diff --git a/doc/config-reference/source/identity.rst b/doc/config-reference/source/identity.rst index 8a00cbd1dc..590e72faaf 100644 --- a/doc/config-reference/source/identity.rst +++ b/doc/config-reference/source/identity.rst @@ -4,10 +4,10 @@ Identity service .. toctree:: - identity/options.rst + identity/api.rst identity/token-provider.rst identity/federated-identity.rst - identity/sample-configuration-files.rst + identity/config-options.rst identity/samples/index.rst identity/caching.rst tables/conf-changes/keystone.rst diff --git a/doc/config-reference/source/identity/api.rst b/doc/config-reference/source/identity/api.rst new file mode 100644 index 0000000000..71f19cb427 --- /dev/null +++ b/doc/config-reference/source/identity/api.rst @@ -0,0 +1,11 @@ +========================== +Identity API configuration +========================== + +Configuration options +~~~~~~~~~~~~~~~~~~~~~ + +The Identity API can be configured by changing the following options: + +.. include:: ../tables/keystone-api.rst + diff --git a/doc/config-reference/source/identity/options.rst b/doc/config-reference/source/identity/config-options.rst similarity index 78% rename from doc/config-reference/source/identity/options.rst rename to doc/config-reference/source/identity/config-options.rst index 4a49864de1..59b63720c7 100644 --- a/doc/config-reference/source/identity/options.rst +++ b/doc/config-reference/source/identity/config-options.rst @@ -1,13 +1,12 @@ -=================================== -Identity service configuration file -=================================== +===================================================== +Additional configuration options for Identity service +===================================================== The Identity service is configured in the ``/etc/keystone/keystone.conf`` file. The following tables provide a comprehensive list of the Identity service options. -.. include:: ../tables/keystone-api.rst .. include:: ../tables/keystone-assignment.rst .. include:: ../tables/keystone-auth.rst .. include:: ../tables/keystone-ca.rst @@ -33,13 +32,8 @@ service options. .. include:: ../tables/keystone-token.rst .. include:: ../tables/keystone-tokenless.rst .. include:: ../tables/keystone-trust.rst -.. include:: ../tables/keystone-rpc.rst -.. include:: ../tables/keystone-amqp.rst -.. include:: ../tables/keystone-rabbitmq.rst -.. include:: ../tables/keystone-zeromq.rst .. include:: ../tables/keystone-redis.rst - Domain-specific Identity drivers ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -47,6 +41,6 @@ The Identity service supports domain-specific Identity drivers installed on an SQL or LDAP back end, and supports domain-specific Identity configuration options, which are stored in domain-specific configuration files. See the -`Admin guide Identity Management Chapter `_ +`Admin guide Identity Management Chapter +`_ for more information. - diff --git a/doc/config-reference/source/identity/sample-configuration-files.rst b/doc/config-reference/source/identity/sample-configuration-files.rst deleted file mode 100644 index 1e50687d9a..0000000000 --- a/doc/config-reference/source/identity/sample-configuration-files.rst +++ /dev/null @@ -1,49 +0,0 @@ -=========================================== -Identity service sample configuration files -=========================================== - -The files described in this section are in the ``/etc/keystone`` directory. - -keystone.conf -~~~~~~~~~~~~~ - -Use the ``keystone.conf`` file to configure most Identity service -options: - -.. remote-code-block:: ini - - https://git.openstack.org/cgit/openstack/keystone/plain/etc/keystone.conf.sample?h=stable/newton - -keystone-paste.ini -~~~~~~~~~~~~~~~~~~ - -Use the ``keystone-paste.ini`` file to configure the -:abbr:`WSGI (Web Service Gateway Interface)` middleware pipeline for -the Identity service: - -.. remote-code-block:: ini - - https://git.openstack.org/cgit/openstack/keystone/plain/etc/keystone-paste.ini?h=stable/newton - -logging.conf -~~~~~~~~~~~~ - -You can specify a special logging configuration file in the ``keystone.conf`` -configuration file. For example, ``/etc/keystone/logging.conf``. - -For details, see the `Python logging module documentation -`__. - -.. remote-code-block:: ini - - https://git.openstack.org/cgit/openstack/keystone/plain/etc/logging.conf.sample?h=stable/newton - -policy.json -~~~~~~~~~~~ - -Use the ``policy.json`` file to define access controls that apply to -the Identity service: - -.. remote-code-block:: json - - https://git.openstack.org/cgit/openstack/keystone/plain/etc/policy.json?h=stable/newton diff --git a/doc/config-reference/source/tables/keystone-amqp.rst b/doc/config-reference/source/tables/keystone-amqp.rst deleted file mode 100644 index e16bd712cc..0000000000 --- a/doc/config-reference/source/tables/keystone-amqp.rst +++ /dev/null @@ -1,30 +0,0 @@ -.. - Warning: Do not edit this file. It is automatically generated from the - software project's code and your changes will be overwritten. - - The tool to generate this file lives in openstack-doc-tools repository. - - Please make any changes needed in the code, then run the - autogenerate-config-doc tool from the openstack-doc-tools repository, or - ask for help on the documentation mailing list, IRC channel or meeting. - -.. _keystone-amqp: - -.. list-table:: Description of AMQP configuration options - :header-rows: 1 - :class: config-ref-table - - * - Configuration option = Default value - - Description - * - **[DEFAULT]** - - - * - ``control_exchange`` = ``keystone`` - - (String) The default exchange under which topics are scoped. May be overridden by an exchange name specified in the transport_url option. - * - ``default_publisher_id`` = ``None`` - - (String) Default `publisher_id` for outgoing notifications. If left undefined, Keystone will default to using the server's host name. - * - ``notification_format`` = ``basic`` - - (String) Define the notification format for identity service events. A `basic` notification only has information about the resource being operated on. A `cadf` notification has the same information, as well as information about the initiator of the event. The `cadf` option is entirely backwards compatible with the `basic` option, but is fully CADF-compliant, and is recommended for auditing use cases. - * - ``notification_opt_out`` = ``[]`` - - (Multi-valued) If left undefined, keystone will emit notifications for all types of events. You can reduce the number of notifications keystone emits by using this option to enumerate notification topics that should be suppressed. Values are expected to be in the form `identity..`. This field can be set multiple times in order to opt-out of multiple notification topics. For example: notification_opt_out=identity.user.create notification_opt_out=identity.authenticate.success - * - ``transport_url`` = ``None`` - - (String) A URL representing the messaging driver to use and its full configuration. diff --git a/doc/config-reference/source/tables/keystone-common.rst b/doc/config-reference/source/tables/keystone-common.rst index cc1778ba47..194c17af7b 100644 --- a/doc/config-reference/source/tables/keystone-common.rst +++ b/doc/config-reference/source/tables/keystone-common.rst @@ -22,9 +22,3 @@ - (Integer) Size of executor thread pool. * - ``insecure_debug`` = ``False`` - (Boolean) If set to true, then the server will return information in HTTP responses that may allow an unauthenticated or authenticated user to get more information than normal, such as additional details about why authentication failed. This may be useful for debugging but is insecure. - * - **[oslo_concurrency]** - - - * - ``disable_process_locking`` = ``False`` - - (Boolean) Enables or disables inter-process locks. - * - ``lock_path`` = ``None`` - - (String) Directory to use for lock files. For security, the specified directory should only be writable by the user running the processes that need locking. Defaults to environment variable OSLO_LOCK_PATH. If external locks are used, a lock path must be set. diff --git a/doc/config-reference/source/tables/keystone-rabbitmq.rst b/doc/config-reference/source/tables/keystone-rabbitmq.rst deleted file mode 100644 index c766f01540..0000000000 --- a/doc/config-reference/source/tables/keystone-rabbitmq.rst +++ /dev/null @@ -1,132 +0,0 @@ -.. - Warning: Do not edit this file. It is automatically generated from the - software project's code and your changes will be overwritten. - - The tool to generate this file lives in openstack-doc-tools repository. - - Please make any changes needed in the code, then run the - autogenerate-config-doc tool from the openstack-doc-tools repository, or - ask for help on the documentation mailing list, IRC channel or meeting. - -.. _keystone-rabbitmq: - -.. list-table:: Description of RabbitMQ configuration options - :header-rows: 1 - :class: config-ref-table - - * - Configuration option = Default value - - Description - * - **[oslo_messaging_rabbit]** - - - * - ``amqp_auto_delete`` = ``False`` - - (Boolean) Auto-delete queues in AMQP. - * - ``amqp_durable_queues`` = ``False`` - - (Boolean) Use durable queues in AMQP. - * - ``channel_max`` = ``None`` - - (Integer) Maximum number of channels to allow - * - ``connection_factory`` = ``single`` - - (String) Connection factory implementation - * - ``default_notification_exchange`` = ``${control_exchange}_notification`` - - (String) Exchange name for sending notifications - * - ``default_notification_retry_attempts`` = ``-1`` - - (Integer) Reconnecting retry count in case of connectivity problem during sending notification, -1 means infinite retry. - * - ``default_rpc_exchange`` = ``${control_exchange}_rpc`` - - (String) Exchange name for sending RPC messages - * - ``default_rpc_retry_attempts`` = ``-1`` - - (Integer) Reconnecting retry count in case of connectivity problem during sending RPC message, -1 means infinite retry. If actual retry attempts in not 0 the rpc request could be processed more then one time - * - ``fake_rabbit`` = ``False`` - - (Boolean) Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake - * - ``frame_max`` = ``None`` - - (Integer) The maximum byte size for an AMQP frame - * - ``heartbeat_interval`` = ``3`` - - (Integer) How often to send heartbeats for consumer's connections - * - ``heartbeat_rate`` = ``2`` - - (Integer) How often times during the heartbeat_timeout_threshold we check the heartbeat. - * - ``heartbeat_timeout_threshold`` = ``60`` - - (Integer) Number of seconds after which the Rabbit broker is considered down if heartbeat's keep-alive fails (0 disable the heartbeat). EXPERIMENTAL - * - ``host_connection_reconnect_delay`` = ``0.25`` - - (Floating point) Set delay for reconnection to some host which has connection error - * - ``kombu_compression`` = ``None`` - - (String) EXPERIMENTAL: Possible values are: gzip, bz2. If not set compression will not be used. This option may not be available in future versions. - * - ``kombu_failover_strategy`` = ``round-robin`` - - (String) Determines how the next RabbitMQ node is chosen in case the one we are currently connected to becomes unavailable. Takes effect only if more than one RabbitMQ node is provided in config. - * - ``kombu_missing_consumer_retry_timeout`` = ``60`` - - (Integer) How long to wait a missing client before abandoning to send it its replies. This value should not be longer than rpc_response_timeout. - * - ``kombu_reconnect_delay`` = ``1.0`` - - (Floating point) How long to wait before reconnecting in response to an AMQP consumer cancel notification. - * - ``kombu_ssl_ca_certs`` = - - (String) SSL certification authority file (valid only if SSL enabled). - * - ``kombu_ssl_certfile`` = - - (String) SSL cert file (valid only if SSL enabled). - * - ``kombu_ssl_keyfile`` = - - (String) SSL key file (valid only if SSL enabled). - * - ``kombu_ssl_version`` = - - (String) SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some distributions. - * - ``notification_listener_prefetch_count`` = ``100`` - - (Integer) Max number of not acknowledged message which RabbitMQ can send to notification listener. - * - ``notification_persistence`` = ``False`` - - (Boolean) Persist notification messages. - * - ``notification_retry_delay`` = ``0.25`` - - (Floating point) Reconnecting retry delay in case of connectivity problem during sending notification message - * - ``pool_max_overflow`` = ``0`` - - (Integer) Maximum number of connections to create above `pool_max_size`. - * - ``pool_max_size`` = ``30`` - - (Integer) Maximum number of connections to keep queued. - * - ``pool_recycle`` = ``600`` - - (Integer) Lifetime of a connection (since creation) in seconds or None for no recycling. Expired connections are closed on acquire. - * - ``pool_stale`` = ``60`` - - (Integer) Threshold at which inactive (since release) connections are considered stale in seconds or None for no staleness. Stale connections are closed on acquire. - * - ``pool_timeout`` = ``30`` - - (Integer) Default number of seconds to wait for a connections to available - * - ``rabbit_ha_queues`` = ``False`` - - (Boolean) Try to use HA queues in RabbitMQ (x-ha-policy: all). If you change this option, you must wipe the RabbitMQ database. In RabbitMQ 3.0, queue mirroring is no longer controlled by the x-ha-policy argument when declaring a queue. If you just want to make sure that all queues (except those with auto-generated names) are mirrored across all nodes, run: "rabbitmqctl set_policy HA '^(?!amq\.).*' '{"ha-mode": "all"}' " - * - ``rabbit_host`` = ``localhost`` - - (String) DEPRECATED: The RabbitMQ broker address where a single node is used. Replaced by [DEFAULT]/transport_url - * - ``rabbit_hosts`` = ``$rabbit_host:$rabbit_port`` - - (List) DEPRECATED: RabbitMQ HA cluster host:port pairs. Replaced by [DEFAULT]/transport_url - * - ``rabbit_interval_max`` = ``30`` - - (Integer) Maximum interval of RabbitMQ connection retries. Default is 30 seconds. - * - ``rabbit_login_method`` = ``AMQPLAIN`` - - (String) The RabbitMQ login method. - * - ``rabbit_max_retries`` = ``0`` - - (Integer) DEPRECATED: Maximum number of RabbitMQ connection retries. Default is 0 (infinite retry count). - * - ``rabbit_password`` = ``guest`` - - (String) DEPRECATED: The RabbitMQ password. Replaced by [DEFAULT]/transport_url - * - ``rabbit_port`` = ``5672`` - - (Port number) DEPRECATED: The RabbitMQ broker port where a single node is used. Replaced by [DEFAULT]/transport_url - * - ``rabbit_qos_prefetch_count`` = ``0`` - - (Integer) Specifies the number of messages to prefetch. Setting to zero allows unlimited messages. - * - ``rabbit_retry_backoff`` = ``2`` - - (Integer) How long to backoff for between retries when connecting to RabbitMQ. - * - ``rabbit_retry_interval`` = ``1`` - - (Integer) How frequently to retry connecting with RabbitMQ. - * - ``rabbit_transient_queues_ttl`` = ``1800`` - - (Integer) Positive integer representing duration in seconds for queue TTL (x-expires). Queues which are unused for the duration of the TTL are automatically deleted. The parameter affects only reply and fanout queues. - * - ``rabbit_use_ssl`` = ``False`` - - (Boolean) Connect over SSL for RabbitMQ. - * - ``rabbit_userid`` = ``guest`` - - (String) DEPRECATED: The RabbitMQ userid. Replaced by [DEFAULT]/transport_url - * - ``rabbit_virtual_host`` = ``/`` - - (String) DEPRECATED: The RabbitMQ virtual host. Replaced by [DEFAULT]/transport_url - * - ``rpc_listener_prefetch_count`` = ``100`` - - (Integer) Max number of not acknowledged message which RabbitMQ can send to rpc listener. - * - ``rpc_queue_expiration`` = ``60`` - - (Integer) Time to live for rpc queues without consumers in seconds. - * - ``rpc_reply_exchange`` = ``${control_exchange}_rpc_reply`` - - (String) Exchange name for receiving RPC replies - * - ``rpc_reply_listener_prefetch_count`` = ``100`` - - (Integer) Max number of not acknowledged message which RabbitMQ can send to rpc reply listener. - * - ``rpc_reply_retry_attempts`` = ``-1`` - - (Integer) Reconnecting retry count in case of connectivity problem during sending reply. -1 means infinite retry during rpc_timeout - * - ``rpc_reply_retry_delay`` = ``0.25`` - - (Floating point) Reconnecting retry delay in case of connectivity problem during sending reply. - * - ``rpc_retry_delay`` = ``0.25`` - - (Floating point) Reconnecting retry delay in case of connectivity problem during sending RPC message - * - ``socket_timeout`` = ``0.25`` - - (Floating point) Set socket timeout in seconds for connection's socket - * - ``ssl`` = ``None`` - - (Boolean) Enable SSL - * - ``ssl_options`` = ``None`` - - (Dict) Arguments passed to ssl.wrap_socket - * - ``tcp_user_timeout`` = ``0.25`` - - (Floating point) Set TCP_USER_TIMEOUT in seconds for connection's socket diff --git a/doc/config-reference/source/tables/keystone-rpc.rst b/doc/config-reference/source/tables/keystone-rpc.rst deleted file mode 100644 index b4ed02ff1b..0000000000 --- a/doc/config-reference/source/tables/keystone-rpc.rst +++ /dev/null @@ -1,108 +0,0 @@ -.. - Warning: Do not edit this file. It is automatically generated from the - software project's code and your changes will be overwritten. - - The tool to generate this file lives in openstack-doc-tools repository. - - Please make any changes needed in the code, then run the - autogenerate-config-doc tool from the openstack-doc-tools repository, or - ask for help on the documentation mailing list, IRC channel or meeting. - -.. _keystone-rpc: - -.. list-table:: Description of RPC configuration options - :header-rows: 1 - :class: config-ref-table - - * - Configuration option = Default value - - Description - * - **[DEFAULT]** - - - * - ``rpc_backend`` = ``rabbit`` - - (String) DEPRECATED: The messaging driver to use, defaults to rabbit. Other drivers include amqp and zmq. Replaced by [DEFAULT]/transport_url - * - ``rpc_cast_timeout`` = ``-1`` - - (Integer) Seconds to wait before a cast expires (TTL). The default value of -1 specifies an infinite linger period. The value of 0 specifies no linger period. Pending messages shall be discarded immediately when the socket is closed. Only supported by impl_zmq. - * - ``rpc_conn_pool_size`` = ``30`` - - (Integer) Size of RPC connection pool. - * - ``rpc_poll_timeout`` = ``1`` - - (Integer) The default number of seconds that poll should wait. Poll raises timeout exception when timeout expired. - * - ``rpc_response_timeout`` = ``60`` - - (Integer) Seconds to wait for a response from a call. - * - **[oslo_messaging_amqp]** - - - * - ``addressing_mode`` = ``dynamic`` - - (String) Indicates the addressing mode used by the driver. Permitted values: 'legacy' - use legacy non-routable addressing 'routable' - use routable addresses 'dynamic' - use legacy addresses if the message bus does not support routing otherwise use routable addressing - * - ``allow_insecure_clients`` = ``False`` - - (Boolean) Accept clients using either SSL or plain TCP - * - ``anycast_address`` = ``anycast`` - - (String) Appended to the address prefix when sending to a group of consumers. Used by the message bus to identify messages that should be delivered in a round-robin fashion across consumers. - * - ``broadcast_prefix`` = ``broadcast`` - - (String) address prefix used when broadcasting to all servers - * - ``connection_retry_backoff`` = ``2`` - - (Integer) Increase the connection_retry_interval by this many seconds after each unsuccessful failover attempt. - * - ``connection_retry_interval`` = ``1`` - - (Integer) Seconds to pause before attempting to re-connect. - * - ``connection_retry_interval_max`` = ``30`` - - (Integer) Maximum limit for connection_retry_interval + connection_retry_backoff - * - ``container_name`` = ``None`` - - (String) Name for the AMQP container. must be globally unique. Defaults to a generated UUID - * - ``default_notification_exchange`` = ``None`` - - (String) Exchange name used in notification addresses. Exchange name resolution precedence: Target.exchange if set else default_notification_exchange if set else control_exchange if set else 'notify' - * - ``default_notify_timeout`` = ``30`` - - (Integer) The deadline for a sent notification message delivery. Only used when caller does not provide a timeout expiry. - * - ``default_reply_timeout`` = ``30`` - - (Integer) The deadline for an rpc reply message delivery. Only used when caller does not provide a timeout expiry. - * - ``default_rpc_exchange`` = ``None`` - - (String) Exchange name used in RPC addresses. Exchange name resolution precedence: Target.exchange if set else default_rpc_exchange if set else control_exchange if set else 'rpc' - * - ``default_send_timeout`` = ``30`` - - (Integer) The deadline for an rpc cast or call message delivery. Only used when caller does not provide a timeout expiry. - * - ``group_request_prefix`` = ``unicast`` - - (String) address prefix when sending to any server in group - * - ``idle_timeout`` = ``0`` - - (Integer) Timeout for inactive connections (in seconds) - * - ``link_retry_delay`` = ``10`` - - (Integer) Time to pause between re-connecting an AMQP 1.0 link that failed due to a recoverable error. - * - ``multicast_address`` = ``multicast`` - - (String) Appended to the address prefix when sending a fanout message. Used by the message bus to identify fanout messages. - * - ``notify_address_prefix`` = ``openstack.org/om/notify`` - - (String) Address prefix for all generated Notification addresses - * - ``notify_server_credit`` = ``100`` - - (Integer) Window size for incoming Notification messages - * - ``password`` = - - (String) Password for message broker authentication - * - ``reply_link_credit`` = ``200`` - - (Integer) Window size for incoming RPC Reply messages. - * - ``rpc_address_prefix`` = ``openstack.org/om/rpc`` - - (String) Address prefix for all generated RPC addresses - * - ``rpc_server_credit`` = ``100`` - - (Integer) Window size for incoming RPC Request messages - * - ``sasl_config_dir`` = - - (String) Path to directory that contains the SASL configuration - * - ``sasl_config_name`` = - - (String) Name of configuration file (without .conf suffix) - * - ``sasl_mechanisms`` = - - (String) Space separated list of acceptable SASL mechanisms - * - ``server_request_prefix`` = ``exclusive`` - - (String) address prefix used when sending to a specific server - * - ``ssl_ca_file`` = - - (String) CA certificate PEM file to verify server certificate - * - ``ssl_cert_file`` = - - (String) Identifying certificate PEM file to present to clients - * - ``ssl_key_file`` = - - (String) Private key PEM file used to sign cert_file certificate - * - ``ssl_key_password`` = ``None`` - - (String) Password for decrypting ssl_key_file (if encrypted) - * - ``trace`` = ``False`` - - (Boolean) Debug: dump AMQP frames to stdout - * - ``unicast_address`` = ``unicast`` - - (String) Appended to the address prefix when sending to a particular RPC/Notification server. Used by the message bus to identify messages sent to a single destination. - * - ``username`` = - - (String) User name for message broker authentication - * - **[oslo_messaging_notifications]** - - - * - ``driver`` = ``[]`` - - (Multi-valued) The Drivers(s) to handle sending notifications. Possible values are messaging, messagingv2, routing, log, test, noop - * - ``topics`` = ``notifications`` - - (List) AMQP topic used for OpenStack notifications. - * - ``transport_url`` = ``None`` - - (String) A URL representing the messaging driver to use for notifications. If not set, we fall back to the same configuration used for RPC. diff --git a/doc/config-reference/source/tables/keystone-zeromq.rst b/doc/config-reference/source/tables/keystone-zeromq.rst deleted file mode 100644 index 7ce0a91ad0..0000000000 --- a/doc/config-reference/source/tables/keystone-zeromq.rst +++ /dev/null @@ -1,84 +0,0 @@ -.. - Warning: Do not edit this file. It is automatically generated from the - software project's code and your changes will be overwritten. - - The tool to generate this file lives in openstack-doc-tools repository. - - Please make any changes needed in the code, then run the - autogenerate-config-doc tool from the openstack-doc-tools repository, or - ask for help on the documentation mailing list, IRC channel or meeting. - -.. _keystone-zeromq: - -.. list-table:: Description of ZeroMQ configuration options - :header-rows: 1 - :class: config-ref-table - - * - Configuration option = Default value - - Description - * - **[DEFAULT]** - - - * - ``rpc_zmq_bind_address`` = ``*`` - - (String) ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP. The "host" option should point or resolve to this address. - * - ``rpc_zmq_bind_port_retries`` = ``100`` - - (Integer) Number of retries to find free port number before fail with ZMQBindError. - * - ``rpc_zmq_contexts`` = ``1`` - - (Integer) Number of ZeroMQ contexts, defaults to 1. - * - ``rpc_zmq_host`` = ``localhost`` - - (String) Name of this node. Must be a valid hostname, FQDN, or IP address. Must match "host" option, if running Nova. - * - ``rpc_zmq_ipc_dir`` = ``/var/run/openstack`` - - (String) Directory for holding IPC sockets. - * - ``rpc_zmq_matchmaker`` = ``redis`` - - (String) MatchMaker driver. - * - ``rpc_zmq_max_port`` = ``65536`` - - (Integer) Maximal port number for random ports range. - * - ``rpc_zmq_min_port`` = ``49153`` - - (Port number) Minimal port number for random ports range. - * - ``rpc_zmq_serialization`` = ``json`` - - (String) Default serialization mechanism for serializing/deserializing outgoing/incoming messages - * - ``rpc_zmq_topic_backlog`` = ``None`` - - (Integer) Maximum number of ingress messages to locally buffer per topic. Default is unlimited. - * - ``use_pub_sub`` = ``True`` - - (Boolean) Use PUB/SUB pattern for fanout methods. PUB/SUB always uses proxy. - * - ``zmq_immediate`` = ``False`` - - (Boolean) This option configures round-robin mode in zmq socket. True means not keeping a queue when server side disconnects. False means to keep queue and messages even if server is disconnected, when the server appears we send all accumulated messages to it. - * - ``zmq_target_expire`` = ``300`` - - (Integer) Expiration timeout in seconds of a name service record about existing target ( < 0 means no timeout). - * - ``zmq_target_update`` = ``180`` - - (Integer) Update period in seconds of a name service record about existing target. - * - **[oslo_messaging_zmq]** - - - * - ``rpc_cast_timeout`` = ``-1`` - - (Integer) Seconds to wait before a cast expires (TTL). The default value of -1 specifies an infinite linger period. The value of 0 specifies no linger period. Pending messages shall be discarded immediately when the socket is closed. Only supported by impl_zmq. - * - ``rpc_poll_timeout`` = ``1`` - - (Integer) The default number of seconds that poll should wait. Poll raises timeout exception when timeout expired. - * - ``rpc_zmq_bind_address`` = ``*`` - - (String) ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP. The "host" option should point or resolve to this address. - * - ``rpc_zmq_bind_port_retries`` = ``100`` - - (Integer) Number of retries to find free port number before fail with ZMQBindError. - * - ``rpc_zmq_contexts`` = ``1`` - - (Integer) Number of ZeroMQ contexts, defaults to 1. - * - ``rpc_zmq_host`` = ``localhost`` - - (String) Name of this node. Must be a valid hostname, FQDN, or IP address. Must match "host" option, if running Nova. - * - ``rpc_zmq_ipc_dir`` = ``/var/run/openstack`` - - (String) Directory for holding IPC sockets. - * - ``rpc_zmq_matchmaker`` = ``redis`` - - (String) MatchMaker driver. - * - ``rpc_zmq_max_port`` = ``65536`` - - (Integer) Maximal port number for random ports range. - * - ``rpc_zmq_min_port`` = ``49153`` - - (Port number) Minimal port number for random ports range. - * - ``rpc_zmq_serialization`` = ``json`` - - (String) Default serialization mechanism for serializing/deserializing outgoing/incoming messages - * - ``rpc_zmq_topic_backlog`` = ``None`` - - (Integer) Maximum number of ingress messages to locally buffer per topic. Default is unlimited. - * - ``use_pub_sub`` = ``True`` - - (Boolean) Use PUB/SUB pattern for fanout methods. PUB/SUB always uses proxy. - * - ``use_router_proxy`` = ``True`` - - (Boolean) Use ROUTER remote proxy. - * - ``zmq_immediate`` = ``False`` - - (Boolean) This option configures round-robin mode in zmq socket. True means not keeping a queue when server side disconnects. False means to keep queue and messages even if server is disconnected, when the server appears we send all accumulated messages to it. - * - ``zmq_target_expire`` = ``300`` - - (Integer) Expiration timeout in seconds of a name service record about existing target ( < 0 means no timeout). - * - ``zmq_target_update`` = ``180`` - - (Integer) Update period in seconds of a name service record about existing target. diff --git a/tools/autogenerate-config-flagmappings/keystone.flagmappings b/tools/autogenerate-config-flagmappings/keystone.flagmappings index 10d3f170c0..bfcafa8e84 100644 --- a/tools/autogenerate-config-flagmappings/keystone.flagmappings +++ b/tools/autogenerate-config-flagmappings/keystone.flagmappings @@ -2,11 +2,11 @@ admin_endpoint api admin_token api conn_pool_min_size disable conn_pool_ttl disable -control_exchange amqp +control_exchange disable crypt_strength security debug disable default_log_levels disable -default_publisher_id amqp +default_publisher_id disable domain_id_immutable api executor_thread_pool_size common fatal_deprecations disable @@ -28,38 +28,38 @@ max_project_tree_depth api max_token_size api member_role_id api member_role_name api -notification_format amqp -notification_opt_out amqp +notification_format disable +notification_opt_out disable public_endpoint api publish_errors disable -rpc_backend rpc -rpc_cast_timeout rpc -rpc_conn_pool_size rpc -rpc_poll_timeout rpc -rpc_response_timeout rpc -rpc_zmq_bind_address zeromq -rpc_zmq_bind_port_retries zeromq -rpc_zmq_contexts zeromq -rpc_zmq_host zeromq -rpc_zmq_ipc_dir zeromq -rpc_zmq_matchmaker zeromq -rpc_zmq_max_port zeromq -rpc_zmq_min_port zeromq -rpc_zmq_serialization zeromq -rpc_zmq_topic_backlog zeromq +rpc_backend disable +rpc_cast_timeout disable +rpc_conn_pool_size disable +rpc_poll_timeout disable +rpc_response_timeout disable +rpc_zmq_bind_address disable +rpc_zmq_bind_port_retries disable +rpc_zmq_contexts disable +rpc_zmq_host disable +rpc_zmq_ipc_dir disable +rpc_zmq_matchmaker disable +rpc_zmq_max_port disable +rpc_zmq_min_port disable +rpc_zmq_serialization disable +rpc_zmq_topic_backlog disable secure_proxy_ssl_header api strict_password_check api syslog_log_facility disable -transport_url amqp -use_pub_sub zeromq +transport_url disable +use_pub_sub disable use_router_proxy disable use_stderr disable use_syslog disable verbose disable watch_log_file disable -zmq_immediate zeromq -zmq_target_expire zeromq -zmq_target_update zeromq +zmq_immediate disable +zmq_target_expire disable +zmq_target_update disable audit/namespace debug cache/backend disable cache/backend_argument disable @@ -152,118 +152,118 @@ matchmaker_redis/sentinel_group_name redis matchmaker_redis/sentinel_hosts redis matchmaker_redis/socket_timeout redis matchmaker_redis/wait_timeout redis -oslo_concurrency/disable_process_locking common -oslo_concurrency/lock_path common -oslo_messaging_amqp/addressing_mode rpc -oslo_messaging_amqp/allow_insecure_clients rpc -oslo_messaging_amqp/anycast_address rpc -oslo_messaging_amqp/broadcast_prefix rpc -oslo_messaging_amqp/connection_retry_backoff rpc -oslo_messaging_amqp/connection_retry_interval rpc -oslo_messaging_amqp/connection_retry_interval_max rpc -oslo_messaging_amqp/container_name rpc -oslo_messaging_amqp/default_notification_exchange rpc -oslo_messaging_amqp/default_notify_timeout rpc -oslo_messaging_amqp/default_reply_timeout rpc -oslo_messaging_amqp/default_rpc_exchange rpc -oslo_messaging_amqp/default_send_timeout rpc -oslo_messaging_amqp/group_request_prefix rpc -oslo_messaging_amqp/idle_timeout rpc -oslo_messaging_amqp/link_retry_delay rpc -oslo_messaging_amqp/multicast_address rpc -oslo_messaging_amqp/notify_address_prefix rpc -oslo_messaging_amqp/notify_server_credit rpc -oslo_messaging_amqp/password rpc -oslo_messaging_amqp/reply_link_credit rpc -oslo_messaging_amqp/rpc_address_prefix rpc -oslo_messaging_amqp/rpc_server_credit rpc -oslo_messaging_amqp/sasl_config_dir rpc -oslo_messaging_amqp/sasl_config_name rpc -oslo_messaging_amqp/sasl_mechanisms rpc -oslo_messaging_amqp/server_request_prefix rpc -oslo_messaging_amqp/ssl_ca_file rpc -oslo_messaging_amqp/ssl_cert_file rpc -oslo_messaging_amqp/ssl_key_file rpc -oslo_messaging_amqp/ssl_key_password rpc -oslo_messaging_amqp/trace rpc -oslo_messaging_amqp/unicast_address rpc -oslo_messaging_amqp/username rpc -oslo_messaging_notifications/driver rpc -oslo_messaging_notifications/topics rpc -oslo_messaging_notifications/transport_url rpc -oslo_messaging_rabbit/amqp_auto_delete rabbitmq -oslo_messaging_rabbit/amqp_durable_queues rabbitmq -oslo_messaging_rabbit/channel_max rabbitmq -oslo_messaging_rabbit/connection_factory rabbitmq -oslo_messaging_rabbit/default_notification_exchange rabbitmq -oslo_messaging_rabbit/default_notification_retry_attempts rabbitmq -oslo_messaging_rabbit/default_rpc_exchange rabbitmq -oslo_messaging_rabbit/default_rpc_retry_attempts rabbitmq -oslo_messaging_rabbit/fake_rabbit rabbitmq -oslo_messaging_rabbit/frame_max rabbitmq -oslo_messaging_rabbit/heartbeat_interval rabbitmq -oslo_messaging_rabbit/heartbeat_rate rabbitmq -oslo_messaging_rabbit/heartbeat_timeout_threshold rabbitmq -oslo_messaging_rabbit/host_connection_reconnect_delay rabbitmq -oslo_messaging_rabbit/kombu_compression rabbitmq -oslo_messaging_rabbit/kombu_failover_strategy rabbitmq -oslo_messaging_rabbit/kombu_missing_consumer_retry_timeout rabbitmq -oslo_messaging_rabbit/kombu_reconnect_delay rabbitmq -oslo_messaging_rabbit/kombu_ssl_ca_certs rabbitmq -oslo_messaging_rabbit/kombu_ssl_certfile rabbitmq -oslo_messaging_rabbit/kombu_ssl_keyfile rabbitmq -oslo_messaging_rabbit/kombu_ssl_version rabbitmq -oslo_messaging_rabbit/notification_listener_prefetch_count rabbitmq -oslo_messaging_rabbit/notification_persistence rabbitmq -oslo_messaging_rabbit/notification_retry_delay rabbitmq -oslo_messaging_rabbit/pool_max_overflow rabbitmq -oslo_messaging_rabbit/pool_max_size rabbitmq -oslo_messaging_rabbit/pool_recycle rabbitmq -oslo_messaging_rabbit/pool_stale rabbitmq -oslo_messaging_rabbit/pool_timeout rabbitmq -oslo_messaging_rabbit/rabbit_ha_queues rabbitmq -oslo_messaging_rabbit/rabbit_host rabbitmq -oslo_messaging_rabbit/rabbit_hosts rabbitmq -oslo_messaging_rabbit/rabbit_interval_max rabbitmq -oslo_messaging_rabbit/rabbit_login_method rabbitmq -oslo_messaging_rabbit/rabbit_max_retries rabbitmq -oslo_messaging_rabbit/rabbit_password rabbitmq -oslo_messaging_rabbit/rabbit_port rabbitmq -oslo_messaging_rabbit/rabbit_qos_prefetch_count rabbitmq -oslo_messaging_rabbit/rabbit_retry_backoff rabbitmq -oslo_messaging_rabbit/rabbit_retry_interval rabbitmq -oslo_messaging_rabbit/rabbit_transient_queues_ttl rabbitmq -oslo_messaging_rabbit/rabbit_use_ssl rabbitmq -oslo_messaging_rabbit/rabbit_userid rabbitmq -oslo_messaging_rabbit/rabbit_virtual_host rabbitmq -oslo_messaging_rabbit/rpc_listener_prefetch_count rabbitmq -oslo_messaging_rabbit/rpc_queue_expiration rabbitmq -oslo_messaging_rabbit/rpc_reply_exchange rabbitmq -oslo_messaging_rabbit/rpc_reply_listener_prefetch_count rabbitmq -oslo_messaging_rabbit/rpc_reply_retry_attempts rabbitmq -oslo_messaging_rabbit/rpc_reply_retry_delay rabbitmq -oslo_messaging_rabbit/rpc_retry_delay rabbitmq -oslo_messaging_rabbit/socket_timeout rabbitmq -oslo_messaging_rabbit/ssl rabbitmq -oslo_messaging_rabbit/ssl_options rabbitmq -oslo_messaging_rabbit/tcp_user_timeout rabbitmq -oslo_messaging_zmq/rpc_cast_timeout zeromq -oslo_messaging_zmq/rpc_poll_timeout zeromq -oslo_messaging_zmq/rpc_zmq_bind_address zeromq -oslo_messaging_zmq/rpc_zmq_bind_port_retries zeromq -oslo_messaging_zmq/rpc_zmq_contexts zeromq -oslo_messaging_zmq/rpc_zmq_host zeromq -oslo_messaging_zmq/rpc_zmq_ipc_dir zeromq -oslo_messaging_zmq/rpc_zmq_matchmaker zeromq -oslo_messaging_zmq/rpc_zmq_max_port zeromq -oslo_messaging_zmq/rpc_zmq_min_port zeromq -oslo_messaging_zmq/rpc_zmq_serialization zeromq -oslo_messaging_zmq/rpc_zmq_topic_backlog zeromq -oslo_messaging_zmq/use_pub_sub zeromq -oslo_messaging_zmq/use_router_proxy zeromq -oslo_messaging_zmq/zmq_immediate zeromq -oslo_messaging_zmq/zmq_target_expire zeromq -oslo_messaging_zmq/zmq_target_update zeromq +oslo_concurrency/disable_process_locking disable +oslo_concurrency/lock_path disable +oslo_messaging_amqp/addressing_mode disable +oslo_messaging_amqp/allow_insecure_clients disable +oslo_messaging_amqp/anycast_address disable +oslo_messaging_amqp/broadcast_prefix disable +oslo_messaging_amqp/connection_retry_backoff disable +oslo_messaging_amqp/connection_retry_interval disable +oslo_messaging_amqp/connection_retry_interval_max disable +oslo_messaging_amqp/container_name disable +oslo_messaging_amqp/default_notification_exchange disable +oslo_messaging_amqp/default_notify_timeout disable +oslo_messaging_amqp/default_reply_timeout disable +oslo_messaging_amqp/default_rpc_exchange disable +oslo_messaging_amqp/default_send_timeout disable +oslo_messaging_amqp/group_request_prefix disable +oslo_messaging_amqp/idle_timeout disable +oslo_messaging_amqp/link_retry_delay disable +oslo_messaging_amqp/multicast_address disable +oslo_messaging_amqp/notify_address_prefix disable +oslo_messaging_amqp/notify_server_credit disable +oslo_messaging_amqp/password disable +oslo_messaging_amqp/reply_link_credit disable +oslo_messaging_amqp/rpc_address_prefix disable +oslo_messaging_amqp/rpc_server_credit disable +oslo_messaging_amqp/sasl_config_dir disable +oslo_messaging_amqp/sasl_config_name disable +oslo_messaging_amqp/sasl_mechanisms disable +oslo_messaging_amqp/server_request_prefix disable +oslo_messaging_amqp/ssl_ca_file disable +oslo_messaging_amqp/ssl_cert_file disable +oslo_messaging_amqp/ssl_key_file disable +oslo_messaging_amqp/ssl_key_password disable +oslo_messaging_amqp/trace disable +oslo_messaging_amqp/unicast_address disable +oslo_messaging_amqp/username disable +oslo_messaging_notifications/driver disable +oslo_messaging_notifications/topics disable +oslo_messaging_notifications/transport_url disable +oslo_messaging_rabbit/amqp_auto_delete disable +oslo_messaging_rabbit/amqp_durable_queues disable +oslo_messaging_rabbit/channel_max disable +oslo_messaging_rabbit/connection_factory disable +oslo_messaging_rabbit/default_notification_exchange disable +oslo_messaging_rabbit/default_notification_retry_attempts disable +oslo_messaging_rabbit/default_rpc_exchange disable +oslo_messaging_rabbit/default_rpc_retry_attempts disable +oslo_messaging_rabbit/fake_rabbit disable +oslo_messaging_rabbit/frame_max disable +oslo_messaging_rabbit/heartbeat_interval disable +oslo_messaging_rabbit/heartbeat_rate disable +oslo_messaging_rabbit/heartbeat_timeout_threshold disable +oslo_messaging_rabbit/host_connection_reconnect_delay disable +oslo_messaging_rabbit/kombu_compression disable +oslo_messaging_rabbit/kombu_failover_strategy disable +oslo_messaging_rabbit/kombu_missing_consumer_retry_timeout disable +oslo_messaging_rabbit/kombu_reconnect_delay disable +oslo_messaging_rabbit/kombu_ssl_ca_certs disable +oslo_messaging_rabbit/kombu_ssl_certfile disable +oslo_messaging_rabbit/kombu_ssl_keyfile disable +oslo_messaging_rabbit/kombu_ssl_version disable +oslo_messaging_rabbit/notification_listener_prefetch_count disable +oslo_messaging_rabbit/notification_persistence disable +oslo_messaging_rabbit/notification_retry_delay disable +oslo_messaging_rabbit/pool_max_overflow disable +oslo_messaging_rabbit/pool_max_size disable +oslo_messaging_rabbit/pool_recycle disable +oslo_messaging_rabbit/pool_stale disable +oslo_messaging_rabbit/pool_timeout disable +oslo_messaging_rabbit/rabbit_ha_queues disable +oslo_messaging_rabbit/rabbit_host disable +oslo_messaging_rabbit/rabbit_hosts disable +oslo_messaging_rabbit/rabbit_interval_max disable +oslo_messaging_rabbit/rabbit_login_method disable +oslo_messaging_rabbit/rabbit_max_retries disable +oslo_messaging_rabbit/rabbit_password disable +oslo_messaging_rabbit/rabbit_port disable +oslo_messaging_rabbit/rabbit_qos_prefetch_count disable +oslo_messaging_rabbit/rabbit_retry_backoff disable +oslo_messaging_rabbit/rabbit_retry_interval disable +oslo_messaging_rabbit/rabbit_transient_queues_ttl disable +oslo_messaging_rabbit/rabbit_use_ssl disable +oslo_messaging_rabbit/rabbit_userid disable +oslo_messaging_rabbit/rabbit_virtual_host disable +oslo_messaging_rabbit/rpc_listener_prefetch_count disable +oslo_messaging_rabbit/rpc_queue_expiration disable +oslo_messaging_rabbit/rpc_reply_exchange disable +oslo_messaging_rabbit/rpc_reply_listener_prefetch_count disable +oslo_messaging_rabbit/rpc_reply_retry_attempts disable +oslo_messaging_rabbit/rpc_reply_retry_delay disable +oslo_messaging_rabbit/rpc_retry_delay disable +oslo_messaging_rabbit/socket_timeout disable +oslo_messaging_rabbit/ssl disable +oslo_messaging_rabbit/ssl_options disable +oslo_messaging_rabbit/tcp_user_timeout disable +oslo_messaging_zmq/rpc_cast_timeout disable +oslo_messaging_zmq/rpc_poll_timeout disable +oslo_messaging_zmq/rpc_zmq_bind_address disable +oslo_messaging_zmq/rpc_zmq_bind_port_retries disable +oslo_messaging_zmq/rpc_zmq_contexts disable +oslo_messaging_zmq/rpc_zmq_host disable +oslo_messaging_zmq/rpc_zmq_ipc_dir disable +oslo_messaging_zmq/rpc_zmq_matchmaker disable +oslo_messaging_zmq/rpc_zmq_max_port disable +oslo_messaging_zmq/rpc_zmq_min_port disable +oslo_messaging_zmq/rpc_zmq_serialization disable +oslo_messaging_zmq/rpc_zmq_topic_backlog disable +oslo_messaging_zmq/use_pub_sub disable +oslo_messaging_zmq/use_router_proxy disable +oslo_messaging_zmq/zmq_immediate disable +oslo_messaging_zmq/zmq_target_expire disable +oslo_messaging_zmq/zmq_target_update disable oslo_middleware/enable_proxy_headers_parsing api oslo_middleware/max_request_body_size api oslo_middleware/secure_proxy_ssl_header api