55167764ae
re-run the tool with latest version. Closes-Bug: #1638004 Change-Id: I13a4e53c403e189839d04a0376bc0db1cf0ef049
151 lines
7.5 KiB
ReStructuredText
151 lines
7.5 KiB
ReStructuredText
..
|
|
Warning: Do not edit this file. It is automatically generated from the
|
|
software project's code and your changes will be overwritten.
|
|
|
|
The tool to generate this file lives in openstack-doc-tools repository.
|
|
|
|
Please make any changes needed in the code, then run the
|
|
autogenerate-config-doc tool from the openstack-doc-tools repository, or
|
|
ask for help on the documentation mailing list, IRC channel or meeting.
|
|
|
|
.. _glance-registry:
|
|
|
|
.. list-table:: Description of registry configuration options
|
|
:header-rows: 1
|
|
:class: config-ref-table
|
|
|
|
* - Configuration option = Default value
|
|
- Description
|
|
* - **[DEFAULT]**
|
|
-
|
|
* - ``admin_password`` = ``None``
|
|
- (String) DEPRECATED: The administrators password. If "use_user_token" is not in effect, then admin credentials can be specified. This option was considered harmful and has been deprecated in M release. It will be removed in O release. For more information read OSSN-0060. Related functionality with uploading big images has been implemented with Keystone trusts support.
|
|
* - ``admin_tenant_name`` = ``None``
|
|
- (String) DEPRECATED: The tenant name of the administrative user. If "use_user_token" is not in effect, then admin tenant name can be specified. This option was considered harmful and has been deprecated in M release. It will be removed in O release. For more information read OSSN-0060. Related functionality with uploading big images has been implemented with Keystone trusts support.
|
|
* - ``admin_user`` = ``None``
|
|
- (String) DEPRECATED: The administrators user name. If "use_user_token" is not in effect, then admin credentials can be specified. This option was considered harmful and has been deprecated in M release. It will be removed in O release. For more information read OSSN-0060. Related functionality with uploading big images has been implemented with Keystone trusts support.
|
|
* - ``auth_region`` = ``None``
|
|
- (String) DEPRECATED: The region for the authentication service. If "use_user_token" is not in effect and using keystone auth, then region name can be specified. This option was considered harmful and has been deprecated in M release. It will be removed in O release. For more information read OSSN-0060. Related functionality with uploading big images has been implemented with Keystone trusts support.
|
|
* - ``auth_strategy`` = ``noauth``
|
|
- (String) DEPRECATED: The strategy to use for authentication. If "use_user_token" is not in effect, then auth strategy can be specified. This option was considered harmful and has been deprecated in M release. It will be removed in O release. For more information read OSSN-0060. Related functionality with uploading big images has been implemented with Keystone trusts support.
|
|
* - ``auth_url`` = ``None``
|
|
- (String) DEPRECATED: The URL to the keystone service. If "use_user_token" is not in effect and using keystone auth, then URL of keystone can be specified. This option was considered harmful and has been deprecated in M release. It will be removed in O release. For more information read OSSN-0060. Related functionality with uploading big images has been implemented with Keystone trusts support.
|
|
* - ``registry_client_ca_file`` = ``/etc/ssl/cafile/file.ca``
|
|
- (String) Absolute path to the Certificate Authority file.
|
|
|
|
Provide a string value representing a valid absolute path to the certificate authority file to use for establishing a secure connection to the registry server.
|
|
|
|
NOTE: This option must be set if ``registry_client_protocol`` is set to ``https``. Alternatively, the GLANCE_CLIENT_CA_FILE environment variable may be set to a filepath of the CA file. This option is ignored if the ``registry_client_insecure`` option is set to ``True``.
|
|
|
|
Possible values:
|
|
|
|
* String value representing a valid absolute path to the CA file.
|
|
|
|
Related options:
|
|
|
|
* registry_client_protocol
|
|
|
|
* registry_client_insecure
|
|
* - ``registry_client_cert_file`` = ``/etc/ssl/certs/file.crt``
|
|
- (String) Absolute path to the certificate file.
|
|
|
|
Provide a string value representing a valid absolute path to the certificate file to use for establishing a secure connection to the registry server.
|
|
|
|
NOTE: This option must be set if ``registry_client_protocol`` is set to ``https``. Alternatively, the GLANCE_CLIENT_CERT_FILE environment variable may be set to a filepath of the certificate file.
|
|
|
|
Possible values:
|
|
|
|
* String value representing a valid absolute path to the certificate file.
|
|
|
|
Related options:
|
|
|
|
* registry_client_protocol
|
|
* - ``registry_client_insecure`` = ``False``
|
|
- (Boolean) Set verification of the registry server certificate.
|
|
|
|
Provide a boolean value to determine whether or not to validate SSL connections to the registry server. By default, this option is set to ``False`` and the SSL connections are validated.
|
|
|
|
If set to ``True``, the connection to the registry server is not validated via a certifying authority and the ``registry_client_ca_file`` option is ignored. This is the registry's equivalent of specifying --insecure on the command line using glanceclient for the API.
|
|
|
|
Possible values:
|
|
|
|
* True
|
|
|
|
* False
|
|
|
|
Related options:
|
|
|
|
* registry_client_protocol
|
|
|
|
* registry_client_ca_file
|
|
* - ``registry_client_key_file`` = ``/etc/ssl/key/key-file.pem``
|
|
- (String) Absolute path to the private key file.
|
|
|
|
Provide a string value representing a valid absolute path to the private key file to use for establishing a secure connection to the registry server.
|
|
|
|
NOTE: This option must be set if ``registry_client_protocol`` is set to ``https``. Alternatively, the GLANCE_CLIENT_KEY_FILE environment variable may be set to a filepath of the key file.
|
|
|
|
Possible values:
|
|
|
|
* String value representing a valid absolute path to the key file.
|
|
|
|
Related options:
|
|
|
|
* registry_client_protocol
|
|
* - ``registry_client_protocol`` = ``http``
|
|
- (String) Protocol to use for communication with the registry server.
|
|
|
|
Provide a string value representing the protocol to use for communication with the registry server. By default, this option is set to ``http`` and the connection is not secure.
|
|
|
|
This option can be set to ``https`` to establish a secure connection to the registry server. In this case, provide a key to use for the SSL connection using the ``registry_client_key_file`` option. Also include the CA file and cert file using the options ``registry_client_ca_file`` and ``registry_client_cert_file`` respectively.
|
|
|
|
Possible values:
|
|
|
|
* http
|
|
|
|
* https
|
|
|
|
Related options:
|
|
|
|
* registry_client_key_file
|
|
|
|
* registry_client_cert_file
|
|
|
|
* registry_client_ca_file
|
|
* - ``registry_client_timeout`` = ``600``
|
|
- (Integer) Timeout value for registry requests.
|
|
|
|
Provide an integer value representing the period of time in seconds that the API server will wait for a registry request to complete. The default value is 600 seconds.
|
|
|
|
A value of 0 implies that a request will never timeout.
|
|
|
|
Possible values:
|
|
|
|
* Zero
|
|
|
|
* Positive integer
|
|
|
|
Related options:
|
|
|
|
* None
|
|
* - ``registry_host`` = ``0.0.0.0``
|
|
- (String) Address the registry server is hosted on.
|
|
|
|
Possible values:
|
|
|
|
* A valid IP or hostname
|
|
|
|
Related options:
|
|
|
|
* None
|
|
* - ``registry_port`` = ``9191``
|
|
- (Port number) Port the registry server is listening on.
|
|
|
|
Possible values:
|
|
|
|
* A valid port number
|
|
|
|
Related options:
|
|
|
|
* None
|