openstack
/
openstack-manuals
Code Issues Proposed changes
openstack-manuals/doc/config-reference/source/tables/neutron-metadata.rst

3.0 KiB
Raw Blame History

Description of metadata configuration options
Configuration option = Default value Description
[DEFAULT]
metadata_backlog = 4096 (Integer) Number of backlog requests to configure the metadata server socket with
metadata_proxy_group = (String) Group (gid or name) running metadata proxy after its initialization (if empty: agent effective group).
metadata_proxy_shared_secret = (String) When proxying metadata requests, Neutron signs the Instance-ID header with a shared secret to prevent spoofing. You may select any string for a secret, but it must match here and in the configuration used by the Nova Metadata Server. NOTE: Nova uses the same config key, but in [neutron] section.
metadata_proxy_socket = $state_path/metadata_proxy (String) Location of Metadata Proxy UNIX domain socket
metadata_proxy_socket_mode = deduce (String) Metadata Proxy UNIX domain socket mode, 4 values allowed: 'deduce': deduce mode from metadata_proxy_user/group values, 'user': set metadata proxy socket mode to 0o644, to use when metadata_proxy_user is agent effective user or root, 'group': set metadata proxy socket mode to 0o664, to use when metadata_proxy_group is agent effective group or root, 'all': set metadata proxy socket mode to 0o666, to use otherwise.
metadata_proxy_user = (String) User (uid or name) running metadata proxy after its initialization (if empty: agent effective user).
metadata_proxy_watch_log = None (Boolean) Enable/Disable log watch by metadata proxy. It should be disabled when metadata_proxy_user/group is not allowed to read/write its log file and copytruncate logrotate option must be used if logrotate is enabled on metadata proxy log files. Option default value is deduced from metadata_proxy_user: watch log is enabled if metadata_proxy_user is agent effective user id/name.
metadata_workers = 0 (Integer) Number of separate worker processes for metadata server (defaults to half of the number of CPUs)
nova_metadata_insecure = False (Boolean) Allow to perform insecure SSL (https) requests to nova metadata
nova_metadata_ip = 127.0.0.1 (String) IP address used by Nova metadata server.
nova_metadata_port = 8775 (Port number) TCP Port used by Nova metadata server.
nova_metadata_protocol = http (String) Protocol to access nova metadata, http or https