openstack
/
openstack-manuals
Code Issues Proposed changes

Merge "[config-ref]: update nova config options for stable/ocata"

This commit is contained in:
Jenkins 2017-03-21 22:51:26 +00:00 committed by Gerrit Code Review
parent 1289cdd775 564f5330c3
commit af0dfe8072
86 changed files with 7361 additions and 3894 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
doc/config-reference/source/compute/api.rst
View File

@ -31,5 +31,4 @@ Configuration options
The Compute API configuration options are documented in the tables below.
.. include:: ../tables/nova-api.rst
.. include:: ../tables/nova-apiv21.rst
.. include:: ../tables/nova-ca.rst
:start-line: 12

63
doc/config-reference/source/compute/config-options.rst
View File

@ -2,50 +2,65 @@
nova.conf - configuration options
=================================
.. include:: ../tables/nova-DEFAULT.rst
.. include:: ../tables/nova-api_database.rst
.. include:: ../tables/nova-authentication.rst
.. include:: ../tables/nova-availabilityzones.rst
.. include:: ../tables/nova-api.rst
.. include:: ../tables/nova-barbican.rst
.. include:: ../tables/nova-cache.rst
.. include:: ../tables/nova-cells.rst
.. include:: ../tables/nova-cinder.rst
.. include:: ../tables/nova-cloudpipe.rst
.. include:: ../tables/nova-common.rst
.. include:: ../tables/nova-compute.rst
.. include:: ../tables/nova-conductor.rst
.. include:: ../tables/nova-configdrive.rst
.. include:: ../tables/nova-consoleauth.rst
.. include:: ../tables/nova-console.rst
.. include:: ../tables/nova-cors.rst
.. include:: ../tables/nova-cors.subdomain.rst
.. include:: ../tables/nova-crypto.rst
.. include:: ../tables/nova-debug.rst
.. include:: ../tables/nova-database.rst
.. include:: ../tables/nova-ephemeral_storage_encryption.rst
.. include:: ../tables/nova-fping.rst
.. include:: ../tables/nova-filter_scheduler.rst
.. include:: ../tables/nova-glance.rst
.. include:: ../tables/nova-guestfs.rst
.. include:: ../tables/nova-healthcheck.rst
.. include:: ../tables/nova-hyperv.rst
.. include:: ../tables/nova-hypervisor.rst
.. include:: ../tables/nova-image_file_url.rst
.. include:: ../tables/nova-ironic.rst
.. include:: ../tables/nova-ipv6.rst
.. include:: ../tables/nova-key_manager.rst
.. include:: ../tables/nova-ldap.rst
.. include:: ../tables/nova-keystone_authtoken.rst
.. include:: ../tables/nova-libvirt.rst
.. include:: ../tables/nova-livemigration.rst
.. include:: ../tables/nova-metadata.rst
.. include:: ../tables/nova-network.rst
.. include:: ../tables/nova-matchmaker_redis.rst
.. include:: ../tables/nova-metrics.rst
.. include:: ../tables/nova-mks.rst
.. include:: ../tables/nova-neutron.rst
.. include:: ../tables/nova-osbrick.rst
.. include:: ../tables/nova-notifications.rst
.. include:: ../tables/nova-osapi_v21.rst
.. include:: ../tables/nova-oslo_concurrency.rst
.. include:: ../tables/nova-oslo_messaging_amqp.rst
.. include:: ../tables/nova-oslo_messaging_kafka.rst
.. include:: ../tables/nova-oslo_messaging_notifications.rst
.. include:: ../tables/nova-oslo_messaging_rabbit.rst
.. include:: ../tables/nova-oslo_messaging_zmq.rst
.. include:: ../tables/nova-oslo_middleware.rst
.. include:: ../tables/nova-oslo_policy.rst
.. include:: ../tables/nova-oslo_versionedobjects.rst
.. include:: ../tables/nova-pci.rst
.. include:: ../tables/nova-periodic.rst
.. include:: ../tables/nova-policy.rst
.. include:: ../tables/nova-quobyte.rst
.. include:: ../tables/nova-placement.rst
.. include:: ../tables/nova-privsep_osbrick.rst
.. include:: ../tables/nova-profiler.rst
.. include:: ../tables/nova-quota.rst
.. include:: ../tables/nova-rdp.rst
.. include:: ../tables/nova-redis.rst
.. include:: ../tables/nova-s3.rst
.. include:: ../tables/nova-remote_debug.rst
.. include:: ../tables/nova-scheduler.rst
.. include:: ../tables/nova-serial_console.rst
.. include:: ../tables/nova-service_user.rst
.. include:: ../tables/nova-spice.rst
.. include:: ../tables/nova-testing.rst
.. include:: ../tables/nova-trustedcomputing.rst
.. include:: ../tables/nova-ssl.rst
.. include:: ../tables/nova-trusted_computing.rst
.. include:: ../tables/nova-upgrade_levels.rst
.. include:: ../tables/nova-vendordata_dynamic_auth.rst
.. include:: ../tables/nova-vmware.rst
.. include:: ../tables/nova-vnc.rst
.. include:: ../tables/nova-volumes.rst
.. include:: ../tables/nova-vpn.rst
.. include:: ../tables/nova-workarounds.rst
.. include:: ../tables/nova-wsgi.rst
.. include:: ../tables/nova-xen.rst
.. include:: ../tables/nova-xenserver.rst
.. include:: ../tables/nova-xvp.rst

2
doc/config-reference/source/compute/hypervisor-basics.rst
View File

@ -11,7 +11,7 @@ hypervisor, change the ``virt_type`` option in the ``[libvirt]``
section of ``nova.conf`` and restart the ``nova-compute`` service.
Here are the general ``nova.conf`` options that are used to
configure the compute node's hypervisor: :ref:`nova-hypervisor`
configure the compute node's hypervisor: :ref:`nova-DEFAULT`
Specific options for particular hypervisors can be found in
the following sections.

2
doc/config-reference/source/compute/hypervisor-xen-api.rst
View File

@ -401,4 +401,4 @@ XenAPI configuration reference
------------------------------
To customize the XenAPI driver, use the configuration option settings
documented in :ref:`nova-xen`.
documented in :ref:`nova-xenserver`.

2
doc/config-reference/source/compute/hypervisor-xen-libvirt.rst
View File

@ -179,7 +179,7 @@ Use the following as a guideline for configuring Xen for use in OpenStack:
package.
To customize the libvirt driver, use the configuration option settings
documented in :ref:`nova-xen`.
documented in :ref:`nova-libvirt`.
Troubleshoot Xen with libvirt
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4
doc/config-reference/source/compute/nova-conf.rst
View File

@ -14,10 +14,6 @@ or performance tuning.
For a list of configuration options, see the tables in this guide.
To learn more about the ``nova.conf`` configuration file,
review the general purpose configuration options documented in
the table :ref:`nova-common`.
.. important::
Do not specify quotes around nova options.

1
doc/config-reference/source/compute/schedulers.rst
View File

@ -1274,3 +1274,4 @@ Configuration options
The Compute scheduler configuration options are documented in the tables below.
.. include:: ../tables/nova-scheduler.rst
:start-line: 12

2356
doc/config-reference/source/tables/nova-DEFAULT.rst Normal file
View File

File diff suppressed because it is too large Load Diff

254
doc/config-reference/source/tables/nova-api.rst
View File

@ -10,73 +10,95 @@
.. _nova-api:
.. list-table:: Description of API configuration options
.. list-table:: Description of api configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``enable_new_services`` = ``True``
- (Boolean) Enable new services on this host automatically.
When a new service (for example "nova-compute") starts up, it gets registered in the database as an enabled service. Sometimes it can be useful to register new services in disabled state and then enabled them at a later point in time. This option can set this behavior for all services per host.
* - ``max_limit`` = ``1000``
- (Integer) As a query can potentially return many thousands of items, you can limit the maximum number of items in a single response by setting this option.
* - ``vendordata_dynamic_read_timeout`` = ``5``
- (Integer) Maximum wait time for an external REST service to return data once connected.
Possible values:
* ``True``: Each new service is enabled as soon as it registers itself.
* ``False``: Services must be enabled via a REST API call or with the CLI with ``nova service-enable <hostname> <binary>``, otherwise they are not ready to use.
* - ``enabled_apis`` = ``osapi_compute, metadata``
- (List) A list of APIs to enable by default
* - ``enabled_ssl_apis`` =
- (List) A list of APIs with enabled SSL
* - ``instance_name_template`` = ``instance-%08x``
- (String) Template string to be used to generate instance names.
This template controls the creation of the database name of an instance. This is *not* the display name you enter when creating an instance (via Horizon or CLI). For a new deployment it is advisable to change the default value (which uses the database autoincrement) to another value which makes use of the attributes of an instance, like ``instance-%(uuid)s``. If you already have instances in your deployment when you change this, your deployment will break.
Possible values:
* A string which either uses the instance database ID (like the default)
* A string with a list of named database columns, for example ``%(id)d`` or ``%(uuid)s`` or ``%(hostname)s``.
* Any integer. Note that instance start is blocked during this wait time, so this value should be kept small.
Related options:
* not to be confused with: ``multi_instance_display_name_template``
* - ``multi_instance_display_name_template`` = ``%(name)s-%(count)d``
- (String) When creating multiple instances with a single request using the os-multiple-create API extension, this template will be used to build the display name for each instance. The benefit is that the instances end up with different hostnames. Example display names when creating two VM's: name-1, name-2.
* vendordata_providers
* vendordata_dynamic_targets
* vendordata_dynamic_ssl_certfile
* vendordata_dynamic_connect_timeout
* vendordata_dynamic_failure_fatal
* - ``vendordata_dynamic_ssl_certfile`` =
- (String) Path to an optional certificate file or CA bundle to verify dynamic vendordata REST services ssl certificates against.
Possible values:
* Valid keys for the template are: name, uuid, count.
* - ``non_inheritable_image_properties`` = ``cache_in_nova, bittorrent``
- (List) Image properties that should not be inherited from the instance when taking a snapshot.
* An empty string, or a path to a valid certificate file
This option gives an opportunity to select which image-properties should not be inherited by newly created snapshots.
Related options:
* vendordata_providers
* vendordata_dynamic_targets
* vendordata_dynamic_connect_timeout
* vendordata_dynamic_read_timeout
* vendordata_dynamic_failure_fatal
* - ``neutron_default_tenant_id`` = ``default``
- (String) Tenant ID for getting the default network from Neutron API (also referred in some places as the 'project ID') to use.
Related options:
* use_neutron_default_nets
* - ``config_drive_skip_versions`` = ``1.0 2007-01-19 2007-03-01 2007-08-29 2007-10-10 2007-12-15 2008-02-01 2008-09-01``
- (String) When gathering the existing metadata for a config drive, the EC2-style metadata is returned for all versions that don't appear in this option. As of the Liberty release, the available versions are:
* 1.0
* 2007-01-19
* 2007-03-01
* 2007-08-29
* 2007-10-10
* 2007-12-15
* 2008-02-01
* 2008-09-01
* 2009-04-04
The option is in the format of a single string, with each version separated by a space.
Possible values:
* A list whose item is an image property. Usually only the image properties that are only needed by base images can be included here, since the snapshots that are created from the base images doesn't need them.
* Any string that represents zero or more versions, separated by spaces.
* Default list: ['cache_in_nova', 'bittorrent']
* - ``null_kernel`` = ``nokernel``
- (String) This option is used to decide when an image should have no external ramdisk or kernel. By default this is set to 'nokernel', so when an image is booted with the property 'kernel_id' with the value 'nokernel', Nova assumes the image doesn't require an external kernel and ramdisk.
* - ``osapi_compute_link_prefix`` = ``None``
- (String) This string is prepended to the normal URL that is returned in links to the OpenStack Compute API. If it is empty (the default), the URLs are returned unchanged.
* - ``hide_server_address_states`` = ``building``
Possible values:
* Any string, including an empty string (the default).
* - ``osapi_compute_listen`` = ``0.0.0.0``
- (String) The IP address on which the OpenStack API will listen.
* - ``osapi_compute_listen_port`` = ``8774``
- (Port number) The port on which the OpenStack API will listen.
* - ``osapi_compute_workers`` = ``None``
- (Integer) Number of workers for OpenStack API service. The default will be the number of CPUs available.
* - ``osapi_hide_server_address_states`` = ``building``
- (List) This option is a list of all instance states for which network address information should not be returned from the API.
Possible values:
@ -106,35 +128,131 @@
* "shelved"
* "shelved_offloaded"
* - ``servicegroup_driver`` = ``db``
- (String) This option specifies the driver to be used for the servicegroup service.
ServiceGroup API in nova enables checking status of a compute node. When a compute worker running the nova-compute daemon starts, it calls the join API to join the compute group. Services like nova scheduler can query the ServiceGroup API to check if a node is alive. Internally, the ServiceGroup client driver automatically updates the compute worker status. There are multiple backend implementations for this service: Database ServiceGroup driver and Memcache ServiceGroup driver.
* - ``vendordata_dynamic_connect_timeout`` = ``5``
Possible Values:
- (Integer) Maximum wait time for an external REST service to connect.
* db : Database ServiceGroup driver
Possible values:
* mc : Memcache ServiceGroup driver
* Any integer with a value greater than three (the TCP packet retransmission timeout). Note that instance start may be blocked during this wait time, so this value should be kept small.
Related Options:
Related options:
* vendordata_providers
* vendordata_dynamic_targets
* vendordata_dynamic_ssl_certfile
* vendordata_dynamic_read_timeout
* vendordata_dynamic_failure_fatal
* - ``fping_path`` = ``/usr/sbin/fping``
- (String) The full path to the fping binary.
* - ``allow_instance_snapshots`` = ``True``
- (Boolean) Operators can turn off the ability for a user to take snapshots of their instances by setting this option to False. When disabled, any attempt to take a snapshot will result in a HTTP 400 response ("Bad Request").
* - ``compute_link_prefix`` = ``None``
- (String) This string is prepended to the normal URL that is returned in links to the OpenStack Compute API. If it is empty (the default), the URLs are returned unchanged.
Possible values:
* Any string, including an empty string (the default).
* - ``vendordata_jsonfile_path`` = ``None``
- (String) Cloud providers may store custom data in vendor data file that will then be available to the instances via the metadata service, and to the rendering of config-drive. The default class for this, JsonFileVendorData, loads this information from a JSON file, whose path is configured by this option. If there is no path set by this option, the class returns an empty dictionary.
Possible values:
* Any string representing the path to the data file, or an empty string (default).
* - ``glance_link_prefix`` = ``None``
- (String) This string is prepended to the normal URL that is returned in links to Glance resources. If it is empty (the default), the URLs are returned unchanged.
Possible values:
* Any string, including an empty string (the default).
* - ``enable_instance_password`` = ``True``
- (Boolean) Enables returning of the instance password by the relevant server API calls such as create, rebuild, evacuate, or rescue. If the hypervisor does not support password injection, then the password returned will not be correct, so if your hypervisor does not support password injection, set this to False.
* - ``vendordata_dynamic_targets`` =
- (List) A list of targets for the dynamic vendordata provider. These targets are of the form <name>@<url>.
The dynamic vendordata provider collects metadata by contacting external REST services and querying them for information about the instance. This behaviour is documented in the vendordata.rst file in the nova developer reference.
* service_down_time (maximum time since last check-in for up service)
* - ``snapshot_name_template`` = ``snapshot-%s``
- (String) DEPRECATED: Template string to be used to generate snapshot names This is not used anymore and will be removed in the O release.
* - ``use_forwarded_for`` = ``False``
- (Boolean) When True, the 'X-Forwarded-For' header is treated as the canonical remote address. When False (the default), the 'remote_address' header is used.
You should only enable this if you have an HTML sanitizing proxy.
* - **[oslo_middleware]**
-
* - ``enable_proxy_headers_parsing`` = ``False``
- (Boolean) Whether the application is behind a proxy or not. This determines if the middleware should parse the headers or not.
* - ``max_request_body_size`` = ``114688``
- (Integer) The maximum body size for each request, in bytes.
* - ``secure_proxy_ssl_header`` = ``X-Forwarded-Proto``
- (String) DEPRECATED: The HTTP Header that will be used to determine what the original request protocol scheme was, even if it was hidden by a SSL termination proxy.
* - **[oslo_versionedobjects]**
-
* - ``fatal_exception_format_errors`` = ``False``
- (Boolean) Make exception message format errors fatal
* - ``use_neutron_default_nets`` = ``False``
- (Boolean) When True, the TenantNetworkController will query the Neutron API to get the default networks to use.
Related options:
* neutron_default_tenant_id
* - ``vendordata_dynamic_failure_fatal`` = ``False``
- (Boolean) Should failures to fetch dynamic vendordata be fatal to instance boot?
Related options:
* vendordata_providers
* vendordata_dynamic_targets
* vendordata_dynamic_ssl_certfile
* vendordata_dynamic_connect_timeout
* vendordata_dynamic_read_timeout
* - ``vendordata_providers`` =
- (List) A list of vendordata providers.
vendordata providers are how deployers can provide metadata via configdrive and metadata that is specific to their deployment. There are currently two supported providers: StaticJSON and DynamicJSON.
StaticJSON reads a JSON file configured by the flag vendordata_jsonfile_path and places the JSON from that file into vendor_data.json and vendor_data2.json.
DynamicJSON is configured via the vendordata_dynamic_targets flag, which is documented separately. For each of the endpoints specified in that flag, a section is added to the vendor_data2.json.
For more information on the requirements for implementing a vendordata dynamic endpoint, please see the vendordata.rst file in the nova developer reference.
Possible values:
* A list of vendordata providers, with StaticJSON and DynamicJSON being current options.
Related options:
* vendordata_dynamic_targets
* vendordata_dynamic_ssl_certfile
* vendordata_dynamic_connect_timeout
* vendordata_dynamic_read_timeout
* vendordata_dynamic_failure_fatal
* - ``metadata_cache_expiration`` = ``15``
- (Integer) This option is the time (in seconds) to cache metadata. When set to 0, metadata caching is disabled entirely; this is generally not recommended for performance reasons. Increasing this setting should improve response times of the metadata API when under heavy load. Higher values may increase memory usage, and result in longer times for host metadata changes to take effect.
* - ``auth_strategy`` = ``keystone``
- (String) This determines the strategy to use for authentication: keystone or noauth2. 'noauth2' is designed for testing only, as it does no actual credential checking. 'noauth2' provides administrative credentials only if 'admin' is specified as the username.

62
doc/config-reference/source/tables/nova-api_database.rst
View File

@ -10,35 +10,57 @@
.. _nova-api_database:
.. list-table:: Description of API database configuration options
.. list-table:: Description of api_database configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[api_database]**
-
* - ``connection`` = ``None``
- (String) No help text available for this option.
* - ``connection_debug`` = ``0``
- (Integer) No help text available for this option.
* - ``connection_trace`` = ``False``
- (Boolean) No help text available for this option.
* - ``idle_timeout`` = ``3600``
- (Integer) No help text available for this option.
* - ``max_overflow`` = ``None``
- (Integer) No help text available for this option.
* - ``max_pool_size`` = ``None``
- (Integer) No help text available for this option.
* - ``max_retries`` = ``10``
- (Integer) No help text available for this option.
* - ``mysql_sql_mode`` = ``TRADITIONAL``
- (String) No help text available for this option.
* - ``pool_timeout`` = ``None``
* - ``max_pool_size`` = ``None``
- (Integer) No help text available for this option.
* - ``retry_interval`` = ``10``
* - ``max_overflow`` = ``None``
- (Integer) No help text available for this option.
* - ``slave_connection`` = ``None``
- (String) No help text available for this option.
* - ``sqlite_synchronous`` = ``True``
* - ``idle_timeout`` = ``3600``
- (Integer) No help text available for this option.
* - ``retry_interval`` = ``10``
- (Integer) No help text available for this option.
* - ``connection`` = ``None``
- (String) No help text available for this option.
* - ``pool_timeout`` = ``None``
- (Integer) No help text available for this option.
* - ``mysql_sql_mode`` = ``TRADITIONAL``
- (String) No help text available for this option.
* - ``connection_debug`` = ``0``
- (Integer) No help text available for this option.
* - ``connection_trace`` = ``False``
- (Boolean) No help text available for this option.
* - ``sqlite_synchronous`` = ``True``
- (Boolean) No help text available for this option.

50
doc/config-reference/source/tables/nova-apiv21.rst
View File

@ -1,50 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-apiv21:
.. list-table:: Description of API v2.1 configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[osapi_v21]**
-
* - ``extensions_blacklist`` =
- (List) DEPRECATED: This option is a list of all of the v2.1 API extensions to never load. However, it will be removed in the near future, after which all the functionality that was previously in extensions will be part of the standard API, and thus always accessible.
Possible values:
* A list of strings, each being the alias of an extension that you do not wish to load.
Related options:
* enabled
* extensions_whitelist
* - ``extensions_whitelist`` =
- (List) DEPRECATED: This is a list of extensions. If it is empty, then *all* extensions except those specified in the extensions_blacklist option will be loaded. If it is not empty, then only those extensions in this list will be loaded, provided that they are also not in the extensions_blacklist option. Once this deprecated option is removed, after which the all the functionality that was previously in extensions will be part of the standard API, and thus always accessible.
Possible values:
* A list of strings, each being the alias of an extension that you wish to load, or an empty list, which indicates that all extensions are to be run.
Related options:
* enabled
* extensions_blacklist
* - ``project_id_regex`` = ``None``
- (String) DEPRECATED: This option is a string representing a regular expression (regex) that matches the project_id as contained in URLs. If not set, it will match normal UUIDs created by keystone.
Possible values:
* A string representing any legal regular expression

48
doc/config-reference/source/tables/nova-availabilityzones.rst
View File

@ -1,48 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-availabilityzones:
.. list-table:: Description of availability zones configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``default_availability_zone`` = ``nova``
- (String) Default compute node availability_zone.
This option determines the availability zone to be used when it is not specified in the VM creation request. If this option is not set, the default availability zone 'nova' is used.
Possible values:
* Any string representing an availability zone name
* 'nova' is the default value
* - ``default_schedule_zone`` = ``None``
- (String) Availability zone to use when user doesn't specify one.
This option is used by the scheduler to determine which availability zone to place a new VM instance into if the user did not specify one at the time of VM boot request.
Possible values:
* Any string representing an availability zone name
* Default value is None.
* - ``internal_service_availability_zone`` = ``internal``
- (String) This option specifies the name of the availability zone for the internal services. Services like nova-scheduler, nova-network, nova-conductor are internal services. These services will appear in their own internal availability_zone.
Possible values:
* Any string representing an availability zone name
* 'internal' is the default value

46
doc/config-reference/source/tables/nova-barbican.rst
View File

@ -10,37 +10,29 @@
.. _nova-barbican:
.. list-table:: Description of Barbican configuration options
.. list-table:: Description of barbican configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[barbican]**
-
* - ``auth_endpoint`` = ``http://localhost:5000/v3``
- (String) Use this endpoint to connect to Keystone
* - ``barbican_api_version`` = ``None``
- (String) Version of the Barbican API, for example: "v1"
* - ``barbican_endpoint`` = ``None``
- (String) Use this endpoint to connect to Barbican, for example: "http://localhost:9311/"
* - ``cafile`` = ``None``
- (String) PEM encoded Certificate Authority to use when verifying HTTPs connections.
* - ``catalog_info`` = ``key-manager:barbican:public``
- (String) DEPRECATED: Info to match when looking for barbican in the service catalog. Format is: separated values of the form: <service_type>:<service_name>:<endpoint_type> This option have been moved to the Castellan library
* - ``certfile`` = ``None``
- (String) PEM encoded client certificate cert file
* - ``endpoint_template`` = ``None``
- (String) DEPRECATED: Override service catalog lookup with template for barbican endpoint e.g. http://localhost:9311/v1/%(project_id)s This option have been moved to the Castellan library
* - ``insecure`` = ``False``
- (Boolean) Verify HTTPS connections.
* - ``keyfile`` = ``None``
- (String) PEM encoded client certificate key file
* - ``number_of_retries`` = ``60``
- (Integer) Number of times to retry poll for key creation completion
* - ``os_region_name`` = ``None``
- (String) DEPRECATED: Region name of this node This option have been moved to the Castellan library
* - ``retry_delay`` = ``1``
- (Integer) Number of seconds to wait before retrying poll for key creation completion
* - ``timeout`` = ``None``
- (Integer) Timeout value for http requests
* - ``number_of_retries`` = ``60``
- (Integer) Number of times to retry poll for key creation completion
* - ``barbican_endpoint`` = ``None``
- (String) Use this endpoint to connect to Barbican, for example: "http://localhost:9311/"
* - ``barbican_api_version`` = ``None``
- (String) Version of the Barbican API, for example: "v1"
* - ``auth_endpoint`` = ``http://localhost:5000/v3``
- (String) Use this endpoint to connect to Keystone

26
doc/config-reference/source/tables/nova-ca.rst
View File

@ -1,26 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-ca:
.. list-table:: Description of CA and SSL configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``cert`` = ``self.pem``
- (String) Path to SSL certificate file.
* - ``cert_manager`` = ``nova.cert.manager.CertManager``
- (String) DEPRECATED: Full class name for the Manager for cert
* - ``cert_topic`` = ``cert``
- (String) DEPRECATED: Determines the RPC topic that the cert nodes listen on. For most deployments there is no need to ever change it. Since the nova-cert service is marked for deprecation, the feature to change RPC topic that cert nodes listen may be removed as early as the 15.0.0 Ocata release.

70
doc/config-reference/source/tables/nova-cache.rst Normal file
View File

@ -0,0 +1,70 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-cache:
.. list-table:: Description of cache configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``config_prefix`` = ``cache.oslo``
- (String) Prefix for building the configuration dictionary for the cache region. This should not need to be changed unless there is another dogpile.cache region with the same configuration name.
* - ``backend_argument`` = ``[]``
- (Multi-valued) Arguments supplied to the backend module. Specify this option once per argument to be passed to the dogpile.cache backend. Example format: "<argname>:<value>".
* - ``memcache_dead_retry`` = ``300``
- (Integer) Number of seconds memcached server is considered dead before it is tried again. (dogpile.cache.memcache and oslo_cache.memcache_pool backends only).
* - ``enabled`` = ``False``
- (Boolean) Global toggle for caching.
* - ``memcache_socket_timeout`` = ``3``
- (Integer) Timeout in seconds for every call to a server. (dogpile.cache.memcache and oslo_cache.memcache_pool backends only).
* - ``memcache_servers`` = ``localhost:11211``
- (List) Memcache servers in the format of "host:port". (dogpile.cache.memcache and oslo_cache.memcache_pool backends only).
* - ``memcache_pool_unused_timeout`` = ``60``
- (Integer) Number of seconds a connection to memcached is held unused in the pool before it is closed. (oslo_cache.memcache_pool backend only).
* - ``debug_cache_backend`` = ``False``
- (Boolean) Extra debugging from the cache backend (cache keys, get/set/delete/etc calls). This is only really useful if you need to see the specific cache-backend get/set/delete calls with the keys/values. Typically this should be left set to false.
* - ``expiration_time`` = ``600``
- (Integer) Default TTL, in seconds, for any cached item in the dogpile.cache region. This applies to any cached method that doesn't have an explicit cache expiration time defined for it.
* - ``proxies`` =
- (List) Proxy classes to import that will affect the way the dogpile.cache backend functions. See the dogpile.cache documentation on changing-backend-behavior.
* - ``memcache_pool_maxsize`` = ``10``
- (Integer) Max total number of open connections to every memcached server. (oslo_cache.memcache_pool backend only).
* - ``memcache_pool_connection_get_timeout`` = ``10``
- (Integer) Number of seconds that an operation will wait to get a memcache client connection.
* - ``backend`` = ``dogpile.cache.null``
- (String) Dogpile.cache backend module. It is recommended that Memcache or Redis (dogpile.cache.redis) be used in production deployments. For eventlet-based or highly threaded servers, Memcache with pooling (oslo_cache.memcache_pool) is recommended. For low thread servers, dogpile.cache.memcached is recommended. Test environments with a single instance of the server can use the dogpile.cache.memory backend.

376
doc/config-reference/source/tables/nova-cells.rst
View File

@ -10,42 +10,278 @@
.. _nova-cells:
.. list-table:: Description of cell configuration options
.. list-table:: Description of cells configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[cells]**
-
* - ``mute_child_interval`` = ``300``
- (Integer) Mute child interval.
Number of seconds after which a lack of capability and capacity update the child cell is to be treated as a mute cell. Then the child cell will be weighed as recommend highly that it be skipped.
Possible values:
* An integer, corresponding to the interval time in seconds.
* - ``instance_update_sync_database_limit`` = ``100``
- (Integer) Instance update sync database limit.
Number of instances to pull from the database at one time for a sync. If there are more instances to update the results will be paged through.
Possible values:
* An integer, corresponding to a number of instances.
* - ``topic`` = ``cells``
- (String) Topic.
This is the message queue topic that cells nodes listen on. It is used when the cells service is started up to configure the queue, and whenever an RPC call to the scheduler is made.
Possible values:
* cells: This is the recommended and the default value.
- **Deprecated**
Configurable RPC topics provide little value and can result in a wide variety of errors. They should not be used.
* - ``bandwidth_update_interval`` = ``600``
- (Integer) Bandwidth update interval.
Seconds between bandwidth usage cache updates for cells.
Possible values:
* An integer, corresponding to the interval time in seconds.
* - ``cell_type`` = ``compute``
- (String) Type of cell.
When cells feature is enabled the hosts in the OpenStack Compute cloud are partitioned into groups. Cells are configured as a tree. The top-level cell's cell_type must be set to ``api``. All other cells are defined as a ``compute cell`` by default.
Related option:
* quota_driver: Disable quota checking for the child cells. (nova.quota.NoopQuotaDriver)
* - ``call_timeout`` = ``60``
- (Integer) Call timeout
- (Integer) Call timeout.
Cell messaging module waits for response(s) to be put into the eventlet queue. This option defines the seconds waited for response from a call to a cell.
Possible values:
* Time in seconds.
* An integer, corresponding to the interval time in seconds.
* - ``ram_weight_multiplier`` = ``10.0``
- (Floating point) Ram weight multiplier.
Multiplier used for weighing ram. Negative numbers indicate that Compute should stack VMs on one host instead of spreading out new VMs to more hosts in the cell.
Possible values:
* Numeric multiplier
* - ``capabilities`` = ``hypervisor=xenserver;kvm, os=linux;windows``
- (List) Cell capabilities
- (List) Cell capabilities.
List of arbitrary key=value pairs defining capabilities of the current cell to be sent to the parent cells. These capabilities are intended to be used in cells scheduler filters/weighers.
Possible values:
* key=value pairs list for example; ``hypervisor=xenserver;kvm,os=linux;windows``
* - ``cell_type`` = ``compute``
- (String) Type of cell
When cells feature is enabled the hosts in the OpenStack Compute cloud are partitioned into groups. Cells are configured as a tree. The top-level cell's cell_type must be set to ``api``. All other cells are defined as a ``compute cell`` by default.
* - ``mute_weight_multiplier`` = ``-10000.0``
- (Floating point) Mute weight multiplier.
Multiplier used to weigh mute children. Mute children cells are recommended to be skipped so their weight is multiplied by this negative value.
Possible values:
* Negative numeric number
* - ``offset_weight_multiplier`` = ``1.0``
- (Floating point) Offset weight multiplier
Multiplier used to weigh offset weigher. Cells with higher weight_offsets in the DB will be preferred. The weight_offset is a property of a cell stored in the database. It can be used by a deployer to have scheduling decisions favor or disfavor cells based on the setting.
Possible values:
* Numeric multiplier
* - ``enable`` = ``False``
- (Boolean) Enable cell v1 functionality.
Note that cells v1 is considered experimental and not recommended for new Nova deployments. Cells v1 is being replaced by cells v2 which starting in the 15.0.0 Ocata release, all Nova deployments are at least a cells v2 cell of one. Setting this option, or any other options in the [cells] group, is not required for cells v2.
When this functionality is enabled, it lets you to scale an OpenStack Compute cloud in a more distributed fashion without having to use complicated technologies like database and message queue clustering. Cells are configured as a tree. The top-level cell should have a host that runs a nova-api service, but no nova-compute services. Each child cell should run all of the typical nova-* services in a regular Compute cloud except for nova-api. You can think of cells as a normal Compute deployment in that each cell has its own database server and message queue broker.
Related options:
* compute_api_class: This option must be set to cells api driver for the top-level cell (nova.compute.cells_api.ComputeCellsAPI)
* name: A unique cell name must be given when this functionality is enabled.
* cell_type: Cell type should be defined for all cells.
* - ``scheduler_retry_delay`` = ``2``
- (Integer) Scheduler retry delay.
Specifies the delay (in seconds) between scheduling retries when no cell can be found to place the new instance on. When the instance could not be scheduled to a cell after ``scheduler_retries`` in combination with ``scheduler_retry_delay``, then the scheduling of the instance failed.
Possible values:
* Time in seconds.
Related options:
* This value is used with the ``scheduler_retries`` value while retrying to find a suitable cell.
* - ``db_check_interval`` = ``60``
- (Integer) DB check interval.
Cell state manager updates cell status for all cells from the DB only after this particular interval time is passed. Otherwise cached status are used. If this value is 0 or negative all cell status are updated from the DB whenever a state is needed.
Possible values:
* Interval time, in seconds.
* - ``scheduler`` = ``nova.cells.scheduler.CellsScheduler``
- (String) Cells scheduler.
The class of the driver used by the cells scheduler. This should be the full Python path to the class to be used. If nothing is specified in this option, the CellsScheduler is used.
* - ``max_hop_count`` = ``10``
- (Integer) Maximum hop count
When processing a targeted message, if the local cell is not the target, a route is defined between neighbouring cells. And the message is processed across the whole routing path. This option defines the maximum hop counts until reaching the target.
Possible values:
* Positive integer value
* - ``instance_update_num_instances`` = ``1``
- (Integer) Instance update num instances
On every run of the periodic task, nova cells manager will attempt to sync instance_updated_at_threshold number of instances. When the manager gets the list of instances, it shuffles them so that multiple nova-cells services do not attempt to sync the same instances in lockstep.
Possible values:
* Positive integer number
Related options:
* This value is used with the ``instance_updated_at_threshold`` value in a periodic task run.
* - ``name`` = ``nova``
- (String) Name of the current cell.
This value must be unique for each cell. Name of a cell is used as its id, leaving this option unset or setting the same name for two or more cells may cause unexpected behaviour.
Related options:
* enabled: This option is meaningful only when cells service is enabled
* - ``rpc_driver_queue_base`` = ``cells.intercell``
- (String) RPC driver queue base.
When sending a message to another cell by JSON-ifying the message and making an RPC cast to 'process_message', a base queue is used. This option defines the base queue name to be used when communicating between cells. Various topics by message type will be appended to this.
Possible values:
* The base queue name to be used when communicating between cells.
* - ``scheduler_weight_classes`` = ``nova.cells.weights.all_weighers``
- (List) Scheduler weight classes.
Weigher classes the cells scheduler should use. An entry of "nova.cells.weights.all_weighers" maps to all cell weighers included with nova. As of the Mitaka release the following weight classes are available:
mute_child: Downgrades the likelihood of child cells being chosen for scheduling requests, which haven't sent capacity or capability updates in a while. Options include mute_weight_multiplier (multiplier for mute children; value should be negative).
ram_by_instance_type: Select cells with the most RAM capacity for the instance type being requested. Because higher weights win, Compute returns the number of available units for the instance type requested. The ram_weight_multiplier option defaults to 10.0 that adds to the weight by a factor of 10. Use a negative number to stack VMs on one host instead of spreading out new VMs to more hosts in the cell.
weight_offset: Allows modifying the database to weight a particular cell. The highest weight will be the first cell to be scheduled for launching an instance. When the weight_offset of a cell is set to 0, it is unlikely to be picked but it could be picked if other cells have a lower weight, like if they're full. And when the weight_offset is set to a very high value (for example, '999999999999999'), it is likely to be picked if another cell do not have a higher weight.
* - ``scheduler_filter_classes`` = ``nova.cells.filters.all_filters``
- (List) Scheduler filter classes.
Filter classes the cells scheduler should use. An entry of "nova.cells.filters.all_filters" maps to all cells filters included with nova. As of the Mitaka release the following filter classes are available:
Different cell filter: A scheduler hint of 'different_cell' with a value of a full cell name may be specified to route a build away from a particular cell.
Image properties filter: Image metadata named 'hypervisor_version_requires' with a version specification may be specified to ensure the build goes to a cell which has hypervisors of the required version. If either the version requirement on the image or the hypervisor capability of the cell is not present, this filter returns without filtering out the cells.
Target cell filter: A scheduler hint of 'target_cell' with a value of a full cell name may be specified to route a build to a particular cell. No error handling is done as there's no way to know whether the full path is a valid.
As an admin user, you can also add a filter that directs builds to a particular cell.
* - ``instance_updated_at_threshold`` = ``3600``
- (Integer) Instance updated at threshold
Number of seconds after an instance was updated or deleted to continue to update cells. This option lets cells manager to only attempt to sync instances that have been updated recently. i.e., a threshold of 3600 means to only update instances that have modified in the last hour.
Possible values:
* Threshold in seconds
Related options:
* This value is used with the ``instance_update_num_instances`` value in a periodic task run.
* - ``scheduler_retries`` = ``10``
- (Integer) Scheduler retries.
How many retries when no cells are available. Specifies how many times the scheduler tries to launch a new instance when no cells are available.
Possible values:
* Positive integer value
Related options:
* This value is used with the ``scheduler_retry_delay`` value while retrying to find a suitable cell.
* - ``reserve_percent`` = ``10.0``
- (Floating point) Reserve percentage
Percentage of cell capacity to hold in reserve, so the minimum amount of free resource is considered to be;
min_free = total * (reserve_percent / 100.0)
This option affects both memory and disk utilization.
The primary purpose of this reserve is to ensure some space is available for users who want to resize their instance to be larger. Note that currently once the capacity expands into this reserve space this option is ignored.
Possible values:
* An integer or float, corresponding to the percentage of cell capacity to be held in reserve.
* quota_driver: Disable quota checking for the child cells. (nova.quota.NoopQuotaDriver)
* - ``cells_config`` = ``None``
- (String) Optional cells configuration
- (String) Optional cells configuration.
Configuration file from which to read cells configuration. If given, overrides reading cells from the database.
@ -58,119 +294,3 @@
The scheme can be either qpid or rabbit, the following sample shows this optional configuration:
{ "parent": { "name": "parent", "api_url": "http://api.example.com:8774", "transport_url": "rabbit://rabbit.example.com", "weight_offset": 0.0, "weight_scale": 1.0, "is_parent": true }, "cell1": { "name": "cell1", "api_url": "http://api.example.com:8774", "transport_url": "rabbit://rabbit1.example.com", "weight_offset": 0.0, "weight_scale": 1.0, "is_parent": false }, "cell2": { "name": "cell2", "api_url": "http://api.example.com:8774", "transport_url": "rabbit://rabbit2.example.com", "weight_offset": 0.0, "weight_scale": 1.0, "is_parent": false } }
* - ``db_check_interval`` = ``60``
- (Integer) DB check interval
Cell state manager updates cell status for all cells from the DB only after this particular interval time is passed. Otherwise cached status are used. If this value is 0 or negative all cell status are updated from the DB whenever a state is needed.
Possible values:
* Interval time, in seconds.
* - ``driver`` = ``nova.cells.rpc_driver.CellsRPCDriver``
- (String) DEPRECATED: Cells communication driver
Driver for cell<->cell communication via RPC. This is used to setup the RPC consumers as well as to send a message to another cell. 'nova.cells.rpc_driver.CellsRPCDriver' starts up 2 separate servers for handling inter-cell communication via RPC. The only available driver is the RPC driver.
* - ``enable`` = ``False``
- (Boolean) Enable cell functionality
When this functionality is enabled, it lets you to scale an OpenStack Compute cloud in a more distributed fashion without having to use complicated technologies like database and message queue clustering. Cells are configured as a tree. The top-level cell should have a host that runs a nova-api service, but no nova-compute services. Each child cell should run all of the typical nova-* services in a regular Compute cloud except for nova-api. You can think of cells as a normal Compute deployment in that each cell has its own database server and message queue broker.
Related options:
* name: A unique cell name must be given when this functionality is enabled.
* cell_type: Cell type should be defined for all cells.
* - ``instance_update_num_instances`` = ``1``
- (Integer) Instance update num instances
On every run of the periodic task, nova cells manager will attempt to sync instance_updated_at_threshold number of instances. When the manager gets the list of instances, it shuffles them so that multiple nova-cells services do not attempt to sync the same instances in lockstep.
Possible values:
* Positive integer number
Related options:
* This value is used with the ``instance_updated_at_threshold`` value in a periodic task run.
* - ``instance_update_sync_database_limit`` = ``100``
- (Integer) Instance update sync database limit
Number of instances to pull from the database at one time for a sync. If there are more instances to update the results will be paged through.
Possible values:
* Number of instances.
* - ``instance_updated_at_threshold`` = ``3600``
- (Integer) Instance updated at threshold
Number of seconds after an instance was updated or deleted to continue to update cells. This option lets cells manager to only attempt to sync instances that have been updated recently. i.e., a threshold of 3600 means to only update instances that have modified in the last hour.
Possible values:
* Threshold in seconds
Related options:
* This value is used with the ``instance_update_num_instances`` value in a periodic task run.
* - ``max_hop_count`` = ``10``
- (Integer) Maximum hop count
When processing a targeted message, if the local cell is not the target, a route is defined between neighbouring cells. And the message is processed across the whole routing path. This option defines the maximum hop counts until reaching the target.
Possible values:
* Positive integer value
* - ``mute_child_interval`` = ``300``
- (Integer) Mute child interval
Number of seconds after which a lack of capability and capacity update the child cell is to be treated as a mute cell. Then the child cell will be weighed as recommend highly that it be skipped.
Possible values:
* Time in seconds.
* - ``mute_weight_multiplier`` = ``-10000.0``
- (Floating point) Mute weight multiplier
Multiplier used to weigh mute children. Mute children cells are recommended to be skipped so their weight is multiplied by this negative value.
Possible values:
* Negative numeric number
* - ``name`` = ``nova``
- (String) Name of the current cell
This value must be unique for each cell. Name of a cell is used as its id, leaving this option unset or setting the same name for two or more cells may cause unexpected behaviour.
Related options:
* enabled: This option is meaningful only when cells service is enabled
* - ``offset_weight_multiplier`` = ``1.0``
- (Floating point) Offset weight multiplier
Multiplier used to weigh offset weigher. Cells with higher weight_offsets in the DB will be preferred. The weight_offset is a property of a cell stored in the database. It can be used by a deployer to have scheduling decisions favor or disfavor cells based on the setting.
Possible values:
* Numeric multiplier
* - ``reserve_percent`` = ``10.0``
- (Floating point) Reserve percentage
Percentage of cell capacity to hold in reserve, so the minimum amount of free resource is considered to be; min_free = total
* (reserve_percent / 100.0) This option affects both memory and disk utilization. The primary purpose of this reserve is to ensure some space is available for users who want to resize their instance to be larger. Note that currently once the capacity expands into this reserve space this option is ignored.
* - ``rpc_driver_queue_base`` = ``cells.intercell``
- (String) RPC driver queue base
When sending a message to another cell by JSON-ifying the message and making an RPC cast to 'process_message', a base queue is used. This option defines the base queue name to be used when communicating between cells. Various topics by message type will be appended to this.
Possible values:
* The base queue name to be used when communicating between cells.
* - ``topic`` = ``cells``
- (String) Topic
This is the message queue topic that cells nodes listen on. It is used when the cells service is started up to configure the queue, and whenever an RPC call to the scheduler is made.
Possible values:
* cells: This is the recommended and the default value.

88
doc/config-reference/source/tables/nova-cinder.rst Normal file
View File

@ -0,0 +1,88 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-cinder:
.. list-table:: Description of cinder configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``certfile`` = ``None``
- (String) PEM encoded client certificate cert file
* - ``catalog_info`` = ``volumev2:cinderv2:publicURL``
- (String) Info to match when looking for cinder in the service catalog.
Possible values:
* Format is separated values of the form: <service_type>:<service_name>:<endpoint_type>
Note: Nova does not support the Cinder v1 API since the Nova 15.0.0 Ocata release.
Related options:
* endpoint_template - Setting this option will override catalog_info
* - ``cross_az_attach`` = ``True``
- (Boolean) Allow attach between instance and volume in different availability zones.
If False, volumes attached to an instance must be in the same availability zone in Cinder as the instance availability zone in Nova. This also means care should be taken when booting an instance from a volume where source is not "volume" because Nova will attempt to create a volume using the same availability zone as what is assigned to the instance. If that AZ is not in Cinder (or allow_availability_zone_fallback=False in cinder.conf), the volume create request will fail and the instance will fail the build request. By default there is no availability zone restriction on volume attach.
* - ``insecure`` = ``False``
- (Boolean) Verify HTTPS connections.
* - ``http_retries`` = ``3``
- (Integer) Number of times cinderclient should retry on any failed http call. 0 means connection is attempted only once. Setting it to any positive integer means that on failure connection is retried that many times e.g. setting it to 3 means total attempts to connect will be 4.
Possible values:
* Any integer value. 0 means connection is attempted only once
* - ``endpoint_template`` = ``None``
- (String) If this option is set then it will override service catalog lookup with this template for cinder endpoint
Possible values:
* URL for cinder endpoint API e.g. http://localhost:8776/v2/%(project_id)s
Note: Nova does not support the Cinder v1 API since the Nova 15.0.0 Ocata release.
Related options:
* catalog_info - If endpoint_template is not set, catalog_info will be used.
* - ``timeout`` = ``None``
- (Integer) Timeout value for http requests
* - ``os_region_name`` = ``None``
- (String) Region name of this node. This is used when picking the URL in the service catalog.
Possible values:
* Any string representing region name
* - ``cafile`` = ``None``
- (String) PEM encoded Certificate Authority to use when verifying HTTPs connections.
* - ``keyfile`` = ``None``
- (String) PEM encoded client certificate key file

52
doc/config-reference/source/tables/nova-cloudpipe.rst
View File

@ -16,9 +16,31 @@
* - Configuration option = Default value
- Description
* - **[cloudpipe]**
-
* - ``vpn_flavor`` = ``m1.tiny``
- (String) Flavor for VPN instances.
Possible values:
* Any valid flavor name
* - ``dmz_net`` = ``10.0.0.0``
- (IP) Network to push into OpenVPN config.
Note: Above mentioned OpenVPN config can be found at /etc/openvpn/server.conf.
Possible values:
* Any valid IPv4/IPV6 address
Related options:
* boot_script_template - dmz_net is pushed into bootscript.template to configure cloudpipe-managed OpenVPN server
* - ``boot_script_template`` = ``$pybasedir/nova/cloudpipe/bootscript.template``
- (String) Template for cloudpipe instance boot script.
Possible values:
@ -34,7 +56,9 @@
* dmz_mask
* cnt_vpn_clients
* - ``dmz_mask`` = ``255.255.255.0``
- (IP) Netmask to push into OpenVPN config.
Possible values:
@ -46,25 +70,17 @@
* dmz_net - dmz_net and dmz_mask is pushed into bootscript.template to configure cloudpipe-managed OpenVPN server
* boot_script_template
* - ``dmz_net`` = ``10.0.0.0``
- (IP) Network to push into OpenVPN config.
Note: Above mentioned OpenVPN config can be found at /etc/openvpn/server.conf.
* - ``vpn_key_suffix`` = ``-vpn``
- (String) Suffix to add to project name for VPN key and secgroups
Possible values:
* Any valid IPv4/IPV6 address
* Any string value representing the VPN key suffix
Related options:
* boot_script_template - dmz_net is pushed into bootscript.template to configure cloudpipe-managed OpenVPN server
* - ``vpn_flavor`` = ``m1.tiny``
- (String) Flavor for VPN instances.
Possible values:
* Any valid flavor name
* - ``vpn_image_id`` = ``0``
- (String) Image ID used when starting up a cloudpipe VPN client.
An empty instance is created and configured with OpenVPN using boot_script_template. This instance would be snapshotted and stored in glance. ID of the stored image is used in 'vpn_image_id' to create cloudpipe VPN client.
@ -72,9 +88,3 @@
Possible values:
* Any valid ID of a VPN image
* - ``vpn_key_suffix`` = ``-vpn``
- (String) Suffix to add to project name for VPN key and secgroups
Possible values:
* Any string value representing the VPN key suffix

180
doc/config-reference/source/tables/nova-common.rst
View File

@ -1,180 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-common:
.. list-table:: Description of common configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``bindir`` = ``/usr/local/bin``
- (String) The directory where the Nova binaries are installed.
This option is only relevant if the networking capabilities from Nova are used (see services below). Nova's networking capabilities are targeted to be fully replaced by Neutron in the future. It is very unlikely that you need to change this option from its default value.
Possible values:
* The full path to a directory.
* - ``compute_topic`` = ``compute``
- (String) This is the message queue topic that the compute service 'listens' on. It is used when the compute service is started up to configure the queue, and whenever an RPC call to the compute service is made.
* Possible values:
Any string, but there is almost never any reason to ever change this value from its default of 'compute'.
* Services that use this:
``nova-compute``
* Related options:
None
* - ``console_topic`` = ``console``
- (String) Represents the message queue topic name used by nova-console service when communicating via the AMQP server. The Nova API uses a message queue to communicate with nova-console to retrieve a console URL for that host.
Possible values
* 'console' (default) or any string representing topic exchange name.
* - ``consoleauth_topic`` = ``consoleauth``
- (String) This option allows you to change the message topic used by nova-consoleauth service when communicating via the AMQP server. Nova Console Authentication server authenticates nova consoles. Users can then access their instances through VNC clients. The Nova API service uses a message queue to communicate with nova-consoleauth to get a VNC console.
Possible Values:
* 'consoleauth' (default) or Any string representing topic exchange name.
* - ``executor_thread_pool_size`` = ``64``
- (Integer) Size of executor thread pool.
* - ``fatal_exception_format_errors`` = ``False``
- (Boolean) DEPRECATED: When set to true, this option enables validation of exception message format.
This option is used to detect errors in NovaException class when it formats error messages. If True, raise an exception; if False, use the unformatted message. This is only used for internal testing.
* - ``host`` = ``localhost``
- (String) Hostname, FQDN or IP address of this host. Must be valid within AMQP key.
Possible values:
* String with hostname, FQDN or IP address. Default is hostname of this host.
* - ``my_ip`` = ``10.0.0.1``
- (String) The IP address which the host is using to connect to the management network.
Possible values:
* String with valid IP address. Default is IPv4 address of this host.
Related options:
* metadata_host
* my_block_storage_ip
* routing_source_ip
* vpn_ip
* - ``notify_api_faults`` = ``False``
- (Boolean) If enabled, send api.fault notifications on caught exceptions in the API service.
* - ``notify_on_state_change`` = ``None``
- (String) If set, send compute.instance.update notifications on instance state changes.
Please refer to https://wiki.openstack.org/wiki/SystemUsageData for additional information on notifications.
Possible values:
* None - no notifications
* "vm_state" - notifications on VM state changes
* "vm_and_task_state" - notifications on VM and task state changes
* - ``pybasedir`` = ``/usr/lib/python/site-packages/nova``
- (String) The directory where the Nova python modules are installed.
This directory is used to store template files for networking and remote console access. It is also the default path for other config options which need to persist Nova internal data. It is very unlikely that you need to change this option from its default value.
Possible values:
* The full path to a directory.
Related options:
* ``state_path``
* - ``report_interval`` = ``10``
- (Integer) Seconds between nodes reporting state to datastore
* - ``rootwrap_config`` = ``/etc/nova/rootwrap.conf``
- (String) Path to the rootwrap configuration file.
Goal of the root wrapper is to allow a service-specific unprivileged user to run a number of actions as the root user in the safest manner possible. The configuration file used here must match the one defined in the sudoers entry.
* - ``service_down_time`` = ``60``
- (Integer) Maximum time since last check-in for up service
* - ``state_path`` = ``$pybasedir``
- (String) The top-level directory for maintaining Nova's state.
This directory is used to store Nova's internal state. It is used by a variety of other config options which derive from this. In some scenarios (for example migrations) it makes sense to use a storage location which is shared between multiple compute hosts (for example via NFS). Unless the option ``instances_path`` gets overwritten, this directory can grow very large.
Possible values:
* The full path to a directory. Defaults to value provided in ``pybasedir``.
* - ``tempdir`` = ``None``
- (String) Explicitly specify the temporary working directory.
* - ``use_rootwrap_daemon`` = ``False``
- (Boolean) Start and use a daemon that can run the commands that need to be run with root privileges. This option is usually enabled on nodes that run nova compute processes.
* - **[workarounds]**
-
* - ``disable_libvirt_livesnapshot`` = ``True``
- (Boolean) Disable live snapshots when using the libvirt driver.
Live snapshots allow the snapshot of the disk to happen without an interruption to the guest, using coordination with a guest agent to quiesce the filesystem.
When using libvirt 1.2.2 live snapshots fail intermittently under load (likely related to concurrent libvirt/qemu operations). This config option provides a mechanism to disable live snapshot, in favor of cold snapshot, while this is resolved. Cold snapshot causes an instance outage while the guest is going through the snapshotting process.
For more information, refer to the bug report:
https://bugs.launchpad.net/nova/+bug/1334398
Possible values:
* True: Live snapshot is disabled when using libvirt
* False: Live snapshots are always used when snapshotting (as long as there is a new enough libvirt and the backend storage supports it)
* - ``disable_rootwrap`` = ``False``
- (Boolean) Use sudo instead of rootwrap.
Allow fallback to sudo for performance reasons.
For more information, refer to the bug report:
https://bugs.launchpad.net/nova/+bug/1415106
Possible values:
* True: Use sudo instead of rootwrap
* False: Use rootwrap as usual
Interdependencies to other options:
* Any options that affect 'rootwrap' will be ignored.
* - ``handle_virt_lifecycle_events`` = ``True``
- (Boolean) Enable handling of events emitted from compute drivers.
Many compute drivers emit lifecycle events, which are events that occur when, for example, an instance is starting or stopping. If the instance is going through task state changes due to an API operation, like resize, the events are ignored.
This is an advanced feature which allows the hypervisor to signal to the compute service that an unexpected state change has occurred in an instance and that the instance can be shutdown automatically. Unfortunately, this can race in some conditions, for example in reboot operations or when the compute service or when host is rebooted (planned or due to an outage). If such races are common, then it is advisable to disable this feature.
Care should be taken when this feature is disabled and 'sync_power_state_interval' is set to a negative value. In this case, any instances that get out of sync between the hypervisor and the Nova database will have to be synchronized manually.
For more information, refer to the bug report:
https://bugs.launchpad.net/bugs/1444630
Interdependencies to other options:
* If ``sync_power_state_interval`` is negative and this feature is disabled, then instances that get out of sync between the hypervisor and the Nova database will have to be synchronized manually.

232
doc/config-reference/source/tables/nova-compute.rst
View File

@ -1,232 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-compute:
.. list-table:: Description of Compute configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``compute_available_monitors`` = ``None``
- (Multi-valued) DEPRECATED: Monitor classes available to the compute which may be specified more than once. This option is DEPRECATED and no longer used. Use setuptools entry points to list available monitor plugins. stevedore and setuptools entry points now allow a set of plugins to be specified without this config option.
* - ``compute_driver`` = ``None``
- (String) Defines which driver to use for controlling virtualization.
Possible values:
* ``libvirt.LibvirtDriver``
* ``xenapi.XenAPIDriver``
* ``fake.FakeDriver``
* ``ironic.IronicDriver``
* ``vmwareapi.VMwareVCDriver``
* ``hyperv.HyperVDriver``
* - ``compute_manager`` = ``nova.compute.manager.ComputeManager``
- (String) DEPRECATED: Full class name for the Manager for compute
* - ``compute_monitors`` =
- (List) A list of monitors that can be used for getting compute metrics. You can use the alias/name from the setuptools entry points for nova.compute.monitors.* namespaces. If no namespace is supplied, the "cpu." namespace is assumed for backwards-compatibility.
Possible values:
* An empty list will disable the feature(Default).
* An example value that would enable both the CPU and NUMA memory bandwidth monitors that used the virt driver variant: ["cpu.virt_driver", "numa_mem_bw.virt_driver"]
* - ``compute_stats_class`` = ``nova.compute.stats.Stats``
- (String) DEPRECATED: Abstracts out managing compute host stats to pluggable class. This class manages and updates stats for the local compute host after an instance is changed. These configurable compute stats may be useful for a particular scheduler implementation.
Possible values
* A string representing fully qualified class name.
* - ``console_host`` = ``socket.gethostname()``
- (String) Console proxy host to be used to connect to instances on this host. It is the publicly visible name for the console host.
Possible values:
* Current hostname (default) or any string representing hostname.
* - ``console_manager`` = ``nova.console.manager.ConsoleProxyManager``
- (String) DEPRECATED: Full class name for the Manager for console proxy
* - ``default_flavor`` = ``m1.small``
- (String) DEPRECATED: Default flavor to use for the EC2 API only. The Nova API does not support a default flavor. The EC2 API is deprecated
* - ``default_notification_level`` = ``INFO``
- (String) Default notification level for outgoing notifications.
* - ``enable_instance_password`` = ``True``
- (Boolean) Enables returning of the instance password by the relevant server API calls such as create, rebuild, evacuate, or rescue. If the hypervisor does not support password injection, then the password returned will not be correct, so if your hypervisor does not support password injection, set this to False.
* - ``heal_instance_info_cache_interval`` = ``60``
- (Integer) Number of seconds between instance network information cache updates
* - ``image_cache_manager_interval`` = ``2400``
- (Integer) Number of seconds to wait between runs of the image cache manager. Set to -1 to disable. Setting this to 0 will run at the default rate.
* - ``image_cache_subdirectory_name`` = ``_base``
- (String) Where cached images are stored under $instances_path. This is NOT the full path - just a folder name. For per-compute-host cached images, set to _base_$my_ip
* - ``instance_build_timeout`` = ``0``
- (Integer) Maximum time in seconds that an instance can take to build.
If this timer expires, instance status will be changed to ERROR. Enabling this option will make sure an instance will not be stuck in BUILD state for a longer period.
Possible values:
* 0: Disables the option (default)
* Any positive integer in seconds: Enables the option.
* - ``instance_delete_interval`` = ``300``
- (Integer) Interval in seconds for retrying failed instance file deletes. Set to -1 to disable. Setting this to 0 will run at the default rate.
* - ``instance_usage_audit`` = ``False``
- (Boolean) This option enables periodic compute.instance.exists notifications. Each compute node must be configured to generate system usage data. These notifications are consumed by OpenStack Telemetry service.
* - ``instance_usage_audit_period`` = ``month``
- (String) Time period to generate instance usages for. It is possible to define optional offset to given period by appending @ character followed by a number defining offset.
Possible values:
* period, example: ``hour``, ``day``, ``month` or ``year``
* period with offset, example: ``month@15`` will result in monthly audits starting on 15th day of month.
* - ``instances_path`` = ``$state_path/instances``
- (String) Specifies where instances are stored on the hypervisor's disk. It can point to locally attached storage or a directory on NFS.
Possible values:
* $state_path/instances where state_path is a config option that specifies the top-level directory for maintaining nova's state. (default) or Any string representing directory path.
* - ``max_concurrent_builds`` = ``10``
- (Integer) Limits the maximum number of instance builds to run concurrently by nova-compute. Compute service can attempt to build an infinite number of instances, if asked to do so. This limit is enforced to avoid building unlimited instance concurrently on a compute node. This value can be set per compute node.
Possible Values:
* 0 : treated as unlimited.
* Any positive integer representing maximum concurrent builds.
* - ``maximum_instance_delete_attempts`` = ``5``
- (Integer) The number of times to attempt to reap an instance's files.
* - ``reboot_timeout`` = ``0``
- (Integer) Time interval after which an instance is hard rebooted automatically.
When doing a soft reboot, it is possible that a guest kernel is completely hung in a way that causes the soft reboot task to not ever finish. Setting this option to a time period in seconds will automatically hard reboot an instance if it has been stuck in a rebooting state longer than N seconds.
Possible values:
* 0: Disables the option (default).
* Any positive integer in seconds: Enables the option.
* - ``reclaim_instance_interval`` = ``0``
- (Integer) Interval in seconds for reclaiming deleted instances. It takes effect only when value is greater than 0.
* - ``rescue_timeout`` = ``0``
- (Integer) Interval to wait before un-rescuing an instance stuck in RESCUE.
Possible values:
* 0: Disables the option (default)
* Any positive integer in seconds: Enables the option.
* - ``resize_confirm_window`` = ``0``
- (Integer) Automatically confirm resizes after N seconds.
Resize functionality will save the existing server before resizing. After the resize completes, user is requested to confirm the resize. The user has the opportunity to either confirm or revert all changes. Confirm resize removes the original server and changes server status from resized to active. Setting this option to a time period (in seconds) will automatically confirm the resize if the server is in resized state longer than that time.
Possible values:
* 0: Disables the option (default)
* Any positive integer in seconds: Enables the option.
* - ``resume_guests_state_on_host_boot`` = ``False``
- (Boolean) This option specifies whether to start guests that were running before the host rebooted. It ensures that all of the instances on a Nova compute node resume their state each time the compute node boots or restarts.
* - ``running_deleted_instance_action`` = ``reap``
- (String) The compute service periodically checks for instances that have been deleted in the database but remain running on the compute node. The above option enables action to be taken when such instances are identified.
Possible values:
* reap: Powers down the instances and deletes them(default)
* log: Logs warning message about deletion of the resource
* shutdown: Powers down instances and marks them as non- bootable which can be later used for debugging/analysis
* noop: Takes no action
Related options:
* running_deleted_instance_poll
* running_deleted_instance_timeout
* - ``running_deleted_instance_poll_interval`` = ``1800``
- (Integer) Time interval in seconds to wait between runs for the clean up action. If set to 0, above check will be disabled. If "running_deleted_instance _action" is set to "log" or "reap", a value greater than 0 must be set.
Possible values:
* Any positive integer in seconds enables the option.
* 0: Disables the option.
* 1800: Default value.
Related options:
* running_deleted_instance_action
* - ``running_deleted_instance_timeout`` = ``0``
- (Integer) Time interval in seconds to wait for the instances that have been marked as deleted in database to be eligible for cleanup.
Possible values:
* Any positive integer in seconds(default is 0).
Related options:
* "running_deleted_instance_action"
* - ``shelved_offload_time`` = ``0``
- (Integer) Time in seconds before a shelved instance is eligible for removing from a host. -1 never offload, 0 offload immediately when shelved
* - ``shelved_poll_interval`` = ``3600``
- (Integer) Interval in seconds for polling shelved instances to offload. Set to -1 to disable.Setting this to 0 will run at the default rate.
* - ``shutdown_timeout`` = ``60``
- (Integer) Total time to wait in seconds for an instance toperform a clean shutdown.
It determines the overall period (in seconds) a VM is allowed to perform a clean shutdown. While performing stop, rescue and shelve, rebuild operations, configuring this option gives the VM a chance to perform a controlled shutdown before the instance is powered off. The default timeout is 60 seconds.
The timeout value can be overridden on a per image basis by means of os_shutdown_timeout that is an image metadata setting allowing different types of operating systems to specify how much time they need to shut down cleanly.
Possible values:
* Any positive integer in seconds (default value is 60).
* - ``sync_power_state_interval`` = ``600``
- (Integer) Interval to sync power states between the database and the hypervisor. Set to -1 to disable. Setting this to 0 will run at the default rate.
* - ``sync_power_state_pool_size`` = ``1000``
- (Integer) Number of greenthreads available for use to sync power states.
This option can be used to reduce the number of concurrent requests made to the hypervisor or system with real instance power states for performance reasons, for example, with Ironic.
Possible values:
* Any positive integer representing greenthreads count.
* - ``update_resources_interval`` = ``0``
- (Integer) Interval in seconds for updating compute resources. A number less than 0 means to disable the task completely. Leaving this at the default of 0 will cause this to run at the default periodic interval. Setting it to any positive value will cause it to run at approximately that number of seconds.
* - ``vif_plugging_is_fatal`` = ``True``
- (Boolean) Determine if instance should boot or fail on VIF plugging timeout.
Nova sends a port update to Neutron after an instance has been scheduled, providing Neutron with the necessary information to finish setup of the port. Once completed, Neutron notifies Nova that it has finished setting up the port, at which point Nova resumes the boot of the instance since network connectivity is now supposed to be present. A timeout will occur if the reply is not received after a given interval.
This option determines what Nova does when the VIF plugging timeout event happens. When enabled, the instance will error out. When disabled, the instance will continue to boot on the assumption that the port is ready.
Possible values:
* True: Instances should fail after VIF plugging timeout
* False: Instances should continue booting after VIF plugging timeout
* - ``vif_plugging_timeout`` = ``300``
- (Integer) Timeout for Neutron VIF plugging event message arrival.
Number of seconds to wait for Neutron vif plugging events to arrive before continuing or failing (see 'vif_plugging_is_fatal').
Interdependencies to other options:
* vif_plugging_is_fatal - If ``vif_plugging_timeout`` is set to zero and ``vif_plugging_is_fatal`` is False, events should not be expected to arrive at all.

28
doc/config-reference/source/tables/nova-conductor.rst
View File

@ -16,29 +16,15 @@
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``migrate_max_retries`` = ``-1``
- (Integer) Number of times to retry live-migration before failing.
Possible values:
* If == -1, try until out of hosts (default)
* If == 0, only try once, no retries
* Integer greater than 0
* - **[conductor]**
-
* - ``manager`` = ``nova.conductor.manager.ConductorManager``
- (String) DEPRECATED: Full class name for the Manager for conductor.
Removal in 14.0
* - ``topic`` = ``conductor``
- (String) Topic exchange name on which conductor nodes listen.
* - ``use_local`` = ``False``
- (Boolean) DEPRECATED: Perform nova-conductor operations locally. This legacy mode was introduced to bridge a gap during the transition to the conductor service. It no longer represents a reasonable alternative for deployers.
Removal may be as early as 14.0.
- (String) Topic exchange name on which conductor nodes listen.
- **Deprecated**
There is no need to let users choose the RPC topic for all services - there is little gain from this. Furthermore, it makes it really easy to break Nova by using this option.
* - ``workers`` = ``None``
- (Integer) Number of workers for OpenStack Conductor service. The default will be the number of CPUs available.

128
doc/config-reference/source/tables/nova-configdrive.rst
View File

@ -1,128 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-configdrive:
.. list-table:: Description of config drive configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``config_drive_format`` = ``iso9660``
- (String) Configuration drive format
Configuration drive format that will contain metadata attached to the instance when it boots.
Possible values:
* iso9660: A file system image standard that is widely supported across operating systems. NOTE: Mind the libvirt bug (https://bugs.launchpad.net/nova/+bug/1246201) - If your hypervisor driver is libvirt, and you want live migrate to work without shared storage, then use VFAT.
* vfat: For legacy reasons, you can configure the configuration drive to use VFAT format instead of ISO 9660.
Related options:
* This option is meaningful when one of the following alternatives occur: 1. force_config_drive option set to 'true' 2. the REST API call to create the instance contains an enable flag for config drive option 3. the image used to create the instance requires a config drive, this is defined by img_config_drive property for that image.
* A compute node running Hyper-V hypervisor can be configured to attach configuration drive as a CD drive. To attach the configuration drive as a CD drive, set config_drive_cdrom option at hyperv section, to true.
* - ``config_drive_skip_versions`` = ``1.0 2007-01-19 2007-03-01 2007-08-29 2007-10-10 2007-12-15 2008-02-01 2008-09-01``
- (String) When gathering the existing metadata for a config drive, the EC2-style metadata is returned for all versions that don't appear in this option. As of the Liberty release, the available versions are:
* 1.0
* 2007-01-19
* 2007-03-01
* 2007-08-29
* 2007-10-10
* 2007-12-15
* 2008-02-01
* 2008-09-01
* 2009-04-04
The option is in the format of a single string, with each version separated by a space.
Possible values:
* Any string that represents zero or more versions, separated by spaces.
* - ``force_config_drive`` = ``False``
- (Boolean) Force injection to take place on a config drive
When this option is set to true configuration drive functionality will be forced enabled by default, otherwise user can still enable configuration drives via the REST API or image metadata properties.
Possible values:
* True: Force to use of configuration drive regardless the user's input in the REST API call.
* False: Do not force use of configuration drive. Config drives can still be enabled via the REST API or image metadata properties.
Related options:
* Use the 'mkisofs_cmd' flag to set the path where you install the genisoimage program. If genisoimage is in same path as the nova-compute service, you do not need to set this flag.
* To use configuration drive with Hyper-V, you must set the 'mkisofs_cmd' value to the full path to an mkisofs.exe installation. Additionally, you must set the qemu_img_cmd value in the hyperv configuration section to the full path to an qemu-img command installation.
* - ``mkisofs_cmd`` = ``genisoimage``
- (String) Name or path of the tool used for ISO image creation
Use the mkisofs_cmd flag to set the path where you install the genisoimage program. If genisoimage is on the system path, you do not need to change the default value.
To use configuration drive with Hyper-V, you must set the mkisofs_cmd value to the full path to an mkisofs.exe installation. Additionally, you must set the qemu_img_cmd value in the hyperv configuration section to the full path to an qemu-img command installation.
Possible values:
* Name of the ISO image creator program, in case it is in the same directory as the nova-compute service
* Path to ISO image creator program
Related options:
* This option is meaningful when config drives are enabled.
* To use configuration drive with Hyper-V, you must set the qemu_img_cmd value in the hyperv configuration section to the full path to an qemu-img command installation.
* - **[hyperv]**
-
* - ``config_drive_cdrom`` = ``False``
- (Boolean) Configuration drive cdrom
OpenStack can be configured to write instance metadata to a configuration drive, which is then attached to the instance before it boots. The configuration drive can be attached as a disk drive (default) or as a CD drive.
Possible values:
* True: Attach the configuration drive image as a CD drive.
* False: Attach the configuration drive image as a disk drive (Default).
Related options:
* This option is meaningful with force_config_drive option set to 'True' or when the REST API call to create an instance will have '--config-drive=True' flag.
* config_drive_format option must be set to 'iso9660' in order to use CD drive as the configuration drive image.
* To use configuration drive with Hyper-V, you must set the mkisofs_cmd value to the full path to an mkisofs.exe installation. Additionally, you must set the qemu_img_cmd value to the full path to an qemu-img command installation.
* You can configure the Compute service to always create a configuration drive by setting the force_config_drive option to 'True'.
* - ``config_drive_inject_password`` = ``False``
- (Boolean) Configuration drive inject password
Enables setting the admin password in the configuration drive image.
Related options:
* This option is meaningful when used with other options that enable configuration drive usage with Hyper-V, such as force_config_drive.
* Currently, the only accepted config_drive_format is 'iso9660'.

30
doc/config-reference/source/tables/nova-console.rst
View File

@ -16,33 +16,11 @@
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``console_allowed_origins`` =
* - ``allowed_origins`` =
- (List) Adds list of allowed origins to the console websocket proxy to allow connections from other origin hostnames. Websocket proxy matches the host header with the origin header to prevent cross-site requests. This list specifies if any there are values other than host are allowed in the origin header.
Possible values
* An empty list (default) or list of allowed origin hostnames.
* - ``console_public_hostname`` = ``localhost``
- (String) Publicly visible name for this console host.
Possible values
* Current hostname (default) or any string representing hostname.
* - ``console_token_ttl`` = ``600``
- (Integer) This option indicates the lifetime of a console auth token. A console auth token is used in authorizing console access for a user. Once the auth token time to live count has elapsed, the token is considered expired. Expired tokens are then deleted.
* - ``consoleauth_manager`` = ``nova.consoleauth.manager.ConsoleAuthManager``
- (String) DEPRECATED: Manager for console auth
* - **[mks]**
-
* - ``enabled`` = ``False``
- (Boolean) Enables graphical console access for virtual machines.
* - ``mksproxy_base_url`` = ``http://127.0.0.1:6090/``
- (String) Location of MKS web console proxy
The URL in the response points to a WebMKS proxy which starts proxying between client and corresponding vCenter server where instance runs. In order to use the web based console access, WebMKS proxy should be installed and configured
Possible values:
* Must be a valid URL of the form:``http://host:port/``
* A list where each element is an allowed origin hostnames, else an empty list

16
doc/config-reference/source/tables/nova-periodic.rst → doc/config-reference/source/tables/nova-consoleauth.rst
View File

@ -8,17 +8,17 @@
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-periodic:
.. _nova-consoleauth:
.. list-table:: Description of periodic configuration options
.. list-table:: Description of consoleauth configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``periodic_enable`` = ``True``
- (Boolean) Enable periodic tasks
* - ``periodic_fuzzy_delay`` = ``60``
- (Integer) Range of seconds to randomly delay when starting the periodic task scheduler to reduce stampeding. (Disable by setting to 0)
* - ``token_ttl`` = ``600``
- (Integer) The lifetime of a console auth token.
A console auth token is used in authorizing console access for a user. Once the auth token time to live count has elapsed, the token is considered expired. Expired tokens are then deleted.

42
doc/config-reference/source/tables/nova-cors.rst Normal file
View File

@ -0,0 +1,42 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-cors:
.. list-table:: Description of cors configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``allowed_origin`` = ``None``
- (List) Indicate whether this resource may be shared with the domain received in the requests "origin" header. Format: "<protocol>://<host>[:<port>]", no trailing slash. Example: https://horizon.example.com
* - ``allow_credentials`` = ``True``
- (Boolean) Indicate that the actual request can include user credentials
* - ``expose_headers`` =
- (List) Indicate which headers are safe to expose to the API. Defaults to HTTP Simple Headers.
* - ``max_age`` = ``3600``
- (Integer) Maximum cache age of CORS preflight requests.
* - ``allow_methods`` = ``OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, PATCH``
- (List) Indicate which methods can be used during the actual request.
* - ``allow_headers`` =
- (List) Indicate which header field names may be used during the actual request.

42
doc/config-reference/source/tables/nova-cors.subdomain.rst Normal file
View File

@ -0,0 +1,42 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-cors.subdomain:
.. list-table:: Description of cors.subdomain configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``allowed_origin`` = ``None``
- (List) Indicate whether this resource may be shared with the domain received in the requests "origin" header. Format: "<protocol>://<host>[:<port>]", no trailing slash. Example: https://horizon.example.com
* - ``allow_credentials`` = ``True``
- (Boolean) Indicate that the actual request can include user credentials
* - ``expose_headers`` =
- (List) Indicate which headers are safe to expose to the API. Defaults to HTTP Simple Headers.
* - ``max_age`` = ``3600``
- (Integer) Maximum cache age of CORS preflight requests.
* - ``allow_methods`` = ``OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, PATCH``
- (List) Indicate which methods can be used during the actual request.
* - ``allow_headers`` =
- (List) Indicate which header field names may be used during the actual request.

72
doc/config-reference/source/tables/nova-crypto.rst
View File

@ -16,9 +16,33 @@
* - Configuration option = Default value
- Description
* - **[crypto]**
-
* - ``user_cert_subject`` = ``/C=US/ST=California/O=OpenStack/OU=NovaDev/CN=%.16s-%.16s-%s``
- (String) Subject for certificate for users, %s for project, user, timestamp
* - ``project_cert_subject`` = ``/C=US/ST=California/O=OpenStack/OU=NovaDev/CN=project-ca-%.16s-%s``
- (String) Subject for certificate for projects, %s for project, timestamp
* - ``crl_file`` = ``crl.pem``
- (String) Filename of root Certificate Revocation List (CRL). This is a list of certificates that have been revoked, and therefore, entities presenting those (revoked) certificates should no longer be trusted.
Related options:
* ca_path
* - ``ca_path`` = ``$state_path/CA``
- (String) Directory path where root CA is located.
Related options:
* ca_file
* - ``ca_file`` = ``cacert.pem``
- (String) Filename of root CA (Certificate Authority). This is a container format and includes root certificates.
Possible values:
@ -28,45 +52,23 @@
Related options:
* ca_path
* - ``ca_path`` = ``$state_path/CA``
- (String) Directory path where root CA is located.
Related options:
* ca_file
* - ``crl_file`` = ``crl.pem``
- (String) Filename of root Certificate Revocation List (CRL). This is a list of certificates that have been revoked, and therefore, entities presenting those (revoked) certificates should no longer be trusted.
Related options:
* ca_path
* - ``key_file`` = ``private/cakey.pem``
- (String) Filename of a private key.
Related options:
* keys_path
* - ``keys_path`` = ``$state_path/keys``
- (String) Directory path where keys are located.
Related options:
* key_file
* - ``project_cert_subject`` = ``/C=US/ST=California/O=OpenStack/OU=NovaDev/CN=project-ca-%.16s-%s``
- (String) Subject for certificate for projects, %s for project, timestamp
* - ``key_file`` = ``private/cakey.pem``
- (String) Filename of a private key.
Related options:
* keys_path
* - ``use_project_ca`` = ``False``
- (Boolean) Option to enable/disable use of CA for each project.
* - ``user_cert_subject`` = ``/C=US/ST=California/O=OpenStack/OU=NovaDev/CN=%.16s-%.16s-%s``
- (String) Subject for certificate for users, %s for project, user, timestamp
* - **[ssl]**
-
* - ``ca_file`` = ``None``
- (String) CA certificate file to use to verify connecting clients.
* - ``cert_file`` = ``None``
- (String) Certificate file to use when starting the server securely.
* - ``ciphers`` = ``None``
- (String) Sets the list of available ciphers. value should be a string in the OpenSSL cipher list format.
* - ``key_file`` = ``None``
- (String) Private key file to use when starting the server securely.
* - ``version`` = ``None``
- (String) SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some distributions.

106
doc/config-reference/source/tables/nova-database.rst Normal file
View File

@ -0,0 +1,106 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-database:
.. list-table:: Description of database configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``max_retries`` = ``10``
- (Integer) Maximum number of database connection retries during startup. Set to -1 to specify an infinite retry count.
* - ``db_inc_retry_interval`` = ``True``
- (Boolean) If True, increases the interval between retries of a database operation up to db_max_retry_interval.
* - ``db_max_retry_interval`` = ``10``
- (Integer) If db_inc_retry_interval is set, the maximum seconds between retries of a database operation.
* - ``pool_timeout`` = ``None``
- (Integer) If set, use this value for pool_timeout with SQLAlchemy.
* - ``db_retry_interval`` = ``1``
- (Integer) Seconds between retries of a database transaction.
* - ``mysql_sql_mode`` = ``TRADITIONAL``
- (String) The SQL mode to be used for MySQL sessions. This option, including the default, overrides any server-set SQL mode. To use whatever SQL mode is set by the server configuration, set this to no value. Example: mysql_sql_mode=
* - ``max_pool_size`` = ``5``
- (Integer) Maximum number of SQL connections to keep open in a pool. Setting a value of 0 indicates no limit.
* - ``slave_connection`` = ``None``
- (String) The SQLAlchemy connection string to use to connect to the slave database.
* - ``idle_timeout`` = ``3600``
- (Integer) Timeout before idle SQL connections are reaped.
* - ``retry_interval`` = ``10``
- (Integer) Interval between retries of opening a SQL connection.
* - ``use_db_reconnect`` = ``False``
- (Boolean) Enable the experimental use of database reconnect on connection lost.
* - ``connection`` = ``None``
- (String) The SQLAlchemy connection string to use to connect to the database.
* - ``use_tpool`` = ``False``
- (Boolean) Enable the experimental use of thread pooling for all DB API calls
* - ``min_pool_size`` = ``1``
- (Integer) Minimum number of SQL connections to keep open in a pool.
* - ``max_overflow`` = ``50``
- (Integer) If set, use this value for max_overflow with SQLAlchemy.
* - ``connection_debug`` = ``0``
- (Integer) Verbosity of SQL debugging information: 0=None, 100=Everything.
* - ``db_max_retries`` = ``20``
- (Integer) Maximum retries in case of connection error or deadlock error before error is raised. Set to -1 to specify an infinite retry count.
* - ``connection_trace`` = ``False``
- (Boolean) Add Python stack traces to SQL as comment strings.
* - ``backend`` = ``sqlalchemy``
- (String) The back end to use for the database.
* - ``sqlite_synchronous`` = ``True``
- (Boolean) If True, SQLite uses synchronous mode.
* - ``sqlite_db`` = ``oslo.sqlite``
- (String) The file name to use with SQLite.
- **Deprecated**
Should use config option connection or slave_connection to connect the database.

24
doc/config-reference/source/tables/nova-ephemeral_storage_encryption.rst
View File

@ -10,25 +10,29 @@
.. _nova-ephemeral_storage_encryption:
.. list-table:: Description of ephemeral storage encryption configuration options
.. list-table:: Description of ephemeral_storage_encryption configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[ephemeral_storage_encryption]**
-
* - ``cipher`` = ``aes-xts-plain64``
- (String) Cipher-mode string to be used
- (String) Cipher-mode string to be used.
The cipher and mode to be used to encrypt ephemeral storage. The set of cipher-mode combinations available depends on kernel support.
Possible values:
* aes-xts-plain64 (Default), see /proc/crypto for available options.
* - ``enabled`` = ``False``
- (Boolean) Enables/disables LVM ephemeral storage encryption.
* - ``key_size`` = ``512``
- (Integer) Encryption key length in bits
* Any crypto option listed in ``/proc/crypto``.
The bit length of the encryption key to be used to encrypt ephemeral storage (in XTS mode only half of the bits are used for encryption key).
* - ``enabled`` = ``False``
- (Boolean) Enables/disables LVM ephemeral storage encryption.
* - ``key_size`` = ``512``
- (Integer) Encryption key length in bits.
The bit length of the encryption key to be used to encrypt ephemeral storage. In XTS mode only half of the bits are used for encryption key.

274
doc/config-reference/source/tables/nova-filter_scheduler.rst Normal file
View File

@ -0,0 +1,274 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-filter_scheduler:
.. list-table:: Description of filter_scheduler configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``restrict_isolated_hosts_to_isolated_images`` = ``True``
- (Boolean) Prevent non-isolated images from being built on isolated hosts.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'IsolatedHostsFilter' filter is enabled. Even then, this option doesn't affect the behavior of requests for isolated images, which will *always* be restricted to isolated hosts.
Related options:
* scheduler/isolated_images
* scheduler/isolated_hosts
* - ``soft_anti_affinity_weight_multiplier`` = ``1.0``
- (Floating point) Multiplier used for weighing hosts for group soft-anti-affinity.
Possible values:
* An integer or float value, where the value corresponds to weight multiplier for hosts with group soft anti-affinity. Only a positive value are meaningful, as negative values would make this behave as a soft affinity weigher.
* - ``max_io_ops_per_host`` = ``8``
- (Integer) The number of instances that can be actively performing IO on a host.
Instances performing IO includes those in the following states: build, resize, snapshot, migrate, rescue, unshelve.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'io_ops_filter' filter is enabled.
Possible values:
* An integer, where the integer corresponds to the max number of instances that can be actively performing IO on any given host.
* - ``aggregate_image_properties_isolation_separator`` = ``.``
- (String) Separator character(s) for image property namespace and name.
When using the aggregate_image_properties_isolation filter, the relevant metadata keys are prefixed with the namespace defined in the aggregate_image_properties_isolation_namespace configuration option plus a separator. This option defines the separator to be used.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'aggregate_image_properties_isolation' filter is enabled.
Possible values:
* A string, where the string corresponds to an image property namespace separator character
Related options:
* aggregate_image_properties_isolation_namespace
* - ``isolated_images`` =
- (List) List of UUIDs for images that can only be run on certain hosts.
If there is a need to restrict some images to only run on certain designated hosts, list those image UUIDs here.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'IsolatedHostsFilter' filter is enabled.
Possible values:
* A list of UUID strings, where each string corresponds to the UUID of an image
Related options:
* scheduler/isolated_hosts
* scheduler/restrict_isolated_hosts_to_isolated_images
* - ``host_subset_size`` = ``1``
- (Integer) Size of subset of best hosts selected by scheduler.
New instances will be scheduled on a host chosen randomly from a subset of the N best hosts, where N is the value set by this option.
Setting this to a value greater than 1 will reduce the chance that multiple scheduler processes handling similar requests will select the same host, creating a potential race condition. By selecting a host randomly from the N hosts that best fit the request, the chance of a conflict is reduced. However, the higher you set this value, the less optimal the chosen host may be for a given request.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect.
Possible values:
* An integer, where the integer corresponds to the size of a host subset. Any integer is valid, although any value less than 1 will be treated as 1
* - ``max_instances_per_host`` = ``50``
- (Integer) Maximum number of instances that be active on a host.
If you need to limit the number of instances on any given host, set this option to the maximum number of instances you want to allow. The num_instances_filter will reject any host that has at least as many instances as this option's value.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'num_instances_filter' filter is enabled.
Possible values:
* An integer, where the integer corresponds to the max instances that can be scheduled on a host.
* - ``weight_classes`` = ``nova.scheduler.weights.all_weighers``
- (List) Weighers that the scheduler will use.
Only hosts which pass the filters are weighed. The weight for any host starts at 0, and the weighers order these hosts by adding to or subtracting from the weight assigned by the previous weigher. Weights may become negative. An instance will be scheduled to one of the N most-weighted hosts, where N is 'scheduler_host_subset_size'.
By default, this is set to all weighers that are included with Nova.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect.
Possible values:
* A list of zero or more strings, where each string corresponds to the name of a weigher that will be used for selecting a host
* - ``io_ops_weight_multiplier`` = ``-1.0``
- (Floating point) IO operations weight multipler ratio.
This option determines how hosts with differing workloads are weighed. Negative values, such as the default, will result in the scheduler preferring hosts with lighter workloads whereas positive values will prefer hosts with heavier workloads. Another way to look at it is that positive values for this option will tend to schedule instances onto hosts that are already busy, while negative values will tend to distribute the workload across more hosts. The absolute value, whether positive or negative, controls how strong the io_ops weigher is relative to other weighers.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'io_ops' weigher is enabled.
Possible values:
* An integer or float value, where the value corresponds to the multipler ratio for this weigher.
* - ``disk_weight_multiplier`` = ``1.0``
- (Floating point) Disk weight multipler ratio.
Multiplier used for weighing free disk space. Negative numbers mean to stack vs spread.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'ram' weigher is enabled.
Possible values:
* An integer or float value, where the value corresponds to the multipler ratio for this weigher.
* - ``isolated_hosts`` =
- (List) List of hosts that can only run certain images.
If there is a need to restrict some images to only run on certain designated hosts, list those host names here.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'IsolatedHostsFilter' filter is enabled.
Possible values:
* A list of strings, where each string corresponds to the name of a host
Related options:
* scheduler/isolated_images
* scheduler/restrict_isolated_hosts_to_isolated_images
* - ``track_instance_changes`` = ``True``
- (Boolean) Enable querying of individual hosts for instance information.
The scheduler may need information about the instances on a host in order to evaluate its filters and weighers. The most common need for this information is for the (anti-)affinity filters, which need to choose a host based on the instances already running on a host.
If the configured filters and weighers do not need this information, disabling this option will improve performance. It may also be disabled when the tracking overhead proves too heavy, although this will cause classes requiring host usage data to query the database on each request instead.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect.
* - ``ram_weight_multiplier`` = ``1.0``
- (Floating point) Ram weight multipler ratio.
This option determines how hosts with more or less available RAM are weighed. A positive value will result in the scheduler preferring hosts with more available RAM, and a negative number will result in the scheduler preferring hosts with less available RAM. Another way to look at it is that positive values for this option will tend to spread instances across many hosts, while negative values will tend to fill up (stack) hosts as much as possible before scheduling to a less-used host. The absolute value, whether positive or negative, controls how strong the RAM weigher is relative to other weighers.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'ram' weigher is enabled.
Possible values:
* An integer or float value, where the value corresponds to the multipler ratio for this weigher.
* - ``soft_affinity_weight_multiplier`` = ``1.0``
- (Floating point) Multiplier used for weighing hosts for group soft-affinity.
Possible values:
* An integer or float value, where the value corresponds to weight multiplier for hosts with group soft affinity. Only a positive value are meaningful, as negative values would make this behave as a soft anti-affinity weigher.
* - ``use_baremetal_filters`` = ``False``
- (Boolean) Enable baremetal filters.
Set this to True to tell the nova scheduler that it should use the filters specified in the 'baremetal_scheduler_enabled_filters' option. If you are not scheduling baremetal nodes, leave this at the default setting of False.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect.
Related options:
* If this option is set to True, then the filters specified in the 'baremetal_scheduler_enabled_filters' are used instead of the filters specified in 'scheduler_enabled_filters'.
* - ``aggregate_image_properties_isolation_namespace`` = ``None``
- (String) Image property namespace for use in the host aggregate.
Images and hosts can be configured so that certain images can only be scheduled to hosts in a particular aggregate. This is done with metadata values set on the host aggregate that are identified by beginning with the value of this option. If the host is part of an aggregate with such a metadata key, the image in the request spec must have the value of that metadata in its properties in order for the scheduler to consider the host as acceptable.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'aggregate_image_properties_isolation' filter is enabled.
Possible values:
* A string, where the string corresponds to an image property namespace
Related options:
* aggregate_image_properties_isolation_separator
* - ``enabled_filters`` = ``RetryFilter, AvailabilityZoneFilter, RamFilter, DiskFilter, ComputeFilter, ComputeCapabilitiesFilter, ImagePropertiesFilter, ServerGroupAntiAffinityFilter, ServerGroupAffinityFilter``
- (List) Filters that the scheduler will use.
An ordered list of filter class names that will be used for filtering hosts. Ignore the word 'default' in the name of this option: these filters will *always* be applied, and they will be applied in the order they are listed so place your most restrictive filters first to make the filtering process more efficient.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect.
Possible values:
* A list of zero or more strings, where each string corresponds to the name of a filter to be used for selecting a host
Related options:
* All of the filters in this option *must* be present in the 'scheduler_available_filters' option, or a SchedulerHostFilterNotFound exception will be raised.
* - ``available_filters`` = ``['nova.scheduler.filters.all_filters']``
- (Multi-valued) Filters that the scheduler can use.
An unordered list of the filter classes the nova scheduler may apply. Only the filters specified in the 'scheduler_enabled_filters' option will be used, but any filter appearing in that option must also be included in this list.
By default, this is set to all filters that are included with nova.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect.
Possible values:
* A list of zero or more strings, where each string corresponds to the name of a filter that may be used for selecting a host
Related options:
* scheduler_enabled_filters
* - ``baremetal_enabled_filters`` = ``RetryFilter, AvailabilityZoneFilter, ComputeFilter, ComputeCapabilitiesFilter, ImagePropertiesFilter, ExactRamFilter, ExactDiskFilter, ExactCoreFilter``
- (List) Filters used for filtering baremetal hosts.
Filters are applied in order, so place your most restrictive filters first to make the filtering process more efficient.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect.
Possible values:
* A list of zero or more strings, where each string corresponds to the name of a filter to be used for selecting a baremetal host
Related options:
* If the 'scheduler_use_baremetal_filters' option is False, this option has no effect.

66
doc/config-reference/source/tables/nova-glance.rst
View File

@ -16,43 +16,49 @@
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``osapi_glance_link_prefix`` = ``None``
- (String) This string is prepended to the normal URL that is returned in links to Glance resources. If it is empty (the default), the URLs are returned unchanged.
* - ``num_retries`` = ``0``
- (Integer) Enable glance operation retries.
Specifies the number of retries when uploading / downloading an image to / from glance. 0 means no retries.
* - ``api_insecure`` = ``False``
- (Boolean) Enable insecure SSL (https) requests to glance.
This setting can be used to turn off verification of the glance server certificate against the certificate authorities.
* - ``allowed_direct_url_schemes`` =
- (List) List of url schemes that can be directly accessed.
This option specifies a list of url schemes that can be downloaded directly via the direct_url. This direct_URL can be fetched from Image metadata which can be used by nova to get the image more efficiently. nova-compute could benefit from this by invoking a copy when it has access to the same file system as glance.
Possible values:
* Any string, including an empty string (the default).
* - **[glance]**
-
* - ``allowed_direct_url_schemes`` =
- (List) A list of url scheme that can be downloaded directly via the direct_url. Currently supported schemes: [file].
* - ``api_insecure`` = ``False``
- (Boolean) Allow to perform insecure SSL (https) requests to glance
* [file], Empty list (default)
* - ``api_servers`` = ``None``
- (List) A list of the glance api servers endpoints available to nova. These should be fully qualified urls of the form "scheme://hostname:port[/path]" (i.e. "http://10.0.1.0:9292" or "https://my.glance.server/image")
* - ``debug`` = ``False``
- (Boolean) Enable or disable debug logging with glanceclient.
* - ``num_retries`` = ``0``
- (Integer) Number of retries when uploading / downloading an image to / from glance.
* - ``use_glance_v1`` = ``False``
- (Boolean) DEPRECATED: This flag allows reverting to glance v1 if for some reason glance v2 doesn't work in your environment. This will only exist in Newton, and a fully working Glance v2 will be a hard requirement in Ocata.
* Possible values:
- (List) List of glance api servers endpoints available to nova.
True or False
https is used for ssl-based glance api servers.
* Services that use this:
Possible values:
``nova-api`` ``nova-compute`` ``nova-conductor``
* A list of any fully qualified url of the form "scheme://hostname:port[/path]" (i.e. "http://10.0.1.0:9292" or "https://my.glance.server/image").
* Related options:
None Glance v1 support will be removed in Ocata
* - ``verify_glance_signatures`` = ``False``
- (Boolean) Require Nova to perform signature verification on each image downloaded from Glance.
* - **[image_file_url]**
-
* - ``filesystems`` =
- (List) DEPRECATED: List of file systems that are configured in this file in the image_file_url:<list entry name> sections The feature to download images from glance via filesystem is not used and will be removed in the future.
- (Boolean) Enable image signature verification.
nova uses the image signature metadata from glance and verifies the signature of a signed image while downloading that image. If the image signature cannot be verified or if the image signature metadata is either incomplete or unavailable, then nova will not boot the image and instead will place the instance into an error state. This provides end users with stronger assurances of the integrity of the image data they are using to create servers.
Related options:
* The options in the `key_manager` group, as the key_manager is used for the signature validation.
* - ``debug`` = ``False``
- (Boolean) Enable or disable debug logging with glanceclient.

32
doc/config-reference/source/tables/nova-guestfs.rst Normal file
View File

@ -0,0 +1,32 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-guestfs:
.. list-table:: Description of guestfs configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``debug`` = ``False``
- (Boolean) Enable/disables guestfs logging.
This configures guestfs to debug messages and push them to Openstack logging system. When set to True, it traces libguestfs API calls and enable verbose debug messages. In order to use the above feature, "libguestfs" package must be installed.
Related options: Since libguestfs access and modifies VM's managed by libvirt, below options should be set to give access to those VM's.
* libvirt.inject_key
* libvirt.inject_partition
* libvirt.inject_password

42
doc/config-reference/source/tables/nova-healthcheck.rst Normal file
View File

@ -0,0 +1,42 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-healthcheck:
.. list-table:: Description of healthcheck configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``path`` = ``/healthcheck``
- (String) The path to respond to healtcheck requests on.
- **Deprecated**
No deprecation reason provided for this option.
* - ``detailed`` = ``False``
- (Boolean) Show more detailed information as part of the response
* - ``backends`` =
- (List) Additional backends that can perform health checks and report that information back as part of a request.
* - ``disable_by_file_path`` = ``None``
- (String) Check the presence of a file to determine if an application is running on a port. Used by DisableByFileHealthcheck plugin.
* - ``disable_by_file_paths`` =
- (List) Check the presence of a file based on a port to determine if an application is running on a port. Expects a "port:path" list of strings. Used by DisableByFilesPortsHealthcheck plugin.

242
doc/config-reference/source/tables/nova-hyperv.rst
View File

@ -10,29 +10,121 @@
.. _nova-hyperv:
.. list-table:: Description of HyperV configuration options
.. list-table:: Description of hyperv configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[hyperv]**
-
* - ``dynamic_memory_ratio`` = ``1.0``
- (Floating point) Dynamic memory ratio
Enables dynamic memory allocation (ballooning) when set to a value greater than 1. The value expresses the ratio between the total RAM assigned to an instance and its startup RAM amount. For example a ratio of 2.0 for an instance with 1024MB of RAM implies 512MB of RAM allocated at startup.
* - ``config_drive_cdrom`` = ``False``
- (Boolean) Configuration drive cdrom
OpenStack can be configured to write instance metadata to a configuration drive, which is then attached to the instance before it boots. The configuration drive can be attached as a disk drive (default) or as a CD drive.
Possible values:
* 1.0: Disables dynamic memory allocation (Default).
* True: Attach the configuration drive image as a CD drive.
* Float values greater than 1.0: Enables allocation of total implied RAM divided by this value for startup.
* - ``enable_instance_metrics_collection`` = ``False``
- (Boolean) Enable instance metrics collection
* False: Attach the configuration drive image as a disk drive (Default).
Related options:
* This option is meaningful with force_config_drive option set to 'True' or when the REST API call to create an instance will have '--config-drive=True' flag.
* config_drive_format option must be set to 'iso9660' in order to use CD drive as the configuration drive image.
* To use configuration drive with Hyper-V, you must set the mkisofs_cmd value to the full path to an mkisofs.exe installation. Additionally, you must set the qemu_img_cmd value to the full path to an qemu-img command installation.
* You can configure the Compute service to always create a configuration drive by setting the force_config_drive option to 'True'.
* - ``instances_path_share`` =
- (String) Instances path share
The name of a Windows share mapped to the "instances_path" dir and used by the resize feature to copy files to the target host. If left blank, an administrative share (hidden network share) will be used, looking for the same "instances_path" used locally.
Possible values:
* "": An administrative share will be used (Default).
* Name of a Windows share.
Related options:
* "instances_path": The directory which will be used if this option here is left blank.
* - ``volume_attach_retry_count`` = ``10``
- (Integer) Volume attach retry count
The number of times to retry attaching a volume. Volume attachment is retried until success or the given retry count is reached.
Possible values:
* Positive integer values (Default: 10).
Related options:
* Time interval between attachment attempts is declared with volume_attach_retry_interval option.
* - ``volume_attach_retry_interval`` = ``5``
- (Integer) Volume attach retry interval
Interval between volume attachment attempts, in seconds.
Possible values:
* Time in seconds (Default: 5).
Related options:
* This options is meaningful when volume_attach_retry_count is greater than 1.
* The retry loop runs with volume_attach_retry_count and volume_attach_retry_interval configuration options.
* - ``vswitch_name`` = ``None``
- (String) External virtual switch name
The Hyper-V Virtual Switch is a software-based layer-2 Ethernet network switch that is available with the installation of the Hyper-V server role. The switch includes programmatically managed and extensible capabilities to connect virtual machines to both virtual networks and the physical network. In addition, Hyper-V Virtual Switch provides policy enforcement for security, isolation, and service levels. The vSwitch represented by this config option must be an external one (not internal or private).
Possible values:
* If not provided, the first of a list of available vswitches is used. This list is queried using WQL.
* Virtual switch name.
* - ``qemu_img_cmd`` = ``qemu-img.exe``
- (String) qemu-img command
qemu-img is required for some of the image related operations like converting between different image types. You can get it from here: (http://qemu.weilnetz.de/) or you can install the Cloudbase OpenStack Hyper-V Compute Driver (https://cloudbase.it/openstack-hyperv-driver/) which automatically sets the proper path for this config option. You can either give the full path of qemu-img.exe or set its path in the PATH environment variable and leave this option to the default value.
Possible values:
* Name of the qemu-img executable, in case it is in the same directory as the nova-compute service or its path is in the PATH environment variable (Default).
* Path of qemu-img command (DRIVELETTER:\PATH\TO\QEMU-IMG\COMMAND).
Related options:
* If the config_drive_cdrom option is False, qemu-img will be used to convert the ISO to a VHD, otherwise the configuration drive will remain an ISO. To use configuration drive with Hyper-V, you must set the mkisofs_cmd value to the full path to an mkisofs.exe installation.
* - ``power_state_event_polling_interval`` = ``2``
- (Integer) Power state event polling interval
Instance power state change event polling frequency. Sets the listener interval for power state events to the given value. This option enhances the internal lifecycle notifications of instances that reboot themselves. It is unlikely that an operator has to change this value.
Possible values:
* Time in seconds (Default: 2).
Enables metrics collections for an instance by using Hyper-V's metric APIs. Collected data can by retrieved by other apps and services, e.g.: Ceilometer.
* - ``enable_remotefx`` = ``False``
- (Boolean) Enable RemoteFX feature
This requires at least one DirectX 11 capable graphics adapter for Windows / Hyper-V Server 2012 R2 or newer and RDS-Virtualization feature has to be enabled.
@ -52,28 +144,74 @@
**os:vram**. Guest VM VRAM amount. Only available on Windows / Hyper-V Server 2016. Acceptable values::
64, 128, 256, 512, 1024
* - ``instances_path_share`` =
- (String) Instances path share
The name of a Windows share mapped to the "instances_path" dir and used by the resize feature to copy files to the target host. If left blank, an administrative share (hidden network share) will be used, looking for the same "instances_path" used locally.
* - ``enable_instance_metrics_collection`` = ``False``
- (Boolean) Enable instance metrics collection
Enables metrics collections for an instance by using Hyper-V's metric APIs. Collected data can by retrieved by other apps and services, e.g.: Ceilometer.
* - ``wait_soft_reboot_seconds`` = ``60``
- (Integer) Wait soft reboot seconds
Number of seconds to wait for instance to shut down after soft reboot request is made. We fall back to hard reboot if instance does not shutdown within this window.
Possible values:
* "": An administrative share will be used (Default).
* Time in seconds (Default: 60).
* Name of a Windows share.
* - ``power_state_check_timeframe`` = ``60``
Related options:
- (Integer) Power state check timeframe
The timeframe to be checked for instance power state changes. This option is used to fetch the state of the instance from Hyper-V through the WMI interface, within the specified timeframe.
Possible values:
* Timeframe in seconds (Default: 60).
* - ``dynamic_memory_ratio`` = ``1.0``
- (Floating point) Dynamic memory ratio
Enables dynamic memory allocation (ballooning) when set to a value greater than 1. The value expresses the ratio between the total RAM assigned to an instance and its startup RAM amount. For example a ratio of 2.0 for an instance with 1024MB of RAM implies 512MB of RAM allocated at startup.
Possible values:
* 1.0: Disables dynamic memory allocation (Default).
* Float values greater than 1.0: Enables allocation of total implied RAM divided by this value for startup.
* - ``iscsi_initiator_list`` =
- (List) List of iSCSI initiators that will be used for estabilishing iSCSI sessions.
If none are specified, the Microsoft iSCSI initiator service will choose the initiator.
* "instances_path": The directory which will be used if this option here is left blank.
* - ``limit_cpu_features`` = ``False``
- (Boolean) Limit CPU features
This flag is needed to support live migration to hosts with different CPU features and checked during instance creation in order to limit the CPU features used by the instance.
* - ``config_drive_inject_password`` = ``False``
- (Boolean) Configuration drive inject password
Enables setting the admin password in the configuration drive image.
Related options:
* This option is meaningful when used with other options that enable configuration drive usage with Hyper-V, such as force_config_drive.
* Currently, the only accepted config_drive_format is 'iso9660'.
* - ``mounted_disk_query_retry_count`` = ``10``
- (Integer) Mounted disk query retry count
The number of times to retry checking for a disk mounted via iSCSI. During long stress runs the WMI query that is looking for the iSCSI device number can incorrectly return no data. If the query is retried the appropriate data can then be obtained. The query runs until the device can be found or the retry count is reached.
The number of times to retry checking for a mounted disk. The query runs until the device can be found or the retry count is reached.
Possible values:
@ -82,10 +220,26 @@
Related options:
* Time interval between disk mount retries is declared with "mounted_disk_query_retry_interval" option.
* - ``use_multipath_io`` = ``False``
- (Boolean) Use multipath connections when attaching iSCSI or FC disks.
This requires the Multipath IO Windows feature to be enabled. MPIO must be configured to claim such devices.
* - ``force_volumeutils_v1`` = ``False``
- (Boolean) Force V1 volume utility class
- **Deprecated**
No deprecation reason provided for this option.
* - ``mounted_disk_query_retry_interval`` = ``5``
- (Integer) Mounted disk query retry interval
Interval between checks for a mounted iSCSI disk, in seconds.
Interval between checks for a mounted disk, in seconds.
Possible values:
@ -96,51 +250,3 @@
* This option is meaningful when the mounted_disk_query_retry_count is greater than 1.
* The retry loop runs with mounted_disk_query_retry_count and mounted_disk_query_retry_interval configuration options.
* - ``power_state_check_timeframe`` = ``60``
- (Integer) Power state check timeframe
The timeframe to be checked for instance power state changes. This option is used to fetch the state of the instance from Hyper-V through the WMI interface, within the specified timeframe.
Possible values:
* Timeframe in seconds (Default: 60).
* - ``power_state_event_polling_interval`` = ``2``
- (Integer) Power state event polling interval
Instance power state change event polling frequency. Sets the listener interval for power state events to the given value. This option enhances the internal lifecycle notifications of instances that reboot themselves. It is unlikely that an operator has to change this value.
Possible values:
* Time in seconds (Default: 2).
* - ``qemu_img_cmd`` = ``qemu-img.exe``
- (String) qemu-img command
qemu-img is required for some of the image related operations like converting between different image types. You can get it from here: (http://qemu.weilnetz.de/) or you can install the Cloudbase OpenStack Hyper-V Compute Driver (https://cloudbase.it/openstack-hyperv-driver/) which automatically sets the proper path for this config option. You can either give the full path of qemu-img.exe or set its path in the PATH environment variable and leave this option to the default value.
Possible values:
* Name of the qemu-img executable, in case it is in the same directory as the nova-compute service or its path is in the PATH environment variable (Default).
* Path of qemu-img command (DRIVELETTER:\PATH\TO\QEMU-IMG\COMMAND).
Related options:
* If the config_drive_cdrom option is False, qemu-img will be used to convert the ISO to a VHD, otherwise the configuration drive will remain an ISO. To use configuration drive with Hyper-V, you must set the mkisofs_cmd value to the full path to an mkisofs.exe installation.
* - ``vswitch_name`` = ``None``
- (String) External virtual switch name
The Hyper-V Virtual Switch is a software-based layer-2 Ethernet network switch that is available with the installation of the Hyper-V server role. The switch includes programmatically managed and extensible capabilities to connect virtual machines to both virtual networks and the physical network. In addition, Hyper-V Virtual Switch provides policy enforcement for security, isolation, and service levels. The vSwitch represented by this config option must be an external one (not internal or private).
Possible values:
* If not provided, the first of a list of available vswitches is used. This list is queried using WQL.
* Virtual switch name.
* - ``wait_soft_reboot_seconds`` = ``60``
- (Integer) Wait soft reboot seconds
Number of seconds to wait for instance to shut down after soft reboot request is made. We fall back to hard reboot if instance does not shutdown within this window.
Possible values:
* Time in seconds (Default: 60).

88
doc/config-reference/source/tables/nova-hypervisor.rst
View File

@ -1,88 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-hypervisor:
.. list-table:: Description of hypervisor configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``default_ephemeral_format`` = ``None``
- (String) The default format an ephemeral_volume will be formatted with on creation.
Possible values:
* ``ext2``
* ``ext3``
* ``ext4``
* ``xfs``
* ``ntfs`` (only for Windows guests)
* - ``force_raw_images`` = ``True``
- (Boolean) Force conversion of backing images to raw format.
Possible values:
* True: Backing image files will be converted to raw image format
* False: Backing image files will not be converted
Interdependencies to other options:
* ``compute_driver``: Only the libvirt driver uses this option.
* - ``pointer_model`` = ``usbtablet``
- (String) Generic property to specify the pointer type.
Input devices allow interaction with a graphical framebuffer. For example to provide a graphic tablet for absolute cursor movement.
If set, the 'hw_pointer_model' image property takes precedence over this configuration option.
Possible values:
* None: Uses default behavior provided by drivers (mouse on PS2 for libvirt x86)
* ps2mouse: Uses relative movement. Mouse connected by PS2
* usbtablet: Uses absolute movement. Tablet connect by USB
Interdependencies to other options:
* usbtablet must be configured with VNC enabled or SPICE enabled and SPICE agent disabled. When used with libvirt the instance mode should be configured as HVM.
* - ``preallocate_images`` = ``none``
- (String) The image preallocation mode to use. Image preallocation allows storage for instance images to be allocated up front when the instance is initially provisioned. This ensures immediate feedback is given if enough space isn't available. In addition, it should significantly improve performance on writes to new blocks and may even improve I/O performance to prewritten blocks due to reduced fragmentation.
Possible values:
* "none" => no storage provisioning is done up front
* "space" => storage is fully allocated at instance start
* - ``timeout_nbd`` = ``10``
- (Integer) Amount of time, in seconds, to wait for NBD device start up.
* - ``use_cow_images`` = ``True``
- (Boolean) Enable use of copy-on-write (cow) images.
QEMU/KVM allow the use of qcow2 as backing files. By disabling this, backing files will not be used.
* - ``vcpu_pin_set`` = ``None``
- (String) Defines which physical CPUs (pCPUs) can be used by instance virtual CPUs (vCPUs).
Possible values:
* A comma-separated list of physical CPU numbers that virtual CPUs can be allocated to by default. Each element should be either a single CPU number, a range of CPU numbers, or a caret followed by a CPU number to be excluded from a previous range. For example:
vcpu_pin_set = "4-12,^8,15"
* - ``virt_mkfs`` = ``[]``
- (Multi-valued) Name of the mkfs commands for ephemeral device. The format is <os_type>=<mkfs command>

18
doc/config-reference/source/tables/nova-quobyte.rst → doc/config-reference/source/tables/nova-image_file_url.rst
View File

@ -8,17 +8,19 @@
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-quobyte:
.. _nova-image_file_url:
.. list-table:: Description of Quobyte USP volume driver configuration options
.. list-table:: Description of image_file_url configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[libvirt]**
-
* - ``quobyte_client_cfg`` = ``None``
- (String) Path to a Quobyte Client configuration file.
* - ``quobyte_mount_point_base`` = ``$state_path/mnt``
- (String) Directory where the Quobyte volume is mounted on the compute node
* - ``filesystems`` =
- (List) List of file systems that are configured in this file in the image_file_url:<list entry name> sections
- **Deprecated**
The feature to download images from glance via filesystem is not used and will be removed in the future.

60
doc/config-reference/source/tables/nova-ipv6.rst
View File

@ -1,60 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-ipv6:
.. list-table:: Description of IPv6 configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``fixed_range_v6`` = ``fd00::/48``
- (String) This option determines the fixed IPv6 address block when creating a network.
Please note that this option is only used when using nova-network instead of Neutron in your deployment.
Possible values:
Any valid IPv6 CIDR. The default value is "fd00::/48".
Related options:
``use_neutron``
* - ``gateway_v6`` = ``None``
- (String) This is the default IPv6 gateway. It is used only in the testing suite.
Please note that this option is only used when using nova-network instead of Neutron in your deployment.
Possible values:
Any valid IP address.
Related options:
``use_neutron``, ``gateway``
* - ``ipv6_backend`` = ``rfc2462``
- (String) Abstracts out IPv6 address generation to pluggable backends.
nova-network can be put into dual-stack mode, so that it uses both IPv4 and IPv6 addresses. In dual-stack mode, by default, instances acquire IPv6 global unicast addresses with the help of stateless address auto-configuration mechanism.
Related options:
* use_neutron: this option only works with nova-network.
* use_ipv6: this option only works if ipv6 is enabled for nova-network.
* - ``use_ipv6`` = ``False``
- (Boolean) Assign IPv6 and IPv4 addresses when creating instances.
Related options:
* use_neutron: this only works with nova-network.

68
doc/config-reference/source/tables/nova-ironic.rst
View File

@ -10,47 +10,61 @@
.. _nova-ironic:
.. list-table:: Description of bare metal configuration options
.. list-table:: Description of ironic configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[ironic]**
-
* - ``admin_password`` = ``None``
- (String) DEPRECATED: Ironic keystone admin password. Use ``password`` instead.
* - ``admin_tenant_name`` = ``None``
- (String) DEPRECATED: Ironic keystone tenant name. Use ``project_name`` instead.
* - ``admin_url`` = ``None``
- (String) DEPRECATED: Keystone public API endpoint. Use ``auth_url`` instead.
* - ``admin_username`` = ``None``
- (String) DEPRECATED: Ironic keystone admin name. Use ``username`` instead.
* - ``api_endpoint`` = ``http://ironic.example.org:6385/``
- (String) URL override for the Ironic API endpoint.
* - ``api_max_retries`` = ``60``
- (Integer) The number of times to retry when a request conflicts. If set to 0, only try once, no retries.
Related options:
* - ``auth_type`` = ``None``
- (Unknown) Authentication type to load
* - ``serial_console_state_timeout`` = ``10``
- (Integer) Timeout (seconds) to wait for node serial console state changed. Set to 0 to disable timeout.
* - ``certfile`` = ``None``
- (String) PEM encoded client certificate cert file
* api_retry_interval
* - ``api_retry_interval`` = ``2``
- (Integer) The number of seconds to wait before retrying the request.
Related options:
* api_max_retries
* - ``auth_section`` = ``None``
- (Unknown) Config Section from which to load plugin specific options
* - ``auth_type`` = ``None``
- (Unknown) Authentication type to load
* - ``cafile`` = ``None``
- (String) PEM encoded Certificate Authority to use when verifying HTTPs connections.
* - ``certfile`` = ``None``
- (String) PEM encoded client certificate cert file
* - ``insecure`` = ``False``
- (Boolean) Verify HTTPS connections.
* - ``keyfile`` = ``None``
- (String) PEM encoded client certificate key file
* - ``insecure`` = ``False``
- (Boolean) Verify HTTPS connections.
* - ``api_max_retries`` = ``60``
- (Integer) The number of times to retry when a request conflicts. If set to 0, only try once, no retries.
Related options:
* api_retry_interval
* - ``api_endpoint`` = ``http://ironic.example.org:6385/``
- (String) URL override for the Ironic API endpoint.
* - ``timeout`` = ``None``
- (Integer) Timeout value for http requests
* - ``cafile`` = ``None``
- (String) PEM encoded Certificate Authority to use when verifying HTTPs connections.
* - ``auth_section`` = ``None``
- (Unknown) Config Section from which to load plugin specific options

12
doc/config-reference/source/tables/nova-key_manager.rst
View File

@ -10,19 +10,21 @@
.. _nova-key_manager:
.. list-table:: Description of key manager configuration options
.. list-table:: Description of key_manager configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[key_manager]**
-
* - ``api_class`` = ``castellan.key_manager.barbican_key_manager.BarbicanKeyManager``
- (String) The full class name of the key manager API class
* - ``fixed_key`` = ``None``
- (String) Fixed key returned by key manager, specified in hex.
Possible values:
* Empty string or a key in hex value
* - ``api_class`` = ``castellan.key_manager.barbican_key_manager.BarbicanKeyManager``
- (String) The full class name of the key manager API class

194
doc/config-reference/source/tables/nova-keystone_authtoken.rst Normal file
View File

@ -0,0 +1,194 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-keystone_authtoken:
.. list-table:: Description of keystone_authtoken configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``memcache_pool_socket_timeout`` = ``3``
- (Integer) (Optional) Socket timeout in seconds for communicating with a memcached server.
* - ``auth_type`` = ``None``
- (Unknown) Authentication type to load
* - ``cache`` = ``None``
- (String) Request environment key where the Swift cache object is stored. When auth_token middleware is deployed with a Swift cache, use this option to have the middleware share a caching backend with swift. Otherwise, use the ``memcached_servers`` option instead.
* - ``admin_token`` = ``None``
- (String) This option is deprecated and may be removed in a future release. Single shared secret with the Keystone configuration used for bootstrapping a Keystone installation, or otherwise bypassing the normal authentication process. This option should not be used, use `admin_user` and `admin_password` instead.
* - ``signing_dir`` = ``None``
- (String) Directory used to cache files related to PKI tokens. This option has been deprecated in the Ocata release and will be removed in the P release.
- **Deprecated**
PKI token format is no longer supported.
* - ``check_revocations_for_cached`` = ``False``
- (Boolean) If true, the revocation list will be checked for cached tokens. This requires that PKI tokens are configured on the identity server.
- **Deprecated**
PKI token format is no longer supported.
* - ``auth_port`` = ``35357``
- (Integer) Port of the admin Identity API endpoint. Deprecated, use identity_uri.
* - ``auth_protocol`` = ``https``
- (String) Protocol of the admin Identity API endpoint. Deprecated, use identity_uri.
* - ``auth_uri`` = ``None``
- (String) Complete "public" Identity API endpoint. This endpoint should not be an "admin" endpoint, as it should be accessible by all end users. Unauthenticated clients are redirected to this endpoint to authenticate. Although this endpoint should ideally be unversioned, client support in the wild varies. If you're using a versioned v2 endpoint here, then this should *not* be the same endpoint the service user utilizes for validating tokens, because normal end users may not be able to reach that endpoint.
* - ``auth_version`` = ``None``
- (String) API version of the admin Identity API endpoint.
* - ``include_service_catalog`` = ``True``
- (Boolean) (Optional) Indicate whether to set the X-Service-Catalog header. If False, middleware will not ask for service catalog on token validation and will not set the X-Service-Catalog header.
* - ``memcached_servers`` = ``None``
- (List) Optionally specify a list of memcached server(s) to use for caching. If left undefined, tokens will instead be cached in-process.
* - ``cafile`` = ``None``
- (String) A PEM encoded Certificate Authority to use when verifying HTTPs connections. Defaults to system CAs.
* - ``hash_algorithms`` = ``md5``
- (List) Hash algorithms to use for hashing PKI tokens. This may be a single algorithm or multiple. The algorithms are those supported by Python standard hashlib.new(). The hashes will be tried in the order given, so put the preferred one first for performance. The result of the first hash will be stored in the cache. This will typically be set to multiple values only while migrating from a less secure algorithm to a more secure one. Once all the old tokens are expired this option should be set to a single value for better performance.
- **Deprecated**
PKI token format is no longer supported.
* - ``certfile`` = ``None``
- (String) Required if identity server requires client certificate
* - ``memcache_pool_dead_retry`` = ``300``
- (Integer) (Optional) Number of seconds memcached server is considered dead before it is tried again.
* - ``admin_tenant_name`` = ``admin``
- (String) Service tenant name.
* - ``token_cache_time`` = ``300``
- (Integer) In order to prevent excessive effort spent validating tokens, the middleware caches previously-seen tokens for a configurable duration (in seconds). Set to -1 to disable caching completely.
* - ``memcache_pool_conn_get_timeout`` = ``10``
- (Integer) (Optional) Number of seconds that an operation will wait to get a memcached client connection from the pool.
* - ``admin_password`` = ``None``
- (String) Service user password.
* - ``http_request_max_retries`` = ``3``
- (Integer) How many times are we trying to reconnect when communicating with Identity API Server.
* - ``service_token_roles`` = ``service``
- (List) A choice of roles that must be present in a service token. Service tokens are allowed to request that an expired token can be used and so this check should tightly control that only actual services should be sending this token. Roles here are applied as an ANY check so any role in this list must be present. For backwards compatibility reasons this currently only affects the allow_expired check.
* - ``memcache_secret_key`` = ``None``
- (String) (Optional, mandatory if memcache_security_strategy is defined) This string is used for key derivation.
* - ``admin_user`` = ``None``
- (String) Service username.
* - ``region_name`` = ``None``
- (String) The region in which the identity server can be found.
* - ``auth_admin_prefix`` =
- (String) Prefix to prepend at the beginning of the path. Deprecated, use identity_uri.
* - ``insecure`` = ``False``
- (Boolean) Verify HTTPS connections.
* - ``service_token_roles_required`` = ``False``
- (Boolean) For backwards compatibility reasons we must let valid service tokens pass that don't pass the service_token_roles check as valid. Setting this true will become the default in a future release and should be enabled if possible.
* - ``delay_auth_decision`` = ``False``
- (Boolean) Do not handle authorization requests within the middleware, but delegate the authorization decision to downstream WSGI components.
* - ``auth_host`` = ``127.0.0.1``
- (String) Host providing the admin Identity API endpoint. Deprecated, use identity_uri.
* - ``memcache_use_advanced_pool`` = ``False``
- (Boolean) (Optional) Use the advanced (eventlet safe) memcached client pool. The advanced pool will only work under python 2.x.
* - ``identity_uri`` = ``None``
- (String) Complete admin Identity API endpoint. This should specify the unversioned root endpoint e.g. https://localhost:35357/
* - ``revocation_cache_time`` = ``10``
- (Integer) Determines the frequency at which the list of revoked tokens is retrieved from the Identity service (in seconds). A high number of revocation events combined with a low cache duration may significantly reduce performance. Only valid for PKI tokens. This option has been deprecated in the Ocata release and will be removed in the P release.
- **Deprecated**
PKI token format is no longer supported.
* - ``memcache_pool_maxsize`` = ``10``
- (Integer) (Optional) Maximum total number of open connections to every memcached server.
* - ``auth_section`` = ``None``
- (Unknown) Config Section from which to load plugin specific options
* - ``enforce_token_bind`` = ``permissive``
- (String) Used to control the use and type of token binding. Can be set to: "disabled" to not check token binding. "permissive" (default) to validate binding information if the bind type is of a form known to the server and ignore it if not. "strict" like "permissive" but if the bind type is unknown the token will be rejected. "required" any form of token binding is needed to be allowed. Finally the name of a binding method that must be present in tokens.
* - ``memcache_security_strategy`` = ``None``
- (String) (Optional) If defined, indicate whether token data should be authenticated or authenticated and encrypted. If MAC, token data is authenticated (with HMAC) in the cache. If ENCRYPT, token data is encrypted and authenticated in the cache. If the value is not one of these options or empty, auth_token will raise an exception on initialization.
* - ``memcache_pool_unused_timeout`` = ``60``
- (Integer) (Optional) Number of seconds a connection to memcached is held unused in the pool before it is closed.
* - ``http_connect_timeout`` = ``None``
- (Integer) Request timeout value for communicating with Identity API server.
* - ``keyfile`` = ``None``
- (String) Required if identity server requires client certificate

40
doc/config-reference/source/tables/nova-ldap.rst
View File

@ -1,40 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-ldap:
.. list-table:: Description of LDAP configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``ldap_dns_base_dn`` = ``ou=hosts,dc=example,dc=org``
- (String) Base DN for DNS entries in LDAP
* - ``ldap_dns_password`` = ``password``
- (String) Password for LDAP DNS
* - ``ldap_dns_servers`` = ``['dns.example.org']``
- (Multi-valued) DNS Servers for LDAP DNS driver
* - ``ldap_dns_soa_expiry`` = ``86400``
- (String) Expiry interval (in seconds) for LDAP DNS driver Statement of Authority
* - ``ldap_dns_soa_hostmaster`` = ``hostmaster@example.org``
- (String) Hostmaster for LDAP DNS driver Statement of Authority
* - ``ldap_dns_soa_minimum`` = ``7200``
- (String) Minimum interval (in seconds) for LDAP DNS driver Statement of Authority
* - ``ldap_dns_soa_refresh`` = ``1800``
- (String) Refresh interval (in seconds) for LDAP DNS driver Statement of Authority
* - ``ldap_dns_soa_retry`` = ``3600``
- (String) Retry interval (in seconds) for LDAP DNS driver Statement of Authority
* - ``ldap_dns_url`` = ``ldap://ldap.example.com:389``
- (String) URL for LDAP server which will store DNS entries
* - ``ldap_dns_user`` = ``uid=admin,ou=people,dc=example,dc=org``
- (String) User for LDAP DNS

798
doc/config-reference/source/tables/nova-libvirt.rst
View File

@ -10,109 +10,113 @@
.. _nova-libvirt:
.. list-table:: Description of Libvirt configuration options
.. list-table:: Description of libvirt configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``remove_unused_base_images`` = ``True``
- (Boolean) Should unused base images be removed?
* - ``remove_unused_original_minimum_age_seconds`` = ``86400``
- (Integer) Unused unresized base images younger than this will not be removed
* - **[libvirt]**
-
* - ``checksum_base_images`` = ``False``
- (Boolean) DEPRECATED: Write a checksum for files in _base to disk The image cache no longer periodically calculates checksums of stored images. Data integrity can be checked at the block or filesystem level.
* - ``checksum_interval_seconds`` = ``3600``
- (Integer) DEPRECATED: How frequently to checksum base images The image cache no longer periodically calculates checksums of stored images. Data integrity can be checked at the block or filesystem level.
* - ``connection_uri`` =
- (String) Overrides the default libvirt URI of the chosen virtualization type.
If set, Nova will use this URI to connect to libvirt.
* - ``sysinfo_serial`` = ``auto``
Possible values:
- (String) The data source used to the populate the host "serial" UUID exposed to guest in the virtual BIOS.
* An URI like ``qemu:///system`` or ``xen+ssh://oirase/`` for example. This is only necessary if the URI differs to the commonly known URIs for the chosen virtualization type.
* - ``images_rbd_pool`` = ``rbd``
Related options:
- (String) The RADOS pool in which rbd volumes are stored
* ``virt_type``: Influences what is used as default value here.
* - ``cpu_mode`` = ``None``
- (String) Is used to set the CPU mode an instance should have.
* - ``num_iscsi_scan_tries`` = ``5``
If virt_type="kvm|qemu", it will default to "host-model", otherwise it will default to "none".
- (Integer) Number of times to scan iSCSI target to find volume.
Possible values:
* - ``smbfs_mount_options`` =
* ``host-model``: Clones the host CPU feature flags.
- (String) Mount options passed to the SMBFS client.
* ``host-passthrough``: Use the host CPU model exactly;
Provide SMBFS options as a single string containing all parameters. See mount.cifs man page for details. Note that the libvirt-qemu ``uid`` and ``gid`` must be specified.
* ``custom``: Use a named CPU model;
* ``none``: Not set any CPU model.
Related options:
* ``cpu_model``: If ``custom`` is used for ``cpu_mode``, set this config option too, otherwise this would result in an error and the instance won't be launched.
* - ``cpu_model`` = ``None``
- (String) Set the name of the libvirt CPU model the instance should use.
Possible values:
* The names listed in /usr/share/libvirt/cpu_map.xml
Related options:
* ``cpu_mode``: Don't set this when ``cpu_mode`` is NOT set to ``custom``. This would result in an error and the instance won't be launched.
* ``virt_type``: Only the virtualization types ``kvm`` and ``qemu`` use this.
* - ``disk_cachemodes`` =
- (List) Specific cachemodes to use for different disk types e.g: file=directsync,block=none
* - ``disk_prefix`` = ``None``
- (String) Override the default disk prefix for the devices attached to an instance.
If set, this is used to identify a free disk device name for a bus.
Possible values:
* Any prefix which will result in a valid disk device name like 'sda' or 'hda' for example. This is only necessary if the device names differ to the commonly known device name prefixes for a virtualization type such as: sd, xvd, uvd, vd.
Related options:
* ``virt_type``: Influences which device type is used, which determines the default disk prefix.
* - ``enabled_perf_events`` =
- (List) This is a performance event list which could be used as monitor. These events will be passed to libvirt domain xml while creating a new instances. Then event statistics data can be collected from libvirt. The minimum libvirt version is 2.0.0. For more information about `Performance monitoring events`, refer https://libvirt.org/formatdomain.html#elementsPerf .
* Possible values: A string list. For example: ``enabled_perf_events = cmt, mbml, mbmt``
Possible values:
The supported events list can be found in https://libvirt.org/html/libvirt-libvirt-domain.html , which you may need to search key words ``VIR_PERF_PARAM_*``
* A string list. For example: ``enabled_perf_events = cmt, mbml, mbmt`` The supported events list can be found in https://libvirt.org/html/libvirt-libvirt-domain.html , which you may need to search key words ``VIR_PERF_PARAM_*``
* Services that use this:
* - ``live_migration_uri`` = ``None``
``nova-compute``
- (String) Live migration target URI to use.
Override the default libvirt live migration target URI (which is dependent on virt_type). Any included "%s" is replaced with the migration target hostname.
If this option is set to None (which is the default), Nova will automatically generate the `live_migration_uri` value based on only 3 supported `virt_type` in following list:
* 'kvm': 'qemu+tcp://%s/system'
* 'qemu': 'qemu+tcp://%s/system'
* 'xen': 'xenmigr://%s/system'
Related options:
* ``live_migration_inbound_addr``: If ``live_migration_inbound_addr`` value is not None, the ip/hostname address of target compute node is used instead of ``live_migration_uri`` as the uri for live migration.
* ``live_migration_scheme``: If ``live_migration_uri`` is not set, the scheme used for live migration is taken from ``live_migration_scheme`` instead.
- **Deprecated**
live_migration_uri is deprecated for removal in favor of two other options that allow to change live migration scheme and target URI: ``live_migration_scheme`` and ``live_migration_inbound_addr`` respectively.
* - ``realtime_scheduler_priority`` = ``1``
- (Integer) In a realtime host context vCPUs for guest will run in that scheduling priority. Priority depends on the host kernel (usually 1-99)
* - ``checksum_base_images`` = ``False``
- (Boolean) Write a checksum for files in _base to disk
- **Deprecated**
The image cache no longer periodically calculates checksums of stored images. Data integrity can be checked at the block or filesystem level.
* - ``live_migration_tunnelled`` = ``False``
- (Boolean) Enable tunnelled migration.
This option enables the tunnelled migration feature, where migration data is transported over the libvirtd connection. If enabled, we use the VIR_MIGRATE_TUNNELLED migration flag, avoiding the need to configure the network to allow direct hypervisor to hypervisor communication. If False, use the native transport. If not set, Nova will choose a sensible default based on, for example the availability of native encryption support in the hypervisor. Enable this option will definitely impact performance massively.
Note that this option is NOT compatible with use of block migration.
Possible values:
* Supersedes and (if set) overrides the deprecated 'live_migration_flag' and 'block_migration_flag' to enable tunneled migration.
* - ``checksum_interval_seconds`` = ``3600``
- (Integer) How frequently to checksum base images
- **Deprecated**
The image cache no longer periodically calculates checksums of stored images. Data integrity can be checked at the block or filesystem level.
* - ``rescue_image_id`` = ``None``
- (String) The ID of the image to boot from to rescue data from a corrupted instance.
If the rescue REST API operation doesn't provide an ID of an image to use, the image which is referenced by this ID is used. If this option is not set, the image from the instance is used.
Possible values:
* An ID of an image or nothing. If it points to an *Amazon Machine Image* (AMI), consider to set the config options ``rescue_kernel_id`` and ``rescue_ramdisk_id`` too. If nothing is set, the image of the instance is used.
Related options:
* ``rescue_kernel_id``: If the chosen rescue image allows the separate definition of its kernel disk, the value of this option is used, if specified. This is the case when *Amazon*'s AMI/AKI/ARI image format is used for the rescue image.
* ``rescue_ramdisk_id``: If the chosen rescue image allows the separate definition of its RAM disk, the value of this option is used if, specified. This is the case when *Amazon*'s AMI/AKI/ARI image format is used for the rescue image.
* Related options: None
* - ``gid_maps`` =
- (List) List of guid targets and ranges.Syntax is guest-gid:host-gid:countMaximum of 5 allowed.
* - ``hw_disk_discard`` = ``None``
- (String) Discard option for nova managed disks. Need Libvirt(1.0.6) Qemu1.5 (raw format) Qemu1.6(qcow2 format)
* - ``hw_machine_type`` = ``None``
- (List) For qemu or KVM guests, set this option to specify a default machine type per host architecture. You can find a list of supported machine types in your environment by checking the output of the "virsh capabilities"command. The format of the value for this config option is host-arch=machine-type. For example: x86_64=machinetype1,armv7l=machinetype2
* - ``image_info_filename_pattern`` = ``$instances_path/$image_cache_subdirectory_name/%(image)s.info``
- (String) DEPRECATED: Allows image information files to be stored in non-standard locations Image info files are no longer used by the image cache
* - ``images_rbd_ceph_conf`` =
- (String) Path to the ceph configuration file to use
* - ``images_rbd_pool`` = ``rbd``
- (String) The RADOS pool in which rbd volumes are stored
* - ``images_type`` = ``default``
- (String) VM Images format. If default is specified, then use_cow_images flag is used instead of this one.
* - ``images_volume_group`` = ``None``
- (String) LVM Volume Group that is used for VM images, when you specify images_type=lvm.
* - ``inject_key`` = ``False``
- (Boolean) Allow the injection of an SSH key at boot time.
There is no agent needed within the image to do this. If *libguestfs* is available on the host, it will be used. Otherwise *nbd* is used. The file system of the image will be mounted and the SSH key, which is provided in the REST API call will be injected as SSH key for the root user and appended to the ``authorized_keys`` of that user. The SELinux context will be set if necessary. Be aware that the injection is *not* possible when the instance gets launched from a volume.
@ -122,7 +126,45 @@
Related options:
* ``inject_partition``: That option will decide about the discovery and usage of the file system. It also can disable the injection at all.
* - ``uid_maps`` =
- (List) List of uid targets and ranges.Syntax is guest-uid:host-uid:countMaximum of 5 allowed.
* - ``hw_disk_discard`` = ``None``
- (String) Discard option for nova managed disks.
Requires:
* Libvirt >= 1.0.6
* Qemu >= 1.5 (raw format)
* Qemu >= 1.6 (qcow2 format)
* - ``live_migration_downtime`` = ``500``
- (Integer) Maximum permitted downtime, in milliseconds, for live migration switchover.
Will be rounded up to a minimum of 100ms. You can increase this value if you want to allow live-migrations to complete faster, or avoid live-migration timeout errors by allowing the guest to be paused for longer during the live-migration switch over.
Related options:
* live_migration_completion_timeout
* - ``vzstorage_mount_group`` = ``qemu``
- (String) Mount owner group name.
This option defines the owner group of Vzstorage cluster mountpoint.
Related options:
* vzstorage_mount_* group of parameters
* - ``inject_partition`` = ``-2``
- (Integer) Determines the way how the file system is chosen to inject data into it.
*libguestfs* will be used a first solution to inject data. If that's not available on the host, the image will be locally mounted on the host as a fallback solution. If libguestfs is not able to determine the root partition (because there are more or less than one root partition) or cannot mount the file system it will result in an error and the instance won't be boot.
@ -146,7 +188,55 @@
* ``guestfs`` You can enable the debug log level of libguestfs with this config option. A more verbose output will help in debugging issues.
* ``virt_type``: If you use ``lxc`` as virt_type it will be treated as a single partition image
* - ``connection_uri`` =
- (String) Overrides the default libvirt URI of the chosen virtualization type.
If set, Nova will use this URI to connect to libvirt.
Possible values:
* An URI like ``qemu:///system`` or ``xen+ssh://oirase/`` for example. This is only necessary if the URI differs to the commonly known URIs for the chosen virtualization type.
Related options:
* ``virt_type``: Influences what is used as default value here.
* - ``num_aoe_discover_tries`` = ``3``
- (Integer) Number of times to rediscover AoE target to find volume.
Nova provides support for block storage attaching to hosts via AOE (ATA over Ethernet). This option allows the user to specify the maximum number of retry attempts that can be made to discover the AoE device.
* - ``volume_clear`` = ``zero``
- (String) Method used to wipe ephemeral disks when they are deleted. Only takes effect if LVM is set as backing storage.
Possible values:
* none - do not wipe deleted volumes
* zero - overwrite volumes with zeroes
* shred - overwrite volume repeatedly
Related options:
* images_type - must be set to ``lvm``
* volume_clear_size
* - ``snapshots_directory`` = ``$instances_path/snapshots``
- (String) Location where libvirt driver will store snapshots before uploading them to image service
* - ``wait_soft_reboot_seconds`` = ``120``
- (Integer) Number of seconds to wait for instance to shut down after soft reboot request is made. We fall back to hard reboot if instance does not shutdown within this window.
* - ``inject_password`` = ``False``
- (Boolean) Allow the injection of an admin password for instance only at ``create`` and ``rebuild`` process.
There is no agent needed within the image to do this. If *libguestfs* is available on the host, it will be used. Otherwise *nbd* is used. The file system of the image will be mounted and the admin password, which is provided in the REST API call will be injected as password for the root user. If no root user is available, the instance won't be launched and an error is thrown. Be aware that the injection is *not* possible when the instance gets launched from a volume.
@ -160,70 +250,192 @@
Related options:
* ``inject_partition``: That option will decide about the discovery and usage of the file system. It also can disable the injection at all.
* - ``iscsi_iface`` = ``None``
- (String) The iSCSI transport iface to use to connect to target in case offload support is desired. Default format is of the form <transport_name>.<hwaddress> where <transport_name> is one of (be2iscsi, bnx2i, cxgb3i, cxgb4i, qla4xxx, ocs) and <hwaddress> is the MAC address of the interface and can be generated via the iscsiadm -m iface command. Do not confuse the iscsi_iface parameter to be provided here with the actual transport name.
* - ``iser_use_multipath`` = ``False``
- (Boolean) Use multipath connection of the iSER volume
* - ``mem_stats_period_seconds`` = ``10``
- (Integer) A number of seconds to memory usage statistics period. Zero or negative value mean to disable memory usage statistics.
* - ``realtime_scheduler_priority`` = ``1``
- (Integer) In a realtime host context vCPUs for guest will run in that scheduling priority. Priority depends on the host kernel (usually 1-99)
* - ``remove_unused_resized_minimum_age_seconds`` = ``3600``
- (Integer) Unused resized base images younger than this will not be removed
* - ``rescue_image_id`` = ``None``
- (String) The ID of the image to boot from to rescue data from a corrupted instance.
If the rescue REST API operation doesn't provide an ID of an image to use, the image which is referenced by this ID is used. If this option is not set, the image from the instance is used.
* - ``live_migration_permit_post_copy`` = ``False``
Possible values:
- (Boolean) This option allows nova to switch an on-going live migration to post-copy mode, i.e., switch the active VM to the one on the destination node before the migration is complete, therefore ensuring an upper bound on the memory that needs to be transferred. Post-copy requires libvirt>=1.3.3 and QEMU>=2.5.0.
* An ID of an image or nothing. If it points to an *Amazon Machine Image* (AMI), consider to set the config options ``rescue_kernel_id`` and ``rescue_ramdisk_id`` too. If nothing is set, the image of the instance is used.
When permitted, post-copy mode will be automatically activated if a live-migration memory copy iteration does not make percentage increase of at least 10% over the last iteration.
The live-migration force complete API also uses post-copy when permitted. If post-copy mode is not available, force complete falls back to pausing the VM to ensure the live-migration operation will complete.
When using post-copy mode, if the source and destination hosts loose network connectivity, the VM being live-migrated will need to be rebooted. For more details, please see the Administration guide.
Related options:
* ``rescue_kernel_id``: If the chosen rescue image allows the separate definition of its kernel disk, the value of this option is used, if specified. This is the case when *Amazon*'s AMI/AKI/ARI image format is used for the rescue image.
* live_migration_permit_auto_converge
* ``rescue_ramdisk_id``: If the chosen rescue image allows the separate definition of its RAM disk, the value of this option is used if, specified. This is the case when *Amazon*'s AMI/AKI/ARI image format is used for the rescue image.
* - ``rescue_kernel_id`` = ``None``
- (String) The ID of the kernel (AKI) image to use with the rescue image.
* - ``quobyte_mount_point_base`` = ``$state_path/mnt``
If the chosen rescue image allows the separate definition of its kernel disk, the value of this option is used, if specified. This is the case when *Amazon*'s AMI/AKI/ARI image format is used for the rescue image.
- (String) Directory where the Quobyte volume is mounted on the compute node.
Nova supports Quobyte volume driver that enables storing Block Storage service volumes on a Quobyte storage back end. This Option sepcifies the path of the directory where Quobyte volume is mounted.
Possible values:
* An ID of an kernel image or nothing. If nothing is specified, the kernel disk from the instance is used if it was launched with one.
* A string representing absolute path of mount point.
Related options:
* - ``cpu_mode`` = ``None``
* ``rescue_image_id``: If that option points to an image in *Amazon*'s AMI/AKI/ARI image format, it's useful to use ``rescue_kernel_id`` too.
* - ``rescue_ramdisk_id`` = ``None``
- (String) The ID of the RAM disk (ARI) image to use with the rescue image.
- (String) Is used to set the CPU mode an instance should have.
If the chosen rescue image allows the separate definition of its RAM disk, the value of this option is used, if specified. This is the case when *Amazon*'s AMI/AKI/ARI image format is used for the rescue image.
If virt_type="kvm|qemu", it will default to "host-model", otherwise it will default to "none".
Possible values:
* An ID of a RAM disk image or nothing. If nothing is specified, the RAM disk from the instance is used if it was launched with one.
* ``host-model``: Clones the host CPU feature flags.
* ``host-passthrough``: Use the host CPU model exactly;
* ``custom``: Use a named CPU model;
* ``none``: Not set any CPU model.
Related options:
* ``rescue_image_id``: If that option points to an image in *Amazon*'s AMI/AKI/ARI image format, it's useful to use ``rescue_ramdisk_id`` too.
* - ``rng_dev_path`` = ``None``
- (String) A path to a device that will be used as source of entropy on the host. Permitted options are: /dev/random or /dev/hwrng
* - ``snapshot_compression`` = ``False``
- (Boolean) Compress snapshot images when possible. This currently applies exclusively to qcow2 images
* ``cpu_model``: If ``custom`` is used for ``cpu_mode``, set this config option too, otherwise this would result in an error and the instance won't be launched.
* - ``vzstorage_mount_opts`` =
- (List) Extra mount options for pstorage-mount
For full description of them, see https://static.openvz.org/vz-man/man1/pstorage-mount.1.gz.html Format is a python string representation of arguments list, like: "['-v', '-R', '500']" Shouldn't include -c, -l, -C, -u, -g and -m as those have explicit vzstorage_* options.
Related options:
* All other vzstorage_* options
* - ``glusterfs_mount_point_base`` = ``$state_path/mnt``
- (String) Absolute path to the directory where the glusterfs volume is mounted on the compute node.
* - ``volume_use_multipath`` = ``False``
- (Boolean) Use multipath connection of the iSCSI or FC volume
Volumes can be connected in the LibVirt as multipath devices. This will provide high availability and fault tolerance.
* - ``xen_hvmloader_path`` = ``/usr/lib/xen/boot/hvmloader``
- (String) Location where the Xen hvmloader is kept
* - ``live_migration_bandwidth`` = ``0``
- (Integer) Maximum bandwidth(in MiB/s) to be used during migration.
If set to 0, the hypervisor will choose a suitable default. Some hypervisors do not support this feature and will return an error if bandwidth is not 0. Please refer to the libvirt documentation for further details.
* - ``snapshot_image_format`` = ``None``
- (String) Snapshot image format. Defaults to same as source image
* - ``snapshots_directory`` = ``$instances_path/snapshots``
- (String) Location where libvirt driver will store snapshots before uploading them to image service
* - ``sparse_logical_volumes`` = ``False``
- (Boolean) Create sparse logical volumes (with virtualsize) if this flag is set to True.
* - ``sysinfo_serial`` = ``auto``
- (String) The data source used to the populate the host "serial" UUID exposed to guest in the virtual BIOS.
* - ``uid_maps`` =
- (List) List of uid targets and ranges.Syntax is guest-uid:host-uid:countMaximum of 5 allowed.
- (String) Determine the snapshot image format when sending to the image service.
If set, this decides what format is used when sending the snapshot to the image service. If not set, defaults to same type as source image.
Possible values:
* ``raw``: RAW disk format
* ``qcow2``: KVM default disk format
* ``vmdk``: VMWare default disk format
* ``vdi``: VirtualBox default disk format
* If not set, defaults to same type as source image.
* - ``vzstorage_mount_user`` = ``stack``
- (String) Mount owner user name.
This option defines the owner user of Vzstorage cluster mountpoint.
Related options:
* vzstorage_mount_* group of parameters
* - ``live_migration_scheme`` = ``None``
- (String) Schema used for live migration.
Override the default libvirt live migration scheme (which is dependant on virt_type). If this option is set to None, nova will automatically choose a sensible default based on the hypervisor. It is not recommended that you change this unless you are very sure that hypervisor supports a particular scheme.
Related options:
* ``virt_type``: This option is meaningful only when ``virt_type`` is set to `kvm` or `qemu`.
* ``live_migration_uri``: If ``live_migration_uri`` value is not None, the scheme used for live migration is taken from ``live_migration_uri`` instead.
* - ``snapshot_compression`` = ``False``
- (Boolean) Enable snapshot compression for ``qcow2`` images.
Note: you can set ``snapshot_image_format`` to ``qcow2`` to force all snapshots to be in ``qcow2`` format, independently from their original image type.
Related options:
* snapshot_image_format
* - ``vzstorage_cache_path`` = ``None``
- (String) Path to the SSD cache file.
You can attach an SSD drive to a client and configure the drive to store a local cache of frequently accessed data. By having a local cache on a client's SSD drive, you can increase the overall cluster performance by up to 10 and more times. WARNING! There is a lot of SSD models which are not server grade and may loose arbitrary set of data changes on power loss. Such SSDs should not be used in Vstorage and are dangerous as may lead to data corruptions and inconsistencies. Please consult with the manual on which SSD models are known to be safe or verify it using vstorage-hwflush-check(1) utility.
This option defines the path which should include "%(cluster_name)s" template to separate caches from multiple shares.
Related options:
* vzstorage_mount_opts may include more detailed cache options.
* - ``gid_maps`` =
- (List) List of guid targets and ranges.Syntax is guest-gid:host-gid:countMaximum of 5 allowed.
* - ``disk_cachemodes`` =
- (List) Specific cachemodes to use for different disk types e.g: file=directsync,block=none
* - ``live_migration_progress_timeout`` = ``0``
- (Integer) Time to wait, in seconds, for migration to make forward progress in transferring data before aborting the operation.
Set to 0 to disable timeouts.
This is deprecated, and now disabled by default because we have found serious bugs in this feature that caused false live-migration timeout failures. This feature will be removed or replaced in a future release.
- **Deprecated**
Serious bugs found in this feature.
- **Mutable**
This option can be changed without restarting.
* - ``nfs_mount_point_base`` = ``$state_path/mnt``
- (String) Directory where the NFS volume is mounted on the compute node. The default is 'mnt' directory of the location where nova's Python module is installed.
NFS provides shared storage for the OpenStack Block Storage service.
Possible values:
* A string representing absolute path of mount point.
* - ``live_migration_inbound_addr`` = ``None``
- (String) The IP address or hostname to be used as the target for live migration traffic.
If this option is set to None, the hostname of the migration target compute node will be used.
This option is useful in environments where the live-migration traffic can impact the network plane significantly. A separate network for live-migration traffic can then use this config option and avoids the impact on the management network.
Possible values:
* A valid IP address or hostname, else None.
* - ``use_usb_tablet`` = ``True``
- (Boolean) DEPRECATED: Enable a mouse cursor within a graphical VNC or SPICE sessions.
- (Boolean) Enable a mouse cursor within a graphical VNC or SPICE sessions.
This will only be taken into account if the VM is fully virtualized and VNC and/or SPICE is enabled. If the node doesn't support a graphical framebuffer, then it is valid to set this to False.
@ -231,10 +443,14 @@
* ``[vnc]enabled``: If VNC is enabled, ``use_usb_tablet`` will have an effect.
* ``[spice]enabled`` + ``[spice].agent_enabled``: If SPICE is enabled and the spice agent is disabled, the config value of ``use_usb_tablet`` will have an effect. This option is being replaced by the 'pointer_model' option.
* - ``use_virtio_for_bridges`` = ``True``
- (Boolean) Use virtio for bridge interfaces with KVM/QEMU
* ``[spice]enabled`` + ``[spice].agent_enabled``: If SPICE is enabled and the spice agent is disabled, the config value of ``use_usb_tablet`` will have an effect.
- **Deprecated**
This option is being replaced by the 'pointer_model' option.
* - ``virt_type`` = ``kvm``
- (String) Describes the virtualization type (or so called domain type) libvirt should use.
The choice of this type must match the underlying virtualization strategy you have chosen for this host.
@ -252,97 +468,289 @@
* ``cpu_mode``: depends on this
* ``cpu_model``: depends on this
* - ``volume_clear`` = ``zero``
- (String) Method used to wipe old volumes.
* - ``volume_clear_size`` = ``0``
- (Integer) Size in MiB to wipe at start of old volumes. 0 => all
* - ``volume_use_multipath`` = ``False``
- (Boolean) Use multipath connection of the iSCSI or FC volume
* - ``vzstorage_cache_path`` = ``None``
- (String) Path to the SSD cache file.
You can attach an SSD drive to a client and configure the drive to store a local cache of frequently accessed data. By having a local cache on a client's SSD drive, you can increase the overall cluster performance by up to 10 and more times. WARNING! There is a lot of SSD models which are not server grade and may loose arbitrary set of data changes on power loss. Such SSDs should not be used in Vstorage and are dangerous as may lead to data corruptions and inconsistencies. Please consult with the manual on which SSD models are known to be safe or verify it using vstorage-hwflush-check(1) utility.
* - ``rbd_user`` = ``None``
This option defines the path which should include "%(cluster_name)s" template to separate caches from multiple shares.
- (String) The RADOS client name for accessing rbd(RADOS Block Devices) volumes.
* Services that use this:
Libvirt will refer to this user when connecting and authenticating with the Ceph RBD server.
``nova-compute``
* - ``rescue_kernel_id`` = ``None``
* Related options:
- (String) The ID of the kernel (AKI) image to use with the rescue image.
vzstorage_mount_opts may include more detailed cache options.
* - ``vzstorage_log_path`` = ``/var/log/pstorage/%(cluster_name)s/nova.log.gz``
- (String) Path to vzstorage client log.
If the chosen rescue image allows the separate definition of its kernel disk, the value of this option is used, if specified. This is the case when *Amazon*'s AMI/AKI/ARI image format is used for the rescue image.
This option defines the log of cluster operations, it should include "%(cluster_name)s" template to separate logs from multiple shares.
Possible values:
* Services that use this:
* An ID of an kernel image or nothing. If nothing is specified, the kernel disk from the instance is used if it was launched with one.
``nova-compute``
Related options:
* Related options:
* ``rescue_image_id``: If that option points to an image in *Amazon*'s AMI/AKI/ARI image format, it's useful to use ``rescue_kernel_id`` too.
vzstorage_mount_opts may include more detailed logging options.
* - ``vzstorage_mount_group`` = ``qemu``
- (String) Mount owner group name.
This option defines the owner group of Vzstorage cluster mountpoint.
* Services that use this:
``nova-compute``
* Related options:
vzstorage_mount_* group of parameters
* - ``vzstorage_mount_opts`` =
- (List) Extra mount options for pstorage-mount
For full description of them, see https://static.openvz.org/vz-man/man1/pstorage-mount.1.gz.html Format is a python string representation of arguments list, like: "['-v', '-R', '500']" Shouldn't include -c, -l, -C, -u, -g and -m as those have explicit vzstorage_* options.
* Services that use this:
``nova-compute``
* Related options:
All other vzstorage_* options
* - ``vzstorage_mount_perms`` = ``0770``
- (String) Mount access mode.
This option defines the access bits of Vzstorage cluster mountpoint, in the format similar to one of chmod(1) utility, like this: 0770. It consists of one to four digits ranging from 0 to 7, with missing lead digits assumed to be 0's.
* Services that use this:
``nova-compute``
* Related options:
vzstorage_mount_* group of parameters
* - ``vzstorage_mount_point_base`` = ``$state_path/mnt``
- (String) Directory where the Virtuozzo Storage clusters are mounted on the compute node.
This option defines non-standard mountpoint for Vzstorage cluster.
* Services that use this:
Related options:
``nova-compute``
* vzstorage_mount_* group of parameters
* Related options:
* - ``cpu_model`` = ``None``
vzstorage_mount_* group of parameters
* - ``vzstorage_mount_user`` = ``stack``
- (String) Mount owner user name.
- (String) Set the name of the libvirt CPU model the instance should use.
This option defines the owner user of Vzstorage cluster mountpoint.
Possible values:
* Services that use this:
* The names listed in /usr/share/libvirt/cpu_map.xml
``nova-compute``
Related options:
* Related options:
* ``cpu_mode``: Don't set this when ``cpu_mode`` is NOT set to ``custom``. This would result in an error and the instance won't be launched.
vzstorage_mount_* group of parameters
* - ``wait_soft_reboot_seconds`` = ``120``
- (Integer) Number of seconds to wait for instance to shut down after soft reboot request is made. We fall back to hard reboot if instance does not shutdown within this window.
* ``virt_type``: Only the virtualization types ``kvm`` and ``qemu`` use this.
* - ``quobyte_client_cfg`` = ``None``
- (String) Path to a Quobyte Client configuration file.
* - ``scality_sofs_config`` = ``None``
- (String) Path or URL to Scality SOFS(Scale-Out File Server) configuration file.
The Scality SOFS provides OpenStack users the option of storing their data on a high capacity, replicated, highly available Scality Ring object storage cluster.
* - ``remote_filesystem_transport`` = ``ssh``
- (String) libvirt's transport method for remote file operations.
Because libvirt cannot use RPC to copy files over network to/from other compute nodes, other method must be used for:
* creating directory on remote host
* creating file on remote host
* removing file from remote host
* copying file to remote host
* - ``live_migration_downtime_delay`` = ``75``
- (Integer) Time to wait, in seconds, between each step increase of the migration downtime.
Minimum delay is 10 seconds. Value is per GiB of guest RAM + disk to be transferred, with lower bound of a minimum of 2 GiB per device.
* - ``disk_prefix`` = ``None``
- (String) Override the default disk prefix for the devices attached to an instance.
If set, this is used to identify a free disk device name for a bus.
Possible values:
* Any prefix which will result in a valid disk device name like 'sda' or 'hda' for example. This is only necessary if the device names differ to the commonly known device name prefixes for a virtualization type such as: sd, xvd, uvd, vd.
Related options:
* ``virt_type``: Influences which device type is used, which determines the default disk prefix.
* - ``images_type`` = ``default``
- (String) VM Images format.
If default is specified, then use_cow_images flag is used instead of this one.
Related options:
* virt.use_cow_images
* images_volume_group
* - ``iscsi_iface`` = ``None``
- (String) The iSCSI transport iface to use to connect to target in case offload support is desired.
Default format is of the form <transport_name>.<hwaddress> where <transport_name> is one of (be2iscsi, bnx2i, cxgb3i, cxgb4i, qla4xxx, ocs) and <hwaddress> is the MAC address of the interface and can be generated via the iscsiadm -m iface command. Do not confuse the iscsi_iface parameter to be provided here with the actual transport name.
* - ``vzstorage_mount_perms`` = ``0770``
- (String) Mount access mode.
This option defines the access bits of Vzstorage cluster mountpoint, in the format similar to one of chmod(1) utility, like this: 0770. It consists of one to four digits ranging from 0 to 7, with missing lead digits assumed to be 0's.
Related options:
* vzstorage_mount_* group of parameters
* - ``use_virtio_for_bridges`` = ``True``
- (Boolean) Use virtio for bridge interfaces with KVM/QEMU
* - ``nfs_mount_options`` = ``None``
- (String) Mount options passed to the NFS client. See section of the nfs man page for details.
Mount options controls the way the filesystem is mounted and how the NFS client behaves when accessing files on this mount point.
Possible values:
* Any string representing mount options separated by commas.
* Example string: vers=3,lookupcache=pos
* - ``image_info_filename_pattern`` = ``$instances_path/$image_cache_subdirectory_name/%(image)s.info``
- (String) Allows image information files to be stored in non-standard locations
- **Deprecated**
Image info files are no longer used by the image cache
* - ``vzstorage_log_path`` = ``/var/log/pstorage/%(cluster_name)s/nova.log.gz``
- (String) Path to vzstorage client log.
This option defines the log of cluster operations, it should include "%(cluster_name)s" template to separate logs from multiple shares.
Related options:
* vzstorage_mount_opts may include more detailed logging options.
* - ``rng_dev_path`` = ``None``
- (String) A path to a device that will be used as source of entropy on the host. Permitted options are: /dev/random or /dev/hwrng
* - ``images_volume_group`` = ``None``
- (String) LVM Volume Group that is used for VM images, when you specify images_type=lvm
Related options:
* images_type
* - ``hw_machine_type`` = ``None``
- (List) For qemu or KVM guests, set this option to specify a default machine type per host architecture. You can find a list of supported machine types in your environment by checking the output of the "virsh capabilities"command. The format of the value for this config option is host-arch=machine-type. For example: x86_64=machinetype1,armv7l=machinetype2
* - ``qemu_allowed_storage_drivers`` =
- (List) Protocols listed here will be accessed directly from QEMU.
If gluster is present in qemu_allowed_storage_drivers, glusterfs's backend will pass a disk configuration to QEMU. This allows QEMU to access the volume using libgfapi rather than mounting GlusterFS via fuse.
Possible values:
* [gluster]
* - ``num_iser_scan_tries`` = ``5``
- (Integer) Number of times to scan iSER target to find volume.
iSER is a server network protocol that extends iSCSI protocol to use Remote Direct Memory Access (RDMA). This option allows the user to specify the maximum number of scan attempts that can be made to find iSER volume.
* - ``iser_use_multipath`` = ``False``
- (Boolean) Use multipath connection of the iSER volume.
iSER volumes can be connected as multipath devices. This will provide high availability and fault tolerance.
* - ``rescue_ramdisk_id`` = ``None``
- (String) The ID of the RAM disk (ARI) image to use with the rescue image.
If the chosen rescue image allows the separate definition of its RAM disk, the value of this option is used, if specified. This is the case when *Amazon*'s AMI/AKI/ARI image format is used for the rescue image.
Possible values:
* An ID of a RAM disk image or nothing. If nothing is specified, the RAM disk from the instance is used if it was launched with one.
Related options:
* ``rescue_image_id``: If that option points to an image in *Amazon*'s AMI/AKI/ARI image format, it's useful to use ``rescue_ramdisk_id`` too.
* - ``live_migration_downtime_steps`` = ``10``
- (Integer) Number of incremental steps to reach max downtime value.
Will be rounded up to a minimum of 3 steps.
* - ``rbd_secret_uuid`` = ``None``
- (String) The libvirt UUID of the secret for the rbd_user volumes.
* - ``remove_unused_resized_minimum_age_seconds`` = ``3600``
- (Integer) Unused resized base images younger than this will not be removed
* - ``scality_sofs_mount_point`` = ``$state_path/scality``
- (String) Base dir where Scality SOFS shall be mounted.
The Scality volume driver in Nova mounts SOFS and lets the hypervisor access the volumes.
Possible values:
* $state_path/scality where state_path is a config option that specifies the top-level directory for maintaining nova's state or Any string containing the full directory path.
* - ``volume_clear_size`` = ``0``
- (Integer) Size of area in MiB, counting from the beginning of the allocated volume, that will be cleared using method set in ``volume_clear`` option.
Possible values:
* 0 - clear whole volume
* >0 - clear specified amount of MiB
Related options:
* images_type - must be set to ``lvm``
* volume_clear - must be set and the value must be different than ``none`` for this option to have any impact
* - ``sparse_logical_volumes`` = ``False``
- (Boolean) Create sparse logical volumes (with virtualsize) if this flag is set to True.
* - ``images_rbd_ceph_conf`` =
- (String) Path to the ceph configuration file to use
* - ``live_migration_completion_timeout`` = ``800``
- (Integer) Time to wait, in seconds, for migration to successfully complete transferring data before aborting the operation.
Value is per GiB of guest RAM + disk to be transferred, with lower bound of a minimum of 2 GiB. Should usually be larger than downtime delay * downtime steps. Set to 0 to disable timeouts.
Related options:
* live_migration_downtime
* live_migration_downtime_steps
* live_migration_downtime_delay
- **Mutable**
This option can be changed without restarting.
* - ``live_migration_permit_auto_converge`` = ``False``
- (Boolean) This option allows nova to start live migration with auto converge on.
Auto converge throttles down CPU if a progress of on-going live migration is slow. Auto converge will only be used if this flag is set to True and post copy is not permitted or post copy is unavailable due to the version of libvirt and QEMU in use. Auto converge requires libvirt>=1.2.3 and QEMU>=1.6.0.
Related options:
* live_migration_permit_post_copy
* - ``mem_stats_period_seconds`` = ``10``
- (Integer) A number of seconds to memory usage statistics period. Zero or negative value mean to disable memory usage statistics.
* - ``smbfs_mount_point_base`` = ``$state_path/mnt``
- (String) Directory where the SMBFS shares are mounted on the compute node.

84
doc/config-reference/source/tables/nova-livemigration.rst
View File

@ -1,84 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-livemigration:
.. list-table:: Description of live migration configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``live_migration_retry_count`` = ``30``
- (Integer) Maximum number of 1 second retries in live_migration. It specifies number of retries to iptables when it complains. It happens when an user continously sends live-migration request to same host leading to concurrent request to iptables.
Possible values:
* Any positive integer representing retry count.
* - ``max_concurrent_live_migrations`` = ``1``
- (Integer) Maximum number of live migrations to run concurrently. This limit is enforced to avoid outbound live migrations overwhelming the host/network and causing failures. It is not recommended that you change this unless you are very sure that doing so is safe and stable in your environment.
Possible values:
* 0 : treated as unlimited.
* Negative value defaults to 0.
* Any positive integer representing maximum number of live migrations to run concurrently.
* - **[libvirt]**
-
* - ``live_migration_bandwidth`` = ``0``
- (Integer) Maximum bandwidth(in MiB/s) to be used during migration. If set to 0, will choose a suitable default. Some hypervisors do not support this feature and will return an error if bandwidth is not 0. Please refer to the libvirt documentation for further details
* - ``live_migration_completion_timeout`` = ``800``
- (Integer) Time to wait, in seconds, for migration to successfully complete transferring data before aborting the operation. Value is per GiB of guest RAM + disk to be transferred, with lower bound of a minimum of 2 GiB. Should usually be larger than downtime delay
* downtime steps. Set to 0 to disable timeouts.
**Mutable**
This option can be changed without restarting.
* - ``live_migration_downtime`` = ``500``
- (Integer) Maximum permitted downtime, in milliseconds, for live migration switchover. Will be rounded up to a minimum of 100ms. Use a large value if guest liveness is unimportant.
* - ``live_migration_downtime_delay`` = ``75``
- (Integer) Time to wait, in seconds, between each step increase of the migration downtime. Minimum delay is 10 seconds. Value is per GiB of guest RAM + disk to be transferred, with lower bound of a minimum of 2 GiB per device
* - ``live_migration_downtime_steps`` = ``10``
- (Integer) Number of incremental steps to reach max downtime value. Will be rounded up to a minimum of 3 steps
* - ``live_migration_inbound_addr`` = ``None``
- (String) Live migration target ip or hostname (if this option is set to None, which is the default, the hostname of the migration target compute node will be used)
* - ``live_migration_permit_auto_converge`` = ``False``
- (Boolean) This option allows nova to start live migration with auto converge on. Auto converge throttles down CPU if a progress of on-going live migration is slow. Auto converge will only be used if this flag is set to True and post copy is not permitted or post copy is unavailable due to the version of libvirt and QEMU in use. Auto converge requires libvirt>=1.2.3 and QEMU>=1.6.0.
Related options:
* live_migration_permit_post_copy
* - ``live_migration_permit_post_copy`` = ``False``
- (Boolean) This option allows nova to switch an on-going live migration to post-copy mode, i.e., switch the active VM to the one on the destination node before the migration is complete, therefore ensuring an upper bound on the memory that needs to be transferred. Post-copy requires libvirt>=1.3.3 and QEMU>=2.5.0.
When permitted, post-copy mode will be automatically activated if a live-migration memory copy iteration does not make percentage increase of at least 10% over the last iteration.
The live-migration force complete API also uses post-copy when permitted. If post-copy mode is not available, force complete falls back to pausing the VM to ensure the live-migration operation will complete.
When using post-copy mode, if the source and destination hosts loose network connectivity, the VM being live-migrated will need to be rebooted. For more details, please see the Administration guide.
Related options:
* live_migration_permit_auto_converge
* - ``live_migration_progress_timeout`` = ``150``
- (Integer) Time to wait, in seconds, for migration to make forward progress in transferring data before aborting the operation. Set to 0 to disable timeouts.
**Mutable**
This option can be changed without restarting.
* - ``live_migration_tunnelled`` = ``False``
- (Boolean) Whether to use tunnelled migration, where migration data is transported over the libvirtd connection. If True, we use the VIR_MIGRATE_TUNNELLED migration flag, avoiding the need to configure the network to allow direct hypervisor to hypervisor communication. If False, use the native transport. If not set, Nova will choose a sensible default based on, for example the availability of native encryption support in the hypervisor.
* - ``live_migration_uri`` = ``None``
- (String) Override the default libvirt live migration target URI (which is dependent on virt_type) (any included "%s" is replaced with the migration target hostname)

60
doc/config-reference/source/tables/nova-redis.rst → doc/config-reference/source/tables/nova-matchmaker_redis.rst
View File

@ -8,29 +8,59 @@
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-redis:
.. _nova-matchmaker_redis:
.. list-table:: Description of Redis configuration options
.. list-table:: Description of matchmaker_redis configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[matchmaker_redis]**
-
* - ``check_timeout`` = ``20000``
- (Integer) Time in ms to wait before the transaction is killed.
* - ``host`` = ``127.0.0.1``
- (String) DEPRECATED: Host to locate redis. Replaced by [DEFAULT]/transport_url
* - ``password`` =
- (String) DEPRECATED: Password for Redis server (optional). Replaced by [DEFAULT]/transport_url
- (String) Host to locate redis.
- **Deprecated**
Replaced by [DEFAULT]/transport_url
* - ``port`` = ``6379``
- (Port number) DEPRECATED: Use this port to connect to redis host. Replaced by [DEFAULT]/transport_url
* - ``sentinel_group_name`` = ``oslo-messaging-zeromq``
- (String) Redis replica set name.
- (Port number) Use this port to connect to redis host.
- **Deprecated**
Replaced by [DEFAULT]/transport_url
* - ``password`` =
- (String) Password for Redis server (optional).
- **Deprecated**
Replaced by [DEFAULT]/transport_url
* - ``sentinel_hosts`` =
- (List) DEPRECATED: List of Redis Sentinel hosts (fault tolerance mode) e.g. [host:port, host1:port ... ] Replaced by [DEFAULT]/transport_url
* - ``socket_timeout`` = ``10000``
- (Integer) Timeout in ms on blocking socket operations
- (List) List of Redis Sentinel hosts (fault tolerance mode), e.g., [host:port, host1:port ... ]
- **Deprecated**
Replaced by [DEFAULT]/transport_url
* - ``sentinel_group_name`` = ``oslo-messaging-zeromq``
- (String) Redis replica set name.
* - ``wait_timeout`` = ``2000``
- (Integer) Time in ms to wait between connection attempts.
* - ``check_timeout`` = ``20000``
- (Integer) Time in ms to wait before the transaction is killed.
* - ``socket_timeout`` = ``10000``
- (Integer) Timeout in ms on blocking socket operations.

134
doc/config-reference/source/tables/nova-metadata.rst
View File

@ -1,134 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-metadata:
.. list-table:: Description of metadata configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``metadata_cache_expiration`` = ``15``
- (Integer) This option is the time (in seconds) to cache metadata. When set to 0, metadata caching is disabled entirely; this is generally not recommended for performance reasons. Increasing this setting should improve response times of the metadata API when under heavy load. Higher values may increase memory usage, and result in longer times for host metadata changes to take effect.
* - ``metadata_host`` = ``$my_ip``
- (String) This option determines the IP address for the network metadata API server.
Possible values:
* Any valid IP address. The default is the address of the Nova API server.
Related options:
* metadata_port
* - ``metadata_listen`` = ``0.0.0.0``
- (String) The IP address on which the metadata API will listen.
* - ``metadata_listen_port`` = ``8775``
- (Port number) The port on which the metadata API will listen.
* - ``metadata_manager`` = ``nova.api.manager.MetadataManager``
- (String) DEPRECATED: OpenStack metadata service manager
* - ``metadata_port`` = ``8775``
- (Port number) This option determines the port used for the metadata API server.
Related options:
* metadata_host
* - ``metadata_workers`` = ``None``
- (Integer) Number of workers for metadata service. The default will be the number of CPUs available.
* - ``vendordata_driver`` = ``nova.api.metadata.vendordata_json.JsonFileVendorData``
- (String) DEPRECATED: When returning instance metadata, this is the class that is used for getting vendor metadata when that class isn't specified in the individual request. The value should be the full dot-separated path to the class to use.
Possible values:
* Any valid dot-separated class path that can be imported.
* - ``vendordata_dynamic_connect_timeout`` = ``5``
- (Integer) Maximum wait time for an external REST service to connect.
Possible values:
* Any integer with a value greater than three (the TCP packet retransmission timeout). Note that instance start may be blocked during this wait time, so this value should be kept small.
Related options:
* vendordata_providers
* vendordata_dynamic_targets
* vendordata_dynamic_ssl_certfile
* vendordata_dynamic_read_timeout
* - ``vendordata_dynamic_read_timeout`` = ``5``
- (Integer) Maximum wait time for an external REST service to return data once connected.
Possible values:
* Any integer. Note that instance start is blocked during this wait time, so this value should be kept small.
Related options:
* vendordata_providers
* vendordata_dynamic_targets
* vendordata_dynamic_ssl_certfile
* vendordata_dynamic_connect_timeout
* - ``vendordata_dynamic_ssl_certfile`` =
- (String) Path to an optional certificate file or CA bundle to verify dynamic vendordata REST services ssl certificates against.
Possible values:
* An empty string, or a path to a valid certificate file
Related options:
* vendordata_providers
* vendordata_dynamic_targets
* vendordata_dynamic_connect_timeout
* vendordata_dynamic_read_timeout
* - ``vendordata_dynamic_targets`` =
- (List) A list of targets for the dynamic vendordata provider. These targets are of the form <name>@<url>.
The dynamic vendordata provider collects metadata by contacting external REST services and querying them for information about the instance. This behaviour is documented in the vendordata.rst file in the nova developer reference.
* - ``vendordata_jsonfile_path`` = ``None``
- (String) Cloud providers may store custom data in vendor data file that will then be available to the instances via the metadata service, and to the rendering of config-drive. The default class for this, JsonFileVendorData, loads this information from a JSON file, whose path is configured by this option. If there is no path set by this option, the class returns an empty dictionary.
Possible values:
* Any string representing the path to the data file, or an empty string (default).
* - ``vendordata_providers`` =
- (List) A list of vendordata providers.
vendordata providers are how deployers can provide metadata via configdrive and metadata that is specific to their deployment. There are currently two supported providers: StaticJSON and DynamicJSON.
StaticJSON reads a JSON file configured by the flag vendordata_jsonfile_path and places the JSON from that file into vendor_data.json and vendor_data2.json.
DynamicJSON is configured via the vendordata_dynamic_targets flag, which is documented separately. For each of the endpoints specified in that flag, a section is added to the vendor_data2.json.
For more information on the requirements for implementing a vendordata dynamic endpoint, please see the vendordata.rst file in the nova developer reference.
Possible values:
* A list of vendordata providers, with StaticJSON and DynamicJSON being current options.
Related options:
* vendordata_dynamic_targets
* vendordata_dynamic_ssl_certfile
* vendordata_dynamic_connect_timeout
* vendordata_dynamic_read_timeout

108
doc/config-reference/source/tables/nova-metrics.rst Normal file
View File

@ -0,0 +1,108 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-metrics:
.. list-table:: Description of metrics configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``required`` = ``True``
- (Boolean) This setting determines how any unavailable metrics are treated. If this option is set to True, any hosts for which a metric is unavailable will raise an exception, so it is recommended to also use the MetricFilter to filter out those hosts before weighing.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect.
Possible values:
* True or False, where False ensures any metric being unavailable for a host will set the host weight to 'weight_of_unavailable'.
Related options:
* weight_of_unavailable
* - ``weight_multiplier`` = ``1.0``
- (Floating point) When using metrics to weight the suitability of a host, you can use this option to change how the calculated weight influences the weight assigned to a host as follows:
* >1.0: increases the effect of the metric on overall weight
* 1.0: no change to the calculated weight
* >0.0,<1.0: reduces the effect of the metric on overall weight
* 0.0: the metric value is ignored, and the value of the 'weight_of_unavailable' option is returned instead
* >-1.0,<0.0: the effect is reduced and reversed
* -1.0: the effect is reversed
* <-1.0: the effect is increased proportionally and reversed
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect.
Possible values:
* An integer or float value, where the value corresponds to the multipler ratio for this weigher.
Related options:
* weight_of_unavailable
* - ``weight_of_unavailable`` = ``-10000.0``
- (Floating point) When any of the following conditions are met, this value will be used in place of any actual metric value:
* One of the metrics named in 'weight_setting' is not available for a host, and the value of 'required' is False
* The ratio specified for a metric in 'weight_setting' is 0
* The 'weight_multiplier' option is set to 0
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect.
Possible values:
* An integer or float value, where the value corresponds to the multipler ratio for this weigher.
Related options:
* weight_setting
* required
* weight_multiplier
* - ``weight_setting`` =
- (List) This setting specifies the metrics to be weighed and the relative ratios for each metric. This should be a single string value, consisting of a series of one or more 'name=ratio' pairs, separated by commas, where 'name' is the name of the metric to be weighed, and 'ratio' is the relative weight for that metric.
Note that if the ratio is set to 0, the metric value is ignored, and instead the weight will be set to the value of the 'weight_of_unavailable' option.
As an example, let's consider the case where this option is set to:
``name1=1.0, name2=-1.3``
The final weight will be:
``(name1.value * 1.0) + (name2.value * -1.3)``
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect.
Possible values:
* A list of zero or more key/value pairs separated by commas, where the key is a string representing the name of a metric and the value is a numeric weight for that metric. If any value is set to 0, the value is ignored and the weight will be set to the value of the 'weight_of_unavailable' option.
Related options:
* weight_of_unavailable

32
doc/config-reference/source/tables/nova-mks.rst Normal file
View File

@ -0,0 +1,32 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-mks:
.. list-table:: Description of mks configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``mksproxy_base_url`` = ``http://127.0.0.1:6090/``
- (String) Location of MKS web console proxy
The URL in the response points to a WebMKS proxy which starts proxying between client and corresponding vCenter server where instance runs. In order to use the web based console access, WebMKS proxy should be installed and configured
Possible values:
* Must be a valid URL of the form:``http://host:port/``
* - ``enabled`` = ``False``
- (Boolean) Enables graphical console access for virtual machines.

526
doc/config-reference/source/tables/nova-network.rst
View File

@ -1,526 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-network:
.. list-table:: Description of network configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``allow_same_net_traffic`` = ``True``
- (Boolean) Determine whether to allow network traffic from same network.
When set to true, hosts on the same subnet are not filtered and are allowed to pass all types of traffic between them. On a flat network, this allows all instances from all projects unfiltered communication. With VLAN networking, this allows access between instances within the same project.
This option only applies when using the ``nova-network`` service. When using another networking services, such as Neutron, security groups or other approaches should be used.
Possible values:
* True: Network traffic should be allowed pass between all instances on the same network, regardless of their tenant and security policies
* False: Network traffic should not be allowed pass between instances unless it is unblocked in a security group
Interdependencies to other options:
* ``use_neutron``: This must be set to ``False`` to enable ``nova-network`` networking
* ``firewall_driver``: This must be set to ``nova.virt.libvirt.firewall.IptablesFirewallDriver`` to ensure the libvirt firewall driver is enabled.
* - ``auto_assign_floating_ip`` = ``False``
- (Boolean) Autoassigning floating IP to VM
When set to True, floating IP is auto allocated and associated to the VM upon creation.
* - ``cnt_vpn_clients`` = ``0``
- (Integer) This option represents the number of IP addresses to reserve at the top of the address range for VPN clients. It also will be ignored if the configuration option for `network_manager` is not set to the default of 'nova.network.manager.VlanManager'.
Possible values:
Any integer, 0 or greater. The default is 0.
Related options:
``use_neutron``, ``network_manager``
* - ``create_unique_mac_address_attempts`` = ``5``
- (Integer) This option determines how many times nova-network will attempt to create a unique MAC address before giving up and raising a `VirtualInterfaceMacAddressException` error.
Possible values:
Any positive integer. The default is 5.
Related options:
``use_neutron``
* - ``default_access_ip_network_name`` = ``None``
- (String) Name of the network to be used to set access IPs for instances. If there are multiple IPs to choose from, an arbitrary one will be chosen.
Possible values:
* None (default)
* Any string representing network name.
* - ``default_floating_pool`` = ``nova``
- (String) Default pool for floating IPs.
This option specifies the default floating IP pool for allocating floating IPs.
While allocating a floating ip, users can optionally pass in the name of the pool they want to allocate from, otherwise it will be pulled from the default pool.
If this option is not set, then 'nova' is used as default floating pool.
Possible values:
* Any string representing a floating IP pool name
* - ``defer_iptables_apply`` = ``False``
- (Boolean) Whether to batch up the application of IPTables rules during a host restart and apply all at the end of the init phase.
* - ``dhcp_domain`` = ``novalocal``
- (String) This option allows you to specify the domain for the DHCP server.
Possible values:
Any string that is a valid domain name.
Related options:
``use_neutron``
* - ``dhcp_lease_time`` = ``86400``
- (Integer) The lifetime of a DHCP lease, in seconds. The default is 86400 (one day).
Possible values:
Any positive integer value.
* - ``dhcpbridge`` = ``$bindir/nova-dhcpbridge``
- (String) The location of the binary nova-dhcpbridge. By default it is the binary named 'nova-dhcpbridge' that is installed with all the other nova binaries.
Possible values:
Any string representing the full path to the binary for dhcpbridge
* - ``dhcpbridge_flagfile`` = ``['/etc/nova/nova-dhcpbridge.conf']``
- (Multi-valued) This option is a list of full paths to one or more configuration files for dhcpbridge. In most cases the default path of '/etc/nova/nova-dhcpbridge.conf' should be sufficient, but if you have special needs for configuring dhcpbridge, you can change or add to this list.
Possible values
A list of strings, where each string is the full path to a dhcpbridge configuration file.
* - ``dns_server`` = ``[]``
- (Multi-valued) Despite the singular form of the name of this option, it is actually a list of zero or more server addresses that dnsmasq will use for DNS nameservers. If this is not empty, dnsmasq will not read /etc/resolv.conf, but will only use the servers specified in this option. If the option use_network_dns_servers is True, the dns1 and dns2 servers from the network will be appended to this list, and will be used as DNS servers, too.
Possible values:
A list of strings, where each string is either an IP address or a FQDN.
Related options:
use_network_dns_servers
* - ``dns_update_periodic_interval`` = ``-1``
- (Integer) This option determines the time, in seconds, to wait between refreshing DNS entries for the network.
Possible values:
Either -1 (default), or any positive integer. A negative value will disable the updates.
Related options:
``use_neutron``
* - ``dnsmasq_config_file`` =
- (String) The path to the custom dnsmasq configuration file, if any.
Possible values:
The full path to the configuration file, or an empty string if there is no custom dnsmasq configuration file.
* - ``ebtables_exec_attempts`` = ``3``
- (Integer) This option determines the number of times to retry ebtables commands before giving up. The minimum number of retries is 1.
Possible values:
* Any positive integer
Related options:
* ebtables_retry_interval
* - ``ebtables_retry_interval`` = ``1.0``
- (Floating point) This option determines the time, in seconds, that the system will sleep in between ebtables retries. Note that each successive retry waits a multiple of this value, so for example, if this is set to the default of 1.0 seconds, and ebtables_exec_attempts is 4, after the first failure, the system will sleep for 1
* 1.0 seconds, after the second failure it will sleep 2
* 1.0 seconds, and after the third failure it will sleep 3
* 1.0 seconds.
Possible values:
* Any non-negative float or integer. Setting this to zero will result in no waiting between attempts.
Related options:
* ebtables_exec_attempts
* - ``firewall_driver`` = ``None``
- (String) Firewall driver to use with ``nova-network`` service.
This option only applies when using the ``nova-network`` service. When using another networking services, such as Neutron, this should be to set to the ``nova.virt.firewall.NoopFirewallDriver``.
If unset (the default), this will default to the hypervisor-specified default driver.
Possible values:
* nova.virt.firewall.IptablesFirewallDriver
* nova.virt.firewall.NoopFirewallDriver
* nova.virt.libvirt.firewall.IptablesFirewallDriver
* [...]
Interdependencies to other options:
* ``use_neutron``: This must be set to ``False`` to enable ``nova-network`` networking
* - ``fixed_ip_disassociate_timeout`` = ``600``
- (Integer) This is the number of seconds to wait before disassociating a deallocated fixed IP address. This is only used with the nova-network service, and has no effect when using neutron for networking.
Possible values:
Any integer, zero or greater. The default is 600 (10 minutes).
Related options:
``use_neutron``
* - ``flat_injected`` = ``False``
- (Boolean) This option determines whether the network setup information is injected into the VM before it is booted. While it was originally designed to be used only by nova-network, it is also used by the vmware and xenapi virt drivers to control whether network information is injected into a VM.
* - ``flat_interface`` = ``None``
- (String) This option is the name of the virtual interface of the VM on which the bridge will be built. While it was originally designed to be used only by nova-network, it is also used by libvirt for the bridge interface name.
Possible values:
Any valid virtual interface name, such as 'eth0'
* - ``flat_network_bridge`` = ``None``
- (String) This option determines the bridge used for simple network interfaces when no bridge is specified in the VM creation request.
Please note that this option is only used when using nova-network instead of Neutron in your deployment.
Possible values:
Any string representing a valid network bridge, such as 'br100'
Related options:
``use_neutron``
* - ``flat_network_dns`` = ``8.8.4.4``
- (String) This is the address of the DNS server for a simple network. If this option is not specified, the default of '8.8.4.4' is used.
Please note that this option is only used when using nova-network instead of Neutron in your deployment.
Possible values:
Any valid IP address.
Related options:
``use_neutron``
* - ``floating_ip_dns_manager`` = ``nova.network.noop_dns_driver.NoopDNSDriver``
- (String) Full class name for the DNS Manager for floating IPs.
This option specifies the class of the driver that provides functionality to manage DNS entries associated with floating IPs.
When a user adds a DNS entry for a specified domain to a floating IP, nova will add a DNS entry using the specified floating DNS driver. When a floating IP is deallocated, its DNS entry will automatically be deleted.
Possible values:
* Full Python path to the class to be used
* - ``force_dhcp_release`` = ``True``
- (Boolean) When this option is True, a call is made to release the DHCP for the instance when that instance is terminated.
Related options:
``use_neutron``
* - ``force_snat_range`` = ``[]``
- (Multi-valued) This is a list of zero or more IP ranges that traffic from the `routing_source_ip` will be SNATted to. If the list is empty, then no SNAT rules are created.
Possible values:
A list of strings, each of which should be a valid CIDR.
Related options:
routing_source_ip
* - ``forward_bridge_interface`` = ``['all']``
- (Multi-valued) One or more interfaces that bridges can forward traffic to. If any of the items in this list is the special keyword 'all', then all traffic will be forwarded.
Possible values:
A list of zero or more interface names, or the word 'all'.
* - ``gateway`` = ``None``
- (String) This is the default IPv4 gateway. It is used only in the testing suite.
Please note that this option is only used when using nova-network instead of Neutron in your deployment.
Possible values:
Any valid IP address.
Related options:
``use_neutron``, ``gateway_v6``
* - ``injected_network_template`` = ``$pybasedir/nova/virt/interfaces.template``
- (String) Template file for injected network
* - ``instance_dns_domain`` =
- (String) If specified, Nova checks if the availability_zone of every instance matches what the database says the availability_zone should be for the specified dns_domain.
* - ``instance_dns_manager`` = ``nova.network.noop_dns_driver.NoopDNSDriver``
- (String) Full class name for the DNS Manager for instance IPs.
This option specifies the class of the driver that provides functionality to manage DNS entries for instances.
On instance creation, nova will add DNS entries for the instance name and id, using the specified instance DNS driver and domain. On instance deletion, nova will remove the DNS entries.
Possible values:
* Full Python path to the class to be used
* - ``iptables_bottom_regex`` =
- (String) This expression, if defined, will select any matching iptables rules and place them at the bottom when applying metadata changes to the rules.
Possible values:
* Any string representing a valid regular expression, or an empty string
Related options:
* iptables_top_regex
* - ``iptables_drop_action`` = ``DROP``
- (String) By default, packets that do not pass the firewall are DROPped. In many cases, though, an operator may find it more useful to change this from DROP to REJECT, so that the user issuing those packets may have a better idea as to what's going on, or LOGDROP in order to record the blocked traffic before DROPping.
Possible values:
* A string representing an iptables chain. The default is DROP.
* - ``iptables_top_regex`` =
- (String) This expression, if defined, will select any matching iptables rules and place them at the top when applying metadata changes to the rules.
Possible values:
* Any string representing a valid regular expression, or an empty string
Related options:
* iptables_bottom_regex
* - ``l3_lib`` = ``nova.network.l3.LinuxNetL3``
- (String) This option allows you to specify the L3 management library to be used.
Possible values:
Any dot-separated string that represents the import path to an L3 networking library.
Related options:
``use_neutron``
* - ``linuxnet_interface_driver`` = ``nova.network.linux_net.LinuxBridgeInterfaceDriver``
- (String) This is the class used as the ethernet device driver for linuxnet bridge operations. The default value should be all you need for most cases, but if you wish to use a customized class, set this option to the full dot-separated import path for that class.
Possible values:
Any string representing a dot-separated class path that Nova can import.
* - ``linuxnet_ovs_integration_bridge`` = ``br-int``
- (String) The name of the Open vSwitch bridge that is used with linuxnet when connecting with Open vSwitch."
Possible values:
Any string representing a valid bridge name.
* - ``multi_host`` = ``False``
- (Boolean) Default value for multi_host in networks. Also, if set, some rpc network calls will be sent directly to host.
* - ``network_allocate_retries`` = ``0``
- (Integer) Number of times to retry network allocation. It is required to attempt network allocation retries if the virtual interface plug fails.
Possible values:
* Any positive integer representing retry count.
* - ``network_driver`` = ``nova.network.linux_net``
- (String) Driver to use for network creation
* - ``network_manager`` = ``nova.network.manager.VlanManager``
- (String) Full class name for the Manager for network
* - ``network_size`` = ``256``
- (Integer) This option determines the number of addresses in each private subnet.
Please note that this option is only used when using nova-network instead of Neutron in your deployment.
Possible values:
Any positive integer that is less than or equal to the available network size. Note that if you are creating multiple networks, they must all fit in the available IP address space. The default is 256.
Related options:
``use_neutron``, ``num_networks``
* - ``network_topic`` = ``network``
- (String) The topic network nodes listen on
* - ``networks_path`` = ``$state_path/networks``
- (String) The location where the network configuration files will be kept. The default is the 'networks' directory off of the location where nova's Python module is installed.
Possible values
A string containing the full path to the desired configuration directory
* - ``num_networks`` = ``1``
- (Integer) This option represents the number of networks to create if not explicitly specified when the network is created. The only time this is used is if a CIDR is specified, but an explicit network_size is not. In that case, the subnets are created by diving the IP address space of the CIDR by num_networks. The resulting subnet sizes cannot be larger than the configuration option `network_size`; in that event, they are reduced to `network_size`, and a warning is logged.
Please note that this option is only used when using nova-network instead of Neutron in your deployment.
Possible values:
Any positive integer is technically valid, although there are practical limits based upon available IP address space and virtual interfaces. The default is 1.
Related options:
``use_neutron``, ``network_size``
* - ``ovs_vsctl_timeout`` = ``120``
- (Integer) This option represents the period of time, in seconds, that the ovs_vsctl calls will wait for a response from the database before timing out. A setting of 0 means that the utility should wait forever for a response.
Possible values:
* Any positive integer if a limited timeout is desired, or zero if the calls should wait forever for a response.
* - ``public_interface`` = ``eth0``
- (String) This is the name of the network interface for public IP addresses. The default is 'eth0'.
Possible values:
Any string representing a network interface name
* - ``routing_source_ip`` = ``$my_ip``
- (String) This is the public IP address of the network host. It is used when creating a SNAT rule.
Possible values:
Any valid IP address
Related options:
force_snat_range
* - ``send_arp_for_ha`` = ``False``
- (Boolean) When True, when a device starts up, and upon binding floating IP addresses, arp messages will be sent to ensure that the arp caches on the compute hosts are up-to-date.
Related options:
send_arp_for_ha_count
* - ``send_arp_for_ha_count`` = ``3``
- (Integer) When arp messages are configured to be sent, they will be sent with the count set to the value of this option. Of course, if this is set to zero, no arp messages will be sent.
Possible values:
Any integer greater than or equal to 0
Related options:
send_arp_for_ha
* - ``share_dhcp_address`` = ``False``
- (Boolean) DEPRECATED: THIS VALUE SHOULD BE SET WHEN CREATING THE NETWORK.
If True in multi_host mode, all compute hosts share the same dhcp address. The same IP address used for DHCP will be added on each nova-network node which is only visible to the VMs on the same host.
The use of this configuration has been deprecated and may be removed in any release after Mitaka. It is recommended that instead of relying on this option, an explicit value should be passed to 'create_networks()' as a keyword argument with the name 'share_address'.
* - ``teardown_unused_network_gateway`` = ``False``
- (Boolean) Determines whether unused gateway devices, both VLAN and bridge, are deleted if the network is in nova-network VLAN mode and is multi-hosted.
Related options:
``use_neutron``, ``vpn_ip``, ``fake_network``
* - ``update_dns_entries`` = ``False``
- (Boolean) When this option is True, whenever a DNS entry must be updated, a fanout cast message is sent to all network hosts to update their DNS entries in multi-host mode.
Related options:
``use_neutron``
* - ``use_network_dns_servers`` = ``False``
- (Boolean) When this option is set to True, the dns1 and dns2 servers for the network specified by the user on boot will be used for DNS, as well as any specified in the `dns_server` option.
Related options:
dns_server
* - ``use_neutron`` = ``False``
- (Boolean) Whether to use Neutron or Nova Network as the back end for networking. Defaults to False (indicating Nova network).Set to True to use neutron.
* - ``use_neutron_default_nets`` = ``False``
- (Boolean) When True, the TenantNetworkController will query the Neutron API to get the default networks to use.
Related options:
* neutron_default_tenant_id
* - ``use_single_default_gateway`` = ``False``
- (Boolean) When set to True, only the firt nic of a VM will get its default gateway from the DHCP server.
* - ``vlan_interface`` = ``None``
- (String) This option is the name of the virtual interface of the VM on which the VLAN bridge will be built. While it was originally designed to be used only by nova-network, it is also used by libvirt and xenapi for the bridge interface name.
Please note that this setting will be ignored in nova-network if the configuration option for `network_manager` is not set to the default of 'nova.network.manager.VlanManager'.
Possible values:
Any valid virtual interface name, such as 'eth0'
* - ``vlan_start`` = ``100``
- (Integer) This is the VLAN number used for private networks. Note that the when creating the networks, if the specified number has already been assigned, nova-network will increment this number until it finds an available VLAN.
Please note that this option is only used when using nova-network instead of Neutron in your deployment. It also will be ignored if the configuration option for `network_manager` is not set to the default of 'nova.network.manager.VlanManager'.
Possible values:
Any integer between 1 and 4094. Values outside of that range will raise a ValueError exception. Default = 100.
Related options:
``network_manager``, ``use_neutron``
* - **[libvirt]**
-
* - ``remote_filesystem_transport`` = ``ssh``
- (String) Use ssh or rsync transport for creating, copying, removing files on the remote host.
* - **[os_vif_linux_bridge]**
-
* - ``flat_interface`` = ``None``
- (String) FlatDhcp will bridge into this interface if set
* - ``forward_bridge_interface`` = ``['all']``
- (Multi-valued) An interface that bridges can forward to. If this is set to all then all traffic will be forwarded. Can be specified multiple times.
* - ``iptables_bottom_regex`` =
- (String) Regular expression to match the iptables rule that should always be on the bottom.
* - ``iptables_drop_action`` = ``DROP``
- (String) The table that iptables to jump to when a packet is to be dropped.
* - ``iptables_top_regex`` =
- (String) Regular expression to match the iptables rule that should always be on the top.
* - ``network_device_mtu`` = ``1500``
- (Integer) MTU setting for network interface.
* - ``use_ipv6`` = ``False``
- (Boolean) Use IPv6
* - ``vlan_interface`` = ``None``
- (String) VLANs will bridge into this interface if set
* - **[os_vif_ovs]**
-
* - ``network_device_mtu`` = ``1500``
- (Integer) MTU setting for network interface.
* - ``ovs_vsctl_timeout`` = ``120``
- (Integer) Amount of time, in seconds, that ovs_vsctl should wait for a response from the database. 0 is to wait forever.
* - **[vif_plug_linux_bridge_privileged]**
-
* - ``capabilities`` = ``[]``
- (Unknown) List of Linux capabilities retained by the privsep daemon.
* - ``group`` = ``None``
- (String) Group that the privsep daemon should run as.
* - ``helper_command`` = ``None``
- (String) Command to invoke to start the privsep daemon if not using the "fork" method. If not specified, a default is generated using "sudo privsep-helper" and arguments designed to recreate the current configuration. This command must accept suitable --privsep_context and --privsep_sock_path arguments.
* - ``user`` = ``None``
- (String) User that the privsep daemon should run as.
* - **[vif_plug_ovs_privileged]**
-
* - ``capabilities`` = ``[]``
- (Unknown) List of Linux capabilities retained by the privsep daemon.
* - ``group`` = ``None``
- (String) Group that the privsep daemon should run as.
* - ``helper_command`` = ``None``
- (String) Command to invoke to start the privsep daemon if not using the "fork" method. If not specified, a default is generated using "sudo privsep-helper" and arguments designed to recreate the current configuration. This command must accept suitable --privsep_context and --privsep_sock_path arguments.
* - ``user`` = ``None``
- (String) User that the privsep daemon should run as.
* - **[vmware]**
-
* - ``vlan_interface`` = ``vmnic0``
- (String) This option specifies the physical ethernet adapter name for VLAN networking.
Set the vlan_interface configuration option to match the ESX host interface that handles VLAN-tagged VM traffic.
Possible values:
* Any valid string representing VLAN interface name

92
doc/config-reference/source/tables/nova-neutron.rst
View File

@ -16,57 +16,73 @@
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``neutron_default_tenant_id`` = ``default``
- (String) Tenant ID for getting the default network from Neutron API (also referred in some places as the 'project ID') to use.
Related options:
* use_neutron_default_nets
* - **[neutron]**
-
* - ``auth_section`` = ``None``
- (Unknown) Config Section from which to load plugin specific options
* - ``auth_type`` = ``None``
- (Unknown) Authentication type to load
* - ``cafile`` = ``None``
- (String) PEM encoded Certificate Authority to use when verifying HTTPs connections.
* - ``certfile`` = ``None``
- (String) PEM encoded client certificate cert file
* - ``extension_sync_interval`` = ``600``
- (Integer) Integer value representing the number of seconds to wait before querying Neutron for extensions. After this number of seconds the next time Nova needs to create a resource in Neutron it will requery Neutron for the extensions that it has loaded. Setting value to 0 will refresh the extensions with no wait.
* - ``insecure`` = ``False``
- (Boolean) Verify HTTPS connections.
* - ``keyfile`` = ``None``
- (String) PEM encoded client certificate key file
* - ``metadata_proxy_shared_secret`` =
- (String) This option holds the shared secret string used to validate proxy requests to Neutron metadata requests. In order to be used, the 'X-Metadata-Provider-Signature' header must be supplied in the request.
Related options:
* service_metadata_proxy
* - ``ovs_bridge`` = ``br-int``
- (String) Specifies the name of an integration bridge interface used by OpenvSwitch. This option is used only if Neutron does not specify the OVS bridge name.
Possible values:
* Any string representing OVS bridge name.
* - ``region_name`` = ``RegionOne``
- (String) Region name for connecting to Neutron in admin context.
This option is used in multi-region setups. If there are two Neutron servers running in two regions in two different machines, then two services need to be created in Keystone with two different regions and associate corresponding endpoints to those services. When requests are made to Keystone, the Keystone service uses the region_name to determine the region the request is coming from.
* - ``service_metadata_proxy`` = ``False``
- (Boolean) When set to True, this option indicates that Neutron will be used to proxy metadata requests and resolve instance ids. Otherwise, the instance ID must be passed to the metadata request in the 'X-Instance-ID' header.
Related options:
* metadata_proxy_shared_secret
* - ``timeout`` = ``None``
- (Integer) Timeout value for http requests
* - ``region_name`` = ``RegionOne``
- (String) Region name for connecting to Neutron in admin context.
This option is used in multi-region setups. If there are two Neutron servers running in two regions in two different machines, then two services need to be created in Keystone with two different regions and associate corresponding endpoints to those services. When requests are made to Keystone, the Keystone service uses the region_name to determine the region the request is coming from.
* - ``url`` = ``http://127.0.0.1:9696``
- (URI) This option specifies the URL for connecting to Neutron.
Possible values:
* Any valid URL that points to the Neutron API service is appropriate here. This typically matches the URL returned for the 'network' service type from the Keystone service catalog.
* - ``cafile`` = ``None``
- (String) PEM encoded Certificate Authority to use when verifying HTTPs connections.
* - ``insecure`` = ``False``
- (Boolean) Verify HTTPS connections.
* - ``extension_sync_interval`` = ``600``
- (Integer) Integer value representing the number of seconds to wait before querying Neutron for extensions. After this number of seconds the next time Nova needs to create a resource in Neutron it will requery Neutron for the extensions that it has loaded. Setting value to 0 will refresh the extensions with no wait.
* - ``timeout`` = ``None``
- (Integer) Timeout value for http requests
* - ``certfile`` = ``None``
- (String) PEM encoded client certificate cert file
* - ``ovs_bridge`` = ``br-int``
- (String) Specifies the name of an integration bridge interface used by OpenvSwitch. This option is used only if Neutron does not specify the OVS bridge name.
Possible values:
* Any string representing OVS bridge name.
* - ``keyfile`` = ``None``
- (String) PEM encoded client certificate key file
* - ``auth_section`` = ``None``
- (Unknown) Config Section from which to load plugin specific options
* - ``metadata_proxy_shared_secret`` =
- (String) This option holds the shared secret string used to validate proxy requests to Neutron metadata requests. In order to be used, the 'X-Metadata-Provider-Signature' header must be supplied in the request.
Related options:
* service_metadata_proxy

68
doc/config-reference/source/tables/nova-notifications.rst Normal file
View File

@ -0,0 +1,68 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-notifications:
.. list-table:: Description of notifications configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``notify_on_api_faults`` = ``False``
- (Boolean) If enabled, send api.fault notifications on caught exceptions in the API service.
* - ``notification_format`` = ``both``
- (String) Specifies which notification format shall be used by nova.
The default value is fine for most deployments and rarely needs to be changed. This value can be set to 'versioned' once the infrastructure moves closer to consuming the newer format of notifications. After this occurs, this option will be removed (possibly in the "P" release).
Possible values:
* unversioned: Only the legacy unversioned notifications are emitted.
* versioned: Only the new versioned notifications are emitted.
* both: Both the legacy unversioned and the new versioned notifications are emitted. (Default)
The list of versioned notifications is visible in http://docs.openstack.org/developer/nova/notifications.html
* - ``notify_on_state_change`` = ``None``
- (String) If set, send compute.instance.update notifications on instance state changes.
Please refer to https://wiki.openstack.org/wiki/SystemUsageData for additional information on notifications.
Possible values:
* None - no notifications
* "vm_state" - notifications on VM state changes
* "vm_and_task_state" - notifications on VM and task state changes
* - ``default_publisher_id`` = ``$my_ip``
- (String) Default publisher_id for outgoing notifications. If you consider routing notifications using different publisher, change this value accordingly.
Possible values:
* Defaults to the IPv4 address of this host, but it can be any valid oslo.messaging publisher_id
Related options:
* my_ip - IP address of this host
* - ``default_level`` = ``INFO``
- (String) Default notification level for outgoing notifications.

66
doc/config-reference/source/tables/nova-osapi_v21.rst Normal file
View File

@ -0,0 +1,66 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-osapi_v21:
.. list-table:: Description of osapi_v21 configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``project_id_regex`` = ``None``
- (String) This option is a string representing a regular expression (regex) that matches the project_id as contained in URLs. If not set, it will match normal UUIDs created by keystone.
Possible values:
* A string representing any legal regular expression
- **Deprecated**
Recent versions of nova constrain project IDs to hexadecimal characters and dashes. If your installation uses IDs outside of this range, you should use this option to provide your own regex and give you time to migrate offending projects to valid IDs before the next release.
* - ``extensions_blacklist`` =
- (List) This option is a list of all of the v2.1 API extensions to never load.
Possible values:
* A list of strings, each being the alias of an extension that you do not wish to load.
Related options:
* enabled
* extensions_whitelist
- **Deprecated**
API extensions are now part of the standard API. API extensions should be disabled using policy, rather than via these configuration options.
* - ``extensions_whitelist`` =
- (List) This is a list of extensions. If it is empty, then *all* extensions except those specified in the extensions_blacklist option will be loaded. If it is not empty, then only those extensions in this list will be loaded, provided that they are also not in the extensions_blacklist option.
Possible values:
* A list of strings, each being the alias of an extension that you wish to load, or an empty list, which indicates that all extensions are to be run.
Related options:
* enabled
* extensions_blacklist
- **Deprecated**
API extensions are now part of the standard API. API extensions should be disabled using policy, rather than via these configuration options.

16
doc/config-reference/source/tables/nova-authentication.rst → doc/config-reference/source/tables/nova-oslo_concurrency.rst
View File

@ -8,15 +8,19 @@
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-authentication:
.. _nova-oslo_concurrency:
.. list-table:: Description of authentication configuration options
.. list-table:: Description of oslo_concurrency configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``auth_strategy`` = ``keystone``
- (String) This determines the strategy to use for authentication: keystone or noauth2. 'noauth2' is designed for testing only, as it does no actual credential checking. 'noauth2' provides administrative credentials only if 'admin' is specified as the username.
* - ``disable_process_locking`` = ``False``
- (Boolean) Enables or disables inter-process locks.
* - ``lock_path`` = ``None``
- (String) Directory to use for lock files. For security, the specified directory should only be writable by the user running the processes that need locking. Defaults to environment variable OSLO_LOCK_PATH. If external locks are used, a lock path must be set.

170
doc/config-reference/source/tables/nova-oslo_messaging_amqp.rst Normal file
View File

@ -0,0 +1,170 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-oslo_messaging_amqp:
.. list-table:: Description of oslo_messaging_amqp configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``container_name`` = ``None``
- (String) Name for the AMQP container. must be globally unique. Defaults to a generated UUID
* - ``idle_timeout`` = ``0``
- (Integer) Timeout for inactive connections (in seconds)
* - ``trace`` = ``False``
- (Boolean) Debug: dump AMQP frames to stdout
* - ``ssl_ca_file`` =
- (String) CA certificate PEM file used to verify the server's certificate
* - ``ssl_cert_file`` =
- (String) Self-identifying certificate PEM file for client authentication
* - ``ssl_key_file`` =
- (String) Private key PEM file used to sign ssl_cert_file certificate (optional)
* - ``ssl_key_password`` = ``None``
- (String) Password for decrypting ssl_key_file (if encrypted)
* - ``allow_insecure_clients`` = ``False``
- (Boolean) Accept clients using either SSL or plain TCP
- **Deprecated**
Not applicable - not a SSL server
* - ``sasl_mechanisms`` =
- (String) Space separated list of acceptable SASL mechanisms
* - ``sasl_config_dir`` =
- (String) Path to directory that contains the SASL configuration
* - ``sasl_config_name`` =
- (String) Name of configuration file (without .conf suffix)
* - ``username`` =
- (String) User name for message broker authentication
* - ``password`` =
- (String) Password for message broker authentication
* - ``connection_retry_interval`` = ``1``
- (Integer) Seconds to pause before attempting to re-connect.
* - ``connection_retry_backoff`` = ``2``
- (Integer) Increase the connection_retry_interval by this many seconds after each unsuccessful failover attempt.
* - ``connection_retry_interval_max`` = ``30``
- (Integer) Maximum limit for connection_retry_interval + connection_retry_backoff
* - ``link_retry_delay`` = ``10``
- (Integer) Time to pause between re-connecting an AMQP 1.0 link that failed due to a recoverable error.
* - ``default_reply_retry`` = ``0``
- (Integer) The maximum number of attempts to re-send a reply message which failed due to a recoverable error.
* - ``default_reply_timeout`` = ``30``
- (Integer) The deadline for an rpc reply message delivery.
* - ``default_send_timeout`` = ``30``
- (Integer) The deadline for an rpc cast or call message delivery. Only used when caller does not provide a timeout expiry.
* - ``default_notify_timeout`` = ``30``
- (Integer) The deadline for a sent notification message delivery. Only used when caller does not provide a timeout expiry.
* - ``default_sender_link_timeout`` = ``600``
- (Integer) The duration to schedule a purge of idle sender links. Detach link after expiry.
* - ``addressing_mode`` = ``dynamic``
- (String) Indicates the addressing mode used by the driver. Permitted values: 'legacy' - use legacy non-routable addressing 'routable' - use routable addresses 'dynamic' - use legacy addresses if the message bus does not support routing otherwise use routable addressing
* - ``server_request_prefix`` = ``exclusive``
- (String) address prefix used when sending to a specific server
* - ``broadcast_prefix`` = ``broadcast``
- (String) address prefix used when broadcasting to all servers
* - ``group_request_prefix`` = ``unicast``
- (String) address prefix when sending to any server in group
* - ``rpc_address_prefix`` = ``openstack.org/om/rpc``
- (String) Address prefix for all generated RPC addresses
* - ``notify_address_prefix`` = ``openstack.org/om/notify``
- (String) Address prefix for all generated Notification addresses
* - ``multicast_address`` = ``multicast``
- (String) Appended to the address prefix when sending a fanout message. Used by the message bus to identify fanout messages.
* - ``unicast_address`` = ``unicast``
- (String) Appended to the address prefix when sending to a particular RPC/Notification server. Used by the message bus to identify messages sent to a single destination.
* - ``anycast_address`` = ``anycast``
- (String) Appended to the address prefix when sending to a group of consumers. Used by the message bus to identify messages that should be delivered in a round-robin fashion across consumers.
* - ``default_notification_exchange`` = ``None``
- (String) Exchange name used in notification addresses. Exchange name resolution precedence: Target.exchange if set else default_notification_exchange if set else control_exchange if set else 'notify'
* - ``default_rpc_exchange`` = ``None``
- (String) Exchange name used in RPC addresses. Exchange name resolution precedence: Target.exchange if set else default_rpc_exchange if set else control_exchange if set else 'rpc'
* - ``reply_link_credit`` = ``200``
- (Integer) Window size for incoming RPC Reply messages.
* - ``rpc_server_credit`` = ``100``
- (Integer) Window size for incoming RPC Request messages
* - ``notify_server_credit`` = ``100``
- (Integer) Window size for incoming Notification messages
* - ``pre_settled`` = ``['rpc-cast', 'rpc-reply']``
- (Multi-valued) Send messages of this type pre-settled. Pre-settled messages will not receive acknowledgement from the peer. Note well: pre-settled messages may be silently discarded if the delivery fails. Permitted values: 'rpc-call' - send RPC Calls pre-settled 'rpc-reply'- send RPC Replies pre-settled 'rpc-cast' - Send RPC Casts pre-settled 'notify' - Send Notifications pre-settled

66
doc/config-reference/source/tables/nova-oslo_messaging_kafka.rst Normal file
View File

@ -0,0 +1,66 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-oslo_messaging_kafka:
.. list-table:: Description of oslo_messaging_kafka configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``kafka_default_host`` = ``localhost``
- (String) Default Kafka broker Host
- **Deprecated**
Replaced by [DEFAULT]/transport_url
* - ``kafka_default_port`` = ``9092``
- (Port number) Default Kafka broker Port
- **Deprecated**
Replaced by [DEFAULT]/transport_url
* - ``kafka_max_fetch_bytes`` = ``1048576``
- (Integer) Max fetch bytes of Kafka consumer
* - ``kafka_consumer_timeout`` = ``1.0``
- (Integer) Default timeout(s) for Kafka consumers
* - ``pool_size`` = ``10``
- (Integer) Pool Size for Kafka Consumers
* - ``conn_pool_min_size`` = ``2``
- (Integer) The pool size limit for connections expiration policy
* - ``conn_pool_ttl`` = ``1200``
- (Integer) The time-to-live in sec of idle connections in the pool
* - ``consumer_group`` = ``oslo_messaging_consumer``
- (String) Group id for Kafka consumer. Consumers in one group will coordinate message consumption
* - ``producer_batch_timeout`` = ``0.0``
- (Floating point) Upper bound on the delay for KafkaProducer batching in seconds
* - ``producer_batch_size`` = ``16384``
- (Integer) Size of batch for the producer async send

30
doc/config-reference/source/tables/nova-oslo_messaging_notifications.rst Normal file
View File

@ -0,0 +1,30 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-oslo_messaging_notifications:
.. list-table:: Description of oslo_messaging_notifications configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``driver`` = ``[]``
- (Multi-valued) The Drivers(s) to handle sending notifications. Possible values are messaging, messagingv2, routing, log, test, noop
* - ``transport_url`` = ``None``
- (String) A URL representing the messaging driver to use for notifications. If not set, we fall back to the same configuration used for RPC.
* - ``topics`` = ``notifications``
- (List) AMQP topic used for OpenStack notifications.

274
doc/config-reference/source/tables/nova-oslo_messaging_rabbit.rst Normal file
View File

@ -0,0 +1,274 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-oslo_messaging_rabbit:
.. list-table:: Description of oslo_messaging_rabbit configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``amqp_durable_queues`` = ``False``
- (Boolean) Use durable queues in AMQP.
* - ``amqp_auto_delete`` = ``False``
- (Boolean) Auto-delete queues in AMQP.
* - ``kombu_ssl_version`` =
- (String) SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some distributions.
* - ``kombu_ssl_keyfile`` =
- (String) SSL key file (valid only if SSL enabled).
* - ``kombu_ssl_certfile`` =
- (String) SSL cert file (valid only if SSL enabled).
* - ``kombu_ssl_ca_certs`` =
- (String) SSL certification authority file (valid only if SSL enabled).
* - ``kombu_reconnect_delay`` = ``1.0``
- (Floating point) How long to wait before reconnecting in response to an AMQP consumer cancel notification.
* - ``kombu_compression`` = ``None``
- (String) EXPERIMENTAL: Possible values are: gzip, bz2. If not set compression will not be used. This option may not be available in future versions.
* - ``kombu_missing_consumer_retry_timeout`` = ``60``
- (Integer) How long to wait a missing client before abandoning to send it its replies. This value should not be longer than rpc_response_timeout.
* - ``kombu_failover_strategy`` = ``round-robin``
- (String) Determines how the next RabbitMQ node is chosen in case the one we are currently connected to becomes unavailable. Takes effect only if more than one RabbitMQ node is provided in config.
* - ``rabbit_host`` = ``localhost``
- (String) The RabbitMQ broker address where a single node is used.
- **Deprecated**
Replaced by [DEFAULT]/transport_url
* - ``rabbit_port`` = ``5672``
- (Port number) The RabbitMQ broker port where a single node is used.
- **Deprecated**
Replaced by [DEFAULT]/transport_url
* - ``rabbit_hosts`` = ``$rabbit_host:$rabbit_port``
- (List) RabbitMQ HA cluster host:port pairs.
- **Deprecated**
Replaced by [DEFAULT]/transport_url
* - ``rabbit_use_ssl`` = ``False``
- (Boolean) Connect over SSL for RabbitMQ.
* - ``rabbit_userid`` = ``guest``
- (String) The RabbitMQ userid.
- **Deprecated**
Replaced by [DEFAULT]/transport_url
* - ``rabbit_password`` = ``guest``
- (String) The RabbitMQ password.
- **Deprecated**
Replaced by [DEFAULT]/transport_url
* - ``rabbit_login_method`` = ``AMQPLAIN``
- (String) The RabbitMQ login method.
* - ``rabbit_virtual_host`` = ``/``
- (String) The RabbitMQ virtual host.
- **Deprecated**
Replaced by [DEFAULT]/transport_url
* - ``rabbit_retry_interval`` = ``1``
- (Integer) How frequently to retry connecting with RabbitMQ.
* - ``rabbit_retry_backoff`` = ``2``
- (Integer) How long to backoff for between retries when connecting to RabbitMQ.
* - ``rabbit_interval_max`` = ``30``
- (Integer) Maximum interval of RabbitMQ connection retries. Default is 30 seconds.
* - ``rabbit_max_retries`` = ``0``
- (Integer) Maximum number of RabbitMQ connection retries. Default is 0 (infinite retry count).
- **Deprecated**
No deprecation reason provided for this option.
* - ``rabbit_ha_queues`` = ``False``
- (Boolean) Try to use HA queues in RabbitMQ (x-ha-policy: all). If you change this option, you must wipe the RabbitMQ database. In RabbitMQ 3.0, queue mirroring is no longer controlled by the x-ha-policy argument when declaring a queue. If you just want to make sure that all queues (except those with auto-generated names) are mirrored across all nodes, run: "rabbitmqctl set_policy HA '^(?!amq\.).*' '{"ha-mode": "all"}' "
* - ``rabbit_transient_queues_ttl`` = ``1800``
- (Integer) Positive integer representing duration in seconds for queue TTL (x-expires). Queues which are unused for the duration of the TTL are automatically deleted. The parameter affects only reply and fanout queues.
* - ``rabbit_qos_prefetch_count`` = ``0``
- (Integer) Specifies the number of messages to prefetch. Setting to zero allows unlimited messages.
* - ``heartbeat_timeout_threshold`` = ``60``
- (Integer) Number of seconds after which the Rabbit broker is considered down if heartbeat's keep-alive fails (0 disable the heartbeat). EXPERIMENTAL
* - ``heartbeat_rate`` = ``2``
- (Integer) How often times during the heartbeat_timeout_threshold we check the heartbeat.
* - ``fake_rabbit`` = ``False``
- (Boolean) Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake
* - ``channel_max`` = ``None``
- (Integer) Maximum number of channels to allow
* - ``frame_max`` = ``None``
- (Integer) The maximum byte size for an AMQP frame
* - ``heartbeat_interval`` = ``3``
- (Integer) How often to send heartbeats for consumer's connections
* - ``ssl`` = ``None``
- (Boolean) Enable SSL
* - ``ssl_options`` = ``None``
- (Dict) Arguments passed to ssl.wrap_socket
* - ``socket_timeout`` = ``0.25``
- (Floating point) Set socket timeout in seconds for connection's socket
* - ``tcp_user_timeout`` = ``0.25``
- (Floating point) Set TCP_USER_TIMEOUT in seconds for connection's socket
* - ``host_connection_reconnect_delay`` = ``0.25``
- (Floating point) Set delay for reconnection to some host which has connection error
* - ``connection_factory`` = ``single``
- (String) Connection factory implementation
* - ``pool_max_size`` = ``30``
- (Integer) Maximum number of connections to keep queued.
* - ``pool_max_overflow`` = ``0``
- (Integer) Maximum number of connections to create above `pool_max_size`.
* - ``pool_timeout`` = ``30``
- (Integer) Default number of seconds to wait for a connections to available
* - ``pool_recycle`` = ``600``
- (Integer) Lifetime of a connection (since creation) in seconds or None for no recycling. Expired connections are closed on acquire.
* - ``pool_stale`` = ``60``
- (Integer) Threshold at which inactive (since release) connections are considered stale in seconds or None for no staleness. Stale connections are closed on acquire.
* - ``default_serializer_type`` = ``json``
- (String) Default serialization mechanism for serializing/deserializing outgoing/incoming messages
* - ``notification_persistence`` = ``False``
- (Boolean) Persist notification messages.
* - ``default_notification_exchange`` = ``${control_exchange}_notification``
- (String) Exchange name for sending notifications
* - ``notification_listener_prefetch_count`` = ``100``
- (Integer) Max number of not acknowledged message which RabbitMQ can send to notification listener.
* - ``default_notification_retry_attempts`` = ``-1``
- (Integer) Reconnecting retry count in case of connectivity problem during sending notification, -1 means infinite retry.
* - ``notification_retry_delay`` = ``0.25``
- (Floating point) Reconnecting retry delay in case of connectivity problem during sending notification message
* - ``rpc_queue_expiration`` = ``60``
- (Integer) Time to live for rpc queues without consumers in seconds.
* - ``default_rpc_exchange`` = ``${control_exchange}_rpc``
- (String) Exchange name for sending RPC messages
* - ``rpc_reply_exchange`` = ``${control_exchange}_rpc_reply``
- (String) Exchange name for receiving RPC replies
* - ``rpc_listener_prefetch_count`` = ``100``
- (Integer) Max number of not acknowledged message which RabbitMQ can send to rpc listener.
* - ``rpc_reply_listener_prefetch_count`` = ``100``
- (Integer) Max number of not acknowledged message which RabbitMQ can send to rpc reply listener.
* - ``rpc_reply_retry_attempts`` = ``-1``
- (Integer) Reconnecting retry count in case of connectivity problem during sending reply. -1 means infinite retry during rpc_timeout
* - ``rpc_reply_retry_delay`` = ``0.25``
- (Floating point) Reconnecting retry delay in case of connectivity problem during sending reply.
* - ``default_rpc_retry_attempts`` = ``-1``
- (Integer) Reconnecting retry count in case of connectivity problem during sending RPC message, -1 means infinite retry. If actual retry attempts in not 0 the rpc request could be processed more than one time
* - ``rpc_retry_delay`` = ``0.25``
- (Floating point) Reconnecting retry delay in case of connectivity problem during sending RPC message

138
doc/config-reference/source/tables/nova-oslo_messaging_zmq.rst Normal file
View File

@ -0,0 +1,138 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-oslo_messaging_zmq:
.. list-table:: Description of oslo_messaging_zmq configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``rpc_zmq_bind_address`` = ``*``
- (String) ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP. The "host" option should point or resolve to this address.
* - ``rpc_zmq_matchmaker`` = ``redis``
- (String) MatchMaker driver.
* - ``rpc_zmq_contexts`` = ``1``
- (Integer) Number of ZeroMQ contexts, defaults to 1.
* - ``rpc_zmq_topic_backlog`` = ``None``
- (Integer) Maximum number of ingress messages to locally buffer per topic. Default is unlimited.
* - ``rpc_zmq_ipc_dir`` = ``/var/run/openstack``
- (String) Directory for holding IPC sockets.
* - ``rpc_zmq_host`` = ``localhost``
- (String) Name of this node. Must be a valid hostname, FQDN, or IP address. Must match "host" option, if running Nova.
* - ``zmq_linger`` = ``-1``
- (Integer) Number of seconds to wait before all pending messages will be sent after closing a socket. The default value of -1 specifies an infinite linger period. The value of 0 specifies no linger period. Pending messages shall be discarded immediately when the socket is closed. Positive values specify an upper bound for the linger period.
* - ``rpc_poll_timeout`` = ``1``
- (Integer) The default number of seconds that poll should wait. Poll raises timeout exception when timeout expired.
* - ``zmq_target_expire`` = ``300``
- (Integer) Expiration timeout in seconds of a name service record about existing target ( < 0 means no timeout).
* - ``zmq_target_update`` = ``180``
- (Integer) Update period in seconds of a name service record about existing target.
* - ``use_pub_sub`` = ``False``
- (Boolean) Use PUB/SUB pattern for fanout methods. PUB/SUB always uses proxy.
* - ``use_router_proxy`` = ``False``
- (Boolean) Use ROUTER remote proxy.
* - ``use_dynamic_connections`` = ``False``
- (Boolean) This option makes direct connections dynamic or static. It makes sense only with use_router_proxy=False which means to use direct connections for direct message types (ignored otherwise).
* - ``zmq_failover_connections`` = ``2``
- (Integer) How many additional connections to a host will be made for failover reasons. This option is actual only in dynamic connections mode.
* - ``rpc_zmq_min_port`` = ``49153``
- (Port number) Minimal port number for random ports range.
* - ``rpc_zmq_max_port`` = ``65536``
- (Integer) Maximal port number for random ports range.
* - ``rpc_zmq_bind_port_retries`` = ``100``
- (Integer) Number of retries to find free port number before fail with ZMQBindError.
* - ``rpc_zmq_serialization`` = ``json``
- (String) Default serialization mechanism for serializing/deserializing outgoing/incoming messages
* - ``zmq_immediate`` = ``True``
- (Boolean) This option configures round-robin mode in zmq socket. True means not keeping a queue when server side disconnects. False means to keep queue and messages even if server is disconnected, when the server appears we send all accumulated messages to it.
* - ``zmq_tcp_keepalive`` = ``-1``
- (Integer) Enable/disable TCP keepalive (KA) mechanism. The default value of -1 (or any other negative value) means to skip any overrides and leave it to OS default; 0 and 1 (or any other positive value) mean to disable and enable the option respectively.
* - ``zmq_tcp_keepalive_idle`` = ``-1``
- (Integer) The duration between two keepalive transmissions in idle condition. The unit is platform dependent, for example, seconds in Linux, milliseconds in Windows etc. The default value of -1 (or any other negative value and 0) means to skip any overrides and leave it to OS default.
* - ``zmq_tcp_keepalive_cnt`` = ``-1``
- (Integer) The number of retransmissions to be carried out before declaring that remote end is not available. The default value of -1 (or any other negative value and 0) means to skip any overrides and leave it to OS default.
* - ``zmq_tcp_keepalive_intvl`` = ``-1``
- (Integer) The duration between two successive keepalive retransmissions, if acknowledgement to the previous keepalive transmission is not received. The unit is platform dependent, for example, seconds in Linux, milliseconds in Windows etc. The default value of -1 (or any other negative value and 0) means to skip any overrides and leave it to OS default.
* - ``rpc_thread_pool_size`` = ``100``
- (Integer) Maximum number of (green) threads to work concurrently.
* - ``rpc_message_ttl`` = ``300``
- (Integer) Expiration timeout in seconds of a sent/received message after which it is not tracked anymore by a client/server.
* - ``rpc_use_acks`` = ``False``
- (Boolean) Wait for message acknowledgements from receivers. This mechanism works only via proxy without PUB/SUB.
* - ``rpc_ack_timeout_base`` = ``15``
- (Integer) Number of seconds to wait for an ack from a cast/call. After each retry attempt this timeout is multiplied by some specified multiplier.
* - ``rpc_ack_timeout_multiplier`` = ``2``
- (Integer) Number to multiply base ack timeout by after each retry attempt.
* - ``rpc_retry_attempts`` = ``3``
- (Integer) Default number of message sending attempts in case of any problems occurred: positive value N means at most N retries, 0 means no retries, None or -1 (or any other negative values) mean to retry forever. This option is used only if acknowledgments are enabled.
* - ``subscribe_on`` =
- (List) List of publisher hosts SubConsumer can subscribe on. This option has higher priority then the default publishers list taken from the matchmaker.

34
doc/config-reference/source/tables/nova-oslo_middleware.rst Normal file
View File

@ -0,0 +1,34 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-oslo_middleware:
.. list-table:: Description of oslo_middleware configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``max_request_body_size`` = ``114688``
- (Integer) The maximum body size for each request, in bytes.
* - ``secure_proxy_ssl_header`` = ``X-Forwarded-Proto``
- (String) The HTTP Header that will be used to determine what the original request protocol scheme was, even if it was hidden by a SSL termination proxy.
- **Deprecated**
No deprecation reason provided for this option.
* - ``enable_proxy_headers_parsing`` = ``False``
- (Boolean) Whether the application is behind a proxy or not. This determines if the middleware should parse the headers or not.

30
doc/config-reference/source/tables/nova-oslo_policy.rst Normal file
View File

@ -0,0 +1,30 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-oslo_policy:
.. list-table:: Description of oslo_policy configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``policy_file`` = ``policy.json``
- (String) The file that defines policies.
* - ``policy_default_rule`` = ``default``
- (String) Default rule. Enforced when a requested rule is not found.
* - ``policy_dirs`` = ``['policy.d']``
- (Multi-valued) Directories where policy configuration files are stored. They can be relative to any directory in the search path defined by the config_dir option, or absolute paths. The file defined by policy_file must exist for these directories to be searched. Missing or empty directories are ignored.

12
doc/config-reference/source/tables/nova-fping.rst → doc/config-reference/source/tables/nova-oslo_versionedobjects.rst
View File

@ -8,15 +8,15 @@
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-fping:
.. _nova-oslo_versionedobjects:
.. list-table:: Description of fping configuration options
.. list-table:: Description of oslo_versionedobjects configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``fping_path`` = ``/usr/sbin/fping``
- (String) The full path to the fping binary.
* - ``fatal_exception_format_errors`` = ``False``
- (Boolean) Make exception message format errors fatal

22
doc/config-reference/source/tables/nova-pci.rst
View File

@ -10,15 +10,15 @@
.. _nova-pci:
.. list-table:: Description of PCI configuration options
.. list-table:: Description of pci configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``pci_alias`` = ``[]``
* - ``alias`` = ``[]``
- (Multi-valued) An alias for a PCI passthrough device requirement.
This allows users to specify the alias in the extra_spec for a flavor, without needing to repeat all the PCI property requirements.
@ -27,7 +27,7 @@
* A list of JSON values which describe the aliases. For example:
pci_alias = { "name": "QuickAssist", "product_id": "0443", "vendor_id": "8086", "device_type": "type-PCI" }
alias = { "name": "QuickAssist", "product_id": "0443", "vendor_id": "8086", "device_type": "type-PCI" }
defines an alias for the Intel QuickAssist card. (multi valued). Valid key values are :
@ -38,7 +38,9 @@
* "vendor_id": Vendor ID of the device in hexadecimal.
* "device_type": Type of PCI device. Valid values are: "type-PCI", "type-PF" and "type-VF".
* - ``pci_passthrough_whitelist`` = ``[]``
* - ``passthrough_whitelist`` = ``[]``
- (Multi-valued) White list of PCI devices available to VMs.
Possible values:
@ -61,14 +63,14 @@
* "<tag>": Additional <tag> and <tag_value> used for matching PCI devices. Supported <tag>: "physical_network".
Valid examples are:
The address key supports traditional glob style and regular expression syntax. Valid examples are:
pci_passthrough_whitelist = {"devname":"eth0", "physical_network":"physnet"} pci_passthrough_whitelist = {"address":"*:0a:00.*"} pci_passthrough_whitelist = {"address":":0a:00.", "physical_network":"physnet1"} pci_passthrough_whitelist = {"vendor_id":"1137", "product_id":"0071"} pci_passthrough_whitelist = {"vendor_id":"1137", "product_id":"0071", "address": "0000:0a:00.1", "physical_network":"physnet1"}
passthrough_whitelist = {"devname":"eth0", "physical_network":"physnet"} passthrough_whitelist = {"address":"*:0a:00.*"} passthrough_whitelist = {"address":":0a:00.", "physical_network":"physnet1"} passthrough_whitelist = {"vendor_id":"1137", "product_id":"0071"} passthrough_whitelist = {"vendor_id":"1137", "product_id":"0071", "address": "0000:0a:00.1", "physical_network":"physnet1"} passthrough_whitelist = {"address":{"domain": ".*", "bus": "02", "slot": "01", "function": "[2-7]"}, "physical_network":"physnet1"} passthrough_whitelist = {"address":{"domain": ".*", "bus": "02", "slot": "0[1-2]", "function": ".*"}, "physical_network":"physnet1"}
The following are invalid, as they specify mutually exclusive options:
pci_passthrough_whitelist = {"devname":"eth0", "physical_network":"physnet", "address":"*:0a:00.*"}
passthrough_whitelist = {"devname":"eth0", "physical_network":"physnet", "address":"*:0a:00.*"}
* A JSON list of JSON dictionaries corresponding to the above format. For example:
pci_passthrough_whitelist = [{"product_id":"0001", "vendor_id":"8086"}, {"product_id":"0002", "vendor_id":"8086"}]
passthrough_whitelist = [{"product_id":"0001", "vendor_id":"8086"}, {"product_id":"0002", "vendor_id":"8086"}]

64
doc/config-reference/source/tables/nova-placement.rst
View File

@ -16,51 +16,43 @@
* - Configuration option = Default value
- Description
* - **[placement]**
-
* - ``auth_section`` = ``None``
- (Unknown) Config Section from which to load plugin specific options
* - ``auth_type`` = ``None``
- (Unknown) Authentication type to load
* - ``cafile`` = ``None``
- (String) PEM encoded Certificate Authority to use when verifying HTTPs connections.
* - ``certfile`` = ``None``
- (String) PEM encoded client certificate cert file
* - ``insecure`` = ``False``
- (Boolean) Verify HTTPS connections.
* - ``timeout`` = ``None``
- (Integer) Timeout value for http requests
* - ``keyfile`` = ``None``
- (String) PEM encoded client certificate key file
* - ``insecure`` = ``False``
- (Boolean) Verify HTTPS connections.
* - ``os_interface`` = ``None``
- (String) Endpoint interface for this node. This is used when picking the URL in the service catalog.
* - ``os_region_name`` = ``None``
- (String) Region name of this node. This is used when picking the URL in the service catalog.
Possible values:
* Any string representing region name
* - ``timeout`` = ``None``
- (Integer) Timeout value for http requests
* - **[placement_database]**
-
* - ``connection`` = ``None``
- (String) No help text available for this option.
* - ``connection_debug`` = ``0``
- (Integer) No help text available for this option.
* - ``connection_trace`` = ``False``
- (Boolean) No help text available for this option.
* - ``idle_timeout`` = ``3600``
- (Integer) No help text available for this option.
* - ``max_overflow`` = ``None``
- (Integer) No help text available for this option.
* - ``max_pool_size`` = ``None``
- (Integer) No help text available for this option.
* - ``max_retries`` = ``10``
- (Integer) No help text available for this option.
* - ``mysql_sql_mode`` = ``TRADITIONAL``
- (String) No help text available for this option.
* - ``pool_timeout`` = ``None``
- (Integer) No help text available for this option.
* - ``retry_interval`` = ``10``
- (Integer) No help text available for this option.
* - ``slave_connection`` = ``None``
- (String) No help text available for this option.
* - ``sqlite_synchronous`` = ``True``
- (Boolean) No help text available for this option.
* - ``cafile`` = ``None``
- (String) PEM encoded Certificate Authority to use when verifying HTTPs connections.
* - ``auth_section`` = ``None``
- (Unknown) Config Section from which to load plugin specific options

72
doc/config-reference/source/tables/nova-policy.rst
View File

@ -1,72 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-policy:
.. list-table:: Description of policy configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``allow_instance_snapshots`` = ``True``
- (Boolean) Operators can turn off the ability for a user to take snapshots of their instances by setting this option to False. When disabled, any attempt to take a snapshot will result in a HTTP 400 response ("Bad Request").
* - ``allow_resize_to_same_host`` = ``False``
- (Boolean) Allow destination machine to match source for resize. Useful when testing in single-host environments. By default it is not allowed to resize to the same host. Setting this option to true will add the same host to the destination options.
* - ``max_age`` = ``0``
- (Integer) The number of seconds between subsequent usage refreshes. This defaults to 0 (off) to avoid additional load but it is useful to turn on to help keep quota usage up-to-date and reduce the impact of out of sync usage issues. Note that quotas are not updated on a periodic task, they will update on a new reservation if max_age has passed since the last reservation.
Possible values:
* 0 (default) or any positive integer representing number of seconds.
* - ``max_local_block_devices`` = ``3``
- (Integer) Maximum number of devices that will result in a local image being created on the hypervisor node.
A negative number means unlimited. Setting max_local_block_devices to 0 means that any request that attempts to create a local disk will fail. This option is meant to limit the number of local discs (so root local disc that is the result of --image being used, and any other ephemeral and swap disks). 0 does not mean that images will be automatically converted to volumes and boot instances from volumes - it just means that all requests that attempt to create a local disk will fail.
Possible values:
* 0: Creating a local disk is not allowed.
* Negative number: Allows unlimited number of local discs.
* Positive number: Allows only these many number of local discs. (Default value is 3).
* - ``osapi_compute_unique_server_name_scope`` =
- (String) Sets the scope of the check for unique instance names.
The default doesn't check for unique names. If a scope for the name check is set, a launch of a new instance or an update of an existing instance with a duplicate name will result in an ''InstanceExists'' error. The uniqueness is case-insensitive. Setting this option can increase the usability for end users as they don't have to distinguish among instances with the same name by their IDs.
Possible values:
* '': An empty value means that no uniqueness check is done and duplicate names are possible.
* "project": The instance name check is done only for instances within the same project.
* "global": The instance name check is done for all instances regardless of the project.
* - ``osapi_max_limit`` = ``1000``
- (Integer) As a query can potentially return many thousands of items, you can limit the maximum number of items in a single response by setting this option.
* - ``password_length`` = ``12``
- (Integer) Length of generated instance admin passwords.
* - ``reservation_expire`` = ``86400``
- (Integer) The number of seconds until a reservation expires. It represents the time period for invalidating quota reservations.
Possible values:
* 86400 (default) or any positive integer representing number of seconds.
* - ``resize_fs_using_block_device`` = ``False``
- (Boolean) If enabled, attempt to resize the filesystem by accessing the image over a block device. This is done by the host and may not be necessary if the image contains a recent version of cloud-init. Possible mechanisms require the nbd driver (for qcow and raw), or loop (for raw).
* - ``until_refresh`` = ``0``
- (Integer) The count of reservations until usage is refreshed. This defaults to 0 (off) to avoid additional load but it is useful to turn on to help keep quota usage up-to-date and reduce the impact of out of sync usage issues.
Possible values:
* 0 (default) or any positive integer.

22
doc/config-reference/source/tables/nova-osbrick.rst → doc/config-reference/source/tables/nova-privsep_osbrick.rst
View File

@ -8,21 +8,27 @@
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-osbrick:
.. _nova-privsep_osbrick:
.. list-table:: Description of osbrick configuration options
.. list-table:: Description of privsep_osbrick configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[privsep_osbrick]**
-
* - ``capabilities`` = ``[]``
- (Unknown) List of Linux capabilities retained by the privsep daemon.
* - ``group`` = ``None``
- (String) Group that the privsep daemon should run as.
* - ``helper_command`` = ``None``
- (String) Command to invoke to start the privsep daemon if not using the "fork" method. If not specified, a default is generated using "sudo privsep-helper" and arguments designed to recreate the current configuration. This command must accept suitable --privsep_context and --privsep_sock_path arguments.
* - ``group`` = ``None``
- (String) Group that the privsep daemon should run as.
* - ``user`` = ``None``
- (String) User that the privsep daemon should run as.
* - ``capabilities`` = ``[]``
- (Unknown) List of Linux capabilities retained by the privsep daemon.

76
doc/config-reference/source/tables/nova-profiler.rst Normal file
View File

@ -0,0 +1,76 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-profiler:
.. list-table:: Description of profiler configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``es_scroll_size`` = ``10000``
- (Integer) Elasticsearch splits large requests in batches. This parameter defines maximum size of each batch (for example: es_scroll_size=10000).
* - ``socket_timeout`` = ``0.1``
- (Floating point) Redissentinel provides a timeout option on the connections. This parameter defines that timeout (for example: socket_timeout=0.1).
* - ``es_scroll_time`` = ``2m``
- (String) This parameter is a time value parameter (for example: es_scroll_time=2m), indicating for how long the nodes that participate in the search will maintain relevant resources in order to continue and support it.
* - ``enabled`` = ``False``
- (Boolean) Enables the profiling for all services on this node. Default value is False (fully disable the profiling feature).
Possible values:
* True: Enables the feature
* False: Disables the feature. The profiling cannot be started via this project operations. If the profiling is triggered by another project, this project part will be empty.
* - ``es_doc_type`` = ``notification``
- (String) Document type for notification indexing in elasticsearch.
* - ``hmac_keys`` = ``SECRET_KEY``
- (String) Secret key(s) to use for encrypting context data for performance profiling. This string value should have the following format: <key1>[,<key2>,...<keyn>], where each key is some random string. A user who triggers the profiling via the REST API has to set one of these keys in the headers of the REST API call to include profiling results of this node for this particular project.
Both "enabled" flag and "hmac_keys" config options should be set to enable profiling. Also, to generate correct profiling information across all services at least one key needs to be consistent between OpenStack projects. This ensures it can be used from client side to generate the trace, containing information from all possible resources.
* - ``sentinel_service_name`` = ``mymaster``
- (String) Redissentinel uses a service name to identify a master redis service. This parameter defines the name (for example: sentinal_service_name=mymaster).
* - ``trace_sqlalchemy`` = ``False``
- (Boolean) Enables SQL requests profiling in services. Default value is False (SQL requests won't be traced).
Possible values:
* True: Enables SQL requests profiling. Each SQL query will be part of the trace and can the be analyzed by how much time was spent for that.
* False: Disables SQL requests profiling. The spent time is only shown on a higher level of operations. Single SQL queries cannot be analyzed this way.
* - ``connection_string`` = ``messaging://``
- (String) Connection string for a notifier backend. Default value is messaging:// which sets the notifier to oslo_messaging.
Examples of possible values:
* messaging://: use oslo_messaging driver for sending notifications.
* mongodb://127.0.0.1:27017 : use mongodb driver for sending notifications.
* elasticsearch://127.0.0.1:9200 : use elasticsearch driver for sending notifications.

274
doc/config-reference/source/tables/nova-quota.rst
View File

@ -16,147 +16,205 @@
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``bandwidth_poll_interval`` = ``600``
- (Integer) Interval to pull network bandwidth usage info. Not supported on all hypervisors. Set to -1 to disable. Setting this to 0 will run at the default rate.
* - ``enable_network_quota`` = ``False``
- (Boolean) DEPRECATED: This option is used to enable or disable quota checking for tenant networks.
Related options:
* - ``metadata_items`` = ``128``
* quota_networks CRUD operations on tenant networks are only available when using nova-network and nova-network is itself deprecated.
* - ``quota_cores`` = ``20``
- (Integer) The number of instance cores or VCPUs allowed per project.
- (Integer) The number of metadata items allowed per instance.
Users can associate metadata with an instance during instance creation. This metadata takes the form of key-value pairs.
Possible values:
* 20 (default) or any positive integer.
* A positive integer or 0.
* -1 : treated as unlimited.
* - ``quota_driver`` = ``nova.quota.DbQuotaDriver``
- (String) DEPRECATED: Provides abstraction for quota checks. Users can configure a specific driver to use for quota checks.
* -1 to disable the quota.
Possible values:
* - ``injected_file_content_bytes`` = ``10240``
* nova.quota.DbQuotaDriver (default) or any string representing fully qualified class name.
* - ``quota_fixed_ips`` = ``-1``
- (Integer) The number of fixed IPs allowed per project (this should be at least the number of instances allowed). Unlike floating IPs, fixed IPs are allocated dynamically by the network component when instances boot up.
Possible values:
* -1 (default) : treated as unlimited.
* Any positive integer.
* - ``quota_floating_ips`` = ``10``
- (Integer) The number of floating IPs allowed per project. Floating IPs are not allocated to instances by default. Users need to select them from the pool configured by the OpenStack administrator to attach to their instances.
Possible values:
* 10 (default) or any positive integer.
* -1 : treated as unlimited.
* - ``quota_injected_file_content_bytes`` = ``10240``
- (Integer) The number of bytes allowed per injected file.
Possible values:
* 10240 (default) or any positive integer representing number of bytes.
* A positive integer or 0.
* -1 to disable the quota.
* - ``max_age`` = ``0``
- (Integer) The number of seconds between subsequent usage refreshes.
This defaults to 0 (off) to avoid additional load but it is useful to turn on to help keep quota usage up-to-date and reduce the impact of out of sync usage issues. Note that quotas are not updated on a periodic task, they will update on a new reservation if max_age has passed since the last reservation.
* - ``server_group_members`` = ``10``
- (Integer) The maximum number of servers per server group.
Possible values:
* A positive integer or 0.
* -1 to disable the quota.
* - ``server_groups`` = ``10``
- (Integer) The maxiumum number of server groups per project.
Server groups are used to control the affinity and anti-affinity scheduling policy for a group of servers or instances. Reducing the quota will not affect any existing group, but new servers will not be allowed into groups that have become over quota.
Possible values:
* A positive integer or 0.
* -1 to disable the quota.
* - ``until_refresh`` = ``0``
- (Integer) The count of reservations until usage is refreshed.
This defaults to 0 (off) to avoid additional load but it is useful to turn on to help keep quota usage up-to-date and reduce the impact of out of sync usage issues.
* - ``injected_file_path_length`` = ``255``
* -1 : treated as unlimited.
* - ``quota_injected_file_path_length`` = ``255``
- (Integer) The maximum allowed injected file path length.
Possible values:
* 255 (default) or any positive integer.
* A positive integer or 0.
* -1 : treated as unlimited.
* - ``quota_injected_files`` = ``5``
- (Integer) The number of injected files allowed. It allow users to customize the personality of an instance by injecting data into it upon boot. Only text file injection is permitted. Binary or zip files won't work. During file injection, any existing files that match specified files are renamed to include .bak extension appended with a timestamp.
* -1 to disable the quota.
Possible values:
* - ``ram`` = ``51200``
* 5 (default) or any positive integer.
* -1 : treated as unlimited.
* - ``quota_instances`` = ``10``
- (Integer) The number of instances allowed per project.
Possible Values
* 10 (default) or any positive integer.
* -1 : treated as unlimited.
* - ``quota_key_pairs`` = ``100``
- (Integer) The maximum number of key pairs allowed per user. Users can create at least one key pair for each project and use the key pair for multiple instances that belong to that project.
Possible values:
* 100 (default) or any positive integer.
* -1 : treated as unlimited.
* - ``quota_metadata_items`` = ``128``
- (Integer) The number of metadata items allowed per instance. User can associate metadata while instance creation in the form of key-value pairs.
Possible values:
* 128 (default) or any positive integer.
* -1 : treated as unlimited.
* - ``quota_networks`` = ``3``
- (Integer) DEPRECATED: This option controls the number of private networks that can be created per project (or per tenant).
Related options:
* enable_network_quota CRUD operations on tenant networks are only available when using nova-network and nova-network is itself deprecated.
* - ``quota_ram`` = ``51200``
- (Integer) The number of megabytes of instance RAM allowed per project.
Possible values:
* 51200 (default) or any positive integer.
* A positive integer or 0.
* -1 : treated as unlimited.
* - ``quota_security_group_rules`` = ``20``
- (Integer) The number of security rules per security group. The associated rules in each security group control the traffic to instances in the group.
* -1 to disable the quota.
* - ``driver`` = ``nova.quota.DbQuotaDriver``
- (String) The quota enforcer driver.
Provides abstraction for quota checks. Users can configure a specific driver to use for quota checks.
Possible values:
* 20 (default) or any positive integer.
* nova.quota.DbQuotaDriver (default) or any string representing fully qualified class name.
- **Deprecated**
No deprecation reason provided for this option.
* - ``floating_ips`` = ``10``
- (Integer) The number of floating IPs allowed per project.
Floating IPs are not allocated to instances by default. Users need to select them from the pool configured by the OpenStack administrator to attach to their instances.
Possible values:
* A positive integer or 0.
* -1 to disable the quota.
- **Deprecated**
nova-network is deprecated, as are any related configuration options.
* - ``security_group_rules`` = ``20``
- (Integer) The number of security rules per security group.
The associated rules in each security group control the traffic to instances in the group.
Possible values:
* A positive integer or 0.
* -1 to disable the quota.
- **Deprecated**
nova-network is deprecated, as are any related configuration options.
* - ``instances`` = ``10``
- (Integer) The number of instances allowed per project.
Possible Values
* A positive integer or 0.
* -1 to disable the quota.
* - ``key_pairs`` = ``100``
- (Integer) The maximum number of key pairs allowed per user.
Users can create at least one key pair for each project and use the key pair for multiple instances that belong to that project.
Possible values:
* A positive integer or 0.
* -1 to disable the quota.
* - ``injected_files`` = ``5``
- (Integer) The number of injected files allowed.
File injection allows users to customize the personality of an instance by injecting data into it upon boot. Only text file injection is permitted: binary or ZIP files are not accepted. During file injection, any existing files that match specified files are renamed to include ``.bak`` extension appended with a timestamp.
Possible values:
* A positive integer or 0.
* -1 to disable the quota.
* - ``cores`` = ``20``
- (Integer) The number of instance cores or vCPUs allowed per project.
Possible values:
* A positive integer or 0.
* -1 to disable the quota.
* - ``fixed_ips`` = ``-1``
- (Integer) The number of fixed IPs allowed per project.
Unlike floating IPs, fixed IPs are allocated dynamically by the network component when instances boot up. This quota value should be at least the number of instances allowed
Possible values:
* A positive integer or 0.
* -1 to disable the quota.
- **Deprecated**
nova-network is deprecated, as are any related configuration options.
* - ``reservation_expire`` = ``86400``
- (Integer) The number of seconds until a reservation expires.
This quota represents the time period for invalidating quota reservations.
* - ``security_groups`` = ``10``
* -1 : treated as unlimited.
* - ``quota_security_groups`` = ``10``
- (Integer) The number of security groups per project.
Possible values:
* 10 (default) or any positive integer.
* A positive integer or 0.
* -1 : treated as unlimited.
* - ``quota_server_group_members`` = ``10``
- (Integer) Add quota values to constrain the number of servers per server group.
* -1 to disable the quota.
Possible values:
- **Deprecated**
* 10 (default) or any positive integer.
* -1 : treated as unlimited.
* - ``quota_server_groups`` = ``10``
- (Integer) Add quota values to constrain the number of server groups per project. Server group used to control the affinity and anti-affinity scheduling policy for a group of servers or instances. Reducing the quota will not affect any existing group, but new servers will not be allowed into groups that have become over quota.
Possible values:
* 10 (default) or any positive integer.
* -1 : treated as unlimited.
* - **[cells]**
-
* - ``bandwidth_update_interval`` = ``600``
- (Integer) Bandwidth update interval
Seconds between bandwidth usage cache updates for cells.
Possible values:
* Time in seconds.
nova-network is deprecated, as are any related configuration options.

8
doc/config-reference/source/tables/nova-rdp.rst
View File

@ -10,15 +10,15 @@
.. _nova-rdp:
.. list-table:: Description of RDP configuration options
.. list-table:: Description of rdp configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[rdp]**
-
* - ``enabled`` = ``False``
- (Boolean) Enable Remote Desktop Protocol (RDP) related features.
Hyper-V, unlike the majority of the hypervisors employed on Nova compute nodes, uses RDP instead of VNC and SPICE as a desktop sharing protocol to provide instance console access. This option enables RDP for graphical console access for virtual machines created by Hyper-V.
@ -28,7 +28,9 @@
Related options:
* ``compute_driver``: Must be hyperv.
* - ``html5_proxy_base_url`` = ``http://127.0.0.1:6083/``
- (String) The URL an end user would use to connect to the RDP HTML5 console proxy. The console proxy service is called with this token-embedded URL and establishes the connection to the proper instance.
An RDP HTML5 console proxy service will need to be configured to listen on the address configured here. Typically the console proxy service would be run on a controller node. The localhost address used as default would only work in a single node environment i.e. devstack.

22
doc/config-reference/source/tables/nova-debug.rst → doc/config-reference/source/tables/nova-remote_debug.rst
View File

@ -8,31 +8,17 @@
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-debug:
.. _nova-remote_debug:
.. list-table:: Description of logging configuration options
.. list-table:: Description of remote_debug configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[guestfs]**
-
* - ``debug`` = ``False``
- (Boolean) Enable/disables guestfs logging.
This configures guestfs to debug messages and push them to Openstack logging system. When set to True, it traces libguestfs API calls and enable verbose debug messages. In order to use the above feature, "libguestfs" package must be installed.
Related options: Since libguestfs access and modifies VM's managed by libvirt, below options should be set to give access to those VM's.
* libvirt.inject_key
* libvirt.inject_partition
* libvirt.inject_password
* - **[remote_debug]**
-
* - ``host`` = ``None``
- (String) Debug host (IP or name) to connect to. This command line parameter is used when you want to connect to a nova service via a debugger running on a different host.
Note that using the remote debug option changes how Nova uses the eventlet library to support async IO. This could result in failures that do not occur under normal operation. Use at your own risk.
@ -42,7 +28,9 @@
* IP address of a remote host as a command line parameter to a nova service. For Example:
/usr/local/bin/nova-compute --config-file /etc/nova/nova.conf --remote_debug-host <IP address where the debugger is running>
* - ``port`` = ``None``
- (Port number) Debug port to connect to. This command line parameter allows you to specify the port you want to use to connect to a nova service via a debugger running on different host.
Note that using the remote debug option changes how Nova uses the eventlet library to support async IO. This could result in failures that do not occur under normal operation. Use at your own risk.

34
doc/config-reference/source/tables/nova-s3.rst
View File

@ -1,34 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-s3:
.. list-table:: Description of S3 configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``image_decryption_dir`` = ``/tmp``
- (String) DEPRECATED: Parent directory for tempdir used for image decryption EC2 API related options are not supported.
* - ``s3_access_key`` = ``notchecked``
- (String) DEPRECATED: Access key to use S3 server for images EC2 API related options are not supported.
* - ``s3_affix_tenant`` = ``False``
- (Boolean) DEPRECATED: Whether to affix the tenant id to the access key when downloading from S3 EC2 API related options are not supported.
* - ``s3_host`` = ``$my_ip``
- (String) DEPRECATED: Hostname or IP for OpenStack to use when accessing the S3 API EC2 API related options are not supported.
* - ``s3_port`` = ``3333``
- (Port number) DEPRECATED: Port used when accessing the S3 API. It should be in the range of 1 - 65535 EC2 API related options are not supported.
* - ``s3_secret_key`` = ``notchecked``
- (String) DEPRECATED: Secret key to use for S3 server for images EC2 API related options are not supported.
* - ``s3_use_ssl`` = ``False``
- (Boolean) DEPRECATED: Whether to use SSL when talking to S3 EC2 API related options are not supported.

396
doc/config-reference/source/tables/nova-scheduler.rst
View File

@ -16,399 +16,53 @@
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``aggregate_image_properties_isolation_namespace`` = ``None``
- (String) Images and hosts can be configured so that certain images can only be scheduled to hosts in a particular aggregate. This is done with metadata values set on the host aggregate that are identified by beginning with the value of this option. If the host is part of an aggregate with such a metadata key, the image in the request spec must have the value of that metadata in its properties in order for the scheduler to consider the host as acceptable.
Valid values are strings.
* - ``discover_hosts_in_cells_interval`` = ``-1``
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'aggregate_image_properties_isolation' filter is enabled.
- (Integer) Periodic task interval.
* Related options:
This value controls how often (in seconds) the scheduler should attempt to discover new hosts that have been added to cells. If negative (the default), no automatic discovery will occur.
aggregate_image_properties_isolation_separator
* - ``aggregate_image_properties_isolation_separator`` = ``.``
- (String) When using the aggregate_image_properties_isolation filter, the relevant metadata keys are prefixed with the namespace defined in the aggregate_image_properties_isolation_namespace configuration option plus a separator. This option defines the separator to be used. It defaults to a period ('.').
Small deployments may want this periodic task enabled, as surveying the cells for new hosts is likely to be lightweight enough to not cause undue burdon to the scheduler. However, larger clouds (and those that are not adding hosts regularly) will likely want to disable this automatic behavior and instead use the `nova-manage cell_v2 discover_hosts` command when hosts have been added to a cell.
Valid values are strings.
* - ``driver`` = ``filter_scheduler``
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'aggregate_image_properties_isolation' filter is enabled.
- (String) The class of the driver used by the scheduler.
* Related options:
aggregate_image_properties_isolation_namespace
* - ``baremetal_scheduler_default_filters`` = ``RetryFilter, AvailabilityZoneFilter, ComputeFilter, ComputeCapabilitiesFilter, ImagePropertiesFilter, ExactRamFilter, ExactDiskFilter, ExactCoreFilter``
- (List) This option specifies the filters used for filtering baremetal hosts. The value should be a list of strings, with each string being the name of a filter class to be used. When used, they will be applied in order, so place your most restrictive filters first to make the filtering process more efficient.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect.
* Related options:
If the 'scheduler_use_baremetal_filters' option is False, this option has no effect.
* - ``cpu_allocation_ratio`` = ``0.0``
- (Floating point) This option helps you specify virtual CPU to physical CPU allocation ratio which affects all CPU filters.
This configuration specifies ratio for CoreFilter which can be set per compute node. For AggregateCoreFilter, it will fall back to this configuration value if no per-aggregate setting is found.
The options are chosen from the entry points under the namespace 'nova.scheduler.driver' in 'setup.cfg'.
Possible values:
* Any valid positive integer or float value
* A string, where the string corresponds to the class name of a scheduler driver. There are a number of options available: ** 'caching_scheduler', which aggressively caches the system state for better individual scheduler performance at the risk of more retries when running multiple schedulers ** 'chance_scheduler', which simply picks a host at random ** 'fake_scheduler', which is used for testing ** A custom scheduler driver. In this case, you will be responsible for creating and maintaining the entry point in your 'setup.cfg' file
* Default value is 0.0
* - ``periodic_task_interval`` = ``60``
NOTE: This can be set per-compute, or if set to 0.0, the value set on the scheduler node(s) or compute node(s) will be used and defaulted to 16.0'.
* - ``disk_allocation_ratio`` = ``0.0``
- (Floating point) This option helps you specify virtual disk to physical disk allocation ratio used by the disk_filter.py script to determine if a host has sufficient disk space to fit a requested instance.
- (Integer) Periodic task interval.
A ratio greater than 1.0 will result in over-subscription of the available physical disk, which can be useful for more efficiently packing instances created with images that do not use the entire virtual disk, such as sparse or compressed images. It can be set to a value between 0.0 and 1.0 in order to preserve a percentage of the disk for uses other than instances.
Possible values:
* Any valid positive integer or float value
* Default value is 0.0
NOTE: This can be set per-compute, or if set to 0.0, the value set on the scheduler node(s) or compute node(s) will be used and defaulted to 1.0'.
* - ``disk_weight_multiplier`` = ``1.0``
- (Floating point) Multiplier used for weighing free disk space. Negative numbers mean to stack vs spread.
* - ``io_ops_weight_multiplier`` = ``-1.0``
- (Floating point) This option determines how hosts with differing workloads are weighed. Negative values, such as the default, will result in the scheduler preferring hosts with lighter workloads whereas positive values will prefer hosts with heavier workloads. Another way to look at it is that positive values for this option will tend to schedule instances onto hosts that are already busy, while negative values will tend to distribute the workload across more hosts. The absolute value, whether positive or negative, controls how strong the io_ops weigher is relative to other weighers.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'io_ops' weigher is enabled.
Valid values are numeric, either integer or float.
* Related options:
None
* - ``isolated_hosts`` =
- (List) If there is a need to restrict some images to only run on certain designated hosts, list those host names here.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'IsolatedHostsFilter' filter is enabled.
* Related options:
scheduler/isolated_images scheduler/restrict_isolated_hosts_to_isolated_images
* - ``isolated_images`` =
- (List) If there is a need to restrict some images to only run on certain designated hosts, list those image UUIDs here.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'IsolatedHostsFilter' filter is enabled.
* Related options:
scheduler/isolated_hosts scheduler/restrict_isolated_hosts_to_isolated_images
* - ``max_instances_per_host`` = ``50``
- (Integer) If you need to limit the number of instances on any given host, set this option to the maximum number of instances you want to allow. The num_instances_filter will reject any host that has at least as many instances as this option's value.
Valid values are positive integers; setting it to zero will cause all hosts to be rejected if the num_instances_filter is active.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'num_instances_filter' filter is enabled.
* Related options:
None
* - ``max_io_ops_per_host`` = ``8``
- (Integer) This setting caps the number of instances on a host that can be actively performing IO (in a build, resize, snapshot, migrate, rescue, or unshelve task state) before that host becomes ineligible to build new instances.
Valid values are positive integers: 1 or greater.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'io_ops_filter' filter is enabled.
* Related options:
None
* - ``ram_allocation_ratio`` = ``0.0``
- (Floating point) This option helps you specify virtual RAM to physical RAM allocation ratio which affects all RAM filters.
This configuration specifies ratio for RamFilter which can be set per compute node. For AggregateRamFilter, it will fall back to this configuration value if no per-aggregate setting found.
Possible values:
* Any valid positive integer or float value
* Default value is 0.0
NOTE: This can be set per-compute, or if set to 0.0, the value set on the scheduler node(s) or compute node(s) will be used and defaulted to 1.5.
* - ``ram_weight_multiplier`` = ``1.0``
- (Floating point) This option determines how hosts with more or less available RAM are weighed. A positive value will result in the scheduler preferring hosts with more available RAM, and a negative number will result in the scheduler preferring hosts with less available RAM. Another way to look at it is that positive values for this option will tend to spread instances across many hosts, while negative values will tend to fill up (stack) hosts as much as possible before scheduling to a less-used host. The absolute value, whether positive or negative, controls how strong the RAM weigher is relative to other weighers.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'ram' weigher is enabled.
Valid values are numeric, either integer or float.
* Related options:
None
* - ``reserved_host_disk_mb`` = ``0``
- (Integer) Amount of disk resources in MB to make them always available to host. The disk usage gets reported back to the scheduler from nova-compute running on the compute nodes. To prevent the disk resources from being considered as available, this option can be used to reserve disk space for that host.
Possible values:
* Any positive integer representing amount of disk in MB to reserve for the host.
* - ``reserved_host_memory_mb`` = ``512``
- (Integer) Amount of memory in MB to reserve for the host so that it is always available to host processes. The host resources usage is reported back to the scheduler continuously from nova-compute running on the compute node. To prevent the host memory from being considered as available, this option is used to reserve memory for the host.
Possible values:
* Any positive integer representing amount of memory in MB to reserve for the host.
* - ``reserved_huge_pages`` = ``None``
- (Unknown) Reserves a number of huge/large memory pages per NUMA host cells
Possible values:
* A list of valid key=value which reflect NUMA node ID, page size (Default unit is KiB) and number of pages to be reserved.
reserved_huge_pages = node:0,size:2048,count:64 reserved_huge_pages = node:1,size:1GB,count:1
In this example we are reserving on NUMA node 0 64 pages of 2MiB and on NUMA node 1 1 page of 1GiB.
* - ``restrict_isolated_hosts_to_isolated_images`` = ``True``
- (Boolean) This setting determines if the scheduler's isolated_hosts filter will allow non-isolated images on a host designated as an isolated host. When set to True (the default), non-isolated images will not be allowed to be built on isolated hosts. When False, non-isolated images can be built on both isolated and non-isolated hosts alike.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'IsolatedHostsFilter' filter is enabled. Even then, this option doesn't affect the behavior of requests for isolated images, which will *always* be restricted to isolated hosts.
* Related options:
scheduler/isolated_images scheduler/isolated_hosts
* - ``scheduler_available_filters`` = ``['nova.scheduler.filters.all_filters']``
- (Multi-valued) This is an unordered list of the filter classes the Nova scheduler may apply. Only the filters specified in the 'scheduler_default_filters' option will be used, but any filter appearing in that option must also be included in this list.
By default, this is set to all filters that are included with Nova. If you wish to change this, replace this with a list of strings, where each element is the path to a filter.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect.
* Related options:
scheduler_default_filters
* - ``scheduler_default_filters`` = ``RetryFilter, AvailabilityZoneFilter, RamFilter, DiskFilter, ComputeFilter, ComputeCapabilitiesFilter, ImagePropertiesFilter, ServerGroupAntiAffinityFilter, ServerGroupAffinityFilter``
- (List) This option is the list of filter class names that will be used for filtering hosts. The use of 'default' in the name of this option implies that other filters may sometimes be used, but that is not the case. These filters will be applied in the order they are listed, so place your most restrictive filters first to make the filtering process more efficient.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect.
* Related options:
All of the filters in this option *must* be present in the 'scheduler_available_filters' option, or a SchedulerHostFilterNotFound exception will be raised.
* - ``scheduler_driver`` = ``filter_scheduler``
- (String) The class of the driver used by the scheduler. This should be chosen from one of the entrypoints under the namespace 'nova.scheduler.driver' of file 'setup.cfg'. If nothing is specified in this option, the 'filter_scheduler' is used.
This option also supports deprecated full Python path to the class to be used. For example, "nova.scheduler.filter_scheduler.FilterScheduler". But note: this support will be dropped in the N Release.
Other options are:
* 'caching_scheduler' which aggressively caches the system state for better individual scheduler performance at the risk of more retries when running multiple schedulers.
* 'chance_scheduler' which simply picks a host at random.
* 'fake_scheduler' which is used for testing.
* Related options:
None
* - ``scheduler_driver_task_period`` = ``60``
- (Integer) This value controls how often (in seconds) to run periodic tasks in the scheduler. The specific tasks that are run for each period are determined by the particular scheduler being used.
This value controls how often (in seconds) to run periodic tasks in the scheduler. The specific tasks that are run for each period are determined by the particular scheduler being used.
If this is larger than the nova-service 'service_down_time' setting, Nova may report the scheduler service as down. This is because the scheduler driver is responsible for sending a heartbeat and it will only do that as often as this option allows. As each scheduler can work a little differently than the others, be sure to test this with your selected scheduler.
* Related options:
``nova-service service_down_time``
* - ``scheduler_host_manager`` = ``host_manager``
- (String) The scheduler host manager to use, which manages the in-memory picture of the hosts that the scheduler uses.
The option value should be chosen from one of the entrypoints under the namespace 'nova.scheduler.host_manager' of file 'setup.cfg'. For example, 'host_manager' is the default setting. Aside from the default, the only other option as of the Mitaka release is 'ironic_host_manager', which should be used if you're using Ironic to provision bare-metal instances.
* Related options:
None
* - ``scheduler_host_subset_size`` = ``1``
- (Integer) New instances will be scheduled on a host chosen randomly from a subset of the N best hosts, where N is the value set by this option. Valid values are 1 or greater. Any value less than one will be treated as 1.
Setting this to a value greater than 1 will reduce the chance that multiple scheduler processes handling similar requests will select the same host, creating a potential race condition. By selecting a host randomly from the N hosts that best fit the request, the chance of a conflict is reduced. However, the higher you set this value, the less optimal the chosen host may be for a given request.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect.
* Related options:
None
* - ``scheduler_instance_sync_interval`` = ``120``
- (Integer) Waiting time interval (seconds) between sending the scheduler a list of current instance UUIDs to verify that its view of instances is in sync with nova. If the CONF option `scheduler_tracks_instance_changes` is False, changing this option will have no effect.
* - ``scheduler_json_config_location`` =
- (String) The absolute path to the scheduler configuration JSON file, if any. This file location is monitored by the scheduler for changes and reloads it if needed. It is converted from JSON to a Python data structure, and passed into the filtering and weighing functions of the scheduler, which can use it for dynamic configuration.
* Related options:
None
* - ``scheduler_manager`` = ``nova.scheduler.manager.SchedulerManager``
- (String) DEPRECATED: Full class name for the Manager for scheduler
* - ``scheduler_max_attempts`` = ``3``
- (Integer) This is the maximum number of attempts that will be made to schedule an instance before it is assumed that the failures aren't due to normal occasional race conflicts, but rather some other problem. When this is reached a MaxRetriesExceeded exception is raised, and the instance is set to an error state.
Valid values are positive integers (1 or greater).
* Related options:
None
* - ``scheduler_topic`` = ``scheduler``
- (String) This is the message queue topic that the scheduler 'listens' on. It is used when the scheduler service is started up to configure the queue, and whenever an RPC call to the scheduler is made. There is almost never any reason to ever change this value.
* Related options:
None
* - ``scheduler_tracks_instance_changes`` = ``True``
- (Boolean) The scheduler may need information about the instances on a host in order to evaluate its filters and weighers. The most common need for this information is for the (anti-)affinity filters, which need to choose a host based on the instances already running on a host.
If the configured filters and weighers do not need this information, disabling this option will improve performance. It may also be disabled when the tracking overhead proves too heavy, although this will cause classes requiring host usage data to query the database on each request instead.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect.
* Related options:
None
* - ``scheduler_use_baremetal_filters`` = ``False``
- (Boolean) Set this to True to tell the nova scheduler that it should use the filters specified in the 'baremetal_scheduler_default_filters' option. If you are not scheduling baremetal nodes, leave this at the default setting of False.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect.
* Related options:
If this option is set to True, then the filters specified in the 'baremetal_scheduler_default_filters' are used instead of the filters specified in 'scheduler_default_filters'.
* - ``scheduler_weight_classes`` = ``nova.scheduler.weights.all_weighers``
- (List) This is a list of weigher class names. Only hosts which pass the filters are weighed. The weight for any host starts at 0, and the weighers order these hosts by adding to or subtracting from the weight assigned by the previous weigher. Weights may become negative.
An instance will be scheduled to one of the N most-weighted hosts, where N is 'scheduler_host_subset_size'.
By default, this is set to all weighers that are included with Nova. If you wish to change this, replace this with a list of strings, where each element is the path to a weigher.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect.
* Related options:
None
* - ``soft_affinity_weight_multiplier`` = ``1.0``
- (Floating point) Multiplier used for weighing hosts for group soft-affinity. Only a positive value is meaningful. Negative means that the behavior will change to the opposite, which is soft-anti-affinity.
* - ``soft_anti_affinity_weight_multiplier`` = ``1.0``
- (Floating point) Multiplier used for weighing hosts for group soft-anti-affinity. Only a positive value is meaningful. Negative means that the behavior will change to the opposite, which is soft-affinity.
* - **[cells]**
-
* - ``ram_weight_multiplier`` = ``10.0``
- (Floating point) Ram weight multiplier
Multiplier used for weighing ram. Negative numbers indicate that Compute should stack VMs on one host instead of spreading out new VMs to more hosts in the cell.
Possible values:
* Numeric multiplier
* - ``scheduler_filter_classes`` = ``nova.cells.filters.all_filters``
- (List) Scheduler filter classes
Filter classes the cells scheduler should use. An entry of "nova.cells.filters.all_filters" maps to all cells filters included with nova. As of the Mitaka release the following filter classes are available:
Different cell filter: A scheduler hint of 'different_cell' with a value of a full cell name may be specified to route a build away from a particular cell.
Image properties filter: Image metadata named 'hypervisor_version_requires' with a version specification may be specified to ensure the build goes to a cell which has hypervisors of the required version. If either the version requirement on the image or the hypervisor capability of the cell is not present, this filter returns without filtering out the cells.
Target cell filter: A scheduler hint of 'target_cell' with a value of a full cell name may be specified to route a build to a particular cell. No error handling is done as there's no way to know whether the full path is a valid.
As an admin user, you can also add a filter that directs builds to a particular cell.
* - ``scheduler_retries`` = ``10``
- (Integer) Scheduler retries
How many retries when no cells are available. Specifies how many times the scheduler tries to launch a new instance when no cells are available.
Possible values:
* Positive integer value
* An integer, where the integer corresponds to periodic task interval in seconds. 0 uses the default interval (60 seconds). A negative value disables periodic tasks.
Related options:
* This value is used with the ``scheduler_retry_delay`` value while retrying to find a suitable cell.
* - ``scheduler_retry_delay`` = ``2``
- (Integer) Scheduler retry delay
* ``nova-service service_down_time``
Specifies the delay (in seconds) between scheduling retries when no cell can be found to place the new instance on. When the instance could not be scheduled to a cell after ``scheduler_retries`` in combination with ``scheduler_retry_delay``, then the scheduling of the instance failed.
* - ``host_manager`` = ``host_manager``
- (String) The scheduler host manager to use.
The host manager manages the in-memory picture of the hosts that the scheduler uses. The options values are chosen from the entry points under the namespace 'nova.scheduler.host_manager' in 'setup.cfg'.
* - ``max_attempts`` = ``3``
- (Integer) Maximum number of schedule attempts for a chosen host.
This is the maximum number of attempts that will be made to schedule an instance before it is assumed that the failures aren't due to normal occasional race conflicts, but rather some other problem. When this is reached a MaxRetriesExceeded exception is raised, and the instance is set to an error state.
Possible values:
* Time in seconds.
Related options:
* This value is used with the ``scheduler_retries`` value while retrying to find a suitable cell.
* - ``scheduler_weight_classes`` = ``nova.cells.weights.all_weighers``
- (List) Scheduler weight classes
Weigher classes the cells scheduler should use. An entry of "nova.cells.weights.all_weighers" maps to all cell weighers included with nova. As of the Mitaka release the following weight classes are available:
mute_child: Downgrades the likelihood of child cells being chosen for scheduling requests, which haven't sent capacity or capability updates in a while. Options include mute_weight_multiplier (multiplier for mute children; value should be negative).
ram_by_instance_type: Select cells with the most RAM capacity for the instance type being requested. Because higher weights win, Compute returns the number of available units for the instance type requested. The ram_weight_multiplier option defaults to 10.0 that adds to the weight by a factor of 10. Use a negative number to stack VMs on one host instead of spreading out new VMs to more hosts in the cell.
weight_offset: Allows modifying the database to weight a particular cell. The highest weight will be the first cell to be scheduled for launching an instance. When the weight_offset of a cell is set to 0, it is unlikely to be picked but it could be picked if other cells have a lower weight, like if they're full. And when the weight_offset is set to a very high value (for example, '999999999999999'), it is likely to be picked if another cell do not have a higher weight.
* - **[metrics]**
-
* - ``required`` = ``True``
- (Boolean) This setting determines how any unavailable metrics are treated. If this option is set to True, any hosts for which a metric is unavailable will raise an exception, so it is recommended to also use the MetricFilter to filter out those hosts before weighing.
When this option is False, any metric being unavailable for a host will set the host weight to 'weight_of_unavailable'.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect.
* Related options:
weight_of_unavailable
* - ``weight_multiplier`` = ``1.0``
- (Floating point) When using metrics to weight the suitability of a host, you can use this option to change how the calculated weight influences the weight assigned to a host as follows:
* Greater than 1.0: increases the effect of the metric on overall weight.
* Equal to 1.0: No change to the calculated weight.
* Less than 1.0, greater than 0: reduces the effect of the metric on overall weight.
* 0: The metric value is ignored, and the value of the 'weight_of_unavailable' option is returned instead.
* Greater than -1.0, less than 0: the effect is reduced and reversed.
* -1.0: the effect is reversed
* Less than -1.0: the effect is increased proportionally and reversed.
Valid values are numeric, either integer or float.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect.
* Related options:
weight_of_unavailable
* - ``weight_of_unavailable`` = ``-10000.0``
- (Floating point) When any of the following conditions are met, this value will be used in place of any actual metric value:
* One of the metrics named in 'weight_setting' is not available for a host, and the value of 'required' is False.
* The ratio specified for a metric in 'weight_setting' is 0.
* The 'weight_multiplier' option is set to 0.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect.
* Related options:
weight_setting required weight_multiplier
* - ``weight_setting`` =
- (List) This setting specifies the metrics to be weighed and the relative ratios for each metric. This should be a single string value, consisting of a series of one or more 'name=ratio' pairs, separated by commas, where 'name' is the name of the metric to be weighed, and 'ratio' is the relative weight for that metric.
Note that if the ratio is set to 0, the metric value is ignored, and instead the weight will be set to the value of the 'weight_of_unavailable' option.
As an example, let's consider the case where this option is set to:
``name1=1.0, name2=-1.3``
The final weight will be:
``(name1.value * 1.0) + (name2.value * -1.3)``
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect.
* Related options:
weight_of_unavailable
* A positive integer, where the integer corresponds to the max number of attempts that can be made when scheduling an instance.

100
doc/config-reference/source/tables/nova-serial_console.rst
View File

@ -10,113 +10,65 @@
.. _nova-serial_console:
.. list-table:: Description of serial console configuration options
.. list-table:: Description of serial_console configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[serial_console]**
-
* - ``serialproxy_port`` = ``6083``
- (Port number) The port number which is used by the ``nova-serialproxy`` service to listen for incoming requests.
The ``nova-serialproxy`` service listens on this port number for incoming connection requests to instances which expose serial console.
Related options:
* Ensure that this is the same port number which is defined in the option ``base_url`` of this section.
* - ``enabled`` = ``False``
- (Boolean) Enable the serial console feature.
In order to use this feature, the service ``nova-serialproxy`` needs to run. This service is typically executed on the controller node.
* - ``base_url`` = ``ws://127.0.0.1:6083/``
- (String) The URL an end user would use to connect to the ``nova-serialproxy`` service.
- (URI) The URL an end user would use to connect to the ``nova-serialproxy`` service.
The ``nova-serialproxy`` service is called with this token enriched URL and establishes the connection to the proper instance.
Possible values:
* <scheme><IP-address><port-number>
Services which consume this:
* ``nova-compute``
Interdependencies to other options:
Related options:
* The IP address must be identical to the address to which the ``nova-serialproxy`` service is listening (see option ``serialproxy_host`` in this section).
* The port must be the same as in the option ``serialproxy_port`` of this section.
* If you choose to use a secured websocket connection, then start this option with ``wss://`` instead of the unsecured ``ws://``. The options ``cert`` and ``key`` in the ``[DEFAULT]`` section have to be set for that.
* - ``enabled`` = ``False``
- (Boolean) Enable the serial console feature.
In order to use this feature, the service ``nova-serialproxy`` needs to run. This service is typically executed on the controller node.
Possible values:
* True: Enables the feature
* False: Disables the feature
Services which consume this:
* ``nova-compute``
Interdependencies to other options:
* None
* - ``port_range`` = ``10000:20000``
- (String) A range of TCP ports a guest can use for its backend.
Each instance which gets created will use one port out of this range. If the range is not big enough to provide another port for an new instance, this instance won't get launched.
Possible values:
Each string which passes the regex ``\d+:\d+`` For example ``10000:20000``. Be sure that the first port number is lower than the second port number.
* Each string which passes the regex ``\d+:\d+`` For example ``10000:20000``. Be sure that the first port number is lower than the second port number and that both are in range from 0 to 65535.
Services which consume this:
* ``nova-compute``
Interdependencies to other options:
* None
* - ``proxyclient_address`` = ``127.0.0.1``
- (String) The IP address to which proxy clients (like ``nova-serialproxy``) should connect to get the serial console of an instance.
This is typically the IP address of the host of a ``nova-compute`` service.
Possible values:
* An IP address
Services which consume this:
* ``nova-compute``
Interdependencies to other options:
* None
* - ``serialproxy_host`` = ``0.0.0.0``
- (String) The IP address which is used by the ``nova-serialproxy`` service to listen for incoming requests.
The ``nova-serialproxy`` service listens on this IP address for incoming connection requests to instances which expose serial console.
Possible values:
* An IP address
Services which consume this:
* ``nova-serialproxy``
Interdependencies to other options:
Related options:
* Ensure that this is the same IP address which is defined in the option ``base_url`` of this section or use ``0.0.0.0`` to listen on all addresses.
* - ``serialproxy_port`` = ``6083``
- (Port number) The port number which is used by the ``nova-serialproxy`` service to listen for incoming requests.
The ``nova-serialproxy`` service listens on this port number for incoming connection requests to instances which expose serial console.
Possible values:
* A port number
Services which consume this:
* ``nova-serialproxy``
Interdependencies to other options:
* Ensure that this is the same port number which is defined in the option ``base_url`` of this section.

54
doc/config-reference/source/tables/nova-service_user.rst Normal file
View File

@ -0,0 +1,54 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-service_user:
.. list-table:: Description of service_user configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``auth_type`` = ``None``
- (Unknown) Authentication type to load
* - ``send_service_user_token`` = ``False``
- (Boolean) When True, if sending a user token to an REST API, also send a service token.
Nova often reuses the user token provided to the nova-api to talk to other REST APIs, such as Cinder and Neutron. It is possible that while the user token was valid when the request was made to Nova, the token may expire before it reaches the other service. To avoid any failures, and to make it clear it is Nova calling the service on the users behalf, we include a server token along with the user token. Should the user's token have expired, a valid service token ensures the REST API request will still be accepted by the keystone middleware.
This feature is currently experimental, and as such is turned off by default while full testing and performance tuning of this feature is completed.
* - ``certfile`` = ``None``
- (String) PEM encoded client certificate cert file
* - ``keyfile`` = ``None``
- (String) PEM encoded client certificate key file
* - ``insecure`` = ``False``
- (Boolean) Verify HTTPS connections.
* - ``timeout`` = ``None``
- (Integer) Timeout value for http requests
* - ``cafile`` = ``None``
- (String) PEM encoded Certificate Authority to use when verifying HTTPs connections.
* - ``auth_section`` = ``None``
- (Unknown) Config Section from which to load plugin specific options

100
doc/config-reference/source/tables/nova-spice.rst
View File

@ -10,27 +10,93 @@
.. _nova-spice:
.. list-table:: Description of SPICE configuration options
.. list-table:: Description of spice configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[spice]**
-
* - ``agent_enabled`` = ``True``
- (Boolean) Enable the spice guest agent support.
* - ``enabled`` = ``False``
- (Boolean) Enable spice related features.
* - ``html5proxy_base_url`` = ``http://127.0.0.1:6082/spice_auto.html``
- (String) Location of spice HTML5 console proxy, in the form "http://127.0.0.1:6082/spice_auto.html"
* - ``html5proxy_host`` = ``0.0.0.0``
- (String) Host on which to listen for incoming requests
* - ``html5proxy_port`` = ``6082``
- (Port number) Port on which to listen for incoming requests
* - ``keymap`` = ``en-us``
- (String) Keymap for spice
* - ``server_listen`` = ``127.0.0.1``
- (String) IP address on which instance spice server should listen
- (String) The address where the SPICE server running on the instances should listen.
Typically, the ``nova-spicehtml5proxy`` proxy client runs on the controller node and connects over the private network to this address on the compute node(s).
Possible values:
* IP address to listen on.
* - ``html5proxy_port`` = ``6082``
- (Port number) Port on which the ``nova-spicehtml5proxy`` service listens for incoming requests.
Related options:
* This option depends on the ``html5proxy_base_url`` option. The ``nova-spicehtml5proxy`` service must be listening on a port that is accessible from the HTML5 client.
* - ``enabled`` = ``False``
- (Boolean) Enable SPICE related features.
Related options:
* VNC must be explicitly disabled to get access to the SPICE console. Set the enabled option to False in the [vnc] section to disable the VNC console.
* - ``server_proxyclient_address`` = ``127.0.0.1``
- (String) The address to which proxy clients (like nova-spicehtml5proxy) should connect
- (String) The address used by ``nova-spicehtml5proxy`` client to connect to instance console.
Typically, the ``nova-spicehtml5proxy`` proxy client runs on the controller node and connects over the private network to this address on the compute node(s).
Possible values:
* Any valid IP address on the compute node.
Related options:
* This option depends on the ``server_listen`` option. The proxy client must be able to access the address specified in ``server_listen`` using the value of this option.
* - ``agent_enabled`` = ``True``
- (Boolean) Enable the SPICE guest agent support on the instances.
The Spice agent works with the Spice protocol to offer a better guest console experience. However, the Spice console can still be used without the Spice Agent. With the Spice agent installed the following features are enabled:
* Copy & Paste of text and images between the guest and client machine
* Automatic adjustment of resolution when the client screen changes - e.g. if you make the Spice console full screen the guest resolution will adjust to match it rather than letterboxing.
* Better mouse integration - The mouse can be captured and released without needing to click inside the console or press keys to release it. The performance of mouse movement is also improved.
* - ``html5proxy_base_url`` = ``http://127.0.0.1:6082/spice_auto.html``
- (URI) Location of the SPICE HTML5 console proxy.
End user would use this URL to connect to the `nova-spicehtml5proxy`` service. This service will forward request to the console of an instance.
In order to use SPICE console, the service ``nova-spicehtml5proxy`` should be running. This service is typically launched on the controller node.
Possible values:
* Must be a valid URL of the form: ``http://host:port/spice_auto.html`` where host is the node running ``nova-spicehtml5proxy`` and the port is typically 6082. Consider not using default value as it is not well defined for any real deployment.
Related options:
* This option depends on ``html5proxy_host`` and ``html5proxy_port`` options. The access URL returned by the compute node must have the host and port where the ``nova-spicehtml5proxy`` service is listening.
* - ``html5proxy_host`` = ``0.0.0.0``
- (String) IP address or a hostname on which the ``nova-spicehtml5proxy`` service listens for incoming requests.
Related options:
* This option depends on the ``html5proxy_base_url`` option. The ``nova-spicehtml5proxy`` service must be listening on a host that is accessible from the HTML5 client.
* - ``keymap`` = ``en-us``
- (String) A keyboard layout which is supported by the underlying hypervisor on this node.
Possible values:
* This is usually an 'IETF language tag' (default is 'en-us'). If you use QEMU as hypervisor, you should find the list of supported keyboard layouts at /usr/share/qemu/keymaps.

38
doc/config-reference/source/tables/nova-ssl.rst Normal file
View File

@ -0,0 +1,38 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-ssl:
.. list-table:: Description of ssl configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``cert_file`` = ``None``
- (String) Certificate file to use when starting the server securely.
* - ``version`` = ``None``
- (String) SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some distributions.
* - ``key_file`` = ``None``
- (String) Private key file to use when starting the server securely.
* - ``ca_file`` = ``None``
- (String) CA certificate file to use to verify connecting clients.
* - ``ciphers`` = ``None``
- (String) Sets the list of available ciphers. value should be a string in the OpenSSL cipher list format.

44
doc/config-reference/source/tables/nova-testing.rst
View File

@ -1,44 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-testing:
.. list-table:: Description of testing configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``fake_network`` = ``False``
- (Boolean) This option is used mainly in testing to avoid calls to the underlying network utilities.
* - ``monkey_patch`` = ``False``
- (Boolean) Determine if monkey patching should be applied.
Related options:
* ``monkey_patch_modules``: This must have values set for this option to have any effect
* - ``monkey_patch_modules`` = ``nova.compute.api:nova.notifications.notify_decorator``
- (List) List of modules/decorators to monkey patch.
This option allows you to patch a decorator for all functions in specified modules.
Possible values:
* nova.compute.api:nova.notifications.notify_decorator
* nova.api.ec2.cloud:nova.notifications.notify_decorator
* [...]
Related options:
* ``monkey_patch``: This must be set to ``True`` for this option to have any effect

178
doc/config-reference/source/tables/nova-trustedcomputing.rst → doc/config-reference/source/tables/nova-trusted_computing.rst
View File

@ -8,83 +8,175 @@
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-trustedcomputing:
.. _nova-trusted_computing:
.. list-table:: Description of trusted computing configuration options
.. list-table:: Description of trusted_computing configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[trusted_computing]**
-
* - ``attestation_auth_timeout`` = ``60``
- (Integer) This value controls how long a successful attestation is cached. Once this period has elapsed, a new attestation request will be made. See the `attestation_server` help text for more information about host verification.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'TrustedFilter' filter is enabled.
Possible values:
* A integer value, corresponding to the timeout interval for attestations in seconds. Any integer is valid, although setting this to zero or negative values can greatly impact performance when using an attestation service.
Related options:
* attestation_server
* attestation_server_ca_file
* attestation_port
* attestation_api_url
* attestation_auth_blob
* attestation_insecure_ssl
* - ``attestation_port`` = ``8443``
- (Port number) The port to use when connecting to the attestation server. See the `attestation_server` help text for more information about host verification.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'TrustedFilter' filter is enabled.
Related options:
* attestation_server
* attestation_server_ca_file
* attestation_api_url
* attestation_auth_blob
* attestation_auth_timeout
* attestation_insecure_ssl
* - ``attestation_api_url`` = ``/OpenAttestationWebServices/V1.0``
- (String) The URL on the attestation server to use. See the `attestation_server` help text for more information about host verification.
This value must be just that path portion of the full URL, as it will be joined to the host specified in the attestation_server option.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'TrustedFilter' filter is enabled.
* Related options:
Possible values:
attestation_server attestation_server_ca_file attestation_port attestation_auth_blob attestation_auth_timeout attestation_insecure_ssl
* - ``attestation_auth_blob`` = ``None``
- (String) Attestation servers require a specific blob that is used to authenticate. The content and format of the blob are determined by the particular attestation server being used. There is no default value; you must supply the value as specified by your attestation service. See the `attestation_server` help text for more information about host verification.
* A valid URL string of the attestation server, or an empty string.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'TrustedFilter' filter is enabled.
Related options:
* Related options:
* attestation_server
attestation_server attestation_server_ca_file attestation_port attestation_api_url attestation_auth_timeout attestation_insecure_ssl
* - ``attestation_auth_timeout`` = ``60``
- (Integer) This value controls how long a successful attestation is cached. Once this period has elapsed, a new attestation request will be made. See the `attestation_server` help text for more information about host verification.
* attestation_server_ca_file
The value is in seconds. Valid values must be positive integers for any caching; setting this to zero or a negative value will result in calls to the attestation_server for every request, which may impact performance.
* attestation_port
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'TrustedFilter' filter is enabled.
* attestation_auth_blob
* Related options:
* attestation_auth_timeout
attestation_server attestation_server_ca_file attestation_port attestation_api_url attestation_auth_blob attestation_insecure_ssl
* - ``attestation_insecure_ssl`` = ``False``
- (Boolean) When set to True, the SSL certificate verification is skipped for the attestation service. See the `attestation_server` help text for more information about host verification.
* attestation_insecure_ssl
Valid values are True or False. The default is False.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'TrustedFilter' filter is enabled.
* Related options:
attestation_server attestation_server_ca_file attestation_port attestation_api_url attestation_auth_blob attestation_auth_timeout
* - ``attestation_port`` = ``8443``
- (String) The port to use when connecting to the attestation server. See the `attestation_server` help text for more information about host verification.
Valid values are strings, not integers, but must be digits only.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'TrustedFilter' filter is enabled.
* Related options:
attestation_server attestation_server_ca_file attestation_api_url attestation_auth_blob attestation_auth_timeout attestation_insecure_ssl
* - ``attestation_server`` = ``None``
- (String) The host to use as the attestation server.
Cloud computing pools can involve thousands of compute nodes located at different geographical locations, making it difficult for cloud providers to identify a node's trustworthiness. When using the Trusted filter, users can request that their VMs only be placed on nodes that have been verified by the attestation server specified in this option.
The value is a string, and can be either an IP address or FQDN.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'TrustedFilter' filter is enabled.
Possible values:
* A string representing the host name or IP address of the attestation server, or an empty string.
Related options:
* attestation_server_ca_file
* attestation_port
* attestation_api_url
* attestation_auth_blob
* attestation_auth_timeout
* attestation_insecure_ssl
* - ``attestation_insecure_ssl`` = ``False``
- (Boolean) When set to True, the SSL certificate verification is skipped for the attestation service. See the `attestation_server` help text for more information about host verification.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'TrustedFilter' filter is enabled.
* Related options:
Related options:
* attestation_server
* attestation_server_ca_file
* attestation_port
* attestation_api_url
* attestation_auth_blob
* attestation_auth_timeout
* - ``attestation_auth_blob`` = ``None``
- (String) Attestation servers require a specific blob that is used to authenticate. The content and format of the blob are determined by the particular attestation server being used. There is no default value; you must supply the value as specified by your attestation service. See the `attestation_server` help text for more information about host verification.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'TrustedFilter' filter is enabled.
Possible values:
* A string containing the specific blob required by the attestation server, or an empty string.
Related options:
* attestation_server
* attestation_server_ca_file
* attestation_port
* attestation_api_url
* attestation_auth_timeout
* attestation_insecure_ssl
attestation_server_ca_file attestation_port attestation_api_url attestation_auth_blob attestation_auth_timeout attestation_insecure_ssl
* - ``attestation_server_ca_file`` = ``None``
- (String) The absolute path to the certificate to use for authentication when connecting to the attestation server. See the `attestation_server` help text for more information about host verification.
The value is a string, and must point to a file that is readable by the scheduler.
This option is only used by the FilterScheduler and its subclasses; if you use a different scheduler, this option has no effect. Also note that this setting only affects scheduling if the 'TrustedFilter' filter is enabled.
* Related options:
Possible values:
attestation_server attestation_port attestation_api_url attestation_auth_blob attestation_auth_timeout attestation_insecure_ssl
* A string representing the path to the authentication certificate for the attestation server, or an empty string.
Related options:
* attestation_server
* attestation_port
* attestation_api_url
* attestation_auth_blob
* attestation_auth_timeout
* attestation_insecure_ssl

116
doc/config-reference/source/tables/nova-upgrade_levels.rst
View File

@ -10,101 +10,65 @@
.. _nova-upgrade_levels:
.. list-table:: Description of upgrade levels configuration options
.. list-table:: Description of upgrade_levels configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[cells]**
-
* - ``scheduler`` = ``nova.cells.scheduler.CellsScheduler``
- (String) Cells scheduler
The class of the driver used by the cells scheduler. This should be the full Python path to the class to be used. If nothing is specified in this option, the CellsScheduler is used.
* - **[upgrade_levels]**
-
* - ``baseapi`` = ``None``
- (String) Set a version cap for messages sent to the base api in any service
* - ``cells`` = ``None``
- (String) Cells version
Cells client-side RPC API version. Use this option to set a version cap for messages sent to local cells services.
Possible values:
* None: This is the default value.
* grizzly: message version 1.6.
* havana: message version 1.24.
* icehouse: message version 1.27.
* juno: message version 1.29.
* kilo: message version 1.34.
* liberty: message version 1.37.
Services which consume this:
* nova-cells
Related options:
* None
* - ``cert`` = ``None``
- (String) Specifies the maximum version for messages sent from cert services. This should be the minimum value that is supported by all of the deployed cert services.
Possible values:
Any valid OpenStack release name, in lower case, such as 'mitaka' or 'liberty'. Alternatively, it can be any string representing a version number in the format 'N.N'; for example, possible values might be '1.12' or '2.0'.
Services which consume this:
* nova-cert
Related options:
* None
* - ``compute`` = ``None``
- (String) Set a version cap for messages sent to compute services. Set this option to "auto" if you want to let the compute RPC module automatically determine what version to use based on the service versions in the deployment. Otherwise, you can set this to a specific version to pin this service to messages at a particular level. All services of a single type (i.e. compute) should be configured to use the same version, and it should be set to the minimum commonly-supported version of all those services in the deployment.
* - ``conductor`` = ``None``
- (String) Set a version cap for messages sent to conductor services
* - ``console`` = ``None``
- (String) Set a version cap for messages sent to console services
* - ``consoleauth`` = ``None``
- (String) Set a version cap for messages sent to consoleauth services
* - ``intercell`` = ``None``
- (String) Intercell version
Intercell RPC API is the client side of the Cell<->Cell RPC API. Use this option to set a version cap for messages sent between cells services.
- (String) Compute RPC API version cap.
By default, we always send messages using the most recent version the client knows about.
Where you have old and new compute services running, you should set this to the lowest deployed version. This is to guarantee that all services never send messages that one of the compute nodes can't understand. Note that we only support upgrading from release N to release N+1.
Set this option to "auto" if you want to let the compute RPC module automatically determine what version to use based on the service versions in the deployment.
Possible values:
* None: This is the default value.
* By default send the latest version the client knows about
* grizzly: message version 1.0.
* 'auto': Automatically determines what version to use based on the service versions in the deployment.
Services which consume this:
* A string representing a version number in the format 'N.N'; for example, possible values might be '1.12' or '2.0'.
* nova-cells
* An OpenStack release name, in lower case, such as 'mitaka' or 'liberty'.
Related options:
* None
* - ``network`` = ``None``
- (String) Set a version cap for messages sent to network services
- (String) Network RPC API version cap
* - ``conductor`` = ``None``
- (String) Conductor RPC API version cap
* - ``cells`` = ``None``
- (String) Cells RPC API version cap
* - ``cert`` = ``None``
- (String) Cert RPC API version cap
* - ``scheduler`` = ``None``
- (String) Sets a version cap (limit) for messages sent to scheduler services. In the situation where there were multiple scheduler services running, and they were not being upgraded together, you would set this to the lowest deployed version to guarantee that other services never send messages that any of your running schedulers cannot understand.
This is rarely needed in practice as most deployments run a single scheduler. It exists mainly for design compatibility with the other services, such as compute, which are routinely upgraded in a rolling fashion.
- (String) Scheduler RPC API version cap
Services that use this:
* - ``intercell`` = ``None``
* nova-compute, nova-conductor
- (String) Intercell RPC API version cap
Related options:
* - ``console`` = ``None``
* None
- (String) Console RPC API version cap
* - ``consoleauth`` = ``None``
- (String) Consoleauth RPC API version cap
* - ``baseapi`` = ``None``
- (String) Base API RPC API version cap

46
doc/config-reference/source/tables/nova-vendordata_dynamic_auth.rst Normal file
View File

@ -0,0 +1,46 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-vendordata_dynamic_auth:
.. list-table:: Description of vendordata_dynamic_auth configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``auth_type`` = ``None``
- (Unknown) Authentication type to load
* - ``certfile`` = ``None``
- (String) PEM encoded client certificate cert file
* - ``keyfile`` = ``None``
- (String) PEM encoded client certificate key file
* - ``insecure`` = ``False``
- (Boolean) Verify HTTPS connections.
* - ``timeout`` = ``None``
- (Integer) Timeout value for http requests
* - ``cafile`` = ``None``
- (String) PEM encoded Certificate Authority to use when verifying HTTPs connections.
* - ``auth_section`` = ``None``
- (Unknown) Config Section from which to load plugin specific options

196
doc/config-reference/source/tables/nova-vmware.rst
View File

@ -10,67 +10,37 @@
.. _nova-vmware:
.. list-table:: Description of VMware configuration options
.. list-table:: Description of vmware configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[vmware]**
-
* - ``api_retry_count`` = ``10``
- (Integer) Number of times VMware vCenter server API must be retried on connection failures, e.g. socket error, etc.
* - ``ca_file`` = ``None``
- (String) Specifies the CA bundle file to be used in verifying the vCenter server certificate.
* - ``cache_prefix`` = ``None``
- (String) This option adds a prefix to the folder where cached images are stored
This is not the full path - just a folder prefix. This should only be used when a datastore cache is shared between compute nodes.
* - ``vlan_interface`` = ``vmnic0``
Note: This should only be used when the compute nodes are running on same host or they have a shared file system.
- (String) This option specifies the physical ethernet adapter name for VLAN networking.
Set the vlan_interface configuration option to match the ESX host interface that handles VLAN-tagged VM traffic.
Possible values:
* Any string representing the cache prefix to the folder
* - ``cluster_name`` = ``None``
- (String) Name of a VMware Cluster ComputeResource.
* - ``console_delay_seconds`` = ``None``
- (Integer) Set this value if affected by an increased network latency causing repeated characters when typing in a remote console.
* - ``datastore_regex`` = ``None``
- (String) Regular expression pattern to match the name of datastore.
* Any valid string representing VLAN interface name
The datastore_regex setting specifies the datastores to use with Compute. For example, datastore_regex="nas.*" selects all the data stores that have a name starting with "nas".
NOTE: If no regex is given, it just picks the datastore with the most freespace.
Possible values:
* Any matching regular expression to a datastore must be given
* - ``host_ip`` = ``None``
- (String) Hostname or IP address for connection to VMware vCenter host.
* - ``host_password`` = ``None``
- (String) Password for connection to VMware vCenter host.
* - ``host_port`` = ``443``
- (Port number) Port for connection to VMware vCenter host.
* - ``host_username`` = ``None``
- (String) Username for connection to VMware vCenter host.
* - ``insecure`` = ``False``
- (Boolean) If true, the vCenter server certificate is not verified. If false, then the default CA truststore is used for verification.
Related options:
* - ``vnc_port_total`` = ``10000``
* ca_file: This option is ignored if "ca_file" is set.
* - ``integration_bridge`` = ``None``
- (String) This option should be configured only when using the NSX-MH Neutron plugin. This is the name of the integration bridge on the ESXi server or host. This should not be set for any other Neutron plugin. Hence the default value is not set.
- (Integer) Total number of VNC ports.
Possible values:
* - ``console_delay_seconds`` = ``None``
* Any valid string representing the name of the integration bridge
* - ``maximum_objects`` = ``100``
- (Integer) This option specifies the limit on the maximum number of objects to return in a single result.
- (Integer) Set this value if affected by an increased network latency causing repeated characters when typing in a remote console.
A positive value will cause the operation to suspend the retrieval when the count of objects reaches the specified limit. The server may still limit the count to something less than the configured value. Any remaining objects may be retrieved with additional requests.
* - ``pbm_default_policy`` = ``None``
- (String) This option specifies the default policy to be used.
If pbm_enabled is set and there is no defined storage policy for the specific request, then this policy will be used.
@ -82,21 +52,87 @@
Related options:
* pbm_enabled
* - ``cluster_name`` = ``None``
- (String) Name of a VMware Cluster ComputeResource.
* - ``api_retry_count`` = ``10``
- (Integer) Number of times VMware vCenter server API must be retried on connection failures, e.g. socket error, etc.
* - ``cache_prefix`` = ``None``
- (String) This option adds a prefix to the folder where cached images are stored
This is not the full path - just a folder prefix. This should only be used when a datastore cache is shared between compute nodes.
Note: This should only be used when the compute nodes are running on same host or they have a shared file system.
Possible values:
* Any string representing the cache prefix to the folder
* - ``integration_bridge`` = ``None``
- (String) This option should be configured only when using the NSX-MH Neutron plugin. This is the name of the integration bridge on the ESXi server or host. This should not be set for any other Neutron plugin. Hence the default value is not set.
Possible values:
* Any valid string representing the name of the integration bridge
* - ``task_poll_interval`` = ``0.5``
- (Floating point) Time interval in seconds to poll remote tasks invoked on VMware VC server.
* - ``pbm_enabled`` = ``False``
- (Boolean) This option enables or disables storage policy based placement of instances.
Related options:
* pbm_default_policy
* - ``pbm_wsdl_location`` = ``None``
- (String) This option specifies the PBM service WSDL file location URL.
Setting this will disable storage policy based placement of instances.
* - ``host_username`` = ``None``
- (String) Username for connection to VMware vCenter host.
* - ``insecure`` = ``False``
- (Boolean) If true, the vCenter server certificate is not verified. If false, then the default CA truststore is used for verification.
Related options:
* ca_file: This option is ignored if "ca_file" is set.
* - ``host_ip`` = ``None``
- (String) Hostname or IP address for connection to VMware vCenter host.
* - ``maximum_objects`` = ``100``
- (Integer) This option specifies the limit on the maximum number of objects to return in a single result.
A positive value will cause the operation to suspend the retrieval when the count of objects reaches the specified limit. The server may still limit the count to something less than the configured value. Any remaining objects may be retrieved with additional requests.
* - ``ca_file`` = ``None``
- (String) Specifies the CA bundle file to be used in verifying the vCenter server certificate.
* - ``datastore_regex`` = ``None``
- (String) Regular expression pattern to match the name of datastore.
The datastore_regex setting specifies the datastores to use with Compute. For example, datastore_regex="nas.*" selects all the data stores that have a name starting with "nas".
NOTE: If no regex is given, it just picks the datastore with the most freespace.
Possible values:
* Any valid file path e.g file:///opt/SDK/spbm/wsdl/pbmService.wsdl
* Any matching regular expression to a datastore must be given
* - ``serial_port_proxy_uri`` = ``None``
- (String) Identifies a proxy service that provides network access to the serial_port_service_uri.
Possible values:
@ -106,23 +142,9 @@
Related options: This option is ignored if serial_port_service_uri is not specified.
* serial_port_service_uri
* - ``serial_port_service_uri`` = ``None``
- (String) Identifies the remote system where the serial port traffic will be sent.
This option adds a virtual serial port which sends console output to a configurable service URI. At the service URI address there will be virtual serial port concentrator that will collect console logs. If this is not set, no serial ports will be added to the created VMs.
Possible values:
* Any valid URI
* - ``task_poll_interval`` = ``0.5``
- (Floating point) Time interval in seconds to poll remote tasks invoked on VMware VC server.
* - ``use_linked_clone`` = ``True``
- (Boolean) This option enables/disables the use of linked clone.
The ESX hypervisor requires a copy of the VMDK file in order to boot up a virtual machine. The compute driver must download the VMDK via HTTP from the OpenStack Image service to a datastore that is visible to the hypervisor and cache it. Subsequent virtual machines that need the VMDK use the cached version and don't have to copy the file again from the OpenStack Image service.
If set to false, even with a cached VMDK, there is still a copy operation from the cache location to the hypervisor file directory in the shared datastore. If set to true, the above copy operation is avoided as it creates copy of the virtual machine that shares virtual disks with its parent VM.
* - ``wsdl_location`` = ``None``
- (String) This option specifies VIM Service WSDL Location
If vSphere API versions 5.1 and later is being used, this section can be ignored. If version is less than 5.1, WSDL files must be hosted locally and their location must be specified in the above section.
@ -134,3 +156,55 @@
* http://<server>/vimService.wsdl
* file:///opt/stack/vmware/SDK/wsdl/vim25/vimService.wsdl
- **Deprecated**
Only vCenter versions earlier than 5.1 require this option and the current minimum version is 5.1.
* - ``pbm_wsdl_location`` = ``None``
- (String) This option specifies the PBM service WSDL file location URL.
Setting this will disable storage policy based placement of instances.
Possible values:
* Any valid file path e.g file:///opt/SDK/spbm/wsdl/pbmService.wsdl
* - ``use_linked_clone`` = ``True``
- (Boolean) This option enables/disables the use of linked clone.
The ESX hypervisor requires a copy of the VMDK file in order to boot up a virtual machine. The compute driver must download the VMDK via HTTP from the OpenStack Image service to a datastore that is visible to the hypervisor and cache it. Subsequent virtual machines that need the VMDK use the cached version and don't have to copy the file again from the OpenStack Image service.
If set to false, even with a cached VMDK, there is still a copy operation from the cache location to the hypervisor file directory in the shared datastore. If set to true, the above copy operation is avoided as it creates copy of the virtual machine that shares virtual disks with its parent VM.
* - ``vnc_port`` = ``5900``
- (Port number) This option specifies VNC starting port.
Every VM created by ESX host has an option of enabling VNC client for remote connection. Above option 'vnc_port' helps you to set default starting port for the VNC client.
Possible values:
* Any valid port number within 5900 -(5900 + vnc_port_total)
Related options: Below options should be set to enable VNC client.
* vnc.enabled = True
* vnc_port_total
* - ``host_password`` = ``None``
- (String) Password for connection to VMware vCenter host.
* - ``serial_port_service_uri`` = ``None``
- (String) Identifies the remote system where the serial port traffic will be sent.
This option adds a virtual serial port which sends console output to a configurable service URI. At the service URI address there will be virtual serial port concentrator that will collect console logs. If this is not set, no serial ports will be added to the created VMs.
Possible values:
* Any valid URI

190
doc/config-reference/source/tables/nova-vnc.rst
View File

@ -10,115 +10,15 @@
.. _nova-vnc:
.. list-table:: Description of VNC configuration options
.. list-table:: Description of vnc configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``daemon`` = ``False``
- (Boolean) Run as a background process.
* - ``key`` = ``None``
- (String) SSL key file (if separate from cert).
* - ``record`` = ``None``
- (String) Filename that will be used for storing websocket frames received and sent by a proxy service (like VNC, spice, serial) running on this host. If this is not set, no recording will be done.
* - ``source_is_ipv6`` = ``False``
- (Boolean) Set to True if source host is addressed with IPv6.
* - ``ssl_only`` = ``False``
- (Boolean) Disallow non-encrypted connections.
* - ``web`` = ``/usr/share/spice-html5``
- (String) Path to directory with content which will be served by a web server.
* - **[vmware]**
-
* - ``vnc_port`` = ``5900``
- (Port number) This option specifies VNC starting port.
Every VM created by ESX host has an option of enabling VNC client for remote connection. Above option 'vnc_port' helps you to set default starting port for the VNC client.
Possible values:
* Any valid port number within 5900 -(5900 + vnc_port_total)
Related options: Below options should be set to enable VNC client.
* vnc.enabled = True
* vnc_port_total
* - ``vnc_port_total`` = ``10000``
- (Integer) Total number of VNC ports.
* - **[vnc]**
-
* - ``enabled`` = ``True``
- (Boolean) Enable VNC related features.
Guests will get created with graphical devices to support this. Clients (for example Horizon) can then establish a VNC connection to the guest.
* - ``keymap`` = ``en-us``
- (String) Keymap for VNC.
The keyboard mapping (keymap) determines which keyboard layout a VNC session should use by default.
Possible values:
* A keyboard layout which is supported by the underlying hypervisor on this node. This is usually an 'IETF language tag' (for example 'en-us'). If you use QEMU as hypervisor, you should find the list of supported keyboard layouts at ``/usr/share/qemu/keymaps``.
* - ``novncproxy_base_url`` = ``http://127.0.0.1:6080/vnc_auto.html``
- (URI) Public address of noVNC VNC console proxy.
The VNC proxy is an OpenStack component that enables compute service users to access their instances through VNC clients. noVNC provides VNC support through a websocket-based client.
This option sets the public base URL to which client systems will connect. noVNC clients can use this address to connect to the noVNC instance and, by extension, the VNC sessions.
Related options:
* novncproxy_host
* novncproxy_port
* - ``novncproxy_host`` = ``0.0.0.0``
- (String) IP address that the noVNC console proxy should bind to.
The VNC proxy is an OpenStack component that enables compute service users to access their instances through VNC clients. noVNC provides VNC support through a websocket-based client.
This option sets the private address to which the noVNC console proxy service should bind to.
Related options:
* novncproxy_port
* novncproxy_base_url
* - ``novncproxy_port`` = ``6080``
- (Port number) Port that the noVNC console proxy should bind to.
The VNC proxy is an OpenStack component that enables compute service users to access their instances through VNC clients. noVNC provides VNC support through a websocket-based client.
This option sets the private port to which the noVNC console proxy service should bind to.
Related options:
* novncproxy_host
* novncproxy_base_url
* - ``vncserver_listen`` = ``127.0.0.1``
- (String) The IP address or hostname on which an instance should listen to for incoming VNC connection requests on this node.
* - ``vncserver_proxyclient_address`` = ``127.0.0.1``
- (String) Private, internal IP address or hostname of VNC console proxy.
The VNC proxy is an OpenStack component that enables compute service users to access their instances through VNC clients.
This option sets the private address to which proxy clients, such as ``nova-xvpvncproxy``, should connect to.
* - ``xvpvncproxy_base_url`` = ``http://127.0.0.1:6081/console``
- (URI) Public URL address of XVP VNC console proxy.
The VNC proxy is an OpenStack component that enables compute service users to access their instances through VNC clients. Xen provides the Xenserver VNC Proxy, or XVP, as an alternative to the websocket-based noVNC proxy used by Libvirt. In contrast to noVNC, XVP clients are Java-based.
This option sets the public base URL to which client systems will connect. XVP clients can use this address to connect to the XVP instance and, by extension, the VNC sessions.
Related options:
* xvpvncproxy_host
* xvpvncproxy_port
* - ``xvpvncproxy_host`` = ``0.0.0.0``
- (String) IP address or hostname that the XVP VNC console proxy should bind to.
The VNC proxy is an OpenStack component that enables compute service users to access their instances through VNC clients. Xen provides the Xenserver VNC Proxy, or XVP, as an alternative to the websocket-based noVNC proxy used by Libvirt. In contrast to noVNC, XVP clients are Java-based.
@ -130,7 +30,23 @@
* xvpvncproxy_port
* xvpvncproxy_base_url
* - ``novncproxy_port`` = ``6080``
- (Port number) Port that the noVNC console proxy should bind to.
The VNC proxy is an OpenStack component that enables compute service users to access their instances through VNC clients. noVNC provides VNC support through a websocket-based client.
This option sets the private port to which the noVNC console proxy service should bind to.
Related options:
* novncproxy_host
* novncproxy_base_url
* - ``xvpvncproxy_port`` = ``6081``
- (Port number) Port that the XVP VNC console proxy should bind to.
The VNC proxy is an OpenStack component that enables compute service users to access their instances through VNC clients. Xen provides the Xenserver VNC Proxy, or XVP, as an alternative to the websocket-based noVNC proxy used by Libvirt. In contrast to noVNC, XVP clients are Java-based.
@ -142,3 +58,73 @@
* xvpvncproxy_host
* xvpvncproxy_base_url
* - ``enabled`` = ``True``
- (Boolean) Enable VNC related features.
Guests will get created with graphical devices to support this. Clients (for example Horizon) can then establish a VNC connection to the guest.
* - ``vncserver_listen`` = ``127.0.0.1``
- (String) The IP address or hostname on which an instance should listen to for incoming VNC connection requests on this node.
* - ``vncserver_proxyclient_address`` = ``127.0.0.1``
- (String) Private, internal IP address or hostname of VNC console proxy.
The VNC proxy is an OpenStack component that enables compute service users to access their instances through VNC clients.
This option sets the private address to which proxy clients, such as ``nova-xvpvncproxy``, should connect to.
* - ``keymap`` = ``en-us``
- (String) Keymap for VNC.
The keyboard mapping (keymap) determines which keyboard layout a VNC session should use by default.
Possible values:
* A keyboard layout which is supported by the underlying hypervisor on this node. This is usually an 'IETF language tag' (for example 'en-us'). If you use QEMU as hypervisor, you should find the list of supported keyboard layouts at ``/usr/share/qemu/keymaps``.
* - ``novncproxy_host`` = ``0.0.0.0``
- (String) IP address that the noVNC console proxy should bind to.
The VNC proxy is an OpenStack component that enables compute service users to access their instances through VNC clients. noVNC provides VNC support through a websocket-based client.
This option sets the private address to which the noVNC console proxy service should bind to.
Related options:
* novncproxy_port
* novncproxy_base_url
* - ``xvpvncproxy_base_url`` = ``http://127.0.0.1:6081/console``
- (URI) Public URL address of XVP VNC console proxy.
The VNC proxy is an OpenStack component that enables compute service users to access their instances through VNC clients. Xen provides the Xenserver VNC Proxy, or XVP, as an alternative to the websocket-based noVNC proxy used by Libvirt. In contrast to noVNC, XVP clients are Java-based.
This option sets the public base URL to which client systems will connect. XVP clients can use this address to connect to the XVP instance and, by extension, the VNC sessions.
Related options:
* xvpvncproxy_host
* xvpvncproxy_port
* - ``novncproxy_base_url`` = ``http://127.0.0.1:6080/vnc_auto.html``
- (URI) Public address of noVNC VNC console proxy.
The VNC proxy is an OpenStack component that enables compute service users to access their instances through VNC clients. noVNC provides VNC support through a websocket-based client.
This option sets the public base URL to which client systems will connect. noVNC clients can use this address to connect to the noVNC instance and, by extension, the VNC sessions.
Related options:
* novncproxy_host
* novncproxy_port

156
doc/config-reference/source/tables/nova-volumes.rst
View File

@ -1,156 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-volumes:
.. list-table:: Description of volumes configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``block_device_allocate_retries`` = ``60``
- (Integer) Number of times to retry block device allocation on failures. Starting with Liberty, Cinder can use image volume cache. This may help with block device allocation performance. Look at the cinder image_volume_cache_enabled configuration option.
Possible values:
* 60 (default)
* If value is 0, then one attempt is made.
* Any negative value is treated as 0.
* For any value > 0, total attempts are (value + 1)
* - ``block_device_allocate_retries_interval`` = ``3``
- (Integer) Waiting time interval (seconds) between block device allocation retries on failures
* - ``my_block_storage_ip`` = ``$my_ip``
- (String) The IP address which is used to connect to the block storage network.
Possible values:
* String with valid IP address. Default is IP address of this host.
Related options:
* my_ip - if my_block_storage_ip is not set, then my_ip value is used.
* - ``volume_usage_poll_interval`` = ``0``
- (Integer) Interval in seconds for gathering volume usages
* - **[cinder]**
-
* - ``cafile`` = ``None``
- (String) PEM encoded Certificate Authority to use when verifying HTTPs connections.
* - ``catalog_info`` = ``volumev2:cinderv2:publicURL``
- (String) Info to match when looking for cinder in the service catalog.
Possible values:
* Format is separated values of the form: <service_type>:<service_name>:<endpoint_type>
Related options:
* endpoint_template - Setting this option will override catalog_info
* - ``certfile`` = ``None``
- (String) PEM encoded client certificate cert file
* - ``cross_az_attach`` = ``True``
- (Boolean) Allow attach between instance and volume in different availability zones.
If False, volumes attached to an instance must be in the same availability zone in Cinder as the instance availability zone in Nova. This also means care should be taken when booting an instance from a volume where source is not "volume" because Nova will attempt to create a volume using the same availability zone as what is assigned to the instance. If that AZ is not in Cinder (or allow_availability_zone_fallback=False in cinder.conf), the volume create request will fail and the instance will fail the build request. By default there is no availability zone restriction on volume attach.
* - ``endpoint_template`` = ``None``
- (String) If this option is set then it will override service catalog lookup with this template for cinder endpoint
Possible values:
* URL for cinder endpoint API e.g. http://localhost:8776/v1/%(project_id)s
Related options:
* catalog_info - If endpoint_template is not set, catalog_info will be used.
* - ``http_retries`` = ``3``
- (Integer) Number of times cinderclient should retry on any failed http call. 0 means connection is attempted only once. Setting it to any positive integer means that on failure connection is retried that many times e.g. setting it to 3 means total attempts to connect will be 4.
Possible values:
* Any integer value. 0 means connection is attempted only once
* - ``insecure`` = ``False``
- (Boolean) Verify HTTPS connections.
* - ``keyfile`` = ``None``
- (String) PEM encoded client certificate key file
* - ``os_region_name`` = ``None``
- (String) Region name of this node. This is used when picking the URL in the service catalog.
Possible values:
* Any string representing region name
* - ``timeout`` = ``None``
- (Integer) Timeout value for http requests
* - **[hyperv]**
-
* - ``force_volumeutils_v1`` = ``False``
- (Boolean) DEPRECATED: Force V1 volume utility class
* - ``volume_attach_retry_count`` = ``10``
- (Integer) Volume attach retry count
The number of times to retry to attach a volume. This option is used to avoid incorrectly returned no data when the system is under load. Volume attachment is retried until success or the given retry count is reached. To prepare the Hyper-V node to be able to attach to volumes provided by cinder you must first make sure the Windows iSCSI initiator service is running and started automatically.
Possible values:
* Positive integer values (Default: 10).
Related options:
* Time interval between attachment attempts is declared with volume_attach_retry_interval option.
* - ``volume_attach_retry_interval`` = ``5``
- (Integer) Volume attach retry interval
Interval between volume attachment attempts, in seconds.
Possible values:
* Time in seconds (Default: 5).
Related options:
* This options is meaningful when volume_attach_retry_count is greater than 1.
* The retry loop runs with volume_attach_retry_count and volume_attach_retry_interval configuration options.
* - **[libvirt]**
-
* - ``glusterfs_mount_point_base`` = ``$state_path/mnt``
- (String) Directory where the glusterfs volume is mounted on the compute node
* - ``nfs_mount_options`` = ``None``
- (String) Mount options passed to the NFS client. See section of the nfs man page for details
* - ``nfs_mount_point_base`` = ``$state_path/mnt``
- (String) Directory where the NFS volume is mounted on the compute node
* - ``num_aoe_discover_tries`` = ``3``
- (Integer) Number of times to rediscover AoE target to find volume
* - ``num_iscsi_scan_tries`` = ``5``
- (Integer) Number of times to rescan iSCSI target to find volume
* - ``num_iser_scan_tries`` = ``5``
- (Integer) Number of times to rescan iSER target to find volume
* - ``qemu_allowed_storage_drivers`` =
- (List) Protocols listed here will be accessed directly from QEMU. Currently supported protocols: [gluster]
* - ``rbd_secret_uuid`` = ``None``
- (String) The libvirt UUID of the secret for the rbd_uservolumes
* - ``rbd_user`` = ``None``
- (String) The RADOS client name for accessing rbd volumes
* - ``scality_sofs_config`` = ``None``
- (String) Path or URL to Scality SOFS configuration file
* - ``scality_sofs_mount_point`` = ``$state_path/scality``
- (String) Base dir where Scality SOFS shall be mounted
* - ``smbfs_mount_options`` =
- (String) Mount options passed to the SMBFS client. See mount.cifs man page for details. Note that the libvirt-qemu uid and gid must be specified.
* - ``smbfs_mount_point_base`` = ``$state_path/mnt``
- (String) Directory where the SMBFS shares are mounted on the compute node
* - **[xenserver]**
-
* - ``block_device_creation_timeout`` = ``10``
- (Integer) Time in secs to wait for a block device to be created

50
doc/config-reference/source/tables/nova-vpn.rst
View File

@ -1,50 +0,0 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-vpn:
.. list-table:: Description of VPN configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``dmz_cidr`` =
- (List) This option is a list of zero or more IP address ranges in your network's DMZ that should be accepted.
Possible values:
A list of strings, each of which should be a valid CIDR.
* - ``vpn_ip`` = ``$my_ip``
- (String) This is the public IP address for the cloudpipe VPN servers. It defaults to the IP address of the host.
Please note that this option is only used when using nova-network instead of Neutron in your deployment. It also will be ignored if the configuration option for `network_manager` is not set to the default of 'nova.network.manager.VlanManager'.
Possible values:
Any valid IP address. The default is $my_ip, the IP address of the VM.
Related options:
``network_manager``, ``use_neutron``, ``vpn_start``
* - ``vpn_start`` = ``1000``
- (Port number) This is the port number to use as the first VPN port for private networks.
Please note that this option is only used when using nova-network instead of Neutron in your deployment. It also will be ignored if the configuration option for `network_manager` is not set to the default of 'nova.network.manager.VlanManager', or if you specify a value the 'vpn_start' parameter when creating a network.
Possible values:
Any integer representing a valid port number. The default is 1000.
Related options:
``use_neutron``, ``vpn_ip``, ``network_manager``

74
doc/config-reference/source/tables/nova-workarounds.rst Normal file
View File

@ -0,0 +1,74 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-workarounds:
.. list-table:: Description of workarounds configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``handle_virt_lifecycle_events`` = ``True``
- (Boolean) Enable handling of events emitted from compute drivers.
Many compute drivers emit lifecycle events, which are events that occur when, for example, an instance is starting or stopping. If the instance is going through task state changes due to an API operation, like resize, the events are ignored.
This is an advanced feature which allows the hypervisor to signal to the compute service that an unexpected state change has occurred in an instance and that the instance can be shutdown automatically. Unfortunately, this can race in some conditions, for example in reboot operations or when the compute service or when host is rebooted (planned or due to an outage). If such races are common, then it is advisable to disable this feature.
Care should be taken when this feature is disabled and 'sync_power_state_interval' is set to a negative value. In this case, any instances that get out of sync between the hypervisor and the Nova database will have to be synchronized manually.
For more information, refer to the bug report:
https://bugs.launchpad.net/bugs/1444630
Interdependencies to other options:
* If ``sync_power_state_interval`` is negative and this feature is disabled, then instances that get out of sync between the hypervisor and the Nova database will have to be synchronized manually.
* - ``disable_rootwrap`` = ``False``
- (Boolean) Use sudo instead of rootwrap.
Allow fallback to sudo for performance reasons.
For more information, refer to the bug report:
https://bugs.launchpad.net/nova/+bug/1415106
Possible values:
* True: Use sudo instead of rootwrap
* False: Use rootwrap as usual
Interdependencies to other options:
* Any options that affect 'rootwrap' will be ignored.
* - ``disable_libvirt_livesnapshot`` = ``True``
- (Boolean) Disable live snapshots when using the libvirt driver.
Live snapshots allow the snapshot of the disk to happen without an interruption to the guest, using coordination with a guest agent to quiesce the filesystem.
When using libvirt 1.2.2 live snapshots fail intermittently under load (likely related to concurrent libvirt/qemu operations). This config option provides a mechanism to disable live snapshot, in favor of cold snapshot, while this is resolved. Cold snapshot causes an instance outage while the guest is going through the snapshotting process.
For more information, refer to the bug report:
https://bugs.launchpad.net/nova/+bug/1334398
Possible values:
* True: Live snapshot is disabled when using libvirt
* False: Live snapshots are always used when snapshotting (as long as there is a new enough libvirt and the backend storage supports it)

86
doc/config-reference/source/tables/nova-wsgi.rst
View File

@ -10,25 +10,27 @@
.. _nova-wsgi:
.. list-table:: Description of WSGI configuration options
.. list-table:: Description of wsgi configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[wsgi]**
-
* - ``api_paste_config`` = ``api-paste.ini``
- (String) This option represents a file name for the paste.deploy config for nova-api.
Possible values:
* A string representing file name for the paste.deploy config.
* - ``client_socket_timeout`` = ``900``
- (Integer) This option specifies the timeout for client connections' socket operations. If an incoming connection is idle for this number of seconds it will be closed. It indicates timeout on individual read/writes on the socket connection. To wait forever set to 0.
* - ``default_pool_size`` = ``1000``
- (Integer) This option specifies the size of the pool of greenthreads used by wsgi. It is possible to limit the number of concurrent connections using this option.
* - ``keep_alive`` = ``True``
- (Boolean) This option allows using the same TCP connection to send and receive multiple HTTP requests/responses, as opposed to opening a new one for every single request/response pair. HTTP keep-alive indicates HTTP connection reuse.
Possible values:
@ -40,11 +42,9 @@
Related options:
* tcp_keepidle
* - ``max_header_line`` = ``16384``
- (Integer) This option specifies the maximum line size of message headers to be accepted. max_header_line may need to be increased when using large tokens (typically those generated by the Keystone v3 API with big service catalogs).
Since TCP is a stream based protocol, in order to reuse a connection, the HTTP has to have a way to indicate the end of the previous response and beginning of the next. Hence, in a keep_alive case, all messages must have a self-defined message length.
* - ``secure_proxy_ssl_header`` = ``None``
- (String) This option specifies the HTTP header used to determine the protocol scheme for the original request, even if it was removed by a SSL terminating proxy.
Possible values:
@ -52,7 +52,13 @@
* None (default) - the request scheme is not influenced by any HTTP headers.
* Valid HTTP header, like HTTP_X_FORWARDED_PROTO
* - ``client_socket_timeout`` = ``900``
- (Integer) This option specifies the timeout for client connections' socket operations. If an incoming connection is idle for this number of seconds it will be closed. It indicates timeout on individual read/writes on the socket connection. To wait forever set to 0.
* - ``ssl_ca_file`` = ``None``
- (String) This option allows setting path to the CA certificate file that should be used to verify connecting clients.
Possible values:
@ -62,33 +68,9 @@
Related options:
* enabled_ssl_apis
* - ``ssl_cert_file`` = ``None``
- (String) This option allows setting path to the SSL certificate of API server.
Possible values:
* String representing path to the SSL certificate.
Related options:
* enabled_ssl_apis
* - ``ssl_key_file`` = ``None``
- (String) This option specifies the path to the file where SSL private key of API server is stored when SSL is in effect.
Possible values:
* String representing path to the SSL private key.
Related options:
* enabled_ssl_apis
* - ``tcp_keepidle`` = ``600``
- (Integer) This option sets the value of TCP_KEEPIDLE in seconds for each server socket. It specifies the duration of time to keep connection active. TCP generates a KEEPALIVE transmission for an application that requests to keep connection active. Not supported on OS X.
Related options:
* keep_alive
* - ``wsgi_log_format`` = ``%(client_ip)s "%(request_line)s" status: %(status_code)s len: %(body_length)s time: %(wall_seconds).7f``
- (String) It represents a python format string that is used as the template to generate log lines. The following values can be formatted into it: client_ip, date_time, request_line, status_code, body_length, wall_seconds.
This option is used for building custom request loglines.
@ -98,3 +80,41 @@
* '%(client_ip)s "%(request_line)s" status: %(status_code)s' 'len: %(body_length)s time: %(wall_seconds).7f' (default)
* Any formatted string formed by specific values.
* - ``tcp_keepidle`` = ``600``
- (Integer) This option sets the value of TCP_KEEPIDLE in seconds for each server socket. It specifies the duration of time to keep connection active. TCP generates a KEEPALIVE transmission for an application that requests to keep connection active. Not supported on OS X.
Related options:
* keep_alive
* - ``max_header_line`` = ``16384``
- (Integer) This option specifies the maximum line size of message headers to be accepted. max_header_line may need to be increased when using large tokens (typically those generated by the Keystone v3 API with big service catalogs).
Since TCP is a stream based protocol, in order to reuse a connection, the HTTP has to have a way to indicate the end of the previous response and beginning of the next. Hence, in a keep_alive case, all messages must have a self-defined message length.
* - ``ssl_cert_file`` = ``None``
- (String) This option allows setting path to the SSL certificate of API server.
Possible values:
* String representing path to the SSL certificate.
Related options:
* enabled_ssl_apis
* - ``ssl_key_file`` = ``None``
- (String) This option specifies the path to the file where SSL private key of API server is stored when SSL is in effect.
Possible values:
* String representing path to the SSL private key.
Related options:
* enabled_ssl_apis

520
doc/config-reference/source/tables/nova-xen.rst → doc/config-reference/source/tables/nova-xenserver.rst
View File

@ -8,43 +8,17 @@
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-xen:
.. _nova-xenserver:
.. list-table:: Description of Xen configuration options
.. list-table:: Description of xenserver configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - **[DEFAULT]**
-
* - ``console_driver`` = ``nova.console.xvp.XVPConsoleProxy``
- (String) Nova-console proxy is used to set up multi-tenant VM console access. This option allows pluggable driver program for the console session and represents driver to use for the console proxy.
Possible values
* 'nova.console.xvp.XVPConsoleProxy' (default) or a string representing fully classified class name of console driver.
* - **[libvirt]**
-
* - ``xen_hvmloader_path`` = ``/usr/lib/xen/boot/hvmloader``
- (String) Location where the Xen hvmloader is kept
* - **[xenserver]**
-
* - ``agent_path`` = ``usr/sbin/xe-update-networking``
- (String) Path to locate guest agent on the server.
Specifies the path in which the XenAPI guest agent should be located. If the agent is present, network configuration is not injected into the image.
Related options: For this option to have an effect:
* ``flat_injected`` should be set to ``True``
* ``compute_driver`` should be set to ``xenapi.XenAPIDriver``
* - ``agent_resetnetwork_timeout`` = ``60``
- (Integer) Number of seconds to wait for agent's reply to resetnetwork request.
This indicates the amount of time xapi 'agent' plugin waits for the agent to respond to the 'resetnetwork' request specifically. The generic timeout for agent communication ``agent_timeout`` is ignored in this case.
* - ``agent_timeout`` = ``30``
- (Integer) Number of seconds to wait for agent's reply to a request.
Nova configures/performs certain administrative actions on a server with the help of an agent that's installed on the server. The communication between Nova and the agent is achieved via sharing messages, called records, over xenstore, a shared storage across all the domains on a Xenserver host. Operations performed by the agent on behalf of nova are: 'version',' key_init', 'password','resetnetwork','inject_file', and 'agentupdate'.
@ -58,16 +32,106 @@
* ``agent_version_timeout``
* ``agent_resetnetwork_timeout``
* - ``agent_version_timeout`` = ``300``
- (Integer) Number of seconds to wait for agent't reply to version request.
This indicates the amount of time xapi 'agent' plugin waits for the agent to respond to the 'version' request specifically. The generic timeout for agent communication ``agent_timeout`` is ignored in this case.
* - ``remap_vbd_dev`` = ``False``
- (Boolean) Used to enable the remapping of VBD dev. (Works around an issue in Ubuntu Maverick)
- **Deprecated**
This option provided a workaround for issues in Ubuntu Maverick, which was released in April 2010 and was dropped from support in April 2012. There's no reason to continue supporting this option.
* - ``vhd_coalesce_max_attempts`` = ``20``
- (Integer) Max number of times to poll for VHD to coalesce.
This option determines the maximum number of attempts that can be made for coalescing the VHD before giving up.
Related opitons:
* `vhd_coalesce_poll_interval`
* - ``use_agent_default`` = ``False``
- (Boolean) Whether or not to use the agent by default when its usage is enabled but not indicated by the image.
The use of XenAPI agent can be disabled altogether using the configuration option ``disable_agent``. However, if it is not disabled, the use of an agent can still be controlled by the image in use through one of its properties, ``xenapi_use_agent``. If this property is either not present or specified incorrectly on the image, the use of agent is determined by this configuration option.
Note that if this configuration is set to ``True`` when the agent is not present, the boot times will increase significantly.
Related options:
* ``disable_agent``
* - ``vif_driver`` = ``nova.virt.xenapi.vif.XenAPIOpenVswitchDriver``
- (String) The XenAPI VIF driver using XenServer Network APIs.
Provide a string value representing the VIF XenAPI vif driver to use for plugging virtual network interfaces.
Xen configuration uses bridging within the backend domain to allow all VMs to appear on the network as individual hosts. Bridge interfaces are used to create a XenServer VLAN network in which the VIFs for the VM instances are plugged. If no VIF bridge driver is plugged, the bridge is not made available. This configuration option takes in a value for the VIF driver.
Possible values:
* nova.virt.xenapi.vif.XenAPIOpenVswitchDriver (default)
* nova.virt.xenapi.vif.XenAPIBridgeDriver (deprecated)
Related options:
* ``vlan_interface``
* ``ovs_integration_bridge``
- **Deprecated**
There are only two in-tree vif drivers for XenServer. XenAPIBridgeDriver is for nova-network which is deprecated and XenAPIOpenVswitchDriver is for Neutron which is the default configuration for Nova since the 15.0.0 Ocata release. In the future the "use_neutron" configuration option will be used to determine which vif driver to use.
* - ``disable_agent`` = ``False``
- (Boolean) Disables the use of XenAPI agent.
This configuration option suggests whether the use of agent should be enabled or not regardless of what image properties are present. Image properties have an effect only when this is set to ``True``. Read description of config option ``use_agent_default`` for more information.
Related options:
* ``use_agent_default``
* - ``connection_username`` = ``root``
- (String) Username for connection to XenServer/Xen Cloud Platform
* - ``ovs_integration_bridge`` = ``None``
- (String) The name of the integration Bridge that is used with xenapi when connecting with Open vSwitch.
Note: The value of this config option is dependent on the environment, therefore this configuration value must be set accordingly if you are using XenAPI.
Possible values:
* Any string that represents a bridge name.
* - ``login_timeout`` = ``10``
- (Integer) Timeout in seconds for XenAPI login.
* - ``sr_base_path`` = ``/var/run/sr-mount``
- (String) Base path to the storage repository on the XenServer host.
* - ``image_upload_handler`` = ``nova.virt.xenapi.image.glance.GlanceStore``
- (String) Dom0 plugin driver used to handle image uploads.
Provide a string value representing a plugin driver required to handle the image uploading to GlanceStore.
Images, and snapshots from XenServer need to be uploaded to the data store for use. image_upload_handler takes in a value for the Dom0 plugin driver. This driver is then called to uplaod images to the GlanceStore.
During the build process the 'version' request is used to determine if the agent is available/operational to perform other requests such as 'resetnetwork', 'password', 'key_init' and 'inject_file'. If the 'version' call fails, the other configuration is skipped. So, this configuration option can also be interpreted as time in which agent is expected to be fully operational.
* - ``cache_images`` = ``all``
- (String) Cache glance images locally.
The value for this option must be choosen from the choices listed here. Configuring a value other than these will default to 'all'.
The value for this option must be chosen from the choices listed here. Configuring a value other than these will default to 'all'.
Note: There is nothing that deletes these images.
@ -78,55 +142,47 @@
* `some`: will only cache images that have the image_property `cache_in_nova=True`.
* `none`: turns off caching entirely.
* - ``check_host`` = ``True``
- (Boolean) Ensure compute service is running on host XenAPI connects to. This option must be set to false if the 'independent_compute' option is set to true.
Possible values:
* - ``remap_vbd_dev_prefix`` = ``sd``
* Setting this option to true will make sure that compute service is running on the same host that is specified by connection_url.
* Setting this option to false, doesn't perform the check.
- (String) Specify prefix to remap VBD dev to (ex. /dev/xvdb -> /dev/sdb).
Related options:
* `independent_compute`
* - ``connection_concurrent`` = ``5``
- (Integer) Maximum number of concurrent XenAPI connections. Used only if compute_driver=xenapi.XenAPIDriver
* - ``connection_password`` = ``None``
- (String) Password for connection to XenServer/Xen Cloud Platform
* - ``connection_url`` = ``None``
- (String) URL for connection to XenServer/Xen Cloud Platform. A special value of unix://local can be used to connect to the local unix socket.
* If `remap_vbd_dev` is set to False this option has no impact.
* - ``target_host`` = ``None``
- (String) The iSCSI Target Host.
This option represents the hostname or ip of the iSCSI Target. If the target host is not present in the connection information from the volume provider then the value from this option is taken.
Possible values:
* Any string that represents a URL. The connection_url is generally the management network IP address of the XenServer.
* Any string that represents hostname/ip of Target.
* This option must be set if you chose the XenServer driver.
* - ``connection_username`` = ``root``
- (String) Username for connection to XenServer/Xen Cloud Platform
* - ``default_os_type`` = ``linux``
- (String) Default OS type used when uploading an image to glance
* - ``disable_agent`` = ``False``
- (Boolean) Disables the use of XenAPI agent.
This configuration option suggests whether the use of agent should be enabled or not regardless of what image properties are present. Image properties have an effect only when this is set to ``True``. Read description of config option ``use_agent_default`` for more information.
* - ``torrent_seed_chance`` = ``1.0``
Related options:
- (Floating point) Probability that peer will become a seeder (1.0 = 100%)
* ``use_agent_default``
* - ``image_compression_level`` = ``None``
- (Integer) Compression level for images.
- **Deprecated**
By setting this option we can configure the gzip compression level. This option sets GZIP environment variable before spawning tar -cz to force the compression level. It defaults to none, which means the GZIP environment variable is not set and the default (usually -6) is used.
The torrent feature has not been tested nor maintained, and as such is being removed.
Possible values:
* - ``num_vbd_unplug_retries`` = ``10``
* Range is 1-9, e.g., 9 for gzip -9, 9 being most compressed but most CPU intensive on dom0.
- (Integer) Maximum number of retries to unplug VBD. If set to 0, should try once, no retries.
* - ``block_device_creation_timeout`` = ``10``
- (Integer) Time in secs to wait for a block device to be created
* Any values out of this range will default to None.
* - ``image_upload_handler`` = ``nova.virt.xenapi.image.glance.GlanceStore``
- (String) Dom0 plugin driver used to handle image uploads.
* - ``independent_compute`` = ``False``
- (Boolean) Used to prevent attempts to attach VBDs locally, so Nova can be run in a VM on a different host.
Related options:
@ -142,35 +198,25 @@
* Swap disks for Windows VMs (will error if attempted)
* Nova-based auto_configure_disk (will error if attempted)
* - ``introduce_vdi_retry_wait`` = ``20``
- (Integer) Number of seconds to wait for SR to settle if the VDI does not exist when first introduced.
Some SRs, particularly iSCSI connections are slow to see the VDIs right after they got introduced. Setting this option to a time interval will make the SR to wait for that time period before raising VDI not found exception.
* - ``ipxe_boot_menu_url`` = ``None``
- (String) URL to the iPXE boot menu.
* - ``torrent_seed_duration`` = ``3600``
An iPXE ISO is a specially crafted ISO which supports iPXE booting. This feature gives a means to roll your own image.
- (Integer) Number of seconds after downloading an image via BitTorrent that it should be seeded for other peers.'
By default this option is not set. Enable this option to boot an iPXE ISO.
- **Deprecated**
Related Options:
The torrent feature has not been tested nor maintained, and as such is being removed.
* `ipxe_network_name`
* - ``torrent_max_last_accessed`` = ``86400``
* `ipxe_mkisofs_cmd`
* - ``ipxe_mkisofs_cmd`` = ``mkisofs``
- (String) Name and optionally path of the tool used for ISO image creation.
- (Integer) Cached torrent files not accessed within this number of seconds can be reaped.
An iPXE ISO is a specially crafted ISO which supports iPXE booting. This feature gives a means to roll your own image.
- **Deprecated**
Note: By default `mkisofs` is not present in the Dom0, so the package can either be manually added to Dom0 or include the `mkisofs` binary in the image itself.
The torrent feature has not been tested nor maintained, and as such is being removed.
Related Options:
* `ipxe_network_name`
* `ipxe_boot_menu_url`
* - ``ipxe_network_name`` = ``None``
- (String) Name of network to use for booting iPXE ISOs.
An iPXE ISO is a specially crafted ISO which supports iPXE booting. This feature gives a means to roll your own image.
@ -182,37 +228,219 @@
* `ipxe_boot_menu_url`
* `ipxe_mkisofs_cmd`
* - ``login_timeout`` = ``10``
- (Integer) Timeout in seconds for XenAPI login.
* - ``max_kernel_ramdisk_size`` = ``16777216``
- (Integer) Maximum size in bytes of kernel or ramdisk images.
Specifying the maximum size of kernel or ramdisk will avoid copying large files to dom0 and fill up /boot/guest.
* - ``num_vbd_unplug_retries`` = ``10``
- (Integer) Maximum number of retries to unplug VBD. If set to 0, should try once, no retries.
* - ``ovs_integration_bridge`` = ``xapi1``
- (String) The name of the integration Bridge that is used with xenapi when connecting with Open vSwitch.
* - ``connection_url`` = ``None``
Note: The value of this config option is dependent on the environment, therefore this configuration value must be set accordingly if you are using XenAPI.
- (String) URL for connection to XenServer/Xen Cloud Platform. A special value of unix://local can be used to connect to the local unix socket.
Possible options:
Possible values:
* Any string that represents a bridge name(default is xapi1).
* - ``remap_vbd_dev`` = ``False``
- (Boolean) Used to enable the remapping of VBD dev. (Works around an issue in Ubuntu Maverick)
* - ``remap_vbd_dev_prefix`` = ``sd``
- (String) Specify prefix to remap VBD dev to (ex. /dev/xvdb -> /dev/sdb).
* Any string that represents a URL. The connection_url is generally the management network IP address of the XenServer.
* This option must be set if you chose the XenServer driver.
* - ``running_timeout`` = ``60``
- (Integer) Wait time for instances to go to running state.
Provide an integer value representing time in seconds to set the wait time for an instance to go to running state.
When a request to create an instance is received by nova-api and communicated to nova-compute, the creation of the instance occurs through interaction with Xen via XenAPI in the compute node. Once the node on which the instance(s) are to be launched is decided by nova-schedule and the launch is triggered, a certain amount of wait time is involved until the instance(s) can become available and 'running'. This wait time is defined by running_timeout. If the instances do not go to running state within this specified wait time, the launch expires and the instance(s) are set to 'error' state.
* - ``agent_path`` = ``usr/sbin/xe-update-networking``
- (String) Path to locate guest agent on the server.
Specifies the path in which the XenAPI guest agent should be located. If the agent is present, network configuration is not injected into the image.
Related options:
* If `remap_vbd_dev` is set to False this option has no impact.
* - ``running_timeout`` = ``60``
- (Integer) Number of seconds to wait for instance to go to running state
For this option to have an effect:
* ``flat_injected`` should be set to ``True``
* ``compute_driver`` should be set to ``xenapi.XenAPIDriver``
* - ``use_join_force`` = ``True``
- (Boolean) When adding new host to a pool, this will append a --force flag to the command, forcing hosts to join a pool, even if they have different CPUs.
Since XenServer version 5.6 it is possible to create a pool of hosts that have different CPU capabilities. To accommodate CPU differences, XenServer limited features it uses to determine CPU compatibility to only the ones that are exposed by CPU and support for CPU masking was added. Despite this effort to level differences between CPUs, it is still possible that adding new host will fail, thus option to force join was introduced.
* - ``vhd_coalesce_poll_interval`` = ``5.0``
- (Floating point) The interval used for polling of coalescing vhds.
This is the interval after which the task of coalesce VHD is performed, until it reaches the max attempts that is set by vhd_coalesce_max_attempts.
Related options:
* `vhd_coalesce_max_attempts`
* - ``torrent_listen_port_end`` = ``6891``
- (Port number) End of port range to listen on
- **Deprecated**
The torrent feature has not been tested nor maintained, and as such is being removed.
* - ``torrent_max_seeder_processes_per_host`` = ``1``
- (Integer) Maximum number of seeder processes to run concurrently within a given dom0 (-1 = no limit).
- **Deprecated**
The torrent feature has not been tested nor maintained, and as such is being removed.
* - ``ipxe_boot_menu_url`` = ``None``
- (String) URL to the iPXE boot menu.
An iPXE ISO is a specially crafted ISO which supports iPXE booting. This feature gives a means to roll your own image.
By default this option is not set. Enable this option to boot an iPXE ISO.
Related Options:
* `ipxe_network_name`
* `ipxe_mkisofs_cmd`
* - ``agent_version_timeout`` = ``300``
- (Integer) Number of seconds to wait for agent't reply to version request.
This indicates the amount of time xapi 'agent' plugin waits for the agent to respond to the 'version' request specifically. The generic timeout for agent communication ``agent_timeout`` is ignored in this case.
During the build process the 'version' request is used to determine if the agent is available/operational to perform other requests such as 'resetnetwork', 'password', 'key_init' and 'inject_file'. If the 'version' call fails, the other configuration is skipped. So, this configuration option can also be interpreted as time in which agent is expected to be fully operational.
* - ``introduce_vdi_retry_wait`` = ``20``
- (Integer) Number of seconds to wait for SR to settle if the VDI does not exist when first introduced.
Some SRs, particularly iSCSI connections are slow to see the VDIs right after they got introduced. Setting this option to a time interval will make the SR to wait for that time period before raising VDI not found exception.
* - ``connection_password`` = ``None``
- (String) Password for connection to XenServer/Xen Cloud Platform
* - ``torrent_base_url`` = ``None``
- (String) Base URL for torrent files; must contain a slash character (see RFC 1808, step 6).
- **Deprecated**
The torrent feature has not been tested nor maintained, and as such is being removed.
* - ``max_kernel_ramdisk_size`` = ``16777216``
- (Integer) Maximum size in bytes of kernel or ramdisk images.
Specifying the maximum size of kernel or ramdisk will avoid copying large files to dom0 and fill up /boot/guest.
* - ``target_port`` = ``3260``
- (Port number) The iSCSI Target Port.
This option represents the port of the iSCSI Target. If the target port is not present in the connection information from the volume provider then the value from this option is taken.
* - ``torrent_images`` = ``none``
- (String) Whether or not to download images via Bit Torrent.
The value for this option must be chosen from the choices listed here. Configuring a value other than these will default to 'none'.
Possible values:
* `all`: will download all images.
* `some`: will only download images that have the image_property `bittorrent=true`.
* `none`: will turnoff downloading images via Bit Torrent.
* - ``console_public_hostname`` = ``localhost``
- (String) Publicly visible name for this console host.
Possible values:
* A string representing a valid hostname
* - ``connection_concurrent`` = ``5``
- (Integer) Maximum number of concurrent XenAPI connections.
In nova, multiple XenAPI requests can happen at a time. Configuring this option will parallelize access to the XenAPI session, which allows you to make concurrent XenAPI connections.
* - ``sparse_copy`` = ``True``
- (Boolean) Whether to use sparse_copy for copying data on a resize down. (False will use standard dd). This speeds up resizes down considerably since large runs of zeros won't have to be rsynced.
* - ``sr_base_path`` = ``/var/run/sr-mount``
- (String) Base path to the storage repository on the XenServer host.
* - ``torrent_listen_port_start`` = ``6881``
- (Port number) Beginning of port range to listen on
- **Deprecated**
The torrent feature has not been tested nor maintained, and as such is being removed.
* - ``check_host`` = ``True``
- (Boolean) Ensure compute service is running on host XenAPI connects to. This option must be set to false if the 'independent_compute' option is set to true.
Possible values:
* Setting this option to true will make sure that compute service is running on the same host that is specified by connection_url.
* Setting this option to false, doesn't perform the check.
Related options:
* `independent_compute`
* - ``ipxe_mkisofs_cmd`` = ``mkisofs``
- (String) Name and optionally path of the tool used for ISO image creation.
An iPXE ISO is a specially crafted ISO which supports iPXE booting. This feature gives a means to roll your own image.
Note: By default `mkisofs` is not present in the Dom0, so the package can either be manually added to Dom0 or include the `mkisofs` binary in the image itself.
Related Options:
* `ipxe_network_name`
* `ipxe_boot_menu_url`
* - ``agent_resetnetwork_timeout`` = ``60``
- (Integer) Number of seconds to wait for agent's reply to resetnetwork request.
This indicates the amount of time xapi 'agent' plugin waits for the agent to respond to the 'resetnetwork' request specifically. The generic timeout for agent communication ``agent_timeout`` is ignored in this case.
* - ``torrent_download_stall_cutoff`` = ``600``
- (Integer) Number of seconds a download can remain at the same progress percentage w/o being considered a stall.
- **Deprecated**
The torrent feature has not been tested nor maintained, and as such is being removed.
* - ``image_compression_level`` = ``None``
- (Integer) Compression level for images.
By setting this option we can configure the gzip compression level. This option sets GZIP environment variable before spawning tar -cz to force the compression level. It defaults to none, which means the GZIP environment variable is not set and the default (usually -6) is used.
Possible values:
* Range is 1-9, e.g., 9 for gzip -9, 9 being most compressed but most CPU intensive on dom0.
* Any values out of this range will default to None.
* - ``sr_matching_filter`` = ``default-sr:true``
- (String) Filter for finding the SR to be used to install guest instances on.
Possible values:
@ -222,87 +450,3 @@
* To select an SR with a different matching criteria, you could set it to other-config:my_favorite_sr=true.
* To fall back on the Default SR, as displayed by XenCenter, set this flag to: default-sr:true.
* - ``target_host`` = ``None``
- (String) The iSCSI Target Host.
This option represents the hostname or ip of the iSCSI Target. If the target host is not present in the connection information from the volume provider then the value from this option is taken.
Possible values:
* Any string that represents hostname/ip of Target.
* - ``target_port`` = ``3260``
- (String) The iSCSI Target Port.
This option represents the port of the iSCSI Target. If the target port is not present in the connection information from the volume provider then the value from this option is taken.
* - ``torrent_base_url`` = ``None``
- (String) Base URL for torrent files; must contain a slash character (see RFC 1808, step 6)
* - ``torrent_download_stall_cutoff`` = ``600``
- (Integer) Number of seconds a download can remain at the same progress percentage w/o being considered a stall
* - ``torrent_images`` = ``none``
- (String) Whether or not to download images via Bit Torrent.
The value for this option must be choosen from the choices listed here. Configuring a value other than these will default to 'none'.
Possible values:
* ``all``: will download all images.
* ``some``: will only download images that have the image_property ``bittorrent=true``.
* ``none``: will turnoff downloading images via Bit Torrent.
* - ``torrent_listen_port_end`` = ``6891``
- (Port number) End of port range to listen on
* - ``torrent_listen_port_start`` = ``6881``
- (Port number) Beginning of port range to listen on
* - ``torrent_max_last_accessed`` = ``86400``
- (Integer) Cached torrent files not accessed within this number of seconds can be reaped
* - ``torrent_max_seeder_processes_per_host`` = ``1``
- (Integer) Maximum number of seeder processes to run concurrently within a given dom0. (-1 = no limit)
* - ``torrent_seed_chance`` = ``1.0``
- (Floating point) Probability that peer will become a seeder. (1.0 = 100%)
* - ``torrent_seed_duration`` = ``3600``
- (Integer) Number of seconds after downloading an image via BitTorrent that it should be seeded for other peers.
* - ``use_agent_default`` = ``False``
- (Boolean) Whether or not to use the agent by default when its usage is enabled but not indicated by the image.
The use of XenAPI agent can be disabled altogether using the configuration option ``disable_agent``. However, if it is not disabled, the use of an agent can still be controlled by the image in use through one of its properties, ``xenapi_use_agent``. If this property is either not present or specified incorrectly on the image, the use of agent is determined by this configuration option.
Note that if this configuration is set to ``True`` when the agent is not present, the boot times will increase significantly.
Related options:
* ``disable_agent``
* - ``use_join_force`` = ``True``
- (Boolean) When adding new host to a pool, this will append a --force flag to the command, forcing hosts to join a pool, even if they have different CPUs.
Since XenServer version 5.6 it is possible to create a pool of hosts that have different CPU capabilities. To accommodate CPU differences, XenServer limited features it uses to determine CPU compatibility to only the ones that are exposed by CPU and support for CPU masking was added. Despite this effort to level differences between CPUs, it is still possible that adding new host will fail, thus option to force join was introduced.
* - ``vhd_coalesce_max_attempts`` = ``20``
- (Integer) Max number of times to poll for VHD to coalesce.
This option determines the maximum number of attempts that can be made for coalescing the VHD before giving up.
Related opitons:
* `vhd_coalesce_poll_interval`
* - ``vhd_coalesce_poll_interval`` = ``5.0``
- (Floating point) The interval used for polling of coalescing vhds.
This is the interval after which the task of coalesce VHD is performed, until it reaches the max attempts that is set by vhd_coalesce_max_attempts.
Related options:
* `vhd_coalesce_max_attempts`
* - ``vif_driver`` = ``nova.virt.xenapi.vif.XenAPIBridgeDriver``
- (String) The XenAPI VIF driver using XenServer Network APIs.
* - **[xvp]**
-
* - ``console_xvp_conf`` = ``/etc/xvp.conf``
- (String) Generated XVP conf file
* - ``console_xvp_conf_template`` = ``$pybasedir/nova/console/xvp.conf.template``
- (String) XVP conf template
* - ``console_xvp_log`` = ``/var/log/xvp.log``
- (String) XVP log file
* - ``console_xvp_multiplex_port`` = ``5900``
- (Port number) Port for XVP to multiplex VNC connections on
* - ``console_xvp_pid`` = ``/var/run/xvp.pid``
- (String) XVP master process pid file

38
doc/config-reference/source/tables/nova-xvp.rst Normal file
View File

@ -0,0 +1,38 @@
..
Warning: Do not edit this file. It is automatically generated from the
software project's code and your changes will be overwritten.
The tool to generate this file lives in openstack-doc-tools repository.
Please make any changes needed in the code, then run the
autogenerate-config-doc tool from the openstack-doc-tools repository, or
ask for help on the documentation mailing list, IRC channel or meeting.
.. _nova-xvp:
.. list-table:: Description of xvp configuration options
:header-rows: 1
:class: config-ref-table
* - Configuration option = Default value
- Description
* - ``console_xvp_pid`` = ``/var/run/xvp.pid``
- (String) XVP master process pid file
* - ``console_xvp_multiplex_port`` = ``5900``
- (Port number) Port for XVP to multiplex VNC connections on
* - ``console_xvp_log`` = ``/var/log/xvp.log``
- (String) XVP log file
* - ``console_xvp_conf`` = ``/etc/xvp.conf``
- (String) Generated XVP conf file
* - ``console_xvp_conf_template`` = ``$pybasedir/nova/console/xvp.conf.template``
- (String) XVP conf template