetitle>. </para>
<para> You can add and remove additional resources from running
Guide</citetitle>.</para>
<para>You can add and remove additional resources from running
instances, such as persistent volume storage, or public IP
addresses. The example used in this chapter is of a typical virtual
system within an OpenStack cloud. It uses the <systemitem
class="service">cinder-volume</systemitem> service, which
provides persistent block storage, instead of the ephemeral storage
provided by the selected instance flavor.</para>
<para> This diagram shows the system state prior to launching an
<para>This diagram shows the system state prior to launching an
instance. The image store, fronted by the image service, Glance, has
a number of predefined images. Inside the cloud, a compute node
contains the available vCPU, memory, and local disk resources.
@ -203,7 +203,7 @@
</imageobject>
</mediaobject>
</figure>
<para> To launch an instance, select an image, a flavor, and other
<para>To launch an instance, select an image, a flavor, and other
optional attributes. The selected flavor provides a root volume,
labeled <literal>vda</literal> in this diagram, and additional
ephemeral storage, labeled <literal>vdb</literal>. In this example,
@ -242,10 +242,10 @@
for volumes <literal>vda</literal> and <literal>vdb</literal>
could be backed by network storage rather than a local disk.</para>
</note>
<para> When the instance is deleted, the state is reclaimed with the
<para>When the instance is deleted, the state is reclaimed with the
exception of the persistent volume. The ephemeral storage is purged,
memory and vCPU resources are released. The image remains unchanged
throughout. </para>
throughout.</para>
<figure xml:id="end-instance-state-figure">
<title>End state of image and volume after instance exits</title>
<mediaobject>

2
doc/config-reference/compute/section_compute-conductor.xml
View File

@ -18,7 +18,7 @@
horizontally. You can run multiple instances of <systemitem
class="service">nova-conductor</systemitem> on different
machines as needed for scaling purposes.</para>
<para> In the Grizzly release, the methods exposed by <systemitem
<para>In the Grizzly release, the methods exposed by <systemitem
class="service">nova-conductor</systemitem> are relatively
simple methods used by <systemitem class="service"
>nova-compute</systemitem> to offload its database

60
doc/config-reference/identity/section_keystone-token-binding.xml
View File

@ -10,35 +10,47 @@
enforce that the token only be used in conjunction with that
specified authentication. This is an additional security mechanism
as it means that if a token is stolen it will not be usable
without also providing the external authentication. </para>
<para> To activate token binding you must specify the types of
without also providing the external authentication.</para>
<para>To activate token binding you must specify the types of
authentication that token binding should be used for in
<filename>keystone.conf</filename>:
<programlisting language="ini">[token]
bind = kerberos</programlisting>
Currently only <literal>kerberos</literal> is supported.</para>
<para>
To enforce checking of token binding the <literal>enforce_token_bind</literal> parameter
should be set to one of the following modes:
<itemizedlist>
<listitem><para><literal>disabled</literal> disable token bind checking</para>
</listitem>
<listitem><para><literal>permissive</literal> enable bind checking, if a token is bound to a mechanism that
is unknown to the server then ignore it. This is the default.</para>
</listitem>
<listitem><para><literal>strict</literal> enable bind checking, if a token is bound to a mechanism that is
unknown to the server then this token should be rejected.</para>
</listitem>
<listitem><para><literal>required</literal> enable bind checking and require that at least 1 bind mechanism
is used for tokens.</para>
</listitem>
<listitem><para><literal>named</literal> enable bind checking and require that the specified authentication
mechanism is used:
To enforce checking of token binding the <literal>enforce_token_bind</literal>
parameter should be set to one of the following modes:
<itemizedlist>
<listitem>
<para><literal>disabled</literal> disable token bind
checking</para>
</listitem>
<listitem>
<para><literal>permissive</literal> enable bind checking, if
a token is bound to a mechanism that is unknown to the server
then ignore it. This is the default.</para>
</listitem>
<listitem>
<para><literal>strict</literal> enable bind checking, if a
token is bound to a mechanism that is unknown to the server
then this token should be rejected.</para>
</listitem>
<listitem>
<para><literal>required</literal> enable bind checking and
require that at least 1 bind mechanism is used for
tokens.</para>
</listitem>
<listitem>
<para><literal>named</literal> enable bind checking and
require that the specified authentication mechanism is used:
<programlisting language="ini">[token]
enforce_token_bind = kerberos</programlisting></para>
</listitem>
</itemizedlist>
<note><para>Do not set <literal>enforce_token_bind = named</literal> as there is not an authentication
mechanism called <literal>named</literal>.</para></note>
</para>
enforce_token_bind = kerberos</programlisting>
</para>
</listitem>
</itemizedlist>
<note><para>Do not set <literal>enforce_token_bind =
named</literal> as there is not an authentication mechanism
called <literal>named</literal>.</para>
</note>
</para>
</section>

3
doc/config-reference/object-storage/section_object-storage-general-service-conf.xml
View File

@ -76,7 +76,8 @@ Error: missing config path argument
that file will be parsed.
</para>
<para>
The Object Storage service management tool <filename>swift-init</filename>
The Object Storage service management tool
<filename>swift-init</filename>
has adopted the convention of looking for
<filename>/etc/swift/{type}-server.conf.d/</filename> if the file
<filename>/etc/swift/{type}-server.conf</filename> file does not

2
doc/training-guides/bk001-bk010-associate-object-storage-node-quiz.xml
View File

@ -6,5 +6,5 @@
<section xml:id="day-two-object-store-quiz-schedule">
<title>Day 2, 14:25 to 14:45</title>
<para></para>
</section>
</section>
</chapter>

2
doc/training-guides/bk001-ch008-associate-network-node-quiz.xml
View File

@ -7,5 +7,5 @@
<section xml:id="day-two-network-quiz-schedule">
<title>Day 2, 10:40 to 11:00</title>
<para></para>
</section>
</section>
</chapter>

2
doc/training-guides/bk001-ch012-associate-review-concept.xml
View File

@ -7,5 +7,5 @@
<section xml:id="day-two-review-schedule">
<title>Day 2, 16:00 to 17:00</title>
<para></para>
</section>
</section>
</chapter>