diff --git a/.gitignore b/.gitignore deleted file mode 100644 index e435250..0000000 --- a/.gitignore +++ /dev/null @@ -1,21 +0,0 @@ -# Python stuff -*.pyc -.idea -ProcfileHonchoLocal -.venv -.tox -tags -.testrepository - -# Vim stuff -.swp -.swo -.*.swp -.*.swo -.ropeproject - -# Vagrant state -.vagrant -vagrant_ansible_inventory_dev -dev.out.txt -web.out.txt diff --git a/.gitreview b/.gitreview deleted file mode 100644 index 70c407c..0000000 --- a/.gitreview +++ /dev/null @@ -1,4 +0,0 @@ -[gerrit] -host=review.openstack.org -port=29418 -project=stackforge/rubick.git diff --git a/.testr.conf b/.testr.conf deleted file mode 100644 index 888f7de..0000000 --- a/.testr.conf +++ /dev/null @@ -1,8 +0,0 @@ -[DEFAULT] -test_command=OS_STDOUT_CAPTURE=${OS_STDOUT_CAPTURE:-1} \ - OS_STDERR_CAPTURE=${OS_STDERR_CAPTURE:-1} \ - OS_TEST_TIMEOUT=${OS_TEST_TIMEOUT:-60} \ - ${PYTHON:-python} -m subunit.run discover -t ./ ./ $LISTOPT $IDOPTION - -test_id_option=--load-list $IDFILE -test_list_option=--list diff --git a/README.md b/README.md deleted file mode 100644 index 7392e7a..0000000 --- a/README.md +++ /dev/null @@ -1,32 +0,0 @@ -# Rubick - -Rubick is a tool to analyze OpenStack installation for possible problems. It is -a library that provides a representation of the OpenStack configuration and -inspection/validation/analysis actions on that representation. - -## Config representation - -The first step to create representation of OpenStack architecture and -configuration is a collection of data from an installation of the platform. -There are several ways to collect those data, including automated discovery from -different sources. The most simple way is to parse pre-populated directory -structure that contain configuration files of OpenStack services from different -nodes in a cluster. - -With more complicated discovery engines, it is possible that those files are -collected automatically via SSH based on inspection of process list at every -node listed in hypervisor inventory of OpenStack Compute service, and even more -complicated scenarios. However, that is a scope of specialized discovery service -which Rubick is not at the moment. - -The next step is to organize all the colleced data into single data structure, -called OpenStack configration model. This is an object model that includes -physical nodes of the cluster, OpenStack services and their instances, -configuration parameters, etc. See detailed description of the proposed model in -the documentation. - -## Config analysis - -Once the OpenStack configuration model is created, it could be used to validate -the correctness of static OpenStack settings, as well as the dynamic state of -OpenStack cluster. diff --git a/README.rst b/README.rst new file mode 100644 index 0000000..9006052 --- /dev/null +++ b/README.rst @@ -0,0 +1,7 @@ +This project is no longer maintained. + +The contents of this repository are still available in the Git source code +management system. To see the contents of this repository before it reached +its end of life, please check out the previous commit with +"git checkout HEAD^1". + diff --git a/Vagrantfile b/Vagrantfile deleted file mode 100644 index 43a1a6f..0000000 --- a/Vagrantfile +++ /dev/null @@ -1,21 +0,0 @@ -# -*- mode: ruby -*- -# vi: set ft=ruby : - -Vagrant.configure("2") do |config| - - config.vm.define "web" do |web| - web.vm.box = "ubuntu12.04-server-amd64" - web.vm.box_url = "http://goo.gl/8kWkm" - web.vm.network "forwarded_port", guest: 8008, host: 8008, host_ip: '0.0.0.0' - web.vm.provider "virtualbox" do |vb| - vb.customize ["modifyvm", :id, "--memory", "1024"] - vb.customize ["modifyvm", :id, "--cpus", "1"] - end - web.vm.provision :chef_solo do |chef| - chef.log_level = :debug - chef.cookbooks_path = ["vagrant/cookbooks"] - chef.add_recipe "rubick" - end - end - -end diff --git a/discover_test.py b/discover_test.py deleted file mode 100644 index dc972e5..0000000 --- a/discover_test.py +++ /dev/null @@ -1,136 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -import argparse -import json -from itertools import groupby -import logging -import sys - -from rubick.common import MarkedIssue, Inspection -from rubick.discovery import OpenstackDiscovery -import rubick.inspections # noqa -import rubick.schemas # noqa -from rubick.json import openstack_for_json - - -def indent_prefix(indent=0): - s = '' - if indent > 0: - for i in range(0, indent): - s += ' ' - return s - - -def print_issue(issue, indent=0): - prefix = indent_prefix(indent) - - if hasattr(issue, 'mark'): - print( - '%s[%s] %s (line %d column %d)' % - (prefix, issue.type, issue.message, - issue.mark.line + 1, issue.mark.column + 1)) - else: - print('%s[%s] %s' % (prefix, issue.type, issue.message)) - - -def print_issues(issues, indent=0): - issue_source_f = lambda i: i.mark.source if isinstance( - i, MarkedIssue) else None - source_groupped_issues = groupby( - sorted(issues, key=issue_source_f), key=issue_source_f) - - for source, issues in source_groupped_issues: - if source: - print('%sFile %s' % (indent_prefix(indent), source)) - for issue in sorted(issues, key=lambda i: i.mark.line): - print_issue(issue, indent + 1) - else: - for issue in issues: - print_issue(issue, indent) - - -def print_service(service): - print(' ' + service.name) - print_issues(service.issues, indent=3) - - -def print_path(path): - print(' ' + path.path) - print_issues(path.all_issues, indent=3) - - -def print_host(host): - print(host) - - print_issues(host.issues, indent=1) - - print(' Services:') - - for service in sorted(host.components, key=lambda c: c.name): - print_service(service) - - print(' Filesystem:') - - for path in sorted(host.filesystem.values(), key=lambda f: f.path): - print_path(path) - - -def print_openstack(openstack): - print_issues(openstack.issues) - - for host in openstack.hosts: - print_host(host) - - -def parse_args(argv): - parser = argparse.ArgumentParser() - parser.add_argument('-l', '--loglevel', default='INFO', - help='Loglevel to use') - parser.add_argument('-j', '--json', dest='json', default=False, - action='store_true', - help='Output result in JSON format') - args = parser.parse_args(argv[1:]) - return args - - -def main(argv): - args = parse_args(argv) - params = vars(args) - - logging.basicConfig(level=logging.WARNING) - logging.getLogger('rubick').setLevel(params['loglevel']) - - discovery = OpenstackDiscovery() - try: - with open('test_rsa') as f: - private_key = f.read() - except Exception: - private_key = sys.stdin.read() - - openstack = discovery.discover( - ['172.18.65.179'], - private_key=private_key) - - all_inspections = Inspection.all_inspections() - for inspection in all_inspections: - x = inspection() - x.inspect(openstack) - - if params['json']: - print(json.dumps(openstack_for_json(openstack))) - else: - print_openstack(openstack) - -if __name__ == '__main__': - main(sys.argv) diff --git a/doc/source/images/classes_Rubick.png b/doc/source/images/classes_Rubick.png deleted file mode 100644 index 6a17c6c..0000000 Binary files a/doc/source/images/classes_Rubick.png and /dev/null differ diff --git a/doc/source/images/mvp0_demo_preparation_plan.png b/doc/source/images/mvp0_demo_preparation_plan.png deleted file mode 100644 index 94aa3bf..0000000 Binary files a/doc/source/images/mvp0_demo_preparation_plan.png and /dev/null differ diff --git a/doc/source/images/openstack_cloud_lifecycle.png b/doc/source/images/openstack_cloud_lifecycle.png deleted file mode 100644 index 33494ca..0000000 Binary files a/doc/source/images/openstack_cloud_lifecycle.png and /dev/null differ diff --git a/doc/source/images/openstack_integration.png b/doc/source/images/openstack_integration.png deleted file mode 100644 index 7c1cbe3..0000000 Binary files a/doc/source/images/openstack_integration.png and /dev/null differ diff --git a/doc/source/images/openstack_integration_tripleo_arch.png b/doc/source/images/openstack_integration_tripleo_arch.png deleted file mode 100644 index a7b7b79..0000000 Binary files a/doc/source/images/openstack_integration_tripleo_arch.png and /dev/null differ diff --git a/doc/source/images/openstack_integration_tripleo_seq.png b/doc/source/images/openstack_integration_tripleo_seq.png deleted file mode 100644 index 4b4f2a5..0000000 Binary files a/doc/source/images/openstack_integration_tripleo_seq.png and /dev/null differ diff --git a/doc/source/images/packages_Rubick.png b/doc/source/images/packages_Rubick.png deleted file mode 100644 index 5b520f7..0000000 Binary files a/doc/source/images/packages_Rubick.png and /dev/null differ diff --git a/doc/source/images/rules_engine_class_model.png b/doc/source/images/rules_engine_class_model.png deleted file mode 100644 index 1332c17..0000000 Binary files a/doc/source/images/rules_engine_class_model.png and /dev/null differ diff --git a/doc/source/images/service_architecture.png b/doc/source/images/service_architecture.png deleted file mode 100644 index 01c5c4f..0000000 Binary files a/doc/source/images/service_architecture.png and /dev/null differ diff --git a/doc/source/images/src/classes_Rubick.dot b/doc/source/images/src/classes_Rubick.dot deleted file mode 100644 index a03badd..0000000 --- a/doc/source/images/src/classes_Rubick.dot +++ /dev/null @@ -1,132 +0,0 @@ -digraph "classes_Rubick" { -charset="utf-8" -rankdir=BT -"4" [shape="record", label="{KeystoneEndpointsInspection|name : str\ldescription\l|inspect()\l}"]; -"6" [shape="record", label="{SimpleNodeDiscovery|logger : NoneType, RootLogger\l|test_connection()\ldiscover()\l}"]; -"7" [shape="record", label="{SshShell|\l|}"]; -"8" [shape="record", label="{NodeClient|use_sudo\lshell\llogger : NoneType, RootLogger\l|open()\lrun()\l}"]; -"9" [shape="record", label="{JokerNodeDiscovery|logger : NoneType, RootLogger\l|test_connection()\ldiscover()\l}"]; -"10" [shape="record", label="{OpenstackDiscovery|logger : NoneType, RootLogger\lnode_discovery_klass\l|discover()\ltest_connection()\l}"]; -"12" [shape="record", label="{KeystoneAuthtokenSettingsInspection|name : str\ldescription : str\l|inspect()\l}"]; -"14" [shape="record", label="{LettuceRunnerInspection|base_path\l|rules()\linspect()\l}"]; -"16" [shape="record", label="{Configuration|\l|set()\lget()\lkeys()\lsection()\lcontains()\lis_default()\litems()\lset_default()\l}"]; -"17" [shape="record", label="{ConfigSection|name\lparameters\l|}"]; -"18" [shape="record", label="{TextElement|text\l|}"]; -"19" [shape="record", label="{Element|end_mark\lstart_mark\l|}"]; -"20" [shape="record", label="{ComponentConfig|errors : list\lsections : list\lname\l|}"]; -"21" [shape="record", label="{ConfigurationWrapper|state\lconfig\l|}"]; -"22" [shape="record", label="{ConfigParameterName|\l|}"]; -"23" [shape="record", label="{ConfigParameterValue|quotechar : NoneType\lvalue : NoneType\l|}"]; -"24" [shape="record", label="{ConfigSectionName|\l|}"]; -"25" [shape="record", label="{ConfigurationSection|section\lconfig\l|set()\lget()\lkeys()\lcontains()\lis_default()\litems()\lset_default()\l}"]; -"26" [shape="record", label="{ConfigParameter|delimiter\lname\lvalue\l|}"]; -"29" [shape="record", label="{InspectionRequest|username\lnodes\lpassword : NoneType\lprivate_key : NoneType\l|}"]; -"30" [shape="record", label="{InspectionResult|request\lvalue\l|}"]; -"38" [shape="record", label="{SchemaWriter|project\lversion\lfile\l|comment()\lparam()\lsection()\l}"]; -"43" [shape="record", label="{Cluster|data : dict\l|as_doc()\lfor_json()\lfrom_doc()\l}"]; -"44" [shape="record", label="{RuleGroup|all : list\lHA : str\lVALIDITY : str\lBEST_PRACTICES : str\l|}"]; -"47" [fontcolor="red", shape="record", label="{RubickException|\l|}"]; -"48" [fontcolor="red", shape="record", label="{SchemaException|\l|}"]; -"49" [fontcolor="red", shape="record", label="{ValidatorException|\l|}"]; -"55" [shape="record", label="{MarkTests|\l|test_merge()\ltest_creation()\l}"]; -"57" [shape="record", label="{StringDictTypeValidatorTests|type_name : str\l|test_single_value()\ltest_empty_value()\ltest_list_of_values()\l}"]; -"58" [shape="record", label="{StringTypeValidatorTests|type_name : str\l|test_validation_always_passes()\ltest_empty_string_passes()\ltest_should_return_same_string_if_valid()\l}"]; -"59" [shape="record", label="{TypeValidatorTestHelper|validator\l|setUp()\lassertInvalid()\lassertValid()\l}"]; -"60" [shape="record", label="{IntegerTypeValidatorTests|type_name : str\l|test_negative_values_are_valid()\ltest_positive_values_are_valid()\ltest_invalid_char_error_contains_proper_column_in_mark()\ltest_invalid_char_error_contains_proper_column_if_leading_whitespaces()\ltest_trailing_whitespace_is_ignored()\ltest_non_digits_are_invalid()\ltest_returns_integer_if_valid()\ltest_zero_is_valid()\ltest_leading_whitespace_is_ignored()\l}"]; -"61" [shape="record", label="{NetworkAddressTypeValidatorTests|type_name : str\l|test_no_prefix_length()\ltest_non_integer_prefix_length()\ltest_prefix_greater_than_32()\ltest_ipv4_network()\ltest_value_with_less_than_4_numbers_separated_by_dots()\ltest_returns_address()\ltest_ipv4_like_string_with_numbers_greater_than_255()\l}"]; -"62" [shape="record", label="{PortTypeValidatorTests|type_name : str\l|test_leading_and_or_trailing_whitespace_is_ignored()\ltest_high_boundary_is_valid()\ltest_returns_integer_if_valid()\ltest_zero_invalid()\ltest_negatives_are_invalid()\ltest_non_digits_are_invalid()\ltest_empty()\ltest_low_boundary_is_valid()\ltest_values_greater_than_65535_are_invalid()\ltest_positive_integer()\l}"]; -"63" [shape="record", label="{BooleanTypeValidatorTests|type_name : str\l|test_True()\ltest_other_values_produce_error()\ltest_False()\l}"]; -"64" [shape="record", label="{HostAndPortTypeValidatorTests|type_name : str\l|test_no_port()\ltest_port_is_not_an_integer()\ltest_port_is_greater_than_65535()\ltest_value_with_less_than_4_numbers_separated_by_dots()\ltest_returns_address()\ltest_ipv4_like_string_with_numbers_greater_than_255()\ltest_ipv4_address()\l}"]; -"65" [shape="record", label="{HostAddressTypeValidatorTests|type_name : str\l|test_value_with_less_than_4_numbers_separated_by_dots()\ltest_host_with_empty_parts()\ltest_mark_should_point_to_incorrect_symbol()\ltest_host_parts_with_invalid_chars()\ltest_host_with_single_host_label()\ltest_host_name()\ltest_returns_address()\ltest_ipv4_like_string_with_numbers_greater_than_255()\ltest_host_that_ends_with_a_hyphen()\ltest_ipv4_address()\ltest_host_part_starting_with_non_letter()\l}"]; -"66" [shape="record", label="{StringListTypeValidatorTests|type_name : str\l|test_single_value()\ltest_empty_value()\ltest_list_of_values()\l}"]; -"68" [shape="record", label="{FileResource|owner\lpath\lgroup\lcontents\lpermissions\l|}"]; -"69" [shape="record", label="{IssueReporter|issues : list\l|all_issues()\lreport_issue()\l}"]; -"70" [shape="record", label="{CinderSchedulerComponent|config_files : list\lversion\lcomponent : str\lname : str\l|}"]; -"71" [shape="record", label="{MysqlComponent|config_files : list\lversion\lcomponent : str\lname : str\l|}"]; -"72" [shape="record", label="{Service|issues : list\l|report_issue()\lall_issues()\lhost()\lopenstack()\l}"]; -"73" [shape="record", label="{Host|components : list\lname\lnetwork_addresses : list\lid\l|openstack()\ladd_component()\lall_issues()\l}"]; -"74" [shape="record", label="{NovaApiComponent|config_files : list\lversion\lpaste_config_file : NoneType\lcomponent : str\lname : str\l|paste_config()\lall_issues()\l}"]; -"75" [shape="record", label="{KeystoneComponent|config_files : list\lversion\ldb : dict\lcomponent : str\lname : str\l|}"]; -"76" [shape="record", label="{GlanceApiComponent|config_files : list\lversion\lcomponent : str\lname : str\l|}"]; -"77" [shape="record", label="{CinderApiComponent|config_files : list\lversion\lpaste_config_file : NoneType\lcomponent : str\lname : str\l|}"]; -"78" [shape="record", label="{NovaComputeComponent|config_files : list\lversion\lcomponent : str\lname : str\l|}"]; -"79" [shape="record", label="{NovaSchedulerComponent|config_files : list\lversion\lcomponent : str\lname : str\l|}"]; -"80" [shape="record", label="{OpenstackComponent|logger : NoneType, RootLogger\lcomponent : NoneType\l|config()\l}"]; -"81" [shape="record", label="{RabbitMqComponent|version : str\lname : str\l|}"]; -"82" [shape="record", label="{GlanceRegistryComponent|config_files : list\lversion\lcomponent : str\lname : str\l|}"]; -"83" [shape="record", label="{CinderVolumeComponent|config_files : list\lversion\lrootwrap_config : NoneType\lcomponent : str\lname : str\l|}"]; -"84" [shape="record", label="{Openstack|hosts : list\l|components()\ladd_host()\lall_issues()\l}"]; -"87" [shape="record", label="{IniConfigParser|key_value_re\l|parse()\l}"]; -"90" [shape="record", label="{Inspection|\l|rules()\lall_inspections()\linspect()\l}"]; -"91" [shape="record", label="{Issue|message\ltype\lINFO : str\lWARNING : str\lFATAL : str\lERROR : str\l|}"]; -"92" [shape="record", label="{MarkedIssue|mark\l|offset_by()\l}"]; -"93" [shape="record", label="{Mark|column : int\lsource\lline : int\l|merge()\l}"]; -"94" [shape="record", label="{Version|parts : list\l|major()\lmaintenance()\lminor()\l}"]; -"95" [shape="record", label="{Error|message\l|}"]; -"97" [shape="record", label="{ConfigSchemaRegistryTests|\l|test_sample()\l}"]; -"99" [shape="record", label="{IniConfigParserTests|parser\l|test_default_section_name()\ltest_multiline_value()\lparse()\ltest_use_equals_delimiter_if_it_comes_before_colon()\ltest_errors_doesnt_affect_valid_parameters()\ltest_colon_as_delimiter()\ltest_wrapping_value_with_double_quotes_and_trailing_whitespace()\ltest_parsing_with_same_section()\ltest_wrapping_value_with_single_quotes_and_trailing_whitespace()\ltest_hash_in_value_is_part_of_the_value()\ltest_whole_line_comments_starting_with_hash()\ltest_returning_multiple_errors()\lsetUp()\ltest_spaces_in_key_causes_error()\ltest_multiline_value_finished_by_other_parameter()\ltest_use_colon_delimiter_if_it_comes_before_equals_sign()\ltest_wrapping_value_with_single_quotes()\ltest_whole_line_comments_starting_with_semicolon()\ltest_unclosed_section_causes_error()\ltest_parsing_with_different_sections()\lassertAttributes()\ltest_parsing_with_section()\ltest_missing_equals_sign_or_colon_causes_error()\lassertParameter()\ltest_parsing_iolike_source()\ltest_wrapping_value_with_double_quotes()\ltest_multiline_value_finished_by_empty_line()\ltest_parsing()\l}"]; -"101" [shape="record", label="{memoized|cache : dict\lfunc\l|}"]; -"104" [shape="record", label="{ConfigurationTests|default_value : str\lsection : str\lvalue : str\lparam : str\lfullparam\l|test_explicit_default_on_get()\ltest_contains_default()\ltest_is_default_returns_true_if_only_default_value_set()\ltest_normal_overrides_default()\ltest_keys()\ltest_storage()\ltest_cycle_template_substitution_resolves_in_empty_string()\ltest_subsection_keys()\ltest_subsection_getitem()\ltest_subsection_contains()\ltest_subsection_get()\ltest_subsection_items()\ltest_default()\ltest_is_default_returns_false_if_param_missing()\ltest_returns_section_object_even_if_section_doesnot_exist()\ltest_template_substitution()\ltest_parameter_names_containing_sections()\ltest_is_default_returns_false_if_both_values_set()\ltest_getitem()\ltest_contains()\ltest_subsection_setitem()\ltest_subsection_set()\ltest_is_default_returns_false_if_normal_value_set()\ltest_parameter_with_default_section()\ltest_empty()\ltest_getting_raw_values()\ltest_setitem()\ltest_contains_normal()\l}"]; -"106" [shape="record", label="{VersionTests|\l|test_equility()\ltest_creation_from_components()\ltest_non_equility()\ltest_creation_from_string()\ltest_creation_from_string_with_less_parts()\ltest_creation_from_other_version()\ltest_comparision()\l}"]; -"109" [shape="record", label="{ParseError|\l|}"]; -"114" [shape="record", label="{TypeValidatorRegistry|\l|register_validator()\lget_validator()\l}"]; -"115" [shape="record", label="{SchemaVersionRecord|checkpoint\lremovals : list\lversion\ladds : list\l|section()\lparam()\lremove_param()\l}"]; -"116" [shape="record", label="{ConfigParameterSchema|name\ldefault : NoneType\lsection : NoneType\lrequired : bool\ldeprecation_message : NoneType\ltype\ldescription : NoneType\l|}"]; -"117" [shape="record", label="{TypeValidator|f\l|validate()\l}"]; -"118" [shape="record", label="{ConfigSchema|version\lname\lparameters\lformat\l|get_parameter()\lhas_section()\l}"]; -"119" [shape="record", label="{ConfigSchemaRegistry|\l|register_schema()\lget_schema()\l}"]; -"120" [shape="record", label="{InvalidValueError|\l|}"]; -"121" [shape="record", label="{SchemaBuilder|data\l|version()\l}"]; -"122" [fontcolor="red", shape="record", label="{SchemaError|\l|}"]; -"123" [shape="record", label="{SchemaIssue|\l|}"]; -"4" -> "90" [arrowtail="none", arrowhead="empty"]; -"12" -> "90" [arrowtail="none", arrowhead="empty"]; -"14" -> "90" [arrowtail="none", arrowhead="empty"]; -"17" -> "19" [arrowtail="none", arrowhead="empty"]; -"18" -> "19" [arrowtail="none", arrowhead="empty"]; -"20" -> "19" [arrowtail="none", arrowhead="empty"]; -"22" -> "18" [arrowtail="none", arrowhead="empty"]; -"23" -> "18" [arrowtail="none", arrowhead="empty"]; -"24" -> "18" [arrowtail="none", arrowhead="empty"]; -"26" -> "19" [arrowtail="none", arrowhead="empty"]; -"48" -> "47" [arrowtail="none", arrowhead="empty"]; -"49" -> "47" [arrowtail="none", arrowhead="empty"]; -"57" -> "59" [arrowtail="none", arrowhead="empty"]; -"58" -> "59" [arrowtail="none", arrowhead="empty"]; -"60" -> "59" [arrowtail="none", arrowhead="empty"]; -"61" -> "59" [arrowtail="none", arrowhead="empty"]; -"62" -> "59" [arrowtail="none", arrowhead="empty"]; -"63" -> "59" [arrowtail="none", arrowhead="empty"]; -"64" -> "59" [arrowtail="none", arrowhead="empty"]; -"65" -> "59" [arrowtail="none", arrowhead="empty"]; -"66" -> "59" [arrowtail="none", arrowhead="empty"]; -"68" -> "69" [arrowtail="none", arrowhead="empty"]; -"70" -> "80" [arrowtail="none", arrowhead="empty"]; -"71" -> "72" [arrowtail="none", arrowhead="empty"]; -"72" -> "69" [arrowtail="none", arrowhead="empty"]; -"73" -> "69" [arrowtail="none", arrowhead="empty"]; -"74" -> "80" [arrowtail="none", arrowhead="empty"]; -"75" -> "80" [arrowtail="none", arrowhead="empty"]; -"76" -> "80" [arrowtail="none", arrowhead="empty"]; -"77" -> "80" [arrowtail="none", arrowhead="empty"]; -"78" -> "80" [arrowtail="none", arrowhead="empty"]; -"79" -> "80" [arrowtail="none", arrowhead="empty"]; -"80" -> "72" [arrowtail="none", arrowhead="empty"]; -"81" -> "72" [arrowtail="none", arrowhead="empty"]; -"82" -> "80" [arrowtail="none", arrowhead="empty"]; -"83" -> "80" [arrowtail="none", arrowhead="empty"]; -"84" -> "69" [arrowtail="none", arrowhead="empty"]; -"92" -> "91" [arrowtail="none", arrowhead="empty"]; -"109" -> "92" [arrowtail="none", arrowhead="empty"]; -"120" -> "92" [arrowtail="none", arrowhead="empty"]; -"122" -> "47" [arrowtail="none", arrowhead="empty"]; -"123" -> "91" [arrowtail="none", arrowhead="empty"]; -"7" -> "8" [arrowhead="diamond", style="solid", arrowtail="none", fontcolor="green", label="shell"]; -"9" -> "10" [arrowhead="diamond", style="solid", arrowtail="none", fontcolor="green", label="node_discovery_klass"]; -"68" -> "74" [arrowhead="diamond", style="solid", arrowtail="none", fontcolor="green", label="paste_config_file"]; -"68" -> "77" [arrowhead="diamond", style="solid", arrowtail="none", fontcolor="green", label="paste_config_file"]; -"68" -> "83" [arrowhead="diamond", style="solid", arrowtail="none", fontcolor="green", label="rootwrap_config"]; -"87" -> "99" [arrowhead="diamond", style="solid", arrowtail="none", fontcolor="green", label="parser"]; -"94" -> "115" [arrowhead="diamond", style="solid", arrowtail="none", fontcolor="green", label="version"]; -"94" -> "118" [arrowhead="diamond", style="solid", arrowtail="none", fontcolor="green", label="version"]; -} diff --git a/doc/source/images/src/mvp0_demo_preparation_plan.txt b/doc/source/images/src/mvp0_demo_preparation_plan.txt deleted file mode 100644 index 16de79c..0000000 --- a/doc/source/images/src/mvp0_demo_preparation_plan.txt +++ /dev/null @@ -1,30 +0,0 @@ -@startuml -frame "Peter" { - [network emulation] - cloud { - [demo scenario] - } -} -frame "Sergey" { - [network emulation] --> [salt bootstrap] - [salt bootstrap] --> [nodes discovery] -} - -frame "Max" { - [config files collector] - [config-inspector] -up-> [demo scenario] -} -frame "Ilya" { - [tripleo-image-elements] --> [os-collect-config] - [tripleo-heat-templates] --> [os-collect-config] -} -frame "Kirill" { - [rules editing engine] <-- [config-inspector] - [rules editing engine] --> [demo scenario] -} -[nodes discovery] --> nodelist -nodelist --> [config files collector] -[config files collector] --> JSON -JSON --> [config-inspector] -[os-collect-config] --> JSON -@enduml diff --git a/doc/source/images/src/openstack_cloud_lifecycle.txt b/doc/source/images/src/openstack_cloud_lifecycle.txt deleted file mode 100644 index 4581544..0000000 --- a/doc/source/images/src/openstack_cloud_lifecycle.txt +++ /dev/null @@ -1,7 +0,0 @@ -@startuml - -(*) -right-> [OpenStack Services\nNova, Keystone, Neutron,\nGlance, Heat, Swift] "Deployment" -"Deployment" -right-> [OpenStack Deployment\nFuel, TripleO, Devstack] "Operation\nMaintenance" -"Operation\nMaintenance" -right-> [DRAGONS?\nTuskar, Rubick] (*) - -@enduml diff --git a/doc/source/images/src/openstack_integration_tripleo_arch.txt b/doc/source/images/src/openstack_integration_tripleo_arch.txt deleted file mode 100644 index 9185caa..0000000 --- a/doc/source/images/src/openstack_integration_tripleo_arch.txt +++ /dev/null @@ -1,61 +0,0 @@ -@startuml - -frame "Undercloud" { - - package "Metadata services" { - [Heat] - [CFN] - [EC2] - } - - frame "TripleO" { - cloud { - folder "tripleo-image-elements" { - () "nova.conf" - () "keystone.conf" - () "glance.conf" - () "..." - } - [diskimage-builder] -- nova.conf - [diskimage-builder] -- keystone.conf - [diskimage-builder] -- glance.conf - [diskimage-builder] -- ... - } - [os-collect-config] --> JSON - JSON --> [os-refresh-config] - } - - frame "Tuskar" { - [Tuskar] - } - - frame "OpenStack Dashboard" { - [Tuskar-UI] - [Rubick-UI] - } - - cloud { - [OpenStack Diagnostics] << Rubick >> - } - - () HOT - () Templates - - frame "Glance" { - [Images] - } -} - -[Heat] --> [os-collect-config] -[CFN] --> [os-collect-config] -[EC2] --> [os-collect-config] -[Tuskar] -- HOT -HOT -- [Heat] -HOT -- [OpenStack Diagnostics] -[OpenStack Diagnostics] -- [Rubick-UI] -[Tuskar] -- [Tuskar-UI] -[diskimage-builder] -right-> [Images] -[diskimage-builder] -up-> Templates -Templates --> [OpenStack Diagnostics] - -@enduml diff --git a/doc/source/images/src/openstack_integration_tripleo_seq.txt b/doc/source/images/src/openstack_integration_tripleo_seq.txt deleted file mode 100644 index 8e16142..0000000 --- a/doc/source/images/src/openstack_integration_tripleo_seq.txt +++ /dev/null @@ -1,15 +0,0 @@ -@startuml - -User -> Tuskar: Create cluster (metadata) -Tuskar -> Heat: Create HOT (metadata) -Tuskar -> diskimagebuilder: Create images\n(config files templates) -Tuskar -> Rubick: Verify config -Rubick -> Heat: Get HOT -Heat -> Rubick: HOT (metadata) -Rubick -> diskimagebuilder: Get config\nfiles templates -diskimagebuilder -> Rubick: Templates -Rubick -> Rubick: Create data model\nInpspect config -Rubick -> Tuskar: Config report -Tuskar -> User: Config report - -@enduml diff --git a/doc/source/images/src/packages_Rubick.dot b/doc/source/images/src/packages_Rubick.dot deleted file mode 100644 index f00fe04..0000000 --- a/doc/source/images/src/packages_Rubick.dot +++ /dev/null @@ -1,103 +0,0 @@ -digraph "packages_Rubick" { -charset="utf-8" -rankdir=BT -"3" [shape="box", label="rubick.inspections.keystone_endpoints"]; -"5" [shape="box", label="rubick.discovery"]; -"11" [shape="box", label="rubick.inspections.keystone_authtoken"]; -"13" [shape="box", label="rubick.inspections.lettuce_runner"]; -"15" [shape="box", label="rubick.config_model"]; -"27" [shape="box", label="rubick.main"]; -"28" [shape="box", label="rubick.celery"]; -"31" [shape="box", label="rubick"]; -"32" [shape="box", label="rubick.config_formats"]; -"33" [shape="box", label="rubick.schemas.glance"]; -"34" [shape="box", label="rubick.schemas.swift.v2013_2"]; -"35" [shape="box", label="rubick.schemas.glance.v2013_2"]; -"36" [shape="box", label="rubick.json"]; -"37" [shape="box", label="rubick.schemas.schema_generator"]; -"39" [shape="box", label="rubick.schemas.keystone.v2013_2"]; -"40" [shape="box", label="rubick.schemas.nova.v2013_2"]; -"41" [shape="box", label="rubick.schemas.cinder"]; -"42" [shape="box", label="rubick.database"]; -"45" [shape="box", label="rubick.schemas.nova.v2013_1_4"]; -"46" [shape="box", label="rubick.exceptions"]; -"50" [shape="box", label="rubick.schemas.nova.v2013_1_3"]; -"51" [shape="box", label="rubick.schemas.nova"]; -"52" [shape="box", label="rubick.schemas.keystone.v2013_1_4"]; -"53" [shape="box", label="rubick.schemas.keystone.v2013_1_3"]; -"54" [shape="box", label="rubick.test_mark"]; -"56" [shape="box", label="rubick.test_type_validators"]; -"67" [shape="box", label="rubick.model"]; -"85" [shape="box", label="rubick.inspections"]; -"86" [shape="box", label="rubick.config_formats.ini"]; -"88" [shape="box", label="rubick.schemas.neutron.v2013_2"]; -"89" [shape="box", label="rubick.common"]; -"96" [shape="box", label="rubick.test_config_schema_registry"]; -"98" [shape="box", label="rubick.config_formats.test_ini"]; -"100" [shape="box", label="rubick.utils"]; -"102" [shape="box", label="rubick.schemas.keystone"]; -"103" [shape="box", label="rubick.test_configuration"]; -"105" [shape="box", label="rubick.test_version"]; -"107" [shape="box", label="rubick.schemas.swift"]; -"108" [shape="box", label="rubick.config_formats.common"]; -"110" [shape="box", label="rubick.schemas.cinder.v2013_2"]; -"111" [shape="box", label="rubick.schemas.neutron"]; -"112" [shape="box", label="rubick.schemas"]; -"113" [shape="box", label="rubick.schema"]; -"124" [shape="box", label="rubick.schemas.cinder.v2013_1_3"]; -"3" -> "89" [arrowtail="none", arrowhead="open"]; -"5" -> "67" [arrowtail="none", arrowhead="open"]; -"5" -> "46" [arrowtail="none", arrowhead="open"]; -"5" -> "89" [arrowtail="none", arrowhead="open"]; -"11" -> "89" [arrowtail="none", arrowhead="open"]; -"13" -> "89" [arrowtail="none", arrowhead="open"]; -"27" -> "31" [arrowtail="none", arrowhead="open"]; -"28" -> "85" [arrowtail="none", arrowhead="open"]; -"28" -> "28" [arrowtail="none", arrowhead="open"]; -"28" -> "89" [arrowtail="none", arrowhead="open"]; -"28" -> "42" [arrowtail="none", arrowhead="open"]; -"28" -> "36" [arrowtail="none", arrowhead="open"]; -"28" -> "5" [arrowtail="none", arrowhead="open"]; -"31" -> "27" [arrowtail="none", arrowhead="open"]; -"32" -> "89" [arrowtail="none", arrowhead="open"]; -"32" -> "86" [arrowtail="none", arrowhead="open"]; -"33" -> "35" [arrowtail="none", arrowhead="open"]; -"34" -> "113" [arrowtail="none", arrowhead="open"]; -"35" -> "113" [arrowtail="none", arrowhead="open"]; -"39" -> "113" [arrowtail="none", arrowhead="open"]; -"40" -> "113" [arrowtail="none", arrowhead="open"]; -"41" -> "124" [arrowtail="none", arrowhead="open"]; -"45" -> "113" [arrowtail="none", arrowhead="open"]; -"50" -> "113" [arrowtail="none", arrowhead="open"]; -"51" -> "50" [arrowtail="none", arrowhead="open"]; -"52" -> "113" [arrowtail="none", arrowhead="open"]; -"53" -> "113" [arrowtail="none", arrowhead="open"]; -"54" -> "89" [arrowtail="none", arrowhead="open"]; -"56" -> "113" [arrowtail="none", arrowhead="open"]; -"56" -> "89" [arrowtail="none", arrowhead="open"]; -"67" -> "113" [arrowtail="none", arrowhead="open"]; -"67" -> "89" [arrowtail="none", arrowhead="open"]; -"67" -> "15" [arrowtail="none", arrowhead="open"]; -"67" -> "100" [arrowtail="none", arrowhead="open"]; -"67" -> "32" [arrowtail="none", arrowhead="open"]; -"85" -> "11" [arrowtail="none", arrowhead="open"]; -"85" -> "13" [arrowtail="none", arrowhead="open"]; -"85" -> "3" [arrowtail="none", arrowhead="open"]; -"86" -> "15" [arrowtail="none", arrowhead="open"]; -"86" -> "108" [arrowtail="none", arrowhead="open"]; -"88" -> "113" [arrowtail="none", arrowhead="open"]; -"96" -> "113" [arrowtail="none", arrowhead="open"]; -"96" -> "89" [arrowtail="none", arrowhead="open"]; -"98" -> "86" [arrowtail="none", arrowhead="open"]; -"102" -> "53" [arrowtail="none", arrowhead="open"]; -"103" -> "15" [arrowtail="none", arrowhead="open"]; -"105" -> "113" [arrowtail="none", arrowhead="open"]; -"107" -> "34" [arrowtail="none", arrowhead="open"]; -"108" -> "89" [arrowtail="none", arrowhead="open"]; -"110" -> "113" [arrowtail="none", arrowhead="open"]; -"111" -> "88" [arrowtail="none", arrowhead="open"]; -"112" -> "41" [arrowtail="none", arrowhead="open"]; -"113" -> "89" [arrowtail="none", arrowhead="open"]; -"113" -> "46" [arrowtail="none", arrowhead="open"]; -"124" -> "113" [arrowtail="none", arrowhead="open"]; -} diff --git a/doc/source/images/src/rules_engine_class_model.txt b/doc/source/images/src/rules_engine_class_model.txt deleted file mode 100644 index 98628e6..0000000 --- a/doc/source/images/src/rules_engine_class_model.txt +++ /dev/null @@ -1,23 +0,0 @@ -@startuml - -package "common.py" { - class "Inspection" { - } - class "Issue" { - } - class "Mark" { - } - class "Error" { - } - class "Version" { - } -} - -package "model.py" { - class "Model" { - } -} - -Inspection --|> Issue - -@enduml diff --git a/doc/source/images/src/service_architecture.txt b/doc/source/images/src/service_architecture.txt deleted file mode 100644 index 95418ca..0000000 --- a/doc/source/images/src/service_architecture.txt +++ /dev/null @@ -1,36 +0,0 @@ -@startuml - -frame "Rubick" { - [Rubick API] - [Rule engine] - [Config data\nextractor] - [Heat metadata\n plugin] - [SSH metadata\nplugin] - [...] - [Config data\nstore] - () "openstack.model" - folder "Rulesets" { - [healthcheck\nruleset] - [best practices\nruleset] - } -} - -frame "Heat" { - [Heat API] -} - -() Stack - -[Rubick API] -- openstack.model -[Config data\nstore] -- openstack.model -[Heat API] -up-> Stack -Stack -up-> [Heat metadata\n plugin] -[Config data\nextractor] -up- openstack.model -[Rule engine] -- openstack.model -[Config data\nextractor] -- [Heat metadata\n plugin] -[Config data\nextractor] -- [...] -[Config data\nextractor] -- [SSH metadata\nplugin] -[Rule engine] -up- [healthcheck\nruleset] -[Rule engine] -up- [best practices\nruleset] - -@enduml diff --git a/doc/source/openstack_architecture_model.rst b/doc/source/openstack_architecture_model.rst deleted file mode 100644 index d02c6ae..0000000 --- a/doc/source/openstack_architecture_model.rst +++ /dev/null @@ -1,93 +0,0 @@ -Architecture Data Model -======================= - -Overview --------- - -We want to introduce unified data structure which contains all information -necessary to inspect, analyze, describe and visualize OpenStack architecture. - -Architecture data model serves multiple actual and potential use cases. - -Diagnostics -^^^^^^^^^^^ - -Architecture data model provides necessary data for the configuration analysis -and diagnostics tool (**Rubick**). - -Deployment -^^^^^^^^^^ - -Arhictecture data model must include all information necessary to deployment -systems (e.g. **Fuel** or **TripleO**). We will implement simple conversion -tools which will allow to configure these deployment systems and effectively -support 'portable' clouds. - -Benchmarking -^^^^^^^^^^^^ - -This model could be reused by **Rally** project to compare benchmarking -results for different architectures. Definitions of architectures must be -comparable and portable, which is exactly what architecture model aimed to -solve. - -Upgrade -^^^^^^^ - -Upgrade system could potentially utilize the model just in the way the -Deployment systems do. In addition, existing clouds could be inspected and -described for subsequent upgrade using this model. - -Tech Support -^^^^^^^^^^^^ - -The model suits as base for questionaire to assess existing installations for -support contract pricing purposes. - -Hardening -^^^^^^^^^ - -The model could be used to perform automated/guided hardening of OpenStack -architecture and configuration. This is achieved through use of 'best practice' -rulesets for the inspection of cloud. - -Expert system -^^^^^^^^^^^^^ - -The model could be used as a part of production/reactive rules system capable -of automated reporting and handling of operational errors, based on combination -of *base* status of the cloud, logging messages and notifications. - -Data Format ------------ - -This section proposes data model format which allows to describe an OpenStack -installation. The model includes data regarding physical infrastructure, logical -topology of services and mapping between the two. - -Current model of OpenStack architecture used in Rubick is defined in module -``rubick/model.py``. This module contains following classes in hierarchy below: - - OpenStack: - hosts: - - Host: hostname1 - components: - - Service: NovaApiComponent - config: - - key: value - - ... - - Service: KeystoneComponent - config: - - key: value - - ... - - ... - filesystem: - - resource1: FileResource - - resource2: DirectoryResource - - ... - - Host: hostname2 - components: - - ... - filesystem: - - ... - - ... diff --git a/doc/source/openstack_diagnostics_proposal.rst b/doc/source/openstack_diagnostics_proposal.rst deleted file mode 100644 index 5effb3a..0000000 --- a/doc/source/openstack_diagnostics_proposal.rst +++ /dev/null @@ -1,108 +0,0 @@ -============================== -OPENSTACK DIAGNOSTICS PROPOSAL -============================== - -.. contents:: - -Project Name -============ - -**Official:** OpenStack Diagnostics - -**Codename:** Rubick - -OVERVIEW -======== - -The typical OpenStack cloud life cycle consists of 2 phases: - -- initial deployment and -- operation maintenance - -OpenStack cloud operators usually rely on deploymnet tools to configure all the -platform components correctly and efficiently in **initial deployment** phase. -Multiple OpenStack projects cover that area: TripleO/Tuskar, Fuel and Devstack, -to name a few. - -However, once you installed and kicked off the cloud, platform configurations -and operational conditions begin to change. These changes could break -consistency and integration of cloud platform components. Keeping cloud up and -running is the essense of **operation maintenance** phase. - -Cloud operator must quickly and efficiently identify and respond to the root -cause of such failures. To do so, he must check if his OpenStack configuration -is sane and consistent. These checks could be thought of as rules of diagnostic -system. - -There are not many projects in OpenStack ecosystem aimed to increase reliability -and resilience of the cloud at the operation stage. With this proposal we want -to introduce a project which will help operators to diagnose their OpenStack -platform, reduce response time to known and unknown failures and effectively -support the desired SLA. - -Mission -------- - -Diagnostics' mission is to **provide OpenStack cloud operators with tools which -minimize time and effort needed to identify and fix errors in operations -maintenance phase of cloud life cycle.** - -User Stories ------------ - -- As a **cloud operator**, I want to make sure that my OpenStack architecture - and configuration is sane and consistent across all platform components and - services. -- As a **cloud architect**, I want to make sure that my OpenStack architecture - and configuration are compliant to best practices. -- As a **cloud architect**, I need a knowledge base of sanity checks and best - practices for troubleshooting my OpenStack cloud which I can reuse and update - with my own checks and rules. -- As a **cloud operator**, I want to be able to automatically extract - configuration parameters from all OpenStack components to verify their - correctness, consistency and integrity. -- As a **cloud operator**, I want automatic diagnostics tool which can inspect - configuration of my OpenStack cloud and report if it is sane and/or compliant - toc community-defined best practices. -- As a **cloud operator**, I want to be able to define rules used to inspect - and verify configuration of OpenStack components and store them to use for - verification of future configuration changes. - -Roadmap -------- - -Proof of concept implementation - end October 2013. PoC implementation includes: - -#. Open source code in stackforge repository -#. Standalone service with REST API v0.1 -#. Simple SSH-based configuration data extraction -#. Rules engine with grammatic analysis -#. Basic healthcheck ruleset v0.1 with example rules of different types -#. Filesystem-based ruleset store - -PoC scope does not include: - -#. Basic integration with OpenStack Deployment program projects (Tuskar, - TripleO) -#. Extraction of configuration data from Heat metadata -#. Extended ruleset with example best practices -#. Healthcheck ruleset v1.0 -#. Ruleset store back-ends - -Assumptions ------------ - -We assume that we must reuse as much as possible from OpenStack Deployment -program in terms of platform configuration and architecture definitions (i.e. -TripleO Heat and configuration files templates). - -DESIGN -====== - -.. include:: service_architecture.rst - -.. include:: rules_engine.rst - -.. include:: openstack_integration.rst - -.. include:: openstack_architecture_model.rst diff --git a/doc/source/openstack_integration.rst b/doc/source/openstack_integration.rst deleted file mode 100644 index 5ecdb5a..0000000 --- a/doc/source/openstack_integration.rst +++ /dev/null @@ -1,57 +0,0 @@ -Integration with OpenStack -========================== - -Use Case #1. Validate initial configuration -------------------------------------------- - -OpenStack Diagnostics could add value to OpenStack Deployment by providing -on-demand or automated verification of OpenStack configuration created by user -of Deployment tools. - -OpenStack Deployment (TripleO) allows user to manage OpenStack cloud (called -'overcloud' in terms of TripleO) as standard OpenStack environment. This -involves Heat, Nova with baremetal driver (or Ironic service) and Tuskar as a -user interface application, all installed in small 'management' environment -called 'undercloud'. - -When user wants to install 'overcloud', he uses Tuskar UI to configure bare -metal in cluster and set roles for all nodes. Tuskar then creates Heat -Orcestration Template (HOT) which describes overcloud architecture. This -template also contains node-specific configurations of overcloud OpenStack -components as nodes metadata. This template could be used by Diagnostics as a -source of information for analysis. - -Currently (as of Havana release) there is no support for automated creation of -images for overcloud nodes in TripleO. However, once such functionality added to -the project, Diagnostics could fetch base configuration templates for all -overcloud components. Until then, user will have to provide these templates to -Diagnostics service via API. - -Combining node-specific metadata with configuration templates, Diagnostics will -have comprehensive configuration information for the new 'overcloud' and will be -able to match it to ruleset to verify configuration consistency. - -The following diagram illustrates architecture of the described case: - -.. image:: images/openstack_integration_tripleo_arch.png - -The following sequence diagram shows data exchange in dynamic: - -.. image:: images/openstack_integration_tripleo_seq.png - -This diagram shows integration points between OpenStack TripleO (OpenStack on -OpenStack) program and the diagnostics system. Diagnostic system will perform -the following steps: - -* extract initial environment configuration from **metadata services** - of the 'undercloud' (in terms of TripleO). Heat Orchestration Templates for - OpenStack 'overcloud' describe nodes and their roles, as well as configuration - parameters. -* populate an **architecture data model** with actual configuration - parameters from metadata services. -* run **inspections** through the architecture data model by - set of **production rules** defined by user, or selected by user from the list - of all available rules, defined externally. -* report **results of inspection** as a list of rules that were checked with - indication of matched and unmatched rules. For unmatched rules, diagnostics - could give **recommendations and hints**. diff --git a/doc/source/rules_engine.rst b/doc/source/rules_engine.rst deleted file mode 100644 index 9ab2df9..0000000 --- a/doc/source/rules_engine.rst +++ /dev/null @@ -1,96 +0,0 @@ -Production Rules Engine -======================= - -This document describes rule engine used for inspection and diagnostics of -OpenStack configuration. - -Summary -------- - -The consistent configuration across all components is essential to OpenStack -cloud operation. If something is wrong with configuration, you as an operator -will know this immidiately either from monitoring or clients complaining. But -diagnosing the exact problem is always a challenge, given the number of -components and configuration options per component. - -You could think about troubleshooting OpenStack as going through some scenarios -which can be expressed as sets of rules. Your configuration must comply to all -those rules to be operational. On the other hand, if you know rules which your -configuration breaks, you can identify incorrect parameters reliably and easy. -That is how production rule systems and diagnostic systems work. - -Example production rule ------------------------ - -Example production rule for OpenStack system would be:: - - Given (condition_parameter_1) is (value) and - (condition_parameter_2) is (value) - then (check_parameter_1) must be (value) - -Rule-based inspection ---------------------- - -All rule-based inspections are using pre-defined actions written in python, -currently they are defined in "steps.py" file in the directory: -``rubick/inspections/lettuce``. They are based on lettuce framework - -bdd framework for python. - -Store and reuse rules ---------------------- - -First version of Rubick project stores rules to text files and loads them to -memory at runtime. You can add your own rules to the set using web UI, and those -rules can be saved to files for persistence. - -In future versions, we plan to add module which will save rules to database. It -will also support migrating existing rule set to the database. - -You can store your rules wherever you want and add it through the UI or simply -by putting them in text files in directory -``rubick/inspections/lettuce``. -Rules file must have name in the following format:: - - \*.feature - -The main requirement is that all rule conditions and actions in those files must -be written in accordance with code of rule steps in -``ostack-validator/inspections/lettuce/steps.py``. - -Extending rules ---------------- - -Also you can extend rules definition by adding your own steps to steps.py. As -an example:: - - #This decorator is for defining step for using them in the scenario. - @step(r'Nova has "(.+)" equal to "(.*)"') - def nova_has_property(step, name, value): - name = subst(name) - value = subst(value) - - for nova in [c for c in world.openstack.components if - c.name.startswith('nova')]: - if not nova.config[name] == value: - stop() - -New methods can use 2 classes from the inspections framework: -``rubick/model.py`` and ``rubick/common.py``. There you can -find many adapters to OpenStack services configuration data and all additional -information collected from OpenStack nodes. After that you can use you brand -new rule in the scenarios as described above. - -In module ``rubick/common.py`` you can find ``Inspection``, ``Issue``, -``Mark``, ``Error`` and ``Version`` classes for your convenience in rule -defining. Module ``model.py`` contains Openstack model based on configuration -schemas. - -.. image:: images/rules_engine_class_model.png - -Default rule sets ------------------ - -We plan to provide 2 rule sets with Rubick initial version: - -* healthcheck or sanity rule set -* best practices rule set diff --git a/doc/source/service_architecture.rst b/doc/source/service_architecture.rst deleted file mode 100644 index e1711b0..0000000 --- a/doc/source/service_architecture.rst +++ /dev/null @@ -1,24 +0,0 @@ -Design & Architecture -===================== - -This section describes design and architecture of OpenStack Diagnostics (Rubik) -service. - -Service includes the following components: - -* **openstack.model** is an OpenStack architecture model representation. It is a - common format used by components of the system to exchange configuration of - the inspected environment -* **Rubick API** is a web service which implements APIs to rules, inspections - and OpenStack architecture model -* **Rule engine** is a logic which performs inspections on the data model. Rule - engine will have an interface to the ruleset store in future. -* **Config data store** is a storage for architecture models -* **Config data extractor** creates OpenStack model based on data collected from - different sources, implemented as pluggable back-ends -* **Heat metadata plugin** extracts configration metadata from Heat stacks - created by TripleO/Tuskar service -* **SSH metadata plugin** extracts configuration metadata from actual nodes of - OpenStack cloud via secure SSH connection - -.. image:: images/service_architecture.png diff --git a/joker/__init__.py b/joker/__init__.py deleted file mode 100644 index 4fa23c4..0000000 --- a/joker/__init__.py +++ /dev/null @@ -1,110 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -from nodes import Node -import os - -TMP_PATH = "/tmp/joker_%s_%d" - - -class Joker(): - - def __init__(self, default_key, *args, **kwargs): - - self.useKey = False - - self.discoverQueue = [] - self.discoveryResult = [] - self.cleanUp = [] - self.name = "EntryPoint" - self.seenNodes = {} - self.default_key = None - - if (default_key): - try: - with open(default_key) as f: - self.default_key = f.read() - except Exception: - self.default_key = default_key - - self.useKey = True - - # keys temporary files - - def __del__(self): - for filePath in self.cleanUp: - if os.path.exists(filePath): - os.remove(filePath) - - def addNode(self, name, host, port=22, user='root', password=None): - - node = Node(name, host, port) - node.assignCredential(user, self.default_key, password) - - self.discoverQueue.append(node) - - if (self.useKey): - self.cleanUp.append(node.keyPath) - - return node - - def addResult(self, hostname, ip, user, key, proxyCommand=None, port=22): - return self.discoveryResult.append( - self.dkOutput(hostname, ip, user, key, proxyCommand, port)) - - def dkOutput(self, hostname, ip, user, key, proxyCommand=None, port=22): - return { - "name": hostname, - "ip": ip, - "user": user, - "key": key, - "port": port, - "proxy_command": proxyCommand - } - - def discover(self): - - while self.discoverQueue: - point = self.discoverQueue.pop() - - nodes = point.discover() - - # this host can't be discovered by ssh method - if nodes is None: - continue - - self.addResult( - hostname=point.hostName, ip=point.hostName, user=point.user, - key=point.origKey, proxyCommand=point.proxyCommandTxt, - port=point.accessPort) - - # merge already seen nodes with new discovered nodes - self.seenNodes = dict(self.seenNodes.items() + point.link.items()) - - for node in nodes: - if node['hwAddr'] not in self.seenNodes: - # add to discovering queue - newNode = self.addNode( - name=node['ip'], - host=node['ip'], - user=point.user) - - # new node connection channel working through master node - newNode.setProxyCommand( - point.hostName, - point.accessPort, - point.user, - point.keyPath - ) - - return self.discoveryResult diff --git a/joker/nodes.py b/joker/nodes.py deleted file mode 100644 index 0d7698d..0000000 --- a/joker/nodes.py +++ /dev/null @@ -1,203 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -import paramiko - -import os -from paramiko.dsskey import DSSKey -from paramiko.rsakey import RSAKey -from six import StringIO -import stat - -TMP_KEY_PATH = "/tmp/joker_%s_%d" - - -class Node(): - - def __init__(self, name, ip, port): - - self.ssh = paramiko.SSHClient() - self.ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) - self.setHostName(ip) - self.setName(name) - self.setAccessPort(port) - self.connected = False - - self.neighbours = [] - self.debug = True - - self.proxyCommandTxt = self.proxyCommand = None - self.link = None - - self.origKey = self._pkey = None - self.keyPath = TMP_KEY_PATH % (name, os.getpid()) - - def dumpKey(self, path, key): - if (key): - f = open(path, "w", stat.S_IRUSR | stat.S_IWUSR) - f.write(key) - f.close() - - # def __del__(self): - # print "Del %s" % self.keyPath - # if os.path.exists(self.keyPath): - # print "Remove %s" % self.keyPath - # os.remove(self.keyPath) - - def proxyCommandGen(self, masterHost, masterPort, masterUser, - masterKeyfile): - return "ssh -i %s -o StrictHostChecking=no -p%d %s@%s nc -q0 %s %d" % ( - masterKeyfile, masterPort, masterUser, masterHost, - self.hostName, self.accessPort) - - def discoverHwAddr(self): - try: - (stdout, stderr) = self.runCommand( - "ip addr | grep -A2 BROADCAST,MULTICAST,UP,LOWER_UP | " - "awk '/link\/ether/ {ether=$2} /inet/ {print $2 \" \" ether}'") - - except Exception: - raise () - - macDict = {} - - for line in stdout: - (ip, hwAddr) = line.strip().split(" ") - macDict[hwAddr] = ip - - return macDict - - def setUniqData(self): - self.link = self.discoverHwAddr() - - def getUniqData(self): - return self.link - - def debugLog(self, debugData): - if self.debug is True: - print debugData - - def prepare(self): - # install arp-scan on node - try: - self.runCommand( - "[ ! -x arp-scan ] && sudo apt-get --force-yes -y install " - "arp-scan") - except Exception: - raise () - self.setUniqData() - - return True - - def infect(self): - # infect node - return True - - def setName(self, name): - self.name = name - - def setHostName(self, hostname): - self.hostName = hostname - - def setAccessPort(self, port): - self.accessPort = port - - def assignKey(self, key): - self.origKey = key - # dump key to file - self.dumpKey(self.keyPath, self.origKey) - - try: - self._pkey = RSAKey.from_private_key(StringIO(self.origKey)) - except paramiko.SSHException: - try: - self._pkey = DSSKey.from_private_key(StringIO(self.origKey)) - except paramiko.SSHException: - raise "Unknown private key format" - - def assignCredential(self, user, key, password=None): - self.user = user - self.password = password - - if (key): - self.assignKey(key) - - def setProxyCommand(self, masterHost, masterPort, masterUser, - masterKeyfile): - self.proxyCommandTxt = self.proxyCommandGen( - masterHost, masterPort, masterUser, masterKeyfile) - self.proxyCommand = paramiko.ProxyCommand(self.proxyCommandTxt) - - def connect(self): - - if self.connected is True: - raise AssertionError(self.connected is True) - - try: - - self.ssh.connect(self.hostName, self.accessPort, self.user, - pkey=self._pkey, sock=self.proxyCommand, - timeout=5, password=self.password) - - self.connected = True - return True - - except paramiko.BadHostKeyException as e: - print "Host key could not be verified: ", e - return False - except paramiko.AuthenticationException as e: - print "Error unable to authenticate: ", e - return False - except paramiko.SSHException as e: - return False - except EOFError as e: - return False - - def runCommand(self, command): - if (command == ""): - AssertionError(command == "") - - if self.connected is False: - self.connect() - - self.debugLog("---> " + self.hostName + " " + command) - stdin, stdout, stderr = self.ssh.exec_command(command) - self.debugLog("OK " + self.hostName + " " + command) - - return (stdout.readlines(), stderr.readlines()) - - def __discover__(self): - - (data, _) = self.runCommand( - "(test -x arp-scan && ip link |\ - awk -F: '/^[0-9]+?: eth/ {print $2}' |\ - sudo xargs -I% arp-scan -l -I % 2>&1 | grep -E '^[0-9]+?\.';\ - arp -an | awk -F\" \" '{ gsub(\"[^0-9\\.]\", \"\", $2);\ - printf(\"%s\\t%s\\t%s\\n\", $2, $4, $7)}'\ - )") - - for line in data: - (ip, hwAddr, _) = line.strip().split("\t") - self.neighbours.append({"hwAddr": hwAddr, "ip": ip}) - self.debugLog("%s -> %s" % (self.hostName, ip)) - - return self.neighbours - - def discover(self): - - if self.connect() is False: - return None - - self.prepare() - - return self.__discover__() diff --git a/joker/ssh.py b/joker/ssh.py deleted file mode 100644 index 22edb8b..0000000 --- a/joker/ssh.py +++ /dev/null @@ -1,124 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -from os import environ -#import shlex -#import subprocess - - -class JokerSecureShell(): - - def __init__(self, hostName): - self.tempDir = "/tmp" - - # TODO(metacoma): implement password authentication scheme - self.credentials = { - "user": None, - "host": None, - "port": 22, - "key": None, - } - - self.options = { - "proxyCommand": None, - "StrictHostKeyChecking": "no" - } - - self.haveMasterSocket = False - self.masterSocketPid = None - - # FIXME use inspect.stack()[0][3] ? - @property - def host(self): - print "called host getter" - return self.credentials['host'] - - @host.setter - def host(self, value): - print "called host setter" - self.credentials['host'] = value - - @property - def user(self): - if self.credentials['user']: - return self.credentials['user'] - else: - return environ['USER'] - - @user.setter - def user(self, value): - self.credentials.user = value - - @property - def key(self): - assert self.credentials['key'] is not None, \ - "Keyfile for %s@%s:%d not present" \ - % (self.user, self.host, self.port) - return self.credentials['key'] - - @key.setter - def key(self, value): - self.credentials['key'] = value - - @property - def port(self): - return self.credentials['port'] - - @port.setter - def port(self, value): - self.credentials.port = value - - @property - def proxyCommand(self): - return self.credentials.proxyCommand - - @proxyCommand.setter - def proxyCommand(self, value): - self.credentials.proxyCommand = value - - @property - def masterSocketPath(self): - return "%s/%s:%d" % (self.tempDir, self.host, self.port) - - @property - def sshOptions(self): - r = "" - - # compile ssh options in one string - - for i in self.options: - if self.options[i] is not None: - r = r + ('-o %s=%s' % (i, self.options[i])) - - return r - - def createMasterSocket(self): - self.haveMasterSocket = True - - # XXX we support only keys without password encryption - #cmd = "ssh -i %s -p %d %s -M -S %s %s@%s" \ - # % (self.key, self.port, self.sshOptions, - # self.masterSocketPath, self.user, self.host) - - # subprocess.Popen(shlex.split(cmd)) - - def call(self, destinationCmd): - if (not self.haveMasterSocket): - self.createMasterSocket() - - #cmd = "ssh %s %s" % (self.host, destinationCmd) - - #stdout = stderr = None - - # exitCode = subprocess.call(shlex.split(destinationCmd), \ - # stdout = stdout, stderr = stderr) diff --git a/joker_test.py b/joker_test.py deleted file mode 100644 index f5043f0..0000000 --- a/joker_test.py +++ /dev/null @@ -1,43 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -import argparse -from joker import Joker -import sys - - -def arg_parse(): - p = argparse.ArgumentParser(description='Joker cli interface') - p.add_argument('-i', '--identity', help='Path to identity file', - default=None) - p.add_argument('-H', '--host', help='destination host') - p.add_argument('-p', '--port', help='destination port', default=22, - type=int) - p.add_argument('-u', '--user', help='username', default="root") - p.add_argument('-P', '--password', help='username', default=None) - return p.parse_args() - - -def main(): - args = arg_parse() - - print args - - j = Joker(args.identity) - j.addNode("EntryPoint", args.host, args.port, args.user, args.password) - - print j.discover() - - -if __name__ == '__main__': - sys.exit(main()) diff --git a/openstack-configuration.txt b/openstack-configuration.txt deleted file mode 100644 index 0260344..0000000 --- a/openstack-configuration.txt +++ /dev/null @@ -1,252 +0,0 @@ -= Configutation -== keystone (identity) - -* MySQL database exists -* MySQL user exists and has proper permissions for keystone database -* /etc/keystone/keystone.conf: - * contains proper 'connection' setting - * 'admin_token' ??? -* Keystone certificates exists (what config options control other communication methods?) -* /etc/keystone/* has user and group set to keystone user - -== glance (image) - -* /var/lib/glance/glance.sqlite -* MySQL database exists -* MySQL user exists and has proper permissions for glance database -* /etc/glance/glance-api.conf: - [keystone_authtoken] - auth_host = ... - auth_port = ... - auth_protocol = http - admin_tenant_name = service - admin_user = glance - admin_password = glance - - [paste_deploy] - config_file = /etc/glance/glance-api-paste.ini - - flavor = keystone - - * sql_connection = mysql://glance:glance-password@/glance - -* /etc/glance/glance-registry.conf: - [keystone_authtoken] - auth_host = ... - auth_port = ... - auth_protocol = http - admin_tenant_name = service - admin_user = glance - admin_password = glance - - [paste_deploy] - config_file = /etc/glance/glance-registry-paste.ini - - flavor = keystone - -* /etc/glance/glance-registry-paste.ini: - # Use this pipeline for keystone auth - [pipeline:glance-registry-keystone] - pipeline = authtoken context registryapp - - * sql_connection = mysql://glance:glance-password@/glance - -= nova (compute) - -* Enabling KVM: - - /etc/nova/nova.conf: - - compute_driver = libvirt.LibvirtDriver - libvirt_type = kvm - - * Check for supported CPU features: - - egrep '(vmx|svm)' --color=always /proc/cpuinfo - - output: - - flags : fpu vme de pse tsc msr pae mce ... - - - lsmod | grep kvm - -* Enabling QEMU - - /etc/nova/nova.conf: - - compute_driver=libvirt.LibvirtDriver - libvirt_type=qemu - -* Enabling Xen: - - /etc/nova/nova.conf: - - compute_driver=xenapi.XenAPIDriver - xenapi_connection_url=http://your_xenapi_management_ip_address - xenapi_connection_username=root - xenapi_connection_password=your_password - - or - - compute_driver=libvirt.LibvirtDriver - libvirt_type=xen - -* Network configuration - * Network interface in promiscuous mode - - ip link set eth0 promisc on - - * /etc/qppid.conf has "auth=no" - * SELinux in permissive mode - - sudo setenforce permissive - -* MySQL - * Database exists - * User exists and has proper permissions to access nova database -* PostgreSQL - * Database exists - * User exists and has proper permissions to access nova database - * /etc/nova/nova.conf has sql_connection=postgres://novadbadmin:[[YOUR_NOVADB_PASSWORD]]@127.0.0.1/nova - -== cinder (block storage) - * /etc/cinder/api-paste.ini: - - [filter:authtoken] - paste.filter_factory = keystone.middleware.auth_token:filter_factory - service_protocol = http - service_host = 10.211.55.20 - service_port = 5000 - auth_host = 10.211.55.20 - auth_port = 35357 - auth_protocol = http - admin_tenant_name = service - admin_user = cinder - admin_password = openstack - - * /etc/cinder/cinder.conf: - - [DEFAULT] - rootwrap_config=/etc/cinder/rootwrap.conf - sql_connection = mysql://cinder:openstack@192.168.127.130/cinder - api_paste_config = /etc/cinder/api-paste.ini - - iscsi_helper=tgtadm - volume_name_template = volume-%s - volume_group = cinder-volumes - verbose = True - auth_strategy = keystone - #osapi_volume_listen_port=5900 - - * If RabbitMQ: - - rabbit_host = 10.10.10.10 - rabbit_port = 5672 - rabbit_userid = rabbit - rabbit_password = secure_password - rabbit_virtual_host = /nova - - * If Qpid: - - qpid_hostname=192.168.206.130 - - * /etc/nova/nova.conf: - - volume_api_class=nova.volume.cinder.API - - -(continue from http://docs.openstack.org/grizzly/openstack-compute/install/yum/content/compute-minimum-configuration-settings.html) - - * Ensure user 'nova' exists, group 'nova' exists, user 'nova' belongs to group 'nova' - * Ensure that '/etc/nova' has 'nova:nova' owners. - * Ensure that '/etc/nova/nova.conf' has 'root:nova' owners and 0640 permissions. - - * Minimal /etc/nova/nova.conf: - - auth_strategy=keystone - network_manager=nova.network.manager.FlatDHCPManager - fixed_range=192.168.100.0/24 - public_interface=eth0 - flat_interface=eth0 - flat_network_bridge=br100 - - * Sample /etc/nova/nova.conf: - - [DEFAULT] - - # LOGS/STATE - verbose=True - logdir=/var/log/nova - state_path=/var/lib/nova - lock_path=/var/lock/nova - rootwrap_config=/etc/nova/rootwrap.conf - - # SCHEDULER - compute_scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler - - # VOLUMES - volume_api_class=nova.volume.cinder.API - volume_driver=nova.volume.driver.ISCSIDriver - volume_group=cinder-volumes - volume_name_template=volume-%s - iscsi_helper=tgtadm - - # DATABASE - sql_connection=mysql://nova:yourpassword@192.168.206.130/nova - - # COMPUTE - libvirt_type=qemu - compute_driver=libvirt.LibvirtDriver - instance_name_template=instance-%08x - api_paste_config=/etc/nova/api-paste.ini - - # COMPUTE/APIS: if you have separate configs for separate services - # this flag is required for both nova-api and nova-compute - allow_resize_to_same_host=True - - # APIS - osapi_compute_extension=nova.api.openstack.compute.contrib.standard_extensions - ec2_dmz_host=192.168.206.130 - s3_host=192.168.206.130 - enabled_apis=ec2,osapi_compute,metadata - - # QPID - qpid_hostname=192.168.206.130 - - # GLANCE - image_service=nova.image.glance.GlanceImageService - glance_api_servers=192.168.206.130:9292 - - # NETWORK - network_manager=nova.network.manager.FlatDHCPManager - force_dhcp_release=True - dhcpbridge_flagfile=/etc/nova/nova.conf - firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver - # Change my_ip to match each host - my_ip=192.168.206.130 - public_interface=eth100 - vlan_interface=eth0 - flat_network_bridge=br100 - flat_interface=eth0 - fixed_range=192.168.100.0/24 - - # NOVNC CONSOLE - novncproxy_base_url=http://192.168.206.130:6080/vnc_auto.html - # Change vncserver_proxyclient_address and vncserver_listen to match each compute host - vncserver_proxyclient_address=192.168.206.130 - vncserver_listen=192.168.206.130 - - # AUTHENTICATION - auth_strategy=keystone - [keystone_authtoken] - auth_host = 127.0.0.1 - auth_port = 35357 - auth_protocol = http - admin_tenant_name = service - admin_user = nova - admin_password = nova - signing_dirname = /tmp/keystone-signing-nova - - * 'nova-manage version' to find out version of nova. The output will be something like '2013.1'. - diff --git a/requirements.txt b/requirements.txt deleted file mode 100644 index cf5c70b..0000000 --- a/requirements.txt +++ /dev/null @@ -1,13 +0,0 @@ -spur==0.3.5 -WTForms-JSON>=0.2.2 -gunicorn==18.0 -honcho==0.4.2 -jinja2==2.7 -lettuce>=0.2.19 -pymongo==2.6.1 -https://bitbucket.org/jstasiak/recordtype/get/default.tar.gz -paramiko==1.11.0 -oslo.config==1.2.1 -requests==1.2.0 -PyYAML==3.10 -six>=1.4.1 diff --git a/rubick/__init__.py b/rubick/__init__.py deleted file mode 100644 index 1aec8c1..0000000 --- a/rubick/__init__.py +++ /dev/null @@ -1,5 +0,0 @@ - -if __name__ == '__main__': - from rubick.main import main - import sys - main(sys.argv[1:]) diff --git a/rubick/common.py b/rubick/common.py deleted file mode 100644 index f24cf08..0000000 --- a/rubick/common.py +++ /dev/null @@ -1,261 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -import copy -import os.path - -from recordtype import recordtype - - -def find(l, predicate): - results = [x for x in l if predicate(x)] - return results[0] if len(results) > 0 else None - - -def index(l, predicate): - i = 0 - while i < len(l): - if predicate(l[i]): - return i - i += 1 - return -1 - - -def all_subclasses(klass): - subclasses = klass.__subclasses__() - for d in list(subclasses): - subclasses.extend(all_subclasses(d)) - return subclasses - - -def path_relative_to(path, base_path): - if not path.startswith('/'): - path = os.path.join(base_path, path) - - return path - - -class Version: - - def __init__(self, major, minor=0, maintenance=0): - "Create Version object by either passing 3 integers," - "one string or an another Version object" - if isinstance(major, str): - self.parts = [int(x) for x in major.split('.', 3)] - while len(self.parts) < 3: - self.parts.append(0) - - elif isinstance(major, Version): - self.parts = major.parts - else: - self.parts = [int(major), int(minor), int(maintenance)] - - @property - def major(self): - return self.parts[0] - - @major.setter - def major(self, value): - self.parts[0] = int(value) - - @property - def minor(self): - return self.parts[1] - - @minor.setter - def minor(self, value): - self.parts[1] = int(value) - - @property - def maintenance(self): - return self.parts[2] - - @maintenance.setter - def maintenance(self, value): - self.parts[2] = value - - def __str__(self): - return '.'.join([str(p) for p in self.parts]) - - def __repr__(self): - return '' % str(self) - - def __cmp__(self, other): - for i in range(0, 3): - x = self.parts[i] - other.parts[i] - if x != 0: - return -1 if x < 0 else 1 - return 0 - - def __lt__(self, other): - for i in range(0, 3): - x = self.parts[i] - other.parts[i] - if x != 0: - return True if x < 0 else False - return False - - def __le__(self, other): - for i in range(0, 3): - x = self.parts[i] - other.parts[i] - if x != 0: - return True if x < 0 else False - return True - - def __ne__(self, other): - for i in range(0, 3): - x = self.parts[i] - other.parts[i] - if x != 0: - return True - return False - - def __eq__(self, other): - for i in range(0, 3): - x = self.parts[i] - other.parts[i] - if x != 0: - return False - return True - - -class Mark(object): - - def __init__(self, source, line=0, column=0): - self.source = source - self.line = line - self.column = column - - def __eq__(self, other): - return ( - (self.source == other.source) and - (self.line == other.line) and - (self.column == other.column) - ) - - def __ne__(self, other): - return not self == other - - def merge(self, other): - return ( - Mark( - self.source, - self.line + - other.line, - self.column + - other.column) - ) - - def __repr__(self): - return '%s line %d column %d' % (self.source, self.line, self.column) - - -class Error: - - def __init__(self, message): - self.message = message - - def __repr__(self): - return ( - '<%s "%s">' % ( - str(self.__class__).split('.')[-1][:-2], - self.message) - ) - - def __str__(self): - return self.message - - -class Issue(object): - FATAL = 'FATAL' - ERROR = 'ERROR' - WARNING = 'WARNING' - INFO = 'INFO' - - def __init__(self, type, message): - self.type = type - self.message = message - - def __eq__(self, other): - if not isinstance(other, Issue): - return False - - return self.type == other.type and self.message == other.message - - def __ne__(self, other): - return not self == other - - def __repr__(self): - return ( - '<%s type=%s message=%s>' % ( - str(self.__class__).split('.')[-1][:-2], - self.type, - self.message) - ) - - def __str__(self): - return '[%s] %s' % (self.type, self.message) - - -class MarkedIssue(Issue): - - def __init__(self, type, message, mark): - super(MarkedIssue, self).__init__(type, message) - self.mark = mark - - def offset_by(self, base_mark): - other = copy.copy(self) - other.mark = base_mark.merge(self.mark) - return other - - def __eq__(self, other): - if not isinstance(other, MarkedIssue): - return False - - return super(MarkedIssue, self).__eq__(other) and self.mark == other.mark - - def __ne__(self, other): - return not self == other - - def __repr__(self): - return ( - '<%s type=%s message=%s mark=%s>' % ( - str(self.__class__).split('.')[-1][:-2], - self.type, - self.message, - self.mark) - ) - - def __str__(self): - return ( - super(MarkedIssue, self).__str__() + - (' (source "%s" line %d column %d)' % - (self.mark.source, self.mark.line + 1, self.mark.column + 1)) - ) - - -Rule = recordtype('Rule', ['name', 'description']) - - -class Inspection(object): - - @classmethod - def all_inspections(klass): - return [c for c in all_subclasses(klass)] - - @classmethod - def rules(klass): - if hasattr(klass, 'name') and hasattr(klass, 'description'): - return [Rule(klass.name, klass.description)] - else: - return [] - - def inspect(self, openstack): - pass diff --git a/rubick/config_formats/__init__.py b/rubick/config_formats/__init__.py deleted file mode 100644 index 4c70887..0000000 --- a/rubick/config_formats/__init__.py +++ /dev/null @@ -1 +0,0 @@ -from rubick.config_formats.ini import IniConfigParser # noqa diff --git a/rubick/config_formats/common.py b/rubick/config_formats/common.py deleted file mode 100644 index 2d4849c..0000000 --- a/rubick/config_formats/common.py +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -from rubick.common import Issue, MarkedIssue - - -class ParseError(MarkedIssue): - - def __init__(self, message, mark): - super(ParseError, self).__init__(Issue.ERROR, message, mark) diff --git a/rubick/config_formats/ini.py b/rubick/config_formats/ini.py deleted file mode 100644 index 6362e37..0000000 --- a/rubick/config_formats/ini.py +++ /dev/null @@ -1,177 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -import re - -from six import StringIO - -from rubick.common import Mark -from rubick.config_model import ComponentConfig, ConfigSection, \ - ConfigSectionName, ConfigParameter, ConfigParameterName, \ - ConfigParameterValue, TextElement -from rubick.config_formats.common import ParseError - - -class IniConfigParser: - key_value_re = re.compile("^(\S+?)\s*([:=])\s*('.*'|\".*\"|.*)\s*$") - - def parse(self, name, base_mark, io): - if not hasattr(io, 'readlines'): - io = StringIO(io) - - def mark(line, column=0): - return base_mark.merge(Mark('', line, column)) - - errors = [] - current_section_name = ConfigSectionName(mark(0), mark(0), '') - current_param_name = None - current_param_value = None - current_param_delimiter = None - sections = [] - parameters = [] - - line_number = -1 - for line in io.readlines(): - line = line.rstrip() - - line_number += 1 - - if current_param_name \ - and (current_param_value.quotechar - or (line == '' or not line[0].isspace())): - param = ConfigParameter( - current_param_name.start_mark, - current_param_value.end_mark, - current_param_name, - current_param_value, - current_param_delimiter) - parameters.append(param) - - current_param_name = None - current_param_value = None - current_param_delimiter = None - - if line == '': - continue - - if line[0] in '#;': - continue - - if line[0].isspace(): - if current_param_name: - current_param_value.end_mark = mark(line_number, len(line)) - current_param_value.text += line.lstrip() - continue - else: - errors.append( - ParseError('Unexpected multiline value continuation', - mark(line_number))) - continue - - if line[0] == '[': - end_index = line.find(']') - if end_index == -1: - errors.append( - ParseError('Unclosed section', mark(line_number, - len(line)))) - - end_index = len(line) - while line[end_index - 1].isspace(): - end_index -= 1 - if end_index <= 1: - errors.append( - ParseError('Missing section name', - mark(line_number))) - continue - else: - i = end_index + 1 - while i < len(line): - if not line[i].isspace(): - errors.append( - ParseError('Extra chars after section name', - mark(line_number, i))) - break - i += 1 - - if current_section_name.text != '' or len(parameters) > 0: - section = ConfigSection( - current_section_name.start_mark, - mark(line_number), - current_section_name, - parameters) - sections.append(section) - parameters = [] - - current_section_name = ConfigSectionName( - mark(line_number, 0), - mark(line_number, end_index), - line[1:end_index] - ) - else: - m = self.key_value_re.match(line) - if m: - current_param_name = ConfigParameterName( - mark(line_number, m.start(1)), - mark(line_number, m.end(1)), - m.group(1) - ) - current_param_delimiter = TextElement( - mark(line_number, m.start(2)), - mark(line_number, m.end(2)), - m.group(2) - ) - - # Unquote value - value = m.group(3) - quotechar = None - if len(value) > 0 and (value[0] == value[-1] - and value[0] in "\"'"): - quotechar = value[0] - value = value[1:-1] - - current_param_value = ConfigParameterValue( - mark(line_number, m.start(3)), - mark(line_number, m.end(3)), - value, - quotechar=quotechar - ) - else: - errors.append( - ParseError('Syntax error in line "%s"' % - line, mark(line_number))) - - if current_param_name: - param = ConfigParameter( - current_param_name.start_mark, - current_param_value.end_mark, - current_param_name, - current_param_value, - current_param_delimiter) - parameters.append(param) - - if current_section_name.text != '' or len(parameters) > 0: - section = ConfigSection( - current_section_name.start_mark, - mark(line_number), - current_section_name, - parameters) - sections.append(section) - parameters = [] - - end_mark = base_mark - if len(sections) > 0: - end_mark = base_mark.merge(sections[-1].end_mark) - - config = ComponentConfig(base_mark, end_mark, name, sections, errors) - - return config diff --git a/rubick/config_formats/test_ini.py b/rubick/config_formats/test_ini.py deleted file mode 100644 index c069e1c..0000000 --- a/rubick/config_formats/test_ini.py +++ /dev/null @@ -1,248 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -import unittest - -from six import StringIO - -from rubick.common import Mark -from rubick.config_formats.ini import IniConfigParser - - -class IniConfigParserTests(unittest.TestCase): - - def setUp(self): - self.parser = IniConfigParser() - - def _strip_margin(self, content): - lines = content.split("\n") - if lines[0] == '' and lines[-1].strip() == '': - lines = lines[1:-1] - first_line = lines[0] - margin_size = 0 - while margin_size < len(first_line) \ - and first_line[margin_size].isspace(): - margin_size += 1 - - stripped_lines = [line[margin_size:] for line in lines] - - return "\n".join(stripped_lines) - - def parse(self, content, margin=False): - if margin: - content = self._strip_margin(content) - - return self.parser.parse('test.conf', Mark(''), content) - - def test_parsing(self): - config = self.parse("param1 = value1") - - self.assertEqual(0, len(config.errors)) - - self.assertParameter( - 'param1', - 'value1', - config.sections[0].parameters[0]) - self.assertEqual(1, len(config.sections[0].parameters)) - - def test_colon_as_delimiter(self): - c = self.parse('param1 : value1') - - self.assertEqual(0, len(c.errors)) - self.assertParameter('param1', 'value1', c.sections[0].parameters[0]) - - def test_use_colon_delimiter_if_it_comes_before_equals_sign(self): - c = self.parse('param1: value=123') - self.assertEqual(0, len(c.errors)) - self.assertParameter( - 'param1', - 'value=123', - c.sections[0].parameters[0]) - - def test_use_equals_delimiter_if_it_comes_before_colon(self): - c = self.parse('param1=value:123') - self.assertEqual(0, len(c.errors)) - self.assertParameter( - 'param1', - 'value:123', - c.sections[0].parameters[0]) - - def test_wrapping_value_with_single_quotes(self): - c = self.parse("param = 'foo bar'") - - self.assertEqual(0, len(c.errors)) - self.assertParameter('param', 'foo bar', c.sections[0].parameters[0]) - self.assertEqual("'", c.sections[0].parameters[0].value.quotechar) - - def test_wrapping_value_with_single_quotes_and_trailing_whitespace(self): - c = self.parse("param = 'foo bar' ") - - self.assertEqual(0, len(c.errors)) - self.assertParameter('param', 'foo bar', c.sections[0].parameters[0]) - - def test_wrapping_value_with_double_quotes(self): - c = self.parse("param = \"foo bar\"") - - self.assertEqual(0, len(c.errors)) - self.assertParameter('param', 'foo bar', c.sections[0].parameters[0]) - self.assertEqual('"', c.sections[0].parameters[0].value.quotechar) - - def test_wrapping_value_with_double_quotes_and_trailing_whitespace(self): - c = self.parse("param = \"foo bar\" ") - - self.assertEqual(0, len(c.errors)) - self.assertParameter('param', 'foo bar', c.sections[0].parameters[0]) - - def test_parsing_iolike_source(self): - c = self.parse(StringIO("param1 = value1")) - - self.assertEqual(0, len(c.errors)) - - self.assertParameter('param1', 'value1', c.sections[0].parameters[0]) - self.assertEqual(1, len(c.sections[0].parameters)) - - def test_default_section_name(self): - c = self.parse("param1 = value1") - - self.assertEqual('', c.sections[0].name.text) - - def test_parsing_with_section(self): - c = self.parse(""" - [section1] - param1 = value1 - """, margin=True) - - self.assertEqual(0, len(c.errors)) - self.assertEqual('section1', c.sections[0].name.text) - self.assertEqual(1, len(c.sections[0].parameters)) - - def test_parsing_with_same_section(self): - c = self.parse(""" - [section1] - param1 = value1 - param2 = value2 - """, margin=True) - - self.assertEqual(0, len(c.errors)) - self.assertEqual(2, len(c.sections[0].parameters)) - - def test_parsing_with_different_sections(self): - c = self.parse(""" - [section1] - param1 = value1 - [section2] - param2 = value2 - """, margin=True) - - self.assertEqual(0, len(c.errors)) - - self.assertEqual('section1', c.sections[0].name.text) - self.assertParameter('param1', 'value1', c.sections[0].parameters[0]) - self.assertEqual(1, len(c.sections[0].parameters)) - self.assertEqual('section2', c.sections[1].name.text) - self.assertParameter('param2', 'value2', c.sections[1].parameters[0]) - self.assertEqual(1, len(c.sections[1].parameters)) - - def test_whole_line_comments_starting_with_hash(self): - c = self.parse("#param=value") - self.assertEqual(0, len(c.errors)) - self.assertEqual(0, len(c.sections)) - - def test_whole_line_comments_starting_with_semicolon(self): - c = self.parse(";param=value") - self.assertEqual(0, len(c.errors)) - self.assertEqual(0, len(c.sections)) - - def test_hash_in_value_is_part_of_the_value(self): - c = self.parse("param=value#123") - self.assertEqual(0, len(c.errors)) - self.assertParameter("param", "value#123", c.sections[0].parameters[0]) - - def test_multiline_value(self): - c = self.parse(""" - param1 = line1 - line2 - """, margin=True) - - self.assertEqual(0, len(c.errors)) - self.assertParameter( - 'param1', - 'line1line2', - c.sections[0].parameters[0]) - - def test_multiline_value_finished_by_other_parameter(self): - c = self.parse(""" - param1 = foo - bar - param2 = baz - """, margin=True) - - self.assertEqual(0, len(c.errors)) - self.assertParameter('param1', 'foobar', c.sections[0].parameters[0]) - - def test_multiline_value_finished_by_empty_line(self): - c = self.parse(""" - param1 = foo - bar - - param2 = baz - """, margin=True) - - self.assertEqual(0, len(c.errors)) - self.assertParameter('param1', 'foobar', c.sections[0].parameters[0]) - - def test_unclosed_section_causes_error(self): - c = self.parse("[section1\nparam1=123") - self.assertEqual(1, len(c.errors)) - - def test_missing_equals_sign_or_colon_causes_error(self): - c = self.parse("param1 value1") - self.assertEqual(1, len(c.errors)) - - def test_spaces_in_key_causes_error(self): - c = self.parse("param 1 = value1") - self.assertEqual(1, len(c.errors)) - - def test_returning_multiple_errors(self): - c = self.parse("[unclosed section\npararm 1 = value1") - self.assertEqual(2, len(c.errors)) - - def test_errors_doesnt_affect_valid_parameters(self): - c = self.parse('param1 value1\nparam2 = value2') - self.assertEqual(1, len(c.errors)) - self.assertParameter('param2', 'value2', c.sections[0].parameters[0]) - - def _getattr(self, o, name): - if name.find('.') != -1: - parts = name.split('.') - o = getattr(o, parts[0]) - if o is None: - return None - return self._getattr(o, '.'.join(parts[1:])) - else: - return getattr(o, name) - - def assertAttributes(self, attribute_values, subject): - for attr, expected in attribute_values.items(): - actual = self._getattr(subject, attr) - self.assertEqual( - expected, actual, - "%s expected to have %s = %s, but the value was %s" % - (subject, attr, expected, actual)) - - def assertParameter(self, name, value, o): - self.assertAttributes({'name.text': name, 'value.text': value}, o) - - -if __name__ == '__main__': - unittest.main() diff --git a/rubick/config_model.py b/rubick/config_model.py deleted file mode 100644 index 9efab21..0000000 --- a/rubick/config_model.py +++ /dev/null @@ -1,390 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -import string - -from rubick.schema import TypeValidatorRegistry, InvalidValueError - - -class ConfigurationSection(object): - - def __init__(self, config, section): - super(ConfigurationSection, self).__init__() - self.config = config - self.section = section - - def _combine_names(self, section, param): - if section == 'DEFAULT': - return param - - return '%s.%s' % (section, param) - - def get(self, name, *args, **kwargs): - return self.config.get( - self._combine_names(self.section, name), *args, **kwargs) - - def set(self, name, *args, **kwargs): - self.config.set( - self._combine_names(self.section, name), *args, **kwargs) - - def set_default(self, name, *args, **kwargs): - self.config.set_default( - self._combine_names(self.section, name), *args, **kwargs) - - def set_cli(self, name, *args, **kwargs): - self.config.set_cli( - self._combine_names(self.section, name), *args, **kwargs) - - def set_env(self, name, *args, **kwargs): - self.config.set_env( - self._combine_names(self.section, name), *args, **kwargs) - - def contains(self, name, *args, **kwargs): - return self.config.contains( - self._combine_names(self.section, name), *args, **kwargs) - - def is_default(self, name, *args, **kwargs): - return self.config.is_default( - self._combine_names(self.section, name), *args, **kwargs) - - def __getitem__(self, key): - return self.config.get(self._combine_names(self.section, key)) - - def __setitem__(self, key, value): - return self.config.set(self._combine_names(self.section, key), value) - - def __contains__(self, key): - return self.config.contains(self._combine_names(self.section, key)) - - def keys(self): - return self.config.keys(self.section) - - def items(self, *args, **kwargs): - return self.config.items(self.section, *args, **kwargs) - - -class ConfigurationWrapper(object): - - def __init__(self, config, state): - super(ConfigurationWrapper, self).__init__() - self.config = config - self.state = state - - def __getitem__(self, key): - if key in self.state: - return '' - - return self.config.get(key, _state=self.state) - - -class Configuration(object): - - def __init__(self, schema=None): - super(Configuration, self).__init__() - self._defaults = dict() - self._normal = dict() - self._cli = dict() - self._env = dict() - self._cache = dict() - self.schema = schema - - def _normalize_name(self, name): - if name.find('.') == -1: - section = 'DEFAULT' - else: - section, name = name.split('.', 1) - - return (section, name) - - def _combine_names(self, section, param): - if section == 'DEFAULT': - return param - - return '%s.%s' % (section, param) - - def get(self, fullname, default=None, raw=False, _state=[]): - if not raw and fullname in self._cache: - return self._cache[fullname] - - section, name = self._normalize_name(fullname) - - if section in self._cli and name in self._cli[section]: - value = self._cli[section][name] - elif section in self._env and name in self._env[section]: - value = self._env[section][name] - elif section in self._normal and name in self._normal[section]: - value = self._normal[section][name] - elif section in self._defaults and name in self._defaults[section]: - value = self._defaults[section][name] - else: - value = default - - if not isinstance(value, str): - return value - - if raw: - return value - - tmpl = string.Template(value) - value = tmpl.safe_substitute( - ConfigurationWrapper(self, _state + [name])) - - if self.schema: - param_schema = self.schema.get_parameter(name, section=section) - - if param_schema: - type_validator = TypeValidatorRegistry.get_validator( - param_schema.type) - type_validation_result = type_validator.validate(value, **param_schema.type_args) - if not isinstance(type_validation_result, InvalidValueError): - value = type_validation_result - - self._cache[fullname] = value - - return value - - def validate(self, fullname): - if not self.schema: - return None - - section, name = self._normalize_name(fullname) - - value = self.get(fullname, raw=True) - - tmpl = string.Template(value) - value = tmpl.safe_substitute( - ConfigurationWrapper(self, [name])) - - param_schema = self.schema.get_parameter(name, section=section) - - if not param_schema: - return None - - type_validator = TypeValidatorRegistry.get_validator( - param_schema.type) - type_validation_result = type_validator.validate(value, **param_schema.type_args) - if not isinstance(type_validation_result, InvalidValueError): - return None - - return type_validation_result - - def contains(self, name, ignoreDefault=False): - section, name = self._normalize_name(name) - - if section in self._normal and name in self._normal[section]: - return True - - if section in self._cli and name in self._cli[section]: - return True - - if section in self._env and name in self._env[section]: - return True - - if (not ignoreDefault and section in self._defaults and - name in self._defaults[section]): - return True - - return False - - def is_default(self, name): - section, name = self._normalize_name(name) - - return ( - not (section in self._normal and name in self._normal[section]) and - not (section in self._cli and name in self._cli[section]) and - not (section in self._env and name in self._env[section]) and - (section in self._defaults and name in self._defaults[section]) - ) - - def set_env(self, fullname, value): - section, name = self._normalize_name(fullname) - - self._env.setdefault(section, {})[name] = value - - self._invalidate_cache(fullname) - - def set_cli(self, fullname, value): - section, name = self._normalize_name(fullname) - - self._cli.setdefault(section, {})[name] = value - - self._invalidate_cache(fullname) - - def set_default(self, fullname, value): - section, name = self._normalize_name(fullname) - - self._defaults.setdefault(section, {})[name] = value - - self._invalidate_cache(fullname) - - def set(self, fullname, value): - section, name = self._normalize_name(fullname) - - self._normal.setdefault(section, {})[name] = value - - self._invalidate_cache(fullname) - - def _invalidate_cache(self, fullname): - # We need to invalidate not only value of given parameter - # but also values that depend on that parameter - # Since this is hard, we'll just invalidate all cached values - self._cache = dict() - - def section(self, section): - return ConfigurationSection(self, section) - - def __getitem__(self, key): - return self.get(key) - - def __setitem__(self, key, value): - self.set(key, value) - - def __contains__(self, section): - return ((section in self._defaults) or - (section in self._cli) or - (section in self._env) or - (section in self._normal)) - - def keys(self, section=None): - if section: - names = set() - for param in self._defaults.get(section, {}).keys(): - names.add(param) - for param in self._normal.get(section, {}).keys(): - names.add(param) - for param in self._cli.get(section, {}).keys(): - names.add(param) - for param in self._env.get(section, {}).keys(): - names.add(param) - - return list(names) - else: - sections = set() - for section in self._defaults.keys(): - sections.add(section) - - for section in self._normal.keys(): - sections.add(section) - - for section in self._cli.keys(): - sections.add(section) - - for section in self._env.keys(): - sections.add(section) - - return list(sections) - - def items(self, section=None): - if section: - return ( - [(name, self.get(self._combine_names(section, name))) - for name in self.keys(section)] - ) - else: - return ( - [(name, ConfigurationSection(self, name)) - for name in self.keys()] - ) - - -class Element(object): - - def __init__(self, start_mark, end_mark): - self.start_mark = start_mark - self.end_mark = end_mark - - def __eq__(self, other): - return ( - (self.__class__ == other.__class__) - and (self.start_mark == other.start_mark) - and (self.end_mark == other.end_mark) - ) - - def __ne__(self, other): - return not self == other - - -class ComponentConfig(Element): - - def __init__(self, start_mark, end_mark, name, sections=[], errors=[]): - super(ComponentConfig, self).__init__(start_mark, end_mark) - self.name = name - self.sections = sections - for section in self.sections: - section.parent = self - - self.errors = errors - - -class TextElement(Element): - - def __init__(self, start_mark, end_mark, text): - super(TextElement, self).__init__(start_mark, end_mark) - self.text = text - - -class ConfigSection(Element): - - def __init__(self, start_mark, end_mark, name, parameters): - super(ConfigSection, self).__init__(start_mark, end_mark) - self.name = name - self.parameters = parameters - for parameter in self.parameters: - parameter.parent = self - - -class ConfigSectionName(TextElement): - pass - - -class ConfigParameter(Element): - - def __init__(self, start_mark, end_mark, name, value, delimiter): - super(ConfigParameter, self).__init__(start_mark, end_mark) - self.name = name - self.name.parent = self - - self.value = value - self.value.parent = self - - self.delimiter = delimiter - self.delimiter.parent = self - - def __eq__(self, other): - return ( - (self.name.text == other.name.text) and ( - self.value.text == other.value.text) - ) - - def __ne__(self, other): - return not self == other - - def __repr__(self): - return ( - "" % ( - self.name.text, - self.value.text, - self.delimiter.text) - ) - - -class ConfigParameterName(TextElement): - pass - - -class ConfigParameterValue(TextElement): - - def __init__(self, start_mark, end_mark, text, value=None, quotechar=None): - super(ConfigParameterValue, self).__init__(start_mark, end_mark, text) - self.value = value - self.quotechar = quotechar diff --git a/rubick/database.py b/rubick/database.py deleted file mode 100644 index 5e578eb..0000000 --- a/rubick/database.py +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -from bson.objectid import ObjectId -from copy import copy -import os -from pymongo import MongoClient -assert ObjectId -from recordtype import recordtype - - -def connect_to_db(): - mongo_url = os.environ.get("MONGODB_URI") or "mongodb://localhost/rubick" - client = MongoClient(mongo_url) - return client[mongo_url.split('/')[-1]] - - -def get_db(): - db = connect_to_db() - return db - - -class Cluster(recordtype('Cluster', - [('id', str(ObjectId())), 'name', 'description', - 'status', 'nodes', 'private_key', 'data'], - default=None)): - @classmethod - def from_doc(klass, doc): - doc['id'] = str(doc['_id']) - del doc['_id'] - return Cluster(**doc) - - def as_doc(self): - doc = copy(self._asdict()) - doc['_id'] = ObjectId(doc['id']) - del doc['id'] - return doc - - def for_json(self): - return copy(self._asdict()) - - -class RuleGroup: - VALIDITY = 'validity' - HA = 'high-availability' - BEST_PRACTICES = 'best-practices' - - all = [VALIDITY, HA, BEST_PRACTICES] diff --git a/rubick/discovery.py b/rubick/discovery.py deleted file mode 100644 index cebf99b..0000000 --- a/rubick/discovery.py +++ /dev/null @@ -1,1038 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -from collections import deque -import logging -import os.path -import re -from recordtype import recordtype -import shlex -import spur -import stat -import tempfile - -import paramiko -from paramiko.dsskey import DSSKey -from paramiko.rsakey import RSAKey -from paramiko.ssh_exception import SSHException -from six import StringIO - -from rubick.common import index, find, all_subclasses -from rubick.exceptions import ValidatorException -import rubick.model as model - - -def parse_nodes_info(nodes, password=None, private_key=None): - result = [] - for node in nodes: - m = parse_nodes_info.connection_re.match(node) - if not m: - continue - - username = m.group(1) or 'root' - host = m.group(2) - port = int(m.group(3) or '22') - - result.append( - dict(host=host, - port=port, - username=username, - password=password, - private_key=private_key)) - - return result - -parse_nodes_info.connection_re = re.compile('(?:(\w+)@)?([^:]+)(?::(\d+))?') - - -def parse_private_key(private_key): - try: - return RSAKey.from_private_key(StringIO(private_key)) - except SSHException: - try: - return DSSKey.from_private_key(StringIO(private_key)) - except SSHException: - return None - - -# SshShell wrapper to add support for sock parameter (for proxy command) -class SshShell(spur.SshShell): - - def __init__(self, - hostname, - username=None, - password=None, - port=22, - private_key=None, - connect_timeout=None, - missing_host_key=None, - sock=None): - super(SshShell, self).__init__(hostname=hostname, - username=username, - password=password, - port=port, - connect_timeout=connect_timeout, - missing_host_key=missing_host_key) - - self._pkey = parse_private_key(private_key) - if not self._pkey: - raise ValidatorException("Unknown private key format") - - self._sock = sock - - def _connect_ssh(self): - if self._client is None: - if self._closed: - raise RuntimeError("Shell is closed") - - client = paramiko.SSHClient() - client.load_system_host_keys() - client.set_missing_host_key_policy(self._missing_host_key) - client.connect( - hostname=self._hostname, - port=self._port, - username=self._username, - password=self._password, - pkey=self._pkey, - timeout=self._connect_timeout, - sock=self._sock) - - self._client = client - - return self._client - - -class NodeClient(object): - logger = logging.getLogger('rubick.ssh') - - def __init__(self, host, port=22, username='root', password=None, - private_key=None, proxy_command=None): - super(NodeClient, self).__init__() - self.host = host - self.use_sudo = (username != 'root') - - if proxy_command and proxy_command.find('%%PATH_TO_KEY%%') != -1: - self._pkey_file = tempfile.NamedTemporaryFile(suffix='.key') - self._pkey_file.write(private_key) - self._pkey_file.flush() - - proxy_command = proxy_command.replace('%%PATH_TO_KEY%%', - self._pkey_file.name) - - sock = paramiko.ProxyCommand(proxy_command) if proxy_command else None - - self.shell = SshShell( - hostname=host, - port=port, - username=username, - password=password, - private_key=private_key, - missing_host_key=spur.ssh.MissingHostKey.accept, - sock=sock) - - def run(self, command, *args, **kwargs): - if self.use_sudo: - command = ['sudo'] + command - result = self.shell.run(command, allow_error=True, *args, **kwargs) - self.logger.debug('Executed command: %s, ' - 'result code %d, output:\n%s' % (' '.join(command), - result.return_code, - result.output)) - return result - - def open(self, path, mode='r'): - self.logger.debug('Opening file %s mode %s' % (path, mode)) - return self.shell.open(path, mode) - - -ProcessInfo = recordtype('ProcessInfo', ['pid', 'command']) - - -class ExtendedNodeClient(object): - - def __init__(self, client): - super(ExtendedNodeClient, self).__init__() - self._client = client - - def run(self, command, *args, **kwargs): - return self._client.run(command, *args, **kwargs) - - def open(self, path, mode='r'): - return self._client.open(path, mode) - - def __getattr__(self, name): - return getattr(self._client, name) - - def get_processes(self, reload=False): - if not hasattr(self, '_processes') or reload: - self._processes = get_processes(self._client) - - return self._processes - - def get_listen_sockets(self, reload=False): - if not hasattr(self, '_listen_sockets') or reload: - self._listen_sockets = get_listen_sockets(self._client) - - return self._listen_sockets - - def get_host_id(self, reload=False): - if not hasattr(self, '_host_id') or reload: - self._host_id = get_host_id(self._client) - - return self._host_id - - -def get_processes(client): - if hasattr(client, 'get_processes'): - return client.get_processes() - - lines = client.run(['ps', '-Ao', 'pid,cmd', - '--no-headers']).output.split("\n") - results = [] - for line in lines: - line = line.strip() - if line == '': - continue - - parts = line.split() - - pid = int(parts.pop(0)) - command = ' '.join(parts) - results.append(ProcessInfo(pid=pid, command=command)) - - return results - - -def get_process_by_pid(client, pid): - return find(get_processes(client), lambda p: p.pid == pid) - - -def get_listen_sockets(client): - if hasattr(client, 'get_listen_sockets'): - return client.get_listen_sockets() - - result = client.run(['lsof', '-i', '-s', 'TCP:LISTEN', '-nP', '-Fn']) - if result.return_code != 0: - return {} - - host_addresses = get_host_network_addresses(client) - sockets = {} - - current_pid = 0 - for line in result.output.split("\n"): - if line.startswith('p'): - current_pid = int(line[1:]) - sockets.setdefault(current_pid, []) - elif line.startswith('n'): - host, port = line[1:].split(':', 1) - if host == '*': - for address in host_addresses: - sockets[current_pid].append((address, port)) - else: - sockets[current_pid].append((host, port)) - - return sockets - - -def get_process_listen_sockets(client, pid): - sockets_per_process = get_listen_sockets(client) - if pid not in sockets_per_process: - return [] - - return sockets_per_process[pid] - - -def find_process_by_name(client, name): - processes = get_processes(client) - for process in processes: - args = shlex.split(process.command) - if os.path.basename(args[0]) == name: - return process - - return None - - -def find_process(client, pid=None, name=None, sockets=None): - if pid: - return find(get_processes(client), lambda p: p.pid == pid) - elif sockets: - current_sockets = get_listen_sockets(client) - x = find(current_sockets.items(), lambda x: sockets[0] in x[1]) - if not x: - return None - - return get_process_by_pid(x[0]) - elif name: - processes = get_processes(client) - for process in processes: - args = shlex.split(process.command) - if os.path.basename(args[0]) == name: - return process - - return None - - -def find_python_process(client, name): - processes = get_processes(client) - for process in processes: - args = shlex.split(process.command) - if len(args) > 0 and (args[0] == name or args[0].endswith('/' + name)): - return process - if len(args) > 1 and find_python_process.python_re.match(args[0]) \ - and (args[1] == name or args[1].endswith('/' + name)): - return process - - return None - -find_python_process.python_re = re.compile('(/?([^/]*/)*)python[0-9.]*') - - -def find_python_package_version(client, package): - result = client.run( - ['python', '-c', - 'import pkg_resources; version = pkg_resources' - '.get_provider(pkg_resources.Requirement.parse("%s"))' - '.version; print(version)' % - package]) - - s = result.output.strip() - parts = [] - for p in s.split('.'): - if not p[0].isdigit(): - break - - parts.append(p) - - version = '.'.join(parts) - - return version - - -def get_host_id(client): - if hasattr(client, 'get_host_id'): - return client.get_host_id() - - ether_re = re.compile('link/ether (([0-9a-f]{2}:){5}([0-9a-f]{2})) ') - result = client.run(['bash', '-c', 'ip link | grep "link/ether "']) - macs = [] - for match in ether_re.finditer(result.output): - macs.append(match.group(1).replace(':', '')) - return ''.join(macs) - - -def get_host_network_addresses(client): - ipaddr_re = re.compile('inet (\d+\.\d+\.\d+\.\d+)/\d+') - addresses = [] - result = client.run(['bash', '-c', 'ip address list | grep "inet "']) - for match in ipaddr_re.finditer(result.output): - addresses.append(match.group(1)) - return addresses - - -def permissions_string_to_mode(s): - mode = 0 - - if s[0] == 'd': - mode |= stat.S_IFDIR - elif s[0] == 's': - mode |= stat.S_IFSOCK - elif s[0] == 'l': - mode |= stat.S_IFLNK - else: - mode |= stat.S_IFREG - - if s[1] == 'r': - mode |= stat.S_IRUSR - if s[2] == 'w': - mode |= stat.S_IWUSR - if s[3] == 'x': - mode |= stat.S_IXUSR - if s[4] == 'r': - mode |= stat.S_IRGRP - if s[5] == 'w': - mode |= stat.S_IWGRP - if s[6] == 'x': - mode |= stat.S_IXGRP - if s[7] == 'r': - mode |= stat.S_IROTH - if s[8] == 'w': - mode |= stat.S_IWOTH - if s[9] == 'x': - mode |= stat.S_IXOTH - - return mode - - -def collect_process(client, process_info): - result = client.run(['readlink', '/proc/%d/cwd' % process_info.pid]) - cwd = result.output.strip() - - process = model.ProcessResource( - pid=process_info.pid, - cmdline=process_info.command, - cwd=cwd) - process.listen_sockets = get_process_listen_sockets(client, process.pid) - - return process - - -def collect_file(driver, client, path, searchpath=[]): - "collect_file(driver, client, path, searchpath=[]) - collect file resource." - "path can be absolute path, absolute wildcard or relative path + searchpath" - def _collect_file(path): - ls = client.run(['ls', '-ld', '--time-style=full-iso', path]) - if ls.return_code != 0: - return None - - line = ls.output.split("\n")[0] - perm, links, owner, group, size, date, time, timezone, name = \ - line.split() - permissions = permissions_string_to_mode(perm) - - with client.open(path) as f: - contents = f.read() - - r = model.FileResource(path, contents, owner, group, permissions) - r.host_id = get_host_id(client) - return r - - if not path: - return None - - if not os.path.isabs(path): - for base_path in searchpath: - f = _collect_file(os.path.join(base_path, path)) - if f: - return f - - return None - else: - ls = client.run(['ls', path]) - if ls.return_code != 0: - return None - - files = [] - for path in ls.output.split("\n"): - f = _collect_file(path) - if f: - files.append(f) - - if len(files) == 1: - return files[0] - - return files - - return None - - -def collect_directory(driver, client, path): - if not path: - return None - - if not path.endswith('/'): - path += '/' - - ls = client.run(['ls', '-ld', '--time-style=full-iso', path]) - if ls.return_code != 0: - return None - - line = ls.output.split("\n")[0] - perm, links, owner, group, size, date, time, timezone, name = line.split() - permissions = permissions_string_to_mode(perm) - - r = model.DirectoryResource(path, owner, group, permissions) - r.host_id = get_host_id(client) - return r - - -def collect_component_configs(driver, client, component, - command, default_config=None): - config_files = [] - - args = shlex.split(command)[1:] - - p = index(args, lambda s: s == '--config-file') - if p != -1 and p + 1 < len(args): - config_path = args[p + 1] - else: - config_path = default_config - - if config_path: - r = driver.discover('file', client.host, path=config_path) - if r: - config_files.append(r) - - p = index(args, lambda s: s == '--config-dir') - if p != -1 and p + 1 < len(args): - files = driver.discover('file', client.host, path='%s/*.conf' % args[p + 1]) - if files: - if not isinstance(files, list): - files = [files] - - config_files.extend(files) - - component.config_files = config_files - - for i, arg in enumerate(args): - if arg.startswith('--'): - name = arg[2:] - if '=' in name: - name, value = name.split('=', 1) - elif i + 1 < len(args): - value = args[i + 1] - i += 1 - else: - continue - - component.config.set_cli(name, value) - - -# Marker class -class BaseDiscovery(object): - - def __init__(self): - self.items = [] - - -class HostDiscovery(BaseDiscovery): - item_type = 'host' - - def discover(self, driver, host, **data): - item = find(self.items, lambda h: host in h.network_addresses) - if item: - return item - - client = driver.client(host) - - hostname = client.run(['hostname']).output.strip() - - item = model.HostResource(name=hostname) - item.id = get_host_id(client) - item.network_addresses = get_host_network_addresses(client) - - process_sockets = get_listen_sockets(client) - - # Service detection part - process = find_python_process(client, 'keystone-all') - if process: - driver.enqueue( - 'keystone', host=host, pid=process.pid, - sockets=process_sockets.get(process.pid, [])) - - for service in [ - 'nova-api', 'nova-volume', 'nova-scheduler', - 'glance-api', 'glance-registry', - 'cinder-api', 'cinder-volume', 'cinder-scheduler', - 'neutron-server', 'neutron-dhcp-agent', 'neutron-l3-agent', - 'neutron-metadata-agent', 'neutron-openvswitch-agent', - 'swift-proxy-server', 'swift-container-server', - 'swift-account-server', 'swift-object-server' - ]: - process = find_python_process(client, service) - if not process: - continue - - driver.enqueue( - service, host=host, pid=process.pid, - sockets=process_sockets.get(process.pid, [])) - - for service in ['mysql', 'rabbitmq']: - process = find_process(client, name=service) - if not process: - continue - - driver.enqueue( - service, host=host, pid=process.pid, - sockets=process_sockets.get(process.pid, [])) - - self.items.append(item) - - return item - - -class FileDiscovery(BaseDiscovery): - item_type = 'file' - - def discover(self, driver, host, path=None, **data): - client = driver.client(host) - host_id = get_host_id(client) - - item = find(self.items, - lambda f: f.path == path and f.host_id == host_id) - if item: - return item - - item = collect_file(driver, client, path) - if not item: - return None - - self.items.append(item) - - driver.discover('directory', host, path=os.path.dirname(item.path)) - - return item - - -class DirectoryDiscovery(BaseDiscovery): - item_type = 'directory' - - logger = logging.getLogger('rubick.discovery.directory') - - def discover(self, driver, host, path=None, withBaseDirs=True, **data): - client = driver.client(host) - host_id = get_host_id(client) - - item = find(self.items, - lambda f: f.path == path and f.host_id == host_id) - if item: - return item - - self.logger.debug('Discovering directory %s' % path) - - if path == '/': - return None - - item = collect_directory(driver, client, path) - if not item: - return None - - self.items.append(item) - - if withBaseDirs: - path = os.path.dirname(path) - while path != '/': - self.discover(driver, host, path, withBaseDirs=False) - path = os.path.dirname(path) - - return item - - -class ServiceDiscovery(BaseDiscovery): - - def find_item(self, driver, host, **data): - if 'sockets' in data: - item = find(self.items, - lambda s: data['sockets'] == s.process.listen_sockets) - elif 'port' in data: - item = find(self.items, - lambda s: (host, data['port']) in s.process.listen_sockets) - else: - client = driver.client(host) - host_id = client.get_host_id() - item = find(self.items, lambda s: host_id == s.host_id) - - return item is not None - - -class OpenstackComponentDiscovery(ServiceDiscovery): - - def __init__(self): - super(OpenstackComponentDiscovery, self).__init__() - assert self.item_type - if not hasattr(self, 'python_process_name'): - self.python_process_name = self.item_type - if not hasattr(self, 'project'): - self.project = self.item_type.split('-')[0] - if not hasattr(self, 'model_class'): - class_name = ''.join([p.capitalize() - for p in self.item_type.split('-') - ]) + 'Component' - self.model_class = getattr(model, class_name) - if not hasattr(self, 'default_config_path'): - self.default_config_path = os.path.join('/etc', self.project, - self.project + '.conf') - - def discover(self, driver, host, **data): - item = self.find_item(driver, host, **data) - if item: - return item - - client = driver.client(host) - - process = find_python_process(client, self.python_process_name) - if not process: - return None - - service = self.model_class() - service.host_id = get_host_id(client) - - service.process = collect_process(client, process) - - service.version = find_python_package_version(client, self.project) - - collect_component_configs( - driver, client, service, process.command, - default_config=self.default_config_path) - - searchpaths = [ - service.process.cwd, - os.path.join('/etc', self.project) - ] - - if service.config and service.config.schema: - for param in service.config.schema: - if param.type == 'file': - path = service.config[param.name] - if path and path != '': - driver.enqueue('file', host=host, path=path, - searchpath=searchpaths) - elif param.type == 'directory': - path = service.config[param.name] - if path and path != '': - driver.enqueue('directory', host=host, path=path) - - self.items.append(service) - - return service - - -class KeystoneDiscovery(OpenstackComponentDiscovery): - item_type = 'keystone' - - python_process_name = 'keystone-all' - - def discover(self, driver, host, **data): - item = self.find_item(driver, host, **data) - if item: - return item - - keystone = super(KeystoneDiscovery, self).discover(driver, host, **data) - if not keystone: - return None - - client = driver.client(host) - - process = find_python_process(client, 'keystone-all') - if not process: - return None - - token = keystone.config['admin_token'] - host = keystone.config['bind_host'] - if host == '0.0.0.0': - host = '127.0.0.1' - port = int(keystone.config['admin_port']) - - keystone_env = { - 'OS_SERVICE_TOKEN': token, - 'OS_SERVICE_ENDPOINT': 'http://%s:%d/v2.0' % (host, port) - } - - def db(command): - return self._get_keystone_db_data(client, command, - env=keystone_env) - - keystone.db = dict() - keystone.db['tenants'] = db('tenant-list') - keystone.db['users'] = db('user-list') - keystone.db['services'] = db('service-list') - keystone.db['endpoints'] = db('endpoint-list') - - return keystone - - def _get_keystone_db_data(self, client, command, env={}): - result = client.run(['keystone', command], update_env=env) - if result.return_code != 0: - return [] - - lines = result.output.strip().split("\n") - - columns = [] - last_pos = 0 - l = lines[0] - while True: - pos = l.find('+', last_pos + 1) - if pos == -1: - break - - columns.append({'start': last_pos + 1, 'end': pos - 1}) - - last_pos = pos - - l = lines[1] - for c in columns: - c['name'] = l[c['start']:c['end']].strip() - - data = [] - for l in lines[3:-1]: - d = dict() - for c in columns: - d[c['name']] = l[c['start']:c['end']].strip() - - data.append(d) - - return data - - -class NovaApiDiscovery(OpenstackComponentDiscovery): - item_type = 'nova-api' - - -class NovaComputeDiscovery(OpenstackComponentDiscovery): - item_type = 'nova-compute' - - -class NovaSchedulerDiscovery(OpenstackComponentDiscovery): - item_type = 'nova-scheduler' - - -class GlanceApiDiscovery(OpenstackComponentDiscovery): - item_type = 'glance-api' - - -class GlanceRegistryDiscovery(OpenstackComponentDiscovery): - item_type = 'glance-registry' - - -class CinderApiDiscovery(OpenstackComponentDiscovery): - item_type = 'cinder-api' - - -class CinderVolumeDiscovery(OpenstackComponentDiscovery): - item_type = 'cinder-volume' - - -class CinderSchedulerDiscovery(OpenstackComponentDiscovery): - item_type = 'cinder-scheduler' - - -class MysqlDiscovery(ServiceDiscovery): - item_type = 'mysql' - - def discover(self, driver, host, **data): - item = self.find_item(driver, host, **data) - if item: - return item - - client = driver.client(host) - - process = find_process(client, name='mysqld') - if not process: - return None - - mysqld_version_re = re.compile('mysqld\s+Ver\s(\S+)\s') - - mysql = model.MysqlComponent() - mysql.host_id = get_host_id(client) - - mysql.process = collect_process(client, process) - - version_result = client.run(['mysqld', '--version']) - m = mysqld_version_re.match(version_result.output) - mysql.version = m.group(1) if m else 'unknown' - - mysql.config_files = [] - config_locations_result = client.run( - ['bash', '-c', - 'mysqld --help --verbose ' - '| grep "Default options are read from" -A 1']) - config_locations = config_locations_result.output\ - .strip().split("\n")[-1].split() - for path in config_locations: - f = driver.discover('file', host, path=path) - if f: - mysql.config_files.append(f) - - self.items.append(mysql) - - return mysql - - -class RabbitmqDiscovery(ServiceDiscovery): - item_type = 'rabbitmq' - - def discover(self, driver, host, **data): - item = self.find_item(driver, host, **data) - if item: - return item - - client = driver.client(host) - - process = find_process(client, name='beam.smp') - if not process: - process = find_process(client, name='beam') - if not process: - return None - - if process.command.find('rabbit') == -1: - return None - - rabbitmq = model.RabbitMqComponent() - rabbitmq.host_id = get_host_id(client) - - rabbitmq.process = collect_process(client, process) - - rabbitmq.version = 'unknown' - - env_file = '/etc/rabbitmq/rabbitmq-env.conf' - env_vars = {} - result = client.run(['bash', '-c', 'source %s && set' % env_file]) - if result.return_code == 0: - lines = result.output.split("\n") - env_vars = dict((k, v) for k, v in lines.split('=', 1)) - - rabbitmq_env_vars = \ - dict((key.replace('RABBITMQ_', ''), value) - for key, value in env_vars if key.startswith('RABBITMQ_')) - - for key, value in rabbitmq_env_vars: - rabbitmq.config.set_env(key, value) - - args = shlex.split(process.command) - for i, s in enumerate(args): - if s == '-rabbit' and i + 2 <= len(args): - rabbitmq.config.set_cli(args[i + 1], args[i + 2]) - - self.items.append(rabbitmq) - - return rabbitmq - - -class SwiftProxyServerDiscovery(OpenstackComponentDiscovery): - item_type = 'swift-proxy-server' - - -class SwiftContainerServerDiscovery(OpenstackComponentDiscovery): - item_type = 'swift-container-server' - default_config_path = '/etc/swift/container-server/1.conf' - - -class SwiftAccountServerDiscovery(OpenstackComponentDiscovery): - item_type = 'swift-account-server' - default_config_path = '/etc/swift/account-server/1.conf' - - -class SwiftObjectServerDiscovery(OpenstackComponentDiscovery): - item_type = 'swift-object-server' - default_config_path = '/etc/swift/object-server/1.conf' - - -class NeutronServerDiscovery(OpenstackComponentDiscovery): - item_type = 'neutron-server' - - -class NeutronDhcpAgentDiscovery(OpenstackComponentDiscovery): - item_type = 'neutron-dhcp-agent' - default_config_path = '/etc/neutron/dhcp_agent.ini' - - -class NeutronL3AgentDiscovery(OpenstackComponentDiscovery): - item_type = 'neutron-l3-agent' - default_config_path = '/etc/neutron/l3_agent.ini' - - -class NeutronMetadataAgentDiscovery(OpenstackComponentDiscovery): - item_type = 'neutron-metadata-agent' - default_config_path = '/etc/neutron/metadata_agent.ini' - - -class NeutronOpenvswitchAgentDiscovery(OpenstackComponentDiscovery): - item_type = 'neutron-openvswitch-agent' - default_config_path = '/etc/neutron/plugins/ml2/ml2_conf.ini' - - -class DiscoveryDriver(object): - Task = recordtype('Task', ['type', 'host', 'data']) - - logger = logging.getLogger('rubick.discovery') - - def __init__(self, defaultPrivateKey): - self.queue = deque() - self.defaultPrivateKey = defaultPrivateKey - self.agents = dict([(c.item_type, c()) - for c in all_subclasses(BaseDiscovery) - if hasattr(c, 'item_type')]) - self._hosts = {} - self._clients = {} - - def setHostConnectionInfo(self, host, port=22, - username='root', password=None, privateKey=None): - self._hosts[host] = dict( - host=host, - port=port, - username=username, - password=password, - private_key=privateKey or self.defaultPrivateKey) - - def client(self, host): - if host not in self._clients: - host_info = self._hosts[host] if host in self._hosts else dict( - host=host, port=22, - username='root', private_key=self.defaultPrivateKey) - - self._clients[host] = ExtendedNodeClient(NodeClient(**host_info)) - - return self._clients[host] - - def discover(self, type, host, **data): - if type not in self.agents: - self.logger.error('Request for discovery of unknown type "%s"' % type) - return None - - self.logger.info('Processing item of type %s, host = %s, %s' % - (type, host, ', '.join(['%s=%s' % (k, v) for k, v in data.items()]))) - - return self.agents[type].discover(self, host, **data) - - def enqueue(self, type, host, **data): - self.queue.append(DiscoveryDriver.Task(type, host, data)) - - -class OpenstackDiscovery(object): - logger = logging.getLogger('rubick.discovery') - - def discover(self, initial_nodes, private_key): - "Takes a list of node addresses " - "and returns discovered openstack installation info" - driver = DiscoveryDriver(private_key) - - # Set connection info and queue initial nodes - for info in parse_nodes_info(initial_nodes, private_key): - driver.setHostConnectionInfo( - host=info['host'], port=info['port'], - username=info['username'], password=info['password'], - privateKey=info['private_key']) - - driver.enqueue('host', info['host']) - - while len(driver.queue) > 0: - task = driver.queue.popleft() - - driver.discover(task.type, task.host, **task.data) - - items = sum([agent.items for agent in driver.agents.values()], []) - - # Rebuild model tree - openstack = model.Openstack() - - for host in filter(lambda i: isinstance(i, model.HostResource), items): - openstack.add_host(host) - - for service in filter(lambda i: isinstance(i, model.Service), items): - host = find(openstack.hosts, lambda h: h.id == service.host_id) - if not host: - self.logger.error('Got resource "%s" ' - 'that belong to non-existing host' % service) - continue - - host.add_component(service) - - for fs_resource in filter(lambda f: isinstance(f, model.FileSystemResource), items): - host = find(openstack.hosts, lambda h: h.id == fs_resource.host_id) - if not host: - self.logger.error('Got resource "%s" ' - 'that belong to non-existing host' % fs_resource) - continue - - host.add_fs_resource(fs_resource) - - return openstack diff --git a/rubick/exceptions.py b/rubick/exceptions.py deleted file mode 100644 index efdae5f..0000000 --- a/rubick/exceptions.py +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. - - -class RubickException(BaseException): - pass - - -class ValidatorException(RubickException): - pass - - -class SchemaException(RubickException): - pass diff --git a/rubick/inspections/__init__.py b/rubick/inspections/__init__.py deleted file mode 100644 index b9b7b69..0000000 --- a/rubick/inspections/__init__.py +++ /dev/null @@ -1,3 +0,0 @@ -from rubick.inspections.keystone_authtoken import KeystoneAuthtokenSettingsInspection # noqa -from rubick.inspections.keystone_endpoints import KeystoneEndpointsInspection # noqa -from rubick.inspections.lettuce_runner import LettuceRunnerInspection # noqa diff --git a/rubick/inspections/keystone_authtoken.py b/rubick/inspections/keystone_authtoken.py deleted file mode 100644 index c49748a..0000000 --- a/rubick/inspections/keystone_authtoken.py +++ /dev/null @@ -1,121 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. - -from rubick.common import Inspection, Issue, find - -AUTHTOKEN_FILTER_FACTORY = ('keystoneclient.middleware.auth_token:' - 'filter_factory') - - -class KeystoneAuthtokenSettingsInspection(Inspection): - name = 'Keystone auth' - description = 'Validate correctness of keystone settings' - - def inspect(self, openstack): - components = [] - for host in openstack.hosts: - components.extend(host.components) - - keystones = [c for c in components if c.name == 'keystone'] - if len(keystones) == 0: - openstack.report_issue( - Issue(Issue.FATAL, 'No keystone service found')) - return - - keystone = keystones[0] - keystone_addresses = [keystone.config['bind_host']] - if keystone_addresses == ['0.0.0.0']: - keystone_addresses = keystone.host.network_addresses - - for nova in [c for c in components if c.name == 'nova-api']: - if nova.config['auth_strategy'] != 'keystone': - continue - - authtoken_section = find( - nova.paste_config.items(), - lambda name_values: name_values[0].startswith('filter:') and - name_values[1].get( - 'paste.filter_factory') == AUTHTOKEN_FILTER_FACTORY) - - if not authtoken_section: - continue - - authtoken_settings = authtoken_section[1] - - def get_value(name): - return ( - authtoken_settings[name] or - nova.config['keystone_authtoken.%s' % name] - ) - - auth_host = get_value('auth_host') - auth_port = int(get_value('auth_port')) - auth_protocol = get_value('auth_protocol') - admin_user = get_value('admin_user') - # admin_password = get_value('admin_password') - admin_tenant_name = get_value('admin_tenant_name') - admin_token = get_value('admin_token') - - msg = 'Keystone authtoken config %s' - - def missing_param_issue(param): - return Issue(Issue.ERROR, - msg % (' miss "%s" setting' % param)) - - def incorrect_param_issue(param): - return Issue(Issue.ERROR, - msg % (' has incorrect "%s" setting' % param)) - - if not auth_host: - nova.report_issue(missing_param_issue('auth_host')) - elif not auth_host in keystone_addresses: - nova.report_issue(incorrect_param_issue('auth_host')) - - if not auth_port: - nova.report_issue(missing_param_issue('auth_port')) - elif auth_port != keystone.config['admin_port']: - nova.report_issue(incorrect_param_issue('auth_port')) - - if not auth_protocol: - nova.report_issue(missing_param_issue('auth_protocol')) - elif not auth_protocol in ['http', 'https']: - nova.report_issue(incorrect_param_issue('auth_protocol')) - - if not admin_user: - nova.report_issue(missing_param_issue('admin_user')) - else: - user = find( - keystone.db['users'], - lambda u: u['name'] == admin_user) - if not user: - nova.report_issue( - Issue(Issue.ERROR, msg % - ' has "admin_user" that is missing')) - - if not admin_tenant_name: - nova.report_issue(missing_param_issue('admin_tenant_name')) - else: - tenant = find(keystone.db['tenants'], - lambda t: t['name'] == admin_tenant_name) - if not tenant: - nova.report_issue( - Issue(Issue.ERROR, msg % - ' has "admin_tenant_name" that is missing')) - - if admin_token: - nova.report_issue( - Issue( - Issue.WARNING, - msg % ' uses insecure admin_token method' - 'for authentication')) diff --git a/rubick/inspections/keystone_endpoints.py b/rubick/inspections/keystone_endpoints.py deleted file mode 100644 index 3e6a7ba..0000000 --- a/rubick/inspections/keystone_endpoints.py +++ /dev/null @@ -1,82 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -from six.moves.urllib.parse import urlparse - -from rubick.common import Inspection, Issue, find - -SERVICE_WITH_NO_ENDPOINT_MSG = """ -Keystone catalog contains service "%s" that has no defined endpoints -""".strip() -SERVICE_ENDPOINT_MSG = """ -Keystone catalog has endpoint for service "%s" (id %s) that has "%s" -""".strip() -UNKNOWN_HOST_ENDPOINT_MSG = (SERVICE_ENDPOINT_MSG + - ' set pointing to unknown host') -UNKNOWN_SERVICE_ENDPOINT_MSG = (SERVICE_ENDPOINT_MSG + - ' set pointing to no service') - - -class KeystoneEndpointsInspection(Inspection): - name = 'Keystone endpoints' - description = """ - Validate that each keystone endpoint leads to proper service - """.strip() - - def inspect(self, openstack): - keystone = find(openstack.components, lambda c: c.name == 'keystone') - if not keystone: - return - - for service in keystone.db['services']: - if service['type'] == 'compute': - endpoint = find( - keystone.db['endpoints'], - lambda e: e['service_id'] == service['id']) - if not endpoint: - keystone.report_issue( - Issue( - Issue.WARNING, SERVICE_WITH_NO_ENDPOINT_MSG % - service['name'])) - continue - - for url_attr in ['adminurl', 'publicurl', 'internalurl']: - url = urlparse(endpoint[url_attr]) - - # TODO(someone): resolve endpoint url host address - host = find( - openstack.hosts, - lambda h: url.hostname in h.network_addresses) - if not host: - keystone.report_issue( - Issue(Issue.ERROR, UNKNOWN_HOST_ENDPOINT_MSG % - (service['name'], service['id'], url_attr))) - continue - - nova_api = None - for c in host.components: - if c.name != 'nova-api': - continue - - listen_address = c.config['osapi_compute_listen'] - listen_port = c.config['osapi_compute_listen_port'] - - if (listen_address in ['0.0.0.0', url.hostname] and - listen_port == url.port): - nova_api = c - break - - if not nova_api: - keystone.report_issue( - Issue(Issue.ERROR, UNKNOWN_SERVICE_ENDPOINT_MSG % - (service['name'], service['id'], url_attr))) diff --git a/rubick/inspections/lettuce/sample.feature b/rubick/inspections/lettuce/sample.feature deleted file mode 100644 index 8f985d6..0000000 --- a/rubick/inspections/lettuce/sample.feature +++ /dev/null @@ -1,19 +0,0 @@ -Feature: Configuration consistency - - Scenario: Nova has proper Keystone host - Given I use OpenStack 2013.1 - And Nova has "auth_strategy" equal to "keystone" - And Keystone addresses are @X - Then Nova should have keystone authtoken filter's "auth_host" in "$X" - - Scenario: Nova has proper fixed_range settings for Grizzly release - Given I use OpenStack 2013.1 - And Nova has "fixed_range" equal to "" - Then "nova" component have "fixed_range" parameter equal to "" - - Scenario: Nova has proper settings for NoVNC - Given I use OpenStack 2013.1 - And Controller addresses are @X - Then "nova" component have "novncproxy_base_url" parameter equal to "$X" - And "nova" component must have "sql_connection" parameter - diff --git a/rubick/inspections/lettuce/sample_havana.feature b/rubick/inspections/lettuce/sample_havana.feature deleted file mode 100644 index 9664e6d..0000000 --- a/rubick/inspections/lettuce/sample_havana.feature +++ /dev/null @@ -1,22 +0,0 @@ -Feature: Configuration consistency - - Scenario: Nova has proper Keystone host - Given I use OpenStack 2013.2.1 - And Nova has "auth_strategy" equal to "keystone" - And Keystone addresses are @X - Then Nova should have keystone authtoken filter's "auth_host" in "$X" - - Scenario: Nova has proper fixed_range settings for Grizzly release - Given I use OpenStack 2013.2.1 - And Nova has "fixed_range" equal to "" - Then "nova" component have "fixed_range" parameter equal to "" - - Scenario: Nova has proper settings for NoVNC - Given I use OpenStack 2013.2.1 - And Controller addresses are @X - Then "nova" component have "novncproxy_base_url" parameter equal to "$X" - And "nova" component must have "sql_connection" parameter - - Scenario: Neutron check - Given I use OpenStack 2013.2.1 - Then "neutron" component must have "sql_connection" parameter \ No newline at end of file diff --git a/rubick/inspections/lettuce/steps.py b/rubick/inspections/lettuce/steps.py deleted file mode 100644 index b8a4a78..0000000 --- a/rubick/inspections/lettuce/steps.py +++ /dev/null @@ -1,198 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -import string -from lettuce import step, world - -from rubick.common import Issue, Version, find -import rubick.model as model - - -AUTHTOKEN_FILTER_FACTORY = ('keystoneclient.middleware.auth_token:' - 'filter_factory') - - -def get_variable(name): - if not hasattr(world, 'variables'): - return None - - return world.variables.get(name) - - -def set_variable(name, value): - if not hasattr(world, 'variables'): - world.variables = {} - - world.variables[name] = value - - -def subst(template): - if not hasattr(world, 'variables'): - return template - - tmpl = string.Template(template) - return tmpl.safe_substitute(world.variables) - - -def stop(): - assert False, "stop" - - -# Openstack general step description section -@step(r'I use OpenStack (\w+)') -def use_openstack_version(step, version): - version = Version(version) - for component in [c for c in world.openstack.components - if isinstance(c, model.OpenstackComponent)]: - if not Version(component.version) >= version: - stop() - - -@step(r'Controller addresses are @(\w+)') -def controller_addresses(self, variable): - controller = find(world.openstack.components, lambda c: c.name == 'nova') - - if controller.config['s3_host'] == '0.0.0.0': - addresses = filter( - lambda ip: not ip.startswith('127.'), - controller.host.network_addresses) - else: - addresses = [controller.config['s3_host']] - - set_variable(variable, addresses) - - -# Keystone steps section -@step(r'Keystone addresses are @(\w+)') -def keystone_addresses(self, variable): - keystone = find(world.openstack.components, lambda c: c.name == 'keystone') - - if keystone.config['bind_host'] == '0.0.0.0': - addresses = filter( - lambda ip: not ip.startswith('127.'), - keystone.host.network_addresses) - else: - addresses = [keystone.config['bind_host']] - - set_variable(variable, addresses) - - -# Nova steps section -@step(r'Nova has "(.+)" equal to "(.*)"') -def nova_has_property(step, name, value): - name = subst(name) - value = subst(value) - - for nova in [c for c in world.openstack.components - if c.name.startswith('nova')]: - if not nova.config[name] == value: - stop() - - -@step(r'Nova should have "(.+)" in "(.*)"') -def nova_property_assertion(self, name, values): - name = subst(name) - values = subst(values) - - if not values: - return - - for nova in [c for c in world.openstack.components - if c.name.startswith('nova')]: - nova_value = nova.config[name] - - if not (nova_value and nova_value in values): - nova.report_issue( - Issue(Issue.ERROR, 'Nova should have "%s" in %s' % - (name, values))) - - -@step(r"Nova should have keystone authtoken filter's \"(.+)\" in \"(.*)\"") -def nova_authtoken_property_assertion(self, name, values): - name = subst(name) - values = subst(values) - - if not values: - return - - for nova in [c for c in world.openstack.components - if c.name.startswith('nova')]: - - (authtoken_section, _) = find( - nova.paste_config.items(), - lambda name_values: name_values[0].startswith('filter:') - and name_values[1].get('paste.filter_factory') == - AUTHTOKEN_FILTER_FACTORY - ) - - if not authtoken_section: - nova.report_issue( - Issue(Issue.ERROR, 'Nova has keystone "auth" strategy ' - 'configured, but doesnt have authtoken ' - 'paste filter')) - continue - - authtoken_settings = nova.paste_config.section(authtoken_section) - - param_value = (authtoken_settings[name] or - nova.config['keystone_authtoken.%s' % name]) - - if not (param_value and param_value in values): - nova.report_issue( - Issue(Issue.ERROR, 'Nova should have "%s" in %s, ' - 'actual value is "%s"' % ( - name, values, param_value))) - - -# Common steps section -@step(r'"(.+)" component must have "(.+)" parameter') -def component_has_non_none_property(step, component_name, parameter_name): - component_name = subst(component_name) - parameter_name = subst(parameter_name) - - for component in [c for c in world.openstack.components - if c.name.startswith('%s' % component_name)]: - component_value = component.config[parameter_name] - - if component_value is None: - component.report_issue( - Issue(Issue.ERROR, - '"%s" must have parameter "%s - version %s"' % - (c.name, parameter_name, component.version))) - - -@step(r'"(.+)" component have "(.+)" parameter equal to "(.*)"') -def component_has_property_with_value(step, component_name, parameter_name, - value): - component_name = subst(component_name) - parameter_name = subst(parameter_name) - value = subst(value) - - for component in [c for c in world.openstack.components - if c.component.startswith('%s' % component_name)]: - component_value = component.config[parameter_name] - - if not component_value == value: - component.report_issue( - Issue(Issue.ERROR, - '"%s" should have parameter "%s" equals "%s"' - 'now its "%s"' % (component_name, parameter_name, - component_value, value))) - - -@step(r'Which package version do I use?') -def component_versions_list(self): - for component in world.openstack.components: - component.report_issue(Issue(Issue.INFO, "%s component has % version" % - (component.name, - component.version))) diff --git a/rubick/inspections/lettuce/version.feature b/rubick/inspections/lettuce/version.feature deleted file mode 100644 index 5fe2dce..0000000 --- a/rubick/inspections/lettuce/version.feature +++ /dev/null @@ -1,4 +0,0 @@ -Feature: OpenStack component version finding - - Scenario: All component version finding - Then Which package version do I use? \ No newline at end of file diff --git a/rubick/inspections/lettuce_runner.py b/rubick/inspections/lettuce_runner.py deleted file mode 100644 index 0d2963b..0000000 --- a/rubick/inspections/lettuce_runner.py +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -import os.path - -import lettuce -import lettuce.fs - -from rubick.common import Inspection, Rule, Issue - - -class LettuceRunnerInspection(Inspection): - base_path = os.path.join(os.path.dirname(__file__), 'lettuce') - - @classmethod - def rules(klass): - rules = [] - - loader = lettuce.fs.FeatureLoader(klass.base_path) - for path in loader.find_feature_files(): - feature = lettuce.Feature.from_file(path) - for scenario in feature.scenarios: - rules.append(Rule(scenario.name, - "\n".join(scenario.remaining_lines))) - return rules - - def inspect(self, openstack): - runner = lettuce.Runner(base_path=self.base_path) - - lettuce.world.openstack = openstack - result = runner.run() - del lettuce.world.openstack - - for feature_result in result.feature_results: - for scenario_result in feature_result.scenario_results: - if scenario_result.passed: - continue - - for step in scenario_result.steps_undefined: - openstack.report_issue( - Issue(Issue.ERROR, 'Undefined step "%s"' % - step.sentence)) diff --git a/rubick/json.py b/rubick/json.py deleted file mode 100644 index 8090207..0000000 --- a/rubick/json.py +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -__all__ = ['openstack_for_json'] - - -def json_issues(issues): - return [str(issue) for issue in issues] - - -def json_component(component): - result = dict(type='component', name=component.name) - - if hasattr(component, 'version'): - result['version'] = component.version - - if len(component.all_issues) > 0: - result['issues'] = json_issues(component.all_issues) - - return result - - -def json_host(host): - result = dict(type='host', name=host.name, - addresses=host.network_addresses, - components=[json_component(c) for c in host.components]) - if len(host.issues) > 0: - result['issues'] = json_issues(host.issues) - - return result - - -def json_openstack(openstack): - result = dict(type='openstack', - hosts=[json_host(host) for host in openstack.hosts]) - if len(openstack.issues) > 0: - result['issues'] = json_issues(openstack.issues) - - return result - - -def openstack_for_json(openstack): - return json_openstack(openstack) diff --git a/rubick/main.py b/rubick/main.py deleted file mode 100644 index 398d2fa..0000000 --- a/rubick/main.py +++ /dev/null @@ -1,60 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -import argparse -import logging -import sys - - -from rubick.inspection import MainConfigValidationInspection -from rubick.model_parser import ModelParser - - -def main(args): - parser = argparse.ArgumentParser() - parser.add_argument( - '-d', - '--debug', - help='set debug log level', - action='store_true') - parser.add_argument('path', help='Path to config snapshot') - - args = parser.parse_args(args) - - if args.debug: - logging.basicConfig(level=logging.DEBUG) - else: - logging.basicConfig(level=logging.WARN) - - model_parser = ModelParser() - - print('Analyzing configs in "%s"' % args.path) - - model = model_parser.parse(args.path) - - inspections = [MainConfigValidationInspection()] - - issues = [] - for inspection in inspections: - issues.extend(inspection.inspect(model)) - - if len(issues) == 0: - print('No issues found') - else: - print('Found issues:') - for issue in issues: - print(issue) - - -if __name__ == '__main__': - main(sys.argv[1:]) diff --git a/rubick/model.py b/rubick/model.py deleted file mode 100644 index 47e70a6..0000000 --- a/rubick/model.py +++ /dev/null @@ -1,451 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -from itertools import groupby -import logging - -from rubick.common import Mark, Issue, MarkedIssue, Version -from rubick.config_formats import IniConfigParser -from rubick.config_model import Configuration -from rubick.schema import ConfigSchemaRegistry -from rubick.utils import memoized - - -class IssueReporter(object): - - def __init__(self): - super(IssueReporter, self).__init__() - self.issues = [] - - def report_issue(self, issue): - if issue not in self.issues: - issue.subject = self - self.issues.append(issue) - - @property - def all_issues(self): - return list(self.issues) - - -class Resource(IssueReporter): - pass - - -class Openstack(Resource): - - def __init__(self): - super(Openstack, self).__init__() - self.hosts = [] - - def add_host(self, host): - if not host: - return - - self.hosts.append(host) - host.parent = self - - @property - def all_issues(self): - result = super(Openstack, self).all_issues - - for host in self.hosts: - result.extend(host.all_issues) - - return result - - @property - def components(self): - components = [] - for host in self.hosts: - components.extend(host.components) - - return components - - -class HostResource(Resource): - - def __init__(self, name): - super(HostResource, self).__init__() - self.name = name - self.components = [] - self.filesystem = {} - - def __str__(self): - return 'Host "%s"' % self.name - - def add_component(self, component): - if not component: - return - - self.components.append(component) - component.parent = self - - def add_fs_resource(self, resource): - if not resource: - return - - self.filesystem[resource.path] = resource - resource.parent = self - - @property - def openstack(self): - return self.parent - - @property - def all_issues(self): - result = super(HostResource, self).all_issues - - for component in self.components: - result.extend(component.all_issues) - - return result - - -class ProcessResource(Resource): - - def __init__(self, pid, cmdline, cwd): - super(ProcessResource, self).__init__() - self.pid = pid - self.cmdline = cmdline - self.cwd = cwd - - -class Service(Resource): - - def __init__(self): - super(Service, self).__init__() - self.issues = [] - - def report_issue(self, issue): - self.issues.append(issue) - - @property - def host(self): - return self.parent - - @property - def openstack(self): - return self.host.openstack - - @property - def all_issues(self): - result = super(Service, self).all_issues - - if hasattr(self, 'config_files') and self.config_files: - [result.extend(config_file.all_issues) - for config_file in self.config_files] - - return result - - def __str__(self): - return 'Service "%s"' % self.name - - -class OpenstackComponent(Service): - logger = logging.getLogger('rubick.model.openstack_component') - component = None - - @property - @memoized - def config(self): - schema = ConfigSchemaRegistry.get_schema(self.component, self.version) - if not schema: - self.logger.debug( - 'No schema for component "%s" main config version %s. ' - 'Using untyped parameters (everything is string)' % - (self.component, self.version)) - - return self._parse_config_resources(self.config_files, schema) - - def _parse_config_resources(self, resources, schema=None): - config = Configuration(schema) - - # Apply defaults - if schema: - for parameter in filter(lambda p: p.default, schema.parameters): - if not parameter.section or parameter.section == 'DEFAULT': - config.set_default(parameter.name, parameter.default) - else: - config.set_default( - '%s.%s' % - (parameter.section, parameter.name), parameter.default) - - for resource in reversed(resources): - self._parse_config_file( - Mark(resource.path), resource.contents, config, schema, - issue_reporter=resource) - - return config - - def _parse_config_file(self, base_mark, config_contents, - config=Configuration(), schema=None, - issue_reporter=None): - if issue_reporter: - def report_issue(issue): - issue_reporter.report_issue(issue) - else: - def report_issue(issue): - pass - - # Parse config file - config_parser = IniConfigParser() - parsed_config = config_parser.parse('', base_mark, config_contents) - for error in parsed_config.errors: - report_issue(error) - - # Validate config parameters and store them - section_name_text_f = lambda s: s.name.text - sections_by_name = groupby( - sorted( - parsed_config.sections, - key=section_name_text_f), - key=section_name_text_f) - - for section_name, sections in sections_by_name: - sections = list(sections) - - if len(sections) > 1: - report_issue( - Issue( - Issue.INFO, - 'Section "%s" appears multiple times' % - section_name)) - - seen_parameters = set() - - for section in sections: - unknown_section = False - if schema: - unknown_section = not schema.has_section(section.name.text) - - if unknown_section: - report_issue( - MarkedIssue(Issue.WARNING, 'Unknown section "%s"' % - (section_name), section.start_mark)) - continue - - for parameter in section.parameters: - parameter_schema = None - if schema: - parameter_schema = schema.get_parameter( - name=parameter.name.text, - section=section.name.text) - if not (parameter_schema or unknown_section): - report_issue( - MarkedIssue( - Issue.WARNING, - 'Unknown parameter: section "%s" name "%s"' - % (section_name, parameter.name.text), - parameter.start_mark)) - - if parameter.name.text in seen_parameters: - report_issue( - MarkedIssue( - Issue.WARNING, - 'Parameter "%s" in section "%s" redeclared' % - (parameter.name.text, section_name), - parameter.start_mark)) - else: - seen_parameters.add(parameter.name.text) - - parameter_fullname = parameter.name.text - if section_name != 'DEFAULT': - parameter_fullname = section_name + \ - '.' + parameter_fullname - - config.set(parameter_fullname, parameter.value.text) - - validation_error = config.validate(parameter_fullname) - if validation_error: - validation_error.mark = parameter\ - .value.start_mark.merge(validation_error.mark) - validation_error.message = \ - 'Property "%s" in section "%s": %s' % ( - parameter.name.text, section_name, - validation_error.message) - report_issue(validation_error) - - if (parameter_schema and - parameter_schema.deprecation_message): - report_issue( - MarkedIssue( - Issue.WARNING, - 'Deprecated parameter: section "%s" name ' - '"%s". %s' % - (section_name, parameter.name.text, - parameter_schema.deprecation_message), - parameter.start_mark)) - - return config - - -class KeystoneComponent(OpenstackComponent): - component = 'keystone' - name = 'keystone' - - -class NovaApiComponent(OpenstackComponent): - component = 'nova' - name = 'nova-api' - - @property - @memoized - def paste_config(self): - return self._parse_config_resources([self.paste_config_file]) - - @property - def all_issues(self): - result = super(NovaApiComponent, self).all_issues - - if hasattr(self, 'paste_config_file') and self.paste_config_file: - result.extend(self.paste_config_file.all_issues) - - return result - - -class NovaComputeComponent(OpenstackComponent): - component = 'nova' - name = 'nova-compute' - - -class NovaSchedulerComponent(OpenstackComponent): - component = 'nova' - name = 'nova-scheduler' - - -class CinderApiComponent(OpenstackComponent): - component = 'cinder' - name = 'cinder-api' - - -class CinderVolumeComponent(OpenstackComponent): - component = 'cinder' - name = 'cinder-volume' - - -class CinderSchedulerComponent(OpenstackComponent): - component = 'cinder' - name = 'cinder-scheduler' - - -class MysqlComponent(Service): - component = 'mysql' - name = 'mysql' - - -class RabbitMqComponent(Service): - name = 'rabbitmq' - - @property - @memoized - def config(self): - config = Configuration() - schema = ConfigSchemaRegistry.get_schema('rabbitmq', Version(1000000)) - if schema: - for parameter in schema.parameters: - if not parameter.default: - continue - - config.set_default(parameter.name, parameter.default) - else: - print("RabbitMQ schema not found") - - return config - - -class GlanceApiComponent(OpenstackComponent): - component = 'glance_api' - name = 'glance-api' - - -class GlanceRegistryComponent(OpenstackComponent): - component = 'glance_registry' - name = 'glance-registry' - - -class NeutronServerComponent(OpenstackComponent): - component = 'neutron_server' - name = 'neutron-server' - - -class NeutronOpenvswitchAgentComponent(OpenstackComponent): - component = 'neutron_openvswitch_agent' - name = 'neutron-openvswitch-agent' - - -class NeutronDhcpAgentComponent(OpenstackComponent): - component = 'neutron_dhcp_agent' - name = 'neutron-dhcp-agent' - - -class NeutronL3AgentComponent(OpenstackComponent): - component = 'neutron_l3_agent' - name = 'neutron-l3-agent' - - -class NeutronMetadataAgentComponent(OpenstackComponent): - component = 'neutron_metadata_agent' - name = 'neutron-metadata-agent' - - -class SwiftProxyServerComponent(OpenstackComponent): - component = 'swift_proxy_server' - name = 'swift-proxy-server' - - -class SwiftContainerServerComponent(OpenstackComponent): - component = 'swift_container_server' - name = 'swift-container-server' - - -class SwiftAccountServerComponent(OpenstackComponent): - component = 'swift_account_server' - name = 'swift-account-server' - - -class SwiftObjectServerComponent(OpenstackComponent): - component = 'swift_object_server' - name = 'swift-object-server' - - -class FileSystemResource(Resource): - def __init__(self, path, owner, group, permissions): - super(FileSystemResource, self).__init__() - self.path = path - self.owner = owner - self.group = group - self.permissions = permissions - - def __str__(self): - return '%s "%s"' % ( - self.__class__.__name__.split('.')[-1].replace('Resource', ''), - self.path) - - def __repr__(self): - return ( - '%s(path=%s, owner=%s, group=%s, permissions=%s)' % - (self.__class__.__name__.split('.')[-1], repr(self.path), - repr(self.owner), repr(self.group), repr(self.permissions)) - ) - - -class FileResource(FileSystemResource): - - def __init__(self, path, contents, owner, group, permissions): - super(FileResource, self).__init__( - path, owner, group, permissions) - self.contents = contents - - -class DirectoryResource(FileSystemResource): - pass diff --git a/rubick/schema.py b/rubick/schema.py deleted file mode 100644 index 8b75cc6..0000000 --- a/rubick/schema.py +++ /dev/null @@ -1,614 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -import os.path -import re -import yaml - -from rubick.common import Issue, MarkedIssue, Mark, Version, find, index -from rubick.exceptions import RubickException - - -class SchemaError(RubickException): - pass - - -class ConfigSchemaLoader(object): - db_path = os.path.join(os.path.dirname(__file__), 'schemas') - - def load(self, project, configname): - path = os.path.join(self.db_path, project, configname + '.yml') - if not os.path.exists(path): - return None - - with open(path) as f: - records = yaml.load(f.read()) - - return records - - -class ConfigSchemaRegistry: - @classmethod - def get_schema(self, project, version, configname=None, schema_loader=ConfigSchemaLoader()): - if not configname: - configname = '%s.conf' % project - fullname = '%s/%s' % (project, configname) - version = Version(version) - - records = schema_loader.load(project, configname) - if not records: - return None - - i = len(records) - 1 - # Find latest checkpoint prior given version - while i >= 0 and not (records[i].get('checkpoint', False) - and Version(records[i]['version']) <= version): - i -= 1 - - if i < 0: - if Version(records[0]['version']) > version: - # Reached the earliest record yet haven't found version - return None - - # Haven't found checkpoint but yearliest version is less than given - # Assuming first record is checkpoint - i = 0 - - parameters = [] - seen_parameters = set() - last_version = None - - while i < len(records) and Version(records[i]['version']) <= version: - last_version = records[i]['version'] - for param_data in records[i].get('added', []): - name = param_data['name'] - section = None - if '.' in name: - section, name = name.split('.', 1) - - param = ConfigParameterSchema( - name, param_data['type'], section=section, - type_args=param_data.get('type_args', {}), - default=param_data.get('default', None), - description=param_data.get('help', None), - required=param_data.get('required', False), - deprecation_message=param_data.get('deprecated', None)) - - if param.name in seen_parameters: - old_param_index = index( - parameters, - lambda p: p.name == param.name) - if old_param_index != -1: - parameters[old_param_index] = param - else: - parameters.append(param) - seen_parameters.add(param.name) - for param_name in records[i].get('removed', []): - param_index = index( - parameters, - lambda p: p.name == param_name) - if index != -1: - parameters.pop(param_index) - seen_parameters.discard(param_name) - i += 1 - - return ConfigSchema(fullname, last_version, 'ini', parameters) - - -def param_fullname(name, section=None): - fullname = name - if section and section != 'DEFAULT': - fullname = '%s.%s' % (section, name) - - return fullname - - -class ConfigSchema: - - def __init__(self, name, version, format, parameters): - self.name = name - self.version = Version(version) - self.format = format - self.parameters = parameters - self._parameterByName = {} - for param in self.parameters: - self._parameterByName[param.fullname] = param - - def has_section(self, section): - return ( - find(self.parameters, lambda p: p.section == section) is not None - ) - - def get_parameter(self, name, section=None): - fullname = param_fullname(name, section) - - return self._parameterByName.get(fullname, None) - - def __len__(self): - return len(self.parameters) - - def __iter__(self): - for param in self.parameters: - yield param - - def __getitem__(self, key): - return self.get_parameter(key) - - def __contains__(self, item): - return item in self._parameterByName - - def __repr__(self): - return ('' % - (self.name, self.version, self.format, self.parameters)) - - -class ConfigParameterSchema: - - def __init__(self, name, type, type_args={}, section=None, description=None, - default=None, required=False, deprecation_message=None): - self.section = section or 'DEFAULT' - self.name = name - self.type = type - self.type_args = type_args - self.fullname = param_fullname(name, section) - self.description = description - self.default = default - self.required = required - self.deprecation_message = deprecation_message - - def __repr__(self): - return ( - '' % ' '.join( - ['%s=%s' % (attr, getattr(self, attr)) - for attr in ['section', 'name', 'type', 'description', - 'default', 'required']]) - ) - - -class TypeValidatorRegistry: - __validators = {} - __default_validator = None - - @classmethod - def register_validator(self, type_name, type_validator, default=False): - self.__validators[type_name] = type_validator - if default: - self.__default_validator = type_name - - @classmethod - def get_validator(self, name): - return self.__validators.get( - name, self.__validators[self.__default_validator]) - - -class SchemaIssue(Issue): - - def __init__(self, message): - super(SchemaIssue, self).__init__(Issue.ERROR, message) - - -class InvalidValueError(MarkedIssue): - - def __init__(self, message, mark=Mark('', 0, 0)): - super(InvalidValueError, self).__init__( - Issue.ERROR, 'Invalid value: ' + message, mark) - - -class TypeValidator(object): - - def __init__(self, base_type, f): - super(TypeValidator, self).__init__() - self.base_type = base_type - self.f = f - - def validate(self, value, **kwargs): - if value is None: - return value - return getattr(self, 'f')(value, **kwargs) - - -def type_validator(name, base_type=None, default=False, **kwargs): - if not base_type: - base_type = name - - def wrap(fn): - def wrapped(s, **immediate_kwargs): - return fn(s, **dict(kwargs, **immediate_kwargs)) - o = TypeValidator(base_type, wrapped) - TypeValidatorRegistry.register_validator(name, o, default=default) - return fn - - return wrap - - -def isissue(o): - return isinstance(o, Issue) - - -@type_validator('boolean') -def validate_boolean(s): - if isinstance(s, bool): - return s - - s = s.lower() - if s == 'true': - return True - elif s == 'false': - return False - else: - return InvalidValueError('Value should be "true" or "false"') - - -@type_validator('enum') -def validate_enum(s, values=[]): - if s in values: - return None - if len(values) == 0: - message = 'There should be no value, but found %s' % repr(s) - elif len(values) == 1: - message = 'The only valid value is "%s", but found "%s"' % ( - repr(values[0]), repr(s)) - else: - message = 'Valid values are %s and %s, but found %s' % ( - ', '.join([repr(v) for v in values[:-1]]), - repr(values[-1]), repr(s)) - return InvalidValueError('%s' % message) - - -def validate_ipv4_address(s): - s = s.strip() - parts = s.split('.') - if len(parts) == 4: - if all([all([c.isdigit() for c in part]) for part in parts]): - parts = [int(part) for part in parts] - if all([part < 256 for part in parts]): - return '.'.join([str(part) for part in parts]) - - return InvalidValueError('Value should be ipv4 address') - - -def validate_ipv4_network(s): - s = s.strip() - parts = s.split('/') - if len(parts) != 2: - return ( - InvalidValueError( - 'Should have "/" character separating address and prefix ' - 'length') - ) - - address, prefix = parts - prefix = prefix.strip() - - if prefix.strip() == '': - return InvalidValueError('Prefix length is required') - - address = validate_ipv4_address(address) - if isissue(address): - return address - - if not all([c.isdigit() for c in prefix]): - return InvalidValueError('Prefix length should be an integer') - - prefix = int(prefix) - if prefix > 32: - return ( - InvalidValueError( - 'Prefix length should be less than or equal to 32') - ) - - return '%s/%d' % (address, prefix) - - -def validate_host_label(s): - if len(s) == 0: - return InvalidValueError( - 'Host label should have at least one character') - - if not s[0].isalpha(): - return InvalidValueError( - 'Host label should start with a letter, but it starts with ' - '"%s"' % s[0]) - - if len(s) == 1: - return s - - if not (s[-1].isdigit() or s[-1].isalpha()): - return InvalidValueError( - 'Host label should end with letter or digit, but it ends ' - 'with "%s"' % - s[-1], Mark('', 0, len(s) - 1)) - - if len(s) == 2: - return s - - for i, c in enumerate(s[1:-1]): - if not (c.isalpha() or c.isdigit() or c == '-'): - return InvalidValueError( - 'Host label should contain only letters, digits or hypens,' - ' but it contains "%s"' % - c, Mark('', 0, i + 1)) - - return s - - -@type_validator('host', base_type='string') -@type_validator('host_address', base_type='string') -@type_validator('old_network', base_type='string') -def validate_host_address(s): - result = validate_ipv4_address(s) - if not isissue(result): - return result - - offset = len(s) - len(s.lstrip()) - - parts = s.strip().split('.') - part_offset = offset - labels = [] - for part in parts: - host_label = validate_host_label(part) - if isissue(host_label): - return host_label.offset_by(Mark('', 0, part_offset)) - - part_offset += len(part) + 1 - labels.append(host_label) - - return '.'.join(labels) - - -@type_validator('network', base_type='string') -@type_validator('network_address', base_type='string') -def validate_network_address(s): - return validate_ipv4_network(s) - - -@type_validator('network_mask', base_type='string') -def validate_network_mask(s): - # TODO(someone): implement proper checking - result = validate_ipv4_address(s) - if isissue(result): - return result - - parts = [int(p) for p in result.split('.', 3)] - - x = index(parts, lambda p: p != 255) - if x == -1: - return result - - if parts[x] not in [0, 128, 192, 224, 240, 248, 252, 254]: - return InvalidValueError('Invalid netmask') - - x += 1 - while x < 4: - if parts[x] != 0: - return InvalidValueError('Invalid netmask') - - return result - - -@type_validator('host_and_port', base_type='string') -def validate_host_and_port(s, default_port=None): - parts = s.strip().split(':', 2) - - host_address = validate_host_address(parts[0]) - if isissue(host_address): - return host_address - - if len(parts) == 2: - port = validate_port(parts[1]) - if isissue(port): - return port - elif default_port: - port = default_port - else: - return InvalidValueError('No port specified') - - return (host_address, port) - - -@type_validator('string', base_type='string', default=True) -@type_validator('list', base_type='list') -@type_validator('multi', base_type='multi') -@type_validator('file', base_type='string') -@type_validator('directory', base_type='string') -@type_validator('host_v6', base_type='string') -def validate_string(s): - return s - - -@type_validator('regex', base_type='string') -@type_validator('regexp', base_type='string') -def validate_regex(s): - try: - re.compile(s) - except re.error as e: - return InvalidValueError(str(e)) - - return s - - -@type_validator('integer') -def validate_integer(s, min=None, max=None): - if isinstance(s, int): - return s - - leading_whitespace_len = 0 - while leading_whitespace_len < len(s) \ - and s[leading_whitespace_len].isspace(): - leading_whitespace_len += 1 - - s = s.strip() - if s == '': - return InvalidValueError('Should not be empty') - - for i, c in enumerate(s): - if not c.isdigit() and not ((c == '-') and (i == 0)): - return ( - InvalidValueError( - 'Only digits are allowed, but found char "%s"' % - c, Mark('', 1, i + 1 + leading_whitespace_len)) - ) - - v = int(s) - if min and v < min: - return ( - InvalidValueError( - 'Should be greater than or equal to %d' % - min, Mark('', 1, leading_whitespace_len)) - ) - if max and v > max: - return ( - InvalidValueError( - 'Should be less than or equal to %d' % - max, Mark('', 1, leading_whitespace_len)) - ) - - return v - - -@type_validator('file_mode') -def validate_file_mode(s): - return validate_integer(s) - - -@type_validator('float') -def validate_float(s): - if isinstance(s, float): - return s - - # TODO(someone): Implement proper validation - return float(s) - - -@type_validator('port', base_type='integer') -def validate_port(s, min=1, max=65535): - return validate_integer(s, min=min, max=max) - - -def validate_list(s, element_type): - if isinstance(s, list): - return s - - element_type_validator = TypeValidatorRegistry.get_validator(element_type) - if not element_type_validator: - return SchemaIssue('Invalid element type "%s"' % element_type) - - result = [] - s = s.strip() - - if s == '': - return result - - values = s.split(',') - while len(values) > 0: - value = values.pop(0) - while True: - validated_value = element_type_validator.validate(value.strip()) - if not isinstance(validated_value, Issue): - break - - if len(values) == 0: - # TODO(someone): provide better position reporting - return validated_value - - value += ',' + values.pop() - - result.append(validated_value) - - return result - - -@type_validator('string_list', base_type='list') -def validate_string_list(s): - return validate_list(s, element_type='string') - - -@type_validator('string_dict', base_type='multi') -def validate_dict(s, element_type='string'): - if isinstance(s, dict): - return s - - element_type_validator = TypeValidatorRegistry.get_validator(element_type) - if not element_type_validator: - return SchemaIssue('Invalid element type "%s"' % element_type) - - result = {} - s = s.strip() - - if s == '': - return result - - pairs = s.split(',') - for pair in pairs: - key_value = pair.split(':', 2) - if len(key_value) < 2: - return ( - InvalidValueError( - 'Value should be NAME:VALUE pairs separated by ","') - ) - - key, value = key_value - key = key.strip() - value = value.strip() - - if key == '': - # TODO(someone): provide better position reporting - return InvalidValueError('Key name should not be empty') - - validated_value = element_type_validator.validate(value) - if isinstance(validated_value, Issue): - # TODO(someone): provide better position reporting - return validated_value - result[key] = validated_value - return result - - -@type_validator('rabbitmq_bind', base_type='string') -def validate_rabbitmq_bind(s): - m = re.match('\d+', s) - if m: - port = validate_port(s) - if isinstance(port, Issue): - return port - - return ('0.0.0.0', port) - - m = re.match('{\s*\"(.+)\"\s*,\s*(\d+)\s*}', s) - if m: - host = validate_host_address(m.group(1)) - port = validate_port(m.group(2)) - - if isinstance(host, Issue): - return host - - if isinstance(port, Issue): - return port - - return (host, port) - - return SchemaIssue("Unrecognized bind format") - - -def validate_rabbitmq_list(s, element_type): - if isinstance(s, list): - return s - - if not (s.startswith('[') and s.endswith(']')): - return SchemaIssue('List should be surrounded by [ and ]') - - return validate_list(s[1:-1], element_type=element_type) - - -@type_validator('rabbitmq_bind_list', base_type='list') -def validate_rabbitmq_bind_list(s): - return validate_rabbitmq_list(s, element_type='rabbitmq_bind') diff --git a/rubick/schemas/__init__.py b/rubick/schemas/__init__.py deleted file mode 100644 index e69de29..0000000 diff --git a/rubick/schemas/cinder/2013.1.3.yml b/rubick/schemas/cinder/2013.1.3.yml deleted file mode 100644 index eda886b..0000000 --- a/rubick/schemas/cinder/2013.1.3.yml +++ /dev/null @@ -1,1889 +0,0 @@ -project: cinder -version: '2013.1.3' -parameters: - - - name: fatal_exception_format_errors - type: boolean - default: false - help: 'make exception message format errors fatal' - - - name: policy_file - type: string - default: 'policy.json' - help: 'JSON file representing policy' - - - name: policy_default_rule - type: string - default: 'default' - help: 'Rule checked when requested rule is not found' - - - name: quota_volumes - type: integer - default: 10 - help: 'number of volumes allowed per project' - - - name: quota_snapshots - type: integer - default: 10 - help: 'number of volume snapshots allowed per project' - - - name: quota_gigabytes - type: integer - default: 1000 - help: 'number of volume gigabytes' - - - name: reservation_expire - type: integer - default: 86400 - help: 'number of seconds until a reservation expires' - - - name: until_refresh - type: integer - default: 0 - help: 'count of reservations until usage is refreshed' - - - name: max_age - type: integer - default: 0 - help: 'number of seconds between subsequent usage refreshes' - - - name: quota_driver - type: string - default: 'cinder_2013_1_3.quota.DbQuotaDriver' - help: 'default driver to use for quota checks' - - - name: use_default_quota_class - type: boolean - default: true - help: 'whether to use default quota class for default quota' - - - name: report_interval - type: integer - default: 10 - help: 'seconds between nodes reporting state to datastore' - - - name: periodic_interval - type: integer - default: 60 - help: 'seconds between running periodic tasks' - - - name: periodic_fuzzy_delay - type: integer - default: 60 - help: 'range of seconds to randomly delay when starting the periodic task scheduler to reduce stampeding.' - - - name: osapi_volume_listen - type: string - default: '0.0.0.0' - help: 'IP address for OpenStack Volume API to listen' - - - name: osapi_volume_listen_port - type: integer - default: 8776 - help: 'port for os volume api to listen' - - - name: sqlite_clean_db - type: string - default: 'clean.sqlite' - help: 'File name of clean sqlite db' - - - name: fake_tests - type: boolean - default: true - help: 'should we use everything for testing' - - - name: backlog - type: integer - default: 4096 - help: 'Number of backlog requests to configure the socket with' - - - name: tcp_keepidle - type: integer - default: 600 - help: 'Sets the value of TCP_KEEPIDLE in seconds for each server socket. Not supported on OS X.' - - - name: ssl_ca_file - type: string - default: ~ - help: 'CA certificate file to use to verify connecting clients' - - - name: ssl_cert_file - type: string - default: ~ - help: 'Certificate file to use when starting the server securely' - - - name: ssl_key_file - type: string - default: ~ - help: 'Private key file to use when starting the server securely' - - - name: osapi_max_limit - type: integer - default: 1000 - help: 'the maximum number of items returned in a single response from a collection resource' - - - name: osapi_volume_base_URL - type: string - default: ~ - help: 'Base URL that will be presented to users in links to the OpenStack Volume API' - - - name: use_forwarded_for - type: boolean - default: false - help: 'Treat X-Forwarded-For as the canonical remote address. Only enable this if you have a sanitizing proxy.' - - - name: osapi_max_request_body_size - type: integer - default: 114688 - help: 'Max size for body of a request' - - - name: backup_ceph_conf - type: string - default: '/etc/ceph/ceph.conf' - help: 'Ceph config file to use.' - - - name: backup_ceph_user - type: string - default: 'cinder' - help: 'the Ceph user to connect with' - - - name: backup_ceph_chunk_size - type: integer - default: 134217728 - help: 'the chunk size in bytes that a backup will be broken into before transfer to backup store' - - - name: backup_ceph_pool - type: string - default: 'backups' - help: 'the Ceph pool to backup to' - - - name: backup_ceph_stripe_unit - type: integer - default: 0 - help: 'RBD stripe unit to use when creating a backup image' - - - name: backup_ceph_stripe_count - type: integer - default: 0 - help: 'RBD stripe count to use when creating a backup image' - - - name: restore_discard_excess_bytes - type: boolean - default: true - help: 'If True, always discard excess bytes when restoring volumes.' - - - name: backup_swift_url - type: string - default: 'http://localhost:8080/v1/AUTH_' - help: 'The URL of the Swift endpoint' - - - name: backup_swift_auth - type: string - default: 'per_user' - help: 'Swift authentication mechanism' - - - name: backup_swift_user - type: string - default: ~ - help: 'Swift user name' - - - name: backup_swift_key - type: string - default: ~ - help: 'Swift key for authentication' - - - name: backup_swift_container - type: string - default: 'volumebackups' - help: 'The default Swift container to use' - - - name: backup_swift_object_size - type: integer - default: 52428800 - help: 'The size in bytes of Swift backup objects' - - - name: backup_swift_retry_attempts - type: integer - default: 3 - help: 'The number of retries to make for Swift operations' - - - name: backup_swift_retry_backoff - type: integer - default: 2 - help: 'The backoff time in seconds between Swift retries' - - - name: backup_compression_algorithm - type: string - default: 'zlib' - help: 'Compression algorithm' - - - name: backup_tsm_volume_prefix - type: string - default: 'backup' - help: 'Volume prefix for the backup id when backing up to TSM' - - - name: backup_tsm_password - type: string - default: 'password' - help: 'TSM password for the running username' - - - name: backup_tsm_compression - type: boolean - default: true - help: 'Enable or Disable compression for backups' - - - name: backup_driver - type: string - default: 'cinder_2013_1_3.backup.drivers.swift_proxy_server' - help: 'Driver to use for backups.' - - - name: num_volume_device_scan_tries - type: integer - default: 3 - help: 'The maximum number of times to rescan targetsto find volume' - - - name: iscsi_helper - type: string - default: 'tgtadm' - help: 'iscsi target user-land tool to use' - - - name: volumes_dir - type: string - default: '$state_path/volumes' - help: 'Volume configuration file storage directory' - - - name: iet_conf - type: string - default: '/etc/iet/ietd.conf' - help: 'IET configuration file' - - - name: lio_initiator_iqns - type: string - default: '' - help: 'Comma-separatd list of initiator IQNs allowed to connect to the iSCSI target.' - - - name: iscsi_iotype - type: string - default: 'fileio' - help: 'Sets the behavior of the iSCSI target to either perform blockio or fileio optionally, auto can be set and Cinder will autodetect type of backing device' - - - name: iser_helper - type: string - default: 'tgtadm' - help: 'iser target user-land tool to use' - - - name: nfs_mount_point_base - type: string - default: '$state_path/mnt' - help: 'Base dir containing mount points for nfs shares' - - - name: nfs_mount_options - type: string - default: ~ - help: 'Mount options passed to the nfs client. See section of the nfs man page for details' - - - name: glusterfs_mount_point_base - type: string - default: '$state_path/mnt' - help: 'Base dir containing mount points for gluster shares' - - - name: connection_type - type: string - default: ~ - help: 'Virtualization api connection type : libvirt, xenapi, or fake' - - - name: api_paste_config - type: string - default: 'api-paste.ini' - help: 'File name for the paste.deploy config for cinder-api' - - - name: pybasedir - type: string - default: '/usr/lib/python/site-packages' - help: 'Directory where the cinder python module is installed' - - - name: bindir - type: string - default: '$pybasedir/bin' - help: 'Directory where cinder binaries are installed' - - - name: state_path - type: string - default: '$pybasedir' - help: "Top-level directory for maintaining cinder's state" - - - name: my_ip - type: string - default: '10.0.0.1' - help: 'ip address of this host' - - - name: glance_host - type: string - default: '$my_ip' - help: 'default glance hostname or ip' - - - name: glance_port - type: integer - default: 9292 - help: 'default glance port' - - - name: glance_api_servers - type: list - default: '$glance_host:$glance_port' - help: 'A list of the glance api servers available to cinder' - - - name: glance_api_version - type: integer - default: 1 - help: 'Version of the glance api to use' - - - name: glance_num_retries - type: integer - default: 0 - help: 'Number retries when downloading an image from glance' - - - name: glance_api_insecure - type: boolean - default: false - help: 'Allow to perform insecure SSL' - - - name: glance_api_ssl_compression - type: boolean - default: false - help: 'Whether to attempt to negotiate SSL layer compression when using SSL' - - - name: glance_request_timeout - type: integer - default: ~ - help: 'http/https timeout value for glance operations. If no value' - - - name: scheduler_topic - type: string - default: 'cinder-scheduler' - help: 'the topic scheduler nodes listen on' - - - name: volume_topic - type: string - default: 'cinder-volume' - help: 'the topic volume nodes listen on' - - - name: backup_topic - type: string - default: 'cinder-backup' - help: 'the topic volume backup nodes listen on' - - - name: enable_v1_api - type: boolean - default: true - help: 'Deploy v1 of the Cinder API. ' - - - name: enable_v2_api - type: boolean - default: true - help: 'Deploy v2 of the Cinder API. ' - - - name: api_rate_limit - type: boolean - default: true - help: 'whether to rate limit the api' - - - name: osapi_volume_ext_list - type: list - default: '' - help: 'Specify list of extensions to load when using osapi_volume_extension option with cinder_2013_1_3.api.contrib.select_extensions' - - - name: osapi_volume_extension - type: multi - default: 'cinder_2013_1_3.api.contrib.standard_extensions' - help: 'osapi volume extension to load' - - - name: volume_manager - type: string - default: 'cinder_2013_1_3.volume.manager.VolumeManager' - help: 'full class name for the Manager for volume' - - - name: backup_manager - type: string - default: 'cinder_2013_1_3.backup.manager.BackupManager' - help: 'full class name for the Manager for volume backup' - - - name: scheduler_manager - type: string - default: 'cinder_2013_1_3.scheduler.manager.SchedulerManager' - help: 'full class name for the Manager for scheduler' - - - name: host - type: string - default: '127.0.0.1' - help: 'Host to locate redis' - - - name: storage_availability_zone - type: string - default: 'nova' - help: 'availability zone of this node' - - - name: default_availability_zone - type: string - default: ~ - help: 'default availability zone to use when creating a new volume. If this is not set then we use the value from the storage_availability_zone option as the default availability_zone for new volumes.' - - - name: memcached_servers - type: list - default: ~ - help: 'Memcached servers or None for in process cache.' - - - name: default_volume_type - type: string - default: ~ - help: 'default volume type to use' - - - name: volume_usage_audit_period - type: string - default: 'month' - help: 'time period to generate volume usages for. Time period must be hour, day, month or year' - - - name: root_helper - type: string - default: 'sudo' - help: 'Deprecated: command to use for running commands as root' - - - name: rootwrap_config - type: string - default: '/etc/cinder/rootwrap.conf' - help: 'Path to the rootwrap configuration file to use for running commands as root' - - - name: monkey_patch - type: boolean - default: false - help: 'Enable monkey patching' - - - name: monkey_patch_modules - type: list - default: '' - help: 'List of modules/decorators to monkey patch' - - - name: service_down_time - type: integer - default: 60 - help: 'maximum time since last check-in for up service' - - - name: volume_api_class - type: string - default: 'cinder_2013_1_3.volume.api.API' - help: 'The full class name of the volume API class to use' - - - name: backup_api_class - type: string - default: 'cinder_2013_1_3.backup.api.API' - help: 'The full class name of the volume backup API class' - - - name: auth_strategy - type: string - default: 'noauth' - help: 'The strategy to use for auth. Supports noauth, keystone, and deprecated.' - - - name: enabled_backends - type: list - default: ~ - help: 'A list of backend names to use. These backend names should be backed by a unique [CONFIG] group with its options' - - - name: no_snapshot_gb_quota - type: boolean - default: false - help: 'Whether snapshots count against GigaByte quota' - - - name: transfer_api_class - type: string - default: 'cinder_2013_1_3.transfer.api.API' - help: 'The full class name of the volume transfer API class' - - - name: compute_api_class - type: string - default: 'cinder_2013_1_3.compute.nova.API' - help: 'The full class name of the compute API class to use' - - - name: nova_catalog_info - type: string - default: 'compute:nova:publicURL' - help: 'Info to match when looking for nova in the service catalog. Format is : separated values of the form: ::' - - - name: nova_catalog_admin_info - type: string - default: 'compute:nova:adminURL' - help: 'Same as nova_catalog_info, but for admin endpoint.' - - - name: nova_endpoint_template - type: string - default: ~ - help: 'Override service catalog lookup with template for nova endpoint e.g. http://localhost:8774/v2/%(tenant_id)s' - - - name: nova_endpoint_admin_template - type: string - default: ~ - help: 'Same as nova_endpoint_template, but for admin endpoint.' - - - name: os_region_name - type: string - default: ~ - help: 'region name of this node' - - - name: nova_ca_certificates_file - type: string - default: ~ - help: 'Location of ca certicates file to use for nova client requests.' - - - name: nova_api_insecure - type: boolean - default: false - help: 'Allow to perform insecure SSL requests to nova' - - - name: db_backend - type: string - default: 'sqlalchemy' - help: 'The backend to use for db' - - - name: enable_new_services - type: boolean - default: true - help: 'Services to be added to the available pool on create' - - - name: volume_name_template - type: string - default: 'volume-%s' - help: 'Template string to be used to generate volume names' - - - name: snapshot_name_template - type: string - default: 'snapshot-%s' - help: 'Template string to be used to generate snapshot names' - - - name: backup_name_template - type: string - default: 'backup-%s' - help: 'Template string to be used to generate backup names' - - - name: db_driver - type: string - default: 'cinder_2013_1_3.db' - help: 'driver to use for database access' - - - name: allowed_direct_url_schemes - type: list - default: '' - help: 'A list of url schemes that can be downloaded directly via the direct_url. Currently supported schemes: [file].' - - - name: image_conversion_dir - type: string - default: '$state_path/conversion' - help: 'Directory used for temporary storage during image conversion' - - - name: keymgr_api_class - type: string - default: 'cinder_2013_1_3.keymgr.not_implemented_key_mgr.NotImplementedKeyManager' - help: 'The full class name of the key manager API class' - - - name: backend - type: string - default: 'sqlalchemy' - help: 'The backend to use for db' - - - name: use_tpool - type: boolean - default: false - help: 'Enable the experimental use of thread pooling for all DB API calls' - - - name: connection - type: string - default: 'sqlite:////cinder/openstack/common/db/$sqlite_db' - help: 'The SQLAlchemy connection string used to connect to the database' - - - name: sql_connection - type: string - default: 'sqlite:////nova/openstack/common/db/$sqlite_db' - help: 'The SQLAlchemy connection string used to connect to the database' - - - name: idle_timeout - type: integer - default: 3600 - help: 'timeout before idle sql connections are reaped' - - - name: min_pool_size - type: integer - default: 1 - help: 'Minimum number of SQL connections to keep open in a pool' - - - name: max_pool_size - type: integer - default: 5 - help: 'Maximum number of SQL connections to keep open in a pool' - - - name: max_retries - type: integer - default: 10 - help: 'maximum db connection retries during startup.' - - - name: retry_interval - type: integer - default: 10 - help: 'interval between retries of opening a sql connection' - - - name: max_overflow - type: integer - default: ~ - help: 'If set, use this value for max_overflow with sqlalchemy' - - - name: connection_debug - type: integer - default: 0 - help: 'Verbosity of SQL debugging information. 0=None, 100=Everything' - - - name: connection_trace - type: boolean - default: false - help: 'Add python stack traces to SQL as comment strings' - - - name: sqlite_db - type: string - default: 'cinder_2013_1_3.sqlite' - help: 'the filename to use with sqlite' - - - name: sqlite_synchronous - type: boolean - default: true - help: 'If true, use synchronous mode for sqlite' - - - name: backdoor_port - type: integer - default: ~ - help: 'port for eventlet backdoor to listen' - - - name: disable_process_locking - type: boolean - default: false - help: 'Whether to disable inter-process locks' - - - name: lock_path - type: string - default: ~ - help: 'Directory to use for lock files. Default to a temp directory' - - - name: debug - type: boolean - default: false - help: 'Print debugging output' - - - name: verbose - type: boolean - default: false - help: 'Print more verbose output' - - - name: use_stderr - type: boolean - default: true - help: 'Log output to standard error' - - - name: logging_context_format_string - type: string - default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s' - help: 'format string to use for log messages with context' - - - name: logging_default_format_string - type: string - default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s' - help: 'format string to use for log messages without context' - - - name: logging_debug_format_suffix - type: string - default: '%(funcName)s %(pathname)s:%(lineno)d' - help: 'data to append to log format when level is DEBUG' - - - name: logging_exception_prefix - type: string - default: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' - help: 'prefix each line of exception output with this format' - - - name: default_log_levels - type: list - default: 'amqplibWARN,sqlalchemyWARN,botoWARN,sudsINFO,keystoneINFO,eventlet.wsgi.serverWARN' - help: 'list of logger=LEVEL pairs' - - - name: publish_errors - type: boolean - default: false - help: 'publish error events' - - - name: fatal_deprecations - type: boolean - default: false - help: 'make deprecations fatal' - - - name: instance_format - type: string - default: '"[instance: %(uuid)s] "' - help: 'If an instance is passed with the log message, format it like this' - - - name: instance_uuid_format - type: string - default: '"[instance: %(uuid)s] "' - help: 'If an instance UUID is passed with the log message, format it like this' - - - name: log_config - type: string - default: ~ - help: 'If this option is specified, the logging configuration file specified is used and overrides any other logging options specified. Please see the Python logging module documentation for details on logging configuration files.' - - - name: log_format - type: string - default: ~ - help: 'A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes. This option is deprecated. Please use logging_context_format_string and logging_default_format_string instead.' - - - name: log_date_format - type: string - default: '%Y-%m-%d %H:%M:%S' - help: 'Format string for %%(asctime)s in log records. Default: %(default)s' - - - name: log_file - type: string - default: ~ - help: '(Optional) Name of log file to output to. If no default is set, logging will go to stdout.' - - - name: log_dir - type: string - default: ~ - help: '(Optional) The base directory used for relative --log-file paths' - - - name: use_syslog - type: boolean - default: false - help: 'Use syslog for logging.' - - - name: syslog_log_facility - type: string - default: 'LOG_USER' - help: 'syslog facility to receive log lines' - - - name: default_notification_level - type: string - default: 'INFO' - help: 'Default notification level for outgoing notifications' - - - name: default_publisher_id - type: string - default: ~ - help: 'Default publisher_id for outgoing notifications' - - - name: notification_topics - type: list - default: 'notifications' - help: 'AMQP topic used for OpenStack notifications' - - - name: topics - type: list - default: 'notifications' - help: 'AMQP topic(s) used for OpenStack notifications' - - - name: run_external_periodic_tasks - type: boolean - default: true - help: 'Some periodic tasks can be run in a separate process. Should we run them here?' - - - name: rpc_backend - type: string - default: 'cinder_2013_1_3.openstack.common.rpc.impl_kombu' - help: 'The messaging module to use, defaults to kombu.' - - - name: rpc_thread_pool_size - type: integer - default: 64 - help: 'Size of RPC thread pool' - - - name: rpc_conn_pool_size - type: integer - default: 30 - help: 'Size of RPC connection pool' - - - name: rpc_response_timeout - type: integer - default: 60 - help: 'Seconds to wait for a response from call or multicall' - - - name: rpc_cast_timeout - type: integer - default: 30 - help: 'Seconds to wait before a cast expires' - - - name: allowed_rpc_exception_modules - type: list - default: 'cinder_2013_1_3.openstack.common.exception,nova.exception,cinder_2013_1_3.exception,exceptions' - help: 'Modules of exceptions that are permitted to be recreatedupon receiving exception data from an rpc call.' - - - name: fake_rabbit - type: boolean - default: false - help: 'If passed, use a fake RabbitMQ provider' - - - name: control_exchange - type: string - default: 'openstack' - help: 'AMQP exchange to connect to if using RabbitMQ or Qpid' - - - name: amqp_rpc_single_reply_queue - type: boolean - default: false - help: 'Enable a fast single reply queue if using AMQP based RPC like RabbitMQ or Qpid.' - - - name: amqp_durable_queues - type: boolean - default: false - help: 'Use durable queues in amqp.' - - - name: amqp_auto_delete - type: boolean - default: false - help: 'Auto-delete queues in amqp.' - - - name: kombu_ssl_version - type: string - default: '' - help: 'SSL version to use' - - - name: kombu_ssl_keyfile - type: string - default: '' - help: 'SSL key file' - - - name: kombu_ssl_certfile - type: string - default: '' - help: 'SSL cert file' - - - name: kombu_ssl_ca_certs - type: string - default: '' - help: 'SSL certification authority file' - - - name: rabbit_host - type: string - default: 'localhost' - help: 'The RabbitMQ broker address where a single node is used' - - - name: rabbit_port - type: integer - default: 5672 - help: 'The RabbitMQ broker port where a single node is used' - - - name: rabbit_hosts - type: list - default: '$rabbit_host:$rabbit_port' - help: 'RabbitMQ HA cluster host:port pairs' - - - name: rabbit_use_ssl - type: boolean - default: false - help: 'connect over SSL for RabbitMQ' - - - name: rabbit_userid - type: string - default: 'guest' - help: 'the RabbitMQ userid' - - - name: rabbit_password - type: string - default: 'guest' - help: 'the RabbitMQ password' - - - name: rabbit_virtual_host - type: string - default: '/' - help: 'the RabbitMQ virtual host' - - - name: rabbit_retry_interval - type: integer - default: 1 - help: 'how frequently to retry connecting with RabbitMQ' - - - name: rabbit_retry_backoff - type: integer - default: 2 - help: 'how long to backoff for between retries when connecting to RabbitMQ' - - - name: rabbit_max_retries - type: integer - default: 0 - help: 'maximum retries with trying to connect to RabbitMQ' - - - name: rabbit_ha_queues - type: boolean - default: false - help: 'use H/A queues in RabbitMQ' - - - name: qpid_hostname - type: string - default: 'localhost' - help: 'Qpid broker hostname' - - - name: qpid_port - type: integer - default: 5672 - help: 'Qpid broker port' - - - name: qpid_hosts - type: list - default: '$qpid_hostname:$qpid_port' - help: 'Qpid HA cluster host:port pairs' - - - name: qpid_username - type: string - default: '' - help: 'Username for qpid connection' - - - name: qpid_password - type: string - default: '' - help: 'Password for qpid connection' - - - name: qpid_sasl_mechanisms - type: string - default: '' - help: 'Space separated list of SASL mechanisms to use for auth' - - - name: qpid_heartbeat - type: integer - default: 60 - help: 'Seconds between connection keepalive heartbeats' - - - name: qpid_protocol - type: string - default: 'tcp' - help: "Transport to use, either 'tcp' or 'ssl'" - - - name: qpid_tcp_nodelay - type: boolean - default: true - help: 'Disable Nagle algorithm' - - - name: qpid_topology_version - type: integer - default: 1 - help: 'The qpid topology version to use. Version 1 is what was originally used by impl_qpid. Version 2 includes some backwards-incompatible changes that allow broker federation to work. Users should update to version 2 when they are able to take everything down, as it requires a clean break.' - - - name: rpc_zmq_bind_address - type: string - default: '*' - help: 'ZeroMQ bind address. Should be a wildcard' - - - name: rpc_zmq_matchmaker - type: string - default: 'cinder_2013_1_3.openstack.common.rpc.matchmaker.MatchMakerLocalhost' - help: 'MatchMaker driver' - - - name: rpc_zmq_port - type: integer - default: 9501 - help: 'ZeroMQ receiver listening port' - - - name: rpc_zmq_contexts - type: integer - default: 1 - help: 'Number of ZeroMQ contexts, defaults to 1' - - - name: rpc_zmq_topic_backlog - type: integer - default: ~ - help: 'Maximum number of ingress messages to locally buffer per topic. Default is unlimited.' - - - name: rpc_zmq_ipc_dir - type: string - default: '/var/run/openstack' - help: 'Directory for holding IPC sockets' - - - name: rpc_zmq_host - type: string - default: 'cinder' - help: "Name of this node. Must be a valid hostname, FQDN, or IP address. Must match 'host' option, if running Nova." - - - name: matchmaker_ringfile - type: string - default: '/etc/nova/matchmaker_ring.json' - help: 'Matchmaker ring file' - - - name: matchmaker_heartbeat_freq - type: integer - default: 300 - help: 'Heartbeat frequency' - - - name: matchmaker_heartbeat_ttl - type: integer - default: 600 - help: 'Heartbeat time-to-live.' - - - name: port - type: integer - default: 6379 - help: 'Use this port to connect to redis host.' - - - name: password - type: string - default: ~ - help: 'Password for Redis server.' - - - name: scheduler_host_manager - type: string - default: 'cinder_2013_1_3.scheduler.host_manager.HostManager' - help: 'The scheduler host manager class to use' - - - name: scheduler_max_attempts - type: integer - default: 3 - help: 'Maximum number of attempts to schedule an volume' - - - name: scheduler_default_filters - type: list - default: 'AvailabilityZoneFilter,CapacityFilter,CapabilitiesFilter' - help: 'Which filter class names to use for filtering hosts when not specified in the request.' - - - name: scheduler_default_weighers - type: list - default: 'CapacityWeigher' - help: 'Which weigher class names to use for weighing hosts.' - - - name: scheduler_driver - type: string - default: 'cinder_2013_1_3.scheduler.filter_scheduler.FilterScheduler' - help: 'Default scheduler driver to use' - - - name: scheduler_json_config_location - type: string - default: '' - help: 'Absolute path to scheduler configuration JSON file.' - - - name: max_gigabytes - type: integer - default: 10000 - help: 'maximum number of volume gigabytes to allow per host' - - - name: capacity_weight_multiplier - type: float - default: 1.0 - help: 'Multiplier used for weighing volume capacity. Negative numbers mean to stack vs spread.' - - - name: volume_transfer_salt_length - type: integer - default: 8 - help: 'The number of characters in the salt.' - - - name: volume_transfer_key_length - type: integer - default: 16 - help: 'The number of characters in the autogenerated auth key.' - - - name: snapshot_same_host - type: boolean - default: true - help: 'Create volume from snapshot at the host where snapshot resides' - - - name: cloned_volume_same_az - type: boolean - default: true - help: 'Ensure that the new volumes are the same AZ as snapshot or source volume' - - - name: num_shell_tries - type: integer - default: 3 - help: 'number of times to attempt to run flakey shell commands' - - - name: reserved_percentage - type: integer - default: 0 - help: 'The percentage of backend capacity is reserved' - - - name: iscsi_num_targets - type: integer - default: 100 - help: 'The maximum number of iscsi target ids per host' - - - name: iscsi_target_prefix - type: string - default: 'iqn.2010-10.org.openstack:' - help: 'prefix for iscsi volumes' - - - name: iscsi_ip_address - type: string - default: '$my_ip' - help: 'The IP address that the iSCSI daemon is listening on' - - - name: iscsi_port - type: integer - default: 3260 - help: 'The port that the iSCSI daemon is listening on' - - - name: num_iser_scan_tries - type: integer - default: 3 - help: 'The maximum number of times to rescan iSER targetto find volume' - - - name: iser_num_targets - type: integer - default: 100 - help: 'The maximum number of iser target ids per host' - - - name: iser_target_prefix - type: string - default: 'iqn.2010-10.org.iser.openstack:' - help: 'prefix for iser volumes' - - - name: iser_ip_address - type: string - default: '$my_ip' - help: 'The IP address that the iSER daemon is listening on' - - - name: iser_port - type: integer - default: 3260 - help: 'The port that the iSER daemon is listening on' - - - name: volume_backend_name - type: string - default: ~ - help: 'The backend name for a given driver implementation' - - - name: use_multipath_for_image_xfer - type: boolean - default: false - help: 'Do we attach/detach volumes in cinder using multipath for volume to image and image to volume transfers?' - - - name: volume_clear - type: string - default: 'zero' - help: 'Method used to wipe old voumes' - - - name: volume_clear_size - type: integer - default: 0 - help: 'Size in MiB to wipe at start of old volumes. 0 => all' - - - name: available_devices - type: list - default: '' - help: 'List of all available devices' - - - name: coraid_esm_address - type: string - default: '' - help: 'IP address of Coraid ESM' - - - name: coraid_user - type: string - default: 'admin' - help: 'User name to connect to Coraid ESM' - - - name: coraid_group - type: string - default: 'admin' - help: 'Name of group on Coraid ESM to which coraid_user belongs' - - - name: coraid_password - type: string - default: 'password' - help: 'Password to connect to Coraid ESM' - - - name: coraid_repository_key - type: string - default: 'coraid_repository' - help: 'Volume Type key name to store ESM Repository Name' - - - name: eqlx_group_name - type: string - default: 'group-0' - help: 'Group name to use for creating volumes' - - - name: eqlx_cli_timeout - type: integer - default: 30 - help: 'Timeout for the Group Manager cli command execution' - - - name: eqlx_cli_max_retries - type: integer - default: 5 - help: 'Maximum retry count for reconnection' - - - name: eqlx_use_chap - type: boolean - default: false - help: 'Use CHAP authentificaion for targets?' - - - name: eqlx_chap_login - type: string - default: 'admin' - help: 'Existing CHAP account name' - - - name: eqlx_chap_password - type: string - default: 'password' - help: 'Password for specified CHAP account name' - - - name: eqlx_pool - type: string - default: 'default' - help: 'Pool in which volumes will be created' - - - name: glusterfs_shares_config - type: string - default: '/etc/cinder/glusterfs_shares' - help: 'File with the list of available gluster shares' - - - name: glusterfs_disk_util - type: string - default: 'df' - help: 'Use du or df for free space calculation' - - - name: glusterfs_sparsed_volumes - type: boolean - default: true - help: 'Create volumes as sparsed files which take no space.If set to False volume is created as regular file.In such case volume creation takes a lot of time.' - - - name: glusterfs_qcow2_volumes - type: boolean - default: false - help: 'Create volumes as QCOW2 files rather than raw files.' - - - name: gpfs_mount_point_base - type: string - default: ~ - help: 'Path to the directory on GPFS mount point where volumes are stored' - - - name: gpfs_images_dir - type: string - default: ~ - help: 'Path to GPFS Glance repository as mounted on Nova nodes' - - - name: gpfs_images_share_mode - type: string - default: ~ - help: 'Set this if Glance image repo is on GPFS as well so that the image bits can be transferred efficiently between Glance and cinder_2013_1_3. Valid values are copy or copy_on_write. copy performs a full copy of the image, copy_on_write efficiently shares unmodified blocks of the image.' - - - name: gpfs_max_clone_depth - type: integer - default: 0 - help: 'A lengthy chain of copy-on-write snapshots or clones could have impact on performance. This option limits the number of indirections required to reach a specific block. 0 indicates unlimited.' - - - name: gpfs_sparse_volumes - type: boolean - default: true - help: 'Create volumes as sparse files which take no space. If set to False volume is created as regular file. In this case volume creation may take a significantly longer time.' - - - name: hds_cinder_config_file - type: string - default: '/opt/hds/hus/cinder_hus_conf.xml' - help: 'configuration file for HDS cinder plugin for HUS' - - - name: cinder_huawei_conf_file - type: string - default: '/etc/cinder/cinder_huawei_conf.xml' - help: 'config data for cinder huawei plugin' - - - name: volume_group - type: string - default: 'cinder-volumes' - help: 'Name for the VG that will contain exported volumes' - - - name: pool_size - type: string - default: ~ - help: 'Size of thin provisioning pool' - - - name: lvm_mirrors - type: integer - default: 0 - help: 'If set, create lvms with multiple mirrors. Note that this requires lvm_mirrors + 2 pvs with available space' - - - name: lvm_type - type: string - default: 'default' - help: 'Type of LVM volumes to deploy;' - - - name: netapp_vfiler - type: string - default: ~ - help: 'Vfiler to use for provisioning' - - - name: netapp_login - type: string - default: ~ - help: 'User name for the storage controller' - - - name: netapp_password - type: string - default: ~ - help: 'Password for the storage controller' - - - name: netapp_vserver - type: string - default: ~ - help: 'Cluster vserver to use for provisioning' - - - name: netapp_server_hostname - type: string - default: ~ - help: 'Host name for the storage controller' - - - name: netapp_server_port - type: integer - default: 80 - help: 'Port number for the storage controller' - - - name: thres_avl_size_perc_start - type: integer - default: 20 - help: 'Threshold available percent to start cache cleaning.' - - - name: thres_avl_size_perc_stop - type: integer - default: 60 - help: 'Threshold available percent to stop cache cleaning.' - - - name: expiry_thres_minutes - type: integer - default: 720 - help: 'Threshold minutes after which cache file can be cleaned.' - - - name: netapp_size_multiplier - type: float - default: 1.2 - help: 'Volume size multiplier to ensure while creation' - - - name: netapp_volume_list - type: string - default: ~ - help: 'Comma separated volumes to be used for provisioning' - - - name: netapp_storage_family - type: string - default: 'ontap_cluster' - help: 'Storage family type.' - - - name: netapp_storage_protocol - type: string - default: ~ - help: 'Storage protocol type.' - - - name: netapp_transport_type - type: string - default: 'http' - help: 'Transport type protocol' - - - name: nexenta_host - type: string - default: '' - help: 'IP address of Nexenta SA' - - - name: nexenta_rest_port - type: integer - default: 2000 - help: 'HTTP port to connect to Nexenta REST API server' - - - name: nexenta_rest_protocol - type: string - default: 'auto' - help: 'Use http or https for REST connection' - - - name: nexenta_user - type: string - default: 'admin' - help: 'User name to connect to Nexenta SA' - - - name: nexenta_password - type: string - default: 'nexenta' - help: 'Password to connect to Nexenta SA' - - - name: nexenta_iscsi_target_portal_port - type: integer - default: 3260 - help: 'Nexenta target portal port' - - - name: nexenta_volume - type: string - default: 'cinder' - help: 'pool on SA that will hold all volumes' - - - name: nexenta_target_prefix - type: string - default: 'iqn.1986-03.com.sun:02:cinder-' - help: 'IQN prefix for iSCSI targets' - - - name: nexenta_target_group_prefix - type: string - default: 'cinder/' - help: 'prefix for iSCSI target groups on SA' - - - name: nexenta_shares_config - type: string - default: '/etc/cinder/nfs_shares' - help: 'File with the list of available nfs shares' - - - name: nexenta_mount_point_base - type: string - default: '$state_path/mnt' - help: 'Base dir containing mount points for nfs shares' - - - name: nexenta_sparsed_volumes - type: boolean - default: true - help: 'Create volumes as sparsed files which take no space.If set to False volume is created as regular file.In such case volume creation takes a lot of time.' - - - name: nexenta_volume_compression - type: string - default: 'on' - help: 'Default compression value for new ZFS folders.' - - - name: nexenta_mount_options - type: string - default: ~ - help: 'Mount options passed to the nfs client. See section of the nfs man page for details' - - - name: nexenta_used_ratio - type: float - default: 0.95 - help: 'Percent of ACTUAL usage of the underlying volume before no new volumes can be allocated to the volume destination.' - - - name: nexenta_oversub_ratio - type: float - default: 1.0 - help: 'This will compare the allocated to available space on the volume destination. If the ratio exceeds this number, the destination will no longer be valid.' - - - name: nexenta_blocksize - type: string - default: '' - help: 'block size for volumes' - - - name: nexenta_sparse - type: boolean - default: false - help: 'flag to create sparse volumes' - - - name: nfs_shares_config - type: string - default: '/etc/cinder/nfs_shares' - help: 'File with the list of available nfs shares' - - - name: nfs_sparsed_volumes - type: boolean - default: true - help: 'Create volumes as sparsed files which take no space.If set to False volume is created as regular file.In such case volume creation takes a lot of time.' - - - name: nfs_used_ratio - type: float - default: 0.95 - help: 'Percent of ACTUAL usage of the underlying volume before no new volumes can be allocated to the volume destination.' - - - name: nfs_oversub_ratio - type: float - default: 1.0 - help: 'This will compare the allocated to available space on the volume destination. If the ratio exceeds this number, the destination will no longer be valid.' - - - name: rbd_pool - type: string - default: 'rbd' - help: 'the RADOS pool in which rbd volumes are stored' - - - name: rbd_user - type: string - default: ~ - help: 'the RADOS client name for accessing rbd volumes - only set when using cephx authentication' - - - name: rbd_ceph_conf - type: string - default: '' - help: 'path to the ceph configuration file to use' - - - name: rbd_flatten_volume_from_snapshot - type: boolean - default: false - help: 'flatten volumes created from snapshots to remove dependency' - - - name: rbd_secret_uuid - type: string - default: ~ - help: 'the libvirt uuid of the secret for the rbd_uservolumes' - - - name: volume_tmp_dir - type: string - default: ~ - help: 'where to store temporary image files if the volume driver does not write them directly to the volume' - - - name: rbd_max_clone_depth - type: integer - default: 5 - help: 'maximum number of nested clones that can be taken of a volume before enforcing a flatten prior to next clone. A value of zero disables cloning' - - - name: hp3par_api_url - type: string - default: '' - help: '3PAR WSAPI Server Url like https://<3par ip>:8080/api/v1' - - - name: hp3par_username - type: string - default: '' - help: '3PAR Super user username' - - - name: hp3par_password - type: string - default: '' - help: '3PAR Super user password' - - - name: hp3par_domain - type: string - default: ~ - help: 'This option is DEPRECATED and no longer used. The 3par domain name to use.' - - - name: hp3par_cpg - type: string - default: 'OpenStack' - help: 'The CPG to use for volume creation' - - - name: hp3par_cpg_snap - type: string - default: '' - help: 'The CPG to use for Snapshots for volumes. If empty hp3par_cpg will be used' - - - name: hp3par_snapshot_retention - type: string - default: '' - help: "The time in hours to retain a snapshot. You can't delete it before this expires." - - - name: hp3par_snapshot_expiration - type: string - default: '' - help: 'The time in hours when a snapshot expires and is deleted. This must be larger than expiration' - - - name: hp3par_debug - type: boolean - default: false - help: 'Enable HTTP debugging to 3PAR' - - - name: hp3par_iscsi_ips - type: list - default: '' - help: 'List of target iSCSI addresses to use.' - - - name: san_thin_provision - type: boolean - default: true - help: 'Use thin provisioning for SAN volumes?' - - - name: san_ip - type: string - default: '' - help: 'IP address of SAN controller' - - - name: san_login - type: string - default: 'admin' - help: 'Username for SAN controller' - - - name: san_password - type: string - default: '' - help: 'Password for SAN controller' - - - name: san_private_key - type: string - default: '' - help: 'Filename of private key to use for SSH authentication' - - - name: san_clustername - type: string - default: '' - help: 'Cluster name to use for creating volumes' - - - name: san_ssh_port - type: integer - default: 22 - help: 'SSH port to use with SAN' - - - name: san_is_local - type: boolean - default: false - help: 'Execute commands locally instead of over SSH; use if the volume service is running on the SAN device' - - - name: ssh_conn_timeout - type: integer - default: 30 - help: 'SSH connection timeout in seconds' - - - name: ssh_min_pool_conn - type: integer - default: 1 - help: 'Minimum ssh connections in the pool' - - - name: ssh_max_pool_conn - type: integer - default: 5 - help: 'Maximum ssh connections in the pool' - - - name: san_zfs_volume_base - type: string - default: 'rpool/' - help: 'The ZFS path under which to create zvols for volumes.' - - - name: scality_sofs_config - type: string - default: ~ - help: 'Path or URL to Scality SOFS configuration file' - - - name: scality_sofs_mount_point - type: string - default: '$state_path/scality' - help: 'Base dir where Scality SOFS shall be mounted' - - - name: scality_sofs_volume_dir - type: string - default: 'cinder/volumes' - help: 'Path from Scality SOFS root to volume dir' - - - name: sf_emulate_512 - type: boolean - default: true - help: 'Set 512 byte emulation on volume creation; ' - - - name: sf_allow_tenant_qos - type: boolean - default: false - help: 'Allow tenants to specify QOS on create' - - - name: sf_account_prefix - type: string - default: 'cinder' - help: 'Create SolidFire accounts with this prefix' - - - name: sf_api_port - type: integer - default: 443 - help: 'SolidFire API port. Useful if the device api is behind a proxy on a different port.' - - - name: storwize_svc_volpool_name - type: string - default: 'volpool' - help: 'Storage system storage pool for volumes' - - - name: storwize_svc_vol_rsize - type: integer - default: 2 - help: 'Storage system space-efficiency parameter for volumes' - - - name: storwize_svc_vol_warning - type: integer - default: 0 - help: 'Storage system threshold for volume capacity warnings' - - - name: storwize_svc_vol_autoexpand - type: boolean - default: true - help: 'Storage system autoexpand parameter for volumes' - - - name: storwize_svc_vol_grainsize - type: integer - default: 256 - help: 'Storage system grain size parameter for volumes' - - - name: storwize_svc_vol_compression - type: boolean - default: false - help: 'Storage system compression option for volumes' - - - name: storwize_svc_vol_easytier - type: boolean - default: true - help: 'Enable Easy Tier for volumes' - - - name: storwize_svc_vol_iogrp - type: integer - default: 0 - help: 'The I/O group in which to allocate volumes' - - - name: storwize_svc_flashcopy_timeout - type: integer - default: 120 - help: 'Maximum number of seconds to wait for FlashCopy to be prepared. Maximum value is 600 seconds' - - - name: storwize_svc_connection_protocol - type: string - default: 'iSCSI' - help: 'Connection protocol' - - - name: storwize_svc_multipath_enabled - type: boolean - default: false - help: 'Connect with multipath' - - - name: storwize_svc_multihostmap_enabled - type: boolean - default: true - help: 'Allows vdisk to multi host mapping' - - - name: vmware_host_ip - type: string - default: ~ - help: 'IP address for connecting to VMware ESX/VC server.' - - - name: vmware_host_username - type: string - default: ~ - help: 'Username for authenticating with VMware ESX/VC server.' - - - name: vmware_host_password - type: string - default: ~ - help: 'Password for authenticating with VMware ESX/VC server.' - - - name: vmware_wsdl_location - type: string - default: ~ - help: 'Optional VIM service WSDL Location e.g http:///vimService.wsdl. Optional over-ride to default location for bug work-arounds.' - - - name: vmware_api_retry_count - type: integer - default: 10 - help: 'Number of times VMware ESX/VC server API must be retried upon connection related issues.' - - - name: vmware_task_poll_interval - type: integer - default: 5 - help: 'The interval used for polling remote tasks invoked on VMware ESX/VC server.' - - - name: vmware_volume_folder - type: string - default: 'cinder-volumes' - help: 'Name for the folder in the VC datacenter that will contain cinder volumes.' - - - name: vmware_image_transfer_timeout_secs - type: integer - default: 7200 - help: 'Timeout in seconds for VMDK volume transfer between Cinder and Glance.' - - - name: windows_iscsi_lun_path - type: string - default: 'C:\\iSCSIVirtualDisks' - help: 'Path to store VHD backed volumes' - - - name: xenapi_nfs_server - type: string - default: ~ - help: 'NFS server to be used by XenAPINFSDriver' - - - name: xenapi_nfs_serverpath - type: string - default: ~ - help: 'Path of exported NFS, used by XenAPINFSDriver' - - - name: xenapi_connection_url - type: string - default: ~ - help: 'URL for XenAPI connection' - - - name: xenapi_connection_username - type: string - default: 'root' - help: 'Username for XenAPI connection' - - - name: xenapi_connection_password - type: string - default: ~ - help: 'Password for XenAPI connection' - - - name: xenapi_sr_base_path - type: string - default: '/var/run/sr-mount' - help: 'Base path to the storage repository' - - - name: xiv_ds8k_proxy - type: string - default: 'xiv_ds8k_openstack.nova_proxy.XIVDS8KNovaProxy' - help: 'Proxy driver that connects to the IBM Storage Array' - - - name: xiv_ds8k_connection_type - type: string - default: 'iscsi' - help: 'Connection type to the IBM Storage Array' - - - name: zadara_vpsa_ip - type: string - default: ~ - help: 'Management IP of Zadara VPSA' - - - name: zadara_vpsa_port - type: string - default: ~ - help: 'Zadara VPSA port number' - - - name: zadara_vpsa_use_ssl - type: boolean - default: false - help: 'Use SSL connection' - - - name: zadara_user - type: string - default: ~ - help: 'User name for the VPSA' - - - name: zadara_password - type: string - default: ~ - help: 'Password for the VPSA' - - - name: zadara_vpsa_poolname - type: string - default: ~ - help: 'Name of VPSA storage pool for volumes' - - - name: zadara_vol_thin - type: boolean - default: true - help: 'Default thin provisioning policy for volumes' - - - name: zadara_vol_encrypt - type: boolean - default: false - help: 'Default encryption policy for volumes' - - - name: zadara_default_striping_mode - type: string - default: 'simple' - help: 'Default striping mode for volumes' - - - name: zadara_default_stripesize - type: integer - default: 64 - help: 'Default stripe size for volumes' - - - name: zadara_vol_name_template - type: string - default: 'OS_%s' - help: 'Default template for VPSA volume names' - - - name: zadara_vpsa_auto_detach_on_delete - type: boolean - default: true - help: 'Automatically detach from servers on volume delete' - - - name: zadara_vpsa_allow_nonexistent_delete - type: boolean - default: true - help: "Don't halt on deletion of non-existing volumes" - - - name: volume_driver - type: string - default: 'cinder_2013_1_3.volume.drivers.lvm.LVMISCSIDriver' - help: 'Driver to use for volume creation' - - - name: migration_create_volume_timeout_secs - type: integer - default: 300 - help: 'Timeout for creating the volume to migrate to when performing volume migration' - - - name: volume_dd_blocksize - type: string - default: '1M' - help: 'The default block size used when copying/clearing volumes' - diff --git a/rubick/schemas/cinder/2013.2.0.yml b/rubick/schemas/cinder/2013.2.0.yml deleted file mode 100644 index e304a3b..0000000 --- a/rubick/schemas/cinder/2013.2.0.yml +++ /dev/null @@ -1,1949 +0,0 @@ -project: cinder -version: '2013.2.0' -parameters: - - - name: fatal_exception_format_errors - type: boolean - default: false - help: 'make exception message format errors fatal ' - - - name: policy_file - type: string - default: 'policy.json' - help: 'JSON file representing policy ' - - - name: policy_default_rule - type: string - default: 'default' - help: 'Rule checked when requested rule is not found ' - - - name: quota_volumes - type: integer - default: 10 - help: 'number of volumes allowed per project ' - - - name: quota_snapshots - type: integer - default: 10 - help: 'number of volume snapshots allowed per project ' - - - name: quota_gigabytes - type: integer - default: 1000 - help: 'number of volume gigabytes (snapshots are also included) allowed per project ' - - - name: reservation_expire - type: integer - default: 86400 - help: 'number of seconds until a reservation expires ' - - - name: until_refresh - type: integer - default: 0 - help: 'count of reservations until usage is refreshed ' - - - name: max_age - type: integer - default: 0 - help: 'number of seconds between subsequent usage refreshes ' - - - name: quota_driver - type: string - default: 'cinder.quota.DbQuotaDriver' - help: 'default driver to use for quota checks ' - - - name: use_default_quota_class - type: boolean - default: true - help: 'whether to use default quota class for default quota ' - - - name: report_interval - type: integer - default: 10 - help: 'seconds between nodes reporting state to datastore ' - - - name: periodic_interval - type: integer - default: 60 - help: 'seconds between running periodic tasks ' - - - name: periodic_fuzzy_delay - type: integer - default: 60 - help: 'range of seconds to randomly delay when starting the periodic task scheduler to reduce stampeding. (Disable by setting to 0) ' - - - name: osapi_volume_listen - type: host - default: '0.0.0.0' - help: 'IP address for OpenStack Volume API to listen ' - - - name: osapi_volume_listen_port - type: port - default: 8776 - help: 'port for os volume api to listen ' - - - name: sqlite_clean_db - type: string - default: 'clean.sqlite' - help: 'File name of clean sqlite db ' - - - name: fake_tests - type: boolean - default: true - help: 'should we use everything for testing ' - - - name: backlog - type: integer - default: 4096 - help: 'Number of backlog requests to configure the socket with ' - - - name: tcp_keepidle - type: integer - default: 600 - help: 'Sets the value of TCP_KEEPIDLE in seconds for each server socket. Not supported on OS X. ' - - - name: ssl_ca_file - type: string - default: ~ - help: 'CA certificate file to use to verify connecting clients ' - - - name: ssl_cert_file - type: string - default: ~ - help: 'Certificate file to use when starting the server securely ' - - - name: ssl_key_file - type: string - default: ~ - help: 'Private key file to use when starting the server securely ' - - - name: osapi_max_limit - type: integer - default: 1000 - help: 'the maximum number of items returned in a single response from a collection resource ' - - - name: osapi_volume_base_URL - type: string - default: ~ - help: 'Base URL that will be presented to users in links to the OpenStack Volume API ' - - - name: use_forwarded_for - type: boolean - default: false - help: 'Treat X-Forwarded-For as the canonical remote address. Only enable this if you have a sanitizing proxy. ' - - - name: osapi_max_request_body_size - type: integer - default: 114688 - help: 'Max size for body of a request ' - - - name: backup_ceph_conf - type: string - default: '/etc/ceph/ceph.conf' - help: 'Ceph config file to use. ' - - - name: backup_ceph_user - type: string - default: 'cinder' - help: 'the Ceph user to connect with ' - - - name: backup_ceph_chunk_size - type: integer - default: 134217728 - help: 'the chunk size in bytes that a backup will be broken into before transfer to backup store ' - - - name: backup_ceph_pool - type: string - default: 'backups' - help: 'the Ceph pool to backup to ' - - - name: backup_ceph_stripe_unit - type: integer - default: 0 - help: 'RBD stripe unit to use when creating a backup image ' - - - name: backup_ceph_stripe_count - type: integer - default: 0 - help: 'RBD stripe count to use when creating a backup image ' - - - name: restore_discard_excess_bytes - type: boolean - default: true - help: 'If True, always discard excess bytes when restoring volumes. ' - - - name: backup_swift_url - type: string - default: 'http://localhost:8080/v1/AUTH_' - help: 'The URL of the Swift endpoint ' - - - name: backup_swift_auth - type: string - default: 'per_user' - help: 'Swift authentication mechanism ' - - - name: backup_swift_user - type: string - default: ~ - help: 'Swift user name ' - - - name: backup_swift_key - type: string - default: ~ - help: 'Swift key for authentication ' - - - name: backup_swift_container - type: string - default: 'volumebackups' - help: 'The default Swift container to use ' - - - name: backup_swift_object_size - type: integer - default: 52428800 - help: 'The size in bytes of Swift backup objects ' - - - name: backup_swift_retry_attempts - type: integer - default: 3 - help: 'The number of retries to make for Swift operations ' - - - name: backup_swift_retry_backoff - type: integer - default: 2 - help: 'The backoff time in seconds between Swift retries ' - - - name: backup_compression_algorithm - type: string - default: 'zlib' - help: 'Compression algorithm (None to disable) ' - - - name: backup_tsm_volume_prefix - type: string - default: 'backup' - help: 'Volume prefix for the backup id when backing up to TSM ' - - - name: backup_tsm_password - type: string - default: 'password' - help: 'TSM password for the running username ' - - - name: backup_tsm_compression - type: boolean - default: true - help: 'Enable or Disable compression for backups ' - - - name: backup_driver - type: string - default: 'cinder.backup.drivers.swift_proxy_server' - help: 'Driver to use for backups. ' - - - name: connection_type - type: string - default: ~ - help: 'Virtualization api connection type : libvirt, xenapi, or fake ' - - - name: api_paste_config - type: string - default: 'api-paste.ini' - help: 'File name for the paste.deploy config for cinder-api ' - - - name: pybasedir - type: string - default: '/usr/lib/python/site-packages' - help: 'Directory where the cinder python module is installed ' - - - name: bindir - type: string - default: '$pybasedir/bin' - help: 'Directory where cinder binaries are installed ' - - - name: state_path - type: string - default: '$pybasedir' - help: "Top-level directory for maintaining cinder's state " - - - name: my_ip - type: string - default: '10.0.0.1' - help: 'ip address of this host ' - - - name: glance_host - type: string - default: '$my_ip' - help: 'default glance hostname or ip ' - - - name: glance_port - type: port - default: 9292 - help: 'default glance port ' - - - name: glance_api_servers - type: string_list - default: ['$glance_host:$glance_port'] - help: 'A list of the glance api servers available to cinder ([hostname|ip]:port) ' - - - name: glance_api_version - type: integer - default: 1 - help: 'Version of the glance api to use ' - - - name: glance_num_retries - type: integer - default: 0 - help: 'Number retries when downloading an image from glance ' - - - name: glance_api_insecure - type: boolean - default: false - help: 'Allow to perform insecure SSL (https) requests to glance ' - - - name: glance_api_ssl_compression - type: boolean - default: false - help: 'Whether to attempt to negotiate SSL layer compression when using SSL (https) requests. Set to False to disable SSL layer compression. In some cases disabling this may improve data throughput, eg when high network bandwidth is available and you are using already compressed image formats such as qcow2 . ' - - - name: glance_request_timeout - type: integer - default: ~ - help: 'http/https timeout value for glance operations. If no value (None) is supplied here, the glanceclient default value is used. ' - - - name: scheduler_topic - type: string - default: 'cinder-scheduler' - help: 'the topic scheduler nodes listen on ' - - - name: volume_topic - type: string - default: 'cinder-volume' - help: 'the topic volume nodes listen on ' - - - name: backup_topic - type: string - default: 'cinder-backup' - help: 'the topic volume backup nodes listen on ' - - - name: enable_v1_api - type: boolean - default: true - help: 'Deploy v1 of the Cinder API. ' - - - name: enable_v2_api - type: boolean - default: true - help: 'Deploy v2 of the Cinder API. ' - - - name: api_rate_limit - type: boolean - default: true - help: 'whether to rate limit the api ' - - - name: osapi_volume_ext_list - type: string_list - default: [] - help: 'Specify list of extensions to load when using osapi_volume_extension option with cinder.api.contrib.select_extensions ' - - - name: osapi_volume_extension - type: string - default: 'cinder.api.contrib.standard_extensions' - help: 'osapi volume extension to load (multi valued)' - - - name: volume_manager - type: string - default: 'cinder.volume.manager.VolumeManager' - help: 'full class name for the Manager for volume ' - - - name: backup_manager - type: string - default: 'cinder.backup.manager.BackupManager' - help: 'full class name for the Manager for volume backup ' - - - name: scheduler_manager - type: string - default: 'cinder.scheduler.manager.SchedulerManager' - help: 'full class name for the Manager for scheduler ' - - - name: host - type: string - default: '127.0.0.1' - help: 'Host to locate redis ' - - - name: storage_availability_zone - type: string - default: 'nova' - help: 'availability zone of this node ' - - - name: default_availability_zone - type: string - default: ~ - help: 'default availability zone to use when creating a new volume. If this is not set then we use the value from the storage_availability_zone option as the default availability_zone for new volumes. ' - - - name: memcached_servers - type: list - default: ~ - help: 'Memcached servers or None for in process cache. ' - - - name: default_volume_type - type: string - default: ~ - help: 'default volume type to use ' - - - name: volume_usage_audit_period - type: string - default: 'month' - help: 'time period to generate volume usages for. Time period must be hour, day, month or year ' - - - name: root_helper - type: string - default: 'sudo' - help: 'Deprecated: command to use for running commands as root ' - - - name: rootwrap_config - type: string - default: '/etc/cinder/rootwrap.conf' - help: 'Path to the rootwrap configuration file to use for running commands as root ' - - - name: monkey_patch - type: boolean - default: false - help: 'Enable monkey patching ' - - - name: monkey_patch_modules - type: string_list - default: [] - help: 'List of modules/decorators to monkey patch ' - - - name: service_down_time - type: integer - default: 60 - help: 'maximum time since last check-in for up service ' - - - name: volume_api_class - type: string - default: 'cinder.volume.api.API' - help: 'The full class name of the volume API class to use ' - - - name: backup_api_class - type: string - default: 'cinder.backup.api.API' - help: 'The full class name of the volume backup API class ' - - - name: auth_strategy - type: string - default: 'noauth' - help: 'The strategy to use for auth. Supports noauth, keystone, and deprecated. ' - - - name: enabled_backends - type: list - default: ~ - help: 'A list of backend names to use. These backend names should be backed by a unique [CONFIG] group with its options ' - - - name: no_snapshot_gb_quota - type: boolean - default: false - help: 'Whether snapshots count against GigaByte quota ' - - - name: transfer_api_class - type: string - default: 'cinder.transfer.api.API' - help: 'The full class name of the volume transfer API class ' - - - name: compute_api_class - type: string - default: 'cinder.compute.nova.API' - help: 'The full class name of the compute API class to use ' - - - name: nova_catalog_info - type: string - default: 'compute:nova:publicURL' - help: 'Info to match when looking for nova in the service catalog. Format is : separated values of the form: :: ' - - - name: nova_catalog_admin_info - type: string - default: 'compute:nova:adminURL' - help: 'Same as nova_catalog_info, but for admin endpoint. ' - - - name: nova_endpoint_template - type: string - default: ~ - help: 'Override service catalog lookup with template for nova endpoint e.g. http://localhost:8774/v2/%(tenant_id)s ' - - - name: nova_endpoint_admin_template - type: string - default: ~ - help: 'Same as nova_endpoint_template, but for admin endpoint. ' - - - name: os_region_name - type: string - default: ~ - help: 'region name of this node ' - - - name: nova_ca_certificates_file - type: string - default: ~ - help: 'Location of ca certicates file to use for nova client requests. ' - - - name: nova_api_insecure - type: boolean - default: false - help: 'Allow to perform insecure SSL requests to nova ' - - - name: db_backend - type: string - default: 'sqlalchemy' - help: 'The backend to use for db ' - - - name: enable_new_services - type: boolean - default: true - help: 'Services to be added to the available pool on create ' - - - name: volume_name_template - type: string - default: 'volume-%s' - help: 'Template string to be used to generate volume names ' - - - name: snapshot_name_template - type: string - default: 'snapshot-%s' - help: 'Template string to be used to generate snapshot names ' - - - name: backup_name_template - type: string - default: 'backup-%s' - help: 'Template string to be used to generate backup names ' - - - name: db_driver - type: string - default: 'cinder.db' - help: 'driver to use for database access ' - - - name: allowed_direct_url_schemes - type: string_list - default: [] - help: 'A list of url schemes that can be downloaded directly via the direct_url. Currently supported schemes: [file]. ' - - - name: image_conversion_dir - type: string - default: '$state_path/conversion' - help: 'Directory used for temporary storage during image conversion ' - - - name: api_class - type: string - default: 'cinder.keymgr.conf_key_mgr.ConfKeyManager' - help: 'The full class name of the key manager API class ' - - - name: fixed_key - type: string - default: ~ - help: 'Fixed key returned by key manager, specified in hex ' - - - name: backend - type: string - default: 'sqlalchemy' - help: 'The backend to use for db ' - - - name: use_tpool - type: boolean - default: false - help: 'Enable the experimental use of thread pooling for all DB API calls ' - - - name: connection - type: string - default: 'sqlite:////cinder/openstack/common/db/$sqlite_db' - help: 'The SQLAlchemy connection string used to connect to the database ' - - - name: idle_timeout - type: integer - default: 3600 - help: 'timeout before idle sql connections are reaped ' - - - name: min_pool_size - type: integer - default: 1 - help: 'Minimum number of SQL connections to keep open in a pool ' - - - name: max_pool_size - type: integer - default: 5 - help: 'Maximum number of SQL connections to keep open in a pool ' - - - name: max_retries - type: integer - default: 10 - help: 'maximum db connection retries during startup. (setting -1 implies an infinite retry count) ' - - - name: retry_interval - type: integer - default: 10 - help: 'interval between retries of opening a sql connection ' - - - name: max_overflow - type: integer - default: ~ - help: 'If set, use this value for max_overflow with sqlalchemy ' - - - name: connection_debug - type: integer - default: 0 - help: 'Verbosity of SQL debugging information. 0=None, 100=Everything ' - - - name: connection_trace - type: boolean - default: false - help: 'Add python stack traces to SQL as comment strings ' - - - name: sqlite_db - type: string - default: 'cinder.sqlite' - help: 'the filename to use with sqlite ' - - - name: sqlite_synchronous - type: boolean - default: true - help: 'If true, use synchronous mode for sqlite ' - - - name: backdoor_port - type: integer - default: ~ - help: 'port for eventlet backdoor to listen ' - - - name: disable_process_locking - type: boolean - default: false - help: 'Whether to disable inter-process locks ' - - - name: lock_path - type: string - default: ~ - help: 'Directory to use for lock files. Default to a temp directory ' - - - name: debug - type: boolean - default: false - help: 'Print debugging output (set logging level to DEBUG instead of default WARNING level). ' - - - name: verbose - type: boolean - default: false - help: 'Print more verbose output (set logging level to INFO instead of default WARNING level). ' - - - name: use_stderr - type: boolean - default: true - help: 'Log output to standard error ' - - - name: logging_context_format_string - type: string - default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s' - help: 'format string to use for log messages with context ' - - - name: logging_default_format_string - type: string - default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s' - help: 'format string to use for log messages without context ' - - - name: logging_debug_format_suffix - type: string - default: '%(funcName)s %(pathname)s:%(lineno)d' - help: 'data to append to log format when level is DEBUG ' - - - name: logging_exception_prefix - type: string - default: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' - help: 'prefix each line of exception output with this format ' - - - name: default_log_levels - type: string_list - default: ['amqplib=WARN', 'sqlalchemy=WARN', 'boto=WARN', 'suds=INFO', 'keystone=INFO', 'eventlet.wsgi.server=WARN'] - help: 'list of logger=LEVEL pairs ' - - - name: publish_errors - type: boolean - default: false - help: 'publish error events ' - - - name: fatal_deprecations - type: boolean - default: false - help: 'make deprecations fatal ' - - - name: instance_format - type: string - default: '"[instance: %(uuid)s] "' - help: 'If an instance is passed with the log message, format it like this ' - - - name: instance_uuid_format - type: string - default: '"[instance: %(uuid)s] "' - help: 'If an instance UUID is passed with the log message, format it like this ' - - - name: log_config - type: string - default: ~ - help: 'If this option is specified, the logging configuration file specified is used and overrides any other logging options specified. Please see the Python logging module documentation for details on logging configuration files. ' - - - name: log_format - type: string - default: ~ - help: 'A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes. This option is deprecated. Please use logging_context_format_string and logging_default_format_string instead. ' - - - name: log_date_format - type: string - default: '%Y-%m-%d %H:%M:%S' - help: 'Format string for %%(asctime)s in log records. Default: %(default)s ' - - - name: log_file - type: string - default: ~ - help: '(Optional) Name of log file to output to. If no default is set, logging will go to stdout. ' - - - name: log_dir - type: string - default: ~ - help: '(Optional) The base directory used for relative --log-file paths ' - - - name: use_syslog - type: boolean - default: false - help: 'Use syslog for logging. ' - - - name: syslog_log_facility - type: string - default: 'LOG_USER' - help: 'syslog facility to receive log lines ' - - - name: notification_driver - type: string - default: '' - help: 'Driver or drivers to handle sending notifications (multi valued)' - - - name: default_notification_level - type: string - default: 'INFO' - help: 'Default notification level for outgoing notifications ' - - - name: default_publisher_id - type: string - default: ~ - help: 'Default publisher_id for outgoing notifications ' - - - name: notification_topics - type: string_list - default: ['notifications'] - help: 'AMQP topic used for OpenStack notifications ' - - - name: topics - type: string_list - default: ['notifications'] - help: 'AMQP topic(s) used for OpenStack notifications ' - - - name: run_external_periodic_tasks - type: boolean - default: true - help: 'Some periodic tasks can be run in a separate process. Should we run them here? ' - - - name: rpc_backend - type: string - default: 'cinder.openstack.common.rpc.impl_kombu' - help: 'The messaging module to use, defaults to kombu. ' - - - name: rpc_thread_pool_size - type: integer - default: 64 - help: 'Size of RPC thread pool ' - - - name: rpc_conn_pool_size - type: integer - default: 30 - help: 'Size of RPC connection pool ' - - - name: rpc_response_timeout - type: integer - default: 60 - help: 'Seconds to wait for a response from call or multicall ' - - - name: rpc_cast_timeout - type: integer - default: 30 - help: 'Seconds to wait before a cast expires (TTL). Only supported by impl_zmq. ' - - - name: allowed_rpc_exception_modules - type: string_list - default: ['nova.exception', 'cinder.exception', 'exceptions'] - help: 'Modules of exceptions that are permitted to be recreatedupon receiving exception data from an rpc call. ' - - - name: fake_rabbit - type: boolean - default: false - help: 'If passed, use a fake RabbitMQ provider ' - - - name: control_exchange - type: string - default: 'openstack' - help: 'AMQP exchange to connect to if using RabbitMQ or Qpid ' - - - name: amqp_rpc_single_reply_queue - type: boolean - default: false - help: 'Enable a fast single reply queue if using AMQP based RPC like RabbitMQ or Qpid. ' - - - name: amqp_durable_queues - type: boolean - default: false - help: 'Use durable queues in amqp. ' - - - name: amqp_auto_delete - type: boolean - default: false - help: 'Auto-delete queues in amqp. ' - - - name: kombu_ssl_version - type: string - default: '' - help: 'SSL version to use (valid only if SSL enabled) ' - - - name: kombu_ssl_keyfile - type: string - default: '' - help: 'SSL key file (valid only if SSL enabled) ' - - - name: kombu_ssl_certfile - type: string - default: '' - help: 'SSL cert file (valid only if SSL enabled) ' - - - name: kombu_ssl_ca_certs - type: string - default: '' - help: 'SSL certification authority file (valid only if SSL enabled) ' - - - name: rabbit_host - type: host - default: 'localhost' - help: 'The RabbitMQ broker address where a single node is used ' - - - name: rabbit_port - type: port - default: 5672 - help: 'The RabbitMQ broker port where a single node is used ' - - - name: rabbit_hosts - type: string_list - default: ['$rabbit_host:$rabbit_port'] - help: 'RabbitMQ HA cluster host:port pairs ' - - - name: rabbit_use_ssl - type: boolean - default: false - help: 'connect over SSL for RabbitMQ ' - - - name: rabbit_userid - type: string - default: 'guest' - help: 'the RabbitMQ userid ' - - - name: rabbit_password - type: string - default: 'guest' - help: 'the RabbitMQ password ' - - - name: rabbit_virtual_host - type: string - default: '/' - help: 'the RabbitMQ virtual host ' - - - name: rabbit_retry_interval - type: integer - default: 1 - help: 'how frequently to retry connecting with RabbitMQ ' - - - name: rabbit_retry_backoff - type: integer - default: 2 - help: 'how long to backoff for between retries when connecting to RabbitMQ ' - - - name: rabbit_max_retries - type: integer - default: 0 - help: 'maximum retries with trying to connect to RabbitMQ (the default of 0 implies an infinite retry count) ' - - - name: rabbit_ha_queues - type: boolean - default: false - help: 'use H/A queues in RabbitMQ (x-ha-policy: all).You need to wipe RabbitMQ database when changing this option. ' - - - name: qpid_hostname - type: string - default: 'localhost' - help: 'Qpid broker hostname ' - - - name: qpid_port - type: port - default: 5672 - help: 'Qpid broker port ' - - - name: qpid_hosts - type: string_list - default: ['$qpid_hostname:$qpid_port'] - help: 'Qpid HA cluster host:port pairs ' - - - name: qpid_username - type: string - default: '' - help: 'Username for qpid connection ' - - - name: qpid_password - type: string - default: '' - help: 'Password for qpid connection ' - - - name: qpid_sasl_mechanisms - type: string - default: '' - help: 'Space separated list of SASL mechanisms to use for auth ' - - - name: qpid_heartbeat - type: integer - default: 60 - help: 'Seconds between connection keepalive heartbeats ' - - - name: qpid_protocol - type: string - default: 'tcp' - help: "Transport to use, either 'tcp' or 'ssl' " - - - name: qpid_tcp_nodelay - type: boolean - default: true - help: 'Disable Nagle algorithm ' - - - name: qpid_topology_version - type: integer - default: 1 - help: 'The qpid topology version to use. Version 1 is what was originally used by impl_qpid. Version 2 includes some backwards-incompatible changes that allow broker federation to work. Users should update to version 2 when they are able to take everything down, as it requires a clean break. ' - - - name: rpc_zmq_bind_address - type: string - default: '*' - help: "ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP. The 'host' option should point or resolve to this address. " - - - name: rpc_zmq_matchmaker - type: string - default: 'cinder.openstack.common.rpc.matchmaker.MatchMakerLocalhost' - help: 'MatchMaker driver ' - - - name: rpc_zmq_port - type: port - default: 9501 - help: 'ZeroMQ receiver listening port ' - - - name: rpc_zmq_contexts - type: integer - default: 1 - help: 'Number of ZeroMQ contexts, defaults to 1 ' - - - name: rpc_zmq_topic_backlog - type: integer - default: ~ - help: 'Maximum number of ingress messages to locally buffer per topic. Default is unlimited. ' - - - name: rpc_zmq_ipc_dir - type: string - default: '/var/run/openstack' - help: 'Directory for holding IPC sockets ' - - - name: rpc_zmq_host - type: string - default: 'cinder' - help: "Name of this node. Must be a valid hostname, FQDN, or IP address. Must match 'host' option, if running Nova. " - - - name: matchmaker_ringfile - type: string - default: '/etc/nova/matchmaker_ring.json' - help: 'Matchmaker ring file (JSON) ' - - - name: matchmaker_heartbeat_freq - type: integer - default: 300 - help: 'Heartbeat frequency ' - - - name: matchmaker_heartbeat_ttl - type: integer - default: 600 - help: 'Heartbeat time-to-live. ' - - - name: port - type: integer - default: 6379 - help: 'Use this port to connect to redis host. ' - - - name: password - type: string - default: ~ - help: 'Password for Redis server. (optional) ' - - - name: scheduler_host_manager - type: string - default: 'cinder.scheduler.host_manager.HostManager' - help: 'The scheduler host manager class to use ' - - - name: scheduler_max_attempts - type: integer - default: 3 - help: 'Maximum number of attempts to schedule an volume ' - - - name: scheduler_default_filters - type: string_list - default: ['AvailabilityZoneFilter', 'CapacityFilter', 'CapabilitiesFilter'] - help: 'Which filter class names to use for filtering hosts when not specified in the request. ' - - - name: scheduler_default_weighers - type: string_list - default: ['CapacityWeigher'] - help: 'Which weigher class names to use for weighing hosts. ' - - - name: scheduler_driver - type: string - default: 'cinder.scheduler.filter_scheduler.FilterScheduler' - help: 'Default scheduler driver to use ' - - - name: scheduler_json_config_location - type: string - default: '' - help: 'Absolute path to scheduler configuration JSON file. ' - - - name: max_gigabytes - type: integer - default: 10000 - help: 'maximum number of volume gigabytes to allow per host ' - - - name: capacity_weight_multiplier - type: float - default: 1.0 - help: 'Multiplier used for weighing volume capacity. Negative numbers mean to stack vs spread. ' - - - name: volume_transfer_salt_length - type: integer - default: 8 - help: 'The number of characters in the salt. ' - - - name: volume_transfer_key_length - type: integer - default: 16 - help: 'The number of characters in the autogenerated auth key. ' - - - name: snapshot_same_host - type: boolean - default: true - help: 'Create volume from snapshot at the host where snapshot resides ' - - - name: cloned_volume_same_az - type: boolean - default: true - help: 'Ensure that the new volumes are the same AZ as snapshot or source volume ' - - - name: num_shell_tries - type: integer - default: 3 - help: 'number of times to attempt to run flakey shell commands ' - - - name: reserved_percentage - type: integer - default: 0 - help: 'The percentage of backend capacity is reserved ' - - - name: iscsi_num_targets - type: integer - default: 100 - help: 'The maximum number of iscsi target ids per host ' - - - name: iscsi_target_prefix - type: string - default: 'iqn.2010-10.org.openstack:' - help: 'prefix for iscsi volumes ' - - - name: iscsi_ip_address - type: string - default: '$my_ip' - help: 'The IP address that the iSCSI daemon is listening on ' - - - name: iscsi_port - type: port - default: 3260 - help: 'The port that the iSCSI daemon is listening on ' - - - name: num_volume_device_scan_tries - type: integer - default: 3 - help: 'The maximum number of times to rescan targets to find volume ' - - - name: num_iser_scan_tries - type: integer - default: 3 - help: 'The maximum number of times to rescan iSER targetto find volume ' - - - name: iser_num_targets - type: integer - default: 100 - help: 'The maximum number of iser target ids per host ' - - - name: iser_target_prefix - type: string - default: 'iqn.2010-10.org.iser.openstack:' - help: 'prefix for iser volumes ' - - - name: iser_ip_address - type: string - default: '$my_ip' - help: 'The IP address that the iSER daemon is listening on ' - - - name: iser_port - type: port - default: 3260 - help: 'The port that the iSER daemon is listening on ' - - - name: iser_helper - type: string - default: 'tgtadm' - help: 'iser target user-land tool to use ' - - - name: volume_backend_name - type: string - default: ~ - help: 'The backend name for a given driver implementation ' - - - name: use_multipath_for_image_xfer - type: boolean - default: false - help: 'Do we attach/detach volumes in cinder using multipath for volume to image and image to volume transfers? ' - - - name: volume_clear - type: string - default: 'zero' - help: 'Method used to wipe old voumes (valid options are: none, zero, shred) ' - - - name: volume_clear_size - type: integer - default: 0 - help: 'Size in MiB to wipe at start of old volumes. 0 => all ' - - - name: iscsi_helper - type: string - default: 'tgtadm' - help: 'iscsi target user-land tool to use ' - - - name: volumes_dir - type: string - default: '$state_path/volumes' - help: 'Volume configuration file storage directory ' - - - name: iet_conf - type: string - default: '/etc/iet/ietd.conf' - help: 'IET configuration file ' - - - name: lio_initiator_iqns - type: string - default: '' - help: 'Comma-separated list of initiator IQNs allowed to connect to the iSCSI target. (From Nova compute nodes.) ' - - - name: iscsi_iotype - type: string - default: 'fileio' - help: 'Sets the behavior of the iSCSI target to either perform blockio or fileio optionally, auto can be set and Cinder will autodetect type of backing device ' - - - name: available_devices - type: string_list - default: [] - help: 'List of all available devices ' - - - name: coraid_esm_address - type: string - default: '' - help: 'IP address of Coraid ESM ' - - - name: coraid_user - type: string - default: 'admin' - help: 'User name to connect to Coraid ESM ' - - - name: coraid_group - type: string - default: 'admin' - help: 'Name of group on Coraid ESM to which coraid_user belongs (must have admin privilege) ' - - - name: coraid_password - type: string - default: 'password' - help: 'Password to connect to Coraid ESM ' - - - name: coraid_repository_key - type: string - default: 'coraid_repository' - help: 'Volume Type key name to store ESM Repository Name ' - - - name: eqlx_group_name - type: string - default: 'group-0' - help: 'Group name to use for creating volumes ' - - - name: eqlx_cli_timeout - type: integer - default: 30 - help: 'Timeout for the Group Manager cli command execution ' - - - name: eqlx_cli_max_retries - type: integer - default: 5 - help: 'Maximum retry count for reconnection ' - - - name: eqlx_use_chap - type: boolean - default: false - help: 'Use CHAP authentificaion for targets? ' - - - name: eqlx_chap_login - type: string - default: 'admin' - help: 'Existing CHAP account name ' - - - name: eqlx_chap_password - type: string - default: 'password' - help: 'Password for specified CHAP account name ' - - - name: eqlx_pool - type: string - default: 'default' - help: 'Pool in which volumes will be created ' - - - name: glusterfs_shares_config - type: string - default: '/etc/cinder/glusterfs_shares' - help: 'File with the list of available gluster shares ' - - - name: glusterfs_disk_util - type: string - default: 'df' - help: 'Use du or df for free space calculation ' - - - name: glusterfs_sparsed_volumes - type: boolean - default: true - help: 'Create volumes as sparsed files which take no space.If set to False volume is created as regular file.In such case volume creation takes a lot of time. ' - - - name: glusterfs_qcow2_volumes - type: boolean - default: false - help: 'Create volumes as QCOW2 files rather than raw files. ' - - - name: glusterfs_mount_point_base - type: string - default: '$state_path/mnt' - help: 'Base dir containing mount points for gluster shares. ' - - - name: gpfs_mount_point_base - type: string - default: ~ - help: 'Specifies the path of the GPFS directory where Block Storage volume and snapshot files are stored. ' - - - name: gpfs_images_dir - type: string - default: ~ - help: 'Specifies the path of the Image service repository in GPFS. Leave undefined if not storing images in GPFS. ' - - - name: gpfs_images_share_mode - type: string - default: ~ - help: "Specifies the type of image copy to be used. Set this when the Image service repository also uses GPFS so that image files can be transferred efficiently from the Image service to the Block Storage service. There are two valid values: 'copy' specifies that a full copy of the image is made; 'copy_on_write' specifies that copy-on-write optimization strategy is used and unmodified blocks of the image file are shared efficiently. " - - - name: gpfs_max_clone_depth - type: integer - default: 0 - help: 'Specifies an upper limit on the number of indirections required to reach a specific block due to snapshots or clones. A lengthy chain of copy-on-write snapshots or clones can have a negative impact on performance, but improves space utilization. 0 indicates unlimited clone depth. ' - - - name: gpfs_sparse_volumes - type: boolean - default: true - help: 'Specifies that volumes are created as sparse files which initially consume no space. If set to False, the volume is created as a fully allocated file, in which case, creation may take a significantly longer time. ' - - - name: hds_cinder_config_file - type: string - default: '/opt/hds/hus/cinder_hus_conf.xml' - help: 'configuration file for HDS cinder plugin for HUS ' - - - name: cinder_huawei_conf_file - type: string - default: '/etc/cinder/cinder_huawei_conf.xml' - help: 'config data for cinder huawei plugin ' - - - name: volume_group - type: string - default: 'cinder-volumes' - help: 'Name for the VG that will contain exported volumes ' - - - name: pool_size - type: string - default: ~ - help: 'Size of thin provisioning pool (None uses entire cinder VG) ' - - - name: lvm_mirrors - type: integer - default: 0 - help: 'If set, create lvms with multiple mirrors. Note that this requires lvm_mirrors + 2 pvs with available space ' - - - name: lvm_type - type: string - default: 'default' - help: 'Type of LVM volumes to deploy; (default or thin) ' - - - name: netapp_vfiler - type: string - default: ~ - help: 'Vfiler to use for provisioning ' - - - name: netapp_login - type: string - default: ~ - help: 'User name for the storage controller ' - - - name: netapp_password - type: string - default: ~ - help: 'Password for the storage controller ' - - - name: netapp_vserver - type: string - default: ~ - help: 'Cluster vserver to use for provisioning ' - - - name: netapp_server_hostname - type: string - default: ~ - help: 'Host name for the storage controller ' - - - name: netapp_server_port - type: port - default: 80 - help: 'Port number for the storage controller ' - - - name: thres_avl_size_perc_start - type: integer - default: 20 - help: 'Threshold available percent to start cache cleaning. ' - - - name: thres_avl_size_perc_stop - type: integer - default: 60 - help: 'Threshold available percent to stop cache cleaning. ' - - - name: expiry_thres_minutes - type: integer - default: 720 - help: 'Threshold minutes after which cache file can be cleaned. ' - - - name: netapp_size_multiplier - type: float - default: 1.2 - help: 'Volume size multiplier to ensure while creation ' - - - name: netapp_volume_list - type: string - default: ~ - help: 'Comma separated volumes to be used for provisioning ' - - - name: netapp_storage_family - type: string - default: 'ontap_cluster' - help: 'Storage family type. ' - - - name: netapp_storage_protocol - type: string - default: ~ - help: 'Storage protocol type. ' - - - name: netapp_transport_type - type: string - default: 'http' - help: 'Transport type protocol ' - - - name: nexenta_host - type: string - default: '' - help: 'IP address of Nexenta SA ' - - - name: nexenta_rest_port - type: port - default: 2000 - help: 'HTTP port to connect to Nexenta REST API server ' - - - name: nexenta_rest_protocol - type: string - default: 'auto' - help: 'Use http or https for REST connection (default auto) ' - - - name: nexenta_user - type: string - default: 'admin' - help: 'User name to connect to Nexenta SA ' - - - name: nexenta_password - type: string - default: 'nexenta' - help: 'Password to connect to Nexenta SA ' - - - name: nexenta_iscsi_target_portal_port - type: port - default: 3260 - help: 'Nexenta target portal port ' - - - name: nexenta_volume - type: string - default: 'cinder' - help: 'pool on SA that will hold all volumes ' - - - name: nexenta_target_prefix - type: string - default: 'iqn.1986-03.com.sun:02:cinder-' - help: 'IQN prefix for iSCSI targets ' - - - name: nexenta_target_group_prefix - type: string - default: 'cinder/' - help: 'prefix for iSCSI target groups on SA ' - - - name: nexenta_shares_config - type: string - default: '/etc/cinder/nfs_shares' - help: 'File with the list of available nfs shares ' - - - name: nexenta_mount_point_base - type: string - default: '$state_path/mnt' - help: 'Base dir containing mount points for nfs shares ' - - - name: nexenta_sparsed_volumes - type: boolean - default: true - help: 'Create volumes as sparsed files which take no space.If set to False volume is created as regular file.In such case volume creation takes a lot of time. ' - - - name: nexenta_volume_compression - type: string - default: 'on' - help: 'Default compression value for new ZFS folders. ' - - - name: nexenta_mount_options - type: string - default: ~ - help: 'Mount options passed to the nfs client. See section of the nfs man page for details ' - - - name: nexenta_used_ratio - type: float - default: 0.95 - help: 'Percent of ACTUAL usage of the underlying volume before no new volumes can be allocated to the volume destination. ' - - - name: nexenta_oversub_ratio - type: float - default: 1.0 - help: 'This will compare the allocated to available space on the volume destination. If the ratio exceeds this number, the destination will no longer be valid. ' - - - name: nexenta_nms_cache_volroot - type: boolean - default: true - help: 'If set True cache NexentaStor appliance volroot option value. ' - - - name: nexenta_blocksize - type: string - default: '' - help: 'block size for volumes (blank=default,8KB) ' - - - name: nexenta_sparse - type: boolean - default: false - help: 'flag to create sparse volumes ' - - - name: nfs_shares_config - type: string - default: '/etc/cinder/nfs_shares' - help: 'File with the list of available nfs shares ' - - - name: nfs_sparsed_volumes - type: boolean - default: true - help: 'Create volumes as sparsed files which take no space.If set to False volume is created as regular file.In such case volume creation takes a lot of time. ' - - - name: nfs_used_ratio - type: float - default: 0.95 - help: 'Percent of ACTUAL usage of the underlying volume before no new volumes can be allocated to the volume destination. ' - - - name: nfs_oversub_ratio - type: float - default: 1.0 - help: 'This will compare the allocated to available space on the volume destination. If the ratio exceeds this number, the destination will no longer be valid. ' - - - name: nfs_mount_point_base - type: string - default: '$state_path/mnt' - help: 'Base dir containing mount points for nfs shares. ' - - - name: nfs_mount_options - type: string - default: ~ - help: 'Mount options passed to the nfs client. See section of the nfs man page for details. ' - - - name: rbd_pool - type: string - default: 'rbd' - help: 'the RADOS pool in which rbd volumes are stored ' - - - name: rbd_user - type: string - default: ~ - help: 'the RADOS client name for accessing rbd volumes - only set when using cephx authentication ' - - - name: rbd_ceph_conf - type: string - default: '' - help: 'path to the ceph configuration file to use ' - - - name: rbd_flatten_volume_from_snapshot - type: boolean - default: false - help: 'flatten volumes created from snapshots to remove dependency ' - - - name: rbd_secret_uuid - type: string - default: ~ - help: 'the libvirt uuid of the secret for the rbd_uservolumes ' - - - name: volume_tmp_dir - type: string - default: ~ - help: 'where to store temporary image files if the volume driver does not write them directly to the volume ' - - - name: rbd_max_clone_depth - type: integer - default: 5 - help: 'maximum number of nested clones that can be taken of a volume before enforcing a flatten prior to next clone. A value of zero disables cloning ' - - - name: hp3par_api_url - type: string - default: '' - help: '3PAR WSAPI Server Url like https://<3par ip>:8080/api/v1 ' - - - name: hp3par_username - type: string - default: '' - help: '3PAR Super user username ' - - - name: hp3par_password - type: string - default: '' - help: '3PAR Super user password ' - - - name: hp3par_domain - type: string - default: ~ - help: 'This option is DEPRECATED and no longer used. The 3par domain name to use. ' - - - name: hp3par_cpg - type: string - default: 'OpenStack' - help: 'The CPG to use for volume creation ' - - - name: hp3par_cpg_snap - type: string - default: '' - help: 'The CPG to use for Snapshots for volumes. If empty hp3par_cpg will be used ' - - - name: hp3par_snapshot_retention - type: string - default: '' - help: "The time in hours to retain a snapshot. You can't delete it before this expires. " - - - name: hp3par_snapshot_expiration - type: string - default: '' - help: 'The time in hours when a snapshot expires and is deleted. This must be larger than expiration ' - - - name: hp3par_debug - type: boolean - default: false - help: 'Enable HTTP debugging to 3PAR ' - - - name: hp3par_iscsi_ips - type: string_list - default: [] - help: 'List of target iSCSI addresses to use. ' - - - name: san_thin_provision - type: boolean - default: true - help: 'Use thin provisioning for SAN volumes? ' - - - name: san_ip - type: string - default: '' - help: 'IP address of SAN controller ' - - - name: san_login - type: string - default: 'admin' - help: 'Username for SAN controller ' - - - name: san_password - type: string - default: '' - help: 'Password for SAN controller ' - - - name: san_private_key - type: string - default: '' - help: 'Filename of private key to use for SSH authentication ' - - - name: san_clustername - type: string - default: '' - help: 'Cluster name to use for creating volumes ' - - - name: san_ssh_port - type: port - default: 22 - help: 'SSH port to use with SAN ' - - - name: san_is_local - type: boolean - default: false - help: 'Execute commands locally instead of over SSH; use if the volume service is running on the SAN device ' - - - name: ssh_conn_timeout - type: integer - default: 30 - help: 'SSH connection timeout in seconds ' - - - name: ssh_min_pool_conn - type: integer - default: 1 - help: 'Minimum ssh connections in the pool ' - - - name: ssh_max_pool_conn - type: integer - default: 5 - help: 'Maximum ssh connections in the pool ' - - - name: san_zfs_volume_base - type: string - default: 'rpool/' - help: 'The ZFS path under which to create zvols for volumes. ' - - - name: scality_sofs_config - type: string - default: ~ - help: 'Path or URL to Scality SOFS configuration file ' - - - name: scality_sofs_mount_point - type: string - default: '$state_path/scality' - help: 'Base dir where Scality SOFS shall be mounted ' - - - name: scality_sofs_volume_dir - type: string - default: 'cinder/volumes' - help: 'Path from Scality SOFS root to volume dir ' - - - name: sf_emulate_512 - type: boolean - default: true - help: 'Set 512 byte emulation on volume creation; ' - - - name: sf_allow_tenant_qos - type: boolean - default: false - help: 'Allow tenants to specify QOS on create ' - - - name: sf_account_prefix - type: string - default: 'cinder' - help: 'Create SolidFire accounts with this prefix ' - - - name: sf_api_port - type: port - default: 443 - help: 'SolidFire API port. Useful if the device api is behind a proxy on a different port. ' - - - name: storwize_svc_volpool_name - type: string - default: 'volpool' - help: 'Storage system storage pool for volumes ' - - - name: storwize_svc_vol_rsize - type: integer - default: 2 - help: 'Storage system space-efficiency parameter for volumes (percentage) ' - - - name: storwize_svc_vol_warning - type: integer - default: 0 - help: 'Storage system threshold for volume capacity warnings (percentage) ' - - - name: storwize_svc_vol_autoexpand - type: boolean - default: true - help: 'Storage system autoexpand parameter for volumes (True/False) ' - - - name: storwize_svc_vol_grainsize - type: integer - default: 256 - help: 'Storage system grain size parameter for volumes (32/64/128/256) ' - - - name: storwize_svc_vol_compression - type: boolean - default: false - help: 'Storage system compression option for volumes ' - - - name: storwize_svc_vol_easytier - type: boolean - default: true - help: 'Enable Easy Tier for volumes ' - - - name: storwize_svc_vol_iogrp - type: integer - default: 0 - help: 'The I/O group in which to allocate volumes ' - - - name: storwize_svc_flashcopy_timeout - type: integer - default: 120 - help: 'Maximum number of seconds to wait for FlashCopy to be prepared. Maximum value is 600 seconds (10 minutes) ' - - - name: storwize_svc_connection_protocol - type: string - default: 'iSCSI' - help: 'Connection protocol (iSCSI/FC) ' - - - name: storwize_svc_iscsi_chap_enabled - type: boolean - default: true - help: 'Configure CHAP authentication for iSCSI connections (Default: Enabled) ' - - - name: storwize_svc_multipath_enabled - type: boolean - default: false - help: 'Connect with multipath (FC only; iSCSI multipath is controlled by Nova) ' - - - name: storwize_svc_multihostmap_enabled - type: boolean - default: true - help: 'Allows vdisk to multi host mapping ' - - - name: vmware_host_ip - type: string - default: ~ - help: 'IP address for connecting to VMware ESX/VC server. ' - - - name: vmware_host_username - type: string - default: ~ - help: 'Username for authenticating with VMware ESX/VC server. ' - - - name: vmware_host_password - type: string - default: ~ - help: 'Password for authenticating with VMware ESX/VC server. ' - - - name: vmware_wsdl_location - type: string - default: ~ - help: 'Optional VIM service WSDL Location e.g http:///vimService.wsdl. Optional over-ride to default location for bug work-arounds. ' - - - name: vmware_api_retry_count - type: integer - default: 10 - help: 'Number of times VMware ESX/VC server API must be retried upon connection related issues. ' - - - name: vmware_task_poll_interval - type: integer - default: 5 - help: 'The interval used for polling remote tasks invoked on VMware ESX/VC server. ' - - - name: vmware_volume_folder - type: string - default: 'cinder-volumes' - help: 'Name for the folder in the VC datacenter that will contain cinder volumes. ' - - - name: vmware_image_transfer_timeout_secs - type: integer - default: 7200 - help: 'Timeout in seconds for VMDK volume transfer between Cinder and Glance. ' - - - name: vmware_max_objects_retrieval - type: integer - default: 100 - help: 'Max number of objects to be retrieved per batch. Query results will be obtained in batches from the server and not in one shot. Server may still limit the count to something less than the configured value. ' - - - name: windows_iscsi_lun_path - type: string - default: 'C:\\iSCSIVirtualDisks' - help: 'Path to store VHD backed volumes ' - - - name: xenapi_nfs_server - type: string - default: ~ - help: 'NFS server to be used by XenAPINFSDriver ' - - - name: xenapi_nfs_serverpath - type: string - default: ~ - help: 'Path of exported NFS, used by XenAPINFSDriver ' - - - name: xenapi_connection_url - type: string - default: ~ - help: 'URL for XenAPI connection ' - - - name: xenapi_connection_username - type: string - default: 'root' - help: 'Username for XenAPI connection ' - - - name: xenapi_connection_password - type: string - default: ~ - help: 'Password for XenAPI connection ' - - - name: xenapi_sr_base_path - type: string - default: '/var/run/sr-mount' - help: 'Base path to the storage repository ' - - - name: xiv_ds8k_proxy - type: string - default: 'xiv_ds8k_openstack.nova_proxy.XIVDS8KNovaProxy' - help: 'Proxy driver that connects to the IBM Storage Array ' - - - name: xiv_ds8k_connection_type - type: string - default: 'iscsi' - help: 'Connection type to the IBM Storage Array (fibre_channel|iscsi) ' - - - name: zadara_vpsa_ip - type: string - default: ~ - help: 'Management IP of Zadara VPSA ' - - - name: zadara_vpsa_port - type: string - default: ~ - help: 'Zadara VPSA port number ' - - - name: zadara_vpsa_use_ssl - type: boolean - default: false - help: 'Use SSL connection ' - - - name: zadara_user - type: string - default: ~ - help: 'User name for the VPSA ' - - - name: zadara_password - type: string - default: ~ - help: 'Password for the VPSA ' - - - name: zadara_vpsa_poolname - type: string - default: ~ - help: 'Name of VPSA storage pool for volumes ' - - - name: zadara_vol_thin - type: boolean - default: true - help: 'Default thin provisioning policy for volumes ' - - - name: zadara_vol_encrypt - type: boolean - default: false - help: 'Default encryption policy for volumes ' - - - name: zadara_default_striping_mode - type: string - default: 'simple' - help: 'Default striping mode for volumes ' - - - name: zadara_default_stripesize - type: string - default: '64' - help: 'Default stripe size for volumes ' - - - name: zadara_vol_name_template - type: string - default: 'OS_%s' - help: 'Default template for VPSA volume names ' - - - name: zadara_vpsa_auto_detach_on_delete - type: boolean - default: true - help: 'Automatically detach from servers on volume delete ' - - - name: zadara_vpsa_allow_nonexistent_delete - type: boolean - default: true - help: "Don't halt on deletion of non-existing volumes " - - - name: volume_driver - type: string - default: 'cinder.volume.drivers.lvm.LVMISCSIDriver' - help: 'Driver to use for volume creation ' - - - name: migration_create_volume_timeout_secs - type: integer - default: 300 - help: 'Timeout for creating the volume to migrate to when performing volume migration (seconds) ' - - - name: volume_service_inithost_offload - type: boolean - default: false - help: 'Offload pending volume delete during volume service startup ' - - - name: volume_dd_blocksize - type: string - default: '1M' - help: 'The default block size used when copying/clearing volumes ' - - - name: keystone_authtoken.auth_host - type: host - default: '127.0.0.1' - help: 'Host providing the admin Identity API endpoint' - - - name: keystone_authtoken.auth_port - type: port - default: 35357 - help: 'Port of the admin Identity API endpoint' - - - name: keystone_authtoken.auth_protocol - type: string - default: 'http' - help: 'Protocol of the admin Identity API endpoint' - - - name: keystone_authtoken.admin_tenant_name - type: string - default: '%SERVICE_TENANT_NAME%' - help: 'Keystone service account tenant name to validate user tokens' - - - name: keystone_authtoken.admin_user - type: string - default: '%SERVICE_USER%' - help: 'Keystone account username' - - - name: keystone_authtoken.admin_password - type: string - default: '%SERVICE_PASSWORD%' - help: 'Keystone account password' - - - name: keystone_authtoken.signing_dir - type: string - default: '/var/lib/cinder/keystone-signing' - help: 'Directory used to cache files related to PKI tokens signing_dir is configurable, but the default behavior of the authtoken middleware should be sufficient. It will create a temporary directory in the home directory for the user the cinder process is running as.' - diff --git a/rubick/schemas/cinder/cinder.conf.yml b/rubick/schemas/cinder/cinder.conf.yml deleted file mode 100644 index f816a49..0000000 --- a/rubick/schemas/cinder/cinder.conf.yml +++ /dev/null @@ -1,1901 +0,0 @@ -- version: '2013.1.3' - checkpoint: true - added: - - - name: fatal_exception_format_errors - type: boolean - default: false - help: 'make exception message format errors fatal' - - - name: policy_file - type: file - default: 'policy.json' - help: 'JSON file representing policy' - - - name: policy_default_rule - type: string - default: 'default' - help: 'Rule checked when requested rule is not found' - - - name: quota_volumes - type: integer - default: 10 - help: 'number of volumes allowed per project' - - - name: quota_snapshots - type: integer - default: 10 - help: 'number of volume snapshots allowed per project' - - - name: quota_gigabytes - type: integer - default: 1000 - help: 'number of volume gigabytes' - - - name: reservation_expire - type: integer - default: 86400 - help: 'number of seconds until a reservation expires' - - - name: until_refresh - type: integer - default: 0 - help: 'count of reservations until usage is refreshed' - - - name: max_age - type: integer - default: 0 - help: 'number of seconds between subsequent usage refreshes' - - - name: quota_driver - type: string - default: 'cinder.quota.DbQuotaDriver' - help: 'default driver to use for quota checks' - - - name: use_default_quota_class - type: boolean - default: true - help: 'whether to use default quota class for default quota' - - - name: report_interval - type: integer - default: 10 - help: 'seconds between nodes reporting state to datastore' - - - name: periodic_interval - type: integer - default: 60 - help: 'seconds between running periodic tasks' - - - name: periodic_fuzzy_delay - type: integer - default: 60 - help: 'range of seconds to randomly delay when starting the periodic task scheduler to reduce stampeding.' - - - name: osapi_volume_listen - type: host - default: '0.0.0.0' - help: 'IP address for OpenStack Volume API to listen' - - - name: osapi_volume_listen_port - type: port - default: 8776 - help: 'port for os volume api to listen' - - - name: sqlite_clean_db - type: file - default: 'clean.sqlite' - help: 'File name of clean sqlite db' - - - name: fake_tests - type: boolean - default: true - help: 'should we use everything for testing' - - - name: backlog - type: integer - default: 4096 - help: 'Number of backlog requests to configure the socket with' - - - name: tcp_keepidle - type: integer - default: 600 - help: 'Sets the value of TCP_KEEPIDLE in seconds for each server socket. Not supported on OS X.' - - - name: ssl_ca_file - type: file - default: ~ - help: 'CA certificate file to use to verify connecting clients' - - - name: ssl_cert_file - type: file - default: ~ - help: 'Certificate file to use when starting the server securely' - - - name: ssl_key_file - type: file - default: ~ - help: 'Private key file to use when starting the server securely' - - - name: osapi_max_limit - type: integer - default: 1000 - help: 'the maximum number of items returned in a single response from a collection resource' - - - name: osapi_volume_base_URL - type: string - default: ~ - help: 'Base URL that will be presented to users in links to the OpenStack Volume API' - - - name: use_forwarded_for - type: boolean - default: false - help: 'Treat X-Forwarded-For as the canonical remote address. Only enable this if you have a sanitizing proxy.' - - - name: osapi_max_request_body_size - type: integer - default: 114688 - help: 'Max size for body of a request' - - - name: backup_ceph_conf - type: file - default: '/etc/ceph/ceph.conf' - help: 'Ceph config file to use.' - - - name: backup_ceph_user - type: string - default: 'cinder' - help: 'the Ceph user to connect with' - - - name: backup_ceph_chunk_size - type: integer - default: 134217728 - help: 'the chunk size in bytes that a backup will be broken into before transfer to backup store' - - - name: backup_ceph_pool - type: string - default: 'backups' - help: 'the Ceph pool to backup to' - - - name: backup_ceph_stripe_unit - type: integer - default: 0 - help: 'RBD stripe unit to use when creating a backup image' - - - name: backup_ceph_stripe_count - type: integer - default: 0 - help: 'RBD stripe count to use when creating a backup image' - - - name: restore_discard_excess_bytes - type: boolean - default: true - help: 'If True, always discard excess bytes when restoring volumes.' - - - name: backup_swift_url - type: string - default: 'http://localhost:8080/v1/AUTH_' - help: 'The URL of the Swift endpoint' - - - name: backup_swift_auth - type: string - default: 'per_user' - help: 'Swift authentication mechanism' - - - name: backup_swift_user - type: string - default: ~ - help: 'Swift user name' - - - name: backup_swift_key - type: string - default: ~ - help: 'Swift key for authentication' - - - name: backup_swift_container - type: string - default: 'volumebackups' - help: 'The default Swift container to use' - - - name: backup_swift_object_size - type: integer - default: 52428800 - help: 'The size in bytes of Swift backup objects' - - - name: backup_swift_retry_attempts - type: integer - default: 3 - help: 'The number of retries to make for Swift operations' - - - name: backup_swift_retry_backoff - type: integer - default: 2 - help: 'The backoff time in seconds between Swift retries' - - - name: backup_compression_algorithm - type: string - default: 'zlib' - help: 'Compression algorithm' - - - name: backup_tsm_volume_prefix - type: string - default: 'backup' - help: 'Volume prefix for the backup id when backing up to TSM' - - - name: backup_tsm_password - type: string - default: 'password' - help: 'TSM password for the running username' - - - name: backup_tsm_compression - type: boolean - default: true - help: 'Enable or Disable compression for backups' - - - name: backup_driver - type: string - default: 'cinder.backup.drivers.swift_proxy_server' - help: 'Driver to use for backups.' - - - name: num_volume_device_scan_tries - type: integer - default: 3 - help: 'The maximum number of times to rescan targetsto find volume' - - - name: iscsi_helper - type: executable - default: 'tgtadm' - help: 'iscsi target user-land tool to use' - - - name: volumes_dir - type: directory - default: '$state_path/volumes' - help: 'Volume configuration file storage directory' - - - name: iet_conf - type: file - default: '/etc/iet/ietd.conf' - help: 'IET configuration file' - - - name: lio_initiator_iqns - type: string - default: '' - help: 'Comma-separatd list of initiator IQNs allowed to connect to the iSCSI target.' - - - name: iscsi_iotype - type: string - default: 'fileio' - help: 'Sets the behavior of the iSCSI target to either perform blockio or fileio optionally, auto can be set and Cinder will autodetect type of backing device' - - - name: iser_helper - type: executable - default: 'tgtadm' - help: 'iser target user-land tool to use' - - - name: nfs_mount_point_base - type: directory - default: '$state_path/mnt' - help: 'Base dir containing mount points for nfs shares' - - - name: nfs_mount_options - type: string - default: ~ - help: 'Mount options passed to the nfs client. See section of the nfs man page for details' - - - name: glusterfs_mount_point_base - type: directory - default: '$state_path/mnt' - help: 'Base dir containing mount points for gluster shares' - - - name: connection_type - type: string - default: ~ - help: 'Virtualization api connection type : libvirt, xenapi, or fake' - - - name: api_paste_config - type: file - default: 'api-paste.ini' - help: 'File name for the paste.deploy config for cinder-api' - - - name: pybasedir - type: directory - default: '/usr/lib/python/site-packages' - help: 'Directory where the cinder python module is installed' - - - name: bindir - type: directory - default: '$pybasedir/bin' - help: 'Directory where cinder binaries are installed' - - - name: state_path - type: directory - default: '$pybasedir' - help: "Top-level directory for maintaining cinder's state" - - - name: my_ip - type: host - default: '10.0.0.1' - help: 'ip address of this host' - - - name: glance_host - type: host - default: '$my_ip' - help: 'default glance hostname or ip' - - - name: glance_port - type: port - default: 9292 - help: 'default glance port' - - - name: glance_api_servers - type: list - default: ['$glance_host:$glance_port'] - help: 'A list of the glance api servers available to cinder' - - - name: glance_api_version - type: integer - default: 1 - help: 'Version of the glance api to use' - - - name: glance_num_retries - type: integer - default: 0 - help: 'Number retries when downloading an image from glance' - - - name: glance_api_insecure - type: boolean - default: false - help: 'Allow to perform insecure SSL' - - - name: glance_api_ssl_compression - type: boolean - default: false - help: 'Whether to attempt to negotiate SSL layer compression when using SSL' - - - name: glance_request_timeout - type: integer - default: ~ - help: 'http/https timeout value for glance operations. If no value' - - - name: scheduler_topic - type: string - default: 'cinder-scheduler' - help: 'the topic scheduler nodes listen on' - - - name: volume_topic - type: string - default: 'cinder-volume' - help: 'the topic volume nodes listen on' - - - name: backup_topic - type: string - default: 'cinder-backup' - help: 'the topic volume backup nodes listen on' - - - name: enable_v1_api - type: boolean - default: true - help: 'Deploy v1 of the Cinder API. ' - - - name: enable_v2_api - type: boolean - default: true - help: 'Deploy v2 of the Cinder API. ' - - - name: api_rate_limit - type: boolean - default: true - help: 'whether to rate limit the api' - - - name: osapi_volume_ext_list - type: list - default: [] - help: 'Specify list of extensions to load when using osapi_volume_extension option with cinder_2013_1_3.api.contrib.select_extensions' - - - name: osapi_volume_extension - type: multi - default: 'cinder.api.contrib.standard_extensions' - help: 'osapi volume extension to load' - - - name: volume_manager - type: string - default: 'cinder.volume.manager.VolumeManager' - help: 'full class name for the Manager for volume' - - - name: backup_manager - type: string - default: 'cinder.backup.manager.BackupManager' - help: 'full class name for the Manager for volume backup' - - - name: scheduler_manager - type: string - default: 'cinder.scheduler.manager.SchedulerManager' - help: 'full class name for the Manager for scheduler' - - - name: host - type: host - default: '127.0.0.1' - help: 'Host to locate redis' - - - name: storage_availability_zone - type: string - default: 'nova' - help: 'availability zone of this node' - - - name: default_availability_zone - type: string - default: ~ - help: 'default availability zone to use when creating a new volume. If this is not set then we use the value from the storage_availability_zone option as the default availability_zone for new volumes.' - - - name: memcached_servers - type: list - default: ~ - help: 'Memcached servers or None for in process cache.' - - - name: default_volume_type - type: string - default: ~ - help: 'default volume type to use' - - - name: volume_usage_audit_period - type: string - default: 'month' - help: 'time period to generate volume usages for. Time period must be hour, day, month or year' - - - name: root_helper - type: executable - default: 'sudo' - help: 'Deprecated: command to use for running commands as root' - - - name: rootwrap_config - type: file - default: '/etc/cinder/rootwrap.conf' - help: 'Path to the rootwrap configuration file to use for running commands as root' - - - name: monkey_patch - type: boolean - default: false - help: 'Enable monkey patching' - - - name: monkey_patch_modules - type: list - default: [] - help: 'List of modules/decorators to monkey patch' - - - name: service_down_time - type: integer - default: 60 - help: 'maximum time since last check-in for up service' - - - name: volume_api_class - type: string - default: 'cinder.volume.api.API' - help: 'The full class name of the volume API class to use' - - - name: backup_api_class - type: string - default: 'cinder.backup.api.API' - help: 'The full class name of the volume backup API class' - - - name: auth_strategy - type: enum - type_args: {'values': ['noauth', 'keystone']} - default: 'noauth' - help: 'The strategy to use for auth. Supports noauth, keystone, and deprecated.' - - - name: enabled_backends - type: list - default: ~ - help: 'A list of backend names to use. These backend names should be backed by a unique [CONFIG] group with its options' - - - name: no_snapshot_gb_quota - type: boolean - default: false - help: 'Whether snapshots count against GigaByte quota' - - - name: transfer_api_class - type: string - default: 'cinder.transfer.api.API' - help: 'The full class name of the volume transfer API class' - - - name: compute_api_class - type: string - default: 'cinder.compute.nova.API' - help: 'The full class name of the compute API class to use' - - - name: nova_catalog_info - type: string - default: 'compute:nova:publicURL' - help: 'Info to match when looking for nova in the service catalog. Format is : separated values of the form: ::' - - - name: nova_catalog_admin_info - type: string - default: 'compute:nova:adminURL' - help: 'Same as nova_catalog_info, but for admin endpoint.' - - - name: nova_endpoint_template - type: string - default: ~ - help: 'Override service catalog lookup with template for nova endpoint e.g. http://localhost:8774/v2/%(tenant_id)s' - - - name: nova_endpoint_admin_template - type: string - default: ~ - help: 'Same as nova_endpoint_template, but for admin endpoint.' - - - name: os_region_name - type: string - default: ~ - help: 'region name of this node' - - - name: nova_ca_certificates_file - type: file - default: ~ - help: 'Location of ca certicates file to use for nova client requests.' - - - name: nova_api_insecure - type: boolean - default: false - help: 'Allow to perform insecure SSL requests to nova' - - - name: db_backend - type: string - default: 'sqlalchemy' - help: 'The backend to use for db' - - - name: enable_new_services - type: boolean - default: true - help: 'Services to be added to the available pool on create' - - - name: volume_name_template - type: string - default: 'volume-%s' - help: 'Template string to be used to generate volume names' - - - name: snapshot_name_template - type: string - default: 'snapshot-%s' - help: 'Template string to be used to generate snapshot names' - - - name: backup_name_template - type: string - default: 'backup-%s' - help: 'Template string to be used to generate backup names' - - - name: db_driver - type: string - default: 'cinder.db' - help: 'driver to use for database access' - - - name: allowed_direct_url_schemes - type: list - default: [] - help: 'A list of url schemes that can be downloaded directly via the direct_url. Currently supported schemes: [file].' - - - name: image_conversion_dir - type: directory - default: '$state_path/conversion' - help: 'Directory used for temporary storage during image conversion' - - - name: keymgr_api_class - type: string - default: 'cinder.keymgr.not_implemented_key_mgr.NotImplementedKeyManager' - help: 'The full class name of the key manager API class' - - - name: backend - type: string - default: 'sqlalchemy' - help: 'The backend to use for db' - - - name: use_tpool - type: boolean - default: false - help: 'Enable the experimental use of thread pooling for all DB API calls' - - - name: connection - type: string - default: 'sqlite:////cinder/openstack/common/db/$sqlite_db' - help: 'The SQLAlchemy connection string used to connect to the database' - - - name: sql_connection - type: string - default: 'sqlite:////nova/openstack/common/db/$sqlite_db' - help: 'The SQLAlchemy connection string used to connect to the database' - - - name: idle_timeout - type: integer - default: 3600 - help: 'timeout before idle sql connections are reaped' - - - name: min_pool_size - type: integer - default: 1 - help: 'Minimum number of SQL connections to keep open in a pool' - - - name: max_pool_size - type: integer - default: 5 - help: 'Maximum number of SQL connections to keep open in a pool' - - - name: max_retries - type: integer - default: 10 - help: 'maximum db connection retries during startup.' - - - name: retry_interval - type: integer - default: 10 - help: 'interval between retries of opening a sql connection' - - - name: max_overflow - type: integer - default: ~ - help: 'If set, use this value for max_overflow with sqlalchemy' - - - name: connection_debug - type: integer - default: 0 - help: 'Verbosity of SQL debugging information. 0=None, 100=Everything' - - - name: connection_trace - type: boolean - default: false - help: 'Add python stack traces to SQL as comment strings' - - - name: sqlite_db - type: string - default: 'cinder.sqlite' - help: 'the filename to use with sqlite' - - - name: sqlite_synchronous - type: boolean - default: true - help: 'If true, use synchronous mode for sqlite' - - - name: backdoor_port - type: port - default: ~ - help: 'port for eventlet backdoor to listen' - - - name: disable_process_locking - type: boolean - default: false - help: 'Whether to disable inter-process locks' - - - name: lock_path - type: directory - default: ~ - help: 'Directory to use for lock files. Default to a temp directory' - - - name: debug - type: boolean - default: false - help: 'Print debugging output' - - - name: verbose - type: boolean - default: false - help: 'Print more verbose output' - - - name: use_stderr - type: boolean - default: true - help: 'Log output to standard error' - - - name: logging_context_format_string - type: string - default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s' - help: 'format string to use for log messages with context' - - - name: logging_default_format_string - type: string - default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s' - help: 'format string to use for log messages without context' - - - name: logging_debug_format_suffix - type: string - default: '%(funcName)s %(pathname)s:%(lineno)d' - help: 'data to append to log format when level is DEBUG' - - - name: logging_exception_prefix - type: string - default: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' - help: 'prefix each line of exception output with this format' - - - name: default_log_levels - type: list - default: ['amqplib=WARN', 'sqlalchemy=WARN', 'boto=WARN', 'suds=INFO', 'keystone=INFO', 'eventlet.wsgi.server=WARN'] - help: 'list of logger=LEVEL pairs' - - - name: publish_errors - type: boolean - default: false - help: 'publish error events' - - - name: fatal_deprecations - type: boolean - default: false - help: 'make deprecations fatal' - - - name: instance_format - type: string - default: '"[instance: %(uuid)s] "' - help: 'If an instance is passed with the log message, format it like this' - - - name: instance_uuid_format - type: string - default: '"[instance: %(uuid)s] "' - help: 'If an instance UUID is passed with the log message, format it like this' - - - name: log_config - type: file - default: ~ - help: 'If this option is specified, the logging configuration file specified is used and overrides any other logging options specified. Please see the Python logging module documentation for details on logging configuration files.' - - - name: log_format - type: string - default: ~ - help: 'A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes. This option is deprecated. Please use logging_context_format_string and logging_default_format_string instead.' - - - name: log_date_format - type: string - default: '%Y-%m-%d %H:%M:%S' - help: 'Format string for %%(asctime)s in log records. Default: %(default)s' - - - name: log_file - type: file - default: ~ - help: '(Optional) Name of log file to output to. If no default is set, logging will go to stdout.' - - - name: log_dir - type: directory - default: ~ - help: '(Optional) The base directory used for relative --log-file paths' - - - name: use_syslog - type: boolean - default: false - help: 'Use syslog for logging.' - - - name: syslog_log_facility - type: string - default: 'LOG_USER' - help: 'syslog facility to receive log lines' - - - name: default_notification_level - type: enum - type_args: {'values': ['DEBUG', 'INFO', 'WARN', 'CRITICAL']} - default: 'INFO' - help: 'Default notification level for outgoing notifications' - - - name: default_publisher_id - type: string - default: ~ - help: 'Default publisher_id for outgoing notifications' - - - name: notification_topics - type: list - default: ['notifications'] - help: 'AMQP topic used for OpenStack notifications' - - - name: topics - type: list - default: ['notifications'] - help: 'AMQP topic(s) used for OpenStack notifications' - - - name: run_external_periodic_tasks - type: boolean - default: true - help: 'Some periodic tasks can be run in a separate process. Should we run them here?' - - - name: rpc_backend - type: string - default: 'cinder.openstack.common.rpc.impl_kombu' - help: 'The messaging module to use, defaults to kombu.' - - - name: rpc_thread_pool_size - type: integer - default: 64 - help: 'Size of RPC thread pool' - - - name: rpc_conn_pool_size - type: integer - default: 30 - help: 'Size of RPC connection pool' - - - name: rpc_response_timeout - type: integer - default: 60 - help: 'Seconds to wait for a response from call or multicall' - - - name: rpc_cast_timeout - type: integer - default: 30 - help: 'Seconds to wait before a cast expires' - - - name: allowed_rpc_exception_modules - type: list - default: ['cinder.openstack.common.exception', 'nova.exception', 'cinder.exception', 'exceptions'] - help: 'Modules of exceptions that are permitted to be recreated upon receiving exception data from an rpc call.' - - - name: fake_rabbit - type: boolean - default: false - help: 'If passed, use a fake RabbitMQ provider' - - - name: control_exchange - type: string - default: 'openstack' - help: 'AMQP exchange to connect to if using RabbitMQ or Qpid' - - - name: amqp_rpc_single_reply_queue - type: boolean - default: false - help: 'Enable a fast single reply queue if using AMQP based RPC like RabbitMQ or Qpid.' - - - name: amqp_durable_queues - type: boolean - default: false - help: 'Use durable queues in amqp.' - - - name: amqp_auto_delete - type: boolean - default: false - help: 'Auto-delete queues in amqp.' - - - name: kombu_ssl_version - type: string - default: '' - help: 'SSL version to use' - - - name: kombu_ssl_keyfile - type: file - default: '' - help: 'SSL key file' - - - name: kombu_ssl_certfile - type: file - default: '' - help: 'SSL cert file' - - - name: kombu_ssl_ca_certs - type: file - default: '' - help: 'SSL certification authority file' - - - name: rabbit_host - type: host - default: 'localhost' - help: 'The RabbitMQ broker address where a single node is used' - - - name: rabbit_port - type: port - default: 5672 - help: 'The RabbitMQ broker port where a single node is used' - - - name: rabbit_hosts - type: list - default: ['$rabbit_host:$rabbit_port'] - help: 'RabbitMQ HA cluster host:port pairs' - - - name: rabbit_use_ssl - type: boolean - default: false - help: 'connect over SSL for RabbitMQ' - - - name: rabbit_userid - type: string - default: 'guest' - help: 'the RabbitMQ userid' - - - name: rabbit_password - type: string - default: 'guest' - help: 'the RabbitMQ password' - - - name: rabbit_virtual_host - type: string - default: '/' - help: 'the RabbitMQ virtual host' - - - name: rabbit_retry_interval - type: integer - default: 1 - help: 'how frequently to retry connecting with RabbitMQ' - - - name: rabbit_retry_backoff - type: integer - default: 2 - help: 'how long to backoff for between retries when connecting to RabbitMQ' - - - name: rabbit_max_retries - type: integer - default: 0 - help: 'maximum retries with trying to connect to RabbitMQ' - - - name: rabbit_ha_queues - type: boolean - default: false - help: 'use H/A queues in RabbitMQ' - - - name: qpid_hostname - type: host - default: 'localhost' - help: 'Qpid broker hostname' - - - name: qpid_port - type: port - default: 5672 - help: 'Qpid broker port' - - - name: qpid_hosts - type: list - default: ['$qpid_hostname:$qpid_port'] - help: 'Qpid HA cluster host:port pairs' - - - name: qpid_username - type: string - default: '' - help: 'Username for qpid connection' - - - name: qpid_password - type: string - default: '' - help: 'Password for qpid connection' - - - name: qpid_sasl_mechanisms - type: string - default: '' - help: 'Space separated list of SASL mechanisms to use for auth' - - - name: qpid_heartbeat - type: integer - default: 60 - help: 'Seconds between connection keepalive heartbeats' - - - name: qpid_protocol - type: enum - type_args: {'values': ['tcp', 'ssl']} - default: 'tcp' - help: "Transport to use, either 'tcp' or 'ssl'" - - - name: qpid_tcp_nodelay - type: boolean - default: true - help: 'Disable Nagle algorithm' - - - name: qpid_topology_version - type: integer - default: 1 - help: 'The qpid topology version to use. Version 1 is what was originally used by impl_qpid. Version 2 includes some backwards-incompatible changes that allow broker federation to work. Users should update to version 2 when they are able to take everything down, as it requires a clean break.' - - - name: rpc_zmq_bind_address - type: string - default: '*' - help: 'ZeroMQ bind address. Should be a wildcard' - comment: 'New param' - - - name: rpc_zmq_matchmaker - type: string - default: 'cinder.openstack.common.rpc.matchmaker.MatchMakerLocalhost' - help: 'MatchMaker driver' - - - name: rpc_zmq_port - type: port - default: 9501 - help: 'ZeroMQ receiver listening port' - - - name: rpc_zmq_contexts - type: integer - default: 1 - help: 'Number of ZeroMQ contexts, defaults to 1' - - - name: rpc_zmq_topic_backlog - type: integer - default: ~ - help: 'Maximum number of ingress messages to locally buffer per topic. Default is unlimited.' - - - name: rpc_zmq_ipc_dir - type: directory - default: '/var/run/openstack' - help: 'Directory for holding IPC sockets' - - - name: rpc_zmq_host - type: string - default: 'cinder' - help: "Name of this node. Must be a valid hostname, FQDN, or IP address. Must match 'host' option, if running Nova." - - - name: matchmaker_ringfile - type: file - default: '/etc/nova/matchmaker_ring.json' - help: 'Matchmaker ring file' - - - name: matchmaker_heartbeat_freq - type: integer - default: 300 - help: 'Heartbeat frequency' - comment: 'New param' - - - name: matchmaker_heartbeat_ttl - type: integer - default: 600 - help: 'Heartbeat time-to-live.' - - - name: port - type: port - default: 6379 - help: 'Use this port to connect to redis host.' - comment: 'New param' - - - name: password - type: string - default: ~ - help: 'Password for Redis server.' - - - name: scheduler_host_manager - type: string - default: 'cinder.scheduler.host_manager.HostManager' - help: 'The scheduler host manager class to use' - - - name: scheduler_max_attempts - type: integer - default: 3 - help: 'Maximum number of attempts to schedule an volume' - - - name: scheduler_default_filters - type: list - default: ['AvailabilityZoneFilter', 'CapacityFilter', 'CapabilitiesFilter'] - help: 'Which filter class names to use for filtering hosts when not specified in the request.' - - - name: scheduler_default_weighers - type: list - default: ['CapacityWeigher'] - help: 'Which weigher class names to use for weighing hosts.' - - - name: scheduler_driver - type: string - default: 'cinder.scheduler.filter_scheduler.FilterScheduler' - help: 'Default scheduler driver to use' - - - name: scheduler_json_config_location - type: file - default: '' - help: 'Absolute path to scheduler configuration JSON file.' - - - name: max_gigabytes - type: integer - default: 10000 - help: 'maximum number of volume gigabytes to allow per host' - - - name: capacity_weight_multiplier - type: float - default: 1.0 - help: 'Multiplier used for weighing volume capacity. Negative numbers mean to stack vs spread.' - - - name: volume_transfer_salt_length - type: integer - default: 8 - help: 'The number of characters in the salt.' - - - name: volume_transfer_key_length - type: integer - default: 16 - help: 'The number of characters in the autogenerated auth key.' - - - name: snapshot_same_host - type: boolean - default: true - help: 'Create volume from snapshot at the host where snapshot resides' - - - name: cloned_volume_same_az - type: boolean - default: true - help: 'Ensure that the new volumes are the same AZ as snapshot or source volume' - - - name: num_shell_tries - type: integer - default: 3 - help: 'number of times to attempt to run flakey shell commands' - - - name: reserved_percentage - type: integer - default: 0 - help: 'The percentage of backend capacity is reserved' - - - name: iscsi_num_targets - type: integer - default: 100 - help: 'The maximum number of iscsi target ids per host' - - - name: iscsi_target_prefix - type: string - default: 'iqn.2010-10.org.openstack:' - help: 'prefix for iscsi volumes' - - - name: iscsi_ip_address - type: host - default: '$my_ip' - help: 'The IP address that the iSCSI daemon is listening on' - - - name: iscsi_port - type: port - default: 3260 - help: 'The port that the iSCSI daemon is listening on' - - - name: num_iser_scan_tries - type: integer - default: 3 - help: 'The maximum number of times to rescan iSER targetto find volume' - - - name: iser_num_targets - type: integer - default: 100 - help: 'The maximum number of iser target ids per host' - - - name: iser_target_prefix - type: string - default: 'iqn.2010-10.org.iser.openstack:' - help: 'prefix for iser volumes' - - - name: iser_ip_address - type: host - default: '$my_ip' - help: 'The IP address that the iSER daemon is listening on' - - - name: iser_port - type: port - default: 3260 - help: 'The port that the iSER daemon is listening on' - - - name: volume_backend_name - type: string - default: ~ - help: 'The backend name for a given driver implementation' - - - name: use_multipath_for_image_xfer - type: boolean - default: false - help: 'Do we attach/detach volumes in cinder using multipath for volume to image and image to volume transfers?' - - - name: volume_clear - type: string - default: 'zero' - help: 'Method used to wipe old voumes' - - - name: volume_clear_size - type: integer - default: 0 - help: 'Size in MiB to wipe at start of old volumes. 0 => all' - - - name: available_devices - type: list - default: [] - help: 'List of all available devices' - - - name: coraid_esm_address - type: host - default: '' - help: 'IP address of Coraid ESM' - - - name: coraid_user - type: string - default: 'admin' - help: 'User name to connect to Coraid ESM' - - - name: coraid_group - type: string - default: 'admin' - help: 'Name of group on Coraid ESM to which coraid_user belongs' - - - name: coraid_password - type: string - default: 'password' - help: 'Password to connect to Coraid ESM' - - - name: coraid_repository_key - type: string - default: 'coraid_repository' - help: 'Volume Type key name to store ESM Repository Name' - - - name: eqlx_group_name - type: string - default: 'group-0' - help: 'Group name to use for creating volumes' - - - name: eqlx_cli_timeout - type: integer - default: 30 - help: 'Timeout for the Group Manager cli command execution' - - - name: eqlx_cli_max_retries - type: integer - default: 5 - help: 'Maximum retry count for reconnection' - - - name: eqlx_use_chap - type: boolean - default: false - help: 'Use CHAP authentificaion for targets?' - - - name: eqlx_chap_login - type: string - default: 'admin' - help: 'Existing CHAP account name' - - - name: eqlx_chap_password - type: string - default: 'password' - help: 'Password for specified CHAP account name' - - - name: eqlx_pool - type: string - default: 'default' - help: 'Pool in which volumes will be created' - - - name: glusterfs_shares_config - type: file - default: '/etc/cinder/glusterfs_shares' - help: 'File with the list of available gluster shares' - - - name: glusterfs_disk_util - type: string - default: 'df' - help: 'Use du or df for free space calculation' - - - name: glusterfs_sparsed_volumes - type: boolean - default: true - help: 'Create volumes as sparsed files which take no space.If set to False volume is created as regular file.In such case volume creation takes a lot of time.' - - - name: glusterfs_qcow2_volumes - type: boolean - default: false - help: 'Create volumes as QCOW2 files rather than raw files.' - - - name: gpfs_mount_point_base - type: directory - default: ~ - help: 'Path to the directory on GPFS mount point where volumes are stored' - - - name: gpfs_images_dir - type: directory - default: ~ - help: 'Path to GPFS Glance repository as mounted on Nova nodes' - - - name: gpfs_images_share_mode - type: string - default: ~ - help: 'Set this if Glance image repo is on GPFS as well so that the image bits can be transferred efficiently between Glance and cinder. Valid values are copy or copy_on_write. copy performs a full copy of the image, copy_on_write efficiently shares unmodified blocks of the image.' - - - name: gpfs_max_clone_depth - type: integer - default: 0 - help: 'A lengthy chain of copy-on-write snapshots or clones could have impact on performance. This option limits the number of indirections required to reach a specific block. 0 indicates unlimited.' - - - name: gpfs_sparse_volumes - type: boolean - default: true - help: 'Create volumes as sparse files which take no space. If set to False volume is created as regular file. In this case volume creation may take a significantly longer time.' - comment: 'New param' - - - name: hds_cinder_config_file - type: file - default: '/opt/hds/hus/cinder_hus_conf.xml' - help: 'configuration file for HDS cinder plugin for HUS' - - - name: cinder_huawei_conf_file - type: file - default: '/etc/cinder/cinder_huawei_conf.xml' - help: 'config data for cinder huawei plugin' - - - name: volume_group - type: string - default: 'cinder-volumes' - help: 'Name for the VG that will contain exported volumes' - - - name: pool_size - type: string - default: ~ - help: 'Size of thin provisioning pool' - - - name: lvm_mirrors - type: integer - default: 0 - help: 'If set, create lvms with multiple mirrors. Note that this requires lvm_mirrors + 2 pvs with available space' - - - name: lvm_type - type: string - default: 'default' - help: 'Type of LVM volumes to deploy;' - - - name: netapp_vfiler - type: string - default: ~ - help: 'Vfiler to use for provisioning' - - - name: netapp_login - type: string - default: ~ - help: 'User name for the storage controller' - - - name: netapp_password - type: string - default: ~ - help: 'Password for the storage controller' - - - name: netapp_vserver - type: string - default: ~ - help: 'Cluster vserver to use for provisioning' - - - name: netapp_server_hostname - type: string - default: ~ - help: 'Host name for the storage controller' - - - name: netapp_server_port - type: port - default: 80 - help: 'Port number for the storage controller' - - - name: thres_avl_size_perc_start - type: integer - default: 20 - help: 'Threshold available percent to start cache cleaning.' - - - name: thres_avl_size_perc_stop - type: integer - default: 60 - help: 'Threshold available percent to stop cache cleaning.' - - - name: expiry_thres_minutes - type: integer - default: 720 - help: 'Threshold minutes after which cache file can be cleaned.' - - - name: netapp_size_multiplier - type: float - default: 1.2 - help: 'Volume size multiplier to ensure while creation' - - - name: netapp_volume_list - type: string - default: ~ - help: 'Comma separated volumes to be used for provisioning' - - - name: netapp_storage_family - type: string - default: 'ontap_cluster' - help: 'Storage family type.' - - - name: netapp_storage_protocol - type: string - default: ~ - help: 'Storage protocol type.' - - - name: netapp_transport_type - type: string - default: 'http' - help: 'Transport type protocol' - - - name: nexenta_host - type: host - default: '' - help: 'IP address of Nexenta SA' - - - name: nexenta_rest_port - type: port - default: 2000 - help: 'HTTP port to connect to Nexenta REST API server' - - - name: nexenta_rest_protocol - type: enum - type_args: {'values': ['auto', 'http', 'https']} - default: 'auto' - help: 'Use http or https for REST connection' - - - name: nexenta_user - type: string - default: 'admin' - help: 'User name to connect to Nexenta SA' - - - name: nexenta_password - type: string - default: 'nexenta' - help: 'Password to connect to Nexenta SA' - - - name: nexenta_iscsi_target_portal_port - type: integer - default: 3260 - help: 'Nexenta target portal port' - - - name: nexenta_volume - type: string - default: 'cinder' - help: 'pool on SA that will hold all volumes' - - - name: nexenta_target_prefix - type: string - default: 'iqn.1986-03.com.sun:02:cinder-' - help: 'IQN prefix for iSCSI targets' - - - name: nexenta_target_group_prefix - type: string - default: 'cinder/' - help: 'prefix for iSCSI target groups on SA' - - - name: nexenta_shares_config - type: file - default: '/etc/cinder/nfs_shares' - help: 'File with the list of available nfs shares' - - - name: nexenta_mount_point_base - type: directory - default: '$state_path/mnt' - help: 'Base dir containing mount points for nfs shares' - - - name: nexenta_sparsed_volumes - type: boolean - default: true - help: 'Create volumes as sparsed files which take no space.If set to False volume is created as regular file.In such case volume creation takes a lot of time.' - - - name: nexenta_volume_compression - type: string - default: 'on' - help: 'Default compression value for new ZFS folders.' - - - name: nexenta_mount_options - type: string - default: ~ - help: 'Mount options passed to the nfs client. See section of the nfs man page for details' - - - name: nexenta_used_ratio - type: float - default: 0.95 - help: 'Percent of ACTUAL usage of the underlying volume before no new volumes can be allocated to the volume destination.' - - - name: nexenta_oversub_ratio - type: float - default: 1.0 - help: 'This will compare the allocated to available space on the volume destination. If the ratio exceeds this number, the destination will no longer be valid.' - - - name: nexenta_blocksize - type: string - default: '' - help: 'block size for volumes' - - - name: nexenta_sparse - type: boolean - default: false - help: 'flag to create sparse volumes' - - - name: nfs_shares_config - type: file - default: '/etc/cinder/nfs_shares' - help: 'File with the list of available nfs shares' - - - name: nfs_sparsed_volumes - type: boolean - default: true - help: 'Create volumes as sparsed files which take no space.If set to False volume is created as regular file.In such case volume creation takes a lot of time.' - comment: 'New param' - - - name: nfs_used_ratio - type: float - default: 0.95 - help: 'Percent of ACTUAL usage of the underlying volume before no new volumes can be allocated to the volume destination.' - - - name: nfs_oversub_ratio - type: float - default: 1.0 - help: 'This will compare the allocated to available space on the volume destination. If the ratio exceeds this number, the destination will no longer be valid.' - - - name: rbd_pool - type: string - default: 'rbd' - help: 'the RADOS pool in which rbd volumes are stored' - - - name: rbd_user - type: string - default: ~ - help: 'the RADOS client name for accessing rbd volumes - only set when using cephx authentication' - - - name: rbd_ceph_conf - type: file - default: '' - help: 'path to the ceph configuration file to use' - - - name: rbd_flatten_volume_from_snapshot - type: boolean - default: false - help: 'flatten volumes created from snapshots to remove dependency' - - - name: rbd_secret_uuid - type: string - default: ~ - help: 'the libvirt uuid of the secret for the rbd_uservolumes' - - - name: volume_tmp_dir - type: directory - default: ~ - help: 'where to store temporary image files if the volume driver does not write them directly to the volume' - - - name: rbd_max_clone_depth - type: integer - default: 5 - help: 'maximum number of nested clones that can be taken of a volume before enforcing a flatten prior to next clone. A value of zero disables cloning' - - - name: hp3par_api_url - type: string - default: '' - help: '3PAR WSAPI Server Url like https://<3par ip>:8080/api/v1' - - - name: hp3par_username - type: string - default: '' - help: '3PAR Super user username' - - - name: hp3par_password - type: string - default: '' - help: '3PAR Super user password' - - - name: hp3par_domain - type: string - default: ~ - help: 'This option is DEPRECATED and no longer used. The 3par domain name to use.' - - - name: hp3par_cpg - type: string - default: 'OpenStack' - help: 'The CPG to use for volume creation' - - - name: hp3par_cpg_snap - type: string - default: '' - help: 'The CPG to use for Snapshots for volumes. If empty hp3par_cpg will be used' - - - name: hp3par_snapshot_retention - type: string - default: '' - help: "The time in hours to retain a snapshot. You can't delete it before this expires." - - - name: hp3par_snapshot_expiration - type: string - default: '' - help: 'The time in hours when a snapshot expires and is deleted. This must be larger than expiration' - - - name: hp3par_debug - type: boolean - default: false - help: 'Enable HTTP debugging to 3PAR' - - - name: hp3par_iscsi_ips - type: list - default: [] - help: 'List of target iSCSI addresses to use.' - - - name: san_thin_provision - type: boolean - default: true - help: 'Use thin provisioning for SAN volumes?' - - - name: san_ip - type: host - default: '' - help: 'IP address of SAN controller' - - - name: san_login - type: string - default: 'admin' - help: 'Username for SAN controller' - - - name: san_password - type: string - default: '' - help: 'Password for SAN controller' - - - name: san_private_key - type: file - default: '' - help: 'Filename of private key to use for SSH authentication' - - - name: san_clustername - type: string - default: '' - help: 'Cluster name to use for creating volumes' - - - name: san_ssh_port - type: port - default: 22 - help: 'SSH port to use with SAN' - - - name: san_is_local - type: boolean - default: false - help: 'Execute commands locally instead of over SSH; use if the volume service is running on the SAN device' - comment: 'New param' - - - name: ssh_conn_timeout - type: integer - default: 30 - help: 'SSH connection timeout in seconds' - - - name: ssh_min_pool_conn - type: integer - default: 1 - help: 'Minimum ssh connections in the pool' - - - name: ssh_max_pool_conn - type: integer - default: 5 - help: 'Maximum ssh connections in the pool' - - - name: san_zfs_volume_base - type: string - default: 'rpool/' - help: 'The ZFS path under which to create zvols for volumes.' - - - name: scality_sofs_config - type: string - default: ~ - help: 'Path or URL to Scality SOFS configuration file' - comment: 'New param' - - - name: scality_sofs_mount_point - type: directory - default: '$state_path/scality' - help: 'Base dir where Scality SOFS shall be mounted' - - - name: scality_sofs_volume_dir - type: directory - default: 'cinder/volumes' - help: 'Path from Scality SOFS root to volume dir' - - - name: sf_emulate_512 - type: boolean - default: true - help: 'Set 512 byte emulation on volume creation; ' - - - name: sf_allow_tenant_qos - type: boolean - default: false - help: 'Allow tenants to specify QOS on create' - - - name: sf_account_prefix - type: string - default: 'cinder' - help: 'Create SolidFire accounts with this prefix' - - - name: sf_api_port - type: port - default: 443 - help: 'SolidFire API port. Useful if the device api is behind a proxy on a different port.' - - - name: storwize_svc_volpool_name - type: string - default: 'volpool' - help: 'Storage system storage pool for volumes' - - - name: storwize_svc_vol_rsize - type: integer - default: 2 - help: 'Storage system space-efficiency parameter for volumes' - - - name: storwize_svc_vol_warning - type: integer - default: 0 - help: 'Storage system threshold for volume capacity warnings' - - - name: storwize_svc_vol_autoexpand - type: boolean - default: true - help: 'Storage system autoexpand parameter for volumes' - - - name: storwize_svc_vol_grainsize - type: integer - default: 256 - help: 'Storage system grain size parameter for volumes' - - - name: storwize_svc_vol_compression - type: boolean - default: false - help: 'Storage system compression option for volumes' - - - name: storwize_svc_vol_easytier - type: boolean - default: true - help: 'Enable Easy Tier for volumes' - - - name: storwize_svc_vol_iogrp - type: integer - default: 0 - help: 'The I/O group in which to allocate volumes' - - - name: storwize_svc_flashcopy_timeout - type: integer - default: 120 - help: 'Maximum number of seconds to wait for FlashCopy to be prepared. Maximum value is 600 seconds' - - - name: storwize_svc_connection_protocol - type: string - default: 'iSCSI' - help: 'Connection protocol' - - - name: storwize_svc_multipath_enabled - type: boolean - default: false - help: 'Connect with multipath' - comment: 'New param' - - - name: storwize_svc_multihostmap_enabled - type: boolean - default: true - help: 'Allows vdisk to multi host mapping' - - - name: vmware_host_ip - type: host - default: ~ - help: 'IP address for connecting to VMware ESX/VC server.' - - - name: vmware_host_username - type: string - default: ~ - help: 'Username for authenticating with VMware ESX/VC server.' - - - name: vmware_host_password - type: string - default: ~ - help: 'Password for authenticating with VMware ESX/VC server.' - - - name: vmware_wsdl_location - type: string - default: ~ - help: 'Optional VIM service WSDL Location e.g http:///vimService.wsdl. Optional over-ride to default location for bug work-arounds.' - - - name: vmware_api_retry_count - type: integer - default: 10 - help: 'Number of times VMware ESX/VC server API must be retried upon connection related issues.' - - - name: vmware_task_poll_interval - type: integer - default: 5 - help: 'The interval used for polling remote tasks invoked on VMware ESX/VC server.' - - - name: vmware_volume_folder - type: string - default: 'cinder-volumes' - help: 'Name for the folder in the VC datacenter that will contain cinder volumes.' - - - name: vmware_image_transfer_timeout_secs - type: integer - default: 7200 - help: 'Timeout in seconds for VMDK volume transfer between Cinder and Glance.' - - - name: windows_iscsi_lun_path - type: string - default: 'C:\\iSCSIVirtualDisks' - help: 'Path to store VHD backed volumes' - - - name: xenapi_nfs_server - type: string - default: ~ - help: 'NFS server to be used by XenAPINFSDriver' - - - name: xenapi_nfs_serverpath - type: string - default: ~ - help: 'Path of exported NFS, used by XenAPINFSDriver' - - - name: xenapi_connection_url - type: string - default: ~ - help: 'URL for XenAPI connection' - - - name: xenapi_connection_username - type: string - default: 'root' - help: 'Username for XenAPI connection' - - - name: xenapi_connection_password - type: string - default: ~ - help: 'Password for XenAPI connection' - - - name: xenapi_sr_base_path - type: directory - default: '/var/run/sr-mount' - help: 'Base path to the storage repository' - - - name: xiv_ds8k_proxy - type: string - default: 'xiv_ds8k_openstack.nova_proxy.XIVDS8KNovaProxy' - help: 'Proxy driver that connects to the IBM Storage Array' - - - name: xiv_ds8k_connection_type - type: string - default: 'iscsi' - help: 'Connection type to the IBM Storage Array' - - - name: zadara_vpsa_ip - type: host - default: ~ - help: 'Management IP of Zadara VPSA' - - - name: zadara_vpsa_port - type: port - default: ~ - help: 'Zadara VPSA port number' - - - name: zadara_vpsa_use_ssl - type: boolean - default: false - help: 'Use SSL connection' - - - name: zadara_user - type: string - default: ~ - help: 'User name for the VPSA' - - - name: zadara_password - type: string - default: ~ - help: 'Password for the VPSA' - - - name: zadara_vpsa_poolname - type: string - default: ~ - help: 'Name of VPSA storage pool for volumes' - - - name: zadara_vol_thin - type: boolean - default: true - help: 'Default thin provisioning policy for volumes' - - - name: zadara_vol_encrypt - type: boolean - default: false - help: 'Default encryption policy for volumes' - - - name: zadara_default_striping_mode - type: string - default: 'simple' - help: 'Default striping mode for volumes' - - - name: zadara_default_stripesize - type: integer - default: 64 - help: 'Default stripe size for volumes' - - - name: zadara_vol_name_template - type: string - default: 'OS_%s' - help: 'Default template for VPSA volume names' - - - name: zadara_vpsa_auto_detach_on_delete - type: boolean - default: true - help: 'Automatically detach from servers on volume delete' - - - name: zadara_vpsa_allow_nonexistent_delete - type: boolean - default: true - help: "Don't halt on deletion of non-existing volumes" - - - name: volume_driver - type: string - default: 'cinder.volume.drivers.lvm.LVMISCSIDriver' - help: 'Driver to use for volume creation' - - - name: migration_create_volume_timeout_secs - type: integer - default: 300 - help: 'Timeout for creating the volume to migrate to when performing volume migration' - - - name: volume_dd_blocksize - type: string - default: '1M' - help: 'The default block size used when copying/clearing volumes' - diff --git a/rubick/schemas/collector.py b/rubick/schemas/collector.py deleted file mode 100644 index 449b412..0000000 --- a/rubick/schemas/collector.py +++ /dev/null @@ -1,482 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -import argparse -from copy import copy -from lib2to3.pgen2 import driver -from lib2to3.pgen2 import token -from lib2to3.pygram import python_grammar, python_symbols as py -from lib2to3.pytree import Node, Leaf -import os -import re -import sys -import traceback - -from oslo.config import cfg - -from rubick.schemas.yaml_utils import yaml_string, yaml_value - - -def identity(x): - return x - -__builtins__._ = identity - - -class SchemaBuilderSchemaWriter(object): - def __init__(self, file, project, version): - super(SchemaBuilderSchemaWriter, self).__init__() - self.file = file - self.project = project - self.version = version - self._started = False - self._conf_variable = '%s_%s' % (self.project, - self.version.replace('.', '_')) - - def _ensure_header(self): - if not self._started: - self._output_header() - self._started = True - - def _output_header(self): - self.file.write("""from rubick.schema import ConfigSchemaRegistry - -{0} = ConfigSchemaRegistry.register_schema(project='{0}') - -with {0}.version('{1}') as {2}:""".format(self.project, self.version, - self._conf_variable)) - - def section(self, name): - self._ensure_header() - self.file.write("\n\n %s.section('%s')" % ( - self._conf_variable, name)) - - def param(self, name, type, default_value=None, description=None): - self._ensure_header() - self.file.write("\n\n %s.param('%s', type='%s', default=%s" % ( - self._conf_variable, name, type, repr(default_value))) - if description: - self.file.write(", description=\"%s\"" % ( - description.replace('"', '\''))) - self.file.write(")") - - def comment(self, text): - self.file.write("\n\n # %s" % text) - - -class YamlSchemaWriter(object): - def __init__(self, file, project, version): - super(YamlSchemaWriter, self).__init__() - self.file = file - self.project = project - self.version = version - self._output_header() - - def _output_header(self): - self.file.write("project: %s\n" % self.project) - self.file.write("version: %s\n" % self.version) - self.file.write("parameters:\n") - - def section(self, name): - self._current_section = name - - def param(self, name, type, default_value=None, description=None): - fullname = name - if self._current_section and self._current_section != 'DEFAULT': - fullname = '%s.%s' % (self._current_section, name) - - self.file.write(" - name: %s\n" - % yaml_string(fullname, allowSimple=True)) - self.file.write(" type: %s\n" % yaml_string(type, allowSimple=True)) - self.file.write(" default: %s\n" % yaml_value(default_value)) - if description: - self.file.write(" help: %s\n" % yaml_string(description)) - - self.file.write("\n") - - def comment(self, text): - self.file.write("\n# %s\n" % text) - - -def parse_args(argv): - parser = argparse.ArgumentParser() - parser.add_argument('project', - help='Name of the project (e.g. "nova")') - parser.add_argument('version', - help='Version of the project (e.g. "2013.1.3")') - parser.add_argument('config_or_module', - help='Config file sample or Python module to process') - args = parser.parse_args(argv[1:]) - return args - - -def sanitize_type_and_value(param_name, param_type, param_value): - if param_value == '': - param_value = None - elif param_type == 'boolean': - if param_value.lower() == 'false': - param_value = False - elif param_value.lower() == 'true': - param_value = True - elif param_type == 'integer': - param_value = int(param_value) - if param_name.endswith('_port'): - param_type = 'port' - elif param_type == 'float': - param_value = float(param_value) - elif param_type == 'list': - param_type = 'string_list' - if param_value == '': - param_value = [] - else: - param_value = param_value.split(',') - elif (param_type == 'string' and - param_name.endswith('_host') and - param_value in ['0.0.0.0', 'localhost', '127.0.0.1']): - param_type = 'host' - elif param_type == 'string' and param_name.endswith('_listen'): - param_type = 'host' - - return (param_type, param_value) - - -def generate_schema_from_sample_config(project, version, config_file, writer): - with open(config_file, 'r') as f: - config_lines = f.readlines() - - description_lines = [] - for line in config_lines: - if line.startswith('['): - section_name = line.strip('[]\n') - writer.section(section_name) - description_lines = [] - continue - - if line.strip() in ['', '#']: - description_lines = [] - continue - - if line.startswith('# '): - description_lines.append(line[2:].strip()) - continue - - description = ' '.join(description_lines) - match = re.search('^(.*)\((.*?) value\)$', description) - if match: - description = match.group(1) - param_type = match.group(2).strip() - if param_type == 'floating point': - param_type = 'float' - else: - param_type = 'string' - - line = line.strip('#\n') - param_name, param_value = [ - s.strip() for s in re.split('[:=]', line, 1)] - - (param_type, param_value) = \ - sanitize_type_and_value(param_name, param_type, param_value) - - writer.param(param_name, param_type, param_value, description) - - -OPT_TYPE_MAPPING = { - 'StrOpt': 'string', - 'BoolOpt': 'boolean', - 'IntOpt': 'integer', - 'FloatOpt': 'float', - 'ListOpt': 'list', - 'MultiStrOpt': 'multi' -} - - -OPTION_REGEX = re.compile(r"(%s)" % "|".join(OPT_TYPE_MAPPING.keys())) - - -def convert(gr, raw_node): - type, value, context, children = raw_node - # if has children or correspond to nonterminal - if children or type in gr.number2symbol: - return Node(type, children, context=context) - else: - return Leaf(type, value, context=context) - - -def walk_tree(root): - while True: - yield root - - # Optimize traversing single-child nodes - if len(root.children) == 1: - root = root.children[0] - continue - - break - - for child in copy(root.children): - for node in walk_tree(child): - yield node - - -def extract_config_from_file(path): - with open(path) as f: - contents = f.read() - - d = driver.Driver(python_grammar, convert=convert) - tree = d.parse_string(contents) - - def mark_stmt(node): - n = node - while n: - if n.type == py.stmt: - n.marked = True - break - n = n.parent - - fullnames = {} - # Process imports and renames - for node in walk_tree(tree): - if node.type == py.import_from: - mod = str(node.children[1]).strip() - for node2 in walk_tree(node.children[3]): - if node2.type == py.import_as_name: - n = str(node2).strip() - f = '.'.join([mod, n]) - fullnames[n] = f - elif node.type == py.expr_stmt: - if len(node.children) > 1 and node.children[1].type == token.EQUAL: - lhs = str(node.children[0]).strip() - rhs = str(node.children[2]).strip() - if re.match('\S+(\.\S+)*', rhs): - parts = rhs.split('.') - if parts[0] in fullnames: - rhs = '.'.join([fullnames[parts[0]]] + parts[1:]) - fullnames[lhs] = rhs - - if any([rhs.startswith(s) for s in ['oslo.', 'oslo.config.', 'oslo.config.cfg.']]): - mark_stmt(node) - - # Process all callsites CONF.register* - for node in walk_tree(tree): - if node.type == py.power and node.children[0].children[0].type == token.NAME: - s = str(node.children[0]).strip() - if s in fullnames: - s = fullnames[s] - - cs = node.children - i = 1 - while i < len(cs) and cs[i].type == py.trailer: - c = cs[i] - if c.children[0].type != token.DOT: - break - - s += '.' + c.children[1].value - i += 1 - - if i < len(cs) and cs[i].type == py.trailer and cs[i].children[0].type == token.LPAR: - # call site - if s.startswith('oslo.config.cfg.CONF.'): - rest = s[len('oslo.config.cfg.CONF.'):] - if rest.startswith('register_'): - mark_stmt(node) - - if s.startswith('oslo.config.cfg.'): - rest = s[len('oslo.config.cfg.'):] - if rest.endswith('Opt'): - mark_stmt(node) - - # Traverse code and find all var references - seen_vars = set() - referenced_vars_queue = [] - - def find_definition(tree, name): - for node in walk_tree(tree): - if node.type == py.classdef and node.children[1].value == name: - return node - elif node.type == py.funcdef and node.children[1].value == name: - return node - elif node.type == py.import_name: - imported_name = str(node.children[1]).strip() - if imported_name == name: - return node - elif node.type == py.import_from: - for n in walk_tree(node): - if n.type == py.import_as_name: - i = 0 - if len(n.children) == 3: - i = 2 - - if n.children[i].value == name: - return node - elif node.type == py.expr_stmt: - if len(node.children) > 1 and node.children[1].type == token.EQUAL: - for n in walk_tree(node): - if n.type == py.power: - assignment_name = str(n.children[0]).strip() - if assignment_name == name: - return node - - return None - - def collect_refs(root): - for n2 in walk_tree(root): - if n2.type == py.power and n2.children[0].children[0].type == token.NAME: - name = n2.children[0].children[0].value - x = 1 - while (x < len(n2.children) and - n2.children[x].type == py.trailer and - n2.children[x].children[0].type == token.DOT): - name += str(n2.children[x]).strip() - x += 1 - - if '.' not in name: - isKWArgName = False - n = n2 - while n.parent: - if n.parent.type == py.argument: - arg = n.parent - if len(arg.children) > 1 and arg.children[1].type == token.EQUAL and n == arg.children[0]: - isKWArgName = True - n = n.parent - - if isKWArgName: - continue - - if name in dir(__builtins__): - continue - - if name not in seen_vars: - seen_vars.add(name) - referenced_vars_queue.append(name) - - for node in tree.children: - if node.type == py.stmt and (hasattr(node, 'marked') and node.marked): - collect_refs(node) - - for name in referenced_vars_queue: - node = find_definition(tree, name) - if node: - mark_stmt(node) - collect_refs(node) - else: - while '.' in name: - name = '.'.join(name.split('.')[:-1]) - node = find_definition(tree, name) - if node: - mark_stmt(node) - collect_refs(node) - - # Remove all unmarked top-level statements - for node in walk_tree(tree): - if node.type == py.stmt and node.parent.type == py.file_input: - if not (hasattr(node, 'marked') and node.marked): - node.remove() - - code = str(tree) - - try: - exec code in {'__file__': path} - except Exception: - sys.stderr.write("Error processing file %s\n" % path) - traceback.print_exc() - sys.stderr.write(code) - - -def generate_schema_from_code(project, version, module_path, writer): - old_sys_path = copy(sys.path) - - filepaths = [] - module_directory = '' - - if os.path.isdir(module_path): - module_directory = module_path - while module_directory != '': - # TODO(mkulkin): handle .pyc and .pyo - if not os.path.isfile( - os.path.join(module_directory, '__init__.py')): - break - - module_directory = os.path.dirname(module_directory) - - if module_directory not in sys.path: - sys.path.insert(0, module_directory) - - for (dirpath, _, filenames) in os.walk(module_path): - for filename in filenames: - if not filename.endswith('.py'): - continue - - filepath = os.path.join(dirpath, filename) - with open(filepath) as f: - content = f.read() - if not re.search('Opt\(', content): - continue - - filepaths.append(filepath) - else: - filepaths.append(module_path) - - for filepath in filepaths: - extract_config_from_file(filepath) - - print_group_opts(writer, 'DEFAULT', cfg.CONF._opts.values()) - for group_name in cfg.CONF._groups: - print_group_opts(writer, group_name, cfg.CONF._groups[group_name]._opts.values()) - - sys.path = old_sys_path - - -def print_group_opts(writer, group, opts): - writer.section(group) - for opt in opts: - print_opt(writer, opt['opt']) - - -def print_opt(writer, opt): - opt_name, opt_default, opt_help = opt.dest, opt.default, opt.help - - if not opt_help: - sys.stderr.write('WARNING: "%s" is missing help string.\n' % opt_name) - opt_help = "" - - opt_type = None - try: - opt_type = OPT_TYPE_MAPPING.get( - OPTION_REGEX.search(str(type(opt))).group(0)) - except (ValueError, AttributeError) as err: - sys.stderr.write("%s\n" % str(err)) - opt_type = 'string' - - writer.param(opt_name, opt_type, opt_default, opt_help) - - -def main(argv): - args = parse_args(argv) - params = vars(args) - - project = params.pop('project') - version = params.pop('version') - path = params.pop('config_or_module') - - writer = YamlSchemaWriter(sys.stdout, project, version) - - if os.path.isdir(path) or path.endswith('.py'): - generate_schema_from_code(project, version, path, - writer=writer) - else: - generate_schema_from_sample_config(project, version, path, - writer=writer) - - -if __name__ == '__main__': - main(sys.argv) diff --git a/rubick/schemas/generator.py b/rubick/schemas/generator.py deleted file mode 100644 index 63b6c62..0000000 --- a/rubick/schemas/generator.py +++ /dev/null @@ -1,307 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -import argparse -from collections import OrderedDict -import glob -import logging -import os.path - -import yaml - -from rubick.common import index, Version, Issue -from rubick.schema import TypeValidatorRegistry as TypeRegistry -from rubick.schemas.yaml_utils import yaml_string, yaml_value - - -DIFF_THRESHOLD = 0.5 - - -logger = logging.getLogger('rubick.schemas.generator') - - -def yaml_dump_schema_records(records): - lines = [] - - for record in records: - if len(record['added']) == 0 and len(record['removed']) == 0: - continue - - lines.append('- version: %s' % yaml_string(str(record['version']))) - if 'checkpoint' in record: - lines.append(' checkpoint: %s' % yaml_value(record['checkpoint'])) - if 'added' in record and len(record['added']) > 0: - lines.append(' added:') - for param in record['added']: - lines.append('') - - lines.append(' - name: %s' % yaml_string(param['name'], - allowSimple=True)) - lines.append(' type: %s' % yaml_string(param['type'], - allowSimple=True)) - if 'default' in param: - lines.append(' default: %s' - % yaml_value(param['default'])) - if 'help' in param: - lines.append(' help: %s' - % yaml_string(param['help'])) - - extra_data = [k for k in param.keys() - if k not in ['name', 'type', 'default', 'help']] - for attr in extra_data: - lines.append(' %s: %s' - % (attr, yaml_value(param[attr]))) - - if 'removed' in record and len(record['removed']) > 0: - lines.append(' removed:') - for removed in record['removed']: - lines.append(' - %s' % yaml_string(removed, allowSimple=True)) - - lines.append('') - lines.append('# ====================================================') - lines.append('') - - return "\n".join(lines) - - -def generate_project_schema(project): - logger.info('Processing project %s' % project) - project_path = os.path.join(os.path.dirname(__file__), project) - - files = glob.glob(os.path.join(project_path, '*.yml')) - if files == []: - logger.info("Found no YAML files in project %s. Skipping it" % project) - return - - x = index(files, lambda f: f.endswith('.conf.yml')) - if x != -1: - database_file = files[x] - del files[x] - else: - database_file = os.path.join(project_path, project + '.conf.yml') - - schema_records = [] - if os.path.exists(database_file): - logger.debug("Processing database file %s" % database_file) - with open(database_file) as f: - schema_records.extend(yaml.load(f.read())) - - schema_versions = [] - for version_file in files: - logger.debug("Processing version file %s" % version_file) - with open(version_file) as f: - schema_versions.append(yaml.load(f.read())) - - schema_versions = sorted(schema_versions, - key=lambda s: Version(s['version'])) - - parameters = OrderedDict() - for schema in schema_versions: - added = [] - - seen = set() - - logger.debug('Processing schema version %s' % schema['version']) - - for param in schema['parameters']: - # TODO(mkulkin): reduce the level of nesting - prev_param = parameters.get(param['name'], None) - - if not prev_param: - logger.debug('Parameter %s does not exist yet,' - ' adding it as new' - % param['name']) - added.append(param) - else: - seen.add(param['name']) - - if param['type'] != prev_param['type']: - validator = TypeRegistry.get_validator(prev_param['type']) - if param['type'] == validator.base_type: - param['type'] = prev_param['type'] - - if param.get('default', None) is not None: - type_args = param.get('type_args', {}) - value = validator.validate(param['default'], **type_args) - if not isinstance(value, Issue): - param['default'] = value - else: - logger.error("In project '%s' version %s" - " default value for parameter" - " '%s' is not valid value of" - " type %s: %s" - % (project, schema['version'], - param['name'], param['type'], - repr(param['default']))) - else: - logger.debug('Parameter %s type has' - ' changed from %s to %s' % - (param['name'], prev_param['type'], - param['type'])) - param['comment'] = 'Type has changed' - added.append(param) - continue - - if param.get('default', None) != \ - prev_param.get('default', None): - logger.debug('Parameter %s default value' - ' has changed from %s to %s' % - (param['name'], prev_param['default'], - param['default'])) - param['comment'] = 'Default value has changed' - added.append(param) - continue - - if param.get('help', None) != prev_param.get('help', None): - param['comment'] = 'Help string has changed' - added.append(param) - - removed = [name for name in parameters.keys() if name not in seen] - if len(removed) > 0: - logger.debug('Following parameters from previous' - ' schema version are not present in' - ' current version, marking as removed: %s' - % ','.join(removed)) - - # Decide either to use full schema update or incremental - changes_count = sum(map(len, [added, removed])) - - logger.debug('Found %d change(s) from previous version schema' - % changes_count) - - if changes_count > int(len(parameters) * DIFF_THRESHOLD): - logger.debug('Using full schema update') - - new_parameters = parameters.copy() - for param in added: - new_parameters[param['name']] = param - for name in removed: - del new_parameters[name] - - new_schema_record = dict(version=schema['version'], - added=new_parameters.values(), - removed=[], - checkpoint=True) - else: - logger.debug('Using incremental schema update') - - new_schema_record = dict(version=schema['version'], - added=added, removed=removed) - - # Place schema record either replacing existing one or appending as new - old_schema_record_idx = index(schema_records, lambda r: - str(r['version']) == - str(new_schema_record['version'])) - - if old_schema_record_idx != -1: - old_schema_record = schema_records[old_schema_record_idx] - # Collect information from existing records - old_schema_parameters = {} - for param in old_schema_record.get('added', []): - old_schema_parameters[param['name']] = param - - for param in added: - old_param = old_schema_parameters.get(param['name'], None) - if not old_param: - param.setdefault('comment', 'New param') - continue - - extra_data = [(k, v) for k, v in old_param.items() - if k not in ['name', 'type', 'default', 'help']] - param.update(extra_data) - - validator = TypeRegistry.get_validator(old_param['type']) - if param['type'] not in [old_param['type'], - validator.base_type]: - param['comment'] = 'Type has changed' - # Type has changed, enforcing old type to prevent - # accidental data loss - param['type'] = old_param['type'] - if 'default' in old_param: - param['default'] = old_param['default'] - - if param.get('default', None) is not None: - type_args = old_param.get('type_args', {}) - value = validator.validate(old_param['default'], **type_args) - if not isinstance(value, Issue): - param['default'] = value - else: - logger.error("In project '%s' version %s default value" - " for parameter '%s' is not valid value" - " of type %s: %s" % - (project, schema['version'], - param['name'], param['type'], - repr(param['default']))) - - if param.get('default', None) != old_param.get('default', - None): - param['comment'] = 'Default value has changed' - continue - - logger.debug('Replacing schema record %s' - % repr(new_schema_record)) - schema_records[old_schema_record_idx] = new_schema_record - else: - for param in added: - param.setdefault('comment', 'New param') - - logger.debug('Appending schema record %s' - % repr(new_schema_record)) - schema_records.append(new_schema_record) - - # Update parameter info - for param in new_schema_record.get('added', []): - parameters[param['name']] = param - - for name in new_schema_record.get('removed', []): - del parameters[name] - - schema_records = sorted(schema_records, - key=lambda r: Version(r['version'])) - - with open(database_file, 'w') as f: - f.write(yaml_dump_schema_records(schema_records)) - - -def parse_args(argv): - parser = argparse.ArgumentParser() - parser.add_argument('-l', '--loglevel', default='INFO', - help='Loglevel to use') - parser.add_argument('projects', nargs='*', - help='Name of the projects (e.g. "nova")') - args = parser.parse_args(argv[1:]) - return args - - -def main(argv): - args = parse_args(argv) - params = vars(args) - - logging.basicConfig(level=params['loglevel']) - if 'project' in params: - projects = [params['project']] - else: - projects = [] - for project_path in glob.glob(os.path.join(os.path.dirname(__file__), - '*')): - if not os.path.isdir(project_path): - continue - projects.append(os.path.basename(project_path)) - - for project in projects: - generate_project_schema(project) - - -if __name__ == '__main__': - import sys - main(sys.argv) diff --git a/rubick/schemas/glance_api/2013.2.1.yml b/rubick/schemas/glance_api/2013.2.1.yml deleted file mode 100644 index fc47bd1..0000000 --- a/rubick/schemas/glance_api/2013.2.1.yml +++ /dev/null @@ -1,556 +0,0 @@ -project: glance_api -version: '2013.2.1' -parameters: - - - name: verbose - type: string - default: 'False' - help: 'Show more verbose log output (sets INFO log level output)' - - - name: debug - type: string - default: 'False' - help: 'Show debugging output in logs (sets DEBUG log level output)' - - - name: default_store - type: string - default: 'file' - help: "Which backend scheme should Glance use by default is not specified in a request to add a new image to Glance? Known schemes are determined by the known_stores option below. Default: 'file'" - - - name: known_stores - type: string - default: 'glance.store.filesystem.Store,' - help: 'List of which store classes and store class locations are currently known to glance at startup.' - - - name: image_size_cap - type: string - default: '1099511627776' - help: 'Maximum image size (in bytes) that may be uploaded through the Glance API server. Defaults to 1 TB. WARNING: this value should only be increased after careful consideration and must be set to a value under 8 EB (9223372036854775808).' - - - name: bind_host - type: host - default: '0.0.0.0' - help: 'Address to bind the API server' - - - name: bind_port - type: string - default: '9292' - help: 'Port the bind the API server to' - - - name: log_file - type: string - default: '/var/log/glance/api.log' - help: 'Log to this file. Make sure you do not set the same log file for both the API and registry servers!' - - - name: backlog - type: string - default: '4096' - help: 'Backlog requests when creating socket' - - - name: tcp_keepidle - type: string - default: '600' - help: 'TCP_KEEPIDLE value in seconds when creating socket. Not supported on OS X.' - - - name: sql_connection - type: string - default: 'sqlite:///glance.sqlite' - help: 'SQLAlchemy connection string for the reference implementation registry server. Any valid SQLAlchemy connection string is fine. See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine' - - - name: sql_idle_timeout - type: string - default: '3600' - help: "MySQL uses a default `wait_timeout` of 8 hours, after which it will drop idle connections. This can result in 'MySQL Gone Away' exceptions. If you notice this, you can lower this value to ensure that SQLAlchemy reconnects before MySQL can drop the connection." - - - name: workers - type: string - default: '1' - help: 'Number of Glance API worker processes to start. On machines with more than one CPU increasing this value may improve performance (especially if using SSL with compression turned on). It is typically recommended to set this value to the number of CPUs present on your machine.' - - - name: admin_role - type: string - default: 'admin' - help: 'Role used to identify an authenticated user as administrator' - - - name: allow_anonymous_access - type: string - default: 'False' - help: 'Allow unauthenticated users to access the API with read-only privileges. This only applies when using ContextMiddleware.' - - - name: enable_v1_api - type: string - default: 'True' - help: 'Allow access to version 1 of glance api' - - - name: enable_v2_api - type: string - default: 'True' - help: 'Allow access to version 2 of glance api' - - - name: show_image_direct_url - type: string - default: 'False' - help: "Return the URL that references where the data is stored on the backend storage system. For example, if using the file system store a URL of 'file:///path/to/image' will be returned to the user in the 'direct_url' meta-data field. The default value is false." - - - name: send_identity_headers - type: string - default: 'False' - help: 'Send headers containing user and tenant information when making requests to the v1 glance registry. This allows the registry to function as if a user is authenticated without the need to authenticate a user itself using the auth_token middleware. The default value is false.' - - - name: container_formats - type: string - default: 'ami,ari,aki,bare,ovf' - help: "Supported values for the 'container_format' image attribute" - - - name: disk_formats - type: string - default: 'ami,ari,aki,vhd,vmdk,raw,qcow2,vdi,iso' - help: "Supported values for the 'disk_format' image attribute" - - - name: lock_path - type: string - default: None - help: 'Directory to use for lock files. Default to a temp directory (string value). This setting needs to be the same for both glance-scrubber and glance-api.' - - - name: property_protection_file - type: string - default: '' - help: "Property Protections config file This file contains the rules for property protections and the roles associated with it. If this config value is not specified, by default, property protections won't be enforced. If a value is specified and the file is not found, then an HTTPInternalServerError will be thrown." - - - name: user_storage_quota - type: string - default: '0' - help: 'Set a system wide quota for every user. This value is the total number of bytes that a user can use across all storage systems. A value of 0 means unlimited.' - - - name: use_syslog - type: string - default: 'False' - help: 'Send logs to syslog (/dev/log) instead of to file specified by `log_file`' - - - name: syslog_log_facility - type: string - default: 'LOG_LOCAL0' - help: 'Facility to use. If unset defaults to LOG_USER.' - - - name: cert_file - type: string - default: '/path/to/certfile' - help: 'Certificate file to use when starting API server securely' - - - name: key_file - type: string - default: '/path/to/keyfile' - help: 'Private key file to use when starting API server securely' - - - name: ca_file - type: string - default: '/path/to/cafile' - help: 'CA certificate file to use to verify connecting clients' - - - name: metadata_encryption_key - type: string - default: '<16, 24 or 32 char registry metadata key>' - help: "AES key for encrypting store 'location' metadata, including -- if used -- Swift or S3 credentials Should be set to a random string of length 16, 24 or 32 bytes" - - - name: registry_host - type: host - default: '0.0.0.0' - help: 'Address to find the registry server' - - - name: registry_port - type: string - default: '9191' - help: 'Port the registry server is listening on' - - - name: registry_client_protocol - type: string - default: 'http' - help: 'What protocol to use when connecting to the registry server? Set to https for secure HTTP communication' - - - name: registry_client_key_file - type: string - default: '/path/to/key/file' - help: 'The path to the key file to use in SSL connections to the registry server, if any. Alternately, you may set the GLANCE_CLIENT_KEY_FILE environ variable to a filepath of the key file' - - - name: registry_client_cert_file - type: string - default: '/path/to/cert/file' - help: 'The path to the cert file to use in SSL connections to the registry server, if any. Alternately, you may set the GLANCE_CLIENT_CERT_FILE environ variable to a filepath of the cert file' - - - name: registry_client_ca_file - type: string - default: '/path/to/ca/file' - help: 'The path to the certifying authority cert file to use in SSL connections to the registry server, if any. Alternately, you may set the GLANCE_CLIENT_CA_FILE environ variable to a filepath of the CA cert file' - - - name: registry_client_insecure - type: string - default: 'False' - help: "When using SSL in connections to the registry server, do not require validation via a certifying authority. This is the registry's equivalent of specifying --insecure on the command line using glanceclient for the API Default: False" - - - name: registry_client_timeout - type: string - default: '600' - help: "The period of time, in seconds, that the API server will wait for a registry request to complete. A value of '0' implies no timeout. Default: 600" - - - name: db_auto_create - type: string - default: 'False' - help: 'Whether to automatically create the database tables. Default: False' - - - name: sqlalchemy_debug - type: string - default: 'True' - help: 'Enable DEBUG log messages from sqlalchemy which prints every database query and response. Default: False' - - - name: notifier_strategy - type: string - default: 'noop' - help: 'Notifications can be sent when images are create, updated or deleted. There are three methods of sending notifications, logging (via the log_file directive), rabbit (via a rabbitmq queue), qpid (via a Qpid message queue), or noop (no notifications sent, the default)' - - - name: rabbit_host - type: host - default: 'localhost' - help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' - - - name: rabbit_port - type: string - default: '5672' - help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' - - - name: rabbit_use_ssl - type: string - default: 'false' - help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' - - - name: rabbit_userid - type: string - default: 'guest' - help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' - - - name: rabbit_password - type: string - default: 'guest' - help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' - - - name: rabbit_virtual_host - type: string - default: '/' - help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' - - - name: rabbit_notification_exchange - type: string - default: 'glance' - help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' - - - name: rabbit_notification_topic - type: string - default: 'notifications' - help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' - - - name: rabbit_durable_queues - type: string - default: 'False' - help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' - - - name: qpid_notification_exchange - type: string - default: 'glance' - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_notification_topic - type: string - default: 'notifications' - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_host - type: host - default: 'localhost' - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_port - type: string - default: '5672' - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_username - type: string - default: '' - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_password - type: string - default: '' - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_sasl_mechanisms - type: string - default: '' - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_reconnect_timeout - type: string - default: '0' - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_reconnect_limit - type: string - default: '0' - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_reconnect_interval_min - type: string - default: '0' - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_reconnect_interval_max - type: string - default: '0' - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_reconnect_interval - type: string - default: '0' - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_heartbeat - type: string - default: '5' - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_protocol - type: string - default: 'tcp' - help: "Configuration options if sending notifications via Qpid (these are the defaults) Set to 'ssl' to enable SSL" - - - name: qpid_tcp_nodelay - type: string - default: 'True' - help: "Configuration options if sending notifications via Qpid (these are the defaults) Set to 'ssl' to enable SSL" - - - name: filesystem_store_datadir - type: string - default: '/var/lib/glance/images/' - help: 'Directory that the Filesystem backend store writes image data to' - - - name: filesystem_store_metadata_file - type: string - default: 'None' - help: 'A path to a JSON file that contains metadata describing the storage system. When show_multiple_locations is True the information in this file will be returned with any location that is contained in this store.' - - - name: swift_store_auth_version - type: string - default: '2' - help: "Version of the authentication service to use Valid versions are '2' for keystone and '1' for swauth and rackspace" - - - name: swift_store_auth_address - type: string - default: '127.0.0.1:5000/v2.0/' - help: "Address where the Swift authentication service lives Valid schemes are 'http://' and 'https://' If no scheme specified, default to 'https://' For swauth, use something like '127.0.0.1:8080/v1.0/'" - - - name: swift_store_user - type: string - default: 'jdoe:jdoe' - help: "User to authenticate against the Swift authentication service If you use Swift authentication service, set it to 'account':'user' where 'account' is a Swift storage account and 'user' is a user in that account" - - - name: swift_store_key - type: string - default: 'a86850deb2742ec3cb41518e26aa2d89' - help: 'Auth key for the user authenticating against the Swift authentication service' - - - name: swift_store_container - type: string - default: 'glance' - help: 'Container within the account that the account should use for storing images in Swift' - - - name: swift_store_create_container_on_put - type: string - default: 'False' - help: 'Do we create the container if it does not exist?' - - - name: swift_store_large_object_size - type: string - default: '5120' - help: 'What size, in MB, should Glance start chunking image files and do a large object manifest in Swift? By default, this is the maximum object size in Swift, which is 5GB' - - - name: swift_store_large_object_chunk_size - type: string - default: '200' - help: 'When doing a large object manifest, what size, in MB, should Glance write chunks to Swift? This amount of data is written to a temporary disk buffer during the process of chunking the image file, and the default is 200MB' - - - name: swift_enable_snet - type: string - default: 'False' - help: "To use ServiceNET for authentication, prefix hostname of `swift_store_auth_address` with 'snet-'. Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/" - - - name: swift_store_multi_tenant - type: string - default: 'False' - help: 'If set to True enables multi-tenant storage mode which causes Glance images to be stored in tenant specific Swift accounts.' - - - name: swift_store_admin_tenants - type: string - default: '' - help: 'A list of swift_proxy_server ACL strings that will be applied as both read and write ACLs to the containers created by Glance in multi-tenant mode. This grants the specified tenants/users read and write access to all newly created image objects. The standard swift_proxy_server ACL string formats are allowed, including: : : *: Multiple ACLs can be combined using a comma separated list, for example: swift_store_admin_tenants = service:glance,*:admin' - - - name: swift_store_region - type: string - default: '' - help: 'The region of the swift_proxy_server endpoint to be used for single tenant. This setting is only necessary if the tenant has multiple swift_proxy_server endpoints.' - - - name: swift_store_ssl_compression - type: string - default: 'True' - help: "If set to False, disables SSL layer compression of https swift_proxy_server requests. Setting to 'False' may improve performance for images which are already in a compressed format, eg qcow2. If set to True, enables SSL layer compression (provided it is supported by the target swift_proxy_server proxy)." - - - name: s3_store_host - type: string - default: '127.0.0.1:8080/v1.0/' - help: "Address where the S3 authentication service lives Valid schemes are 'http://' and 'https://' If no scheme specified, default to 'http://'" - - - name: s3_store_access_key - type: string - default: '<20-char AWS access key>' - help: 'User to authenticate against the S3 authentication service' - - - name: s3_store_secret_key - type: string - default: '<40-char AWS secret key>' - help: 'Auth key for the user authenticating against the S3 authentication service' - - - name: s3_store_bucket - type: string - default: 'glance' - help: "Container within the account that the account should use for storing images in S3. Note that S3 has a flat namespace, so you need a unique bucket name for your glance images. An easy way to do this is append your AWS access key to 'glance'. S3 buckets in AWS *must* be lowercased, so remember to lowercase your AWS access key if you use it in your bucket name below!" - - - name: s3_store_create_bucket_on_put - type: string - default: 'False' - help: 'Do we create the bucket if it does not exist?' - - - name: s3_store_object_buffer_dir - type: string - default: '/path/to/dir' - help: "When sending images to S3, the data will first be written to a temporary buffer on disk. By default the platform's temporary directory will be used. If required, an alternative directory can be specified here." - - - name: s3_store_bucket_url_format - type: string - default: 'subdomain' - help: "When forming a bucket url, boto will either set the bucket name as the subdomain or as the first token of the path. Amazon's S3 service will accept it as the subdomain, but Swift's S3 middleware requires it be in the path. Set this to 'path' or 'subdomain' - defaults to 'subdomain'." - - - name: rbd_store_ceph_conf - type: string - default: '/etc/ceph/ceph.conf' - help: 'Ceph configuration file path If using cephx authentication, this file should include a reference to the right keyring in a client. section' - - - name: rbd_store_user - type: string - default: 'glance' - help: 'RADOS user to authenticate as (only applicable if using cephx)' - - - name: rbd_store_pool - type: string - default: 'images' - help: 'RADOS pool in which images are stored' - - - name: rbd_store_chunk_size - type: string - default: '8' - help: 'Images will be chunked into objects of this size (in megabytes). For best performance, this should be a power of two' - - - name: sheepdog_store_address - type: string - default: 'localhost' - - - name: sheepdog_store_port - type: string - default: '7000' - - - name: sheepdog_store_chunk_size - type: string - default: '64' - help: 'Images will be chunked into objects of this size (in megabytes). For best performance, this should be a power of two' - - - name: cinder_catalog_info - type: string - default: 'volume:cinder:publicURL' - help: 'Info to match when looking for cinder in the service catalog Format is : separated values of the form: :: ' - - - name: cinder_endpoint_template - type: string - default: None - help: 'Override service catalog lookup with template for cinder endpoint e.g. http://localhost:8776/v1/%(project_id)s ' - - - name: os_region_name - type: string - default: None - help: 'Region name of this node ' - - - name: cinder_ca_certificates_file - type: string - default: None - help: 'Location of ca certicates file to use for cinder client requests ' - - - name: cinder_http_retries - type: integer - default: 3 - help: 'Number of cinderclient retries on failed http calls ' - - - name: cinder_api_insecure - type: boolean - default: False - help: 'Allow to perform insecure SSL requests to cinder ' - - - name: delayed_delete - type: string - default: 'False' - help: 'Turn on/off delayed delete' - - - name: scrub_time - type: string - default: '43200' - help: 'Delayed delete time in seconds' - - - name: scrubber_datadir - type: string - default: '/var/lib/glance/scrubber' - help: 'Directory that the scrubber will use to remind itself of what to delete Make sure this is also set in glance-scrubber.conf' - - - name: image_cache_dir - type: string - default: '/var/lib/glance/image-cache/' - help: 'Base directory that the Image Cache uses' - - - name: keystone_authtoken.auth_host - type: host - default: '127.0.0.1' - - - name: keystone_authtoken.auth_port - type: string - default: '35357' - - - name: keystone_authtoken.auth_protocol - type: string - default: 'http' - - - name: keystone_authtoken.admin_tenant_name - type: string - default: '%SERVICE_TENANT_NAME%' - - - name: keystone_authtoken.admin_user - type: string - default: '%SERVICE_USER%' - - - name: keystone_authtoken.admin_password - type: string - default: '%SERVICE_PASSWORD%' - - - name: paste_deploy.config_file - type: string - default: 'glance-api-paste.ini' - help: 'Name of the paste configuration file that defines the available pipelines' - - - name: paste_deploy.flavor - type: string - default: '' - help: "Partial name of a pipeline in your paste configuration file with the service name removed. For example, if your paste section name is [pipeline:glance-api-keystone], you would configure the flavor below as 'keystone'." - diff --git a/rubick/schemas/glance_api/glance_api.conf.yml b/rubick/schemas/glance_api/glance_api.conf.yml deleted file mode 100644 index ffbb40b..0000000 --- a/rubick/schemas/glance_api/glance_api.conf.yml +++ /dev/null @@ -1,560 +0,0 @@ -- version: '2013.2.1' - checkpoint: true - added: - - - name: verbose - type: boolean - default: false - help: 'Show more verbose log output (sets INFO log level output)' - - - name: debug - type: boolean - default: false - help: 'Show debugging output in logs (sets DEBUG log level output)' - - - name: default_store - type: string - default: 'file' - help: "Which backend scheme should Glance use by default is not specified in a request to add a new image to Glance? Known schemes are determined by the known_stores option below. Default: 'file'" - - - name: known_stores - type: string_list - default: ['glance.store.filesystem.Store'] - help: 'List of which store classes and store class locations are currently known to glance at startup.' - - - name: image_size_cap - type: integer - default: 1099511627776 - help: 'Maximum image size (in bytes) that may be uploaded through the Glance API server. Defaults to 1 TB. WARNING: this value should only be increased after careful consideration and must be set to a value under 8 EB (9223372036854775808).' - - - name: bind_host - type: host - default: '0.0.0.0' - help: 'Address to bind the API server' - - - name: bind_port - type: port - default: 9292 - help: 'Port the bind the API server to' - - - name: log_file - type: file - default: '/var/log/glance/api.log' - help: 'Log to this file. Make sure you do not set the same log file for both the API and registry servers!' - - - name: backlog - type: integer - default: 4096 - help: 'Backlog requests when creating socket' - - - name: tcp_keepidle - type: integer - default: 600 - help: 'TCP_KEEPIDLE value in seconds when creating socket. Not supported on OS X.' - - - name: sql_connection - type: string - default: 'sqlite:///glance.sqlite' - help: 'SQLAlchemy connection string for the reference implementation registry server. Any valid SQLAlchemy connection string is fine. See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine' - - - name: sql_idle_timeout - type: integer - default: 3600 - help: "MySQL uses a default `wait_timeout` of 8 hours, after which it will drop idle connections. This can result in 'MySQL Gone Away' exceptions. If you notice this, you can lower this value to ensure that SQLAlchemy reconnects before MySQL can drop the connection." - - - name: workers - type: integer - default: 1 - help: 'Number of Glance API worker processes to start. On machines with more than one CPU increasing this value may improve performance (especially if using SSL with compression turned on). It is typically recommended to set this value to the number of CPUs present on your machine.' - - - name: admin_role - type: string - default: 'admin' - help: 'Role used to identify an authenticated user as administrator' - - - name: allow_anonymous_access - type: boolean - default: false - help: 'Allow unauthenticated users to access the API with read-only privileges. This only applies when using ContextMiddleware.' - - - name: enable_v1_api - type: boolean - default: true - help: 'Allow access to version 1 of glance api' - - - name: enable_v2_api - type: boolean - default: true - help: 'Allow access to version 2 of glance api' - - - name: show_image_direct_url - type: boolean - default: false - help: "Return the URL that references where the data is stored on the backend storage system. For example, if using the file system store a URL of 'file:///path/to/image' will be returned to the user in the 'direct_url' meta-data field. The default value is false." - - - name: send_identity_headers - type: boolean - default: false - help: 'Send headers containing user and tenant information when making requests to the v1 glance registry. This allows the registry to function as if a user is authenticated without the need to authenticate a user itself using the auth_token middleware. The default value is false.' - - - name: container_formats - type: string_list - default: ['ami', 'ari', 'aki', 'bare', 'ovf'] - help: "Supported values for the 'container_format' image attribute" - - - name: disk_formats - type: string_list - default: ['ami', 'ari', 'aki', 'vhd', 'vmdk', 'raw', 'qcow2', 'vdi', 'iso'] - help: "Supported values for the 'disk_format' image attribute" - - - name: lock_path - type: directory - default: ~ - help: 'Directory to use for lock files. Default to a temp directory (string value). This setting needs to be the same for both glance-scrubber and glance-api.' - comment: 'New param' - - - name: property_protection_file - type: file - default: ~ - help: "Property Protections config file This file contains the rules for property protections and the roles associated with it. If this config value is not specified, by default, property protections won't be enforced. If a value is specified and the file is not found, then an HTTPInternalServerError will be thrown." - - - name: user_storage_quota - type: integer - default: 0 - help: 'Set a system wide quota for every user. This value is the total number of bytes that a user can use across all storage systems. A value of 0 means unlimited.' - - - name: use_syslog - type: boolean - default: false - help: 'Send logs to syslog (/dev/log) instead of to file specified by `log_file`' - - - name: syslog_log_facility - type: string - default: 'LOG_LOCAL0' - help: 'Facility to use. If unset defaults to LOG_USER.' - - - name: cert_file - type: file - default: '/path/to/certfile' - help: 'Certificate file to use when starting API server securely' - - - name: key_file - type: file - default: '/path/to/keyfile' - help: 'Private key file to use when starting API server securely' - - - name: ca_file - type: file - default: '/path/to/cafile' - help: 'CA certificate file to use to verify connecting clients' - - - name: metadata_encryption_key - type: string - default: '<16, 24 or 32 char registry metadata key>' - help: "AES key for encrypting store 'location' metadata, including -- if used -- Swift or S3 credentials Should be set to a random string of length 16, 24 or 32 bytes" - - - name: registry_host - type: host - default: '0.0.0.0' - help: 'Address to find the registry server' - - - name: registry_port - type: port - default: 9191 - help: 'Port the registry server is listening on' - - - name: registry_client_protocol - type: string - default: 'http' - help: 'What protocol to use when connecting to the registry server? Set to https for secure HTTP communication' - - - name: registry_client_key_file - type: file - default: '/path/to/key/file' - help: 'The path to the key file to use in SSL connections to the registry server, if any. Alternately, you may set the GLANCE_CLIENT_KEY_FILE environ variable to a filepath of the key file' - - - name: registry_client_cert_file - type: file - default: '/path/to/cert/file' - help: 'The path to the cert file to use in SSL connections to the registry server, if any. Alternately, you may set the GLANCE_CLIENT_CERT_FILE environ variable to a filepath of the cert file' - - - name: registry_client_ca_file - type: file - default: '/path/to/ca/file' - help: 'The path to the certifying authority cert file to use in SSL connections to the registry server, if any. Alternately, you may set the GLANCE_CLIENT_CA_FILE environ variable to a filepath of the CA cert file' - - - name: registry_client_insecure - type: boolean - default: false - help: "When using SSL in connections to the registry server, do not require validation via a certifying authority. This is the registry's equivalent of specifying --insecure on the command line using glanceclient for the API Default: False" - - - name: registry_client_timeout - type: integer - default: 600 - help: "The period of time, in seconds, that the API server will wait for a registry request to complete. A value of '0' implies no timeout. Default: 600" - - - name: db_auto_create - type: boolean - default: false - help: 'Whether to automatically create the database tables. Default: False' - - - name: sqlalchemy_debug - type: boolean - default: true - help: 'Enable DEBUG log messages from sqlalchemy which prints every database query and response. Default: False' - - - name: notifier_strategy - type: string - default: 'noop' - help: 'Notifications can be sent when images are create, updated or deleted. There are three methods of sending notifications, logging (via the log_file directive), rabbit (via a rabbitmq queue), qpid (via a Qpid message queue), or noop (no notifications sent, the default)' - - - name: rabbit_host - type: host - default: 'localhost' - help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' - - - name: rabbit_port - type: port - default: 5672 - help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' - - - name: rabbit_use_ssl - type: boolean - default: false - help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' - - - name: rabbit_userid - type: string - default: 'guest' - help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' - - - name: rabbit_password - type: string - default: 'guest' - help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' - - - name: rabbit_virtual_host - type: string - default: '/' - help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' - - - name: rabbit_notification_exchange - type: string - default: 'glance' - help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' - - - name: rabbit_notification_topic - type: string - default: 'notifications' - help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' - - - name: rabbit_durable_queues - type: boolean - default: false - help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' - - - name: qpid_notification_exchange - type: string - default: 'glance' - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_notification_topic - type: string - default: 'notifications' - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_host - type: host - default: 'localhost' - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_port - type: port - default: 5672 - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_username - type: string - default: '' - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_password - type: string - default: '' - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_sasl_mechanisms - type: string - default: '' - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_reconnect_timeout - type: integer - default: 0 - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_reconnect_limit - type: integer - default: 0 - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_reconnect_interval_min - type: integer - default: 0 - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_reconnect_interval_max - type: integer - default: 0 - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_reconnect_interval - type: integer - default: 0 - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_heartbeat - type: integer - default: 5 - help: 'Configuration options if sending notifications via Qpid (these are the defaults)' - - - name: qpid_protocol - type: string - default: 'tcp' - help: "Configuration options if sending notifications via Qpid (these are the defaults) Set to 'ssl' to enable SSL" - - - name: qpid_tcp_nodelay - type: boolean - default: true - help: "Configuration options if sending notifications via Qpid (these are the defaults) Set to 'ssl' to enable SSL" - - - name: filesystem_store_datadir - type: directory - default: '/var/lib/glance/images/' - help: 'Directory that the Filesystem backend store writes image data to' - - - name: filesystem_store_metadata_file - type: file - default: ~ - help: 'A path to a JSON file that contains metadata describing the storage system. When show_multiple_locations is True the information in this file will be returned with any location that is contained in this store.' - comment: 'New param' - - - name: swift_store_auth_version - type: string - default: '2' - help: "Version of the authentication service to use Valid versions are '2' for keystone and '1' for swauth and rackspace" - - - name: swift_store_auth_address - type: string - default: '127.0.0.1:5000/v2.0/' - help: "Address where the Swift authentication service lives Valid schemes are 'http://' and 'https://' If no scheme specified, default to 'https://' For swauth, use something like '127.0.0.1:8080/v1.0/'" - - - name: swift_store_user - type: string - default: 'jdoe:jdoe' - help: "User to authenticate against the Swift authentication service If you use Swift authentication service, set it to 'account':'user' where 'account' is a Swift storage account and 'user' is a user in that account" - - - name: swift_store_key - type: string - default: 'a86850deb2742ec3cb41518e26aa2d89' - help: 'Auth key for the user authenticating against the Swift authentication service' - - - name: swift_store_container - type: string - default: 'glance' - help: 'Container within the account that the account should use for storing images in Swift' - - - name: swift_store_create_container_on_put - type: boolean - default: false - help: 'Do we create the container if it does not exist?' - - - name: swift_store_large_object_size - type: integer - default: 5120 - help: 'What size, in MB, should Glance start chunking image files and do a large object manifest in Swift? By default, this is the maximum object size in Swift, which is 5GB' - - - name: swift_store_large_object_chunk_size - type: integer - default: 200 - help: 'When doing a large object manifest, what size, in MB, should Glance write chunks to Swift? This amount of data is written to a temporary disk buffer during the process of chunking the image file, and the default is 200MB' - - - name: swift_enable_snet - type: boolean - default: false - help: "To use ServiceNET for authentication, prefix hostname of `swift_store_auth_address` with 'snet-'. Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/" - - - name: swift_store_multi_tenant - type: boolean - default: false - help: 'If set to True enables multi-tenant storage mode which causes Glance images to be stored in tenant specific Swift accounts.' - - - name: swift_store_admin_tenants - type: string_list - default: [] - help: 'A list of swift_proxy_server ACL strings that will be applied as both read and write ACLs to the containers created by Glance in multi-tenant mode. This grants the specified tenants/users read and write access to all newly created image objects. The standard swift_proxy_server ACL string formats are allowed, including: : : *: Multiple ACLs can be combined using a comma separated list, for example: swift_store_admin_tenants = service:glance,*:admin' - - - name: swift_store_region - type: string - default: '' - help: 'The region of the swift_proxy_server endpoint to be used for single tenant. This setting is only necessary if the tenant has multiple swift_proxy_server endpoints.' - - - name: swift_store_ssl_compression - type: boolean - default: true - help: "If set to False, disables SSL layer compression of https swift_proxy_server requests. Setting to 'False' may improve performance for images which are already in a compressed format, eg qcow2. If set to True, enables SSL layer compression (provided it is supported by the target swift_proxy_server proxy)." - - - name: s3_store_host - type: string - default: '127.0.0.1:8080/v1.0/' - help: "Address where the S3 authentication service lives Valid schemes are 'http://' and 'https://' If no scheme specified, default to 'http://'" - - - name: s3_store_access_key - type: string - default: '<20-char AWS access key>' - help: 'User to authenticate against the S3 authentication service' - - - name: s3_store_secret_key - type: string - default: '<40-char AWS secret key>' - help: 'Auth key for the user authenticating against the S3 authentication service' - - - name: s3_store_bucket - type: string - default: 'glance' - help: "Container within the account that the account should use for storing images in S3. Note that S3 has a flat namespace, so you need a unique bucket name for your glance images. An easy way to do this is append your AWS access key to 'glance'. S3 buckets in AWS *must* be lowercased, so remember to lowercase your AWS access key if you use it in your bucket name below!" - - - name: s3_store_create_bucket_on_put - type: boolean - default: false - help: 'Do we create the bucket if it does not exist?' - - - name: s3_store_object_buffer_dir - type: directory - default: '/path/to/dir' - help: "When sending images to S3, the data will first be written to a temporary buffer on disk. By default the platform's temporary directory will be used. If required, an alternative directory can be specified here." - - - name: s3_store_bucket_url_format - type: string - default: 'subdomain' - help: "When forming a bucket url, boto will either set the bucket name as the subdomain or as the first token of the path. Amazon's S3 service will accept it as the subdomain, but Swift's S3 middleware requires it be in the path. Set this to 'path' or 'subdomain' - defaults to 'subdomain'." - - - name: rbd_store_ceph_conf - type: file - default: '/etc/ceph/ceph.conf' - help: 'Ceph configuration file path If using cephx authentication, this file should include a reference to the right keyring in a client. section' - - - name: rbd_store_user - type: string - default: 'glance' - help: 'RADOS user to authenticate as (only applicable if using cephx)' - - - name: rbd_store_pool - type: string - default: 'images' - help: 'RADOS pool in which images are stored' - - - name: rbd_store_chunk_size - type: integer - default: 8 - help: 'Images will be chunked into objects of this size (in megabytes). For best performance, this should be a power of two' - - - name: sheepdog_store_address - type: host - default: 'localhost' - - - name: sheepdog_store_port - type: port - default: 7000 - - - name: sheepdog_store_chunk_size - type: integer - default: 64 - help: 'Images will be chunked into objects of this size (in megabytes). For best performance, this should be a power of two' - - - name: cinder_catalog_info - type: string - default: 'volume:cinder:publicURL' - help: 'Info to match when looking for cinder in the service catalog Format is : separated values of the form: :: ' - - - name: cinder_endpoint_template - type: string - default: ~ - help: 'Override service catalog lookup with template for cinder endpoint e.g. http://localhost:8776/v1/%(project_id)s ' - - - name: os_region_name - type: string - default: ~ - help: 'Region name of this node ' - - - name: cinder_ca_certificates_file - type: string - default: ~ - help: 'Location of ca certicates file to use for cinder client requests ' - - - name: cinder_http_retries - type: integer - default: 3 - help: 'Number of cinderclient retries on failed http calls ' - - - name: cinder_api_insecure - type: boolean - default: false - help: 'Allow to perform insecure SSL requests to cinder ' - - - name: delayed_delete - type: boolean - default: false - help: 'Turn on/off delayed delete' - - - name: scrub_time - type: integer - default: 43200 - help: 'Delayed delete time in seconds' - - - name: scrubber_datadir - type: directory - default: '/var/lib/glance/scrubber' - help: 'Directory that the scrubber will use to remind itself of what to delete Make sure this is also set in glance-scrubber.conf' - - - name: image_cache_dir - type: directory - default: '/var/lib/glance/image-cache/' - help: 'Base directory that the Image Cache uses' - - - name: keystone_authtoken.auth_host - type: host - default: '127.0.0.1' - comment: 'New param' - - - name: keystone_authtoken.auth_port - type: port - default: 35357 - - - name: keystone_authtoken.auth_protocol - type: string - default: 'http' - - - name: keystone_authtoken.admin_tenant_name - type: string - default: '%SERVICE_TENANT_NAME%' - - - name: keystone_authtoken.admin_user - type: string - default: '%SERVICE_USER%' - - - name: keystone_authtoken.admin_password - type: string - default: '%SERVICE_PASSWORD%' - - - name: paste_deploy.config_file - type: file - default: 'glance-api-paste.ini' - help: 'Name of the paste configuration file that defines the available pipelines' - - - name: paste_deploy.flavor - type: string - default: '' - help: "Partial name of a pipeline in your paste configuration file with the service name removed. For example, if your paste section name is [pipeline:glance-api-keystone], you would configure the flavor below as 'keystone'." - -# ==================================================== diff --git a/rubick/schemas/glance_registry/2013.2.1.yml b/rubick/schemas/glance_registry/2013.2.1.yml deleted file mode 100644 index faeb06b..0000000 --- a/rubick/schemas/glance_registry/2013.2.1.yml +++ /dev/null @@ -1,133 +0,0 @@ -project: glance_registry -version: '2013.2.1' -parameters: - - - name: verbose - type: string - default: 'False' - help: 'Show more verbose log output (sets INFO log level output)' - - - name: debug - type: string - default: 'False' - help: 'Show debugging output in logs (sets DEBUG log level output)' - - - name: bind_host - type: host - default: '0.0.0.0' - help: 'Address to bind the registry server' - - - name: bind_port - type: string - default: '9191' - help: 'Port the bind the registry server to' - - - name: log_file - type: string - default: '/var/log/glance/registry.log' - help: 'Log to this file. Make sure you do not set the same log file for both the API and registry servers!' - - - name: backlog - type: string - default: '4096' - help: 'Backlog requests when creating socket' - - - name: tcp_keepidle - type: string - default: '600' - help: 'TCP_KEEPIDLE value in seconds when creating socket. Not supported on OS X.' - - - name: sql_connection - type: string - default: 'sqlite:///glance.sqlite' - help: 'SQLAlchemy connection string for the reference implementation registry server. Any valid SQLAlchemy connection string is fine. See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine' - - - name: sql_idle_timeout - type: string - default: '3600' - help: "MySQL uses a default `wait_timeout` of 8 hours, after which it will drop idle connections. This can result in 'MySQL Gone Away' exceptions. If you notice this, you can lower this value to ensure that SQLAlchemy reconnects before MySQL can drop the connection." - - - name: api_limit_max - type: string - default: '1000' - help: 'Limit the api to return `param_limit_max` items in a call to a container. If a larger `limit` query param is provided, it will be reduced to this value.' - - - name: limit_param_default - type: string - default: '25' - help: 'If a `limit` query param is not provided in an api request, it will default to `limit_param_default`' - - - name: admin_role - type: string - default: 'admin' - help: 'Role used to identify an authenticated user as administrator' - - - name: db_auto_create - type: string - default: 'False' - help: 'Whether to automatically create the database tables. Default: False' - - - name: sqlalchemy_debug - type: string - default: 'True' - help: 'Enable DEBUG log messages from sqlalchemy which prints every database query and response. Default: False' - - - name: use_syslog - type: string - default: 'False' - help: 'Send logs to syslog (/dev/log) instead of to file specified by `log_file`' - - - name: syslog_log_facility - type: string - default: 'LOG_LOCAL1' - help: 'Facility to use. If unset defaults to LOG_USER.' - - - name: cert_file - type: string - default: '/path/to/certfile' - help: 'Certificate file to use when starting registry server securely' - - - name: key_file - type: string - default: '/path/to/keyfile' - help: 'Private key file to use when starting registry server securely' - - - name: ca_file - type: string - default: '/path/to/cafile' - help: 'CA certificate file to use to verify connecting clients' - - - name: keystone_authtoken.auth_host - type: host - default: '127.0.0.1' - - - name: keystone_authtoken.auth_port - type: string - default: '35357' - - - name: keystone_authtoken.auth_protocol - type: string - default: 'http' - - - name: keystone_authtoken.admin_tenant_name - type: string - default: '%SERVICE_TENANT_NAME%' - - - name: keystone_authtoken.admin_user - type: string - default: '%SERVICE_USER%' - - - name: keystone_authtoken.admin_password - type: string - default: '%SERVICE_PASSWORD%' - - - name: paste_deploy.config_file - type: string - default: 'glance-registry-paste.ini' - help: 'Name of the paste configuration file that defines the available pipelines' - - - name: paste_deploy.flavor - type: string - default: '' - help: "Partial name of a pipeline in your paste configuration file with the service name removed. For example, if your paste section name is [pipeline:glance-registry-keystone], you would configure the flavor below as 'keystone'." - diff --git a/rubick/schemas/glance_registry/glance_registry.conf.yml b/rubick/schemas/glance_registry/glance_registry.conf.yml deleted file mode 100644 index fdbac38..0000000 --- a/rubick/schemas/glance_registry/glance_registry.conf.yml +++ /dev/null @@ -1,161 +0,0 @@ -- version: '2013.2.1' - checkpoint: true - added: - - - name: verbose - type: string - default: 'False' - help: 'Show more verbose log output (sets INFO log level output)' - comment: 'New param' - - - name: debug - type: string - default: 'False' - help: 'Show debugging output in logs (sets DEBUG log level output)' - comment: 'New param' - - - name: bind_host - type: host - default: '0.0.0.0' - help: 'Address to bind the registry server' - comment: 'New param' - - - name: bind_port - type: string - default: '9191' - help: 'Port the bind the registry server to' - comment: 'New param' - - - name: log_file - type: string - default: '/var/log/glance/registry.log' - help: 'Log to this file. Make sure you do not set the same log file for both the API and registry servers!' - comment: 'New param' - - - name: backlog - type: string - default: '4096' - help: 'Backlog requests when creating socket' - comment: 'New param' - - - name: tcp_keepidle - type: string - default: '600' - help: 'TCP_KEEPIDLE value in seconds when creating socket. Not supported on OS X.' - comment: 'New param' - - - name: sql_connection - type: string - default: 'sqlite:///glance.sqlite' - help: 'SQLAlchemy connection string for the reference implementation registry server. Any valid SQLAlchemy connection string is fine. See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine' - comment: 'New param' - - - name: sql_idle_timeout - type: string - default: '3600' - help: "MySQL uses a default `wait_timeout` of 8 hours, after which it will drop idle connections. This can result in 'MySQL Gone Away' exceptions. If you notice this, you can lower this value to ensure that SQLAlchemy reconnects before MySQL can drop the connection." - comment: 'New param' - - - name: api_limit_max - type: string - default: '1000' - help: 'Limit the api to return `param_limit_max` items in a call to a container. If a larger `limit` query param is provided, it will be reduced to this value.' - comment: 'New param' - - - name: limit_param_default - type: string - default: '25' - help: 'If a `limit` query param is not provided in an api request, it will default to `limit_param_default`' - comment: 'New param' - - - name: admin_role - type: string - default: 'admin' - help: 'Role used to identify an authenticated user as administrator' - comment: 'New param' - - - name: db_auto_create - type: string - default: 'False' - help: 'Whether to automatically create the database tables. Default: False' - comment: 'New param' - - - name: sqlalchemy_debug - type: string - default: 'True' - help: 'Enable DEBUG log messages from sqlalchemy which prints every database query and response. Default: False' - comment: 'New param' - - - name: use_syslog - type: string - default: 'False' - help: 'Send logs to syslog (/dev/log) instead of to file specified by `log_file`' - comment: 'New param' - - - name: syslog_log_facility - type: string - default: 'LOG_LOCAL1' - help: 'Facility to use. If unset defaults to LOG_USER.' - comment: 'New param' - - - name: cert_file - type: string - default: '/path/to/certfile' - help: 'Certificate file to use when starting registry server securely' - comment: 'New param' - - - name: key_file - type: string - default: '/path/to/keyfile' - help: 'Private key file to use when starting registry server securely' - comment: 'New param' - - - name: ca_file - type: string - default: '/path/to/cafile' - help: 'CA certificate file to use to verify connecting clients' - comment: 'New param' - - - name: keystone_authtoken.auth_host - type: host - default: '127.0.0.1' - comment: 'New param' - - - name: keystone_authtoken.auth_port - type: string - default: '35357' - comment: 'New param' - - - name: keystone_authtoken.auth_protocol - type: string - default: 'http' - comment: 'New param' - - - name: keystone_authtoken.admin_tenant_name - type: string - default: '%SERVICE_TENANT_NAME%' - comment: 'New param' - - - name: keystone_authtoken.admin_user - type: string - default: '%SERVICE_USER%' - comment: 'New param' - - - name: keystone_authtoken.admin_password - type: string - default: '%SERVICE_PASSWORD%' - comment: 'New param' - - - name: paste_deploy.config_file - type: string - default: 'glance-registry-paste.ini' - help: 'Name of the paste configuration file that defines the available pipelines' - comment: 'New param' - - - name: paste_deploy.flavor - type: string - default: '' - help: "Partial name of a pipeline in your paste configuration file with the service name removed. For example, if your paste section name is [pipeline:glance-registry-keystone], you would configure the flavor below as 'keystone'." - comment: 'New param' - -# ==================================================== diff --git a/rubick/schemas/keystone/2013.1.3.yml b/rubick/schemas/keystone/2013.1.3.yml deleted file mode 100644 index 9e2bb75..0000000 --- a/rubick/schemas/keystone/2013.1.3.yml +++ /dev/null @@ -1,642 +0,0 @@ -project: keystone -version: '2013.1.3' -parameters: - - - name: admin_token - type: string - default: 'ADMIN' - help: "A 'shared secret' between keystone and other openstack services" - - - name: bind_host - type: host - default: '0.0.0.0' - help: 'The IP address of the network interface to listen on' - - - name: public_port - type: port - default: 5000 - help: 'The port number which the public service listens on' - - - name: admin_port - type: port - default: 35357 - help: 'The port number which the public admin listens on' - - - name: public_endpoint - type: string - default: 'http://localhost:%(public_port)s/' - help: 'The base endpoint URLs for keystone that are advertised to clients (NOTE: this does NOT affect how keystone listens for connections)' - - - name: admin_endpoint - type: string - default: 'http://localhost:%(admin_port)s/' - - - name: compute_port - type: port - default: 8774 - help: 'The port number which the OpenStack Compute service listens on' - - - name: policy_file - type: string - default: 'policy.json' - help: 'Path to your policy definition containing identity actions' - - - name: policy_default_rule - type: string - default: 'admin_required' - help: 'Rule to check if no matching policy definition is found FIXME(dolph): This should really be defined as [policy] default_rule' - - - name: member_role_id - type: string - default: '9fe2ff9ee4384b1894a90878d3e92bab' - help: 'Role for migrating membership relationships During a SQL upgrade, the following values will be used to create a new role that will replace records in the user_tenant_membership table with explicit role grants. After migration, the member_role_id will be used in the API add_user_to_project, and member_role_name will be ignored.' - - - name: member_role_name - type: string - default: '_member_' - - - name: max_request_body_size - type: integer - default: 114688 - help: 'enforced by optional sizelimit middleware (keystone.middleware:RequestBodySizeLimiter)' - - - name: max_param_size - type: integer - default: 64 - help: 'limit the sizes of user & tenant ID/names' - - - name: max_token_size - type: integer - default: 8192 - help: 'similar to max_param_size, but provides an exception for token values' - - - name: debug - type: boolean - default: false - help: '=== Logging Options === Print debugging output (includes plaintext request logging, potentially including passwords)' - - - name: verbose - type: boolean - default: false - help: 'Print more verbose output' - - - name: log_file - type: string - default: 'keystone.log' - help: 'Name of log file to output to. If not set, logging will go to stdout.' - - - name: log_dir - type: string - default: '/var/log/keystone' - help: 'The directory to keep log files in (will be prepended to --logfile)' - - - name: use_syslog - type: boolean - default: false - help: 'Use syslog for logging.' - - - name: syslog_log_facility - type: string - default: 'LOG_USER' - help: 'syslog facility to receive log lines' - - - name: log_config - type: string - default: 'logging.conf' - help: 'If this option is specified, the logging configuration file specified is used and overrides any other logging options specified. Please see the Python logging module documentation for details on logging configuration files.' - - - name: log_format - type: string - default: '%(asctime)s %(levelname)8s [%(name)s] %(message)s' - help: 'A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes.' - - - name: log_date_format - type: string - default: '%Y-%m-%d %H:%M:%S' - help: 'Format string for %(asctime)s in log records.' - - - name: onready - type: string - default: 'keystone.common.systemd' - help: 'onready allows you to send a notification when the process is ready to serve For example, to have it notify using systemd, one could set shell command: onready = systemd-notify --ready or a module with notify() method:' - - - name: default_notification_level - type: string - default: 'INFO' - help: 'Default notification level for outgoing notifications' - - - name: default_publisher_id - type: string - default: '' - help: 'Default publisher_id for outgoing notifications; included in the payload.' - - - name: rpc_backend - type: string - default: 'keystone.openstack.common.rpc.impl_kombu' - help: 'The messaging module to use, defaults to kombu.' - - - name: rpc_thread_pool_size - type: integer - default: 64 - help: 'Size of RPC thread pool' - - - name: rpc_conn_pool_size - type: integer - default: 30 - help: 'Size of RPC connection pool' - - - name: rpc_response_timeout - type: integer - default: 60 - help: 'Seconds to wait for a response from call or multicall' - - - name: rpc_cast_timeout - type: integer - default: 30 - help: 'Seconds to wait before a cast expires (TTL). Only supported by impl_zmq.' - - - name: fake_rabbit - type: boolean - default: false - help: 'If True, use a fake RabbitMQ provider' - - - name: control_exchange - type: string - default: 'openstack' - help: 'AMQP exchange to connect to if using RabbitMQ or Qpid' - - - name: sql.connection - type: string - default: 'sqlite:///keystone.db' - help: 'The SQLAlchemy connection string used to connect to the database' - - - name: sql.idle_timeout - type: integer - default: 200 - help: 'the timeout before idle sql connections are reaped' - - - name: oauth1.driver - type: string - default: 'keystone.contrib.oauth1.backends.sql.OAuth1' - - - name: identity.default_domain_id - type: string - default: 'default' - help: 'This references the domain to use for all Identity API v2 requests (which are not aware of domains). A domain with this ID will be created for you by keystone-manage db_sync in migration 008. The domain referenced by this ID cannot be deleted on the v3 API, to prevent accidentally breaking the v2 API. There is nothing special about this domain, other than the fact that it must exist to order to maintain support for your v2 clients.' - - - name: identity.domain_specific_drivers_enabled - type: boolean - default: false - help: 'A subset (or all) of domains can have their own identity driver, each with their own partial configuration file in a domain configuration directory. Only' - - - name: identity.domain_config_dir - type: string - default: '/etc/keystone/domains' - - - name: identity.max_password_length - type: integer - default: 4096 - help: 'Maximum supported length for user passwords; decrease to improve performance.' - - - name: cache.enabled - type: boolean - default: false - help: 'Global cache functionality toggle.' - - - name: catalog.template_file - type: string - default: 'default_catalog.templates' - - - name: endpoint_filter.return_all_endpoints_if_no_filter - type: boolean - default: true - - - name: token.provider - type: string - default: '' - help: 'Controls the token construction, validation, and revocation operations. Core providers are keystone.token.providers.[pki|uuid].Provider' - - - name: token.expiration - type: integer - default: 86400 - help: 'Amount of time a token should remain valid (in seconds)' - - - name: token.bind - type: string - default: '' - help: 'External auth mechanisms that should add bind information to token. eg kerberos, x509' - - - name: token.enforce_token_bind - type: string - default: 'permissive' - help: 'Enforcement policy on tokens presented to keystone with bind information. One of disabled, permissive, strict, required or a specifically required bind mode e.g. kerberos or x509 to require binding to that authentication.' - - - name: assignment.caching - type: boolean - default: true - help: 'Assignment specific caching toggle. This has no effect unless the global caching option is set to True' - - - name: assignment.cache_time - type: integer - default: 0 - help: 'Assignment specific cache time-to-live (TTL) in seconds.' - - - name: token.revocation_cache_time - type: integer - default: 3600 - help: 'Revocation-List specific cache time-to-live (TTL) in seconds.' - - - name: cache.config_prefix - type: string - default: 'cache.keystone' - help: 'Prefix for building the configuration dictionary for the cache region. This should not need to be changed unless there is another dogpile.cache region with the same configuration name' - - - name: cache.backend - type: string - default: 'keystone.common.cache.noop' - help: 'Dogpile.cache backend module. It is recommended that Memcache (dogpile.cache.memcache) or Redis (dogpile.cache.redis) be used in production deployments. Small workloads (single process) like devstack can use the dogpile.cache.memory backend.' - - - name: cache.backend_argument - type: string - default: '' - help: 'Arguments supplied to the backend module. Specify this option once per argument to be passed to the dogpile.cache backend. Example format: :' - - - name: cache.proxies - type: string - default: '' - help: 'Proxy Classes to import that will affect the way the dogpile.cache backend functions. See the dogpile.cache documentation on changing-backend-behavior. Comma delimited list e.g. my.dogpile.proxy.Class, my.dogpile.proxyClass2' - - - name: cache.use_key_mangler - type: boolean - default: true - help: 'Use a key-mangling function (sha1) to ensure fixed length cache-keys. This is toggle-able for debugging purposes, it is highly recommended to always leave this set to True.' - - - name: cache.debug_cache_backend - type: boolean - default: false - help: 'Extra debugging from the cache backend (cache keys, get/set/delete/etc calls) This is only really useful if you need to see the specific cache-backend get/set/delete calls with the keys/values. Typically this should be left set to False.' - - - name: oauth1.request_token_duration - type: integer - default: 28800 - help: 'The Identity service may include expire attributes. If no such attribute is included, then the token lasts indefinitely. Specify how quickly the request token will expire (in seconds)' - - - name: oauth1.access_token_duration - type: integer - default: 86400 - help: 'Specify how quickly the access token will expire (in seconds)' - - - name: ssl.enable - type: boolean - default: true - - - name: signing.certfile - type: string - default: '/etc/keystone/pki/certs/signing_cert.pem' - - - name: signing.keyfile - type: string - default: '/etc/keystone/pki/private/signing_key.pem' - - - name: signing.ca_certs - type: string - default: '/etc/keystone/pki/certs/cacert.pem' - - - name: signing.ca_key - type: string - default: '/etc/keystone/pki/private/cakey.pem' - - - name: signing.key_size - type: integer - default: 2048 - - - name: signing.valid_days - type: integer - default: 3650 - - - name: ssl.cert_required - type: boolean - default: false - - - name: signing.cert_subject - type: string - default: '/CUS/STUnset/LUnset/OUnset/CNwww.example.com' - - - name: signing.token_format - type: string - default: '' - help: 'Deprecated in favor of provider in the [token] section Allowed values are PKI or UUID' - - - name: ldap.url - type: string - default: 'ldap://localhost' - - - name: ldap.user - type: string - default: 'dcManager,dcexample,dccom' - - - name: auth.password - type: string - default: 'keystone.auth.plugins.password.Password' - - - name: ldap.suffix - type: string - default: 'cnexample,cncom' - - - name: ldap.use_dumb_member - type: boolean - default: false - - - name: ldap.allow_subtree_delete - type: boolean - default: false - - - name: ldap.dumb_member - type: string - default: 'cndumb,dcexample,dccom' - - - name: ldap.page_size - type: integer - default: 0 - help: "Maximum results per page; a value of zero ('0') disables paging (default)" - - - name: ldap.alias_dereferencing - type: string - default: 'default' - help: "The LDAP dereferencing option for queries. This can be either 'never', 'searching', 'always', 'finding' or 'default'. The 'default' option falls back to using default dereferencing configured by your ldap.conf." - - - name: ldap.query_scope - type: string - default: 'one' - help: "The LDAP scope for queries, this can be either 'one' (onelevel/singleLevel) or 'sub' (subtree/wholeSubtree)" - - - name: ldap.user_tree_dn - type: string - default: 'ouUsers,dcexample,dccom' - - - name: ldap.user_filter - type: string - default: '' - - - name: ldap.user_objectclass - type: string - default: 'inetOrgPerson' - - - name: ldap.user_domain_id_attribute - type: string - default: 'businessCategory' - - - name: ldap.user_id_attribute - type: string - default: 'cn' - - - name: ldap.user_name_attribute - type: string - default: 'sn' - - - name: ldap.user_mail_attribute - type: string - default: 'email' - - - name: ldap.user_pass_attribute - type: string - default: 'userPassword' - - - name: ldap.user_enabled_attribute - type: string - default: 'enabled' - - - name: ldap.user_enabled_mask - type: integer - default: 0 - - - name: ldap.user_enabled_default - type: boolean - default: true - - - name: ldap.user_attribute_ignore - type: string - default: 'tenant_id,tenants' - - - name: ldap.user_allow_create - type: boolean - default: true - - - name: ldap.user_allow_update - type: boolean - default: true - - - name: ldap.user_allow_delete - type: boolean - default: true - - - name: ldap.user_enabled_emulation - type: boolean - default: false - - - name: ldap.user_enabled_emulation_dn - type: string - default: '' - - - name: ldap.tenant_tree_dn - type: string - default: 'ouProjects,dcexample,dccom' - - - name: ldap.tenant_filter - type: string - default: '' - - - name: ldap.tenant_objectclass - type: string - default: 'groupOfNames' - - - name: ldap.tenant_domain_id_attribute - type: string - default: 'businessCategory' - - - name: ldap.tenant_id_attribute - type: string - default: 'cn' - - - name: ldap.tenant_member_attribute - type: string - default: 'member' - - - name: ldap.tenant_name_attribute - type: string - default: 'ou' - - - name: ldap.tenant_desc_attribute - type: string - default: 'desc' - - - name: ldap.tenant_enabled_attribute - type: string - default: 'enabled' - - - name: ldap.tenant_attribute_ignore - type: string - default: '' - - - name: ldap.tenant_allow_create - type: boolean - default: true - - - name: ldap.tenant_allow_update - type: boolean - default: true - - - name: ldap.tenant_allow_delete - type: boolean - default: true - - - name: ldap.tenant_enabled_emulation - type: boolean - default: false - - - name: ldap.tenant_enabled_emulation_dn - type: string - default: '' - - - name: ldap.role_tree_dn - type: string - default: 'ouRoles,dcexample,dccom' - - - name: ldap.role_filter - type: string - default: '' - - - name: ldap.role_objectclass - type: string - default: 'organizationalRole' - - - name: ldap.role_id_attribute - type: string - default: 'cn' - - - name: ldap.role_name_attribute - type: string - default: 'ou' - - - name: ldap.role_member_attribute - type: string - default: 'roleOccupant' - - - name: ldap.role_attribute_ignore - type: string - default: '' - - - name: ldap.role_allow_create - type: boolean - default: true - - - name: ldap.role_allow_update - type: boolean - default: true - - - name: ldap.role_allow_delete - type: boolean - default: true - - - name: ldap.group_tree_dn - type: string - default: '' - - - name: ldap.group_filter - type: string - default: '' - - - name: ldap.group_objectclass - type: string - default: 'groupOfNames' - - - name: ldap.group_id_attribute - type: string - default: 'cn' - - - name: ldap.group_name_attribute - type: string - default: 'ou' - - - name: ldap.group_member_attribute - type: string - default: 'member' - - - name: ldap.group_desc_attribute - type: string - default: 'desc' - - - name: ldap.group_attribute_ignore - type: string - default: '' - - - name: ldap.group_allow_create - type: boolean - default: true - - - name: ldap.group_allow_update - type: boolean - default: true - - - name: ldap.group_allow_delete - type: boolean - default: true - - - name: ldap.use_tls - type: boolean - default: false - help: 'ldap TLS options if both tls_cacertfile and tls_cacertdir are set then tls_cacertfile will be used and tls_cacertdir is ignored valid options for tls_req_cert are demand, never, and allow' - - - name: ldap.tls_cacertfile - type: string - default: '' - - - name: ldap.tls_cacertdir - type: string - default: '' - - - name: ldap.tls_req_cert - type: string - default: 'demand' - - - name: ldap.user_additional_attribute_mapping - type: string - default: '' - - - name: ldap.domain_additional_attribute_mapping - type: string - default: '' - - - name: ldap.group_additional_attribute_mapping - type: string - default: '' - - - name: ldap.role_additional_attribute_mapping - type: string - default: '' - - - name: ldap.project_additional_attribute_mapping - type: string - default: '' - - - name: auth.methods - type: string - default: 'external,password,token,oauth1' - - - name: auth.external - type: string - default: 'keystone.auth.plugins.external.ExternalDefault' - - - name: auth.token - type: string - default: 'keystone.auth.plugins.token.Token' - - - name: auth.oauth1 - type: string - default: 'keystone.auth.plugins.oauth1.OAuth' - - - name: paste_deploy.config_file - type: string - default: 'keystone-paste.ini' - help: 'Name of the paste configuration file that defines the available pipelines' - diff --git a/rubick/schemas/keystone/2013.1.4.yml b/rubick/schemas/keystone/2013.1.4.yml deleted file mode 100644 index 64ad67a..0000000 --- a/rubick/schemas/keystone/2013.1.4.yml +++ /dev/null @@ -1,642 +0,0 @@ -project: keystone -version: '2013.1.4' -parameters: - - - name: admin_token - type: string - default: 'ADMIN' - help: "A 'shared secret' between keystone and other openstack services" - - - name: bind_host - type: host - default: '0.0.0.0' - help: 'The IP address of the network interface to listen on' - - - name: public_port - type: port - default: 5000 - help: 'The port number which the public service listens on' - - - name: admin_port - type: port - default: 35357 - help: 'The port number which the public admin listens on' - - - name: public_endpoint - type: string - default: 'http://localhost:%(public_port)s/' - help: 'The base endpoint URLs for keystone that are advertised to clients (NOTE: this does NOT affect how keystone listens for connections)' - - - name: admin_endpoint - type: string - default: 'http://localhost:%(admin_port)s/' - - - name: compute_port - type: port - default: 8774 - help: 'The port number which the OpenStack Compute service listens on' - - - name: policy_file - type: string - default: 'policy.json' - help: 'Path to your policy definition containing identity actions' - - - name: policy_default_rule - type: string - default: 'admin_required' - help: 'Rule to check if no matching policy definition is found FIXME(dolph): This should really be defined as [policy] default_rule' - - - name: member_role_id - type: string - default: '9fe2ff9ee4384b1894a90878d3e92bab' - help: 'Role for migrating membership relationships During a SQL upgrade, the following values will be used to create a new role that will replace records in the user_tenant_membership table with explicit role grants. After migration, the member_role_id will be used in the API add_user_to_project, and member_role_name will be ignored.' - - - name: member_role_name - type: string - default: '_member_' - - - name: max_request_body_size - type: integer - default: 114688 - help: 'enforced by optional sizelimit middleware (keystone.middleware:RequestBodySizeLimiter)' - - - name: max_param_size - type: integer - default: 64 - help: 'limit the sizes of user & tenant ID/names' - - - name: max_token_size - type: integer - default: 8192 - help: 'similar to max_param_size, but provides an exception for token values' - - - name: debug - type: boolean - default: False - help: '=== Logging Options === Print debugging output (includes plaintext request logging, potentially including passwords)' - - - name: verbose - type: boolean - default: False - help: 'Print more verbose output' - - - name: log_file - type: string - default: 'keystone.log' - help: 'Name of log file to output to. If not set, logging will go to stdout.' - - - name: log_dir - type: string - default: '/var/log/keystone' - help: 'The directory to keep log files in (will be prepended to --logfile)' - - - name: use_syslog - type: boolean - default: False - help: 'Use syslog for logging.' - - - name: syslog_log_facility - type: string - default: 'LOG_USER' - help: 'syslog facility to receive log lines' - - - name: log_config - type: string - default: 'logging.conf' - help: 'If this option is specified, the logging configuration file specified is used and overrides any other logging options specified. Please see the Python logging module documentation for details on logging configuration files.' - - - name: log_format - type: string - default: '%(asctime)s %(levelname)8s [%(name)s] %(message)s' - help: 'A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes.' - - - name: log_date_format - type: string - default: '%Y-%m-%d %H:%M:%S' - help: 'Format string for %(asctime)s in log records.' - - - name: onready - type: string - default: 'keystone.common.systemd' - help: 'onready allows you to send a notification when the process is ready to serve For example, to have it notify using systemd, one could set shell command: onready = systemd-notify --ready or a module with notify() method:' - - - name: default_notification_level - type: string - default: 'INFO' - help: 'Default notification level for outgoing notifications' - - - name: default_publisher_id - type: string - default: '' - help: 'Default publisher_id for outgoing notifications; included in the payload.' - - - name: rpc_backend - type: string - default: 'keystone.openstack.common.rpc.impl_kombu' - help: 'The messaging module to use, defaults to kombu.' - - - name: rpc_thread_pool_size - type: integer - default: 64 - help: 'Size of RPC thread pool' - - - name: rpc_conn_pool_size - type: integer - default: 30 - help: 'Size of RPC connection pool' - - - name: rpc_response_timeout - type: integer - default: 60 - help: 'Seconds to wait for a response from call or multicall' - - - name: rpc_cast_timeout - type: integer - default: 30 - help: 'Seconds to wait before a cast expires (TTL). Only supported by impl_zmq.' - - - name: fake_rabbit - type: boolean - default: False - help: 'If True, use a fake RabbitMQ provider' - - - name: control_exchange - type: string - default: 'openstack' - help: 'AMQP exchange to connect to if using RabbitMQ or Qpid' - - - name: sql.connection - type: string - default: 'sqlite:///keystone.db' - help: 'The SQLAlchemy connection string used to connect to the database' - - - name: sql.idle_timeout - type: integer - default: 200 - help: 'the timeout before idle sql connections are reaped' - - - name: oauth1.driver - type: string - default: 'keystone.contrib.oauth1.backends.sql.OAuth1' - - - name: identity.default_domain_id - type: string - default: 'default' - help: 'This references the domain to use for all Identity API v2 requests (which are not aware of domains). A domain with this ID will be created for you by keystone-manage db_sync in migration 008. The domain referenced by this ID cannot be deleted on the v3 API, to prevent accidentally breaking the v2 API. There is nothing special about this domain, other than the fact that it must exist to order to maintain support for your v2 clients.' - - - name: identity.domain_specific_drivers_enabled - type: boolean - default: False - help: 'A subset (or all) of domains can have their own identity driver, each with their own partial configuration file in a domain configuration directory. Only' - - - name: identity.domain_config_dir - type: string - default: '/etc/keystone/domains' - - - name: identity.max_password_length - type: integer - default: 4096 - help: 'Maximum supported length for user passwords; decrease to improve performance.' - - - name: cache.enabled - type: boolean - default: False - help: 'Global cache functionality toggle.' - - - name: catalog.template_file - type: string - default: 'default_catalog.templates' - - - name: endpoint_filter.return_all_endpoints_if_no_filter - type: boolean - default: True - - - name: token.provider - type: string - default: '' - help: 'Controls the token construction, validation, and revocation operations. Core providers are keystone.token.providers.[pki|uuid].Provider' - - - name: token.expiration - type: integer - default: 86400 - help: 'Amount of time a token should remain valid (in seconds)' - - - name: token.bind - type: string - default: '' - help: 'External auth mechanisms that should add bind information to token. eg kerberos, x509' - - - name: token.enforce_token_bind - type: string - default: 'permissive' - help: 'Enforcement policy on tokens presented to keystone with bind information. One of disabled, permissive, strict, required or a specifically required bind mode e.g. kerberos or x509 to require binding to that authentication.' - - - name: assignment.caching - type: boolean - default: True - help: 'Assignment specific caching toggle. This has no effect unless the global caching option is set to True' - - - name: assignment.cache_time - type: integer - default: 0 - help: 'Assignment specific cache time-to-live (TTL) in seconds.' - - - name: token.revocation_cache_time - type: integer - default: 3600 - help: 'Revocation-List specific cache time-to-live (TTL) in seconds.' - - - name: cache.config_prefix - type: string - default: 'cache.keystone' - help: 'Prefix for building the configuration dictionary for the cache region. This should not need to be changed unless there is another dogpile.cache region with the same configuration name' - - - name: cache.backend - type: string - default: 'keystone.common.cache.noop' - help: 'Dogpile.cache backend module. It is recommended that Memcache (dogpile.cache.memcache) or Redis (dogpile.cache.redis) be used in production deployments. Small workloads (single process) like devstack can use the dogpile.cache.memory backend.' - - - name: cache.backend_argument - type: string - default: '' - help: 'Arguments supplied to the backend module. Specify this option once per argument to be passed to the dogpile.cache backend. Example format: :' - - - name: cache.proxies - type: string - default: '' - help: 'Proxy Classes to import that will affect the way the dogpile.cache backend functions. See the dogpile.cache documentation on changing-backend-behavior. Comma delimited list e.g. my.dogpile.proxy.Class, my.dogpile.proxyClass2' - - - name: cache.use_key_mangler - type: boolean - default: True - help: 'Use a key-mangling function (sha1) to ensure fixed length cache-keys. This is toggle-able for debugging purposes, it is highly recommended to always leave this set to True.' - - - name: cache.debug_cache_backend - type: boolean - default: False - help: 'Extra debugging from the cache backend (cache keys, get/set/delete/etc calls) This is only really useful if you need to see the specific cache-backend get/set/delete calls with the keys/values. Typically this should be left set to False.' - - - name: oauth1.request_token_duration - type: integer - default: 28800 - help: 'The Identity service may include expire attributes. If no such attribute is included, then the token lasts indefinitely. Specify how quickly the request token will expire (in seconds)' - - - name: oauth1.access_token_duration - type: integer - default: 86400 - help: 'Specify how quickly the access token will expire (in seconds)' - - - name: ssl.enable - type: boolean - default: True - - - name: signing.certfile - type: string - default: '/etc/keystone/pki/certs/signing_cert.pem' - - - name: signing.keyfile - type: string - default: '/etc/keystone/pki/private/signing_key.pem' - - - name: signing.ca_certs - type: string - default: '/etc/keystone/pki/certs/cacert.pem' - - - name: signing.ca_key - type: string - default: '/etc/keystone/pki/private/cakey.pem' - - - name: signing.key_size - type: integer - default: 2048 - - - name: signing.valid_days - type: integer - default: 3650 - - - name: ssl.cert_required - type: boolean - default: False - - - name: signing.cert_subject - type: string - default: '/CUS/STUnset/LUnset/OUnset/CNwww.example.com' - - - name: signing.token_format - type: string - default: '' - help: 'Deprecated in favor of provider in the [token] section Allowed values are PKI or UUID' - - - name: ldap.url - type: string - default: 'ldap://localhost' - - - name: ldap.user - type: string - default: 'dcManager,dcexample,dccom' - - - name: auth.password - type: string - default: 'keystone.auth.plugins.password.Password' - - - name: ldap.suffix - type: string - default: 'cnexample,cncom' - - - name: ldap.use_dumb_member - type: boolean - default: False - - - name: ldap.allow_subtree_delete - type: boolean - default: False - - - name: ldap.dumb_member - type: string - default: 'cndumb,dcexample,dccom' - - - name: ldap.page_size - type: integer - default: 0 - help: "Maximum results per page; a value of zero ('0') disables paging (default)" - - - name: ldap.alias_dereferencing - type: string - default: 'default' - help: "The LDAP dereferencing option for queries. This can be either 'never', 'searching', 'always', 'finding' or 'default'. The 'default' option falls back to using default dereferencing configured by your ldap.conf." - - - name: ldap.query_scope - type: string - default: 'one' - help: "The LDAP scope for queries, this can be either 'one' (onelevel/singleLevel) or 'sub' (subtree/wholeSubtree)" - - - name: ldap.user_tree_dn - type: string - default: 'ouUsers,dcexample,dccom' - - - name: ldap.user_filter - type: string - default: '' - - - name: ldap.user_objectclass - type: string - default: 'inetOrgPerson' - - - name: ldap.user_domain_id_attribute - type: string - default: 'businessCategory' - - - name: ldap.user_id_attribute - type: string - default: 'cn' - - - name: ldap.user_name_attribute - type: string - default: 'sn' - - - name: ldap.user_mail_attribute - type: string - default: 'email' - - - name: ldap.user_pass_attribute - type: string - default: 'userPassword' - - - name: ldap.user_enabled_attribute - type: string - default: 'enabled' - - - name: ldap.user_enabled_mask - type: integer - default: 0 - - - name: ldap.user_enabled_default - type: boolean - default: True - - - name: ldap.user_attribute_ignore - type: string - default: 'tenant_id,tenants' - - - name: ldap.user_allow_create - type: boolean - default: True - - - name: ldap.user_allow_update - type: boolean - default: True - - - name: ldap.user_allow_delete - type: boolean - default: True - - - name: ldap.user_enabled_emulation - type: boolean - default: False - - - name: ldap.user_enabled_emulation_dn - type: string - default: '' - - - name: ldap.tenant_tree_dn - type: string - default: 'ouProjects,dcexample,dccom' - - - name: ldap.tenant_filter - type: string - default: '' - - - name: ldap.tenant_objectclass - type: string - default: 'groupOfNames' - - - name: ldap.tenant_domain_id_attribute - type: string - default: 'businessCategory' - - - name: ldap.tenant_id_attribute - type: string - default: 'cn' - - - name: ldap.tenant_member_attribute - type: string - default: 'member' - - - name: ldap.tenant_name_attribute - type: string - default: 'ou' - - - name: ldap.tenant_desc_attribute - type: string - default: 'desc' - - - name: ldap.tenant_enabled_attribute - type: string - default: 'enabled' - - - name: ldap.tenant_attribute_ignore - type: string - default: '' - - - name: ldap.tenant_allow_create - type: boolean - default: True - - - name: ldap.tenant_allow_update - type: boolean - default: True - - - name: ldap.tenant_allow_delete - type: boolean - default: True - - - name: ldap.tenant_enabled_emulation - type: boolean - default: False - - - name: ldap.tenant_enabled_emulation_dn - type: string - default: '' - - - name: ldap.role_tree_dn - type: string - default: 'ouRoles,dcexample,dccom' - - - name: ldap.role_filter - type: string - default: '' - - - name: ldap.role_objectclass - type: string - default: 'organizationalRole' - - - name: ldap.role_id_attribute - type: string - default: 'cn' - - - name: ldap.role_name_attribute - type: string - default: 'ou' - - - name: ldap.role_member_attribute - type: string - default: 'roleOccupant' - - - name: ldap.role_attribute_ignore - type: string - default: '' - - - name: ldap.role_allow_create - type: boolean - default: True - - - name: ldap.role_allow_update - type: boolean - default: True - - - name: ldap.role_allow_delete - type: boolean - default: True - - - name: ldap.group_tree_dn - type: string - default: '' - - - name: ldap.group_filter - type: string - default: '' - - - name: ldap.group_objectclass - type: string - default: 'groupOfNames' - - - name: ldap.group_id_attribute - type: string - default: 'cn' - - - name: ldap.group_name_attribute - type: string - default: 'ou' - - - name: ldap.group_member_attribute - type: string - default: 'member' - - - name: ldap.group_desc_attribute - type: string - default: 'desc' - - - name: ldap.group_attribute_ignore - type: string - default: '' - - - name: ldap.group_allow_create - type: boolean - default: True - - - name: ldap.group_allow_update - type: boolean - default: True - - - name: ldap.group_allow_delete - type: boolean - default: True - - - name: ldap.use_tls - type: boolean - default: False - help: 'ldap TLS options if both tls_cacertfile and tls_cacertdir are set then tls_cacertfile will be used and tls_cacertdir is ignored valid options for tls_req_cert are demand, never, and allow' - - - name: ldap.tls_cacertfile - type: string - default: '' - - - name: ldap.tls_cacertdir - type: string - default: '' - - - name: ldap.tls_req_cert - type: string - default: 'demand' - - - name: ldap.user_additional_attribute_mapping - type: string - default: '' - - - name: ldap.domain_additional_attribute_mapping - type: string - default: '' - - - name: ldap.group_additional_attribute_mapping - type: string - default: '' - - - name: ldap.role_additional_attribute_mapping - type: string - default: '' - - - name: ldap.project_additional_attribute_mapping - type: string - default: '' - - - name: auth.methods - type: string - default: 'external,password,token,oauth1' - - - name: auth.external - type: string - default: 'keystone.auth.plugins.external.ExternalDefault' - - - name: auth.token - type: string - default: 'keystone.auth.plugins.token.Token' - - - name: auth.oauth1 - type: string - default: 'keystone.auth.plugins.oauth1.OAuth' - - - name: paste_deploy.config_file - type: string - default: 'keystone-paste.ini' - help: 'Name of the paste configuration file that defines the available pipelines' - diff --git a/rubick/schemas/keystone/2013.2.0.yml b/rubick/schemas/keystone/2013.2.0.yml deleted file mode 100644 index cc1a356..0000000 --- a/rubick/schemas/keystone/2013.2.0.yml +++ /dev/null @@ -1,666 +0,0 @@ -project: keystone -version: '2013.2.0' -parameters: - - - name: admin_token - type: string - default: 'ADMIN' - help: "A 'shared secret' between keystone and other openstack services" - - - name: bind_host - type: host - default: '0.0.0.0' - help: 'The IP address of the network interface to listen on' - - - name: public_port - type: port - default: 5000 - help: 'The port number which the public service listens on' - - - name: admin_port - type: port - default: 35357 - help: 'The port number which the public admin listens on' - - - name: public_endpoint - type: string - default: 'http://localhost:%(public_port)s/' - help: 'The base endpoint URLs for keystone that are advertised to clients (NOTE: this does NOT affect how keystone listens for connections)' - - - name: admin_endpoint - type: string - default: 'http://localhost:%(admin_port)s/' - help: 'The base endpoint URLs for keystone that are advertised to clients (NOTE: this does NOT affect how keystone listens for connections)' - - - name: compute_port - type: port - default: 8774 - help: 'The port number which the OpenStack Compute service listens on' - - - name: policy_file - type: string - default: 'policy.json' - help: 'Path to your policy definition containing identity actions' - - - name: policy_default_rule - type: string - default: 'admin_required' - help: 'Rule to check if no matching policy definition is found FIXME(dolph): This should really be defined as [policy] default_rule' - - - name: member_role_id - type: string - default: '9fe2ff9ee4384b1894a90878d3e92bab' - help: 'Role for migrating membership relationships During a SQL upgrade, the following values will be used to create a new role that will replace records in the user_tenant_membership table with explicit role grants. After migration, the member_role_id will be used in the API add_user_to_project, and member_role_name will be ignored.' - - - name: member_role_name - type: string - default: '_member_' - help: 'Role for migrating membership relationships During a SQL upgrade, the following values will be used to create a new role that will replace records in the user_tenant_membership table with explicit role grants. After migration, the member_role_id will be used in the API add_user_to_project, and member_role_name will be ignored.' - - - name: max_request_body_size - type: integer - default: 114688 - help: 'enforced by optional sizelimit middleware (keystone.middleware:RequestBodySizeLimiter)' - - - name: max_param_size - type: integer - default: 64 - help: 'limit the sizes of user & tenant ID/names' - - - name: max_token_size - type: integer - default: 8192 - help: 'similar to max_param_size, but provides an exception for token values' - - - name: debug - type: boolean - default: false - help: '=== Logging Options === Print debugging output (includes plaintext request logging, potentially including passwords)' - - - name: verbose - type: boolean - default: false - help: 'Print more verbose output' - - - name: log_file - type: string - default: 'keystone.log' - help: 'Name of log file to output to. If not set, logging will go to stdout.' - - - name: log_dir - type: string - default: '/var/log/keystone' - help: 'The directory to keep log files in (will be prepended to --logfile)' - - - name: use_syslog - type: boolean - default: false - help: 'Use syslog for logging.' - - - name: syslog_log_facility - type: string - default: 'LOG_USER' - help: 'syslog facility to receive log lines' - - - name: log_config - type: string - default: 'logging.conf' - help: 'If this option is specified, the logging configuration file specified is used and overrides any other logging options specified. Please see the Python logging module documentation for details on logging configuration files.' - - - name: log_format - type: string - default: '%(asctime)s %(levelname)8s [%(name)s] %(message)s' - help: 'A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes.' - - - name: log_date_format - type: string - default: '%Y-%m-%d %H:%M:%S' - help: 'Format string for %(asctime)s in log records.' - - - name: onready - type: string - default: 'keystone.common.systemd' - help: 'onready allows you to send a notification when the process is ready to serve For example, to have it notify using systemd, one could set shell command: onready = systemd-notify --ready or a module with notify() method:' - - - name: default_notification_level - type: string - default: 'INFO' - help: 'Default notification level for outgoing notifications' - - - name: default_publisher_id - type: string - default: '' - help: 'Default publisher_id for outgoing notifications; included in the payload.' - - - name: rpc_backend - type: string - default: 'keystone.openstack.common.rpc.impl_kombu' - help: 'The messaging module to use, defaults to kombu.' - - - name: rpc_thread_pool_size - type: integer - default: 64 - help: 'Size of RPC thread pool' - - - name: rpc_conn_pool_size - type: integer - default: 30 - help: 'Size of RPC connection pool' - - - name: rpc_response_timeout - type: integer - default: 60 - help: 'Seconds to wait for a response from call or multicall' - - - name: rpc_cast_timeout - type: integer - default: 30 - help: 'Seconds to wait before a cast expires (TTL). Only supported by impl_zmq.' - - - name: fake_rabbit - type: boolean - default: false - help: 'If True, use a fake RabbitMQ provider' - - - name: control_exchange - type: string - default: 'openstack' - help: 'AMQP exchange to connect to if using RabbitMQ or Qpid' - - - name: sql.connection - type: string - default: 'sqlite:///keystone.db' - help: 'The SQLAlchemy connection string used to connect to the database' - - - name: sql.idle_timeout - type: integer - default: 200 - help: 'the timeout before idle sql connections are reaped' - - - name: oauth1.driver - type: string - default: 'keystone.contrib.oauth1.backends.sql.OAuth1' - - - name: identity.default_domain_id - type: string - default: 'default' - help: 'This references the domain to use for all Identity API v2 requests (which are not aware of domains). A domain with this ID will be created for you by keystone-manage db_sync in migration 008. The domain referenced by this ID cannot be deleted on the v3 API, to prevent accidentally breaking the v2 API. There is nothing special about this domain, other than the fact that it must exist to order to maintain support for your v2 clients.' - - - name: identity.domain_specific_drivers_enabled - type: boolean - default: false - help: 'A subset (or all) of domains can have their own identity driver, each with their own partial configuration file in a domain configuration directory. Only values specific to the domain need to be placed in the domain specific configuration file. This feature is disabled by default; set domain_specific_drivers_enabled to True to enable.' - - - name: identity.domain_config_dir - type: string - default: '/etc/keystone/domains' - help: 'A subset (or all) of domains can have their own identity driver, each with their own partial configuration file in a domain configuration directory. Only values specific to the domain need to be placed in the domain specific configuration file. This feature is disabled by default; set domain_specific_drivers_enabled to True to enable.' - - - name: identity.max_password_length - type: integer - default: 4096 - help: 'Maximum supported length for user passwords; decrease to improve performance.' - - - name: cache.enabled - type: boolean - default: false - help: 'Global cache functionality toggle.' - - - name: catalog.template_file - type: string - default: 'default_catalog.templates' - - - name: endpoint_filter.return_all_endpoints_if_no_filter - type: boolean - default: true - help: 'extension for creating associations between project and endpoints in order to provide a tailored catalog for project-scoped token requests.' - - - name: token.provider - type: string - default: '' - help: 'Controls the token construction, validation, and revocation operations. Core providers are keystone.token.providers.[pki|uuid].Provider' - - - name: token.expiration - type: integer - default: 86400 - help: 'Amount of time a token should remain valid (in seconds)' - - - name: token.bind - type: string - default: '' - help: 'External auth mechanisms that should add bind information to token. eg kerberos, x509' - - - name: token.enforce_token_bind - type: string - default: 'permissive' - help: 'Enforcement policy on tokens presented to keystone with bind information. One of disabled, permissive, strict, required or a specifically required bind mode e.g. kerberos or x509 to require binding to that authentication.' - - - name: assignment.caching - type: boolean - default: true - help: 'Assignment specific caching toggle. This has no effect unless the global caching option is set to True' - - - name: assignment.cache_time - type: integer - default: ~ - help: 'Assignment specific cache time-to-live (TTL) in seconds.' - - - name: token.revocation_cache_time - type: integer - default: 3600 - help: 'Revocation-List specific cache time-to-live (TTL) in seconds.' - - - name: cache.config_prefix - type: string - default: 'cache.keystone' - help: 'Prefix for building the configuration dictionary for the cache region. This should not need to be changed unless there is another dogpile.cache region with the same configuration name' - - - name: cache.backend - type: string - default: 'keystone.common.cache.noop' - help: 'Dogpile.cache backend module. It is recommended that Memcache (dogpile.cache.memcache) or Redis (dogpile.cache.redis) be used in production deployments. Small workloads (single process) like devstack can use the dogpile.cache.memory backend.' - - - name: cache.backend_argument - type: string - default: '' - help: 'Arguments supplied to the backend module. Specify this option once per argument to be passed to the dogpile.cache backend. Example format: :' - - - name: cache.proxies - type: string - default: '' - help: 'Proxy Classes to import that will affect the way the dogpile.cache backend functions. See the dogpile.cache documentation on changing-backend-behavior. Comma delimited list e.g. my.dogpile.proxy.Class, my.dogpile.proxyClass2' - - - name: cache.use_key_mangler - type: boolean - default: true - help: 'Use a key-mangling function (sha1) to ensure fixed length cache-keys. This is toggle-able for debugging purposes, it is highly recommended to always leave this set to True.' - - - name: cache.debug_cache_backend - type: boolean - default: false - help: 'Extra debugging from the cache backend (cache keys, get/set/delete/etc calls) This is only really useful if you need to see the specific cache-backend get/set/delete calls with the keys/values. Typically this should be left set to False.' - - - name: oauth1.request_token_duration - type: integer - default: 28800 - help: 'The Identity service may include expire attributes. If no such attribute is included, then the token lasts indefinitely. Specify how quickly the request token will expire (in seconds)' - - - name: oauth1.access_token_duration - type: integer - default: 86400 - help: 'The Identity service may include expire attributes. If no such attribute is included, then the token lasts indefinitely. Specify how quickly the request token will expire (in seconds) Specify how quickly the access token will expire (in seconds)' - - - name: ssl.enable - type: boolean - default: true - - - name: signing.certfile - type: string - default: '/etc/keystone/pki/certs/signing_cert.pem' - - - name: signing.keyfile - type: string - default: '/etc/keystone/pki/private/signing_key.pem' - - - name: signing.ca_certs - type: string - default: '/etc/keystone/pki/certs/cacert.pem' - - - name: signing.ca_key - type: string - default: '/etc/keystone/pki/private/cakey.pem' - - - name: signing.key_size - type: integer - default: 2048 - - - name: signing.valid_days - type: integer - default: 3650 - - - name: ssl.cert_required - type: boolean - default: false - - - name: signing.cert_subject - type: string - default: '/C=US/ST=Unset/L=Unset/O=Unset/CN=www.example.com' - - - name: signing.token_format - type: string - default: '' - help: 'Deprecated in favor of provider in the [token] section Allowed values are PKI or UUID' - - - name: ldap.url - type: string - default: 'ldap://localhost' - - - name: ldap.user - type: string - default: 'dcManager,dcexample,dccom' - - - name: auth.password - type: string - default: 'keystone.auth.plugins.password.Password' - - - name: ldap.suffix - type: string - default: 'cnexample,cncom' - - - name: ldap.use_dumb_member - type: boolean - default: false - - - name: ldap.allow_subtree_delete - type: boolean - default: false - - - name: ldap.dumb_member - type: string - default: 'cndumb,dcexample,dccom' - - - name: ldap.page_size - type: integer - default: 0 - help: "Maximum results per page; a value of zero ('0') disables paging (default)" - - - name: ldap.alias_dereferencing - type: string - default: 'default' - help: "The LDAP dereferencing option for queries. This can be either 'never', 'searching', 'always', 'finding' or 'default'. The 'default' option falls back to using default dereferencing configured by your ldap.conf." - - - name: ldap.query_scope - type: string - default: 'one' - help: "The LDAP scope for queries, this can be either 'one' (onelevel/singleLevel) or 'sub' (subtree/wholeSubtree)" - - - name: ldap.user_tree_dn - type: string - default: 'ouUsers,dcexample,dccom' - - - name: ldap.user_filter - type: string - default: '' - - - name: ldap.user_objectclass - type: string - default: 'inetOrgPerson' - - - name: ldap.user_domain_id_attribute - type: string - default: 'businessCategory' - - - name: ldap.user_id_attribute - type: string - default: 'cn' - - - name: ldap.user_name_attribute - type: string - default: 'sn' - - - name: ldap.user_mail_attribute - type: string - default: 'email' - - - name: ldap.user_pass_attribute - type: string - default: 'userPassword' - - - name: ldap.user_enabled_attribute - type: string - default: 'enabled' - - - name: ldap.user_enabled_mask - type: integer - default: 0 - - - name: ldap.user_enabled_default - type: boolean - default: true - - - name: ldap.user_attribute_ignore - type: string - default: 'tenant_id,tenants' - - - name: ldap.user_allow_create - type: boolean - default: true - - - name: ldap.user_allow_update - type: boolean - default: true - - - name: ldap.user_allow_delete - type: boolean - default: true - - - name: ldap.user_enabled_emulation - type: boolean - default: false - - - name: ldap.user_enabled_emulation_dn - type: string - default: '' - - - name: ldap.tenant_tree_dn - type: string - default: 'ouProjects,dcexample,dccom' - - - name: ldap.tenant_filter - type: string - default: '' - - - name: ldap.tenant_objectclass - type: string - default: 'groupOfNames' - - - name: ldap.tenant_domain_id_attribute - type: string - default: 'businessCategory' - - - name: ldap.tenant_id_attribute - type: string - default: 'cn' - - - name: ldap.tenant_member_attribute - type: string - default: 'member' - - - name: ldap.tenant_name_attribute - type: string - default: 'ou' - - - name: ldap.tenant_desc_attribute - type: string - default: 'desc' - - - name: ldap.tenant_enabled_attribute - type: string - default: 'enabled' - - - name: ldap.tenant_attribute_ignore - type: string - default: '' - - - name: ldap.tenant_allow_create - type: boolean - default: true - - - name: ldap.tenant_allow_update - type: boolean - default: true - - - name: ldap.tenant_allow_delete - type: boolean - default: true - - - name: ldap.tenant_enabled_emulation - type: boolean - default: false - - - name: ldap.tenant_enabled_emulation_dn - type: string - default: '' - - - name: ldap.role_tree_dn - type: string - default: 'ouRoles,dcexample,dccom' - - - name: ldap.role_filter - type: string - default: '' - - - name: ldap.role_objectclass - type: string - default: 'organizationalRole' - - - name: ldap.role_id_attribute - type: string - default: 'cn' - - - name: ldap.role_name_attribute - type: string - default: 'ou' - - - name: ldap.role_member_attribute - type: string - default: 'roleOccupant' - - - name: ldap.role_attribute_ignore - type: string - default: '' - - - name: ldap.role_allow_create - type: boolean - default: true - - - name: ldap.role_allow_update - type: boolean - default: true - - - name: ldap.role_allow_delete - type: boolean - default: true - - - name: ldap.group_tree_dn - type: string - default: '' - - - name: ldap.group_filter - type: string - default: '' - - - name: ldap.group_objectclass - type: string - default: 'groupOfNames' - - - name: ldap.group_id_attribute - type: string - default: 'cn' - - - name: ldap.group_name_attribute - type: string - default: 'ou' - - - name: ldap.group_member_attribute - type: string - default: 'member' - - - name: ldap.group_desc_attribute - type: string - default: 'desc' - - - name: ldap.group_attribute_ignore - type: string - default: '' - - - name: ldap.group_allow_create - type: boolean - default: true - - - name: ldap.group_allow_update - type: boolean - default: true - - - name: ldap.group_allow_delete - type: boolean - default: true - - - name: ldap.use_tls - type: boolean - default: false - help: 'ldap TLS options if both tls_cacertfile and tls_cacertdir are set then tls_cacertfile will be used and tls_cacertdir is ignored valid options for tls_req_cert are demand, never, and allow' - - - name: ldap.tls_cacertfile - type: string - default: '' - - - name: ldap.tls_cacertdir - type: string - default: '' - - - name: ldap.tls_req_cert - type: string - default: 'demand' - - - name: ldap.user_additional_attribute_mapping - type: string - default: '' - - - name: ldap.domain_additional_attribute_mapping - type: string - default: '' - - - name: ldap.group_additional_attribute_mapping - type: string - default: '' - - - name: ldap.role_additional_attribute_mapping - type: string - default: '' - - - name: ldap.project_additional_attribute_mapping - type: string - default: '' - - - name: auth.methods - type: string - default: 'external,password,token,oauth1' - - - name: auth.external - type: string - default: 'keystone.auth.plugins.external.ExternalDefault' - - - name: auth.token - type: string - default: 'keystone.auth.plugins.token.Token' - - - name: auth.oauth1 - type: string - default: 'keystone.auth.plugins.oauth1.OAuth' - - - name: paste_deploy.config_file - type: string - default: 'keystone-paste.ini' - help: 'Name of the paste configuration file that defines the available pipelines' - - - name: notification_driver - type: string - default: 'keystone.openstack.common.notifier.rpc_notifier' - help: 'notification_driver can be defined multiple times Do nothing driver (the default) notification_driver = keystone.openstack.common.notifier.no_op_notifier Logging driver example (not enabled by default) notification_driver = keystone.openstack.common.notifier.log_notifier RPC driver example (not enabled by default)' - - - name: notification_topics - type: string - default: 'notifications' - help: 'AMQP topics to publish to when using the RPC notification driver. Multiple values can be specified by separating with commas. The actual topic names will be %s.%(default_notification_level)s' - - - name: allowed_rpc_exception_modules - type: string - default: 'keystone.openstack.common.exception,nova.exception,cinder.exception,exceptions' - help: 'Modules of exceptions that are permitted to be recreated upon receiving exception data from an rpc call.' - - - name: cache.expiration_time - type: integer - default: 600 - help: "Default TTL, in seconds, for any cached item in the dogpile.cache region. This applies to any cached method that doesn't have an explicit cache expiration time defined for it." - diff --git a/rubick/schemas/keystone/keystone.conf.yml b/rubick/schemas/keystone/keystone.conf.yml deleted file mode 100644 index 8feaabf..0000000 --- a/rubick/schemas/keystone/keystone.conf.yml +++ /dev/null @@ -1,864 +0,0 @@ -- version: '2013.1.3' - checkpoint: true - added: - - - name: admin_token - type: string - default: 'ADMIN' - help: "A 'shared secret' between keystone and other openstack services" - comment: 'New param' - - - name: bind_host - type: host - default: '0.0.0.0' - help: 'The IP address of the network interface to listen on' - comment: 'New param' - - - name: public_port - type: port - default: 5000 - help: 'The port number which the public service listens on' - comment: 'New param' - - - name: admin_port - type: port - default: 35357 - help: 'The port number which the public admin listens on' - comment: 'New param' - - - name: public_endpoint - type: string - default: 'http://localhost:%(public_port)s/' - help: 'The base endpoint URLs for keystone that are advertised to clients (NOTE: this does NOT affect how keystone listens for connections)' - comment: 'New param' - - - name: admin_endpoint - type: string - default: 'http://localhost:%(admin_port)s/' - comment: 'New param' - - - name: compute_port - type: port - default: 8774 - help: 'The port number which the OpenStack Compute service listens on' - comment: 'New param' - - - name: policy_file - type: string - default: 'policy.json' - help: 'Path to your policy definition containing identity actions' - comment: 'New param' - - - name: policy_default_rule - type: string - default: 'admin_required' - help: 'Rule to check if no matching policy definition is found FIXME(dolph): This should really be defined as [policy] default_rule' - comment: 'New param' - - - name: member_role_id - type: string - default: '9fe2ff9ee4384b1894a90878d3e92bab' - help: 'Role for migrating membership relationships During a SQL upgrade, the following values will be used to create a new role that will replace records in the user_tenant_membership table with explicit role grants. After migration, the member_role_id will be used in the API add_user_to_project, and member_role_name will be ignored.' - comment: 'New param' - - - name: member_role_name - type: string - default: '_member_' - comment: 'New param' - - - name: max_request_body_size - type: integer - default: 114688 - help: 'enforced by optional sizelimit middleware (keystone.middleware:RequestBodySizeLimiter)' - comment: 'New param' - - - name: max_param_size - type: integer - default: 64 - help: 'limit the sizes of user & tenant ID/names' - comment: 'New param' - - - name: max_token_size - type: integer - default: 8192 - help: 'similar to max_param_size, but provides an exception for token values' - comment: 'New param' - - - name: debug - type: boolean - default: false - help: '=== Logging Options === Print debugging output (includes plaintext request logging, potentially including passwords)' - comment: 'New param' - - - name: verbose - type: boolean - default: false - help: 'Print more verbose output' - comment: 'New param' - - - name: log_file - type: string - default: 'keystone.log' - help: 'Name of log file to output to. If not set, logging will go to stdout.' - comment: 'New param' - - - name: log_dir - type: string - default: '/var/log/keystone' - help: 'The directory to keep log files in (will be prepended to --logfile)' - comment: 'New param' - - - name: use_syslog - type: boolean - default: false - help: 'Use syslog for logging.' - comment: 'New param' - - - name: syslog_log_facility - type: string - default: 'LOG_USER' - help: 'syslog facility to receive log lines' - comment: 'New param' - - - name: log_config - type: string - default: 'logging.conf' - help: 'If this option is specified, the logging configuration file specified is used and overrides any other logging options specified. Please see the Python logging module documentation for details on logging configuration files.' - comment: 'New param' - - - name: log_format - type: string - default: '%(asctime)s %(levelname)8s [%(name)s] %(message)s' - help: 'A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes.' - comment: 'New param' - - - name: log_date_format - type: string - default: '%Y-%m-%d %H:%M:%S' - help: 'Format string for %(asctime)s in log records.' - comment: 'New param' - - - name: onready - type: string - default: 'keystone.common.systemd' - help: 'onready allows you to send a notification when the process is ready to serve For example, to have it notify using systemd, one could set shell command: onready = systemd-notify --ready or a module with notify() method:' - comment: 'New param' - - - name: default_notification_level - type: string - default: 'INFO' - help: 'Default notification level for outgoing notifications' - comment: 'New param' - - - name: default_publisher_id - type: string - default: '' - help: 'Default publisher_id for outgoing notifications; included in the payload.' - comment: 'New param' - - - name: rpc_backend - type: string - default: 'keystone.openstack.common.rpc.impl_kombu' - help: 'The messaging module to use, defaults to kombu.' - comment: 'New param' - - - name: rpc_thread_pool_size - type: integer - default: 64 - help: 'Size of RPC thread pool' - comment: 'New param' - - - name: rpc_conn_pool_size - type: integer - default: 30 - help: 'Size of RPC connection pool' - comment: 'New param' - - - name: rpc_response_timeout - type: integer - default: 60 - help: 'Seconds to wait for a response from call or multicall' - comment: 'New param' - - - name: rpc_cast_timeout - type: integer - default: 30 - help: 'Seconds to wait before a cast expires (TTL). Only supported by impl_zmq.' - comment: 'New param' - - - name: fake_rabbit - type: boolean - default: false - help: 'If True, use a fake RabbitMQ provider' - comment: 'New param' - - - name: control_exchange - type: string - default: 'openstack' - help: 'AMQP exchange to connect to if using RabbitMQ or Qpid' - comment: 'New param' - - - name: sql.connection - type: string - default: 'sqlite:///keystone.db' - help: 'The SQLAlchemy connection string used to connect to the database' - comment: 'New param' - - - name: sql.idle_timeout - type: integer - default: 200 - help: 'the timeout before idle sql connections are reaped' - comment: 'New param' - - - name: oauth1.driver - type: string - default: 'keystone.contrib.oauth1.backends.sql.OAuth1' - comment: 'New param' - - - name: identity.default_domain_id - type: string - default: 'default' - help: 'This references the domain to use for all Identity API v2 requests (which are not aware of domains). A domain with this ID will be created for you by keystone-manage db_sync in migration 008. The domain referenced by this ID cannot be deleted on the v3 API, to prevent accidentally breaking the v2 API. There is nothing special about this domain, other than the fact that it must exist to order to maintain support for your v2 clients.' - comment: 'New param' - - - name: identity.domain_specific_drivers_enabled - type: boolean - default: false - help: 'A subset (or all) of domains can have their own identity driver, each with their own partial configuration file in a domain configuration directory. Only' - comment: 'New param' - - - name: identity.domain_config_dir - type: string - default: '/etc/keystone/domains' - comment: 'New param' - - - name: identity.max_password_length - type: integer - default: 4096 - help: 'Maximum supported length for user passwords; decrease to improve performance.' - comment: 'New param' - - - name: cache.enabled - type: boolean - default: false - help: 'Global cache functionality toggle.' - comment: 'New param' - - - name: catalog.template_file - type: string - default: 'default_catalog.templates' - comment: 'New param' - - - name: endpoint_filter.return_all_endpoints_if_no_filter - type: boolean - default: true - comment: 'New param' - - - name: token.provider - type: string - default: '' - help: 'Controls the token construction, validation, and revocation operations. Core providers are keystone.token.providers.[pki|uuid].Provider' - comment: 'New param' - - - name: token.expiration - type: integer - default: 86400 - help: 'Amount of time a token should remain valid (in seconds)' - comment: 'New param' - - - name: token.bind - type: string - default: '' - help: 'External auth mechanisms that should add bind information to token. eg kerberos, x509' - comment: 'New param' - - - name: token.enforce_token_bind - type: string - default: 'permissive' - help: 'Enforcement policy on tokens presented to keystone with bind information. One of disabled, permissive, strict, required or a specifically required bind mode e.g. kerberos or x509 to require binding to that authentication.' - comment: 'New param' - - - name: assignment.caching - type: boolean - default: true - help: 'Assignment specific caching toggle. This has no effect unless the global caching option is set to True' - comment: 'New param' - - - name: assignment.cache_time - type: integer - default: false - help: 'Assignment specific cache time-to-live (TTL) in seconds.' - comment: 'New param' - - - name: token.revocation_cache_time - type: integer - default: 3600 - help: 'Revocation-List specific cache time-to-live (TTL) in seconds.' - comment: 'New param' - - - name: cache.config_prefix - type: string - default: 'cache.keystone' - help: 'Prefix for building the configuration dictionary for the cache region. This should not need to be changed unless there is another dogpile.cache region with the same configuration name' - comment: 'New param' - - - name: cache.backend - type: string - default: 'keystone.common.cache.noop' - help: 'Dogpile.cache backend module. It is recommended that Memcache (dogpile.cache.memcache) or Redis (dogpile.cache.redis) be used in production deployments. Small workloads (single process) like devstack can use the dogpile.cache.memory backend.' - comment: 'New param' - - - name: cache.backend_argument - type: string - default: '' - help: 'Arguments supplied to the backend module. Specify this option once per argument to be passed to the dogpile.cache backend. Example format: :' - comment: 'New param' - - - name: cache.proxies - type: string - default: '' - help: 'Proxy Classes to import that will affect the way the dogpile.cache backend functions. See the dogpile.cache documentation on changing-backend-behavior. Comma delimited list e.g. my.dogpile.proxy.Class, my.dogpile.proxyClass2' - comment: 'New param' - - - name: cache.use_key_mangler - type: boolean - default: true - help: 'Use a key-mangling function (sha1) to ensure fixed length cache-keys. This is toggle-able for debugging purposes, it is highly recommended to always leave this set to True.' - comment: 'New param' - - - name: cache.debug_cache_backend - type: boolean - default: false - help: 'Extra debugging from the cache backend (cache keys, get/set/delete/etc calls) This is only really useful if you need to see the specific cache-backend get/set/delete calls with the keys/values. Typically this should be left set to False.' - comment: 'New param' - - - name: oauth1.request_token_duration - type: integer - default: 28800 - help: 'The Identity service may include expire attributes. If no such attribute is included, then the token lasts indefinitely. Specify how quickly the request token will expire (in seconds)' - comment: 'New param' - - - name: oauth1.access_token_duration - type: integer - default: 86400 - help: 'Specify how quickly the access token will expire (in seconds)' - comment: 'New param' - - - name: ssl.enable - type: boolean - default: true - comment: 'New param' - - - name: signing.certfile - type: string - default: '/etc/keystone/pki/certs/signing_cert.pem' - comment: 'New param' - - - name: signing.keyfile - type: string - default: '/etc/keystone/pki/private/signing_key.pem' - comment: 'New param' - - - name: signing.ca_certs - type: string - default: '/etc/keystone/pki/certs/cacert.pem' - comment: 'New param' - - - name: signing.ca_key - type: string - default: '/etc/keystone/pki/private/cakey.pem' - comment: 'New param' - - - name: signing.key_size - type: integer - default: 2048 - comment: 'New param' - - - name: signing.valid_days - type: integer - default: 3650 - comment: 'New param' - - - name: ssl.cert_required - type: boolean - default: false - comment: 'New param' - - - name: signing.cert_subject - type: string - default: '/CUS/STUnset/LUnset/OUnset/CNwww.example.com' - comment: 'New param' - - - name: signing.token_format - type: string - default: '' - help: 'Deprecated in favor of provider in the [token] section Allowed values are PKI or UUID' - comment: 'New param' - - - name: ldap.url - type: string - default: 'ldap://localhost' - comment: 'New param' - - - name: ldap.user - type: string - default: 'dcManager,dcexample,dccom' - comment: 'New param' - - - name: auth.password - type: string - default: 'keystone.auth.plugins.password.Password' - comment: 'New param' - - - name: ldap.suffix - type: string - default: 'cnexample,cncom' - comment: 'New param' - - - name: ldap.use_dumb_member - type: boolean - default: false - comment: 'New param' - - - name: ldap.allow_subtree_delete - type: boolean - default: false - comment: 'New param' - - - name: ldap.dumb_member - type: string - default: 'cndumb,dcexample,dccom' - comment: 'New param' - - - name: ldap.page_size - type: integer - default: false - help: "Maximum results per page; a value of zero ('0') disables paging (default)" - comment: 'New param' - - - name: ldap.alias_dereferencing - type: string - default: 'default' - help: "The LDAP dereferencing option for queries. This can be either 'never', 'searching', 'always', 'finding' or 'default'. The 'default' option falls back to using default dereferencing configured by your ldap.conf." - comment: 'New param' - - - name: ldap.query_scope - type: string - default: 'one' - help: "The LDAP scope for queries, this can be either 'one' (onelevel/singleLevel) or 'sub' (subtree/wholeSubtree)" - comment: 'New param' - - - name: ldap.user_tree_dn - type: string - default: 'ouUsers,dcexample,dccom' - comment: 'New param' - - - name: ldap.user_filter - type: string - default: '' - comment: 'New param' - - - name: ldap.user_objectclass - type: string - default: 'inetOrgPerson' - comment: 'New param' - - - name: ldap.user_domain_id_attribute - type: string - default: 'businessCategory' - comment: 'New param' - - - name: ldap.user_id_attribute - type: string - default: 'cn' - comment: 'New param' - - - name: ldap.user_name_attribute - type: string - default: 'sn' - comment: 'New param' - - - name: ldap.user_mail_attribute - type: string - default: 'email' - comment: 'New param' - - - name: ldap.user_pass_attribute - type: string - default: 'userPassword' - comment: 'New param' - - - name: ldap.user_enabled_attribute - type: string - default: 'enabled' - comment: 'New param' - - - name: ldap.user_enabled_mask - type: integer - default: false - comment: 'New param' - - - name: ldap.user_enabled_default - type: boolean - default: true - comment: 'New param' - - - name: ldap.user_attribute_ignore - type: string - default: 'tenant_id,tenants' - comment: 'New param' - - - name: ldap.user_allow_create - type: boolean - default: true - comment: 'New param' - - - name: ldap.user_allow_update - type: boolean - default: true - comment: 'New param' - - - name: ldap.user_allow_delete - type: boolean - default: true - comment: 'New param' - - - name: ldap.user_enabled_emulation - type: boolean - default: false - comment: 'New param' - - - name: ldap.user_enabled_emulation_dn - type: string - default: '' - comment: 'New param' - - - name: ldap.tenant_tree_dn - type: string - default: 'ouProjects,dcexample,dccom' - comment: 'New param' - - - name: ldap.tenant_filter - type: string - default: '' - comment: 'New param' - - - name: ldap.tenant_objectclass - type: string - default: 'groupOfNames' - comment: 'New param' - - - name: ldap.tenant_domain_id_attribute - type: string - default: 'businessCategory' - comment: 'New param' - - - name: ldap.tenant_id_attribute - type: string - default: 'cn' - comment: 'New param' - - - name: ldap.tenant_member_attribute - type: string - default: 'member' - comment: 'New param' - - - name: ldap.tenant_name_attribute - type: string - default: 'ou' - comment: 'New param' - - - name: ldap.tenant_desc_attribute - type: string - default: 'desc' - comment: 'New param' - - - name: ldap.tenant_enabled_attribute - type: string - default: 'enabled' - comment: 'New param' - - - name: ldap.tenant_attribute_ignore - type: string - default: '' - comment: 'New param' - - - name: ldap.tenant_allow_create - type: boolean - default: true - comment: 'New param' - - - name: ldap.tenant_allow_update - type: boolean - default: true - comment: 'New param' - - - name: ldap.tenant_allow_delete - type: boolean - default: true - comment: 'New param' - - - name: ldap.tenant_enabled_emulation - type: boolean - default: false - comment: 'New param' - - - name: ldap.tenant_enabled_emulation_dn - type: string - default: '' - comment: 'New param' - - - name: ldap.role_tree_dn - type: string - default: 'ouRoles,dcexample,dccom' - comment: 'New param' - - - name: ldap.role_filter - type: string - default: '' - comment: 'New param' - - - name: ldap.role_objectclass - type: string - default: 'organizationalRole' - comment: 'New param' - - - name: ldap.role_id_attribute - type: string - default: 'cn' - comment: 'New param' - - - name: ldap.role_name_attribute - type: string - default: 'ou' - comment: 'New param' - - - name: ldap.role_member_attribute - type: string - default: 'roleOccupant' - comment: 'New param' - - - name: ldap.role_attribute_ignore - type: string - default: '' - comment: 'New param' - - - name: ldap.role_allow_create - type: boolean - default: true - comment: 'New param' - - - name: ldap.role_allow_update - type: boolean - default: true - comment: 'New param' - - - name: ldap.role_allow_delete - type: boolean - default: true - comment: 'New param' - - - name: ldap.group_tree_dn - type: string - default: '' - comment: 'New param' - - - name: ldap.group_filter - type: string - default: '' - comment: 'New param' - - - name: ldap.group_objectclass - type: string - default: 'groupOfNames' - comment: 'New param' - - - name: ldap.group_id_attribute - type: string - default: 'cn' - comment: 'New param' - - - name: ldap.group_name_attribute - type: string - default: 'ou' - comment: 'New param' - - - name: ldap.group_member_attribute - type: string - default: 'member' - comment: 'New param' - - - name: ldap.group_desc_attribute - type: string - default: 'desc' - comment: 'New param' - - - name: ldap.group_attribute_ignore - type: string - default: '' - comment: 'New param' - - - name: ldap.group_allow_create - type: boolean - default: true - comment: 'New param' - - - name: ldap.group_allow_update - type: boolean - default: true - comment: 'New param' - - - name: ldap.group_allow_delete - type: boolean - default: true - comment: 'New param' - - - name: ldap.use_tls - type: boolean - default: false - help: 'ldap TLS options if both tls_cacertfile and tls_cacertdir are set then tls_cacertfile will be used and tls_cacertdir is ignored valid options for tls_req_cert are demand, never, and allow' - comment: 'New param' - - - name: ldap.tls_cacertfile - type: string - default: '' - comment: 'New param' - - - name: ldap.tls_cacertdir - type: string - default: '' - comment: 'New param' - - - name: ldap.tls_req_cert - type: string - default: 'demand' - comment: 'New param' - - - name: ldap.user_additional_attribute_mapping - type: string - default: '' - comment: 'New param' - - - name: ldap.domain_additional_attribute_mapping - type: string - default: '' - comment: 'New param' - - - name: ldap.group_additional_attribute_mapping - type: string - default: '' - comment: 'New param' - - - name: ldap.role_additional_attribute_mapping - type: string - default: '' - comment: 'New param' - - - name: ldap.project_additional_attribute_mapping - type: string - default: '' - comment: 'New param' - - - name: auth.methods - type: string - default: 'external,password,token,oauth1' - comment: 'New param' - - - name: auth.external - type: string - default: 'keystone.auth.plugins.external.ExternalDefault' - comment: 'New param' - - - name: auth.token - type: string - default: 'keystone.auth.plugins.token.Token' - comment: 'New param' - - - name: auth.oauth1 - type: string - default: 'keystone.auth.plugins.oauth1.OAuth' - comment: 'New param' - - - name: paste_deploy.config_file - type: string - default: 'keystone-paste.ini' - help: 'Name of the paste configuration file that defines the available pipelines' - comment: 'New param' - -# ==================================================== - -- version: '2013.2.0' - added: - - - name: admin_endpoint - type: string - default: 'http://localhost:%(admin_port)s/' - help: 'The base endpoint URLs for keystone that are advertised to clients (NOTE: this does NOT affect how keystone listens for connections)' - comment: 'Help string has changed' - - - name: member_role_name - type: string - default: '_member_' - help: 'Role for migrating membership relationships During a SQL upgrade, the following values will be used to create a new role that will replace records in the user_tenant_membership table with explicit role grants. After migration, the member_role_id will be used in the API add_user_to_project, and member_role_name will be ignored.' - comment: 'Help string has changed' - - - name: identity.domain_specific_drivers_enabled - type: boolean - default: false - help: 'A subset (or all) of domains can have their own identity driver, each with their own partial configuration file in a domain configuration directory. Only values specific to the domain need to be placed in the domain specific configuration file. This feature is disabled by default; set domain_specific_drivers_enabled to True to enable.' - comment: 'Help string has changed' - - - name: identity.domain_config_dir - type: string - default: '/etc/keystone/domains' - help: 'A subset (or all) of domains can have their own identity driver, each with their own partial configuration file in a domain configuration directory. Only values specific to the domain need to be placed in the domain specific configuration file. This feature is disabled by default; set domain_specific_drivers_enabled to True to enable.' - comment: 'Help string has changed' - - - name: endpoint_filter.return_all_endpoints_if_no_filter - type: boolean - default: true - help: 'extension for creating associations between project and endpoints in order to provide a tailored catalog for project-scoped token requests.' - comment: 'Help string has changed' - - - name: assignment.cache_time - type: integer - default: ~ - help: 'Assignment specific cache time-to-live (TTL) in seconds.' - comment: 'Default value has changed' - - - name: oauth1.access_token_duration - type: integer - default: 86400 - help: 'The Identity service may include expire attributes. If no such attribute is included, then the token lasts indefinitely. Specify how quickly the request token will expire (in seconds) Specify how quickly the access token will expire (in seconds)' - comment: 'Help string has changed' - - - name: signing.cert_subject - type: string - default: '/C=US/ST=Unset/L=Unset/O=Unset/CN=www.example.com' - comment: 'Default value has changed' - - - name: notification_driver - type: string - default: 'keystone.openstack.common.notifier.rpc_notifier' - help: 'notification_driver can be defined multiple times Do nothing driver (the default) notification_driver = keystone.openstack.common.notifier.no_op_notifier Logging driver example (not enabled by default) notification_driver = keystone.openstack.common.notifier.log_notifier RPC driver example (not enabled by default)' - comment: 'New param' - - - name: notification_topics - type: string - default: 'notifications' - help: 'AMQP topics to publish to when using the RPC notification driver. Multiple values can be specified by separating with commas. The actual topic names will be %s.%(default_notification_level)s' - comment: 'New param' - - - name: allowed_rpc_exception_modules - type: string - default: 'keystone.openstack.common.exception,nova.exception,cinder.exception,exceptions' - help: 'Modules of exceptions that are permitted to be recreated upon receiving exception data from an rpc call.' - comment: 'New param' - - - name: cache.expiration_time - type: integer - default: 600 - help: "Default TTL, in seconds, for any cached item in the dogpile.cache region. This applies to any cached method that doesn't have an explicit cache expiration time defined for it." - comment: 'New param' - -# ==================================================== diff --git a/rubick/schemas/neutron_dhcp_agent/2013.2.1.yml b/rubick/schemas/neutron_dhcp_agent/2013.2.1.yml deleted file mode 100644 index 788ba61..0000000 --- a/rubick/schemas/neutron_dhcp_agent/2013.2.1.yml +++ /dev/null @@ -1,84 +0,0 @@ -project: neutron_dhcp_agent -version: '2013.2.1' -parameters: - - - name: debug - type: string - default: 'False' - help: 'Show debugging output in log (sets DEBUG log level output)' - - - name: resync_interval - type: string - default: '5' - help: 'The DHCP agent will resync its state with Neutron to recover from any transient notification or rpc errors. The interval is number of seconds between attempts.' - - - name: interface_driver - type: string - default: 'neutron.agent.linux.interface.BridgeInterfaceDriver' - help: 'Example of interface_driver option for LinuxBridge' - - - name: ovs_use_veth - type: string - default: 'False' - help: 'Use veth for an OVS interface or not. Support kernels with limited namespace support (e.g. RHEL 6.5) so long as ovs_use_veth is set to True.' - - - name: dhcp_driver - type: string - default: 'neutron.agent.linux.dhcp.Dnsmasq' - help: 'The agent can use other DHCP drivers. Dnsmasq is the simplest and requires no additional setup of the DHCP server.' - - - name: use_namespaces - type: string - default: 'True' - help: 'Allow overlapping IP (Must have kernel build with CONFIG_NET_NS=y and iproute2 package that supports namespaces).' - - - name: enable_isolated_metadata - type: string - default: 'False' - help: 'The DHCP server can assist with providing metadata support on isolated networks. Setting this value to True will cause the DHCP server to append specific host routes to the DHCP request. The metadata service will only be activated when the subnet gateway_ip is None. The guest instance must be configured to request host routes via DHCP (Option 121).' - - - name: enable_metadata_network - type: string - default: 'False' - help: 'Allows for serving metadata requests coming from a dedicated metadata access network whose cidr is 169.254.169.254/16 (or larger prefix), and is connected to a Neutron router from which the VMs send metadata request. In this case DHCP Option 121 will not be injected in VMs, as they will be able to reach 169.254.169.254 through a router. This option requires enable_isolated_metadata = True' - - - name: num_sync_threads - type: string - default: '4' - help: 'Number of threads to use during sync process. Should not exceed connection pool size configured on server.' - - - name: dhcp_confs - type: string - default: '$state_path/dhcp' - help: 'Location to store DHCP server config files' - - - name: dhcp_domain - type: string - default: 'openstacklocal' - help: 'Domain to use for building the hostnames' - - - name: dnsmasq_config_file - type: string - default: '' - help: 'Override the default dnsmasq settings with this file' - - - name: dnsmasq_dns_server - type: string - default: '' - help: 'Use another DNS server before any in /etc/resolv.conf.' - - - name: dnsmasq_lease_max - type: string - default: '16777216' - help: 'Limit number of leases to prevent a denial-of-service.' - - - name: dhcp_lease_relay_socket - type: string - default: '$state_path/dhcp/lease_relay' - help: 'Location to DHCP lease relay UNIX domain socket' - - - name: metadata_proxy_socket - type: string - default: '$state_path/metadata_proxy' - help: 'Location of Metadata Proxy UNIX domain socket' - diff --git a/rubick/schemas/neutron_dhcp_agent/neutron_dhcp_agent.conf.yml b/rubick/schemas/neutron_dhcp_agent/neutron_dhcp_agent.conf.yml deleted file mode 100644 index ac6568c..0000000 --- a/rubick/schemas/neutron_dhcp_agent/neutron_dhcp_agent.conf.yml +++ /dev/null @@ -1,101 +0,0 @@ -- version: '2013.2.1' - checkpoint: true - added: - - - name: debug - type: string - default: 'False' - help: 'Show debugging output in log (sets DEBUG log level output)' - comment: 'New param' - - - name: resync_interval - type: string - default: '5' - help: 'The DHCP agent will resync its state with Neutron to recover from any transient notification or rpc errors. The interval is number of seconds between attempts.' - comment: 'New param' - - - name: interface_driver - type: string - default: 'neutron.agent.linux.interface.BridgeInterfaceDriver' - help: 'Example of interface_driver option for LinuxBridge' - comment: 'New param' - - - name: ovs_use_veth - type: string - default: 'False' - help: 'Use veth for an OVS interface or not. Support kernels with limited namespace support (e.g. RHEL 6.5) so long as ovs_use_veth is set to True.' - comment: 'New param' - - - name: dhcp_driver - type: string - default: 'neutron.agent.linux.dhcp.Dnsmasq' - help: 'The agent can use other DHCP drivers. Dnsmasq is the simplest and requires no additional setup of the DHCP server.' - comment: 'New param' - - - name: use_namespaces - type: string - default: 'True' - help: 'Allow overlapping IP (Must have kernel build with CONFIG_NET_NS=y and iproute2 package that supports namespaces).' - comment: 'New param' - - - name: enable_isolated_metadata - type: string - default: 'False' - help: 'The DHCP server can assist with providing metadata support on isolated networks. Setting this value to True will cause the DHCP server to append specific host routes to the DHCP request. The metadata service will only be activated when the subnet gateway_ip is None. The guest instance must be configured to request host routes via DHCP (Option 121).' - comment: 'New param' - - - name: enable_metadata_network - type: string - default: 'False' - help: 'Allows for serving metadata requests coming from a dedicated metadata access network whose cidr is 169.254.169.254/16 (or larger prefix), and is connected to a Neutron router from which the VMs send metadata request. In this case DHCP Option 121 will not be injected in VMs, as they will be able to reach 169.254.169.254 through a router. This option requires enable_isolated_metadata = True' - comment: 'New param' - - - name: num_sync_threads - type: string - default: '4' - help: 'Number of threads to use during sync process. Should not exceed connection pool size configured on server.' - comment: 'New param' - - - name: dhcp_confs - type: string - default: '$state_path/dhcp' - help: 'Location to store DHCP server config files' - comment: 'New param' - - - name: dhcp_domain - type: string - default: 'openstacklocal' - help: 'Domain to use for building the hostnames' - comment: 'New param' - - - name: dnsmasq_config_file - type: string - default: '' - help: 'Override the default dnsmasq settings with this file' - comment: 'New param' - - - name: dnsmasq_dns_server - type: string - default: '' - help: 'Use another DNS server before any in /etc/resolv.conf.' - comment: 'New param' - - - name: dnsmasq_lease_max - type: string - default: '16777216' - help: 'Limit number of leases to prevent a denial-of-service.' - comment: 'New param' - - - name: dhcp_lease_relay_socket - type: string - default: '$state_path/dhcp/lease_relay' - help: 'Location to DHCP lease relay UNIX domain socket' - comment: 'New param' - - - name: metadata_proxy_socket - type: string - default: '$state_path/metadata_proxy' - help: 'Location of Metadata Proxy UNIX domain socket' - comment: 'New param' - -# ==================================================== diff --git a/rubick/schemas/neutron_l3_agent/2013.2.1.yml b/rubick/schemas/neutron_l3_agent/2013.2.1.yml deleted file mode 100644 index 09e5307..0000000 --- a/rubick/schemas/neutron_l3_agent/2013.2.1.yml +++ /dev/null @@ -1,74 +0,0 @@ -project: neutron_l3_agent -version: '2013.2.1' -parameters: - - - name: debug - type: string - default: 'False' - help: 'Show debugging output in log (sets DEBUG log level output)' - - - name: interface_driver - type: string - default: 'neutron.agent.linux.interface.BridgeInterfaceDriver' - help: 'Example of interface_driver option for LinuxBridge' - - - name: ovs_use_veth - type: string - default: 'False' - help: 'Use veth for an OVS interface or not. Support kernels with limited namespace support (e.g. RHEL 6.5) so long as ovs_use_veth is set to True.' - - - name: use_namespaces - type: string - default: 'True' - help: 'Allow overlapping IP (Must have kernel build with CONFIG_NET_NS=y and iproute2 package that supports namespaces).' - - - name: router_id - type: string - default: '' - help: 'This is done by setting the specific router_id.' - - - name: gateway_external_network_id - type: string - default: '' - help: 'Each L3 agent can be associated with at most one external network. This value should be set to the UUID of that external network. If empty, the agent will enforce that only a single external networks exists and use that external network id' - - - name: handle_internal_only_routers - type: string - default: 'True' - help: 'Indicates that this L3 agent should also handle routers that do not have an external network gateway configured. This option should be True only for a single agent in a Neutron deployment, and may be False for all agents if all routers must have an external network gateway' - - - name: external_network_bridge - type: string - default: 'br-ex' - help: 'Name of bridge used for external network traffic. This should be set to empty value for the linux bridge' - - - name: metadata_port - type: string - default: '9697' - help: 'TCP Port used by Neutron metadata server' - - - name: send_arp_for_ha - type: string - default: '3' - help: 'Send this many gratuitous ARPs for HA setup. Set it below or equal to 0 to disable this feature.' - - - name: periodic_interval - type: string - default: '40' - help: "seconds between re-sync routers' data if needed" - - - name: periodic_fuzzy_delay - type: string - default: '5' - help: "seconds to start to sync routers' data after starting agent" - - - name: enable_metadata_proxy - type: string - default: 'True' - help: 'enable_metadata_proxy, which is true by default, can be set to False if the Nova metadata server is not available' - - - name: metadata_proxy_socket - type: string - default: '$state_path/metadata_proxy' - help: 'Location of Metadata Proxy UNIX domain socket' - diff --git a/rubick/schemas/neutron_l3_agent/neutron_l3_agent.conf.yml b/rubick/schemas/neutron_l3_agent/neutron_l3_agent.conf.yml deleted file mode 100644 index 5649372..0000000 --- a/rubick/schemas/neutron_l3_agent/neutron_l3_agent.conf.yml +++ /dev/null @@ -1,89 +0,0 @@ -- version: '2013.2.1' - checkpoint: true - added: - - - name: debug - type: string - default: 'False' - help: 'Show debugging output in log (sets DEBUG log level output)' - comment: 'New param' - - - name: interface_driver - type: string - default: 'neutron.agent.linux.interface.BridgeInterfaceDriver' - help: 'Example of interface_driver option for LinuxBridge' - comment: 'New param' - - - name: ovs_use_veth - type: string - default: 'False' - help: 'Use veth for an OVS interface or not. Support kernels with limited namespace support (e.g. RHEL 6.5) so long as ovs_use_veth is set to True.' - comment: 'New param' - - - name: use_namespaces - type: string - default: 'True' - help: 'Allow overlapping IP (Must have kernel build with CONFIG_NET_NS=y and iproute2 package that supports namespaces).' - comment: 'New param' - - - name: router_id - type: string - default: '' - help: 'This is done by setting the specific router_id.' - comment: 'New param' - - - name: gateway_external_network_id - type: string - default: '' - help: 'Each L3 agent can be associated with at most one external network. This value should be set to the UUID of that external network. If empty, the agent will enforce that only a single external networks exists and use that external network id' - comment: 'New param' - - - name: handle_internal_only_routers - type: string - default: 'True' - help: 'Indicates that this L3 agent should also handle routers that do not have an external network gateway configured. This option should be True only for a single agent in a Neutron deployment, and may be False for all agents if all routers must have an external network gateway' - comment: 'New param' - - - name: external_network_bridge - type: string - default: 'br-ex' - help: 'Name of bridge used for external network traffic. This should be set to empty value for the linux bridge' - comment: 'New param' - - - name: metadata_port - type: string - default: '9697' - help: 'TCP Port used by Neutron metadata server' - comment: 'New param' - - - name: send_arp_for_ha - type: string - default: '3' - help: 'Send this many gratuitous ARPs for HA setup. Set it below or equal to 0 to disable this feature.' - comment: 'New param' - - - name: periodic_interval - type: string - default: '40' - help: "seconds between re-sync routers' data if needed" - comment: 'New param' - - - name: periodic_fuzzy_delay - type: string - default: '5' - help: "seconds to start to sync routers' data after starting agent" - comment: 'New param' - - - name: enable_metadata_proxy - type: string - default: 'True' - help: 'enable_metadata_proxy, which is true by default, can be set to False if the Nova metadata server is not available' - comment: 'New param' - - - name: metadata_proxy_socket - type: string - default: '$state_path/metadata_proxy' - help: 'Location of Metadata Proxy UNIX domain socket' - comment: 'New param' - -# ==================================================== diff --git a/rubick/schemas/neutron_metadata_agent/2013.2.1.yml b/rubick/schemas/neutron_metadata_agent/2013.2.1.yml deleted file mode 100644 index 1c255a0..0000000 --- a/rubick/schemas/neutron_metadata_agent/2013.2.1.yml +++ /dev/null @@ -1,59 +0,0 @@ -project: neutron_metadata_agent -version: '2013.2.1' -parameters: - - - name: debug - type: string - default: 'True' - help: 'Show debugging output in log (sets DEBUG log level output)' - - - name: auth_url - type: string - default: 'http://localhost:5000/v2.0' - help: 'The Neutron user information for accessing the Neutron API.' - - - name: auth_region - type: string - default: 'RegionOne' - help: 'The Neutron user information for accessing the Neutron API.' - - - name: admin_tenant_name - type: string - default: '%SERVICE_TENANT_NAME%' - help: 'The Neutron user information for accessing the Neutron API.' - - - name: admin_user - type: string - default: '%SERVICE_USER%' - help: 'The Neutron user information for accessing the Neutron API.' - - - name: admin_password - type: string - default: '%SERVICE_PASSWORD%' - help: 'The Neutron user information for accessing the Neutron API.' - - - name: endpoint_type - type: string - default: 'adminURL' - help: 'Network service endpoint type to pull from the keystone catalog' - - - name: nova_metadata_ip - type: string - default: '127.0.0.1' - help: 'IP address used by Nova metadata server' - - - name: nova_metadata_port - type: string - default: '8775' - help: 'TCP Port used by Nova metadata server' - - - name: metadata_proxy_shared_secret - type: string - default: '' - help: 'When proxying metadata requests, Neutron signs the Instance-ID header with a shared secret to prevent spoofing. You may select any string for a secret, but it must match here and in the configuration used by the Nova Metadata Server. NOTE: Nova uses a different key: neutron_metadata_proxy_shared_secret' - - - name: metadata_proxy_socket - type: string - default: '$state_path/metadata_proxy' - help: 'Location of Metadata Proxy UNIX domain socket' - diff --git a/rubick/schemas/neutron_metadata_agent/neutron_metadata_agent.conf.yml b/rubick/schemas/neutron_metadata_agent/neutron_metadata_agent.conf.yml deleted file mode 100644 index 6a708d0..0000000 --- a/rubick/schemas/neutron_metadata_agent/neutron_metadata_agent.conf.yml +++ /dev/null @@ -1,71 +0,0 @@ -- version: '2013.2.1' - checkpoint: true - added: - - - name: debug - type: string - default: 'True' - help: 'Show debugging output in log (sets DEBUG log level output)' - comment: 'New param' - - - name: auth_url - type: string - default: 'http://localhost:5000/v2.0' - help: 'The Neutron user information for accessing the Neutron API.' - comment: 'New param' - - - name: auth_region - type: string - default: 'RegionOne' - help: 'The Neutron user information for accessing the Neutron API.' - comment: 'New param' - - - name: admin_tenant_name - type: string - default: '%SERVICE_TENANT_NAME%' - help: 'The Neutron user information for accessing the Neutron API.' - comment: 'New param' - - - name: admin_user - type: string - default: '%SERVICE_USER%' - help: 'The Neutron user information for accessing the Neutron API.' - comment: 'New param' - - - name: admin_password - type: string - default: '%SERVICE_PASSWORD%' - help: 'The Neutron user information for accessing the Neutron API.' - comment: 'New param' - - - name: endpoint_type - type: string - default: 'adminURL' - help: 'Network service endpoint type to pull from the keystone catalog' - comment: 'New param' - - - name: nova_metadata_ip - type: string - default: '127.0.0.1' - help: 'IP address used by Nova metadata server' - comment: 'New param' - - - name: nova_metadata_port - type: string - default: '8775' - help: 'TCP Port used by Nova metadata server' - comment: 'New param' - - - name: metadata_proxy_shared_secret - type: string - default: '' - help: 'When proxying metadata requests, Neutron signs the Instance-ID header with a shared secret to prevent spoofing. You may select any string for a secret, but it must match here and in the configuration used by the Nova Metadata Server. NOTE: Nova uses a different key: neutron_metadata_proxy_shared_secret' - comment: 'New param' - - - name: metadata_proxy_socket - type: string - default: '$state_path/metadata_proxy' - help: 'Location of Metadata Proxy UNIX domain socket' - comment: 'New param' - -# ==================================================== diff --git a/rubick/schemas/neutron_openvswitch_agent/2013.2.1.yml b/rubick/schemas/neutron_openvswitch_agent/2013.2.1.yml deleted file mode 100644 index 2fe7dcf..0000000 --- a/rubick/schemas/neutron_openvswitch_agent/2013.2.1.yml +++ /dev/null @@ -1,38 +0,0 @@ -project: neutron_openvswitch_agent -version: '2013.2.1' -parameters: - - - name: ml2.type_drivers - type: string - default: 'local,flat,vlan,gre,vxlan' - - - name: ml2.tenant_network_types - type: string - default: 'local' - - - name: ml2.mechanism_drivers - type: string - default: '' - help: '(ListOpt) Ordered list of networking mechanism driver entrypoints to be loaded from the neutron.ml2.mechanism_drivers namespace.' - - - name: ml2_type_flat.flat_networks - type: string - default: '' - - - name: ml2_type_vlan.network_vlan_ranges - type: string - default: '' - - - name: ml2_type_gre.tunnel_id_ranges - type: string - default: '' - help: '(ListOpt) Comma-separated list of : tuples enumerating ranges of GRE tunnel IDs that are available for tenant network allocation' - - - name: ml2_type_vxlan.vni_ranges - type: string - default: '' - - - name: ml2_type_vxlan.vxlan_group - type: string - default: '' - diff --git a/rubick/schemas/neutron_openvswitch_agent/neutron_openvswitch_agent.conf.yml b/rubick/schemas/neutron_openvswitch_agent/neutron_openvswitch_agent.conf.yml deleted file mode 100644 index 66fb0b3..0000000 --- a/rubick/schemas/neutron_openvswitch_agent/neutron_openvswitch_agent.conf.yml +++ /dev/null @@ -1,47 +0,0 @@ -- version: '2013.2.1' - checkpoint: true - added: - - - name: ml2.type_drivers - type: string - default: 'local,flat,vlan,gre,vxlan' - comment: 'New param' - - - name: ml2.tenant_network_types - type: string - default: 'local' - comment: 'New param' - - - name: ml2.mechanism_drivers - type: string - default: '' - help: '(ListOpt) Ordered list of networking mechanism driver entrypoints to be loaded from the neutron.ml2.mechanism_drivers namespace.' - comment: 'New param' - - - name: ml2_type_flat.flat_networks - type: string - default: '' - comment: 'New param' - - - name: ml2_type_vlan.network_vlan_ranges - type: string - default: '' - comment: 'New param' - - - name: ml2_type_gre.tunnel_id_ranges - type: string - default: '' - help: '(ListOpt) Comma-separated list of : tuples enumerating ranges of GRE tunnel IDs that are available for tenant network allocation' - comment: 'New param' - - - name: ml2_type_vxlan.vni_ranges - type: string - default: '' - comment: 'New param' - - - name: ml2_type_vxlan.vxlan_group - type: string - default: '' - comment: 'New param' - -# ==================================================== diff --git a/rubick/schemas/neutron_server/2013.2.1.yml b/rubick/schemas/neutron_server/2013.2.1.yml deleted file mode 100644 index 32736e7..0000000 --- a/rubick/schemas/neutron_server/2013.2.1.yml +++ /dev/null @@ -1,526 +0,0 @@ -project: neutron_server -version: '2013.2.1' -parameters: - - - name: verbose - type: string - default: 'False' - help: 'Default log level is INFO verbose and debug has the same result. One of them will set DEBUG log level output' - - - name: state_path - type: string - default: '/var/lib/neutron' - help: 'Where to store Neutron state files. This directory must be writable by the user executing the agent.' - - - name: lock_path - type: string - default: '$state_path/lock' - help: 'Where to store lock files' - - - name: log_format - type: string - default: '%(asctime)s %(levelname)8s [%(name)s] %(message)s' - - - name: log_date_format - type: string - default: '%Y-%m-%d %H:%M:%S' - - - name: use_syslog - type: string - default: 'False' - - - name: syslog_log_facility - type: string - default: 'LOG_USER' - - - name: use_stderr - type: string - default: 'True' - - - name: publish_errors - type: string - default: 'False' - - - name: bind_host - type: host - default: '0.0.0.0' - help: 'Address to bind the API server' - - - name: bind_port - type: string - default: '9696' - help: 'Port the bind the API server to' - - - name: api_extensions_path - type: string - default: '' - help: "Path to the extensions. Note that this can be a colon-separated list of paths. For example: api_extensions_path = extensions:/path/to/more/extensions:/even/more/extensions The __path__ of neutron.extensions is appended to this, so if your extensions are in there you don't need to specify them here" - - - name: core_plugin - type: string - default: '' - help: 'Neutron plugin provider module' - - - name: service_plugins - type: string - default: '' - help: 'Advanced service modules' - - - name: api_paste_config - type: string - default: 'api-paste.ini' - help: 'Paste configuration file' - - - name: auth_strategy - type: string - default: 'keystone' - help: "The strategy to be used for auth. Supported values are 'keystone'(default), 'noauth'." - - - name: mac_generation_retries - type: string - default: '16' - help: 'Maximum amount of retries to generate a unique MAC address' - - - name: dhcp_lease_duration - type: string - default: '86400' - help: 'DHCP Lease duration (in seconds)' - - - name: dhcp_agent_notification - type: string - default: 'True' - help: 'Allow sending resource operation notification to DHCP agent' - - - name: allow_bulk - type: string - default: 'True' - help: 'Enable or disable bulk create/update/delete operations' - - - name: allow_pagination - type: string - default: 'False' - help: 'Enable or disable bulk create/update/delete operations Enable or disable pagination' - - - name: allow_sorting - type: string - default: 'False' - help: 'Enable or disable bulk create/update/delete operations Enable or disable pagination Enable or disable sorting' - - - name: allow_overlapping_ips - type: string - default: 'False' - help: 'Enable or disable bulk create/update/delete operations Enable or disable pagination Enable or disable sorting Enable or disable overlapping IPs for subnets Attention: the following parameter MUST be set to False if Neutron is being used in conjunction with nova security groups' - - - name: force_gateway_on_subnet - type: string - default: 'False' - help: 'Enable or disable bulk create/update/delete operations Enable or disable pagination Enable or disable sorting Enable or disable overlapping IPs for subnets Attention: the following parameter MUST be set to False if Neutron is being used in conjunction with nova security groups Ensure that configured gateway is on subnet' - - - name: rpc_backend - type: string - default: 'neutron.openstack.common.rpc.impl_zmq' - help: 'ZMQ' - - - name: rpc_thread_pool_size - type: string - default: '64' - help: 'RPC configuration options. Defined in rpc __init__ The messaging module to use, defaults to kombu. Size of RPC thread pool' - - - name: rpc_conn_pool_size - type: string - default: '30' - help: 'RPC configuration options. Defined in rpc __init__ The messaging module to use, defaults to kombu. Size of RPC thread pool Size of RPC connection pool' - - - name: rpc_response_timeout - type: string - default: '60' - help: 'RPC configuration options. Defined in rpc __init__ The messaging module to use, defaults to kombu. Size of RPC thread pool Size of RPC connection pool Seconds to wait for a response from call or multicall' - - - name: rpc_cast_timeout - type: string - default: '30' - help: 'RPC configuration options. Defined in rpc __init__ The messaging module to use, defaults to kombu. Size of RPC thread pool Size of RPC connection pool Seconds to wait for a response from call or multicall Seconds to wait before a cast expires (TTL). Only supported by impl_zmq.' - - - name: allowed_rpc_exception_modules - type: string - default: 'neutron.openstack.common.exception, nova.exception' - help: 'RPC configuration options. Defined in rpc __init__ The messaging module to use, defaults to kombu. Size of RPC thread pool Size of RPC connection pool Seconds to wait for a response from call or multicall Seconds to wait before a cast expires (TTL). Only supported by impl_zmq. Modules of exceptions that are permitted to be recreated upon receiving exception data from an rpc call.' - - - name: control_exchange - type: string - default: 'neutron' - help: 'RPC configuration options. Defined in rpc __init__ The messaging module to use, defaults to kombu. Size of RPC thread pool Size of RPC connection pool Seconds to wait for a response from call or multicall Seconds to wait before a cast expires (TTL). Only supported by impl_zmq. Modules of exceptions that are permitted to be recreated upon receiving exception data from an rpc call. AMQP exchange to connect to if using RabbitMQ or QPID' - - - name: fake_rabbit - type: string - default: 'False' - help: 'If passed, use a fake RabbitMQ provider' - - - name: kombu_ssl_version - type: string - default: '' - help: 'Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled)' - - - name: kombu_ssl_keyfile - type: string - default: '' - help: 'Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled)' - - - name: kombu_ssl_certfile - type: string - default: '' - help: 'Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled)' - - - name: kombu_ssl_ca_certs - type: string - default: '' - help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)'" - - - name: rabbit_host - type: host - default: 'localhost' - help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation" - - - name: rabbit_password - type: string - default: 'guest' - help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server" - - - name: rabbit_port - type: string - default: '5672' - help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server Port where RabbitMQ server is running/listening" - - - name: rabbit_hosts - type: string - default: 'localhost:5672' - help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server Port where RabbitMQ server is running/listening RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port'" - - - name: rabbit_userid - type: string - default: 'guest' - help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server Port where RabbitMQ server is running/listening RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port' User ID used for RabbitMQ connections" - - - name: rabbit_virtual_host - type: string - default: '/' - help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server Port where RabbitMQ server is running/listening RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port' User ID used for RabbitMQ connections Location of a virtual RabbitMQ installation." - - - name: rabbit_max_retries - type: string - default: '0' - help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server Port where RabbitMQ server is running/listening RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port' User ID used for RabbitMQ connections Location of a virtual RabbitMQ installation. Maximum retries with trying to connect to RabbitMQ (the default of 0 implies an infinite retry count)" - - - name: rabbit_retry_interval - type: string - default: '1' - help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server Port where RabbitMQ server is running/listening RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port' User ID used for RabbitMQ connections Location of a virtual RabbitMQ installation. Maximum retries with trying to connect to RabbitMQ (the default of 0 implies an infinite retry count) RabbitMQ connection retry interval" - - - name: rabbit_ha_queues - type: boolean - default: False - help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server Port where RabbitMQ server is running/listening RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port' User ID used for RabbitMQ connections Location of a virtual RabbitMQ installation. Maximum retries with trying to connect to RabbitMQ (the default of 0 implies an infinite retry count) RabbitMQ connection retry interval Use HA queues in RabbitMQ (x-ha-policy: all).You need to wipe RabbitMQ database when changing this option. " - - - name: qpid_hostname - type: string - default: 'localhost' - help: 'QPID Qpid broker hostname' - - - name: qpid_port - type: string - default: '5672' - help: 'QPID Qpid broker hostname Qpid broker port' - - - name: qpid_hosts - type: string - default: 'localhost:5672' - help: "QPID Qpid broker hostname Qpid broker port Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) qpid_hosts is defaulted to '$qpid_hostname:$qpid_port'" - - - name: qpid_username - type: string - default: "''" - help: "QPID Qpid broker hostname Qpid broker port Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) qpid_hosts is defaulted to '$qpid_hostname:$qpid_port' Username for qpid connection" - - - name: qpid_password - type: string - default: "''" - help: "QPID Qpid broker hostname Qpid broker port Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) qpid_hosts is defaulted to '$qpid_hostname:$qpid_port' Username for qpid connection Password for qpid connection" - - - name: qpid_sasl_mechanisms - type: string - default: "''" - help: "QPID Qpid broker hostname Qpid broker port Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) qpid_hosts is defaulted to '$qpid_hostname:$qpid_port' Username for qpid connection Password for qpid connection Space separated list of SASL mechanisms to use for auth" - - - name: qpid_heartbeat - type: string - default: '60' - help: "QPID Qpid broker hostname Qpid broker port Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) qpid_hosts is defaulted to '$qpid_hostname:$qpid_port' Username for qpid connection Password for qpid connection Space separated list of SASL mechanisms to use for auth Seconds between connection keepalive heartbeats" - - - name: qpid_protocol - type: string - default: 'tcp' - help: "QPID Qpid broker hostname Qpid broker port Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) qpid_hosts is defaulted to '$qpid_hostname:$qpid_port' Username for qpid connection Password for qpid connection Space separated list of SASL mechanisms to use for auth Seconds between connection keepalive heartbeats Transport to use, either 'tcp' or 'ssl'" - - - name: qpid_tcp_nodelay - type: string - default: 'True' - help: "QPID Qpid broker hostname Qpid broker port Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) qpid_hosts is defaulted to '$qpid_hostname:$qpid_port' Username for qpid connection Password for qpid connection Space separated list of SASL mechanisms to use for auth Seconds between connection keepalive heartbeats Transport to use, either 'tcp' or 'ssl' Disable Nagle algorithm" - - - name: rpc_zmq_bind_address - type: string - default: '*' - help: "ZMQ ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP. The 'host' option should point or resolve to this address." - - - name: notification_driver - type: string - default: 'neutron.openstack.common.notifier.rpc_notifier' - help: 'Notification_driver can be defined multiple times Do nothing driver notification_driver = neutron.openstack.common.notifier.no_op_notifier Logging driver notification_driver = neutron.openstack.common.notifier.log_notifier RPC driver. DHCP agents needs it.' - - - name: default_notification_level - type: string - default: 'INFO' - help: 'default_notification_level is used to form actual topic name(s) or to set logging level' - - - name: host - type: string - default: 'myhost.com' - help: 'default_publisher_id is a part of the notification payload' - - - name: default_publisher_id - type: string - default: '$host' - help: 'default_publisher_id is a part of the notification payload' - - - name: notification_topics - type: string - default: 'notifications' - help: 'Defined in rpc_notifier, can be comma separated values. The actual topic names will be %s.%(default_notification_level)s' - - - name: pagination_max_limit - type: string - default: '-1' - help: 'Default maximum number of items returned in a single response, value == infinite and value < 0 means no max limit, and value must greater than 0. If the number of items requested is greater than pagination_max_limit, server will just return pagination_max_limit of number of items.' - - - name: max_dns_nameservers - type: string - default: '5' - help: 'Maximum number of DNS nameservers per subnet' - - - name: max_subnet_host_routes - type: string - default: '20' - help: 'Maximum number of host routes per subnet' - - - name: max_fixed_ips_per_port - type: string - default: '5' - help: 'Maximum number of fixed ips per port' - - - name: agent_down_time - type: string - default: '5' - help: '=========== items for agent management extension ============= Seconds to regard the agent as down.' - - - name: network_scheduler_driver - type: string - default: 'neutron.scheduler.dhcp_agent_scheduler.ChanceScheduler' - help: '=========== items for agent scheduler extension ============= Driver to use for scheduling network to DHCP agent' - - - name: router_scheduler_driver - type: string - default: 'neutron.scheduler.l3_agent_scheduler.ChanceScheduler' - help: '=========== items for agent scheduler extension ============= Driver to use for scheduling network to DHCP agent Driver to use for scheduling router to a default L3 agent' - - - name: loadbalancer_pool_scheduler_driver - type: string - default: 'neutron.services.loadbalancer.agent_scheduler.ChanceScheduler' - help: '=========== items for agent scheduler extension ============= Driver to use for scheduling network to DHCP agent Driver to use for scheduling router to a default L3 agent Driver to use for scheduling a loadbalancer pool to an lbaas agent' - - - name: network_auto_schedule - type: string - default: 'True' - help: 'Allow auto scheduling networks to DHCP agent. It will schedule non-hosted networks to first DHCP agent which sends get_active_networks message to neutron server' - - - name: router_auto_schedule - type: string - default: 'True' - help: 'Allow auto scheduling routers to L3 agent. It will schedule non-hosted routers to first L3 agent which sends sync_routers message to neutron server' - - - name: dhcp_agents_per_network - type: string - default: '1' - help: 'Number of DHCP agents scheduled to host a network. This enables redundant DHCP agents for configured networks.' - - - name: tcp_keepidle - type: string - default: '600' - help: '=========== WSGI parameters related to the API server ============== Sets the value of TCP_KEEPIDLE in seconds to use for each server socket when starting API server. Not supported on OS X.' - - - name: retry_until_window - type: string - default: '30' - help: 'Number of seconds to keep retrying to listen' - - - name: backlog - type: string - default: '4096' - help: 'Number of backlog requests to configure the socket with.' - - - name: use_ssl - type: string - default: 'False' - help: 'Enable SSL on the API server' - - - name: ssl_cert_file - type: string - default: '/path/to/certfile' - help: 'Certificate file to use when starting API server securely' - - - name: ssl_key_file - type: string - default: '/path/to/keyfile' - help: 'Private key file to use when starting API server securely' - - - name: ssl_ca_file - type: string - default: '/path/to/cafile' - help: 'CA certificate file to use when starting API server securely to verify connecting clients. This is an optional parameter only required if API clients need to authenticate to the API server using SSL certificates signed by a trusted CA' - - - name: quotas.quota_items - type: string - default: 'network,subnet,port' - help: 'resource name(s) that are supported in quota features' - - - name: quotas.default_quota - type: string - default: '-1' - help: 'default number of resource allowed per tenant, minus for unlimited' - - - name: quotas.quota_network - type: string - default: '10' - help: 'number of networks allowed per tenant, and minus means unlimited' - - - name: quotas.quota_subnet - type: string - default: '10' - help: 'number of subnets allowed per tenant, and minus means unlimited' - - - name: quotas.quota_port - type: string - default: '50' - help: 'number of ports allowed per tenant, and minus means unlimited' - - - name: quotas.quota_security_group - type: string - default: '10' - help: 'number of security groups allowed per tenant, and minus means unlimited' - - - name: quotas.quota_security_group_rule - type: string - default: '100' - help: 'number of security group rules allowed per tenant, and minus means unlimited' - - - name: quotas.quota_driver - type: string - default: 'neutron.db.quota_db.DbQuotaDriver' - help: 'default driver to use for quota checks' - - - name: agent.root_helper - type: string - default: 'sudo' - help: "Use 'sudo neutron-rootwrap /etc/neutron/rootwrap.conf' to use the real root filter facility. Change to 'sudo' to skip the filtering and just run the comand directly" - - - name: agent.report_interval - type: string - default: '4' - help: '=========== items for agent management extension ============= seconds between nodes reporting state to server, should be less than agent_down_time' - - - name: keystone_authtoken.auth_host - type: host - default: '127.0.0.1' - - - name: keystone_authtoken.auth_port - type: string - default: '35357' - - - name: keystone_authtoken.auth_protocol - type: string - default: 'http' - - - name: keystone_authtoken.admin_tenant_name - type: string - default: '%SERVICE_TENANT_NAME%' - - - name: keystone_authtoken.admin_user - type: string - default: '%SERVICE_USER%' - - - name: keystone_authtoken.admin_password - type: string - default: '%SERVICE_PASSWORD%' - - - name: keystone_authtoken.signing_dir - type: string - default: '$state_path/keystone-signing' - - - name: database.connection - type: string - default: 'mysql://root:pass@127.0.0.1:3306/neutron' - help: 'This line MUST be changed to actually run the plugin. Example:' - - - name: database.slave_connection - type: string - default: '' - help: 'The SQLAlchemy connection string used to connect to the slave database' - - - name: database.max_retries - type: string - default: '10' - help: 'Database reconnection retry times - in event connectivity is lost set to -1 implies an infinite retry count' - - - name: database.retry_interval - type: string - default: '10' - help: 'Database reconnection interval in seconds - if the initial connection to the database fails' - - - name: database.min_pool_size - type: string - default: '1' - help: 'Minimum number of SQL connections to keep open in a pool' - - - name: database.max_pool_size - type: string - default: '10' - help: 'Maximum number of SQL connections to keep open in a pool' - - - name: database.idle_timeout - type: string - default: '3600' - help: 'Timeout in seconds before idle sql connections are reaped' - - - name: database.max_overflow - type: string - default: '20' - help: 'If set, use this value for max_overflow with sqlalchemy' - - - name: database.connection_debug - type: string - default: '0' - help: 'Verbosity of SQL debugging information. 0=None, 100=Everything' - - - name: database.connection_trace - type: string - default: 'False' - help: 'Add python stack traces to SQL as comment strings' - - - name: database.pool_timeout - type: string - default: '10' - help: 'If set, use this value for pool_timeout with sqlalchemy' - - - name: service_providers.service_provider - type: string - default: 'LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default' - help: 'Specify service providers (drivers) for advanced services like loadbalancer, VPN, Firewall. Must be in form: service_provider=::[:default] List of allowed service type include LOADBALANCER, FIREWALL, VPN Combination of and must be unique; must also be unique this is multiline option, example for default provider: service_provider=LOADBALANCER:name:lbaas_plugin_driver_path:default example of non-default provider: service_provider=FIREWALL:name2:firewall_driver_path --- Reference implementations ---' - diff --git a/rubick/schemas/neutron_server/neutron_server.conf.yml b/rubick/schemas/neutron_server/neutron_server.conf.yml deleted file mode 100644 index fd05738..0000000 --- a/rubick/schemas/neutron_server/neutron_server.conf.yml +++ /dev/null @@ -1,634 +0,0 @@ -- version: '2013.2.1' - checkpoint: true - added: - - - name: verbose - type: string - default: 'False' - help: 'Default log level is INFO verbose and debug has the same result. One of them will set DEBUG log level output' - comment: 'New param' - - - name: state_path - type: string - default: '/var/lib/neutron' - help: 'Where to store Neutron state files. This directory must be writable by the user executing the agent.' - comment: 'New param' - - - name: lock_path - type: string - default: '$state_path/lock' - help: 'Where to store lock files' - comment: 'New param' - - - name: log_format - type: string - default: '%(asctime)s %(levelname)8s [%(name)s] %(message)s' - comment: 'New param' - - - name: log_date_format - type: string - default: '%Y-%m-%d %H:%M:%S' - comment: 'New param' - - - name: use_syslog - type: string - default: 'False' - comment: 'New param' - - - name: syslog_log_facility - type: string - default: 'LOG_USER' - comment: 'New param' - - - name: use_stderr - type: string - default: 'True' - comment: 'New param' - - - name: publish_errors - type: string - default: 'False' - comment: 'New param' - - - name: bind_host - type: host - default: '0.0.0.0' - help: 'Address to bind the API server' - comment: 'New param' - - - name: bind_port - type: string - default: '9696' - help: 'Port the bind the API server to' - comment: 'New param' - - - name: api_extensions_path - type: string - default: '' - help: "Path to the extensions. Note that this can be a colon-separated list of paths. For example: api_extensions_path = extensions:/path/to/more/extensions:/even/more/extensions The __path__ of neutron.extensions is appended to this, so if your extensions are in there you don't need to specify them here" - comment: 'New param' - - - name: core_plugin - type: string - default: '' - help: 'Neutron plugin provider module' - comment: 'New param' - - - name: service_plugins - type: string - default: '' - help: 'Advanced service modules' - comment: 'New param' - - - name: api_paste_config - type: string - default: 'api-paste.ini' - help: 'Paste configuration file' - comment: 'New param' - - - name: auth_strategy - type: string - default: 'keystone' - help: "The strategy to be used for auth. Supported values are 'keystone'(default), 'noauth'." - comment: 'New param' - - - name: mac_generation_retries - type: string - default: '16' - help: 'Maximum amount of retries to generate a unique MAC address' - comment: 'New param' - - - name: dhcp_lease_duration - type: string - default: '86400' - help: 'DHCP Lease duration (in seconds)' - comment: 'New param' - - - name: dhcp_agent_notification - type: string - default: 'True' - help: 'Allow sending resource operation notification to DHCP agent' - comment: 'New param' - - - name: allow_bulk - type: string - default: 'True' - help: 'Enable or disable bulk create/update/delete operations' - comment: 'New param' - - - name: allow_pagination - type: string - default: 'False' - help: 'Enable or disable bulk create/update/delete operations Enable or disable pagination' - comment: 'New param' - - - name: allow_sorting - type: string - default: 'False' - help: 'Enable or disable bulk create/update/delete operations Enable or disable pagination Enable or disable sorting' - comment: 'New param' - - - name: allow_overlapping_ips - type: string - default: 'False' - help: 'Enable or disable bulk create/update/delete operations Enable or disable pagination Enable or disable sorting Enable or disable overlapping IPs for subnets Attention: the following parameter MUST be set to False if Neutron is being used in conjunction with nova security groups' - comment: 'New param' - - - name: force_gateway_on_subnet - type: string - default: 'False' - help: 'Enable or disable bulk create/update/delete operations Enable or disable pagination Enable or disable sorting Enable or disable overlapping IPs for subnets Attention: the following parameter MUST be set to False if Neutron is being used in conjunction with nova security groups Ensure that configured gateway is on subnet' - comment: 'New param' - - - name: rpc_backend - type: string - default: 'neutron.openstack.common.rpc.impl_zmq' - help: 'ZMQ' - comment: 'New param' - - - name: rpc_thread_pool_size - type: string - default: '64' - help: 'RPC configuration options. Defined in rpc __init__ The messaging module to use, defaults to kombu. Size of RPC thread pool' - comment: 'New param' - - - name: rpc_conn_pool_size - type: string - default: '30' - help: 'RPC configuration options. Defined in rpc __init__ The messaging module to use, defaults to kombu. Size of RPC thread pool Size of RPC connection pool' - comment: 'New param' - - - name: rpc_response_timeout - type: string - default: '60' - help: 'RPC configuration options. Defined in rpc __init__ The messaging module to use, defaults to kombu. Size of RPC thread pool Size of RPC connection pool Seconds to wait for a response from call or multicall' - comment: 'New param' - - - name: rpc_cast_timeout - type: string - default: '30' - help: 'RPC configuration options. Defined in rpc __init__ The messaging module to use, defaults to kombu. Size of RPC thread pool Size of RPC connection pool Seconds to wait for a response from call or multicall Seconds to wait before a cast expires (TTL). Only supported by impl_zmq.' - comment: 'New param' - - - name: allowed_rpc_exception_modules - type: string - default: 'neutron.openstack.common.exception, nova.exception' - help: 'RPC configuration options. Defined in rpc __init__ The messaging module to use, defaults to kombu. Size of RPC thread pool Size of RPC connection pool Seconds to wait for a response from call or multicall Seconds to wait before a cast expires (TTL). Only supported by impl_zmq. Modules of exceptions that are permitted to be recreated upon receiving exception data from an rpc call.' - comment: 'New param' - - - name: control_exchange - type: string - default: 'neutron' - help: 'RPC configuration options. Defined in rpc __init__ The messaging module to use, defaults to kombu. Size of RPC thread pool Size of RPC connection pool Seconds to wait for a response from call or multicall Seconds to wait before a cast expires (TTL). Only supported by impl_zmq. Modules of exceptions that are permitted to be recreated upon receiving exception data from an rpc call. AMQP exchange to connect to if using RabbitMQ or QPID' - comment: 'New param' - - - name: fake_rabbit - type: string - default: 'False' - help: 'If passed, use a fake RabbitMQ provider' - comment: 'New param' - - - name: kombu_ssl_version - type: string - default: '' - help: 'Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled)' - comment: 'New param' - - - name: kombu_ssl_keyfile - type: string - default: '' - help: 'Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled)' - comment: 'New param' - - - name: kombu_ssl_certfile - type: string - default: '' - help: 'Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled)' - comment: 'New param' - - - name: kombu_ssl_ca_certs - type: string - default: '' - help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)'" - comment: 'New param' - - - name: rabbit_host - type: host - default: 'localhost' - help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation" - comment: 'New param' - - - name: rabbit_password - type: string - default: 'guest' - help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server" - comment: 'New param' - - - name: rabbit_port - type: string - default: '5672' - help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server Port where RabbitMQ server is running/listening" - comment: 'New param' - - - name: rabbit_hosts - type: string - default: 'localhost:5672' - help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server Port where RabbitMQ server is running/listening RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port'" - comment: 'New param' - - - name: rabbit_userid - type: string - default: 'guest' - help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server Port where RabbitMQ server is running/listening RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port' User ID used for RabbitMQ connections" - comment: 'New param' - - - name: rabbit_virtual_host - type: string - default: '/' - help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server Port where RabbitMQ server is running/listening RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port' User ID used for RabbitMQ connections Location of a virtual RabbitMQ installation." - comment: 'New param' - - - name: rabbit_max_retries - type: string - default: '0' - help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server Port where RabbitMQ server is running/listening RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port' User ID used for RabbitMQ connections Location of a virtual RabbitMQ installation. Maximum retries with trying to connect to RabbitMQ (the default of 0 implies an infinite retry count)" - comment: 'New param' - - - name: rabbit_retry_interval - type: string - default: '1' - help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server Port where RabbitMQ server is running/listening RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port' User ID used for RabbitMQ connections Location of a virtual RabbitMQ installation. Maximum retries with trying to connect to RabbitMQ (the default of 0 implies an infinite retry count) RabbitMQ connection retry interval" - comment: 'New param' - - - name: rabbit_ha_queues - type: boolean - default: false - help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server Port where RabbitMQ server is running/listening RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port' User ID used for RabbitMQ connections Location of a virtual RabbitMQ installation. Maximum retries with trying to connect to RabbitMQ (the default of 0 implies an infinite retry count) RabbitMQ connection retry interval Use HA queues in RabbitMQ (x-ha-policy: all).You need to wipe RabbitMQ database when changing this option. " - comment: 'New param' - - - name: qpid_hostname - type: string - default: 'localhost' - help: 'QPID Qpid broker hostname' - comment: 'New param' - - - name: qpid_port - type: string - default: '5672' - help: 'QPID Qpid broker hostname Qpid broker port' - comment: 'New param' - - - name: qpid_hosts - type: string - default: 'localhost:5672' - help: "QPID Qpid broker hostname Qpid broker port Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) qpid_hosts is defaulted to '$qpid_hostname:$qpid_port'" - comment: 'New param' - - - name: qpid_username - type: string - default: "''" - help: "QPID Qpid broker hostname Qpid broker port Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) qpid_hosts is defaulted to '$qpid_hostname:$qpid_port' Username for qpid connection" - comment: 'New param' - - - name: qpid_password - type: string - default: "''" - help: "QPID Qpid broker hostname Qpid broker port Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) qpid_hosts is defaulted to '$qpid_hostname:$qpid_port' Username for qpid connection Password for qpid connection" - comment: 'New param' - - - name: qpid_sasl_mechanisms - type: string - default: "''" - help: "QPID Qpid broker hostname Qpid broker port Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) qpid_hosts is defaulted to '$qpid_hostname:$qpid_port' Username for qpid connection Password for qpid connection Space separated list of SASL mechanisms to use for auth" - comment: 'New param' - - - name: qpid_heartbeat - type: string - default: '60' - help: "QPID Qpid broker hostname Qpid broker port Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) qpid_hosts is defaulted to '$qpid_hostname:$qpid_port' Username for qpid connection Password for qpid connection Space separated list of SASL mechanisms to use for auth Seconds between connection keepalive heartbeats" - comment: 'New param' - - - name: qpid_protocol - type: string - default: 'tcp' - help: "QPID Qpid broker hostname Qpid broker port Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) qpid_hosts is defaulted to '$qpid_hostname:$qpid_port' Username for qpid connection Password for qpid connection Space separated list of SASL mechanisms to use for auth Seconds between connection keepalive heartbeats Transport to use, either 'tcp' or 'ssl'" - comment: 'New param' - - - name: qpid_tcp_nodelay - type: string - default: 'True' - help: "QPID Qpid broker hostname Qpid broker port Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) qpid_hosts is defaulted to '$qpid_hostname:$qpid_port' Username for qpid connection Password for qpid connection Space separated list of SASL mechanisms to use for auth Seconds between connection keepalive heartbeats Transport to use, either 'tcp' or 'ssl' Disable Nagle algorithm" - comment: 'New param' - - - name: rpc_zmq_bind_address - type: string - default: '*' - help: "ZMQ ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP. The 'host' option should point or resolve to this address." - comment: 'New param' - - - name: notification_driver - type: string - default: 'neutron.openstack.common.notifier.rpc_notifier' - help: 'Notification_driver can be defined multiple times Do nothing driver notification_driver = neutron.openstack.common.notifier.no_op_notifier Logging driver notification_driver = neutron.openstack.common.notifier.log_notifier RPC driver. DHCP agents needs it.' - comment: 'New param' - - - name: default_notification_level - type: string - default: 'INFO' - help: 'default_notification_level is used to form actual topic name(s) or to set logging level' - comment: 'New param' - - - name: host - type: string - default: 'myhost.com' - help: 'default_publisher_id is a part of the notification payload' - comment: 'New param' - - - name: default_publisher_id - type: string - default: '$host' - help: 'default_publisher_id is a part of the notification payload' - comment: 'New param' - - - name: notification_topics - type: string - default: 'notifications' - help: 'Defined in rpc_notifier, can be comma separated values. The actual topic names will be %s.%(default_notification_level)s' - comment: 'New param' - - - name: pagination_max_limit - type: string - default: '-1' - help: 'Default maximum number of items returned in a single response, value == infinite and value < 0 means no max limit, and value must greater than 0. If the number of items requested is greater than pagination_max_limit, server will just return pagination_max_limit of number of items.' - comment: 'New param' - - - name: max_dns_nameservers - type: string - default: '5' - help: 'Maximum number of DNS nameservers per subnet' - comment: 'New param' - - - name: max_subnet_host_routes - type: string - default: '20' - help: 'Maximum number of host routes per subnet' - comment: 'New param' - - - name: max_fixed_ips_per_port - type: string - default: '5' - help: 'Maximum number of fixed ips per port' - comment: 'New param' - - - name: agent_down_time - type: string - default: '5' - help: '=========== items for agent management extension ============= Seconds to regard the agent as down.' - comment: 'New param' - - - name: network_scheduler_driver - type: string - default: 'neutron.scheduler.dhcp_agent_scheduler.ChanceScheduler' - help: '=========== items for agent scheduler extension ============= Driver to use for scheduling network to DHCP agent' - comment: 'New param' - - - name: router_scheduler_driver - type: string - default: 'neutron.scheduler.l3_agent_scheduler.ChanceScheduler' - help: '=========== items for agent scheduler extension ============= Driver to use for scheduling network to DHCP agent Driver to use for scheduling router to a default L3 agent' - comment: 'New param' - - - name: loadbalancer_pool_scheduler_driver - type: string - default: 'neutron.services.loadbalancer.agent_scheduler.ChanceScheduler' - help: '=========== items for agent scheduler extension ============= Driver to use for scheduling network to DHCP agent Driver to use for scheduling router to a default L3 agent Driver to use for scheduling a loadbalancer pool to an lbaas agent' - comment: 'New param' - - - name: network_auto_schedule - type: string - default: 'True' - help: 'Allow auto scheduling networks to DHCP agent. It will schedule non-hosted networks to first DHCP agent which sends get_active_networks message to neutron server' - comment: 'New param' - - - name: router_auto_schedule - type: string - default: 'True' - help: 'Allow auto scheduling routers to L3 agent. It will schedule non-hosted routers to first L3 agent which sends sync_routers message to neutron server' - comment: 'New param' - - - name: dhcp_agents_per_network - type: string - default: '1' - help: 'Number of DHCP agents scheduled to host a network. This enables redundant DHCP agents for configured networks.' - comment: 'New param' - - - name: tcp_keepidle - type: string - default: '600' - help: '=========== WSGI parameters related to the API server ============== Sets the value of TCP_KEEPIDLE in seconds to use for each server socket when starting API server. Not supported on OS X.' - comment: 'New param' - - - name: retry_until_window - type: string - default: '30' - help: 'Number of seconds to keep retrying to listen' - comment: 'New param' - - - name: backlog - type: string - default: '4096' - help: 'Number of backlog requests to configure the socket with.' - comment: 'New param' - - - name: use_ssl - type: string - default: 'False' - help: 'Enable SSL on the API server' - comment: 'New param' - - - name: ssl_cert_file - type: string - default: '/path/to/certfile' - help: 'Certificate file to use when starting API server securely' - comment: 'New param' - - - name: ssl_key_file - type: string - default: '/path/to/keyfile' - help: 'Private key file to use when starting API server securely' - comment: 'New param' - - - name: ssl_ca_file - type: string - default: '/path/to/cafile' - help: 'CA certificate file to use when starting API server securely to verify connecting clients. This is an optional parameter only required if API clients need to authenticate to the API server using SSL certificates signed by a trusted CA' - comment: 'New param' - - - name: quotas.quota_items - type: string - default: 'network,subnet,port' - help: 'resource name(s) that are supported in quota features' - comment: 'New param' - - - name: quotas.default_quota - type: string - default: '-1' - help: 'default number of resource allowed per tenant, minus for unlimited' - comment: 'New param' - - - name: quotas.quota_network - type: string - default: '10' - help: 'number of networks allowed per tenant, and minus means unlimited' - comment: 'New param' - - - name: quotas.quota_subnet - type: string - default: '10' - help: 'number of subnets allowed per tenant, and minus means unlimited' - comment: 'New param' - - - name: quotas.quota_port - type: string - default: '50' - help: 'number of ports allowed per tenant, and minus means unlimited' - comment: 'New param' - - - name: quotas.quota_security_group - type: string - default: '10' - help: 'number of security groups allowed per tenant, and minus means unlimited' - comment: 'New param' - - - name: quotas.quota_security_group_rule - type: string - default: '100' - help: 'number of security group rules allowed per tenant, and minus means unlimited' - comment: 'New param' - - - name: quotas.quota_driver - type: string - default: 'neutron.db.quota_db.DbQuotaDriver' - help: 'default driver to use for quota checks' - comment: 'New param' - - - name: agent.root_helper - type: string - default: 'sudo' - help: "Use 'sudo neutron-rootwrap /etc/neutron/rootwrap.conf' to use the real root filter facility. Change to 'sudo' to skip the filtering and just run the comand directly" - comment: 'New param' - - - name: agent.report_interval - type: string - default: '4' - help: '=========== items for agent management extension ============= seconds between nodes reporting state to server, should be less than agent_down_time' - comment: 'New param' - - - name: keystone_authtoken.auth_host - type: host - default: '127.0.0.1' - comment: 'New param' - - - name: keystone_authtoken.auth_port - type: string - default: '35357' - comment: 'New param' - - - name: keystone_authtoken.auth_protocol - type: string - default: 'http' - comment: 'New param' - - - name: keystone_authtoken.admin_tenant_name - type: string - default: '%SERVICE_TENANT_NAME%' - comment: 'New param' - - - name: keystone_authtoken.admin_user - type: string - default: '%SERVICE_USER%' - comment: 'New param' - - - name: keystone_authtoken.admin_password - type: string - default: '%SERVICE_PASSWORD%' - comment: 'New param' - - - name: keystone_authtoken.signing_dir - type: string - default: '$state_path/keystone-signing' - comment: 'New param' - - - name: database.connection - type: string - default: 'mysql://root:pass@127.0.0.1:3306/neutron' - help: 'This line MUST be changed to actually run the plugin. Example:' - comment: 'New param' - - - name: database.slave_connection - type: string - default: '' - help: 'The SQLAlchemy connection string used to connect to the slave database' - comment: 'New param' - - - name: database.max_retries - type: string - default: '10' - help: 'Database reconnection retry times - in event connectivity is lost set to -1 implies an infinite retry count' - comment: 'New param' - - - name: database.retry_interval - type: string - default: '10' - help: 'Database reconnection interval in seconds - if the initial connection to the database fails' - comment: 'New param' - - - name: database.min_pool_size - type: string - default: '1' - help: 'Minimum number of SQL connections to keep open in a pool' - comment: 'New param' - - - name: database.max_pool_size - type: string - default: '10' - help: 'Maximum number of SQL connections to keep open in a pool' - comment: 'New param' - - - name: database.idle_timeout - type: string - default: '3600' - help: 'Timeout in seconds before idle sql connections are reaped' - comment: 'New param' - - - name: database.max_overflow - type: string - default: '20' - help: 'If set, use this value for max_overflow with sqlalchemy' - comment: 'New param' - - - name: database.connection_debug - type: string - default: '0' - help: 'Verbosity of SQL debugging information. 0=None, 100=Everything' - comment: 'New param' - - - name: database.connection_trace - type: string - default: 'False' - help: 'Add python stack traces to SQL as comment strings' - comment: 'New param' - - - name: database.pool_timeout - type: string - default: '10' - help: 'If set, use this value for pool_timeout with sqlalchemy' - comment: 'New param' - - - name: service_providers.service_provider - type: string - default: 'LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default' - help: 'Specify service providers (drivers) for advanced services like loadbalancer, VPN, Firewall. Must be in form: service_provider=::[:default] List of allowed service type include LOADBALANCER, FIREWALL, VPN Combination of and must be unique; must also be unique this is multiline option, example for default provider: service_provider=LOADBALANCER:name:lbaas_plugin_driver_path:default example of non-default provider: service_provider=FIREWALL:name2:firewall_driver_path --- Reference implementations ---' - comment: 'New param' - -# ==================================================== diff --git a/rubick/schemas/nova/2013.1.3.yml b/rubick/schemas/nova/2013.1.3.yml deleted file mode 100644 index a900bec..0000000 --- a/rubick/schemas/nova/2013.1.3.yml +++ /dev/null @@ -1,3238 +0,0 @@ -project: nova -version: '2013.1.3' -parameters: - - - name: internal_service_availability_zone - type: string - default: 'internal' - help: 'availability_zone to show internal services under' - - - name: default_availability_zone - type: string - default: 'nova' - help: 'default compute node availability_zone' - - - name: ssl.ca_file - type: string - default: ~ - help: 'CA certificate file to use to verify connecting clients' - - - name: ssl.key_file - type: string - default: ~ - help: 'Private key file to use when starting the server securely' - - - name: crl_file - type: file - default: 'crl.pem' - help: 'Filename of root Certificate Revocation List' - - - name: keys_path - type: directory - default: '$state_path/keys' - help: 'Where we keep our keys' - - - name: ca_path - type: string - default: '$state_path/CA' - help: 'Where we keep our root CA' - - - name: use_project_ca - type: boolean - default: False - help: 'Should we use a CA for each project?' - - - name: user_cert_subject - type: string - default: '/CUS/STCalifornia/OOpenStack/OUNovaDev/CN%.16s-%.16s-%s' - help: 'Subject for certificate for users, %s for project, user, timestamp' - - - name: project_cert_subject - type: string - default: '/CUS/STCalifornia/OOpenStack/OUNovaDev/CNproject-ca-%.16s-%s' - help: 'Subject for certificate for projects, %s for project, timestamp' - - - name: fatal_exception_format_errors - type: boolean - default: False - help: 'make exception message format errors fatal' - - - name: my_ip - type: string - default: '10.0.0.1' - help: 'ip address of this host' - - - name: matchmaker_redis.host - type: string - default: '127.0.0.1' - help: 'Host to locate redis' - - - name: use_ipv6 - type: boolean - default: False - help: 'use ipv6' - - - name: notify_on_state_change - type: string - default: 'None' - help: "If set, send compute.instance.update notifications on instance state changes. Valid values are None for no notifications, 'vm_state' for notifications on VM state changes, or 'vm_and_task_state' for notifications on VM and task state changes." - - - name: notify_api_faults - type: boolean - default: False - help: 'If set, send api.fault notifications on caught exceptions in the API service.' - - - name: pybasedir - type: string - default: '/usr/lib/python/site-packages' - help: 'Directory where the nova python module is installed' - - - name: bindir - type: string - default: '/usr/local/bin' - help: 'Directory where nova binaries are installed' - - - name: state_path - type: string - default: '$pybasedir' - help: "Top-level directory for maintaining nova's state" - - - name: policy_file - type: string - default: 'policy.json' - help: 'JSON file representing policy' - - - name: policy_default_rule - type: string - default: 'default' - help: 'Rule checked when requested rule is not found' - - - name: quota_instances - type: integer - default: 10 - help: 'number of instances allowed per project' - - - name: quota_cores - type: integer - default: 20 - help: 'number of instance cores allowed per project' - - - name: quota_ram - type: integer - default: 51200 - help: 'megabytes of instance ram allowed per project' - - - name: quota_floating_ips - type: integer - default: 10 - help: 'number of floating ips allowed per project' - - - name: quota_fixed_ips - type: integer - default: -1 - help: 'number of fixed ips allowed per project' - - - name: quota_metadata_items - type: integer - default: 128 - help: 'number of metadata items allowed per instance' - - - name: quota_injected_files - type: integer - default: 5 - help: 'number of injected files allowed' - - - name: quota_injected_file_content_bytes - type: integer - default: 10240 - help: 'number of bytes allowed per injected file' - - - name: quota_injected_file_path_bytes - type: integer - default: 255 - help: 'number of bytes allowed per injected file path' - - - name: quota_security_groups - type: integer - default: 10 - help: 'number of security groups per project' - - - name: quota_security_group_rules - type: integer - default: 20 - help: 'number of security rules per security group' - - - name: quota_key_pairs - type: integer - default: 100 - help: 'number of key pairs per user' - - - name: reservation_expire - type: integer - default: 86400 - help: 'number of seconds until a reservation expires' - - - name: until_refresh - type: integer - default: 0 - help: 'count of reservations until usage is refreshed' - - - name: max_age - type: integer - default: 0 - help: 'number of seconds between subsequent usage refreshes' - - - name: quota_driver - type: string - default: 'nova.quota.DbQuotaDriver' - help: 'default driver to use for quota checks' - - - name: report_interval - type: integer - default: 10 - help: 'seconds between nodes reporting state to datastore' - - - name: periodic_enable - type: boolean - default: True - help: 'enable periodic tasks' - - - name: periodic_fuzzy_delay - type: integer - default: 60 - help: 'range of seconds to randomly delay when starting the periodic task scheduler to reduce stampeding.' - - - name: enabled_apis - type: list - default: 'ec2,osapi_compute,metadata' - help: 'a list of APIs to enable by default' - - - name: enabled_ssl_apis - type: list - default: '' - help: 'a list of APIs with enabled SSL' - - - name: ec2_listen - type: string - default: '0.0.0.0' - help: 'IP address for EC2 API to listen' - - - name: ec2_listen_port - type: integer - default: 8773 - help: 'port for ec2 api to listen' - - - name: ec2_workers - type: integer - default: ~ - help: 'Number of workers for EC2 API service' - - - name: osapi_compute_listen - type: string - default: '0.0.0.0' - help: 'IP address for OpenStack API to listen' - - - name: osapi_compute_listen_port - type: integer - default: 8774 - help: 'list port for osapi compute' - - - name: osapi_compute_workers - type: integer - default: ~ - help: 'Number of workers for OpenStack API service' - - - name: metadata_manager - type: string - default: 'nova.api.manager.MetadataManager' - help: 'OpenStack metadata service manager' - - - name: metadata_listen - type: string - default: '0.0.0.0' - help: 'IP address for metadata api to listen' - - - name: metadata_listen_port - type: integer - default: 8775 - help: 'port for metadata api to listen' - - - name: metadata_workers - type: integer - default: ~ - help: 'Number of workers for metadata service' - - - name: compute_manager - type: string - default: 'nova.compute.manager.ComputeManager' - help: 'full class name for the Manager for compute' - - - name: console_manager - type: string - default: 'nova.console.manager.ConsoleProxyManager' - help: 'full class name for the Manager for console proxy' - - - name: cert_manager - type: string - default: 'nova.cert.manager.CertManager' - help: 'full class name for the Manager for cert' - - - name: network_manager - type: string - default: 'nova.network.manager.VlanManager' - help: 'full class name for the Manager for network' - - - name: scheduler_manager - type: string - default: 'nova.scheduler.manager.SchedulerManager' - help: 'full class name for the Manager for scheduler' - - - name: service_down_time - type: integer - default: 60 - help: 'maximum time since last check-in for up service' - - - name: sqlite_clean_db - type: string - default: 'clean.sqlite' - help: 'File name of clean sqlite db' - - - name: monkey_patch - type: boolean - default: False - help: 'Whether to log monkey patching' - - - name: monkey_patch_modules - type: list - default: 'nova.api.ec2.cloud:nova.notifications.notify_decorator,nova.compute.api:nova.notifications.notify_decorator' - help: 'List of modules/decorators to monkey patch' - - - name: password_length - type: integer - default: 12 - help: 'Length of generated instance admin passwords' - - - name: instance_usage_audit_period - type: string - default: 'month' - help: 'time period to generate instance usages for. Time period must be hour, day, month or year' - - - name: rootwrap_config - type: string - default: '/etc/nova/rootwrap.conf' - help: 'Path to the rootwrap configuration file to use for running commands as root' - - - name: tempdir - type: string - default: ~ - help: 'Explicitly specify the temporary working directory' - - - name: api_paste_config - type: string - default: 'api-paste.ini' - help: 'File name for the paste.deploy config for nova-api' - - - name: wsgi_log_format - type: string - default: '%(client_ip)s "%(request_line)s" status: %(status_code)s len: %(body_length)s time: %(wall_seconds).7f' - help: 'A python format string that is used as the template to generate log lines. The following values can be formatted into it: client_ip, date_time, request_line, status_code, body_length, wall_seconds.' - - - name: ssl_ca_file - type: string - default: ~ - help: 'CA certificate file to use to verify connecting clients' - - - name: ssl_cert_file - type: string - default: ~ - help: 'SSL certificate of API server' - - - name: ssl_key_file - type: string - default: ~ - help: 'SSL private key of API server' - - - name: tcp_keepidle - type: integer - default: 600 - help: 'Sets the value of TCP_KEEPIDLE in seconds for each server socket. Not supported on OS X.' - - - name: api_rate_limit - type: boolean - default: False - help: 'whether to use per-user rate limiting for the api.' - - - name: auth_strategy - type: string - default: 'noauth' - help: 'The strategy to use for auth: noauth or keystone.' - - - name: use_forwarded_for - type: boolean - default: False - help: 'Treat X-Forwarded-For as the canonical remote address. Only enable this if you have a sanitizing proxy.' - - - name: lockout_attempts - type: integer - default: 5 - help: 'Number of failed auths before lockout.' - - - name: lockout_minutes - type: integer - default: 15 - help: 'Number of minutes to lockout if triggered.' - - - name: lockout_window - type: integer - default: 15 - help: 'Number of minutes for lockout window.' - - - name: keystone_ec2_url - type: string - default: 'http://localhost:5000/v2.0/ec2tokens' - help: 'URL to get token from ec2 request.' - - - name: ec2_private_dns_show_ip - type: boolean - default: False - help: 'Return the IP address as private dns hostname in describe instances' - - - name: ec2_strict_validation - type: boolean - default: True - help: 'Validate security group names according to EC2 specification' - - - name: ec2_timestamp_expiry - type: integer - default: 300 - help: 'Time in seconds before ec2 timestamp expires' - - - name: ec2_host - type: string - default: '$my_ip' - help: 'the ip of the ec2 api server' - - - name: ec2_dmz_host - type: string - default: '$my_ip' - help: 'the internal ip of the ec2 api server' - - - name: ec2_port - type: integer - default: 8773 - help: 'the port of the ec2 api server' - - - name: ec2_scheme - type: string - default: 'http' - help: 'the protocol to use when connecting to the ec2 api server' - - - name: ec2_path - type: string - default: '/services/Cloud' - help: 'the path prefix used to call the ec2 api server' - - - name: region_list - type: list - default: '' - help: 'list of region=fqdn pairs separated by commas' - - - name: config_drive_skip_versions - type: string - default: '1.0 2007-01-19 2007-03-01 2007-08-29 2007-10-10 2007-12-15 2008-02-01 2008-09-01' - help: 'List of metadata versions to skip placing into the config drive' - - - name: vendordata_driver - type: string - default: 'nova.api.metadata.vendordata_json.JsonFileVendorData' - help: 'Driver to use for vendor data' - - - name: service_neutron_metadata_proxy - type: boolean - default: False - help: 'Set flag to indicate Neutron will proxy metadata requests and resolve instance ids.' - - - name: neutron_metadata_proxy_shared_secret - type: string - default: '' - help: 'Shared secret to validate proxies Neutron metadata requests' - - - name: vendordata_jsonfile_path - type: string - default: ~ - help: 'File to load json formated vendor data from' - - - name: osapi_max_limit - type: integer - default: 1000 - help: 'the maximum number of items returned in a single response from a collection resource' - - - name: osapi_compute_link_prefix - type: string - default: ~ - help: 'Base URL that will be presented to users in links to the OpenStack Compute API' - - - name: osapi_glance_link_prefix - type: string - default: ~ - help: 'Base URL that will be presented to users in links to glance resources' - - - name: allow_instance_snapshots - type: boolean - default: True - help: 'Permit instance snapshot operations.' - - - name: osapi_compute_ext_list - type: list - default: '' - help: 'Specify list of extensions to load when using osapi_compute_extension option with nova_2013_1_3.api.openstack.compute.contrib.select_extensions' - - - name: fping_path - type: string - default: '/usr/sbin/fping' - help: 'Full path to fping.' - - - name: enable_network_quota - type: boolean - default: False - help: 'Enables or disables quota checking for tenant networks' - - - name: use_neutron_default_nets - type: string - default: 'False' - help: 'Control for checking for default networks' - - - name: neutron_default_tenant_id - type: string - default: 'default' - help: 'Default tenant id when creating neutron networks' - - - name: osapi_compute_extension - type: multi - default: 'nova.api.openstack.compute.contrib.standard_extensions' - help: 'osapi compute extension to load' - - - name: osapi_hide_server_address_states - type: list - default: 'building' - help: 'List of instance states that should hide network info' - - - name: enable_instance_password - type: boolean - default: True - help: 'Allows use of instance password during server creation' - - - name: osapi_max_request_body_size - type: integer - default: 114688 - help: 'the maximum body size per each osapi request(bytes)' - - - name: compute_api_class - type: string - default: 'nova.compute.api.API' - help: 'The full class name of the compute API class to use' - - - name: cert_topic - type: string - default: 'cert' - help: 'the topic cert nodes listen on' - - - name: vpn_image_id - type: string - default: '0' - help: 'image id used when starting up a cloudpipe vpn server' - - - name: vpn_flavor - type: string - default: 'm1.tiny' - help: 'Flavor for vpn instances' - - - name: boot_script_template - type: string - default: '$pybasedir/nova/cloudpipe/bootscript.template' - help: 'Template for cloudpipe instance boot script' - - - name: dmz_net - type: string - default: '10.0.0.0' - help: 'Network to push into openvpn config' - - - name: dmz_mask - type: string - default: '255.255.255.0' - help: 'Netmask to push into openvpn config' - - - name: vpn_key_suffix - type: string - default: '-vpn' - help: 'Suffix to add to project name for vpn key and secgroups' - - - name: record - type: boolean - default: False - help: 'Record sessions to FILE.[session_number]' - - - name: daemon - type: boolean - default: False - help: 'Become a daemon' - - - name: ssl_only - type: boolean - default: False - help: 'Disallow non-encrypted connections' - - - name: source_is_ipv6 - type: boolean - default: False - help: 'Source is ipv6' - - - name: upgrade_levels.cert - type: string - default: ~ - help: 'Set a version cap for messages sent to cert services' - - - name: key - type: string - default: ~ - help: 'SSL key file' - - - name: web - type: string - default: '/usr/share/spice-html5' - help: 'Run webserver on same port. Serve files from DIR.' - - - name: novncproxy_host - type: string - default: '0.0.0.0' - help: 'Host on which to listen for incoming requests' - - - name: novncproxy_port - type: integer - default: 6080 - help: 'Port on which to listen for incoming requests' - - - name: spicehtml5proxy_host - type: string - default: '0.0.0.0' - help: 'Host on which to listen for incoming requests' - - - name: spicehtml5proxy_port - type: integer - default: 6082 - help: 'Port on which to listen for incoming requests' - - - name: allow_resize_to_same_host - type: boolean - default: False - help: 'Allow destination machine to match source for resize. Useful when testing in single-host environments.' - - - name: allow_migrate_to_same_host - type: boolean - default: False - help: 'Allow migrate machine to the same host. Useful when testing in single-host environments.' - - - name: default_schedule_zone - type: string - default: ~ - help: "availability zone to use when user doesn't specify one" - - - name: non_inheritable_image_properties - type: list - default: 'cache_in_nova,bittorrent' - help: 'These are image properties which a snapshot should not inherit from an instance' - - - name: null_kernel - type: string - default: 'nokernel' - help: 'kernel image that indicates not to use a kernel, but to use a raw disk image instead' - - - name: multi_instance_display_name_template - type: string - default: '%(name)s-%(uuid)s' - help: "When creating multiple instances with a single request using the os-multiple-create API extension, this template will be used to build the display name for each instance. The benefit is that the instances end up with different hostnames. To restore legacy behavior of every instance having the same name, set this option to '%(name)s'. Valid keys for the template are: name, uuid, count." - - - name: max_local_block_devices - type: integer - default: 3 - help: 'Maximum number of devices that will result in a local image being created on the hypervisor node. Setting this to 0 means nova will allow only boot from volume. A negative number means unlimited.' - - - name: default_flavor - type: string - default: 'm1.small' - help: 'default flavor to use for the EC2 API only. The Nova API does not support a default flavor.' - - - name: console_host - type: string - default: 'nova' - help: 'Console proxy host to use to connect to instances on this host.' - - - name: default_access_ip_network_name - type: string - default: ~ - help: 'Name of network to use to set access ips for instances' - - - name: defer_iptables_apply - type: boolean - default: False - help: 'Whether to batch up the application of IPTables rules during a host restart and apply all at the end of the init phase' - - - name: instances_path - type: string - default: '$state_path/instances' - help: 'where instances are stored on disk' - - - name: instance_usage_audit - type: boolean - default: False - help: 'Generate periodic compute.instance.exists notifications' - - - name: live_migration_retry_count - type: integer - default: 30 - help: 'Number of 1 second retries needed in live_migration' - - - name: resume_guests_state_on_host_boot - type: boolean - default: False - help: 'Whether to start guests that were running before the host rebooted' - - - name: network_allocate_retries - type: integer - default: 0 - help: 'Number of times to retry network allocation on failures' - - - name: maximum_instance_delete_attempts - type: integer - default: 5 - help: 'The number of times to attempt to reap an instances files.' - - - name: bandwidth_poll_interval - type: integer - default: 600 - help: 'interval to pull bandwidth usage info' - - - name: sync_power_state_interval - type: integer - default: 600 - help: 'interval to sync power states between the database and the hypervisor' - - - name: heal_instance_info_cache_interval - type: integer - default: 60 - help: 'Number of seconds between instance info_cache self healing updates' - - - name: host_state_interval - type: integer - default: 120 - help: 'Interval in seconds for querying the host status' - - - name: image_cache_manager_interval - type: integer - default: 2400 - help: 'Number of seconds to wait between runs of the image cache manager' - - - name: reclaim_instance_interval - type: integer - default: 0 - help: 'Interval in seconds for reclaiming deleted instances' - - - name: volume_usage_poll_interval - type: integer - default: 0 - help: 'Interval in seconds for gathering volume usages' - - - name: shelved_poll_interval - type: integer - default: 3600 - help: 'Interval in seconds for polling shelved instances to offload' - - - name: shelved_offload_time - type: integer - default: 0 - help: 'Time in seconds before a shelved instance is eligible for removing from a host. -1 never offload, 0 offload when shelved' - - - name: instance_delete_interval - type: integer - default: 300 - help: 'Interval in seconds for retrying failed instance file deletes' - - - name: running_deleted_instance_action - type: string - default: 'log' - help: "Action to take if a running deleted instance is detected.Valid options are 'noop', 'log' and 'reap'. Set to 'noop' to disable." - - - name: running_deleted_instance_poll_interval - type: integer - default: 1800 - help: 'Number of seconds to wait between runs of the cleanup task.' - - - name: running_deleted_instance_timeout - type: integer - default: 0 - help: 'Number of seconds after being deleted when a running instance should be considered eligible for cleanup.' - - - name: reboot_timeout - type: integer - default: 0 - help: 'Automatically hard reboot an instance if it has been stuck in a rebooting state longer than N seconds. Set to 0 to disable.' - - - name: instance_build_timeout - type: integer - default: 0 - help: 'Amount of time in seconds an instance can be in BUILD before going into ERROR status.Set to 0 to disable.' - - - name: rescue_timeout - type: integer - default: 0 - help: 'Automatically unrescue an instance after N seconds. Set to 0 to disable.' - - - name: resize_confirm_window - type: integer - default: 0 - help: 'Automatically confirm resizes after N seconds. Set to 0 to disable.' - - - name: reserved_host_disk_mb - type: integer - default: 0 - help: 'Amount of disk in MB to reserve for the host' - - - name: reserved_host_memory_mb - type: integer - default: 512 - help: 'Amount of memory in MB to reserve for the host' - - - name: compute_stats_class - type: string - default: 'nova.compute.stats.Stats' - help: 'Class that will manage stats for the local compute host' - - - name: compute_topic - type: string - default: 'compute' - help: 'the topic compute nodes listen on' - - - name: migrate_max_retries - type: integer - default: -1 - help: 'Number of times to retry live-migration before failing. If == -1, try until out of hosts. If == 0, only try once, no retries.' - - - name: console_driver - type: string - default: 'nova.console.xvp.XVPConsoleProxy' - help: 'Driver to use for the console proxy' - - - name: stub_compute - type: boolean - default: False - help: 'Stub calls to compute worker for tests' - - - name: console_public_hostname - type: string - default: 'nova' - help: 'Publicly visible name for this console host' - - - name: console_topic - type: string - default: 'console' - help: 'the topic console proxy nodes listen on' - - - name: console_vmrc_port - type: integer - default: 443 - help: 'port for VMware VMRC connections' - - - name: console_vmrc_error_retries - type: integer - default: 10 - help: 'number of retries for retrieving VMRC information' - - - name: console_xvp_conf_template - type: string - default: '$pybasedir/nova/console/xvp.conf.template' - help: 'XVP conf template' - - - name: console_xvp_conf - type: string - default: '/etc/xvp.conf' - help: 'generated XVP conf file' - - - name: console_xvp_pid - type: string - default: '/var/run/xvp.pid' - help: 'XVP master process pid file' - - - name: console_xvp_log - type: string - default: '/var/log/xvp.log' - help: 'XVP log file' - - - name: console_xvp_multiplex_port - type: integer - default: 5900 - help: 'port for XVP to multiplex VNC connections on' - - - name: consoleauth_topic - type: string - default: 'consoleauth' - help: 'the topic console auth proxy nodes listen on' - - - name: console_token_ttl - type: integer - default: 600 - help: 'How many seconds before deleting tokens' - - - name: consoleauth_manager - type: string - default: 'nova.consoleauth.manager.ConsoleAuthManager' - help: 'Manager for console auth' - - - name: enable_new_services - type: boolean - default: True - help: 'Services to be added to the available pool on create' - - - name: instance_name_template - type: string - default: 'instance-%08x' - help: 'Template string to be used to generate instance names' - - - name: snapshot_name_template - type: string - default: 'snapshot-%s' - help: 'Template string to be used to generate snapshot names' - - - name: db_driver - type: string - default: 'nova.db' - help: 'driver to use for database access' - - - name: osapi_compute_unique_server_name_scope - type: string - default: '' - help: "When set, compute API will consider duplicate hostnames invalid within the specified scope, regardless of case. Should be empty, 'project' or 'global'." - - - name: glance_host - type: string - default: '$my_ip' - help: 'default glance hostname or ip' - - - name: glance_port - type: integer - default: 9292 - help: 'default glance port' - - - name: glance_protocol - type: string - default: 'http' - help: 'Default protocol to use when connecting to glance. Set to https for SSL.' - - - name: glance_api_servers - type: list - default: '$glance_host:$glance_port' - help: 'A list of the glance api servers available to nova_2013_1_3. Prefix with https:// for ssl-based glance api servers.' - - - name: glance_api_insecure - type: boolean - default: False - help: 'Allow to perform insecure SSL' - - - name: glance_num_retries - type: integer - default: 0 - help: 'Number retries when downloading an image from glance' - - - name: allowed_direct_url_schemes - type: list - default: '' - help: 'A list of url scheme that can be downloaded directly via the direct_url. Currently supported schemes: [file].' - - - name: image_decryption_dir - type: string - default: '/tmp' - help: 'parent dir for tempdir used for image decryption' - - - name: s3_host - type: string - default: '$my_ip' - help: 'hostname or ip for OpenStack to use when accessing the s3 api' - - - name: s3_port - type: integer - default: 3333 - help: 'port used when accessing the s3 api' - - - name: s3_access_key - type: string - default: 'notchecked' - help: 'access key to use for s3 server for images' - - - name: s3_secret_key - type: string - default: 'notchecked' - help: 'secret key to use for s3 server for images' - - - name: s3_use_ssl - type: boolean - default: False - help: 'whether to use ssl when talking to s3' - - - name: s3_affix_tenant - type: boolean - default: False - help: 'whether to affix the tenant id to the access key when downloading from s3' - - - name: ipv6_backend - type: string - default: 'rfc2462' - help: 'Backend to use for IPv6 generation' - - - name: network_api_class - type: string - default: 'nova.network.api.API' - help: 'The full class name of the network API class to use' - - - name: network_driver - type: string - default: 'nova.network.linux_net' - help: 'Driver to use for network creation' - - - name: default_floating_pool - type: string - default: 'nova' - help: 'Default pool for floating ips' - - - name: auto_assign_floating_ip - type: boolean - default: False - help: 'Autoassigning floating ip to VM' - - - name: floating_ip_dns_manager - type: string - default: 'nova.network.noop_dns_driver.NoopDNSDriver' - help: 'full class name for the DNS Manager for floating IPs' - - - name: instance_dns_manager - type: string - default: 'nova.network.noop_dns_driver.NoopDNSDriver' - help: 'full class name for the DNS Manager for instance IPs' - - - name: instance_dns_domain - type: string - default: '' - help: 'full class name for the DNS Zone for instance IPs' - - - name: ldap_dns_url - type: string - default: 'ldap://ldap.example.com:389' - help: 'URL for ldap server which will store dns entries' - - - name: ldap_dns_user - type: string - default: 'uidadmin,oupeople,dcexample,dcorg' - help: 'user for ldap DNS' - - - name: ldap_dns_password - type: string - default: 'password' - help: 'password for ldap DNS' - - - name: ldap_dns_soa_hostmaster - type: string - default: 'hostmaster@example.org' - help: 'Hostmaster for ldap dns driver Statement of Authority' - - - name: ldap_dns_servers - type: multi - default: 'dns.example.org' - help: 'DNS Servers for ldap dns driver' - - - name: ldap_dns_base_dn - type: string - default: 'ouhosts,dcexample,dcorg' - help: 'Base DN for DNS entries in ldap' - - - name: ldap_dns_soa_refresh - type: string - default: '1800' - help: 'Refresh interval' - - - name: ldap_dns_soa_retry - type: string - default: '3600' - help: 'Retry interval' - - - name: ldap_dns_soa_expiry - type: string - default: '86400' - help: 'Expiry interval' - - - name: ldap_dns_soa_minimum - type: string - default: '7200' - help: 'Minimum interval' - - - name: dhcpbridge_flagfile - type: multi - default: '/etc/nova/nova-dhcpbridge.conf' - help: 'location of flagfiles for dhcpbridge' - - - name: networks_path - type: string - default: '$state_path/networks' - help: 'Location to keep network config files' - - - name: public_interface - type: string - default: 'eth0' - help: 'Interface for public IP addresses' - - - name: network_device_mtu - type: string - default: ~ - help: 'MTU setting for vlan' - - - name: dhcpbridge - type: string - default: '$bindir/nova-dhcpbridge' - help: 'location of nova-dhcpbridge' - - - name: routing_source_ip - type: string - default: '$my_ip' - help: 'Public IP of network host' - - - name: dhcp_lease_time - type: integer - default: 120 - help: 'Lifetime of a DHCP lease in seconds' - - - name: dns_server - type: multi - default: '' - help: 'if set, uses specific dns server for dnsmasq. Canbe specified multiple times.' - - - name: use_network_dns_servers - type: boolean - default: False - help: 'if set, uses the dns1 and dns2 from the network ref.as dns servers.' - - - name: dmz_cidr - type: list - default: '' - help: 'A list of dmz range that should be accepted' - - - name: force_snat_range - type: multi - default: '' - help: 'Traffic to this range will always be snatted to the fallback ip, even if it would normally be bridged out of the node. Can be specified multiple times.' - - - name: dnsmasq_config_file - type: string - default: '' - help: 'Override the default dnsmasq settings with this file' - - - name: linuxnet_interface_driver - type: string - default: 'nova.network.linux_net.LinuxBridgeInterfaceDriver' - help: 'Driver used to create ethernet devices.' - - - name: linuxnet_ovs_integration_bridge - type: string - default: 'br-int' - help: 'Name of Open vSwitch bridge used with linuxnet' - - - name: send_arp_for_ha - type: boolean - default: False - help: 'send gratuitous ARPs for HA setup' - - - name: send_arp_for_ha_count - type: integer - default: 3 - help: 'send this many gratuitous ARPs for HA setup' - - - name: use_single_default_gateway - type: boolean - default: False - help: 'Use single default gateway. Only first nic of vm will get default gateway from dhcp server' - - - name: forward_bridge_interface - type: multi - default: 'all' - help: 'An interface that bridges can forward to. If this is set to all then all traffic will be forwarded. Can be specified multiple times.' - - - name: metadata_host - type: string - default: '$my_ip' - help: 'the ip for the metadata api server' - - - name: metadata_port - type: integer - default: 8775 - help: 'the port for the metadata api port' - - - name: iptables_top_regex - type: string - default: '' - help: 'Regular expression to match iptables rule that should always be on the top.' - - - name: iptables_bottom_regex - type: string - default: '' - help: 'Regular expression to match iptables rule that should always be on the bottom.' - - - name: iptables_drop_action - type: string - default: 'DROP' - help: 'The table that iptables to jump to when a packet is to be dropped.' - - - name: flat_network_bridge - type: string - default: ~ - help: 'Bridge for simple network instances' - - - name: flat_network_dns - type: string - default: '8.8.4.4' - help: 'Dns for simple network' - - - name: flat_injected - type: boolean - default: False - help: 'Whether to attempt to inject network setup into guest' - - - name: flat_interface - type: string - default: ~ - help: 'FlatDhcp will bridge into this interface if set' - - - name: vlan_start - type: integer - default: 100 - help: 'First VLAN for private networks' - - - name: vmware.vlan_interface - type: string - default: 'vmnic0' - help: 'Physical ethernet adapter name for vlan networking' - - - name: num_networks - type: integer - default: 1 - help: 'Number of networks to support' - - - name: vpn_ip - type: string - default: '$my_ip' - help: 'Public IP for the cloudpipe VPN servers' - - - name: vpn_start - type: integer - default: 1000 - help: 'First Vpn port for private networks' - - - name: network_size - type: integer - default: 256 - help: 'Number of addresses in each private subnet' - - - name: fixed_range_v6 - type: string - default: 'fd00::/48' - help: 'Fixed IPv6 address block' - - - name: fixed_range - type: string - default: '' - help: 'Fixed IPv4 address block' - - - name: gateway - type: string - default: ~ - help: 'Default IPv4 gateway' - - - name: gateway_v6 - type: string - default: ~ - help: 'Default IPv6 gateway' - - - name: cnt_vpn_clients - type: integer - default: 0 - help: 'Number of addresses reserved for vpn clients' - - - name: fixed_ip_disassociate_timeout - type: integer - default: 600 - help: 'Seconds after which a deallocated ip is disassociated' - - - name: create_unique_mac_address_attempts - type: integer - default: 5 - help: 'Number of attempts to create unique mac address' - - - name: fake_network - type: boolean - default: False - help: 'If passed, use fake network devices and addresses' - - - name: fake_call - type: boolean - default: False - help: 'If True, skip using the queue and make local calls' - - - name: teardown_unused_network_gateway - type: boolean - default: False - help: 'If True, unused gateway devices' - - - name: force_dhcp_release - type: boolean - default: True - help: 'If True, send a dhcp release on instance termination' - - - name: share_dhcp_address - type: boolean - default: False - help: 'If True in multi_host mode, all compute hosts share the same dhcp address. The same IP address used for DHCP will be added on each nova-network node which is only visible to the vms on the same host.' - - - name: update_dns_entries - type: boolean - default: False - help: 'If True, when a DNS entry must be updated, it sends a fanout cast to all network hosts to update their DNS entries in multi host mode' - - - name: dns_update_periodic_interval - type: integer - default: -1 - help: 'Number of seconds to wait between runs of updates to DNS entries.' - - - name: dhcp_domain - type: string - default: 'novalocal' - help: 'domain to use for building the hostnames' - - - name: l3_lib - type: string - default: 'nova.network.l3.LinuxNetL3' - help: 'Indicates underlying L3 management library' - - - name: neutron_url - type: string - default: 'http://127.0.0.1:9696' - help: 'URL for connecting to neutron' - - - name: neutron_url_timeout - type: integer - default: 30 - help: 'timeout value for connecting to neutron in seconds' - - - name: neutron_admin_username - type: string - default: ~ - help: 'username for connecting to neutron in admin context' - - - name: neutron_admin_password - type: string - default: ~ - help: 'password for connecting to neutron in admin context' - - - name: neutron_admin_tenant_name - type: string - default: ~ - help: 'tenant name for connecting to neutron in admin context' - - - name: neutron_region_name - type: string - default: ~ - help: 'region name for connecting to neutron in admin context' - - - name: neutron_admin_auth_url - type: string - default: 'http://localhost:5000/v2.0' - help: 'auth url for connecting to neutron in admin context' - - - name: neutron_api_insecure - type: boolean - default: False - help: 'if set, ignore any SSL validation issues' - - - name: neutron_auth_strategy - type: string - default: 'keystone' - help: 'auth strategy for connecting to neutron in admin context' - - - name: neutron_ovs_bridge - type: string - default: 'br-int' - help: 'Name of Integration Bridge used by Open vSwitch' - - - name: neutron_extension_sync_interval - type: integer - default: 600 - help: 'Number of seconds before querying neutron for extensions' - - - name: neutron_ca_certificates_file - type: string - default: ~ - help: 'Location of ca certicates file to use for neutronclient requests.' - - - name: dhcp_options_enabled - type: boolean - default: False - help: 'Use per-port DHCP options with Neutron' - - - name: network_topic - type: string - default: 'network' - help: 'the topic network nodes listen on' - - - name: multi_host - type: boolean - default: False - help: 'Default value for multi_host in networks. Also, if set, some rpc network calls will be sent directly to host.' - - - name: security_group_api - type: string - default: 'nova' - help: 'The full class name of the security API class' - - - name: buckets_path - type: string - default: '$state_path/buckets' - help: 'path to s3 buckets' - - - name: s3_listen - type: string - default: '0.0.0.0' - help: 'IP address for S3 API to listen' - - - name: s3_listen_port - type: integer - default: 3333 - help: 'port for s3 api to listen' - - - name: sqlite_db - type: string - default: 'nova.sqlite' - help: 'the filename to use with sqlite' - - - name: sqlite_synchronous - type: boolean - default: True - help: 'If true, use synchronous mode for sqlite' - - - name: backdoor_port - type: string - default: ~ - help: "Enable eventlet backdoor. Acceptable values are 0, and :, where 0 results in listening on a random tcp port number, results in listening on the specified port number and not enabling backdoorif it is in use and : results in listening on the smallest unused port number within the specified range of port numbers. The chosen port is displayed in the service's log file." - - - name: disable_process_locking - type: boolean - default: False - help: 'Whether to disable inter-process locks' - - - name: lock_path - type: string - default: ~ - help: 'Directory to use for lock files.' - - - name: debug - type: boolean - default: False - help: 'Print debugging output' - - - name: verbose - type: boolean - default: False - help: 'Print more verbose output' - - - name: use_stderr - type: boolean - default: True - help: 'Log output to standard error' - - - name: logging_context_format_string - type: string - default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s' - help: 'format string to use for log messages with context' - - - name: logging_default_format_string - type: string - default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s' - help: 'format string to use for log messages without context' - - - name: logging_debug_format_suffix - type: string - default: '%(funcName)s %(pathname)s:%(lineno)d' - help: 'data to append to log format when level is DEBUG' - - - name: logging_exception_prefix - type: string - default: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' - help: 'prefix each line of exception output with this format' - - - name: default_log_levels - type: list - default: 'amqplibWARN,sqlalchemyWARN,botoWARN,sudsINFO,keystoneINFO,eventlet.wsgi.serverWARN' - help: 'list of logger=LEVEL pairs' - - - name: publish_errors - type: boolean - default: False - help: 'publish error events' - - - name: fatal_deprecations - type: boolean - default: False - help: 'make deprecations fatal' - - - name: instance_format - type: string - default: '"[instance: %(uuid)s] "' - help: 'If an instance is passed with the log message, format it like this' - - - name: instance_uuid_format - type: string - default: '"[instance: %(uuid)s] "' - help: 'If an instance UUID is passed with the log message, format it like this' - - - name: log_config - type: string - default: ~ - help: 'If this option is specified, the logging configuration file specified is used and overrides any other logging options specified. Please see the Python logging module documentation for details on logging configuration files.' - - - name: log_format - type: string - default: ~ - help: 'DEPRECATED. A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes. This option is deprecated. Please use logging_context_format_string and logging_default_format_string instead.' - - - name: log_date_format - type: string - default: '%Y-%m-%d %H:%M:%S' - help: 'Format string for %%(asctime)s in log records. Default: %(default)s' - - - name: log_file - type: string - default: ~ - help: '(Optional) Name of log file to output to. If no default is set, logging will go to stdout.' - - - name: log_dir - type: string - default: ~ - help: '(Optional) The base directory used for relative --log-file paths' - - - name: use_syslog - type: boolean - default: False - help: 'Use syslog for logging.' - - - name: syslog_log_facility - type: string - default: 'LOG_USER' - help: 'syslog facility to receive log lines' - - - name: memcached_servers - type: list - default: ~ - help: 'Memcached servers or None for in process cache.' - - - name: notification_driver - type: multi - default: '' - help: 'Driver or drivers to handle sending notifications' - - - name: default_notification_level - type: string - default: 'INFO' - help: 'Default notification level for outgoing notifications' - - - name: default_publisher_id - type: string - default: ~ - help: 'Default publisher_id for outgoing notifications' - - - name: notification_topics - type: list - default: 'notifications' - help: 'AMQP topic used for OpenStack notifications' - - - name: run_external_periodic_tasks - type: boolean - default: True - help: 'Some periodic tasks can be run in a separate process. Should we run them here?' - - - name: rpc_backend - type: string - default: 'nova.openstack.common.rpc.impl_kombu' - help: 'The messaging module to use, defaults to kombu.' - - - name: rpc_thread_pool_size - type: integer - default: 64 - help: 'Size of RPC thread pool' - - - name: rpc_conn_pool_size - type: integer - default: 30 - help: 'Size of RPC connection pool' - - - name: rpc_response_timeout - type: integer - default: 60 - help: 'Seconds to wait for a response from call or multicall' - - - name: rpc_cast_timeout - type: integer - default: 30 - help: 'Seconds to wait before a cast expires' - - - name: allowed_rpc_exception_modules - type: list - default: 'nova.exception,cinder.exception,exceptions' - help: 'Modules of exceptions that are permitted to be recreatedupon receiving exception data from an rpc call.' - - - name: fake_rabbit - type: boolean - default: False - help: 'If passed, use a fake RabbitMQ provider' - - - name: control_exchange - type: string - default: 'openstack' - help: 'AMQP exchange to connect to if using RabbitMQ or Qpid' - - - name: amqp_durable_queues - type: boolean - default: False - help: 'Use durable queues in amqp.' - - - name: amqp_auto_delete - type: boolean - default: False - help: 'Auto-delete queues in amqp.' - - - name: kombu_ssl_version - type: string - default: '' - help: 'SSL version to use' - - - name: kombu_ssl_keyfile - type: string - default: '' - help: 'SSL key file' - - - name: kombu_ssl_certfile - type: string - default: '' - help: 'SSL cert file' - - - name: kombu_ssl_ca_certs - type: string - default: '' - help: 'SSL certification authority file' - - - name: rabbit_host - type: string - default: 'localhost' - help: 'The RabbitMQ broker address where a single node is used' - - - name: rabbit_port - type: integer - default: 5672 - help: 'The RabbitMQ broker port where a single node is used' - - - name: rabbit_hosts - type: list - default: '$rabbit_host:$rabbit_port' - help: 'RabbitMQ HA cluster host:port pairs' - - - name: rabbit_use_ssl - type: boolean - default: False - help: 'connect over SSL for RabbitMQ' - - - name: rabbit_userid - type: string - default: 'guest' - help: 'the RabbitMQ userid' - - - name: rabbit_password - type: string - default: 'guest' - help: 'the RabbitMQ password' - - - name: rabbit_virtual_host - type: string - default: '/' - help: 'the RabbitMQ virtual host' - - - name: rabbit_retry_interval - type: integer - default: 1 - help: 'how frequently to retry connecting with RabbitMQ' - - - name: rabbit_retry_backoff - type: integer - default: 2 - help: 'how long to backoff for between retries when connecting to RabbitMQ' - - - name: rabbit_max_retries - type: integer - default: 0 - help: 'maximum retries with trying to connect to RabbitMQ' - - - name: rabbit_ha_queues - type: boolean - default: False - help: 'use H/A queues in RabbitMQ' - - - name: qpid_hostname - type: string - default: 'localhost' - help: 'Qpid broker hostname' - - - name: qpid_port - type: integer - default: 5672 - help: 'Qpid broker port' - - - name: qpid_hosts - type: list - default: '$qpid_hostname:$qpid_port' - help: 'Qpid HA cluster host:port pairs' - - - name: qpid_username - type: string - default: '' - help: 'Username for qpid connection' - - - name: qpid_password - type: string - default: '' - help: 'Password for qpid connection' - - - name: qpid_sasl_mechanisms - type: string - default: '' - help: 'Space separated list of SASL mechanisms to use for auth' - - - name: qpid_heartbeat - type: integer - default: 60 - help: 'Seconds between connection keepalive heartbeats' - - - name: qpid_protocol - type: string - default: 'tcp' - help: "Transport to use, either 'tcp' or 'ssl'" - - - name: qpid_tcp_nodelay - type: boolean - default: True - help: 'Disable Nagle algorithm' - - - name: qpid_topology_version - type: integer - default: 1 - help: 'The qpid topology version to use. Version 1 is what was originally used by impl_qpid. Version 2 includes some backwards-incompatible changes that allow broker federation to work. Users should update to version 2 when they are able to take everything down, as it requires a clean break.' - - - name: rpc_zmq_bind_address - type: string - default: '*' - help: 'ZeroMQ bind address. Should be a wildcard' - - - name: rpc_zmq_matchmaker - type: string - default: 'nova.openstack.common.rpc.matchmaker.MatchMakerLocalhost' - help: 'MatchMaker driver' - - - name: rpc_zmq_port - type: integer - default: 9501 - help: 'ZeroMQ receiver listening port' - - - name: rpc_zmq_contexts - type: integer - default: 1 - help: 'Number of ZeroMQ contexts, defaults to 1' - - - name: rpc_zmq_topic_backlog - type: integer - default: ~ - help: 'Maximum number of ingress messages to locally buffer per topic. Default is unlimited.' - - - name: rpc_zmq_ipc_dir - type: string - default: '/var/run/openstack' - help: 'Directory for holding IPC sockets' - - - name: rpc_zmq_host - type: string - default: 'nova' - help: "Name of this node. Must be a valid hostname, FQDN, or IP address. Must match 'host' option, if running nova." - - - name: matchmaker_heartbeat_freq - type: integer - default: 300 - help: 'Heartbeat frequency' - - - name: matchmaker_heartbeat_ttl - type: integer - default: 600 - help: 'Heartbeat time-to-live.' - - - name: pci_alias - type: multi - default: '' - help: "An alias for a PCI passthrough device requirement. This allows users to specify the alias in the extra_spec for a flavor, without needing to repeat all the PCI property requirements. For example: pci_alias = { 'name': 'QuicAssist', 'product_id': '0443', 'vendor_id': '8086', 'device_type': 'ACCEL' } defines an alias for the Intel QuickAssist card." - - - name: pci_passthrough_whitelist - type: multi - default: '' - help: "White list of PCI devices available to VMs. For example: pci_passthrough_whitelist = [{'vendor_id': '8086', 'product_id': '0443'}]" - - - name: scheduler_host_manager - type: string - default: 'nova.scheduler.host_manager.HostManager' - help: 'The scheduler host manager class to use' - - - name: scheduler_max_attempts - type: integer - default: 3 - help: 'Maximum number of attempts to schedule an instance' - - - name: scheduler_host_subset_size - type: integer - default: 1 - help: 'New instances will be scheduled on a host chosen randomly from a subset of the N best hosts. This property defines the subset size that a host is chosen from. A value of 1 chooses the first host returned by the weighing functions. This value must be at least 1. Any value less than 1 will be ignored, and 1 will be used instead' - - - name: cpu_allocation_ratio - type: float - default: 16.0 - help: 'Virtual CPU to physical CPU allocation ratio which affects all CPU filters. This configuration specifies a global ratio for CoreFilter. For AggregateCoreFilter, it will fall back to this configuration value if no per-aggregate setting found.' - - - name: disk_allocation_ratio - type: float - default: 1.0 - help: 'virtual disk to physical disk allocation ratio' - - - name: max_io_ops_per_host - type: integer - default: 8 - help: 'Ignore hosts that have too many builds/resizes/snaps/migrations' - - - name: isolated_images - type: list - default: '' - help: 'Images to run on isolated host' - - - name: isolated_hosts - type: list - default: '' - help: 'Host reserved for specific images' - - - name: restrict_isolated_hosts_to_isolated_images - type: boolean - default: True - help: 'Whether to force isolated hosts to run only isolated images' - - - name: max_instances_per_host - type: integer - default: 50 - help: 'Ignore hosts that have too many instances' - - - name: ram_allocation_ratio - type: float - default: 1.5 - help: 'Virtual ram to physical ram allocation ratio which affects all ram filters. This configuration specifies a global ratio for RamFilter. For AggregateRamFilter, it will fall back to this configuration value if no per-aggregate setting found.' - - - name: scheduler_available_filters - type: multi - default: 'nova.scheduler.filters.all_filters' - help: "Filter classes available to the scheduler which may be specified more than once. An entry of 'nova.scheduler.filters.standard_filters' maps to all filters included with nova." - - - name: scheduler_default_filters - type: list - default: 'RetryFilter,AvailabilityZoneFilter,RamFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter' - help: 'Which filter class names to use for filtering hosts when not specified in the request.' - - - name: cells.scheduler_weight_classes - type: list - default: 'nova.cells.weights.all_weighers' - help: "Weigher classes the cells scheduler should use. An entry of 'nova.cells.weights.all_weighers' maps to all cell weighers included with nova_2013_1_3." - - - name: scheduler_driver - type: string - default: 'nova.scheduler.filter_scheduler.FilterScheduler' - help: 'Default driver to use for the scheduler' - - - name: scheduler_topic - type: string - default: 'scheduler' - help: 'the topic scheduler nodes listen on' - - - name: scheduler_json_config_location - type: string - default: '' - help: 'Absolute path to scheduler configuration JSON file.' - - - name: cells.ram_weight_multiplier - type: float - default: 10.0 - help: 'Multiplier used for weighing ram. Negative numbers mean to stack vs spread.' - - - name: servicegroup_driver - type: string - default: 'db' - help: 'The driver for servicegroup service' - - - name: config_drive_format - type: string - default: 'iso9660' - help: 'Config drive format. One of iso9660' - - - name: config_drive_tempdir - type: string - default: ~ - help: 'Where to put temporary files associated with config drive creation' - - - name: force_config_drive - type: string - default: ~ - help: 'Set to force injection to take place on a config drive' - - - name: mkisofs_cmd - type: string - default: 'genisoimage' - help: 'Name and optionally path of the tool used for ISO image creation' - - - name: baremetal.injected_network_template - type: string - default: '$pybasedir/nova/virt/baremetal/interfaces.template' - help: 'Template file for injected network' - - - name: virt_mkfs - type: string - default: 'windowsmkfs.ntfs --force --fast --label %(fs_label)s %(target)s' - - - name: resize_fs_using_block_device - type: boolean - default: True - help: 'Attempt to resize the filesystem by accessing the image over a block device. This is done by the host and may not be necessary if the image contains a recent version of cloud- init. Possible mechanisms require the nbd driver' - - - name: timeout_nbd - type: integer - default: 10 - help: 'time to wait for a NBD device coming up' - - - name: docker_registry_default_port - type: integer - default: 5042 - help: 'Default TCP port to find the docker-registry container' - - - name: compute_driver - type: string - default: ~ - help: 'Driver to use for controlling virtualization. Options include: libvirt.LibvirtDriver, xenapi.XenAPIDriver, fake.FakeDriver, baremetal.BareMetalDriver, vmwareapi.VMwareESXDriver, vmwareapi.VMwareVCDriver' - - - name: default_ephemeral_format - type: string - default: ~ - help: 'The default format an ephemeral_volume will be formatted with on creation.' - - - name: preallocate_images - type: string - default: 'none' - help: "VM image preallocation mode: 'none' => no storage provisioning is done up front, 'space' => storage is fully allocated at instance start" - - - name: use_cow_images - type: boolean - default: True - help: 'Whether to use cow images' - - - name: firewall_driver - type: string - default: ~ - help: 'Firewall driver' - - - name: allow_same_net_traffic - type: boolean - default: True - help: 'Whether to allow network traffic from same network' - - - name: force_raw_images - type: boolean - default: True - help: 'Force backing images to raw format' - - - name: rescue_image_id - type: string - default: ~ - help: 'Rescue ami image' - - - name: rescue_kernel_id - type: string - default: ~ - help: 'Rescue aki image' - - - name: rescue_ramdisk_id - type: string - default: ~ - help: 'Rescue ari image' - - - name: libvirt_type - type: string - default: 'kvm' - help: 'Libvirt domain type' - - - name: libvirt_uri - type: string - default: '' - help: 'Override the default libvirt URI' - - - name: libvirt_inject_password - type: boolean - default: False - help: 'Inject the admin password at boot time, without an agent.' - - - name: libvirt_inject_key - type: boolean - default: True - help: 'Inject the ssh public key at boot time' - - - name: libvirt_inject_partition - type: integer - default: 1 - help: 'The partition to inject to : -2 => disable, -1 => inspect' - - - name: use_usb_tablet - type: boolean - default: True - help: 'Sync virtual and real mouse cursors in Windows VMs' - - - name: live_migration_uri - type: string - default: 'qemu+tcp://%s/system' - help: 'Migration target URI' - - - name: live_migration_flag - type: string - default: 'VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER' - help: 'Migration flags to be set for live migration' - - - name: block_migration_flag - type: string - default: 'VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER, VIR_MIGRATE_NON_SHARED_INC' - help: 'Migration flags to be set for block migration' - - - name: live_migration_bandwidth - type: integer - default: 0 - help: 'Maximum bandwidth to be used during migration, in Mbps' - - - name: snapshot_image_format - type: string - default: ~ - help: 'Snapshot image format' - - - name: libvirt_vif_driver - type: string - default: 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver' - help: 'The libvirt VIF driver to configure the VIFs.' - - - name: libvirt_volume_drivers - type: list - default: 'iscsinova.virt.libvirt.volume.LibvirtISCSIVolumeDriver,isernova.virt.libvirt.volume.LibvirtISERVolumeDriver,localnova.virt.libvirt.volume.LibvirtVolumeDriver,fakenova.virt.libvirt.volume.LibvirtFakeVolumeDriver,rbdnova.virt.libvirt.volume.LibvirtNetVolumeDriver,sheepdognova.virt.libvirt.volume.LibvirtNetVolumeDriver,nfsnova.virt.libvirt.volume.LibvirtNFSVolumeDriver,aoenova.virt.libvirt.volume.LibvirtAOEVolumeDriver,glusterfsnova.virt.libvirt.volume.LibvirtGlusterfsVolumeDriver,fibre_channelnova.virt.libvirt.volume.LibvirtFibreChannelVolumeDriver,scalitynova.virt.libvirt.volume.LibvirtScalityVolumeDriver' - help: 'Libvirt handlers for remote volumes.' - - - name: libvirt_disk_prefix - type: string - default: ~ - help: 'Override the default disk prefix for the devices attached to a server, which is dependent on libvirt_type.' - - - name: libvirt_wait_soft_reboot_seconds - type: integer - default: 120 - help: 'Number of seconds to wait for instance to shut down after soft reboot request is made. We fall back to hard reboot if instance does not shutdown within this window.' - - - name: libvirt_nonblocking - type: boolean - default: True - help: 'Use a separated OS thread pool to realize non-blocking libvirt calls' - - - name: libvirt_cpu_mode - type: string - default: ~ - help: "Set to 'host-model' to clone the host CPU feature flags; to 'host-passthrough' to use the host CPU model exactly; to 'custom' to use a named CPU model; to 'none' to not set any CPU model. If libvirt_type='kvm|qemu', it will default to 'host-model', otherwise it will default to 'none'" - - - name: libvirt_cpu_model - type: string - default: ~ - help: 'Set to a named libvirt CPU model' - - - name: libvirt_snapshots_directory - type: string - default: '$instances_path/snapshots' - help: 'Location where libvirt driver will store snapshots before uploading them to image service' - - - name: xen_hvmloader_path - type: string - default: '/usr/lib/xen/boot/hvmloader' - help: 'Location where the Xen hvmloader is kept' - - - name: disk_cachemodes - type: list - default: '' - help: "Specific cachemodes to use for different disk types e.g: ['file=directsync','block=none']" - - - name: vcpu_pin_set - type: string - default: ~ - help: "Which pcpus can be used by vcpus of instance e.g: '4-12,^8,15'" - - - name: libvirt_images_type - type: string - default: 'default' - help: 'VM Images format. Acceptable values are: raw, qcow2, lvm,rbd, default. If default is specified, then use_cow_images flag is used instead of this one.' - - - name: libvirt_images_volume_group - type: string - default: ~ - help: 'LVM Volume Group that is used for VM images, when you specify libvirt_images_type=lvm.' - - - name: libvirt_sparse_logical_volumes - type: boolean - default: False - help: 'Create sparse logical volumes' - - - name: libvirt_lvm_snapshot_size - type: integer - default: 1000 - help: 'The amount of storage' - - - name: libvirt_images_rbd_pool - type: string - default: 'rbd' - help: 'the RADOS pool in which rbd volumes are stored' - - - name: libvirt_images_rbd_ceph_conf - type: string - default: '' - help: 'path to the ceph configuration file to use' - - - name: base_dir_name - type: string - default: '_base' - help: 'Where cached images are stored under $instances_path.This is NOT the full path - just a folder name.For per-compute-host cached images, set to _base_$my_ip' - - - name: image_info_filename_pattern - type: string - default: '$instances_path/$base_dir_name/%(image)s.info' - help: 'Allows image information files to be stored in non-standard locations' - - - name: remove_unused_base_images - type: boolean - default: True - help: 'Should unused base images be removed?' - - - name: remove_unused_kernels - type: boolean - default: False - help: 'Should unused kernel images be removed? This is only safe to enable if all compute nodes have been updated to support this option. This will enabled by default in future.' - - - name: remove_unused_resized_minimum_age_seconds - type: integer - default: 3600 - help: 'Unused resized base images younger than this will not be removed' - - - name: remove_unused_original_minimum_age_seconds - type: integer - default: 86400 - help: 'Unused unresized base images younger than this will not be removed' - - - name: checksum_base_images - type: boolean - default: False - help: 'Write a checksum for files in _base to disk' - - - name: checksum_interval_seconds - type: integer - default: 3600 - help: 'How frequently to checksum base images' - - - name: libvirt_snapshot_compression - type: boolean - default: False - help: 'Compress snapshot images when possible. This currently applies exclusively to qcow2 images' - - - name: libvirt_ovs_bridge - type: string - default: 'br-int' - help: 'Name of Integration Bridge used by Open vSwitch' - - - name: libvirt_use_virtio_for_bridges - type: boolean - default: True - help: 'Use virtio for bridge interfaces with KVM/QEMU' - - - name: num_iscsi_scan_tries - type: integer - default: 3 - help: 'number of times to rescan iSCSI target to find volume' - - - name: num_iser_scan_tries - type: integer - default: 3 - help: 'number of times to rescan iSER target to find volume' - - - name: rbd_user - type: string - default: ~ - help: 'the RADOS client name for accessing rbd volumes' - - - name: rbd_secret_uuid - type: string - default: ~ - help: 'the libvirt uuid of the secret for the rbd_uservolumes' - - - name: nfs_mount_point_base - type: string - default: '$state_path/mnt' - help: 'Dir where the nfs volume is mounted on the compute node' - - - name: nfs_mount_options - type: string - default: ~ - help: 'Mount options passed to the nfs client. See section of the nfs man page for details' - - - name: num_aoe_discover_tries - type: integer - default: 3 - help: 'number of times to rediscover AoE target to find volume' - - - name: glusterfs_mount_point_base - type: string - default: '$state_path/mnt' - help: 'Dir where the glusterfs volume is mounted on the compute node' - - - name: libvirt_iscsi_use_multipath - type: boolean - default: False - help: 'use multipath connection of the iSCSI volume' - - - name: libvirt_iser_use_multipath - type: boolean - default: False - help: 'use multipath connection of the iSER volume' - - - name: scality_sofs_config - type: string - default: ~ - help: 'Path or URL to Scality SOFS configuration file' - - - name: scality_sofs_mount_point - type: string - default: '$state_path/scality' - help: 'Base dir where Scality SOFS shall be mounted' - - - name: qemu_allowed_storage_drivers - type: list - default: '' - help: 'Protocols listed here will be accessed directly from QEMU. Currently supported protocols: [gluster]' - - - name: powervm_mgr_type - type: string - default: 'ivm' - help: 'PowerVM manager type' - - - name: powervm_mgr - type: string - default: ~ - help: 'PowerVM manager host or ip' - - - name: powervm_mgr_user - type: string - default: ~ - help: 'PowerVM manager user name' - - - name: powervm_mgr_passwd - type: string - default: ~ - help: 'PowerVM manager user password' - - - name: powervm_img_remote_path - type: string - default: '/home/padmin' - help: 'PowerVM image remote path where images will be moved. Make sure this path can fit your biggest image in glance' - - - name: powervm_img_local_path - type: string - default: '/tmp' - help: 'Local directory to download glance images to. Make sure this path can fit your biggest image in glance' - - - name: agent_timeout - type: integer - default: 30 - help: 'number of seconds to wait for agent reply' - - - name: agent_version_timeout - type: integer - default: 300 - help: 'number of seconds to wait for agent to be fully operational' - - - name: agent_resetnetwork_timeout - type: integer - default: 60 - help: 'number of seconds to wait for agent reply to resetnetwork request' - - - name: xenapi_agent_path - type: string - default: 'usr/sbin/xe-update-networking' - help: 'Specifies the path in which the xenapi guest agent should be located. If the agent is present, network configuration is not injected into the image. Used if compute_driver=xenapi.XenAPIDriver and flat_injected=True' - - - name: xenapi_disable_agent - type: boolean - default: False - help: 'Disables the use of the XenAPI agent in any image regardless of what image properties are present. ' - - - name: xenapi_use_agent_default - type: boolean - default: False - help: "Determines if the xenapi agent should be used when the image used does not contain a hint to declare if the agent is present or not. The hint is a glance property 'xenapi_use_agent' that has the value 'true' or 'false'. Note that waiting for the agent when it is not present will significantly increase server boot times." - - - name: xenapi_connection_url - type: string - default: ~ - help: 'URL for connection to XenServer/Xen Cloud Platform. A special value of unix://local can be used to connect to the local unix socket. Required if compute_driver=xenapi.XenAPIDriver' - - - name: xenapi_connection_username - type: string - default: 'root' - help: 'Username for connection to XenServer/Xen Cloud Platform. Used only if compute_driver=xenapi.XenAPIDriver' - - - name: xenapi_connection_password - type: string - default: ~ - help: 'Password for connection to XenServer/Xen Cloud Platform. Used only if compute_driver=xenapi.XenAPIDriver' - - - name: xenapi_connection_concurrent - type: integer - default: 5 - help: 'Maximum number of concurrent XenAPI connections. Used only if compute_driver=xenapi.XenAPIDriver' - - - name: xenapi_vhd_coalesce_poll_interval - type: float - default: 5.0 - help: 'The interval used for polling of coalescing vhds. Used only if compute_driver=xenapi.XenAPIDriver' - - - name: xenapi_check_host - type: boolean - default: True - help: 'Ensure compute service is running on host XenAPI connects to.' - - - name: xenapi_vhd_coalesce_max_attempts - type: integer - default: 5 - help: 'Max number of times to poll for VHD to coalesce. Used only if compute_driver=xenapi.XenAPIDriver' - - - name: xenapi_sr_base_path - type: string - default: '/var/run/sr-mount' - help: 'Base path to the storage repository' - - - name: target_host - type: string - default: ~ - help: 'iSCSI Target Host' - - - name: target_port - type: string - default: '3260' - help: 'iSCSI Target Port, 3260 Default' - - - name: iqn_prefix - type: string - default: 'iqn.2010-10.org.openstack' - help: 'IQN Prefix' - - - name: xenapi_remap_vbd_dev - type: boolean - default: False - help: 'Used to enable the remapping of VBD dev' - - - name: xenapi_remap_vbd_dev_prefix - type: string - default: 'sd' - help: 'Specify prefix to remap VBD dev to' - - - name: xenapi_login_timeout - type: integer - default: 10 - help: 'Timeout in seconds for XenAPI login.' - - - name: xenapi_torrent_base_url - type: string - default: ~ - help: 'Base URL for torrent files.' - - - name: xenapi_torrent_seed_chance - type: float - default: 1.0 - help: 'Probability that peer will become a seeder.' - - - name: xenapi_torrent_seed_duration - type: integer - default: 3600 - help: 'Number of seconds after downloading an image via BitTorrent that it should be seeded for other peers.' - - - name: xenapi_torrent_max_last_accessed - type: integer - default: 86400 - help: 'Cached torrent files not accessed within this number of seconds can be reaped' - - - name: xenapi_torrent_listen_port_start - type: integer - default: 6881 - help: 'Beginning of port range to listen on' - - - name: xenapi_torrent_listen_port_end - type: integer - default: 6891 - help: 'End of port range to listen on' - - - name: xenapi_torrent_download_stall_cutoff - type: integer - default: 600 - help: 'Number of seconds a download can remain at the same progress percentage w/o being considered a stall' - - - name: xenapi_torrent_max_seeder_processes_per_host - type: integer - default: 1 - help: 'Maximum number of seeder processes to run concurrently within a given dom0.' - - - name: use_join_force - type: boolean - default: True - help: 'To use for hosts with different CPUs' - - - name: xenapi_ovs_integration_bridge - type: string - default: 'xapi1' - help: 'Name of Integration Bridge used by Open vSwitch' - - - name: cache_images - type: string - default: 'all' - help: 'Cache glance images locally. `all` will cache all images, `some` will only cache images that have the image_property `cache_in_nova=True`, and `none` turns off caching entirely' - - - name: xenapi_image_compression_level - type: integer - default: ~ - help: 'Compression level for images, e.g., 9 for gzip -9. Range is 1-9, 9 being most compressed but most CPU intensive on dom0.' - - - name: default_os_type - type: string - default: 'linux' - help: 'Default OS type' - - - name: block_device_creation_timeout - type: integer - default: 10 - help: 'Time to wait for a block device to be created' - - - name: max_kernel_ramdisk_size - type: integer - default: 16777216 - help: 'Maximum size in bytes of kernel or ramdisk images' - - - name: sr_matching_filter - type: string - default: 'default-sr:true' - help: 'Filter for finding the SR to be used to install guest instances on. To use the Local Storage in default XenServer/XCP installations set this flag to other-config :i18n-key=local-storage. To select an SR with a different matching criteria, you could set it to other- config:my_favorite_sr=true. On the other hand, to fall back on the Default SR, as displayed by XenCenter, set this flag to: default-sr:true' - - - name: xenapi_sparse_copy - type: boolean - default: True - help: 'Whether to use sparse_copy for copying data on a resize down' - - - name: xenapi_num_vbd_unplug_retries - type: integer - default: 10 - help: 'Maximum number of retries to unplug VBD' - - - name: xenapi_torrent_images - type: string - default: 'none' - help: 'Whether or not to download images via Bit Torrent' - - - name: xenapi_ipxe_network_name - type: string - default: ~ - help: 'Name of network to use for booting iPXE ISOs' - - - name: xenapi_ipxe_boot_menu_url - type: string - default: ~ - help: 'URL to the iPXE boot menu' - - - name: xenapi_ipxe_mkisofs_cmd - type: string - default: 'mkisofs' - help: 'Name and optionally path of the tool used for ISO image creation' - - - name: xenapi_running_timeout - type: integer - default: 60 - help: 'number of seconds to wait for instance to go to running state' - - - name: xenapi_vif_driver - type: string - default: 'nova.virt.xenapi.vif.XenAPIBridgeDriver' - help: 'The XenAPI VIF driver using XenServer Network APIs.' - - - name: xenapi_image_upload_handler - type: string - default: 'nova.virt.xenapi.image.glance.GlanceStore' - help: 'Dom0 plugin driver used to handle image uploads.' - - - name: novncproxy_base_url - type: string - default: 'http://127.0.0.1:6080/vnc_auto.html' - help: "location of vnc console proxy, in the form 'http://127.0.0.1:6080/vnc_auto.html'" - - - name: xvpvncproxy_base_url - type: string - default: 'http://127.0.0.1:6081/console' - help: "location of nova xvp vnc console proxy, in the form 'http://127.0.0.1:6081/console'" - - - name: vncserver_listen - type: string - default: '127.0.0.1' - help: 'IP address on which instance vncservers should listen' - - - name: vncserver_proxyclient_address - type: string - default: '127.0.0.1' - help: 'the address to which proxy clients' - - - name: vnc_enabled - type: boolean - default: True - help: 'enable vnc related features' - - - name: vnc_keymap - type: string - default: 'en-us' - help: 'keymap for vnc' - - - name: xvpvncproxy_port - type: integer - default: 6081 - help: 'Port that the XCP VNC proxy should bind to' - - - name: xvpvncproxy_host - type: string - default: '0.0.0.0' - help: 'Address that the XCP VNC proxy should bind to' - - - name: volume_api_class - type: string - default: 'nova.volume.cinder.API' - help: 'The full class name of the volume API class to use' - - - name: cinder_catalog_info - type: string - default: 'volume:cinder:publicURL' - help: 'Info to match when looking for cinder in the service catalog. Format is : separated values of the form: ::' - - - name: cinder_endpoint_template - type: string - default: ~ - help: 'Override service catalog lookup with template for cinder endpoint e.g. http://localhost:8776/v1/%(project_id)s' - - - name: os_region_name - type: string - default: ~ - help: 'region name of this node' - - - name: cinder_ca_certificates_file - type: string - default: ~ - help: 'Location of ca certicates file to use for cinder client requests.' - - - name: cinder_http_retries - type: integer - default: 3 - help: 'Number of cinderclient retries on failed http calls' - - - name: cinder_api_insecure - type: boolean - default: False - help: 'Allow to perform insecure SSL requests to cinder' - - - name: cinder_cross_az_attach - type: boolean - default: True - help: 'Allow attach between instance and volume in different availability zones.' - - - name: baremetal.sql_connection - type: string - default: 'sqlite:///$state_path/baremetal_$sqlite_db' - help: 'The SQLAlchemy connection string used to connect to the bare-metal database' - - - name: hyperv.instances_path_share - type: string - default: '' - help: "The name of a Windows share name mapped to the 'instances_path' dir and used by the resize feature to copy files to the target host. If left blank, an administrative share will be used, looking for the same 'instances_path' used locally" - - - name: hyperv.force_hyperv_utils_v1 - type: boolean - default: False - help: 'Force V1 WMI utility classes' - - - name: hyperv.force_volumeutils_v1 - type: boolean - default: False - help: 'Force V1 volume utility class' - - - name: hyperv.vswitch_name - type: string - default: ~ - help: 'External virtual switch Name, if not provided, the first external virtual switch is used' - - - name: hyperv.limit_cpu_features - type: boolean - default: False - help: 'Required for live migration among hosts with different CPU features' - - - name: hyperv.config_drive_inject_password - type: boolean - default: False - help: 'Sets the admin password in the config drive image' - - - name: hyperv.qemu_img_cmd - type: string - default: 'qemu-img.exe' - help: 'qemu-img is used to convert between different image types' - - - name: hyperv.config_drive_cdrom - type: boolean - default: False - help: 'Attaches the Config Drive image as a cdrom drive instead of a disk drive' - - - name: hyperv.enable_instance_metrics_collection - type: boolean - default: False - help: "Enables metrics collections for an instance by using Hyper-V's metric APIs. Collected data can by retrieved by other apps and services, e.g.: Ceilometer. Requires Hyper-V / Windows Server 2012 and above" - - - name: hyperv.dynamic_memory_ratio - type: float - default: 1.0 - help: 'Enables dynamic memory allocation' - - - name: hyperv.volume_attach_retry_count - type: integer - default: 10 - help: 'The number of times to retry to attach a volume' - - - name: hyperv.volume_attach_retry_interval - type: integer - default: 5 - help: 'Interval between volume attachment attempts, in seconds' - - - name: zookeeper.address - type: string - default: ~ - help: 'The ZooKeeper addresses for servicegroup service in the format of host1:port,host2:port,host3:port' - - - name: zookeeper.recv_timeout - type: integer - default: 4000 - help: 'recv_timeout parameter for the zk session' - - - name: zookeeper.sg_prefix - type: string - default: '/servicegroups' - help: 'The prefix used in ZooKeeper to store ephemeral nodes' - - - name: zookeeper.sg_retry_interval - type: integer - default: 5 - help: 'Number of seconds to wait until retrying to join the session' - - - name: spice.enabled - type: boolean - default: False - help: 'enable spice related features' - - - name: osapi_v3.extensions_blacklist - type: list - default: '' - help: 'A list of v3 API extensions to never load. Specify the extension aliases here.' - - - name: osapi_v3.extensions_whitelist - type: list - default: '' - help: 'If the list is not empty then a v3 API extension will only be loaded if it exists in this list. Specify the extension aliases here.' - - - name: conductor.use_local - type: boolean - default: False - help: 'Perform nova-conductor operations locally' - - - name: cells.topic - type: string - default: 'cells' - help: 'the topic cells nodes listen on' - - - name: cells.manager - type: string - default: 'nova.cells.manager.CellsManager' - help: 'Manager for cells' - - - name: conductor.workers - type: integer - default: ~ - help: 'Number of workers for OpenStack Conductor service' - - - name: keymgr.api_class - type: string - default: 'nova.keymgr.conf_key_mgr.ConfKeyManager' - help: 'The full class name of the key manager API class' - - - name: keymgr.fixed_key - type: string - default: ~ - help: 'Fixed key returned by key manager, specified in hex' - - - name: baremetal.driver - type: string - default: 'nova.virt.baremetal.pxe.PXE' - help: 'Baremetal driver back-end' - - - name: cells.instance_updated_at_threshold - type: integer - default: 3600 - help: 'Number of seconds after an instance was updated or deleted to continue to update cells' - - - name: cells.instance_update_num_instances - type: integer - default: 1 - help: 'Number of instances to update per periodic task run' - - - name: cells.max_hop_count - type: integer - default: 10 - help: 'Maximum number of hops for cells routing.' - - - name: upgrade_levels.scheduler - type: string - default: ~ - help: 'Set a version cap for messages sent to scheduler services' - - - name: cells.enable - type: boolean - default: False - help: 'Enable cell functionality' - - - name: cells.name - type: string - default: 'nova' - help: 'name of this cell' - - - name: cells.capabilities - type: list - default: 'hypervisorxenserver;kvm,oslinux;windows' - help: 'Key/Multi-value list with the capabilities of the cell' - - - name: cells.call_timeout - type: integer - default: 60 - help: 'Seconds to wait for response from a call to a cell.' - - - name: cells.reserve_percent - type: float - default: 10.0 - help: 'Percentage of cell capacity to hold in reserve. Affects both memory and disk utilization' - - - name: cells.cell_type - type: string - default: ~ - help: 'Type of cell: api or compute' - - - name: cells.mute_child_interval - type: integer - default: 300 - help: 'Number of seconds after which a lack of capability and capacity updates signals the child cell is to be treated as a mute.' - - - name: cells.bandwidth_update_interval - type: integer - default: 600 - help: 'Seconds between bandwidth updates for cells.' - - - name: cells.rpc_driver_queue_base - type: string - default: 'cells.intercell' - help: 'Base queue name to use when communicating between cells. Various topics by message type will be appended to this.' - - - name: cells.scheduler_filter_classes - type: list - default: 'nova.cells.filters.all_filters' - help: "Filter classes the cells scheduler should use. An entry of 'nova.cells.filters.all_filters' maps to all cells filters included with nova_2013_1_3." - - - name: cells.scheduler_retries - type: integer - default: 10 - help: 'How many retries when no cells are available.' - - - name: cells.scheduler_retry_delay - type: integer - default: 2 - help: 'How often to retry in seconds when no cells are available.' - - - name: cells.db_check_interval - type: integer - default: 60 - help: 'Seconds between getting fresh cell info from db.' - - - name: cells.cells_config - type: string - default: ~ - help: 'Configuration file from which to read cells configuration. If given, overrides reading cells from the database.' - - - name: cells.mute_weight_multiplier - type: float - default: -10.0 - help: 'Multiplier used to weigh mute children. ' - - - name: cells.mute_weight_value - type: float - default: 1000.0 - help: 'Weight value assigned to mute children. ' - - - name: database.backend - type: string - default: 'sqlalchemy' - help: 'The backend to use for db' - - - name: database.use_tpool - type: boolean - default: False - help: 'Enable the experimental use of thread pooling for all DB API calls' - - - name: database.connection - type: string - default: 'sqlite:////nova/openstack/common/db/$sqlite_db' - help: 'The SQLAlchemy connection string used to connect to the database' - - - name: database.slave_connection - type: string - default: '' - help: 'The SQLAlchemy connection string used to connect to the slave database' - - - name: database.idle_timeout - type: integer - default: 3600 - help: 'timeout before idle sql connections are reaped' - - - name: database.min_pool_size - type: integer - default: 1 - help: 'Minimum number of SQL connections to keep open in a pool' - - - name: database.max_pool_size - type: integer - default: ~ - help: 'Maximum number of SQL connections to keep open in a pool' - - - name: database.max_retries - type: integer - default: 10 - help: 'maximum db connection retries during startup.' - - - name: database.retry_interval - type: integer - default: 10 - help: 'interval between retries of opening a sql connection' - - - name: database.max_overflow - type: integer - default: ~ - help: 'If set, use this value for max_overflow with sqlalchemy' - - - name: database.connection_debug - type: integer - default: 0 - help: 'Verbosity of SQL debugging information. 0=None, 100=Everything' - - - name: database.connection_trace - type: boolean - default: False - help: 'Add python stack traces to SQL as comment strings' - - - name: database.pool_timeout - type: integer - default: ~ - help: 'If set, use this value for pool_timeout with sqlalchemy' - - - name: image_file_url.filesystems - type: list - default: '' - help: 'A list of filesystems that will be configured in this file under the sections image_file_url:' - - - name: baremetal.db_backend - type: string - default: 'sqlalchemy' - help: 'The backend to use for bare-metal database' - - - name: baremetal.inject_password - type: boolean - default: True - help: 'Whether baremetal compute injects password or not' - - - name: baremetal.vif_driver - type: string - default: 'nova.virt.baremetal.vif_driver.BareMetalVIFDriver' - help: 'Baremetal VIF driver.' - - - name: baremetal.volume_driver - type: string - default: 'nova.virt.baremetal.volume_driver.LibvirtVolumeDriver' - help: 'Baremetal volume driver.' - - - name: baremetal.instance_type_extra_specs - type: list - default: '' - help: "a list of additional capabilities corresponding to instance_type_extra_specs for this compute host to advertise. Valid entries are name=value, pairsFor example, 'key1:val1, key2:val2'" - - - name: baremetal.power_manager - type: string - default: 'nova.virt.baremetal.ipmi.IPMI' - help: 'Baremetal power management method' - - - name: baremetal.tftp_root - type: string - default: '/tftpboot' - help: "Baremetal compute node's tftp root path" - - - name: baremetal.terminal - type: string - default: 'shellinaboxd' - help: 'path to baremetal terminal program' - - - name: baremetal.terminal_cert_dir - type: string - default: ~ - help: 'path to baremetal terminal SSL cert(PEM)' - - - name: baremetal.terminal_pid_dir - type: string - default: '$state_path/baremetal/console' - help: 'path to directory stores pidfiles of baremetal_terminal' - - - name: baremetal.ipmi_power_retry - type: integer - default: 5 - help: 'maximal number of retries for IPMI operations' - - - name: baremetal.deploy_kernel - type: string - default: ~ - help: 'Default kernel image ID used in deployment phase' - - - name: baremetal.deploy_ramdisk - type: string - default: ~ - help: 'Default ramdisk image ID used in deployment phase' - - - name: baremetal.net_config_template - type: string - default: '$pybasedir/nova/virt/baremetal/net-dhcp.ubuntu.template' - help: 'Template file for injected network config' - - - name: baremetal.pxe_append_params - type: string - default: ~ - help: 'additional append parameters for baremetal PXE boot' - - - name: baremetal.pxe_config_template - type: string - default: '$pybasedir/nova/virt/baremetal/pxe_config.template' - help: 'Template file for PXE configuration' - - - name: baremetal.pxe_deploy_timeout - type: integer - default: 0 - help: 'Timeout for PXE deployments. Default: 0' - - - name: baremetal.pxe_network_config - type: boolean - default: False - help: 'If set, pass the network configuration details to the initramfs via cmdline.' - - - name: baremetal.pxe_bootfile_name - type: string - default: 'pxelinux.0' - help: 'This gets passed to Neutron as the bootfile dhcp parameter when the dhcp_options_enabled is set.' - - - name: baremetal.tile_pdu_ip - type: string - default: '10.0.100.1' - help: 'ip address of tilera pdu' - - - name: baremetal.tile_pdu_mgr - type: string - default: '/tftpboot/pdu_mgr' - help: 'management script for tilera pdu' - - - name: baremetal.tile_pdu_off - type: integer - default: 2 - help: 'power status of tilera PDU is OFF' - - - name: baremetal.tile_pdu_on - type: integer - default: 1 - help: 'power status of tilera PDU is ON' - - - name: baremetal.tile_pdu_status - type: integer - default: 9 - help: 'power status of tilera PDU' - - - name: baremetal.tile_power_wait - type: integer - default: 9 - help: 'wait time in seconds until check the result after tilera power operations' - - - name: baremetal.virtual_power_ssh_host - type: string - default: '' - help: 'ip or name to virtual power host' - - - name: baremetal.virtual_power_ssh_port - type: integer - default: 22 - help: 'Port to use for ssh to virtual power host' - - - name: baremetal.virtual_power_type - type: string - default: 'virsh' - help: 'base command to use for virtual power(vbox,virsh)' - - - name: baremetal.virtual_power_host_user - type: string - default: '' - help: 'user to execute virtual power commands as' - - - name: baremetal.virtual_power_host_pass - type: string - default: '' - help: 'password for virtual power host_user' - - - name: baremetal.virtual_power_host_key - type: string - default: ~ - help: 'ssh key for virtual power host_user' - - - name: baremetal.use_unsafe_iscsi - type: boolean - default: False - help: 'Do not set this out of dev/test environments. If a node does not have a fixed PXE IP address, volumes are exported with globally opened ACL' - - - name: baremetal.iscsi_iqn_prefix - type: string - default: 'iqn.2010-10.org.openstack.baremetal' - help: 'iSCSI IQN prefix used in baremetal volume connections.' - - - name: rpc_notifier2.topics - type: list - default: 'notifications' - help: 'AMQP topic(s) used for OpenStack notifications' - - - name: matchmaker_redis.port - type: integer - default: 6379 - help: 'Use this port to connect to redis host.' - - - name: matchmaker_redis.password - type: string - default: ~ - help: 'Password for Redis server.' - - - name: ssl.cert_file - type: string - default: ~ - help: 'Certificate file to use when starting the server securely' - - - name: trusted_computing.attestation_server - type: string - default: ~ - help: 'attestation server http' - - - name: trusted_computing.attestation_server_ca_file - type: string - default: ~ - help: 'attestation server Cert file for Identity verification' - - - name: trusted_computing.attestation_port - type: string - default: '8443' - help: 'attestation server port' - - - name: trusted_computing.attestation_api_url - type: string - default: '/OpenAttestationWebServices/V1.0' - help: 'attestation web API URL' - - - name: trusted_computing.attestation_auth_blob - type: string - default: ~ - help: 'attestation authorization blob - must change' - - - name: trusted_computing.attestation_auth_timeout - type: integer - default: 60 - help: 'Attestation status cache valid period length' - - - name: upgrade_levels.baseapi - type: string - default: ~ - help: 'Set a version cap for messages sent to the base api in any service' - - - name: upgrade_levels.intercell - type: string - default: ~ - help: 'Set a version cap for messages sent between cells services' - - - name: upgrade_levels.cells - type: string - default: ~ - help: 'Set a version cap for messages sent to local cells services' - - - name: upgrade_levels.compute - type: string - default: ~ - help: 'Set a version cap for messages sent to compute services' - - - name: upgrade_levels.conductor - type: string - default: ~ - help: 'Set a version cap for messages sent to conductor services' - - - name: upgrade_levels.console - type: string - default: ~ - help: 'Set a version cap for messages sent to console services' - - - name: upgrade_levels.consoleauth - type: string - default: ~ - help: 'Set a version cap for messages sent to consoleauth services' - - - name: upgrade_levels.network - type: string - default: ~ - help: 'Set a version cap for messages sent to network services' - - - name: matchmaker_ring.ringfile - type: string - default: '/etc/oslo/matchmaker_ring.json' - help: 'Matchmaker ring file' - - - name: vmware.host_ip - type: string - default: ~ - help: 'URL for connection to VMware ESX/VC host. Required if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' - - - name: vmware.host_username - type: string - default: ~ - help: 'Username for connection to VMware ESX/VC host. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' - - - name: vmware.host_password - type: string - default: ~ - help: 'Password for connection to VMware ESX/VC host. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' - - - name: vmware.cluster_name - type: multi - default: ~ - help: 'Name of a VMware Cluster ComputeResource. Used only if compute_driver is vmwareapi.VMwareVCDriver.' - - - name: vmware.datastore_regex - type: string - default: ~ - help: 'Regex to match the name of a datastore. Used only if compute_driver is vmwareapi.VMwareVCDriver.' - - - name: vmware.task_poll_interval - type: float - default: 5.0 - help: 'The interval used for polling of remote tasks. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' - - - name: vmware.api_retry_count - type: integer - default: 10 - help: 'The number of times we retry on failures, e.g., socket error, etc. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' - - - name: vmware.vnc_port - type: integer - default: 5900 - help: 'VNC starting port' - - - name: vmware.vnc_port_total - type: integer - default: 10000 - help: 'Total number of VNC ports' - - - name: vmware.vnc_password - type: string - default: ~ - help: 'VNC password' - - - name: vmware.use_linked_clone - type: boolean - default: True - help: 'Whether to use linked clone' - - - name: vmware.wsdl_location - type: string - default: ~ - help: 'Optional VIM Service WSDL Location e.g http:///vimService.wsdl. Optional over-ride to default location for bug work-arounds' - - - name: vmware.maximum_objects - type: integer - default: 100 - help: 'The maximum number of ObjectContent data objects that should be returned in a single result. A positive value will cause the operation to suspend the retrieval when the count of objects reaches the specified maximum. The server may still limit the count to something less than the configured value. Any remaining objects may be retrieved with additional requests.' - - - name: vmware.integration_bridge - type: string - default: 'br-int' - help: 'Name of Integration Bridge' - - - name: spice.html5proxy_base_url - type: string - default: 'http://127.0.0.1:6082/spice_auto.html' - help: "location of spice html5 console proxy, in the form 'http://127.0.0.1:6082/spice_auto.html'" - - - name: spice.server_listen - type: string - default: '127.0.0.1' - help: 'IP address on which instance spice server should listen' - - - name: spice.server_proxyclient_address - type: string - default: '127.0.0.1' - help: 'the address to which proxy clients' - - - name: spice.agent_enabled - type: boolean - default: True - help: 'enable spice guest agent support' - - - name: filter:authtoken.keymap - type: string - default: '127.0.0.1' - help: 'keymap for spice' - diff --git a/rubick/schemas/nova/2013.1.4.yml b/rubick/schemas/nova/2013.1.4.yml deleted file mode 100644 index 29c4f58..0000000 --- a/rubick/schemas/nova/2013.1.4.yml +++ /dev/null @@ -1,2888 +0,0 @@ -project: nova -version: '2013.1.4' -parameters: - - - name: internal_service_availability_zone - type: string - default: 'internal' - help: 'availability_zone to show internal services under' - - - name: default_availability_zone - type: string - default: 'nova' - help: 'default compute node availability_zone' - - - name: ca_file - type: string - default: 'cacert.pem' - help: 'Filename of root CA' - - - name: key_file - type: string - default: 'private/cakey.pem' - help: 'Filename of private key' - - - name: crl_file - type: string - default: 'crl.pem' - help: 'Filename of root Certificate Revocation List' - - - name: keys_path - type: string - default: '$state_path/keys' - help: 'Where we keep our keys' - - - name: ca_path - type: string - default: '$state_path/CA' - help: 'Where we keep our root CA' - - - name: use_project_ca - type: boolean - default: False - help: 'Should we use a CA for each project?' - - - name: user_cert_subject - type: string - default: '/CUS/STCalifornia/OOpenStack/OUNovaDev/CN%.16s-%.16s-%s' - help: 'Subject for certificate for users, %s for project, user, timestamp' - - - name: project_cert_subject - type: string - default: '/CUS/STCalifornia/OOpenStack/OUNovaDev/CNproject-ca-%.16s-%s' - help: 'Subject for certificate for projects, %s for project, timestamp' - - - name: fatal_exception_format_errors - type: boolean - default: False - help: 'make exception message format errors fatal' - - - name: run_external_periodic_tasks - type: boolean - default: True - help: 'Some periodic tasks can be run in a separate process. Should we run them here?' - - - name: my_ip - type: string - default: '10.0.0.1' - help: 'ip address of this host' - - - name: host - type: string - default: 'nova' - help: 'Name of this node. This can be an opaque identifier. It is not necessarily a hostname, FQDN, or IP address. However, the node name must be valid within an AMQP key, and if using ZeroMQ, a valid hostname, FQDN, or IP address' - - - name: use_ipv6 - type: boolean - default: False - help: 'use ipv6' - - - name: notify_on_any_change - type: boolean - default: False - help: 'If set, send compute.instance.update notifications on instance state changes. Valid values are False for no notifications, True for notifications on any instance changes.' - - - name: notify_api_faults - type: boolean - default: False - help: 'If set, send api.fault notifications on caught exceptions in the API service.' - - - name: notify_on_state_change - type: string - default: ~ - help: "If set, send compute.instance.update notifications on instance state changes. Valid values are None for no notifications, 'vm_state' for notifications on VM state changes, or 'vm_and_task_state' for notifications on VM and task state changes." - - - name: pybasedir - type: string - default: '/usr/lib/python/site-packages' - help: 'Directory where the nova python module is installed' - - - name: bindir - type: string - default: '$pybasedir/bin' - help: 'Directory where nova binaries are installed' - - - name: state_path - type: string - default: '$pybasedir' - help: "Top-level directory for maintaining nova's state" - - - name: policy_file - type: string - default: 'policy.json' - help: 'JSON file representing policy' - - - name: policy_default_rule - type: string - default: 'default' - help: 'Rule checked when requested rule is not found' - - - name: quota_instances - type: integer - default: 10 - help: 'number of instances allowed per project' - - - name: quota_cores - type: integer - default: 20 - help: 'number of instance cores allowed per project' - - - name: quota_ram - type: integer - default: 51200 - help: 'megabytes of instance ram allowed per project' - - - name: quota_floating_ips - type: integer - default: 10 - help: 'number of floating ips allowed per project' - - - name: quota_metadata_items - type: integer - default: 128 - help: 'number of metadata items allowed per instance' - - - name: quota_injected_files - type: integer - default: 5 - help: 'number of injected files allowed' - - - name: quota_injected_file_content_bytes - type: integer - default: 10240 - help: 'number of bytes allowed per injected file' - - - name: quota_injected_file_path_bytes - type: integer - default: 255 - help: 'number of bytes allowed per injected file path' - - - name: quota_security_groups - type: integer - default: 10 - help: 'number of security groups per project' - - - name: quota_security_group_rules - type: integer - default: 20 - help: 'number of security rules per security group' - - - name: quota_key_pairs - type: integer - default: 100 - help: 'number of key pairs per user' - - - name: reservation_expire - type: integer - default: 86400 - help: 'number of seconds until a reservation expires' - - - name: until_refresh - type: integer - default: 0 - help: 'count of reservations until usage is refreshed' - - - name: max_age - type: integer - default: 0 - help: 'number of seconds between subsequent usage refreshes' - - - name: quota_driver - type: string - default: 'nova.quota.DbQuotaDriver' - help: 'default driver to use for quota checks' - - - name: report_interval - type: integer - default: 10 - help: 'seconds between nodes reporting state to datastore' - - - name: periodic_enable - type: boolean - default: True - help: 'enable periodic tasks' - - - name: periodic_fuzzy_delay - type: integer - default: 60 - help: 'range of seconds to randomly delay when starting the periodic task scheduler to reduce stampeding.' - - - name: enabled_apis - type: list - default: ['ec2', 'osapi_compute', 'metadata'] - help: 'a list of APIs to enable by default' - - - name: enabled_ssl_apis - type: list - default: [] - help: 'a list of APIs with enabled SSL' - - - name: ec2_listen - type: string - default: '0.0.0.0' - help: 'IP address for EC2 API to listen' - - - name: ec2_listen_port - type: port - default: 8773 - help: 'port for ec2 api to listen' - - - name: ec2_workers - type: integer - default: ~ - help: 'Number of workers for EC2 API service' - - - name: osapi_compute_listen - type: string - default: '0.0.0.0' - help: 'IP address for OpenStack API to listen' - - - name: osapi_compute_listen_port - type: port - default: 8774 - help: 'list port for osapi compute' - - - name: osapi_compute_workers - type: integer - default: ~ - help: 'Number of workers for OpenStack API service' - - - name: metadata_manager - type: string - default: 'nova.api.manager.MetadataManager' - help: 'OpenStack metadata service manager' - - - name: metadata_listen - type: string - default: '0.0.0.0' - help: 'IP address for metadata api to listen' - - - name: metadata_listen_port - type: port - default: 8775 - help: 'port for metadata api to listen' - - - name: metadata_workers - type: integer - default: ~ - help: 'Number of workers for metadata service' - - - name: compute_manager - type: string - default: 'nova.compute.manager.ComputeManager' - help: 'full class name for the Manager for compute' - - - name: console_manager - type: string - default: 'nova.console.manager.ConsoleProxyManager' - help: 'full class name for the Manager for console proxy' - - - name: cert_manager - type: string - default: 'nova.cert.manager.CertManager' - help: 'full class name for the Manager for cert' - - - name: network_manager - type: string - default: 'nova.network.manager.VlanManager' - help: 'full class name for the Manager for network' - - - name: scheduler_manager - type: string - default: 'nova.scheduler.manager.SchedulerManager' - help: 'full class name for the Manager for scheduler' - - - name: service_down_time - type: integer - default: 60 - help: 'maximum time since last check-in for up service' - - - name: sqlite_clean_db - type: string - default: 'clean.sqlite' - help: 'File name of clean sqlite db' - - - name: monkey_patch - type: boolean - default: False - help: 'Whether to log monkey patching' - - - name: monkey_patch_modules - type: list - default: ['nova.api.ec2.cloud:nova.openstack.common.notifier.api.notify_decorator', 'nova.compute.api:nova.openstack.common.notifier.api.notify_decorator'] - help: 'List of modules/decorators to monkey patch' - - - name: password_length - type: integer - default: 12 - help: 'Length of generated instance admin passwords' - - - name: disable_process_locking - type: boolean - default: False - help: 'Whether to disable inter-process locks' - - - name: instance_usage_audit_period - type: string - default: 'month' - help: 'time period to generate instance usages for. Time period must be hour, day, month or year' - - - name: rootwrap_config - type: string - default: '/etc/nova/rootwrap.conf' - help: 'Path to the rootwrap configuration file to use for running commands as root' - - - name: tempdir - type: string - default: ~ - help: 'Explicitly specify the temporary working directory' - - - name: api_paste_config - type: string - default: 'api-paste.ini' - help: 'File name for the paste.deploy config for nova-api' - - - name: wsgi_log_format - type: string - default: '%(client_ip)s "%(request_line)s" status: %(status_code)s len: %(body_length)s time: %(wall_seconds).7f' - help: 'A python format string that is used as the template to generate log lines. The following values can be formatted into it: client_ip, date_time, request_line, status_code, body_length, wall_seconds.' - - - name: ssl_ca_file - type: string - default: ~ - help: 'CA certificate file to use to verify connecting clients' - - - name: ssl_cert_file - type: string - default: ~ - help: 'SSL certificate of API server' - - - name: ssl_key_file - type: string - default: ~ - help: 'SSL private key of API server' - - - name: tcp_keepidle - type: integer - default: 600 - help: 'Sets the value of TCP_KEEPIDLE in seconds for each server socket. Not supported on OS X.' - - - name: api_rate_limit - type: boolean - default: True - help: 'whether to rate limit the api' - - - name: auth_strategy - type: string - default: 'noauth' - help: 'The strategy to use for auth: noauth or keystone.' - - - name: use_forwarded_for - type: boolean - default: False - help: 'Treat X-Forwarded-For as the canonical remote address. Only enable this if you have a sanitizing proxy.' - - - name: lockout_attempts - type: integer - default: 5 - help: 'Number of failed auths before lockout.' - - - name: lockout_minutes - type: integer - default: 15 - help: 'Number of minutes to lockout if triggered.' - - - name: lockout_window - type: integer - default: 15 - help: 'Number of minutes for lockout window.' - - - name: keystone_ec2_url - type: string - default: 'http://localhost:5000/v2.0/ec2tokens' - help: 'URL to get token from ec2 request.' - - - name: ec2_private_dns_show_ip - type: boolean - default: False - help: 'Return the IP address as private dns hostname in describe instances' - - - name: ec2_strict_validation - type: boolean - default: True - help: 'Validate security group names according to EC2 specification' - - - name: ec2_timestamp_expiry - type: integer - default: 300 - help: 'Time in seconds before ec2 timestamp expires' - - - name: ec2_host - type: host - default: '$my_ip' - help: 'the ip of the ec2 api server' - - - name: ec2_dmz_host - type: host - default: '$my_ip' - help: 'the internal ip of the ec2 api server' - - - name: ec2_port - type: port - default: 8773 - help: 'the port of the ec2 api server' - - - name: ec2_scheme - type: string - default: 'http' - help: 'the protocol to use when connecting to the ec2 api server' - - - name: ec2_path - type: string - default: '/services/Cloud' - help: 'the path prefix used to call the ec2 api server' - - - name: region_list - type: list - default: [] - help: 'list of region=fqdn pairs separated by commas' - - - name: config_drive_skip_versions - type: string - default: '1.0 2007-01-19 2007-03-01 2007-08-29 2007-10-10 2007-12-15 2008-02-01 2008-09-01' - help: 'List of metadata versions to skip placing into the config drive' - - - name: service_quantum_metadata_proxy - type: boolean - default: False - help: 'Set flag to indicate Quantum will proxy metadata requests and resolve instance ids.' - - - name: quantum_metadata_proxy_shared_secret - type: string - default: '' - help: 'Shared secret to validate proxies Quantum metadata requests' - - - name: osapi_max_limit - type: integer - default: 1000 - help: 'the maximum number of items returned in a single response from a collection resource' - - - name: osapi_compute_link_prefix - type: string - default: ~ - help: 'Base URL that will be presented to users in links to the OpenStack Compute API' - - - name: osapi_glance_link_prefix - type: string - default: ~ - help: 'Base URL that will be presented to users in links to glance resources' - - - name: allow_instance_snapshots - type: boolean - default: True - help: 'Permit instance snapshot operations.' - - - name: osapi_compute_ext_list - type: list - default: [] - help: 'Specify list of extensions to load when using osapi_compute_extension option with nova.api.openstack.compute.contrib.select_extensions' - - - name: fping_path - type: string - default: '/usr/sbin/fping' - help: 'Full path to fping.' - - - name: osapi_hide_server_address_states - type: list - default: ['building'] - help: 'List of instance states that should hide network info' - - - name: enable_network_quota - type: boolean - default: False - help: 'Enables or disables quotaing of tenant networks' - - - name: use_quantum_default_nets - type: boolean - default: False - help: 'Control for checking for default networks' - - - name: quantum_default_tenant_id - type: string - default: 'default' - help: 'Default tenant id when creating quantum networks' - - - name: osapi_compute_extension - type: multi - default: 'nova.api.openstack.compute.contrib.standard_extensions' - help: 'osapi compute extension to load' - - - name: enable_instance_password - type: boolean - default: True - help: 'Allows use of instance password during server creation' - - - name: osapi_max_request_body_size - type: integer - default: 114688 - help: 'the maximum body size per each osapi request(bytes)' - - - name: cert_topic - type: string - default: 'cert' - help: 'the topic cert nodes listen on' - - - name: vpn_image_id - type: string - default: '0' - help: 'image id used when starting up a cloudpipe vpn server' - - - name: vpn_instance_type - type: string - default: 'm1.tiny' - help: 'Instance type for vpn instances' - - - name: boot_script_template - type: string - default: '$pybasedir/nova/cloudpipe/bootscript.template' - help: 'Template for cloudpipe instance boot script' - - - name: dmz_net - type: network - default: '10.0.0.0' - help: 'Network to push into openvpn config' - - - name: dmz_mask - type: network_mask - default: '255.255.255.0' - help: 'Netmask to push into openvpn config' - - - name: vpn_key_suffix - type: string - default: '-vpn' - help: 'Suffix to add to project name for vpn key and secgroups' - - - name: memcached_servers - type: list - default: ~ - help: 'Memcached servers or None for in process cache.' - - - name: compute_api_class - type: string - default: 'nova.compute.api.API' - help: 'The full class name of the compute API class to use' - - - name: allow_resize_to_same_host - type: boolean - default: False - help: 'Allow destination machine to match source for resize. Useful when testing in single-host environments.' - - - name: default_schedule_zone - type: string - default: ~ - help: "availability zone to use when user doesn't specify one" - - - name: non_inheritable_image_properties - type: list - default: ['cache_in_nova', 'bittorrent'] - help: 'These are image properties which a snapshot should not inherit from an instance' - - - name: null_kernel - type: string - default: 'nokernel' - help: 'kernel image that indicates not to use a kernel, but to use a raw disk image instead' - - - name: multi_instance_display_name_template - type: string - default: '%(name)s-%(uuid)s' - help: "When creating multiple instances with a single request using the os-multiple-create API extension, this template will be used to build the display name for each instance. The benefit is that the instances end up with different hostnames. To restore legacy behavior of every instance having the same name, set this option to '%(name)s'. Valid keys for the template are: name, uuid, count." - - - name: default_instance_type - type: string - default: 'm1.small' - help: 'default instance type to use, testing only' - - - name: console_host - type: string - default: 'nova' - help: 'Console proxy host to use to connect to instances on this host.' - - - name: default_access_ip_network_name - type: string - default: ~ - help: 'Name of network to use to set access ips for instances' - - - name: defer_iptables_apply - type: boolean - default: False - help: 'Whether to batch up the application of IPTables rules during a host restart and apply all at the end of the init phase' - - - name: instances_path - type: string - default: '$state_path/instances' - help: 'where instances are stored on disk' - - - name: instance_usage_audit - type: boolean - default: False - help: 'Generate periodic compute.instance.exists notifications' - - - name: live_migration_retry_count - type: integer - default: 30 - help: 'Number of 1 second retries needed in live_migration' - - - name: resume_guests_state_on_host_boot - type: boolean - default: False - help: 'Whether to start guests that were running before the host rebooted' - - - name: bandwidth_poll_interval - type: integer - default: 600 - help: 'interval to pull bandwidth usage info' - - - name: heal_instance_info_cache_interval - type: integer - default: 60 - help: 'Number of seconds between instance info_cache self healing updates' - - - name: host_state_interval - type: integer - default: 120 - help: 'Interval in seconds for querying the host status' - - - name: image_cache_manager_interval - type: integer - default: 2400 - help: 'Number of seconds to wait between runs of the image cache manager' - - - name: reclaim_instance_interval - type: integer - default: 0 - help: 'Interval in seconds for reclaiming deleted instances' - - - name: volume_usage_poll_interval - type: integer - default: 0 - help: 'Interval in seconds for gathering volume usages' - - - name: running_deleted_instance_action - type: string - default: 'log' - help: "Action to take if a running deleted instance is detected.Valid options are 'noop', 'log' and 'reap'. Set to 'noop' to disable." - - - name: running_deleted_instance_poll_interval - type: integer - default: 1800 - help: 'Number of seconds to wait between runs of the cleanup task.' - - - name: running_deleted_instance_timeout - type: integer - default: 0 - help: 'Number of seconds after being deleted when a running instance should be considered eligible for cleanup.' - - - name: reboot_timeout - type: integer - default: 0 - help: 'Automatically hard reboot an instance if it has been stuck in a rebooting state longer than N seconds. Set to 0 to disable.' - - - name: instance_build_timeout - type: integer - default: 0 - help: 'Amount of time in seconds an instance can be in BUILD before going into ERROR status.Set to 0 to disable.' - - - name: rescue_timeout - type: integer - default: 0 - help: 'Automatically unrescue an instance after N seconds. Set to 0 to disable.' - - - name: resize_confirm_window - type: integer - default: 0 - help: 'Automatically confirm resizes after N seconds. Set to 0 to disable.' - - - name: reserved_host_disk_mb - type: integer - default: 0 - help: 'Amount of disk in MB to reserve for the host' - - - name: reserved_host_memory_mb - type: integer - default: 512 - help: 'Amount of memory in MB to reserve for the host' - - - name: compute_stats_class - type: string - default: 'nova.compute.stats.Stats' - help: 'Class that will manage stats for the local compute host' - - - name: compute_topic - type: string - default: 'compute' - help: 'the topic compute nodes listen on' - - - name: console_driver - type: string - default: 'nova.console.xvp.XVPConsoleProxy' - help: 'Driver to use for the console proxy' - - - name: stub_compute - type: boolean - default: False - help: 'Stub calls to compute worker for tests' - - - name: console_public_hostname - type: string - default: 'nova' - help: 'Publicly visible name for this console host' - - - name: console_topic - type: string - default: 'console' - help: 'the topic console proxy nodes listen on' - - - name: console_vmrc_port - type: port - default: 443 - help: 'port for VMware VMRC connections' - - - name: console_vmrc_error_retries - type: integer - default: 10 - help: 'number of retries for retrieving VMRC information' - - - name: console_xvp_conf_template - type: string - default: '$pybasedir/nova/console/xvp.conf.template' - help: 'XVP conf template' - - - name: console_xvp_conf - type: string - default: '/etc/xvp.conf' - help: 'generated XVP conf file' - - - name: console_xvp_pid - type: string - default: '/var/run/xvp.pid' - help: 'XVP master process pid file' - - - name: console_xvp_log - type: string - default: '/var/log/xvp.log' - help: 'XVP log file' - - - name: console_xvp_multiplex_port - type: port - default: 5900 - help: 'port for XVP to multiplex VNC connections on' - - - name: consoleauth_topic - type: string - default: 'consoleauth' - help: 'the topic console auth proxy nodes listen on' - - - name: console_token_ttl - type: integer - default: 600 - help: 'How many seconds before deleting tokens' - - - name: consoleauth_manager - type: string - default: 'nova.consoleauth.manager.ConsoleAuthManager' - help: 'Manager for console auth' - - - name: enable_new_services - type: boolean - default: True - help: 'Services to be added to the available pool on create' - - - name: instance_name_template - type: string - default: 'instance-%08x' - help: 'Template string to be used to generate instance names' - - - name: snapshot_name_template - type: string - default: 'snapshot-%s' - help: 'Template string to be used to generate snapshot names' - - - name: db_driver - type: string - default: 'nova.db' - help: 'driver to use for database access' - - - name: osapi_compute_unique_server_name_scope - type: string - default: '' - help: "When set, compute API will consider duplicate hostnames invalid within the specified scope, regardless of case. Should be empty, 'project' or 'global'." - - - name: glance_host - type: string - default: '$my_ip' - help: 'default glance hostname or ip' - - - name: glance_port - type: port - default: 9292 - help: 'default glance port' - - - name: glance_protocol - type: string - default: 'http' - help: 'Default protocol to use when connecting to glance. Set to https for SSL.' - - - name: glance_api_servers - type: list - default: ['$glance_host:$glance_port'] - help: 'A list of the glance api servers available to nova. Prefix with https:// for ssl-based glance api servers.' - - - name: glance_api_insecure - type: boolean - default: False - help: 'Allow to perform insecure SSL' - - - name: glance_num_retries - type: integer - default: 0 - help: 'Number retries when downloading an image from glance' - - - name: allowed_direct_url_schemes - type: list - default: [] - help: 'A list of url scheme that can be downloaded directly via the direct_url. Currently supported schemes: [file].' - - - name: image_decryption_dir - type: string - default: '/tmp' - help: 'parent dir for tempdir used for image decryption' - - - name: s3_host - type: string - default: '$my_ip' - help: 'hostname or ip for openstack to use when accessing the s3 api' - - - name: s3_port - type: port - default: 3333 - help: 'port used when accessing the s3 api' - - - name: s3_access_key - type: string - default: 'notchecked' - help: 'access key to use for s3 server for images' - - - name: s3_secret_key - type: string - default: 'notchecked' - help: 'secret key to use for s3 server for images' - - - name: s3_use_ssl - type: boolean - default: False - help: 'whether to use ssl when talking to s3' - - - name: s3_affix_tenant - type: boolean - default: False - help: 'whether to affix the tenant id to the access key when downloading from s3' - - - name: ipv6_backend - type: string - default: 'rfc2462' - help: 'Backend to use for IPv6 generation' - - - name: network_api_class - type: string - default: 'nova.network.api.API' - help: 'The full class name of the network API class to use' - - - name: network_driver - type: string - default: 'nova.network.linux_net' - help: 'Driver to use for network creation' - - - name: default_floating_pool - type: string - default: 'nova' - help: 'Default pool for floating ips' - - - name: auto_assign_floating_ip - type: boolean - default: False - help: 'Autoassigning floating ip to VM' - - - name: floating_ip_dns_manager - type: string - default: 'nova.network.noop_dns_driver.NoopDNSDriver' - help: 'full class name for the DNS Manager for floating IPs' - - - name: instance_dns_manager - type: string - default: 'nova.network.noop_dns_driver.NoopDNSDriver' - help: 'full class name for the DNS Manager for instance IPs' - - - name: instance_dns_domain - type: string - default: '' - help: 'full class name for the DNS Zone for instance IPs' - - - name: ldap_dns_url - type: string - default: 'ldap://ldap.example.com:389' - help: 'URL for ldap server which will store dns entries' - - - name: ldap_dns_user - type: string - default: 'uidadmin,oupeople,dcexample,dcorg' - help: 'user for ldap DNS' - - - name: ldap_dns_password - type: string - default: 'password' - help: 'password for ldap DNS' - - - name: ldap_dns_soa_hostmaster - type: string - default: 'hostmaster@example.org' - help: 'Hostmaster for ldap dns driver Statement of Authority' - - - name: ldap_dns_servers - type: multi - default: 'dns.example.org' - help: 'DNS Servers for ldap dns driver' - - - name: ldap_dns_base_dn - type: string - default: 'ouhosts,dcexample,dcorg' - help: 'Base DN for DNS entries in ldap' - - - name: ldap_dns_soa_refresh - type: integer - default: 1800 - help: 'Refresh interval' - - - name: ldap_dns_soa_retry - type: integer - default: 3600 - help: 'Retry interval' - - - name: ldap_dns_soa_expiry - type: integer - default: 86400 - help: 'Expiry interval' - - - name: ldap_dns_soa_minimum - type: integer - default: 7200 - help: 'Minimum interval' - - - name: dhcpbridge_flagfile - type: multi - default: '/etc/nova/nova-dhcpbridge.conf' - help: 'location of flagfiles for dhcpbridge' - - - name: networks_path - type: string - default: '$state_path/networks' - help: 'Location to keep network config files' - - - name: public_interface - type: string - default: 'eth0' - help: 'Interface for public IP addresses' - - - name: network_device_mtu - type: string - default: ~ - help: 'MTU setting for vlan' - - - name: dhcpbridge - type: string - default: '$bindir/nova-dhcpbridge' - help: 'location of nova-dhcpbridge' - - - name: routing_source_ip - type: string - default: '$my_ip' - help: 'Public IP of network host' - - - name: dhcp_lease_time - type: integer - default: 120 - help: 'Lifetime of a DHCP lease in seconds' - - - name: dns_server - type: multi - default: '' - help: 'if set, uses specific dns server for dnsmasq. Canbe specified multiple times.' - - - name: use_network_dns_servers - type: boolean - default: False - help: 'if set, uses the dns1 and dns2 from the network ref.as dns servers.' - - - name: dmz_cidr - type: list - default: [] - help: 'A list of dmz range that should be accepted' - - - name: force_snat_range - type: multi - default: '' - help: 'Traffic to this range will always be snatted to the fallback ip, even if it would normally be bridged out of the node. Can be specified multiple times.' - - - name: dnsmasq_config_file - type: string - default: '' - help: 'Override the default dnsmasq settings with this file' - - - name: linuxnet_interface_driver - type: string - default: 'nova.network.linux_net.LinuxBridgeInterfaceDriver' - help: 'Driver used to create ethernet devices.' - - - name: linuxnet_ovs_integration_bridge - type: string - default: 'br-int' - help: 'Name of Open vSwitch bridge used with linuxnet' - - - name: send_arp_for_ha - type: boolean - default: False - help: 'send gratuitous ARPs for HA setup' - - - name: send_arp_for_ha_count - type: integer - default: 3 - help: 'send this many gratuitous ARPs for HA setup' - - - name: use_single_default_gateway - type: boolean - default: False - help: 'Use single default gateway. Only first nic of vm will get default gateway from dhcp server' - - - name: forward_bridge_interface - type: multi - default: 'all' - help: 'An interface that bridges can forward to. If this is set to all then all traffic will be forwarded. Can be specified multiple times.' - - - name: metadata_host - type: string - default: '$my_ip' - help: 'the ip for the metadata api server' - - - name: metadata_port - type: port - default: 8775 - help: 'the port for the metadata api port' - - - name: iptables_top_regex - type: string - default: '' - help: 'Regular expression to match iptables rule that shouldalways be on the top.' - - - name: iptables_bottom_regex - type: string - default: '' - help: 'Regular expression to match iptables rule that shouldalways be on the bottom.' - - - name: flat_network_bridge - type: string - default: ~ - help: 'Bridge for simple network instances' - - - name: flat_network_dns - type: string - default: '8.8.4.4' - help: 'Dns for simple network' - - - name: flat_injected - type: boolean - default: False - help: 'Whether to attempt to inject network setup into guest' - - - name: flat_interface - type: string - default: ~ - help: 'FlatDhcp will bridge into this interface if set' - - - name: vlan_start - type: integer - default: 100 - help: 'First VLAN for private networks' - - - name: vlan_interface - type: string - default: ~ - help: 'vlans will bridge into this interface if set' - - - name: num_networks - type: integer - default: 1 - help: 'Number of networks to support' - - - name: vpn_ip - type: string - default: '$my_ip' - help: 'Public IP for the cloudpipe VPN servers' - - - name: vpn_start - type: integer - default: 1000 - help: 'First Vpn port for private networks' - - - name: network_size - type: integer - default: 256 - help: 'Number of addresses in each private subnet' - - - name: fixed_range - type: string - default: '10.0.0.0/8' - help: 'Fixed IP address block' - - - name: fixed_range_v6 - type: string - default: 'fd00::/48' - help: 'Fixed IPv6 address block' - - - name: gateway - type: string - default: ~ - help: 'Default IPv4 gateway' - - - name: gateway_v6 - type: string - default: ~ - help: 'Default IPv6 gateway' - - - name: cnt_vpn_clients - type: integer - default: 0 - help: 'Number of addresses reserved for vpn clients' - - - name: fixed_ip_disassociate_timeout - type: integer - default: 600 - help: 'Seconds after which a deallocated ip is disassociated' - - - name: create_unique_mac_address_attempts - type: integer - default: 5 - help: 'Number of attempts to create unique mac address' - - - name: fake_network - type: boolean - default: False - help: 'If passed, use fake network devices and addresses' - - - name: fake_call - type: boolean - default: False - help: 'If True, skip using the queue and make local calls' - - - name: teardown_unused_network_gateway - type: boolean - default: False - help: 'If True, unused gateway devices' - - - name: force_dhcp_release - type: boolean - default: False - help: 'If True, send a dhcp release on instance termination' - - - name: share_dhcp_address - type: boolean - default: False - help: 'If True in multi_host mode, all compute hosts share the same dhcp address.' - - - name: update_dns_entries - type: boolean - default: False - help: 'If True, when a DNS entry must be updated, it sends a fanout cast to all network hosts to update their DNS entries in multi host mode' - - - name: dns_update_periodic_interval - type: integer - default: -1 - help: 'Number of seconds to wait between runs of updates to DNS entries.' - - - name: dhcp_domain - type: string - default: 'novalocal' - help: 'domain to use for building the hostnames' - - - name: l3_lib - type: string - default: 'nova.network.l3.LinuxNetL3' - help: 'Indicates underlying L3 management library' - - - name: quantum_url - type: string - default: 'http://127.0.0.1:9696' - help: 'URL for connecting to quantum' - - - name: quantum_url_timeout - type: integer - default: 30 - help: 'timeout value for connecting to quantum in seconds' - - - name: quantum_admin_username - type: string - default: ~ - help: 'username for connecting to quantum in admin context' - - - name: quantum_admin_password - type: string - default: ~ - help: 'password for connecting to quantum in admin context' - - - name: quantum_admin_tenant_name - type: string - default: ~ - help: 'tenant name for connecting to quantum in admin context' - - - name: quantum_region_name - type: string - default: ~ - help: 'region name for connecting to quantum in admin context' - - - name: quantum_admin_auth_url - type: string - default: 'http://localhost:5000/v2.0' - help: 'auth url for connecting to quantum in admin context' - - - name: quantum_api_insecure - type: boolean - default: False - help: 'if set, ignore any SSL validation issues' - - - name: quantum_auth_strategy - type: string - default: 'keystone' - help: 'auth strategy for connecting to quantum in admin context' - - - name: quantum_ovs_bridge - type: string - default: 'br-int' - help: 'Name of Integration Bridge used by Open vSwitch' - - - name: quantum_extension_sync_interval - type: integer - default: 600 - help: 'Number of seconds before querying quantum for extensions' - - - name: network_topic - type: string - default: 'network' - help: 'the topic network nodes listen on' - - - name: multi_host - type: boolean - default: False - help: 'Default value for multi_host in networks. Also, if set, some rpc network calls will be sent directly to host.' - - - name: security_group_api - type: string - default: 'nova' - help: 'The full class name of the security API class' - - - name: security_group_handler - type: string - default: 'nova.network.sg.NullSecurityGroupHandler' - help: 'The full class name of the security group handler class' - - - name: queues - type: multi - default: '' - help: 'Queues to delete' - - - name: delete_exchange - type: boolean - default: False - help: 'delete nova exchange too.' - - - name: record - type: boolean - default: False - help: 'Record sessions to FILE.[session_number]' - - - name: daemon - type: boolean - default: False - help: 'Become a daemon' - - - name: ssl_only - type: boolean - default: False - help: 'Disallow non-encrypted connections' - - - name: source_is_ipv6 - type: boolean - default: False - help: 'Source is ipv6' - - - name: cert - type: string - default: 'self.pem' - help: 'SSL certificate file' - - - name: key - type: string - default: ~ - help: 'SSL key file' - - - name: web - type: string - default: '/usr/share/novnc' - help: 'Run webserver on same port. Serve files from DIR.' - - - name: novncproxy_host - type: string - default: '0.0.0.0' - help: 'Host on which to listen for incoming requests' - - - name: novncproxy_port - type: port - default: 6080 - help: 'Port on which to listen for incoming requests' - - - name: buckets_path - type: string - default: '$state_path/buckets' - help: 'path to s3 buckets' - - - name: s3_listen - type: string - default: '0.0.0.0' - help: 'IP address for S3 API to listen' - - - name: s3_listen_port - type: port - default: 3333 - help: 'port for s3 api to listen' - - - name: baremetal.db_backend - type: string - default: 'sqlalchemy' - help: 'The backend to use for bare-metal database' - - - name: dbapi_use_tpool - type: boolean - default: False - help: 'Enable the experimental use of thread pooling for all DB API calls' - - - name: baremetal.sql_connection - type: string - default: 'sqlite:///$state_path/baremetal_$sqlite_db' - help: 'The SQLAlchemy connection string used to connect to the bare-metal database' - - - name: sqlite_db - type: string - default: 'nova.sqlite' - help: 'the filename to use with sqlite' - - - name: sql_idle_timeout - type: integer - default: 3600 - help: 'timeout before idle sql connections are reaped' - - - name: sqlite_synchronous - type: boolean - default: True - help: 'If passed, use synchronous mode for sqlite' - - - name: sql_min_pool_size - type: integer - default: 1 - help: 'Minimum number of SQL connections to keep open in a pool' - - - name: sql_max_pool_size - type: integer - default: 5 - help: 'Maximum number of SQL connections to keep open in a pool' - - - name: sql_max_retries - type: integer - default: 10 - help: 'maximum db connection retries during startup.' - - - name: sql_retry_interval - type: integer - default: 10 - help: 'interval between retries of opening a sql connection' - - - name: sql_max_overflow - type: integer - default: ~ - help: 'If set, use this value for max_overflow with sqlalchemy' - - - name: sql_connection_debug - type: integer - default: 0 - help: 'Verbosity of SQL debugging information. 0=None, 100=Everything' - - - name: sql_connection_trace - type: boolean - default: False - help: 'Add python stack traces to SQL as comment strings' - - - name: backdoor_port - type: port - default: ~ - help: 'port for eventlet backdoor to listen' - - - name: lock_path - type: string - default: ~ - help: 'Directory to use for lock files. Default to a temp directory' - - - name: debug - type: boolean - default: False - help: 'Print debugging output' - - - name: verbose - type: boolean - default: False - help: 'Print more verbose output' - - - name: use_stderr - type: boolean - default: True - help: 'Log output to standard error' - - - name: logfile_mode - type: string - default: 420 - help: 'Default file mode used when creating log files' - - - name: logging_context_format_string - type: string - default: '%(asctime)s.%(msecs)03d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s' - help: 'format string to use for log messages with context' - - - name: logging_default_format_string - type: string - default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s' - help: 'format string to use for log messages without context' - - - name: logging_debug_format_suffix - type: string - default: '%(funcName)s %(pathname)s:%(lineno)d' - help: 'data to append to log format when level is DEBUG' - - - name: logging_exception_prefix - type: string - default: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' - help: 'prefix each line of exception output with this format' - - - name: default_log_levels - type: list - default: ['amqplibWARN', 'sqlalchemyWARN', 'botoWARN', 'sudsINFO', 'keystoneINFO', 'eventlet.wsgi.serverWARN'] - help: 'list of logger=LEVEL pairs' - - - name: publish_errors - type: boolean - default: False - help: 'publish error events' - - - name: fatal_deprecations - type: boolean - default: False - help: 'make deprecations fatal' - - - name: instance_format - type: string - default: '"[instance: %(uuid)s] "' - help: 'If an instance is passed with the log message, format it like this' - - - name: instance_uuid_format - type: string - default: '"[instance: %(uuid)s] "' - help: 'If an instance UUID is passed with the log message, format it like this' - - - name: log_config - type: string - default: ~ - help: 'If this option is specified, the logging configuration file specified is used and overrides any other logging options specified. Please see the Python logging module documentation for details on logging configuration files.' - - - name: log_format - type: string - default: '%(asctime)s %(levelname)8s [%(name)s] %(message)s' - help: 'A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes. Default: %(default)s' - - - name: log_date_format - type: string - default: '%Y-%m-%d %H:%M:%S' - help: 'Format string for %%(asctime)s in log records. Default: %(default)s' - - - name: log_file - type: string - default: ~ - help: '(Optional) Name of log file to output to. If not set, logging will go to stdout.' - - - name: log_dir - type: string - default: ~ - help: '(Optional) The directory to keep log files in' - - - name: use_syslog - type: boolean - default: False - help: 'Use syslog for logging.' - - - name: syslog_log_facility - type: string - default: 'LOG_USER' - help: 'syslog facility to receive log lines' - - - name: notification_driver - type: multi - default: '' - help: 'Driver or drivers to handle sending notifications' - - - name: default_notification_level - type: string - default: 'INFO' - help: 'Default notification level for outgoing notifications' - - - name: default_publisher_id - type: string - default: '$host' - help: 'Default publisher_id for outgoing notifications' - - - name: notification_topics - type: list - default: ['notifications'] - help: 'AMQP topic used for openstack notifications' - - - name: rpc_backend - type: string - default: 'nova.openstack.common.rpc.impl_kombu' - help: 'The messaging module to use, defaults to kombu.' - - - name: rpc_thread_pool_size - type: integer - default: 64 - help: 'Size of RPC thread pool' - - - name: rpc_conn_pool_size - type: integer - default: 30 - help: 'Size of RPC connection pool' - - - name: rpc_response_timeout - type: integer - default: 60 - help: 'Seconds to wait for a response from call or multicall' - - - name: rpc_cast_timeout - type: integer - default: 30 - help: 'Seconds to wait before a cast expires' - - - name: allowed_rpc_exception_modules - type: list - default: ['nova.openstack.common.exception', 'nova.exception', 'cinder.exception,exceptions'] - help: 'Modules of exceptions that are permitted to be recreatedupon receiving exception data from an rpc call.' - - - name: fake_rabbit - type: boolean - default: False - help: 'If passed, use a fake RabbitMQ provider' - - - name: control_exchange - type: string - default: 'openstack' - help: 'AMQP exchange to connect to if using RabbitMQ or Qpid' - - - name: amqp_rpc_single_reply_queue - type: boolean - default: False - help: 'Enable a fast single reply queue if using AMQP based RPC like RabbitMQ or Qpid.' - - - name: kombu_ssl_version - type: string - default: '' - help: 'SSL version to use' - - - name: kombu_ssl_keyfile - type: string - default: '' - help: 'SSL key file' - - - name: kombu_ssl_certfile - type: string - default: '' - help: 'SSL cert file' - - - name: kombu_ssl_ca_certs - type: string - default: '' - help: 'SSL certification authority file' - - - name: rabbit_host - type: string - default: 'localhost' - help: 'The RabbitMQ broker address where a single node is used' - - - name: rabbit_port - type: port - default: 5672 - help: 'The RabbitMQ broker port where a single node is used' - - - name: rabbit_hosts - type: list - default: ['$rabbit_host:$rabbit_port'] - help: 'RabbitMQ HA cluster host:port pairs' - - - name: rabbit_use_ssl - type: boolean - default: False - help: 'connect over SSL for RabbitMQ' - - - name: rabbit_userid - type: string - default: 'guest' - help: 'the RabbitMQ userid' - - - name: rabbit_password - type: string - default: 'guest' - help: 'the RabbitMQ password' - - - name: rabbit_virtual_host - type: string - default: '/' - help: 'the RabbitMQ virtual host' - - - name: rabbit_retry_interval - type: integer - default: 1 - help: 'how frequently to retry connecting with RabbitMQ' - - - name: rabbit_retry_backoff - type: integer - default: 2 - help: 'how long to backoff for between retries when connecting to RabbitMQ' - - - name: rabbit_max_retries - type: integer - default: 0 - help: 'maximum retries with trying to connect to RabbitMQ' - - - name: rabbit_durable_queues - type: boolean - default: False - help: 'use durable queues in RabbitMQ' - - - name: rabbit_ha_queues - type: boolean - default: False - help: 'use H/A queues in RabbitMQ' - - - name: qpid_hostname - type: string - default: 'localhost' - help: 'Qpid broker hostname' - - - name: qpid_port - type: port - default: 5672 - help: 'Qpid broker port' - - - name: qpid_hosts - type: list - default: ['$qpid_hostname:$qpid_port'] - help: 'Qpid HA cluster host:port pairs' - - - name: qpid_username - type: string - default: '' - help: 'Username for qpid connection' - - - name: qpid_password - type: string - default: '' - help: 'Password for qpid connection' - - - name: qpid_sasl_mechanisms - type: string - default: '' - help: 'Space separated list of SASL mechanisms to use for auth' - - - name: qpid_heartbeat - type: integer - default: 60 - help: 'Seconds between connection keepalive heartbeats' - - - name: qpid_protocol - type: string - default: 'tcp' - help: "Transport to use, either 'tcp' or 'ssl'" - - - name: qpid_tcp_nodelay - type: boolean - default: True - help: 'Disable Nagle algorithm' - - - name: rpc_zmq_bind_address - type: string - default: '*' - help: 'ZeroMQ bind address. Should be a wildcard' - - - name: rpc_zmq_matchmaker - type: string - default: 'nova.openstack.common.rpc.matchmaker.MatchMakerLocalhost' - help: 'MatchMaker driver' - - - name: rpc_zmq_port - type: port - default: 9501 - help: 'ZeroMQ receiver listening port' - - - name: rpc_zmq_contexts - type: integer - default: 1 - help: 'Number of ZeroMQ contexts, defaults to 1' - - - name: rpc_zmq_topic_backlog - type: integer - default: ~ - help: 'Maximum number of ingress messages to locally buffer per topic. Default is unlimited.' - - - name: rpc_zmq_ipc_dir - type: string - default: '/var/run/openstack' - help: 'Directory for holding IPC sockets' - - - name: rpc_zmq_host - type: string - default: 'sorcha' - help: "Name of this node. Must be a valid hostname, FQDN, or IP address. Must match 'host' option, if running Nova." - - - name: matchmaker_ringfile - type: string - default: '/etc/nova/matchmaker_ring.json' - help: 'Matchmaker ring file' - - - name: scheduler_host_manager - type: string - default: 'nova.scheduler.host_manager.HostManager' - help: 'The scheduler host manager class to use' - - - name: scheduler_max_attempts - type: integer - default: 3 - help: 'Maximum number of attempts to schedule an instance' - - - name: scheduler_host_subset_size - type: integer - default: 1 - help: 'New instances will be scheduled on a host chosen randomly from a subset of the N best hosts. This property defines the subset size that a host is chosen from. A value of 1 chooses the first host returned by the weighing functions. This value must be at least 1. Any value less than 1 will be ignored, and 1 will be used instead' - - - name: cpu_allocation_ratio - type: floating point - default: '16.0' - help: 'Virtual CPU to Physical CPU allocation ratio' - - - name: disk_allocation_ratio - type: floating point - default: '1.0' - help: 'virtual disk to physical disk allocation ratio' - - - name: max_io_ops_per_host - type: integer - default: 8 - help: 'Ignore hosts that have too many builds/resizes/snaps/migrations' - - - name: isolated_images - type: list - default: [] - help: 'Images to run on isolated host' - - - name: isolated_hosts - type: list - default: [] - help: 'Host reserved for specific images' - - - name: max_instances_per_host - type: integer - default: 50 - help: 'Ignore hosts that have too many instances' - - - name: ram_allocation_ratio - type: floating point - default: '1.5' - help: 'virtual ram to physical ram allocation ratio' - - - name: scheduler_available_filters - type: multi - default: 'nova.scheduler.filters.all_filters' - help: "Filter classes available to the scheduler which may be specified more than once. An entry of 'nova.scheduler.filters.standard_filters' maps to all filters included with nova." - - - name: scheduler_default_filters - type: list - default: ['RetryFilter', 'AvailabilityZoneFilter', 'RamFilter', 'ComputeFilter', 'ComputeCapabilitiesFilter', 'ImagePropertiesFilter'] - help: 'Which filter class names to use for filtering hosts when not specified in the request.' - - - name: scheduler_weight_classes - type: list - default: ['nova.scheduler.weights.all_weighers'] - help: 'Which weight class names to use for weighing hosts' - - - name: scheduler_driver - type: string - default: 'nova.scheduler.filter_scheduler.FilterScheduler' - help: 'Default driver to use for the scheduler' - - - name: compute_scheduler_driver - type: string - default: 'nova.scheduler.filter_scheduler.FilterScheduler' - help: 'Driver to use for scheduling compute calls' - - - name: default_scheduler_driver - type: string - default: 'nova.scheduler.chance.ChanceScheduler' - help: 'Default driver to use for scheduling calls' - - - name: scheduler_topic - type: string - default: 'scheduler' - help: 'the topic scheduler nodes listen on' - - - name: scheduler_json_config_location - type: string - default: '' - help: 'Absolute path to scheduler configuration JSON file.' - - - name: least_cost_functions - type: list - default: ~ - help: 'Which cost functions the LeastCostScheduler should use' - - - name: noop_cost_fn_weight - type: floating point - default: '1.0' - help: 'How much weight to give the noop cost function' - - - name: compute_fill_first_cost_fn_weight - type: floating point - default: ~ - help: 'How much weight to give the fill-first cost function. A negative value will reverse behavior: e.g. spread-first' - - - name: ram_weight_multiplier - type: floating point - default: '1.0' - help: 'Multiplier used for weighing ram. Negative numbers mean to stack vs spread.' - - - name: servicegroup_driver - type: string - default: 'db' - help: 'The driver for servicegroup service' - - - name: config_drive_format - type: string - default: 'iso9660' - help: 'Config drive format. One of iso9660' - - - name: config_drive_tempdir - type: string - default: ~ - help: 'Where to put temporary files associated with config drive creation' - - - name: force_config_drive - type: string - default: ~ - help: 'Set to force injection to take place on a config drive' - - - name: mkisofs_cmd - type: string - default: 'genisoimage' - help: 'Name and optionally path of the tool used for ISO image creation' - - - name: baremetal.injected_network_template - type: string - default: '$pybasedir/nova/virt/baremetal/interfaces.template' - help: 'Template file for injected network' - - - name: virt_mkfs - type: string - default: 'windowsmkfs.ntfs --force --fast --label %(fs_label)s %(target)s' - - - name: timeout_nbd - type: integer - default: 10 - help: 'time to wait for a NBD device coming up' - - - name: compute_driver - type: string - default: ~ - help: 'Driver to use for controlling virtualization. Options include: libvirt.LibvirtDriver, xenapi.XenAPIDriver, fake.FakeDriver, baremetal.BareMetalDriver, vmwareapi.VMWareESXDriver' - - - name: default_ephemeral_format - type: string - default: ~ - help: 'The default format an ephemeral_volume will be formatted with on creation.' - - - name: preallocate_images - type: string - default: 'none' - help: "VM image preallocation mode: 'none' => no storage provisioning is done up front, 'space' => storage is fully allocated at instance start" - - - name: use_cow_images - type: boolean - default: True - help: 'Whether to use cow images' - - - name: firewall_driver - type: string - default: ~ - help: 'Firewall driver' - - - name: allow_same_net_traffic - type: boolean - default: True - help: 'Whether to allow network traffic from same network' - - - name: vswitch_name - type: string - default: ~ - help: 'External virtual switch Name, if not provided, the first external virtual switch is used' - - - name: limit_cpu_features - type: boolean - default: False - help: 'Required for live migration among hosts with different CPU features' - - - name: config_drive_inject_password - type: boolean - default: False - help: 'Sets the admin password in the config drive image' - - - name: qemu_img_cmd - type: string - default: 'qemu-img.exe' - help: 'qemu-img is used to convert between different image types' - - - name: config_drive_cdrom - type: boolean - default: False - help: 'Attaches the Config Drive image as a cdrom drive instead of a disk drive' - - - name: hyperv_attaching_volume_retry_count - type: integer - default: 10 - help: 'The number of times we retry on attaching volume ' - - - name: hyperv_wait_between_attach_retry - type: integer - default: 5 - help: 'The seconds to wait between an volume attachment attempt' - - - name: force_volumeutils_v1 - type: boolean - default: False - help: 'Force volumeutils v1' - - - name: force_raw_images - type: boolean - default: True - help: 'Force backing images to raw format' - - - name: rescue_image_id - type: string - default: ~ - help: 'Rescue ami image' - - - name: rescue_kernel_id - type: string - default: ~ - help: 'Rescue aki image' - - - name: rescue_ramdisk_id - type: string - default: ~ - help: 'Rescue ari image' - - - name: libvirt_type - type: string - default: 'kvm' - help: 'Libvirt domain type' - - - name: libvirt_uri - type: string - default: '' - help: 'Override the default libvirt URI' - - - name: libvirt_inject_password - type: boolean - default: False - help: 'Inject the admin password at boot time, without an agent.' - - - name: libvirt_inject_key - type: boolean - default: True - help: 'Inject the ssh public key at boot time' - - - name: libvirt_inject_partition - type: integer - default: 1 - help: 'The partition to inject to : -2 => disable, -1 => inspect' - - - name: use_usb_tablet - type: boolean - default: True - help: 'Sync virtual and real mouse cursors in Windows VMs' - - - name: live_migration_uri - type: string - default: 'qemu+tcp://%s/system' - help: 'Migration target URI' - - - name: live_migration_flag - type: string - default: 'VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER' - help: 'Migration flags to be set for live migration' - - - name: block_migration_flag - type: string - default: 'VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER, VIR_MIGRATE_NON_SHARED_INC' - help: 'Migration flags to be set for block migration' - - - name: live_migration_bandwidth - type: integer - default: 0 - help: 'Maximum bandwidth to be used during migration, in Mbps' - - - name: snapshot_image_format - type: string - default: ~ - help: 'Snapshot image format' - - - name: libvirt_vif_driver - type: string - default: 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver' - help: 'The libvirt VIF driver to configure the VIFs.' - - - name: libvirt_volume_drivers - type: list - default: ['iscsinova.virt.libvirt.volume.LibvirtISCSIVolumeDriver', 'localnova.virt.libvirt.volume.LibvirtVolumeDriver', 'fakenova.virt.libvirt.volume.LibvirtFakeVolumeDriver', 'rbdnova.virt.libvirt.volume.LibvirtNetVolumeDriver', 'sheepdognova.virt.libvirt.volume.LibvirtNetVolumeDriver', 'nfsnova.virt.libvirt.volume.LibvirtNFSVolumeDriver', 'aoenova.virt.libvirt.volume.LibvirtAOEVolumeDriver', 'glusterfsnova.virt.libvirt.volume.LibvirtGlusterfsVolumeDriver', 'fibre_channelnova.virt.libvirt.volume.LibvirtFibreChannelVolumeDriver', 'scalitynova.virt.libvirt.volume.LibvirtScalityVolumeDriver'] - help: 'Libvirt handlers for remote volumes.' - - - name: libvirt_disk_prefix - type: string - default: ~ - help: 'Override the default disk prefix for the devices attached to a server, which is dependent on libvirt_type.' - - - name: libvirt_wait_soft_reboot_seconds - type: integer - default: 120 - help: 'Number of seconds to wait for instance to shut down after soft reboot request is made. We fall back to hard reboot if instance does not shutdown within this window.' - - - name: libvirt_nonblocking - type: boolean - default: True - help: 'Use a separated OS thread pool to realize non-blocking libvirt calls' - - - name: libvirt_cpu_mode - type: string - default: ~ - help: "Set to 'host-model' to clone the host CPU feature flags; to 'host-passthrough' to use the host CPU model exactly; to 'custom' to use a named CPU model; to 'none' to not set any CPU model. If libvirt_type='kvm|qemu', it will default to 'host-model', otherwise it will default to 'none'" - - - name: libvirt_cpu_model - type: string - default: ~ - help: 'Set to a named libvirt CPU model' - - - name: libvirt_snapshots_directory - type: string - default: '$instances_path/snapshots' - help: 'Location where libvirt driver will store snapshots before uploading them to image service' - - - name: xen_hvmloader_path - type: string - default: '/usr/lib/xen/boot/hvmloader' - help: 'Location where the Xen hvmloader is kept' - - - name: disk_cachemodes - type: list - default: [] - help: "Specific cachemodes to use for different disk types e.g: ['file=directsync','block=none']" - - - name: libvirt_images_type - type: string - default: 'default' - help: 'VM Images format. Acceptable values are: raw, qcow2, lvm, default. If default is specified, then use_cow_images flag is used instead of this one.' - - - name: libvirt_images_volume_group - type: string - default: ~ - help: 'LVM Volume Group that is used for VM images, when you specify libvirt_images_type=lvm.' - - - name: libvirt_sparse_logical_volumes - type: boolean - default: False - help: 'Create sparse logical volumes' - - - name: libvirt_lvm_snapshot_size - type: integer - default: 1000 - help: 'The amount of storage' - - - name: base_dir_name - type: string - default: '_base' - help: 'Where cached images are stored under $instances_path.This is NOT the full path - just a folder name.For per-compute-host cached images, set to _base_$my_ip' - - - name: image_info_filename_pattern - type: string - default: '$instances_path/$base_dir_name/%(image)s.info' - help: 'Allows image information files to be stored in non-standard locations' - - - name: remove_unused_base_images - type: boolean - default: True - help: 'Should unused base images be removed?' - - - name: remove_unused_kernels - type: boolean - default: False - help: 'Should unused kernel images be removed? This is only safe to enable if all compute nodes have been updated to support this option. This will enabled by default in future.' - - - name: remove_unused_resized_minimum_age_seconds - type: integer - default: 3600 - help: 'Unused resized base images younger than this will not be removed' - - - name: remove_unused_original_minimum_age_seconds - type: integer - default: 86400 - help: 'Unused unresized base images younger than this will not be removed' - - - name: checksum_base_images - type: boolean - default: False - help: 'Write a checksum for files in _base to disk' - - - name: checksum_interval_seconds - type: integer - default: 3600 - help: 'How frequently to checksum base images' - - - name: libvirt_snapshot_compression - type: boolean - default: False - help: 'Compress snapshot images when possible. This currently applies exclusively to qcow2 images' - - - name: libvirt_ovs_bridge - type: string - default: 'br-int' - help: 'Name of Integration Bridge used by Open vSwitch' - - - name: libvirt_use_virtio_for_bridges - type: boolean - default: True - help: 'Use virtio for bridge interfaces with KVM/QEMU' - - - name: num_iscsi_scan_tries - type: integer - default: 3 - help: 'number of times to rescan iSCSI target to find volume' - - - name: rbd_user - type: string - default: ~ - help: 'the RADOS client name for accessing rbd volumes' - - - name: rbd_secret_uuid - type: string - default: ~ - help: 'the libvirt uuid of the secret for the rbd_uservolumes' - - - name: nfs_mount_point_base - type: string - default: '$state_path/mnt' - help: 'Dir where the nfs volume is mounted on the compute node' - - - name: nfs_mount_options - type: string - default: ~ - help: 'Mount options passed to the nfs client. See section of the nfs man page for details' - - - name: num_aoe_discover_tries - type: integer - default: 3 - help: 'number of times to rediscover AoE target to find volume' - - - name: glusterfs_mount_point_base - type: string - default: '$state_path/mnt' - help: 'Dir where the glusterfs volume is mounted on the compute node' - - - name: libvirt_iscsi_use_multipath - type: boolean - default: False - help: 'use multipath connection of the iSCSI volume' - - - name: scality_sofs_config - type: string - default: ~ - help: 'Path or URL to Scality SOFS configuration file' - - - name: scality_sofs_mount_point - type: string - default: '$state_path/scality' - help: 'Base dir where Scality SOFS shall be mounted' - - - name: powervm_mgr_type - type: string - default: 'ivm' - help: 'PowerVM manager type' - - - name: powervm_mgr - type: string - default: ~ - help: 'PowerVM manager host or ip' - - - name: powervm_mgr_user - type: string - default: ~ - help: 'PowerVM manager user name' - - - name: powervm_mgr_passwd - type: string - default: ~ - help: 'PowerVM manager user password' - - - name: powervm_img_remote_path - type: string - default: '/home/padmin' - help: 'PowerVM image remote path where images will be moved. Make sure this path can fit your biggest image in glance' - - - name: powervm_img_local_path - type: string - default: '/tmp' - help: 'Local directory to download glance images to. Make sure this path can fit your biggest image in glance' - - - name: vmwareapi_host_ip - type: string - default: ~ - help: 'URL for connection to VMware ESX/VC host. Required if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' - - - name: vmwareapi_host_username - type: string - default: ~ - help: 'Username for connection to VMware ESX/VC host. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' - - - name: vmwareapi_host_password - type: string - default: ~ - help: 'Password for connection to VMware ESX/VC host. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' - - - name: vmwareapi_cluster_name - type: string - default: ~ - help: 'Name of a VMware Cluster ComputeResource. Used only if compute_driver is vmwareapi.VMwareVCDriver.' - - - name: vmwareapi_task_poll_interval - type: floating point - default: '5.0' - help: 'The interval used for polling of remote tasks. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' - - - name: vmwareapi_api_retry_count - type: integer - default: 10 - help: 'The number of times we retry on failures, e.g., socket error, etc. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' - - - name: vnc_port - type: port - default: 5900 - help: 'VNC starting port' - - - name: vnc_port_total - type: integer - default: 10000 - help: 'Total number of VNC ports' - - - name: vnc_password - type: string - default: ~ - help: 'VNC password' - - - name: use_linked_clone - type: boolean - default: True - help: 'Whether to use linked clone' - - - name: vmwareapi_vlan_interface - type: string - default: 'vmnic0' - help: 'Physical ethernet adapter name for vlan networking' - - - name: vmwareapi_wsdl_loc - type: string - default: ~ - help: 'Optional VIM Service WSDL Location e.g http:///vimService.wsdl' - - - name: agent_timeout - type: integer - default: 30 - help: 'number of seconds to wait for agent reply' - - - name: agent_version_timeout - type: integer - default: 300 - help: 'number of seconds to wait for agent to be fully operational' - - - name: agent_resetnetwork_timeout - type: integer - default: 60 - help: 'number of seconds to wait for agent reply to resetnetwork request' - - - name: xenapi_agent_path - type: string - default: 'usr/sbin/xe-update-networking' - help: 'Specifies the path in which the xenapi guest agent should be located. If the agent is present, network configuration is not injected into the image. Used if compute_driver=xenapi.XenAPIDriver and flat_injected=True' - - - name: xenapi_disable_agent - type: boolean - default: False - help: 'Disable XenAPI agent. Reduces the amount of time it takes nova to detect that a VM has started, when that VM does not have the agent installed' - - - name: xenapi_connection_url - type: string - default: ~ - help: 'URL for connection to XenServer/Xen Cloud Platform. Required if compute_driver=xenapi.XenAPIDriver' - - - name: xenapi_connection_username - type: string - default: 'root' - help: 'Username for connection to XenServer/Xen Cloud Platform. Used only if compute_driver=xenapi.XenAPIDriver' - - - name: xenapi_connection_password - type: string - default: ~ - help: 'Password for connection to XenServer/Xen Cloud Platform. Used only if compute_driver=xenapi.XenAPIDriver' - - - name: xenapi_connection_concurrent - type: integer - default: 5 - help: 'Maximum number of concurrent XenAPI connections. Used only if compute_driver=xenapi.XenAPIDriver' - - - name: xenapi_vhd_coalesce_poll_interval - type: floating point - default: '5.0' - help: 'The interval used for polling of coalescing vhds. Used only if compute_driver=xenapi.XenAPIDriver' - - - name: xenapi_check_host - type: boolean - default: True - help: 'Ensure compute service is running on host XenAPI connects to.' - - - name: xenapi_vhd_coalesce_max_attempts - type: integer - default: 5 - help: 'Max number of times to poll for VHD to coalesce. Used only if compute_driver=xenapi.XenAPIDriver' - - - name: xenapi_sr_base_path - type: string - default: '/var/run/sr-mount' - help: 'Base path to the storage repository' - - - name: target_host - type: string - default: ~ - help: 'iSCSI Target Host' - - - name: target_port - type: port - default: 3260 - help: 'iSCSI Target Port, 3260 Default' - - - name: iqn_prefix - type: string - default: 'iqn.2010-10.org.openstack' - help: 'IQN Prefix' - - - name: xenapi_remap_vbd_dev - type: boolean - default: False - help: 'Used to enable the remapping of VBD dev' - - - name: xenapi_remap_vbd_dev_prefix - type: string - default: 'sd' - help: 'Specify prefix to remap VBD dev to' - - - name: xenapi_login_timeout - type: integer - default: 10 - help: 'Timeout in seconds for XenAPI login.' - - - name: use_join_force - type: boolean - default: True - help: 'To use for hosts with different CPUs' - - - name: xenapi_ovs_integration_bridge - type: string - default: 'xapi1' - help: 'Name of Integration Bridge used by Open vSwitch' - - - name: cache_images - type: string - default: 'all' - help: 'Cache glance images locally. `all` will cache all images, `some` will only cache images that have the image_property `cache_in_nova=True`, and `none` turns off caching entirely' - - - name: default_os_type - type: string - default: 'linux' - help: 'Default OS type' - - - name: block_device_creation_timeout - type: integer - default: 10 - help: 'Time to wait for a block device to be created' - - - name: max_kernel_ramdisk_size - type: integer - default: 16777216 - help: 'Maximum size in bytes of kernel or ramdisk images' - - - name: sr_matching_filter - type: string - default: 'other-config:i18n-keylocal-storage' - help: 'Filter for finding the SR to be used to install guest instances on. The default value is the Local Storage in default XenServer/XCP installations. To select an SR with a different matching criteria, you could set it to other- config:my_favorite_sr=true. On the other hand, to fall back on the Default SR, as displayed by XenCenter, set this flag to: default-sr:true' - - - name: xenapi_sparse_copy - type: boolean - default: True - help: 'Whether to use sparse_copy for copying data on a resize down' - - - name: xenapi_num_vbd_unplug_retries - type: integer - default: 10 - help: 'Maximum number of retries to unplug VBD' - - - name: xenapi_torrent_images - type: string - default: 'none' - help: 'Whether or not to download images via Bit Torrent' - - - name: xenapi_torrent_base_url - type: string - default: ~ - help: 'Base URL for torrent files.' - - - name: xenapi_torrent_seed_chance - type: floating point - default: '1.0' - help: 'Probability that peer will become a seeder.' - - - name: xenapi_torrent_seed_duration - type: integer - default: 3600 - help: 'Number of seconds after downloading an image via BitTorrent that it should be seeded for other peers.' - - - name: xenapi_torrent_max_last_accessed - type: integer - default: 86400 - help: 'Cached torrent files not accessed within this number of seconds can be reaped' - - - name: xenapi_torrent_listen_port_start - type: port - default: 6881 - help: 'Beginning of port range to listen on' - - - name: xenapi_torrent_listen_port_end - type: port - default: 6891 - help: 'End of port range to listen on' - - - name: xenapi_torrent_download_stall_cutoff - type: integer - default: 600 - help: 'Number of seconds a download can remain at the same progress percentage w/o being considered a stall' - - - name: xenapi_torrent_max_seeder_processes_per_host - type: integer - default: 1 - help: 'Maximum number of seeder processes to run concurrently within a given dom0.' - - - name: xenapi_running_timeout - type: integer - default: 60 - help: 'number of seconds to wait for instance to go to running state' - - - name: xenapi_vif_driver - type: string - default: 'nova.virt.xenapi.vif.XenAPIBridgeDriver' - help: 'The XenAPI VIF driver using XenServer Network APIs.' - - - name: xenapi_image_upload_handler - type: string - default: 'nova.virt.xenapi.imageupload.glance.GlanceStore' - help: 'Object Store Driver used to handle image uploads.' - - - name: novncproxy_base_url - type: string - default: 'http://127.0.0.1:6080/vnc_auto.html' - help: "location of vnc console proxy, in the form 'http://127.0.0.1:6080/vnc_auto.html'" - - - name: xvpvncproxy_base_url - type: string - default: 'http://127.0.0.1:6081/console' - help: "location of nova xvp vnc console proxy, in the form 'http://127.0.0.1:6081/console'" - - - name: vncserver_listen - type: string - default: '127.0.0.1' - help: 'IP address on which instance vncservers should listen' - - - name: vncserver_proxyclient_address - type: string - default: '127.0.0.1' - help: 'the address to which proxy clients' - - - name: vnc_enabled - type: boolean - default: True - help: 'enable vnc related features' - - - name: vnc_keymap - type: string - default: 'en-us' - help: 'keymap for vnc' - - - name: xvpvncproxy_port - type: port - default: 6081 - help: 'Port that the XCP VNC proxy should bind to' - - - name: xvpvncproxy_host - type: host - default: '0.0.0.0' - help: 'Address that the XCP VNC proxy should bind to' - - - name: volume_api_class - type: string - default: 'nova.volume.cinder.API' - help: 'The full class name of the volume API class to use' - - - name: cinder_catalog_info - type: string - default: 'volume:cinder:publicURL' - help: 'Info to match when looking for cinder in the service catalog. Format is : separated values of the form: ::' - - - name: cinder_endpoint_template - type: string - default: ~ - help: 'Override service catalog lookup with template for cinder endpoint e.g. http://localhost:8776/v1/%(project_id)s' - - - name: os_region_name - type: string - default: ~ - help: 'region name of this node' - - - name: cinder_http_retries - type: integer - default: 3 - help: 'Number of cinderclient retries on failed http calls' - - - name: cinder_api_insecure - type: boolean - default: False - help: 'Allow to perform insecure SSL requests to cinder' - - - name: cinder_cross_az_attach - type: boolean - default: True - help: 'Allow attach between instance and volume in different availability zones.' - - - name: HYPERV.instances_path_share - type: string - default: '' - help: "The name of a Windows share name mapped to the 'instances_path' dir and used by the resize feature to copy files to the target host. If left blank, an administrative share will be used, looking for the same 'instances_path' used locally" - - - name: conductor.use_local - type: boolean - default: False - help: 'Perform nova-conductor operations locally' - - - name: cells.topic - type: string - default: 'cells' - help: 'the topic cells nodes listen on' - - - name: cells.manager - type: string - default: 'nova.cells.manager.CellsManager' - help: 'Manager for cells' - - - name: baremetal.driver - type: string - default: 'nova.virt.baremetal.pxe.PXE' - help: 'Baremetal driver back-end' - - - name: cells.instance_updated_at_threshold - type: integer - default: 3600 - help: 'Number of seconds after an instance was updated or deleted to continue to update cells' - - - name: cells.instance_update_num_instances - type: integer - default: 1 - help: 'Number of instances to update per periodic task run' - - - name: cells.max_hop_count - type: integer - default: 10 - help: 'Maximum number of hops for cells routing.' - - - name: cells.scheduler - type: string - default: 'nova.cells.scheduler.CellsScheduler' - help: 'Cells scheduler to use' - - - name: cells.enable - type: boolean - default: False - help: 'Enable cell functionality' - - - name: cells.name - type: string - default: 'nova' - help: 'name of this cell' - - - name: cells.capabilities - type: list - default: ['hypervisorxenserver;kvm', 'oslinux;windows'] - help: 'Key/Multi-value list with the capabilities of the cell' - - - name: cells.call_timeout - type: integer - default: 60 - help: 'Seconds to wait for response from a call to a cell.' - - - name: cells.rpc_driver_queue_base - type: string - default: 'cells.intercell' - help: 'Base queue name to use when communicating between cells. Various topics by message type will be appended to this.' - - - name: cells.scheduler_retries - type: integer - default: 10 - help: 'How many retries when no cells are available.' - - - name: cells.scheduler_retry_delay - type: integer - default: 2 - help: 'How often to retry in seconds when no cells are available.' - - - name: cells.db_check_interval - type: integer - default: 60 - help: 'Seconds between getting fresh cell info from db.' - - - name: zookeeper.address - type: string - default: ~ - help: 'The ZooKeeper addresses for servicegroup service in the format of host1:port,host2:port,host3:port' - - - name: zookeeper.recv_timeout - type: integer - default: 4000 - help: 'recv_timeout parameter for the zk session' - - - name: zookeeper.sg_prefix - type: string - default: '/servicegroups' - help: 'The prefix used in ZooKeeper to store ephemeral nodes' - - - name: zookeeper.sg_retry_interval - type: integer - default: 5 - help: 'Number of seconds to wait until retrying to join the session' - - - name: baremetal.inject_password - type: boolean - default: True - help: 'Whether baremetal compute injects password or not' - - - name: baremetal.vif_driver - type: string - default: 'nova.virt.baremetal.vif_driver.BareMetalVIFDriver' - help: 'Baremetal VIF driver.' - - - name: baremetal.volume_driver - type: string - default: 'nova.virt.baremetal.volume_driver.LibvirtVolumeDriver' - help: 'Baremetal volume driver.' - - - name: baremetal.instance_type_extra_specs - type: list - default: [] - help: "a list of additional capabilities corresponding to instance_type_extra_specs for this compute host to advertise. Valid entries are name=value, pairs For example, 'key1:val1, key2:val2'" - - - name: baremetal.power_manager - type: string - default: 'nova.virt.baremetal.ipmi.IPMI' - help: 'Baremetal power management method' - - - name: baremetal.tftp_root - type: string - default: '/tftpboot' - help: "Baremetal compute node's tftp root path" - - - name: baremetal.terminal - type: string - default: 'shellinaboxd' - help: 'path to baremetal terminal program' - - - name: baremetal.terminal_cert_dir - type: string - default: ~ - help: 'path to baremetal terminal SSL cert(PEM)' - - - name: baremetal.terminal_pid_dir - type: string - default: '$state_path/baremetal/console' - help: 'path to directory stores pidfiles of baremetal_terminal' - - - name: baremetal.ipmi_power_retry - type: integer - default: 5 - help: 'maximal number of retries for IPMI operations' - - - name: baremetal.deploy_kernel - type: string - default: ~ - help: 'Default kernel image ID used in deployment phase' - - - name: baremetal.deploy_ramdisk - type: string - default: ~ - help: 'Default ramdisk image ID used in deployment phase' - - - name: baremetal.net_config_template - type: string - default: '$pybasedir/nova/virt/baremetal/net-dhcp.ubuntu.template' - help: 'Template file for injected network config' - - - name: baremetal.pxe_append_params - type: string - default: ~ - help: 'additional append parameters for baremetal PXE boot' - - - name: baremetal.pxe_config_template - type: string - default: '$pybasedir/nova/virt/baremetal/pxe_config.template' - help: 'Template file for PXE configuration' - - - name: baremetal.pxe_deploy_timeout - type: integer - default: 0 - help: 'Timeout for PXE deployments. Default: 0' - - - name: baremetal.virtual_power_ssh_host - type: string - default: '' - help: 'ip or name to virtual power host' - - - name: baremetal.virtual_power_type - type: string - default: 'vbox' - help: 'base command to use for virtual power(vbox,virsh)' - - - name: baremetal.virtual_power_host_user - type: string - default: '' - help: 'user to execute virtual power commands as' - - - name: baremetal.virtual_power_host_pass - type: string - default: '' - help: 'password for virtual power host_user' - - - name: baremetal.use_unsafe_iscsi - type: boolean - default: False - help: 'Do not set this out of dev/test environments. If a node does not have a fixed PXE IP address, volumes are exported with globally opened ACL' - - - name: baremetal.iscsi_iqn_prefix - type: string - default: 'iqn.2010-10.org.openstack.baremetal' - help: 'iSCSI IQN prefix used in baremetal volume connections.' - - - name: rpc_notifier2.topics - type: list - default: ['notifications'] - help: 'AMQP topic(s) used for openstack notifications' - - - name: trusted_computing.attestation_server - type: string - default: ~ - help: 'attestation server http' - - - name: trusted_computing.attestation_server_ca_file - type: string - default: ~ - help: 'attestation server Cert file for Identity verification' - - - name: trusted_computing.attestation_port - type: port - default: 8443 - help: 'attestation server port' - - - name: trusted_computing.attestation_api_url - type: string - default: '/OpenAttestationWebServices/V1.0' - help: 'attestation web API URL' - - - name: trusted_computing.attestation_auth_blob - type: string - default: ~ - help: 'attestation authorization blob - must change' - - - name: trusted_computing.attestation_auth_timeout - type: integer - default: 60 - help: 'Attestation status cache valid period length' - - - name: vmware.integration_bridge - type: string - default: 'br-int' - help: 'Name of Integration Bridge' - - - name: spice.html5proxy_base_url - type: string - default: 'http://127.0.0.1:6082/spice_auto.html' - help: "location of spice html5 console proxy, in the form 'http://127.0.0.1:6082/spice_auto.html'" - - - name: spice.server_listen - type: string - default: '127.0.0.1' - help: 'IP address on which instance spice server should listen' - - - name: spice.server_proxyclient_address - type: string - default: '127.0.0.1' - help: 'the address to which proxy clients' - - - name: spice.enabled - type: boolean - default: False - help: 'enable spice related features' - - - name: spice.agent_enabled - type: boolean - default: True - help: 'enable spice guest agent support' - - - name: spice.keymap - type: string - default: 'en-us' - help: 'keymap for spice' - diff --git a/rubick/schemas/nova/2013.2.0.yml b/rubick/schemas/nova/2013.2.0.yml deleted file mode 100644 index 2779498..0000000 --- a/rubick/schemas/nova/2013.2.0.yml +++ /dev/null @@ -1,3229 +0,0 @@ -project: nova -version: '2013.2.0' -parameters: - - - name: internal_service_availability_zone - type: string - default: 'internal' - help: 'availability_zone to show internal services under ' - - - name: default_availability_zone - type: string - default: 'nova' - help: 'default compute node availability_zone ' - - - name: ssl.ca_file - type: string - default: ~ - help: 'CA certificate file to use to verify connecting clients ' - - - name: ssl.key_file - type: string - default: ~ - help: 'Private key file to use when starting the server securely ' - - - name: crl_file - type: string - default: 'crl.pem' - help: 'Filename of root Certificate Revocation List ' - - - name: keys_path - type: string - default: '$state_path/keys' - help: 'Where we keep our keys ' - - - name: ca_path - type: string - default: '$state_path/CA' - help: 'Where we keep our root CA ' - - - name: use_project_ca - type: boolean - default: False - help: 'Should we use a CA for each project? ' - - - name: user_cert_subject - type: string - default: '/C=US/ST=California/O=OpenStack/OU=NovaDev/CN=%.16s-%.16s-%s' - help: 'Subject for certificate for users, %s for project, user, timestamp ' - - - name: project_cert_subject - type: string - default: '/C=US/ST=California/O=OpenStack/OU=NovaDev/CN=project-ca-%.16s-%s' - help: 'Subject for certificate for projects, %s for project, timestamp ' - - - name: fatal_exception_format_errors - type: boolean - default: False - help: 'make exception message format errors fatal ' - - - name: my_ip - type: string - default: '10.0.0.1' - help: 'ip address of this host ' - - - name: matchmaker_redis.host - type: string - default: '127.0.0.1' - help: 'Host to locate redis ' - - - name: use_ipv6 - type: boolean - default: False - help: 'use ipv6 ' - - - name: notify_on_state_change - type: string - default: ~ - help: "If set, send compute.instance.update notifications on instance state changes. Valid values are None for no notifications, 'vm_state' for notifications on VM state changes, or 'vm_and_task_state' for notifications on VM and task state changes. " - - - name: notify_api_faults - type: boolean - default: False - help: 'If set, send api.fault notifications on caught exceptions in the API service. ' - - - name: pybasedir - type: string - default: '/usr/lib/python/site-packages' - help: 'Directory where the nova python module is installed ' - - - name: bindir - type: string - default: '/usr/local/bin' - help: 'Directory where nova binaries are installed ' - - - name: state_path - type: string - default: '$pybasedir' - help: "Top-level directory for maintaining nova's state " - - - name: policy_file - type: string - default: 'policy.json' - help: 'JSON file representing policy ' - - - name: policy_default_rule - type: string - default: 'default' - help: 'Rule checked when requested rule is not found ' - - - name: quota_instances - type: integer - default: 10 - help: 'number of instances allowed per project ' - - - name: quota_cores - type: integer - default: 20 - help: 'number of instance cores allowed per project ' - - - name: quota_ram - type: integer - default: 51200 - help: 'megabytes of instance ram allowed per project ' - - - name: quota_floating_ips - type: integer - default: 10 - help: 'number of floating ips allowed per project ' - - - name: quota_fixed_ips - type: integer - default: -1 - help: 'number of fixed ips allowed per project (this should be at least the number of instances allowed) ' - - - name: quota_metadata_items - type: integer - default: 128 - help: 'number of metadata items allowed per instance ' - - - name: quota_injected_files - type: integer - default: 5 - help: 'number of injected files allowed ' - - - name: quota_injected_file_content_bytes - type: integer - default: 10240 - help: 'number of bytes allowed per injected file ' - - - name: quota_injected_file_path_bytes - type: integer - default: 255 - help: 'number of bytes allowed per injected file path ' - - - name: quota_security_groups - type: integer - default: 10 - help: 'number of security groups per project ' - - - name: quota_security_group_rules - type: integer - default: 20 - help: 'number of security rules per security group ' - - - name: quota_key_pairs - type: integer - default: 100 - help: 'number of key pairs per user ' - - - name: reservation_expire - type: integer - default: 86400 - help: 'number of seconds until a reservation expires ' - - - name: until_refresh - type: integer - default: 0 - help: 'count of reservations until usage is refreshed ' - - - name: max_age - type: integer - default: 0 - help: 'number of seconds between subsequent usage refreshes ' - - - name: quota_driver - type: string - default: 'nova.quota.DbQuotaDriver' - help: 'default driver to use for quota checks ' - - - name: report_interval - type: integer - default: 10 - help: 'seconds between nodes reporting state to datastore ' - - - name: periodic_enable - type: boolean - default: True - help: 'enable periodic tasks ' - - - name: periodic_fuzzy_delay - type: integer - default: 60 - help: 'range of seconds to randomly delay when starting the periodic task scheduler to reduce stampeding. (Disable by setting to 0) ' - - - name: enabled_apis - type: string_list - default: ['ec2', 'osapi_compute', 'metadata'] - help: 'a list of APIs to enable by default ' - - - name: enabled_ssl_apis - type: string_list - default: [] - help: 'a list of APIs with enabled SSL ' - - - name: ec2_listen - type: host - default: '0.0.0.0' - help: 'IP address for EC2 API to listen ' - - - name: ec2_listen_port - type: port - default: 8773 - help: 'port for ec2 api to listen ' - - - name: ec2_workers - type: integer - default: ~ - help: 'Number of workers for EC2 API service ' - - - name: osapi_compute_listen - type: host - default: '0.0.0.0' - help: 'IP address for OpenStack API to listen ' - - - name: osapi_compute_listen_port - type: port - default: 8774 - help: 'list port for osapi compute ' - - - name: osapi_compute_workers - type: integer - default: ~ - help: 'Number of workers for OpenStack API service ' - - - name: metadata_manager - type: string - default: 'nova.api.manager.MetadataManager' - help: 'OpenStack metadata service manager ' - - - name: metadata_listen - type: host - default: '0.0.0.0' - help: 'IP address for metadata api to listen ' - - - name: metadata_listen_port - type: port - default: 8775 - help: 'port for metadata api to listen ' - - - name: metadata_workers - type: integer - default: ~ - help: 'Number of workers for metadata service ' - - - name: compute_manager - type: string - default: 'nova.compute.manager.ComputeManager' - help: 'full class name for the Manager for compute ' - - - name: console_manager - type: string - default: 'nova.console.manager.ConsoleProxyManager' - help: 'full class name for the Manager for console proxy ' - - - name: cert_manager - type: string - default: 'nova.cert.manager.CertManager' - help: 'full class name for the Manager for cert ' - - - name: network_manager - type: string - default: 'nova.network.manager.VlanManager' - help: 'full class name for the Manager for network ' - - - name: scheduler_manager - type: string - default: 'nova.scheduler.manager.SchedulerManager' - help: 'full class name for the Manager for scheduler ' - - - name: service_down_time - type: integer - default: 60 - help: 'maximum time since last check-in for up service ' - - - name: sqlite_clean_db - type: string - default: 'clean.sqlite' - help: 'File name of clean sqlite db ' - - - name: monkey_patch - type: boolean - default: False - help: 'Whether to log monkey patching ' - - - name: monkey_patch_modules - type: string_list - default: ['nova.api.ec2.cloud:nova.notifications.notify_decorator', 'nova.compute.api:nova.notifications.notify_decorator'] - help: 'List of modules/decorators to monkey patch ' - - - name: password_length - type: integer - default: 12 - help: 'Length of generated instance admin passwords ' - - - name: instance_usage_audit_period - type: string - default: 'month' - help: 'time period to generate instance usages for. Time period must be hour, day, month or year ' - - - name: rootwrap_config - type: string - default: '/etc/nova/rootwrap.conf' - help: 'Path to the rootwrap configuration file to use for running commands as root ' - - - name: tempdir - type: string - default: ~ - help: 'Explicitly specify the temporary working directory ' - - - name: api_paste_config - type: string - default: 'api-paste.ini' - help: 'File name for the paste.deploy config for nova-api ' - - - name: wsgi_log_format - type: string - default: '%(client_ip)s "%(request_line)s" status: %(status_code)s len: %(body_length)s time: %(wall_seconds).7f' - help: 'A python format string that is used as the template to generate log lines. The following values can be formatted into it: client_ip, date_time, request_line, status_code, body_length, wall_seconds. ' - - - name: ssl_ca_file - type: string - default: ~ - help: 'CA certificate file to use to verify connecting clients ' - - - name: ssl_cert_file - type: string - default: ~ - help: 'SSL certificate of API server ' - - - name: ssl_key_file - type: string - default: ~ - help: 'SSL private key of API server ' - - - name: tcp_keepidle - type: integer - default: 600 - help: 'Sets the value of TCP_KEEPIDLE in seconds for each server socket. Not supported on OS X. ' - - - name: api_rate_limit - type: boolean - default: False - help: 'whether to use per-user rate limiting for the api. ' - - - name: auth_strategy - type: string - default: 'noauth' - help: 'The strategy to use for auth: noauth or keystone. ' - - - name: use_forwarded_for - type: boolean - default: False - help: 'Treat X-Forwarded-For as the canonical remote address. Only enable this if you have a sanitizing proxy. ' - - - name: lockout_attempts - type: integer - default: 5 - help: 'Number of failed auths before lockout. ' - - - name: lockout_minutes - type: integer - default: 15 - help: 'Number of minutes to lockout if triggered. ' - - - name: lockout_window - type: integer - default: 15 - help: 'Number of minutes for lockout window. ' - - - name: keystone_ec2_url - type: string - default: 'http://localhost:5000/v2.0/ec2tokens' - help: 'URL to get token from ec2 request. ' - - - name: ec2_private_dns_show_ip - type: boolean - default: False - help: 'Return the IP address as private dns hostname in describe instances ' - - - name: ec2_strict_validation - type: boolean - default: True - help: 'Validate security group names according to EC2 specification ' - - - name: ec2_timestamp_expiry - type: integer - default: 300 - help: 'Time in seconds before ec2 timestamp expires ' - - - name: ec2_host - type: string - default: '$my_ip' - help: 'the ip of the ec2 api server ' - - - name: ec2_dmz_host - type: string - default: '$my_ip' - help: 'the internal ip of the ec2 api server ' - - - name: ec2_port - type: port - default: 8773 - help: 'the port of the ec2 api server ' - - - name: ec2_scheme - type: string - default: 'http' - help: 'the protocol to use when connecting to the ec2 api server (http, https) ' - - - name: ec2_path - type: string - default: '/services/Cloud' - help: 'the path prefix used to call the ec2 api server ' - - - name: region_list - type: string_list - default: [] - help: 'list of region=fqdn pairs separated by commas ' - - - name: config_drive_skip_versions - type: string - default: '1.0 2007-01-19 2007-03-01 2007-08-29 2007-10-10 2007-12-15 2008-02-01 2008-09-01' - help: 'List of metadata versions to skip placing into the config drive ' - - - name: vendordata_driver - type: string - default: 'nova.api.metadata.vendordata_json.JsonFileVendorData' - help: 'Driver to use for vendor data ' - - - name: service_neutron_metadata_proxy - type: boolean - default: False - help: 'Set flag to indicate Neutron will proxy metadata requests and resolve instance ids. ' - - - name: neutron_metadata_proxy_shared_secret - type: string - default: '' - help: 'Shared secret to validate proxies Neutron metadata requests ' - - - name: vendordata_jsonfile_path - type: string - default: ~ - help: 'File to load json formated vendor data from ' - - - name: osapi_max_limit - type: integer - default: 1000 - help: 'the maximum number of items returned in a single response from a collection resource ' - - - name: osapi_compute_link_prefix - type: string - default: ~ - help: 'Base URL that will be presented to users in links to the OpenStack Compute API ' - - - name: osapi_glance_link_prefix - type: string - default: ~ - help: 'Base URL that will be presented to users in links to glance resources ' - - - name: allow_instance_snapshots - type: boolean - default: True - help: 'Permit instance snapshot operations. ' - - - name: osapi_compute_ext_list - type: string_list - default: [] - help: 'Specify list of extensions to load when using osapi_compute_extension option with nova.api.openstack.compute.contrib.select_extensions ' - - - name: fping_path - type: string - default: '/usr/sbin/fping' - help: 'Full path to fping. ' - - - name: enable_network_quota - type: boolean - default: False - help: 'Enables or disables quota checking for tenant networks ' - - - name: use_neutron_default_nets - type: string - default: 'False' - help: 'Control for checking for default networks ' - - - name: neutron_default_tenant_id - type: string - default: 'default' - help: 'Default tenant id when creating neutron networks ' - - - name: osapi_compute_extension - type: string - default: 'nova.api.openstack.compute.contrib.standard_extensions' - help: 'osapi compute extension to load (multi valued)' - - - name: osapi_hide_server_address_states - type: string_list - default: ['building'] - help: 'List of instance states that should hide network info ' - - - name: enable_instance_password - type: boolean - default: True - help: 'Allows use of instance password during server creation ' - - - name: osapi_max_request_body_size - type: integer - default: 114688 - help: 'the maximum body size per each osapi request(bytes) ' - - - name: compute_api_class - type: string - default: 'nova.compute.api.API' - help: 'The full class name of the compute API class to use (deprecated) ' - - - name: cert_topic - type: string - default: 'cert' - help: 'the topic cert nodes listen on ' - - - name: vpn_image_id - type: string - default: '0' - help: 'image id used when starting up a cloudpipe vpn server ' - - - name: vpn_flavor - type: string - default: 'm1.tiny' - help: 'Flavor for vpn instances ' - - - name: boot_script_template - type: string - default: '$pybasedir/nova/cloudpipe/bootscript.template' - help: 'Template for cloudpipe instance boot script ' - - - name: dmz_net - type: string - default: '10.0.0.0' - help: 'Network to push into openvpn config ' - - - name: dmz_mask - type: string - default: '255.255.255.0' - help: 'Netmask to push into openvpn config ' - - - name: vpn_key_suffix - type: string - default: '-vpn' - help: 'Suffix to add to project name for vpn key and secgroups ' - - - name: record - type: boolean - default: False - help: 'Record sessions to FILE.[session_number] ' - - - name: daemon - type: boolean - default: False - help: 'Become a daemon (background process) ' - - - name: ssl_only - type: boolean - default: False - help: 'Disallow non-encrypted connections ' - - - name: source_is_ipv6 - type: boolean - default: False - help: 'Source is ipv6 ' - - - name: upgrade_levels.cert - type: string - default: ~ - help: 'Set a version cap for messages sent to cert services ' - - - name: key - type: string - default: ~ - help: 'SSL key file (if separate from cert) ' - - - name: web - type: string - default: '/usr/share/spice-html5' - help: 'Run webserver on same port. Serve files from DIR. ' - - - name: novncproxy_host - type: host - default: '0.0.0.0' - help: 'Host on which to listen for incoming requests ' - - - name: novncproxy_port - type: port - default: 6080 - help: 'Port on which to listen for incoming requests ' - - - name: spicehtml5proxy_host - type: host - default: '0.0.0.0' - help: 'Host on which to listen for incoming requests ' - - - name: spicehtml5proxy_port - type: port - default: 6082 - help: 'Port on which to listen for incoming requests ' - - - name: allow_resize_to_same_host - type: boolean - default: False - help: 'Allow destination machine to match source for resize. Useful when testing in single-host environments. ' - - - name: allow_migrate_to_same_host - type: boolean - default: False - help: 'Allow migrate machine to the same host. Useful when testing in single-host environments. ' - - - name: default_schedule_zone - type: string - default: ~ - help: "availability zone to use when user doesn't specify one " - - - name: non_inheritable_image_properties - type: string_list - default: ['cache_in_nova', 'bittorrent'] - help: 'These are image properties which a snapshot should not inherit from an instance ' - - - name: null_kernel - type: string - default: 'nokernel' - help: 'kernel image that indicates not to use a kernel, but to use a raw disk image instead ' - - - name: multi_instance_display_name_template - type: string - default: '%(name)s-%(uuid)s' - help: "When creating multiple instances with a single request using the os-multiple-create API extension, this template will be used to build the display name for each instance. The benefit is that the instances end up with different hostnames. To restore legacy behavior of every instance having the same name, set this option to '%(name)s'. Valid keys for the template are: name, uuid, count. " - - - name: max_local_block_devices - type: integer - default: 3 - help: 'Maximum number of devices that will result in a local image being created on the hypervisor node. Setting this to 0 means nova will allow only boot from volume. A negative number means unlimited. ' - - - name: default_flavor - type: string - default: 'm1.small' - help: 'default flavor to use for the EC2 API only. The Nova API does not support a default flavor. ' - - - name: console_host - type: string - default: 'nova' - help: 'Console proxy host to use to connect to instances on this host. ' - - - name: default_access_ip_network_name - type: string - default: ~ - help: 'Name of network to use to set access ips for instances ' - - - name: defer_iptables_apply - type: boolean - default: False - help: 'Whether to batch up the application of IPTables rules during a host restart and apply all at the end of the init phase ' - - - name: instances_path - type: string - default: '$state_path/instances' - help: 'where instances are stored on disk ' - - - name: instance_usage_audit - type: boolean - default: False - help: 'Generate periodic compute.instance.exists notifications ' - - - name: live_migration_retry_count - type: integer - default: 30 - help: 'Number of 1 second retries needed in live_migration ' - - - name: resume_guests_state_on_host_boot - type: boolean - default: False - help: 'Whether to start guests that were running before the host rebooted ' - - - name: network_allocate_retries - type: integer - default: 0 - help: 'Number of times to retry network allocation on failures ' - - - name: maximum_instance_delete_attempts - type: integer - default: 5 - help: "The number of times to attempt to reap an instance's files. " - - - name: bandwidth_poll_interval - type: integer - default: 600 - help: 'interval to pull bandwidth usage info ' - - - name: sync_power_state_interval - type: integer - default: 600 - help: 'interval to sync power states between the database and the hypervisor ' - - - name: heal_instance_info_cache_interval - type: integer - default: 60 - help: 'Number of seconds between instance info_cache self healing updates ' - - - name: host_state_interval - type: integer - default: 120 - help: 'Interval in seconds for querying the host status ' - - - name: image_cache_manager_interval - type: integer - default: 2400 - help: 'Number of seconds to wait between runs of the image cache manager ' - - - name: reclaim_instance_interval - type: integer - default: 0 - help: 'Interval in seconds for reclaiming deleted instances ' - - - name: volume_usage_poll_interval - type: integer - default: 0 - help: 'Interval in seconds for gathering volume usages ' - - - name: shelved_poll_interval - type: integer - default: 3600 - help: 'Interval in seconds for polling shelved instances to offload ' - - - name: shelved_offload_time - type: integer - default: 0 - help: 'Time in seconds before a shelved instance is eligible for removing from a host. -1 never offload, 0 offload when shelved ' - - - name: instance_delete_interval - type: integer - default: 300 - help: 'Interval in seconds for retrying failed instance file deletes ' - - - name: running_deleted_instance_action - type: string - default: 'log' - help: "Action to take if a running deleted instance is detected.Valid options are 'noop', 'log' and 'reap'. Set to 'noop' to disable. " - - - name: running_deleted_instance_poll_interval - type: integer - default: 1800 - help: 'Number of seconds to wait between runs of the cleanup task. ' - - - name: running_deleted_instance_timeout - type: integer - default: 0 - help: 'Number of seconds after being deleted when a running instance should be considered eligible for cleanup. ' - - - name: reboot_timeout - type: integer - default: 0 - help: 'Automatically hard reboot an instance if it has been stuck in a rebooting state longer than N seconds. Set to 0 to disable. ' - - - name: instance_build_timeout - type: integer - default: 0 - help: 'Amount of time in seconds an instance can be in BUILD before going into ERROR status.Set to 0 to disable. ' - - - name: rescue_timeout - type: integer - default: 0 - help: 'Automatically unrescue an instance after N seconds. Set to 0 to disable. ' - - - name: resize_confirm_window - type: integer - default: 0 - help: 'Automatically confirm resizes after N seconds. Set to 0 to disable. ' - - - name: reserved_host_disk_mb - type: integer - default: 0 - help: 'Amount of disk in MB to reserve for the host ' - - - name: reserved_host_memory_mb - type: integer - default: 512 - help: 'Amount of memory in MB to reserve for the host ' - - - name: compute_stats_class - type: string - default: 'nova.compute.stats.Stats' - help: 'Class that will manage stats for the local compute host ' - - - name: compute_topic - type: string - default: 'compute' - help: 'the topic compute nodes listen on ' - - - name: migrate_max_retries - type: integer - default: -1 - help: 'Number of times to retry live-migration before failing. If == -1, try until out of hosts. If == 0, only try once, no retries. ' - - - name: console_driver - type: string - default: 'nova.console.xvp.XVPConsoleProxy' - help: 'Driver to use for the console proxy ' - - - name: stub_compute - type: boolean - default: False - help: 'Stub calls to compute worker for tests ' - - - name: console_public_hostname - type: string - default: 'nova' - help: 'Publicly visible name for this console host ' - - - name: console_topic - type: string - default: 'console' - help: 'the topic console proxy nodes listen on ' - - - name: console_vmrc_port - type: port - default: 443 - help: 'port for VMware VMRC connections ' - - - name: console_vmrc_error_retries - type: integer - default: 10 - help: 'number of retries for retrieving VMRC information ' - - - name: console_xvp_conf_template - type: string - default: '$pybasedir/nova/console/xvp.conf.template' - help: 'XVP conf template ' - - - name: console_xvp_conf - type: string - default: '/etc/xvp.conf' - help: 'generated XVP conf file ' - - - name: console_xvp_pid - type: string - default: '/var/run/xvp.pid' - help: 'XVP master process pid file ' - - - name: console_xvp_log - type: string - default: '/var/log/xvp.log' - help: 'XVP log file ' - - - name: console_xvp_multiplex_port - type: port - default: 5900 - help: 'port for XVP to multiplex VNC connections on ' - - - name: consoleauth_topic - type: string - default: 'consoleauth' - help: 'the topic console auth proxy nodes listen on ' - - - name: console_token_ttl - type: integer - default: 600 - help: 'How many seconds before deleting tokens ' - - - name: consoleauth_manager - type: string - default: 'nova.consoleauth.manager.ConsoleAuthManager' - help: 'Manager for console auth ' - - - name: enable_new_services - type: boolean - default: True - help: 'Services to be added to the available pool on create ' - - - name: instance_name_template - type: string - default: 'instance-%08x' - help: 'Template string to be used to generate instance names ' - - - name: snapshot_name_template - type: string - default: 'snapshot-%s' - help: 'Template string to be used to generate snapshot names ' - - - name: db_driver - type: string - default: 'nova.db' - help: 'driver to use for database access ' - - - name: osapi_compute_unique_server_name_scope - type: string - default: '' - help: "When set, compute API will consider duplicate hostnames invalid within the specified scope, regardless of case. Should be empty, 'project' or 'global'. " - - - name: glance_host - type: string - default: '$my_ip' - help: 'default glance hostname or ip ' - - - name: glance_port - type: port - default: 9292 - help: 'default glance port ' - - - name: glance_protocol - type: string - default: 'http' - help: 'Default protocol to use when connecting to glance. Set to https for SSL. ' - - - name: glance_api_servers - type: string_list - default: ['$glance_host:$glance_port'] - help: 'A list of the glance api servers available to nova. Prefix with https:// for ssl-based glance api servers. ([hostname|ip]:port) ' - - - name: glance_api_insecure - type: boolean - default: False - help: 'Allow to perform insecure SSL (https) requests to glance ' - - - name: glance_num_retries - type: integer - default: 0 - help: 'Number retries when downloading an image from glance ' - - - name: allowed_direct_url_schemes - type: string_list - default: [] - help: 'A list of url scheme that can be downloaded directly via the direct_url. Currently supported schemes: [file]. ' - - - name: image_decryption_dir - type: string - default: '/tmp' - help: 'parent dir for tempdir used for image decryption ' - - - name: s3_host - type: string - default: '$my_ip' - help: 'hostname or ip for OpenStack to use when accessing the s3 api ' - - - name: s3_port - type: port - default: 3333 - help: 'port used when accessing the s3 api ' - - - name: s3_access_key - type: string - default: 'notchecked' - help: 'access key to use for s3 server for images ' - - - name: s3_secret_key - type: string - default: 'notchecked' - help: 'secret key to use for s3 server for images ' - - - name: s3_use_ssl - type: boolean - default: False - help: 'whether to use ssl when talking to s3 ' - - - name: s3_affix_tenant - type: boolean - default: False - help: 'whether to affix the tenant id to the access key when downloading from s3 ' - - - name: ipv6_backend - type: string - default: 'rfc2462' - help: 'Backend to use for IPv6 generation ' - - - name: network_api_class - type: string - default: 'nova.network.api.API' - help: 'The full class name of the network API class to use ' - - - name: network_driver - type: string - default: 'nova.network.linux_net' - help: 'Driver to use for network creation ' - - - name: default_floating_pool - type: string - default: 'nova' - help: 'Default pool for floating ips ' - - - name: auto_assign_floating_ip - type: boolean - default: False - help: 'Autoassigning floating ip to VM ' - - - name: floating_ip_dns_manager - type: string - default: 'nova.network.noop_dns_driver.NoopDNSDriver' - help: 'full class name for the DNS Manager for floating IPs ' - - - name: instance_dns_manager - type: string - default: 'nova.network.noop_dns_driver.NoopDNSDriver' - help: 'full class name for the DNS Manager for instance IPs ' - - - name: instance_dns_domain - type: string - default: '' - help: 'full class name for the DNS Zone for instance IPs ' - - - name: ldap_dns_url - type: string - default: 'ldap://ldap.example.com:389' - help: 'URL for ldap server which will store dns entries ' - - - name: ldap_dns_user - type: string - default: 'uid=admin,ou=people,dc=example,dc=org' - help: 'user for ldap DNS ' - - - name: ldap_dns_password - type: string - default: 'password' - help: 'password for ldap DNS ' - - - name: ldap_dns_soa_hostmaster - type: string - default: 'hostmaster@example.org' - help: 'Hostmaster for ldap dns driver Statement of Authority ' - - - name: ldap_dns_servers - type: string - default: 'dns.example.org' - help: 'DNS Servers for ldap dns driver (multi valued)' - - - name: ldap_dns_base_dn - type: string - default: 'ou=hosts,dc=example,dc=org' - help: 'Base DN for DNS entries in ldap ' - - - name: ldap_dns_soa_refresh - type: string - default: '1800' - help: 'Refresh interval (in seconds) for ldap dns driver Statement of Authority ' - - - name: ldap_dns_soa_retry - type: string - default: '3600' - help: 'Retry interval (in seconds) for ldap dns driver Statement of Authority ' - - - name: ldap_dns_soa_expiry - type: string - default: '86400' - help: 'Expiry interval (in seconds) for ldap dns driver Statement of Authority ' - - - name: ldap_dns_soa_minimum - type: string - default: '7200' - help: 'Minimum interval (in seconds) for ldap dns driver Statement of Authority ' - - - name: dhcpbridge_flagfile - type: string - default: '/etc/nova/nova-dhcpbridge.conf' - help: 'location of flagfiles for dhcpbridge (multi valued)' - - - name: networks_path - type: string - default: '$state_path/networks' - help: 'Location to keep network config files ' - - - name: public_interface - type: string - default: 'eth0' - help: 'Interface for public IP addresses ' - - - name: network_device_mtu - type: string - default: ~ - help: 'MTU setting for vlan ' - - - name: dhcpbridge - type: string - default: '$bindir/nova-dhcpbridge' - help: 'location of nova-dhcpbridge ' - - - name: routing_source_ip - type: string - default: '$my_ip' - help: 'Public IP of network host ' - - - name: dhcp_lease_time - type: integer - default: 120 - help: 'Lifetime of a DHCP lease in seconds ' - - - name: dns_server - type: string - default: '' - help: 'if set, uses specific dns server for dnsmasq. Canbe specified multiple times. (multi valued)' - - - name: use_network_dns_servers - type: boolean - default: False - help: 'if set, uses the dns1 and dns2 from the network ref.as dns servers. ' - - - name: dmz_cidr - type: string_list - default: [] - help: 'A list of dmz range that should be accepted ' - - - name: force_snat_range - type: string - default: '' - help: 'Traffic to this range will always be snatted to the fallback ip, even if it would normally be bridged out of the node. Can be specified multiple times. (multi valued)' - - - name: dnsmasq_config_file - type: string - default: '' - help: 'Override the default dnsmasq settings with this file ' - - - name: linuxnet_interface_driver - type: string - default: 'nova.network.linux_net.LinuxBridgeInterfaceDriver' - help: 'Driver used to create ethernet devices. ' - - - name: linuxnet_ovs_integration_bridge - type: string - default: 'br-int' - help: 'Name of Open vSwitch bridge used with linuxnet ' - - - name: send_arp_for_ha - type: boolean - default: False - help: 'send gratuitous ARPs for HA setup ' - - - name: send_arp_for_ha_count - type: integer - default: 3 - help: 'send this many gratuitous ARPs for HA setup ' - - - name: use_single_default_gateway - type: boolean - default: False - help: 'Use single default gateway. Only first nic of vm will get default gateway from dhcp server ' - - - name: forward_bridge_interface - type: string - default: 'all' - help: 'An interface that bridges can forward to. If this is set to all then all traffic will be forwarded. Can be specified multiple times. (multi valued)' - - - name: metadata_host - type: string - default: '$my_ip' - help: 'the ip for the metadata api server ' - - - name: metadata_port - type: port - default: 8775 - help: 'the port for the metadata api port ' - - - name: iptables_top_regex - type: string - default: '' - help: 'Regular expression to match iptables rule that should always be on the top. ' - - - name: iptables_bottom_regex - type: string - default: '' - help: 'Regular expression to match iptables rule that should always be on the bottom. ' - - - name: iptables_drop_action - type: string - default: 'DROP' - help: 'The table that iptables to jump to when a packet is to be dropped. ' - - - name: flat_network_bridge - type: string - default: ~ - help: 'Bridge for simple network instances ' - - - name: flat_network_dns - type: string - default: '8.8.4.4' - help: 'Dns for simple network ' - - - name: flat_injected - type: boolean - default: False - help: 'Whether to attempt to inject network setup into guest ' - - - name: flat_interface - type: string - default: ~ - help: 'FlatDhcp will bridge into this interface if set ' - - - name: vlan_start - type: integer - default: 100 - help: 'First VLAN for private networks ' - - - name: vmware.vlan_interface - type: string - default: 'vmnic0' - help: 'Physical ethernet adapter name for vlan networking ' - - - name: num_networks - type: integer - default: 1 - help: 'Number of networks to support ' - - - name: vpn_ip - type: string - default: '$my_ip' - help: 'Public IP for the cloudpipe VPN servers ' - - - name: vpn_start - type: integer - default: 1000 - help: 'First Vpn port for private networks ' - - - name: network_size - type: integer - default: 256 - help: 'Number of addresses in each private subnet ' - - - name: fixed_range_v6 - type: string - default: 'fd00::/48' - help: 'Fixed IPv6 address block ' - - - name: gateway - type: string - default: ~ - help: 'Default IPv4 gateway ' - - - name: gateway_v6 - type: string - default: ~ - help: 'Default IPv6 gateway ' - - - name: cnt_vpn_clients - type: integer - default: 0 - help: 'Number of addresses reserved for vpn clients ' - - - name: fixed_ip_disassociate_timeout - type: integer - default: 600 - help: 'Seconds after which a deallocated ip is disassociated ' - - - name: create_unique_mac_address_attempts - type: integer - default: 5 - help: 'Number of attempts to create unique mac address ' - - - name: fake_network - type: boolean - default: False - help: 'If passed, use fake network devices and addresses ' - - - name: fake_call - type: boolean - default: False - help: 'If True, skip using the queue and make local calls ' - - - name: teardown_unused_network_gateway - type: boolean - default: False - help: 'If True, unused gateway devices (VLAN and bridge) are deleted in VLAN network mode with multi hosted networks ' - - - name: force_dhcp_release - type: boolean - default: True - help: 'If True, send a dhcp release on instance termination ' - - - name: share_dhcp_address - type: boolean - default: False - help: 'If True in multi_host mode, all compute hosts share the same dhcp address. The same IP address used for DHCP will be added on each nova-network node which is only visible to the vms on the same host. ' - - - name: update_dns_entries - type: boolean - default: False - help: 'If True, when a DNS entry must be updated, it sends a fanout cast to all network hosts to update their DNS entries in multi host mode ' - - - name: dns_update_periodic_interval - type: integer - default: -1 - help: 'Number of seconds to wait between runs of updates to DNS entries. ' - - - name: dhcp_domain - type: string - default: 'novalocal' - help: 'domain to use for building the hostnames ' - - - name: l3_lib - type: string - default: 'nova.network.l3.LinuxNetL3' - help: 'Indicates underlying L3 management library ' - - - name: neutron_url - type: string - default: 'http://127.0.0.1:9696' - help: 'URL for connecting to neutron ' - - - name: neutron_url_timeout - type: integer - default: 30 - help: 'timeout value for connecting to neutron in seconds ' - - - name: neutron_admin_username - type: string - default: ~ - help: 'username for connecting to neutron in admin context ' - - - name: neutron_admin_password - type: string - default: ~ - help: 'password for connecting to neutron in admin context ' - - - name: neutron_admin_tenant_name - type: string - default: ~ - help: 'tenant name for connecting to neutron in admin context ' - - - name: neutron_region_name - type: string - default: ~ - help: 'region name for connecting to neutron in admin context ' - - - name: neutron_admin_auth_url - type: string - default: 'http://localhost:5000/v2.0' - help: 'auth url for connecting to neutron in admin context ' - - - name: neutron_api_insecure - type: boolean - default: False - help: 'if set, ignore any SSL validation issues ' - - - name: neutron_auth_strategy - type: string - default: 'keystone' - help: 'auth strategy for connecting to neutron in admin context ' - - - name: neutron_ovs_bridge - type: string - default: 'br-int' - help: 'Name of Integration Bridge used by Open vSwitch ' - - - name: neutron_extension_sync_interval - type: integer - default: 600 - help: 'Number of seconds before querying neutron for extensions ' - - - name: neutron_ca_certificates_file - type: string - default: ~ - help: 'Location of ca certificates file to use for neutron client requests. ' - - - name: dhcp_options_enabled - type: boolean - default: False - help: 'Use per-port DHCP options with Neutron ' - - - name: network_topic - type: string - default: 'network' - help: 'the topic network nodes listen on ' - - - name: multi_host - type: boolean - default: False - help: 'Default value for multi_host in networks. Also, if set, some rpc network calls will be sent directly to host. ' - - - name: security_group_api - type: string - default: 'nova' - help: 'The full class name of the security API class ' - - - name: buckets_path - type: string - default: '$state_path/buckets' - help: 'path to s3 buckets ' - - - name: s3_listen - type: host - default: '0.0.0.0' - help: 'IP address for S3 API to listen ' - - - name: s3_listen_port - type: port - default: 3333 - help: 'port for s3 api to listen ' - - - name: sqlite_db - type: string - default: 'nova.sqlite' - help: 'the filename to use with sqlite ' - - - name: sqlite_synchronous - type: boolean - default: True - help: 'If true, use synchronous mode for sqlite ' - - - name: backdoor_port - type: string - default: ~ - help: "Enable eventlet backdoor. Acceptable values are 0, and :, where 0 results in listening on a random tcp port number, results in listening on the specified port number and not enabling backdoorif it is in use and : results in listening on the smallest unused port number within the specified range of port numbers. The chosen port is displayed in the service's log file. " - - - name: disable_process_locking - type: boolean - default: False - help: 'Whether to disable inter-process locks ' - - - name: lock_path - type: string - default: ~ - help: 'Directory to use for lock files. ' - - - name: debug - type: boolean - default: False - help: 'Print debugging output (set logging level to DEBUG instead of default WARNING level). ' - - - name: verbose - type: boolean - default: False - help: 'Print more verbose output (set logging level to INFO instead of default WARNING level). ' - - - name: use_stderr - type: boolean - default: True - help: 'Log output to standard error ' - - - name: logging_context_format_string - type: string - default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s' - help: 'format string to use for log messages with context ' - - - name: logging_default_format_string - type: string - default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s' - help: 'format string to use for log messages without context ' - - - name: logging_debug_format_suffix - type: string - default: '%(funcName)s %(pathname)s:%(lineno)d' - help: 'data to append to log format when level is DEBUG ' - - - name: logging_exception_prefix - type: string - default: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' - help: 'prefix each line of exception output with this format ' - - - name: default_log_levels - type: string_list - default: ['amqplib=WARN', 'sqlalchemy=WARN', 'boto=WARN', 'suds=INFO', 'keystone=INFO', 'eventlet.wsgi.server=WARN'] - help: 'list of logger=LEVEL pairs ' - - - name: publish_errors - type: boolean - default: False - help: 'publish error events ' - - - name: fatal_deprecations - type: boolean - default: False - help: 'make deprecations fatal ' - - - name: instance_format - type: string - default: '"[instance: %(uuid)s] "' - help: 'If an instance is passed with the log message, format it like this ' - - - name: instance_uuid_format - type: string - default: '"[instance: %(uuid)s] "' - help: 'If an instance UUID is passed with the log message, format it like this ' - - - name: log_config - type: string - default: ~ - help: 'If this option is specified, the logging configuration file specified is used and overrides any other logging options specified. Please see the Python logging module documentation for details on logging configuration files. ' - - - name: log_format - type: string - default: ~ - help: 'DEPRECATED. A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes. This option is deprecated. Please use logging_context_format_string and logging_default_format_string instead. ' - - - name: log_date_format - type: string - default: '%Y-%m-%d %H:%M:%S' - help: 'Format string for %%(asctime)s in log records. Default: %(default)s ' - - - name: log_file - type: string - default: ~ - help: '(Optional) Name of log file to output to. If no default is set, logging will go to stdout. ' - - - name: log_dir - type: string - default: ~ - help: '(Optional) The base directory used for relative --log-file paths ' - - - name: use_syslog - type: boolean - default: False - help: 'Use syslog for logging. ' - - - name: syslog_log_facility - type: string - default: 'LOG_USER' - help: 'syslog facility to receive log lines ' - - - name: memcached_servers - type: list - default: ~ - help: 'Memcached servers or None for in process cache. ' - - - name: notification_driver - type: string - default: '' - help: 'Driver or drivers to handle sending notifications (multi valued)' - - - name: default_notification_level - type: string - default: 'INFO' - help: 'Default notification level for outgoing notifications ' - - - name: default_publisher_id - type: string - default: ~ - help: 'Default publisher_id for outgoing notifications ' - - - name: notification_topics - type: string_list - default: ['notifications'] - help: 'AMQP topic used for OpenStack notifications ' - - - name: run_external_periodic_tasks - type: boolean - default: True - help: 'Some periodic tasks can be run in a separate process. Should we run them here? ' - - - name: rpc_backend - type: string - default: 'nova.openstack.common.rpc.impl_kombu' - help: 'The messaging module to use, defaults to kombu. ' - - - name: rpc_thread_pool_size - type: integer - default: 64 - help: 'Size of RPC thread pool ' - - - name: rpc_conn_pool_size - type: integer - default: 30 - help: 'Size of RPC connection pool ' - - - name: rpc_response_timeout - type: integer - default: 60 - help: 'Seconds to wait for a response from call or multicall ' - - - name: rpc_cast_timeout - type: integer - default: 30 - help: 'Seconds to wait before a cast expires (TTL). Only supported by impl_zmq. ' - - - name: allowed_rpc_exception_modules - type: string_list - default: ['nova.exception', 'cinder.exception', 'exceptions'] - help: 'Modules of exceptions that are permitted to be recreatedupon receiving exception data from an rpc call. ' - - - name: fake_rabbit - type: boolean - default: False - help: 'If passed, use a fake RabbitMQ provider ' - - - name: control_exchange - type: string - default: 'openstack' - help: 'AMQP exchange to connect to if using RabbitMQ or Qpid ' - - - name: amqp_durable_queues - type: boolean - default: False - help: 'Use durable queues in amqp. ' - - - name: amqp_auto_delete - type: boolean - default: False - help: 'Auto-delete queues in amqp. ' - - - name: kombu_ssl_version - type: string - default: '' - help: 'SSL version to use (valid only if SSL enabled). valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be available on some distributions ' - - - name: kombu_ssl_keyfile - type: string - default: '' - help: 'SSL key file (valid only if SSL enabled) ' - - - name: kombu_ssl_certfile - type: string - default: '' - help: 'SSL cert file (valid only if SSL enabled) ' - - - name: kombu_ssl_ca_certs - type: string - default: '' - help: 'SSL certification authority file (valid only if SSL enabled) ' - - - name: rabbit_host - type: host - default: 'localhost' - help: 'The RabbitMQ broker address where a single node is used ' - - - name: rabbit_port - type: port - default: 5672 - help: 'The RabbitMQ broker port where a single node is used ' - - - name: rabbit_hosts - type: string_list - default: ['$rabbit_host:$rabbit_port'] - help: 'RabbitMQ HA cluster host:port pairs ' - - - name: rabbit_use_ssl - type: boolean - default: False - help: 'connect over SSL for RabbitMQ ' - - - name: rabbit_userid - type: string - default: 'guest' - help: 'the RabbitMQ userid ' - - - name: rabbit_password - type: string - default: 'guest' - help: 'the RabbitMQ password ' - - - name: rabbit_virtual_host - type: string - default: '/' - help: 'the RabbitMQ virtual host ' - - - name: rabbit_retry_interval - type: integer - default: 1 - help: 'how frequently to retry connecting with RabbitMQ ' - - - name: rabbit_retry_backoff - type: integer - default: 2 - help: 'how long to backoff for between retries when connecting to RabbitMQ ' - - - name: rabbit_max_retries - type: integer - default: 0 - help: 'maximum retries with trying to connect to RabbitMQ (the default of 0 implies an infinite retry count) ' - - - name: rabbit_ha_queues - type: boolean - default: False - help: 'use H/A queues in RabbitMQ (x-ha-policy: all).You need to wipe RabbitMQ database when changing this option. ' - - - name: qpid_hostname - type: string - default: 'localhost' - help: 'Qpid broker hostname ' - - - name: qpid_port - type: port - default: 5672 - help: 'Qpid broker port ' - - - name: qpid_hosts - type: string_list - default: ['$qpid_hostname:$qpid_port'] - help: 'Qpid HA cluster host:port pairs ' - - - name: qpid_username - type: string - default: '' - help: 'Username for qpid connection ' - - - name: qpid_password - type: string - default: '' - help: 'Password for qpid connection ' - - - name: qpid_sasl_mechanisms - type: string - default: '' - help: 'Space separated list of SASL mechanisms to use for auth ' - - - name: qpid_heartbeat - type: integer - default: 60 - help: 'Seconds between connection keepalive heartbeats ' - - - name: qpid_protocol - type: string - default: 'tcp' - help: "Transport to use, either 'tcp' or 'ssl' " - - - name: qpid_tcp_nodelay - type: boolean - default: True - help: 'Disable Nagle algorithm ' - - - name: qpid_topology_version - type: integer - default: 1 - help: 'The qpid topology version to use. Version 1 is what was originally used by impl_qpid. Version 2 includes some backwards-incompatible changes that allow broker federation to work. Users should update to version 2 when they are able to take everything down, as it requires a clean break. ' - - - name: rpc_zmq_bind_address - type: string - default: '*' - help: "ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP. The 'host' option should point or resolve to this address. " - - - name: rpc_zmq_matchmaker - type: string - default: 'nova.openstack.common.rpc.matchmaker.MatchMakerLocalhost' - help: 'MatchMaker driver ' - - - name: rpc_zmq_port - type: port - default: 9501 - help: 'ZeroMQ receiver listening port ' - - - name: rpc_zmq_contexts - type: integer - default: 1 - help: 'Number of ZeroMQ contexts, defaults to 1 ' - - - name: rpc_zmq_topic_backlog - type: integer - default: ~ - help: 'Maximum number of ingress messages to locally buffer per topic. Default is unlimited. ' - - - name: rpc_zmq_ipc_dir - type: string - default: '/var/run/openstack' - help: 'Directory for holding IPC sockets ' - - - name: rpc_zmq_host - type: string - default: 'nova' - help: "Name of this node. Must be a valid hostname, FQDN, or IP address. Must match 'host' option, if running Nova. " - - - name: matchmaker_heartbeat_freq - type: integer - default: 300 - help: 'Heartbeat frequency ' - - - name: matchmaker_heartbeat_ttl - type: integer - default: 600 - help: 'Heartbeat time-to-live. ' - - - name: pci_alias - type: string - default: '' - help: "An alias for a PCI passthrough device requirement. This allows users to specify the alias in the extra_spec for a flavor, without needing to repeat all the PCI property requirements. For example: pci_alias = { 'name': 'QuicAssist', 'product_id': '0443', 'vendor_id': '8086', 'device_type': 'ACCEL' } defines an alias for the Intel QuickAssist card. (multi valued) (multi valued)" - - - name: pci_passthrough_whitelist - type: string - default: '' - help: "White list of PCI devices available to VMs. For example: pci_passthrough_whitelist = [{'vendor_id': '8086', 'product_id': '0443'}] (multi valued)" - - - name: scheduler_host_manager - type: string - default: 'nova.scheduler.host_manager.HostManager' - help: 'The scheduler host manager class to use ' - - - name: scheduler_max_attempts - type: integer - default: 3 - help: 'Maximum number of attempts to schedule an instance ' - - - name: scheduler_host_subset_size - type: integer - default: 1 - help: 'New instances will be scheduled on a host chosen randomly from a subset of the N best hosts. This property defines the subset size that a host is chosen from. A value of 1 chooses the first host returned by the weighing functions. This value must be at least 1. Any value less than 1 will be ignored, and 1 will be used instead ' - - - name: cpu_allocation_ratio - type: float - default: 16.0 - help: 'Virtual CPU to physical CPU allocation ratio which affects all CPU filters. This configuration specifies a global ratio for CoreFilter. For AggregateCoreFilter, it will fall back to this configuration value if no per-aggregate setting found. ' - - - name: disk_allocation_ratio - type: float - default: 1.0 - help: 'virtual disk to physical disk allocation ratio ' - - - name: max_io_ops_per_host - type: integer - default: 8 - help: 'Ignore hosts that have too many builds/resizes/snaps/migrations ' - - - name: isolated_images - type: string_list - default: [] - help: 'Images to run on isolated host ' - - - name: isolated_hosts - type: string_list - default: [] - help: 'Host reserved for specific images ' - - - name: restrict_isolated_hosts_to_isolated_images - type: boolean - default: True - help: 'Whether to force isolated hosts to run only isolated images ' - - - name: max_instances_per_host - type: integer - default: 50 - help: 'Ignore hosts that have too many instances ' - - - name: ram_allocation_ratio - type: float - default: 1.5 - help: 'Virtual ram to physical ram allocation ratio which affects all ram filters. This configuration specifies a global ratio for RamFilter. For AggregateRamFilter, it will fall back to this configuration value if no per-aggregate setting found. ' - - - name: scheduler_available_filters - type: string - default: 'nova.scheduler.filters.all_filters' - help: "Filter classes available to the scheduler which may be specified more than once. An entry of 'nova.scheduler.filters.standard_filters' maps to all filters included with nova. (multi valued)" - - - name: scheduler_default_filters - type: string_list - default: ['RetryFilter', 'AvailabilityZoneFilter', 'RamFilter', 'ComputeFilter', 'ComputeCapabilitiesFilter', 'ImagePropertiesFilter'] - help: 'Which filter class names to use for filtering hosts when not specified in the request. ' - - - name: cells.scheduler_weight_classes - type: string_list - default: ['nova.cells.weights.all_weighers'] - help: "Weigher classes the cells scheduler should use. An entry of 'nova.cells.weights.all_weighers'maps to all cell weighers included with nova. " - - - name: scheduler_driver - type: string - default: 'nova.scheduler.filter_scheduler.FilterScheduler' - help: 'Default driver to use for the scheduler ' - - - name: scheduler_topic - type: string - default: 'scheduler' - help: 'the topic scheduler nodes listen on ' - - - name: scheduler_json_config_location - type: string - default: '' - help: 'Absolute path to scheduler configuration JSON file. ' - - - name: cells.ram_weight_multiplier - type: float - default: 10.0 - help: 'Multiplier used for weighing ram. Negative numbers mean to stack vs spread. ' - - - name: servicegroup_driver - type: string - default: 'db' - help: 'The driver for servicegroup service (valid options are: db, zk, mc) ' - - - name: config_drive_format - type: string - default: 'iso9660' - help: 'Config drive format. One of iso9660 (default) or vfat ' - - - name: config_drive_tempdir - type: string - default: ~ - help: 'Where to put temporary files associated with config drive creation ' - - - name: force_config_drive - type: string - default: ~ - help: 'Set to force injection to take place on a config drive (if set, valid options are: always) ' - - - name: mkisofs_cmd - type: string - default: 'genisoimage' - help: 'Name and optionally path of the tool used for ISO image creation ' - - - name: injected_network_template - type: string - default: '$pybasedir/nova/virt/interfaces.template' - help: 'Template file for injected network ' - - - name: virt_mkfs - type: string - default: 'windows=mkfs.ntfs --force --fast --label %(fs_label)s %(target)s' - help: 'mkfs commands for ephemeral device. The format is = (multi valued)' - - - name: resize_fs_using_block_device - type: boolean - default: False - help: 'Attempt to resize the filesystem by accessing the image over a block device. This is done by the host and may not be necessary if the image contains a recent version of cloud- init. Possible mechanisms require the nbd driver (for qcow and raw), or loop (for raw). ' - - - name: timeout_nbd - type: integer - default: 10 - help: 'time to wait for a NBD device coming up ' - - - name: docker_registry_default_port - type: port - default: 5042 - help: 'Default TCP port to find the docker-registry container ' - - - name: compute_driver - type: string - default: ~ - help: 'Driver to use for controlling virtualization. Options include: libvirt.LibvirtDriver, xenapi.XenAPIDriver, fake.FakeDriver, baremetal.BareMetalDriver, vmwareapi.VMwareESXDriver, vmwareapi.VMwareVCDriver ' - - - name: default_ephemeral_format - type: string - default: ~ - help: 'The default format an ephemeral_volume will be formatted with on creation. ' - - - name: preallocate_images - type: string - default: 'none' - help: "VM image preallocation mode: 'none' => no storage provisioning is done up front, 'space' => storage is fully allocated at instance start " - - - name: use_cow_images - type: boolean - default: True - help: 'Whether to use cow images ' - - - name: firewall_driver - type: string - default: ~ - help: 'Firewall driver (defaults to hypervisor specific iptables driver) ' - - - name: allow_same_net_traffic - type: boolean - default: True - help: 'Whether to allow network traffic from same network ' - - - name: force_raw_images - type: boolean - default: True - help: 'Force backing images to raw format ' - - - name: rescue_image_id - type: string - default: ~ - help: 'Rescue ami image ' - - - name: rescue_kernel_id - type: string - default: ~ - help: 'Rescue aki image ' - - - name: rescue_ramdisk_id - type: string - default: ~ - help: 'Rescue ari image ' - - - name: libvirt_type - type: string - default: 'kvm' - help: 'Libvirt domain type (valid options are: kvm, lxc, qemu, uml, xen) ' - - - name: libvirt_uri - type: string - default: '' - help: 'Override the default libvirt URI (which is dependent on libvirt_type) ' - - - name: libvirt_inject_password - type: boolean - default: False - help: 'Inject the admin password at boot time, without an agent. ' - - - name: libvirt_inject_key - type: boolean - default: True - help: 'Inject the ssh public key at boot time ' - - - name: libvirt_inject_partition - type: integer - default: 1 - help: 'The partition to inject to : -2 => disable, -1 => inspect (libguestfs only), 0 => not partitioned, >0 => partition number ' - - - name: use_usb_tablet - type: boolean - default: True - help: 'Sync virtual and real mouse cursors in Windows VMs ' - - - name: live_migration_uri - type: string - default: 'qemu+tcp://%s/system' - help: "Migration target URI (any included '%s' is replaced with the migration target hostname) " - - - name: live_migration_flag - type: string - default: 'VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER' - help: 'Migration flags to be set for live migration ' - - - name: block_migration_flag - type: string - default: 'VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER, VIR_MIGRATE_NON_SHARED_INC' - help: 'Migration flags to be set for block migration ' - - - name: live_migration_bandwidth - type: integer - default: 0 - help: 'Maximum bandwidth to be used during migration, in Mbps ' - - - name: snapshot_image_format - type: string - default: ~ - help: 'Snapshot image format (valid options are : raw, qcow2, vmdk, vdi). Defaults to same as source image ' - - - name: libvirt_vif_driver - type: string - default: 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver' - help: 'The libvirt VIF driver to configure the VIFs. ' - - - name: libvirt_volume_drivers - type: string_list - default: ['iscsi=nova.virt.libvirt.volume.LibvirtISCSIVolumeDriver', 'iser=nova.virt.libvirt.volume.LibvirtISERVolumeDriver', 'local=nova.virt.libvirt.volume.LibvirtVolumeDriver', 'fake=nova.virt.libvirt.volume.LibvirtFakeVolumeDriver', 'rbd=nova.virt.libvirt.volume.LibvirtNetVolumeDriver', 'sheepdog=nova.virt.libvirt.volume.LibvirtNetVolumeDriver', 'nfs=nova.virt.libvirt.volume.LibvirtNFSVolumeDriver', 'aoe=nova.virt.libvirt.volume.LibvirtAOEVolumeDriver', 'glusterfs=nova.virt.libvirt.volume.LibvirtGlusterfsVolumeDriver', 'fibre_channel=nova.virt.libvirt.volume.LibvirtFibreChannelVolumeDriver', 'scality=nova.virt.libvirt.volume.LibvirtScalityVolumeDriver'] - help: 'Libvirt handlers for remote volumes. ' - - - name: libvirt_disk_prefix - type: string - default: ~ - help: 'Override the default disk prefix for the devices attached to a server, which is dependent on libvirt_type. (valid options are: sd, xvd, uvd, vd) ' - - - name: libvirt_wait_soft_reboot_seconds - type: integer - default: 120 - help: 'Number of seconds to wait for instance to shut down after soft reboot request is made. We fall back to hard reboot if instance does not shutdown within this window. ' - - - name: libvirt_nonblocking - type: boolean - default: True - help: 'Use a separated OS thread pool to realize non-blocking libvirt calls ' - - - name: libvirt_cpu_mode - type: string - default: ~ - help: "Set to 'host-model' to clone the host CPU feature flags; to 'host-passthrough' to use the host CPU model exactly; to 'custom' to use a named CPU model; to 'none' to not set any CPU model. If libvirt_type='kvm|qemu', it will default to 'host-model', otherwise it will default to 'none' " - - - name: libvirt_cpu_model - type: string - default: ~ - help: "Set to a named libvirt CPU model (see names listed in /usr/share/libvirt/cpu_map.xml). Only has effect if libvirt_cpu_mode='custom' and libvirt_type='kvm|qemu' " - - - name: libvirt_snapshots_directory - type: string - default: '$instances_path/snapshots' - help: 'Location where libvirt driver will store snapshots before uploading them to image service ' - - - name: xen_hvmloader_path - type: string - default: '/usr/lib/xen/boot/hvmloader' - help: 'Location where the Xen hvmloader is kept ' - - - name: disk_cachemodes - type: string_list - default: [] - help: "Specific cachemodes to use for different disk types e.g: ['file=directsync','block=none'] " - - - name: vcpu_pin_set - type: string - default: ~ - help: "Which pcpus can be used by vcpus of instance e.g: '4-12,^8,15' " - - - name: libvirt_images_type - type: string - default: 'default' - help: 'VM Images format. Acceptable values are: raw, qcow2, lvm,rbd, default. If default is specified, then use_cow_images flag is used instead of this one. ' - - - name: libvirt_images_volume_group - type: string - default: ~ - help: 'LVM Volume Group that is used for VM images, when you specify libvirt_images_type=lvm. ' - - - name: libvirt_sparse_logical_volumes - type: boolean - default: False - help: 'Create sparse logical volumes (with virtualsize) if this flag is set to True. ' - - - name: libvirt_lvm_snapshot_size - type: integer - default: 1000 - help: 'The amount of storage (in megabytes) to allocate for LVM snapshot copy-on-write blocks. ' - - - name: libvirt_images_rbd_pool - type: string - default: 'rbd' - help: 'the RADOS pool in which rbd volumes are stored ' - - - name: libvirt_images_rbd_ceph_conf - type: string - default: '' - help: 'path to the ceph configuration file to use ' - - - name: base_dir_name - type: string - default: '_base' - help: 'Where cached images are stored under $instances_path.This is NOT the full path - just a folder name.For per-compute-host cached images, set to _base_$my_ip ' - - - name: image_info_filename_pattern - type: string - default: '$instances_path/$base_dir_name/%(image)s.info' - help: 'Allows image information files to be stored in non-standard locations ' - - - name: remove_unused_base_images - type: boolean - default: True - help: 'Should unused base images be removed? ' - - - name: remove_unused_kernels - type: boolean - default: False - help: 'Should unused kernel images be removed? This is only safe to enable if all compute nodes have been updated to support this option. This will enabled by default in future. ' - - - name: remove_unused_resized_minimum_age_seconds - type: integer - default: 3600 - help: 'Unused resized base images younger than this will not be removed ' - - - name: remove_unused_original_minimum_age_seconds - type: integer - default: 86400 - help: 'Unused unresized base images younger than this will not be removed ' - - - name: checksum_base_images - type: boolean - default: False - help: 'Write a checksum for files in _base to disk ' - - - name: checksum_interval_seconds - type: integer - default: 3600 - help: 'How frequently to checksum base images ' - - - name: libvirt_snapshot_compression - type: boolean - default: False - help: 'Compress snapshot images when possible. This currently applies exclusively to qcow2 images ' - - - name: libvirt_ovs_bridge - type: string - default: 'br-int' - help: 'Name of Integration Bridge used by Open vSwitch ' - - - name: libvirt_use_virtio_for_bridges - type: boolean - default: True - help: 'Use virtio for bridge interfaces with KVM/QEMU ' - - - name: num_iscsi_scan_tries - type: integer - default: 3 - help: 'number of times to rescan iSCSI target to find volume ' - - - name: num_iser_scan_tries - type: integer - default: 3 - help: 'number of times to rescan iSER target to find volume ' - - - name: rbd_user - type: string - default: ~ - help: 'the RADOS client name for accessing rbd volumes ' - - - name: rbd_secret_uuid - type: string - default: ~ - help: 'the libvirt uuid of the secret for the rbd_uservolumes ' - - - name: nfs_mount_point_base - type: string - default: '$state_path/mnt' - help: 'Dir where the nfs volume is mounted on the compute node ' - - - name: nfs_mount_options - type: string - default: ~ - help: 'Mount options passed to the nfs client. See section of the nfs man page for details ' - - - name: num_aoe_discover_tries - type: integer - default: 3 - help: 'number of times to rediscover AoE target to find volume ' - - - name: glusterfs_mount_point_base - type: string - default: '$state_path/mnt' - help: 'Dir where the glusterfs volume is mounted on the compute node ' - - - name: libvirt_iscsi_use_multipath - type: boolean - default: False - help: 'use multipath connection of the iSCSI volume ' - - - name: libvirt_iser_use_multipath - type: boolean - default: False - help: 'use multipath connection of the iSER volume ' - - - name: scality_sofs_config - type: string - default: ~ - help: 'Path or URL to Scality SOFS configuration file ' - - - name: scality_sofs_mount_point - type: string - default: '$state_path/scality' - help: 'Base dir where Scality SOFS shall be mounted ' - - - name: qemu_allowed_storage_drivers - type: string_list - default: [] - help: 'Protocols listed here will be accessed directly from QEMU. Currently supported protocols: [gluster] ' - - - name: powervm_mgr_type - type: string - default: 'ivm' - help: 'PowerVM manager type (ivm, hmc) ' - - - name: powervm_mgr - type: string - default: ~ - help: 'PowerVM manager host or ip ' - - - name: powervm_mgr_user - type: string - default: ~ - help: 'PowerVM manager user name ' - - - name: powervm_mgr_passwd - type: string - default: ~ - help: 'PowerVM manager user password ' - - - name: powervm_img_remote_path - type: string - default: '/home/padmin' - help: 'PowerVM image remote path where images will be moved. Make sure this path can fit your biggest image in glance ' - - - name: powervm_img_local_path - type: string - default: '/tmp' - help: 'Local directory to download glance images to. Make sure this path can fit your biggest image in glance ' - - - name: agent_timeout - type: integer - default: 30 - help: 'number of seconds to wait for agent reply ' - - - name: agent_version_timeout - type: integer - default: 300 - help: 'number of seconds to wait for agent to be fully operational ' - - - name: agent_resetnetwork_timeout - type: integer - default: 60 - help: 'number of seconds to wait for agent reply to resetnetwork request ' - - - name: xenapi_agent_path - type: string - default: 'usr/sbin/xe-update-networking' - help: 'Specifies the path in which the xenapi guest agent should be located. If the agent is present, network configuration is not injected into the image. Used if compute_driver=xenapi.XenAPIDriver and flat_injected=True ' - - - name: xenapi_disable_agent - type: boolean - default: False - help: 'Disables the use of the XenAPI agent in any image regardless of what image properties are present. ' - - - name: xenapi_use_agent_default - type: boolean - default: False - help: "Determines if the xenapi agent should be used when the image used does not contain a hint to declare if the agent is present or not. The hint is a glance property 'xenapi_use_agent' that has the value 'true' or 'false'. Note that waiting for the agent when it is not present will significantly increase server boot times. " - - - name: xenapi_connection_url - type: string - default: ~ - help: 'URL for connection to XenServer/Xen Cloud Platform. A special value of unix://local can be used to connect to the local unix socket. Required if compute_driver=xenapi.XenAPIDriver ' - - - name: xenapi_connection_username - type: string - default: 'root' - help: 'Username for connection to XenServer/Xen Cloud Platform. Used only if compute_driver=xenapi.XenAPIDriver ' - - - name: xenapi_connection_password - type: string - default: ~ - help: 'Password for connection to XenServer/Xen Cloud Platform. Used only if compute_driver=xenapi.XenAPIDriver ' - - - name: xenapi_connection_concurrent - type: integer - default: 5 - help: 'Maximum number of concurrent XenAPI connections. Used only if compute_driver=xenapi.XenAPIDriver ' - - - name: xenapi_vhd_coalesce_poll_interval - type: float - default: 5.0 - help: 'The interval used for polling of coalescing vhds. Used only if compute_driver=xenapi.XenAPIDriver ' - - - name: xenapi_check_host - type: boolean - default: True - help: 'Ensure compute service is running on host XenAPI connects to. ' - - - name: xenapi_vhd_coalesce_max_attempts - type: integer - default: 5 - help: 'Max number of times to poll for VHD to coalesce. Used only if compute_driver=xenapi.XenAPIDriver ' - - - name: xenapi_sr_base_path - type: string - default: '/var/run/sr-mount' - help: 'Base path to the storage repository ' - - - name: target_host - type: string - default: ~ - help: 'iSCSI Target Host ' - - - name: target_port - type: string - default: '3260' - help: 'iSCSI Target Port, 3260 Default ' - - - name: iqn_prefix - type: string - default: 'iqn.2010-10.org.openstack' - help: 'IQN Prefix ' - - - name: xenapi_remap_vbd_dev - type: boolean - default: False - help: 'Used to enable the remapping of VBD dev (Works around an issue in Ubuntu Maverick) ' - - - name: xenapi_remap_vbd_dev_prefix - type: string - default: 'sd' - help: 'Specify prefix to remap VBD dev to (ex. /dev/xvdb -> /dev/sdb) ' - - - name: xenapi_login_timeout - type: integer - default: 10 - help: 'Timeout in seconds for XenAPI login. ' - - - name: xenapi_torrent_base_url - type: string - default: ~ - help: 'Base URL for torrent files. ' - - - name: xenapi_torrent_seed_chance - type: float - default: 1.0 - help: 'Probability that peer will become a seeder. (1.0 = 100%) ' - - - name: xenapi_torrent_seed_duration - type: integer - default: 3600 - help: 'Number of seconds after downloading an image via BitTorrent that it should be seeded for other peers. ' - - - name: xenapi_torrent_max_last_accessed - type: integer - default: 86400 - help: 'Cached torrent files not accessed within this number of seconds can be reaped ' - - - name: xenapi_torrent_listen_port_start - type: integer - default: 6881 - help: 'Beginning of port range to listen on ' - - - name: xenapi_torrent_listen_port_end - type: integer - default: 6891 - help: 'End of port range to listen on ' - - - name: xenapi_torrent_download_stall_cutoff - type: integer - default: 600 - help: 'Number of seconds a download can remain at the same progress percentage w/o being considered a stall ' - - - name: xenapi_torrent_max_seeder_processes_per_host - type: integer - default: 1 - help: 'Maximum number of seeder processes to run concurrently within a given dom0. (-1 = no limit) ' - - - name: use_join_force - type: boolean - default: True - help: 'To use for hosts with different CPUs ' - - - name: xenapi_ovs_integration_bridge - type: string - default: 'xapi1' - help: 'Name of Integration Bridge used by Open vSwitch ' - - - name: cache_images - type: string - default: 'all' - help: 'Cache glance images locally. `all` will cache all images, `some` will only cache images that have the image_property `cache_in_nova=True`, and `none` turns off caching entirely ' - - - name: xenapi_image_compression_level - type: integer - default: ~ - help: 'Compression level for images, e.g., 9 for gzip -9. Range is 1-9, 9 being most compressed but most CPU intensive on dom0. ' - - - name: default_os_type - type: string - default: 'linux' - help: 'Default OS type ' - - - name: block_device_creation_timeout - type: integer - default: 10 - help: 'Time to wait for a block device to be created ' - - - name: max_kernel_ramdisk_size - type: integer - default: 16777216 - help: 'Maximum size in bytes of kernel or ramdisk images ' - - - name: sr_matching_filter - type: string - default: 'default-sr:true' - help: 'Filter for finding the SR to be used to install guest instances on. To use the Local Storage in default XenServer/XCP installations set this flag to other-config :i18n-key=local-storage. To select an SR with a different matching criteria, you could set it to other- config:my_favorite_sr=true. On the other hand, to fall back on the Default SR, as displayed by XenCenter, set this flag to: default-sr:true ' - - - name: xenapi_sparse_copy - type: boolean - default: True - help: "Whether to use sparse_copy for copying data on a resize down (False will use standard dd). This speeds up resizes down considerably since large runs of zeros won't have to be rsynced " - - - name: xenapi_num_vbd_unplug_retries - type: integer - default: 10 - help: 'Maximum number of retries to unplug VBD ' - - - name: xenapi_torrent_images - type: string - default: 'none' - help: 'Whether or not to download images via Bit Torrent (all|some|none). ' - - - name: xenapi_ipxe_network_name - type: string - default: ~ - help: 'Name of network to use for booting iPXE ISOs ' - - - name: xenapi_ipxe_boot_menu_url - type: string - default: ~ - help: 'URL to the iPXE boot menu ' - - - name: xenapi_ipxe_mkisofs_cmd - type: string - default: 'mkisofs' - help: 'Name and optionally path of the tool used for ISO image creation ' - - - name: xenapi_running_timeout - type: integer - default: 60 - help: 'number of seconds to wait for instance to go to running state ' - - - name: xenapi_vif_driver - type: string - default: 'nova.virt.xenapi.vif.XenAPIBridgeDriver' - help: 'The XenAPI VIF driver using XenServer Network APIs. ' - - - name: xenapi_image_upload_handler - type: string - default: 'nova.virt.xenapi.image.glance.GlanceStore' - help: 'Dom0 plugin driver used to handle image uploads. ' - - - name: novncproxy_base_url - type: string - default: 'http://127.0.0.1:6080/vnc_auto.html' - help: "location of vnc console proxy, in the form 'http://127.0.0.1:6080/vnc_auto.html' " - - - name: xvpvncproxy_base_url - type: string - default: 'http://127.0.0.1:6081/console' - help: "location of nova xvp vnc console proxy, in the form 'http://127.0.0.1:6081/console' " - - - name: vncserver_listen - type: host - default: '127.0.0.1' - help: 'IP address on which instance vncservers should listen ' - - - name: vncserver_proxyclient_address - type: string - default: '127.0.0.1' - help: 'the address to which proxy clients (like nova-xvpvncproxy) should connect ' - - - name: vnc_enabled - type: boolean - default: True - help: 'enable vnc related features ' - - - name: vnc_keymap - type: string - default: 'en-us' - help: 'keymap for vnc ' - - - name: xvpvncproxy_port - type: port - default: 6081 - help: 'Port that the XCP VNC proxy should bind to ' - - - name: xvpvncproxy_host - type: host - default: '0.0.0.0' - help: 'Address that the XCP VNC proxy should bind to ' - - - name: volume_api_class - type: string - default: 'nova.volume.cinder.API' - help: 'The full class name of the volume API class to use ' - - - name: cinder_catalog_info - type: string - default: 'volume:cinder:publicURL' - help: 'Info to match when looking for cinder in the service catalog. Format is : separated values of the form: :: ' - - - name: cinder_endpoint_template - type: string - default: ~ - help: 'Override service catalog lookup with template for cinder endpoint e.g. http://localhost:8776/v1/%(project_id)s ' - - - name: os_region_name - type: string - default: ~ - help: 'region name of this node ' - - - name: cinder_ca_certificates_file - type: string - default: ~ - help: 'Location of ca certificates file to use for cinder client requests. ' - - - name: cinder_http_retries - type: integer - default: 3 - help: 'Number of cinderclient retries on failed http calls ' - - - name: cinder_api_insecure - type: boolean - default: False - help: 'Allow to perform insecure SSL requests to cinder ' - - - name: cinder_cross_az_attach - type: boolean - default: True - help: 'Allow attach between instance and volume in different availability zones. ' - - - name: hyperv.instances_path_share - type: string - default: '' - help: "The name of a Windows share name mapped to the 'instances_path' dir and used by the resize feature to copy files to the target host. If left blank, an administrative share will be used, looking for the same 'instances_path' used locally " - - - name: hyperv.force_hyperv_utils_v1 - type: boolean - default: False - help: 'Force V1 WMI utility classes ' - - - name: hyperv.force_volumeutils_v1 - type: boolean - default: False - help: 'Force V1 volume utility class ' - - - name: hyperv.vswitch_name - type: string - default: ~ - help: 'External virtual switch Name, if not provided, the first external virtual switch is used ' - - - name: hyperv.limit_cpu_features - type: boolean - default: False - help: 'Required for live migration among hosts with different CPU features ' - - - name: hyperv.config_drive_inject_password - type: boolean - default: False - help: 'Sets the admin password in the config drive image ' - - - name: hyperv.qemu_img_cmd - type: string - default: 'qemu-img.exe' - help: 'qemu-img is used to convert between different image types ' - - - name: hyperv.config_drive_cdrom - type: boolean - default: False - help: 'Attaches the Config Drive image as a cdrom drive instead of a disk drive ' - - - name: hyperv.enable_instance_metrics_collection - type: boolean - default: False - help: "Enables metrics collections for an instance by using Hyper-V's metric APIs. Collected data can by retrieved by other apps and services, e.g.: Ceilometer. Requires Hyper-V / Windows Server 2012 and above " - - - name: hyperv.dynamic_memory_ratio - type: float - default: 1.0 - help: 'Enables dynamic memory allocation (ballooning) when set to a value greater than 1. The value expresses the ratio between the total RAM assigned to an instance and its startup RAM amount. For example a ratio of 2.0 for an instance with 1024MB of RAM implies 512MB of RAM allocated at startup ' - - - name: hyperv.volume_attach_retry_count - type: integer - default: 10 - help: 'The number of times to retry to attach a volume ' - - - name: hyperv.volume_attach_retry_interval - type: integer - default: 5 - help: 'Interval between volume attachment attempts, in seconds ' - - - name: zookeeper.address - type: string - default: ~ - help: 'The ZooKeeper addresses for servicegroup service in the format of host1:port,host2:port,host3:port ' - - - name: zookeeper.recv_timeout - type: integer - default: 4000 - help: 'recv_timeout parameter for the zk session ' - - - name: zookeeper.sg_prefix - type: string - default: '/servicegroups' - help: 'The prefix used in ZooKeeper to store ephemeral nodes ' - - - name: zookeeper.sg_retry_interval - type: integer - default: 5 - help: 'Number of seconds to wait until retrying to join the session ' - - - name: spice.enabled - type: boolean - default: False - help: 'enable spice related features ' - - - name: osapi_v3.extensions_blacklist - type: string_list - default: [] - help: 'A list of v3 API extensions to never load. Specify the extension aliases here. ' - - - name: osapi_v3.extensions_whitelist - type: string_list - default: [] - help: 'If the list is not empty then a v3 API extension will only be loaded if it exists in this list. Specify the extension aliases here. ' - - - name: conductor.use_local - type: boolean - default: False - help: 'Perform nova-conductor operations locally ' - - - name: cells.topic - type: string - default: 'cells' - help: 'the topic cells nodes listen on ' - - - name: cells.manager - type: string - default: 'nova.cells.manager.CellsManager' - help: 'Manager for cells ' - - - name: conductor.workers - type: integer - default: ~ - help: 'Number of workers for OpenStack Conductor service ' - - - name: keymgr.api_class - type: string - default: 'nova.keymgr.conf_key_mgr.ConfKeyManager' - help: 'The full class name of the key manager API class ' - - - name: keymgr.fixed_key - type: string - default: ~ - help: 'Fixed key returned by key manager, specified in hex ' - - - name: baremetal.driver - type: string - default: 'nova.virt.baremetal.pxe.PXE' - help: 'Baremetal driver back-end (pxe or tilera) ' - - - name: cells.instance_updated_at_threshold - type: integer - default: 3600 - help: 'Number of seconds after an instance was updated or deleted to continue to update cells ' - - - name: cells.instance_update_num_instances - type: integer - default: 1 - help: 'Number of instances to update per periodic task run ' - - - name: cells.max_hop_count - type: integer - default: 10 - help: 'Maximum number of hops for cells routing. ' - - - name: upgrade_levels.scheduler - type: string - default: ~ - help: 'Set a version cap for messages sent to scheduler services ' - - - name: cells.enable - type: boolean - default: False - help: 'Enable cell functionality ' - - - name: cells.name - type: string - default: 'nova' - help: 'name of this cell ' - - - name: cells.capabilities - type: string_list - default: ['hypervisor=xenserver;kvm', 'os=linux;windows'] - help: 'Key/Multi-value list with the capabilities of the cell ' - - - name: cells.call_timeout - type: integer - default: 60 - help: 'Seconds to wait for response from a call to a cell. ' - - - name: cells.reserve_percent - type: float - default: 10.0 - help: 'Percentage of cell capacity to hold in reserve. Affects both memory and disk utilization ' - - - name: cells.cell_type - type: string - default: ~ - help: 'Type of cell: api or compute ' - - - name: cells.mute_child_interval - type: integer - default: 300 - help: 'Number of seconds after which a lack of capability and capacity updates signals the child cell is to be treated as a mute. ' - - - name: cells.bandwidth_update_interval - type: integer - default: 600 - help: 'Seconds between bandwidth updates for cells. ' - - - name: cells.rpc_driver_queue_base - type: string - default: 'cells.intercell' - help: 'Base queue name to use when communicating between cells. Various topics by message type will be appended to this. ' - - - name: cells.scheduler_filter_classes - type: string_list - default: ['nova.cells.filters.all_filters'] - help: "Filter classes the cells scheduler should use. An entry of 'nova.cells.filters.all_filters'maps to all cells filters included with nova. " - - - name: cells.scheduler_retries - type: integer - default: 10 - help: 'How many retries when no cells are available. ' - - - name: cells.scheduler_retry_delay - type: integer - default: 2 - help: 'How often to retry in seconds when no cells are available. ' - - - name: cells.db_check_interval - type: integer - default: 60 - help: 'Seconds between getting fresh cell info from db. ' - - - name: cells.cells_config - type: string - default: ~ - help: 'Configuration file from which to read cells configuration. If given, overrides reading cells from the database. ' - - - name: cells.mute_weight_multiplier - type: float - default: -10.0 - help: 'Multiplier used to weigh mute children. (The value should be negative.) ' - - - name: cells.mute_weight_value - type: float - default: 1000.0 - help: 'Weight value assigned to mute children. (The value should be positive.) ' - - - name: database.backend - type: string - default: 'sqlalchemy' - help: 'The backend to use for db ' - - - name: database.use_tpool - type: boolean - default: False - help: 'Enable the experimental use of thread pooling for all DB API calls ' - - - name: database.connection - type: string - default: 'sqlite:////nova/openstack/common/db/$sqlite_db' - help: 'The SQLAlchemy connection string used to connect to the database ' - - - name: database.slave_connection - type: string - default: '' - help: 'The SQLAlchemy connection string used to connect to the slave database ' - - - name: database.idle_timeout - type: integer - default: 3600 - help: 'timeout before idle sql connections are reaped ' - - - name: database.min_pool_size - type: integer - default: 1 - help: 'Minimum number of SQL connections to keep open in a pool ' - - - name: database.max_pool_size - type: integer - default: ~ - help: 'Maximum number of SQL connections to keep open in a pool ' - - - name: database.max_retries - type: integer - default: 10 - help: 'maximum db connection retries during startup. (setting -1 implies an infinite retry count) ' - - - name: database.retry_interval - type: integer - default: 10 - help: 'interval between retries of opening a sql connection ' - - - name: database.max_overflow - type: integer - default: ~ - help: 'If set, use this value for max_overflow with sqlalchemy ' - - - name: database.connection_debug - type: integer - default: 0 - help: 'Verbosity of SQL debugging information. 0=None, 100=Everything ' - - - name: database.connection_trace - type: boolean - default: False - help: 'Add python stack traces to SQL as comment strings ' - - - name: database.pool_timeout - type: integer - default: ~ - help: 'If set, use this value for pool_timeout with sqlalchemy ' - - - name: image_file_url.filesystems - type: string_list - default: [] - help: 'A list of filesystems that will be configured in this file under the sections image_file_url: ' - - - name: baremetal.db_backend - type: string - default: 'sqlalchemy' - help: 'The backend to use for bare-metal database ' - - - name: baremetal.sql_connection - type: string - default: 'sqlite:///$state_path/baremetal_$sqlite_db' - help: 'The SQLAlchemy connection string used to connect to the bare-metal database ' - - - name: baremetal.vif_driver - type: string - default: 'nova.virt.baremetal.vif_driver.BareMetalVIFDriver' - help: 'Baremetal VIF driver. ' - - - name: baremetal.volume_driver - type: string - default: 'nova.virt.baremetal.volume_driver.LibvirtVolumeDriver' - help: 'Baremetal volume driver. ' - - - name: baremetal.instance_type_extra_specs - type: string_list - default: [] - help: "a list of additional capabilities corresponding to instance_type_extra_specs for this compute host to advertise. Valid entries are name=value, pairs For example, 'key1:val1, key2:val2' " - - - name: baremetal.power_manager - type: string - default: 'nova.virt.baremetal.ipmi.IPMI' - help: 'Baremetal power management method ' - - - name: baremetal.tftp_root - type: string - default: '/tftpboot' - help: "Baremetal compute node's tftp root path " - - - name: baremetal.terminal - type: string - default: 'shellinaboxd' - help: 'path to baremetal terminal program ' - - - name: baremetal.terminal_cert_dir - type: string - default: ~ - help: 'path to baremetal terminal SSL cert(PEM) ' - - - name: baremetal.terminal_pid_dir - type: string - default: '$state_path/baremetal/console' - help: 'path to directory stores pidfiles of baremetal_terminal ' - - - name: baremetal.ipmi_power_retry - type: integer - default: 10 - help: 'maximal number of retries for IPMI operations ' - - - name: baremetal.deploy_kernel - type: string - default: ~ - help: 'Default kernel image ID used in deployment phase ' - - - name: baremetal.deploy_ramdisk - type: string - default: ~ - help: 'Default ramdisk image ID used in deployment phase ' - - - name: baremetal.net_config_template - type: string - default: '$pybasedir/nova/virt/baremetal/net-dhcp.ubuntu.template' - help: 'Template file for injected network config ' - - - name: baremetal.pxe_append_params - type: string - default: 'nofb nomodeset vga=normal' - help: 'additional append parameters for baremetal PXE boot ' - - - name: baremetal.pxe_config_template - type: string - default: '$pybasedir/nova/virt/baremetal/pxe_config.template' - help: 'Template file for PXE configuration ' - - - name: baremetal.pxe_deploy_timeout - type: integer - default: 0 - help: 'Timeout for PXE deployments. Default: 0 (unlimited) ' - - - name: baremetal.pxe_network_config - type: boolean - default: False - help: 'If set, pass the network configuration details to the initramfs via cmdline. ' - - - name: baremetal.pxe_bootfile_name - type: string - default: 'pxelinux.0' - help: 'This gets passed to Neutron as the bootfile dhcp parameter when the dhcp_options_enabled is set. ' - - - name: baremetal.tile_pdu_ip - type: string - default: '10.0.100.1' - help: 'ip address of tilera pdu ' - - - name: baremetal.tile_pdu_mgr - type: string - default: '/tftpboot/pdu_mgr' - help: 'management script for tilera pdu ' - - - name: baremetal.tile_pdu_off - type: integer - default: 2 - help: 'power status of tilera PDU is OFF ' - - - name: baremetal.tile_pdu_on - type: integer - default: 1 - help: 'power status of tilera PDU is ON ' - - - name: baremetal.tile_pdu_status - type: integer - default: 9 - help: 'power status of tilera PDU ' - - - name: baremetal.tile_power_wait - type: integer - default: 9 - help: 'wait time in seconds until check the result after tilera power operations ' - - - name: baremetal.virtual_power_ssh_host - type: string - default: '' - help: 'ip or name to virtual power host ' - - - name: baremetal.virtual_power_ssh_port - type: port - default: 22 - help: 'Port to use for ssh to virtual power host ' - - - name: baremetal.virtual_power_type - type: string - default: 'virsh' - help: 'base command to use for virtual power(vbox,virsh) ' - - - name: baremetal.virtual_power_host_user - type: string - default: '' - help: 'user to execute virtual power commands as ' - - - name: baremetal.virtual_power_host_pass - type: string - default: '' - help: 'password for virtual power host_user ' - - - name: baremetal.virtual_power_host_key - type: string - default: ~ - help: 'ssh key for virtual power host_user ' - - - name: baremetal.use_unsafe_iscsi - type: boolean - default: False - help: 'Do not set this out of dev/test environments. If a node does not have a fixed PXE IP address, volumes are exported with globally opened ACL ' - - - name: baremetal.iscsi_iqn_prefix - type: string - default: 'iqn.2010-10.org.openstack.baremetal' - help: 'iSCSI IQN prefix used in baremetal volume connections. ' - - - name: rpc_notifier2.topics - type: string_list - default: ['notifications'] - help: 'AMQP topic(s) used for OpenStack notifications ' - - - name: matchmaker_redis.port - type: integer - default: 6379 - help: 'Use this port to connect to redis host. ' - - - name: matchmaker_redis.password - type: string - default: ~ - help: 'Password for Redis server. (optional) ' - - - name: ssl.cert_file - type: string - default: ~ - help: 'Certificate file to use when starting the server securely ' - - - name: trusted_computing.attestation_server - type: string - default: ~ - help: 'attestation server http ' - - - name: trusted_computing.attestation_server_ca_file - type: string - default: ~ - help: 'attestation server Cert file for Identity verification ' - - - name: trusted_computing.attestation_port - type: string - default: '8443' - help: 'attestation server port ' - - - name: trusted_computing.attestation_api_url - type: string - default: '/OpenAttestationWebServices/V1.0' - help: 'attestation web API URL ' - - - name: trusted_computing.attestation_auth_blob - type: string - default: ~ - help: 'attestation authorization blob - must change ' - - - name: trusted_computing.attestation_auth_timeout - type: integer - default: 60 - help: 'Attestation status cache valid period length ' - - - name: upgrade_levels.baseapi - type: string - default: ~ - help: 'Set a version cap for messages sent to the base api in any service ' - - - name: upgrade_levels.intercell - type: string - default: ~ - help: 'Set a version cap for messages sent between cells services ' - - - name: upgrade_levels.cells - type: string - default: ~ - help: 'Set a version cap for messages sent to local cells services ' - - - name: upgrade_levels.compute - type: string - default: ~ - help: 'Set a version cap for messages sent to compute services ' - - - name: upgrade_levels.conductor - type: string - default: ~ - help: 'Set a version cap for messages sent to conductor services ' - - - name: upgrade_levels.console - type: string - default: ~ - help: 'Set a version cap for messages sent to console services ' - - - name: upgrade_levels.consoleauth - type: string - default: ~ - help: 'Set a version cap for messages sent to consoleauth services ' - - - name: upgrade_levels.network - type: string - default: ~ - help: 'Set a version cap for messages sent to network services ' - - - name: matchmaker_ring.ringfile - type: string - default: '/etc/oslo/matchmaker_ring.json' - help: 'Matchmaker ring file (JSON) ' - - - name: vmware.host_ip - type: string - default: ~ - help: 'URL for connection to VMware ESX/VC host. Required if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver. ' - - - name: vmware.host_username - type: string - default: ~ - help: 'Username for connection to VMware ESX/VC host. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver. ' - - - name: vmware.host_password - type: string - default: ~ - help: 'Password for connection to VMware ESX/VC host. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver. ' - - - name: vmware.cluster_name - type: string - default: ~ - help: 'Name of a VMware Cluster ComputeResource. Used only if compute_driver is vmwareapi.VMwareVCDriver. (multi valued)' - - - name: vmware.datastore_regex - type: string - default: ~ - help: 'Regex to match the name of a datastore. Used only if compute_driver is vmwareapi.VMwareVCDriver. ' - - - name: vmware.task_poll_interval - type: float - default: 5.0 - help: 'The interval used for polling of remote tasks. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver. ' - - - name: vmware.api_retry_count - type: integer - default: 10 - help: 'The number of times we retry on failures, e.g., socket error, etc. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver. ' - - - name: vmware.vnc_port - type: port - default: 5900 - help: 'VNC starting port ' - - - name: vmware.vnc_port_total - type: integer - default: 10000 - help: 'Total number of VNC ports ' - - - name: vmware.vnc_password - type: string - default: ~ - help: 'DEPRECATED. VNC password. The password-based access to VNC consoles will be removed in the next release. The default value will disable password protection on the VNC console. ' - - - name: vmware.use_linked_clone - type: boolean - default: True - help: 'Whether to use linked clone ' - - - name: vmware.wsdl_location - type: string - default: ~ - help: 'Optional VIM Service WSDL Location e.g http:///vimService.wsdl. Optional over-ride to default location for bug work-arounds ' - - - name: vmware.maximum_objects - type: integer - default: 100 - help: 'The maximum number of ObjectContent data objects that should be returned in a single result. A positive value will cause the operation to suspend the retrieval when the count of objects reaches the specified maximum. The server may still limit the count to something less than the configured value. Any remaining objects may be retrieved with additional requests. ' - - - name: vmware.integration_bridge - type: string - default: 'br-int' - help: 'Name of Integration Bridge ' - - - name: spice.html5proxy_base_url - type: string - default: 'http://127.0.0.1:6082/spice_auto.html' - help: "location of spice html5 console proxy, in the form 'http://127.0.0.1:6082/spice_auto.html' " - - - name: spice.server_listen - type: host - default: '127.0.0.1' - help: 'IP address on which instance spice server should listen ' - - - name: spice.server_proxyclient_address - type: string - default: '127.0.0.1' - help: 'the address to which proxy clients (like nova- spicehtml5proxy) should connect ' - - - name: spice.agent_enabled - type: boolean - default: True - help: 'enable spice guest agent support ' - - - name: spice.keymap - type: string - default: 'en-us' - help: 'keymap for spice ' - diff --git a/rubick/schemas/nova/nova.conf.yml b/rubick/schemas/nova/nova.conf.yml deleted file mode 100644 index 60f9968..0000000 --- a/rubick/schemas/nova/nova.conf.yml +++ /dev/null @@ -1,7831 +0,0 @@ -- version: '2013.1.3' - checkpoint: true - added: - - - name: internal_service_availability_zone - type: string - default: 'internal' - help: 'availability_zone to show internal services under' - - - name: default_availability_zone - type: string - default: 'nova' - help: 'default compute node availability_zone' - - - name: ssl.ca_file - type: file - default: ~ - help: 'CA certificate file to use to verify connecting clients' - - - name: ssl.key_file - type: file - default: ~ - help: 'Private key file to use when starting the server securely' - - - name: crl_file - type: file - default: 'crl.pem' - help: 'Filename of root Certificate Revocation List' - - - name: keys_path - type: directory - default: '$state_path/keys' - help: 'Where we keep our keys' - - - name: ca_path - type: directory - default: '$state_path/CA' - help: 'Where we keep our root CA' - - - name: use_project_ca - type: boolean - default: false - help: 'Should we use a CA for each project?' - - - name: user_cert_subject - type: string - default: '/CUS/STCalifornia/OOpenStack/OUNovaDev/CN%.16s-%.16s-%s' - help: 'Subject for certificate for users, %s for project, user, timestamp' - - - name: project_cert_subject - type: string - default: '/CUS/STCalifornia/OOpenStack/OUNovaDev/CNproject-ca-%.16s-%s' - help: 'Subject for certificate for projects, %s for project, timestamp' - - - name: fatal_exception_format_errors - type: boolean - default: false - help: 'make exception message format errors fatal' - - - name: my_ip - type: string - default: '10.0.0.1' - help: 'ip address of this host' - - - name: matchmaker_redis.host - type: host - default: '127.0.0.1' - help: 'Host to locate redis' - - - name: use_ipv6 - type: boolean - default: false - help: 'use ipv6' - - - name: notify_on_state_change - type: enum - type_args: {'values': [~, 'vm_state', 'vm_and_task_state']} - default: ~ - help: "If set, send compute.instance.update notifications on instance state changes. Valid values are None for no notifications, 'vm_state' for notifications on VM state changes, or 'vm_and_task_state' for notifications on VM and task state changes." - - - name: notify_api_faults - type: boolean - default: false - help: 'If set, send api.fault notifications on caught exceptions in the API service.' - - - name: pybasedir - type: directory - default: '/usr/lib/python/site-packages' - help: 'Directory where the nova python module is installed' - - - name: bindir - type: directory - default: '/usr/local/bin' - help: 'Directory where nova binaries are installed' - - - name: state_path - type: directory - default: '$pybasedir' - help: "Top-level directory for maintaining nova's state" - - - name: policy_file - type: file - default: 'policy.json' - help: 'JSON file representing policy' - - - name: policy_default_rule - type: string - default: 'default' - help: 'Rule checked when requested rule is not found' - - - name: quota_instances - type: integer - default: 10 - help: 'number of instances allowed per project' - - - name: quota_cores - type: integer - default: 20 - help: 'number of instance cores allowed per project' - - - name: quota_ram - type: integer - default: 51200 - help: 'megabytes of instance ram allowed per project' - - - name: quota_floating_ips - type: integer - default: 10 - help: 'number of floating ips allowed per project' - - - name: quota_fixed_ips - type: integer - default: -1 - help: 'number of fixed ips allowed per project' - - - name: quota_metadata_items - type: integer - default: 128 - help: 'number of metadata items allowed per instance' - - - name: quota_injected_files - type: integer - default: 5 - help: 'number of injected files allowed' - - - name: quota_injected_file_content_bytes - type: integer - default: 10240 - help: 'number of bytes allowed per injected file' - - - name: quota_injected_file_path_bytes - type: integer - default: 255 - help: 'number of bytes allowed per injected file path' - - - name: quota_security_groups - type: integer - default: 10 - help: 'number of security groups per project' - - - name: quota_security_group_rules - type: integer - default: 20 - help: 'number of security rules per security group' - - - name: quota_key_pairs - type: integer - default: 100 - help: 'number of key pairs per user' - - - name: reservation_expire - type: integer - default: 86400 - help: 'number of seconds until a reservation expires' - - - name: until_refresh - type: integer - default: false - help: 'count of reservations until usage is refreshed' - - - name: max_age - type: integer - default: 0 - help: 'number of seconds between subsequent usage refreshes' - - - name: quota_driver - type: string - default: 'nova.quota.DbQuotaDriver' - help: 'default driver to use for quota checks' - - - name: report_interval - type: integer - default: 10 - help: 'seconds between nodes reporting state to datastore' - - - name: periodic_enable - type: boolean - default: true - help: 'enable periodic tasks' - - - name: periodic_fuzzy_delay - type: integer - default: 60 - help: 'range of seconds to randomly delay when starting the periodic task scheduler to reduce stampeding.' - - - name: enabled_apis - type: string_list - default: ['ec2', 'osapi_compute', 'metadata'] - help: 'a list of APIs to enable by default' - - - name: enabled_ssl_apis - type: list - default: [] - help: 'a list of APIs with enabled SSL' - - - name: ec2_listen - type: host - default: '0.0.0.0' - help: 'IP address for EC2 API to listen' - - - name: ec2_listen_port - type: port - default: 8773 - help: 'port for ec2 api to listen' - - - name: ec2_workers - type: integer - default: ~ - help: 'Number of workers for EC2 API service' - - - name: osapi_compute_listen - type: host - default: '0.0.0.0' - help: 'IP address for OpenStack API to listen' - - - name: osapi_compute_listen_port - type: port - default: 8774 - help: 'list port for osapi compute' - - - name: osapi_compute_workers - type: integer - default: ~ - help: 'Number of workers for OpenStack API service' - - - name: metadata_manager - type: string - default: 'nova.api.manager.MetadataManager' - help: 'OpenStack metadata service manager' - - - name: metadata_listen - type: host - default: '0.0.0.0' - help: 'IP address for metadata api to listen' - - - name: metadata_listen_port - type: port - default: 8775 - help: 'port for metadata api to listen' - - - name: metadata_workers - type: integer - default: ~ - help: 'Number of workers for metadata service' - - - name: compute_manager - type: string - default: 'nova.compute.manager.ComputeManager' - help: 'full class name for the Manager for compute' - - - name: console_manager - type: string - default: 'nova.console.manager.ConsoleProxyManager' - help: 'full class name for the Manager for console proxy' - - - name: cert_manager - type: string - default: 'nova.cert.manager.CertManager' - help: 'full class name for the Manager for cert' - - - name: network_manager - type: string - default: 'nova.network.manager.VlanManager' - help: 'full class name for the Manager for network' - - - name: scheduler_manager - type: string - default: 'nova.scheduler.manager.SchedulerManager' - help: 'full class name for the Manager for scheduler' - - - name: service_down_time - type: integer - default: 60 - help: 'maximum time since last check-in for up service' - - - name: sqlite_clean_db - type: file - default: 'clean.sqlite' - help: 'File name of clean sqlite db' - - - name: monkey_patch - type: boolean - default: false - help: 'Whether to log monkey patching' - - - name: monkey_patch_modules - type: list - default: ['nova.api.ec2.cloud:nova.notifications.notify_decorator', 'nova.compute.api:nova.notifications.notify_decorator'] - help: 'List of modules/decorators to monkey patch' - - - name: password_length - type: integer - default: 12 - help: 'Length of generated instance admin passwords' - - - name: instance_usage_audit_period - type: enum - type_args: {'values': ['hour', 'day', 'month', 'year']} - default: 'month' - help: 'time period to generate instance usages for. Time period must be hour, day, month or year' - - - name: rootwrap_config - type: file - default: '/etc/nova/rootwrap.conf' - help: 'Path to the rootwrap configuration file to use for running commands as root' - - - name: tempdir - type: directory - default: ~ - help: 'Explicitly specify the temporary working directory' - - - name: api_paste_config - type: file - default: 'api-paste.ini' - help: 'File name for the paste.deploy config for nova-api' - - - name: wsgi_log_format - type: string - default: '%(client_ip)s "%(request_line)s" status: %(status_code)s len: %(body_length)s time: %(wall_seconds).7f' - help: 'A python format string that is used as the template to generate log lines. The following values can be formatted into it: client_ip, date_time, request_line, status_code, body_length, wall_seconds.' - - - name: ssl_ca_file - type: file - default: ~ - help: 'CA certificate file to use to verify connecting clients' - - - name: ssl_cert_file - type: file - default: ~ - help: 'SSL certificate of API server' - - - name: ssl_key_file - type: file - default: ~ - help: 'SSL private key of API server' - - - name: tcp_keepidle - type: integer - default: 600 - help: 'Sets the value of TCP_KEEPIDLE in seconds for each server socket. Not supported on OS X.' - - - name: api_rate_limit - type: boolean - default: false - help: 'whether to use per-user rate limiting for the api.' - - - name: auth_strategy - type: enum - type_args: {'values': ['noauth', 'keystone']} - default: 'noauth' - help: 'The strategy to use for auth: noauth or keystone.' - - - name: use_forwarded_for - type: boolean - default: false - help: 'Treat X-Forwarded-For as the canonical remote address. Only enable this if you have a sanitizing proxy.' - - - name: lockout_attempts - type: integer - default: 5 - help: 'Number of failed auths before lockout.' - - - name: lockout_minutes - type: integer - default: 15 - help: 'Number of minutes to lockout if triggered.' - - - name: lockout_window - type: integer - default: 15 - help: 'Number of minutes for lockout window.' - - - name: keystone_ec2_url - type: string - default: 'http://localhost:5000/v2.0/ec2tokens' - help: 'URL to get token from ec2 request.' - - - name: ec2_private_dns_show_ip - type: boolean - default: false - help: 'Return the IP address as private dns hostname in describe instances' - - - name: ec2_strict_validation - type: boolean - default: true - help: 'Validate security group names according to EC2 specification' - - - name: ec2_timestamp_expiry - type: integer - default: 300 - help: 'Time in seconds before ec2 timestamp expires' - - - name: ec2_host - type: host - default: '$my_ip' - help: 'the ip of the ec2 api server' - - - name: ec2_dmz_host - type: host - default: '$my_ip' - help: 'the internal ip of the ec2 api server' - - - name: ec2_port - type: port - default: 8773 - help: 'the port of the ec2 api server' - - - name: ec2_scheme - type: enum - type_args: {'values': ['http', 'https']} - default: 'http' - help: 'the protocol to use when connecting to the ec2 api server' - - - name: ec2_path - type: string - default: '/services/Cloud' - help: 'the path prefix used to call the ec2 api server' - - - name: region_list - type: list - default: [] - help: 'list of region=fqdn pairs separated by commas' - - - name: config_drive_skip_versions - type: string - default: '1.0 2007-01-19 2007-03-01 2007-08-29 2007-10-10 2007-12-15 2008-02-01 2008-09-01' - help: 'List of metadata versions to skip placing into the config drive' - - - name: vendordata_driver - type: string - default: 'nova.api.metadata.vendordata_json.JsonFileVendorData' - help: 'Driver to use for vendor data' - - - name: service_neutron_metadata_proxy - type: boolean - default: false - help: 'Set flag to indicate Neutron will proxy metadata requests and resolve instance ids.' - - - name: neutron_metadata_proxy_shared_secret - type: string - default: '' - help: 'Shared secret to validate proxies Neutron metadata requests' - - - name: vendordata_jsonfile_path - type: file - default: ~ - help: 'File to load json formated vendor data from' - - - name: osapi_max_limit - type: integer - default: 1000 - help: 'the maximum number of items returned in a single response from a collection resource' - - - name: osapi_compute_link_prefix - type: string - default: ~ - help: 'Base URL that will be presented to users in links to the OpenStack Compute API' - - - name: osapi_glance_link_prefix - type: string - default: ~ - help: 'Base URL that will be presented to users in links to glance resources' - - - name: allow_instance_snapshots - type: boolean - default: true - help: 'Permit instance snapshot operations.' - - - name: osapi_compute_ext_list - type: list - default: [] - help: 'Specify list of extensions to load when using osapi_compute_extension option with nova.api.openstack.compute.contrib.select_extensions' - - - name: fping_path - type: executable - default: '/usr/sbin/fping' - help: 'Full path to fping.' - - - name: enable_network_quota - type: boolean - default: false - help: 'Enables or disables quota checking for tenant networks' - - - name: use_neutron_default_nets - type: boolean - default: false - help: 'Control for checking for default networks' - - - name: neutron_default_tenant_id - type: string - default: 'default' - help: 'Default tenant id when creating neutron networks' - - - name: osapi_compute_extension - type: multi - default: 'nova.api.openstack.compute.contrib.standard_extensions' - help: 'osapi compute extension to load' - - - name: osapi_hide_server_address_states - type: list - default: ['building'] - help: 'List of instance states that should hide network info' - - - name: enable_instance_password - type: boolean - default: true - help: 'Allows use of instance password during server creation' - - - name: osapi_max_request_body_size - type: integer - default: 114688 - help: 'the maximum body size per each osapi request(bytes)' - - - name: compute_api_class - type: string - default: 'nova.compute.api.API' - help: 'The full class name of the compute API class to use' - - - name: cert_topic - type: string - default: 'cert' - help: 'the topic cert nodes listen on' - - - name: vpn_image_id - type: string - default: '0' - help: 'image id used when starting up a cloudpipe vpn server' - - - name: vpn_flavor - type: string - default: 'm1.tiny' - help: 'Flavor for vpn instances' - - - name: boot_script_template - type: file - default: '$pybasedir/nova/cloudpipe/bootscript.template' - help: 'Template for cloudpipe instance boot script' - - - name: dmz_net - type: old_network - default: '10.0.0.0' - help: 'Network to push into openvpn config' - - - name: dmz_mask - type: network_mask - default: '255.255.255.0' - help: 'Netmask to push into openvpn config' - - - name: vpn_key_suffix - type: string - default: '-vpn' - help: 'Suffix to add to project name for vpn key and secgroups' - - - name: record - type: boolean - default: false - help: 'Record sessions to FILE.[session_number]' - - - name: daemon - type: boolean - default: false - help: 'Become a daemon' - - - name: ssl_only - type: boolean - default: false - help: 'Disallow non-encrypted connections' - - - name: source_is_ipv6 - type: boolean - default: false - help: 'Source is ipv6' - - - name: upgrade_levels.cert - type: string - default: ~ - help: 'Set a version cap for messages sent to cert services' - - - name: key - type: file - default: ~ - help: 'SSL key file' - - - name: web - type: executable - default: '/usr/share/spice-html5' - help: 'Run webserver on same port. Serve files from DIR.' - - - name: novncproxy_host - type: host - default: '0.0.0.0' - help: 'Host on which to listen for incoming requests' - - - name: novncproxy_port - type: port - default: 6080 - help: 'Port on which to listen for incoming requests' - - - name: spicehtml5proxy_host - type: host - default: '0.0.0.0' - help: 'Host on which to listen for incoming requests' - - - name: spicehtml5proxy_port - type: port - default: 6082 - help: 'Port on which to listen for incoming requests' - - - name: allow_resize_to_same_host - type: boolean - default: false - help: 'Allow destination machine to match source for resize. Useful when testing in single-host environments.' - - - name: allow_migrate_to_same_host - type: boolean - default: false - help: 'Allow migrate machine to the same host. Useful when testing in single-host environments.' - - - name: default_schedule_zone - type: string - default: ~ - help: "availability zone to use when user doesn't specify one" - - - name: non_inheritable_image_properties - type: list - default: ['cache_in_nova', 'bittorrent'] - help: 'These are image properties which a snapshot should not inherit from an instance' - - - name: null_kernel - type: string - default: 'nokernel' - help: 'kernel image that indicates not to use a kernel, but to use a raw disk image instead' - - - name: multi_instance_display_name_template - type: string - default: '%(name)s-%(uuid)s' - help: "When creating multiple instances with a single request using the os-multiple-create API extension, this template will be used to build the display name for each instance. The benefit is that the instances end up with different hostnames. To restore legacy behavior of every instance having the same name, set this option to '%(name)s'. Valid keys for the template are: name, uuid, count." - - - name: max_local_block_devices - type: integer - default: 3 - help: 'Maximum number of devices that will result in a local image being created on the hypervisor node. Setting this to 0 means nova will allow only boot from volume. A negative number means unlimited.' - - - name: default_flavor - type: string - default: 'm1.small' - help: 'default flavor to use for the EC2 API only. The Nova API does not support a default flavor.' - - - name: console_host - type: string - default: 'nova' - help: 'Console proxy host to use to connect to instances on this host.' - - - name: default_access_ip_network_name - type: string - default: ~ - help: 'Name of network to use to set access ips for instances' - - - name: defer_iptables_apply - type: boolean - default: false - help: 'Whether to batch up the application of IPTables rules during a host restart and apply all at the end of the init phase' - - - name: instances_path - type: directory - default: '$state_path/instances' - help: 'where instances are stored on disk' - - - name: instance_usage_audit - type: boolean - default: false - help: 'Generate periodic compute.instance.exists notifications' - - - name: live_migration_retry_count - type: integer - default: 30 - help: 'Number of 1 second retries needed in live_migration' - - - name: resume_guests_state_on_host_boot - type: boolean - default: false - help: 'Whether to start guests that were running before the host rebooted' - - - name: network_allocate_retries - type: integer - default: false - help: 'Number of times to retry network allocation on failures' - - - name: maximum_instance_delete_attempts - type: integer - default: 5 - help: 'The number of times to attempt to reap an instances files.' - - - name: bandwidth_poll_interval - type: integer - default: 600 - help: 'interval to pull bandwidth usage info' - - - name: sync_power_state_interval - type: integer - default: 600 - help: 'interval to sync power states between the database and the hypervisor' - - - name: heal_instance_info_cache_interval - type: integer - default: 60 - help: 'Number of seconds between instance info_cache self healing updates' - - - name: host_state_interval - type: integer - default: 120 - help: 'Interval in seconds for querying the host status' - - - name: image_cache_manager_interval - type: integer - default: 2400 - help: 'Number of seconds to wait between runs of the image cache manager' - - - name: reclaim_instance_interval - type: integer - default: 0 - help: 'Interval in seconds for reclaiming deleted instances' - - - name: volume_usage_poll_interval - type: integer - default: 0 - help: 'Interval in seconds for gathering volume usages' - - - name: shelved_poll_interval - type: integer - default: 3600 - help: 'Interval in seconds for polling shelved instances to offload' - - - name: shelved_offload_time - type: integer - default: 0 - help: 'Time in seconds before a shelved instance is eligible for removing from a host. -1 never offload, 0 offload when shelved' - - - name: instance_delete_interval - type: integer - default: 300 - help: 'Interval in seconds for retrying failed instance file deletes' - - - name: running_deleted_instance_action - type: string - default: 'log' - help: "Action to take if a running deleted instance is detected.Valid options are 'noop', 'log' and 'reap'. Set to 'noop' to disable." - - - name: running_deleted_instance_poll_interval - type: integer - default: 1800 - help: 'Number of seconds to wait between runs of the cleanup task.' - - - name: running_deleted_instance_timeout - type: integer - default: 0 - help: 'Number of seconds after being deleted when a running instance should be considered eligible for cleanup.' - - - name: reboot_timeout - type: integer - default: 0 - help: 'Automatically hard reboot an instance if it has been stuck in a rebooting state longer than N seconds. Set to 0 to disable.' - - - name: instance_build_timeout - type: integer - default: 0 - help: 'Amount of time in seconds an instance can be in BUILD before going into ERROR status.Set to 0 to disable.' - - - name: rescue_timeout - type: integer - default: 0 - help: 'Automatically unrescue an instance after N seconds. Set to 0 to disable.' - - - name: resize_confirm_window - type: integer - default: 0 - help: 'Automatically confirm resizes after N seconds. Set to 0 to disable.' - - - name: reserved_host_disk_mb - type: integer - default: 0 - help: 'Amount of disk in MB to reserve for the host' - - - name: reserved_host_memory_mb - type: integer - default: 512 - help: 'Amount of memory in MB to reserve for the host' - - - name: compute_stats_class - type: string - default: 'nova.compute.stats.Stats' - help: 'Class that will manage stats for the local compute host' - - - name: compute_topic - type: string - default: 'compute' - help: 'the topic compute nodes listen on' - - - name: migrate_max_retries - type: integer - default: -1 - help: 'Number of times to retry live-migration before failing. If == -1, try until out of hosts. If == 0, only try once, no retries.' - - - name: console_driver - type: string - default: 'nova.console.xvp.XVPConsoleProxy' - help: 'Driver to use for the console proxy' - - - name: stub_compute - type: boolean - default: false - help: 'Stub calls to compute worker for tests' - - - name: console_public_hostname - type: string - default: 'nova' - help: 'Publicly visible name for this console host' - - - name: console_topic - type: string - default: 'console' - help: 'the topic console proxy nodes listen on' - - - name: console_vmrc_port - type: port - default: 443 - help: 'port for VMware VMRC connections' - - - name: console_vmrc_error_retries - type: integer - default: 10 - help: 'number of retries for retrieving VMRC information' - - - name: console_xvp_conf_template - type: file - default: '$pybasedir/nova/console/xvp.conf.template' - help: 'XVP conf template' - - - name: console_xvp_conf - type: file - default: '/etc/xvp.conf' - help: 'generated XVP conf file' - - - name: console_xvp_pid - type: file - default: '/var/run/xvp.pid' - help: 'XVP master process pid file' - - - name: console_xvp_log - type: file - default: '/var/log/xvp.log' - help: 'XVP log file' - - - name: console_xvp_multiplex_port - type: port - default: 5900 - help: 'port for XVP to multiplex VNC connections on' - - - name: consoleauth_topic - type: string - default: 'consoleauth' - help: 'the topic console auth proxy nodes listen on' - - - name: console_token_ttl - type: integer - default: 600 - help: 'How many seconds before deleting tokens' - - - name: consoleauth_manager - type: string - default: 'nova.consoleauth.manager.ConsoleAuthManager' - help: 'Manager for console auth' - - - name: enable_new_services - type: boolean - default: true - help: 'Services to be added to the available pool on create' - - - name: instance_name_template - type: string - default: 'instance-%08x' - help: 'Template string to be used to generate instance names' - - - name: snapshot_name_template - type: string - default: 'snapshot-%s' - help: 'Template string to be used to generate snapshot names' - - - name: db_driver - type: string - default: 'nova.db' - help: 'driver to use for database access' - - - name: osapi_compute_unique_server_name_scope - type: string - default: '' - help: "When set, compute API will consider duplicate hostnames invalid within the specified scope, regardless of case. Should be empty, 'project' or 'global'." - - - name: glance_host - type: host - default: '$my_ip' - help: 'default glance hostname or ip' - - - name: glance_port - type: port - default: 9292 - help: 'default glance port' - - - name: glance_protocol - type: enum - type_args: {'values': ['http', 'https']} - default: 'http' - help: 'Default protocol to use when connecting to glance. Set to https for SSL.' - - - name: glance_api_servers - type: list - default: ['$glance_host:$glance_port'] - help: 'A list of the glance api servers available to nova. Prefix with https:// for ssl-based glance api servers.' - - - name: glance_api_insecure - type: boolean - default: false - help: 'Allow to perform insecure SSL' - - - name: glance_num_retries - type: integer - default: 0 - help: 'Number retries when downloading an image from glance' - - - name: allowed_direct_url_schemes - type: list - default: [] - help: 'A list of url scheme that can be downloaded directly via the direct_url. Currently supported schemes: [file].' - - - name: image_decryption_dir - type: directory - default: '/tmp' - help: 'parent dir for tempdir used for image decryption' - - - name: s3_host - type: host - default: '$my_ip' - help: 'hostname or ip for OpenStack to use when accessing the s3 api' - - - name: s3_port - type: port - default: 3333 - help: 'port used when accessing the s3 api' - - - name: s3_access_key - type: string - default: 'notchecked' - help: 'access key to use for s3 server for images' - - - name: s3_secret_key - type: string - default: 'notchecked' - help: 'secret key to use for s3 server for images' - - - name: s3_use_ssl - type: boolean - default: false - help: 'whether to use ssl when talking to s3' - - - name: s3_affix_tenant - type: boolean - default: false - help: 'whether to affix the tenant id to the access key when downloading from s3' - - - name: ipv6_backend - type: string - default: 'rfc2462' - help: 'Backend to use for IPv6 generation' - - - name: network_api_class - type: string - default: 'nova.network.api.API' - help: 'The full class name of the network API class to use' - - - name: network_driver - type: string - default: 'nova.network.linux_net' - help: 'Driver to use for network creation' - - - name: default_floating_pool - type: string - default: 'nova' - help: 'Default pool for floating ips' - - - name: auto_assign_floating_ip - type: boolean - default: false - help: 'Autoassigning floating ip to VM' - - - name: floating_ip_dns_manager - type: string - default: 'nova.network.noop_dns_driver.NoopDNSDriver' - help: 'full class name for the DNS Manager for floating IPs' - - - name: instance_dns_manager - type: string - default: 'nova.network.noop_dns_driver.NoopDNSDriver' - help: 'full class name for the DNS Manager for instance IPs' - - - name: instance_dns_domain - type: string - default: '' - help: 'full class name for the DNS Zone for instance IPs' - - - name: ldap_dns_url - type: string - default: 'ldap://ldap.example.com:389' - help: 'URL for ldap server which will store dns entries' - - - name: ldap_dns_user - type: string - default: 'uidadmin,oupeople,dcexample,dcorg' - help: 'user for ldap DNS' - - - name: ldap_dns_password - type: string - default: 'password' - help: 'password for ldap DNS' - - - name: ldap_dns_soa_hostmaster - type: string - default: 'hostmaster@example.org' - help: 'Hostmaster for ldap dns driver Statement of Authority' - - - name: ldap_dns_servers - type: multi - default: 'dns.example.org' - help: 'DNS Servers for ldap dns driver' - - - name: ldap_dns_base_dn - type: string - default: 'ouhosts,dcexample,dcorg' - help: 'Base DN for DNS entries in ldap' - - - name: ldap_dns_soa_refresh - type: integer - default: 1800 - help: 'Refresh interval' - - - name: ldap_dns_soa_retry - type: integer - default: 3600 - help: 'Retry interval' - - - name: ldap_dns_soa_expiry - type: integer - default: 86400 - help: 'Expiry interval' - - - name: ldap_dns_soa_minimum - type: integer - default: 7200 - help: 'Minimum interval' - - - name: dhcpbridge_flagfile - type: file - default: '/etc/nova/nova-dhcpbridge.conf' - help: 'location of flagfiles for dhcpbridge' - - - name: networks_path - type: directory - default: '$state_path/networks' - help: 'Location to keep network config files' - - - name: public_interface - type: string - default: 'eth0' - help: 'Interface for public IP addresses' - - - name: network_device_mtu - type: string - default: ~ - help: 'MTU setting for vlan' - - - name: dhcpbridge - type: executable - default: '$bindir/nova-dhcpbridge' - help: 'location of nova-dhcpbridge' - - - name: routing_source_ip - type: host - default: '$my_ip' - help: 'Public IP of network host' - - - name: dhcp_lease_time - type: integer - default: 120 - help: 'Lifetime of a DHCP lease in seconds' - - - name: dns_server - type: multi - default: '' - help: 'if set, uses specific dns server for dnsmasq. Canbe specified multiple times.' - - - name: use_network_dns_servers - type: boolean - default: false - help: 'if set, uses the dns1 and dns2 from the network ref.as dns servers.' - - - name: dmz_cidr - type: list - default: [] - help: 'A list of dmz range that should be accepted' - - - name: force_snat_range - type: multi - default: '' - help: 'Traffic to this range will always be snatted to the fallback ip, even if it would normally be bridged out of the node. Can be specified multiple times.' - - - name: dnsmasq_config_file - type: string - default: '' - help: 'Override the default dnsmasq settings with this file' - - - name: linuxnet_interface_driver - type: string - default: 'nova.network.linux_net.LinuxBridgeInterfaceDriver' - help: 'Driver used to create ethernet devices.' - - - name: linuxnet_ovs_integration_bridge - type: string - default: 'br-int' - help: 'Name of Open vSwitch bridge used with linuxnet' - - - name: send_arp_for_ha - type: boolean - default: false - help: 'send gratuitous ARPs for HA setup' - - - name: send_arp_for_ha_count - type: integer - default: 3 - help: 'send this many gratuitous ARPs for HA setup' - - - name: use_single_default_gateway - type: boolean - default: false - help: 'Use single default gateway. Only first nic of vm will get default gateway from dhcp server' - - - name: forward_bridge_interface - type: multi - default: 'all' - help: 'An interface that bridges can forward to. If this is set to all then all traffic will be forwarded. Can be specified multiple times.' - - - name: metadata_host - type: host - default: '$my_ip' - help: 'the ip for the metadata api server' - - - name: metadata_port - type: port - default: 8775 - help: 'the port for the metadata api port' - - - name: iptables_top_regex - type: regex - default: '' - help: 'Regular expression to match iptables rule that should always be on the top.' - - - name: iptables_bottom_regex - type: regex - default: '' - help: 'Regular expression to match iptables rule that should always be on the bottom.' - - - name: iptables_drop_action - type: string - default: 'DROP' - help: 'The table that iptables to jump to when a packet is to be dropped.' - - - name: flat_network_bridge - type: string - default: ~ - help: 'Bridge for simple network instances' - - - name: flat_network_dns - type: host - default: '8.8.4.4' - help: 'Dns for simple network' - - - name: flat_injected - type: boolean - default: false - help: 'Whether to attempt to inject network setup into guest' - - - name: flat_interface - type: string - default: ~ - help: 'FlatDhcp will bridge into this interface if set' - - - name: vlan_start - type: integer - default: 100 - help: 'First VLAN for private networks' - - - name: vmware.vlan_interface - type: string - default: 'vmnic0' - help: 'Physical ethernet adapter name for vlan networking' - - - name: num_networks - type: integer - default: 1 - help: 'Number of networks to support' - - - name: vpn_ip - type: host - default: '$my_ip' - help: 'Public IP for the cloudpipe VPN servers' - - - name: vpn_start - type: port - default: 1000 - help: 'First Vpn port for private networks' - - - name: network_size - type: integer - default: 256 - help: 'Number of addresses in each private subnet' - - - name: fixed_range_v6 - type: string - default: 'fd00::/48' - help: 'Fixed IPv6 address block' - - - name: fixed_range - type: network - default: '' - help: 'Fixed IPv4 address block' - - - name: gateway - type: host - default: ~ - help: 'Default IPv4 gateway' - - - name: gateway_v6 - type: host_v6 - default: ~ - help: 'Default IPv6 gateway' - - - name: cnt_vpn_clients - type: integer - default: 0 - help: 'Number of addresses reserved for vpn clients' - - - name: fixed_ip_disassociate_timeout - type: integer - default: 600 - help: 'Seconds after which a deallocated ip is disassociated' - - - name: create_unique_mac_address_attempts - type: integer - default: 5 - help: 'Number of attempts to create unique mac address' - - - name: fake_network - type: boolean - default: false - help: 'If passed, use fake network devices and addresses' - - - name: fake_call - type: boolean - default: false - help: 'If True, skip using the queue and make local calls' - - - name: teardown_unused_network_gateway - type: boolean - default: false - help: 'If True, unused gateway devices' - - - name: force_dhcp_release - type: boolean - default: true - help: 'If True, send a dhcp release on instance termination' - - - name: share_dhcp_address - type: boolean - default: false - help: 'If True in multi_host mode, all compute hosts share the same dhcp address. The same IP address used for DHCP will be added on each nova-network node which is only visible to the vms on the same host.' - - - name: update_dns_entries - type: boolean - default: false - help: 'If True, when a DNS entry must be updated, it sends a fanout cast to all network hosts to update their DNS entries in multi host mode' - - - name: dns_update_periodic_interval - type: integer - default: -1 - help: 'Number of seconds to wait between runs of updates to DNS entries.' - - - name: dhcp_domain - type: string - default: 'novalocal' - help: 'domain to use for building the hostnames' - - - name: l3_lib - type: string - default: 'nova.network.l3.LinuxNetL3' - help: 'Indicates underlying L3 management library' - - - name: neutron_url - type: string - default: 'http://127.0.0.1:9696' - help: 'URL for connecting to neutron' - comment: 'New param' - - - name: neutron_url_timeout - type: integer - default: 30 - help: 'timeout value for connecting to neutron in seconds' - - - name: neutron_admin_username - type: string - default: ~ - help: 'username for connecting to neutron in admin context' - - - name: neutron_admin_password - type: string - default: ~ - help: 'password for connecting to neutron in admin context' - - - name: neutron_admin_tenant_name - type: string - default: ~ - help: 'tenant name for connecting to neutron in admin context' - - - name: neutron_region_name - type: string - default: ~ - help: 'region name for connecting to neutron in admin context' - - - name: neutron_admin_auth_url - type: string - default: 'http://localhost:5000/v2.0' - help: 'auth url for connecting to neutron in admin context' - - - name: neutron_api_insecure - type: boolean - default: false - help: 'if set, ignore any SSL validation issues' - - - name: neutron_auth_strategy - type: string - default: 'keystone' - help: 'auth strategy for connecting to neutron in admin context' - - - name: neutron_ovs_bridge - type: string - default: 'br-int' - help: 'Name of Integration Bridge used by Open vSwitch' - - - name: neutron_extension_sync_interval - type: integer - default: 600 - help: 'Number of seconds before querying neutron for extensions' - - - name: neutron_ca_certificates_file - type: file - default: ~ - help: 'Location of ca certicates file to use for neutronclient requests.' - - - name: dhcp_options_enabled - type: boolean - default: false - help: 'Use per-port DHCP options with Neutron' - - - name: network_topic - type: string - default: 'network' - help: 'the topic network nodes listen on' - - - name: multi_host - type: boolean - default: false - help: 'Default value for multi_host in networks. Also, if set, some rpc network calls will be sent directly to host.' - - - name: security_group_api - type: string - default: 'nova' - help: 'The full class name of the security API class' - - - name: buckets_path - type: directory - default: '$state_path/buckets' - help: 'path to s3 buckets' - - - name: s3_listen - type: host - default: '0.0.0.0' - help: 'IP address for S3 API to listen' - - - name: s3_listen_port - type: port - default: 3333 - help: 'port for s3 api to listen' - comment: 'New param' - - - name: sqlite_db - type: file - default: 'nova.sqlite' - help: 'the filename to use with sqlite' - - - name: sqlite_synchronous - type: boolean - default: true - help: 'If true, use synchronous mode for sqlite' - - - name: backdoor_port - type: string - default: ~ - help: "Enable eventlet backdoor. Acceptable values are 0, and :, where 0 results in listening on a random tcp port number, results in listening on the specified port number and not enabling backdoorif it is in use and : results in listening on the smallest unused port number within the specified range of port numbers. The chosen port is displayed in the service's log file." - comment: 'New param' - - - name: disable_process_locking - type: boolean - default: false - help: 'Whether to disable inter-process locks' - - - name: lock_path - type: directory - default: ~ - help: 'Directory to use for lock files.' - - - name: debug - type: boolean - default: false - help: 'Print debugging output' - - - name: verbose - type: boolean - default: false - help: 'Print more verbose output' - - - name: use_stderr - type: boolean - default: true - help: 'Log output to standard error' - - - name: logging_context_format_string - type: string - default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s' - help: 'format string to use for log messages with context' - comment: 'New param' - - - name: logging_default_format_string - type: string - default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s' - help: 'format string to use for log messages without context' - comment: 'New param' - - - name: logging_debug_format_suffix - type: string - default: '%(funcName)s %(pathname)s:%(lineno)d' - help: 'data to append to log format when level is DEBUG' - comment: 'New param' - - - name: logging_exception_prefix - type: string - default: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' - help: 'prefix each line of exception output with this format' - comment: 'New param' - - - name: default_log_levels - type: list - default: ['amqplib=WARN', 'sqlalchemy=WARN', 'boto=WARN', 'suds=INFO', 'keystone=INFO', 'eventlet.wsgi.server=WARN'] - help: 'list of logger=LEVEL pairs' - - - name: publish_errors - type: boolean - default: false - help: 'publish error events' - - - name: fatal_deprecations - type: boolean - default: false - help: 'make deprecations fatal' - - - name: instance_format - type: string - default: '"[instance: %(uuid)s] "' - help: 'If an instance is passed with the log message, format it like this' - - - name: instance_uuid_format - type: string - default: '"[instance: %(uuid)s] "' - help: 'If an instance UUID is passed with the log message, format it like this' - - - name: log_config - type: file - default: ~ - help: 'If this option is specified, the logging configuration file specified is used and overrides any other logging options specified. Please see the Python logging module documentation for details on logging configuration files.' - - - name: log_format - type: string - default: ~ - help: 'DEPRECATED. A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes. This option is deprecated. Please use logging_context_format_string and logging_default_format_string instead.' - - - name: log_date_format - type: string - default: '%Y-%m-%d %H:%M:%S' - help: 'Format string for %%(asctime)s in log records. Default: %(default)s' - comment: 'New param' - - - name: log_file - type: file - default: ~ - help: '(Optional) Name of log file to output to. If no default is set, logging will go to stdout.' - - - name: log_dir - type: directory - default: ~ - help: '(Optional) The base directory used for relative --log-file paths' - - - name: use_syslog - type: boolean - default: false - help: 'Use syslog for logging.' - - - name: syslog_log_facility - type: string - default: 'LOG_USER' - help: 'syslog facility to receive log lines' - - - name: memcached_servers - type: list - default: ~ - help: 'Memcached servers or None for in process cache.' - - - name: notification_driver - type: multi - default: '' - help: 'Driver or drivers to handle sending notifications' - - - name: default_notification_level - type: enum - type_args: {'values': ['DEBUG', 'INFO', 'WARNING', 'ERROR', 'CRITICAL']} - default: 'INFO' - help: 'Default notification level for outgoing notifications' - - - name: default_publisher_id - type: string - default: ~ - help: 'Default publisher_id for outgoing notifications' - - - name: notification_topics - type: list - default: ['notifications'] - help: 'AMQP topic used for OpenStack notifications' - - - name: run_external_periodic_tasks - type: boolean - default: true - help: 'Some periodic tasks can be run in a separate process. Should we run them here?' - - - name: rpc_backend - type: string - default: 'nova.openstack.common.rpc.impl_kombu' - help: 'The messaging module to use, defaults to kombu.' - - - name: rpc_thread_pool_size - type: integer - default: 64 - help: 'Size of RPC thread pool' - - - name: rpc_conn_pool_size - type: integer - default: 30 - help: 'Size of RPC connection pool' - - - name: rpc_response_timeout - type: integer - default: 60 - help: 'Seconds to wait for a response from call or multicall' - - - name: rpc_cast_timeout - type: integer - default: 30 - help: 'Seconds to wait before a cast expires' - - - name: allowed_rpc_exception_modules - type: list - default: ['nova.exception', 'cinder.exception', 'exceptions'] - help: 'Modules of exceptions that are permitted to be recreatedupon receiving exception data from an rpc call.' - - - name: fake_rabbit - type: boolean - default: false - help: 'If passed, use a fake RabbitMQ provider' - - - name: control_exchange - type: string - default: 'openstack' - help: 'AMQP exchange to connect to if using RabbitMQ or Qpid' - - - name: amqp_durable_queues - type: boolean - default: false - help: 'Use durable queues in amqp.' - - - name: amqp_auto_delete - type: boolean - default: false - help: 'Auto-delete queues in amqp.' - - - name: kombu_ssl_version - type: string - default: '' - help: 'SSL version to use' - - - name: kombu_ssl_keyfile - type: file - default: '' - help: 'SSL key file' - - - name: kombu_ssl_certfile - type: file - default: '' - help: 'SSL cert file' - - - name: kombu_ssl_ca_certs - type: file - default: '' - help: 'SSL certification authority file' - - - name: rabbit_host - type: host - default: 'localhost' - help: 'The RabbitMQ broker address where a single node is used' - deprecated: 'Deprecated in favor of rabbit_hosts' - - - name: rabbit_port - type: port - default: 5672 - help: 'The RabbitMQ broker port where a single node is used' - deprecated: 'Deprecated in favor of rabbit_hosts' - - - name: rabbit_hosts - type: list - default: ['$rabbit_host:$rabbit_port'] - help: 'RabbitMQ HA cluster host:port pairs' - - - name: rabbit_use_ssl - type: boolean - default: false - help: 'connect over SSL for RabbitMQ' - - - name: rabbit_userid - type: string - default: 'guest' - help: 'the RabbitMQ userid' - - - name: rabbit_password - type: string - default: 'guest' - help: 'the RabbitMQ password' - - - name: rabbit_virtual_host - type: string - default: '/' - help: 'the RabbitMQ virtual host' - - - name: rabbit_retry_interval - type: integer - default: 1 - help: 'how frequently to retry connecting with RabbitMQ' - - - name: rabbit_retry_backoff - type: integer - default: 2 - help: 'how long to backoff for between retries when connecting to RabbitMQ' - - - name: rabbit_max_retries - type: integer - default: 0 - help: 'maximum retries with trying to connect to RabbitMQ' - - - name: rabbit_ha_queues - type: boolean - default: false - help: 'use H/A queues in RabbitMQ' - - - name: qpid_hostname - type: host - default: 'localhost' - help: 'Qpid broker hostname' - deprecated: 'Deprecated in favor of qpid_hosts' - - - name: qpid_port - type: port - default: 5672 - help: 'Qpid broker port' - deprecated: 'Deprecated in favor of qpid_hosts' - - - name: qpid_hosts - type: list - default: ['$qpid_hostname:$qpid_port'] - help: 'Qpid HA cluster host:port pairs' - - - name: qpid_username - type: string - default: '' - help: 'Username for qpid connection' - - - name: qpid_password - type: string - default: '' - help: 'Password for qpid connection' - - - name: qpid_sasl_mechanisms - type: string - default: '' - help: 'Space separated list of SASL mechanisms to use for auth' - - - name: qpid_heartbeat - type: integer - default: 60 - help: 'Seconds between connection keepalive heartbeats' - - - name: qpid_protocol - type: enum - type_args: {'values': ['tcp', 'ssl']} - default: 'tcp' - help: "Transport to use, either 'tcp' or 'ssl'" - - - name: qpid_tcp_nodelay - type: boolean - default: true - help: 'Disable Nagle algorithm' - - - name: qpid_topology_version - type: integer - default: 1 - help: 'The qpid topology version to use. Version 1 is what was originally used by impl_qpid. Version 2 includes some backwards-incompatible changes that allow broker federation to work. Users should update to version 2 when they are able to take everything down, as it requires a clean break.' - - - name: rpc_zmq_bind_address - type: string - default: '*' - help: 'ZeroMQ bind address. Should be a wildcard' - - - name: rpc_zmq_matchmaker - type: string - default: 'nova.openstack.common.rpc.matchmaker.MatchMakerLocalhost' - help: 'MatchMaker driver' - - - name: rpc_zmq_port - type: port - default: 9501 - help: 'ZeroMQ receiver listening port' - - - name: rpc_zmq_contexts - type: integer - default: 1 - help: 'Number of ZeroMQ contexts, defaults to 1' - - - name: rpc_zmq_topic_backlog - type: integer - default: ~ - help: 'Maximum number of ingress messages to locally buffer per topic. Default is unlimited.' - - - name: rpc_zmq_ipc_dir - type: directory - default: '/var/run/openstack' - help: 'Directory for holding IPC sockets' - - - name: rpc_zmq_host - type: host - default: 'nova' - help: "Name of this node. Must be a valid hostname, FQDN, or IP address. Must match 'host' option, if running nova." - - - name: matchmaker_heartbeat_freq - type: integer - default: 300 - help: 'Heartbeat frequency' - - - name: matchmaker_heartbeat_ttl - type: integer - default: 600 - help: 'Heartbeat time-to-live.' - - - name: pci_alias - type: multi - default: '' - help: "An alias for a PCI passthrough device requirement. This allows users to specify the alias in the extra_spec for a flavor, without needing to repeat all the PCI property requirements. For example: pci_alias = { 'name': 'QuicAssist', 'product_id': '0443', 'vendor_id': '8086', 'device_type': 'ACCEL' } defines an alias for the Intel QuickAssist card." - - - name: pci_passthrough_whitelist - type: multi - default: '' - help: "White list of PCI devices available to VMs. For example: pci_passthrough_whitelist = [{'vendor_id': '8086', 'product_id': '0443'}]" - - - name: scheduler_host_manager - type: string - default: 'nova.scheduler.host_manager.HostManager' - help: 'The scheduler host manager class to use' - - - name: scheduler_max_attempts - type: integer - default: 3 - help: 'Maximum number of attempts to schedule an instance' - - - name: scheduler_host_subset_size - type: integer - default: 1 - help: 'New instances will be scheduled on a host chosen randomly from a subset of the N best hosts. This property defines the subset size that a host is chosen from. A value of 1 chooses the first host returned by the weighing functions. This value must be at least 1. Any value less than 1 will be ignored, and 1 will be used instead' - - - name: cpu_allocation_ratio - type: float - default: 16.0 - help: 'Virtual CPU to physical CPU allocation ratio which affects all CPU filters. This configuration specifies a global ratio for CoreFilter. For AggregateCoreFilter, it will fall back to this configuration value if no per-aggregate setting found.' - - - name: disk_allocation_ratio - type: float - default: 1.0 - help: 'virtual disk to physical disk allocation ratio' - - - name: max_io_ops_per_host - type: integer - default: 8 - help: 'Ignore hosts that have too many builds/resizes/snaps/migrations' - - - name: isolated_images - type: list - default: [] - help: 'Images to run on isolated host' - - - name: isolated_hosts - type: list - default: [] - help: 'Host reserved for specific images' - - - name: restrict_isolated_hosts_to_isolated_images - type: boolean - default: true - help: 'Whether to force isolated hosts to run only isolated images' - - - name: max_instances_per_host - type: integer - default: 50 - help: 'Ignore hosts that have too many instances' - - - name: ram_allocation_ratio - type: float - default: 1.5 - help: 'Virtual ram to physical ram allocation ratio which affects all ram filters. This configuration specifies a global ratio for RamFilter. For AggregateRamFilter, it will fall back to this configuration value if no per-aggregate setting found.' - - - name: scheduler_available_filters - type: multi - default: 'nova.scheduler.filters.all_filters' - help: "Filter classes available to the scheduler which may be specified more than once. An entry of 'nova.scheduler.filters.standard_filters' maps to all filters included with nova." - - - name: scheduler_default_filters - type: list - default: ['RetryFilter', 'AvailabilityZoneFilter', 'RamFilter', 'ComputeFilter', 'ComputeCapabilitiesFilter', 'ImagePropertiesFilter'] - help: 'Which filter class names to use for filtering hosts when not specified in the request.' - - - name: cells.scheduler_weight_classes - type: list - default: ['nova.cells.weights.all_weighers'] - help: "Weigher classes the cells scheduler should use. An entry of 'nova.cells.weights.all_weighers' maps to all cell weighers included with nova." - - - name: scheduler_driver - type: string - default: 'nova.scheduler.filter_scheduler.FilterScheduler' - help: 'Default driver to use for the scheduler' - - - name: scheduler_topic - type: string - default: 'scheduler' - help: 'the topic scheduler nodes listen on' - - - name: scheduler_json_config_location - type: file - default: '' - help: 'Absolute path to scheduler configuration JSON file.' - - - name: cells.ram_weight_multiplier - type: float - default: 10.0 - help: 'Multiplier used for weighing ram. Negative numbers mean to stack vs spread.' - - - name: servicegroup_driver - type: string - default: 'db' - help: 'The driver for servicegroup service' - - - name: config_drive_format - type: string - default: 'iso9660' - help: 'Config drive format. One of iso9660' - - - name: config_drive_tempdir - type: directory - default: ~ - help: 'Where to put temporary files associated with config drive creation' - - - name: force_config_drive - type: string - default: ~ - help: 'Set to force injection to take place on a config drive' - - - name: mkisofs_cmd - type: string - default: 'genisoimage' - help: 'Name and optionally path of the tool used for ISO image creation' - - - name: baremetal.injected_network_template - type: file - default: '$pybasedir/nova/virt/baremetal/interfaces.template' - help: 'Template file for injected network' - - - name: virt_mkfs - type: string - default: 'windowsmkfs.ntfs --force --fast --label %(fs_label)s %(target)s' - - - name: resize_fs_using_block_device - type: boolean - default: true - help: 'Attempt to resize the filesystem by accessing the image over a block device. This is done by the host and may not be necessary if the image contains a recent version of cloud- init. Possible mechanisms require the nbd driver' - - - name: timeout_nbd - type: integer - default: 10 - help: 'time to wait for a NBD device coming up' - - - name: docker_registry_default_port - type: port - default: 5042 - help: 'Default TCP port to find the docker-registry container' - - - name: compute_driver - type: string - default: ~ - help: 'Driver to use for controlling virtualization. Options include: libvirt.LibvirtDriver, xenapi.XenAPIDriver, fake.FakeDriver, baremetal.BareMetalDriver, vmwareapi.VMwareESXDriver, vmwareapi.VMwareVCDriver' - - - name: default_ephemeral_format - type: string - default: ~ - help: 'The default format an ephemeral_volume will be formatted with on creation.' - - - name: preallocate_images - type: enum - type_args: {'values': ['none', 'space']} - default: 'none' - help: "VM image preallocation mode: 'none' => no storage provisioning is done up front, 'space' => storage is fully allocated at instance start" - - - name: use_cow_images - type: boolean - default: true - help: 'Whether to use cow images' - - - name: firewall_driver - type: string - default: ~ - help: 'Firewall driver' - - - name: allow_same_net_traffic - type: boolean - default: true - help: 'Whether to allow network traffic from same network' - - - name: force_raw_images - type: boolean - default: true - help: 'Force backing images to raw format' - - - name: rescue_image_id - type: string - default: ~ - help: 'Rescue ami image' - - - name: rescue_kernel_id - type: string - default: ~ - help: 'Rescue aki image' - - - name: rescue_ramdisk_id - type: string - default: ~ - help: 'Rescue ari image' - - - name: libvirt_type - type: string - default: 'kvm' - help: 'Libvirt domain type' - - - name: libvirt_uri - type: string - default: '' - help: 'Override the default libvirt URI' - - - name: libvirt_inject_password - type: boolean - default: false - help: 'Inject the admin password at boot time, without an agent.' - - - name: libvirt_inject_key - type: boolean - default: true - help: 'Inject the ssh public key at boot time' - - - name: libvirt_inject_partition - type: integer - default: 1 - help: 'The partition to inject to : -2 => disable, -1 => inspect' - - - name: use_usb_tablet - type: boolean - default: true - help: 'Sync virtual and real mouse cursors in Windows VMs' - - - name: live_migration_uri - type: string - default: 'qemu+tcp://%s/system' - help: 'Migration target URI' - - - name: live_migration_flag - type: string - default: 'VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER' - help: 'Migration flags to be set for live migration' - - - name: block_migration_flag - type: string - default: 'VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER, VIR_MIGRATE_NON_SHARED_INC' - help: 'Migration flags to be set for block migration' - - - name: live_migration_bandwidth - type: integer - default: 0 - help: 'Maximum bandwidth to be used during migration, in Mbps' - - - name: snapshot_image_format - type: string - default: ~ - help: 'Snapshot image format' - - - name: libvirt_vif_driver - type: string - default: 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver' - help: 'The libvirt VIF driver to configure the VIFs.' - - - name: libvirt_volume_drivers - type: list - default: ['iscsinova.virt.libvirt.volume.LibvirtISCSIVolumeDriver', 'isernova.virt.libvirt.volume.LibvirtISERVolumeDriver', 'localnova.virt.libvirt.volume.LibvirtVolumeDriver', 'fakenova.virt.libvirt.volume.LibvirtFakeVolumeDriver', 'rbdnova.virt.libvirt.volume.LibvirtNetVolumeDriver', 'sheepdognova.virt.libvirt.volume.LibvirtNetVolumeDriver', 'nfsnova.virt.libvirt.volume.LibvirtNFSVolumeDriver', 'aoenova.virt.libvirt.volume.LibvirtAOEVolumeDriver', 'glusterfsnova.virt.libvirt.volume.LibvirtGlusterfsVolumeDriver', 'fibre_channelnova.virt.libvirt.volume.LibvirtFibreChannelVolumeDriver', 'scalitynova.virt.libvirt.volume.LibvirtScalityVolumeDriver'] - help: 'Libvirt handlers for remote volumes.' - - - name: libvirt_disk_prefix - type: string - default: ~ - help: 'Override the default disk prefix for the devices attached to a server, which is dependent on libvirt_type.' - - - name: libvirt_wait_soft_reboot_seconds - type: integer - default: 120 - help: 'Number of seconds to wait for instance to shut down after soft reboot request is made. We fall back to hard reboot if instance does not shutdown within this window.' - - - name: libvirt_nonblocking - type: boolean - default: true - help: 'Use a separated OS thread pool to realize non-blocking libvirt calls' - - - name: libvirt_cpu_mode - type: enum - type_args: {'values': ['host-model', 'host-passthrough', 'custom', 'none']} - default: ~ - help: "Set to 'host-model' to clone the host CPU feature flags; to 'host-passthrough' to use the host CPU model exactly; to 'custom' to use a named CPU model; to 'none' to not set any CPU model. If libvirt_type='kvm|qemu', it will default to 'host-model', otherwise it will default to 'none'" - - - name: libvirt_cpu_model - type: string - default: ~ - help: 'Set to a named libvirt CPU model' - - - name: libvirt_snapshots_directory - type: directory - default: '$instances_path/snapshots' - help: 'Location where libvirt driver will store snapshots before uploading them to image service' - - - name: xen_hvmloader_path - type: executable - default: '/usr/lib/xen/boot/hvmloader' - help: 'Location where the Xen hvmloader is kept' - comment: 'New param' - - - name: disk_cachemodes - type: list - default: [] - help: "Specific cachemodes to use for different disk types e.g: ['file=directsync','block=none']" - - - name: vcpu_pin_set - type: string - default: ~ - help: "Which pcpus can be used by vcpus of instance e.g: '4-12,^8,15'" - - - name: libvirt_images_type - type: string - default: 'default' - help: 'VM Images format. Acceptable values are: raw, qcow2, lvm,rbd, default. If default is specified, then use_cow_images flag is used instead of this one.' - - - name: libvirt_images_volume_group - type: string - default: ~ - help: 'LVM Volume Group that is used for VM images, when you specify libvirt_images_type=lvm.' - - - name: libvirt_sparse_logical_volumes - type: boolean - default: false - help: 'Create sparse logical volumes' - - - name: libvirt_lvm_snapshot_size - type: integer - default: 1000 - help: 'The amount of storage' - - - name: libvirt_images_rbd_pool - type: string - default: 'rbd' - help: 'the RADOS pool in which rbd volumes are stored' - - - name: libvirt_images_rbd_ceph_conf - type: file - default: '' - help: 'path to the ceph configuration file to use' - - - name: base_dir_name - type: string - default: '_base' - help: 'Where cached images are stored under $instances_path.This is NOT the full path - just a folder name.For per-compute-host cached images, set to _base_$my_ip' - - - name: image_info_filename_pattern - type: string - default: '$instances_path/$base_dir_name/%(image)s.info' - help: 'Allows image information files to be stored in non-standard locations' - - - name: remove_unused_base_images - type: boolean - default: true - help: 'Should unused base images be removed?' - - - name: remove_unused_kernels - type: boolean - default: false - help: 'Should unused kernel images be removed? This is only safe to enable if all compute nodes have been updated to support this option. This will enabled by default in future.' - - - name: remove_unused_resized_minimum_age_seconds - type: integer - default: 3600 - help: 'Unused resized base images younger than this will not be removed' - - - name: remove_unused_original_minimum_age_seconds - type: integer - default: 86400 - help: 'Unused unresized base images younger than this will not be removed' - - - name: checksum_base_images - type: boolean - default: false - help: 'Write a checksum for files in _base to disk' - - - name: checksum_interval_seconds - type: integer - default: 3600 - help: 'How frequently to checksum base images' - - - name: libvirt_snapshot_compression - type: boolean - default: false - help: 'Compress snapshot images when possible. This currently applies exclusively to qcow2 images' - - - name: libvirt_ovs_bridge - type: string - default: 'br-int' - help: 'Name of Integration Bridge used by Open vSwitch' - - - name: libvirt_use_virtio_for_bridges - type: boolean - default: true - help: 'Use virtio for bridge interfaces with KVM/QEMU' - - - name: num_iscsi_scan_tries - type: integer - default: 3 - help: 'number of times to rescan iSCSI target to find volume' - - - name: num_iser_scan_tries - type: integer - default: 3 - help: 'number of times to rescan iSER target to find volume' - - - name: rbd_user - type: string - default: ~ - help: 'the RADOS client name for accessing rbd volumes' - - - name: rbd_secret_uuid - type: string - default: ~ - help: 'the libvirt uuid of the secret for the rbd_uservolumes' - - - name: nfs_mount_point_base - type: directory - default: '$state_path/mnt' - help: 'Dir where the nfs volume is mounted on the compute node' - - - name: nfs_mount_options - type: string - default: ~ - help: 'Mount options passed to the nfs client. See section of the nfs man page for details' - - - name: num_aoe_discover_tries - type: integer - default: 3 - help: 'number of times to rediscover AoE target to find volume' - - - name: glusterfs_mount_point_base - type: directory - default: '$state_path/mnt' - help: 'Dir where the glusterfs volume is mounted on the compute node' - - - name: libvirt_iscsi_use_multipath - type: boolean - default: false - help: 'use multipath connection of the iSCSI volume' - - - name: libvirt_iser_use_multipath - type: boolean - default: false - help: 'use multipath connection of the iSER volume' - - - name: scality_sofs_config - type: string - default: ~ - help: 'Path or URL to Scality SOFS configuration file' - comment: 'New param' - - - name: scality_sofs_mount_point - type: directory - default: '$state_path/scality' - help: 'Base dir where Scality SOFS shall be mounted' - - - name: qemu_allowed_storage_drivers - type: list - default: [] - help: 'Protocols listed here will be accessed directly from QEMU. Currently supported protocols: [gluster]' - - - name: powervm_mgr_type - type: string - default: 'ivm' - help: 'PowerVM manager type' - - - name: powervm_mgr - type: string - default: ~ - help: 'PowerVM manager host or ip' - - - name: powervm_mgr_user - type: string - default: ~ - help: 'PowerVM manager user name' - - - name: powervm_mgr_passwd - type: string - default: ~ - help: 'PowerVM manager user password' - - - name: powervm_img_remote_path - type: directory - default: '/home/padmin' - help: 'PowerVM image remote path where images will be moved. Make sure this path can fit your biggest image in glance' - - - name: powervm_img_local_path - type: directory - default: '/tmp' - help: 'Local directory to download glance images to. Make sure this path can fit your biggest image in glance' - - - name: agent_timeout - type: integer - default: 30 - help: 'number of seconds to wait for agent reply' - - - name: agent_version_timeout - type: integer - default: 300 - help: 'number of seconds to wait for agent to be fully operational' - - - name: agent_resetnetwork_timeout - type: integer - default: 60 - help: 'number of seconds to wait for agent reply to resetnetwork request' - - - name: xenapi_agent_path - type: string - default: 'usr/sbin/xe-update-networking' - help: 'Specifies the path in which the xenapi guest agent should be located. If the agent is present, network configuration is not injected into the image. Used if compute_driver=xenapi.XenAPIDriver and flat_injected=True' - comment: 'New param' - - - name: xenapi_disable_agent - type: boolean - default: false - help: 'Disables the use of the XenAPI agent in any image regardless of what image properties are present. ' - - - name: xenapi_use_agent_default - type: boolean - default: false - help: "Determines if the xenapi agent should be used when the image used does not contain a hint to declare if the agent is present or not. The hint is a glance property 'xenapi_use_agent' that has the value 'true' or 'false'. Note that waiting for the agent when it is not present will significantly increase server boot times." - - - name: xenapi_connection_url - type: string - default: ~ - help: 'URL for connection to XenServer/Xen Cloud Platform. A special value of unix://local can be used to connect to the local unix socket. Required if compute_driver=xenapi.XenAPIDriver' - - - name: xenapi_connection_username - type: string - default: 'root' - help: 'Username for connection to XenServer/Xen Cloud Platform. Used only if compute_driver=xenapi.XenAPIDriver' - - - name: xenapi_connection_password - type: string - default: ~ - help: 'Password for connection to XenServer/Xen Cloud Platform. Used only if compute_driver=xenapi.XenAPIDriver' - - - name: xenapi_connection_concurrent - type: integer - default: 5 - help: 'Maximum number of concurrent XenAPI connections. Used only if compute_driver=xenapi.XenAPIDriver' - - - name: xenapi_vhd_coalesce_poll_interval - type: float - default: 5.0 - help: 'The interval used for polling of coalescing vhds. Used only if compute_driver=xenapi.XenAPIDriver' - - - name: xenapi_check_host - type: boolean - default: true - help: 'Ensure compute service is running on host XenAPI connects to.' - - - name: xenapi_vhd_coalesce_max_attempts - type: integer - default: 5 - help: 'Max number of times to poll for VHD to coalesce. Used only if compute_driver=xenapi.XenAPIDriver' - - - name: xenapi_sr_base_path - type: directory - default: '/var/run/sr-mount' - help: 'Base path to the storage repository' - - - name: target_host - type: host - default: ~ - help: 'iSCSI Target Host' - - - name: target_port - type: port - default: 3260 - help: 'iSCSI Target Port, 3260 Default' - - - name: iqn_prefix - type: string - default: 'iqn.2010-10.org.openstack' - help: 'IQN Prefix' - - - name: xenapi_remap_vbd_dev - type: boolean - default: false - help: 'Used to enable the remapping of VBD dev' - - - name: xenapi_remap_vbd_dev_prefix - type: string - default: 'sd' - help: 'Specify prefix to remap VBD dev to' - - - name: xenapi_login_timeout - type: integer - default: 10 - help: 'Timeout in seconds for XenAPI login.' - - - name: xenapi_torrent_base_url - type: string - default: ~ - help: 'Base URL for torrent files.' - - - name: xenapi_torrent_seed_chance - type: float - default: 1.0 - help: 'Probability that peer will become a seeder.' - - - name: xenapi_torrent_seed_duration - type: integer - default: 3600 - help: 'Number of seconds after downloading an image via BitTorrent that it should be seeded for other peers.' - - - name: xenapi_torrent_max_last_accessed - type: integer - default: 86400 - help: 'Cached torrent files not accessed within this number of seconds can be reaped' - - - name: xenapi_torrent_listen_port_start - type: port - default: 6881 - help: 'Beginning of port range to listen on' - - - name: xenapi_torrent_listen_port_end - type: port - default: 6891 - help: 'End of port range to listen on' - - - name: xenapi_torrent_download_stall_cutoff - type: integer - default: 600 - help: 'Number of seconds a download can remain at the same progress percentage w/o being considered a stall' - - - name: xenapi_torrent_max_seeder_processes_per_host - type: integer - default: true - help: 'Maximum number of seeder processes to run concurrently within a given dom0.' - - - name: use_join_force - type: boolean - default: true - help: 'To use for hosts with different CPUs' - - - name: xenapi_ovs_integration_bridge - type: string - default: 'xapi1' - help: 'Name of Integration Bridge used by Open vSwitch' - - - name: cache_images - type: string - default: 'all' - help: 'Cache glance images locally. `all` will cache all images, `some` will only cache images that have the image_property `cache_in_nova=True`, and `none` turns off caching entirely' - - - name: xenapi_image_compression_level - type: integer - default: ~ - help: 'Compression level for images, e.g., 9 for gzip -9. Range is 1-9, 9 being most compressed but most CPU intensive on dom0.' - - - name: default_os_type - type: string - default: 'linux' - help: 'Default OS type' - - - name: block_device_creation_timeout - type: integer - default: 10 - help: 'Time to wait for a block device to be created' - - - name: max_kernel_ramdisk_size - type: integer - default: 16777216 - help: 'Maximum size in bytes of kernel or ramdisk images' - - - name: sr_matching_filter - type: string - default: 'default-sr:true' - help: 'Filter for finding the SR to be used to install guest instances on. To use the Local Storage in default XenServer/XCP installations set this flag to other-config :i18n-key=local-storage. To select an SR with a different matching criteria, you could set it to other- config:my_favorite_sr=true. On the other hand, to fall back on the Default SR, as displayed by XenCenter, set this flag to: default-sr:true' - - - name: xenapi_sparse_copy - type: boolean - default: true - help: 'Whether to use sparse_copy for copying data on a resize down' - - - name: xenapi_num_vbd_unplug_retries - type: integer - default: 10 - help: 'Maximum number of retries to unplug VBD' - - - name: xenapi_torrent_images - type: string - default: 'none' - help: 'Whether or not to download images via Bit Torrent' - - - name: xenapi_ipxe_network_name - type: string - default: ~ - help: 'Name of network to use for booting iPXE ISOs' - - - name: xenapi_ipxe_boot_menu_url - type: string - default: ~ - help: 'URL to the iPXE boot menu' - - - name: xenapi_ipxe_mkisofs_cmd - type: string - default: 'mkisofs' - help: 'Name and optionally path of the tool used for ISO image creation' - - - name: xenapi_running_timeout - type: integer - default: 60 - help: 'number of seconds to wait for instance to go to running state' - - - name: xenapi_vif_driver - type: string - default: 'nova.virt.xenapi.vif.XenAPIBridgeDriver' - help: 'The XenAPI VIF driver using XenServer Network APIs.' - - - name: xenapi_image_upload_handler - type: string - default: 'nova.virt.xenapi.image.glance.GlanceStore' - help: 'Dom0 plugin driver used to handle image uploads.' - - - name: novncproxy_base_url - type: string - default: 'http://127.0.0.1:6080/vnc_auto.html' - help: "location of vnc console proxy, in the form 'http://127.0.0.1:6080/vnc_auto.html'" - - - name: xvpvncproxy_base_url - type: string - default: 'http://127.0.0.1:6081/console' - help: "location of nova xvp vnc console proxy, in the form 'http://127.0.0.1:6081/console'" - - - name: vncserver_listen - type: host - default: '127.0.0.1' - help: 'IP address on which instance vncservers should listen' - - - name: vncserver_proxyclient_address - type: host - default: '127.0.0.1' - help: 'the address to which proxy clients' - - - name: vnc_enabled - type: boolean - default: true - help: 'enable vnc related features' - - - name: vnc_keymap - type: string - default: 'en-us' - help: 'keymap for vnc' - - - name: xvpvncproxy_port - type: port - default: 6081 - help: 'Port that the XCP VNC proxy should bind to' - - - name: xvpvncproxy_host - type: host - default: '0.0.0.0' - help: 'Address that the XCP VNC proxy should bind to' - - - name: volume_api_class - type: string - default: 'nova.volume.cinder.API' - help: 'The full class name of the volume API class to use' - - - name: cinder_catalog_info - type: string - default: 'volume:cinder:publicURL' - help: 'Info to match when looking for cinder in the service catalog. Format is : separated values of the form: ::' - - - name: cinder_endpoint_template - type: string - default: ~ - help: 'Override service catalog lookup with template for cinder endpoint e.g. http://localhost:8776/v1/%(project_id)s' - - - name: os_region_name - type: string - default: ~ - help: 'region name of this node' - - - name: cinder_ca_certificates_file - type: file - default: ~ - help: 'Location of ca certicates file to use for cinder client requests.' - - - name: cinder_http_retries - type: integer - default: 3 - help: 'Number of cinderclient retries on failed http calls' - - - name: cinder_api_insecure - type: boolean - default: false - help: 'Allow to perform insecure SSL requests to cinder' - - - name: cinder_cross_az_attach - type: boolean - default: true - help: 'Allow attach between instance and volume in different availability zones.' - - - name: baremetal.sql_connection - type: string - default: 'sqlite:///$state_path/baremetal_$sqlite_db' - help: 'The SQLAlchemy connection string used to connect to the bare-metal database' - - - name: hyperv.instances_path_share - type: string - default: '' - help: "The name of a Windows share name mapped to the 'instances_path' dir and used by the resize feature to copy files to the target host. If left blank, an administrative share will be used, looking for the same 'instances_path' used locally" - - - name: hyperv.force_hyperv_utils_v1 - type: boolean - default: false - help: 'Force V1 WMI utility classes' - - - name: hyperv.force_volumeutils_v1 - type: boolean - default: false - help: 'Force V1 volume utility class' - - - name: hyperv.vswitch_name - type: string - default: ~ - help: 'External virtual switch Name, if not provided, the first external virtual switch is used' - - - name: hyperv.limit_cpu_features - type: boolean - default: false - help: 'Required for live migration among hosts with different CPU features' - - - name: hyperv.config_drive_inject_password - type: boolean - default: false - help: 'Sets the admin password in the config drive image' - - - name: hyperv.qemu_img_cmd - type: string - default: 'qemu-img.exe' - help: 'qemu-img is used to convert between different image types' - - - name: hyperv.config_drive_cdrom - type: boolean - default: false - help: 'Attaches the Config Drive image as a cdrom drive instead of a disk drive' - - - name: hyperv.enable_instance_metrics_collection - type: boolean - default: false - help: "Enables metrics collections for an instance by using Hyper-V's metric APIs. Collected data can by retrieved by other apps and services, e.g.: Ceilometer. Requires Hyper-V / Windows Server 2012 and above" - - - name: hyperv.dynamic_memory_ratio - type: float - default: true - help: 'Enables dynamic memory allocation' - - - name: hyperv.volume_attach_retry_count - type: integer - default: 10 - help: 'The number of times to retry to attach a volume' - - - name: hyperv.volume_attach_retry_interval - type: integer - default: 5 - help: 'Interval between volume attachment attempts, in seconds' - - - name: zookeeper.address - type: string - default: ~ - help: 'The ZooKeeper addresses for servicegroup service in the format of host1:port,host2:port,host3:port' - - - name: zookeeper.recv_timeout - type: integer - default: 4000 - help: 'recv_timeout parameter for the zk session' - - - name: zookeeper.sg_prefix - type: string - default: '/servicegroups' - help: 'The prefix used in ZooKeeper to store ephemeral nodes' - - - name: zookeeper.sg_retry_interval - type: integer - default: 5 - help: 'Number of seconds to wait until retrying to join the session' - - - name: spice.enabled - type: boolean - default: false - help: 'enable spice related features' - - - name: osapi_v3.extensions_blacklist - type: list - default: [] - help: 'A list of v3 API extensions to never load. Specify the extension aliases here.' - - - name: osapi_v3.extensions_whitelist - type: list - default: [] - help: 'If the list is not empty then a v3 API extension will only be loaded if it exists in this list. Specify the extension aliases here.' - - - name: conductor.use_local - type: boolean - default: false - help: 'Perform nova-conductor operations locally' - - - name: cells.topic - type: string - default: 'cells' - help: 'the topic cells nodes listen on' - - - name: cells.manager - type: string - default: 'nova.cells.manager.CellsManager' - help: 'Manager for cells' - - - name: conductor.workers - type: integer - default: ~ - help: 'Number of workers for OpenStack Conductor service' - - - name: keymgr.api_class - type: string - default: 'nova.keymgr.conf_key_mgr.ConfKeyManager' - help: 'The full class name of the key manager API class' - - - name: keymgr.fixed_key - type: string - default: ~ - help: 'Fixed key returned by key manager, specified in hex' - - - name: baremetal.driver - type: string - default: 'nova.virt.baremetal.pxe.PXE' - help: 'Baremetal driver back-end' - - - name: cells.instance_updated_at_threshold - type: integer - default: 3600 - help: 'Number of seconds after an instance was updated or deleted to continue to update cells' - - - name: cells.instance_update_num_instances - type: integer - default: true - help: 'Number of instances to update per periodic task run' - - - name: cells.max_hop_count - type: integer - default: 10 - help: 'Maximum number of hops for cells routing.' - - - name: upgrade_levels.scheduler - type: string - default: ~ - help: 'Set a version cap for messages sent to scheduler services' - - - name: cells.enable - type: boolean - default: false - help: 'Enable cell functionality' - - - name: cells.name - type: string - default: 'nova' - help: 'name of this cell' - - - name: cells.capabilities - type: list - default: ['hypervisorxenserver;kvm', 'oslinux;windows'] - help: 'Key/Multi-value list with the capabilities of the cell' - - - name: cells.call_timeout - type: integer - default: 60 - help: 'Seconds to wait for response from a call to a cell.' - - - name: cells.reserve_percent - type: float - default: 10.0 - help: 'Percentage of cell capacity to hold in reserve. Affects both memory and disk utilization' - - - name: cells.cell_type - type: enum - type_args: {'values': ['api', 'compute']} - default: ~ - help: 'Type of cell: api or compute' - - - name: cells.mute_child_interval - type: integer - default: 300 - help: 'Number of seconds after which a lack of capability and capacity updates signals the child cell is to be treated as a mute.' - - - name: cells.bandwidth_update_interval - type: integer - default: 600 - help: 'Seconds between bandwidth updates for cells.' - - - name: cells.rpc_driver_queue_base - type: string - default: 'cells.intercell' - help: 'Base queue name to use when communicating between cells. Various topics by message type will be appended to this.' - - - name: cells.scheduler_filter_classes - type: list - default: ['nova.cells.filters.all_filters'] - help: "Filter classes the cells scheduler should use. An entry of 'nova.cells.filters.all_filters' maps to all cells filters included with nova." - - - name: cells.scheduler_retries - type: integer - default: 10 - help: 'How many retries when no cells are available.' - - - name: cells.scheduler_retry_delay - type: integer - default: 2 - help: 'How often to retry in seconds when no cells are available.' - - - name: cells.db_check_interval - type: integer - default: 60 - help: 'Seconds between getting fresh cell info from db.' - - - name: cells.cells_config - type: file - default: ~ - help: 'Configuration file from which to read cells configuration. If given, overrides reading cells from the database.' - - - name: cells.mute_weight_multiplier - type: float - default: -10.0 - help: 'Multiplier used to weigh mute children. ' - - - name: cells.mute_weight_value - type: float - default: 1000.0 - help: 'Weight value assigned to mute children. ' - - - name: database.backend - type: string - default: 'sqlalchemy' - help: 'The backend to use for db' - - - name: database.use_tpool - type: boolean - default: false - help: 'Enable the experimental use of thread pooling for all DB API calls' - - - name: database.connection - type: string - default: 'sqlite:////nova/openstack/common/db/$sqlite_db' - help: 'The SQLAlchemy connection string used to connect to the database' - - - name: database.slave_connection - type: string - default: '' - help: 'The SQLAlchemy connection string used to connect to the slave database' - - - name: database.idle_timeout - type: integer - default: 3600 - help: 'timeout before idle sql connections are reaped' - - - name: database.min_pool_size - type: integer - default: 1 - help: 'Minimum number of SQL connections to keep open in a pool' - - - name: database.max_pool_size - type: integer - default: ~ - help: 'Maximum number of SQL connections to keep open in a pool' - - - name: database.max_retries - type: integer - default: 10 - help: 'maximum db connection retries during startup.' - - - name: database.retry_interval - type: integer - default: 10 - help: 'interval between retries of opening a sql connection' - - - name: database.max_overflow - type: integer - default: ~ - help: 'If set, use this value for max_overflow with sqlalchemy' - - - name: database.connection_debug - type: integer - default: 0 - help: 'Verbosity of SQL debugging information. 0=None, 100=Everything' - - - name: database.connection_trace - type: boolean - default: false - help: 'Add python stack traces to SQL as comment strings' - - - name: database.pool_timeout - type: integer - default: ~ - help: 'If set, use this value for pool_timeout with sqlalchemy' - - - name: image_file_url.filesystems - type: list - default: [] - help: 'A list of filesystems that will be configured in this file under the sections image_file_url:' - - - name: baremetal.db_backend - type: string - default: 'sqlalchemy' - help: 'The backend to use for bare-metal database' - - - name: baremetal.inject_password - type: boolean - default: true - help: 'Whether baremetal compute injects password or not' - - - name: baremetal.vif_driver - type: string - default: 'nova.virt.baremetal.vif_driver.BareMetalVIFDriver' - help: 'Baremetal VIF driver.' - - - name: baremetal.volume_driver - type: string - default: 'nova.virt.baremetal.volume_driver.LibvirtVolumeDriver' - help: 'Baremetal volume driver.' - - - name: baremetal.instance_type_extra_specs - type: list - default: [] - help: "a list of additional capabilities corresponding to instance_type_extra_specs for this compute host to advertise. Valid entries are name=value, pairsFor example, 'key1:val1, key2:val2'" - - - name: baremetal.power_manager - type: string - default: 'nova.virt.baremetal.ipmi.IPMI' - help: 'Baremetal power management method' - - - name: baremetal.tftp_root - type: directory - default: '/tftpboot' - help: "Baremetal compute node's tftp root path" - - - name: baremetal.terminal - type: executable - default: 'shellinaboxd' - help: 'path to baremetal terminal program' - - - name: baremetal.terminal_cert_dir - type: directory - default: ~ - help: 'path to baremetal terminal SSL cert(PEM)' - - - name: baremetal.terminal_pid_dir - type: directory - default: '$state_path/baremetal/console' - help: 'path to directory stores pidfiles of baremetal_terminal' - - - name: baremetal.ipmi_power_retry - type: integer - default: 5 - help: 'maximal number of retries for IPMI operations' - - - name: baremetal.deploy_kernel - type: string - default: ~ - help: 'Default kernel image ID used in deployment phase' - - - name: baremetal.deploy_ramdisk - type: string - default: ~ - help: 'Default ramdisk image ID used in deployment phase' - - - name: baremetal.net_config_template - type: file - default: '$pybasedir/nova/virt/baremetal/net-dhcp.ubuntu.template' - help: 'Template file for injected network config' - - - name: baremetal.pxe_append_params - type: string - default: ~ - help: 'additional append parameters for baremetal PXE boot' - - - name: baremetal.pxe_config_template - type: file - default: '$pybasedir/nova/virt/baremetal/pxe_config.template' - help: 'Template file for PXE configuration' - - - name: baremetal.pxe_deploy_timeout - type: integer - default: 0 - help: 'Timeout for PXE deployments. Default: 0' - - - name: baremetal.pxe_network_config - type: boolean - default: false - help: 'If set, pass the network configuration details to the initramfs via cmdline.' - - - name: baremetal.pxe_bootfile_name - type: string - default: 'pxelinux.0' - help: 'This gets passed to Neutron as the bootfile dhcp parameter when the dhcp_options_enabled is set.' - - - name: baremetal.tile_pdu_ip - type: host - default: '10.0.100.1' - help: 'ip address of tilera pdu' - - - name: baremetal.tile_pdu_mgr - type: string - default: '/tftpboot/pdu_mgr' - help: 'management script for tilera pdu' - - - name: baremetal.tile_pdu_off - type: integer - default: 2 - help: 'power status of tilera PDU is OFF' - - - name: baremetal.tile_pdu_on - type: integer - default: 1 - help: 'power status of tilera PDU is ON' - - - name: baremetal.tile_pdu_status - type: integer - default: 9 - help: 'power status of tilera PDU' - - - name: baremetal.tile_power_wait - type: integer - default: 9 - help: 'wait time in seconds until check the result after tilera power operations' - - - name: baremetal.virtual_power_ssh_host - type: host - default: '' - help: 'ip or name to virtual power host' - - - name: baremetal.virtual_power_ssh_port - type: port - default: 22 - help: 'Port to use for ssh to virtual power host' - - - name: baremetal.virtual_power_type - type: enum - type_args: {'values': ['vbox', 'virsh']} - default: 'virsh' - help: 'base command to use for virtual power(vbox,virsh)' - - - name: baremetal.virtual_power_host_user - type: string - default: '' - help: 'user to execute virtual power commands as' - - - name: baremetal.virtual_power_host_pass - type: string - default: '' - help: 'password for virtual power host_user' - - - name: baremetal.virtual_power_host_key - type: file - default: ~ - help: 'ssh key for virtual power host_user' - - - name: baremetal.use_unsafe_iscsi - type: boolean - default: false - help: 'Do not set this out of dev/test environments. If a node does not have a fixed PXE IP address, volumes are exported with globally opened ACL' - - - name: baremetal.iscsi_iqn_prefix - type: string - default: 'iqn.2010-10.org.openstack.baremetal' - help: 'iSCSI IQN prefix used in baremetal volume connections.' - - - name: rpc_notifier2.topics - type: list - default: ['notifications'] - help: 'AMQP topic(s) used for OpenStack notifications' - - - name: matchmaker_redis.port - type: port - default: 6379 - help: 'Use this port to connect to redis host.' - - - name: matchmaker_redis.password - type: string - default: ~ - help: 'Password for Redis server.' - - - name: ssl.cert_file - type: file - default: ~ - help: 'Certificate file to use when starting the server securely' - - - name: trusted_computing.attestation_server - type: string - default: ~ - help: 'attestation server http' - - - name: trusted_computing.attestation_server_ca_file - type: file - default: ~ - help: 'attestation server Cert file for Identity verification' - - - name: trusted_computing.attestation_port - type: port - default: 8443 - help: 'attestation server port' - - - name: trusted_computing.attestation_api_url - type: string - default: '/OpenAttestationWebServices/V1.0' - help: 'attestation web API URL' - - - name: trusted_computing.attestation_auth_blob - type: string - default: ~ - help: 'attestation authorization blob - must change' - - - name: trusted_computing.attestation_auth_timeout - type: integer - default: 60 - help: 'Attestation status cache valid period length' - - - name: upgrade_levels.baseapi - type: string - default: ~ - help: 'Set a version cap for messages sent to the base api in any service' - - - name: upgrade_levels.intercell - type: string - default: ~ - help: 'Set a version cap for messages sent between cells services' - - - name: upgrade_levels.cells - type: string - default: ~ - help: 'Set a version cap for messages sent to local cells services' - - - name: upgrade_levels.compute - type: string - default: ~ - help: 'Set a version cap for messages sent to compute services' - - - name: upgrade_levels.conductor - type: string - default: ~ - help: 'Set a version cap for messages sent to conductor services' - - - name: upgrade_levels.console - type: string - default: ~ - help: 'Set a version cap for messages sent to console services' - - - name: upgrade_levels.consoleauth - type: string - default: ~ - help: 'Set a version cap for messages sent to consoleauth services' - - - name: upgrade_levels.network - type: string - default: ~ - help: 'Set a version cap for messages sent to network services' - - - name: matchmaker_ring.ringfile - type: file - default: '/etc/oslo/matchmaker_ring.json' - help: 'Matchmaker ring file' - - - name: vmware.host_ip - type: host - default: ~ - help: 'URL for connection to VMware ESX/VC host. Required if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' - - - name: vmware.host_username - type: string - default: ~ - help: 'Username for connection to VMware ESX/VC host. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' - - - name: vmware.host_password - type: string - default: ~ - help: 'Password for connection to VMware ESX/VC host. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' - - - name: vmware.cluster_name - type: multi - default: ~ - help: 'Name of a VMware Cluster ComputeResource. Used only if compute_driver is vmwareapi.VMwareVCDriver.' - - - name: vmware.datastore_regex - type: regex - default: ~ - help: 'Regex to match the name of a datastore. Used only if compute_driver is vmwareapi.VMwareVCDriver.' - - - name: vmware.task_poll_interval - type: float - default: 5.0 - help: 'The interval used for polling of remote tasks. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' - - - name: vmware.api_retry_count - type: integer - default: 10 - help: 'The number of times we retry on failures, e.g., socket error, etc. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' - - - name: vmware.vnc_port - type: port - default: 5900 - help: 'VNC starting port' - comment: 'New param' - - - name: vmware.vnc_port_total - type: integer - default: 10000 - help: 'Total number of VNC ports' - - - name: vmware.vnc_password - type: string - default: ~ - help: 'VNC password' - - - name: vmware.use_linked_clone - type: boolean - default: true - help: 'Whether to use linked clone' - - - name: vmware.wsdl_location - type: string - default: ~ - help: 'Optional VIM Service WSDL Location e.g http:///vimService.wsdl. Optional over-ride to default location for bug work-arounds' - - - name: vmware.maximum_objects - type: integer - default: 100 - help: 'The maximum number of ObjectContent data objects that should be returned in a single result. A positive value will cause the operation to suspend the retrieval when the count of objects reaches the specified maximum. The server may still limit the count to something less than the configured value. Any remaining objects may be retrieved with additional requests.' - - - name: vmware.integration_bridge - type: string - default: 'br-int' - help: 'Name of Integration Bridge' - - - name: spice.html5proxy_base_url - type: string - default: 'http://127.0.0.1:6082/spice_auto.html' - help: "location of spice html5 console proxy, in the form 'http://127.0.0.1:6082/spice_auto.html'" - - - name: spice.server_listen - type: host - default: '127.0.0.1' - help: 'IP address on which instance spice server should listen' - - - name: spice.server_proxyclient_address - type: host - default: '127.0.0.1' - help: 'the address to which proxy clients' - - - name: spice.agent_enabled - type: boolean - default: true - help: 'enable spice guest agent support' - - - name: 'filter:authtoken.keymap' - type: host - default: '127.0.0.1' - help: 'keymap for spice' - -# ==================================================== - -- version: '2013.1.4' - added: - - - name: ca_file - type: file - default: 'cacert.pem' - help: 'Filename of root CA' - - - name: key_file - type: file - default: 'private/cakey.pem' - help: 'Filename of private key' - - - name: host - type: string - default: 'nova' - help: 'Name of this node. This can be an opaque identifier. It is not necessarily a hostname, FQDN, or IP address. However, the node name must be valid within an AMQP key, and if using ZeroMQ, a valid hostname, FQDN, or IP address' - - - name: notify_on_any_change - type: boolean - default: false - help: 'If set, send compute.instance.update notifications on instance state changes. Valid values are False for no notifications, True for notifications on any instance changes.' - - - name: bindir - type: directory - default: '$pybasedir/bin' - help: 'Directory where nova binaries are installed' - comment: 'Default value has changed' - - - name: monkey_patch_modules - type: list - default: ['nova.api.ec2.cloud:nova.openstack.common.notifier.api.notify_decorator', 'nova.compute.api:nova.openstack.common.notifier.api.notify_decorator'] - help: 'List of modules/decorators to monkey patch' - comment: 'Default value has changed' - - - name: api_rate_limit - type: boolean - default: true - help: 'whether to rate limit the api' - comment: 'Default value has changed' - - - name: service_quantum_metadata_proxy - type: boolean - default: false - help: 'Set flag to indicate Quantum will proxy metadata requests and resolve instance ids.' - - - name: quantum_metadata_proxy_shared_secret - type: string - default: '' - help: 'Shared secret to validate proxies Quantum metadata requests' - - - name: osapi_hide_server_address_states - type: list - default: ['building'] - help: 'List of instance states that should hide network info' - comment: 'Default value has changed' - - - name: enable_network_quota - type: boolean - default: false - help: 'Enables or disables quotaing of tenant networks' - comment: 'Help string has changed' - - - name: use_quantum_default_nets - type: boolean - default: false - help: 'Control for checking for default networks' - - - name: quantum_default_tenant_id - type: string - default: 'default' - help: 'Default tenant id when creating quantum networks' - - - name: vpn_instance_type - type: string - default: 'm1.tiny' - help: 'Instance type for vpn instances' - - - name: default_instance_type - type: string - default: 'm1.small' - help: 'default instance type to use, testing only' - - - name: s3_host - type: host - default: '$my_ip' - help: 'hostname or ip for openstack to use when accessing the s3 api' - comment: 'Help string has changed' - - - name: iptables_top_regex - type: regex - default: '' - help: 'Regular expression to match iptables rule that shouldalways be on the top.' - comment: 'Help string has changed' - - - name: iptables_bottom_regex - type: regex - default: '' - help: 'Regular expression to match iptables rule that shouldalways be on the bottom.' - - - name: vlan_interface - type: string - default: ~ - help: 'vlans will bridge into this interface if set' - - - name: fixed_range - type: network - default: '10.0.0.0/8' - help: 'Fixed IP address block' - comment: 'Default value has changed' - - - name: force_dhcp_release - type: boolean - default: false - help: 'If True, send a dhcp release on instance termination' - comment: 'Default value has changed' - - - name: share_dhcp_address - type: boolean - default: false - help: 'If True in multi_host mode, all compute hosts share the same dhcp address.' - comment: 'Help string has changed' - - - name: quantum_url - type: string - default: 'http://127.0.0.1:9696' - help: 'URL for connecting to quantum' - - - name: quantum_url_timeout - type: integer - default: 30 - help: 'timeout value for connecting to quantum in seconds' - - - name: quantum_admin_username - type: string - default: ~ - help: 'username for connecting to quantum in admin context' - - - name: quantum_admin_password - type: string - default: ~ - help: 'password for connecting to quantum in admin context' - - - name: quantum_admin_tenant_name - type: string - default: ~ - help: 'tenant name for connecting to quantum in admin context' - - - name: quantum_region_name - type: string - default: ~ - help: 'region name for connecting to quantum in admin context' - - - name: quantum_admin_auth_url - type: string - default: 'http://localhost:5000/v2.0' - help: 'auth url for connecting to quantum in admin context' - - - name: quantum_api_insecure - type: boolean - default: false - help: 'if set, ignore any SSL validation issues' - - - name: quantum_auth_strategy - type: string - default: 'keystone' - help: 'auth strategy for connecting to quantum in admin context' - - - name: quantum_ovs_bridge - type: string - default: 'br-int' - help: 'Name of Integration Bridge used by Open vSwitch' - - - name: quantum_extension_sync_interval - type: integer - default: 600 - help: 'Number of seconds before querying quantum for extensions' - - - name: security_group_handler - type: string - default: 'nova.network.sg.NullSecurityGroupHandler' - help: 'The full class name of the security group handler class' - - - name: queues - type: multi - default: '' - help: 'Queues to delete' - - - name: delete_exchange - type: boolean - default: false - help: 'delete nova exchange too.' - - - name: cert - type: file - default: 'self.pem' - help: 'SSL certificate file' - - - name: web - type: executable - default: '/usr/share/novnc' - help: 'Run webserver on same port. Serve files from DIR.' - comment: 'Default value has changed' - - - name: dbapi_use_tpool - type: boolean - default: false - help: 'Enable the experimental use of thread pooling for all DB API calls' - - - name: sql_idle_timeout - type: integer - default: 3600 - help: 'timeout before idle sql connections are reaped' - - - name: sqlite_synchronous - type: boolean - default: true - help: 'If passed, use synchronous mode for sqlite' - comment: 'Help string has changed' - - - name: sql_min_pool_size - type: integer - default: true - help: 'Minimum number of SQL connections to keep open in a pool' - - - name: sql_max_pool_size - type: integer - default: 5 - help: 'Maximum number of SQL connections to keep open in a pool' - - - name: sql_max_retries - type: integer - default: 10 - help: 'maximum db connection retries during startup.' - - - name: sql_retry_interval - type: integer - default: 10 - help: 'interval between retries of opening a sql connection' - - - name: sql_max_overflow - type: integer - default: ~ - help: 'If set, use this value for max_overflow with sqlalchemy' - - - name: sql_connection_debug - type: integer - default: false - help: 'Verbosity of SQL debugging information. 0=None, 100=Everything' - - - name: sql_connection_trace - type: boolean - default: false - help: 'Add python stack traces to SQL as comment strings' - - - name: backdoor_port - type: port - default: ~ - help: 'port for eventlet backdoor to listen' - comment: 'Type has changed' - - - name: lock_path - type: directory - default: ~ - help: 'Directory to use for lock files. Default to a temp directory' - comment: 'Help string has changed' - - - name: logfile_mode - type: file_mode - default: 420 - help: 'Default file mode used when creating log files' - - - name: logging_context_format_string - type: string - default: '%(asctime)s.%(msecs)03d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s' - help: 'format string to use for log messages with context' - comment: 'Default value has changed' - - - name: default_log_levels - type: list - default: ['amqplib=WARN', 'sqlalchemy=WARN', 'boto=WARN', 'suds=INFO', 'keystone=INFO', 'eventlet.wsgi.server=WARN'] - help: 'list of logger=LEVEL pairs' - comment: 'Default value has changed' - - - name: log_format - type: string - default: '%(asctime)s %(levelname)8s [%(name)s] %(message)s' - help: 'A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes. Default: %(default)s' - comment: 'Default value has changed' - - - name: log_file - type: file - default: ~ - help: '(Optional) Name of log file to output to. If not set, logging will go to stdout.' - comment: 'Help string has changed' - - - name: log_dir - type: directory - default: ~ - help: '(Optional) The directory to keep log files in' - comment: 'Help string has changed' - - - name: default_publisher_id - type: string - default: '$host' - help: 'Default publisher_id for outgoing notifications' - comment: 'Default value has changed' - - - name: allowed_rpc_exception_modules - type: list - default: ['nova.openstack.common.exception', 'nova.exception', 'cinder.exception,exceptions'] - help: 'Modules of exceptions that are permitted to be recreatedupon receiving exception data from an rpc call.' - comment: 'Default value has changed' - - - name: amqp_rpc_single_reply_queue - type: boolean - default: false - help: 'Enable a fast single reply queue if using AMQP based RPC like RabbitMQ or Qpid.' - - - name: rabbit_durable_queues - type: boolean - default: false - help: 'use durable queues in RabbitMQ' - - - name: rpc_zmq_host - type: string - default: 'sorcha' - help: "Name of this node. Must be a valid hostname, FQDN, or IP address. Must match 'host' option, if running Nova." - comment: 'Default value has changed' - - - name: matchmaker_ringfile - type: file - default: '/etc/nova/matchmaker_ring.json' - help: 'Matchmaker ring file' - - - name: cpu_allocation_ratio - type: float - default: 16.0 - help: 'Virtual CPU to Physical CPU allocation ratio' - comment: 'Help string has changed' - - - name: ram_allocation_ratio - type: float - default: 1.5 - help: 'virtual ram to physical ram allocation ratio' - comment: 'Help string has changed' - - - name: scheduler_default_filters - type: list - default: ['RetryFilter', 'AvailabilityZoneFilter', 'RamFilter', 'ComputeFilter', 'ComputeCapabilitiesFilter', 'ImagePropertiesFilter'] - help: 'Which filter class names to use for filtering hosts when not specified in the request.' - comment: 'Default value has changed' - - - name: scheduler_weight_classes - type: list - default: ['nova.scheduler.weights.all_weighers'] - help: 'Which weight class names to use for weighing hosts' - - - name: compute_scheduler_driver - type: string - default: 'nova.scheduler.filter_scheduler.FilterScheduler' - help: 'Driver to use for scheduling compute calls' - - - name: default_scheduler_driver - type: string - default: 'nova.scheduler.chance.ChanceScheduler' - help: 'Default driver to use for scheduling calls' - - - name: least_cost_functions - type: list - default: ~ - help: 'Which cost functions the LeastCostScheduler should use' - - - name: noop_cost_fn_weight - type: float - default: 1.0 - help: 'How much weight to give the noop cost function' - - - name: compute_fill_first_cost_fn_weight - type: float - default: ~ - help: 'How much weight to give the fill-first cost function. A negative value will reverse behavior: e.g. spread-first' - - - name: ram_weight_multiplier - type: float - default: 1.0 - help: 'Multiplier used for weighing ram. Negative numbers mean to stack vs spread.' - - - name: compute_driver - type: string - default: ~ - help: 'Driver to use for controlling virtualization. Options include: libvirt.LibvirtDriver, xenapi.XenAPIDriver, fake.FakeDriver, baremetal.BareMetalDriver, vmwareapi.VMWareESXDriver' - comment: 'Help string has changed' - - - name: vswitch_name - type: string - default: ~ - help: 'External virtual switch Name, if not provided, the first external virtual switch is used' - - - name: limit_cpu_features - type: boolean - default: false - help: 'Required for live migration among hosts with different CPU features' - - - name: config_drive_inject_password - type: boolean - default: false - help: 'Sets the admin password in the config drive image' - - - name: qemu_img_cmd - type: string - default: 'qemu-img.exe' - help: 'qemu-img is used to convert between different image types' - - - name: config_drive_cdrom - type: boolean - default: false - help: 'Attaches the Config Drive image as a cdrom drive instead of a disk drive' - - - name: hyperv_attaching_volume_retry_count - type: integer - default: 10 - help: 'The number of times we retry on attaching volume ' - - - name: hyperv_wait_between_attach_retry - type: integer - default: 5 - help: 'The seconds to wait between an volume attachment attempt' - - - name: force_volumeutils_v1 - type: boolean - default: false - help: 'Force volumeutils v1' - - - name: libvirt_volume_drivers - type: list - default: ['iscsinova.virt.libvirt.volume.LibvirtISCSIVolumeDriver', 'localnova.virt.libvirt.volume.LibvirtVolumeDriver', 'fakenova.virt.libvirt.volume.LibvirtFakeVolumeDriver', 'rbdnova.virt.libvirt.volume.LibvirtNetVolumeDriver', 'sheepdognova.virt.libvirt.volume.LibvirtNetVolumeDriver', 'nfsnova.virt.libvirt.volume.LibvirtNFSVolumeDriver', 'aoenova.virt.libvirt.volume.LibvirtAOEVolumeDriver', 'glusterfsnova.virt.libvirt.volume.LibvirtGlusterfsVolumeDriver', 'fibre_channelnova.virt.libvirt.volume.LibvirtFibreChannelVolumeDriver', 'scalitynova.virt.libvirt.volume.LibvirtScalityVolumeDriver'] - help: 'Libvirt handlers for remote volumes.' - comment: 'Default value has changed' - - - name: libvirt_images_type - type: string - default: 'default' - help: 'VM Images format. Acceptable values are: raw, qcow2, lvm, default. If default is specified, then use_cow_images flag is used instead of this one.' - comment: 'Help string has changed' - - - name: vmwareapi_host_ip - type: host - default: ~ - help: 'URL for connection to VMware ESX/VC host. Required if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' - - - name: vmwareapi_host_username - type: string - default: ~ - help: 'Username for connection to VMware ESX/VC host. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' - - - name: vmwareapi_host_password - type: string - default: ~ - help: 'Password for connection to VMware ESX/VC host. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' - - - name: vmwareapi_cluster_name - type: string - default: ~ - help: 'Name of a VMware Cluster ComputeResource. Used only if compute_driver is vmwareapi.VMwareVCDriver.' - - - name: vmwareapi_task_poll_interval - type: float - default: 5.0 - help: 'The interval used for polling of remote tasks. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' - - - name: vmwareapi_api_retry_count - type: integer - default: 10 - help: 'The number of times we retry on failures, e.g., socket error, etc. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' - - - name: vnc_port - type: port - default: 5900 - help: 'VNC starting port' - - - name: vnc_port_total - type: integer - default: 10000 - help: 'Total number of VNC ports' - - - name: vnc_password - type: string - default: ~ - help: 'VNC password' - - - name: use_linked_clone - type: boolean - default: true - help: 'Whether to use linked clone' - - - name: vmwareapi_vlan_interface - type: string - default: 'vmnic0' - help: 'Physical ethernet adapter name for vlan networking' - - - name: vmwareapi_wsdl_loc - type: string - default: ~ - help: 'Optional VIM Service WSDL Location e.g http:///vimService.wsdl' - - - name: xenapi_disable_agent - type: boolean - default: false - help: 'Disable XenAPI agent. Reduces the amount of time it takes nova to detect that a VM has started, when that VM does not have the agent installed' - comment: 'Help string has changed' - - - name: xenapi_connection_url - type: string - default: ~ - help: 'URL for connection to XenServer/Xen Cloud Platform. Required if compute_driver=xenapi.XenAPIDriver' - comment: 'Help string has changed' - - - name: sr_matching_filter - type: string - default: 'other-config:i18n-keylocal-storage' - help: 'Filter for finding the SR to be used to install guest instances on. The default value is the Local Storage in default XenServer/XCP installations. To select an SR with a different matching criteria, you could set it to other- config:my_favorite_sr=true. On the other hand, to fall back on the Default SR, as displayed by XenCenter, set this flag to: default-sr:true' - comment: 'Default value has changed' - - - name: xenapi_image_upload_handler - type: string - default: 'nova.virt.xenapi.imageupload.glance.GlanceStore' - help: 'Object Store Driver used to handle image uploads.' - comment: 'Default value has changed' - - - name: HYPERV.instances_path_share - type: string - default: '' - help: "The name of a Windows share name mapped to the 'instances_path' dir and used by the resize feature to copy files to the target host. If left blank, an administrative share will be used, looking for the same 'instances_path' used locally" - - - name: cells.scheduler - type: string - default: 'nova.cells.scheduler.CellsScheduler' - help: 'Cells scheduler to use' - - - name: baremetal.virtual_power_type - type: enum - type_args: {'values': ['vbox', 'virsh']} - default: 'vbox' - help: 'base command to use for virtual power(vbox,virsh)' - comment: 'Default value has changed' - - - name: spice.keymap - type: string - default: 'en-us' - help: 'keymap for spice' - - removed: - - ssl.ca_file - - ssl.key_file - - matchmaker_redis.host - - quota_fixed_ips - - vendordata_driver - - service_neutron_metadata_proxy - - neutron_metadata_proxy_shared_secret - - vendordata_jsonfile_path - - use_neutron_default_nets - - neutron_default_tenant_id - - vpn_flavor - - upgrade_levels.cert - - spicehtml5proxy_host - - spicehtml5proxy_port - - allow_migrate_to_same_host - - max_local_block_devices - - default_flavor - - network_allocate_retries - - maximum_instance_delete_attempts - - sync_power_state_interval - - shelved_poll_interval - - shelved_offload_time - - instance_delete_interval - - migrate_max_retries - - iptables_drop_action - - vmware.vlan_interface - - neutron_url - - neutron_url_timeout - - neutron_admin_username - - neutron_admin_password - - neutron_admin_tenant_name - - neutron_region_name - - neutron_admin_auth_url - - neutron_api_insecure - - neutron_auth_strategy - - neutron_ovs_bridge - - neutron_extension_sync_interval - - neutron_ca_certificates_file - - dhcp_options_enabled - - amqp_durable_queues - - amqp_auto_delete - - qpid_topology_version - - matchmaker_heartbeat_freq - - matchmaker_heartbeat_ttl - - pci_alias - - pci_passthrough_whitelist - - restrict_isolated_hosts_to_isolated_images - - cells.scheduler_weight_classes - - cells.ram_weight_multiplier - - resize_fs_using_block_device - - docker_registry_default_port - - vcpu_pin_set - - libvirt_images_rbd_pool - - libvirt_images_rbd_ceph_conf - - num_iser_scan_tries - - libvirt_iser_use_multipath - - qemu_allowed_storage_drivers - - xenapi_use_agent_default - - xenapi_image_compression_level - - xenapi_ipxe_network_name - - xenapi_ipxe_boot_menu_url - - xenapi_ipxe_mkisofs_cmd - - cinder_ca_certificates_file - - hyperv.instances_path_share - - hyperv.force_hyperv_utils_v1 - - hyperv.force_volumeutils_v1 - - hyperv.vswitch_name - - hyperv.limit_cpu_features - - hyperv.config_drive_inject_password - - hyperv.qemu_img_cmd - - hyperv.config_drive_cdrom - - hyperv.enable_instance_metrics_collection - - hyperv.dynamic_memory_ratio - - hyperv.volume_attach_retry_count - - hyperv.volume_attach_retry_interval - - osapi_v3.extensions_blacklist - - osapi_v3.extensions_whitelist - - conductor.workers - - keymgr.api_class - - keymgr.fixed_key - - upgrade_levels.scheduler - - cells.reserve_percent - - cells.cell_type - - cells.mute_child_interval - - cells.bandwidth_update_interval - - cells.scheduler_filter_classes - - cells.cells_config - - cells.mute_weight_multiplier - - cells.mute_weight_value - - database.backend - - database.use_tpool - - database.connection - - database.slave_connection - - database.idle_timeout - - database.min_pool_size - - database.max_pool_size - - database.max_retries - - database.retry_interval - - database.max_overflow - - database.connection_debug - - database.connection_trace - - database.pool_timeout - - image_file_url.filesystems - - baremetal.pxe_network_config - - baremetal.pxe_bootfile_name - - baremetal.tile_pdu_ip - - baremetal.tile_pdu_mgr - - baremetal.tile_pdu_off - - baremetal.tile_pdu_on - - baremetal.tile_pdu_status - - baremetal.tile_power_wait - - baremetal.virtual_power_ssh_port - - baremetal.virtual_power_host_key - - matchmaker_redis.port - - matchmaker_redis.password - - ssl.cert_file - - upgrade_levels.baseapi - - upgrade_levels.intercell - - upgrade_levels.cells - - upgrade_levels.compute - - upgrade_levels.conductor - - upgrade_levels.console - - upgrade_levels.consoleauth - - upgrade_levels.network - - matchmaker_ring.ringfile - - vmware.host_ip - - vmware.host_username - - vmware.host_password - - vmware.cluster_name - - vmware.datastore_regex - - vmware.task_poll_interval - - vmware.api_retry_count - - vmware.vnc_port - - vmware.vnc_port_total - - vmware.vnc_password - - vmware.use_linked_clone - - vmware.wsdl_location - - vmware.maximum_objects - - 'filter:authtoken.keymap' - -# ==================================================== - -- version: '2013.2.0' - checkpoint: true - added: - - - name: internal_service_availability_zone - type: string - default: 'internal' - help: 'availability_zone to show internal services under ' - comment: 'Help string has changed' - - - name: default_availability_zone - type: string - default: 'nova' - help: 'default compute node availability_zone ' - comment: 'Help string has changed' - - - name: crl_file - type: file - default: 'crl.pem' - help: 'Filename of root Certificate Revocation List ' - comment: 'Help string has changed' - - - name: keys_path - type: directory - default: '$state_path/keys' - help: 'Where we keep our keys ' - comment: 'Help string has changed' - - - name: ca_path - type: string - default: '$state_path/CA' - help: 'Where we keep our root CA ' - comment: 'Help string has changed' - - - name: use_project_ca - type: boolean - default: false - help: 'Should we use a CA for each project? ' - comment: 'Help string has changed' - - - name: user_cert_subject - type: string - default: '/C=US/ST=California/O=OpenStack/OU=NovaDev/CN=%.16s-%.16s-%s' - help: 'Subject for certificate for users, %s for project, user, timestamp ' - comment: 'Default value has changed' - - - name: project_cert_subject - type: string - default: '/C=US/ST=California/O=OpenStack/OU=NovaDev/CN=project-ca-%.16s-%s' - help: 'Subject for certificate for projects, %s for project, timestamp ' - comment: 'Default value has changed' - - - name: fatal_exception_format_errors - type: boolean - default: false - help: 'make exception message format errors fatal ' - comment: 'Help string has changed' - - - name: my_ip - type: string - default: '10.0.0.1' - help: 'ip address of this host ' - comment: 'Help string has changed' - - - name: use_ipv6 - type: boolean - default: false - help: 'use ipv6 ' - comment: 'Help string has changed' - - - name: notify_on_state_change - type: string - default: ~ - help: "If set, send compute.instance.update notifications on instance state changes. Valid values are None for no notifications, 'vm_state' for notifications on VM state changes, or 'vm_and_task_state' for notifications on VM and task state changes. " - comment: 'Help string has changed' - - - name: notify_api_faults - type: boolean - default: false - help: 'If set, send api.fault notifications on caught exceptions in the API service. ' - comment: 'Help string has changed' - - - name: pybasedir - type: string - default: '/usr/lib/python/site-packages' - help: 'Directory where the nova python module is installed ' - comment: 'Help string has changed' - - - name: bindir - type: string - default: '/usr/local/bin' - help: 'Directory where nova binaries are installed ' - comment: 'Default value has changed' - - - name: state_path - type: string - default: '$pybasedir' - help: "Top-level directory for maintaining nova's state " - comment: 'Help string has changed' - - - name: policy_file - type: string - default: 'policy.json' - help: 'JSON file representing policy ' - comment: 'Help string has changed' - - - name: policy_default_rule - type: string - default: 'default' - help: 'Rule checked when requested rule is not found ' - comment: 'Help string has changed' - - - name: quota_instances - type: integer - default: 10 - help: 'number of instances allowed per project ' - comment: 'Help string has changed' - - - name: quota_cores - type: integer - default: 20 - help: 'number of instance cores allowed per project ' - comment: 'Help string has changed' - - - name: quota_ram - type: integer - default: 51200 - help: 'megabytes of instance ram allowed per project ' - comment: 'Help string has changed' - - - name: quota_floating_ips - type: integer - default: 10 - help: 'number of floating ips allowed per project ' - comment: 'Help string has changed' - - - name: quota_metadata_items - type: integer - default: 128 - help: 'number of metadata items allowed per instance ' - comment: 'Help string has changed' - - - name: quota_injected_files - type: integer - default: 5 - help: 'number of injected files allowed ' - comment: 'Help string has changed' - - - name: quota_injected_file_content_bytes - type: integer - default: 10240 - help: 'number of bytes allowed per injected file ' - comment: 'Help string has changed' - - - name: quota_injected_file_path_bytes - type: integer - default: 255 - help: 'number of bytes allowed per injected file path ' - comment: 'Help string has changed' - - - name: quota_security_groups - type: integer - default: 10 - help: 'number of security groups per project ' - comment: 'Help string has changed' - - - name: quota_security_group_rules - type: integer - default: 20 - help: 'number of security rules per security group ' - comment: 'Help string has changed' - - - name: quota_key_pairs - type: integer - default: 100 - help: 'number of key pairs per user ' - comment: 'Help string has changed' - - - name: reservation_expire - type: integer - default: 86400 - help: 'number of seconds until a reservation expires ' - comment: 'Help string has changed' - - - name: until_refresh - type: integer - default: false - help: 'count of reservations until usage is refreshed ' - comment: 'Help string has changed' - - - name: max_age - type: integer - default: false - help: 'number of seconds between subsequent usage refreshes ' - comment: 'Help string has changed' - - - name: quota_driver - type: string - default: 'nova.quota.DbQuotaDriver' - help: 'default driver to use for quota checks ' - comment: 'Help string has changed' - - - name: report_interval - type: integer - default: 10 - help: 'seconds between nodes reporting state to datastore ' - comment: 'Help string has changed' - - - name: periodic_enable - type: boolean - default: true - help: 'enable periodic tasks ' - comment: 'Help string has changed' - - - name: periodic_fuzzy_delay - type: integer - default: 60 - help: 'range of seconds to randomly delay when starting the periodic task scheduler to reduce stampeding. (Disable by setting to 0) ' - comment: 'Help string has changed' - - - name: enabled_apis - type: string_list - default: ['ec2', 'osapi_compute', 'metadata'] - help: 'a list of APIs to enable by default ' - comment: 'Type has changed' - - - name: enabled_ssl_apis - type: string_list - default: [] - help: 'a list of APIs with enabled SSL ' - comment: 'Type has changed' - - - name: ec2_listen - type: host - default: '0.0.0.0' - help: 'IP address for EC2 API to listen ' - comment: 'Type has changed' - - - name: ec2_listen_port - type: port - default: 8773 - help: 'port for ec2 api to listen ' - comment: 'Help string has changed' - - - name: ec2_workers - type: integer - default: ~ - help: 'Number of workers for EC2 API service ' - comment: 'Help string has changed' - - - name: osapi_compute_listen - type: host - default: '0.0.0.0' - help: 'IP address for OpenStack API to listen ' - comment: 'Type has changed' - - - name: osapi_compute_listen_port - type: port - default: 8774 - help: 'list port for osapi compute ' - comment: 'Help string has changed' - - - name: osapi_compute_workers - type: integer - default: ~ - help: 'Number of workers for OpenStack API service ' - comment: 'Help string has changed' - - - name: metadata_manager - type: string - default: 'nova.api.manager.MetadataManager' - help: 'OpenStack metadata service manager ' - comment: 'Help string has changed' - - - name: metadata_listen - type: host - default: '0.0.0.0' - help: 'IP address for metadata api to listen ' - comment: 'Type has changed' - - - name: metadata_listen_port - type: port - default: 8775 - help: 'port for metadata api to listen ' - comment: 'Help string has changed' - - - name: metadata_workers - type: integer - default: ~ - help: 'Number of workers for metadata service ' - comment: 'Help string has changed' - - - name: compute_manager - type: string - default: 'nova.compute.manager.ComputeManager' - help: 'full class name for the Manager for compute ' - comment: 'Help string has changed' - - - name: console_manager - type: string - default: 'nova.console.manager.ConsoleProxyManager' - help: 'full class name for the Manager for console proxy ' - comment: 'Help string has changed' - - - name: cert_manager - type: string - default: 'nova.cert.manager.CertManager' - help: 'full class name for the Manager for cert ' - comment: 'Help string has changed' - - - name: network_manager - type: string - default: 'nova.network.manager.VlanManager' - help: 'full class name for the Manager for network ' - comment: 'Help string has changed' - - - name: scheduler_manager - type: string - default: 'nova.scheduler.manager.SchedulerManager' - help: 'full class name for the Manager for scheduler ' - comment: 'Help string has changed' - - - name: service_down_time - type: integer - default: 60 - help: 'maximum time since last check-in for up service ' - comment: 'Help string has changed' - - - name: sqlite_clean_db - type: string - default: 'clean.sqlite' - help: 'File name of clean sqlite db ' - comment: 'Help string has changed' - - - name: monkey_patch - type: boolean - default: false - help: 'Whether to log monkey patching ' - comment: 'Help string has changed' - - - name: monkey_patch_modules - type: string_list - default: ['nova.api.ec2.cloud:nova.notifications.notify_decorator', 'nova.compute.api:nova.notifications.notify_decorator'] - help: 'List of modules/decorators to monkey patch ' - comment: 'Type has changed' - - - name: password_length - type: integer - default: 12 - help: 'Length of generated instance admin passwords ' - comment: 'Help string has changed' - - - name: instance_usage_audit_period - type: string - default: 'month' - help: 'time period to generate instance usages for. Time period must be hour, day, month or year ' - comment: 'Help string has changed' - - - name: rootwrap_config - type: string - default: '/etc/nova/rootwrap.conf' - help: 'Path to the rootwrap configuration file to use for running commands as root ' - comment: 'Help string has changed' - - - name: tempdir - type: string - default: ~ - help: 'Explicitly specify the temporary working directory ' - comment: 'Help string has changed' - - - name: api_paste_config - type: string - default: 'api-paste.ini' - help: 'File name for the paste.deploy config for nova-api ' - comment: 'Help string has changed' - - - name: wsgi_log_format - type: string - default: '%(client_ip)s "%(request_line)s" status: %(status_code)s len: %(body_length)s time: %(wall_seconds).7f' - help: 'A python format string that is used as the template to generate log lines. The following values can be formatted into it: client_ip, date_time, request_line, status_code, body_length, wall_seconds. ' - comment: 'Help string has changed' - - - name: ssl_ca_file - type: string - default: ~ - help: 'CA certificate file to use to verify connecting clients ' - comment: 'Help string has changed' - - - name: ssl_cert_file - type: string - default: ~ - help: 'SSL certificate of API server ' - comment: 'Help string has changed' - - - name: ssl_key_file - type: string - default: ~ - help: 'SSL private key of API server ' - comment: 'Help string has changed' - - - name: tcp_keepidle - type: integer - default: 600 - help: 'Sets the value of TCP_KEEPIDLE in seconds for each server socket. Not supported on OS X. ' - comment: 'Help string has changed' - - - name: api_rate_limit - type: boolean - default: false - help: 'whether to use per-user rate limiting for the api. ' - comment: 'Default value has changed' - - - name: auth_strategy - type: string - default: 'noauth' - help: 'The strategy to use for auth: noauth or keystone. ' - comment: 'Help string has changed' - - - name: use_forwarded_for - type: boolean - default: false - help: 'Treat X-Forwarded-For as the canonical remote address. Only enable this if you have a sanitizing proxy. ' - comment: 'Help string has changed' - - - name: lockout_attempts - type: integer - default: 5 - help: 'Number of failed auths before lockout. ' - comment: 'Help string has changed' - - - name: lockout_minutes - type: integer - default: 15 - help: 'Number of minutes to lockout if triggered. ' - comment: 'Help string has changed' - - - name: lockout_window - type: integer - default: 15 - help: 'Number of minutes for lockout window. ' - comment: 'Help string has changed' - - - name: keystone_ec2_url - type: string - default: 'http://localhost:5000/v2.0/ec2tokens' - help: 'URL to get token from ec2 request. ' - comment: 'Help string has changed' - - - name: ec2_private_dns_show_ip - type: boolean - default: false - help: 'Return the IP address as private dns hostname in describe instances ' - comment: 'Help string has changed' - - - name: ec2_strict_validation - type: boolean - default: true - help: 'Validate security group names according to EC2 specification ' - comment: 'Help string has changed' - - - name: ec2_timestamp_expiry - type: integer - default: 300 - help: 'Time in seconds before ec2 timestamp expires ' - comment: 'Help string has changed' - - - name: ec2_host - type: host - default: '$my_ip' - help: 'the ip of the ec2 api server ' - comment: 'Help string has changed' - - - name: ec2_dmz_host - type: host - default: '$my_ip' - help: 'the internal ip of the ec2 api server ' - comment: 'Help string has changed' - - - name: ec2_port - type: port - default: 8773 - help: 'the port of the ec2 api server ' - comment: 'Help string has changed' - - - name: ec2_scheme - type: string - default: 'http' - help: 'the protocol to use when connecting to the ec2 api server (http, https) ' - comment: 'Help string has changed' - - - name: ec2_path - type: string - default: '/services/Cloud' - help: 'the path prefix used to call the ec2 api server ' - comment: 'Help string has changed' - - - name: region_list - type: string_list - default: [] - help: 'list of region=fqdn pairs separated by commas ' - comment: 'Type has changed' - - - name: config_drive_skip_versions - type: string - default: '1.0 2007-01-19 2007-03-01 2007-08-29 2007-10-10 2007-12-15 2008-02-01 2008-09-01' - help: 'List of metadata versions to skip placing into the config drive ' - comment: 'Help string has changed' - - - name: osapi_max_limit - type: integer - default: 1000 - help: 'the maximum number of items returned in a single response from a collection resource ' - comment: 'Help string has changed' - - - name: osapi_compute_link_prefix - type: string - default: ~ - help: 'Base URL that will be presented to users in links to the OpenStack Compute API ' - comment: 'Help string has changed' - - - name: osapi_glance_link_prefix - type: string - default: ~ - help: 'Base URL that will be presented to users in links to glance resources ' - comment: 'Help string has changed' - - - name: allow_instance_snapshots - type: boolean - default: true - help: 'Permit instance snapshot operations. ' - comment: 'Help string has changed' - - - name: osapi_compute_ext_list - type: string_list - default: [] - help: 'Specify list of extensions to load when using osapi_compute_extension option with nova.api.openstack.compute.contrib.select_extensions ' - comment: 'Type has changed' - - - name: fping_path - type: string - default: '/usr/sbin/fping' - help: 'Full path to fping. ' - comment: 'Help string has changed' - - - name: enable_network_quota - type: boolean - default: false - help: 'Enables or disables quota checking for tenant networks ' - comment: 'Help string has changed' - - - name: osapi_compute_extension - type: string - default: 'nova.api.openstack.compute.contrib.standard_extensions' - help: 'osapi compute extension to load (multi valued)' - comment: 'Type has changed' - - - name: osapi_hide_server_address_states - type: string_list - default: ['building'] - help: 'List of instance states that should hide network info ' - comment: 'Type has changed' - - - name: enable_instance_password - type: boolean - default: true - help: 'Allows use of instance password during server creation ' - comment: 'Help string has changed' - - - name: osapi_max_request_body_size - type: integer - default: 114688 - help: 'the maximum body size per each osapi request(bytes) ' - comment: 'Help string has changed' - - - name: compute_api_class - type: string - default: 'nova.compute.api.API' - help: 'The full class name of the compute API class to use (deprecated) ' - comment: 'Help string has changed' - - - name: cert_topic - type: string - default: 'cert' - help: 'the topic cert nodes listen on ' - comment: 'Help string has changed' - - - name: vpn_image_id - type: string - default: '0' - help: 'image id used when starting up a cloudpipe vpn server ' - comment: 'Help string has changed' - - - name: boot_script_template - type: string - default: '$pybasedir/nova/cloudpipe/bootscript.template' - help: 'Template for cloudpipe instance boot script ' - comment: 'Help string has changed' - - - name: dmz_net - type: network - default: '10.0.0.0' - help: 'Network to push into openvpn config ' - comment: 'Help string has changed' - - - name: dmz_mask - type: network_mask - default: '255.255.255.0' - help: 'Netmask to push into openvpn config ' - comment: 'Help string has changed' - - - name: vpn_key_suffix - type: string - default: '-vpn' - help: 'Suffix to add to project name for vpn key and secgroups ' - comment: 'Help string has changed' - - - name: record - type: boolean - default: false - help: 'Record sessions to FILE.[session_number] ' - comment: 'Help string has changed' - - - name: daemon - type: boolean - default: false - help: 'Become a daemon (background process) ' - comment: 'Help string has changed' - - - name: ssl_only - type: boolean - default: false - help: 'Disallow non-encrypted connections ' - comment: 'Help string has changed' - - - name: source_is_ipv6 - type: boolean - default: false - help: 'Source is ipv6 ' - comment: 'Help string has changed' - - - name: key - type: string - default: ~ - help: 'SSL key file (if separate from cert) ' - comment: 'Help string has changed' - - - name: web - type: string - default: '/usr/share/spice-html5' - help: 'Run webserver on same port. Serve files from DIR. ' - comment: 'Default value has changed' - - - name: novncproxy_host - type: host - default: '0.0.0.0' - help: 'Host on which to listen for incoming requests ' - comment: 'Type has changed' - - - name: novncproxy_port - type: port - default: 6080 - help: 'Port on which to listen for incoming requests ' - comment: 'Help string has changed' - - - name: allow_resize_to_same_host - type: boolean - default: false - help: 'Allow destination machine to match source for resize. Useful when testing in single-host environments. ' - comment: 'Help string has changed' - - - name: default_schedule_zone - type: string - default: ~ - help: "availability zone to use when user doesn't specify one " - comment: 'Help string has changed' - - - name: non_inheritable_image_properties - type: string_list - default: ['cache_in_nova', 'bittorrent'] - help: 'These are image properties which a snapshot should not inherit from an instance ' - comment: 'Type has changed' - - - name: null_kernel - type: string - default: 'nokernel' - help: 'kernel image that indicates not to use a kernel, but to use a raw disk image instead ' - comment: 'Help string has changed' - - - name: multi_instance_display_name_template - type: string - default: '%(name)s-%(uuid)s' - help: "When creating multiple instances with a single request using the os-multiple-create API extension, this template will be used to build the display name for each instance. The benefit is that the instances end up with different hostnames. To restore legacy behavior of every instance having the same name, set this option to '%(name)s'. Valid keys for the template are: name, uuid, count. " - comment: 'Help string has changed' - - - name: console_host - type: string - default: 'nova' - help: 'Console proxy host to use to connect to instances on this host. ' - comment: 'Help string has changed' - - - name: default_access_ip_network_name - type: string - default: ~ - help: 'Name of network to use to set access ips for instances ' - comment: 'Help string has changed' - - - name: defer_iptables_apply - type: boolean - default: false - help: 'Whether to batch up the application of IPTables rules during a host restart and apply all at the end of the init phase ' - comment: 'Help string has changed' - - - name: instances_path - type: string - default: '$state_path/instances' - help: 'where instances are stored on disk ' - comment: 'Help string has changed' - - - name: instance_usage_audit - type: boolean - default: false - help: 'Generate periodic compute.instance.exists notifications ' - comment: 'Help string has changed' - - - name: live_migration_retry_count - type: integer - default: 30 - help: 'Number of 1 second retries needed in live_migration ' - comment: 'Help string has changed' - - - name: resume_guests_state_on_host_boot - type: boolean - default: false - help: 'Whether to start guests that were running before the host rebooted ' - comment: 'Help string has changed' - - - name: bandwidth_poll_interval - type: integer - default: 600 - help: 'interval to pull bandwidth usage info ' - comment: 'Help string has changed' - - - name: heal_instance_info_cache_interval - type: integer - default: 60 - help: 'Number of seconds between instance info_cache self healing updates ' - comment: 'Help string has changed' - - - name: host_state_interval - type: integer - default: 120 - help: 'Interval in seconds for querying the host status ' - comment: 'Help string has changed' - - - name: image_cache_manager_interval - type: integer - default: 2400 - help: 'Number of seconds to wait between runs of the image cache manager ' - comment: 'Help string has changed' - - - name: reclaim_instance_interval - type: integer - default: false - help: 'Interval in seconds for reclaiming deleted instances ' - comment: 'Help string has changed' - - - name: volume_usage_poll_interval - type: integer - default: false - help: 'Interval in seconds for gathering volume usages ' - comment: 'Help string has changed' - - - name: running_deleted_instance_action - type: string - default: 'log' - help: "Action to take if a running deleted instance is detected.Valid options are 'noop', 'log' and 'reap'. Set to 'noop' to disable. " - comment: 'Help string has changed' - - - name: running_deleted_instance_poll_interval - type: integer - default: 1800 - help: 'Number of seconds to wait between runs of the cleanup task. ' - comment: 'Help string has changed' - - - name: running_deleted_instance_timeout - type: integer - default: false - help: 'Number of seconds after being deleted when a running instance should be considered eligible for cleanup. ' - comment: 'Help string has changed' - - - name: reboot_timeout - type: integer - default: false - help: 'Automatically hard reboot an instance if it has been stuck in a rebooting state longer than N seconds. Set to 0 to disable. ' - comment: 'Help string has changed' - - - name: instance_build_timeout - type: integer - default: false - help: 'Amount of time in seconds an instance can be in BUILD before going into ERROR status.Set to 0 to disable. ' - comment: 'Help string has changed' - - - name: rescue_timeout - type: integer - default: false - help: 'Automatically unrescue an instance after N seconds. Set to 0 to disable. ' - comment: 'Help string has changed' - - - name: resize_confirm_window - type: integer - default: false - help: 'Automatically confirm resizes after N seconds. Set to 0 to disable. ' - comment: 'Help string has changed' - - - name: reserved_host_disk_mb - type: integer - default: false - help: 'Amount of disk in MB to reserve for the host ' - comment: 'Help string has changed' - - - name: reserved_host_memory_mb - type: integer - default: 512 - help: 'Amount of memory in MB to reserve for the host ' - comment: 'Help string has changed' - - - name: compute_stats_class - type: string - default: 'nova.compute.stats.Stats' - help: 'Class that will manage stats for the local compute host ' - comment: 'Help string has changed' - - - name: compute_topic - type: string - default: 'compute' - help: 'the topic compute nodes listen on ' - comment: 'Help string has changed' - - - name: console_driver - type: string - default: 'nova.console.xvp.XVPConsoleProxy' - help: 'Driver to use for the console proxy ' - comment: 'Help string has changed' - - - name: stub_compute - type: boolean - default: false - help: 'Stub calls to compute worker for tests ' - comment: 'Help string has changed' - - - name: console_public_hostname - type: string - default: 'nova' - help: 'Publicly visible name for this console host ' - comment: 'Help string has changed' - - - name: console_topic - type: string - default: 'console' - help: 'the topic console proxy nodes listen on ' - comment: 'Help string has changed' - - - name: console_vmrc_port - type: port - default: 443 - help: 'port for VMware VMRC connections ' - comment: 'Help string has changed' - - - name: console_vmrc_error_retries - type: integer - default: 10 - help: 'number of retries for retrieving VMRC information ' - comment: 'Help string has changed' - - - name: console_xvp_conf_template - type: string - default: '$pybasedir/nova/console/xvp.conf.template' - help: 'XVP conf template ' - comment: 'Help string has changed' - - - name: console_xvp_conf - type: string - default: '/etc/xvp.conf' - help: 'generated XVP conf file ' - comment: 'Help string has changed' - - - name: console_xvp_pid - type: string - default: '/var/run/xvp.pid' - help: 'XVP master process pid file ' - comment: 'Help string has changed' - - - name: console_xvp_log - type: string - default: '/var/log/xvp.log' - help: 'XVP log file ' - comment: 'Help string has changed' - - - name: console_xvp_multiplex_port - type: port - default: 5900 - help: 'port for XVP to multiplex VNC connections on ' - comment: 'Help string has changed' - - - name: consoleauth_topic - type: string - default: 'consoleauth' - help: 'the topic console auth proxy nodes listen on ' - comment: 'Help string has changed' - - - name: console_token_ttl - type: integer - default: 600 - help: 'How many seconds before deleting tokens ' - comment: 'Help string has changed' - - - name: consoleauth_manager - type: string - default: 'nova.consoleauth.manager.ConsoleAuthManager' - help: 'Manager for console auth ' - comment: 'Help string has changed' - - - name: enable_new_services - type: boolean - default: true - help: 'Services to be added to the available pool on create ' - comment: 'Help string has changed' - - - name: instance_name_template - type: string - default: 'instance-%08x' - help: 'Template string to be used to generate instance names ' - comment: 'Help string has changed' - - - name: snapshot_name_template - type: string - default: 'snapshot-%s' - help: 'Template string to be used to generate snapshot names ' - comment: 'Help string has changed' - - - name: db_driver - type: string - default: 'nova.db' - help: 'driver to use for database access ' - comment: 'Help string has changed' - - - name: osapi_compute_unique_server_name_scope - type: string - default: '' - help: "When set, compute API will consider duplicate hostnames invalid within the specified scope, regardless of case. Should be empty, 'project' or 'global'. " - comment: 'Help string has changed' - - - name: glance_host - type: string - default: '$my_ip' - help: 'default glance hostname or ip ' - comment: 'Help string has changed' - - - name: glance_port - type: port - default: 9292 - help: 'default glance port ' - comment: 'Help string has changed' - - - name: glance_protocol - type: string - default: 'http' - help: 'Default protocol to use when connecting to glance. Set to https for SSL. ' - comment: 'Help string has changed' - - - name: glance_api_servers - type: string_list - default: ['$glance_host:$glance_port'] - help: 'A list of the glance api servers available to nova. Prefix with https:// for ssl-based glance api servers. ([hostname|ip]:port) ' - comment: 'Type has changed' - - - name: glance_api_insecure - type: boolean - default: false - help: 'Allow to perform insecure SSL (https) requests to glance ' - comment: 'Help string has changed' - - - name: glance_num_retries - type: integer - default: false - help: 'Number retries when downloading an image from glance ' - comment: 'Help string has changed' - - - name: allowed_direct_url_schemes - type: string_list - default: [] - help: 'A list of url scheme that can be downloaded directly via the direct_url. Currently supported schemes: [file]. ' - comment: 'Type has changed' - - - name: image_decryption_dir - type: string - default: '/tmp' - help: 'parent dir for tempdir used for image decryption ' - comment: 'Help string has changed' - - - name: s3_host - type: string - default: '$my_ip' - help: 'hostname or ip for OpenStack to use when accessing the s3 api ' - comment: 'Help string has changed' - - - name: s3_port - type: port - default: 3333 - help: 'port used when accessing the s3 api ' - comment: 'Help string has changed' - - - name: s3_access_key - type: string - default: 'notchecked' - help: 'access key to use for s3 server for images ' - comment: 'Help string has changed' - - - name: s3_secret_key - type: string - default: 'notchecked' - help: 'secret key to use for s3 server for images ' - comment: 'Help string has changed' - - - name: s3_use_ssl - type: boolean - default: false - help: 'whether to use ssl when talking to s3 ' - comment: 'Help string has changed' - - - name: s3_affix_tenant - type: boolean - default: false - help: 'whether to affix the tenant id to the access key when downloading from s3 ' - comment: 'Help string has changed' - - - name: ipv6_backend - type: string - default: 'rfc2462' - help: 'Backend to use for IPv6 generation ' - comment: 'Help string has changed' - - - name: network_api_class - type: string - default: 'nova.network.api.API' - help: 'The full class name of the network API class to use ' - comment: 'Help string has changed' - - - name: network_driver - type: string - default: 'nova.network.linux_net' - help: 'Driver to use for network creation ' - comment: 'Help string has changed' - - - name: default_floating_pool - type: string - default: 'nova' - help: 'Default pool for floating ips ' - comment: 'Help string has changed' - - - name: auto_assign_floating_ip - type: boolean - default: false - help: 'Autoassigning floating ip to VM ' - comment: 'Help string has changed' - - - name: floating_ip_dns_manager - type: string - default: 'nova.network.noop_dns_driver.NoopDNSDriver' - help: 'full class name for the DNS Manager for floating IPs ' - comment: 'Help string has changed' - - - name: instance_dns_manager - type: string - default: 'nova.network.noop_dns_driver.NoopDNSDriver' - help: 'full class name for the DNS Manager for instance IPs ' - comment: 'Help string has changed' - - - name: instance_dns_domain - type: string - default: '' - help: 'full class name for the DNS Zone for instance IPs ' - comment: 'Help string has changed' - - - name: ldap_dns_url - type: string - default: 'ldap://ldap.example.com:389' - help: 'URL for ldap server which will store dns entries ' - comment: 'Help string has changed' - - - name: ldap_dns_user - type: string - default: 'uid=admin,ou=people,dc=example,dc=org' - help: 'user for ldap DNS ' - comment: 'Default value has changed' - - - name: ldap_dns_password - type: string - default: 'password' - help: 'password for ldap DNS ' - comment: 'Help string has changed' - - - name: ldap_dns_soa_hostmaster - type: string - default: 'hostmaster@example.org' - help: 'Hostmaster for ldap dns driver Statement of Authority ' - comment: 'Help string has changed' - - - name: ldap_dns_servers - type: string - default: 'dns.example.org' - help: 'DNS Servers for ldap dns driver (multi valued)' - comment: 'Type has changed' - - - name: ldap_dns_base_dn - type: string - default: 'ou=hosts,dc=example,dc=org' - help: 'Base DN for DNS entries in ldap ' - comment: 'Default value has changed' - - - name: ldap_dns_soa_refresh - type: string - default: '1800' - help: 'Refresh interval (in seconds) for ldap dns driver Statement of Authority ' - comment: 'Type has changed' - - - name: ldap_dns_soa_retry - type: string - default: '3600' - help: 'Retry interval (in seconds) for ldap dns driver Statement of Authority ' - comment: 'Type has changed' - - - name: ldap_dns_soa_expiry - type: string - default: '86400' - help: 'Expiry interval (in seconds) for ldap dns driver Statement of Authority ' - comment: 'Type has changed' - - - name: ldap_dns_soa_minimum - type: string - default: '7200' - help: 'Minimum interval (in seconds) for ldap dns driver Statement of Authority ' - comment: 'Type has changed' - - - name: dhcpbridge_flagfile - type: string - default: '/etc/nova/nova-dhcpbridge.conf' - help: 'location of flagfiles for dhcpbridge (multi valued)' - comment: 'Type has changed' - - - name: networks_path - type: string - default: '$state_path/networks' - help: 'Location to keep network config files ' - comment: 'Help string has changed' - - - name: public_interface - type: string - default: 'eth0' - help: 'Interface for public IP addresses ' - comment: 'Help string has changed' - - - name: network_device_mtu - type: string - default: ~ - help: 'MTU setting for vlan ' - comment: 'Help string has changed' - - - name: dhcpbridge - type: string - default: '$bindir/nova-dhcpbridge' - help: 'location of nova-dhcpbridge ' - comment: 'Help string has changed' - - - name: routing_source_ip - type: string - default: '$my_ip' - help: 'Public IP of network host ' - comment: 'Help string has changed' - - - name: dhcp_lease_time - type: integer - default: 120 - help: 'Lifetime of a DHCP lease in seconds ' - comment: 'Help string has changed' - - - name: dns_server - type: string - default: '' - help: 'if set, uses specific dns server for dnsmasq. Canbe specified multiple times. (multi valued)' - comment: 'Type has changed' - - - name: use_network_dns_servers - type: boolean - default: false - help: 'if set, uses the dns1 and dns2 from the network ref.as dns servers. ' - comment: 'Help string has changed' - - - name: dmz_cidr - type: string_list - default: [] - help: 'A list of dmz range that should be accepted ' - comment: 'Type has changed' - - - name: force_snat_range - type: string - default: '' - help: 'Traffic to this range will always be snatted to the fallback ip, even if it would normally be bridged out of the node. Can be specified multiple times. (multi valued)' - comment: 'Type has changed' - - - name: dnsmasq_config_file - type: string - default: '' - help: 'Override the default dnsmasq settings with this file ' - comment: 'Help string has changed' - - - name: linuxnet_interface_driver - type: string - default: 'nova.network.linux_net.LinuxBridgeInterfaceDriver' - help: 'Driver used to create ethernet devices. ' - comment: 'Help string has changed' - - - name: linuxnet_ovs_integration_bridge - type: string - default: 'br-int' - help: 'Name of Open vSwitch bridge used with linuxnet ' - comment: 'Help string has changed' - - - name: send_arp_for_ha - type: boolean - default: false - help: 'send gratuitous ARPs for HA setup ' - comment: 'Help string has changed' - - - name: send_arp_for_ha_count - type: integer - default: 3 - help: 'send this many gratuitous ARPs for HA setup ' - comment: 'Help string has changed' - - - name: use_single_default_gateway - type: boolean - default: false - help: 'Use single default gateway. Only first nic of vm will get default gateway from dhcp server ' - comment: 'Help string has changed' - - - name: forward_bridge_interface - type: string - default: 'all' - help: 'An interface that bridges can forward to. If this is set to all then all traffic will be forwarded. Can be specified multiple times. (multi valued)' - comment: 'Type has changed' - - - name: metadata_host - type: string - default: '$my_ip' - help: 'the ip for the metadata api server ' - comment: 'Help string has changed' - - - name: metadata_port - type: port - default: 8775 - help: 'the port for the metadata api port ' - comment: 'Help string has changed' - - - name: iptables_top_regex - type: string - default: '' - help: 'Regular expression to match iptables rule that should always be on the top. ' - comment: 'Help string has changed' - - - name: iptables_bottom_regex - type: string - default: '' - help: 'Regular expression to match iptables rule that should always be on the bottom. ' - comment: 'Help string has changed' - - - name: flat_network_bridge - type: string - default: ~ - help: 'Bridge for simple network instances ' - comment: 'Help string has changed' - - - name: flat_network_dns - type: string - default: '8.8.4.4' - help: 'Dns for simple network ' - comment: 'Help string has changed' - - - name: flat_injected - type: boolean - default: false - help: 'Whether to attempt to inject network setup into guest ' - comment: 'Help string has changed' - - - name: flat_interface - type: string - default: ~ - help: 'FlatDhcp will bridge into this interface if set ' - comment: 'Help string has changed' - - - name: vlan_start - type: integer - default: 100 - help: 'First VLAN for private networks ' - comment: 'Help string has changed' - - - name: num_networks - type: integer - default: true - help: 'Number of networks to support ' - comment: 'Help string has changed' - - - name: vpn_ip - type: string - default: '$my_ip' - help: 'Public IP for the cloudpipe VPN servers ' - comment: 'Help string has changed' - - - name: vpn_start - type: integer - default: 1000 - help: 'First Vpn port for private networks ' - comment: 'Help string has changed' - - - name: network_size - type: integer - default: 256 - help: 'Number of addresses in each private subnet ' - comment: 'Help string has changed' - - - name: fixed_range_v6 - type: string - default: 'fd00::/48' - help: 'Fixed IPv6 address block ' - comment: 'Help string has changed' - - - name: gateway - type: string - default: ~ - help: 'Default IPv4 gateway ' - comment: 'Help string has changed' - - - name: gateway_v6 - type: string - default: ~ - help: 'Default IPv6 gateway ' - comment: 'Help string has changed' - - - name: cnt_vpn_clients - type: integer - default: false - help: 'Number of addresses reserved for vpn clients ' - comment: 'Help string has changed' - - - name: fixed_ip_disassociate_timeout - type: integer - default: 600 - help: 'Seconds after which a deallocated ip is disassociated ' - comment: 'Help string has changed' - - - name: create_unique_mac_address_attempts - type: integer - default: 5 - help: 'Number of attempts to create unique mac address ' - comment: 'Help string has changed' - - - name: fake_network - type: boolean - default: false - help: 'If passed, use fake network devices and addresses ' - comment: 'Help string has changed' - - - name: fake_call - type: boolean - default: false - help: 'If True, skip using the queue and make local calls ' - comment: 'Help string has changed' - - - name: teardown_unused_network_gateway - type: boolean - default: false - help: 'If True, unused gateway devices (VLAN and bridge) are deleted in VLAN network mode with multi hosted networks ' - comment: 'Help string has changed' - - - name: force_dhcp_release - type: boolean - default: true - help: 'If True, send a dhcp release on instance termination ' - comment: 'Default value has changed' - - - name: share_dhcp_address - type: boolean - default: false - help: 'If True in multi_host mode, all compute hosts share the same dhcp address. The same IP address used for DHCP will be added on each nova-network node which is only visible to the vms on the same host. ' - comment: 'Help string has changed' - - - name: update_dns_entries - type: boolean - default: false - help: 'If True, when a DNS entry must be updated, it sends a fanout cast to all network hosts to update their DNS entries in multi host mode ' - comment: 'Help string has changed' - - - name: dns_update_periodic_interval - type: integer - default: -1 - help: 'Number of seconds to wait between runs of updates to DNS entries. ' - comment: 'Help string has changed' - - - name: dhcp_domain - type: string - default: 'novalocal' - help: 'domain to use for building the hostnames ' - comment: 'Help string has changed' - - - name: l3_lib - type: string - default: 'nova.network.l3.LinuxNetL3' - help: 'Indicates underlying L3 management library ' - comment: 'Help string has changed' - - - name: network_topic - type: string - default: 'network' - help: 'the topic network nodes listen on ' - comment: 'Help string has changed' - - - name: multi_host - type: boolean - default: false - help: 'Default value for multi_host in networks. Also, if set, some rpc network calls will be sent directly to host. ' - comment: 'Help string has changed' - - - name: security_group_api - type: string - default: 'nova' - help: 'The full class name of the security API class ' - comment: 'Help string has changed' - - - name: buckets_path - type: string - default: '$state_path/buckets' - help: 'path to s3 buckets ' - comment: 'Help string has changed' - - - name: s3_listen - type: host - default: '0.0.0.0' - help: 'IP address for S3 API to listen ' - comment: 'Type has changed' - - - name: s3_listen_port - type: port - default: 3333 - help: 'port for s3 api to listen ' - comment: 'Help string has changed' - - - name: sqlite_db - type: string - default: 'nova.sqlite' - help: 'the filename to use with sqlite ' - comment: 'Help string has changed' - - - name: sqlite_synchronous - type: boolean - default: true - help: 'If true, use synchronous mode for sqlite ' - comment: 'Help string has changed' - - - name: backdoor_port - type: string - default: ~ - help: "Enable eventlet backdoor. Acceptable values are 0, and :, where 0 results in listening on a random tcp port number, results in listening on the specified port number and not enabling backdoorif it is in use and : results in listening on the smallest unused port number within the specified range of port numbers. The chosen port is displayed in the service's log file. " - comment: 'Type has changed' - - - name: disable_process_locking - type: boolean - default: false - help: 'Whether to disable inter-process locks ' - comment: 'Help string has changed' - - - name: lock_path - type: string - default: ~ - help: 'Directory to use for lock files. ' - comment: 'Help string has changed' - - - name: debug - type: boolean - default: false - help: 'Print debugging output (set logging level to DEBUG instead of default WARNING level). ' - comment: 'Help string has changed' - - - name: verbose - type: boolean - default: false - help: 'Print more verbose output (set logging level to INFO instead of default WARNING level). ' - comment: 'Help string has changed' - - - name: use_stderr - type: boolean - default: true - help: 'Log output to standard error ' - comment: 'Help string has changed' - - - name: logging_context_format_string - type: string - default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s' - help: 'format string to use for log messages with context ' - comment: 'Default value has changed' - - - name: logging_default_format_string - type: string - default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s' - help: 'format string to use for log messages without context ' - comment: 'Help string has changed' - - - name: logging_debug_format_suffix - type: string - default: '%(funcName)s %(pathname)s:%(lineno)d' - help: 'data to append to log format when level is DEBUG ' - comment: 'Help string has changed' - - - name: logging_exception_prefix - type: string - default: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' - help: 'prefix each line of exception output with this format ' - comment: 'Help string has changed' - - - name: default_log_levels - type: string_list - default: ['amqplib=WARN', 'sqlalchemy=WARN', 'boto=WARN', 'suds=INFO', 'keystone=INFO', 'eventlet.wsgi.server=WARN'] - help: 'list of logger=LEVEL pairs ' - comment: 'Type has changed' - - - name: publish_errors - type: boolean - default: false - help: 'publish error events ' - comment: 'Help string has changed' - - - name: fatal_deprecations - type: boolean - default: false - help: 'make deprecations fatal ' - comment: 'Help string has changed' - - - name: instance_format - type: string - default: '"[instance: %(uuid)s] "' - help: 'If an instance is passed with the log message, format it like this ' - comment: 'Help string has changed' - - - name: instance_uuid_format - type: string - default: '"[instance: %(uuid)s] "' - help: 'If an instance UUID is passed with the log message, format it like this ' - comment: 'Help string has changed' - - - name: log_config - type: string - default: ~ - help: 'If this option is specified, the logging configuration file specified is used and overrides any other logging options specified. Please see the Python logging module documentation for details on logging configuration files. ' - comment: 'Help string has changed' - - - name: log_format - type: string - default: ~ - help: 'DEPRECATED. A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes. This option is deprecated. Please use logging_context_format_string and logging_default_format_string instead. ' - comment: 'Default value has changed' - - - name: log_date_format - type: string - default: '%Y-%m-%d %H:%M:%S' - help: 'Format string for %%(asctime)s in log records. Default: %(default)s ' - comment: 'Help string has changed' - - - name: log_file - type: string - default: ~ - help: '(Optional) Name of log file to output to. If no default is set, logging will go to stdout. ' - comment: 'Help string has changed' - - - name: log_dir - type: string - default: ~ - help: '(Optional) The base directory used for relative --log-file paths ' - comment: 'Help string has changed' - - - name: use_syslog - type: boolean - default: false - help: 'Use syslog for logging. ' - comment: 'Help string has changed' - - - name: syslog_log_facility - type: string - default: 'LOG_USER' - help: 'syslog facility to receive log lines ' - comment: 'Help string has changed' - - - name: memcached_servers - type: list - default: ~ - help: 'Memcached servers or None for in process cache. ' - comment: 'Help string has changed' - - - name: notification_driver - type: string - default: '' - help: 'Driver or drivers to handle sending notifications (multi valued)' - comment: 'Type has changed' - - - name: default_notification_level - type: string - default: 'INFO' - help: 'Default notification level for outgoing notifications ' - comment: 'Help string has changed' - - - name: default_publisher_id - type: string - default: ~ - help: 'Default publisher_id for outgoing notifications ' - comment: 'Default value has changed' - - - name: notification_topics - type: string_list - default: ['notifications'] - help: 'AMQP topic used for OpenStack notifications ' - comment: 'Type has changed' - - - name: run_external_periodic_tasks - type: boolean - default: true - help: 'Some periodic tasks can be run in a separate process. Should we run them here? ' - comment: 'Help string has changed' - - - name: rpc_backend - type: string - default: 'nova.openstack.common.rpc.impl_kombu' - help: 'The messaging module to use, defaults to kombu. ' - comment: 'Help string has changed' - - - name: rpc_thread_pool_size - type: integer - default: 64 - help: 'Size of RPC thread pool ' - comment: 'Help string has changed' - - - name: rpc_conn_pool_size - type: integer - default: 30 - help: 'Size of RPC connection pool ' - comment: 'Help string has changed' - - - name: rpc_response_timeout - type: integer - default: 60 - help: 'Seconds to wait for a response from call or multicall ' - comment: 'Help string has changed' - - - name: rpc_cast_timeout - type: integer - default: 30 - help: 'Seconds to wait before a cast expires (TTL). Only supported by impl_zmq. ' - comment: 'Help string has changed' - - - name: allowed_rpc_exception_modules - type: string_list - default: ['nova.exception', 'cinder.exception', 'exceptions'] - help: 'Modules of exceptions that are permitted to be recreatedupon receiving exception data from an rpc call. ' - comment: 'Type has changed' - - - name: fake_rabbit - type: boolean - default: false - help: 'If passed, use a fake RabbitMQ provider ' - comment: 'Help string has changed' - - - name: control_exchange - type: string - default: 'openstack' - help: 'AMQP exchange to connect to if using RabbitMQ or Qpid ' - comment: 'Help string has changed' - - - name: kombu_ssl_version - type: string - default: '' - help: 'SSL version to use (valid only if SSL enabled). valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be available on some distributions ' - comment: 'Help string has changed' - - - name: kombu_ssl_keyfile - type: string - default: '' - help: 'SSL key file (valid only if SSL enabled) ' - comment: 'Help string has changed' - - - name: kombu_ssl_certfile - type: string - default: '' - help: 'SSL cert file (valid only if SSL enabled) ' - comment: 'Help string has changed' - - - name: kombu_ssl_ca_certs - type: string - default: '' - help: 'SSL certification authority file (valid only if SSL enabled) ' - comment: 'Help string has changed' - - - name: rabbit_host - type: host - default: 'localhost' - help: 'The RabbitMQ broker address where a single node is used ' - comment: 'Type has changed' - - - name: rabbit_port - type: port - default: 5672 - help: 'The RabbitMQ broker port where a single node is used ' - comment: 'Help string has changed' - - - name: rabbit_hosts - type: string_list - default: ['$rabbit_host:$rabbit_port'] - help: 'RabbitMQ HA cluster host:port pairs ' - comment: 'Type has changed' - - - name: rabbit_use_ssl - type: boolean - default: false - help: 'connect over SSL for RabbitMQ ' - comment: 'Help string has changed' - - - name: rabbit_userid - type: string - default: 'guest' - help: 'the RabbitMQ userid ' - comment: 'Help string has changed' - - - name: rabbit_password - type: string - default: 'guest' - help: 'the RabbitMQ password ' - comment: 'Help string has changed' - - - name: rabbit_virtual_host - type: string - default: '/' - help: 'the RabbitMQ virtual host ' - comment: 'Help string has changed' - - - name: rabbit_retry_interval - type: integer - default: true - help: 'how frequently to retry connecting with RabbitMQ ' - comment: 'Help string has changed' - - - name: rabbit_retry_backoff - type: integer - default: 2 - help: 'how long to backoff for between retries when connecting to RabbitMQ ' - comment: 'Help string has changed' - - - name: rabbit_max_retries - type: integer - default: false - help: 'maximum retries with trying to connect to RabbitMQ (the default of 0 implies an infinite retry count) ' - comment: 'Help string has changed' - - - name: rabbit_ha_queues - type: boolean - default: false - help: 'use H/A queues in RabbitMQ (x-ha-policy: all).You need to wipe RabbitMQ database when changing this option. ' - comment: 'Help string has changed' - - - name: qpid_hostname - type: string - default: 'localhost' - help: 'Qpid broker hostname ' - comment: 'Help string has changed' - - - name: qpid_port - type: port - default: 5672 - help: 'Qpid broker port ' - comment: 'Help string has changed' - - - name: qpid_hosts - type: string_list - default: ['$qpid_hostname:$qpid_port'] - help: 'Qpid HA cluster host:port pairs ' - comment: 'Type has changed' - - - name: qpid_username - type: string - default: '' - help: 'Username for qpid connection ' - comment: 'Help string has changed' - - - name: qpid_password - type: string - default: '' - help: 'Password for qpid connection ' - comment: 'Help string has changed' - - - name: qpid_sasl_mechanisms - type: string - default: '' - help: 'Space separated list of SASL mechanisms to use for auth ' - comment: 'Help string has changed' - - - name: qpid_heartbeat - type: integer - default: 60 - help: 'Seconds between connection keepalive heartbeats ' - comment: 'Help string has changed' - - - name: qpid_protocol - type: string - default: 'tcp' - help: "Transport to use, either 'tcp' or 'ssl' " - comment: 'Help string has changed' - - - name: qpid_tcp_nodelay - type: boolean - default: true - help: 'Disable Nagle algorithm ' - comment: 'Help string has changed' - - - name: rpc_zmq_bind_address - type: string - default: '*' - help: "ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP. The 'host' option should point or resolve to this address. " - comment: 'Help string has changed' - - - name: rpc_zmq_matchmaker - type: string - default: 'nova.openstack.common.rpc.matchmaker.MatchMakerLocalhost' - help: 'MatchMaker driver ' - comment: 'Help string has changed' - - - name: rpc_zmq_port - type: port - default: 9501 - help: 'ZeroMQ receiver listening port ' - comment: 'Help string has changed' - - - name: rpc_zmq_contexts - type: integer - default: true - help: 'Number of ZeroMQ contexts, defaults to 1 ' - comment: 'Help string has changed' - - - name: rpc_zmq_topic_backlog - type: integer - default: ~ - help: 'Maximum number of ingress messages to locally buffer per topic. Default is unlimited. ' - comment: 'Help string has changed' - - - name: rpc_zmq_ipc_dir - type: string - default: '/var/run/openstack' - help: 'Directory for holding IPC sockets ' - comment: 'Help string has changed' - - - name: rpc_zmq_host - type: string - default: 'nova' - help: "Name of this node. Must be a valid hostname, FQDN, or IP address. Must match 'host' option, if running Nova. " - comment: 'Default value has changed' - - - name: scheduler_host_manager - type: string - default: 'nova.scheduler.host_manager.HostManager' - help: 'The scheduler host manager class to use ' - comment: 'Help string has changed' - - - name: scheduler_max_attempts - type: integer - default: 3 - help: 'Maximum number of attempts to schedule an instance ' - comment: 'Help string has changed' - - - name: scheduler_host_subset_size - type: integer - default: true - help: 'New instances will be scheduled on a host chosen randomly from a subset of the N best hosts. This property defines the subset size that a host is chosen from. A value of 1 chooses the first host returned by the weighing functions. This value must be at least 1. Any value less than 1 will be ignored, and 1 will be used instead ' - comment: 'Help string has changed' - - - name: cpu_allocation_ratio - type: float - default: 16.0 - help: 'Virtual CPU to physical CPU allocation ratio which affects all CPU filters. This configuration specifies a global ratio for CoreFilter. For AggregateCoreFilter, it will fall back to this configuration value if no per-aggregate setting found. ' - comment: 'Type has changed' - - - name: disk_allocation_ratio - type: float - default: true - help: 'virtual disk to physical disk allocation ratio ' - comment: 'Type has changed' - - - name: max_io_ops_per_host - type: integer - default: 8 - help: 'Ignore hosts that have too many builds/resizes/snaps/migrations ' - comment: 'Help string has changed' - - - name: isolated_images - type: string_list - default: [] - help: 'Images to run on isolated host ' - comment: 'Type has changed' - - - name: isolated_hosts - type: string_list - default: [] - help: 'Host reserved for specific images ' - comment: 'Type has changed' - - - name: max_instances_per_host - type: integer - default: 50 - help: 'Ignore hosts that have too many instances ' - comment: 'Help string has changed' - - - name: ram_allocation_ratio - type: float - default: 1.5 - help: 'Virtual ram to physical ram allocation ratio which affects all ram filters. This configuration specifies a global ratio for RamFilter. For AggregateRamFilter, it will fall back to this configuration value if no per-aggregate setting found. ' - comment: 'Type has changed' - - - name: scheduler_available_filters - type: string - default: 'nova.scheduler.filters.all_filters' - help: "Filter classes available to the scheduler which may be specified more than once. An entry of 'nova.scheduler.filters.standard_filters' maps to all filters included with nova. (multi valued)" - comment: 'Type has changed' - - - name: scheduler_driver - type: string - default: 'nova.scheduler.filter_scheduler.FilterScheduler' - help: 'Default driver to use for the scheduler ' - comment: 'Help string has changed' - - - name: scheduler_topic - type: string - default: 'scheduler' - help: 'the topic scheduler nodes listen on ' - comment: 'Help string has changed' - - - name: scheduler_json_config_location - type: string - default: '' - help: 'Absolute path to scheduler configuration JSON file. ' - comment: 'Help string has changed' - - - name: servicegroup_driver - type: string - default: 'db' - help: 'The driver for servicegroup service (valid options are: db, zk, mc) ' - comment: 'Help string has changed' - - - name: config_drive_format - type: string - default: 'iso9660' - help: 'Config drive format. One of iso9660 (default) or vfat ' - comment: 'Help string has changed' - - - name: config_drive_tempdir - type: string - default: ~ - help: 'Where to put temporary files associated with config drive creation ' - comment: 'Help string has changed' - - - name: force_config_drive - type: string - default: ~ - help: 'Set to force injection to take place on a config drive (if set, valid options are: always) ' - comment: 'Help string has changed' - - - name: mkisofs_cmd - type: string - default: 'genisoimage' - help: 'Name and optionally path of the tool used for ISO image creation ' - comment: 'Help string has changed' - - - name: virt_mkfs - type: string - default: 'windows=mkfs.ntfs --force --fast --label %(fs_label)s %(target)s' - help: 'mkfs commands for ephemeral device. The format is = (multi valued)' - comment: 'Default value has changed' - - - name: timeout_nbd - type: integer - default: 10 - help: 'time to wait for a NBD device coming up ' - comment: 'Help string has changed' - - - name: compute_driver - type: string - default: ~ - help: 'Driver to use for controlling virtualization. Options include: libvirt.LibvirtDriver, xenapi.XenAPIDriver, fake.FakeDriver, baremetal.BareMetalDriver, vmwareapi.VMwareESXDriver, vmwareapi.VMwareVCDriver ' - comment: 'Help string has changed' - - - name: default_ephemeral_format - type: string - default: ~ - help: 'The default format an ephemeral_volume will be formatted with on creation. ' - comment: 'Help string has changed' - - - name: preallocate_images - type: string - default: 'none' - help: "VM image preallocation mode: 'none' => no storage provisioning is done up front, 'space' => storage is fully allocated at instance start " - comment: 'Help string has changed' - - - name: use_cow_images - type: boolean - default: true - help: 'Whether to use cow images ' - comment: 'Help string has changed' - - - name: firewall_driver - type: string - default: ~ - help: 'Firewall driver (defaults to hypervisor specific iptables driver) ' - comment: 'Help string has changed' - - - name: allow_same_net_traffic - type: boolean - default: true - help: 'Whether to allow network traffic from same network ' - comment: 'Help string has changed' - - - name: force_raw_images - type: boolean - default: true - help: 'Force backing images to raw format ' - comment: 'Help string has changed' - - - name: rescue_image_id - type: string - default: ~ - help: 'Rescue ami image ' - comment: 'Help string has changed' - - - name: rescue_kernel_id - type: string - default: ~ - help: 'Rescue aki image ' - comment: 'Help string has changed' - - - name: rescue_ramdisk_id - type: string - default: ~ - help: 'Rescue ari image ' - comment: 'Help string has changed' - - - name: libvirt_type - type: string - default: 'kvm' - help: 'Libvirt domain type (valid options are: kvm, lxc, qemu, uml, xen) ' - comment: 'Help string has changed' - - - name: libvirt_uri - type: string - default: '' - help: 'Override the default libvirt URI (which is dependent on libvirt_type) ' - comment: 'Help string has changed' - - - name: libvirt_inject_password - type: boolean - default: false - help: 'Inject the admin password at boot time, without an agent. ' - comment: 'Help string has changed' - - - name: libvirt_inject_key - type: boolean - default: true - help: 'Inject the ssh public key at boot time ' - comment: 'Help string has changed' - - - name: libvirt_inject_partition - type: integer - default: true - help: 'The partition to inject to : -2 => disable, -1 => inspect (libguestfs only), 0 => not partitioned, >0 => partition number ' - comment: 'Help string has changed' - - - name: use_usb_tablet - type: boolean - default: true - help: 'Sync virtual and real mouse cursors in Windows VMs ' - comment: 'Help string has changed' - - - name: live_migration_uri - type: string - default: 'qemu+tcp://%s/system' - help: "Migration target URI (any included '%s' is replaced with the migration target hostname) " - comment: 'Help string has changed' - - - name: live_migration_flag - type: string - default: 'VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER' - help: 'Migration flags to be set for live migration ' - comment: 'Help string has changed' - - - name: block_migration_flag - type: string - default: 'VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER, VIR_MIGRATE_NON_SHARED_INC' - help: 'Migration flags to be set for block migration ' - comment: 'Help string has changed' - - - name: live_migration_bandwidth - type: integer - default: false - help: 'Maximum bandwidth to be used during migration, in Mbps ' - comment: 'Help string has changed' - - - name: snapshot_image_format - type: string - default: ~ - help: 'Snapshot image format (valid options are : raw, qcow2, vmdk, vdi). Defaults to same as source image ' - comment: 'Help string has changed' - - - name: libvirt_vif_driver - type: string - default: 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver' - help: 'The libvirt VIF driver to configure the VIFs. ' - comment: 'Help string has changed' - - - name: libvirt_volume_drivers - type: string_list - default: ['iscsi=nova.virt.libvirt.volume.LibvirtISCSIVolumeDriver', 'iser=nova.virt.libvirt.volume.LibvirtISERVolumeDriver', 'local=nova.virt.libvirt.volume.LibvirtVolumeDriver', 'fake=nova.virt.libvirt.volume.LibvirtFakeVolumeDriver', 'rbd=nova.virt.libvirt.volume.LibvirtNetVolumeDriver', 'sheepdog=nova.virt.libvirt.volume.LibvirtNetVolumeDriver', 'nfs=nova.virt.libvirt.volume.LibvirtNFSVolumeDriver', 'aoe=nova.virt.libvirt.volume.LibvirtAOEVolumeDriver', 'glusterfs=nova.virt.libvirt.volume.LibvirtGlusterfsVolumeDriver', 'fibre_channel=nova.virt.libvirt.volume.LibvirtFibreChannelVolumeDriver', 'scality=nova.virt.libvirt.volume.LibvirtScalityVolumeDriver'] - help: 'Libvirt handlers for remote volumes. ' - comment: 'Type has changed' - - - name: libvirt_disk_prefix - type: string - default: ~ - help: 'Override the default disk prefix for the devices attached to a server, which is dependent on libvirt_type. (valid options are: sd, xvd, uvd, vd) ' - comment: 'Help string has changed' - - - name: libvirt_wait_soft_reboot_seconds - type: integer - default: 120 - help: 'Number of seconds to wait for instance to shut down after soft reboot request is made. We fall back to hard reboot if instance does not shutdown within this window. ' - comment: 'Help string has changed' - - - name: libvirt_nonblocking - type: boolean - default: true - help: 'Use a separated OS thread pool to realize non-blocking libvirt calls ' - comment: 'Help string has changed' - - - name: libvirt_cpu_mode - type: string - default: ~ - help: "Set to 'host-model' to clone the host CPU feature flags; to 'host-passthrough' to use the host CPU model exactly; to 'custom' to use a named CPU model; to 'none' to not set any CPU model. If libvirt_type='kvm|qemu', it will default to 'host-model', otherwise it will default to 'none' " - comment: 'Help string has changed' - - - name: libvirt_cpu_model - type: string - default: ~ - help: "Set to a named libvirt CPU model (see names listed in /usr/share/libvirt/cpu_map.xml). Only has effect if libvirt_cpu_mode='custom' and libvirt_type='kvm|qemu' " - comment: 'Help string has changed' - - - name: libvirt_snapshots_directory - type: string - default: '$instances_path/snapshots' - help: 'Location where libvirt driver will store snapshots before uploading them to image service ' - comment: 'Help string has changed' - - - name: xen_hvmloader_path - type: string - default: '/usr/lib/xen/boot/hvmloader' - help: 'Location where the Xen hvmloader is kept ' - comment: 'Help string has changed' - - - name: disk_cachemodes - type: string_list - default: [] - help: "Specific cachemodes to use for different disk types e.g: ['file=directsync','block=none'] " - comment: 'Type has changed' - - - name: libvirt_images_type - type: string - default: 'default' - help: 'VM Images format. Acceptable values are: raw, qcow2, lvm,rbd, default. If default is specified, then use_cow_images flag is used instead of this one. ' - comment: 'Help string has changed' - - - name: libvirt_images_volume_group - type: string - default: ~ - help: 'LVM Volume Group that is used for VM images, when you specify libvirt_images_type=lvm. ' - comment: 'Help string has changed' - - - name: libvirt_sparse_logical_volumes - type: boolean - default: false - help: 'Create sparse logical volumes (with virtualsize) if this flag is set to True. ' - comment: 'Help string has changed' - - - name: libvirt_lvm_snapshot_size - type: integer - default: 1000 - help: 'The amount of storage (in megabytes) to allocate for LVM snapshot copy-on-write blocks. ' - comment: 'Help string has changed' - - - name: base_dir_name - type: string - default: '_base' - help: 'Where cached images are stored under $instances_path.This is NOT the full path - just a folder name.For per-compute-host cached images, set to _base_$my_ip ' - comment: 'Help string has changed' - - - name: image_info_filename_pattern - type: string - default: '$instances_path/$base_dir_name/%(image)s.info' - help: 'Allows image information files to be stored in non-standard locations ' - comment: 'Help string has changed' - - - name: remove_unused_base_images - type: boolean - default: true - help: 'Should unused base images be removed? ' - comment: 'Help string has changed' - - - name: remove_unused_kernels - type: boolean - default: false - help: 'Should unused kernel images be removed? This is only safe to enable if all compute nodes have been updated to support this option. This will enabled by default in future. ' - comment: 'Help string has changed' - - - name: remove_unused_resized_minimum_age_seconds - type: integer - default: 3600 - help: 'Unused resized base images younger than this will not be removed ' - comment: 'Help string has changed' - - - name: remove_unused_original_minimum_age_seconds - type: integer - default: 86400 - help: 'Unused unresized base images younger than this will not be removed ' - comment: 'Help string has changed' - - - name: checksum_base_images - type: boolean - default: false - help: 'Write a checksum for files in _base to disk ' - comment: 'Help string has changed' - - - name: checksum_interval_seconds - type: integer - default: 3600 - help: 'How frequently to checksum base images ' - comment: 'Help string has changed' - - - name: libvirt_snapshot_compression - type: boolean - default: false - help: 'Compress snapshot images when possible. This currently applies exclusively to qcow2 images ' - comment: 'Help string has changed' - - - name: libvirt_ovs_bridge - type: string - default: 'br-int' - help: 'Name of Integration Bridge used by Open vSwitch ' - comment: 'Help string has changed' - - - name: libvirt_use_virtio_for_bridges - type: boolean - default: true - help: 'Use virtio for bridge interfaces with KVM/QEMU ' - comment: 'Help string has changed' - - - name: num_iscsi_scan_tries - type: integer - default: 3 - help: 'number of times to rescan iSCSI target to find volume ' - comment: 'Help string has changed' - - - name: rbd_user - type: string - default: ~ - help: 'the RADOS client name for accessing rbd volumes ' - comment: 'Help string has changed' - - - name: rbd_secret_uuid - type: string - default: ~ - help: 'the libvirt uuid of the secret for the rbd_uservolumes ' - comment: 'Help string has changed' - - - name: nfs_mount_point_base - type: string - default: '$state_path/mnt' - help: 'Dir where the nfs volume is mounted on the compute node ' - comment: 'Help string has changed' - - - name: nfs_mount_options - type: string - default: ~ - help: 'Mount options passed to the nfs client. See section of the nfs man page for details ' - comment: 'Help string has changed' - - - name: num_aoe_discover_tries - type: integer - default: 3 - help: 'number of times to rediscover AoE target to find volume ' - comment: 'Help string has changed' - - - name: glusterfs_mount_point_base - type: string - default: '$state_path/mnt' - help: 'Dir where the glusterfs volume is mounted on the compute node ' - comment: 'Help string has changed' - - - name: libvirt_iscsi_use_multipath - type: boolean - default: false - help: 'use multipath connection of the iSCSI volume ' - comment: 'Help string has changed' - - - name: scality_sofs_config - type: string - default: ~ - help: 'Path or URL to Scality SOFS configuration file ' - comment: 'Help string has changed' - - - name: scality_sofs_mount_point - type: string - default: '$state_path/scality' - help: 'Base dir where Scality SOFS shall be mounted ' - comment: 'Help string has changed' - - - name: powervm_mgr_type - type: string - default: 'ivm' - help: 'PowerVM manager type (ivm, hmc) ' - comment: 'Help string has changed' - - - name: powervm_mgr - type: string - default: ~ - help: 'PowerVM manager host or ip ' - comment: 'Help string has changed' - - - name: powervm_mgr_user - type: string - default: ~ - help: 'PowerVM manager user name ' - comment: 'Help string has changed' - - - name: powervm_mgr_passwd - type: string - default: ~ - help: 'PowerVM manager user password ' - comment: 'Help string has changed' - - - name: powervm_img_remote_path - type: string - default: '/home/padmin' - help: 'PowerVM image remote path where images will be moved. Make sure this path can fit your biggest image in glance ' - comment: 'Help string has changed' - - - name: powervm_img_local_path - type: string - default: '/tmp' - help: 'Local directory to download glance images to. Make sure this path can fit your biggest image in glance ' - comment: 'Help string has changed' - - - name: agent_timeout - type: integer - default: 30 - help: 'number of seconds to wait for agent reply ' - comment: 'Help string has changed' - - - name: agent_version_timeout - type: integer - default: 300 - help: 'number of seconds to wait for agent to be fully operational ' - comment: 'Help string has changed' - - - name: agent_resetnetwork_timeout - type: integer - default: 60 - help: 'number of seconds to wait for agent reply to resetnetwork request ' - comment: 'Help string has changed' - - - name: xenapi_agent_path - type: string - default: 'usr/sbin/xe-update-networking' - help: 'Specifies the path in which the xenapi guest agent should be located. If the agent is present, network configuration is not injected into the image. Used if compute_driver=xenapi.XenAPIDriver and flat_injected=True ' - comment: 'Help string has changed' - - - name: xenapi_disable_agent - type: boolean - default: false - help: 'Disables the use of the XenAPI agent in any image regardless of what image properties are present. ' - comment: 'Help string has changed' - - - name: xenapi_connection_url - type: string - default: ~ - help: 'URL for connection to XenServer/Xen Cloud Platform. A special value of unix://local can be used to connect to the local unix socket. Required if compute_driver=xenapi.XenAPIDriver ' - comment: 'Help string has changed' - - - name: xenapi_connection_username - type: string - default: 'root' - help: 'Username for connection to XenServer/Xen Cloud Platform. Used only if compute_driver=xenapi.XenAPIDriver ' - comment: 'Help string has changed' - - - name: xenapi_connection_password - type: string - default: ~ - help: 'Password for connection to XenServer/Xen Cloud Platform. Used only if compute_driver=xenapi.XenAPIDriver ' - comment: 'Help string has changed' - - - name: xenapi_connection_concurrent - type: integer - default: 5 - help: 'Maximum number of concurrent XenAPI connections. Used only if compute_driver=xenapi.XenAPIDriver ' - comment: 'Help string has changed' - - - name: xenapi_vhd_coalesce_poll_interval - type: float - default: 5.0 - help: 'The interval used for polling of coalescing vhds. Used only if compute_driver=xenapi.XenAPIDriver ' - comment: 'Type has changed' - - - name: xenapi_check_host - type: boolean - default: true - help: 'Ensure compute service is running on host XenAPI connects to. ' - comment: 'Help string has changed' - - - name: xenapi_vhd_coalesce_max_attempts - type: integer - default: 5 - help: 'Max number of times to poll for VHD to coalesce. Used only if compute_driver=xenapi.XenAPIDriver ' - comment: 'Help string has changed' - - - name: xenapi_sr_base_path - type: string - default: '/var/run/sr-mount' - help: 'Base path to the storage repository ' - comment: 'Help string has changed' - - - name: target_host - type: string - default: ~ - help: 'iSCSI Target Host ' - comment: 'Help string has changed' - - - name: target_port - type: string - default: '3260' - help: 'iSCSI Target Port, 3260 Default ' - comment: 'Type has changed' - - - name: iqn_prefix - type: string - default: 'iqn.2010-10.org.openstack' - help: 'IQN Prefix ' - comment: 'Help string has changed' - - - name: xenapi_remap_vbd_dev - type: boolean - default: false - help: 'Used to enable the remapping of VBD dev (Works around an issue in Ubuntu Maverick) ' - comment: 'Help string has changed' - - - name: xenapi_remap_vbd_dev_prefix - type: string - default: 'sd' - help: 'Specify prefix to remap VBD dev to (ex. /dev/xvdb -> /dev/sdb) ' - comment: 'Help string has changed' - - - name: xenapi_login_timeout - type: integer - default: 10 - help: 'Timeout in seconds for XenAPI login. ' - comment: 'Help string has changed' - - - name: xenapi_torrent_base_url - type: string - default: ~ - help: 'Base URL for torrent files. ' - comment: 'Help string has changed' - - - name: xenapi_torrent_seed_chance - type: float - default: true - help: 'Probability that peer will become a seeder. (1.0 = 100%) ' - comment: 'Type has changed' - - - name: xenapi_torrent_seed_duration - type: integer - default: 3600 - help: 'Number of seconds after downloading an image via BitTorrent that it should be seeded for other peers. ' - comment: 'Help string has changed' - - - name: xenapi_torrent_max_last_accessed - type: integer - default: 86400 - help: 'Cached torrent files not accessed within this number of seconds can be reaped ' - comment: 'Help string has changed' - - - name: xenapi_torrent_listen_port_start - type: port - default: 6881 - help: 'Beginning of port range to listen on ' - comment: 'Help string has changed' - - - name: xenapi_torrent_listen_port_end - type: port - default: 6891 - help: 'End of port range to listen on ' - comment: 'Help string has changed' - - - name: xenapi_torrent_download_stall_cutoff - type: integer - default: 600 - help: 'Number of seconds a download can remain at the same progress percentage w/o being considered a stall ' - comment: 'Help string has changed' - - - name: xenapi_torrent_max_seeder_processes_per_host - type: integer - default: true - help: 'Maximum number of seeder processes to run concurrently within a given dom0. (-1 = no limit) ' - comment: 'Help string has changed' - - - name: use_join_force - type: boolean - default: true - help: 'To use for hosts with different CPUs ' - comment: 'Help string has changed' - - - name: xenapi_ovs_integration_bridge - type: string - default: 'xapi1' - help: 'Name of Integration Bridge used by Open vSwitch ' - comment: 'Help string has changed' - - - name: cache_images - type: string - default: 'all' - help: 'Cache glance images locally. `all` will cache all images, `some` will only cache images that have the image_property `cache_in_nova=True`, and `none` turns off caching entirely ' - comment: 'Help string has changed' - - - name: default_os_type - type: string - default: 'linux' - help: 'Default OS type ' - comment: 'Help string has changed' - - - name: block_device_creation_timeout - type: integer - default: 10 - help: 'Time to wait for a block device to be created ' - comment: 'Help string has changed' - - - name: max_kernel_ramdisk_size - type: integer - default: 16777216 - help: 'Maximum size in bytes of kernel or ramdisk images ' - comment: 'Help string has changed' - - - name: sr_matching_filter - type: string - default: 'default-sr:true' - help: 'Filter for finding the SR to be used to install guest instances on. To use the Local Storage in default XenServer/XCP installations set this flag to other-config :i18n-key=local-storage. To select an SR with a different matching criteria, you could set it to other- config:my_favorite_sr=true. On the other hand, to fall back on the Default SR, as displayed by XenCenter, set this flag to: default-sr:true ' - comment: 'Default value has changed' - - - name: xenapi_sparse_copy - type: boolean - default: true - help: "Whether to use sparse_copy for copying data on a resize down (False will use standard dd). This speeds up resizes down considerably since large runs of zeros won't have to be rsynced " - comment: 'Help string has changed' - - - name: xenapi_num_vbd_unplug_retries - type: integer - default: 10 - help: 'Maximum number of retries to unplug VBD ' - comment: 'Help string has changed' - - - name: xenapi_torrent_images - type: string - default: 'none' - help: 'Whether or not to download images via Bit Torrent (all|some|none). ' - comment: 'Help string has changed' - - - name: xenapi_running_timeout - type: integer - default: 60 - help: 'number of seconds to wait for instance to go to running state ' - comment: 'Help string has changed' - - - name: xenapi_vif_driver - type: string - default: 'nova.virt.xenapi.vif.XenAPIBridgeDriver' - help: 'The XenAPI VIF driver using XenServer Network APIs. ' - comment: 'Help string has changed' - - - name: xenapi_image_upload_handler - type: string - default: 'nova.virt.xenapi.image.glance.GlanceStore' - help: 'Dom0 plugin driver used to handle image uploads. ' - comment: 'Default value has changed' - - - name: novncproxy_base_url - type: string - default: 'http://127.0.0.1:6080/vnc_auto.html' - help: "location of vnc console proxy, in the form 'http://127.0.0.1:6080/vnc_auto.html' " - comment: 'Help string has changed' - - - name: xvpvncproxy_base_url - type: string - default: 'http://127.0.0.1:6081/console' - help: "location of nova xvp vnc console proxy, in the form 'http://127.0.0.1:6081/console' " - comment: 'Help string has changed' - - - name: vncserver_listen - type: host - default: '127.0.0.1' - help: 'IP address on which instance vncservers should listen ' - comment: 'Type has changed' - - - name: vncserver_proxyclient_address - type: string - default: '127.0.0.1' - help: 'the address to which proxy clients (like nova-xvpvncproxy) should connect ' - comment: 'Help string has changed' - - - name: vnc_enabled - type: boolean - default: true - help: 'enable vnc related features ' - comment: 'Help string has changed' - - - name: vnc_keymap - type: string - default: 'en-us' - help: 'keymap for vnc ' - comment: 'Help string has changed' - - - name: xvpvncproxy_port - type: port - default: 6081 - help: 'Port that the XCP VNC proxy should bind to ' - comment: 'Help string has changed' - - - name: xvpvncproxy_host - type: host - default: '0.0.0.0' - help: 'Address that the XCP VNC proxy should bind to ' - comment: 'Help string has changed' - - - name: volume_api_class - type: string - default: 'nova.volume.cinder.API' - help: 'The full class name of the volume API class to use ' - comment: 'Help string has changed' - - - name: cinder_catalog_info - type: string - default: 'volume:cinder:publicURL' - help: 'Info to match when looking for cinder in the service catalog. Format is : separated values of the form: :: ' - comment: 'Help string has changed' - - - name: cinder_endpoint_template - type: string - default: ~ - help: 'Override service catalog lookup with template for cinder endpoint e.g. http://localhost:8776/v1/%(project_id)s ' - comment: 'Help string has changed' - - - name: os_region_name - type: string - default: ~ - help: 'region name of this node ' - comment: 'Help string has changed' - - - name: cinder_http_retries - type: integer - default: 3 - help: 'Number of cinderclient retries on failed http calls ' - comment: 'Help string has changed' - - - name: cinder_api_insecure - type: boolean - default: false - help: 'Allow to perform insecure SSL requests to cinder ' - comment: 'Help string has changed' - - - name: cinder_cross_az_attach - type: boolean - default: true - help: 'Allow attach between instance and volume in different availability zones. ' - comment: 'Help string has changed' - - - name: baremetal.sql_connection - type: string - default: 'sqlite:///$state_path/baremetal_$sqlite_db' - help: 'The SQLAlchemy connection string used to connect to the bare-metal database ' - comment: 'Help string has changed' - - - name: zookeeper.address - type: string - default: ~ - help: 'The ZooKeeper addresses for servicegroup service in the format of host1:port,host2:port,host3:port ' - comment: 'Help string has changed' - - - name: zookeeper.recv_timeout - type: integer - default: 4000 - help: 'recv_timeout parameter for the zk session ' - comment: 'Help string has changed' - - - name: zookeeper.sg_prefix - type: string - default: '/servicegroups' - help: 'The prefix used in ZooKeeper to store ephemeral nodes ' - comment: 'Help string has changed' - - - name: zookeeper.sg_retry_interval - type: integer - default: 5 - help: 'Number of seconds to wait until retrying to join the session ' - comment: 'Help string has changed' - - - name: spice.enabled - type: boolean - default: false - help: 'enable spice related features ' - comment: 'Help string has changed' - - - name: conductor.use_local - type: boolean - default: false - help: 'Perform nova-conductor operations locally ' - comment: 'Help string has changed' - - - name: cells.topic - type: string - default: 'cells' - help: 'the topic cells nodes listen on ' - comment: 'Help string has changed' - - - name: cells.manager - type: string - default: 'nova.cells.manager.CellsManager' - help: 'Manager for cells ' - comment: 'Help string has changed' - - - name: baremetal.driver - type: string - default: 'nova.virt.baremetal.pxe.PXE' - help: 'Baremetal driver back-end (pxe or tilera) ' - comment: 'Help string has changed' - - - name: cells.instance_updated_at_threshold - type: integer - default: 3600 - help: 'Number of seconds after an instance was updated or deleted to continue to update cells ' - comment: 'Help string has changed' - - - name: cells.instance_update_num_instances - type: integer - default: true - help: 'Number of instances to update per periodic task run ' - comment: 'Help string has changed' - - - name: cells.max_hop_count - type: integer - default: 10 - help: 'Maximum number of hops for cells routing. ' - comment: 'Help string has changed' - - - name: cells.enable - type: boolean - default: false - help: 'Enable cell functionality ' - comment: 'Help string has changed' - - - name: cells.name - type: string - default: 'nova' - help: 'name of this cell ' - comment: 'Help string has changed' - - - name: cells.capabilities - type: string_list - default: ['hypervisor=xenserver;kvm', 'os=linux;windows'] - help: 'Key/Multi-value list with the capabilities of the cell ' - comment: 'Type has changed' - - - name: cells.call_timeout - type: integer - default: 60 - help: 'Seconds to wait for response from a call to a cell. ' - comment: 'Help string has changed' - - - name: cells.rpc_driver_queue_base - type: string - default: 'cells.intercell' - help: 'Base queue name to use when communicating between cells. Various topics by message type will be appended to this. ' - comment: 'Help string has changed' - - - name: cells.scheduler_retries - type: integer - default: 10 - help: 'How many retries when no cells are available. ' - comment: 'Help string has changed' - - - name: cells.scheduler_retry_delay - type: integer - default: 2 - help: 'How often to retry in seconds when no cells are available. ' - comment: 'Help string has changed' - - - name: cells.db_check_interval - type: integer - default: 60 - help: 'Seconds between getting fresh cell info from db. ' - comment: 'Help string has changed' - - - name: baremetal.db_backend - type: string - default: 'sqlalchemy' - help: 'The backend to use for bare-metal database ' - comment: 'Help string has changed' - - - name: baremetal.vif_driver - type: string - default: 'nova.virt.baremetal.vif_driver.BareMetalVIFDriver' - help: 'Baremetal VIF driver. ' - comment: 'Help string has changed' - - - name: baremetal.volume_driver - type: string - default: 'nova.virt.baremetal.volume_driver.LibvirtVolumeDriver' - help: 'Baremetal volume driver. ' - comment: 'Help string has changed' - - - name: baremetal.instance_type_extra_specs - type: string_list - default: [] - help: "a list of additional capabilities corresponding to instance_type_extra_specs for this compute host to advertise. Valid entries are name=value, pairs For example, 'key1:val1, key2:val2' " - comment: 'Type has changed' - - - name: baremetal.power_manager - type: string - default: 'nova.virt.baremetal.ipmi.IPMI' - help: 'Baremetal power management method ' - comment: 'Help string has changed' - - - name: baremetal.tftp_root - type: string - default: '/tftpboot' - help: "Baremetal compute node's tftp root path " - comment: 'Help string has changed' - - - name: baremetal.terminal - type: string - default: 'shellinaboxd' - help: 'path to baremetal terminal program ' - comment: 'Help string has changed' - - - name: baremetal.terminal_cert_dir - type: string - default: ~ - help: 'path to baremetal terminal SSL cert(PEM) ' - comment: 'Help string has changed' - - - name: baremetal.terminal_pid_dir - type: string - default: '$state_path/baremetal/console' - help: 'path to directory stores pidfiles of baremetal_terminal ' - comment: 'Help string has changed' - - - name: baremetal.ipmi_power_retry - type: integer - default: 10 - help: 'maximal number of retries for IPMI operations ' - comment: 'Default value has changed' - - - name: baremetal.deploy_kernel - type: string - default: ~ - help: 'Default kernel image ID used in deployment phase ' - comment: 'Help string has changed' - - - name: baremetal.deploy_ramdisk - type: string - default: ~ - help: 'Default ramdisk image ID used in deployment phase ' - comment: 'Help string has changed' - - - name: baremetal.net_config_template - type: string - default: '$pybasedir/nova/virt/baremetal/net-dhcp.ubuntu.template' - help: 'Template file for injected network config ' - comment: 'Help string has changed' - - - name: baremetal.pxe_append_params - type: string - default: 'nofb nomodeset vga=normal' - help: 'additional append parameters for baremetal PXE boot ' - comment: 'Default value has changed' - - - name: baremetal.pxe_config_template - type: string - default: '$pybasedir/nova/virt/baremetal/pxe_config.template' - help: 'Template file for PXE configuration ' - comment: 'Help string has changed' - - - name: baremetal.pxe_deploy_timeout - type: integer - default: false - help: 'Timeout for PXE deployments. Default: 0 (unlimited) ' - comment: 'Help string has changed' - - - name: baremetal.virtual_power_ssh_host - type: string - default: '' - help: 'ip or name to virtual power host ' - comment: 'Help string has changed' - - - name: baremetal.virtual_power_type - type: string - default: 'virsh' - help: 'base command to use for virtual power(vbox,virsh) ' - comment: 'Default value has changed' - - - name: baremetal.virtual_power_host_user - type: string - default: '' - help: 'user to execute virtual power commands as ' - comment: 'Help string has changed' - - - name: baremetal.virtual_power_host_pass - type: string - default: '' - help: 'password for virtual power host_user ' - comment: 'Help string has changed' - - - name: baremetal.use_unsafe_iscsi - type: boolean - default: false - help: 'Do not set this out of dev/test environments. If a node does not have a fixed PXE IP address, volumes are exported with globally opened ACL ' - comment: 'Help string has changed' - - - name: baremetal.iscsi_iqn_prefix - type: string - default: 'iqn.2010-10.org.openstack.baremetal' - help: 'iSCSI IQN prefix used in baremetal volume connections. ' - comment: 'Help string has changed' - - - name: rpc_notifier2.topics - type: string_list - default: ['notifications'] - help: 'AMQP topic(s) used for OpenStack notifications ' - comment: 'Type has changed' - - - name: trusted_computing.attestation_server - type: string - default: ~ - help: 'attestation server http ' - comment: 'Help string has changed' - - - name: trusted_computing.attestation_server_ca_file - type: string - default: ~ - help: 'attestation server Cert file for Identity verification ' - comment: 'Help string has changed' - - - name: trusted_computing.attestation_port - type: string - default: '8443' - help: 'attestation server port ' - comment: 'Type has changed' - - - name: trusted_computing.attestation_api_url - type: string - default: '/OpenAttestationWebServices/V1.0' - help: 'attestation web API URL ' - comment: 'Help string has changed' - - - name: trusted_computing.attestation_auth_blob - type: string - default: ~ - help: 'attestation authorization blob - must change ' - comment: 'Help string has changed' - - - name: trusted_computing.attestation_auth_timeout - type: integer - default: 60 - help: 'Attestation status cache valid period length ' - comment: 'Help string has changed' - - - name: vmware.integration_bridge - type: string - default: 'br-int' - help: 'Name of Integration Bridge ' - comment: 'Help string has changed' - - - name: spice.html5proxy_base_url - type: string - default: 'http://127.0.0.1:6082/spice_auto.html' - help: "location of spice html5 console proxy, in the form 'http://127.0.0.1:6082/spice_auto.html' " - comment: 'Help string has changed' - - - name: spice.server_listen - type: host - default: '127.0.0.1' - help: 'IP address on which instance spice server should listen ' - comment: 'Type has changed' - - - name: spice.server_proxyclient_address - type: string - default: '127.0.0.1' - help: 'the address to which proxy clients (like nova- spicehtml5proxy) should connect ' - comment: 'Help string has changed' - - - name: spice.agent_enabled - type: boolean - default: true - help: 'enable spice guest agent support ' - comment: 'Help string has changed' - - - name: spice.keymap - type: string - default: 'en-us' - help: 'keymap for spice ' - comment: 'Help string has changed' - - - name: ssl.ca_file - type: string - default: ~ - help: 'CA certificate file to use to verify connecting clients ' - comment: 'New param' - - - name: ssl.key_file - type: string - default: ~ - help: 'Private key file to use when starting the server securely ' - comment: 'New param' - - - name: matchmaker_redis.host - type: string - default: '127.0.0.1' - help: 'Host to locate redis ' - comment: 'New param' - - - name: quota_fixed_ips - type: integer - default: -1 - help: 'number of fixed ips allowed per project (this should be at least the number of instances allowed) ' - comment: 'New param' - - - name: vendordata_driver - type: string - default: 'nova.api.metadata.vendordata_json.JsonFileVendorData' - help: 'Driver to use for vendor data ' - comment: 'New param' - - - name: service_neutron_metadata_proxy - type: boolean - default: false - help: 'Set flag to indicate Neutron will proxy metadata requests and resolve instance ids. ' - comment: 'New param' - - - name: neutron_metadata_proxy_shared_secret - type: string - default: '' - help: 'Shared secret to validate proxies Neutron metadata requests ' - comment: 'New param' - - - name: vendordata_jsonfile_path - type: string - default: ~ - help: 'File to load json formated vendor data from ' - comment: 'New param' - - - name: use_neutron_default_nets - type: string - default: 'False' - help: 'Control for checking for default networks ' - comment: 'New param' - - - name: neutron_default_tenant_id - type: string - default: 'default' - help: 'Default tenant id when creating neutron networks ' - comment: 'New param' - - - name: vpn_flavor - type: string - default: 'm1.tiny' - help: 'Flavor for vpn instances ' - comment: 'New param' - - - name: upgrade_levels.cert - type: string - default: ~ - help: 'Set a version cap for messages sent to cert services ' - comment: 'New param' - - - name: spicehtml5proxy_host - type: host - default: '0.0.0.0' - help: 'Host on which to listen for incoming requests ' - comment: 'New param' - - - name: spicehtml5proxy_port - type: port - default: 6082 - help: 'Port on which to listen for incoming requests ' - comment: 'New param' - - - name: allow_migrate_to_same_host - type: boolean - default: false - help: 'Allow migrate machine to the same host. Useful when testing in single-host environments. ' - comment: 'New param' - - - name: max_local_block_devices - type: integer - default: 3 - help: 'Maximum number of devices that will result in a local image being created on the hypervisor node. Setting this to 0 means nova will allow only boot from volume. A negative number means unlimited. ' - comment: 'New param' - - - name: default_flavor - type: string - default: 'm1.small' - help: 'default flavor to use for the EC2 API only. The Nova API does not support a default flavor. ' - comment: 'New param' - - - name: network_allocate_retries - type: integer - default: false - help: 'Number of times to retry network allocation on failures ' - comment: 'New param' - - - name: maximum_instance_delete_attempts - type: integer - default: 5 - help: "The number of times to attempt to reap an instance's files. " - comment: 'New param' - - - name: sync_power_state_interval - type: integer - default: 600 - help: 'interval to sync power states between the database and the hypervisor ' - comment: 'New param' - - - name: shelved_poll_interval - type: integer - default: 3600 - help: 'Interval in seconds for polling shelved instances to offload ' - comment: 'New param' - - - name: shelved_offload_time - type: integer - default: false - help: 'Time in seconds before a shelved instance is eligible for removing from a host. -1 never offload, 0 offload when shelved ' - comment: 'New param' - - - name: instance_delete_interval - type: integer - default: 300 - help: 'Interval in seconds for retrying failed instance file deletes ' - comment: 'New param' - - - name: migrate_max_retries - type: integer - default: -1 - help: 'Number of times to retry live-migration before failing. If == -1, try until out of hosts. If == 0, only try once, no retries. ' - comment: 'New param' - - - name: iptables_drop_action - type: string - default: 'DROP' - help: 'The table that iptables to jump to when a packet is to be dropped. ' - comment: 'New param' - - - name: vmware.vlan_interface - type: string - default: 'vmnic0' - help: 'Physical ethernet adapter name for vlan networking ' - comment: 'New param' - - - name: neutron_url - type: string - default: 'http://127.0.0.1:9696' - help: 'URL for connecting to neutron ' - comment: 'New param' - - - name: neutron_url_timeout - type: integer - default: 30 - help: 'timeout value for connecting to neutron in seconds ' - comment: 'New param' - - - name: neutron_admin_username - type: string - default: ~ - help: 'username for connecting to neutron in admin context ' - comment: 'New param' - - - name: neutron_admin_password - type: string - default: ~ - help: 'password for connecting to neutron in admin context ' - comment: 'New param' - - - name: neutron_admin_tenant_name - type: string - default: ~ - help: 'tenant name for connecting to neutron in admin context ' - comment: 'New param' - - - name: neutron_region_name - type: string - default: ~ - help: 'region name for connecting to neutron in admin context ' - comment: 'New param' - - - name: neutron_admin_auth_url - type: string - default: 'http://localhost:5000/v2.0' - help: 'auth url for connecting to neutron in admin context ' - comment: 'New param' - - - name: neutron_api_insecure - type: boolean - default: false - help: 'if set, ignore any SSL validation issues ' - comment: 'New param' - - - name: neutron_auth_strategy - type: string - default: 'keystone' - help: 'auth strategy for connecting to neutron in admin context ' - comment: 'New param' - - - name: neutron_ovs_bridge - type: string - default: 'br-int' - help: 'Name of Integration Bridge used by Open vSwitch ' - comment: 'New param' - - - name: neutron_extension_sync_interval - type: integer - default: 600 - help: 'Number of seconds before querying neutron for extensions ' - comment: 'New param' - - - name: neutron_ca_certificates_file - type: string - default: ~ - help: 'Location of ca certificates file to use for neutron client requests. ' - comment: 'New param' - - - name: dhcp_options_enabled - type: boolean - default: false - help: 'Use per-port DHCP options with Neutron ' - comment: 'New param' - - - name: amqp_durable_queues - type: boolean - default: false - help: 'Use durable queues in amqp. ' - comment: 'New param' - - - name: amqp_auto_delete - type: boolean - default: false - help: 'Auto-delete queues in amqp. ' - comment: 'New param' - - - name: qpid_topology_version - type: integer - default: true - help: 'The qpid topology version to use. Version 1 is what was originally used by impl_qpid. Version 2 includes some backwards-incompatible changes that allow broker federation to work. Users should update to version 2 when they are able to take everything down, as it requires a clean break. ' - comment: 'New param' - - - name: matchmaker_heartbeat_freq - type: integer - default: 300 - help: 'Heartbeat frequency ' - comment: 'New param' - - - name: matchmaker_heartbeat_ttl - type: integer - default: 600 - help: 'Heartbeat time-to-live. ' - comment: 'New param' - - - name: pci_alias - type: string - default: '' - help: "An alias for a PCI passthrough device requirement. This allows users to specify the alias in the extra_spec for a flavor, without needing to repeat all the PCI property requirements. For example: pci_alias = { 'name': 'QuicAssist', 'product_id': '0443', 'vendor_id': '8086', 'device_type': 'ACCEL' } defines an alias for the Intel QuickAssist card. (multi valued) (multi valued)" - comment: 'New param' - - - name: pci_passthrough_whitelist - type: string - default: '' - help: "White list of PCI devices available to VMs. For example: pci_passthrough_whitelist = [{'vendor_id': '8086', 'product_id': '0443'}] (multi valued)" - comment: 'New param' - - - name: restrict_isolated_hosts_to_isolated_images - type: boolean - default: true - help: 'Whether to force isolated hosts to run only isolated images ' - comment: 'New param' - - - name: cells.scheduler_weight_classes - type: string_list - default: ['nova.cells.weights.all_weighers'] - help: "Weigher classes the cells scheduler should use. An entry of 'nova.cells.weights.all_weighers'maps to all cell weighers included with nova. " - comment: 'New param' - - - name: cells.ram_weight_multiplier - type: float - default: 10.0 - help: 'Multiplier used for weighing ram. Negative numbers mean to stack vs spread. ' - comment: 'New param' - - - name: injected_network_template - type: string - default: '$pybasedir/nova/virt/interfaces.template' - help: 'Template file for injected network ' - comment: 'New param' - - - name: resize_fs_using_block_device - type: boolean - default: false - help: 'Attempt to resize the filesystem by accessing the image over a block device. This is done by the host and may not be necessary if the image contains a recent version of cloud- init. Possible mechanisms require the nbd driver (for qcow and raw), or loop (for raw). ' - comment: 'New param' - - - name: docker_registry_default_port - type: port - default: 5042 - help: 'Default TCP port to find the docker-registry container ' - comment: 'New param' - - - name: vcpu_pin_set - type: string - default: ~ - help: "Which pcpus can be used by vcpus of instance e.g: '4-12,^8,15' " - comment: 'New param' - - - name: libvirt_images_rbd_pool - type: string - default: 'rbd' - help: 'the RADOS pool in which rbd volumes are stored ' - comment: 'New param' - - - name: libvirt_images_rbd_ceph_conf - type: string - default: '' - help: 'path to the ceph configuration file to use ' - comment: 'New param' - - - name: num_iser_scan_tries - type: integer - default: 3 - help: 'number of times to rescan iSER target to find volume ' - comment: 'New param' - - - name: libvirt_iser_use_multipath - type: boolean - default: false - help: 'use multipath connection of the iSER volume ' - comment: 'New param' - - - name: qemu_allowed_storage_drivers - type: string_list - default: [] - help: 'Protocols listed here will be accessed directly from QEMU. Currently supported protocols: [gluster] ' - comment: 'New param' - - - name: xenapi_use_agent_default - type: boolean - default: false - help: "Determines if the xenapi agent should be used when the image used does not contain a hint to declare if the agent is present or not. The hint is a glance property 'xenapi_use_agent' that has the value 'true' or 'false'. Note that waiting for the agent when it is not present will significantly increase server boot times. " - comment: 'New param' - - - name: xenapi_image_compression_level - type: integer - default: ~ - help: 'Compression level for images, e.g., 9 for gzip -9. Range is 1-9, 9 being most compressed but most CPU intensive on dom0. ' - comment: 'New param' - - - name: xenapi_ipxe_network_name - type: string - default: ~ - help: 'Name of network to use for booting iPXE ISOs ' - comment: 'New param' - - - name: xenapi_ipxe_boot_menu_url - type: string - default: ~ - help: 'URL to the iPXE boot menu ' - comment: 'New param' - - - name: xenapi_ipxe_mkisofs_cmd - type: string - default: 'mkisofs' - help: 'Name and optionally path of the tool used for ISO image creation ' - comment: 'New param' - - - name: cinder_ca_certificates_file - type: string - default: ~ - help: 'Location of ca certificates file to use for cinder client requests. ' - comment: 'New param' - - - name: hyperv.instances_path_share - type: string - default: '' - help: "The name of a Windows share name mapped to the 'instances_path' dir and used by the resize feature to copy files to the target host. If left blank, an administrative share will be used, looking for the same 'instances_path' used locally " - comment: 'New param' - - - name: hyperv.force_hyperv_utils_v1 - type: boolean - default: false - help: 'Force V1 WMI utility classes ' - comment: 'New param' - - - name: hyperv.force_volumeutils_v1 - type: boolean - default: false - help: 'Force V1 volume utility class ' - comment: 'New param' - - - name: hyperv.vswitch_name - type: string - default: ~ - help: 'External virtual switch Name, if not provided, the first external virtual switch is used ' - comment: 'New param' - - - name: hyperv.limit_cpu_features - type: boolean - default: false - help: 'Required for live migration among hosts with different CPU features ' - comment: 'New param' - - - name: hyperv.config_drive_inject_password - type: boolean - default: false - help: 'Sets the admin password in the config drive image ' - comment: 'New param' - - - name: hyperv.qemu_img_cmd - type: string - default: 'qemu-img.exe' - help: 'qemu-img is used to convert between different image types ' - comment: 'New param' - - - name: hyperv.config_drive_cdrom - type: boolean - default: false - help: 'Attaches the Config Drive image as a cdrom drive instead of a disk drive ' - comment: 'New param' - - - name: hyperv.enable_instance_metrics_collection - type: boolean - default: false - help: "Enables metrics collections for an instance by using Hyper-V's metric APIs. Collected data can by retrieved by other apps and services, e.g.: Ceilometer. Requires Hyper-V / Windows Server 2012 and above " - comment: 'New param' - - - name: hyperv.dynamic_memory_ratio - type: float - default: true - help: 'Enables dynamic memory allocation (ballooning) when set to a value greater than 1. The value expresses the ratio between the total RAM assigned to an instance and its startup RAM amount. For example a ratio of 2.0 for an instance with 1024MB of RAM implies 512MB of RAM allocated at startup ' - comment: 'New param' - - - name: hyperv.volume_attach_retry_count - type: integer - default: 10 - help: 'The number of times to retry to attach a volume ' - comment: 'New param' - - - name: hyperv.volume_attach_retry_interval - type: integer - default: 5 - help: 'Interval between volume attachment attempts, in seconds ' - comment: 'New param' - - - name: osapi_v3.extensions_blacklist - type: string_list - default: [] - help: 'A list of v3 API extensions to never load. Specify the extension aliases here. ' - comment: 'New param' - - - name: osapi_v3.extensions_whitelist - type: string_list - default: [] - help: 'If the list is not empty then a v3 API extension will only be loaded if it exists in this list. Specify the extension aliases here. ' - comment: 'New param' - - - name: conductor.workers - type: integer - default: ~ - help: 'Number of workers for OpenStack Conductor service ' - comment: 'New param' - - - name: keymgr.api_class - type: string - default: 'nova.keymgr.conf_key_mgr.ConfKeyManager' - help: 'The full class name of the key manager API class ' - comment: 'New param' - - - name: keymgr.fixed_key - type: string - default: ~ - help: 'Fixed key returned by key manager, specified in hex ' - comment: 'New param' - - - name: upgrade_levels.scheduler - type: string - default: ~ - help: 'Set a version cap for messages sent to scheduler services ' - comment: 'New param' - - - name: cells.reserve_percent - type: float - default: 10.0 - help: 'Percentage of cell capacity to hold in reserve. Affects both memory and disk utilization ' - comment: 'New param' - - - name: cells.cell_type - type: string - default: ~ - help: 'Type of cell: api or compute ' - comment: 'New param' - - - name: cells.mute_child_interval - type: integer - default: 300 - help: 'Number of seconds after which a lack of capability and capacity updates signals the child cell is to be treated as a mute. ' - comment: 'New param' - - - name: cells.bandwidth_update_interval - type: integer - default: 600 - help: 'Seconds between bandwidth updates for cells. ' - comment: 'New param' - - - name: cells.scheduler_filter_classes - type: string_list - default: ['nova.cells.filters.all_filters'] - help: "Filter classes the cells scheduler should use. An entry of 'nova.cells.filters.all_filters'maps to all cells filters included with nova. " - comment: 'New param' - - - name: cells.cells_config - type: string - default: ~ - help: 'Configuration file from which to read cells configuration. If given, overrides reading cells from the database. ' - comment: 'New param' - - - name: cells.mute_weight_multiplier - type: float - default: -10.0 - help: 'Multiplier used to weigh mute children. (The value should be negative.) ' - comment: 'New param' - - - name: cells.mute_weight_value - type: float - default: 1000.0 - help: 'Weight value assigned to mute children. (The value should be positive.) ' - comment: 'New param' - - - name: database.backend - type: string - default: 'sqlalchemy' - help: 'The backend to use for db ' - comment: 'New param' - - - name: database.use_tpool - type: boolean - default: false - help: 'Enable the experimental use of thread pooling for all DB API calls ' - comment: 'New param' - - - name: database.connection - type: string - default: 'sqlite:////nova/openstack/common/db/$sqlite_db' - help: 'The SQLAlchemy connection string used to connect to the database ' - comment: 'New param' - - - name: database.slave_connection - type: string - default: '' - help: 'The SQLAlchemy connection string used to connect to the slave database ' - comment: 'New param' - - - name: database.idle_timeout - type: integer - default: 3600 - help: 'timeout before idle sql connections are reaped ' - comment: 'New param' - - - name: database.min_pool_size - type: integer - default: true - help: 'Minimum number of SQL connections to keep open in a pool ' - comment: 'New param' - - - name: database.max_pool_size - type: integer - default: ~ - help: 'Maximum number of SQL connections to keep open in a pool ' - comment: 'New param' - - - name: database.max_retries - type: integer - default: 10 - help: 'maximum db connection retries during startup. (setting -1 implies an infinite retry count) ' - comment: 'New param' - - - name: database.retry_interval - type: integer - default: 10 - help: 'interval between retries of opening a sql connection ' - comment: 'New param' - - - name: database.max_overflow - type: integer - default: ~ - help: 'If set, use this value for max_overflow with sqlalchemy ' - comment: 'New param' - - - name: database.connection_debug - type: integer - default: false - help: 'Verbosity of SQL debugging information. 0=None, 100=Everything ' - comment: 'New param' - - - name: database.connection_trace - type: boolean - default: false - help: 'Add python stack traces to SQL as comment strings ' - comment: 'New param' - - - name: database.pool_timeout - type: integer - default: ~ - help: 'If set, use this value for pool_timeout with sqlalchemy ' - comment: 'New param' - - - name: image_file_url.filesystems - type: string_list - default: [] - help: 'A list of filesystems that will be configured in this file under the sections image_file_url: ' - comment: 'New param' - - - name: baremetal.pxe_network_config - type: boolean - default: false - help: 'If set, pass the network configuration details to the initramfs via cmdline. ' - comment: 'New param' - - - name: baremetal.pxe_bootfile_name - type: string - default: 'pxelinux.0' - help: 'This gets passed to Neutron as the bootfile dhcp parameter when the dhcp_options_enabled is set. ' - comment: 'New param' - - - name: baremetal.tile_pdu_ip - type: string - default: '10.0.100.1' - help: 'ip address of tilera pdu ' - comment: 'New param' - - - name: baremetal.tile_pdu_mgr - type: string - default: '/tftpboot/pdu_mgr' - help: 'management script for tilera pdu ' - comment: 'New param' - - - name: baremetal.tile_pdu_off - type: integer - default: 2 - help: 'power status of tilera PDU is OFF ' - comment: 'New param' - - - name: baremetal.tile_pdu_on - type: integer - default: true - help: 'power status of tilera PDU is ON ' - comment: 'New param' - - - name: baremetal.tile_pdu_status - type: integer - default: 9 - help: 'power status of tilera PDU ' - comment: 'New param' - - - name: baremetal.tile_power_wait - type: integer - default: 9 - help: 'wait time in seconds until check the result after tilera power operations ' - comment: 'New param' - - - name: baremetal.virtual_power_ssh_port - type: port - default: 22 - help: 'Port to use for ssh to virtual power host ' - comment: 'New param' - - - name: baremetal.virtual_power_host_key - type: string - default: ~ - help: 'ssh key for virtual power host_user ' - comment: 'New param' - - - name: matchmaker_redis.port - type: integer - default: 6379 - help: 'Use this port to connect to redis host. ' - comment: 'New param' - - - name: matchmaker_redis.password - type: string - default: ~ - help: 'Password for Redis server. (optional) ' - comment: 'New param' - - - name: ssl.cert_file - type: string - default: ~ - help: 'Certificate file to use when starting the server securely ' - comment: 'New param' - - - name: upgrade_levels.baseapi - type: string - default: ~ - help: 'Set a version cap for messages sent to the base api in any service ' - comment: 'New param' - - - name: upgrade_levels.intercell - type: string - default: ~ - help: 'Set a version cap for messages sent between cells services ' - comment: 'New param' - - - name: upgrade_levels.cells - type: string - default: ~ - help: 'Set a version cap for messages sent to local cells services ' - comment: 'New param' - - - name: upgrade_levels.compute - type: string - default: ~ - help: 'Set a version cap for messages sent to compute services ' - comment: 'New param' - - - name: upgrade_levels.conductor - type: string - default: ~ - help: 'Set a version cap for messages sent to conductor services ' - comment: 'New param' - - - name: upgrade_levels.console - type: string - default: ~ - help: 'Set a version cap for messages sent to console services ' - comment: 'New param' - - - name: upgrade_levels.consoleauth - type: string - default: ~ - help: 'Set a version cap for messages sent to consoleauth services ' - comment: 'New param' - - - name: upgrade_levels.network - type: string - default: ~ - help: 'Set a version cap for messages sent to network services ' - comment: 'New param' - - - name: matchmaker_ring.ringfile - type: string - default: '/etc/oslo/matchmaker_ring.json' - help: 'Matchmaker ring file (JSON) ' - comment: 'New param' - - - name: vmware.host_ip - type: string - default: ~ - help: 'URL for connection to VMware ESX/VC host. Required if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver. ' - comment: 'New param' - - - name: vmware.host_username - type: string - default: ~ - help: 'Username for connection to VMware ESX/VC host. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver. ' - comment: 'New param' - - - name: vmware.host_password - type: string - default: ~ - help: 'Password for connection to VMware ESX/VC host. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver. ' - comment: 'New param' - - - name: vmware.cluster_name - type: string - default: ~ - help: 'Name of a VMware Cluster ComputeResource. Used only if compute_driver is vmwareapi.VMwareVCDriver. (multi valued)' - comment: 'New param' - - - name: vmware.datastore_regex - type: string - default: ~ - help: 'Regex to match the name of a datastore. Used only if compute_driver is vmwareapi.VMwareVCDriver. ' - comment: 'New param' - - - name: vmware.task_poll_interval - type: float - default: 5.0 - help: 'The interval used for polling of remote tasks. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver. ' - comment: 'New param' - - - name: vmware.api_retry_count - type: integer - default: 10 - help: 'The number of times we retry on failures, e.g., socket error, etc. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver. ' - comment: 'New param' - - - name: vmware.vnc_port - type: port - default: 5900 - help: 'VNC starting port ' - comment: 'New param' - - - name: vmware.vnc_port_total - type: integer - default: 10000 - help: 'Total number of VNC ports ' - comment: 'New param' - - - name: vmware.vnc_password - type: string - default: ~ - help: 'DEPRECATED. VNC password. The password-based access to VNC consoles will be removed in the next release. The default value will disable password protection on the VNC console. ' - comment: 'New param' - - - name: vmware.use_linked_clone - type: boolean - default: true - help: 'Whether to use linked clone ' - comment: 'New param' - - - name: vmware.wsdl_location - type: string - default: ~ - help: 'Optional VIM Service WSDL Location e.g http:///vimService.wsdl. Optional over-ride to default location for bug work-arounds ' - comment: 'New param' - - - name: vmware.maximum_objects - type: integer - default: 100 - help: 'The maximum number of ObjectContent data objects that should be returned in a single result. A positive value will cause the operation to suspend the retrieval when the count of objects reaches the specified maximum. The server may still limit the count to something less than the configured value. Any remaining objects may be retrieved with additional requests. ' - comment: 'New param' - -# ==================================================== diff --git a/rubick/schemas/rabbitmq/3.0.0.yml b/rubick/schemas/rabbitmq/3.0.0.yml deleted file mode 100644 index 5435642..0000000 --- a/rubick/schemas/rabbitmq/3.0.0.yml +++ /dev/null @@ -1,54 +0,0 @@ -project: rabbitmq -version: '3.0.0' -parameters: - - - name: tcp_listeners - type: rabbitmq_bind_list - default: [5672] - help: 'List of ports on which to listen for AMQP connections (without SSL)' - - - name: ssl_listeners - type: rabbitmq_bind_list - default: [] - help: 'List of ports on which to listen for AMQP connections (SSL)' - - - name: ssl_options - type: string_list - default: [] - - - name: vm_memory_high_watermark - type: float - default: 0.4 - - - name: vm_memory_high_watermark_paging_ratio - type: float - default: 0.5 - - - name: disk_free_limit - type: integer - default: '50000000' - - - name: log_levels - type: string_list - default: ['{connection, info}'] - - - name: frame_max - type: integer - default: 131072 - - - name: heartbeat - type: integer - default: 600 - - - name: default_vhost - type: string - default: '/' - - - name: default_user - type: string - default: 'guest' - - - name: default_pass - type: string - default: 'guest' - diff --git a/rubick/schemas/rabbitmq/rabbitmq.conf.yml b/rubick/schemas/rabbitmq/rabbitmq.conf.yml deleted file mode 100644 index f8ddf8c..0000000 --- a/rubick/schemas/rabbitmq/rabbitmq.conf.yml +++ /dev/null @@ -1,67 +0,0 @@ -- version: '3.0.0' - checkpoint: true - added: - - - name: tcp_listeners - type: rabbitmq_bind_list - default: [5672] - help: 'List of ports on which to listen for AMQP connections (without SSL)' - comment: 'New param' - - - name: ssl_listeners - type: rabbitmq_bind_list - default: [] - help: 'List of ports on which to listen for AMQP connections (SSL)' - comment: 'New param' - - - name: ssl_options - type: string_list - default: [] - comment: 'New param' - - - name: vm_memory_high_watermark - type: float - default: 0.4 - comment: 'New param' - - - name: vm_memory_high_watermark_paging_ratio - type: float - default: 0.5 - comment: 'New param' - - - name: disk_free_limit - type: integer - default: '50000000' - comment: 'New param' - - - name: log_levels - type: string_list - default: ['{connection, info}'] - comment: 'New param' - - - name: frame_max - type: integer - default: 131072 - comment: 'New param' - - - name: heartbeat - type: integer - default: 600 - comment: 'New param' - - - name: default_vhost - type: string - default: '/' - comment: 'New param' - - - name: default_user - type: string - default: 'guest' - comment: 'New param' - - - name: default_pass - type: string - default: 'guest' - comment: 'New param' - -# ==================================================== diff --git a/rubick/schemas/readme b/rubick/schemas/readme deleted file mode 100644 index 52aad6b..0000000 --- a/rubick/schemas/readme +++ /dev/null @@ -1,3 +0,0 @@ -Examples for schema generator execution: -python rubick/schemas/collector.py cinder 2013.1.3 /usr/lib/python/dist-packages/cinder -python rubick/schemas/collector.py nova 2013.1.3 /usr/lib/python/dist-packages/nova diff --git a/rubick/schemas/swift_account_server/2013.2.1.yml b/rubick/schemas/swift_account_server/2013.2.1.yml deleted file mode 100644 index 9ad2ce8..0000000 --- a/rubick/schemas/swift_account_server/2013.2.1.yml +++ /dev/null @@ -1,237 +0,0 @@ -project: swift_account_server -version: '2013.2.1' -parameters: - - - name: bind_ip - type: string - default: '0.0.0.0' - - - name: bind_port - type: string - default: '6002' - - - name: bind_timeout - type: string - default: '30' - - - name: backlog - type: string - default: '4096' - - - name: user - type: string - default: 'swift' - - - name: swift_dir - type: string - default: '/etc/swift' - - - name: devices - type: string - default: '/srv/node' - - - name: mount_check - type: string - default: 'true' - - - name: disable_fallocate - type: string - default: 'false' - - - name: workers - type: string - default: 'auto' - help: 'Use an integer to override the number of pre-forked processes that will accept connections.' - - - name: max_clients - type: string - default: '1024' - help: 'Maximum concurrent requests per worker' - - - name: account-reaper.log_name - type: string - default: 'account-reaper' - help: "You can override the default log routing for this app here (don't use set!):" - - - name: account-reaper.log_facility - type: string - default: 'LOG_LOCAL0' - help: "You can override the default log routing for this app here (don't use set!):" - - - name: account-reaper.log_level - type: string - default: 'INFO' - help: "You can override the default log routing for this app here (don't use set!):" - - - name: account-reaper.log_address - type: string - default: '/dev/log' - help: "You can override the default log routing for this app here (don't use set!):" - - - name: log_custom_handlers - type: string - default: '' - help: 'comma separated list of functions to call to setup custom log handlers. functions get passed: conf, name, log_to_console, log_route, fmt, logger, adapted_logger' - - - name: log_udp_host - type: string - default: '' - help: 'If set, log_udp_host will override log_address' - - - name: log_udp_port - type: string - default: '514' - help: 'If set, log_udp_host will override log_address' - - - name: log_statsd_host - type: host - default: 'localhost' - help: 'You can enable StatsD logging here:' - - - name: log_statsd_port - type: string - default: '8125' - help: 'You can enable StatsD logging here:' - - - name: log_statsd_default_sample_rate - type: string - default: '1.0' - help: 'You can enable StatsD logging here:' - - - name: log_statsd_sample_rate_factor - type: string - default: '1.0' - help: 'You can enable StatsD logging here:' - - - name: log_statsd_metric_prefix - type: string - default: '' - help: 'You can enable StatsD logging here:' - - - name: db_preallocation - type: string - default: 'off' - help: "If you don't mind the extra disk space usage in overhead, you can turn this on to preallocate disk space with SQLite databases to decrease fragmentation." - - - name: eventlet_debug - type: string - default: 'false' - - - name: fallocate_reserve - type: string - default: '0' - help: "You can set fallocate_reserve to the number of bytes you'd like fallocate to reserve, whether there is space for the given file size or not." - - - name: pipeline:main.pipeline - type: string - default: 'healthcheck recon account-server' - - - name: filter:recon.use - type: string - default: 'egg:swift#recon' - - - name: app:account-server.set log_name - type: string - default: 'account-server' - help: 'You can override the default log routing for this app here:' - - - name: app:account-server.set log_facility - type: string - default: 'LOG_LOCAL0' - help: 'You can override the default log routing for this app here:' - - - name: app:account-server.set log_level - type: string - default: 'INFO' - help: 'You can override the default log routing for this app here:' - - - name: app:account-server.set log_requests - type: string - default: 'true' - help: 'You can override the default log routing for this app here:' - - - name: app:account-server.set log_address - type: string - default: '/dev/log' - help: 'You can override the default log routing for this app here:' - - - name: app:account-server.auto_create_account_prefix - type: string - default: '.' - - - name: app:account-server.replication_server - type: string - default: 'false' - help: "Configure parameter for creating specific server To handle all verbs, including replication verbs, do not specify 'replication_server' (this is the default). To only handle replication, set to a True value (e.g. 'True' or '1'). To handle only non-replication verbs, set to 'False'. Unless you have a separate replication network, you should not specify any value for 'replication_server'." - - - name: filter:healthcheck.disable_path - type: string - default: '' - help: "An optional filesystem path, which if present, will cause the healthcheck URL to return '503 Service Unavailable' with a body of 'DISABLED BY FILE'" - - - name: account-auditor.recon_cache_path - type: string - default: '/var/cache/swift' - - - name: account-replicator.vm_test_mode - type: string - default: 'no' - - - name: account-replicator.per_diff - type: string - default: '1000' - - - name: account-replicator.max_diffs - type: string - default: '100' - - - name: account-reaper.concurrency - type: string - default: '25' - - - name: account-reaper.interval - type: string - default: '3600' - - - name: account-replicator.error_suppression_interval - type: string - default: '60' - help: "How long without an error before a node's error count is reset. This will also be how long before a node is reenabled after suppression is triggered." - - - name: account-replicator.error_suppression_limit - type: string - default: '10' - help: 'How many errors can accumulate before a node is temporarily ignored.' - - - name: account-reaper.node_timeout - type: string - default: '10' - - - name: account-reaper.conn_timeout - type: string - default: '0.5' - - - name: account-replicator.reclaim_age - type: string - default: '604800' - help: 'The replicator also performs reclamation' - - - name: account-replicator.run_pause - type: string - default: '30' - help: 'Time in seconds to wait between replication passes' - - - name: account-auditor.accounts_per_second - type: string - default: '200' - - - name: account-reaper.delay_reaping - type: string - default: '0' - help: 'Normally, the reaper begins deleting account information for deleted accounts immediately; you can set this to delay its work however. The value is in seconds; 2592000 = 30 days for example.' - - - name: account-reaper.reap_warn_after - type: string - default: '2592000' - help: 'If the account fails to be be reaped due to a persistent error, the account reaper will log a message such as: Account has not been reaped since You can search logs for this message if space is not being reclaimed after you delete account(s). Default is 2592000 seconds (30 days). This is in addition to any time requested by delay_reaping.' - diff --git a/rubick/schemas/swift_account_server/swift_account_server.conf.yml b/rubick/schemas/swift_account_server/swift_account_server.conf.yml deleted file mode 100644 index 656f3cf..0000000 --- a/rubick/schemas/swift_account_server/swift_account_server.conf.yml +++ /dev/null @@ -1,289 +0,0 @@ -- version: '2013.2.1' - checkpoint: true - added: - - - name: bind_ip - type: string - default: '0.0.0.0' - comment: 'New param' - - - name: bind_port - type: string - default: '6002' - comment: 'New param' - - - name: bind_timeout - type: string - default: '30' - comment: 'New param' - - - name: backlog - type: string - default: '4096' - comment: 'New param' - - - name: user - type: string - default: 'swift' - comment: 'New param' - - - name: swift_dir - type: string - default: '/etc/swift' - comment: 'New param' - - - name: devices - type: string - default: '/srv/node' - comment: 'New param' - - - name: mount_check - type: string - default: 'true' - comment: 'New param' - - - name: disable_fallocate - type: string - default: 'false' - comment: 'New param' - - - name: workers - type: string - default: 'auto' - help: 'Use an integer to override the number of pre-forked processes that will accept connections.' - comment: 'New param' - - - name: max_clients - type: string - default: '1024' - help: 'Maximum concurrent requests per worker' - comment: 'New param' - - - name: account-reaper.log_name - type: string - default: 'account-reaper' - help: "You can override the default log routing for this app here (don't use set!):" - comment: 'New param' - - - name: account-reaper.log_facility - type: string - default: 'LOG_LOCAL0' - help: "You can override the default log routing for this app here (don't use set!):" - comment: 'New param' - - - name: account-reaper.log_level - type: string - default: 'INFO' - help: "You can override the default log routing for this app here (don't use set!):" - comment: 'New param' - - - name: account-reaper.log_address - type: string - default: '/dev/log' - help: "You can override the default log routing for this app here (don't use set!):" - comment: 'New param' - - - name: log_custom_handlers - type: string - default: '' - help: 'comma separated list of functions to call to setup custom log handlers. functions get passed: conf, name, log_to_console, log_route, fmt, logger, adapted_logger' - comment: 'New param' - - - name: log_udp_host - type: string - default: '' - help: 'If set, log_udp_host will override log_address' - comment: 'New param' - - - name: log_udp_port - type: string - default: '514' - help: 'If set, log_udp_host will override log_address' - comment: 'New param' - - - name: log_statsd_host - type: host - default: 'localhost' - help: 'You can enable StatsD logging here:' - comment: 'New param' - - - name: log_statsd_port - type: string - default: '8125' - help: 'You can enable StatsD logging here:' - comment: 'New param' - - - name: log_statsd_default_sample_rate - type: string - default: '1.0' - help: 'You can enable StatsD logging here:' - comment: 'New param' - - - name: log_statsd_sample_rate_factor - type: string - default: '1.0' - help: 'You can enable StatsD logging here:' - comment: 'New param' - - - name: log_statsd_metric_prefix - type: string - default: '' - help: 'You can enable StatsD logging here:' - comment: 'New param' - - - name: db_preallocation - type: string - default: 'off' - help: "If you don't mind the extra disk space usage in overhead, you can turn this on to preallocate disk space with SQLite databases to decrease fragmentation." - comment: 'New param' - - - name: eventlet_debug - type: string - default: 'false' - comment: 'New param' - - - name: fallocate_reserve - type: string - default: '0' - help: "You can set fallocate_reserve to the number of bytes you'd like fallocate to reserve, whether there is space for the given file size or not." - comment: 'New param' - - - name: 'pipeline:main.pipeline' - type: string - default: 'healthcheck recon account-server' - comment: 'New param' - - - name: 'filter:recon.use' - type: string - default: 'egg:swift#recon' - comment: 'New param' - - - name: 'app:account-server.set log_name' - type: string - default: 'account-server' - help: 'You can override the default log routing for this app here:' - comment: 'New param' - - - name: 'app:account-server.set log_facility' - type: string - default: 'LOG_LOCAL0' - help: 'You can override the default log routing for this app here:' - comment: 'New param' - - - name: 'app:account-server.set log_level' - type: string - default: 'INFO' - help: 'You can override the default log routing for this app here:' - comment: 'New param' - - - name: 'app:account-server.set log_requests' - type: string - default: 'true' - help: 'You can override the default log routing for this app here:' - comment: 'New param' - - - name: 'app:account-server.set log_address' - type: string - default: '/dev/log' - help: 'You can override the default log routing for this app here:' - comment: 'New param' - - - name: 'app:account-server.auto_create_account_prefix' - type: string - default: '.' - comment: 'New param' - - - name: 'app:account-server.replication_server' - type: string - default: 'false' - help: "Configure parameter for creating specific server To handle all verbs, including replication verbs, do not specify 'replication_server' (this is the default). To only handle replication, set to a True value (e.g. 'True' or '1'). To handle only non-replication verbs, set to 'False'. Unless you have a separate replication network, you should not specify any value for 'replication_server'." - comment: 'New param' - - - name: 'filter:healthcheck.disable_path' - type: string - default: '' - help: "An optional filesystem path, which if present, will cause the healthcheck URL to return '503 Service Unavailable' with a body of 'DISABLED BY FILE'" - comment: 'New param' - - - name: account-auditor.recon_cache_path - type: string - default: '/var/cache/swift' - comment: 'New param' - - - name: account-replicator.vm_test_mode - type: string - default: 'no' - comment: 'New param' - - - name: account-replicator.per_diff - type: string - default: '1000' - comment: 'New param' - - - name: account-replicator.max_diffs - type: string - default: '100' - comment: 'New param' - - - name: account-reaper.concurrency - type: string - default: '25' - comment: 'New param' - - - name: account-reaper.interval - type: string - default: '3600' - comment: 'New param' - - - name: account-replicator.error_suppression_interval - type: string - default: '60' - help: "How long without an error before a node's error count is reset. This will also be how long before a node is reenabled after suppression is triggered." - comment: 'New param' - - - name: account-replicator.error_suppression_limit - type: string - default: '10' - help: 'How many errors can accumulate before a node is temporarily ignored.' - comment: 'New param' - - - name: account-reaper.node_timeout - type: string - default: '10' - comment: 'New param' - - - name: account-reaper.conn_timeout - type: string - default: '0.5' - comment: 'New param' - - - name: account-replicator.reclaim_age - type: string - default: '604800' - help: 'The replicator also performs reclamation' - comment: 'New param' - - - name: account-replicator.run_pause - type: string - default: '30' - help: 'Time in seconds to wait between replication passes' - comment: 'New param' - - - name: account-auditor.accounts_per_second - type: string - default: '200' - comment: 'New param' - - - name: account-reaper.delay_reaping - type: string - default: '0' - help: 'Normally, the reaper begins deleting account information for deleted accounts immediately; you can set this to delay its work however. The value is in seconds; 2592000 = 30 days for example.' - comment: 'New param' - - - name: account-reaper.reap_warn_after - type: string - default: '2592000' - help: 'If the account fails to be be reaped due to a persistent error, the account reaper will log a message such as: Account has not been reaped since You can search logs for this message if space is not being reclaimed after you delete account(s). Default is 2592000 seconds (30 days). This is in addition to any time requested by delay_reaping.' - comment: 'New param' - -# ==================================================== diff --git a/rubick/schemas/swift_container_server/2013.2.1.yml b/rubick/schemas/swift_container_server/2013.2.1.yml deleted file mode 100644 index 1083697..0000000 --- a/rubick/schemas/swift_container_server/2013.2.1.yml +++ /dev/null @@ -1,244 +0,0 @@ -project: swift_container_server -version: '2013.2.1' -parameters: - - - name: bind_ip - type: string - default: '0.0.0.0' - - - name: bind_port - type: string - default: '6001' - - - name: bind_timeout - type: string - default: '30' - - - name: backlog - type: string - default: '4096' - - - name: user - type: string - default: 'swift' - - - name: swift_dir - type: string - default: '/etc/swift' - - - name: devices - type: string - default: '/srv/node' - - - name: mount_check - type: string - default: 'true' - - - name: disable_fallocate - type: string - default: 'false' - - - name: workers - type: string - default: 'auto' - help: 'Use an integer to override the number of pre-forked processes that will accept connections.' - - - name: max_clients - type: string - default: '1024' - help: 'Maximum concurrent requests per worker' - - - name: allowed_sync_hosts - type: string - default: '127.0.0.1' - help: 'This is a comma separated list of hosts allowed in the X-Container-Sync-To field for containers.' - - - name: container-sync.log_name - type: string - default: 'container-sync' - help: "You can override the default log routing for this app here (don't use set!):" - - - name: container-sync.log_facility - type: string - default: 'LOG_LOCAL0' - help: "You can override the default log routing for this app here (don't use set!):" - - - name: container-sync.log_level - type: string - default: 'INFO' - help: "You can override the default log routing for this app here (don't use set!):" - - - name: container-sync.log_address - type: string - default: '/dev/log' - help: "You can override the default log routing for this app here (don't use set!):" - - - name: log_custom_handlers - type: string - default: '' - help: 'comma separated list of functions to call to setup custom log handlers. functions get passed: conf, name, log_to_console, log_route, fmt, logger, adapted_logger' - - - name: log_udp_host - type: string - default: '' - help: 'If set, log_udp_host will override log_address' - - - name: log_udp_port - type: string - default: '514' - help: 'If set, log_udp_host will override log_address' - - - name: log_statsd_host - type: host - default: 'localhost' - help: 'You can enable StatsD logging here:' - - - name: log_statsd_port - type: string - default: '8125' - help: 'You can enable StatsD logging here:' - - - name: log_statsd_default_sample_rate - type: string - default: '1.0' - help: 'You can enable StatsD logging here:' - - - name: log_statsd_sample_rate_factor - type: string - default: '1.0' - help: 'You can enable StatsD logging here:' - - - name: log_statsd_metric_prefix - type: string - default: '' - help: 'You can enable StatsD logging here:' - - - name: db_preallocation - type: string - default: 'off' - help: "If you don't mind the extra disk space usage in overhead, you can turn this on to preallocate disk space with SQLite databases to decrease fragmentation." - - - name: eventlet_debug - type: string - default: 'false' - - - name: fallocate_reserve - type: string - default: '0' - help: "You can set fallocate_reserve to the number of bytes you'd like fallocate to reserve, whether there is space for the given file size or not." - - - name: pipeline:main.pipeline - type: string - default: 'healthcheck recon container-server' - - - name: filter:recon.use - type: string - default: 'egg:swift#recon' - - - name: app:container-server.set log_name - type: string - default: 'container-server' - help: 'You can override the default log routing for this app here:' - - - name: app:container-server.set log_facility - type: string - default: 'LOG_LOCAL0' - help: 'You can override the default log routing for this app here:' - - - name: app:container-server.set log_level - type: string - default: 'INFO' - help: 'You can override the default log routing for this app here:' - - - name: app:container-server.set log_requests - type: string - default: 'true' - help: 'You can override the default log routing for this app here:' - - - name: app:container-server.set log_address - type: string - default: '/dev/log' - help: 'You can override the default log routing for this app here:' - - - name: container-updater.node_timeout - type: string - default: '3' - - - name: container-updater.conn_timeout - type: string - default: '0.5' - - - name: app:container-server.allow_versions - type: string - default: 'false' - - - name: app:container-server.auto_create_account_prefix - type: string - default: '.' - - - name: app:container-server.replication_server - type: string - default: 'false' - help: "Configure parameter for creating specific server To handle all verbs, including replication verbs, do not specify 'replication_server' (this is the default). To only handle replication, set to a True value (e.g. 'True' or '1'). To handle only non-replication verbs, set to 'False'. Unless you have a separate replication network, you should not specify any value for 'replication_server'." - - - name: filter:healthcheck.disable_path - type: string - default: '' - help: "An optional filesystem path, which if present, will cause the healthcheck URL to return '503 Service Unavailable' with a body of 'DISABLED BY FILE'" - - - name: container-auditor.recon_cache_path - type: string - default: '/var/cache/swift' - help: 'containers_per_second = 200' - - - name: container-replicator.vm_test_mode - type: string - default: 'no' - - - name: container-replicator.per_diff - type: string - default: '1000' - - - name: container-replicator.max_diffs - type: string - default: '100' - - - name: container-updater.concurrency - type: string - default: '4' - - - name: container-sync.interval - type: string - default: '300' - help: 'Will sync each container at most once per interval' - - - name: container-replicator.reclaim_age - type: string - default: '604800' - help: 'The replicator also performs reclamation' - - - name: container-replicator.run_pause - type: string - default: '30' - help: 'Time in seconds to wait between replication passes' - - - name: container-updater.slowdown - type: string - default: '0.01' - help: 'slowdown will sleep that amount between containers' - - - name: container-updater.account_suppression_time - type: string - default: '60' - help: 'Seconds to suppress updating an account that has generated an error' - - - name: container-sync.sync_proxy - type: string - default: 'http://127.0.0.1:8888' - help: 'If you need to use an HTTP Proxy, set it here; defaults to no proxy.' - - - name: container-sync.container_time - type: string - default: '60' - help: 'Maximum amount of time to spend syncing each container per pass' - diff --git a/rubick/schemas/swift_container_server/swift_container_server.conf.yml b/rubick/schemas/swift_container_server/swift_container_server.conf.yml deleted file mode 100644 index 1ea95de..0000000 --- a/rubick/schemas/swift_container_server/swift_container_server.conf.yml +++ /dev/null @@ -1,297 +0,0 @@ -- version: '2013.2.1' - checkpoint: true - added: - - - name: bind_ip - type: string - default: '0.0.0.0' - comment: 'New param' - - - name: bind_port - type: string - default: '6001' - comment: 'New param' - - - name: bind_timeout - type: string - default: '30' - comment: 'New param' - - - name: backlog - type: string - default: '4096' - comment: 'New param' - - - name: user - type: string - default: 'swift' - comment: 'New param' - - - name: swift_dir - type: string - default: '/etc/swift' - comment: 'New param' - - - name: devices - type: string - default: '/srv/node' - comment: 'New param' - - - name: mount_check - type: string - default: 'true' - comment: 'New param' - - - name: disable_fallocate - type: string - default: 'false' - comment: 'New param' - - - name: workers - type: string - default: 'auto' - help: 'Use an integer to override the number of pre-forked processes that will accept connections.' - comment: 'New param' - - - name: max_clients - type: string - default: '1024' - help: 'Maximum concurrent requests per worker' - comment: 'New param' - - - name: allowed_sync_hosts - type: string - default: '127.0.0.1' - help: 'This is a comma separated list of hosts allowed in the X-Container-Sync-To field for containers.' - comment: 'New param' - - - name: container-sync.log_name - type: string - default: 'container-sync' - help: "You can override the default log routing for this app here (don't use set!):" - comment: 'New param' - - - name: container-sync.log_facility - type: string - default: 'LOG_LOCAL0' - help: "You can override the default log routing for this app here (don't use set!):" - comment: 'New param' - - - name: container-sync.log_level - type: string - default: 'INFO' - help: "You can override the default log routing for this app here (don't use set!):" - comment: 'New param' - - - name: container-sync.log_address - type: string - default: '/dev/log' - help: "You can override the default log routing for this app here (don't use set!):" - comment: 'New param' - - - name: log_custom_handlers - type: string - default: '' - help: 'comma separated list of functions to call to setup custom log handlers. functions get passed: conf, name, log_to_console, log_route, fmt, logger, adapted_logger' - comment: 'New param' - - - name: log_udp_host - type: string - default: '' - help: 'If set, log_udp_host will override log_address' - comment: 'New param' - - - name: log_udp_port - type: string - default: '514' - help: 'If set, log_udp_host will override log_address' - comment: 'New param' - - - name: log_statsd_host - type: host - default: 'localhost' - help: 'You can enable StatsD logging here:' - comment: 'New param' - - - name: log_statsd_port - type: string - default: '8125' - help: 'You can enable StatsD logging here:' - comment: 'New param' - - - name: log_statsd_default_sample_rate - type: string - default: '1.0' - help: 'You can enable StatsD logging here:' - comment: 'New param' - - - name: log_statsd_sample_rate_factor - type: string - default: '1.0' - help: 'You can enable StatsD logging here:' - comment: 'New param' - - - name: log_statsd_metric_prefix - type: string - default: '' - help: 'You can enable StatsD logging here:' - comment: 'New param' - - - name: db_preallocation - type: string - default: 'off' - help: "If you don't mind the extra disk space usage in overhead, you can turn this on to preallocate disk space with SQLite databases to decrease fragmentation." - comment: 'New param' - - - name: eventlet_debug - type: string - default: 'false' - comment: 'New param' - - - name: fallocate_reserve - type: string - default: '0' - help: "You can set fallocate_reserve to the number of bytes you'd like fallocate to reserve, whether there is space for the given file size or not." - comment: 'New param' - - - name: 'pipeline:main.pipeline' - type: string - default: 'healthcheck recon container-server' - comment: 'New param' - - - name: 'filter:recon.use' - type: string - default: 'egg:swift#recon' - comment: 'New param' - - - name: 'app:container-server.set log_name' - type: string - default: 'container-server' - help: 'You can override the default log routing for this app here:' - comment: 'New param' - - - name: 'app:container-server.set log_facility' - type: string - default: 'LOG_LOCAL0' - help: 'You can override the default log routing for this app here:' - comment: 'New param' - - - name: 'app:container-server.set log_level' - type: string - default: 'INFO' - help: 'You can override the default log routing for this app here:' - comment: 'New param' - - - name: 'app:container-server.set log_requests' - type: string - default: 'true' - help: 'You can override the default log routing for this app here:' - comment: 'New param' - - - name: 'app:container-server.set log_address' - type: string - default: '/dev/log' - help: 'You can override the default log routing for this app here:' - comment: 'New param' - - - name: container-updater.node_timeout - type: string - default: '3' - comment: 'New param' - - - name: container-updater.conn_timeout - type: string - default: '0.5' - comment: 'New param' - - - name: 'app:container-server.allow_versions' - type: string - default: 'false' - comment: 'New param' - - - name: 'app:container-server.auto_create_account_prefix' - type: string - default: '.' - comment: 'New param' - - - name: 'app:container-server.replication_server' - type: string - default: 'false' - help: "Configure parameter for creating specific server To handle all verbs, including replication verbs, do not specify 'replication_server' (this is the default). To only handle replication, set to a True value (e.g. 'True' or '1'). To handle only non-replication verbs, set to 'False'. Unless you have a separate replication network, you should not specify any value for 'replication_server'." - comment: 'New param' - - - name: 'filter:healthcheck.disable_path' - type: string - default: '' - help: "An optional filesystem path, which if present, will cause the healthcheck URL to return '503 Service Unavailable' with a body of 'DISABLED BY FILE'" - comment: 'New param' - - - name: container-auditor.recon_cache_path - type: string - default: '/var/cache/swift' - help: 'containers_per_second = 200' - comment: 'New param' - - - name: container-replicator.vm_test_mode - type: string - default: 'no' - comment: 'New param' - - - name: container-replicator.per_diff - type: string - default: '1000' - comment: 'New param' - - - name: container-replicator.max_diffs - type: string - default: '100' - comment: 'New param' - - - name: container-updater.concurrency - type: string - default: '4' - comment: 'New param' - - - name: container-sync.interval - type: string - default: '300' - help: 'Will sync each container at most once per interval' - comment: 'New param' - - - name: container-replicator.reclaim_age - type: string - default: '604800' - help: 'The replicator also performs reclamation' - comment: 'New param' - - - name: container-replicator.run_pause - type: string - default: '30' - help: 'Time in seconds to wait between replication passes' - comment: 'New param' - - - name: container-updater.slowdown - type: string - default: '0.01' - help: 'slowdown will sleep that amount between containers' - comment: 'New param' - - - name: container-updater.account_suppression_time - type: string - default: '60' - help: 'Seconds to suppress updating an account that has generated an error' - comment: 'New param' - - - name: container-sync.sync_proxy - type: string - default: 'http://127.0.0.1:8888' - help: 'If you need to use an HTTP Proxy, set it here; defaults to no proxy.' - comment: 'New param' - - - name: container-sync.container_time - type: string - default: '60' - help: 'Maximum amount of time to spend syncing each container per pass' - comment: 'New param' - -# ==================================================== diff --git a/rubick/schemas/swift_object_server/2013.2.1.yml b/rubick/schemas/swift_object_server/2013.2.1.yml deleted file mode 100644 index 2274b9d..0000000 --- a/rubick/schemas/swift_object_server/2013.2.1.yml +++ /dev/null @@ -1,316 +0,0 @@ -project: swift_object_server -version: '2013.2.1' -parameters: - - - name: bind_ip - type: string - default: '0.0.0.0' - - - name: bind_port - type: string - default: '6000' - - - name: bind_timeout - type: string - default: '30' - - - name: backlog - type: string - default: '4096' - - - name: user - type: string - default: 'swift' - - - name: swift_dir - type: string - default: '/etc/swift' - - - name: devices - type: string - default: '/srv/node' - - - name: mount_check - type: string - default: 'true' - - - name: disable_fallocate - type: string - default: 'false' - - - name: expiring_objects_container_divisor - type: string - default: '86400' - - - name: workers - type: string - default: 'auto' - help: 'Use an integer to override the number of pre-forked processes that will accept connections.' - - - name: max_clients - type: string - default: '1024' - help: 'Maximum concurrent requests per worker' - - - name: object-auditor.log_name - type: string - default: 'object-auditor' - help: "You can override the default log routing for this app here (don't use set!):" - - - name: object-auditor.log_facility - type: string - default: 'LOG_LOCAL0' - help: "You can override the default log routing for this app here (don't use set!):" - - - name: object-auditor.log_level - type: string - default: 'INFO' - help: "You can override the default log routing for this app here (don't use set!):" - - - name: object-auditor.log_address - type: string - default: '/dev/log' - help: "You can override the default log routing for this app here (don't use set!):" - - - name: log_custom_handlers - type: string - default: '' - help: 'comma separated list of functions to call to setup custom log handlers. functions get passed: conf, name, log_to_console, log_route, fmt, logger, adapted_logger' - - - name: log_udp_host - type: string - default: '' - help: 'If set, log_udp_host will override log_address' - - - name: log_udp_port - type: string - default: '514' - help: 'If set, log_udp_host will override log_address' - - - name: log_statsd_host - type: host - default: 'localhost' - help: 'You can enable StatsD logging here:' - - - name: log_statsd_port - type: string - default: '8125' - help: 'You can enable StatsD logging here:' - - - name: log_statsd_default_sample_rate - type: string - default: '1.0' - help: 'You can enable StatsD logging here:' - - - name: log_statsd_sample_rate_factor - type: string - default: '1.0' - help: 'You can enable StatsD logging here:' - - - name: log_statsd_metric_prefix - type: string - default: '' - help: 'You can enable StatsD logging here:' - - - name: eventlet_debug - type: string - default: 'false' - - - name: fallocate_reserve - type: string - default: '0' - help: "You can set fallocate_reserve to the number of bytes you'd like fallocate to reserve, whether there is space for the given file size or not." - - - name: pipeline:main.pipeline - type: string - default: 'healthcheck recon object-server' - - - name: filter:recon.use - type: string - default: 'egg:swift#recon' - - - name: app:object-server.set log_name - type: string - default: 'object-server' - help: 'You can override the default log routing for this app here:' - - - name: app:object-server.set log_facility - type: string - default: 'LOG_LOCAL0' - help: 'You can override the default log routing for this app here:' - - - name: app:object-server.set log_level - type: string - default: 'INFO' - help: 'You can override the default log routing for this app here:' - - - name: app:object-server.set log_requests - type: string - default: 'true' - help: 'You can override the default log routing for this app here:' - - - name: app:object-server.set log_address - type: string - default: '/dev/log' - help: 'You can override the default log routing for this app here:' - - - name: object-updater.node_timeout - type: string - default: '10' - - - name: object-updater.conn_timeout - type: string - default: '0.5' - - - name: app:object-server.network_chunk_size - type: string - default: '65536' - - - name: app:object-server.disk_chunk_size - type: string - default: '65536' - - - name: app:object-server.max_upload_time - type: string - default: '86400' - - - name: app:object-server.slow - type: string - default: '0' - - - name: app:object-server.keep_cache_size - type: string - default: '5424880' - help: 'Objects smaller than this are not evicted from the buffercache once read' - - - name: app:object-server.keep_cache_private - type: string - default: 'false' - help: 'If true, objects for authenticated GET requests may be kept in buffer cache if small enough' - - - name: app:object-server.mb_per_sync - type: string - default: '512' - help: 'on PUTs, sync data every n MB' - - - name: app:object-server.allowed_headers - type: string - default: 'Content-Disposition, Content-Encoding, X-Delete-At, X-Object-Manifest, X-Static-Large-Object' - help: 'Comma separated list of headers that can be set in metadata on an object. This list is in addition to X-Object-Meta-* headers and cannot include Content-Type, etag, Content-Length, or deleted' - - - name: app:object-server.auto_create_account_prefix - type: string - default: '.' - - - name: app:object-server.replication_server - type: string - default: 'false' - help: "Configure parameter for creating specific server To handle all verbs, including replication verbs, do not specify 'replication_server' (this is the default). To only handle replication, set to a True value (e.g. 'True' or '1'). To handle only non-replication verbs, set to 'False'. Unless you have a separate replication network, you should not specify any value for 'replication_server'." - - - name: app:object-server.threads_per_disk - type: string - default: '0' - help: "Configure parameter for creating specific server To handle all verbs, including replication verbs, do not specify 'replication_server' (this is the default). To only handle replication, set to a True value (e.g. 'True' or '1'). To handle only non-replication verbs, set to 'False'. Unless you have a separate replication network, you should not specify any value for 'replication_server'. A value of 0 means 'don't use thread pools'. A reasonable starting point is 4." - - - name: filter:healthcheck.disable_path - type: string - default: '' - help: "An optional filesystem path, which if present, will cause the healthcheck URL to return '503 Service Unavailable' with a body of 'DISABLED BY FILE'" - - - name: object-auditor.recon_cache_path - type: string - default: '/var/cache/swift' - - - name: filter:recon.recon_lock_path - type: string - default: '/var/lock' - - - name: object-replicator.vm_test_mode - type: string - default: 'no' - - - name: object-replicator.daemonize - type: string - default: 'on' - - - name: object-replicator.run_pause - type: string - default: '30' - - - name: object-updater.concurrency - type: string - default: '1' - - - name: object-replicator.stats_interval - type: string - default: '300' - - - name: object-replicator.rsync_timeout - type: string - default: '900' - help: 'max duration of a partition rsync' - - - name: object-replicator.rsync_bwlimit - type: string - default: '0' - help: 'bandwith limit for rsync in kB/s. 0 means unlimited' - - - name: object-replicator.rsync_io_timeout - type: string - default: '30' - help: 'passed to rsync for io op timeout' - - - name: object-replicator.http_timeout - type: string - default: '60' - help: 'max duration of an http request' - - - name: object-replicator.lockup_timeout - type: string - default: '1800' - help: 'attempts to kill all workers if nothing replicates for lockup_timeout seconds' - - - name: object-replicator.reclaim_age - type: string - default: '604800' - help: 'The replicator also performs reclamation' - - - name: object-replicator.ring_check_interval - type: string - default: '15' - - - name: object-replicator.rsync_error_log_line_length - type: string - default: '0' - help: 'limits how long rsync error log lines are 0 means to log the entire line' - - - name: object-updater.interval - type: string - default: '300' - - - name: object-updater.slowdown - type: string - default: '0.01' - help: 'slowdown will sleep that amount between objects' - - - name: object-auditor.files_per_second - type: string - default: '20' - - - name: object-auditor.bytes_per_second - type: string - default: '10000000' - - - name: object-auditor.log_time - type: string - default: '3600' - - - name: object-auditor.zero_byte_files_per_second - type: string - default: '50' - - - name: object-auditor.object_size_stats - type: string - default: '' - help: 'Takes a comma separated list of ints. If set, the object auditor will increment a counter for every object whose size is <= to the given break points and report the result after a full scan.' - diff --git a/rubick/schemas/swift_object_server/swift_object_server.conf.yml b/rubick/schemas/swift_object_server/swift_object_server.conf.yml deleted file mode 100644 index 4f379e1..0000000 --- a/rubick/schemas/swift_object_server/swift_object_server.conf.yml +++ /dev/null @@ -1,386 +0,0 @@ -- version: '2013.2.1' - checkpoint: true - added: - - - name: bind_ip - type: string - default: '0.0.0.0' - comment: 'New param' - - - name: bind_port - type: string - default: '6000' - comment: 'New param' - - - name: bind_timeout - type: string - default: '30' - comment: 'New param' - - - name: backlog - type: string - default: '4096' - comment: 'New param' - - - name: user - type: string - default: 'swift' - comment: 'New param' - - - name: swift_dir - type: string - default: '/etc/swift' - comment: 'New param' - - - name: devices - type: string - default: '/srv/node' - comment: 'New param' - - - name: mount_check - type: string - default: 'true' - comment: 'New param' - - - name: disable_fallocate - type: string - default: 'false' - comment: 'New param' - - - name: expiring_objects_container_divisor - type: string - default: '86400' - comment: 'New param' - - - name: workers - type: string - default: 'auto' - help: 'Use an integer to override the number of pre-forked processes that will accept connections.' - comment: 'New param' - - - name: max_clients - type: string - default: '1024' - help: 'Maximum concurrent requests per worker' - comment: 'New param' - - - name: object-auditor.log_name - type: string - default: 'object-auditor' - help: "You can override the default log routing for this app here (don't use set!):" - comment: 'New param' - - - name: object-auditor.log_facility - type: string - default: 'LOG_LOCAL0' - help: "You can override the default log routing for this app here (don't use set!):" - comment: 'New param' - - - name: object-auditor.log_level - type: string - default: 'INFO' - help: "You can override the default log routing for this app here (don't use set!):" - comment: 'New param' - - - name: object-auditor.log_address - type: string - default: '/dev/log' - help: "You can override the default log routing for this app here (don't use set!):" - comment: 'New param' - - - name: log_custom_handlers - type: string - default: '' - help: 'comma separated list of functions to call to setup custom log handlers. functions get passed: conf, name, log_to_console, log_route, fmt, logger, adapted_logger' - comment: 'New param' - - - name: log_udp_host - type: string - default: '' - help: 'If set, log_udp_host will override log_address' - comment: 'New param' - - - name: log_udp_port - type: string - default: '514' - help: 'If set, log_udp_host will override log_address' - comment: 'New param' - - - name: log_statsd_host - type: host - default: 'localhost' - help: 'You can enable StatsD logging here:' - comment: 'New param' - - - name: log_statsd_port - type: string - default: '8125' - help: 'You can enable StatsD logging here:' - comment: 'New param' - - - name: log_statsd_default_sample_rate - type: string - default: '1.0' - help: 'You can enable StatsD logging here:' - comment: 'New param' - - - name: log_statsd_sample_rate_factor - type: string - default: '1.0' - help: 'You can enable StatsD logging here:' - comment: 'New param' - - - name: log_statsd_metric_prefix - type: string - default: '' - help: 'You can enable StatsD logging here:' - comment: 'New param' - - - name: eventlet_debug - type: string - default: 'false' - comment: 'New param' - - - name: fallocate_reserve - type: string - default: '0' - help: "You can set fallocate_reserve to the number of bytes you'd like fallocate to reserve, whether there is space for the given file size or not." - comment: 'New param' - - - name: 'pipeline:main.pipeline' - type: string - default: 'healthcheck recon object-server' - comment: 'New param' - - - name: 'filter:recon.use' - type: string - default: 'egg:swift#recon' - comment: 'New param' - - - name: 'app:object-server.set log_name' - type: string - default: 'object-server' - help: 'You can override the default log routing for this app here:' - comment: 'New param' - - - name: 'app:object-server.set log_facility' - type: string - default: 'LOG_LOCAL0' - help: 'You can override the default log routing for this app here:' - comment: 'New param' - - - name: 'app:object-server.set log_level' - type: string - default: 'INFO' - help: 'You can override the default log routing for this app here:' - comment: 'New param' - - - name: 'app:object-server.set log_requests' - type: string - default: 'true' - help: 'You can override the default log routing for this app here:' - comment: 'New param' - - - name: 'app:object-server.set log_address' - type: string - default: '/dev/log' - help: 'You can override the default log routing for this app here:' - comment: 'New param' - - - name: object-updater.node_timeout - type: string - default: '10' - comment: 'New param' - - - name: object-updater.conn_timeout - type: string - default: '0.5' - comment: 'New param' - - - name: 'app:object-server.network_chunk_size' - type: string - default: '65536' - comment: 'New param' - - - name: 'app:object-server.disk_chunk_size' - type: string - default: '65536' - comment: 'New param' - - - name: 'app:object-server.max_upload_time' - type: string - default: '86400' - comment: 'New param' - - - name: 'app:object-server.slow' - type: string - default: '0' - comment: 'New param' - - - name: 'app:object-server.keep_cache_size' - type: string - default: '5424880' - help: 'Objects smaller than this are not evicted from the buffercache once read' - comment: 'New param' - - - name: 'app:object-server.keep_cache_private' - type: string - default: 'false' - help: 'If true, objects for authenticated GET requests may be kept in buffer cache if small enough' - comment: 'New param' - - - name: 'app:object-server.mb_per_sync' - type: string - default: '512' - help: 'on PUTs, sync data every n MB' - comment: 'New param' - - - name: 'app:object-server.allowed_headers' - type: string - default: 'Content-Disposition, Content-Encoding, X-Delete-At, X-Object-Manifest, X-Static-Large-Object' - help: 'Comma separated list of headers that can be set in metadata on an object. This list is in addition to X-Object-Meta-* headers and cannot include Content-Type, etag, Content-Length, or deleted' - comment: 'New param' - - - name: 'app:object-server.auto_create_account_prefix' - type: string - default: '.' - comment: 'New param' - - - name: 'app:object-server.replication_server' - type: string - default: 'false' - help: "Configure parameter for creating specific server To handle all verbs, including replication verbs, do not specify 'replication_server' (this is the default). To only handle replication, set to a True value (e.g. 'True' or '1'). To handle only non-replication verbs, set to 'False'. Unless you have a separate replication network, you should not specify any value for 'replication_server'." - comment: 'New param' - - - name: 'app:object-server.threads_per_disk' - type: string - default: '0' - help: "Configure parameter for creating specific server To handle all verbs, including replication verbs, do not specify 'replication_server' (this is the default). To only handle replication, set to a True value (e.g. 'True' or '1'). To handle only non-replication verbs, set to 'False'. Unless you have a separate replication network, you should not specify any value for 'replication_server'. A value of 0 means 'don't use thread pools'. A reasonable starting point is 4." - comment: 'New param' - - - name: 'filter:healthcheck.disable_path' - type: string - default: '' - help: "An optional filesystem path, which if present, will cause the healthcheck URL to return '503 Service Unavailable' with a body of 'DISABLED BY FILE'" - comment: 'New param' - - - name: object-auditor.recon_cache_path - type: string - default: '/var/cache/swift' - comment: 'New param' - - - name: 'filter:recon.recon_lock_path' - type: string - default: '/var/lock' - comment: 'New param' - - - name: object-replicator.vm_test_mode - type: string - default: 'no' - comment: 'New param' - - - name: object-replicator.daemonize - type: string - default: 'on' - comment: 'New param' - - - name: object-replicator.run_pause - type: string - default: '30' - comment: 'New param' - - - name: object-updater.concurrency - type: string - default: '1' - comment: 'New param' - - - name: object-replicator.stats_interval - type: string - default: '300' - comment: 'New param' - - - name: object-replicator.rsync_timeout - type: string - default: '900' - help: 'max duration of a partition rsync' - comment: 'New param' - - - name: object-replicator.rsync_bwlimit - type: string - default: '0' - help: 'bandwith limit for rsync in kB/s. 0 means unlimited' - comment: 'New param' - - - name: object-replicator.rsync_io_timeout - type: string - default: '30' - help: 'passed to rsync for io op timeout' - comment: 'New param' - - - name: object-replicator.http_timeout - type: string - default: '60' - help: 'max duration of an http request' - comment: 'New param' - - - name: object-replicator.lockup_timeout - type: string - default: '1800' - help: 'attempts to kill all workers if nothing replicates for lockup_timeout seconds' - comment: 'New param' - - - name: object-replicator.reclaim_age - type: string - default: '604800' - help: 'The replicator also performs reclamation' - comment: 'New param' - - - name: object-replicator.ring_check_interval - type: string - default: '15' - comment: 'New param' - - - name: object-replicator.rsync_error_log_line_length - type: string - default: '0' - help: 'limits how long rsync error log lines are 0 means to log the entire line' - comment: 'New param' - - - name: object-updater.interval - type: string - default: '300' - comment: 'New param' - - - name: object-updater.slowdown - type: string - default: '0.01' - help: 'slowdown will sleep that amount between objects' - comment: 'New param' - - - name: object-auditor.files_per_second - type: string - default: '20' - comment: 'New param' - - - name: object-auditor.bytes_per_second - type: string - default: '10000000' - comment: 'New param' - - - name: object-auditor.log_time - type: string - default: '3600' - comment: 'New param' - - - name: object-auditor.zero_byte_files_per_second - type: string - default: '50' - comment: 'New param' - - - name: object-auditor.object_size_stats - type: string - default: '' - help: 'Takes a comma separated list of ints. If set, the object auditor will increment a counter for every object whose size is <= to the given break points and report the result after a full scan.' - comment: 'New param' - -# ==================================================== diff --git a/rubick/schemas/swift_proxy_server/2013.2.1.yml b/rubick/schemas/swift_proxy_server/2013.2.1.yml deleted file mode 100644 index ccb3e68..0000000 --- a/rubick/schemas/swift_proxy_server/2013.2.1.yml +++ /dev/null @@ -1,625 +0,0 @@ -project: swift_proxy_server -version: '2013.2.1' -parameters: - - - name: bind_ip - type: string - default: '0.0.0.0' - - - name: bind_port - type: string - default: '80' - - - name: bind_timeout - type: string - default: '30' - - - name: backlog - type: string - default: '4096' - - - name: swift_dir - type: string - default: '/etc/swift' - - - name: user - type: string - default: 'swift' - - - name: workers - type: string - default: 'auto' - help: "Use an integer to override the number of pre-forked processes that will accept connections. Should default to the number of effective cpu cores in the system. It's worth noting that individual workers will use many eventlet co-routines to service multiple concurrent requests." - - - name: max_clients - type: string - default: '1024' - help: 'Maximum concurrent requests per worker' - - - name: cert_file - type: string - default: '/etc/swift/proxy.crt' - help: 'Set the following two lines to enable SSL. This is for testing only.' - - - name: key_file - type: string - default: '/etc/swift/proxy.key' - help: 'Set the following two lines to enable SSL. This is for testing only.' - - - name: log_name - type: string - default: 'swift' - help: 'You can specify default log routing here if you want:' - - - name: log_facility - type: string - default: 'LOG_LOCAL0' - help: 'You can specify default log routing here if you want:' - - - name: log_level - type: string - default: 'INFO' - help: 'You can specify default log routing here if you want:' - - - name: log_headers - type: string - default: 'false' - help: 'You can specify default log routing here if you want:' - - - name: log_address - type: string - default: '/dev/log' - help: 'You can specify default log routing here if you want:' - - - name: trans_id_suffix - type: string - default: '' - help: 'This optional suffix (default is empty) that would be appended to the swift transaction id allows one to easily figure out from which cluster that X-Trans-Id belongs to. This is very useful when one is managing more than one swift cluster.' - - - name: log_custom_handlers - type: string - default: '' - help: 'comma separated list of functions to call to setup custom log handlers. functions get passed: conf, name, log_to_console, log_route, fmt, logger, adapted_logger' - - - name: log_udp_host - type: string - default: '' - help: 'If set, log_udp_host will override log_address' - - - name: log_udp_port - type: string - default: '514' - help: 'If set, log_udp_host will override log_address' - - - name: log_statsd_host - type: host - default: 'localhost' - help: 'You can enable StatsD logging here:' - - - name: log_statsd_port - type: string - default: '8125' - help: 'You can enable StatsD logging here:' - - - name: log_statsd_default_sample_rate - type: string - default: '1.0' - help: 'You can enable StatsD logging here:' - - - name: log_statsd_sample_rate_factor - type: string - default: '1.0' - help: 'You can enable StatsD logging here:' - - - name: log_statsd_metric_prefix - type: string - default: '' - help: 'You can enable StatsD logging here:' - - - name: cors_allow_origin - type: string - default: '' - help: 'Use a comma separated list of full url (http://foo.bar:1234,https://foo.bar)' - - - name: client_timeout - type: string - default: '60' - - - name: eventlet_debug - type: string - default: 'false' - - - name: pipeline:main.pipeline - type: string - default: 'catch_errors healthcheck proxy-logging cache bulk slo ratelimit tempauth container-quotas account-quotas proxy-logging proxy-server' - - - name: filter:account-quotas.use - type: string - default: 'egg:swift#account_quotas' - - - name: filter:cname_lookup.set log_name - type: string - default: 'cname_lookup' - help: 'Note: this middleware requires python-dnspython You can override the default log routing for this filter here:' - - - name: filter:cname_lookup.set log_facility - type: string - default: 'LOG_LOCAL0' - help: 'Note: this middleware requires python-dnspython You can override the default log routing for this filter here:' - - - name: filter:cname_lookup.set log_level - type: string - default: 'INFO' - help: 'Note: this middleware requires python-dnspython You can override the default log routing for this filter here:' - - - name: filter:cname_lookup.set log_address - type: string - default: '/dev/log' - help: 'Note: this middleware requires python-dnspython You can override the default log routing for this filter here:' - - - name: app:proxy-server.log_handoffs - type: string - default: 'true' - - - name: app:proxy-server.recheck_account_existence - type: string - default: '60' - - - name: app:proxy-server.recheck_container_existence - type: string - default: '60' - - - name: app:proxy-server.object_chunk_size - type: string - default: '8192' - - - name: app:proxy-server.client_chunk_size - type: string - default: '8192' - - - name: app:proxy-server.node_timeout - type: string - default: '10' - - - name: app:proxy-server.conn_timeout - type: string - default: '0.5' - - - name: app:proxy-server.error_suppression_interval - type: string - default: '60' - help: "How long without an error before a node's error count is reset. This will also be how long before a node is reenabled after suppression is triggered." - - - name: app:proxy-server.error_suppression_limit - type: string - default: '10' - help: 'How many errors can accumulate before a node is temporarily ignored.' - - - name: app:proxy-server.allow_account_management - type: string - default: 'false' - help: "If set to 'true' any authorized user may create and delete accounts; if 'false' no one, even authorized, can." - - - name: app:proxy-server.object_post_as_copy - type: string - default: 'true' - help: "Set object_post_as_copy = false to turn on fast posts where only the metadata changes are stored anew and the original data file is kept in place. This makes for quicker posts; but since the container metadata isn't updated in this mode, features like container sync won't be able to sync posts." - - - name: app:proxy-server.account_autocreate - type: string - default: 'false' - help: "If set to 'true' authorized accounts that do not yet exist within the Swift cluster will be automatically created." - - - name: app:proxy-server.max_containers_per_account - type: string - default: '0' - help: 'If set to a positive value, trying to create a container when the account already has at least this maximum containers will result in a 403 Forbidden. Note: This is a soft limit, meaning a user might exceed the cap for recheck_account_existence before the 403s kick in.' - - - name: app:proxy-server.max_containers_whitelist - type: string - default: '' - help: 'This is a comma separated list of account hashes that ignore the max_containers_per_account cap.' - - - name: app:proxy-server.deny_host_headers - type: string - default: '' - help: 'Comma separated list of Host headers to which the proxy will deny requests.' - - - name: app:proxy-server.auto_create_account_prefix - type: string - default: '.' - help: 'Prefix used when automatically creating accounts.' - - - name: app:proxy-server.put_queue_depth - type: string - default: '10' - help: 'Depth of the proxy put queue.' - - - name: app:proxy-server.rate_limit_after_segment - type: string - default: '10' - help: 'Start rate-limiting object segment serving after the Nth segment of a segmented object.' - - - name: app:proxy-server.rate_limit_segments_per_sec - type: string - default: '1' - help: 'Once segment rate-limiting kicks in for an object, limit segments served to N per second.' - - - name: app:proxy-server.sorting_method - type: string - default: 'shuffle' - help: "Storage nodes can be chosen at random (shuffle), by using timing measurements (timing), or by using an explicit match (affinity). Using timing measurements may allow for lower overall latency, while using affinity allows for finer control. In both the timing and affinity cases, equally-sorting nodes are still randomly chosen to spread load. The valid values for sorting_method are 'affinity', 'shuffle', and 'timing'." - - - name: app:proxy-server.timing_expiry - type: string - default: '300' - help: "If the 'timing' sorting_method is used, the timings will only be valid for the number of seconds configured by timing_expiry." - - - name: app:proxy-server.allow_static_large_object - type: string - default: 'true' - help: "If set to false will treat objects with X-Static-Large-Object header set as a regular object on GETs, i.e. will return that object's contents. Should be set to false if slo is not used in pipeline." - - - name: app:proxy-server.max_large_object_get_time - type: string - default: '86400' - help: 'The maximum time (seconds) that a large object connection is allowed to last.' - - - name: app:proxy-server.request_node_count - type: string - default: '2 * replicas' - help: "Set to the number of nodes to contact for a normal request. You can use '* replicas' at the end to have it use the number given times the number of replicas for the ring being used for the request." - - - name: app:proxy-server.read_affinity - type: string - default: '' - help: 'Example: first read from region 1 zone 1, then region 1 zone 2, then anything in region 2, then everything else: read_affinity = r1z1=100, r1z2=200, r2=300 Default is empty, meaning no preference.' - - - name: app:proxy-server.write_affinity - type: string - default: '' - help: 'Example: try to write to regions 1 and 2 before writing to any other nodes: write_affinity = r1, r2 Default is empty, meaning no preference.' - - - name: app:proxy-server.write_affinity_node_count - type: string - default: '2 * replicas' - help: "The number of local (as governed by the write_affinity setting) nodes to attempt to contact first, before any non-local ones. You can use '* replicas' at the end to have it use the number given times the number of replicas for the ring being used for the request." - - - name: app:proxy-server.swift_owner_headers - type: string - default: 'x-container-read, x-container-write, x-container-sync-key, x-container-sync-to, x-account-meta-temp-url-key, x-account-meta-temp-url-key-2' - help: 'These are the headers whose values will only be shown to swift_owners. The exact definition of a swift_owner is up to the auth system in use, but usually indicates administrative responsibilities.' - - - name: filter:cname_lookup.set log_headers - type: string - default: 'false' - help: 'Note: this middleware requires python-dnspython You can override the default log routing for this filter here:' - - - name: filter:tempauth.reseller_prefix - type: string - default: 'AUTH' - help: 'The reseller prefix will verify a token begins with this prefix before even attempting to validate it. Also, with authorization, only Swift storage accounts with this prefix will be authorized by this middleware. Useful if multiple auth systems are in use for one Swift cluster.' - - - name: filter:tempauth.auth_prefix - type: string - default: '/auth/' - help: 'The auth prefix will cause requests beginning with this prefix to be routed to the auth subsystem, for granting tokens, etc.' - - - name: filter:tempauth.token_life - type: string - default: '86400' - help: 'The auth prefix will cause requests beginning with this prefix to be routed to the auth subsystem, for granting tokens, etc.' - - - name: filter:tempauth.allow_overrides - type: string - default: 'true' - help: "This allows middleware higher in the WSGI pipeline to override auth processing, useful for middleware such as tempurl and formpost. If you know you're not going to use such middleware and you want a bit of extra security, you can set this to false." - - - name: filter:tempauth.storage_url_scheme - type: string - default: 'default' - help: 'This specifies what scheme to return with storage urls: http, https, or default (chooses based on what the server is running as) This can be useful with an SSL load balancer in front of a non-SSL server.' - - - name: filter:tempauth.user_admin_admin - type: string - default: 'admin .admin .reseller_admin' - help: 'Lastly, you need to list all the accounts/users you want here. The format is: user__ = [group] [group] [...] [storage_url] or if you want underscores in or , you can base64 encode them (with no equal signs) and use this format: user64__ = [group] [group] [...] [storage_url] There are special groups of: .reseller_admin = can do anything to any account for this auth .admin = can do anything within the account If neither of these groups are specified, the user can only access containers that have been explicitly allowed for them by a .admin or .reseller_admin. The trailing optional storage_url allows you to specify an alternate url to hand back to the user upon authentication. If not specified, this defaults to $HOST/v1/_ where $HOST will do its best to resolve to what the requester would need to use to reach this host. Here are example entries, required for running the tests:' - - - name: filter:tempauth.user_test_tester - type: string - default: 'testing .admin' - help: 'Lastly, you need to list all the accounts/users you want here. The format is: user__ = [group] [group] [...] [storage_url] or if you want underscores in or , you can base64 encode them (with no equal signs) and use this format: user64__ = [group] [group] [...] [storage_url] There are special groups of: .reseller_admin = can do anything to any account for this auth .admin = can do anything within the account If neither of these groups are specified, the user can only access containers that have been explicitly allowed for them by a .admin or .reseller_admin. The trailing optional storage_url allows you to specify an alternate url to hand back to the user upon authentication. If not specified, this defaults to $HOST/v1/_ where $HOST will do its best to resolve to what the requester would need to use to reach this host. Here are example entries, required for running the tests:' - - - name: filter:tempauth.user_test2_tester2 - type: string - default: 'testing2 .admin' - help: 'Lastly, you need to list all the accounts/users you want here. The format is: user__ = [group] [group] [...] [storage_url] or if you want underscores in or , you can base64 encode them (with no equal signs) and use this format: user64__ = [group] [group] [...] [storage_url] There are special groups of: .reseller_admin = can do anything to any account for this auth .admin = can do anything within the account If neither of these groups are specified, the user can only access containers that have been explicitly allowed for them by a .admin or .reseller_admin. The trailing optional storage_url allows you to specify an alternate url to hand back to the user upon authentication. If not specified, this defaults to $HOST/v1/_ where $HOST will do its best to resolve to what the requester would need to use to reach this host. Here are example entries, required for running the tests:' - - - name: filter:tempauth.user_test_tester3 - type: string - default: 'testing3' - help: 'Lastly, you need to list all the accounts/users you want here. The format is: user__ = [group] [group] [...] [storage_url] or if you want underscores in or , you can base64 encode them (with no equal signs) and use this format: user64__ = [group] [group] [...] [storage_url] There are special groups of: .reseller_admin = can do anything to any account for this auth .admin = can do anything within the account If neither of these groups are specified, the user can only access containers that have been explicitly allowed for them by a .admin or .reseller_admin. The trailing optional storage_url allows you to specify an alternate url to hand back to the user upon authentication. If not specified, this defaults to $HOST/v1/_ where $HOST will do its best to resolve to what the requester would need to use to reach this host. Here are example entries, required for running the tests:' - - - name: filter:tempauth.paste.filter_factory - type: string - default: 'keystoneclient.middleware.auth_token:filter_factory' - help: '[filter:authtoken]' - - - name: filter:tempauth.auth_host - type: string - default: 'keystonehost' - help: '[filter:authtoken]' - - - name: filter:tempauth.auth_port - type: string - default: '35357' - help: '[filter:authtoken]' - - - name: filter:tempauth.auth_protocol - type: string - default: 'http' - help: '[filter:authtoken]' - - - name: filter:tempauth.auth_uri - type: string - default: 'http://keystonehost:5000/' - help: '[filter:authtoken]' - - - name: filter:tempauth.admin_tenant_name - type: string - default: 'service' - help: '[filter:authtoken]' - - - name: filter:tempauth.admin_user - type: string - default: 'swift' - help: '[filter:authtoken]' - - - name: filter:tempauth.admin_password - type: string - default: 'password' - help: '[filter:authtoken]' - - - name: filter:tempauth.delay_auth_decision - type: string - default: '1' - help: '[filter:authtoken]' - - - name: filter:tempauth.cache - type: string - default: 'swift.cache' - help: '[filter:authtoken]' - - - name: filter:tempauth.operator_roles - type: string - default: 'admin, swiftoperator' - help: '[filter:keystoneauth] Operator roles is the role which user would be allowed to manage a tenant and be able to create container or give ACL to others.' - - - name: filter:tempauth.reseller_admin_role - type: string - default: 'ResellerAdmin' - help: '[filter:keystoneauth] Operator roles is the role which user would be allowed to manage a tenant and be able to create container or give ACL to others. The reseller admin role has the ability to create and delete accounts' - - - name: filter:healthcheck.disable_path - type: string - default: '' - help: "An optional filesystem path, which if present, will cause the healthcheck URL to return '503 Service Unavailable' with a body of 'DISABLED BY FILE'. This facility may be used to temporarily remove a Swift node from a load balancer pool during maintenance or upgrade (remove the file to allow the node back into the load balancer pool)." - - - name: filter:cache.memcache_servers - type: string - default: '127.0.0.1:11211' - help: 'If not set here, the value for memcache_servers will be read from memcache.conf (see memcache.conf-sample) or lacking that file, it will default to the value below. You can specify multiple servers separated with commas, as in: 10.1.2.3:11211,10.1.2.4:11211' - - - name: filter:cache.memcache_serialization_support - type: string - default: '2' - help: 'Sets how memcache values are serialized and deserialized: 0 = older, insecure pickle serialization 1 = json serialization but pickles can still be read (still insecure) 2 = json serialization only (secure and the default) If not set here, the value for memcache_serialization_support will be read from /etc/swift/memcache.conf (see memcache.conf-sample). To avoid an instant full cache flush, existing installations should upgrade with 0, then set to 1 and reload, then after some time (24 hours) set to 2 and reload. In the future, the ability to use pickle serialization will be removed.' - - - name: filter:ratelimit.clock_accuracy - type: string - default: '1000' - help: "clock_accuracy should represent how accurate the proxy servers' system clocks are with each other. 1000 means that all the proxies' clock are accurate to each other within 1 millisecond. No ratelimit should be higher than the clock accuracy." - - - name: filter:ratelimit.max_sleep_time_seconds - type: string - default: '60' - - - name: filter:ratelimit.log_sleep_time_seconds - type: string - default: '0' - help: 'log_sleep_time_seconds of 0 means disabled' - - - name: filter:ratelimit.rate_buffer_seconds - type: string - default: '5' - help: "allows for slow rates (e.g. running up to 5 sec's behind) to catch up." - - - name: filter:ratelimit.account_ratelimit - type: string - default: '0' - help: 'account_ratelimit of 0 means disabled' - - - name: filter:ratelimit.account_whitelist - type: string - default: 'a,b' - help: 'these are comma separated lists of account names' - - - name: filter:ratelimit.account_blacklist - type: string - default: 'c,d' - help: 'these are comma separated lists of account names' - - - name: filter:ratelimit.with container_limit_x - type: string - default: 'r' - - - name: filter:ratelimit.container_ratelimit_0 - type: string - default: '100' - help: 'for containers of size x limit write requests per second to r. The container rate will be linearly interpolated from the values given. With the values below, a container of size 5 will get a rate of 75.' - - - name: filter:ratelimit.container_ratelimit_10 - type: string - default: '50' - help: 'for containers of size x limit write requests per second to r. The container rate will be linearly interpolated from the values given. With the values below, a container of size 5 will get a rate of 75.' - - - name: filter:ratelimit.container_ratelimit_50 - type: string - default: '20' - help: 'for containers of size x limit write requests per second to r. The container rate will be linearly interpolated from the values given. With the values below, a container of size 5 will get a rate of 75.' - - - name: filter:ratelimit.container_listing_ratelimit_0 - type: string - default: '100' - help: 'Similarly to the above container-level write limits, the following will limit container GET (listing) requests.' - - - name: filter:ratelimit.container_listing_ratelimit_10 - type: string - default: '50' - help: 'Similarly to the above container-level write limits, the following will limit container GET (listing) requests.' - - - name: filter:ratelimit.container_listing_ratelimit_50 - type: string - default: '20' - help: 'Similarly to the above container-level write limits, the following will limit container GET (listing) requests.' - - - name: filter:cname_lookup.storage_domain - type: string - default: 'example.com' - - - name: filter:domain_remap.path_root - type: string - default: 'v1' - - - name: filter:domain_remap.reseller_prefixes - type: string - default: 'AUTH' - - - name: filter:cname_lookup.lookup_depth - type: string - default: '1' - - - name: filter:tempurl.methods - type: string - default: 'GET HEAD PUT' - help: 'The methods allowed with Temp URLs.' - - - name: filter:tempurl.incoming_remove_headers - type: string - default: 'x-timestamp' - help: "The headers to remove from incoming requests. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match. incoming_allow_headers is a list of exceptions to these removals." - - - name: filter:tempurl.incoming_allow_headers - type: string - default: '' - help: "The headers allowed as exceptions to incoming_remove_headers. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match." - - - name: filter:tempurl.outgoing_remove_headers - type: string - default: 'x-object-meta-*' - help: "The headers to remove from outgoing responses. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match. outgoing_allow_headers is a list of exceptions to these removals." - - - name: filter:name_check.forbidden_chars - type: string - default: "\\'\"`<>" - - - name: filter:name_check.maximum_length - type: string - default: '255' - - - name: filter:name_check.forbidden_regexp - type: string - default: '/\\./|/\\.\\./|/\\.$|/\\.\\.$' - - - name: filter:list-endpoints.list_endpoints_path - type: string - default: '/endpoints/' - - - name: filter:proxy-logging.access_log_name - type: string - default: 'swift' - help: "If not set, logging directives from [DEFAULT] without 'access_' will be used" - - - name: filter:proxy-logging.access_log_facility - type: string - default: 'LOG_LOCAL0' - help: "If not set, logging directives from [DEFAULT] without 'access_' will be used" - - - name: filter:proxy-logging.access_log_level - type: string - default: 'INFO' - help: "If not set, logging directives from [DEFAULT] without 'access_' will be used" - - - name: filter:proxy-logging.access_log_address - type: string - default: '/dev/log' - help: "If not set, logging directives from [DEFAULT] without 'access_' will be used" - - - name: filter:proxy-logging.access_log_udp_host - type: string - default: '' - help: 'If set, access_log_udp_host will override access_log_address' - - - name: filter:proxy-logging.access_log_udp_port - type: string - default: '514' - help: 'If set, access_log_udp_host will override access_log_address' - - - name: filter:proxy-logging.access_log_statsd_host - type: host - default: 'localhost' - help: 'You can use log_statsd_* from [DEFAULT] or override them here:' - - - name: filter:proxy-logging.access_log_statsd_port - type: string - default: '8125' - help: 'You can use log_statsd_* from [DEFAULT] or override them here:' - - - name: filter:proxy-logging.access_log_statsd_default_sample_rate - type: string - default: '1.0' - help: 'You can use log_statsd_* from [DEFAULT] or override them here:' - - - name: filter:proxy-logging.access_log_statsd_sample_rate_factor - type: string - default: '1.0' - help: 'You can use log_statsd_* from [DEFAULT] or override them here:' - - - name: filter:proxy-logging.access_log_statsd_metric_prefix - type: string - default: '' - help: 'You can use log_statsd_* from [DEFAULT] or override them here:' - - - name: filter:proxy-logging.access_log_headers - type: string - default: 'false' - help: 'You can use log_statsd_* from [DEFAULT] or override them here:' - - - name: filter:bulk.max_containers_per_extraction - type: string - default: '10000' - - - name: filter:bulk.max_failed_extractions - type: string - default: '1000' - - - name: filter:bulk.max_deletes_per_request - type: string - default: '10000' - - - name: filter:bulk.yield_frequency - type: string - default: '60' - - - name: filter:slo.max_manifest_segments - type: string - default: '1000' - - - name: filter:slo.max_manifest_size - type: string - default: '2097152' - - - name: filter:slo.min_segment_size - type: string - default: '1048576' - diff --git a/rubick/schemas/swift_proxy_server/swift_proxy_server.conf.yml b/rubick/schemas/swift_proxy_server/swift_proxy_server.conf.yml deleted file mode 100644 index 23e77f0..0000000 --- a/rubick/schemas/swift_proxy_server/swift_proxy_server.conf.yml +++ /dev/null @@ -1,757 +0,0 @@ -- version: '2013.2.1' - checkpoint: true - added: - - - name: bind_ip - type: string - default: '0.0.0.0' - comment: 'New param' - - - name: bind_port - type: string - default: '80' - comment: 'New param' - - - name: bind_timeout - type: string - default: '30' - comment: 'New param' - - - name: backlog - type: string - default: '4096' - comment: 'New param' - - - name: swift_dir - type: string - default: '/etc/swift' - comment: 'New param' - - - name: user - type: string - default: 'swift' - comment: 'New param' - - - name: workers - type: string - default: 'auto' - help: "Use an integer to override the number of pre-forked processes that will accept connections. Should default to the number of effective cpu cores in the system. It's worth noting that individual workers will use many eventlet co-routines to service multiple concurrent requests." - comment: 'New param' - - - name: max_clients - type: string - default: '1024' - help: 'Maximum concurrent requests per worker' - comment: 'New param' - - - name: cert_file - type: string - default: '/etc/swift/proxy.crt' - help: 'Set the following two lines to enable SSL. This is for testing only.' - comment: 'New param' - - - name: key_file - type: string - default: '/etc/swift/proxy.key' - help: 'Set the following two lines to enable SSL. This is for testing only.' - comment: 'New param' - - - name: log_name - type: string - default: 'swift' - help: 'You can specify default log routing here if you want:' - comment: 'New param' - - - name: log_facility - type: string - default: 'LOG_LOCAL0' - help: 'You can specify default log routing here if you want:' - comment: 'New param' - - - name: log_level - type: string - default: 'INFO' - help: 'You can specify default log routing here if you want:' - comment: 'New param' - - - name: log_headers - type: string - default: 'false' - help: 'You can specify default log routing here if you want:' - comment: 'New param' - - - name: log_address - type: string - default: '/dev/log' - help: 'You can specify default log routing here if you want:' - comment: 'New param' - - - name: trans_id_suffix - type: string - default: '' - help: 'This optional suffix (default is empty) that would be appended to the swift transaction id allows one to easily figure out from which cluster that X-Trans-Id belongs to. This is very useful when one is managing more than one swift cluster.' - comment: 'New param' - - - name: log_custom_handlers - type: string - default: '' - help: 'comma separated list of functions to call to setup custom log handlers. functions get passed: conf, name, log_to_console, log_route, fmt, logger, adapted_logger' - comment: 'New param' - - - name: log_udp_host - type: string - default: '' - help: 'If set, log_udp_host will override log_address' - comment: 'New param' - - - name: log_udp_port - type: string - default: '514' - help: 'If set, log_udp_host will override log_address' - comment: 'New param' - - - name: log_statsd_host - type: host - default: 'localhost' - help: 'You can enable StatsD logging here:' - comment: 'New param' - - - name: log_statsd_port - type: string - default: '8125' - help: 'You can enable StatsD logging here:' - comment: 'New param' - - - name: log_statsd_default_sample_rate - type: string - default: '1.0' - help: 'You can enable StatsD logging here:' - comment: 'New param' - - - name: log_statsd_sample_rate_factor - type: string - default: '1.0' - help: 'You can enable StatsD logging here:' - comment: 'New param' - - - name: log_statsd_metric_prefix - type: string - default: '' - help: 'You can enable StatsD logging here:' - comment: 'New param' - - - name: cors_allow_origin - type: string - default: '' - help: 'Use a comma separated list of full url (http://foo.bar:1234,https://foo.bar)' - comment: 'New param' - - - name: client_timeout - type: string - default: '60' - comment: 'New param' - - - name: eventlet_debug - type: string - default: 'false' - comment: 'New param' - - - name: 'pipeline:main.pipeline' - type: string - default: 'catch_errors healthcheck proxy-logging cache bulk slo ratelimit tempauth container-quotas account-quotas proxy-logging proxy-server' - comment: 'New param' - - - name: 'filter:account-quotas.use' - type: string - default: 'egg:swift#account_quotas' - comment: 'New param' - - - name: 'filter:cname_lookup.set log_name' - type: string - default: 'cname_lookup' - help: 'Note: this middleware requires python-dnspython You can override the default log routing for this filter here:' - comment: 'New param' - - - name: 'filter:cname_lookup.set log_facility' - type: string - default: 'LOG_LOCAL0' - help: 'Note: this middleware requires python-dnspython You can override the default log routing for this filter here:' - comment: 'New param' - - - name: 'filter:cname_lookup.set log_level' - type: string - default: 'INFO' - help: 'Note: this middleware requires python-dnspython You can override the default log routing for this filter here:' - comment: 'New param' - - - name: 'filter:cname_lookup.set log_address' - type: string - default: '/dev/log' - help: 'Note: this middleware requires python-dnspython You can override the default log routing for this filter here:' - comment: 'New param' - - - name: 'app:proxy-server.log_handoffs' - type: string - default: 'true' - comment: 'New param' - - - name: 'app:proxy-server.recheck_account_existence' - type: string - default: '60' - comment: 'New param' - - - name: 'app:proxy-server.recheck_container_existence' - type: string - default: '60' - comment: 'New param' - - - name: 'app:proxy-server.object_chunk_size' - type: string - default: '8192' - comment: 'New param' - - - name: 'app:proxy-server.client_chunk_size' - type: string - default: '8192' - comment: 'New param' - - - name: 'app:proxy-server.node_timeout' - type: string - default: '10' - comment: 'New param' - - - name: 'app:proxy-server.conn_timeout' - type: string - default: '0.5' - comment: 'New param' - - - name: 'app:proxy-server.error_suppression_interval' - type: string - default: '60' - help: "How long without an error before a node's error count is reset. This will also be how long before a node is reenabled after suppression is triggered." - comment: 'New param' - - - name: 'app:proxy-server.error_suppression_limit' - type: string - default: '10' - help: 'How many errors can accumulate before a node is temporarily ignored.' - comment: 'New param' - - - name: 'app:proxy-server.allow_account_management' - type: string - default: 'false' - help: "If set to 'true' any authorized user may create and delete accounts; if 'false' no one, even authorized, can." - comment: 'New param' - - - name: 'app:proxy-server.object_post_as_copy' - type: string - default: 'true' - help: "Set object_post_as_copy = false to turn on fast posts where only the metadata changes are stored anew and the original data file is kept in place. This makes for quicker posts; but since the container metadata isn't updated in this mode, features like container sync won't be able to sync posts." - comment: 'New param' - - - name: 'app:proxy-server.account_autocreate' - type: string - default: 'false' - help: "If set to 'true' authorized accounts that do not yet exist within the Swift cluster will be automatically created." - comment: 'New param' - - - name: 'app:proxy-server.max_containers_per_account' - type: string - default: '0' - help: 'If set to a positive value, trying to create a container when the account already has at least this maximum containers will result in a 403 Forbidden. Note: This is a soft limit, meaning a user might exceed the cap for recheck_account_existence before the 403s kick in.' - comment: 'New param' - - - name: 'app:proxy-server.max_containers_whitelist' - type: string - default: '' - help: 'This is a comma separated list of account hashes that ignore the max_containers_per_account cap.' - comment: 'New param' - - - name: 'app:proxy-server.deny_host_headers' - type: string - default: '' - help: 'Comma separated list of Host headers to which the proxy will deny requests.' - comment: 'New param' - - - name: 'app:proxy-server.auto_create_account_prefix' - type: string - default: '.' - help: 'Prefix used when automatically creating accounts.' - comment: 'New param' - - - name: 'app:proxy-server.put_queue_depth' - type: string - default: '10' - help: 'Depth of the proxy put queue.' - comment: 'New param' - - - name: 'app:proxy-server.rate_limit_after_segment' - type: string - default: '10' - help: 'Start rate-limiting object segment serving after the Nth segment of a segmented object.' - comment: 'New param' - - - name: 'app:proxy-server.rate_limit_segments_per_sec' - type: string - default: '1' - help: 'Once segment rate-limiting kicks in for an object, limit segments served to N per second.' - comment: 'New param' - - - name: 'app:proxy-server.sorting_method' - type: string - default: 'shuffle' - help: "Storage nodes can be chosen at random (shuffle), by using timing measurements (timing), or by using an explicit match (affinity). Using timing measurements may allow for lower overall latency, while using affinity allows for finer control. In both the timing and affinity cases, equally-sorting nodes are still randomly chosen to spread load. The valid values for sorting_method are 'affinity', 'shuffle', and 'timing'." - comment: 'New param' - - - name: 'app:proxy-server.timing_expiry' - type: string - default: '300' - help: "If the 'timing' sorting_method is used, the timings will only be valid for the number of seconds configured by timing_expiry." - comment: 'New param' - - - name: 'app:proxy-server.allow_static_large_object' - type: string - default: 'true' - help: "If set to false will treat objects with X-Static-Large-Object header set as a regular object on GETs, i.e. will return that object's contents. Should be set to false if slo is not used in pipeline." - comment: 'New param' - - - name: 'app:proxy-server.max_large_object_get_time' - type: string - default: '86400' - help: 'The maximum time (seconds) that a large object connection is allowed to last.' - comment: 'New param' - - - name: 'app:proxy-server.request_node_count' - type: string - default: '2 * replicas' - help: "Set to the number of nodes to contact for a normal request. You can use '* replicas' at the end to have it use the number given times the number of replicas for the ring being used for the request." - comment: 'New param' - - - name: 'app:proxy-server.read_affinity' - type: string - default: '' - help: 'Example: first read from region 1 zone 1, then region 1 zone 2, then anything in region 2, then everything else: read_affinity = r1z1=100, r1z2=200, r2=300 Default is empty, meaning no preference.' - comment: 'New param' - - - name: 'app:proxy-server.write_affinity' - type: string - default: '' - help: 'Example: try to write to regions 1 and 2 before writing to any other nodes: write_affinity = r1, r2 Default is empty, meaning no preference.' - comment: 'New param' - - - name: 'app:proxy-server.write_affinity_node_count' - type: string - default: '2 * replicas' - help: "The number of local (as governed by the write_affinity setting) nodes to attempt to contact first, before any non-local ones. You can use '* replicas' at the end to have it use the number given times the number of replicas for the ring being used for the request." - comment: 'New param' - - - name: 'app:proxy-server.swift_owner_headers' - type: string - default: 'x-container-read, x-container-write, x-container-sync-key, x-container-sync-to, x-account-meta-temp-url-key, x-account-meta-temp-url-key-2' - help: 'These are the headers whose values will only be shown to swift_owners. The exact definition of a swift_owner is up to the auth system in use, but usually indicates administrative responsibilities.' - comment: 'New param' - - - name: 'filter:cname_lookup.set log_headers' - type: string - default: 'false' - help: 'Note: this middleware requires python-dnspython You can override the default log routing for this filter here:' - comment: 'New param' - - - name: 'filter:tempauth.reseller_prefix' - type: string - default: 'AUTH' - help: 'The reseller prefix will verify a token begins with this prefix before even attempting to validate it. Also, with authorization, only Swift storage accounts with this prefix will be authorized by this middleware. Useful if multiple auth systems are in use for one Swift cluster.' - comment: 'New param' - - - name: 'filter:tempauth.auth_prefix' - type: string - default: '/auth/' - help: 'The auth prefix will cause requests beginning with this prefix to be routed to the auth subsystem, for granting tokens, etc.' - comment: 'New param' - - - name: 'filter:tempauth.token_life' - type: string - default: '86400' - help: 'The auth prefix will cause requests beginning with this prefix to be routed to the auth subsystem, for granting tokens, etc.' - comment: 'New param' - - - name: 'filter:tempauth.allow_overrides' - type: string - default: 'true' - help: "This allows middleware higher in the WSGI pipeline to override auth processing, useful for middleware such as tempurl and formpost. If you know you're not going to use such middleware and you want a bit of extra security, you can set this to false." - comment: 'New param' - - - name: 'filter:tempauth.storage_url_scheme' - type: string - default: 'default' - help: 'This specifies what scheme to return with storage urls: http, https, or default (chooses based on what the server is running as) This can be useful with an SSL load balancer in front of a non-SSL server.' - comment: 'New param' - - - name: 'filter:tempauth.user_admin_admin' - type: string - default: 'admin .admin .reseller_admin' - help: 'Lastly, you need to list all the accounts/users you want here. The format is: user__ = [group] [group] [...] [storage_url] or if you want underscores in or , you can base64 encode them (with no equal signs) and use this format: user64__ = [group] [group] [...] [storage_url] There are special groups of: .reseller_admin = can do anything to any account for this auth .admin = can do anything within the account If neither of these groups are specified, the user can only access containers that have been explicitly allowed for them by a .admin or .reseller_admin. The trailing optional storage_url allows you to specify an alternate url to hand back to the user upon authentication. If not specified, this defaults to $HOST/v1/_ where $HOST will do its best to resolve to what the requester would need to use to reach this host. Here are example entries, required for running the tests:' - comment: 'New param' - - - name: 'filter:tempauth.user_test_tester' - type: string - default: 'testing .admin' - help: 'Lastly, you need to list all the accounts/users you want here. The format is: user__ = [group] [group] [...] [storage_url] or if you want underscores in or , you can base64 encode them (with no equal signs) and use this format: user64__ = [group] [group] [...] [storage_url] There are special groups of: .reseller_admin = can do anything to any account for this auth .admin = can do anything within the account If neither of these groups are specified, the user can only access containers that have been explicitly allowed for them by a .admin or .reseller_admin. The trailing optional storage_url allows you to specify an alternate url to hand back to the user upon authentication. If not specified, this defaults to $HOST/v1/_ where $HOST will do its best to resolve to what the requester would need to use to reach this host. Here are example entries, required for running the tests:' - comment: 'New param' - - - name: 'filter:tempauth.user_test2_tester2' - type: string - default: 'testing2 .admin' - help: 'Lastly, you need to list all the accounts/users you want here. The format is: user__ = [group] [group] [...] [storage_url] or if you want underscores in or , you can base64 encode them (with no equal signs) and use this format: user64__ = [group] [group] [...] [storage_url] There are special groups of: .reseller_admin = can do anything to any account for this auth .admin = can do anything within the account If neither of these groups are specified, the user can only access containers that have been explicitly allowed for them by a .admin or .reseller_admin. The trailing optional storage_url allows you to specify an alternate url to hand back to the user upon authentication. If not specified, this defaults to $HOST/v1/_ where $HOST will do its best to resolve to what the requester would need to use to reach this host. Here are example entries, required for running the tests:' - comment: 'New param' - - - name: 'filter:tempauth.user_test_tester3' - type: string - default: 'testing3' - help: 'Lastly, you need to list all the accounts/users you want here. The format is: user__ = [group] [group] [...] [storage_url] or if you want underscores in or , you can base64 encode them (with no equal signs) and use this format: user64__ = [group] [group] [...] [storage_url] There are special groups of: .reseller_admin = can do anything to any account for this auth .admin = can do anything within the account If neither of these groups are specified, the user can only access containers that have been explicitly allowed for them by a .admin or .reseller_admin. The trailing optional storage_url allows you to specify an alternate url to hand back to the user upon authentication. If not specified, this defaults to $HOST/v1/_ where $HOST will do its best to resolve to what the requester would need to use to reach this host. Here are example entries, required for running the tests:' - comment: 'New param' - - - name: 'filter:tempauth.paste.filter_factory' - type: string - default: 'keystoneclient.middleware.auth_token:filter_factory' - help: '[filter:authtoken]' - comment: 'New param' - - - name: 'filter:tempauth.auth_host' - type: string - default: 'keystonehost' - help: '[filter:authtoken]' - comment: 'New param' - - - name: 'filter:tempauth.auth_port' - type: string - default: '35357' - help: '[filter:authtoken]' - comment: 'New param' - - - name: 'filter:tempauth.auth_protocol' - type: string - default: 'http' - help: '[filter:authtoken]' - comment: 'New param' - - - name: 'filter:tempauth.auth_uri' - type: string - default: 'http://keystonehost:5000/' - help: '[filter:authtoken]' - comment: 'New param' - - - name: 'filter:tempauth.admin_tenant_name' - type: string - default: 'service' - help: '[filter:authtoken]' - comment: 'New param' - - - name: 'filter:tempauth.admin_user' - type: string - default: 'swift' - help: '[filter:authtoken]' - comment: 'New param' - - - name: 'filter:tempauth.admin_password' - type: string - default: 'password' - help: '[filter:authtoken]' - comment: 'New param' - - - name: 'filter:tempauth.delay_auth_decision' - type: string - default: '1' - help: '[filter:authtoken]' - comment: 'New param' - - - name: 'filter:tempauth.cache' - type: string - default: 'swift.cache' - help: '[filter:authtoken]' - comment: 'New param' - - - name: 'filter:tempauth.operator_roles' - type: string - default: 'admin, swiftoperator' - help: '[filter:keystoneauth] Operator roles is the role which user would be allowed to manage a tenant and be able to create container or give ACL to others.' - comment: 'New param' - - - name: 'filter:tempauth.reseller_admin_role' - type: string - default: 'ResellerAdmin' - help: '[filter:keystoneauth] Operator roles is the role which user would be allowed to manage a tenant and be able to create container or give ACL to others. The reseller admin role has the ability to create and delete accounts' - comment: 'New param' - - - name: 'filter:healthcheck.disable_path' - type: string - default: '' - help: "An optional filesystem path, which if present, will cause the healthcheck URL to return '503 Service Unavailable' with a body of 'DISABLED BY FILE'. This facility may be used to temporarily remove a Swift node from a load balancer pool during maintenance or upgrade (remove the file to allow the node back into the load balancer pool)." - comment: 'New param' - - - name: 'filter:cache.memcache_servers' - type: string - default: '127.0.0.1:11211' - help: 'If not set here, the value for memcache_servers will be read from memcache.conf (see memcache.conf-sample) or lacking that file, it will default to the value below. You can specify multiple servers separated with commas, as in: 10.1.2.3:11211,10.1.2.4:11211' - comment: 'New param' - - - name: 'filter:cache.memcache_serialization_support' - type: string - default: '2' - help: 'Sets how memcache values are serialized and deserialized: 0 = older, insecure pickle serialization 1 = json serialization but pickles can still be read (still insecure) 2 = json serialization only (secure and the default) If not set here, the value for memcache_serialization_support will be read from /etc/swift/memcache.conf (see memcache.conf-sample). To avoid an instant full cache flush, existing installations should upgrade with 0, then set to 1 and reload, then after some time (24 hours) set to 2 and reload. In the future, the ability to use pickle serialization will be removed.' - comment: 'New param' - - - name: 'filter:ratelimit.clock_accuracy' - type: string - default: '1000' - help: "clock_accuracy should represent how accurate the proxy servers' system clocks are with each other. 1000 means that all the proxies' clock are accurate to each other within 1 millisecond. No ratelimit should be higher than the clock accuracy." - comment: 'New param' - - - name: 'filter:ratelimit.max_sleep_time_seconds' - type: string - default: '60' - comment: 'New param' - - - name: 'filter:ratelimit.log_sleep_time_seconds' - type: string - default: '0' - help: 'log_sleep_time_seconds of 0 means disabled' - comment: 'New param' - - - name: 'filter:ratelimit.rate_buffer_seconds' - type: string - default: '5' - help: "allows for slow rates (e.g. running up to 5 sec's behind) to catch up." - comment: 'New param' - - - name: 'filter:ratelimit.account_ratelimit' - type: string - default: '0' - help: 'account_ratelimit of 0 means disabled' - comment: 'New param' - - - name: 'filter:ratelimit.account_whitelist' - type: string - default: 'a,b' - help: 'these are comma separated lists of account names' - comment: 'New param' - - - name: 'filter:ratelimit.account_blacklist' - type: string - default: 'c,d' - help: 'these are comma separated lists of account names' - comment: 'New param' - - - name: 'filter:ratelimit.with container_limit_x' - type: string - default: 'r' - comment: 'New param' - - - name: 'filter:ratelimit.container_ratelimit_0' - type: string - default: '100' - help: 'for containers of size x limit write requests per second to r. The container rate will be linearly interpolated from the values given. With the values below, a container of size 5 will get a rate of 75.' - comment: 'New param' - - - name: 'filter:ratelimit.container_ratelimit_10' - type: string - default: '50' - help: 'for containers of size x limit write requests per second to r. The container rate will be linearly interpolated from the values given. With the values below, a container of size 5 will get a rate of 75.' - comment: 'New param' - - - name: 'filter:ratelimit.container_ratelimit_50' - type: string - default: '20' - help: 'for containers of size x limit write requests per second to r. The container rate will be linearly interpolated from the values given. With the values below, a container of size 5 will get a rate of 75.' - comment: 'New param' - - - name: 'filter:ratelimit.container_listing_ratelimit_0' - type: string - default: '100' - help: 'Similarly to the above container-level write limits, the following will limit container GET (listing) requests.' - comment: 'New param' - - - name: 'filter:ratelimit.container_listing_ratelimit_10' - type: string - default: '50' - help: 'Similarly to the above container-level write limits, the following will limit container GET (listing) requests.' - comment: 'New param' - - - name: 'filter:ratelimit.container_listing_ratelimit_50' - type: string - default: '20' - help: 'Similarly to the above container-level write limits, the following will limit container GET (listing) requests.' - comment: 'New param' - - - name: 'filter:cname_lookup.storage_domain' - type: string - default: 'example.com' - comment: 'New param' - - - name: 'filter:domain_remap.path_root' - type: string - default: 'v1' - comment: 'New param' - - - name: 'filter:domain_remap.reseller_prefixes' - type: string - default: 'AUTH' - comment: 'New param' - - - name: 'filter:cname_lookup.lookup_depth' - type: string - default: '1' - comment: 'New param' - - - name: 'filter:tempurl.methods' - type: string - default: 'GET HEAD PUT' - help: 'The methods allowed with Temp URLs.' - comment: 'New param' - - - name: 'filter:tempurl.incoming_remove_headers' - type: string - default: 'x-timestamp' - help: "The headers to remove from incoming requests. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match. incoming_allow_headers is a list of exceptions to these removals." - comment: 'New param' - - - name: 'filter:tempurl.incoming_allow_headers' - type: string - default: '' - help: "The headers allowed as exceptions to incoming_remove_headers. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match." - comment: 'New param' - - - name: 'filter:tempurl.outgoing_remove_headers' - type: string - default: 'x-object-meta-*' - help: "The headers to remove from outgoing responses. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match. outgoing_allow_headers is a list of exceptions to these removals." - comment: 'New param' - - - name: 'filter:name_check.forbidden_chars' - type: string - default: "\\'\"`<>" - comment: 'New param' - - - name: 'filter:name_check.maximum_length' - type: string - default: '255' - comment: 'New param' - - - name: 'filter:name_check.forbidden_regexp' - type: string - default: '/\\./|/\\.\\./|/\\.$|/\\.\\.$' - comment: 'New param' - - - name: 'filter:list-endpoints.list_endpoints_path' - type: string - default: '/endpoints/' - comment: 'New param' - - - name: 'filter:proxy-logging.access_log_name' - type: string - default: 'swift' - help: "If not set, logging directives from [DEFAULT] without 'access_' will be used" - comment: 'New param' - - - name: 'filter:proxy-logging.access_log_facility' - type: string - default: 'LOG_LOCAL0' - help: "If not set, logging directives from [DEFAULT] without 'access_' will be used" - comment: 'New param' - - - name: 'filter:proxy-logging.access_log_level' - type: string - default: 'INFO' - help: "If not set, logging directives from [DEFAULT] without 'access_' will be used" - comment: 'New param' - - - name: 'filter:proxy-logging.access_log_address' - type: string - default: '/dev/log' - help: "If not set, logging directives from [DEFAULT] without 'access_' will be used" - comment: 'New param' - - - name: 'filter:proxy-logging.access_log_udp_host' - type: string - default: '' - help: 'If set, access_log_udp_host will override access_log_address' - comment: 'New param' - - - name: 'filter:proxy-logging.access_log_udp_port' - type: string - default: '514' - help: 'If set, access_log_udp_host will override access_log_address' - comment: 'New param' - - - name: 'filter:proxy-logging.access_log_statsd_host' - type: host - default: 'localhost' - help: 'You can use log_statsd_* from [DEFAULT] or override them here:' - comment: 'New param' - - - name: 'filter:proxy-logging.access_log_statsd_port' - type: string - default: '8125' - help: 'You can use log_statsd_* from [DEFAULT] or override them here:' - comment: 'New param' - - - name: 'filter:proxy-logging.access_log_statsd_default_sample_rate' - type: string - default: '1.0' - help: 'You can use log_statsd_* from [DEFAULT] or override them here:' - comment: 'New param' - - - name: 'filter:proxy-logging.access_log_statsd_sample_rate_factor' - type: string - default: '1.0' - help: 'You can use log_statsd_* from [DEFAULT] or override them here:' - comment: 'New param' - - - name: 'filter:proxy-logging.access_log_statsd_metric_prefix' - type: string - default: '' - help: 'You can use log_statsd_* from [DEFAULT] or override them here:' - comment: 'New param' - - - name: 'filter:proxy-logging.access_log_headers' - type: string - default: 'false' - help: 'You can use log_statsd_* from [DEFAULT] or override them here:' - comment: 'New param' - - - name: 'filter:bulk.max_containers_per_extraction' - type: string - default: '10000' - comment: 'New param' - - - name: 'filter:bulk.max_failed_extractions' - type: string - default: '1000' - comment: 'New param' - - - name: 'filter:bulk.max_deletes_per_request' - type: string - default: '10000' - comment: 'New param' - - - name: 'filter:bulk.yield_frequency' - type: string - default: '60' - comment: 'New param' - - - name: 'filter:slo.max_manifest_segments' - type: string - default: '1000' - comment: 'New param' - - - name: 'filter:slo.max_manifest_size' - type: string - default: '2097152' - comment: 'New param' - - - name: 'filter:slo.min_segment_size' - type: string - default: '1048576' - comment: 'New param' - -# ==================================================== diff --git a/rubick/schemas/yaml_utils.py b/rubick/schemas/yaml_utils.py deleted file mode 100644 index 853970e..0000000 --- a/rubick/schemas/yaml_utils.py +++ /dev/null @@ -1,36 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. - - -def yaml_string(s, allowSimple=False): - if "'" in s: - return '"%s"' % s.replace('\\', '\\\\').replace('"', '\\"') - else: - if not allowSimple or any([c in s for c in " :,"]): - return "'%s'" % s - else: - return s - - -def yaml_value(x): - if x is None: - return '~' - elif x is True: - return 'true' - elif x is False: - return 'false' - elif isinstance(x, str): - return yaml_string(x) - else: - return repr(x) diff --git a/rubick/templates/validation_error.html b/rubick/templates/validation_error.html deleted file mode 100644 index 78db8bd..0000000 --- a/rubick/templates/validation_error.html +++ /dev/null @@ -1,29 +0,0 @@ -{% extends "bootstrap/base.html" %} -{% import "bootstrap/wtf.html" as wtf %} - -{% block title %}OpenStack Validator Result{% endblock %} - -{% block content %} -
-

OpenStack Validation Error

- -

- {{ message }} -

- -
-
- {{ form.hidden_tag() }} - - {{ wtf.form_field(form.nodes) }} - {{ wtf.form_field(form.username) }} - {{ wtf.form_field(form.private_key) }} -
- - New inspection -
- -
- -{% endblock %} - diff --git a/rubick/templates/validation_form.html b/rubick/templates/validation_form.html deleted file mode 100644 index 4bfc417..0000000 --- a/rubick/templates/validation_form.html +++ /dev/null @@ -1,13 +0,0 @@ -{% extends "bootstrap/base.html" %} -{% import "bootstrap/wtf.html" as wtf %} - -{% block title %}OpenStack Validator{% endblock %} - -{% block content %} -
-

OpenStack Validator

- {{ wtf.quick_form(form, action='/validation', method='POST', button_map={'launch': 'primary'}) }} -
- -{% endblock %} - diff --git a/rubick/templates/validation_result.html b/rubick/templates/validation_result.html deleted file mode 100644 index 56b6de7..0000000 --- a/rubick/templates/validation_result.html +++ /dev/null @@ -1,65 +0,0 @@ -{% extends "bootstrap/base.html" %} -{% import "bootstrap/wtf.html" as wtf %} - -{% block title %}OpenStack Validator Result{% endblock %} - -{% block content %} -
-

OpenStack Validation Result

- -

Hosts

-
    - {% for host in openstack.hosts %} -
  • - {{ host.name }} -
      - {% for component in host.components %} -
    • {{ component.name }} version {{ component.version }}
      • - {% endfor %} -
    -
    • - {% endfor %} -
- -

Issues

-
    - {% for group, issues in grouped_issues %} -
  • - - {% if group %} - {{ group }} - {% else %} - General issues - {% endif %} - -
      - {% for issue in issues %} -
    • - {{ issue.type | capitalize }} - {{ issue.message }} - {% if issue.mark %} - (line {{ issue.mark.line+1 }} column {{ issue.mark.column+1 }}) - {% endif %} -
      • - {% endfor %} -
    -
    • - {% endfor %} -
- -
-
- {{ form.hidden_tag() }} - - {{ wtf.form_field(form.nodes) }} - {{ wtf.form_field(form.username) }} - {{ wtf.form_field(form.private_key) }} -
- - New inspection -
- -
- -{% endblock %} - diff --git a/rubick/templates/validation_state.html b/rubick/templates/validation_state.html deleted file mode 100644 index 6b85c82..0000000 --- a/rubick/templates/validation_state.html +++ /dev/null @@ -1,23 +0,0 @@ -{% extends "bootstrap/base.html" %} - -{% block title %}OpenStack Validation{% endblock %} - -{% block content %} -
-

OpenStack Validation Result

- -

- Job state is {{ state }} -

- - - -
- -{% endblock %} - - diff --git a/rubick/test_config_schema_registry.py b/rubick/test_config_schema_registry.py deleted file mode 100644 index b4012d2..0000000 --- a/rubick/test_config_schema_registry.py +++ /dev/null @@ -1,88 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -import unittest -from contextlib import contextmanager - -from rubick.schema import ConfigSchemaRegistry -from rubick.common import find, Version - - -class TestConfigSchemaLoader(object): - def __init__(self): - super(TestConfigSchemaLoader, self).__init__() - self._records = [] - - @contextmanager - def version(self, version, checkpoint=False): - self._current_version = dict(version=version, checkpoint=checkpoint, - added=[], removed=[]) - self._records.append(self._current_version) - yield - self._current_version = None - - def param(self, name, type, default=None, description=None): - self._current_version['added'].append( - dict(name=name, type=type, default=default, - description=description)) - - def removed_param(self, name): - self._current_version['removed'].append(name) - - def load(self, project, configname): - return self._records - - -class ConfigSchemaRegistryTests(unittest.TestCase): - - def test_sample(self): - loader = TestConfigSchemaLoader() - with loader.version('1.0.0', checkpoint=True): - loader.param('verbose', type='boolean') - loader.param('rabbit_host', type='address') - - with loader.version('1.1.0'): - loader.param('verbose', type='boolean', default=False) - loader.removed_param('rabbit_host') - - schema10 = ConfigSchemaRegistry.get_schema( - project='nova', version='1.0.0', schema_loader=loader) - - self.assertEqual(Version('1.0.0'), schema10.version) - self.assertEqual('ini', schema10.format) - - def find_param(params, name): - return find(params, lambda p: p.name == name) - - verbose_param = find_param(schema10.parameters, 'verbose') - self.assertIsNotNone(verbose_param) - self.assertEqual('boolean', verbose_param.type) - self.assertEqual(None, verbose_param.default) - - rabbit_host_param = find_param(schema10.parameters, 'rabbit_host') - self.assertIsNotNone(rabbit_host_param) - self.assertEqual('address', rabbit_host_param.type) - - schema11 = ConfigSchemaRegistry.get_schema( - project='nova', version='1.1.0', schema_loader=loader) - - verbose_param11 = find_param(schema11.parameters, 'verbose') - self.assertIsNotNone(verbose_param11) - self.assertEqual(False, verbose_param11.default) - - rabbit_host_param11 = find_param(schema11.parameters, 'rabbit_host') - self.assertIsNone(rabbit_host_param11) - - -if __name__ == '__main__': - unittest.main() diff --git a/rubick/test_configuration.py b/rubick/test_configuration.py deleted file mode 100644 index 9a2b384..0000000 --- a/rubick/test_configuration.py +++ /dev/null @@ -1,315 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -import unittest - -from rubick.config_model import Configuration -from rubick.schema import ConfigSchema, ConfigParameterSchema, \ - InvalidValueError - - -class ConfigurationTests(unittest.TestCase): - section = 'section1' - param = 'param1' - fullparam = '%s.%s' % (section, param) - value = 'foobar' - default_value = 'bar123' - - def test_empty(self): - c = Configuration() - self.assertIsNone(c.get('section1.param1')) - - def test_storage(self): - c = Configuration() - c.set(self.fullparam, self.value) - - self.assertEqual(self.value, c.get(self.fullparam)) - - def test_parameter_names_containing_sections(self): - c = Configuration() - c.set(self.fullparam, self.value) - - self.assertEqual( - self.value, c.get('%s.%s' % - (self.section, self.param))) - - def test_parameter_with_default_section(self): - c = Configuration() - c.set(self.param, self.value) - - self.assertEqual(self.value, c.get(self.param)) - - def test_explicit_default_on_get(self): - c = Configuration() - override_value = '12345' - - self.assertEqual( - override_value, - c.get(self.fullparam, - default=override_value)) - - def test_default(self): - c = Configuration() - c.set_default(self.fullparam, self.default_value) - - self.assertEqual(self.default_value, c.get(self.fullparam)) - - def test_normal_overrides_default(self): - c = Configuration() - c.set(self.fullparam, self.value) - c.set_default(self.fullparam, self.default_value) - - self.assertEqual(self.value, c.get(self.fullparam)) - - def test_contains(self): - c = Configuration() - self.assertFalse(c.contains(self.fullparam)) - - def test_contains_default(self): - c = Configuration() - c.set_default(self.fullparam, self.default_value) - - self.assertTrue(c.contains(self.fullparam)) - self.assertFalse(c.contains(self.fullparam, ignoreDefault=True)) - - def test_contains_normal(self): - c = Configuration() - c.set(self.fullparam, self.value) - - self.assertTrue(c.contains(self.fullparam)) - self.assertTrue(c.contains(self.fullparam, ignoreDefault=True)) - - def test_is_default_returns_false_if_param_missing(self): - c = Configuration() - self.assertFalse(c.is_default(self.fullparam)) - - def test_is_default_returns_true_if_only_default_value_set(self): - c = Configuration() - c.set_default(self.fullparam, self.default_value) - - self.assertTrue(c.is_default(self.fullparam)) - - def test_is_default_returns_false_if_normal_value_set(self): - c = Configuration() - c.set(self.fullparam, self.value) - - self.assertFalse(c.is_default(self.fullparam)) - - def test_is_default_returns_false_if_both_values_set(self): - c = Configuration() - c.set_default(self.fullparam, self.default_value) - c.set(self.fullparam, self.value) - - self.assertFalse(c.is_default(self.fullparam)) - - def test_subsection_set(self): - c = Configuration() - c.section(self.section).set(self.param, self.value) - - self.assertEqual(self.value, c.get(self.fullparam)) - - def test_keys(self): - c = Configuration() - c.set_default('section1.param1', '123') - c.set('section2.param1', '456') - - self.assertEqual(['section1', 'section2'], sorted(c.keys())) - - def test_subsection_keys(self): - c = Configuration() - c.set_default('%s.param1' % self.section, '123') - c.set('%s.param2' % self.section, '456') - - self.assertEqual( - ['param1', 'param2'], sorted(c.section(self.section).keys())) - - def test_subsection_items(self): - c = Configuration() - c.set('%s.param1' % self.section, 'value1') - c.set_default('%s.param2' % self.section, 'value2') - - self.assertEqual( - [('param1', 'value1'), ('param2', 'value2')], - sorted(c.section(self.section).items())) - - def test_subsection_get(self): - c = Configuration() - - c.set(self.fullparam, self.value) - - cs = c.section(self.section) - self.assertEqual(self.value, cs.get(self.param)) - - def test_getitem(self): - c = Configuration() - c.set(self.fullparam, self.value) - - self.assertEqual(self.value, c[self.fullparam]) - - def test_subsection_getitem(self): - c = Configuration() - c.set(self.fullparam, self.value) - - cs = c.section(self.section) - - self.assertEqual(self.value, cs[self.param]) - - def test_setitem(self): - c = Configuration() - - c[self.fullparam] = self.value - - self.assertEqual(self.value, c.get(self.fullparam)) - - def test_subsection_setitem(self): - c = Configuration() - - cs = c.section(self.section) - - cs[self.param] = self.value - - self.assertEqual(self.value, c.get(self.fullparam)) - - def test_section_in(self): - c = Configuration() - - self.assertFalse(self.section in c) - - c.set(self.fullparam, self.value) - self.assertTrue(self.section in c) - - def test_subsection_contains(self): - c = Configuration() - - c.set('section1.param1', '123') - c.set_default('section2.param2', '234') - - self.assertTrue('param1' in c.section('section1')) - self.assertTrue('param2' in c.section('section2')) - self.assertFalse('param1' in c.section('section2')) - - def test_returns_section_object_even_if_section_doesnot_exist(self): - c = Configuration() - self.assertIsNotNone(c.section('foo')) - - def test_template_substitution(self): - c = Configuration() - c.set('a', 'x') - c.set('b', '$a') - c.set('c', '$b') - - self.assertEqual('x', c.get('c')) - - def test_cycle_template_substitution_resolves_in_empty_string(self): - c = Configuration() - c.set('a', 'a$c') - c.set('b', 'b$a') - c.set('c', 'c$b') - - self.assertEqual('cba', c.get('c')) - - def test_getting_raw_values(self): - c = Configuration() - - c.set('a', '$b') - c.set('b', 'x') - - self.assertEqual('$b', c.get('a', raw=True)) - - def test_typed_params(self): - schema = ConfigSchema('test', '1.0', 'ini', [ - ConfigParameterSchema('param1', type='integer', section='DEFAULT') - ]) - - c = Configuration(schema) - - c.set('param1', '123') - - self.assertEqual(123, c.get('param1')) - - def test_typed_params_update(self): - schema = ConfigSchema('test', '1.0', 'ini', [ - ConfigParameterSchema('param1', type='integer', section='DEFAULT') - ]) - - c = Configuration(schema) - - c.set('param1', '123') - - self.assertEqual(123, c.get('param1')) - - c.set('param1', '456') - - self.assertEqual(456, c.get('param1')) - - def test_type_for_unknown_param(self): - schema = ConfigSchema('test', '1.0', 'ini', []) - - c = Configuration(schema) - - c.set('param1', '123') - - self.assertEqual('123', c.get('param1')) - - def test_typed_param_with_invalid_value_returns_string_value(self): - schema = ConfigSchema('test', '1.0', 'ini', [ - ConfigParameterSchema('param1', type='integer', section='DEFAULT') - ]) - - c = Configuration(schema) - - c.set('param1', '123a') - - self.assertEqual('123a', c.get('param1')) - - def test_getting_typed_param_raw_value(self): - schema = ConfigSchema('test', '1.0', 'ini', [ - ConfigParameterSchema('param1', type='integer', section='DEFAULT') - ]) - - c = Configuration(schema) - - c.set('param1', '123') - - self.assertEqual('123', c.get('param1', raw=True)) - - def test_validate_returns_none_if_value_is_valid(self): - schema = ConfigSchema('test', '1.0', 'ini', [ - ConfigParameterSchema('param1', type='integer', section='DEFAULT') - ]) - - c = Configuration(schema) - - c.set('param1', '123') - - self.assertIsNone(c.validate('param1')) - - def test_validate_returns_error_if_valid_is_invalid(self): - schema = ConfigSchema('test', '1.0', 'ini', [ - ConfigParameterSchema('param1', type='integer', section='DEFAULT') - ]) - - c = Configuration(schema) - - c.set('param1', 'abc') - - self.assertTrue(isinstance(c.validate('param1'), InvalidValueError)) - - def test_validate_returns_none_for_unknown_param(self): - schema = ConfigSchema('test', '1.0', 'ini', []) - - c = Configuration(schema) - - c.set('param1', '123') - - self.assertIsNone(c.validate('param1')) diff --git a/rubick/test_mark.py b/rubick/test_mark.py deleted file mode 100644 index 5d69007..0000000 --- a/rubick/test_mark.py +++ /dev/null @@ -1,35 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -from rubick.common import Mark - -import unittest - - -class MarkTests(unittest.TestCase): - - def test_creation(self): - m = Mark('nova.conf', 3, 5) - self.assertEqual('nova.conf', m.source) - self.assertEqual(3, m.line) - self.assertEqual(5, m.column) - - def test_merge(self): - m1 = Mark('nova.conf', 3, 5) - m2 = Mark('unknown', 2, 7) - - m = m1.merge(m2) - - self.assertEqual(m1.source, m.source) - self.assertEqual(m1.line + m2.line, m.line) - self.assertEqual(m1.column + m2.column, m.column) diff --git a/rubick/test_type_validators.py b/rubick/test_type_validators.py deleted file mode 100644 index d18bcd2..0000000 --- a/rubick/test_type_validators.py +++ /dev/null @@ -1,379 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -from rubick.common import Issue, MarkedIssue -from rubick.schema import TypeValidatorRegistry - -import unittest - - -class TypeValidatorTestHelper(object): - def setUp(self): - super(TypeValidatorTestHelper, self).setUp() - self.validator = TypeValidatorRegistry.get_validator(self.type_name) - - def assertValid(self, value, type_args={}): - self.assertNotIsInstance( - self.validator.validate(value, **type_args), Issue) - - def assertInvalid(self, value, type_args={}): - self.assertIsInstance( - self.validator.validate(value, **type_args), Issue) - - -class StringTypeValidatorTests(TypeValidatorTestHelper, unittest.TestCase): - type_name = 'string' - - def test_empty_string_passes(self): - self.assertValid('') - - def test_validation_always_passes(self): - self.assertValid('foo bar') - - def test_should_return_same_string_if_valid(self): - s = 'foo bar' - self.assertEqual(s, self.validator.validate(s)) - - -class EnumTypeValidatorTests(TypeValidatorTestHelper, unittest.TestCase): - type_name = 'enum' - - def test_listed_value(self): - self.assertValid('foo', type_args={'values': ['foo', 'bar']}) - - def test_unlisted_value(self): - self.assertInvalid('baz', type_args={'values': ['foo', 'bar']}) - - def test_with_no_values_returns_error(self): - self.assertInvalid('foo') - - -class BooleanTypeValidatorTests(TypeValidatorTestHelper, unittest.TestCase): - type_name = 'boolean' - - def test_True(self): - v = self.validator.validate('True') - self.assertEqual(True, v) - - def test_False(self): - v = self.validator.validate('False') - self.assertEqual(False, v) - - def test_other_values_produce_error(self): - self.assertInvalid('foo') - - -class IntegerTypeValidatorTests(TypeValidatorTestHelper, unittest.TestCase): - type_name = 'integer' - - def test_positive_values_are_valid(self): - self.assertValid('123') - - def test_zero_is_valid(self): - self.assertValid('0') - - def test_negative_values_are_valid(self): - self.assertValid('-123') - - def test_leading_whitespace_is_ignored(self): - self.assertValid(' 5') - - def test_trailing_whitespace_is_ignored(self): - self.assertValid('7 ') - - def test_non_digits_are_invalid(self): - self.assertInvalid('12a45') - - def test_invalid_char_error_contains_proper_column_in_mark(self): - error = self.validator.validate('12a45') - self.assertIsInstance(error, MarkedIssue) - self.assertEqual(3, error.mark.column) - - def test_invalid_char_error_contains_proper_column_if_leading_whitespaces( - self): - error = self.validator.validate(' 12a45') - self.assertIsInstance(error, MarkedIssue) - self.assertEqual(5, error.mark.column) - - def test_returns_integer_if_valid(self): - v = self.validator.validate('123') - self.assertEqual(123, v) - - -class HostAddressTypeValidatorTests(TypeValidatorTestHelper, - unittest.TestCase): - type_name = 'host_address' - - def test_ipv4_address(self): - self.assertValid('127.0.0.1') - - def test_returns_address(self): - s = '10.0.0.1' - v = self.validator.validate(s) - self.assertEqual(s, v) - - def test_value_with_less_than_4_numbers_separated_by_dots(self): - self.assertInvalid('10.0.0') - - def test_ipv4_like_string_with_numbers_greater_than_255(self): - self.assertInvalid('10.0.256.1') - - def test_host_name(self): - self.assertValid('foo.bar.baz') - - def test_host_with_empty_parts(self): - self.assertInvalid('.foo.bar') - self.assertInvalid('foo..bar') - self.assertInvalid('foo.bar.') - - def test_host_parts_with_invalid_chars(self): - self.assertInvalid('foo.ba r.baz') - self.assertInvalid('foo.x_y.bar') - - def test_host_with_single_host_label(self): - self.assertValid('foo') - - def test_host_part_starting_with_non_letter(self): - self.assertInvalid('123foo') - - def test_host_that_ends_with_a_hyphen(self): - self.assertInvalid('foo-') - - def test_mark_should_point_to_incorrect_symbol(self): - e = self.validator.validate('') - self.assertEqual(0, e.mark.column) - - e = self.validator.validate('123foo') - self.assertEqual(0, e.mark.column) - - e = self.validator.validate('foo-') - self.assertEqual(3, e.mark.column) - - e = self.validator.validate('foo.bar.-baz') - self.assertEqual(8, e.mark.column) - - -class NetworkAddressTypeValidatorTests(TypeValidatorTestHelper, - unittest.TestCase): - type_name = 'network_address' - - def test_ipv4_network(self): - self.assertValid('127.0.0.1/24') - - def test_returns_address(self): - s = '10.0.0.1/32' - v = self.validator.validate(s) - self.assertEqual(s, v) - - def test_value_with_less_than_4_numbers_separated_by_dots(self): - self.assertInvalid('10.0.0/24') - - def test_ipv4_like_string_with_numbers_greater_than_255(self): - self.assertInvalid('10.0.256.1/24') - - def test_no_prefix_length(self): - self.assertInvalid('10.0.0.0') - self.assertInvalid('10.0.0.0/') - - def test_non_integer_prefix_length(self): - self.assertInvalid('10.0.0.0/1a') - - def test_prefix_greater_than_32(self): - self.assertInvalid('10.0.0.0/33') - - -class NetworkMaskTypeValidatorTests(TypeValidatorTestHelper, - unittest.TestCase): - type_name = 'network_mask' - - def test_mask(self): - self.assertValid('255.255.255.0') - - def test_returns_mask(self): - s = '255.255.255.0' - v = self.validator.validate(s) - self.assertEqual(s, v) - - def test_mask_with_nonsubsequent_bits_is_invalid(self): - self.assertInvalid('255.123.255.0') - - def test_invalid_format(self): - self.assertInvalid('foo') - - -class PortTypeValidatorTests(TypeValidatorTestHelper, unittest.TestCase): - type_name = 'port' - - def test_empty(self): - self.assertInvalid('') - - def test_positive_integer(self): - self.assertValid('123') - - def test_zero_invalid(self): - self.assertInvalid('0') - - def test_negatives_are_invalid(self): - self.assertInvalid('-1') - - def test_values_greater_than_65535_are_invalid(self): - self.assertInvalid('65536') - - def test_low_boundary_is_valid(self): - self.assertValid('1') - - def test_high_boundary_is_valid(self): - self.assertValid('65535') - - def test_non_digits_are_invalid(self): - self.assertInvalid('12a5') - - def test_leading_and_or_trailing_whitespace_is_ignored(self): - self.assertValid(' 123') - self.assertValid('456 ') - self.assertValid(' 123 ') - - def test_returns_integer_if_valid(self): - v = self.validator.validate('123') - self.assertEqual(123, v) - - -class HostAndPortTypeValidatorTests(TypeValidatorTestHelper, - unittest.TestCase): - type_name = 'host_and_port' - - def test_ipv4_address(self): - self.assertValid('127.0.0.1:80') - - def test_returns_address(self): - s = '10.0.0.1:80' - v = self.validator.validate(s) - self.assertEqual(('10.0.0.1', 80), v) - - def test_value_with_less_than_4_numbers_separated_by_dots(self): - self.assertInvalid('10.0.0:1234') - - def test_ipv4_like_string_with_numbers_greater_than_255(self): - self.assertInvalid('10.0.256.1:1234') - - def test_no_port(self): - self.assertInvalid('10.0.0.1') - self.assertInvalid('10.0.0.1:') - - def test_port_is_not_an_integer(self): - self.assertInvalid('10.0.0.1:abc') - - def test_port_is_greater_than_65535(self): - self.assertInvalid('10.0.0.1:65536') - - -class RegexTypeValidatorTests(TypeValidatorTestHelper, unittest.TestCase): - type_name = 'regex' - - def test_valid_regex(self): - self.assertValid('\d+\.\d+\.\d+\.\d+') - - def test_invalid_regex(self): - self.assertInvalid('(\d+') - - -class StringListTypeValidatorTests(TypeValidatorTestHelper, unittest.TestCase): - type_name = 'string_list' - - def test_empty_value(self): - v = self.validator.validate('') - self.assertEqual([], v) - - def test_single_value(self): - v = self.validator.validate(' foo bar ') - - self.assertIsInstance(v, list) - self.assertEqual('foo bar', v[0]) - self.assertEqual(1, len(v)) - - def test_list_of_values(self): - v = self.validator.validate(' foo bar, baz ') - - self.assertIsInstance(v, list) - self.assertEqual('foo bar', v[0]) - self.assertEqual('baz', v[1]) - self.assertEqual(2, len(v)) - - -class StringDictTypeValidatorTests(TypeValidatorTestHelper, unittest.TestCase): - type_name = 'string_dict' - - def test_empty_value(self): - v = self.validator.validate('') - self.assertEqual({}, v) - - def test_single_value(self): - v = self.validator.validate(' foo: bar ') - - self.assertIsInstance(v, dict) - self.assertEqual('bar', v['foo']) - self.assertEqual(1, len(v)) - - def test_list_of_values(self): - v = self.validator.validate(' foo: bar, baz: 123 ') - - self.assertIsInstance(v, dict) - self.assertEqual('bar', v['foo']) - self.assertEqual('123', v['baz']) - self.assertEqual(2, len(v)) - - -class RabbitmqBindValidatorTest(TypeValidatorTestHelper, unittest.TestCase): - type_name = 'rabbitmq_bind' - - def test_empty_value_is_an_error(self): - self.assertInvalid('') - - def test_integer(self): - v = self.validator.validate('123') - - self.assertEqual(('0.0.0.0', 123), v) - - def test_integer_outside_port_range(self): - self.assertInvalid('65536') - - def test_host_port(self): - v = self.validator.validate('{"127.0.0.1",8080}') - - self.assertEqual(('127.0.0.1', 8080), v) - - -class RabbitmqListValidatorTest(TypeValidatorTestHelper, unittest.TestCase): - type_name = 'rabbitmq_bind_list' - - def test_empty(self): - self.assertInvalid('') - - def test_empty_list(self): - v = self.validator.validate('[]') - - self.assertEqual([], v) - - def test_single_entry(self): - v = self.validator.validate('[123]') - - self.assertEqual([('0.0.0.0', 123)], v) - - def test_multiple_entries(self): - v = self.validator.validate('[1080,{"localhost",8080}]') - - self.assertEqual([('0.0.0.0', 1080), ('localhost', 8080)], v) - - -if __name__ == '__main__': - unittest.main() diff --git a/rubick/test_version.py b/rubick/test_version.py deleted file mode 100644 index 7900f3a..0000000 --- a/rubick/test_version.py +++ /dev/null @@ -1,76 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -from rubick.common import Version - -import unittest - - -class VersionTests(unittest.TestCase): - - def test_creation_from_components(self): - v = Version(1, 3, 7) - self.assertEqual(1, v.major) - self.assertEqual(3, v.minor) - self.assertEqual(7, v.maintenance) - - def test_creation_from_string(self): - v = Version('1.2.12') - self.assertEqual(1, v.major) - self.assertEqual(2, v.minor) - self.assertEqual(12, v.maintenance) - - def test_creation_from_string_with_less_parts(self): - v = Version('1.2') - self.assertEqual(1, v.major) - self.assertEqual(2, v.minor) - self.assertEqual(0, v.maintenance) - - v = Version('12') - self.assertEqual(12, v.major) - self.assertEqual(0, v.minor) - self.assertEqual(0, v.maintenance) - - def test_creation_from_other_version(self): - v = Version('1.2.3') - v2 = Version(v) - self.assertEqual(1, v2.major) - self.assertEqual(2, v2.minor) - self.assertEqual(3, v2.maintenance) - - def test_equility(self): - v1 = Version('1.2.3') - v2 = Version(1, 2, 3) - v3 = Version(1, 2, 4) - - self.assertTrue(v1 == v2) - self.assertFalse(v1 == v3) - - def test_non_equility(self): - v1 = Version('1.2.3') - v2 = Version(1, 2, 3) - v3 = Version(1, 2, 4) - - self.assertFalse(v1 != v2) - self.assertTrue(v1 != v3) - - def test_comparision(self): - v1 = Version('1.2.3') - v2 = Version(1, 1, 5) - - self.assertTrue(v1 > v2) - self.assertFalse(v1 < v2) - - -if __name__ == '__main__': - unittest.main() diff --git a/rubick/utils.py b/rubick/utils.py deleted file mode 100644 index ac969cd..0000000 --- a/rubick/utils.py +++ /dev/null @@ -1,47 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -import collections -import functools - - -class memoized(object): - - '''Decorator. Caches a function's return value each time it is called. - If called later with the same arguments, the cached value is returned - (not reevaluated). - ''' - - def __init__(self, func): - self.func = func - self.cache = {} - - def __call__(self, *args): - if not isinstance(args, collections.Hashable): - # uncacheable. a list, for instance. - # better to not cache than blow up. - return self.func(*args) - if args in self.cache: - return self.cache[args] - else: - value = self.func(*args) - self.cache[args] = value - return value - - def __repr__(self): - '''Return the function's docstring.''' - return self.func.__doc__ - - def __get__(self, obj, objtype): - '''Support instance methods.''' - return functools.partial(self.__call__, obj) diff --git a/setup.cfg b/setup.cfg deleted file mode 100644 index 5573bae..0000000 --- a/setup.cfg +++ /dev/null @@ -1,22 +0,0 @@ -[metadata] -name = rubick -version = 1.0 -summary = OpenStack configuration inspector -description-file = - README.md -author = MirantisLabs -author-email = labs-all@mirantis.com -home-page = http://mirantis.com/ -classifier = - Environment :: OpenStack - Intended Audience :: Information Technology - Intended Audience :: System Administrators - License :: OSI Approved :: Apache Software License - Operating System :: POSIX :: Linux - Programming Language :: Python - Programming Language :: Python :: 2.7 - -[files] -packages = - rubick - joker diff --git a/setup.py b/setup.py deleted file mode 100644 index 457ba79..0000000 --- a/setup.py +++ /dev/null @@ -1,16 +0,0 @@ -# Copyright (c) 2014 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and# -# limitations under the License. -import setuptools - -setuptools.setup() diff --git a/test-requirements.txt b/test-requirements.txt deleted file mode 100644 index 5e1c9ce..0000000 --- a/test-requirements.txt +++ /dev/null @@ -1,9 +0,0 @@ -pep8==1.4.5 -pyflakes==0.7.2 -flake8==2.0 -hacking>=0.5.6,<0.8 - -coverage -python-subunit -testrepository>=0.0.17 -testtools>=0.9.32 diff --git a/tox.ini b/tox.ini deleted file mode 100644 index 8982f0d..0000000 --- a/tox.ini +++ /dev/null @@ -1,40 +0,0 @@ -[tox] -minversion = 1.6 -envlist = py26,py27,py33,pep8 -skipsdist = True - -[testenv] -install_command = pip install -U {opts} {packages} -setenv = VIRTUAL_ENV={envdir} -deps = -r{toxinidir}/requirements.txt - -r{toxinidir}/test-requirements.txt -commands = - python setup.py testr --slowest --testr-args='{posargs}' - -[tox:jenkins] -sitepackages = True -downloadcache = ~/cache/pip - -[testenv:pep8] -sitepackages = False -commands = - flake8 {posargs} - -[testenv:cover] -# Also do not run test_coverage_ext tests while gathering coverage as those -# tests conflict with coverage. -setenv = VIRTUAL_ENV={envdir} -commands = - python setup.py testr --coverage \ - --testr-args='^(?!.*test.*coverage).*$' - -[testenv:venv] -commands = {posargs} - -[flake8] -# TODO(ogelbukh): enforce H306 -# We will be ignoring line length limit until we apply for incubation -# E501: line too long -# H306: imports not in alphabetical order -ignore = E501,H306 -exclude = .venv,.git,.tox,dist,lib/python*,*egg,build diff --git a/vagrant/cookbooks/rubick/recipes/default.rb b/vagrant/cookbooks/rubick/recipes/default.rb deleted file mode 100644 index 27f491c..0000000 --- a/vagrant/cookbooks/rubick/recipes/default.rb +++ /dev/null @@ -1,21 +0,0 @@ -package 'build-essential' -package 'mongodb-server' -package 'redis-server' -package 'python-pip' -package 'tmux' - -bash 'Install python dependencies' do - code 'pip install -r requirements.txt' - cwd '/vagrant' -end - -bash 'Run application' do - code <<-EOS - if ! tmux has-session -t dev; then - tmux new-session -d -s dev "honcho start" - fi - EOS - user 'vagrant' - cwd '/vagrant' -end -