diff --git a/rubick/schemas/cinder/cinder.conf.yml b/rubick/schemas/cinder/cinder.conf.yml new file mode 100644 index 0000000..ffa4399 --- /dev/null +++ b/rubick/schemas/cinder/cinder.conf.yml @@ -0,0 +1,4607 @@ +- version: '2013.1.3' + checkpoint: true + added: + + - name: fatal_exception_format_errors + type: boolean + default: false + help: 'make exception message format errors fatal' + comment: 'New param' + + - name: policy_file + type: string + default: 'policy.json' + help: 'JSON file representing policy' + comment: 'New param' + + - name: policy_default_rule + type: string + default: 'default' + help: 'Rule checked when requested rule is not found' + comment: 'New param' + + - name: quota_volumes + type: integer + default: 10 + help: 'number of volumes allowed per project' + comment: 'New param' + + - name: quota_snapshots + type: integer + default: 10 + help: 'number of volume snapshots allowed per project' + comment: 'New param' + + - name: quota_gigabytes + type: integer + default: 1000 + help: 'number of volume gigabytes' + comment: 'New param' + + - name: reservation_expire + type: integer + default: 86400 + help: 'number of seconds until a reservation expires' + comment: 'New param' + + - name: until_refresh + type: integer + default: false + help: 'count of reservations until usage is refreshed' + comment: 'New param' + + - name: max_age + type: integer + default: false + help: 'number of seconds between subsequent usage refreshes' + comment: 'New param' + + - name: quota_driver + type: string + default: 'cinder_2013_1_3.quota.DbQuotaDriver' + help: 'default driver to use for quota checks' + comment: 'New param' + + - name: use_default_quota_class + type: boolean + default: true + help: 'whether to use default quota class for default quota' + comment: 'New param' + + - name: report_interval + type: integer + default: 10 + help: 'seconds between nodes reporting state to datastore' + comment: 'New param' + + - name: periodic_interval + type: integer + default: 60 + help: 'seconds between running periodic tasks' + comment: 'New param' + + - name: periodic_fuzzy_delay + type: integer + default: 60 + help: 'range of seconds to randomly delay when starting the periodic task scheduler to reduce stampeding.' + comment: 'New param' + + - name: osapi_volume_listen + type: string + default: '0.0.0.0' + help: 'IP address for OpenStack Volume API to listen' + comment: 'New param' + + - name: osapi_volume_listen_port + type: integer + default: 8776 + help: 'port for os volume api to listen' + comment: 'New param' + + - name: sqlite_clean_db + type: string + default: 'clean.sqlite' + help: 'File name of clean sqlite db' + comment: 'New param' + + - name: fake_tests + type: boolean + default: true + help: 'should we use everything for testing' + comment: 'New param' + + - name: backlog + type: integer + default: 4096 + help: 'Number of backlog requests to configure the socket with' + comment: 'New param' + + - name: tcp_keepidle + type: integer + default: 600 + help: 'Sets the value of TCP_KEEPIDLE in seconds for each server socket. Not supported on OS X.' + comment: 'New param' + + - name: ssl_ca_file + type: string + default: ~ + help: 'CA certificate file to use to verify connecting clients' + comment: 'New param' + + - name: ssl_cert_file + type: string + default: ~ + help: 'Certificate file to use when starting the server securely' + comment: 'New param' + + - name: ssl_key_file + type: string + default: ~ + help: 'Private key file to use when starting the server securely' + comment: 'New param' + + - name: osapi_max_limit + type: integer + default: 1000 + help: 'the maximum number of items returned in a single response from a collection resource' + comment: 'New param' + + - name: osapi_volume_base_URL + type: string + default: ~ + help: 'Base URL that will be presented to users in links to the OpenStack Volume API' + comment: 'New param' + + - name: use_forwarded_for + type: boolean + default: false + help: 'Treat X-Forwarded-For as the canonical remote address. Only enable this if you have a sanitizing proxy.' + comment: 'New param' + + - name: osapi_max_request_body_size + type: integer + default: 114688 + help: 'Max size for body of a request' + comment: 'New param' + + - name: backup_ceph_conf + type: string + default: '/etc/ceph/ceph.conf' + help: 'Ceph config file to use.' + comment: 'New param' + + - name: backup_ceph_user + type: string + default: 'cinder' + help: 'the Ceph user to connect with' + comment: 'New param' + + - name: backup_ceph_chunk_size + type: integer + default: 134217728 + help: 'the chunk size in bytes that a backup will be broken into before transfer to backup store' + comment: 'New param' + + - name: backup_ceph_pool + type: string + default: 'backups' + help: 'the Ceph pool to backup to' + comment: 'New param' + + - name: backup_ceph_stripe_unit + type: integer + default: false + help: 'RBD stripe unit to use when creating a backup image' + comment: 'New param' + + - name: backup_ceph_stripe_count + type: integer + default: false + help: 'RBD stripe count to use when creating a backup image' + comment: 'New param' + + - name: restore_discard_excess_bytes + type: boolean + default: true + help: 'If True, always discard excess bytes when restoring volumes.' + comment: 'New param' + + - name: backup_swift_url + type: string + default: 'http://localhost:8080/v1/AUTH_' + help: 'The URL of the Swift endpoint' + comment: 'New param' + + - name: backup_swift_auth + type: string + default: 'per_user' + help: 'Swift authentication mechanism' + comment: 'New param' + + - name: backup_swift_user + type: string + default: ~ + help: 'Swift user name' + comment: 'New param' + + - name: backup_swift_key + type: string + default: ~ + help: 'Swift key for authentication' + comment: 'New param' + + - name: backup_swift_container + type: string + default: 'volumebackups' + help: 'The default Swift container to use' + comment: 'New param' + + - name: backup_swift_object_size + type: integer + default: 52428800 + help: 'The size in bytes of Swift backup objects' + comment: 'New param' + + - name: backup_swift_retry_attempts + type: integer + default: 3 + help: 'The number of retries to make for Swift operations' + comment: 'New param' + + - name: backup_swift_retry_backoff + type: integer + default: 2 + help: 'The backoff time in seconds between Swift retries' + comment: 'New param' + + - name: backup_compression_algorithm + type: string + default: 'zlib' + help: 'Compression algorithm' + comment: 'New param' + + - name: backup_tsm_volume_prefix + type: string + default: 'backup' + help: 'Volume prefix for the backup id when backing up to TSM' + comment: 'New param' + + - name: backup_tsm_password + type: string + default: 'password' + help: 'TSM password for the running username' + comment: 'New param' + + - name: backup_tsm_compression + type: boolean + default: true + help: 'Enable or Disable compression for backups' + comment: 'New param' + + - name: backup_driver + type: string + default: 'cinder_2013_1_3.backup.drivers.swift_proxy_server' + help: 'Driver to use for backups.' + comment: 'New param' + + - name: num_volume_device_scan_tries + type: integer + default: 3 + help: 'The maximum number of times to rescan targetsto find volume' + comment: 'New param' + + - name: iscsi_helper + type: string + default: 'tgtadm' + help: 'iscsi target user-land tool to use' + comment: 'New param' + + - name: volumes_dir + type: string + default: '$state_path/volumes' + help: 'Volume configuration file storage directory' + comment: 'New param' + + - name: iet_conf + type: string + default: '/etc/iet/ietd.conf' + help: 'IET configuration file' + comment: 'New param' + + - name: lio_initiator_iqns + type: string + default: '' + help: 'Comma-separatd list of initiator IQNs allowed to connect to the iSCSI target.' + comment: 'New param' + + - name: iscsi_iotype + type: string + default: 'fileio' + help: 'Sets the behavior of the iSCSI target to either perform blockio or fileio optionally, auto can be set and Cinder will autodetect type of backing device' + comment: 'New param' + + - name: iser_helper + type: string + default: 'tgtadm' + help: 'iser target user-land tool to use' + comment: 'New param' + + - name: nfs_mount_point_base + type: string + default: '$state_path/mnt' + help: 'Base dir containing mount points for nfs shares' + comment: 'New param' + + - name: nfs_mount_options + type: string + default: ~ + help: 'Mount options passed to the nfs client. See section of the nfs man page for details' + comment: 'New param' + + - name: glusterfs_mount_point_base + type: string + default: '$state_path/mnt' + help: 'Base dir containing mount points for gluster shares' + comment: 'New param' + + - name: connection_type + type: string + default: ~ + help: 'Virtualization api connection type : libvirt, xenapi, or fake' + comment: 'New param' + + - name: api_paste_config + type: string + default: 'api-paste.ini' + help: 'File name for the paste.deploy config for cinder-api' + comment: 'New param' + + - name: pybasedir + type: string + default: '/usr/lib/python/site-packages' + help: 'Directory where the cinder python module is installed' + comment: 'New param' + + - name: bindir + type: string + default: '$pybasedir/bin' + help: 'Directory where cinder binaries are installed' + comment: 'New param' + + - name: state_path + type: string + default: '$pybasedir' + help: "Top-level directory for maintaining cinder's state" + comment: 'New param' + + - name: my_ip + type: string + default: '10.0.0.1' + help: 'ip address of this host' + comment: 'New param' + + - name: glance_host + type: string + default: '$my_ip' + help: 'default glance hostname or ip' + comment: 'New param' + + - name: glance_port + type: integer + default: 9292 + help: 'default glance port' + comment: 'New param' + + - name: glance_api_servers + type: list + default: '$glance_host:$glance_port' + help: 'A list of the glance api servers available to cinder' + comment: 'New param' + + - name: glance_api_version + type: integer + default: true + help: 'Version of the glance api to use' + comment: 'New param' + + - name: glance_num_retries + type: integer + default: false + help: 'Number retries when downloading an image from glance' + comment: 'New param' + + - name: glance_api_insecure + type: boolean + default: false + help: 'Allow to perform insecure SSL' + comment: 'New param' + + - name: glance_api_ssl_compression + type: boolean + default: false + help: 'Whether to attempt to negotiate SSL layer compression when using SSL' + comment: 'New param' + + - name: glance_request_timeout + type: integer + default: ~ + help: 'http/https timeout value for glance operations. If no value' + comment: 'New param' + + - name: scheduler_topic + type: string + default: 'cinder-scheduler' + help: 'the topic scheduler nodes listen on' + comment: 'New param' + + - name: volume_topic + type: string + default: 'cinder-volume' + help: 'the topic volume nodes listen on' + comment: 'New param' + + - name: backup_topic + type: string + default: 'cinder-backup' + help: 'the topic volume backup nodes listen on' + comment: 'New param' + + - name: enable_v1_api + type: boolean + default: true + help: 'Deploy v1 of the Cinder API. ' + comment: 'New param' + + - name: enable_v2_api + type: boolean + default: true + help: 'Deploy v2 of the Cinder API. ' + comment: 'New param' + + - name: api_rate_limit + type: boolean + default: true + help: 'whether to rate limit the api' + comment: 'New param' + + - name: osapi_volume_ext_list + type: list + default: '' + help: 'Specify list of extensions to load when using osapi_volume_extension option with cinder_2013_1_3.api.contrib.select_extensions' + comment: 'New param' + + - name: osapi_volume_extension + type: multi + default: 'cinder_2013_1_3.api.contrib.standard_extensions' + help: 'osapi volume extension to load' + comment: 'New param' + + - name: volume_manager + type: string + default: 'cinder_2013_1_3.volume.manager.VolumeManager' + help: 'full class name for the Manager for volume' + comment: 'New param' + + - name: backup_manager + type: string + default: 'cinder_2013_1_3.backup.manager.BackupManager' + help: 'full class name for the Manager for volume backup' + comment: 'New param' + + - name: scheduler_manager + type: string + default: 'cinder_2013_1_3.scheduler.manager.SchedulerManager' + help: 'full class name for the Manager for scheduler' + comment: 'New param' + + - name: host + type: string + default: '127.0.0.1' + help: 'Host to locate redis' + comment: 'New param' + + - name: storage_availability_zone + type: string + default: 'nova' + help: 'availability zone of this node' + comment: 'New param' + + - name: default_availability_zone + type: string + default: ~ + help: 'default availability zone to use when creating a new volume. If this is not set then we use the value from the storage_availability_zone option as the default availability_zone for new volumes.' + comment: 'New param' + + - name: memcached_servers + type: list + default: ~ + help: 'Memcached servers or None for in process cache.' + comment: 'New param' + + - name: default_volume_type + type: string + default: ~ + help: 'default volume type to use' + comment: 'New param' + + - name: volume_usage_audit_period + type: string + default: 'month' + help: 'time period to generate volume usages for. Time period must be hour, day, month or year' + comment: 'New param' + + - name: root_helper + type: string + default: 'sudo' + help: 'Deprecated: command to use for running commands as root' + comment: 'New param' + + - name: rootwrap_config + type: string + default: '/etc/cinder/rootwrap.conf' + help: 'Path to the rootwrap configuration file to use for running commands as root' + comment: 'New param' + + - name: monkey_patch + type: boolean + default: false + help: 'Enable monkey patching' + comment: 'New param' + + - name: monkey_patch_modules + type: list + default: '' + help: 'List of modules/decorators to monkey patch' + comment: 'New param' + + - name: service_down_time + type: integer + default: 60 + help: 'maximum time since last check-in for up service' + comment: 'New param' + + - name: volume_api_class + type: string + default: 'cinder_2013_1_3.volume.api.API' + help: 'The full class name of the volume API class to use' + comment: 'New param' + + - name: backup_api_class + type: string + default: 'cinder_2013_1_3.backup.api.API' + help: 'The full class name of the volume backup API class' + comment: 'New param' + + - name: auth_strategy + type: string + default: 'noauth' + help: 'The strategy to use for auth. Supports noauth, keystone, and deprecated.' + comment: 'New param' + + - name: enabled_backends + type: list + default: ~ + help: 'A list of backend names to use. These backend names should be backed by a unique [CONFIG] group with its options' + comment: 'New param' + + - name: no_snapshot_gb_quota + type: boolean + default: false + help: 'Whether snapshots count against GigaByte quota' + comment: 'New param' + + - name: transfer_api_class + type: string + default: 'cinder_2013_1_3.transfer.api.API' + help: 'The full class name of the volume transfer API class' + comment: 'New param' + + - name: compute_api_class + type: string + default: 'cinder_2013_1_3.compute.nova.API' + help: 'The full class name of the compute API class to use' + comment: 'New param' + + - name: nova_catalog_info + type: string + default: 'compute:nova:publicURL' + help: 'Info to match when looking for nova in the service catalog. Format is : separated values of the form: ::' + comment: 'New param' + + - name: nova_catalog_admin_info + type: string + default: 'compute:nova:adminURL' + help: 'Same as nova_catalog_info, but for admin endpoint.' + comment: 'New param' + + - name: nova_endpoint_template + type: string + default: ~ + help: 'Override service catalog lookup with template for nova endpoint e.g. http://localhost:8774/v2/%(tenant_id)s' + comment: 'New param' + + - name: nova_endpoint_admin_template + type: string + default: ~ + help: 'Same as nova_endpoint_template, but for admin endpoint.' + comment: 'New param' + + - name: os_region_name + type: string + default: ~ + help: 'region name of this node' + comment: 'New param' + + - name: nova_ca_certificates_file + type: string + default: ~ + help: 'Location of ca certicates file to use for nova client requests.' + comment: 'New param' + + - name: nova_api_insecure + type: boolean + default: false + help: 'Allow to perform insecure SSL requests to nova' + comment: 'New param' + + - name: db_backend + type: string + default: 'sqlalchemy' + help: 'The backend to use for db' + comment: 'New param' + + - name: enable_new_services + type: boolean + default: true + help: 'Services to be added to the available pool on create' + comment: 'New param' + + - name: volume_name_template + type: string + default: 'volume-%s' + help: 'Template string to be used to generate volume names' + comment: 'New param' + + - name: snapshot_name_template + type: string + default: 'snapshot-%s' + help: 'Template string to be used to generate snapshot names' + comment: 'New param' + + - name: backup_name_template + type: string + default: 'backup-%s' + help: 'Template string to be used to generate backup names' + comment: 'New param' + + - name: db_driver + type: string + default: 'cinder_2013_1_3.db' + help: 'driver to use for database access' + comment: 'New param' + + - name: allowed_direct_url_schemes + type: list + default: '' + help: 'A list of url schemes that can be downloaded directly via the direct_url. Currently supported schemes: [file].' + comment: 'New param' + + - name: image_conversion_dir + type: string + default: '$state_path/conversion' + help: 'Directory used for temporary storage during image conversion' + comment: 'New param' + + - name: keymgr_api_class + type: string + default: 'cinder_2013_1_3.keymgr.not_implemented_key_mgr.NotImplementedKeyManager' + help: 'The full class name of the key manager API class' + comment: 'New param' + + - name: backend + type: string + default: 'sqlalchemy' + help: 'The backend to use for db' + comment: 'New param' + + - name: use_tpool + type: boolean + default: false + help: 'Enable the experimental use of thread pooling for all DB API calls' + comment: 'New param' + + - name: connection + type: string + default: 'sqlite:////cinder/openstack/common/db/$sqlite_db' + help: 'The SQLAlchemy connection string used to connect to the database' + comment: 'New param' + + - name: sql_connection + type: string + default: 'sqlite:////nova/openstack/common/db/$sqlite_db' + help: 'The SQLAlchemy connection string used to connect to the database' + comment: 'New param' + + - name: idle_timeout + type: integer + default: 3600 + help: 'timeout before idle sql connections are reaped' + comment: 'New param' + + - name: min_pool_size + type: integer + default: true + help: 'Minimum number of SQL connections to keep open in a pool' + comment: 'New param' + + - name: max_pool_size + type: integer + default: 5 + help: 'Maximum number of SQL connections to keep open in a pool' + comment: 'New param' + + - name: max_retries + type: integer + default: 10 + help: 'maximum db connection retries during startup.' + comment: 'New param' + + - name: retry_interval + type: integer + default: 10 + help: 'interval between retries of opening a sql connection' + comment: 'New param' + + - name: max_overflow + type: integer + default: ~ + help: 'If set, use this value for max_overflow with sqlalchemy' + comment: 'New param' + + - name: connection_debug + type: integer + default: false + help: 'Verbosity of SQL debugging information. 0=None, 100=Everything' + comment: 'New param' + + - name: connection_trace + type: boolean + default: false + help: 'Add python stack traces to SQL as comment strings' + comment: 'New param' + + - name: sqlite_db + type: string + default: 'cinder_2013_1_3.sqlite' + help: 'the filename to use with sqlite' + comment: 'New param' + + - name: sqlite_synchronous + type: boolean + default: true + help: 'If true, use synchronous mode for sqlite' + comment: 'New param' + + - name: backdoor_port + type: integer + default: ~ + help: 'port for eventlet backdoor to listen' + comment: 'New param' + + - name: disable_process_locking + type: boolean + default: false + help: 'Whether to disable inter-process locks' + comment: 'New param' + + - name: lock_path + type: string + default: ~ + help: 'Directory to use for lock files. Default to a temp directory' + comment: 'New param' + + - name: debug + type: boolean + default: false + help: 'Print debugging output' + comment: 'New param' + + - name: verbose + type: boolean + default: false + help: 'Print more verbose output' + comment: 'New param' + + - name: use_stderr + type: boolean + default: true + help: 'Log output to standard error' + comment: 'New param' + + - name: logging_context_format_string + type: string + default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s' + help: 'format string to use for log messages with context' + comment: 'New param' + + - name: logging_default_format_string + type: string + default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s' + help: 'format string to use for log messages without context' + comment: 'New param' + + - name: logging_debug_format_suffix + type: string + default: '%(funcName)s %(pathname)s:%(lineno)d' + help: 'data to append to log format when level is DEBUG' + comment: 'New param' + + - name: logging_exception_prefix + type: string + default: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' + help: 'prefix each line of exception output with this format' + comment: 'New param' + + - name: default_log_levels + type: list + default: 'amqplibWARN,sqlalchemyWARN,botoWARN,sudsINFO,keystoneINFO,eventlet.wsgi.serverWARN' + help: 'list of logger=LEVEL pairs' + comment: 'New param' + + - name: publish_errors + type: boolean + default: false + help: 'publish error events' + comment: 'New param' + + - name: fatal_deprecations + type: boolean + default: false + help: 'make deprecations fatal' + comment: 'New param' + + - name: instance_format + type: string + default: '"[instance: %(uuid)s] "' + help: 'If an instance is passed with the log message, format it like this' + comment: 'New param' + + - name: instance_uuid_format + type: string + default: '"[instance: %(uuid)s] "' + help: 'If an instance UUID is passed with the log message, format it like this' + comment: 'New param' + + - name: log_config + type: string + default: ~ + help: 'If this option is specified, the logging configuration file specified is used and overrides any other logging options specified. Please see the Python logging module documentation for details on logging configuration files.' + comment: 'New param' + + - name: log_format + type: string + default: ~ + help: 'A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes. This option is deprecated. Please use logging_context_format_string and logging_default_format_string instead.' + comment: 'New param' + + - name: log_date_format + type: string + default: '%Y-%m-%d %H:%M:%S' + help: 'Format string for %%(asctime)s in log records. Default: %(default)s' + comment: 'New param' + + - name: log_file + type: string + default: ~ + help: '(Optional) Name of log file to output to. If no default is set, logging will go to stdout.' + comment: 'New param' + + - name: log_dir + type: string + default: ~ + help: '(Optional) The base directory used for relative --log-file paths' + comment: 'New param' + + - name: use_syslog + type: boolean + default: false + help: 'Use syslog for logging.' + comment: 'New param' + + - name: syslog_log_facility + type: string + default: 'LOG_USER' + help: 'syslog facility to receive log lines' + comment: 'New param' + + - name: default_notification_level + type: string + default: 'INFO' + help: 'Default notification level for outgoing notifications' + comment: 'New param' + + - name: default_publisher_id + type: string + default: ~ + help: 'Default publisher_id for outgoing notifications' + comment: 'New param' + + - name: notification_topics + type: list + default: 'notifications' + help: 'AMQP topic used for OpenStack notifications' + comment: 'New param' + + - name: topics + type: list + default: 'notifications' + help: 'AMQP topic(s) used for OpenStack notifications' + comment: 'New param' + + - name: run_external_periodic_tasks + type: boolean + default: true + help: 'Some periodic tasks can be run in a separate process. Should we run them here?' + comment: 'New param' + + - name: rpc_backend + type: string + default: 'cinder_2013_1_3.openstack.common.rpc.impl_kombu' + help: 'The messaging module to use, defaults to kombu.' + comment: 'New param' + + - name: rpc_thread_pool_size + type: integer + default: 64 + help: 'Size of RPC thread pool' + comment: 'New param' + + - name: rpc_conn_pool_size + type: integer + default: 30 + help: 'Size of RPC connection pool' + comment: 'New param' + + - name: rpc_response_timeout + type: integer + default: 60 + help: 'Seconds to wait for a response from call or multicall' + comment: 'New param' + + - name: rpc_cast_timeout + type: integer + default: 30 + help: 'Seconds to wait before a cast expires' + comment: 'New param' + + - name: allowed_rpc_exception_modules + type: list + default: 'cinder_2013_1_3.openstack.common.exception,nova.exception,cinder_2013_1_3.exception,exceptions' + help: 'Modules of exceptions that are permitted to be recreatedupon receiving exception data from an rpc call.' + comment: 'New param' + + - name: fake_rabbit + type: boolean + default: false + help: 'If passed, use a fake RabbitMQ provider' + comment: 'New param' + + - name: control_exchange + type: string + default: 'openstack' + help: 'AMQP exchange to connect to if using RabbitMQ or Qpid' + comment: 'New param' + + - name: amqp_rpc_single_reply_queue + type: boolean + default: false + help: 'Enable a fast single reply queue if using AMQP based RPC like RabbitMQ or Qpid.' + comment: 'New param' + + - name: amqp_durable_queues + type: boolean + default: false + help: 'Use durable queues in amqp.' + comment: 'New param' + + - name: amqp_auto_delete + type: boolean + default: false + help: 'Auto-delete queues in amqp.' + comment: 'New param' + + - name: kombu_ssl_version + type: string + default: '' + help: 'SSL version to use' + comment: 'New param' + + - name: kombu_ssl_keyfile + type: string + default: '' + help: 'SSL key file' + comment: 'New param' + + - name: kombu_ssl_certfile + type: string + default: '' + help: 'SSL cert file' + comment: 'New param' + + - name: kombu_ssl_ca_certs + type: string + default: '' + help: 'SSL certification authority file' + comment: 'New param' + + - name: rabbit_host + type: string + default: 'localhost' + help: 'The RabbitMQ broker address where a single node is used' + comment: 'New param' + + - name: rabbit_port + type: integer + default: 5672 + help: 'The RabbitMQ broker port where a single node is used' + comment: 'New param' + + - name: rabbit_hosts + type: list + default: '$rabbit_host:$rabbit_port' + help: 'RabbitMQ HA cluster host:port pairs' + comment: 'New param' + + - name: rabbit_use_ssl + type: boolean + default: false + help: 'connect over SSL for RabbitMQ' + comment: 'New param' + + - name: rabbit_userid + type: string + default: 'guest' + help: 'the RabbitMQ userid' + comment: 'New param' + + - name: rabbit_password + type: string + default: 'guest' + help: 'the RabbitMQ password' + comment: 'New param' + + - name: rabbit_virtual_host + type: string + default: '/' + help: 'the RabbitMQ virtual host' + comment: 'New param' + + - name: rabbit_retry_interval + type: integer + default: true + help: 'how frequently to retry connecting with RabbitMQ' + comment: 'New param' + + - name: rabbit_retry_backoff + type: integer + default: 2 + help: 'how long to backoff for between retries when connecting to RabbitMQ' + comment: 'New param' + + - name: rabbit_max_retries + type: integer + default: false + help: 'maximum retries with trying to connect to RabbitMQ' + comment: 'New param' + + - name: rabbit_ha_queues + type: boolean + default: false + help: 'use H/A queues in RabbitMQ' + comment: 'New param' + + - name: qpid_hostname + type: string + default: 'localhost' + help: 'Qpid broker hostname' + comment: 'New param' + + - name: qpid_port + type: integer + default: 5672 + help: 'Qpid broker port' + comment: 'New param' + + - name: qpid_hosts + type: list + default: '$qpid_hostname:$qpid_port' + help: 'Qpid HA cluster host:port pairs' + comment: 'New param' + + - name: qpid_username + type: string + default: '' + help: 'Username for qpid connection' + comment: 'New param' + + - name: qpid_password + type: string + default: '' + help: 'Password for qpid connection' + comment: 'New param' + + - name: qpid_sasl_mechanisms + type: string + default: '' + help: 'Space separated list of SASL mechanisms to use for auth' + comment: 'New param' + + - name: qpid_heartbeat + type: integer + default: 60 + help: 'Seconds between connection keepalive heartbeats' + comment: 'New param' + + - name: qpid_protocol + type: string + default: 'tcp' + help: "Transport to use, either 'tcp' or 'ssl'" + comment: 'New param' + + - name: qpid_tcp_nodelay + type: boolean + default: true + help: 'Disable Nagle algorithm' + comment: 'New param' + + - name: qpid_topology_version + type: integer + default: true + help: 'The qpid topology version to use. Version 1 is what was originally used by impl_qpid. Version 2 includes some backwards-incompatible changes that allow broker federation to work. Users should update to version 2 when they are able to take everything down, as it requires a clean break.' + comment: 'New param' + + - name: rpc_zmq_bind_address + type: string + default: '*' + help: 'ZeroMQ bind address. Should be a wildcard' + comment: 'New param' + + - name: rpc_zmq_matchmaker + type: string + default: 'cinder_2013_1_3.openstack.common.rpc.matchmaker.MatchMakerLocalhost' + help: 'MatchMaker driver' + comment: 'New param' + + - name: rpc_zmq_port + type: integer + default: 9501 + help: 'ZeroMQ receiver listening port' + comment: 'New param' + + - name: rpc_zmq_contexts + type: integer + default: true + help: 'Number of ZeroMQ contexts, defaults to 1' + comment: 'New param' + + - name: rpc_zmq_topic_backlog + type: integer + default: ~ + help: 'Maximum number of ingress messages to locally buffer per topic. Default is unlimited.' + comment: 'New param' + + - name: rpc_zmq_ipc_dir + type: string + default: '/var/run/openstack' + help: 'Directory for holding IPC sockets' + comment: 'New param' + + - name: rpc_zmq_host + type: string + default: 'cinder' + help: "Name of this node. Must be a valid hostname, FQDN, or IP address. Must match 'host' option, if running Nova." + comment: 'New param' + + - name: matchmaker_ringfile + type: string + default: '/etc/nova/matchmaker_ring.json' + help: 'Matchmaker ring file' + comment: 'New param' + + - name: matchmaker_heartbeat_freq + type: integer + default: 300 + help: 'Heartbeat frequency' + comment: 'New param' + + - name: matchmaker_heartbeat_ttl + type: integer + default: 600 + help: 'Heartbeat time-to-live.' + comment: 'New param' + + - name: port + type: integer + default: 6379 + help: 'Use this port to connect to redis host.' + comment: 'New param' + + - name: password + type: string + default: ~ + help: 'Password for Redis server.' + comment: 'New param' + + - name: scheduler_host_manager + type: string + default: 'cinder_2013_1_3.scheduler.host_manager.HostManager' + help: 'The scheduler host manager class to use' + comment: 'New param' + + - name: scheduler_max_attempts + type: integer + default: 3 + help: 'Maximum number of attempts to schedule an volume' + comment: 'New param' + + - name: scheduler_default_filters + type: list + default: 'AvailabilityZoneFilter,CapacityFilter,CapabilitiesFilter' + help: 'Which filter class names to use for filtering hosts when not specified in the request.' + comment: 'New param' + + - name: scheduler_default_weighers + type: list + default: 'CapacityWeigher' + help: 'Which weigher class names to use for weighing hosts.' + comment: 'New param' + + - name: scheduler_driver + type: string + default: 'cinder_2013_1_3.scheduler.filter_scheduler.FilterScheduler' + help: 'Default scheduler driver to use' + comment: 'New param' + + - name: scheduler_json_config_location + type: string + default: '' + help: 'Absolute path to scheduler configuration JSON file.' + comment: 'New param' + + - name: max_gigabytes + type: integer + default: 10000 + help: 'maximum number of volume gigabytes to allow per host' + comment: 'New param' + + - name: capacity_weight_multiplier + type: float + default: true + help: 'Multiplier used for weighing volume capacity. Negative numbers mean to stack vs spread.' + comment: 'New param' + + - name: volume_transfer_salt_length + type: integer + default: 8 + help: 'The number of characters in the salt.' + comment: 'New param' + + - name: volume_transfer_key_length + type: integer + default: 16 + help: 'The number of characters in the autogenerated auth key.' + comment: 'New param' + + - name: snapshot_same_host + type: boolean + default: true + help: 'Create volume from snapshot at the host where snapshot resides' + comment: 'New param' + + - name: cloned_volume_same_az + type: boolean + default: true + help: 'Ensure that the new volumes are the same AZ as snapshot or source volume' + comment: 'New param' + + - name: num_shell_tries + type: integer + default: 3 + help: 'number of times to attempt to run flakey shell commands' + comment: 'New param' + + - name: reserved_percentage + type: integer + default: false + help: 'The percentage of backend capacity is reserved' + comment: 'New param' + + - name: iscsi_num_targets + type: integer + default: 100 + help: 'The maximum number of iscsi target ids per host' + comment: 'New param' + + - name: iscsi_target_prefix + type: string + default: 'iqn.2010-10.org.openstack:' + help: 'prefix for iscsi volumes' + comment: 'New param' + + - name: iscsi_ip_address + type: string + default: '$my_ip' + help: 'The IP address that the iSCSI daemon is listening on' + comment: 'New param' + + - name: iscsi_port + type: integer + default: 3260 + help: 'The port that the iSCSI daemon is listening on' + comment: 'New param' + + - name: num_iser_scan_tries + type: integer + default: 3 + help: 'The maximum number of times to rescan iSER targetto find volume' + comment: 'New param' + + - name: iser_num_targets + type: integer + default: 100 + help: 'The maximum number of iser target ids per host' + comment: 'New param' + + - name: iser_target_prefix + type: string + default: 'iqn.2010-10.org.iser.openstack:' + help: 'prefix for iser volumes' + comment: 'New param' + + - name: iser_ip_address + type: string + default: '$my_ip' + help: 'The IP address that the iSER daemon is listening on' + comment: 'New param' + + - name: iser_port + type: integer + default: 3260 + help: 'The port that the iSER daemon is listening on' + comment: 'New param' + + - name: volume_backend_name + type: string + default: ~ + help: 'The backend name for a given driver implementation' + comment: 'New param' + + - name: use_multipath_for_image_xfer + type: boolean + default: false + help: 'Do we attach/detach volumes in cinder using multipath for volume to image and image to volume transfers?' + comment: 'New param' + + - name: volume_clear + type: string + default: 'zero' + help: 'Method used to wipe old voumes' + comment: 'New param' + + - name: volume_clear_size + type: integer + default: false + help: 'Size in MiB to wipe at start of old volumes. 0 => all' + comment: 'New param' + + - name: available_devices + type: list + default: '' + help: 'List of all available devices' + comment: 'New param' + + - name: coraid_esm_address + type: string + default: '' + help: 'IP address of Coraid ESM' + comment: 'New param' + + - name: coraid_user + type: string + default: 'admin' + help: 'User name to connect to Coraid ESM' + comment: 'New param' + + - name: coraid_group + type: string + default: 'admin' + help: 'Name of group on Coraid ESM to which coraid_user belongs' + comment: 'New param' + + - name: coraid_password + type: string + default: 'password' + help: 'Password to connect to Coraid ESM' + comment: 'New param' + + - name: coraid_repository_key + type: string + default: 'coraid_repository' + help: 'Volume Type key name to store ESM Repository Name' + comment: 'New param' + + - name: eqlx_group_name + type: string + default: 'group-0' + help: 'Group name to use for creating volumes' + comment: 'New param' + + - name: eqlx_cli_timeout + type: integer + default: 30 + help: 'Timeout for the Group Manager cli command execution' + comment: 'New param' + + - name: eqlx_cli_max_retries + type: integer + default: 5 + help: 'Maximum retry count for reconnection' + comment: 'New param' + + - name: eqlx_use_chap + type: boolean + default: false + help: 'Use CHAP authentificaion for targets?' + comment: 'New param' + + - name: eqlx_chap_login + type: string + default: 'admin' + help: 'Existing CHAP account name' + comment: 'New param' + + - name: eqlx_chap_password + type: string + default: 'password' + help: 'Password for specified CHAP account name' + comment: 'New param' + + - name: eqlx_pool + type: string + default: 'default' + help: 'Pool in which volumes will be created' + comment: 'New param' + + - name: glusterfs_shares_config + type: string + default: '/etc/cinder/glusterfs_shares' + help: 'File with the list of available gluster shares' + comment: 'New param' + + - name: glusterfs_disk_util + type: string + default: 'df' + help: 'Use du or df for free space calculation' + comment: 'New param' + + - name: glusterfs_sparsed_volumes + type: boolean + default: true + help: 'Create volumes as sparsed files which take no space.If set to False volume is created as regular file.In such case volume creation takes a lot of time.' + comment: 'New param' + + - name: glusterfs_qcow2_volumes + type: boolean + default: false + help: 'Create volumes as QCOW2 files rather than raw files.' + comment: 'New param' + + - name: gpfs_mount_point_base + type: string + default: ~ + help: 'Path to the directory on GPFS mount point where volumes are stored' + comment: 'New param' + + - name: gpfs_images_dir + type: string + default: ~ + help: 'Path to GPFS Glance repository as mounted on Nova nodes' + comment: 'New param' + + - name: gpfs_images_share_mode + type: string + default: ~ + help: 'Set this if Glance image repo is on GPFS as well so that the image bits can be transferred efficiently between Glance and cinder_2013_1_3. Valid values are copy or copy_on_write. copy performs a full copy of the image, copy_on_write efficiently shares unmodified blocks of the image.' + comment: 'New param' + + - name: gpfs_max_clone_depth + type: integer + default: false + help: 'A lengthy chain of copy-on-write snapshots or clones could have impact on performance. This option limits the number of indirections required to reach a specific block. 0 indicates unlimited.' + comment: 'New param' + + - name: gpfs_sparse_volumes + type: boolean + default: true + help: 'Create volumes as sparse files which take no space. If set to False volume is created as regular file. In this case volume creation may take a significantly longer time.' + comment: 'New param' + + - name: hds_cinder_config_file + type: string + default: '/opt/hds/hus/cinder_hus_conf.xml' + help: 'configuration file for HDS cinder plugin for HUS' + comment: 'New param' + + - name: cinder_huawei_conf_file + type: string + default: '/etc/cinder/cinder_huawei_conf.xml' + help: 'config data for cinder huawei plugin' + comment: 'New param' + + - name: volume_group + type: string + default: 'cinder-volumes' + help: 'Name for the VG that will contain exported volumes' + comment: 'New param' + + - name: pool_size + type: string + default: ~ + help: 'Size of thin provisioning pool' + comment: 'New param' + + - name: lvm_mirrors + type: integer + default: false + help: 'If set, create lvms with multiple mirrors. Note that this requires lvm_mirrors + 2 pvs with available space' + comment: 'New param' + + - name: lvm_type + type: string + default: 'default' + help: 'Type of LVM volumes to deploy;' + comment: 'New param' + + - name: netapp_vfiler + type: string + default: ~ + help: 'Vfiler to use for provisioning' + comment: 'New param' + + - name: netapp_login + type: string + default: ~ + help: 'User name for the storage controller' + comment: 'New param' + + - name: netapp_password + type: string + default: ~ + help: 'Password for the storage controller' + comment: 'New param' + + - name: netapp_vserver + type: string + default: ~ + help: 'Cluster vserver to use for provisioning' + comment: 'New param' + + - name: netapp_server_hostname + type: string + default: ~ + help: 'Host name for the storage controller' + comment: 'New param' + + - name: netapp_server_port + type: integer + default: 80 + help: 'Port number for the storage controller' + comment: 'New param' + + - name: thres_avl_size_perc_start + type: integer + default: 20 + help: 'Threshold available percent to start cache cleaning.' + comment: 'New param' + + - name: thres_avl_size_perc_stop + type: integer + default: 60 + help: 'Threshold available percent to stop cache cleaning.' + comment: 'New param' + + - name: expiry_thres_minutes + type: integer + default: 720 + help: 'Threshold minutes after which cache file can be cleaned.' + comment: 'New param' + + - name: netapp_size_multiplier + type: float + default: 1.2 + help: 'Volume size multiplier to ensure while creation' + comment: 'New param' + + - name: netapp_volume_list + type: string + default: ~ + help: 'Comma separated volumes to be used for provisioning' + comment: 'New param' + + - name: netapp_storage_family + type: string + default: 'ontap_cluster' + help: 'Storage family type.' + comment: 'New param' + + - name: netapp_storage_protocol + type: string + default: ~ + help: 'Storage protocol type.' + comment: 'New param' + + - name: netapp_transport_type + type: string + default: 'http' + help: 'Transport type protocol' + comment: 'New param' + + - name: nexenta_host + type: string + default: '' + help: 'IP address of Nexenta SA' + comment: 'New param' + + - name: nexenta_rest_port + type: integer + default: 2000 + help: 'HTTP port to connect to Nexenta REST API server' + comment: 'New param' + + - name: nexenta_rest_protocol + type: string + default: 'auto' + help: 'Use http or https for REST connection' + comment: 'New param' + + - name: nexenta_user + type: string + default: 'admin' + help: 'User name to connect to Nexenta SA' + comment: 'New param' + + - name: nexenta_password + type: string + default: 'nexenta' + help: 'Password to connect to Nexenta SA' + comment: 'New param' + + - name: nexenta_iscsi_target_portal_port + type: integer + default: 3260 + help: 'Nexenta target portal port' + comment: 'New param' + + - name: nexenta_volume + type: string + default: 'cinder' + help: 'pool on SA that will hold all volumes' + comment: 'New param' + + - name: nexenta_target_prefix + type: string + default: 'iqn.1986-03.com.sun:02:cinder-' + help: 'IQN prefix for iSCSI targets' + comment: 'New param' + + - name: nexenta_target_group_prefix + type: string + default: 'cinder/' + help: 'prefix for iSCSI target groups on SA' + comment: 'New param' + + - name: nexenta_shares_config + type: string + default: '/etc/cinder/nfs_shares' + help: 'File with the list of available nfs shares' + comment: 'New param' + + - name: nexenta_mount_point_base + type: string + default: '$state_path/mnt' + help: 'Base dir containing mount points for nfs shares' + comment: 'New param' + + - name: nexenta_sparsed_volumes + type: boolean + default: true + help: 'Create volumes as sparsed files which take no space.If set to False volume is created as regular file.In such case volume creation takes a lot of time.' + comment: 'New param' + + - name: nexenta_volume_compression + type: string + default: 'on' + help: 'Default compression value for new ZFS folders.' + comment: 'New param' + + - name: nexenta_mount_options + type: string + default: ~ + help: 'Mount options passed to the nfs client. See section of the nfs man page for details' + comment: 'New param' + + - name: nexenta_used_ratio + type: float + default: 0.95 + help: 'Percent of ACTUAL usage of the underlying volume before no new volumes can be allocated to the volume destination.' + comment: 'New param' + + - name: nexenta_oversub_ratio + type: float + default: true + help: 'This will compare the allocated to available space on the volume destination. If the ratio exceeds this number, the destination will no longer be valid.' + comment: 'New param' + + - name: nexenta_blocksize + type: string + default: '' + help: 'block size for volumes' + comment: 'New param' + + - name: nexenta_sparse + type: boolean + default: false + help: 'flag to create sparse volumes' + comment: 'New param' + + - name: nfs_shares_config + type: string + default: '/etc/cinder/nfs_shares' + help: 'File with the list of available nfs shares' + comment: 'New param' + + - name: nfs_sparsed_volumes + type: boolean + default: true + help: 'Create volumes as sparsed files which take no space.If set to False volume is created as regular file.In such case volume creation takes a lot of time.' + comment: 'New param' + + - name: nfs_used_ratio + type: float + default: 0.95 + help: 'Percent of ACTUAL usage of the underlying volume before no new volumes can be allocated to the volume destination.' + comment: 'New param' + + - name: nfs_oversub_ratio + type: float + default: true + help: 'This will compare the allocated to available space on the volume destination. If the ratio exceeds this number, the destination will no longer be valid.' + comment: 'New param' + + - name: rbd_pool + type: string + default: 'rbd' + help: 'the RADOS pool in which rbd volumes are stored' + comment: 'New param' + + - name: rbd_user + type: string + default: ~ + help: 'the RADOS client name for accessing rbd volumes - only set when using cephx authentication' + comment: 'New param' + + - name: rbd_ceph_conf + type: string + default: '' + help: 'path to the ceph configuration file to use' + comment: 'New param' + + - name: rbd_flatten_volume_from_snapshot + type: boolean + default: false + help: 'flatten volumes created from snapshots to remove dependency' + comment: 'New param' + + - name: rbd_secret_uuid + type: string + default: ~ + help: 'the libvirt uuid of the secret for the rbd_uservolumes' + comment: 'New param' + + - name: volume_tmp_dir + type: string + default: ~ + help: 'where to store temporary image files if the volume driver does not write them directly to the volume' + comment: 'New param' + + - name: rbd_max_clone_depth + type: integer + default: 5 + help: 'maximum number of nested clones that can be taken of a volume before enforcing a flatten prior to next clone. A value of zero disables cloning' + comment: 'New param' + + - name: hp3par_api_url + type: string + default: '' + help: '3PAR WSAPI Server Url like https://<3par ip>:8080/api/v1' + comment: 'New param' + + - name: hp3par_username + type: string + default: '' + help: '3PAR Super user username' + comment: 'New param' + + - name: hp3par_password + type: string + default: '' + help: '3PAR Super user password' + comment: 'New param' + + - name: hp3par_domain + type: string + default: ~ + help: 'This option is DEPRECATED and no longer used. The 3par domain name to use.' + comment: 'New param' + + - name: hp3par_cpg + type: string + default: 'OpenStack' + help: 'The CPG to use for volume creation' + comment: 'New param' + + - name: hp3par_cpg_snap + type: string + default: '' + help: 'The CPG to use for Snapshots for volumes. If empty hp3par_cpg will be used' + comment: 'New param' + + - name: hp3par_snapshot_retention + type: string + default: '' + help: "The time in hours to retain a snapshot. You can't delete it before this expires." + comment: 'New param' + + - name: hp3par_snapshot_expiration + type: string + default: '' + help: 'The time in hours when a snapshot expires and is deleted. This must be larger than expiration' + comment: 'New param' + + - name: hp3par_debug + type: boolean + default: false + help: 'Enable HTTP debugging to 3PAR' + comment: 'New param' + + - name: hp3par_iscsi_ips + type: list + default: '' + help: 'List of target iSCSI addresses to use.' + comment: 'New param' + + - name: san_thin_provision + type: boolean + default: true + help: 'Use thin provisioning for SAN volumes?' + comment: 'New param' + + - name: san_ip + type: string + default: '' + help: 'IP address of SAN controller' + comment: 'New param' + + - name: san_login + type: string + default: 'admin' + help: 'Username for SAN controller' + comment: 'New param' + + - name: san_password + type: string + default: '' + help: 'Password for SAN controller' + comment: 'New param' + + - name: san_private_key + type: string + default: '' + help: 'Filename of private key to use for SSH authentication' + comment: 'New param' + + - name: san_clustername + type: string + default: '' + help: 'Cluster name to use for creating volumes' + comment: 'New param' + + - name: san_ssh_port + type: integer + default: 22 + help: 'SSH port to use with SAN' + comment: 'New param' + + - name: san_is_local + type: boolean + default: false + help: 'Execute commands locally instead of over SSH; use if the volume service is running on the SAN device' + comment: 'New param' + + - name: ssh_conn_timeout + type: integer + default: 30 + help: 'SSH connection timeout in seconds' + comment: 'New param' + + - name: ssh_min_pool_conn + type: integer + default: true + help: 'Minimum ssh connections in the pool' + comment: 'New param' + + - name: ssh_max_pool_conn + type: integer + default: 5 + help: 'Maximum ssh connections in the pool' + comment: 'New param' + + - name: san_zfs_volume_base + type: string + default: 'rpool/' + help: 'The ZFS path under which to create zvols for volumes.' + comment: 'New param' + + - name: scality_sofs_config + type: string + default: ~ + help: 'Path or URL to Scality SOFS configuration file' + comment: 'New param' + + - name: scality_sofs_mount_point + type: string + default: '$state_path/scality' + help: 'Base dir where Scality SOFS shall be mounted' + comment: 'New param' + + - name: scality_sofs_volume_dir + type: string + default: 'cinder/volumes' + help: 'Path from Scality SOFS root to volume dir' + comment: 'New param' + + - name: sf_emulate_512 + type: boolean + default: true + help: 'Set 512 byte emulation on volume creation; ' + comment: 'New param' + + - name: sf_allow_tenant_qos + type: boolean + default: false + help: 'Allow tenants to specify QOS on create' + comment: 'New param' + + - name: sf_account_prefix + type: string + default: 'cinder' + help: 'Create SolidFire accounts with this prefix' + comment: 'New param' + + - name: sf_api_port + type: integer + default: 443 + help: 'SolidFire API port. Useful if the device api is behind a proxy on a different port.' + comment: 'New param' + + - name: storwize_svc_volpool_name + type: string + default: 'volpool' + help: 'Storage system storage pool for volumes' + comment: 'New param' + + - name: storwize_svc_vol_rsize + type: integer + default: 2 + help: 'Storage system space-efficiency parameter for volumes' + comment: 'New param' + + - name: storwize_svc_vol_warning + type: integer + default: false + help: 'Storage system threshold for volume capacity warnings' + comment: 'New param' + + - name: storwize_svc_vol_autoexpand + type: boolean + default: true + help: 'Storage system autoexpand parameter for volumes' + comment: 'New param' + + - name: storwize_svc_vol_grainsize + type: integer + default: 256 + help: 'Storage system grain size parameter for volumes' + comment: 'New param' + + - name: storwize_svc_vol_compression + type: boolean + default: false + help: 'Storage system compression option for volumes' + comment: 'New param' + + - name: storwize_svc_vol_easytier + type: boolean + default: true + help: 'Enable Easy Tier for volumes' + comment: 'New param' + + - name: storwize_svc_vol_iogrp + type: integer + default: false + help: 'The I/O group in which to allocate volumes' + comment: 'New param' + + - name: storwize_svc_flashcopy_timeout + type: integer + default: 120 + help: 'Maximum number of seconds to wait for FlashCopy to be prepared. Maximum value is 600 seconds' + comment: 'New param' + + - name: storwize_svc_connection_protocol + type: string + default: 'iSCSI' + help: 'Connection protocol' + comment: 'New param' + + - name: storwize_svc_multipath_enabled + type: boolean + default: false + help: 'Connect with multipath' + comment: 'New param' + + - name: storwize_svc_multihostmap_enabled + type: boolean + default: true + help: 'Allows vdisk to multi host mapping' + comment: 'New param' + + - name: vmware_host_ip + type: string + default: ~ + help: 'IP address for connecting to VMware ESX/VC server.' + comment: 'New param' + + - name: vmware_host_username + type: string + default: ~ + help: 'Username for authenticating with VMware ESX/VC server.' + comment: 'New param' + + - name: vmware_host_password + type: string + default: ~ + help: 'Password for authenticating with VMware ESX/VC server.' + comment: 'New param' + + - name: vmware_wsdl_location + type: string + default: ~ + help: 'Optional VIM service WSDL Location e.g http:///vimService.wsdl. Optional over-ride to default location for bug work-arounds.' + comment: 'New param' + + - name: vmware_api_retry_count + type: integer + default: 10 + help: 'Number of times VMware ESX/VC server API must be retried upon connection related issues.' + comment: 'New param' + + - name: vmware_task_poll_interval + type: integer + default: 5 + help: 'The interval used for polling remote tasks invoked on VMware ESX/VC server.' + comment: 'New param' + + - name: vmware_volume_folder + type: string + default: 'cinder-volumes' + help: 'Name for the folder in the VC datacenter that will contain cinder volumes.' + comment: 'New param' + + - name: vmware_image_transfer_timeout_secs + type: integer + default: 7200 + help: 'Timeout in seconds for VMDK volume transfer between Cinder and Glance.' + comment: 'New param' + + - name: windows_iscsi_lun_path + type: string + default: 'C:\\iSCSIVirtualDisks' + help: 'Path to store VHD backed volumes' + comment: 'New param' + + - name: xenapi_nfs_server + type: string + default: ~ + help: 'NFS server to be used by XenAPINFSDriver' + comment: 'New param' + + - name: xenapi_nfs_serverpath + type: string + default: ~ + help: 'Path of exported NFS, used by XenAPINFSDriver' + comment: 'New param' + + - name: xenapi_connection_url + type: string + default: ~ + help: 'URL for XenAPI connection' + comment: 'New param' + + - name: xenapi_connection_username + type: string + default: 'root' + help: 'Username for XenAPI connection' + comment: 'New param' + + - name: xenapi_connection_password + type: string + default: ~ + help: 'Password for XenAPI connection' + comment: 'New param' + + - name: xenapi_sr_base_path + type: string + default: '/var/run/sr-mount' + help: 'Base path to the storage repository' + comment: 'New param' + + - name: xiv_ds8k_proxy + type: string + default: 'xiv_ds8k_openstack.nova_proxy.XIVDS8KNovaProxy' + help: 'Proxy driver that connects to the IBM Storage Array' + comment: 'New param' + + - name: xiv_ds8k_connection_type + type: string + default: 'iscsi' + help: 'Connection type to the IBM Storage Array' + comment: 'New param' + + - name: zadara_vpsa_ip + type: string + default: ~ + help: 'Management IP of Zadara VPSA' + comment: 'New param' + + - name: zadara_vpsa_port + type: string + default: ~ + help: 'Zadara VPSA port number' + comment: 'New param' + + - name: zadara_vpsa_use_ssl + type: boolean + default: false + help: 'Use SSL connection' + comment: 'New param' + + - name: zadara_user + type: string + default: ~ + help: 'User name for the VPSA' + comment: 'New param' + + - name: zadara_password + type: string + default: ~ + help: 'Password for the VPSA' + comment: 'New param' + + - name: zadara_vpsa_poolname + type: string + default: ~ + help: 'Name of VPSA storage pool for volumes' + comment: 'New param' + + - name: zadara_vol_thin + type: boolean + default: true + help: 'Default thin provisioning policy for volumes' + comment: 'New param' + + - name: zadara_vol_encrypt + type: boolean + default: false + help: 'Default encryption policy for volumes' + comment: 'New param' + + - name: zadara_default_striping_mode + type: string + default: 'simple' + help: 'Default striping mode for volumes' + comment: 'New param' + + - name: zadara_default_stripesize + type: integer + default: 64 + help: 'Default stripe size for volumes' + comment: 'New param' + + - name: zadara_vol_name_template + type: string + default: 'OS_%s' + help: 'Default template for VPSA volume names' + comment: 'New param' + + - name: zadara_vpsa_auto_detach_on_delete + type: boolean + default: true + help: 'Automatically detach from servers on volume delete' + comment: 'New param' + + - name: zadara_vpsa_allow_nonexistent_delete + type: boolean + default: true + help: "Don't halt on deletion of non-existing volumes" + comment: 'New param' + + - name: volume_driver + type: string + default: 'cinder_2013_1_3.volume.drivers.lvm.LVMISCSIDriver' + help: 'Driver to use for volume creation' + comment: 'New param' + + - name: migration_create_volume_timeout_secs + type: integer + default: 300 + help: 'Timeout for creating the volume to migrate to when performing volume migration' + comment: 'New param' + + - name: volume_dd_blocksize + type: string + default: '1M' + help: 'The default block size used when copying/clearing volumes' + comment: 'New param' + +# ==================================================== + +- version: '2013.2.0' + checkpoint: true + added: + + - name: fatal_exception_format_errors + type: boolean + default: false + help: 'make exception message format errors fatal ' + comment: 'Help string has changed' + + - name: policy_file + type: string + default: 'policy.json' + help: 'JSON file representing policy ' + comment: 'Help string has changed' + + - name: policy_default_rule + type: string + default: 'default' + help: 'Rule checked when requested rule is not found ' + comment: 'Help string has changed' + + - name: quota_volumes + type: integer + default: 10 + help: 'number of volumes allowed per project ' + comment: 'Help string has changed' + + - name: quota_snapshots + type: integer + default: 10 + help: 'number of volume snapshots allowed per project ' + comment: 'Help string has changed' + + - name: quota_gigabytes + type: integer + default: 1000 + help: 'number of volume gigabytes (snapshots are also included) allowed per project ' + comment: 'Help string has changed' + + - name: reservation_expire + type: integer + default: 86400 + help: 'number of seconds until a reservation expires ' + comment: 'Help string has changed' + + - name: until_refresh + type: integer + default: false + help: 'count of reservations until usage is refreshed ' + comment: 'Help string has changed' + + - name: max_age + type: integer + default: false + help: 'number of seconds between subsequent usage refreshes ' + comment: 'Help string has changed' + + - name: quota_driver + type: string + default: 'cinder.quota.DbQuotaDriver' + help: 'default driver to use for quota checks ' + comment: 'Default value has changed' + + - name: use_default_quota_class + type: boolean + default: true + help: 'whether to use default quota class for default quota ' + comment: 'Help string has changed' + + - name: report_interval + type: integer + default: 10 + help: 'seconds between nodes reporting state to datastore ' + comment: 'Help string has changed' + + - name: periodic_interval + type: integer + default: 60 + help: 'seconds between running periodic tasks ' + comment: 'Help string has changed' + + - name: periodic_fuzzy_delay + type: integer + default: 60 + help: 'range of seconds to randomly delay when starting the periodic task scheduler to reduce stampeding. (Disable by setting to 0) ' + comment: 'Help string has changed' + + - name: osapi_volume_listen + type: host + default: '0.0.0.0' + help: 'IP address for OpenStack Volume API to listen ' + comment: 'Type has changed' + + - name: osapi_volume_listen_port + type: port + default: 8776 + help: 'port for os volume api to listen ' + comment: 'Type has changed' + + - name: sqlite_clean_db + type: string + default: 'clean.sqlite' + help: 'File name of clean sqlite db ' + comment: 'Help string has changed' + + - name: fake_tests + type: boolean + default: true + help: 'should we use everything for testing ' + comment: 'Help string has changed' + + - name: backlog + type: integer + default: 4096 + help: 'Number of backlog requests to configure the socket with ' + comment: 'Help string has changed' + + - name: tcp_keepidle + type: integer + default: 600 + help: 'Sets the value of TCP_KEEPIDLE in seconds for each server socket. Not supported on OS X. ' + comment: 'Help string has changed' + + - name: ssl_ca_file + type: string + default: ~ + help: 'CA certificate file to use to verify connecting clients ' + comment: 'Help string has changed' + + - name: ssl_cert_file + type: string + default: ~ + help: 'Certificate file to use when starting the server securely ' + comment: 'Help string has changed' + + - name: ssl_key_file + type: string + default: ~ + help: 'Private key file to use when starting the server securely ' + comment: 'Help string has changed' + + - name: osapi_max_limit + type: integer + default: 1000 + help: 'the maximum number of items returned in a single response from a collection resource ' + comment: 'Help string has changed' + + - name: osapi_volume_base_URL + type: string + default: ~ + help: 'Base URL that will be presented to users in links to the OpenStack Volume API ' + comment: 'Help string has changed' + + - name: use_forwarded_for + type: boolean + default: false + help: 'Treat X-Forwarded-For as the canonical remote address. Only enable this if you have a sanitizing proxy. ' + comment: 'Help string has changed' + + - name: osapi_max_request_body_size + type: integer + default: 114688 + help: 'Max size for body of a request ' + comment: 'Help string has changed' + + - name: backup_ceph_conf + type: string + default: '/etc/ceph/ceph.conf' + help: 'Ceph config file to use. ' + comment: 'Help string has changed' + + - name: backup_ceph_user + type: string + default: 'cinder' + help: 'the Ceph user to connect with ' + comment: 'Help string has changed' + + - name: backup_ceph_chunk_size + type: integer + default: 134217728 + help: 'the chunk size in bytes that a backup will be broken into before transfer to backup store ' + comment: 'Help string has changed' + + - name: backup_ceph_pool + type: string + default: 'backups' + help: 'the Ceph pool to backup to ' + comment: 'Help string has changed' + + - name: backup_ceph_stripe_unit + type: integer + default: false + help: 'RBD stripe unit to use when creating a backup image ' + comment: 'Help string has changed' + + - name: backup_ceph_stripe_count + type: integer + default: false + help: 'RBD stripe count to use when creating a backup image ' + comment: 'Help string has changed' + + - name: restore_discard_excess_bytes + type: boolean + default: true + help: 'If True, always discard excess bytes when restoring volumes. ' + comment: 'Help string has changed' + + - name: backup_swift_url + type: string + default: 'http://localhost:8080/v1/AUTH_' + help: 'The URL of the Swift endpoint ' + comment: 'Help string has changed' + + - name: backup_swift_auth + type: string + default: 'per_user' + help: 'Swift authentication mechanism ' + comment: 'Help string has changed' + + - name: backup_swift_user + type: string + default: ~ + help: 'Swift user name ' + comment: 'Help string has changed' + + - name: backup_swift_key + type: string + default: ~ + help: 'Swift key for authentication ' + comment: 'Help string has changed' + + - name: backup_swift_container + type: string + default: 'volumebackups' + help: 'The default Swift container to use ' + comment: 'Help string has changed' + + - name: backup_swift_object_size + type: integer + default: 52428800 + help: 'The size in bytes of Swift backup objects ' + comment: 'Help string has changed' + + - name: backup_swift_retry_attempts + type: integer + default: 3 + help: 'The number of retries to make for Swift operations ' + comment: 'Help string has changed' + + - name: backup_swift_retry_backoff + type: integer + default: 2 + help: 'The backoff time in seconds between Swift retries ' + comment: 'Help string has changed' + + - name: backup_compression_algorithm + type: string + default: 'zlib' + help: 'Compression algorithm (None to disable) ' + comment: 'Help string has changed' + + - name: backup_tsm_volume_prefix + type: string + default: 'backup' + help: 'Volume prefix for the backup id when backing up to TSM ' + comment: 'Help string has changed' + + - name: backup_tsm_password + type: string + default: 'password' + help: 'TSM password for the running username ' + comment: 'Help string has changed' + + - name: backup_tsm_compression + type: boolean + default: true + help: 'Enable or Disable compression for backups ' + comment: 'Help string has changed' + + - name: backup_driver + type: string + default: 'cinder.backup.drivers.swift_proxy_server' + help: 'Driver to use for backups. ' + comment: 'Default value has changed' + + - name: num_volume_device_scan_tries + type: integer + default: 3 + help: 'The maximum number of times to rescan targets to find volume ' + comment: 'Help string has changed' + + - name: iscsi_helper + type: string + default: 'tgtadm' + help: 'iscsi target user-land tool to use ' + comment: 'Help string has changed' + + - name: volumes_dir + type: string + default: '$state_path/volumes' + help: 'Volume configuration file storage directory ' + comment: 'Help string has changed' + + - name: iet_conf + type: string + default: '/etc/iet/ietd.conf' + help: 'IET configuration file ' + comment: 'Help string has changed' + + - name: lio_initiator_iqns + type: string + default: '' + help: 'Comma-separated list of initiator IQNs allowed to connect to the iSCSI target. (From Nova compute nodes.) ' + comment: 'Help string has changed' + + - name: iscsi_iotype + type: string + default: 'fileio' + help: 'Sets the behavior of the iSCSI target to either perform blockio or fileio optionally, auto can be set and Cinder will autodetect type of backing device ' + comment: 'Help string has changed' + + - name: iser_helper + type: string + default: 'tgtadm' + help: 'iser target user-land tool to use ' + comment: 'Help string has changed' + + - name: nfs_mount_point_base + type: string + default: '$state_path/mnt' + help: 'Base dir containing mount points for nfs shares. ' + comment: 'Help string has changed' + + - name: nfs_mount_options + type: string + default: ~ + help: 'Mount options passed to the nfs client. See section of the nfs man page for details. ' + comment: 'Help string has changed' + + - name: glusterfs_mount_point_base + type: string + default: '$state_path/mnt' + help: 'Base dir containing mount points for gluster shares. ' + comment: 'Help string has changed' + + - name: connection_type + type: string + default: ~ + help: 'Virtualization api connection type : libvirt, xenapi, or fake ' + comment: 'Help string has changed' + + - name: api_paste_config + type: string + default: 'api-paste.ini' + help: 'File name for the paste.deploy config for cinder-api ' + comment: 'Help string has changed' + + - name: pybasedir + type: string + default: '/usr/lib/python/site-packages' + help: 'Directory where the cinder python module is installed ' + comment: 'Help string has changed' + + - name: bindir + type: string + default: '$pybasedir/bin' + help: 'Directory where cinder binaries are installed ' + comment: 'Help string has changed' + + - name: state_path + type: string + default: '$pybasedir' + help: "Top-level directory for maintaining cinder's state " + comment: 'Help string has changed' + + - name: my_ip + type: string + default: '10.0.0.1' + help: 'ip address of this host ' + comment: 'Help string has changed' + + - name: glance_host + type: string + default: '$my_ip' + help: 'default glance hostname or ip ' + comment: 'Help string has changed' + + - name: glance_port + type: port + default: 9292 + help: 'default glance port ' + comment: 'Type has changed' + + - name: glance_api_servers + type: string_list + default: ['$glance_host:$glance_port'] + help: 'A list of the glance api servers available to cinder ([hostname|ip]:port) ' + comment: 'Type has changed' + + - name: glance_api_version + type: integer + default: true + help: 'Version of the glance api to use ' + comment: 'Help string has changed' + + - name: glance_num_retries + type: integer + default: false + help: 'Number retries when downloading an image from glance ' + comment: 'Help string has changed' + + - name: glance_api_insecure + type: boolean + default: false + help: 'Allow to perform insecure SSL (https) requests to glance ' + comment: 'Help string has changed' + + - name: glance_api_ssl_compression + type: boolean + default: false + help: 'Whether to attempt to negotiate SSL layer compression when using SSL (https) requests. Set to False to disable SSL layer compression. In some cases disabling this may improve data throughput, eg when high network bandwidth is available and you are using already compressed image formats such as qcow2 . ' + comment: 'Help string has changed' + + - name: glance_request_timeout + type: integer + default: ~ + help: 'http/https timeout value for glance operations. If no value (None) is supplied here, the glanceclient default value is used. ' + comment: 'Help string has changed' + + - name: scheduler_topic + type: string + default: 'cinder-scheduler' + help: 'the topic scheduler nodes listen on ' + comment: 'Help string has changed' + + - name: volume_topic + type: string + default: 'cinder-volume' + help: 'the topic volume nodes listen on ' + comment: 'Help string has changed' + + - name: backup_topic + type: string + default: 'cinder-backup' + help: 'the topic volume backup nodes listen on ' + comment: 'Help string has changed' + + - name: enable_v1_api + type: boolean + default: true + help: 'Deploy v1 of the Cinder API. ' + comment: 'New param' + + - name: enable_v2_api + type: boolean + default: true + help: 'Deploy v2 of the Cinder API. ' + comment: 'New param' + + - name: api_rate_limit + type: boolean + default: true + help: 'whether to rate limit the api ' + comment: 'Help string has changed' + + - name: osapi_volume_ext_list + type: string_list + default: [] + help: 'Specify list of extensions to load when using osapi_volume_extension option with cinder.api.contrib.select_extensions ' + comment: 'Type has changed' + + - name: osapi_volume_extension + type: string + default: 'cinder.api.contrib.standard_extensions' + help: 'osapi volume extension to load (multi valued)' + comment: 'Type has changed' + + - name: volume_manager + type: string + default: 'cinder.volume.manager.VolumeManager' + help: 'full class name for the Manager for volume ' + comment: 'Default value has changed' + + - name: backup_manager + type: string + default: 'cinder.backup.manager.BackupManager' + help: 'full class name for the Manager for volume backup ' + comment: 'Default value has changed' + + - name: scheduler_manager + type: string + default: 'cinder.scheduler.manager.SchedulerManager' + help: 'full class name for the Manager for scheduler ' + comment: 'Default value has changed' + + - name: host + type: string + default: '127.0.0.1' + help: 'Host to locate redis ' + comment: 'Help string has changed' + + - name: storage_availability_zone + type: string + default: 'nova' + help: 'availability zone of this node ' + comment: 'Help string has changed' + + - name: default_availability_zone + type: string + default: ~ + help: 'default availability zone to use when creating a new volume. If this is not set then we use the value from the storage_availability_zone option as the default availability_zone for new volumes. ' + comment: 'Help string has changed' + + - name: memcached_servers + type: list + default: ~ + help: 'Memcached servers or None for in process cache. ' + comment: 'Help string has changed' + + - name: default_volume_type + type: string + default: ~ + help: 'default volume type to use ' + comment: 'Help string has changed' + + - name: volume_usage_audit_period + type: string + default: 'month' + help: 'time period to generate volume usages for. Time period must be hour, day, month or year ' + comment: 'Help string has changed' + + - name: root_helper + type: string + default: 'sudo' + help: 'Deprecated: command to use for running commands as root ' + comment: 'Help string has changed' + + - name: rootwrap_config + type: string + default: '/etc/cinder/rootwrap.conf' + help: 'Path to the rootwrap configuration file to use for running commands as root ' + comment: 'Help string has changed' + + - name: monkey_patch + type: boolean + default: false + help: 'Enable monkey patching ' + comment: 'Help string has changed' + + - name: monkey_patch_modules + type: string_list + default: [] + help: 'List of modules/decorators to monkey patch ' + comment: 'Type has changed' + + - name: service_down_time + type: integer + default: 60 + help: 'maximum time since last check-in for up service ' + comment: 'Help string has changed' + + - name: volume_api_class + type: string + default: 'cinder.volume.api.API' + help: 'The full class name of the volume API class to use ' + comment: 'Default value has changed' + + - name: backup_api_class + type: string + default: 'cinder.backup.api.API' + help: 'The full class name of the volume backup API class ' + comment: 'Default value has changed' + + - name: auth_strategy + type: string + default: 'noauth' + help: 'The strategy to use for auth. Supports noauth, keystone, and deprecated. ' + comment: 'Help string has changed' + + - name: enabled_backends + type: list + default: ~ + help: 'A list of backend names to use. These backend names should be backed by a unique [CONFIG] group with its options ' + comment: 'Help string has changed' + + - name: no_snapshot_gb_quota + type: boolean + default: false + help: 'Whether snapshots count against GigaByte quota ' + comment: 'Help string has changed' + + - name: transfer_api_class + type: string + default: 'cinder.transfer.api.API' + help: 'The full class name of the volume transfer API class ' + comment: 'Default value has changed' + + - name: compute_api_class + type: string + default: 'cinder.compute.nova.API' + help: 'The full class name of the compute API class to use ' + comment: 'Default value has changed' + + - name: nova_catalog_info + type: string + default: 'compute:nova:publicURL' + help: 'Info to match when looking for nova in the service catalog. Format is : separated values of the form: :: ' + comment: 'Help string has changed' + + - name: nova_catalog_admin_info + type: string + default: 'compute:nova:adminURL' + help: 'Same as nova_catalog_info, but for admin endpoint. ' + comment: 'Help string has changed' + + - name: nova_endpoint_template + type: string + default: ~ + help: 'Override service catalog lookup with template for nova endpoint e.g. http://localhost:8774/v2/%(tenant_id)s ' + comment: 'Help string has changed' + + - name: nova_endpoint_admin_template + type: string + default: ~ + help: 'Same as nova_endpoint_template, but for admin endpoint. ' + comment: 'Help string has changed' + + - name: os_region_name + type: string + default: ~ + help: 'region name of this node ' + comment: 'Help string has changed' + + - name: nova_ca_certificates_file + type: string + default: ~ + help: 'Location of ca certicates file to use for nova client requests. ' + comment: 'Help string has changed' + + - name: nova_api_insecure + type: boolean + default: false + help: 'Allow to perform insecure SSL requests to nova ' + comment: 'Help string has changed' + + - name: db_backend + type: string + default: 'sqlalchemy' + help: 'The backend to use for db ' + comment: 'Help string has changed' + + - name: enable_new_services + type: boolean + default: true + help: 'Services to be added to the available pool on create ' + comment: 'Help string has changed' + + - name: volume_name_template + type: string + default: 'volume-%s' + help: 'Template string to be used to generate volume names ' + comment: 'Help string has changed' + + - name: snapshot_name_template + type: string + default: 'snapshot-%s' + help: 'Template string to be used to generate snapshot names ' + comment: 'Help string has changed' + + - name: backup_name_template + type: string + default: 'backup-%s' + help: 'Template string to be used to generate backup names ' + comment: 'Help string has changed' + + - name: db_driver + type: string + default: 'cinder.db' + help: 'driver to use for database access ' + comment: 'Default value has changed' + + - name: allowed_direct_url_schemes + type: string_list + default: [] + help: 'A list of url schemes that can be downloaded directly via the direct_url. Currently supported schemes: [file]. ' + comment: 'Type has changed' + + - name: image_conversion_dir + type: string + default: '$state_path/conversion' + help: 'Directory used for temporary storage during image conversion ' + comment: 'Help string has changed' + + - name: backend + type: string + default: 'sqlalchemy' + help: 'The backend to use for db ' + comment: 'Help string has changed' + + - name: use_tpool + type: boolean + default: false + help: 'Enable the experimental use of thread pooling for all DB API calls ' + comment: 'Help string has changed' + + - name: connection + type: string + default: 'sqlite:////cinder/openstack/common/db/$sqlite_db' + help: 'The SQLAlchemy connection string used to connect to the database ' + comment: 'Help string has changed' + + - name: idle_timeout + type: integer + default: 3600 + help: 'timeout before idle sql connections are reaped ' + comment: 'Help string has changed' + + - name: min_pool_size + type: integer + default: true + help: 'Minimum number of SQL connections to keep open in a pool ' + comment: 'Help string has changed' + + - name: max_pool_size + type: integer + default: 5 + help: 'Maximum number of SQL connections to keep open in a pool ' + comment: 'Help string has changed' + + - name: max_retries + type: integer + default: 10 + help: 'maximum db connection retries during startup. (setting -1 implies an infinite retry count) ' + comment: 'Help string has changed' + + - name: retry_interval + type: integer + default: 10 + help: 'interval between retries of opening a sql connection ' + comment: 'Help string has changed' + + - name: max_overflow + type: integer + default: ~ + help: 'If set, use this value for max_overflow with sqlalchemy ' + comment: 'Help string has changed' + + - name: connection_debug + type: integer + default: false + help: 'Verbosity of SQL debugging information. 0=None, 100=Everything ' + comment: 'Help string has changed' + + - name: connection_trace + type: boolean + default: false + help: 'Add python stack traces to SQL as comment strings ' + comment: 'Help string has changed' + + - name: sqlite_db + type: string + default: 'cinder.sqlite' + help: 'the filename to use with sqlite ' + comment: 'Default value has changed' + + - name: sqlite_synchronous + type: boolean + default: true + help: 'If true, use synchronous mode for sqlite ' + comment: 'Help string has changed' + + - name: backdoor_port + type: integer + default: ~ + help: 'port for eventlet backdoor to listen ' + comment: 'Help string has changed' + + - name: disable_process_locking + type: boolean + default: false + help: 'Whether to disable inter-process locks ' + comment: 'Help string has changed' + + - name: lock_path + type: string + default: ~ + help: 'Directory to use for lock files. Default to a temp directory ' + comment: 'Help string has changed' + + - name: debug + type: boolean + default: false + help: 'Print debugging output (set logging level to DEBUG instead of default WARNING level). ' + comment: 'Help string has changed' + + - name: verbose + type: boolean + default: false + help: 'Print more verbose output (set logging level to INFO instead of default WARNING level). ' + comment: 'Help string has changed' + + - name: use_stderr + type: boolean + default: true + help: 'Log output to standard error ' + comment: 'Help string has changed' + + - name: logging_context_format_string + type: string + default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s' + help: 'format string to use for log messages with context ' + comment: 'Help string has changed' + + - name: logging_default_format_string + type: string + default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s' + help: 'format string to use for log messages without context ' + comment: 'Help string has changed' + + - name: logging_debug_format_suffix + type: string + default: '%(funcName)s %(pathname)s:%(lineno)d' + help: 'data to append to log format when level is DEBUG ' + comment: 'Help string has changed' + + - name: logging_exception_prefix + type: string + default: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' + help: 'prefix each line of exception output with this format ' + comment: 'Help string has changed' + + - name: default_log_levels + type: string_list + default: ['amqplib=WARN', 'sqlalchemy=WARN', 'boto=WARN', 'suds=INFO', 'keystone=INFO', 'eventlet.wsgi.server=WARN'] + help: 'list of logger=LEVEL pairs ' + comment: 'Type has changed' + + - name: publish_errors + type: boolean + default: false + help: 'publish error events ' + comment: 'Help string has changed' + + - name: fatal_deprecations + type: boolean + default: false + help: 'make deprecations fatal ' + comment: 'Help string has changed' + + - name: instance_format + type: string + default: '"[instance: %(uuid)s] "' + help: 'If an instance is passed with the log message, format it like this ' + comment: 'Help string has changed' + + - name: instance_uuid_format + type: string + default: '"[instance: %(uuid)s] "' + help: 'If an instance UUID is passed with the log message, format it like this ' + comment: 'Help string has changed' + + - name: log_config + type: string + default: ~ + help: 'If this option is specified, the logging configuration file specified is used and overrides any other logging options specified. Please see the Python logging module documentation for details on logging configuration files. ' + comment: 'Help string has changed' + + - name: log_format + type: string + default: ~ + help: 'A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes. This option is deprecated. Please use logging_context_format_string and logging_default_format_string instead. ' + comment: 'Help string has changed' + + - name: log_date_format + type: string + default: '%Y-%m-%d %H:%M:%S' + help: 'Format string for %%(asctime)s in log records. Default: %(default)s ' + comment: 'Help string has changed' + + - name: log_file + type: string + default: ~ + help: '(Optional) Name of log file to output to. If no default is set, logging will go to stdout. ' + comment: 'Help string has changed' + + - name: log_dir + type: string + default: ~ + help: '(Optional) The base directory used for relative --log-file paths ' + comment: 'Help string has changed' + + - name: use_syslog + type: boolean + default: false + help: 'Use syslog for logging. ' + comment: 'Help string has changed' + + - name: syslog_log_facility + type: string + default: 'LOG_USER' + help: 'syslog facility to receive log lines ' + comment: 'Help string has changed' + + - name: default_notification_level + type: string + default: 'INFO' + help: 'Default notification level for outgoing notifications ' + comment: 'Help string has changed' + + - name: default_publisher_id + type: string + default: ~ + help: 'Default publisher_id for outgoing notifications ' + comment: 'Help string has changed' + + - name: notification_topics + type: string_list + default: ['notifications'] + help: 'AMQP topic used for OpenStack notifications ' + comment: 'Type has changed' + + - name: topics + type: string_list + default: ['notifications'] + help: 'AMQP topic(s) used for OpenStack notifications ' + comment: 'Type has changed' + + - name: run_external_periodic_tasks + type: boolean + default: true + help: 'Some periodic tasks can be run in a separate process. Should we run them here? ' + comment: 'Help string has changed' + + - name: rpc_backend + type: string + default: 'cinder.openstack.common.rpc.impl_kombu' + help: 'The messaging module to use, defaults to kombu. ' + comment: 'Default value has changed' + + - name: rpc_thread_pool_size + type: integer + default: 64 + help: 'Size of RPC thread pool ' + comment: 'Help string has changed' + + - name: rpc_conn_pool_size + type: integer + default: 30 + help: 'Size of RPC connection pool ' + comment: 'Help string has changed' + + - name: rpc_response_timeout + type: integer + default: 60 + help: 'Seconds to wait for a response from call or multicall ' + comment: 'Help string has changed' + + - name: rpc_cast_timeout + type: integer + default: 30 + help: 'Seconds to wait before a cast expires (TTL). Only supported by impl_zmq. ' + comment: 'Help string has changed' + + - name: allowed_rpc_exception_modules + type: string_list + default: ['nova.exception', 'cinder.exception', 'exceptions'] + help: 'Modules of exceptions that are permitted to be recreatedupon receiving exception data from an rpc call. ' + comment: 'Type has changed' + + - name: fake_rabbit + type: boolean + default: false + help: 'If passed, use a fake RabbitMQ provider ' + comment: 'Help string has changed' + + - name: control_exchange + type: string + default: 'openstack' + help: 'AMQP exchange to connect to if using RabbitMQ or Qpid ' + comment: 'Help string has changed' + + - name: amqp_rpc_single_reply_queue + type: boolean + default: false + help: 'Enable a fast single reply queue if using AMQP based RPC like RabbitMQ or Qpid. ' + comment: 'Help string has changed' + + - name: amqp_durable_queues + type: boolean + default: false + help: 'Use durable queues in amqp. ' + comment: 'Help string has changed' + + - name: amqp_auto_delete + type: boolean + default: false + help: 'Auto-delete queues in amqp. ' + comment: 'Help string has changed' + + - name: kombu_ssl_version + type: string + default: '' + help: 'SSL version to use (valid only if SSL enabled) ' + comment: 'Help string has changed' + + - name: kombu_ssl_keyfile + type: string + default: '' + help: 'SSL key file (valid only if SSL enabled) ' + comment: 'Help string has changed' + + - name: kombu_ssl_certfile + type: string + default: '' + help: 'SSL cert file (valid only if SSL enabled) ' + comment: 'Help string has changed' + + - name: kombu_ssl_ca_certs + type: string + default: '' + help: 'SSL certification authority file (valid only if SSL enabled) ' + comment: 'Help string has changed' + + - name: rabbit_host + type: host + default: 'localhost' + help: 'The RabbitMQ broker address where a single node is used ' + comment: 'Type has changed' + + - name: rabbit_port + type: port + default: 5672 + help: 'The RabbitMQ broker port where a single node is used ' + comment: 'Type has changed' + + - name: rabbit_hosts + type: string_list + default: ['$rabbit_host:$rabbit_port'] + help: 'RabbitMQ HA cluster host:port pairs ' + comment: 'Type has changed' + + - name: rabbit_use_ssl + type: boolean + default: false + help: 'connect over SSL for RabbitMQ ' + comment: 'Help string has changed' + + - name: rabbit_userid + type: string + default: 'guest' + help: 'the RabbitMQ userid ' + comment: 'Help string has changed' + + - name: rabbit_password + type: string + default: 'guest' + help: 'the RabbitMQ password ' + comment: 'Help string has changed' + + - name: rabbit_virtual_host + type: string + default: '/' + help: 'the RabbitMQ virtual host ' + comment: 'Help string has changed' + + - name: rabbit_retry_interval + type: integer + default: true + help: 'how frequently to retry connecting with RabbitMQ ' + comment: 'Help string has changed' + + - name: rabbit_retry_backoff + type: integer + default: 2 + help: 'how long to backoff for between retries when connecting to RabbitMQ ' + comment: 'Help string has changed' + + - name: rabbit_max_retries + type: integer + default: false + help: 'maximum retries with trying to connect to RabbitMQ (the default of 0 implies an infinite retry count) ' + comment: 'Help string has changed' + + - name: rabbit_ha_queues + type: boolean + default: false + help: 'use H/A queues in RabbitMQ (x-ha-policy: all).You need to wipe RabbitMQ database when changing this option. ' + comment: 'Help string has changed' + + - name: qpid_hostname + type: string + default: 'localhost' + help: 'Qpid broker hostname ' + comment: 'Help string has changed' + + - name: qpid_port + type: port + default: 5672 + help: 'Qpid broker port ' + comment: 'Type has changed' + + - name: qpid_hosts + type: string_list + default: ['$qpid_hostname:$qpid_port'] + help: 'Qpid HA cluster host:port pairs ' + comment: 'Type has changed' + + - name: qpid_username + type: string + default: '' + help: 'Username for qpid connection ' + comment: 'Help string has changed' + + - name: qpid_password + type: string + default: '' + help: 'Password for qpid connection ' + comment: 'Help string has changed' + + - name: qpid_sasl_mechanisms + type: string + default: '' + help: 'Space separated list of SASL mechanisms to use for auth ' + comment: 'Help string has changed' + + - name: qpid_heartbeat + type: integer + default: 60 + help: 'Seconds between connection keepalive heartbeats ' + comment: 'Help string has changed' + + - name: qpid_protocol + type: string + default: 'tcp' + help: "Transport to use, either 'tcp' or 'ssl' " + comment: 'Help string has changed' + + - name: qpid_tcp_nodelay + type: boolean + default: true + help: 'Disable Nagle algorithm ' + comment: 'Help string has changed' + + - name: qpid_topology_version + type: integer + default: true + help: 'The qpid topology version to use. Version 1 is what was originally used by impl_qpid. Version 2 includes some backwards-incompatible changes that allow broker federation to work. Users should update to version 2 when they are able to take everything down, as it requires a clean break. ' + comment: 'Help string has changed' + + - name: rpc_zmq_bind_address + type: string + default: '*' + help: "ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP. The 'host' option should point or resolve to this address. " + comment: 'Help string has changed' + + - name: rpc_zmq_matchmaker + type: string + default: 'cinder.openstack.common.rpc.matchmaker.MatchMakerLocalhost' + help: 'MatchMaker driver ' + comment: 'Default value has changed' + + - name: rpc_zmq_port + type: port + default: 9501 + help: 'ZeroMQ receiver listening port ' + comment: 'Type has changed' + + - name: rpc_zmq_contexts + type: integer + default: true + help: 'Number of ZeroMQ contexts, defaults to 1 ' + comment: 'Help string has changed' + + - name: rpc_zmq_topic_backlog + type: integer + default: ~ + help: 'Maximum number of ingress messages to locally buffer per topic. Default is unlimited. ' + comment: 'Help string has changed' + + - name: rpc_zmq_ipc_dir + type: string + default: '/var/run/openstack' + help: 'Directory for holding IPC sockets ' + comment: 'Help string has changed' + + - name: rpc_zmq_host + type: string + default: 'cinder' + help: "Name of this node. Must be a valid hostname, FQDN, or IP address. Must match 'host' option, if running Nova. " + comment: 'Help string has changed' + + - name: matchmaker_ringfile + type: string + default: '/etc/nova/matchmaker_ring.json' + help: 'Matchmaker ring file (JSON) ' + comment: 'Help string has changed' + + - name: matchmaker_heartbeat_freq + type: integer + default: 300 + help: 'Heartbeat frequency ' + comment: 'Help string has changed' + + - name: matchmaker_heartbeat_ttl + type: integer + default: 600 + help: 'Heartbeat time-to-live. ' + comment: 'Help string has changed' + + - name: port + type: integer + default: 6379 + help: 'Use this port to connect to redis host. ' + comment: 'Help string has changed' + + - name: password + type: string + default: ~ + help: 'Password for Redis server. (optional) ' + comment: 'Help string has changed' + + - name: scheduler_host_manager + type: string + default: 'cinder.scheduler.host_manager.HostManager' + help: 'The scheduler host manager class to use ' + comment: 'Default value has changed' + + - name: scheduler_max_attempts + type: integer + default: 3 + help: 'Maximum number of attempts to schedule an volume ' + comment: 'Help string has changed' + + - name: scheduler_default_filters + type: string_list + default: ['AvailabilityZoneFilter', 'CapacityFilter', 'CapabilitiesFilter'] + help: 'Which filter class names to use for filtering hosts when not specified in the request. ' + comment: 'Type has changed' + + - name: scheduler_default_weighers + type: string_list + default: ['CapacityWeigher'] + help: 'Which weigher class names to use for weighing hosts. ' + comment: 'Type has changed' + + - name: scheduler_driver + type: string + default: 'cinder.scheduler.filter_scheduler.FilterScheduler' + help: 'Default scheduler driver to use ' + comment: 'Default value has changed' + + - name: scheduler_json_config_location + type: string + default: '' + help: 'Absolute path to scheduler configuration JSON file. ' + comment: 'Help string has changed' + + - name: max_gigabytes + type: integer + default: 10000 + help: 'maximum number of volume gigabytes to allow per host ' + comment: 'Help string has changed' + + - name: capacity_weight_multiplier + type: float + default: true + help: 'Multiplier used for weighing volume capacity. Negative numbers mean to stack vs spread. ' + comment: 'Help string has changed' + + - name: volume_transfer_salt_length + type: integer + default: 8 + help: 'The number of characters in the salt. ' + comment: 'Help string has changed' + + - name: volume_transfer_key_length + type: integer + default: 16 + help: 'The number of characters in the autogenerated auth key. ' + comment: 'Help string has changed' + + - name: snapshot_same_host + type: boolean + default: true + help: 'Create volume from snapshot at the host where snapshot resides ' + comment: 'Help string has changed' + + - name: cloned_volume_same_az + type: boolean + default: true + help: 'Ensure that the new volumes are the same AZ as snapshot or source volume ' + comment: 'Help string has changed' + + - name: num_shell_tries + type: integer + default: 3 + help: 'number of times to attempt to run flakey shell commands ' + comment: 'Help string has changed' + + - name: reserved_percentage + type: integer + default: false + help: 'The percentage of backend capacity is reserved ' + comment: 'Help string has changed' + + - name: iscsi_num_targets + type: integer + default: 100 + help: 'The maximum number of iscsi target ids per host ' + comment: 'Help string has changed' + + - name: iscsi_target_prefix + type: string + default: 'iqn.2010-10.org.openstack:' + help: 'prefix for iscsi volumes ' + comment: 'Help string has changed' + + - name: iscsi_ip_address + type: string + default: '$my_ip' + help: 'The IP address that the iSCSI daemon is listening on ' + comment: 'Help string has changed' + + - name: iscsi_port + type: port + default: 3260 + help: 'The port that the iSCSI daemon is listening on ' + comment: 'Type has changed' + + - name: num_iser_scan_tries + type: integer + default: 3 + help: 'The maximum number of times to rescan iSER targetto find volume ' + comment: 'Help string has changed' + + - name: iser_num_targets + type: integer + default: 100 + help: 'The maximum number of iser target ids per host ' + comment: 'Help string has changed' + + - name: iser_target_prefix + type: string + default: 'iqn.2010-10.org.iser.openstack:' + help: 'prefix for iser volumes ' + comment: 'Help string has changed' + + - name: iser_ip_address + type: string + default: '$my_ip' + help: 'The IP address that the iSER daemon is listening on ' + comment: 'Help string has changed' + + - name: iser_port + type: port + default: 3260 + help: 'The port that the iSER daemon is listening on ' + comment: 'Type has changed' + + - name: volume_backend_name + type: string + default: ~ + help: 'The backend name for a given driver implementation ' + comment: 'Help string has changed' + + - name: use_multipath_for_image_xfer + type: boolean + default: false + help: 'Do we attach/detach volumes in cinder using multipath for volume to image and image to volume transfers? ' + comment: 'Help string has changed' + + - name: volume_clear + type: string + default: 'zero' + help: 'Method used to wipe old voumes (valid options are: none, zero, shred) ' + comment: 'Help string has changed' + + - name: volume_clear_size + type: integer + default: false + help: 'Size in MiB to wipe at start of old volumes. 0 => all ' + comment: 'Help string has changed' + + - name: available_devices + type: string_list + default: [] + help: 'List of all available devices ' + comment: 'Type has changed' + + - name: coraid_esm_address + type: string + default: '' + help: 'IP address of Coraid ESM ' + comment: 'Help string has changed' + + - name: coraid_user + type: string + default: 'admin' + help: 'User name to connect to Coraid ESM ' + comment: 'Help string has changed' + + - name: coraid_group + type: string + default: 'admin' + help: 'Name of group on Coraid ESM to which coraid_user belongs (must have admin privilege) ' + comment: 'Help string has changed' + + - name: coraid_password + type: string + default: 'password' + help: 'Password to connect to Coraid ESM ' + comment: 'Help string has changed' + + - name: coraid_repository_key + type: string + default: 'coraid_repository' + help: 'Volume Type key name to store ESM Repository Name ' + comment: 'Help string has changed' + + - name: eqlx_group_name + type: string + default: 'group-0' + help: 'Group name to use for creating volumes ' + comment: 'Help string has changed' + + - name: eqlx_cli_timeout + type: integer + default: 30 + help: 'Timeout for the Group Manager cli command execution ' + comment: 'Help string has changed' + + - name: eqlx_cli_max_retries + type: integer + default: 5 + help: 'Maximum retry count for reconnection ' + comment: 'Help string has changed' + + - name: eqlx_use_chap + type: boolean + default: false + help: 'Use CHAP authentificaion for targets? ' + comment: 'Help string has changed' + + - name: eqlx_chap_login + type: string + default: 'admin' + help: 'Existing CHAP account name ' + comment: 'Help string has changed' + + - name: eqlx_chap_password + type: string + default: 'password' + help: 'Password for specified CHAP account name ' + comment: 'Help string has changed' + + - name: eqlx_pool + type: string + default: 'default' + help: 'Pool in which volumes will be created ' + comment: 'Help string has changed' + + - name: glusterfs_shares_config + type: string + default: '/etc/cinder/glusterfs_shares' + help: 'File with the list of available gluster shares ' + comment: 'Help string has changed' + + - name: glusterfs_disk_util + type: string + default: 'df' + help: 'Use du or df for free space calculation ' + comment: 'Help string has changed' + + - name: glusterfs_sparsed_volumes + type: boolean + default: true + help: 'Create volumes as sparsed files which take no space.If set to False volume is created as regular file.In such case volume creation takes a lot of time. ' + comment: 'Help string has changed' + + - name: glusterfs_qcow2_volumes + type: boolean + default: false + help: 'Create volumes as QCOW2 files rather than raw files. ' + comment: 'Help string has changed' + + - name: gpfs_mount_point_base + type: string + default: ~ + help: 'Specifies the path of the GPFS directory where Block Storage volume and snapshot files are stored. ' + comment: 'Help string has changed' + + - name: gpfs_images_dir + type: string + default: ~ + help: 'Specifies the path of the Image service repository in GPFS. Leave undefined if not storing images in GPFS. ' + comment: 'Help string has changed' + + - name: gpfs_images_share_mode + type: string + default: ~ + help: "Specifies the type of image copy to be used. Set this when the Image service repository also uses GPFS so that image files can be transferred efficiently from the Image service to the Block Storage service. There are two valid values: 'copy' specifies that a full copy of the image is made; 'copy_on_write' specifies that copy-on-write optimization strategy is used and unmodified blocks of the image file are shared efficiently. " + comment: 'Help string has changed' + + - name: gpfs_max_clone_depth + type: integer + default: false + help: 'Specifies an upper limit on the number of indirections required to reach a specific block due to snapshots or clones. A lengthy chain of copy-on-write snapshots or clones can have a negative impact on performance, but improves space utilization. 0 indicates unlimited clone depth. ' + comment: 'Help string has changed' + + - name: gpfs_sparse_volumes + type: boolean + default: true + help: 'Specifies that volumes are created as sparse files which initially consume no space. If set to False, the volume is created as a fully allocated file, in which case, creation may take a significantly longer time. ' + comment: 'Help string has changed' + + - name: hds_cinder_config_file + type: string + default: '/opt/hds/hus/cinder_hus_conf.xml' + help: 'configuration file for HDS cinder plugin for HUS ' + comment: 'Help string has changed' + + - name: cinder_huawei_conf_file + type: string + default: '/etc/cinder/cinder_huawei_conf.xml' + help: 'config data for cinder huawei plugin ' + comment: 'Help string has changed' + + - name: volume_group + type: string + default: 'cinder-volumes' + help: 'Name for the VG that will contain exported volumes ' + comment: 'Help string has changed' + + - name: pool_size + type: string + default: ~ + help: 'Size of thin provisioning pool (None uses entire cinder VG) ' + comment: 'Help string has changed' + + - name: lvm_mirrors + type: integer + default: false + help: 'If set, create lvms with multiple mirrors. Note that this requires lvm_mirrors + 2 pvs with available space ' + comment: 'Help string has changed' + + - name: lvm_type + type: string + default: 'default' + help: 'Type of LVM volumes to deploy; (default or thin) ' + comment: 'Help string has changed' + + - name: netapp_vfiler + type: string + default: ~ + help: 'Vfiler to use for provisioning ' + comment: 'Help string has changed' + + - name: netapp_login + type: string + default: ~ + help: 'User name for the storage controller ' + comment: 'Help string has changed' + + - name: netapp_password + type: string + default: ~ + help: 'Password for the storage controller ' + comment: 'Help string has changed' + + - name: netapp_vserver + type: string + default: ~ + help: 'Cluster vserver to use for provisioning ' + comment: 'Help string has changed' + + - name: netapp_server_hostname + type: string + default: ~ + help: 'Host name for the storage controller ' + comment: 'Help string has changed' + + - name: netapp_server_port + type: port + default: 80 + help: 'Port number for the storage controller ' + comment: 'Type has changed' + + - name: thres_avl_size_perc_start + type: integer + default: 20 + help: 'Threshold available percent to start cache cleaning. ' + comment: 'Help string has changed' + + - name: thres_avl_size_perc_stop + type: integer + default: 60 + help: 'Threshold available percent to stop cache cleaning. ' + comment: 'Help string has changed' + + - name: expiry_thres_minutes + type: integer + default: 720 + help: 'Threshold minutes after which cache file can be cleaned. ' + comment: 'Help string has changed' + + - name: netapp_size_multiplier + type: float + default: 1.2 + help: 'Volume size multiplier to ensure while creation ' + comment: 'Help string has changed' + + - name: netapp_volume_list + type: string + default: ~ + help: 'Comma separated volumes to be used for provisioning ' + comment: 'Help string has changed' + + - name: netapp_storage_family + type: string + default: 'ontap_cluster' + help: 'Storage family type. ' + comment: 'Help string has changed' + + - name: netapp_storage_protocol + type: string + default: ~ + help: 'Storage protocol type. ' + comment: 'Help string has changed' + + - name: netapp_transport_type + type: string + default: 'http' + help: 'Transport type protocol ' + comment: 'Help string has changed' + + - name: nexenta_host + type: string + default: '' + help: 'IP address of Nexenta SA ' + comment: 'Help string has changed' + + - name: nexenta_rest_port + type: port + default: 2000 + help: 'HTTP port to connect to Nexenta REST API server ' + comment: 'Type has changed' + + - name: nexenta_rest_protocol + type: string + default: 'auto' + help: 'Use http or https for REST connection (default auto) ' + comment: 'Help string has changed' + + - name: nexenta_user + type: string + default: 'admin' + help: 'User name to connect to Nexenta SA ' + comment: 'Help string has changed' + + - name: nexenta_password + type: string + default: 'nexenta' + help: 'Password to connect to Nexenta SA ' + comment: 'Help string has changed' + + - name: nexenta_iscsi_target_portal_port + type: port + default: 3260 + help: 'Nexenta target portal port ' + comment: 'Type has changed' + + - name: nexenta_volume + type: string + default: 'cinder' + help: 'pool on SA that will hold all volumes ' + comment: 'Help string has changed' + + - name: nexenta_target_prefix + type: string + default: 'iqn.1986-03.com.sun:02:cinder-' + help: 'IQN prefix for iSCSI targets ' + comment: 'Help string has changed' + + - name: nexenta_target_group_prefix + type: string + default: 'cinder/' + help: 'prefix for iSCSI target groups on SA ' + comment: 'Help string has changed' + + - name: nexenta_shares_config + type: string + default: '/etc/cinder/nfs_shares' + help: 'File with the list of available nfs shares ' + comment: 'Help string has changed' + + - name: nexenta_mount_point_base + type: string + default: '$state_path/mnt' + help: 'Base dir containing mount points for nfs shares ' + comment: 'Help string has changed' + + - name: nexenta_sparsed_volumes + type: boolean + default: true + help: 'Create volumes as sparsed files which take no space.If set to False volume is created as regular file.In such case volume creation takes a lot of time. ' + comment: 'Help string has changed' + + - name: nexenta_volume_compression + type: string + default: 'on' + help: 'Default compression value for new ZFS folders. ' + comment: 'Help string has changed' + + - name: nexenta_mount_options + type: string + default: ~ + help: 'Mount options passed to the nfs client. See section of the nfs man page for details ' + comment: 'Help string has changed' + + - name: nexenta_used_ratio + type: float + default: 0.95 + help: 'Percent of ACTUAL usage of the underlying volume before no new volumes can be allocated to the volume destination. ' + comment: 'Help string has changed' + + - name: nexenta_oversub_ratio + type: float + default: true + help: 'This will compare the allocated to available space on the volume destination. If the ratio exceeds this number, the destination will no longer be valid. ' + comment: 'Help string has changed' + + - name: nexenta_blocksize + type: string + default: '' + help: 'block size for volumes (blank=default,8KB) ' + comment: 'Help string has changed' + + - name: nexenta_sparse + type: boolean + default: false + help: 'flag to create sparse volumes ' + comment: 'Help string has changed' + + - name: nfs_shares_config + type: string + default: '/etc/cinder/nfs_shares' + help: 'File with the list of available nfs shares ' + comment: 'Help string has changed' + + - name: nfs_sparsed_volumes + type: boolean + default: true + help: 'Create volumes as sparsed files which take no space.If set to False volume is created as regular file.In such case volume creation takes a lot of time. ' + comment: 'Help string has changed' + + - name: nfs_used_ratio + type: float + default: 0.95 + help: 'Percent of ACTUAL usage of the underlying volume before no new volumes can be allocated to the volume destination. ' + comment: 'Help string has changed' + + - name: nfs_oversub_ratio + type: float + default: true + help: 'This will compare the allocated to available space on the volume destination. If the ratio exceeds this number, the destination will no longer be valid. ' + comment: 'Help string has changed' + + - name: rbd_pool + type: string + default: 'rbd' + help: 'the RADOS pool in which rbd volumes are stored ' + comment: 'Help string has changed' + + - name: rbd_user + type: string + default: ~ + help: 'the RADOS client name for accessing rbd volumes - only set when using cephx authentication ' + comment: 'Help string has changed' + + - name: rbd_ceph_conf + type: string + default: '' + help: 'path to the ceph configuration file to use ' + comment: 'Help string has changed' + + - name: rbd_flatten_volume_from_snapshot + type: boolean + default: false + help: 'flatten volumes created from snapshots to remove dependency ' + comment: 'Help string has changed' + + - name: rbd_secret_uuid + type: string + default: ~ + help: 'the libvirt uuid of the secret for the rbd_uservolumes ' + comment: 'Help string has changed' + + - name: volume_tmp_dir + type: string + default: ~ + help: 'where to store temporary image files if the volume driver does not write them directly to the volume ' + comment: 'Help string has changed' + + - name: rbd_max_clone_depth + type: integer + default: 5 + help: 'maximum number of nested clones that can be taken of a volume before enforcing a flatten prior to next clone. A value of zero disables cloning ' + comment: 'Help string has changed' + + - name: hp3par_api_url + type: string + default: '' + help: '3PAR WSAPI Server Url like https://<3par ip>:8080/api/v1 ' + comment: 'Help string has changed' + + - name: hp3par_username + type: string + default: '' + help: '3PAR Super user username ' + comment: 'Help string has changed' + + - name: hp3par_password + type: string + default: '' + help: '3PAR Super user password ' + comment: 'Help string has changed' + + - name: hp3par_domain + type: string + default: ~ + help: 'This option is DEPRECATED and no longer used. The 3par domain name to use. ' + comment: 'Help string has changed' + + - name: hp3par_cpg + type: string + default: 'OpenStack' + help: 'The CPG to use for volume creation ' + comment: 'Help string has changed' + + - name: hp3par_cpg_snap + type: string + default: '' + help: 'The CPG to use for Snapshots for volumes. If empty hp3par_cpg will be used ' + comment: 'Help string has changed' + + - name: hp3par_snapshot_retention + type: string + default: '' + help: "The time in hours to retain a snapshot. You can't delete it before this expires. " + comment: 'Help string has changed' + + - name: hp3par_snapshot_expiration + type: string + default: '' + help: 'The time in hours when a snapshot expires and is deleted. This must be larger than expiration ' + comment: 'Help string has changed' + + - name: hp3par_debug + type: boolean + default: false + help: 'Enable HTTP debugging to 3PAR ' + comment: 'Help string has changed' + + - name: hp3par_iscsi_ips + type: string_list + default: [] + help: 'List of target iSCSI addresses to use. ' + comment: 'Type has changed' + + - name: san_thin_provision + type: boolean + default: true + help: 'Use thin provisioning for SAN volumes? ' + comment: 'Help string has changed' + + - name: san_ip + type: string + default: '' + help: 'IP address of SAN controller ' + comment: 'Help string has changed' + + - name: san_login + type: string + default: 'admin' + help: 'Username for SAN controller ' + comment: 'Help string has changed' + + - name: san_password + type: string + default: '' + help: 'Password for SAN controller ' + comment: 'Help string has changed' + + - name: san_private_key + type: string + default: '' + help: 'Filename of private key to use for SSH authentication ' + comment: 'Help string has changed' + + - name: san_clustername + type: string + default: '' + help: 'Cluster name to use for creating volumes ' + comment: 'Help string has changed' + + - name: san_ssh_port + type: port + default: 22 + help: 'SSH port to use with SAN ' + comment: 'Type has changed' + + - name: san_is_local + type: boolean + default: false + help: 'Execute commands locally instead of over SSH; use if the volume service is running on the SAN device ' + comment: 'Help string has changed' + + - name: ssh_conn_timeout + type: integer + default: 30 + help: 'SSH connection timeout in seconds ' + comment: 'Help string has changed' + + - name: ssh_min_pool_conn + type: integer + default: true + help: 'Minimum ssh connections in the pool ' + comment: 'Help string has changed' + + - name: ssh_max_pool_conn + type: integer + default: 5 + help: 'Maximum ssh connections in the pool ' + comment: 'Help string has changed' + + - name: san_zfs_volume_base + type: string + default: 'rpool/' + help: 'The ZFS path under which to create zvols for volumes. ' + comment: 'Help string has changed' + + - name: scality_sofs_config + type: string + default: ~ + help: 'Path or URL to Scality SOFS configuration file ' + comment: 'Help string has changed' + + - name: scality_sofs_mount_point + type: string + default: '$state_path/scality' + help: 'Base dir where Scality SOFS shall be mounted ' + comment: 'Help string has changed' + + - name: scality_sofs_volume_dir + type: string + default: 'cinder/volumes' + help: 'Path from Scality SOFS root to volume dir ' + comment: 'Help string has changed' + + - name: sf_emulate_512 + type: boolean + default: true + help: 'Set 512 byte emulation on volume creation; ' + comment: 'Help string has changed' + + - name: sf_allow_tenant_qos + type: boolean + default: false + help: 'Allow tenants to specify QOS on create ' + comment: 'Help string has changed' + + - name: sf_account_prefix + type: string + default: 'cinder' + help: 'Create SolidFire accounts with this prefix ' + comment: 'Help string has changed' + + - name: sf_api_port + type: port + default: 443 + help: 'SolidFire API port. Useful if the device api is behind a proxy on a different port. ' + comment: 'Type has changed' + + - name: storwize_svc_volpool_name + type: string + default: 'volpool' + help: 'Storage system storage pool for volumes ' + comment: 'Help string has changed' + + - name: storwize_svc_vol_rsize + type: integer + default: 2 + help: 'Storage system space-efficiency parameter for volumes (percentage) ' + comment: 'Help string has changed' + + - name: storwize_svc_vol_warning + type: integer + default: false + help: 'Storage system threshold for volume capacity warnings (percentage) ' + comment: 'Help string has changed' + + - name: storwize_svc_vol_autoexpand + type: boolean + default: true + help: 'Storage system autoexpand parameter for volumes (True/False) ' + comment: 'Help string has changed' + + - name: storwize_svc_vol_grainsize + type: integer + default: 256 + help: 'Storage system grain size parameter for volumes (32/64/128/256) ' + comment: 'Help string has changed' + + - name: storwize_svc_vol_compression + type: boolean + default: false + help: 'Storage system compression option for volumes ' + comment: 'Help string has changed' + + - name: storwize_svc_vol_easytier + type: boolean + default: true + help: 'Enable Easy Tier for volumes ' + comment: 'Help string has changed' + + - name: storwize_svc_vol_iogrp + type: integer + default: false + help: 'The I/O group in which to allocate volumes ' + comment: 'Help string has changed' + + - name: storwize_svc_flashcopy_timeout + type: integer + default: 120 + help: 'Maximum number of seconds to wait for FlashCopy to be prepared. Maximum value is 600 seconds (10 minutes) ' + comment: 'Help string has changed' + + - name: storwize_svc_connection_protocol + type: string + default: 'iSCSI' + help: 'Connection protocol (iSCSI/FC) ' + comment: 'Help string has changed' + + - name: storwize_svc_multipath_enabled + type: boolean + default: false + help: 'Connect with multipath (FC only; iSCSI multipath is controlled by Nova) ' + comment: 'Help string has changed' + + - name: storwize_svc_multihostmap_enabled + type: boolean + default: true + help: 'Allows vdisk to multi host mapping ' + comment: 'Help string has changed' + + - name: vmware_host_ip + type: string + default: ~ + help: 'IP address for connecting to VMware ESX/VC server. ' + comment: 'Help string has changed' + + - name: vmware_host_username + type: string + default: ~ + help: 'Username for authenticating with VMware ESX/VC server. ' + comment: 'Help string has changed' + + - name: vmware_host_password + type: string + default: ~ + help: 'Password for authenticating with VMware ESX/VC server. ' + comment: 'Help string has changed' + + - name: vmware_wsdl_location + type: string + default: ~ + help: 'Optional VIM service WSDL Location e.g http:///vimService.wsdl. Optional over-ride to default location for bug work-arounds. ' + comment: 'Help string has changed' + + - name: vmware_api_retry_count + type: integer + default: 10 + help: 'Number of times VMware ESX/VC server API must be retried upon connection related issues. ' + comment: 'Help string has changed' + + - name: vmware_task_poll_interval + type: integer + default: 5 + help: 'The interval used for polling remote tasks invoked on VMware ESX/VC server. ' + comment: 'Help string has changed' + + - name: vmware_volume_folder + type: string + default: 'cinder-volumes' + help: 'Name for the folder in the VC datacenter that will contain cinder volumes. ' + comment: 'Help string has changed' + + - name: vmware_image_transfer_timeout_secs + type: integer + default: 7200 + help: 'Timeout in seconds for VMDK volume transfer between Cinder and Glance. ' + comment: 'Help string has changed' + + - name: windows_iscsi_lun_path + type: string + default: 'C:\\iSCSIVirtualDisks' + help: 'Path to store VHD backed volumes ' + comment: 'Help string has changed' + + - name: xenapi_nfs_server + type: string + default: ~ + help: 'NFS server to be used by XenAPINFSDriver ' + comment: 'Help string has changed' + + - name: xenapi_nfs_serverpath + type: string + default: ~ + help: 'Path of exported NFS, used by XenAPINFSDriver ' + comment: 'Help string has changed' + + - name: xenapi_connection_url + type: string + default: ~ + help: 'URL for XenAPI connection ' + comment: 'Help string has changed' + + - name: xenapi_connection_username + type: string + default: 'root' + help: 'Username for XenAPI connection ' + comment: 'Help string has changed' + + - name: xenapi_connection_password + type: string + default: ~ + help: 'Password for XenAPI connection ' + comment: 'Help string has changed' + + - name: xenapi_sr_base_path + type: string + default: '/var/run/sr-mount' + help: 'Base path to the storage repository ' + comment: 'Help string has changed' + + - name: xiv_ds8k_proxy + type: string + default: 'xiv_ds8k_openstack.nova_proxy.XIVDS8KNovaProxy' + help: 'Proxy driver that connects to the IBM Storage Array ' + comment: 'Help string has changed' + + - name: xiv_ds8k_connection_type + type: string + default: 'iscsi' + help: 'Connection type to the IBM Storage Array (fibre_channel|iscsi) ' + comment: 'Help string has changed' + + - name: zadara_vpsa_ip + type: string + default: ~ + help: 'Management IP of Zadara VPSA ' + comment: 'Help string has changed' + + - name: zadara_vpsa_port + type: string + default: ~ + help: 'Zadara VPSA port number ' + comment: 'Help string has changed' + + - name: zadara_vpsa_use_ssl + type: boolean + default: false + help: 'Use SSL connection ' + comment: 'Help string has changed' + + - name: zadara_user + type: string + default: ~ + help: 'User name for the VPSA ' + comment: 'Help string has changed' + + - name: zadara_password + type: string + default: ~ + help: 'Password for the VPSA ' + comment: 'Help string has changed' + + - name: zadara_vpsa_poolname + type: string + default: ~ + help: 'Name of VPSA storage pool for volumes ' + comment: 'Help string has changed' + + - name: zadara_vol_thin + type: boolean + default: true + help: 'Default thin provisioning policy for volumes ' + comment: 'Help string has changed' + + - name: zadara_vol_encrypt + type: boolean + default: false + help: 'Default encryption policy for volumes ' + comment: 'Help string has changed' + + - name: zadara_default_striping_mode + type: string + default: 'simple' + help: 'Default striping mode for volumes ' + comment: 'Help string has changed' + + - name: zadara_default_stripesize + type: string + default: '64' + help: 'Default stripe size for volumes ' + comment: 'Type has changed' + + - name: zadara_vol_name_template + type: string + default: 'OS_%s' + help: 'Default template for VPSA volume names ' + comment: 'Help string has changed' + + - name: zadara_vpsa_auto_detach_on_delete + type: boolean + default: true + help: 'Automatically detach from servers on volume delete ' + comment: 'Help string has changed' + + - name: zadara_vpsa_allow_nonexistent_delete + type: boolean + default: true + help: "Don't halt on deletion of non-existing volumes " + comment: 'Help string has changed' + + - name: volume_driver + type: string + default: 'cinder.volume.drivers.lvm.LVMISCSIDriver' + help: 'Driver to use for volume creation ' + comment: 'Default value has changed' + + - name: migration_create_volume_timeout_secs + type: integer + default: 300 + help: 'Timeout for creating the volume to migrate to when performing volume migration (seconds) ' + comment: 'Help string has changed' + + - name: volume_dd_blocksize + type: string + default: '1M' + help: 'The default block size used when copying/clearing volumes ' + comment: 'Help string has changed' + + - name: api_class + type: string + default: 'cinder.keymgr.conf_key_mgr.ConfKeyManager' + help: 'The full class name of the key manager API class ' + comment: 'New param' + + - name: fixed_key + type: string + default: ~ + help: 'Fixed key returned by key manager, specified in hex ' + comment: 'New param' + + - name: notification_driver + type: string + default: '' + help: 'Driver or drivers to handle sending notifications (multi valued)' + comment: 'New param' + + - name: nexenta_nms_cache_volroot + type: boolean + default: true + help: 'If set True cache NexentaStor appliance volroot option value. ' + comment: 'New param' + + - name: storwize_svc_iscsi_chap_enabled + type: boolean + default: true + help: 'Configure CHAP authentication for iSCSI connections (Default: Enabled) ' + comment: 'New param' + + - name: vmware_max_objects_retrieval + type: integer + default: 100 + help: 'Max number of objects to be retrieved per batch. Query results will be obtained in batches from the server and not in one shot. Server may still limit the count to something less than the configured value. ' + comment: 'New param' + + - name: volume_service_inithost_offload + type: boolean + default: false + help: 'Offload pending volume delete during volume service startup ' + comment: 'New param' + + - name: keystone_authtoken.auth_host + type: host + default: '127.0.0.1' + help: 'Host providing the admin Identity API endpoint' + comment: 'New param' + + - name: keystone_authtoken.auth_port + type: port + default: 35357 + help: 'Port of the admin Identity API endpoint' + comment: 'New param' + + - name: keystone_authtoken.auth_protocol + type: string + default: 'http' + help: 'Protocol of the admin Identity API endpoint' + comment: 'New param' + + - name: keystone_authtoken.admin_tenant_name + type: string + default: '%SERVICE_TENANT_NAME%' + help: 'Keystone service account tenant name to validate user tokens' + comment: 'New param' + + - name: keystone_authtoken.admin_user + type: string + default: '%SERVICE_USER%' + help: 'Keystone account username' + comment: 'New param' + + - name: keystone_authtoken.admin_password + type: string + default: '%SERVICE_PASSWORD%' + help: 'Keystone account password' + comment: 'New param' + + - name: keystone_authtoken.signing_dir + type: string + default: '/var/lib/cinder/keystone-signing' + help: 'Directory used to cache files related to PKI tokens signing_dir is configurable, but the default behavior of the authtoken middleware should be sufficient. It will create a temporary directory in the home directory for the user the cinder process is running as.' + comment: 'New param' + +# ==================================================== diff --git a/rubick/schemas/foo/foo.conf.yml b/rubick/schemas/foo/foo.conf.yml new file mode 100644 index 0000000..2a196e0 --- /dev/null +++ b/rubick/schemas/foo/foo.conf.yml @@ -0,0 +1,75 @@ +- version: '1' + checkpoint: true + added: + + - name: param1 + type: string + default: 'foobar' + help: 'blah blah' + comment: 'New param' + + - name: param2 + type: integer + default: 123 + comment: 'New param' + +# ==================================================== + +- version: '1' + checkpoint: true + added: + + - name: param1 + type: string + default: 'foobar' + help: 'blah blah' + comment: 'New param' + + - name: param2 + type: integer + default: 123 + comment: 'New param' + +# ==================================================== + +- version: '2' + added: + + - name: param1 + type: string + default: 'foobarbaz' + help: 'blah blah' + comment: 'Default value has changed' + +# ==================================================== + +- version: '2' + added: + + - name: param1 + type: string + default: 'foobarbaz' + help: 'blah blah' + comment: 'Default value has changed' + +# ==================================================== + +- version: '3' + checkpoint: true + added: + + - name: param1 + type: integer + comment: 'Type has changed' + +# ==================================================== + +- version: '3' + checkpoint: true + added: + + - name: param1 + type: integer + comment: 'Type has changed' + +# ==================================================== diff --git a/rubick/schemas/glance_api/glance_api.conf.yml b/rubick/schemas/glance_api/glance_api.conf.yml new file mode 100644 index 0000000..9f1810e --- /dev/null +++ b/rubick/schemas/glance_api/glance_api.conf.yml @@ -0,0 +1,669 @@ +- version: '2013.2.1' + checkpoint: true + added: + + - name: verbose + type: string + default: 'False' + help: 'Show more verbose log output (sets INFO log level output)' + comment: 'New param' + + - name: debug + type: string + default: 'False' + help: 'Show debugging output in logs (sets DEBUG log level output)' + comment: 'New param' + + - name: default_store + type: string + default: 'file' + help: "Which backend scheme should Glance use by default is not specified in a request to add a new image to Glance? Known schemes are determined by the known_stores option below. Default: 'file'" + comment: 'New param' + + - name: known_stores + type: string + default: 'glance.store.filesystem.Store,' + help: 'List of which store classes and store class locations are currently known to glance at startup.' + comment: 'New param' + + - name: image_size_cap + type: string + default: '1099511627776' + help: 'Maximum image size (in bytes) that may be uploaded through the Glance API server. Defaults to 1 TB. WARNING: this value should only be increased after careful consideration and must be set to a value under 8 EB (9223372036854775808).' + comment: 'New param' + + - name: bind_host + type: host + default: '0.0.0.0' + help: 'Address to bind the API server' + comment: 'New param' + + - name: bind_port + type: string + default: '9292' + help: 'Port the bind the API server to' + comment: 'New param' + + - name: log_file + type: string + default: '/var/log/glance/api.log' + help: 'Log to this file. Make sure you do not set the same log file for both the API and registry servers!' + comment: 'New param' + + - name: backlog + type: string + default: '4096' + help: 'Backlog requests when creating socket' + comment: 'New param' + + - name: tcp_keepidle + type: string + default: '600' + help: 'TCP_KEEPIDLE value in seconds when creating socket. Not supported on OS X.' + comment: 'New param' + + - name: sql_connection + type: string + default: 'sqlite:///glance.sqlite' + help: 'SQLAlchemy connection string for the reference implementation registry server. Any valid SQLAlchemy connection string is fine. See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine' + comment: 'New param' + + - name: sql_idle_timeout + type: string + default: '3600' + help: "MySQL uses a default `wait_timeout` of 8 hours, after which it will drop idle connections. This can result in 'MySQL Gone Away' exceptions. If you notice this, you can lower this value to ensure that SQLAlchemy reconnects before MySQL can drop the connection." + comment: 'New param' + + - name: workers + type: string + default: '1' + help: 'Number of Glance API worker processes to start. On machines with more than one CPU increasing this value may improve performance (especially if using SSL with compression turned on). It is typically recommended to set this value to the number of CPUs present on your machine.' + comment: 'New param' + + - name: admin_role + type: string + default: 'admin' + help: 'Role used to identify an authenticated user as administrator' + comment: 'New param' + + - name: allow_anonymous_access + type: string + default: 'False' + help: 'Allow unauthenticated users to access the API with read-only privileges. This only applies when using ContextMiddleware.' + comment: 'New param' + + - name: enable_v1_api + type: string + default: 'True' + help: 'Allow access to version 1 of glance api' + comment: 'New param' + + - name: enable_v2_api + type: string + default: 'True' + help: 'Allow access to version 2 of glance api' + comment: 'New param' + + - name: show_image_direct_url + type: string + default: 'False' + help: "Return the URL that references where the data is stored on the backend storage system. For example, if using the file system store a URL of 'file:///path/to/image' will be returned to the user in the 'direct_url' meta-data field. The default value is false." + comment: 'New param' + + - name: send_identity_headers + type: string + default: 'False' + help: 'Send headers containing user and tenant information when making requests to the v1 glance registry. This allows the registry to function as if a user is authenticated without the need to authenticate a user itself using the auth_token middleware. The default value is false.' + comment: 'New param' + + - name: container_formats + type: string + default: 'ami,ari,aki,bare,ovf' + help: "Supported values for the 'container_format' image attribute" + comment: 'New param' + + - name: disk_formats + type: string + default: 'ami,ari,aki,vhd,vmdk,raw,qcow2,vdi,iso' + help: "Supported values for the 'disk_format' image attribute" + comment: 'New param' + + - name: lock_path + type: string + default: 'None' + help: 'Directory to use for lock files. Default to a temp directory (string value). This setting needs to be the same for both glance-scrubber and glance-api.' + comment: 'New param' + + - name: property_protection_file + type: string + default: '' + help: "Property Protections config file This file contains the rules for property protections and the roles associated with it. If this config value is not specified, by default, property protections won't be enforced. If a value is specified and the file is not found, then an HTTPInternalServerError will be thrown." + comment: 'New param' + + - name: user_storage_quota + type: string + default: '0' + help: 'Set a system wide quota for every user. This value is the total number of bytes that a user can use across all storage systems. A value of 0 means unlimited.' + comment: 'New param' + + - name: use_syslog + type: string + default: 'False' + help: 'Send logs to syslog (/dev/log) instead of to file specified by `log_file`' + comment: 'New param' + + - name: syslog_log_facility + type: string + default: 'LOG_LOCAL0' + help: 'Facility to use. If unset defaults to LOG_USER.' + comment: 'New param' + + - name: cert_file + type: string + default: '/path/to/certfile' + help: 'Certificate file to use when starting API server securely' + comment: 'New param' + + - name: key_file + type: string + default: '/path/to/keyfile' + help: 'Private key file to use when starting API server securely' + comment: 'New param' + + - name: ca_file + type: string + default: '/path/to/cafile' + help: 'CA certificate file to use to verify connecting clients' + comment: 'New param' + + - name: metadata_encryption_key + type: string + default: '<16, 24 or 32 char registry metadata key>' + help: "AES key for encrypting store 'location' metadata, including -- if used -- Swift or S3 credentials Should be set to a random string of length 16, 24 or 32 bytes" + comment: 'New param' + + - name: registry_host + type: host + default: '0.0.0.0' + help: 'Address to find the registry server' + comment: 'New param' + + - name: registry_port + type: string + default: '9191' + help: 'Port the registry server is listening on' + comment: 'New param' + + - name: registry_client_protocol + type: string + default: 'http' + help: 'What protocol to use when connecting to the registry server? Set to https for secure HTTP communication' + comment: 'New param' + + - name: registry_client_key_file + type: string + default: '/path/to/key/file' + help: 'The path to the key file to use in SSL connections to the registry server, if any. Alternately, you may set the GLANCE_CLIENT_KEY_FILE environ variable to a filepath of the key file' + comment: 'New param' + + - name: registry_client_cert_file + type: string + default: '/path/to/cert/file' + help: 'The path to the cert file to use in SSL connections to the registry server, if any. Alternately, you may set the GLANCE_CLIENT_CERT_FILE environ variable to a filepath of the cert file' + comment: 'New param' + + - name: registry_client_ca_file + type: string + default: '/path/to/ca/file' + help: 'The path to the certifying authority cert file to use in SSL connections to the registry server, if any. Alternately, you may set the GLANCE_CLIENT_CA_FILE environ variable to a filepath of the CA cert file' + comment: 'New param' + + - name: registry_client_insecure + type: string + default: 'False' + help: "When using SSL in connections to the registry server, do not require validation via a certifying authority. This is the registry's equivalent of specifying --insecure on the command line using glanceclient for the API Default: False" + comment: 'New param' + + - name: registry_client_timeout + type: string + default: '600' + help: "The period of time, in seconds, that the API server will wait for a registry request to complete. A value of '0' implies no timeout. Default: 600" + comment: 'New param' + + - name: db_auto_create + type: string + default: 'False' + help: 'Whether to automatically create the database tables. Default: False' + comment: 'New param' + + - name: sqlalchemy_debug + type: string + default: 'True' + help: 'Enable DEBUG log messages from sqlalchemy which prints every database query and response. Default: False' + comment: 'New param' + + - name: notifier_strategy + type: string + default: 'noop' + help: 'Notifications can be sent when images are create, updated or deleted. There are three methods of sending notifications, logging (via the log_file directive), rabbit (via a rabbitmq queue), qpid (via a Qpid message queue), or noop (no notifications sent, the default)' + comment: 'New param' + + - name: rabbit_host + type: host + default: 'localhost' + help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' + comment: 'New param' + + - name: rabbit_port + type: string + default: '5672' + help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' + comment: 'New param' + + - name: rabbit_use_ssl + type: string + default: 'false' + help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' + comment: 'New param' + + - name: rabbit_userid + type: string + default: 'guest' + help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' + comment: 'New param' + + - name: rabbit_password + type: string + default: 'guest' + help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' + comment: 'New param' + + - name: rabbit_virtual_host + type: string + default: '/' + help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' + comment: 'New param' + + - name: rabbit_notification_exchange + type: string + default: 'glance' + help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' + comment: 'New param' + + - name: rabbit_notification_topic + type: string + default: 'notifications' + help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' + comment: 'New param' + + - name: rabbit_durable_queues + type: string + default: 'False' + help: 'Configuration options if sending notifications via rabbitmq (these are the defaults)' + comment: 'New param' + + - name: qpid_notification_exchange + type: string + default: 'glance' + help: 'Configuration options if sending notifications via Qpid (these are the defaults)' + comment: 'New param' + + - name: qpid_notification_topic + type: string + default: 'notifications' + help: 'Configuration options if sending notifications via Qpid (these are the defaults)' + comment: 'New param' + + - name: qpid_host + type: host + default: 'localhost' + help: 'Configuration options if sending notifications via Qpid (these are the defaults)' + comment: 'New param' + + - name: qpid_port + type: string + default: '5672' + help: 'Configuration options if sending notifications via Qpid (these are the defaults)' + comment: 'New param' + + - name: qpid_username + type: string + default: '' + help: 'Configuration options if sending notifications via Qpid (these are the defaults)' + comment: 'New param' + + - name: qpid_password + type: string + default: '' + help: 'Configuration options if sending notifications via Qpid (these are the defaults)' + comment: 'New param' + + - name: qpid_sasl_mechanisms + type: string + default: '' + help: 'Configuration options if sending notifications via Qpid (these are the defaults)' + comment: 'New param' + + - name: qpid_reconnect_timeout + type: string + default: '0' + help: 'Configuration options if sending notifications via Qpid (these are the defaults)' + comment: 'New param' + + - name: qpid_reconnect_limit + type: string + default: '0' + help: 'Configuration options if sending notifications via Qpid (these are the defaults)' + comment: 'New param' + + - name: qpid_reconnect_interval_min + type: string + default: '0' + help: 'Configuration options if sending notifications via Qpid (these are the defaults)' + comment: 'New param' + + - name: qpid_reconnect_interval_max + type: string + default: '0' + help: 'Configuration options if sending notifications via Qpid (these are the defaults)' + comment: 'New param' + + - name: qpid_reconnect_interval + type: string + default: '0' + help: 'Configuration options if sending notifications via Qpid (these are the defaults)' + comment: 'New param' + + - name: qpid_heartbeat + type: string + default: '5' + help: 'Configuration options if sending notifications via Qpid (these are the defaults)' + comment: 'New param' + + - name: qpid_protocol + type: string + default: 'tcp' + help: "Configuration options if sending notifications via Qpid (these are the defaults) Set to 'ssl' to enable SSL" + comment: 'New param' + + - name: qpid_tcp_nodelay + type: string + default: 'True' + help: "Configuration options if sending notifications via Qpid (these are the defaults) Set to 'ssl' to enable SSL" + comment: 'New param' + + - name: filesystem_store_datadir + type: string + default: '/var/lib/glance/images/' + help: 'Directory that the Filesystem backend store writes image data to' + comment: 'New param' + + - name: filesystem_store_metadata_file + type: string + default: 'None' + help: 'A path to a JSON file that contains metadata describing the storage system. When show_multiple_locations is True the information in this file will be returned with any location that is contained in this store.' + comment: 'New param' + + - name: swift_store_auth_version + type: string + default: '2' + help: "Version of the authentication service to use Valid versions are '2' for keystone and '1' for swauth and rackspace" + comment: 'New param' + + - name: swift_store_auth_address + type: string + default: '127.0.0.1:5000/v2.0/' + help: "Address where the Swift authentication service lives Valid schemes are 'http://' and 'https://' If no scheme specified, default to 'https://' For swauth, use something like '127.0.0.1:8080/v1.0/'" + comment: 'New param' + + - name: swift_store_user + type: string + default: 'jdoe:jdoe' + help: "User to authenticate against the Swift authentication service If you use Swift authentication service, set it to 'account':'user' where 'account' is a Swift storage account and 'user' is a user in that account" + comment: 'New param' + + - name: swift_store_key + type: string + default: 'a86850deb2742ec3cb41518e26aa2d89' + help: 'Auth key for the user authenticating against the Swift authentication service' + comment: 'New param' + + - name: swift_store_container + type: string + default: 'glance' + help: 'Container within the account that the account should use for storing images in Swift' + comment: 'New param' + + - name: swift_store_create_container_on_put + type: string + default: 'False' + help: 'Do we create the container if it does not exist?' + comment: 'New param' + + - name: swift_store_large_object_size + type: string + default: '5120' + help: 'What size, in MB, should Glance start chunking image files and do a large object manifest in Swift? By default, this is the maximum object size in Swift, which is 5GB' + comment: 'New param' + + - name: swift_store_large_object_chunk_size + type: string + default: '200' + help: 'When doing a large object manifest, what size, in MB, should Glance write chunks to Swift? This amount of data is written to a temporary disk buffer during the process of chunking the image file, and the default is 200MB' + comment: 'New param' + + - name: swift_enable_snet + type: string + default: 'False' + help: "To use ServiceNET for authentication, prefix hostname of `swift_store_auth_address` with 'snet-'. Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/" + comment: 'New param' + + - name: swift_store_multi_tenant + type: string + default: 'False' + help: 'If set to True enables multi-tenant storage mode which causes Glance images to be stored in tenant specific Swift accounts.' + comment: 'New param' + + - name: swift_store_admin_tenants + type: string + default: '' + help: 'A list of swift_proxy_server ACL strings that will be applied as both read and write ACLs to the containers created by Glance in multi-tenant mode. This grants the specified tenants/users read and write access to all newly created image objects. The standard swift_proxy_server ACL string formats are allowed, including: : : *: Multiple ACLs can be combined using a comma separated list, for example: swift_store_admin_tenants = service:glance,*:admin' + comment: 'New param' + + - name: swift_store_region + type: string + default: '' + help: 'The region of the swift_proxy_server endpoint to be used for single tenant. This setting is only necessary if the tenant has multiple swift_proxy_server endpoints.' + comment: 'New param' + + - name: swift_store_ssl_compression + type: string + default: 'True' + help: "If set to False, disables SSL layer compression of https swift_proxy_server requests. Setting to 'False' may improve performance for images which are already in a compressed format, eg qcow2. If set to True, enables SSL layer compression (provided it is supported by the target swift_proxy_server proxy)." + comment: 'New param' + + - name: s3_store_host + type: string + default: '127.0.0.1:8080/v1.0/' + help: "Address where the S3 authentication service lives Valid schemes are 'http://' and 'https://' If no scheme specified, default to 'http://'" + comment: 'New param' + + - name: s3_store_access_key + type: string + default: '<20-char AWS access key>' + help: 'User to authenticate against the S3 authentication service' + comment: 'New param' + + - name: s3_store_secret_key + type: string + default: '<40-char AWS secret key>' + help: 'Auth key for the user authenticating against the S3 authentication service' + comment: 'New param' + + - name: s3_store_bucket + type: string + default: 'glance' + help: "Container within the account that the account should use for storing images in S3. Note that S3 has a flat namespace, so you need a unique bucket name for your glance images. An easy way to do this is append your AWS access key to 'glance'. S3 buckets in AWS *must* be lowercased, so remember to lowercase your AWS access key if you use it in your bucket name below!" + comment: 'New param' + + - name: s3_store_create_bucket_on_put + type: string + default: 'False' + help: 'Do we create the bucket if it does not exist?' + comment: 'New param' + + - name: s3_store_object_buffer_dir + type: string + default: '/path/to/dir' + help: "When sending images to S3, the data will first be written to a temporary buffer on disk. By default the platform's temporary directory will be used. If required, an alternative directory can be specified here." + comment: 'New param' + + - name: s3_store_bucket_url_format + type: string + default: 'subdomain' + help: "When forming a bucket url, boto will either set the bucket name as the subdomain or as the first token of the path. Amazon's S3 service will accept it as the subdomain, but Swift's S3 middleware requires it be in the path. Set this to 'path' or 'subdomain' - defaults to 'subdomain'." + comment: 'New param' + + - name: rbd_store_ceph_conf + type: string + default: '/etc/ceph/ceph.conf' + help: 'Ceph configuration file path If using cephx authentication, this file should include a reference to the right keyring in a client. section' + comment: 'New param' + + - name: rbd_store_user + type: string + default: 'glance' + help: 'RADOS user to authenticate as (only applicable if using cephx)' + comment: 'New param' + + - name: rbd_store_pool + type: string + default: 'images' + help: 'RADOS pool in which images are stored' + comment: 'New param' + + - name: rbd_store_chunk_size + type: string + default: '8' + help: 'Images will be chunked into objects of this size (in megabytes). For best performance, this should be a power of two' + comment: 'New param' + + - name: sheepdog_store_address + type: string + default: 'localhost' + comment: 'New param' + + - name: sheepdog_store_port + type: string + default: '7000' + comment: 'New param' + + - name: sheepdog_store_chunk_size + type: string + default: '64' + help: 'Images will be chunked into objects of this size (in megabytes). For best performance, this should be a power of two' + comment: 'New param' + + - name: cinder_catalog_info + type: string + default: 'volume:cinder:publicURL' + help: 'Info to match when looking for cinder in the service catalog Format is : separated values of the form: :: ' + comment: 'New param' + + - name: cinder_endpoint_template + type: string + default: 'None' + help: 'Override service catalog lookup with template for cinder endpoint e.g. http://localhost:8776/v1/%(project_id)s ' + comment: 'New param' + + - name: os_region_name + type: string + default: 'None' + help: 'Region name of this node ' + comment: 'New param' + + - name: cinder_ca_certificates_file + type: string + default: 'None' + help: 'Location of ca certicates file to use for cinder client requests ' + comment: 'New param' + + - name: cinder_http_retries + type: integer + default: 3 + help: 'Number of cinderclient retries on failed http calls ' + comment: 'New param' + + - name: cinder_api_insecure + type: boolean + default: false + help: 'Allow to perform insecure SSL requests to cinder ' + comment: 'New param' + + - name: delayed_delete + type: string + default: 'False' + help: 'Turn on/off delayed delete' + comment: 'New param' + + - name: scrub_time + type: string + default: '43200' + help: 'Delayed delete time in seconds' + comment: 'New param' + + - name: scrubber_datadir + type: string + default: '/var/lib/glance/scrubber' + help: 'Directory that the scrubber will use to remind itself of what to delete Make sure this is also set in glance-scrubber.conf' + comment: 'New param' + + - name: image_cache_dir + type: string + default: '/var/lib/glance/image-cache/' + help: 'Base directory that the Image Cache uses' + comment: 'New param' + + - name: keystone_authtoken.auth_host + type: host + default: '127.0.0.1' + comment: 'New param' + + - name: keystone_authtoken.auth_port + type: string + default: '35357' + comment: 'New param' + + - name: keystone_authtoken.auth_protocol + type: string + default: 'http' + comment: 'New param' + + - name: keystone_authtoken.admin_tenant_name + type: string + default: '%SERVICE_TENANT_NAME%' + comment: 'New param' + + - name: keystone_authtoken.admin_user + type: string + default: '%SERVICE_USER%' + comment: 'New param' + + - name: keystone_authtoken.admin_password + type: string + default: '%SERVICE_PASSWORD%' + comment: 'New param' + + - name: paste_deploy.config_file + type: string + default: 'glance-api-paste.ini' + help: 'Name of the paste configuration file that defines the available pipelines' + comment: 'New param' + + - name: paste_deploy.flavor + type: string + default: '' + help: "Partial name of a pipeline in your paste configuration file with the service name removed. For example, if your paste section name is [pipeline:glance-api-keystone], you would configure the flavor below as 'keystone'." + comment: 'New param' + +# ==================================================== diff --git a/rubick/schemas/glance_registry/glance_registry.conf.yml b/rubick/schemas/glance_registry/glance_registry.conf.yml new file mode 100644 index 0000000..fdbac38 --- /dev/null +++ b/rubick/schemas/glance_registry/glance_registry.conf.yml @@ -0,0 +1,161 @@ +- version: '2013.2.1' + checkpoint: true + added: + + - name: verbose + type: string + default: 'False' + help: 'Show more verbose log output (sets INFO log level output)' + comment: 'New param' + + - name: debug + type: string + default: 'False' + help: 'Show debugging output in logs (sets DEBUG log level output)' + comment: 'New param' + + - name: bind_host + type: host + default: '0.0.0.0' + help: 'Address to bind the registry server' + comment: 'New param' + + - name: bind_port + type: string + default: '9191' + help: 'Port the bind the registry server to' + comment: 'New param' + + - name: log_file + type: string + default: '/var/log/glance/registry.log' + help: 'Log to this file. Make sure you do not set the same log file for both the API and registry servers!' + comment: 'New param' + + - name: backlog + type: string + default: '4096' + help: 'Backlog requests when creating socket' + comment: 'New param' + + - name: tcp_keepidle + type: string + default: '600' + help: 'TCP_KEEPIDLE value in seconds when creating socket. Not supported on OS X.' + comment: 'New param' + + - name: sql_connection + type: string + default: 'sqlite:///glance.sqlite' + help: 'SQLAlchemy connection string for the reference implementation registry server. Any valid SQLAlchemy connection string is fine. See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine' + comment: 'New param' + + - name: sql_idle_timeout + type: string + default: '3600' + help: "MySQL uses a default `wait_timeout` of 8 hours, after which it will drop idle connections. This can result in 'MySQL Gone Away' exceptions. If you notice this, you can lower this value to ensure that SQLAlchemy reconnects before MySQL can drop the connection." + comment: 'New param' + + - name: api_limit_max + type: string + default: '1000' + help: 'Limit the api to return `param_limit_max` items in a call to a container. If a larger `limit` query param is provided, it will be reduced to this value.' + comment: 'New param' + + - name: limit_param_default + type: string + default: '25' + help: 'If a `limit` query param is not provided in an api request, it will default to `limit_param_default`' + comment: 'New param' + + - name: admin_role + type: string + default: 'admin' + help: 'Role used to identify an authenticated user as administrator' + comment: 'New param' + + - name: db_auto_create + type: string + default: 'False' + help: 'Whether to automatically create the database tables. Default: False' + comment: 'New param' + + - name: sqlalchemy_debug + type: string + default: 'True' + help: 'Enable DEBUG log messages from sqlalchemy which prints every database query and response. Default: False' + comment: 'New param' + + - name: use_syslog + type: string + default: 'False' + help: 'Send logs to syslog (/dev/log) instead of to file specified by `log_file`' + comment: 'New param' + + - name: syslog_log_facility + type: string + default: 'LOG_LOCAL1' + help: 'Facility to use. If unset defaults to LOG_USER.' + comment: 'New param' + + - name: cert_file + type: string + default: '/path/to/certfile' + help: 'Certificate file to use when starting registry server securely' + comment: 'New param' + + - name: key_file + type: string + default: '/path/to/keyfile' + help: 'Private key file to use when starting registry server securely' + comment: 'New param' + + - name: ca_file + type: string + default: '/path/to/cafile' + help: 'CA certificate file to use to verify connecting clients' + comment: 'New param' + + - name: keystone_authtoken.auth_host + type: host + default: '127.0.0.1' + comment: 'New param' + + - name: keystone_authtoken.auth_port + type: string + default: '35357' + comment: 'New param' + + - name: keystone_authtoken.auth_protocol + type: string + default: 'http' + comment: 'New param' + + - name: keystone_authtoken.admin_tenant_name + type: string + default: '%SERVICE_TENANT_NAME%' + comment: 'New param' + + - name: keystone_authtoken.admin_user + type: string + default: '%SERVICE_USER%' + comment: 'New param' + + - name: keystone_authtoken.admin_password + type: string + default: '%SERVICE_PASSWORD%' + comment: 'New param' + + - name: paste_deploy.config_file + type: string + default: 'glance-registry-paste.ini' + help: 'Name of the paste configuration file that defines the available pipelines' + comment: 'New param' + + - name: paste_deploy.flavor + type: string + default: '' + help: "Partial name of a pipeline in your paste configuration file with the service name removed. For example, if your paste section name is [pipeline:glance-registry-keystone], you would configure the flavor below as 'keystone'." + comment: 'New param' + +# ==================================================== diff --git a/rubick/schemas/keystone/keystone.conf.yml b/rubick/schemas/keystone/keystone.conf.yml new file mode 100644 index 0000000..4df1cad --- /dev/null +++ b/rubick/schemas/keystone/keystone.conf.yml @@ -0,0 +1,998 @@ +- version: '2013.1.3' + checkpoint: true + added: + + - name: admin_token + type: string + default: 'ADMIN' + help: "A 'shared secret' between keystone and other openstack services" + comment: 'New param' + + - name: bind_host + type: host + default: '0.0.0.0' + help: 'The IP address of the network interface to listen on' + comment: 'New param' + + - name: public_port + type: port + default: 5000 + help: 'The port number which the public service listens on' + comment: 'New param' + + - name: admin_port + type: port + default: 35357 + help: 'The port number which the public admin listens on' + comment: 'New param' + + - name: public_endpoint + type: string + default: 'http://localhost:%(public_port)s/' + help: 'The base endpoint URLs for keystone that are advertised to clients (NOTE: this does NOT affect how keystone listens for connections)' + comment: 'New param' + + - name: admin_endpoint + type: string + default: 'http://localhost:%(admin_port)s/' + comment: 'New param' + + - name: compute_port + type: port + default: 8774 + help: 'The port number which the OpenStack Compute service listens on' + comment: 'New param' + + - name: policy_file + type: string + default: 'policy.json' + help: 'Path to your policy definition containing identity actions' + comment: 'New param' + + - name: policy_default_rule + type: string + default: 'admin_required' + help: 'Rule to check if no matching policy definition is found FIXME(dolph): This should really be defined as [policy] default_rule' + comment: 'New param' + + - name: member_role_id + type: string + default: '9fe2ff9ee4384b1894a90878d3e92bab' + help: 'Role for migrating membership relationships During a SQL upgrade, the following values will be used to create a new role that will replace records in the user_tenant_membership table with explicit role grants. After migration, the member_role_id will be used in the API add_user_to_project, and member_role_name will be ignored.' + comment: 'New param' + + - name: member_role_name + type: string + default: '_member_' + comment: 'New param' + + - name: max_request_body_size + type: string + default: '114688' + help: 'enforced by optional sizelimit middleware (keystone.middleware:RequestBodySizeLimiter)' + comment: 'New param' + + - name: max_param_size + type: integer + default: 64 + help: 'limit the sizes of user & tenant ID/names' + comment: 'New param' + + - name: max_token_size + type: integer + default: 8192 + help: 'similar to max_param_size, but provides an exception for token values' + comment: 'New param' + + - name: debug + type: boolean + default: false + help: '=== Logging Options === Print debugging output (includes plaintext request logging, potentially including passwords)' + comment: 'New param' + + - name: verbose + type: boolean + default: false + help: 'Print more verbose output' + comment: 'New param' + + - name: log_file + type: string + default: 'keystone.log' + help: 'Name of log file to output to. If not set, logging will go to stdout.' + comment: 'New param' + + - name: log_dir + type: string + default: '/var/log/keystone' + help: 'The directory to keep log files in (will be prepended to --logfile)' + comment: 'New param' + + - name: use_syslog + type: boolean + default: false + help: 'Use syslog for logging.' + comment: 'New param' + + - name: syslog_log_facility + type: string + default: 'LOG_USER' + help: 'syslog facility to receive log lines' + comment: 'New param' + + - name: log_config + type: string + default: 'logging.conf' + help: 'If this option is specified, the logging configuration file specified is used and overrides any other logging options specified. Please see the Python logging module documentation for details on logging configuration files.' + comment: 'New param' + + - name: log_format + type: string + default: '%(asctime)s %(levelname)8s [%(name)s] %(message)s' + help: 'A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes.' + comment: 'New param' + + - name: log_date_format + type: string + default: '%Y-%m-%d %H:%M:%S' + help: 'Format string for %(asctime)s in log records.' + comment: 'New param' + + - name: onready + type: string + default: 'keystone.common.systemd' + help: 'onready allows you to send a notification when the process is ready to serve For example, to have it notify using systemd, one could set shell command: onready = systemd-notify --ready or a module with notify() method:' + comment: 'New param' + + - name: default_notification_level + type: string + default: 'INFO' + help: 'Default notification level for outgoing notifications' + comment: 'New param' + + - name: default_publisher_id + type: string + default: '' + help: 'Default publisher_id for outgoing notifications; included in the payload.' + comment: 'New param' + + - name: rpc_backend + type: string + default: 'keystone.openstack.common.rpc.impl_kombu' + help: 'The messaging module to use, defaults to kombu.' + comment: 'New param' + + - name: rpc_thread_pool_size + type: integer + default: 64 + help: 'Size of RPC thread pool' + comment: 'New param' + + - name: rpc_conn_pool_size + type: integer + default: 30 + help: 'Size of RPC connection pool' + comment: 'New param' + + - name: rpc_response_timeout + type: integer + default: 60 + help: 'Seconds to wait for a response from call or multicall' + comment: 'New param' + + - name: rpc_cast_timeout + type: integer + default: 30 + help: 'Seconds to wait before a cast expires (TTL). Only supported by impl_zmq.' + comment: 'New param' + + - name: fake_rabbit + type: boolean + default: false + help: 'If True, use a fake RabbitMQ provider' + comment: 'New param' + + - name: control_exchange + type: string + default: 'openstack' + help: 'AMQP exchange to connect to if using RabbitMQ or Qpid' + comment: 'New param' + + - name: sql.connection + type: string + default: 'sqlite:///keystone.db' + help: 'The SQLAlchemy connection string used to connect to the database' + comment: 'New param' + + - name: sql.idle_timeout + type: integer + default: 200 + help: 'the timeout before idle sql connections are reaped' + comment: 'New param' + + - name: oauth1.driver + type: string + default: 'keystone.contrib.oauth1.backends.sql.OAuth1' + comment: 'New param' + + - name: identity.default_domain_id + type: string + default: 'default' + help: 'This references the domain to use for all Identity API v2 requests (which are not aware of domains). A domain with this ID will be created for you by keystone-manage db_sync in migration 008. The domain referenced by this ID cannot be deleted on the v3 API, to prevent accidentally breaking the v2 API. There is nothing special about this domain, other than the fact that it must exist to order to maintain support for your v2 clients.' + comment: 'New param' + + - name: identity.domain_specific_drivers_enabled + type: boolean + default: false + help: 'A subset (or all) of domains can have their own identity driver, each with their own partial configuration file in a domain configuration directory. Only' + comment: 'New param' + + - name: identity.domain_config_dir + type: string + default: '/etc/keystone/domains' + comment: 'New param' + + - name: identity.max_password_length + type: integer + default: 4096 + help: 'Maximum supported length for user passwords; decrease to improve performance.' + comment: 'New param' + + - name: cache.enabled + type: boolean + default: false + help: 'Global cache functionality toggle.' + comment: 'New param' + + - name: catalog.template_file + type: string + default: 'default_catalog.templates' + comment: 'New param' + + - name: endpoint_filter.return_all_endpoints_if_no_filter + type: boolean + default: true + comment: 'New param' + + - name: token.provider + type: string + default: '' + help: 'Controls the token construction, validation, and revocation operations. Core providers are keystone.token.providers.[pki|uuid].Provider' + comment: 'New param' + + - name: token.expiration + type: integer + default: 86400 + help: 'Amount of time a token should remain valid (in seconds)' + comment: 'New param' + + - name: token.bind + type: string + default: '' + help: 'External auth mechanisms that should add bind information to token. eg kerberos, x509' + comment: 'New param' + + - name: token.enforce_token_bind + type: string + default: 'permissive' + help: 'Enforcement policy on tokens presented to keystone with bind information. One of disabled, permissive, strict, required or a specifically required bind mode e.g. kerberos or x509 to require binding to that authentication.' + comment: 'New param' + + - name: assignment.caching + type: boolean + default: true + help: 'Assignment specific caching toggle. This has no effect unless the global caching option is set to True' + comment: 'New param' + + - name: assignment.cache_time + type: integer + default: false + help: 'Assignment specific cache time-to-live (TTL) in seconds.' + comment: 'New param' + + - name: token.revocation_cache_time + type: integer + default: 3600 + help: 'Revocation-List specific cache time-to-live (TTL) in seconds.' + comment: 'New param' + + - name: cache.config_prefix + type: string + default: 'cache.keystone' + help: 'Prefix for building the configuration dictionary for the cache region. This should not need to be changed unless there is another dogpile.cache region with the same configuration name' + comment: 'New param' + + - name: cache.backend + type: string + default: 'keystone.common.cache.noop' + help: 'Dogpile.cache backend module. It is recommended that Memcache (dogpile.cache.memcache) or Redis (dogpile.cache.redis) be used in production deployments. Small workloads (single process) like devstack can use the dogpile.cache.memory backend.' + comment: 'New param' + + - name: cache.backend_argument + type: string + default: '' + help: 'Arguments supplied to the backend module. Specify this option once per argument to be passed to the dogpile.cache backend. Example format: :' + comment: 'New param' + + - name: cache.proxies + type: string + default: '' + help: 'Proxy Classes to import that will affect the way the dogpile.cache backend functions. See the dogpile.cache documentation on changing-backend-behavior. Comma delimited list e.g. my.dogpile.proxy.Class, my.dogpile.proxyClass2' + comment: 'New param' + + - name: cache.use_key_mangler + type: boolean + default: true + help: 'Use a key-mangling function (sha1) to ensure fixed length cache-keys. This is toggle-able for debugging purposes, it is highly recommended to always leave this set to True.' + comment: 'New param' + + - name: cache.debug_cache_backend + type: boolean + default: false + help: 'Extra debugging from the cache backend (cache keys, get/set/delete/etc calls) This is only really useful if you need to see the specific cache-backend get/set/delete calls with the keys/values. Typically this should be left set to False.' + comment: 'New param' + + - name: oauth1.request_token_duration + type: integer + default: 28800 + help: 'The Identity service may include expire attributes. If no such attribute is included, then the token lasts indefinitely. Specify how quickly the request token will expire (in seconds)' + comment: 'New param' + + - name: oauth1.access_token_duration + type: integer + default: 86400 + help: 'Specify how quickly the access token will expire (in seconds)' + comment: 'New param' + + - name: ssl.enable + type: boolean + default: true + comment: 'New param' + + - name: signing.certfile + type: string + default: '/etc/keystone/pki/certs/signing_cert.pem' + comment: 'New param' + + - name: signing.keyfile + type: string + default: '/etc/keystone/pki/private/signing_key.pem' + comment: 'New param' + + - name: signing.ca_certs + type: string + default: '/etc/keystone/pki/certs/cacert.pem' + comment: 'New param' + + - name: signing.ca_key + type: string + default: '/etc/keystone/pki/private/cakey.pem' + comment: 'New param' + + - name: signing.key_size + type: integer + default: 2048 + comment: 'New param' + + - name: signing.valid_days + type: integer + default: 3650 + comment: 'New param' + + - name: ssl.cert_required + type: boolean + default: false + comment: 'New param' + + - name: signing.cert_subject + type: string + default: '/CUS/STUnset/LUnset/OUnset/CNwww.example.com' + comment: 'New param' + + - name: signing.token_format + type: string + default: '' + help: 'Deprecated in favor of provider in the [token] section Allowed values are PKI or UUID' + comment: 'New param' + + - name: ldap.url + type: string + default: 'ldap://localhost' + comment: 'New param' + + - name: ldap.user + type: string + default: 'dcManager,dcexample,dccom' + comment: 'New param' + + - name: auth.password + type: string + default: 'keystone.auth.plugins.password.Password' + comment: 'New param' + + - name: ldap.suffix + type: string + default: 'cnexample,cncom' + comment: 'New param' + + - name: ldap.use_dumb_member + type: boolean + default: false + comment: 'New param' + + - name: ldap.allow_subtree_delete + type: boolean + default: false + comment: 'New param' + + - name: ldap.dumb_member + type: string + default: 'cndumb,dcexample,dccom' + comment: 'New param' + + - name: ldap.page_size + type: integer + default: false + help: "Maximum results per page; a value of zero ('0') disables paging (default)" + comment: 'New param' + + - name: ldap.alias_dereferencing + type: string + default: 'default' + help: "The LDAP dereferencing option for queries. This can be either 'never', 'searching', 'always', 'finding' or 'default'. The 'default' option falls back to using default dereferencing configured by your ldap.conf." + comment: 'New param' + + - name: ldap.query_scope + type: string + default: 'one' + help: "The LDAP scope for queries, this can be either 'one' (onelevel/singleLevel) or 'sub' (subtree/wholeSubtree)" + comment: 'New param' + + - name: ldap.user_tree_dn + type: string + default: 'ouUsers,dcexample,dccom' + comment: 'New param' + + - name: ldap.user_filter + type: string + default: '' + comment: 'New param' + + - name: ldap.user_objectclass + type: string + default: 'inetOrgPerson' + comment: 'New param' + + - name: ldap.user_domain_id_attribute + type: string + default: 'businessCategory' + comment: 'New param' + + - name: ldap.user_id_attribute + type: string + default: 'cn' + comment: 'New param' + + - name: ldap.user_name_attribute + type: string + default: 'sn' + comment: 'New param' + + - name: ldap.user_mail_attribute + type: string + default: 'email' + comment: 'New param' + + - name: ldap.user_pass_attribute + type: string + default: 'userPassword' + comment: 'New param' + + - name: ldap.user_enabled_attribute + type: string + default: 'enabled' + comment: 'New param' + + - name: ldap.user_enabled_mask + type: integer + default: false + comment: 'New param' + + - name: ldap.user_enabled_default + type: boolean + default: true + comment: 'New param' + + - name: ldap.user_attribute_ignore + type: string + default: 'tenant_id,tenants' + comment: 'New param' + + - name: ldap.user_allow_create + type: boolean + default: true + comment: 'New param' + + - name: ldap.user_allow_update + type: boolean + default: true + comment: 'New param' + + - name: ldap.user_allow_delete + type: boolean + default: true + comment: 'New param' + + - name: ldap.user_enabled_emulation + type: boolean + default: false + comment: 'New param' + + - name: ldap.user_enabled_emulation_dn + type: string + default: '' + comment: 'New param' + + - name: ldap.tenant_tree_dn + type: string + default: 'ouProjects,dcexample,dccom' + comment: 'New param' + + - name: ldap.tenant_filter + type: string + default: '' + comment: 'New param' + + - name: ldap.tenant_objectclass + type: string + default: 'groupOfNames' + comment: 'New param' + + - name: ldap.tenant_domain_id_attribute + type: string + default: 'businessCategory' + comment: 'New param' + + - name: ldap.tenant_id_attribute + type: string + default: 'cn' + comment: 'New param' + + - name: ldap.tenant_member_attribute + type: string + default: 'member' + comment: 'New param' + + - name: ldap.tenant_name_attribute + type: string + default: 'ou' + comment: 'New param' + + - name: ldap.tenant_desc_attribute + type: string + default: 'desc' + comment: 'New param' + + - name: ldap.tenant_enabled_attribute + type: string + default: 'enabled' + comment: 'New param' + + - name: ldap.tenant_attribute_ignore + type: string + default: '' + comment: 'New param' + + - name: ldap.tenant_allow_create + type: boolean + default: true + comment: 'New param' + + - name: ldap.tenant_allow_update + type: boolean + default: true + comment: 'New param' + + - name: ldap.tenant_allow_delete + type: boolean + default: true + comment: 'New param' + + - name: ldap.tenant_enabled_emulation + type: boolean + default: false + comment: 'New param' + + - name: ldap.tenant_enabled_emulation_dn + type: string + default: '' + comment: 'New param' + + - name: ldap.role_tree_dn + type: string + default: 'ouRoles,dcexample,dccom' + comment: 'New param' + + - name: ldap.role_filter + type: string + default: '' + comment: 'New param' + + - name: ldap.role_objectclass + type: string + default: 'organizationalRole' + comment: 'New param' + + - name: ldap.role_id_attribute + type: string + default: 'cn' + comment: 'New param' + + - name: ldap.role_name_attribute + type: string + default: 'ou' + comment: 'New param' + + - name: ldap.role_member_attribute + type: string + default: 'roleOccupant' + comment: 'New param' + + - name: ldap.role_attribute_ignore + type: string + default: '' + comment: 'New param' + + - name: ldap.role_allow_create + type: boolean + default: true + comment: 'New param' + + - name: ldap.role_allow_update + type: boolean + default: true + comment: 'New param' + + - name: ldap.role_allow_delete + type: boolean + default: true + comment: 'New param' + + - name: ldap.group_tree_dn + type: string + default: '' + comment: 'New param' + + - name: ldap.group_filter + type: string + default: '' + comment: 'New param' + + - name: ldap.group_objectclass + type: string + default: 'groupOfNames' + comment: 'New param' + + - name: ldap.group_id_attribute + type: string + default: 'cn' + comment: 'New param' + + - name: ldap.group_name_attribute + type: string + default: 'ou' + comment: 'New param' + + - name: ldap.group_member_attribute + type: string + default: 'member' + comment: 'New param' + + - name: ldap.group_desc_attribute + type: string + default: 'desc' + comment: 'New param' + + - name: ldap.group_attribute_ignore + type: string + default: '' + comment: 'New param' + + - name: ldap.group_allow_create + type: boolean + default: true + comment: 'New param' + + - name: ldap.group_allow_update + type: boolean + default: true + comment: 'New param' + + - name: ldap.group_allow_delete + type: boolean + default: true + comment: 'New param' + + - name: ldap.use_tls + type: boolean + default: false + help: 'ldap TLS options if both tls_cacertfile and tls_cacertdir are set then tls_cacertfile will be used and tls_cacertdir is ignored valid options for tls_req_cert are demand, never, and allow' + comment: 'New param' + + - name: ldap.tls_cacertfile + type: string + default: '' + comment: 'New param' + + - name: ldap.tls_cacertdir + type: string + default: '' + comment: 'New param' + + - name: ldap.tls_req_cert + type: string + default: 'demand' + comment: 'New param' + + - name: ldap.user_additional_attribute_mapping + type: string + default: '' + comment: 'New param' + + - name: ldap.domain_additional_attribute_mapping + type: string + default: '' + comment: 'New param' + + - name: ldap.group_additional_attribute_mapping + type: string + default: '' + comment: 'New param' + + - name: ldap.role_additional_attribute_mapping + type: string + default: '' + comment: 'New param' + + - name: ldap.project_additional_attribute_mapping + type: string + default: '' + comment: 'New param' + + - name: auth.methods + type: string + default: 'external,password,token,oauth1' + comment: 'New param' + + - name: auth.external + type: string + default: 'keystone.auth.plugins.external.ExternalDefault' + comment: 'New param' + + - name: auth.token + type: string + default: 'keystone.auth.plugins.token.Token' + comment: 'New param' + + - name: auth.oauth1 + type: string + default: 'keystone.auth.plugins.oauth1.OAuth' + comment: 'New param' + + - name: paste_deploy.config_file + type: string + default: 'keystone-paste.ini' + help: 'Name of the paste configuration file that defines the available pipelines' + comment: 'New param' + +# ==================================================== + +- version: '2013.2.0' + added: + + - name: admin_endpoint + type: string + default: 'http://localhost:%(admin_port)s/' + help: 'The base endpoint URLs for keystone that are advertised to clients (NOTE: this does NOT affect how keystone listens for connections)' + comment: 'Help string has changed' + + - name: member_role_name + type: string + default: '_member_' + help: 'Role for migrating membership relationships During a SQL upgrade, the following values will be used to create a new role that will replace records in the user_tenant_membership table with explicit role grants. After migration, the member_role_id will be used in the API add_user_to_project, and member_role_name will be ignored.' + comment: 'Help string has changed' + + - name: max_param_size + type: string + default: '64' + help: 'limit the sizes of user & tenant ID/names' + comment: 'Type has changed' + + - name: max_token_size + type: string + default: '8192' + help: 'similar to max_param_size, but provides an exception for token values' + comment: 'Type has changed' + + - name: debug + type: string + default: 'False' + help: '=== Logging Options === Print debugging output (includes plaintext request logging, potentially including passwords)' + comment: 'Type has changed' + + - name: verbose + type: string + default: 'False' + help: 'Print more verbose output' + comment: 'Type has changed' + + - name: use_syslog + type: string + default: 'False' + help: 'Use syslog for logging.' + comment: 'Type has changed' + + - name: rpc_thread_pool_size + type: string + default: '64' + help: 'Size of RPC thread pool' + comment: 'Type has changed' + + - name: rpc_conn_pool_size + type: string + default: '30' + help: 'Size of RPC connection pool' + comment: 'Type has changed' + + - name: rpc_response_timeout + type: string + default: '60' + help: 'Seconds to wait for a response from call or multicall' + comment: 'Type has changed' + + - name: rpc_cast_timeout + type: string + default: '30' + help: 'Seconds to wait before a cast expires (TTL). Only supported by impl_zmq.' + comment: 'Type has changed' + + - name: fake_rabbit + type: string + default: 'False' + help: 'If True, use a fake RabbitMQ provider' + comment: 'Type has changed' + + - name: sql.idle_timeout + type: string + default: '200' + help: 'the timeout before idle sql connections are reaped' + comment: 'Type has changed' + + - name: identity.domain_specific_drivers_enabled + type: string + default: 'False' + help: 'A subset (or all) of domains can have their own identity driver, each with their own partial configuration file in a domain configuration directory. Only values specific to the domain need to be placed in the domain specific configuration file. This feature is disabled by default; set domain_specific_drivers_enabled to True to enable.' + comment: 'Type has changed' + + - name: identity.domain_config_dir + type: string + default: '/etc/keystone/domains' + help: 'A subset (or all) of domains can have their own identity driver, each with their own partial configuration file in a domain configuration directory. Only values specific to the domain need to be placed in the domain specific configuration file. This feature is disabled by default; set domain_specific_drivers_enabled to True to enable.' + comment: 'Help string has changed' + + - name: identity.max_password_length + type: string + default: '4096' + help: 'Maximum supported length for user passwords; decrease to improve performance.' + comment: 'Type has changed' + + - name: cache.enabled + type: string + default: 'False' + help: 'Global cache functionality toggle.' + comment: 'Type has changed' + + - name: endpoint_filter.return_all_endpoints_if_no_filter + type: string + default: 'True' + help: 'extension for creating associations between project and endpoints in order to provide a tailored catalog for project-scoped token requests.' + comment: 'Type has changed' + + - name: token.expiration + type: string + default: '86400' + help: 'Amount of time a token should remain valid (in seconds)' + comment: 'Type has changed' + + - name: assignment.caching + type: string + default: 'True' + help: 'Assignment specific caching toggle. This has no effect unless the global caching option is set to True' + comment: 'Type has changed' + + - name: assignment.cache_time + type: string + default: '' + help: 'Assignment specific cache time-to-live (TTL) in seconds.' + comment: 'Type has changed' + + - name: token.revocation_cache_time + type: string + default: '3600' + help: 'Revocation-List specific cache time-to-live (TTL) in seconds.' + comment: 'Type has changed' + + - name: cache.use_key_mangler + type: string + default: 'True' + help: 'Use a key-mangling function (sha1) to ensure fixed length cache-keys. This is toggle-able for debugging purposes, it is highly recommended to always leave this set to True.' + comment: 'Type has changed' + + - name: cache.debug_cache_backend + type: string + default: 'False' + help: 'Extra debugging from the cache backend (cache keys, get/set/delete/etc calls) This is only really useful if you need to see the specific cache-backend get/set/delete calls with the keys/values. Typically this should be left set to False.' + comment: 'Type has changed' + + - name: oauth1.request_token_duration + type: string + default: '28800' + help: 'The Identity service may include expire attributes. If no such attribute is included, then the token lasts indefinitely. Specify how quickly the request token will expire (in seconds)' + comment: 'Type has changed' + + - name: oauth1.access_token_duration + type: string + default: '86400' + help: 'The Identity service may include expire attributes. If no such attribute is included, then the token lasts indefinitely. Specify how quickly the request token will expire (in seconds) Specify how quickly the access token will expire (in seconds)' + comment: 'Type has changed' + + - name: ssl.enable + type: string + default: 'True' + comment: 'Type has changed' + + - name: signing.key_size + type: string + default: '2048' + comment: 'Type has changed' + + - name: signing.valid_days + type: string + default: '3650' + comment: 'Type has changed' + + - name: ssl.cert_required + type: string + default: 'False' + comment: 'Type has changed' + + - name: signing.cert_subject + type: string + default: '/C=US/ST=Unset/L=Unset/O=Unset/CN=www.example.com' + comment: 'Default value has changed' + + - name: notification_driver + type: string + default: 'keystone.openstack.common.notifier.rpc_notifier' + help: 'notification_driver can be defined multiple times Do nothing driver (the default) notification_driver = keystone.openstack.common.notifier.no_op_notifier Logging driver example (not enabled by default) notification_driver = keystone.openstack.common.notifier.log_notifier RPC driver example (not enabled by default)' + comment: 'New param' + + - name: notification_topics + type: string + default: 'notifications' + help: 'AMQP topics to publish to when using the RPC notification driver. Multiple values can be specified by separating with commas. The actual topic names will be %s.%(default_notification_level)s' + comment: 'New param' + + - name: allowed_rpc_exception_modules + type: string + default: 'keystone.openstack.common.exception,nova.exception,cinder.exception,exceptions' + help: 'Modules of exceptions that are permitted to be recreated upon receiving exception data from an rpc call.' + comment: 'New param' + + - name: cache.expiration_time + type: string + default: '600' + help: "Default TTL, in seconds, for any cached item in the dogpile.cache region. This applies to any cached method that doesn't have an explicit cache expiration time defined for it." + comment: 'New param' + +# ==================================================== diff --git a/rubick/schemas/neutron_dhcp_agent/neutron_dhcp_agent.conf.yml b/rubick/schemas/neutron_dhcp_agent/neutron_dhcp_agent.conf.yml new file mode 100644 index 0000000..ac6568c --- /dev/null +++ b/rubick/schemas/neutron_dhcp_agent/neutron_dhcp_agent.conf.yml @@ -0,0 +1,101 @@ +- version: '2013.2.1' + checkpoint: true + added: + + - name: debug + type: string + default: 'False' + help: 'Show debugging output in log (sets DEBUG log level output)' + comment: 'New param' + + - name: resync_interval + type: string + default: '5' + help: 'The DHCP agent will resync its state with Neutron to recover from any transient notification or rpc errors. The interval is number of seconds between attempts.' + comment: 'New param' + + - name: interface_driver + type: string + default: 'neutron.agent.linux.interface.BridgeInterfaceDriver' + help: 'Example of interface_driver option for LinuxBridge' + comment: 'New param' + + - name: ovs_use_veth + type: string + default: 'False' + help: 'Use veth for an OVS interface or not. Support kernels with limited namespace support (e.g. RHEL 6.5) so long as ovs_use_veth is set to True.' + comment: 'New param' + + - name: dhcp_driver + type: string + default: 'neutron.agent.linux.dhcp.Dnsmasq' + help: 'The agent can use other DHCP drivers. Dnsmasq is the simplest and requires no additional setup of the DHCP server.' + comment: 'New param' + + - name: use_namespaces + type: string + default: 'True' + help: 'Allow overlapping IP (Must have kernel build with CONFIG_NET_NS=y and iproute2 package that supports namespaces).' + comment: 'New param' + + - name: enable_isolated_metadata + type: string + default: 'False' + help: 'The DHCP server can assist with providing metadata support on isolated networks. Setting this value to True will cause the DHCP server to append specific host routes to the DHCP request. The metadata service will only be activated when the subnet gateway_ip is None. The guest instance must be configured to request host routes via DHCP (Option 121).' + comment: 'New param' + + - name: enable_metadata_network + type: string + default: 'False' + help: 'Allows for serving metadata requests coming from a dedicated metadata access network whose cidr is 169.254.169.254/16 (or larger prefix), and is connected to a Neutron router from which the VMs send metadata request. In this case DHCP Option 121 will not be injected in VMs, as they will be able to reach 169.254.169.254 through a router. This option requires enable_isolated_metadata = True' + comment: 'New param' + + - name: num_sync_threads + type: string + default: '4' + help: 'Number of threads to use during sync process. Should not exceed connection pool size configured on server.' + comment: 'New param' + + - name: dhcp_confs + type: string + default: '$state_path/dhcp' + help: 'Location to store DHCP server config files' + comment: 'New param' + + - name: dhcp_domain + type: string + default: 'openstacklocal' + help: 'Domain to use for building the hostnames' + comment: 'New param' + + - name: dnsmasq_config_file + type: string + default: '' + help: 'Override the default dnsmasq settings with this file' + comment: 'New param' + + - name: dnsmasq_dns_server + type: string + default: '' + help: 'Use another DNS server before any in /etc/resolv.conf.' + comment: 'New param' + + - name: dnsmasq_lease_max + type: string + default: '16777216' + help: 'Limit number of leases to prevent a denial-of-service.' + comment: 'New param' + + - name: dhcp_lease_relay_socket + type: string + default: '$state_path/dhcp/lease_relay' + help: 'Location to DHCP lease relay UNIX domain socket' + comment: 'New param' + + - name: metadata_proxy_socket + type: string + default: '$state_path/metadata_proxy' + help: 'Location of Metadata Proxy UNIX domain socket' + comment: 'New param' + +# ==================================================== diff --git a/rubick/schemas/neutron_l3_agent/neutron_l3_agent.conf.yml b/rubick/schemas/neutron_l3_agent/neutron_l3_agent.conf.yml new file mode 100644 index 0000000..5649372 --- /dev/null +++ b/rubick/schemas/neutron_l3_agent/neutron_l3_agent.conf.yml @@ -0,0 +1,89 @@ +- version: '2013.2.1' + checkpoint: true + added: + + - name: debug + type: string + default: 'False' + help: 'Show debugging output in log (sets DEBUG log level output)' + comment: 'New param' + + - name: interface_driver + type: string + default: 'neutron.agent.linux.interface.BridgeInterfaceDriver' + help: 'Example of interface_driver option for LinuxBridge' + comment: 'New param' + + - name: ovs_use_veth + type: string + default: 'False' + help: 'Use veth for an OVS interface or not. Support kernels with limited namespace support (e.g. RHEL 6.5) so long as ovs_use_veth is set to True.' + comment: 'New param' + + - name: use_namespaces + type: string + default: 'True' + help: 'Allow overlapping IP (Must have kernel build with CONFIG_NET_NS=y and iproute2 package that supports namespaces).' + comment: 'New param' + + - name: router_id + type: string + default: '' + help: 'This is done by setting the specific router_id.' + comment: 'New param' + + - name: gateway_external_network_id + type: string + default: '' + help: 'Each L3 agent can be associated with at most one external network. This value should be set to the UUID of that external network. If empty, the agent will enforce that only a single external networks exists and use that external network id' + comment: 'New param' + + - name: handle_internal_only_routers + type: string + default: 'True' + help: 'Indicates that this L3 agent should also handle routers that do not have an external network gateway configured. This option should be True only for a single agent in a Neutron deployment, and may be False for all agents if all routers must have an external network gateway' + comment: 'New param' + + - name: external_network_bridge + type: string + default: 'br-ex' + help: 'Name of bridge used for external network traffic. This should be set to empty value for the linux bridge' + comment: 'New param' + + - name: metadata_port + type: string + default: '9697' + help: 'TCP Port used by Neutron metadata server' + comment: 'New param' + + - name: send_arp_for_ha + type: string + default: '3' + help: 'Send this many gratuitous ARPs for HA setup. Set it below or equal to 0 to disable this feature.' + comment: 'New param' + + - name: periodic_interval + type: string + default: '40' + help: "seconds between re-sync routers' data if needed" + comment: 'New param' + + - name: periodic_fuzzy_delay + type: string + default: '5' + help: "seconds to start to sync routers' data after starting agent" + comment: 'New param' + + - name: enable_metadata_proxy + type: string + default: 'True' + help: 'enable_metadata_proxy, which is true by default, can be set to False if the Nova metadata server is not available' + comment: 'New param' + + - name: metadata_proxy_socket + type: string + default: '$state_path/metadata_proxy' + help: 'Location of Metadata Proxy UNIX domain socket' + comment: 'New param' + +# ==================================================== diff --git a/rubick/schemas/neutron_metadata_agent/neutron_metadata_agent.conf.yml b/rubick/schemas/neutron_metadata_agent/neutron_metadata_agent.conf.yml new file mode 100644 index 0000000..6a708d0 --- /dev/null +++ b/rubick/schemas/neutron_metadata_agent/neutron_metadata_agent.conf.yml @@ -0,0 +1,71 @@ +- version: '2013.2.1' + checkpoint: true + added: + + - name: debug + type: string + default: 'True' + help: 'Show debugging output in log (sets DEBUG log level output)' + comment: 'New param' + + - name: auth_url + type: string + default: 'http://localhost:5000/v2.0' + help: 'The Neutron user information for accessing the Neutron API.' + comment: 'New param' + + - name: auth_region + type: string + default: 'RegionOne' + help: 'The Neutron user information for accessing the Neutron API.' + comment: 'New param' + + - name: admin_tenant_name + type: string + default: '%SERVICE_TENANT_NAME%' + help: 'The Neutron user information for accessing the Neutron API.' + comment: 'New param' + + - name: admin_user + type: string + default: '%SERVICE_USER%' + help: 'The Neutron user information for accessing the Neutron API.' + comment: 'New param' + + - name: admin_password + type: string + default: '%SERVICE_PASSWORD%' + help: 'The Neutron user information for accessing the Neutron API.' + comment: 'New param' + + - name: endpoint_type + type: string + default: 'adminURL' + help: 'Network service endpoint type to pull from the keystone catalog' + comment: 'New param' + + - name: nova_metadata_ip + type: string + default: '127.0.0.1' + help: 'IP address used by Nova metadata server' + comment: 'New param' + + - name: nova_metadata_port + type: string + default: '8775' + help: 'TCP Port used by Nova metadata server' + comment: 'New param' + + - name: metadata_proxy_shared_secret + type: string + default: '' + help: 'When proxying metadata requests, Neutron signs the Instance-ID header with a shared secret to prevent spoofing. You may select any string for a secret, but it must match here and in the configuration used by the Nova Metadata Server. NOTE: Nova uses a different key: neutron_metadata_proxy_shared_secret' + comment: 'New param' + + - name: metadata_proxy_socket + type: string + default: '$state_path/metadata_proxy' + help: 'Location of Metadata Proxy UNIX domain socket' + comment: 'New param' + +# ==================================================== diff --git a/rubick/schemas/neutron_openvswitch_agent/neutron_openvswitch_agent.conf.yml b/rubick/schemas/neutron_openvswitch_agent/neutron_openvswitch_agent.conf.yml new file mode 100644 index 0000000..66fb0b3 --- /dev/null +++ b/rubick/schemas/neutron_openvswitch_agent/neutron_openvswitch_agent.conf.yml @@ -0,0 +1,47 @@ +- version: '2013.2.1' + checkpoint: true + added: + + - name: ml2.type_drivers + type: string + default: 'local,flat,vlan,gre,vxlan' + comment: 'New param' + + - name: ml2.tenant_network_types + type: string + default: 'local' + comment: 'New param' + + - name: ml2.mechanism_drivers + type: string + default: '' + help: '(ListOpt) Ordered list of networking mechanism driver entrypoints to be loaded from the neutron.ml2.mechanism_drivers namespace.' + comment: 'New param' + + - name: ml2_type_flat.flat_networks + type: string + default: '' + comment: 'New param' + + - name: ml2_type_vlan.network_vlan_ranges + type: string + default: '' + comment: 'New param' + + - name: ml2_type_gre.tunnel_id_ranges + type: string + default: '' + help: '(ListOpt) Comma-separated list of : tuples enumerating ranges of GRE tunnel IDs that are available for tenant network allocation' + comment: 'New param' + + - name: ml2_type_vxlan.vni_ranges + type: string + default: '' + comment: 'New param' + + - name: ml2_type_vxlan.vxlan_group + type: string + default: '' + comment: 'New param' + +# ==================================================== diff --git a/rubick/schemas/neutron_server/neutron_server.conf.yml b/rubick/schemas/neutron_server/neutron_server.conf.yml new file mode 100644 index 0000000..fd05738 --- /dev/null +++ b/rubick/schemas/neutron_server/neutron_server.conf.yml @@ -0,0 +1,634 @@ +- version: '2013.2.1' + checkpoint: true + added: + + - name: verbose + type: string + default: 'False' + help: 'Default log level is INFO verbose and debug has the same result. One of them will set DEBUG log level output' + comment: 'New param' + + - name: state_path + type: string + default: '/var/lib/neutron' + help: 'Where to store Neutron state files. This directory must be writable by the user executing the agent.' + comment: 'New param' + + - name: lock_path + type: string + default: '$state_path/lock' + help: 'Where to store lock files' + comment: 'New param' + + - name: log_format + type: string + default: '%(asctime)s %(levelname)8s [%(name)s] %(message)s' + comment: 'New param' + + - name: log_date_format + type: string + default: '%Y-%m-%d %H:%M:%S' + comment: 'New param' + + - name: use_syslog + type: string + default: 'False' + comment: 'New param' + + - name: syslog_log_facility + type: string + default: 'LOG_USER' + comment: 'New param' + + - name: use_stderr + type: string + default: 'True' + comment: 'New param' + + - name: publish_errors + type: string + default: 'False' + comment: 'New param' + + - name: bind_host + type: host + default: '0.0.0.0' + help: 'Address to bind the API server' + comment: 'New param' + + - name: bind_port + type: string + default: '9696' + help: 'Port the bind the API server to' + comment: 'New param' + + - name: api_extensions_path + type: string + default: '' + help: "Path to the extensions. Note that this can be a colon-separated list of paths. For example: api_extensions_path = extensions:/path/to/more/extensions:/even/more/extensions The __path__ of neutron.extensions is appended to this, so if your extensions are in there you don't need to specify them here" + comment: 'New param' + + - name: core_plugin + type: string + default: '' + help: 'Neutron plugin provider module' + comment: 'New param' + + - name: service_plugins + type: string + default: '' + help: 'Advanced service modules' + comment: 'New param' + + - name: api_paste_config + type: string + default: 'api-paste.ini' + help: 'Paste configuration file' + comment: 'New param' + + - name: auth_strategy + type: string + default: 'keystone' + help: "The strategy to be used for auth. Supported values are 'keystone'(default), 'noauth'." + comment: 'New param' + + - name: mac_generation_retries + type: string + default: '16' + help: 'Maximum amount of retries to generate a unique MAC address' + comment: 'New param' + + - name: dhcp_lease_duration + type: string + default: '86400' + help: 'DHCP Lease duration (in seconds)' + comment: 'New param' + + - name: dhcp_agent_notification + type: string + default: 'True' + help: 'Allow sending resource operation notification to DHCP agent' + comment: 'New param' + + - name: allow_bulk + type: string + default: 'True' + help: 'Enable or disable bulk create/update/delete operations' + comment: 'New param' + + - name: allow_pagination + type: string + default: 'False' + help: 'Enable or disable bulk create/update/delete operations Enable or disable pagination' + comment: 'New param' + + - name: allow_sorting + type: string + default: 'False' + help: 'Enable or disable bulk create/update/delete operations Enable or disable pagination Enable or disable sorting' + comment: 'New param' + + - name: allow_overlapping_ips + type: string + default: 'False' + help: 'Enable or disable bulk create/update/delete operations Enable or disable pagination Enable or disable sorting Enable or disable overlapping IPs for subnets Attention: the following parameter MUST be set to False if Neutron is being used in conjunction with nova security groups' + comment: 'New param' + + - name: force_gateway_on_subnet + type: string + default: 'False' + help: 'Enable or disable bulk create/update/delete operations Enable or disable pagination Enable or disable sorting Enable or disable overlapping IPs for subnets Attention: the following parameter MUST be set to False if Neutron is being used in conjunction with nova security groups Ensure that configured gateway is on subnet' + comment: 'New param' + + - name: rpc_backend + type: string + default: 'neutron.openstack.common.rpc.impl_zmq' + help: 'ZMQ' + comment: 'New param' + + - name: rpc_thread_pool_size + type: string + default: '64' + help: 'RPC configuration options. Defined in rpc __init__ The messaging module to use, defaults to kombu. Size of RPC thread pool' + comment: 'New param' + + - name: rpc_conn_pool_size + type: string + default: '30' + help: 'RPC configuration options. Defined in rpc __init__ The messaging module to use, defaults to kombu. Size of RPC thread pool Size of RPC connection pool' + comment: 'New param' + + - name: rpc_response_timeout + type: string + default: '60' + help: 'RPC configuration options. Defined in rpc __init__ The messaging module to use, defaults to kombu. Size of RPC thread pool Size of RPC connection pool Seconds to wait for a response from call or multicall' + comment: 'New param' + + - name: rpc_cast_timeout + type: string + default: '30' + help: 'RPC configuration options. Defined in rpc __init__ The messaging module to use, defaults to kombu. Size of RPC thread pool Size of RPC connection pool Seconds to wait for a response from call or multicall Seconds to wait before a cast expires (TTL). Only supported by impl_zmq.' + comment: 'New param' + + - name: allowed_rpc_exception_modules + type: string + default: 'neutron.openstack.common.exception, nova.exception' + help: 'RPC configuration options. Defined in rpc __init__ The messaging module to use, defaults to kombu. Size of RPC thread pool Size of RPC connection pool Seconds to wait for a response from call or multicall Seconds to wait before a cast expires (TTL). Only supported by impl_zmq. Modules of exceptions that are permitted to be recreated upon receiving exception data from an rpc call.' + comment: 'New param' + + - name: control_exchange + type: string + default: 'neutron' + help: 'RPC configuration options. Defined in rpc __init__ The messaging module to use, defaults to kombu. Size of RPC thread pool Size of RPC connection pool Seconds to wait for a response from call or multicall Seconds to wait before a cast expires (TTL). Only supported by impl_zmq. Modules of exceptions that are permitted to be recreated upon receiving exception data from an rpc call. AMQP exchange to connect to if using RabbitMQ or QPID' + comment: 'New param' + + - name: fake_rabbit + type: string + default: 'False' + help: 'If passed, use a fake RabbitMQ provider' + comment: 'New param' + + - name: kombu_ssl_version + type: string + default: '' + help: 'Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled)' + comment: 'New param' + + - name: kombu_ssl_keyfile + type: string + default: '' + help: 'Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled)' + comment: 'New param' + + - name: kombu_ssl_certfile + type: string + default: '' + help: 'Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled)' + comment: 'New param' + + - name: kombu_ssl_ca_certs + type: string + default: '' + help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)'" + comment: 'New param' + + - name: rabbit_host + type: host + default: 'localhost' + help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation" + comment: 'New param' + + - name: rabbit_password + type: string + default: 'guest' + help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server" + comment: 'New param' + + - name: rabbit_port + type: string + default: '5672' + help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server Port where RabbitMQ server is running/listening" + comment: 'New param' + + - name: rabbit_hosts + type: string + default: 'localhost:5672' + help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server Port where RabbitMQ server is running/listening RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port'" + comment: 'New param' + + - name: rabbit_userid + type: string + default: 'guest' + help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server Port where RabbitMQ server is running/listening RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port' User ID used for RabbitMQ connections" + comment: 'New param' + + - name: rabbit_virtual_host + type: string + default: '/' + help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server Port where RabbitMQ server is running/listening RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port' User ID used for RabbitMQ connections Location of a virtual RabbitMQ installation." + comment: 'New param' + + - name: rabbit_max_retries + type: string + default: '0' + help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server Port where RabbitMQ server is running/listening RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port' User ID used for RabbitMQ connections Location of a virtual RabbitMQ installation. Maximum retries with trying to connect to RabbitMQ (the default of 0 implies an infinite retry count)" + comment: 'New param' + + - name: rabbit_retry_interval + type: string + default: '1' + help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server Port where RabbitMQ server is running/listening RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port' User ID used for RabbitMQ connections Location of a virtual RabbitMQ installation. Maximum retries with trying to connect to RabbitMQ (the default of 0 implies an infinite retry count) RabbitMQ connection retry interval" + comment: 'New param' + + - name: rabbit_ha_queues + type: boolean + default: false + help: "Configuration options if sending notifications via kombu rpc (these are the defaults) SSL version to use (valid only if SSL enabled) SSL key file (valid only if SSL enabled) SSL cert file (valid only if SSL enabled) SSL certification authority file (valid only if SSL enabled)' IP address of the RabbitMQ installation Password of the RabbitMQ server Port where RabbitMQ server is running/listening RabbitMQ single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) rabbit_hosts is defaulted to '$rabbit_host:$rabbit_port' User ID used for RabbitMQ connections Location of a virtual RabbitMQ installation. Maximum retries with trying to connect to RabbitMQ (the default of 0 implies an infinite retry count) RabbitMQ connection retry interval Use HA queues in RabbitMQ (x-ha-policy: all).You need to wipe RabbitMQ database when changing this option. " + comment: 'New param' + + - name: qpid_hostname + type: string + default: 'localhost' + help: 'QPID Qpid broker hostname' + comment: 'New param' + + - name: qpid_port + type: string + default: '5672' + help: 'QPID Qpid broker hostname Qpid broker port' + comment: 'New param' + + - name: qpid_hosts + type: string + default: 'localhost:5672' + help: "QPID Qpid broker hostname Qpid broker port Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) qpid_hosts is defaulted to '$qpid_hostname:$qpid_port'" + comment: 'New param' + + - name: qpid_username + type: string + default: "''" + help: "QPID Qpid broker hostname Qpid broker port Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) qpid_hosts is defaulted to '$qpid_hostname:$qpid_port' Username for qpid connection" + comment: 'New param' + + - name: qpid_password + type: string + default: "''" + help: "QPID Qpid broker hostname Qpid broker port Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) qpid_hosts is defaulted to '$qpid_hostname:$qpid_port' Username for qpid connection Password for qpid connection" + comment: 'New param' + + - name: qpid_sasl_mechanisms + type: string + default: "''" + help: "QPID Qpid broker hostname Qpid broker port Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) qpid_hosts is defaulted to '$qpid_hostname:$qpid_port' Username for qpid connection Password for qpid connection Space separated list of SASL mechanisms to use for auth" + comment: 'New param' + + - name: qpid_heartbeat + type: string + default: '60' + help: "QPID Qpid broker hostname Qpid broker port Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) qpid_hosts is defaulted to '$qpid_hostname:$qpid_port' Username for qpid connection Password for qpid connection Space separated list of SASL mechanisms to use for auth Seconds between connection keepalive heartbeats" + comment: 'New param' + + - name: qpid_protocol + type: string + default: 'tcp' + help: "QPID Qpid broker hostname Qpid broker port Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) qpid_hosts is defaulted to '$qpid_hostname:$qpid_port' Username for qpid connection Password for qpid connection Space separated list of SASL mechanisms to use for auth Seconds between connection keepalive heartbeats Transport to use, either 'tcp' or 'ssl'" + comment: 'New param' + + - name: qpid_tcp_nodelay + type: string + default: 'True' + help: "QPID Qpid broker hostname Qpid broker port Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672) qpid_hosts is defaulted to '$qpid_hostname:$qpid_port' Username for qpid connection Password for qpid connection Space separated list of SASL mechanisms to use for auth Seconds between connection keepalive heartbeats Transport to use, either 'tcp' or 'ssl' Disable Nagle algorithm" + comment: 'New param' + + - name: rpc_zmq_bind_address + type: string + default: '*' + help: "ZMQ ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP. The 'host' option should point or resolve to this address." + comment: 'New param' + + - name: notification_driver + type: string + default: 'neutron.openstack.common.notifier.rpc_notifier' + help: 'Notification_driver can be defined multiple times Do nothing driver notification_driver = neutron.openstack.common.notifier.no_op_notifier Logging driver notification_driver = neutron.openstack.common.notifier.log_notifier RPC driver. DHCP agents needs it.' + comment: 'New param' + + - name: default_notification_level + type: string + default: 'INFO' + help: 'default_notification_level is used to form actual topic name(s) or to set logging level' + comment: 'New param' + + - name: host + type: string + default: 'myhost.com' + help: 'default_publisher_id is a part of the notification payload' + comment: 'New param' + + - name: default_publisher_id + type: string + default: '$host' + help: 'default_publisher_id is a part of the notification payload' + comment: 'New param' + + - name: notification_topics + type: string + default: 'notifications' + help: 'Defined in rpc_notifier, can be comma separated values. The actual topic names will be %s.%(default_notification_level)s' + comment: 'New param' + + - name: pagination_max_limit + type: string + default: '-1' + help: 'Default maximum number of items returned in a single response, value == infinite and value < 0 means no max limit, and value must greater than 0. If the number of items requested is greater than pagination_max_limit, server will just return pagination_max_limit of number of items.' + comment: 'New param' + + - name: max_dns_nameservers + type: string + default: '5' + help: 'Maximum number of DNS nameservers per subnet' + comment: 'New param' + + - name: max_subnet_host_routes + type: string + default: '20' + help: 'Maximum number of host routes per subnet' + comment: 'New param' + + - name: max_fixed_ips_per_port + type: string + default: '5' + help: 'Maximum number of fixed ips per port' + comment: 'New param' + + - name: agent_down_time + type: string + default: '5' + help: '=========== items for agent management extension ============= Seconds to regard the agent as down.' + comment: 'New param' + + - name: network_scheduler_driver + type: string + default: 'neutron.scheduler.dhcp_agent_scheduler.ChanceScheduler' + help: '=========== items for agent scheduler extension ============= Driver to use for scheduling network to DHCP agent' + comment: 'New param' + + - name: router_scheduler_driver + type: string + default: 'neutron.scheduler.l3_agent_scheduler.ChanceScheduler' + help: '=========== items for agent scheduler extension ============= Driver to use for scheduling network to DHCP agent Driver to use for scheduling router to a default L3 agent' + comment: 'New param' + + - name: loadbalancer_pool_scheduler_driver + type: string + default: 'neutron.services.loadbalancer.agent_scheduler.ChanceScheduler' + help: '=========== items for agent scheduler extension ============= Driver to use for scheduling network to DHCP agent Driver to use for scheduling router to a default L3 agent Driver to use for scheduling a loadbalancer pool to an lbaas agent' + comment: 'New param' + + - name: network_auto_schedule + type: string + default: 'True' + help: 'Allow auto scheduling networks to DHCP agent. It will schedule non-hosted networks to first DHCP agent which sends get_active_networks message to neutron server' + comment: 'New param' + + - name: router_auto_schedule + type: string + default: 'True' + help: 'Allow auto scheduling routers to L3 agent. It will schedule non-hosted routers to first L3 agent which sends sync_routers message to neutron server' + comment: 'New param' + + - name: dhcp_agents_per_network + type: string + default: '1' + help: 'Number of DHCP agents scheduled to host a network. This enables redundant DHCP agents for configured networks.' + comment: 'New param' + + - name: tcp_keepidle + type: string + default: '600' + help: '=========== WSGI parameters related to the API server ============== Sets the value of TCP_KEEPIDLE in seconds to use for each server socket when starting API server. Not supported on OS X.' + comment: 'New param' + + - name: retry_until_window + type: string + default: '30' + help: 'Number of seconds to keep retrying to listen' + comment: 'New param' + + - name: backlog + type: string + default: '4096' + help: 'Number of backlog requests to configure the socket with.' + comment: 'New param' + + - name: use_ssl + type: string + default: 'False' + help: 'Enable SSL on the API server' + comment: 'New param' + + - name: ssl_cert_file + type: string + default: '/path/to/certfile' + help: 'Certificate file to use when starting API server securely' + comment: 'New param' + + - name: ssl_key_file + type: string + default: '/path/to/keyfile' + help: 'Private key file to use when starting API server securely' + comment: 'New param' + + - name: ssl_ca_file + type: string + default: '/path/to/cafile' + help: 'CA certificate file to use when starting API server securely to verify connecting clients. This is an optional parameter only required if API clients need to authenticate to the API server using SSL certificates signed by a trusted CA' + comment: 'New param' + + - name: quotas.quota_items + type: string + default: 'network,subnet,port' + help: 'resource name(s) that are supported in quota features' + comment: 'New param' + + - name: quotas.default_quota + type: string + default: '-1' + help: 'default number of resource allowed per tenant, minus for unlimited' + comment: 'New param' + + - name: quotas.quota_network + type: string + default: '10' + help: 'number of networks allowed per tenant, and minus means unlimited' + comment: 'New param' + + - name: quotas.quota_subnet + type: string + default: '10' + help: 'number of subnets allowed per tenant, and minus means unlimited' + comment: 'New param' + + - name: quotas.quota_port + type: string + default: '50' + help: 'number of ports allowed per tenant, and minus means unlimited' + comment: 'New param' + + - name: quotas.quota_security_group + type: string + default: '10' + help: 'number of security groups allowed per tenant, and minus means unlimited' + comment: 'New param' + + - name: quotas.quota_security_group_rule + type: string + default: '100' + help: 'number of security group rules allowed per tenant, and minus means unlimited' + comment: 'New param' + + - name: quotas.quota_driver + type: string + default: 'neutron.db.quota_db.DbQuotaDriver' + help: 'default driver to use for quota checks' + comment: 'New param' + + - name: agent.root_helper + type: string + default: 'sudo' + help: "Use 'sudo neutron-rootwrap /etc/neutron/rootwrap.conf' to use the real root filter facility. Change to 'sudo' to skip the filtering and just run the comand directly" + comment: 'New param' + + - name: agent.report_interval + type: string + default: '4' + help: '=========== items for agent management extension ============= seconds between nodes reporting state to server, should be less than agent_down_time' + comment: 'New param' + + - name: keystone_authtoken.auth_host + type: host + default: '127.0.0.1' + comment: 'New param' + + - name: keystone_authtoken.auth_port + type: string + default: '35357' + comment: 'New param' + + - name: keystone_authtoken.auth_protocol + type: string + default: 'http' + comment: 'New param' + + - name: keystone_authtoken.admin_tenant_name + type: string + default: '%SERVICE_TENANT_NAME%' + comment: 'New param' + + - name: keystone_authtoken.admin_user + type: string + default: '%SERVICE_USER%' + comment: 'New param' + + - name: keystone_authtoken.admin_password + type: string + default: '%SERVICE_PASSWORD%' + comment: 'New param' + + - name: keystone_authtoken.signing_dir + type: string + default: '$state_path/keystone-signing' + comment: 'New param' + + - name: database.connection + type: string + default: 'mysql://root:pass@127.0.0.1:3306/neutron' + help: 'This line MUST be changed to actually run the plugin. Example:' + comment: 'New param' + + - name: database.slave_connection + type: string + default: '' + help: 'The SQLAlchemy connection string used to connect to the slave database' + comment: 'New param' + + - name: database.max_retries + type: string + default: '10' + help: 'Database reconnection retry times - in event connectivity is lost set to -1 implies an infinite retry count' + comment: 'New param' + + - name: database.retry_interval + type: string + default: '10' + help: 'Database reconnection interval in seconds - if the initial connection to the database fails' + comment: 'New param' + + - name: database.min_pool_size + type: string + default: '1' + help: 'Minimum number of SQL connections to keep open in a pool' + comment: 'New param' + + - name: database.max_pool_size + type: string + default: '10' + help: 'Maximum number of SQL connections to keep open in a pool' + comment: 'New param' + + - name: database.idle_timeout + type: string + default: '3600' + help: 'Timeout in seconds before idle sql connections are reaped' + comment: 'New param' + + - name: database.max_overflow + type: string + default: '20' + help: 'If set, use this value for max_overflow with sqlalchemy' + comment: 'New param' + + - name: database.connection_debug + type: string + default: '0' + help: 'Verbosity of SQL debugging information. 0=None, 100=Everything' + comment: 'New param' + + - name: database.connection_trace + type: string + default: 'False' + help: 'Add python stack traces to SQL as comment strings' + comment: 'New param' + + - name: database.pool_timeout + type: string + default: '10' + help: 'If set, use this value for pool_timeout with sqlalchemy' + comment: 'New param' + + - name: service_providers.service_provider + type: string + default: 'LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default' + help: 'Specify service providers (drivers) for advanced services like loadbalancer, VPN, Firewall. Must be in form: service_provider=::[:default] List of allowed service type include LOADBALANCER, FIREWALL, VPN Combination of and must be unique; must also be unique this is multiline option, example for default provider: service_provider=LOADBALANCER:name:lbaas_plugin_driver_path:default example of non-default provider: service_provider=FIREWALL:name2:firewall_driver_path --- Reference implementations ---' + comment: 'New param' + +# ==================================================== diff --git a/rubick/schemas/nova/nova.conf.yml b/rubick/schemas/nova/nova.conf.yml new file mode 100644 index 0000000..d740201 --- /dev/null +++ b/rubick/schemas/nova/nova.conf.yml @@ -0,0 +1,8819 @@ +- version: '2013.1.3' + checkpoint: true + added: + + - name: internal_service_availability_zone + type: string + default: 'internal' + help: 'availability_zone to show internal services under' + comment: 'New param' + + - name: default_availability_zone + type: string + default: 'nova' + help: 'default compute node availability_zone' + comment: 'New param' + + - name: ssl.ca_file + type: string + default: ~ + help: 'CA certificate file to use to verify connecting clients' + comment: 'New param' + + - name: ssl.key_file + type: string + default: ~ + help: 'Private key file to use when starting the server securely' + comment: 'New param' + + - name: crl_file + type: file + default: 'crl.pem' + help: 'Filename of root Certificate Revocation List' + comment: 'New param' + + - name: keys_path + type: directory + default: '$state_path/keys' + help: 'Where we keep our keys' + comment: 'New param' + + - name: ca_path + type: string + default: '$state_path/CA' + help: 'Where we keep our root CA' + comment: 'New param' + + - name: use_project_ca + type: boolean + default: false + help: 'Should we use a CA for each project?' + comment: 'New param' + + - name: user_cert_subject + type: string + default: '/CUS/STCalifornia/OOpenStack/OUNovaDev/CN%.16s-%.16s-%s' + help: 'Subject for certificate for users, %s for project, user, timestamp' + comment: 'New param' + + - name: project_cert_subject + type: string + default: '/CUS/STCalifornia/OOpenStack/OUNovaDev/CNproject-ca-%.16s-%s' + help: 'Subject for certificate for projects, %s for project, timestamp' + comment: 'New param' + + - name: fatal_exception_format_errors + type: boolean + default: false + help: 'make exception message format errors fatal' + comment: 'New param' + + - name: my_ip + type: string + default: '10.0.0.1' + help: 'ip address of this host' + comment: 'New param' + + - name: matchmaker_redis.host + type: string + default: '127.0.0.1' + help: 'Host to locate redis' + comment: 'New param' + + - name: use_ipv6 + type: boolean + default: false + help: 'use ipv6' + comment: 'New param' + + - name: notify_on_state_change + type: string + default: 'None' + help: "If set, send compute.instance.update notifications on instance state changes. Valid values are None for no notifications, 'vm_state' for notifications on VM state changes, or 'vm_and_task_state' for notifications on VM and task state changes." + comment: 'New param' + + - name: notify_api_faults + type: boolean + default: false + help: 'If set, send api.fault notifications on caught exceptions in the API service.' + comment: 'New param' + + - name: pybasedir + type: string + default: '/usr/lib/python/site-packages' + help: 'Directory where the nova python module is installed' + comment: 'New param' + + - name: bindir + type: string + default: '/usr/local/bin' + help: 'Directory where nova binaries are installed' + comment: 'New param' + + - name: state_path + type: string + default: '$pybasedir' + help: "Top-level directory for maintaining nova's state" + comment: 'New param' + + - name: policy_file + type: string + default: 'policy.json' + help: 'JSON file representing policy' + comment: 'New param' + + - name: policy_default_rule + type: string + default: 'default' + help: 'Rule checked when requested rule is not found' + comment: 'New param' + + - name: quota_instances + type: integer + default: 10 + help: 'number of instances allowed per project' + comment: 'New param' + + - name: quota_cores + type: integer + default: 20 + help: 'number of instance cores allowed per project' + comment: 'New param' + + - name: quota_ram + type: integer + default: 51200 + help: 'megabytes of instance ram allowed per project' + comment: 'New param' + + - name: quota_floating_ips + type: integer + default: 10 + help: 'number of floating ips allowed per project' + comment: 'New param' + + - name: quota_fixed_ips + type: integer + default: -1 + help: 'number of fixed ips allowed per project' + comment: 'New param' + + - name: quota_metadata_items + type: integer + default: 128 + help: 'number of metadata items allowed per instance' + comment: 'New param' + + - name: quota_injected_files + type: integer + default: 5 + help: 'number of injected files allowed' + comment: 'New param' + + - name: quota_injected_file_content_bytes + type: integer + default: 10240 + help: 'number of bytes allowed per injected file' + comment: 'New param' + + - name: quota_injected_file_path_bytes + type: integer + default: 255 + help: 'number of bytes allowed per injected file path' + comment: 'New param' + + - name: quota_security_groups + type: integer + default: 10 + help: 'number of security groups per project' + comment: 'New param' + + - name: quota_security_group_rules + type: integer + default: 20 + help: 'number of security rules per security group' + comment: 'New param' + + - name: quota_key_pairs + type: integer + default: 100 + help: 'number of key pairs per user' + comment: 'New param' + + - name: reservation_expire + type: integer + default: 86400 + help: 'number of seconds until a reservation expires' + comment: 'New param' + + - name: until_refresh + type: integer + default: false + help: 'count of reservations until usage is refreshed' + comment: 'New param' + + - name: max_age + type: integer + default: false + help: 'number of seconds between subsequent usage refreshes' + comment: 'New param' + + - name: quota_driver + type: string + default: 'nova.quota.DbQuotaDriver' + help: 'default driver to use for quota checks' + comment: 'New param' + + - name: report_interval + type: integer + default: 10 + help: 'seconds between nodes reporting state to datastore' + comment: 'New param' + + - name: periodic_enable + type: boolean + default: true + help: 'enable periodic tasks' + comment: 'New param' + + - name: periodic_fuzzy_delay + type: integer + default: 60 + help: 'range of seconds to randomly delay when starting the periodic task scheduler to reduce stampeding.' + comment: 'New param' + + - name: enabled_apis + type: list + default: 'ec2,osapi_compute,metadata' + help: 'a list of APIs to enable by default' + comment: 'New param' + + - name: enabled_ssl_apis + type: list + default: '' + help: 'a list of APIs with enabled SSL' + comment: 'New param' + + - name: ec2_listen + type: string + default: '0.0.0.0' + help: 'IP address for EC2 API to listen' + comment: 'New param' + + - name: ec2_listen_port + type: integer + default: 8773 + help: 'port for ec2 api to listen' + comment: 'New param' + + - name: ec2_workers + type: integer + default: ~ + help: 'Number of workers for EC2 API service' + comment: 'New param' + + - name: osapi_compute_listen + type: string + default: '0.0.0.0' + help: 'IP address for OpenStack API to listen' + comment: 'New param' + + - name: osapi_compute_listen_port + type: integer + default: 8774 + help: 'list port for osapi compute' + comment: 'New param' + + - name: osapi_compute_workers + type: integer + default: ~ + help: 'Number of workers for OpenStack API service' + comment: 'New param' + + - name: metadata_manager + type: string + default: 'nova.api.manager.MetadataManager' + help: 'OpenStack metadata service manager' + comment: 'New param' + + - name: metadata_listen + type: string + default: '0.0.0.0' + help: 'IP address for metadata api to listen' + comment: 'New param' + + - name: metadata_listen_port + type: integer + default: 8775 + help: 'port for metadata api to listen' + comment: 'New param' + + - name: metadata_workers + type: integer + default: ~ + help: 'Number of workers for metadata service' + comment: 'New param' + + - name: compute_manager + type: string + default: 'nova.compute.manager.ComputeManager' + help: 'full class name for the Manager for compute' + comment: 'New param' + + - name: console_manager + type: string + default: 'nova.console.manager.ConsoleProxyManager' + help: 'full class name for the Manager for console proxy' + comment: 'New param' + + - name: cert_manager + type: string + default: 'nova.cert.manager.CertManager' + help: 'full class name for the Manager for cert' + comment: 'New param' + + - name: network_manager + type: string + default: 'nova.network.manager.VlanManager' + help: 'full class name for the Manager for network' + comment: 'New param' + + - name: scheduler_manager + type: string + default: 'nova.scheduler.manager.SchedulerManager' + help: 'full class name for the Manager for scheduler' + comment: 'New param' + + - name: service_down_time + type: integer + default: 60 + help: 'maximum time since last check-in for up service' + comment: 'New param' + + - name: sqlite_clean_db + type: string + default: 'clean.sqlite' + help: 'File name of clean sqlite db' + comment: 'New param' + + - name: monkey_patch + type: boolean + default: false + help: 'Whether to log monkey patching' + comment: 'New param' + + - name: monkey_patch_modules + type: list + default: 'nova.api.ec2.cloud:nova.notifications.notify_decorator,nova.compute.api:nova.notifications.notify_decorator' + help: 'List of modules/decorators to monkey patch' + comment: 'New param' + + - name: password_length + type: integer + default: 12 + help: 'Length of generated instance admin passwords' + comment: 'New param' + + - name: instance_usage_audit_period + type: string + default: 'month' + help: 'time period to generate instance usages for. Time period must be hour, day, month or year' + comment: 'New param' + + - name: rootwrap_config + type: string + default: '/etc/nova/rootwrap.conf' + help: 'Path to the rootwrap configuration file to use for running commands as root' + comment: 'New param' + + - name: tempdir + type: string + default: ~ + help: 'Explicitly specify the temporary working directory' + comment: 'New param' + + - name: api_paste_config + type: string + default: 'api-paste.ini' + help: 'File name for the paste.deploy config for nova-api' + comment: 'New param' + + - name: wsgi_log_format + type: string + default: '%(client_ip)s "%(request_line)s" status: %(status_code)s len: %(body_length)s time: %(wall_seconds).7f' + help: 'A python format string that is used as the template to generate log lines. The following values can be formatted into it: client_ip, date_time, request_line, status_code, body_length, wall_seconds.' + comment: 'New param' + + - name: ssl_ca_file + type: string + default: ~ + help: 'CA certificate file to use to verify connecting clients' + comment: 'New param' + + - name: ssl_cert_file + type: string + default: ~ + help: 'SSL certificate of API server' + comment: 'New param' + + - name: ssl_key_file + type: string + default: ~ + help: 'SSL private key of API server' + comment: 'New param' + + - name: tcp_keepidle + type: integer + default: 600 + help: 'Sets the value of TCP_KEEPIDLE in seconds for each server socket. Not supported on OS X.' + comment: 'New param' + + - name: api_rate_limit + type: boolean + default: false + help: 'whether to use per-user rate limiting for the api.' + comment: 'New param' + + - name: auth_strategy + type: string + default: 'noauth' + help: 'The strategy to use for auth: noauth or keystone.' + comment: 'New param' + + - name: use_forwarded_for + type: boolean + default: false + help: 'Treat X-Forwarded-For as the canonical remote address. Only enable this if you have a sanitizing proxy.' + comment: 'New param' + + - name: lockout_attempts + type: integer + default: 5 + help: 'Number of failed auths before lockout.' + comment: 'New param' + + - name: lockout_minutes + type: integer + default: 15 + help: 'Number of minutes to lockout if triggered.' + comment: 'New param' + + - name: lockout_window + type: integer + default: 15 + help: 'Number of minutes for lockout window.' + comment: 'New param' + + - name: keystone_ec2_url + type: string + default: 'http://localhost:5000/v2.0/ec2tokens' + help: 'URL to get token from ec2 request.' + comment: 'New param' + + - name: ec2_private_dns_show_ip + type: boolean + default: false + help: 'Return the IP address as private dns hostname in describe instances' + comment: 'New param' + + - name: ec2_strict_validation + type: boolean + default: true + help: 'Validate security group names according to EC2 specification' + comment: 'New param' + + - name: ec2_timestamp_expiry + type: integer + default: 300 + help: 'Time in seconds before ec2 timestamp expires' + comment: 'New param' + + - name: ec2_host + type: string + default: '$my_ip' + help: 'the ip of the ec2 api server' + comment: 'New param' + + - name: ec2_dmz_host + type: string + default: '$my_ip' + help: 'the internal ip of the ec2 api server' + comment: 'New param' + + - name: ec2_port + type: integer + default: 8773 + help: 'the port of the ec2 api server' + comment: 'New param' + + - name: ec2_scheme + type: string + default: 'http' + help: 'the protocol to use when connecting to the ec2 api server' + comment: 'New param' + + - name: ec2_path + type: string + default: '/services/Cloud' + help: 'the path prefix used to call the ec2 api server' + comment: 'New param' + + - name: region_list + type: list + default: '' + help: 'list of region=fqdn pairs separated by commas' + comment: 'New param' + + - name: config_drive_skip_versions + type: string + default: '1.0 2007-01-19 2007-03-01 2007-08-29 2007-10-10 2007-12-15 2008-02-01 2008-09-01' + help: 'List of metadata versions to skip placing into the config drive' + comment: 'New param' + + - name: vendordata_driver + type: string + default: 'nova.api.metadata.vendordata_json.JsonFileVendorData' + help: 'Driver to use for vendor data' + comment: 'New param' + + - name: service_neutron_metadata_proxy + type: boolean + default: false + help: 'Set flag to indicate Neutron will proxy metadata requests and resolve instance ids.' + comment: 'New param' + + - name: neutron_metadata_proxy_shared_secret + type: string + default: '' + help: 'Shared secret to validate proxies Neutron metadata requests' + comment: 'New param' + + - name: vendordata_jsonfile_path + type: string + default: ~ + help: 'File to load json formated vendor data from' + comment: 'New param' + + - name: osapi_max_limit + type: integer + default: 1000 + help: 'the maximum number of items returned in a single response from a collection resource' + comment: 'New param' + + - name: osapi_compute_link_prefix + type: string + default: ~ + help: 'Base URL that will be presented to users in links to the OpenStack Compute API' + comment: 'New param' + + - name: osapi_glance_link_prefix + type: string + default: ~ + help: 'Base URL that will be presented to users in links to glance resources' + comment: 'New param' + + - name: allow_instance_snapshots + type: boolean + default: true + help: 'Permit instance snapshot operations.' + comment: 'New param' + + - name: osapi_compute_ext_list + type: list + default: '' + help: 'Specify list of extensions to load when using osapi_compute_extension option with nova_2013_1_3.api.openstack.compute.contrib.select_extensions' + comment: 'New param' + + - name: fping_path + type: string + default: '/usr/sbin/fping' + help: 'Full path to fping.' + comment: 'New param' + + - name: enable_network_quota + type: boolean + default: false + help: 'Enables or disables quota checking for tenant networks' + comment: 'New param' + + - name: use_neutron_default_nets + type: string + default: 'False' + help: 'Control for checking for default networks' + comment: 'New param' + + - name: neutron_default_tenant_id + type: string + default: 'default' + help: 'Default tenant id when creating neutron networks' + comment: 'New param' + + - name: osapi_compute_extension + type: multi + default: 'nova.api.openstack.compute.contrib.standard_extensions' + help: 'osapi compute extension to load' + comment: 'New param' + + - name: osapi_hide_server_address_states + type: list + default: 'building' + help: 'List of instance states that should hide network info' + comment: 'New param' + + - name: enable_instance_password + type: boolean + default: true + help: 'Allows use of instance password during server creation' + comment: 'New param' + + - name: osapi_max_request_body_size + type: integer + default: 114688 + help: 'the maximum body size per each osapi request(bytes)' + comment: 'New param' + + - name: compute_api_class + type: string + default: 'nova.compute.api.API' + help: 'The full class name of the compute API class to use' + comment: 'New param' + + - name: cert_topic + type: string + default: 'cert' + help: 'the topic cert nodes listen on' + comment: 'New param' + + - name: vpn_image_id + type: string + default: '0' + help: 'image id used when starting up a cloudpipe vpn server' + comment: 'New param' + + - name: vpn_flavor + type: string + default: 'm1.tiny' + help: 'Flavor for vpn instances' + comment: 'New param' + + - name: boot_script_template + type: string + default: '$pybasedir/nova/cloudpipe/bootscript.template' + help: 'Template for cloudpipe instance boot script' + comment: 'New param' + + - name: dmz_net + type: string + default: '10.0.0.0' + help: 'Network to push into openvpn config' + comment: 'New param' + + - name: dmz_mask + type: string + default: '255.255.255.0' + help: 'Netmask to push into openvpn config' + comment: 'New param' + + - name: vpn_key_suffix + type: string + default: '-vpn' + help: 'Suffix to add to project name for vpn key and secgroups' + comment: 'New param' + + - name: record + type: boolean + default: false + help: 'Record sessions to FILE.[session_number]' + comment: 'New param' + + - name: daemon + type: boolean + default: false + help: 'Become a daemon' + comment: 'New param' + + - name: ssl_only + type: boolean + default: false + help: 'Disallow non-encrypted connections' + comment: 'New param' + + - name: source_is_ipv6 + type: boolean + default: false + help: 'Source is ipv6' + comment: 'New param' + + - name: upgrade_levels.cert + type: string + default: ~ + help: 'Set a version cap for messages sent to cert services' + comment: 'New param' + + - name: key + type: string + default: ~ + help: 'SSL key file' + comment: 'New param' + + - name: web + type: string + default: '/usr/share/spice-html5' + help: 'Run webserver on same port. Serve files from DIR.' + comment: 'New param' + + - name: novncproxy_host + type: string + default: '0.0.0.0' + help: 'Host on which to listen for incoming requests' + comment: 'New param' + + - name: novncproxy_port + type: integer + default: 6080 + help: 'Port on which to listen for incoming requests' + comment: 'New param' + + - name: spicehtml5proxy_host + type: string + default: '0.0.0.0' + help: 'Host on which to listen for incoming requests' + comment: 'New param' + + - name: spicehtml5proxy_port + type: integer + default: 6082 + help: 'Port on which to listen for incoming requests' + comment: 'New param' + + - name: allow_resize_to_same_host + type: boolean + default: false + help: 'Allow destination machine to match source for resize. Useful when testing in single-host environments.' + comment: 'New param' + + - name: allow_migrate_to_same_host + type: boolean + default: false + help: 'Allow migrate machine to the same host. Useful when testing in single-host environments.' + comment: 'New param' + + - name: default_schedule_zone + type: string + default: ~ + help: "availability zone to use when user doesn't specify one" + comment: 'New param' + + - name: non_inheritable_image_properties + type: list + default: 'cache_in_nova,bittorrent' + help: 'These are image properties which a snapshot should not inherit from an instance' + comment: 'New param' + + - name: null_kernel + type: string + default: 'nokernel' + help: 'kernel image that indicates not to use a kernel, but to use a raw disk image instead' + comment: 'New param' + + - name: multi_instance_display_name_template + type: string + default: '%(name)s-%(uuid)s' + help: "When creating multiple instances with a single request using the os-multiple-create API extension, this template will be used to build the display name for each instance. The benefit is that the instances end up with different hostnames. To restore legacy behavior of every instance having the same name, set this option to '%(name)s'. Valid keys for the template are: name, uuid, count." + comment: 'New param' + + - name: max_local_block_devices + type: integer + default: 3 + help: 'Maximum number of devices that will result in a local image being created on the hypervisor node. Setting this to 0 means nova will allow only boot from volume. A negative number means unlimited.' + comment: 'New param' + + - name: default_flavor + type: string + default: 'm1.small' + help: 'default flavor to use for the EC2 API only. The Nova API does not support a default flavor.' + comment: 'New param' + + - name: console_host + type: string + default: 'nova' + help: 'Console proxy host to use to connect to instances on this host.' + comment: 'New param' + + - name: default_access_ip_network_name + type: string + default: ~ + help: 'Name of network to use to set access ips for instances' + comment: 'New param' + + - name: defer_iptables_apply + type: boolean + default: false + help: 'Whether to batch up the application of IPTables rules during a host restart and apply all at the end of the init phase' + comment: 'New param' + + - name: instances_path + type: string + default: '$state_path/instances' + help: 'where instances are stored on disk' + comment: 'New param' + + - name: instance_usage_audit + type: boolean + default: false + help: 'Generate periodic compute.instance.exists notifications' + comment: 'New param' + + - name: live_migration_retry_count + type: integer + default: 30 + help: 'Number of 1 second retries needed in live_migration' + comment: 'New param' + + - name: resume_guests_state_on_host_boot + type: boolean + default: false + help: 'Whether to start guests that were running before the host rebooted' + comment: 'New param' + + - name: network_allocate_retries + type: integer + default: false + help: 'Number of times to retry network allocation on failures' + comment: 'New param' + + - name: maximum_instance_delete_attempts + type: integer + default: 5 + help: 'The number of times to attempt to reap an instances files.' + comment: 'New param' + + - name: bandwidth_poll_interval + type: integer + default: 600 + help: 'interval to pull bandwidth usage info' + comment: 'New param' + + - name: sync_power_state_interval + type: integer + default: 600 + help: 'interval to sync power states between the database and the hypervisor' + comment: 'New param' + + - name: heal_instance_info_cache_interval + type: integer + default: 60 + help: 'Number of seconds between instance info_cache self healing updates' + comment: 'New param' + + - name: host_state_interval + type: integer + default: 120 + help: 'Interval in seconds for querying the host status' + comment: 'New param' + + - name: image_cache_manager_interval + type: integer + default: 2400 + help: 'Number of seconds to wait between runs of the image cache manager' + comment: 'New param' + + - name: reclaim_instance_interval + type: integer + default: false + help: 'Interval in seconds for reclaiming deleted instances' + comment: 'New param' + + - name: volume_usage_poll_interval + type: integer + default: false + help: 'Interval in seconds for gathering volume usages' + comment: 'New param' + + - name: shelved_poll_interval + type: integer + default: 3600 + help: 'Interval in seconds for polling shelved instances to offload' + comment: 'New param' + + - name: shelved_offload_time + type: integer + default: false + help: 'Time in seconds before a shelved instance is eligible for removing from a host. -1 never offload, 0 offload when shelved' + comment: 'New param' + + - name: instance_delete_interval + type: integer + default: 300 + help: 'Interval in seconds for retrying failed instance file deletes' + comment: 'New param' + + - name: running_deleted_instance_action + type: string + default: 'log' + help: "Action to take if a running deleted instance is detected.Valid options are 'noop', 'log' and 'reap'. Set to 'noop' to disable." + comment: 'New param' + + - name: running_deleted_instance_poll_interval + type: integer + default: 1800 + help: 'Number of seconds to wait between runs of the cleanup task.' + comment: 'New param' + + - name: running_deleted_instance_timeout + type: integer + default: false + help: 'Number of seconds after being deleted when a running instance should be considered eligible for cleanup.' + comment: 'New param' + + - name: reboot_timeout + type: integer + default: false + help: 'Automatically hard reboot an instance if it has been stuck in a rebooting state longer than N seconds. Set to 0 to disable.' + comment: 'New param' + + - name: instance_build_timeout + type: integer + default: false + help: 'Amount of time in seconds an instance can be in BUILD before going into ERROR status.Set to 0 to disable.' + comment: 'New param' + + - name: rescue_timeout + type: integer + default: false + help: 'Automatically unrescue an instance after N seconds. Set to 0 to disable.' + comment: 'New param' + + - name: resize_confirm_window + type: integer + default: false + help: 'Automatically confirm resizes after N seconds. Set to 0 to disable.' + comment: 'New param' + + - name: reserved_host_disk_mb + type: integer + default: false + help: 'Amount of disk in MB to reserve for the host' + comment: 'New param' + + - name: reserved_host_memory_mb + type: integer + default: 512 + help: 'Amount of memory in MB to reserve for the host' + comment: 'New param' + + - name: compute_stats_class + type: string + default: 'nova.compute.stats.Stats' + help: 'Class that will manage stats for the local compute host' + comment: 'New param' + + - name: compute_topic + type: string + default: 'compute' + help: 'the topic compute nodes listen on' + comment: 'New param' + + - name: migrate_max_retries + type: integer + default: -1 + help: 'Number of times to retry live-migration before failing. If == -1, try until out of hosts. If == 0, only try once, no retries.' + comment: 'New param' + + - name: console_driver + type: string + default: 'nova.console.xvp.XVPConsoleProxy' + help: 'Driver to use for the console proxy' + comment: 'New param' + + - name: stub_compute + type: boolean + default: false + help: 'Stub calls to compute worker for tests' + comment: 'New param' + + - name: console_public_hostname + type: string + default: 'nova' + help: 'Publicly visible name for this console host' + comment: 'New param' + + - name: console_topic + type: string + default: 'console' + help: 'the topic console proxy nodes listen on' + comment: 'New param' + + - name: console_vmrc_port + type: integer + default: 443 + help: 'port for VMware VMRC connections' + comment: 'New param' + + - name: console_vmrc_error_retries + type: integer + default: 10 + help: 'number of retries for retrieving VMRC information' + comment: 'New param' + + - name: console_xvp_conf_template + type: string + default: '$pybasedir/nova/console/xvp.conf.template' + help: 'XVP conf template' + comment: 'New param' + + - name: console_xvp_conf + type: string + default: '/etc/xvp.conf' + help: 'generated XVP conf file' + comment: 'New param' + + - name: console_xvp_pid + type: string + default: '/var/run/xvp.pid' + help: 'XVP master process pid file' + comment: 'New param' + + - name: console_xvp_log + type: string + default: '/var/log/xvp.log' + help: 'XVP log file' + comment: 'New param' + + - name: console_xvp_multiplex_port + type: integer + default: 5900 + help: 'port for XVP to multiplex VNC connections on' + comment: 'New param' + + - name: consoleauth_topic + type: string + default: 'consoleauth' + help: 'the topic console auth proxy nodes listen on' + comment: 'New param' + + - name: console_token_ttl + type: integer + default: 600 + help: 'How many seconds before deleting tokens' + comment: 'New param' + + - name: consoleauth_manager + type: string + default: 'nova.consoleauth.manager.ConsoleAuthManager' + help: 'Manager for console auth' + comment: 'New param' + + - name: enable_new_services + type: boolean + default: true + help: 'Services to be added to the available pool on create' + comment: 'New param' + + - name: instance_name_template + type: string + default: 'instance-%08x' + help: 'Template string to be used to generate instance names' + comment: 'New param' + + - name: snapshot_name_template + type: string + default: 'snapshot-%s' + help: 'Template string to be used to generate snapshot names' + comment: 'New param' + + - name: db_driver + type: string + default: 'nova.db' + help: 'driver to use for database access' + comment: 'New param' + + - name: osapi_compute_unique_server_name_scope + type: string + default: '' + help: "When set, compute API will consider duplicate hostnames invalid within the specified scope, regardless of case. Should be empty, 'project' or 'global'." + comment: 'New param' + + - name: glance_host + type: string + default: '$my_ip' + help: 'default glance hostname or ip' + comment: 'New param' + + - name: glance_port + type: integer + default: 9292 + help: 'default glance port' + comment: 'New param' + + - name: glance_protocol + type: string + default: 'http' + help: 'Default protocol to use when connecting to glance. Set to https for SSL.' + comment: 'New param' + + - name: glance_api_servers + type: list + default: '$glance_host:$glance_port' + help: 'A list of the glance api servers available to nova_2013_1_3. Prefix with https:// for ssl-based glance api servers.' + comment: 'New param' + + - name: glance_api_insecure + type: boolean + default: false + help: 'Allow to perform insecure SSL' + comment: 'New param' + + - name: glance_num_retries + type: integer + default: false + help: 'Number retries when downloading an image from glance' + comment: 'New param' + + - name: allowed_direct_url_schemes + type: list + default: '' + help: 'A list of url scheme that can be downloaded directly via the direct_url. Currently supported schemes: [file].' + comment: 'New param' + + - name: image_decryption_dir + type: string + default: '/tmp' + help: 'parent dir for tempdir used for image decryption' + comment: 'New param' + + - name: s3_host + type: string + default: '$my_ip' + help: 'hostname or ip for OpenStack to use when accessing the s3 api' + comment: 'New param' + + - name: s3_port + type: integer + default: 3333 + help: 'port used when accessing the s3 api' + comment: 'New param' + + - name: s3_access_key + type: string + default: 'notchecked' + help: 'access key to use for s3 server for images' + comment: 'New param' + + - name: s3_secret_key + type: string + default: 'notchecked' + help: 'secret key to use for s3 server for images' + comment: 'New param' + + - name: s3_use_ssl + type: boolean + default: false + help: 'whether to use ssl when talking to s3' + comment: 'New param' + + - name: s3_affix_tenant + type: boolean + default: false + help: 'whether to affix the tenant id to the access key when downloading from s3' + comment: 'New param' + + - name: ipv6_backend + type: string + default: 'rfc2462' + help: 'Backend to use for IPv6 generation' + comment: 'New param' + + - name: network_api_class + type: string + default: 'nova.network.api.API' + help: 'The full class name of the network API class to use' + comment: 'New param' + + - name: network_driver + type: string + default: 'nova.network.linux_net' + help: 'Driver to use for network creation' + comment: 'New param' + + - name: default_floating_pool + type: string + default: 'nova' + help: 'Default pool for floating ips' + comment: 'New param' + + - name: auto_assign_floating_ip + type: boolean + default: false + help: 'Autoassigning floating ip to VM' + comment: 'New param' + + - name: floating_ip_dns_manager + type: string + default: 'nova.network.noop_dns_driver.NoopDNSDriver' + help: 'full class name for the DNS Manager for floating IPs' + comment: 'New param' + + - name: instance_dns_manager + type: string + default: 'nova.network.noop_dns_driver.NoopDNSDriver' + help: 'full class name for the DNS Manager for instance IPs' + comment: 'New param' + + - name: instance_dns_domain + type: string + default: '' + help: 'full class name for the DNS Zone for instance IPs' + comment: 'New param' + + - name: ldap_dns_url + type: string + default: 'ldap://ldap.example.com:389' + help: 'URL for ldap server which will store dns entries' + comment: 'New param' + + - name: ldap_dns_user + type: string + default: 'uidadmin,oupeople,dcexample,dcorg' + help: 'user for ldap DNS' + comment: 'New param' + + - name: ldap_dns_password + type: string + default: 'password' + help: 'password for ldap DNS' + comment: 'New param' + + - name: ldap_dns_soa_hostmaster + type: string + default: 'hostmaster@example.org' + help: 'Hostmaster for ldap dns driver Statement of Authority' + comment: 'New param' + + - name: ldap_dns_servers + type: multi + default: 'dns.example.org' + help: 'DNS Servers for ldap dns driver' + comment: 'New param' + + - name: ldap_dns_base_dn + type: string + default: 'ouhosts,dcexample,dcorg' + help: 'Base DN for DNS entries in ldap' + comment: 'New param' + + - name: ldap_dns_soa_refresh + type: string + default: '1800' + help: 'Refresh interval' + comment: 'New param' + + - name: ldap_dns_soa_retry + type: string + default: '3600' + help: 'Retry interval' + comment: 'New param' + + - name: ldap_dns_soa_expiry + type: string + default: '86400' + help: 'Expiry interval' + comment: 'New param' + + - name: ldap_dns_soa_minimum + type: string + default: '7200' + help: 'Minimum interval' + comment: 'New param' + + - name: dhcpbridge_flagfile + type: multi + default: '/etc/nova/nova-dhcpbridge.conf' + help: 'location of flagfiles for dhcpbridge' + comment: 'New param' + + - name: networks_path + type: string + default: '$state_path/networks' + help: 'Location to keep network config files' + comment: 'New param' + + - name: public_interface + type: string + default: 'eth0' + help: 'Interface for public IP addresses' + comment: 'New param' + + - name: network_device_mtu + type: string + default: ~ + help: 'MTU setting for vlan' + comment: 'New param' + + - name: dhcpbridge + type: string + default: '$bindir/nova-dhcpbridge' + help: 'location of nova-dhcpbridge' + comment: 'New param' + + - name: routing_source_ip + type: string + default: '$my_ip' + help: 'Public IP of network host' + comment: 'New param' + + - name: dhcp_lease_time + type: integer + default: 120 + help: 'Lifetime of a DHCP lease in seconds' + comment: 'New param' + + - name: dns_server + type: multi + default: '' + help: 'if set, uses specific dns server for dnsmasq. Canbe specified multiple times.' + comment: 'New param' + + - name: use_network_dns_servers + type: boolean + default: false + help: 'if set, uses the dns1 and dns2 from the network ref.as dns servers.' + comment: 'New param' + + - name: dmz_cidr + type: list + default: '' + help: 'A list of dmz range that should be accepted' + comment: 'New param' + + - name: force_snat_range + type: multi + default: '' + help: 'Traffic to this range will always be snatted to the fallback ip, even if it would normally be bridged out of the node. Can be specified multiple times.' + comment: 'New param' + + - name: dnsmasq_config_file + type: string + default: '' + help: 'Override the default dnsmasq settings with this file' + comment: 'New param' + + - name: linuxnet_interface_driver + type: string + default: 'nova.network.linux_net.LinuxBridgeInterfaceDriver' + help: 'Driver used to create ethernet devices.' + comment: 'New param' + + - name: linuxnet_ovs_integration_bridge + type: string + default: 'br-int' + help: 'Name of Open vSwitch bridge used with linuxnet' + comment: 'New param' + + - name: send_arp_for_ha + type: boolean + default: false + help: 'send gratuitous ARPs for HA setup' + comment: 'New param' + + - name: send_arp_for_ha_count + type: integer + default: 3 + help: 'send this many gratuitous ARPs for HA setup' + comment: 'New param' + + - name: use_single_default_gateway + type: boolean + default: false + help: 'Use single default gateway. Only first nic of vm will get default gateway from dhcp server' + comment: 'New param' + + - name: forward_bridge_interface + type: multi + default: 'all' + help: 'An interface that bridges can forward to. If this is set to all then all traffic will be forwarded. Can be specified multiple times.' + comment: 'New param' + + - name: metadata_host + type: string + default: '$my_ip' + help: 'the ip for the metadata api server' + comment: 'New param' + + - name: metadata_port + type: integer + default: 8775 + help: 'the port for the metadata api port' + comment: 'New param' + + - name: iptables_top_regex + type: string + default: '' + help: 'Regular expression to match iptables rule that should always be on the top.' + comment: 'New param' + + - name: iptables_bottom_regex + type: string + default: '' + help: 'Regular expression to match iptables rule that should always be on the bottom.' + comment: 'New param' + + - name: iptables_drop_action + type: string + default: 'DROP' + help: 'The table that iptables to jump to when a packet is to be dropped.' + comment: 'New param' + + - name: flat_network_bridge + type: string + default: ~ + help: 'Bridge for simple network instances' + comment: 'New param' + + - name: flat_network_dns + type: string + default: '8.8.4.4' + help: 'Dns for simple network' + comment: 'New param' + + - name: flat_injected + type: boolean + default: false + help: 'Whether to attempt to inject network setup into guest' + comment: 'New param' + + - name: flat_interface + type: string + default: ~ + help: 'FlatDhcp will bridge into this interface if set' + comment: 'New param' + + - name: vlan_start + type: integer + default: 100 + help: 'First VLAN for private networks' + comment: 'New param' + + - name: vmware.vlan_interface + type: string + default: 'vmnic0' + help: 'Physical ethernet adapter name for vlan networking' + comment: 'New param' + + - name: num_networks + type: integer + default: true + help: 'Number of networks to support' + comment: 'New param' + + - name: vpn_ip + type: string + default: '$my_ip' + help: 'Public IP for the cloudpipe VPN servers' + comment: 'New param' + + - name: vpn_start + type: integer + default: 1000 + help: 'First Vpn port for private networks' + comment: 'New param' + + - name: network_size + type: integer + default: 256 + help: 'Number of addresses in each private subnet' + comment: 'New param' + + - name: fixed_range_v6 + type: string + default: 'fd00::/48' + help: 'Fixed IPv6 address block' + comment: 'New param' + + - name: fixed_range + type: string + default: '' + help: 'Fixed IPv4 address block' + comment: 'New param' + + - name: gateway + type: string + default: ~ + help: 'Default IPv4 gateway' + comment: 'New param' + + - name: gateway_v6 + type: string + default: ~ + help: 'Default IPv6 gateway' + comment: 'New param' + + - name: cnt_vpn_clients + type: integer + default: false + help: 'Number of addresses reserved for vpn clients' + comment: 'New param' + + - name: fixed_ip_disassociate_timeout + type: integer + default: 600 + help: 'Seconds after which a deallocated ip is disassociated' + comment: 'New param' + + - name: create_unique_mac_address_attempts + type: integer + default: 5 + help: 'Number of attempts to create unique mac address' + comment: 'New param' + + - name: fake_network + type: boolean + default: false + help: 'If passed, use fake network devices and addresses' + comment: 'New param' + + - name: fake_call + type: boolean + default: false + help: 'If True, skip using the queue and make local calls' + comment: 'New param' + + - name: teardown_unused_network_gateway + type: boolean + default: false + help: 'If True, unused gateway devices' + comment: 'New param' + + - name: force_dhcp_release + type: boolean + default: true + help: 'If True, send a dhcp release on instance termination' + comment: 'New param' + + - name: share_dhcp_address + type: boolean + default: false + help: 'If True in multi_host mode, all compute hosts share the same dhcp address. The same IP address used for DHCP will be added on each nova-network node which is only visible to the vms on the same host.' + comment: 'New param' + + - name: update_dns_entries + type: boolean + default: false + help: 'If True, when a DNS entry must be updated, it sends a fanout cast to all network hosts to update their DNS entries in multi host mode' + comment: 'New param' + + - name: dns_update_periodic_interval + type: integer + default: -1 + help: 'Number of seconds to wait between runs of updates to DNS entries.' + comment: 'New param' + + - name: dhcp_domain + type: string + default: 'novalocal' + help: 'domain to use for building the hostnames' + comment: 'New param' + + - name: l3_lib + type: string + default: 'nova.network.l3.LinuxNetL3' + help: 'Indicates underlying L3 management library' + comment: 'New param' + + - name: neutron_url + type: string + default: 'http://127.0.0.1:9696' + help: 'URL for connecting to neutron' + comment: 'New param' + + - name: neutron_url_timeout + type: integer + default: 30 + help: 'timeout value for connecting to neutron in seconds' + comment: 'New param' + + - name: neutron_admin_username + type: string + default: ~ + help: 'username for connecting to neutron in admin context' + comment: 'New param' + + - name: neutron_admin_password + type: string + default: ~ + help: 'password for connecting to neutron in admin context' + comment: 'New param' + + - name: neutron_admin_tenant_name + type: string + default: ~ + help: 'tenant name for connecting to neutron in admin context' + comment: 'New param' + + - name: neutron_region_name + type: string + default: ~ + help: 'region name for connecting to neutron in admin context' + comment: 'New param' + + - name: neutron_admin_auth_url + type: string + default: 'http://localhost:5000/v2.0' + help: 'auth url for connecting to neutron in admin context' + comment: 'New param' + + - name: neutron_api_insecure + type: boolean + default: false + help: 'if set, ignore any SSL validation issues' + comment: 'New param' + + - name: neutron_auth_strategy + type: string + default: 'keystone' + help: 'auth strategy for connecting to neutron in admin context' + comment: 'New param' + + - name: neutron_ovs_bridge + type: string + default: 'br-int' + help: 'Name of Integration Bridge used by Open vSwitch' + comment: 'New param' + + - name: neutron_extension_sync_interval + type: integer + default: 600 + help: 'Number of seconds before querying neutron for extensions' + comment: 'New param' + + - name: neutron_ca_certificates_file + type: string + default: ~ + help: 'Location of ca certicates file to use for neutronclient requests.' + comment: 'New param' + + - name: dhcp_options_enabled + type: boolean + default: false + help: 'Use per-port DHCP options with Neutron' + comment: 'New param' + + - name: network_topic + type: string + default: 'network' + help: 'the topic network nodes listen on' + comment: 'New param' + + - name: multi_host + type: boolean + default: false + help: 'Default value for multi_host in networks. Also, if set, some rpc network calls will be sent directly to host.' + comment: 'New param' + + - name: security_group_api + type: string + default: 'nova' + help: 'The full class name of the security API class' + comment: 'New param' + + - name: buckets_path + type: string + default: '$state_path/buckets' + help: 'path to s3 buckets' + comment: 'New param' + + - name: s3_listen + type: string + default: '0.0.0.0' + help: 'IP address for S3 API to listen' + comment: 'New param' + + - name: s3_listen_port + type: integer + default: 3333 + help: 'port for s3 api to listen' + comment: 'New param' + + - name: sqlite_db + type: string + default: 'nova.sqlite' + help: 'the filename to use with sqlite' + comment: 'New param' + + - name: sqlite_synchronous + type: boolean + default: true + help: 'If true, use synchronous mode for sqlite' + comment: 'New param' + + - name: backdoor_port + type: string + default: ~ + help: "Enable eventlet backdoor. Acceptable values are 0, and :, where 0 results in listening on a random tcp port number, results in listening on the specified port number and not enabling backdoorif it is in use and : results in listening on the smallest unused port number within the specified range of port numbers. The chosen port is displayed in the service's log file." + comment: 'New param' + + - name: disable_process_locking + type: boolean + default: false + help: 'Whether to disable inter-process locks' + comment: 'New param' + + - name: lock_path + type: string + default: ~ + help: 'Directory to use for lock files.' + comment: 'New param' + + - name: debug + type: boolean + default: false + help: 'Print debugging output' + comment: 'New param' + + - name: verbose + type: boolean + default: false + help: 'Print more verbose output' + comment: 'New param' + + - name: use_stderr + type: boolean + default: true + help: 'Log output to standard error' + comment: 'New param' + + - name: logging_context_format_string + type: string + default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s' + help: 'format string to use for log messages with context' + comment: 'New param' + + - name: logging_default_format_string + type: string + default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s' + help: 'format string to use for log messages without context' + comment: 'New param' + + - name: logging_debug_format_suffix + type: string + default: '%(funcName)s %(pathname)s:%(lineno)d' + help: 'data to append to log format when level is DEBUG' + comment: 'New param' + + - name: logging_exception_prefix + type: string + default: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' + help: 'prefix each line of exception output with this format' + comment: 'New param' + + - name: default_log_levels + type: list + default: 'amqplibWARN,sqlalchemyWARN,botoWARN,sudsINFO,keystoneINFO,eventlet.wsgi.serverWARN' + help: 'list of logger=LEVEL pairs' + comment: 'New param' + + - name: publish_errors + type: boolean + default: false + help: 'publish error events' + comment: 'New param' + + - name: fatal_deprecations + type: boolean + default: false + help: 'make deprecations fatal' + comment: 'New param' + + - name: instance_format + type: string + default: '"[instance: %(uuid)s] "' + help: 'If an instance is passed with the log message, format it like this' + comment: 'New param' + + - name: instance_uuid_format + type: string + default: '"[instance: %(uuid)s] "' + help: 'If an instance UUID is passed with the log message, format it like this' + comment: 'New param' + + - name: log_config + type: string + default: ~ + help: 'If this option is specified, the logging configuration file specified is used and overrides any other logging options specified. Please see the Python logging module documentation for details on logging configuration files.' + comment: 'New param' + + - name: log_format + type: string + default: ~ + help: 'DEPRECATED. A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes. This option is deprecated. Please use logging_context_format_string and logging_default_format_string instead.' + comment: 'New param' + + - name: log_date_format + type: string + default: '%Y-%m-%d %H:%M:%S' + help: 'Format string for %%(asctime)s in log records. Default: %(default)s' + comment: 'New param' + + - name: log_file + type: string + default: ~ + help: '(Optional) Name of log file to output to. If no default is set, logging will go to stdout.' + comment: 'New param' + + - name: log_dir + type: string + default: ~ + help: '(Optional) The base directory used for relative --log-file paths' + comment: 'New param' + + - name: use_syslog + type: boolean + default: false + help: 'Use syslog for logging.' + comment: 'New param' + + - name: syslog_log_facility + type: string + default: 'LOG_USER' + help: 'syslog facility to receive log lines' + comment: 'New param' + + - name: memcached_servers + type: list + default: ~ + help: 'Memcached servers or None for in process cache.' + comment: 'New param' + + - name: notification_driver + type: multi + default: '' + help: 'Driver or drivers to handle sending notifications' + comment: 'New param' + + - name: default_notification_level + type: string + default: 'INFO' + help: 'Default notification level for outgoing notifications' + comment: 'New param' + + - name: default_publisher_id + type: string + default: ~ + help: 'Default publisher_id for outgoing notifications' + comment: 'New param' + + - name: notification_topics + type: list + default: 'notifications' + help: 'AMQP topic used for OpenStack notifications' + comment: 'New param' + + - name: run_external_periodic_tasks + type: boolean + default: true + help: 'Some periodic tasks can be run in a separate process. Should we run them here?' + comment: 'New param' + + - name: rpc_backend + type: string + default: 'nova.openstack.common.rpc.impl_kombu' + help: 'The messaging module to use, defaults to kombu.' + comment: 'New param' + + - name: rpc_thread_pool_size + type: integer + default: 64 + help: 'Size of RPC thread pool' + comment: 'New param' + + - name: rpc_conn_pool_size + type: integer + default: 30 + help: 'Size of RPC connection pool' + comment: 'New param' + + - name: rpc_response_timeout + type: integer + default: 60 + help: 'Seconds to wait for a response from call or multicall' + comment: 'New param' + + - name: rpc_cast_timeout + type: integer + default: 30 + help: 'Seconds to wait before a cast expires' + comment: 'New param' + + - name: allowed_rpc_exception_modules + type: list + default: 'nova.exception,cinder.exception,exceptions' + help: 'Modules of exceptions that are permitted to be recreatedupon receiving exception data from an rpc call.' + comment: 'New param' + + - name: fake_rabbit + type: boolean + default: false + help: 'If passed, use a fake RabbitMQ provider' + comment: 'New param' + + - name: control_exchange + type: string + default: 'openstack' + help: 'AMQP exchange to connect to if using RabbitMQ or Qpid' + comment: 'New param' + + - name: amqp_durable_queues + type: boolean + default: false + help: 'Use durable queues in amqp.' + comment: 'New param' + + - name: amqp_auto_delete + type: boolean + default: false + help: 'Auto-delete queues in amqp.' + comment: 'New param' + + - name: kombu_ssl_version + type: string + default: '' + help: 'SSL version to use' + comment: 'New param' + + - name: kombu_ssl_keyfile + type: string + default: '' + help: 'SSL key file' + comment: 'New param' + + - name: kombu_ssl_certfile + type: string + default: '' + help: 'SSL cert file' + comment: 'New param' + + - name: kombu_ssl_ca_certs + type: string + default: '' + help: 'SSL certification authority file' + comment: 'New param' + + - name: rabbit_host + type: string + default: 'localhost' + help: 'The RabbitMQ broker address where a single node is used' + comment: 'New param' + + - name: rabbit_port + type: integer + default: 5672 + help: 'The RabbitMQ broker port where a single node is used' + comment: 'New param' + + - name: rabbit_hosts + type: list + default: '$rabbit_host:$rabbit_port' + help: 'RabbitMQ HA cluster host:port pairs' + comment: 'New param' + + - name: rabbit_use_ssl + type: boolean + default: false + help: 'connect over SSL for RabbitMQ' + comment: 'New param' + + - name: rabbit_userid + type: string + default: 'guest' + help: 'the RabbitMQ userid' + comment: 'New param' + + - name: rabbit_password + type: string + default: 'guest' + help: 'the RabbitMQ password' + comment: 'New param' + + - name: rabbit_virtual_host + type: string + default: '/' + help: 'the RabbitMQ virtual host' + comment: 'New param' + + - name: rabbit_retry_interval + type: integer + default: true + help: 'how frequently to retry connecting with RabbitMQ' + comment: 'New param' + + - name: rabbit_retry_backoff + type: integer + default: 2 + help: 'how long to backoff for between retries when connecting to RabbitMQ' + comment: 'New param' + + - name: rabbit_max_retries + type: integer + default: false + help: 'maximum retries with trying to connect to RabbitMQ' + comment: 'New param' + + - name: rabbit_ha_queues + type: boolean + default: false + help: 'use H/A queues in RabbitMQ' + comment: 'New param' + + - name: qpid_hostname + type: string + default: 'localhost' + help: 'Qpid broker hostname' + comment: 'New param' + + - name: qpid_port + type: integer + default: 5672 + help: 'Qpid broker port' + comment: 'New param' + + - name: qpid_hosts + type: list + default: '$qpid_hostname:$qpid_port' + help: 'Qpid HA cluster host:port pairs' + comment: 'New param' + + - name: qpid_username + type: string + default: '' + help: 'Username for qpid connection' + comment: 'New param' + + - name: qpid_password + type: string + default: '' + help: 'Password for qpid connection' + comment: 'New param' + + - name: qpid_sasl_mechanisms + type: string + default: '' + help: 'Space separated list of SASL mechanisms to use for auth' + comment: 'New param' + + - name: qpid_heartbeat + type: integer + default: 60 + help: 'Seconds between connection keepalive heartbeats' + comment: 'New param' + + - name: qpid_protocol + type: string + default: 'tcp' + help: "Transport to use, either 'tcp' or 'ssl'" + comment: 'New param' + + - name: qpid_tcp_nodelay + type: boolean + default: true + help: 'Disable Nagle algorithm' + comment: 'New param' + + - name: qpid_topology_version + type: integer + default: true + help: 'The qpid topology version to use. Version 1 is what was originally used by impl_qpid. Version 2 includes some backwards-incompatible changes that allow broker federation to work. Users should update to version 2 when they are able to take everything down, as it requires a clean break.' + comment: 'New param' + + - name: rpc_zmq_bind_address + type: string + default: '*' + help: 'ZeroMQ bind address. Should be a wildcard' + comment: 'New param' + + - name: rpc_zmq_matchmaker + type: string + default: 'nova.openstack.common.rpc.matchmaker.MatchMakerLocalhost' + help: 'MatchMaker driver' + comment: 'New param' + + - name: rpc_zmq_port + type: integer + default: 9501 + help: 'ZeroMQ receiver listening port' + comment: 'New param' + + - name: rpc_zmq_contexts + type: integer + default: true + help: 'Number of ZeroMQ contexts, defaults to 1' + comment: 'New param' + + - name: rpc_zmq_topic_backlog + type: integer + default: ~ + help: 'Maximum number of ingress messages to locally buffer per topic. Default is unlimited.' + comment: 'New param' + + - name: rpc_zmq_ipc_dir + type: string + default: '/var/run/openstack' + help: 'Directory for holding IPC sockets' + comment: 'New param' + + - name: rpc_zmq_host + type: string + default: 'nova' + help: "Name of this node. Must be a valid hostname, FQDN, or IP address. Must match 'host' option, if running nova." + comment: 'New param' + + - name: matchmaker_heartbeat_freq + type: integer + default: 300 + help: 'Heartbeat frequency' + comment: 'New param' + + - name: matchmaker_heartbeat_ttl + type: integer + default: 600 + help: 'Heartbeat time-to-live.' + comment: 'New param' + + - name: pci_alias + type: multi + default: '' + help: "An alias for a PCI passthrough device requirement. This allows users to specify the alias in the extra_spec for a flavor, without needing to repeat all the PCI property requirements. For example: pci_alias = { 'name': 'QuicAssist', 'product_id': '0443', 'vendor_id': '8086', 'device_type': 'ACCEL' } defines an alias for the Intel QuickAssist card." + comment: 'New param' + + - name: pci_passthrough_whitelist + type: multi + default: '' + help: "White list of PCI devices available to VMs. For example: pci_passthrough_whitelist = [{'vendor_id': '8086', 'product_id': '0443'}]" + comment: 'New param' + + - name: scheduler_host_manager + type: string + default: 'nova.scheduler.host_manager.HostManager' + help: 'The scheduler host manager class to use' + comment: 'New param' + + - name: scheduler_max_attempts + type: integer + default: 3 + help: 'Maximum number of attempts to schedule an instance' + comment: 'New param' + + - name: scheduler_host_subset_size + type: integer + default: true + help: 'New instances will be scheduled on a host chosen randomly from a subset of the N best hosts. This property defines the subset size that a host is chosen from. A value of 1 chooses the first host returned by the weighing functions. This value must be at least 1. Any value less than 1 will be ignored, and 1 will be used instead' + comment: 'New param' + + - name: cpu_allocation_ratio + type: float + default: 16.0 + help: 'Virtual CPU to physical CPU allocation ratio which affects all CPU filters. This configuration specifies a global ratio for CoreFilter. For AggregateCoreFilter, it will fall back to this configuration value if no per-aggregate setting found.' + comment: 'New param' + + - name: disk_allocation_ratio + type: float + default: true + help: 'virtual disk to physical disk allocation ratio' + comment: 'New param' + + - name: max_io_ops_per_host + type: integer + default: 8 + help: 'Ignore hosts that have too many builds/resizes/snaps/migrations' + comment: 'New param' + + - name: isolated_images + type: list + default: '' + help: 'Images to run on isolated host' + comment: 'New param' + + - name: isolated_hosts + type: list + default: '' + help: 'Host reserved for specific images' + comment: 'New param' + + - name: restrict_isolated_hosts_to_isolated_images + type: boolean + default: true + help: 'Whether to force isolated hosts to run only isolated images' + comment: 'New param' + + - name: max_instances_per_host + type: integer + default: 50 + help: 'Ignore hosts that have too many instances' + comment: 'New param' + + - name: ram_allocation_ratio + type: float + default: 1.5 + help: 'Virtual ram to physical ram allocation ratio which affects all ram filters. This configuration specifies a global ratio for RamFilter. For AggregateRamFilter, it will fall back to this configuration value if no per-aggregate setting found.' + comment: 'New param' + + - name: scheduler_available_filters + type: multi + default: 'nova.scheduler.filters.all_filters' + help: "Filter classes available to the scheduler which may be specified more than once. An entry of 'nova.scheduler.filters.standard_filters' maps to all filters included with nova." + comment: 'New param' + + - name: scheduler_default_filters + type: list + default: 'RetryFilter,AvailabilityZoneFilter,RamFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter' + help: 'Which filter class names to use for filtering hosts when not specified in the request.' + comment: 'New param' + + - name: cells.scheduler_weight_classes + type: list + default: 'nova.cells.weights.all_weighers' + help: "Weigher classes the cells scheduler should use. An entry of 'nova.cells.weights.all_weighers' maps to all cell weighers included with nova_2013_1_3." + comment: 'New param' + + - name: scheduler_driver + type: string + default: 'nova.scheduler.filter_scheduler.FilterScheduler' + help: 'Default driver to use for the scheduler' + comment: 'New param' + + - name: scheduler_topic + type: string + default: 'scheduler' + help: 'the topic scheduler nodes listen on' + comment: 'New param' + + - name: scheduler_json_config_location + type: string + default: '' + help: 'Absolute path to scheduler configuration JSON file.' + comment: 'New param' + + - name: cells.ram_weight_multiplier + type: float + default: 10.0 + help: 'Multiplier used for weighing ram. Negative numbers mean to stack vs spread.' + comment: 'New param' + + - name: servicegroup_driver + type: string + default: 'db' + help: 'The driver for servicegroup service' + comment: 'New param' + + - name: config_drive_format + type: string + default: 'iso9660' + help: 'Config drive format. One of iso9660' + comment: 'New param' + + - name: config_drive_tempdir + type: string + default: ~ + help: 'Where to put temporary files associated with config drive creation' + comment: 'New param' + + - name: force_config_drive + type: string + default: ~ + help: 'Set to force injection to take place on a config drive' + comment: 'New param' + + - name: mkisofs_cmd + type: string + default: 'genisoimage' + help: 'Name and optionally path of the tool used for ISO image creation' + comment: 'New param' + + - name: baremetal.injected_network_template + type: string + default: '$pybasedir/nova/virt/baremetal/interfaces.template' + help: 'Template file for injected network' + comment: 'New param' + + - name: virt_mkfs + type: string + default: 'windowsmkfs.ntfs --force --fast --label %(fs_label)s %(target)s' + comment: 'New param' + + - name: resize_fs_using_block_device + type: boolean + default: true + help: 'Attempt to resize the filesystem by accessing the image over a block device. This is done by the host and may not be necessary if the image contains a recent version of cloud- init. Possible mechanisms require the nbd driver' + comment: 'New param' + + - name: timeout_nbd + type: integer + default: 10 + help: 'time to wait for a NBD device coming up' + comment: 'New param' + + - name: docker_registry_default_port + type: integer + default: 5042 + help: 'Default TCP port to find the docker-registry container' + comment: 'New param' + + - name: compute_driver + type: string + default: ~ + help: 'Driver to use for controlling virtualization. Options include: libvirt.LibvirtDriver, xenapi.XenAPIDriver, fake.FakeDriver, baremetal.BareMetalDriver, vmwareapi.VMwareESXDriver, vmwareapi.VMwareVCDriver' + comment: 'New param' + + - name: default_ephemeral_format + type: string + default: ~ + help: 'The default format an ephemeral_volume will be formatted with on creation.' + comment: 'New param' + + - name: preallocate_images + type: string + default: 'none' + help: "VM image preallocation mode: 'none' => no storage provisioning is done up front, 'space' => storage is fully allocated at instance start" + comment: 'New param' + + - name: use_cow_images + type: boolean + default: true + help: 'Whether to use cow images' + comment: 'New param' + + - name: firewall_driver + type: string + default: ~ + help: 'Firewall driver' + comment: 'New param' + + - name: allow_same_net_traffic + type: boolean + default: true + help: 'Whether to allow network traffic from same network' + comment: 'New param' + + - name: force_raw_images + type: boolean + default: true + help: 'Force backing images to raw format' + comment: 'New param' + + - name: rescue_image_id + type: string + default: ~ + help: 'Rescue ami image' + comment: 'New param' + + - name: rescue_kernel_id + type: string + default: ~ + help: 'Rescue aki image' + comment: 'New param' + + - name: rescue_ramdisk_id + type: string + default: ~ + help: 'Rescue ari image' + comment: 'New param' + + - name: libvirt_type + type: string + default: 'kvm' + help: 'Libvirt domain type' + comment: 'New param' + + - name: libvirt_uri + type: string + default: '' + help: 'Override the default libvirt URI' + comment: 'New param' + + - name: libvirt_inject_password + type: boolean + default: false + help: 'Inject the admin password at boot time, without an agent.' + comment: 'New param' + + - name: libvirt_inject_key + type: boolean + default: true + help: 'Inject the ssh public key at boot time' + comment: 'New param' + + - name: libvirt_inject_partition + type: integer + default: true + help: 'The partition to inject to : -2 => disable, -1 => inspect' + comment: 'New param' + + - name: use_usb_tablet + type: boolean + default: true + help: 'Sync virtual and real mouse cursors in Windows VMs' + comment: 'New param' + + - name: live_migration_uri + type: string + default: 'qemu+tcp://%s/system' + help: 'Migration target URI' + comment: 'New param' + + - name: live_migration_flag + type: string + default: 'VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER' + help: 'Migration flags to be set for live migration' + comment: 'New param' + + - name: block_migration_flag + type: string + default: 'VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER, VIR_MIGRATE_NON_SHARED_INC' + help: 'Migration flags to be set for block migration' + comment: 'New param' + + - name: live_migration_bandwidth + type: integer + default: false + help: 'Maximum bandwidth to be used during migration, in Mbps' + comment: 'New param' + + - name: snapshot_image_format + type: string + default: ~ + help: 'Snapshot image format' + comment: 'New param' + + - name: libvirt_vif_driver + type: string + default: 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver' + help: 'The libvirt VIF driver to configure the VIFs.' + comment: 'New param' + + - name: libvirt_volume_drivers + type: list + default: 'iscsinova.virt.libvirt.volume.LibvirtISCSIVolumeDriver,isernova.virt.libvirt.volume.LibvirtISERVolumeDriver,localnova.virt.libvirt.volume.LibvirtVolumeDriver,fakenova.virt.libvirt.volume.LibvirtFakeVolumeDriver,rbdnova.virt.libvirt.volume.LibvirtNetVolumeDriver,sheepdognova.virt.libvirt.volume.LibvirtNetVolumeDriver,nfsnova.virt.libvirt.volume.LibvirtNFSVolumeDriver,aoenova.virt.libvirt.volume.LibvirtAOEVolumeDriver,glusterfsnova.virt.libvirt.volume.LibvirtGlusterfsVolumeDriver,fibre_channelnova.virt.libvirt.volume.LibvirtFibreChannelVolumeDriver,scalitynova.virt.libvirt.volume.LibvirtScalityVolumeDriver' + help: 'Libvirt handlers for remote volumes.' + comment: 'New param' + + - name: libvirt_disk_prefix + type: string + default: ~ + help: 'Override the default disk prefix for the devices attached to a server, which is dependent on libvirt_type.' + comment: 'New param' + + - name: libvirt_wait_soft_reboot_seconds + type: integer + default: 120 + help: 'Number of seconds to wait for instance to shut down after soft reboot request is made. We fall back to hard reboot if instance does not shutdown within this window.' + comment: 'New param' + + - name: libvirt_nonblocking + type: boolean + default: true + help: 'Use a separated OS thread pool to realize non-blocking libvirt calls' + comment: 'New param' + + - name: libvirt_cpu_mode + type: string + default: ~ + help: "Set to 'host-model' to clone the host CPU feature flags; to 'host-passthrough' to use the host CPU model exactly; to 'custom' to use a named CPU model; to 'none' to not set any CPU model. If libvirt_type='kvm|qemu', it will default to 'host-model', otherwise it will default to 'none'" + comment: 'New param' + + - name: libvirt_cpu_model + type: string + default: ~ + help: 'Set to a named libvirt CPU model' + comment: 'New param' + + - name: libvirt_snapshots_directory + type: string + default: '$instances_path/snapshots' + help: 'Location where libvirt driver will store snapshots before uploading them to image service' + comment: 'New param' + + - name: xen_hvmloader_path + type: string + default: '/usr/lib/xen/boot/hvmloader' + help: 'Location where the Xen hvmloader is kept' + comment: 'New param' + + - name: disk_cachemodes + type: list + default: '' + help: "Specific cachemodes to use for different disk types e.g: ['file=directsync','block=none']" + comment: 'New param' + + - name: vcpu_pin_set + type: string + default: ~ + help: "Which pcpus can be used by vcpus of instance e.g: '4-12,^8,15'" + comment: 'New param' + + - name: libvirt_images_type + type: string + default: 'default' + help: 'VM Images format. Acceptable values are: raw, qcow2, lvm,rbd, default. If default is specified, then use_cow_images flag is used instead of this one.' + comment: 'New param' + + - name: libvirt_images_volume_group + type: string + default: ~ + help: 'LVM Volume Group that is used for VM images, when you specify libvirt_images_type=lvm.' + comment: 'New param' + + - name: libvirt_sparse_logical_volumes + type: boolean + default: false + help: 'Create sparse logical volumes' + comment: 'New param' + + - name: libvirt_lvm_snapshot_size + type: integer + default: 1000 + help: 'The amount of storage' + comment: 'New param' + + - name: libvirt_images_rbd_pool + type: string + default: 'rbd' + help: 'the RADOS pool in which rbd volumes are stored' + comment: 'New param' + + - name: libvirt_images_rbd_ceph_conf + type: string + default: '' + help: 'path to the ceph configuration file to use' + comment: 'New param' + + - name: base_dir_name + type: string + default: '_base' + help: 'Where cached images are stored under $instances_path.This is NOT the full path - just a folder name.For per-compute-host cached images, set to _base_$my_ip' + comment: 'New param' + + - name: image_info_filename_pattern + type: string + default: '$instances_path/$base_dir_name/%(image)s.info' + help: 'Allows image information files to be stored in non-standard locations' + comment: 'New param' + + - name: remove_unused_base_images + type: boolean + default: true + help: 'Should unused base images be removed?' + comment: 'New param' + + - name: remove_unused_kernels + type: boolean + default: false + help: 'Should unused kernel images be removed? This is only safe to enable if all compute nodes have been updated to support this option. This will enabled by default in future.' + comment: 'New param' + + - name: remove_unused_resized_minimum_age_seconds + type: integer + default: 3600 + help: 'Unused resized base images younger than this will not be removed' + comment: 'New param' + + - name: remove_unused_original_minimum_age_seconds + type: integer + default: 86400 + help: 'Unused unresized base images younger than this will not be removed' + comment: 'New param' + + - name: checksum_base_images + type: boolean + default: false + help: 'Write a checksum for files in _base to disk' + comment: 'New param' + + - name: checksum_interval_seconds + type: integer + default: 3600 + help: 'How frequently to checksum base images' + comment: 'New param' + + - name: libvirt_snapshot_compression + type: boolean + default: false + help: 'Compress snapshot images when possible. This currently applies exclusively to qcow2 images' + comment: 'New param' + + - name: libvirt_ovs_bridge + type: string + default: 'br-int' + help: 'Name of Integration Bridge used by Open vSwitch' + comment: 'New param' + + - name: libvirt_use_virtio_for_bridges + type: boolean + default: true + help: 'Use virtio for bridge interfaces with KVM/QEMU' + comment: 'New param' + + - name: num_iscsi_scan_tries + type: integer + default: 3 + help: 'number of times to rescan iSCSI target to find volume' + comment: 'New param' + + - name: num_iser_scan_tries + type: integer + default: 3 + help: 'number of times to rescan iSER target to find volume' + comment: 'New param' + + - name: rbd_user + type: string + default: ~ + help: 'the RADOS client name for accessing rbd volumes' + comment: 'New param' + + - name: rbd_secret_uuid + type: string + default: ~ + help: 'the libvirt uuid of the secret for the rbd_uservolumes' + comment: 'New param' + + - name: nfs_mount_point_base + type: string + default: '$state_path/mnt' + help: 'Dir where the nfs volume is mounted on the compute node' + comment: 'New param' + + - name: nfs_mount_options + type: string + default: ~ + help: 'Mount options passed to the nfs client. See section of the nfs man page for details' + comment: 'New param' + + - name: num_aoe_discover_tries + type: integer + default: 3 + help: 'number of times to rediscover AoE target to find volume' + comment: 'New param' + + - name: glusterfs_mount_point_base + type: string + default: '$state_path/mnt' + help: 'Dir where the glusterfs volume is mounted on the compute node' + comment: 'New param' + + - name: libvirt_iscsi_use_multipath + type: boolean + default: false + help: 'use multipath connection of the iSCSI volume' + comment: 'New param' + + - name: libvirt_iser_use_multipath + type: boolean + default: false + help: 'use multipath connection of the iSER volume' + comment: 'New param' + + - name: scality_sofs_config + type: string + default: ~ + help: 'Path or URL to Scality SOFS configuration file' + comment: 'New param' + + - name: scality_sofs_mount_point + type: string + default: '$state_path/scality' + help: 'Base dir where Scality SOFS shall be mounted' + comment: 'New param' + + - name: qemu_allowed_storage_drivers + type: list + default: '' + help: 'Protocols listed here will be accessed directly from QEMU. Currently supported protocols: [gluster]' + comment: 'New param' + + - name: powervm_mgr_type + type: string + default: 'ivm' + help: 'PowerVM manager type' + comment: 'New param' + + - name: powervm_mgr + type: string + default: ~ + help: 'PowerVM manager host or ip' + comment: 'New param' + + - name: powervm_mgr_user + type: string + default: ~ + help: 'PowerVM manager user name' + comment: 'New param' + + - name: powervm_mgr_passwd + type: string + default: ~ + help: 'PowerVM manager user password' + comment: 'New param' + + - name: powervm_img_remote_path + type: string + default: '/home/padmin' + help: 'PowerVM image remote path where images will be moved. Make sure this path can fit your biggest image in glance' + comment: 'New param' + + - name: powervm_img_local_path + type: string + default: '/tmp' + help: 'Local directory to download glance images to. Make sure this path can fit your biggest image in glance' + comment: 'New param' + + - name: agent_timeout + type: integer + default: 30 + help: 'number of seconds to wait for agent reply' + comment: 'New param' + + - name: agent_version_timeout + type: integer + default: 300 + help: 'number of seconds to wait for agent to be fully operational' + comment: 'New param' + + - name: agent_resetnetwork_timeout + type: integer + default: 60 + help: 'number of seconds to wait for agent reply to resetnetwork request' + comment: 'New param' + + - name: xenapi_agent_path + type: string + default: 'usr/sbin/xe-update-networking' + help: 'Specifies the path in which the xenapi guest agent should be located. If the agent is present, network configuration is not injected into the image. Used if compute_driver=xenapi.XenAPIDriver and flat_injected=True' + comment: 'New param' + + - name: xenapi_disable_agent + type: boolean + default: false + help: 'Disables the use of the XenAPI agent in any image regardless of what image properties are present. ' + comment: 'New param' + + - name: xenapi_use_agent_default + type: boolean + default: false + help: "Determines if the xenapi agent should be used when the image used does not contain a hint to declare if the agent is present or not. The hint is a glance property 'xenapi_use_agent' that has the value 'true' or 'false'. Note that waiting for the agent when it is not present will significantly increase server boot times." + comment: 'New param' + + - name: xenapi_connection_url + type: string + default: ~ + help: 'URL for connection to XenServer/Xen Cloud Platform. A special value of unix://local can be used to connect to the local unix socket. Required if compute_driver=xenapi.XenAPIDriver' + comment: 'New param' + + - name: xenapi_connection_username + type: string + default: 'root' + help: 'Username for connection to XenServer/Xen Cloud Platform. Used only if compute_driver=xenapi.XenAPIDriver' + comment: 'New param' + + - name: xenapi_connection_password + type: string + default: ~ + help: 'Password for connection to XenServer/Xen Cloud Platform. Used only if compute_driver=xenapi.XenAPIDriver' + comment: 'New param' + + - name: xenapi_connection_concurrent + type: integer + default: 5 + help: 'Maximum number of concurrent XenAPI connections. Used only if compute_driver=xenapi.XenAPIDriver' + comment: 'New param' + + - name: xenapi_vhd_coalesce_poll_interval + type: float + default: 5.0 + help: 'The interval used for polling of coalescing vhds. Used only if compute_driver=xenapi.XenAPIDriver' + comment: 'New param' + + - name: xenapi_check_host + type: boolean + default: true + help: 'Ensure compute service is running on host XenAPI connects to.' + comment: 'New param' + + - name: xenapi_vhd_coalesce_max_attempts + type: integer + default: 5 + help: 'Max number of times to poll for VHD to coalesce. Used only if compute_driver=xenapi.XenAPIDriver' + comment: 'New param' + + - name: xenapi_sr_base_path + type: string + default: '/var/run/sr-mount' + help: 'Base path to the storage repository' + comment: 'New param' + + - name: target_host + type: string + default: ~ + help: 'iSCSI Target Host' + comment: 'New param' + + - name: target_port + type: string + default: '3260' + help: 'iSCSI Target Port, 3260 Default' + comment: 'New param' + + - name: iqn_prefix + type: string + default: 'iqn.2010-10.org.openstack' + help: 'IQN Prefix' + comment: 'New param' + + - name: xenapi_remap_vbd_dev + type: boolean + default: false + help: 'Used to enable the remapping of VBD dev' + comment: 'New param' + + - name: xenapi_remap_vbd_dev_prefix + type: string + default: 'sd' + help: 'Specify prefix to remap VBD dev to' + comment: 'New param' + + - name: xenapi_login_timeout + type: integer + default: 10 + help: 'Timeout in seconds for XenAPI login.' + comment: 'New param' + + - name: xenapi_torrent_base_url + type: string + default: ~ + help: 'Base URL for torrent files.' + comment: 'New param' + + - name: xenapi_torrent_seed_chance + type: float + default: true + help: 'Probability that peer will become a seeder.' + comment: 'New param' + + - name: xenapi_torrent_seed_duration + type: integer + default: 3600 + help: 'Number of seconds after downloading an image via BitTorrent that it should be seeded for other peers.' + comment: 'New param' + + - name: xenapi_torrent_max_last_accessed + type: integer + default: 86400 + help: 'Cached torrent files not accessed within this number of seconds can be reaped' + comment: 'New param' + + - name: xenapi_torrent_listen_port_start + type: integer + default: 6881 + help: 'Beginning of port range to listen on' + comment: 'New param' + + - name: xenapi_torrent_listen_port_end + type: integer + default: 6891 + help: 'End of port range to listen on' + comment: 'New param' + + - name: xenapi_torrent_download_stall_cutoff + type: integer + default: 600 + help: 'Number of seconds a download can remain at the same progress percentage w/o being considered a stall' + comment: 'New param' + + - name: xenapi_torrent_max_seeder_processes_per_host + type: integer + default: true + help: 'Maximum number of seeder processes to run concurrently within a given dom0.' + comment: 'New param' + + - name: use_join_force + type: boolean + default: true + help: 'To use for hosts with different CPUs' + comment: 'New param' + + - name: xenapi_ovs_integration_bridge + type: string + default: 'xapi1' + help: 'Name of Integration Bridge used by Open vSwitch' + comment: 'New param' + + - name: cache_images + type: string + default: 'all' + help: 'Cache glance images locally. `all` will cache all images, `some` will only cache images that have the image_property `cache_in_nova=True`, and `none` turns off caching entirely' + comment: 'New param' + + - name: xenapi_image_compression_level + type: integer + default: ~ + help: 'Compression level for images, e.g., 9 for gzip -9. Range is 1-9, 9 being most compressed but most CPU intensive on dom0.' + comment: 'New param' + + - name: default_os_type + type: string + default: 'linux' + help: 'Default OS type' + comment: 'New param' + + - name: block_device_creation_timeout + type: integer + default: 10 + help: 'Time to wait for a block device to be created' + comment: 'New param' + + - name: max_kernel_ramdisk_size + type: integer + default: 16777216 + help: 'Maximum size in bytes of kernel or ramdisk images' + comment: 'New param' + + - name: sr_matching_filter + type: string + default: 'default-sr:true' + help: 'Filter for finding the SR to be used to install guest instances on. To use the Local Storage in default XenServer/XCP installations set this flag to other-config :i18n-key=local-storage. To select an SR with a different matching criteria, you could set it to other- config:my_favorite_sr=true. On the other hand, to fall back on the Default SR, as displayed by XenCenter, set this flag to: default-sr:true' + comment: 'New param' + + - name: xenapi_sparse_copy + type: boolean + default: true + help: 'Whether to use sparse_copy for copying data on a resize down' + comment: 'New param' + + - name: xenapi_num_vbd_unplug_retries + type: integer + default: 10 + help: 'Maximum number of retries to unplug VBD' + comment: 'New param' + + - name: xenapi_torrent_images + type: string + default: 'none' + help: 'Whether or not to download images via Bit Torrent' + comment: 'New param' + + - name: xenapi_ipxe_network_name + type: string + default: ~ + help: 'Name of network to use for booting iPXE ISOs' + comment: 'New param' + + - name: xenapi_ipxe_boot_menu_url + type: string + default: ~ + help: 'URL to the iPXE boot menu' + comment: 'New param' + + - name: xenapi_ipxe_mkisofs_cmd + type: string + default: 'mkisofs' + help: 'Name and optionally path of the tool used for ISO image creation' + comment: 'New param' + + - name: xenapi_running_timeout + type: integer + default: 60 + help: 'number of seconds to wait for instance to go to running state' + comment: 'New param' + + - name: xenapi_vif_driver + type: string + default: 'nova.virt.xenapi.vif.XenAPIBridgeDriver' + help: 'The XenAPI VIF driver using XenServer Network APIs.' + comment: 'New param' + + - name: xenapi_image_upload_handler + type: string + default: 'nova.virt.xenapi.image.glance.GlanceStore' + help: 'Dom0 plugin driver used to handle image uploads.' + comment: 'New param' + + - name: novncproxy_base_url + type: string + default: 'http://127.0.0.1:6080/vnc_auto.html' + help: "location of vnc console proxy, in the form 'http://127.0.0.1:6080/vnc_auto.html'" + comment: 'New param' + + - name: xvpvncproxy_base_url + type: string + default: 'http://127.0.0.1:6081/console' + help: "location of nova xvp vnc console proxy, in the form 'http://127.0.0.1:6081/console'" + comment: 'New param' + + - name: vncserver_listen + type: string + default: '127.0.0.1' + help: 'IP address on which instance vncservers should listen' + comment: 'New param' + + - name: vncserver_proxyclient_address + type: string + default: '127.0.0.1' + help: 'the address to which proxy clients' + comment: 'New param' + + - name: vnc_enabled + type: boolean + default: true + help: 'enable vnc related features' + comment: 'New param' + + - name: vnc_keymap + type: string + default: 'en-us' + help: 'keymap for vnc' + comment: 'New param' + + - name: xvpvncproxy_port + type: integer + default: 6081 + help: 'Port that the XCP VNC proxy should bind to' + comment: 'New param' + + - name: xvpvncproxy_host + type: string + default: '0.0.0.0' + help: 'Address that the XCP VNC proxy should bind to' + comment: 'New param' + + - name: volume_api_class + type: string + default: 'nova.volume.cinder.API' + help: 'The full class name of the volume API class to use' + comment: 'New param' + + - name: cinder_catalog_info + type: string + default: 'volume:cinder:publicURL' + help: 'Info to match when looking for cinder in the service catalog. Format is : separated values of the form: ::' + comment: 'New param' + + - name: cinder_endpoint_template + type: string + default: ~ + help: 'Override service catalog lookup with template for cinder endpoint e.g. http://localhost:8776/v1/%(project_id)s' + comment: 'New param' + + - name: os_region_name + type: string + default: ~ + help: 'region name of this node' + comment: 'New param' + + - name: cinder_ca_certificates_file + type: string + default: ~ + help: 'Location of ca certicates file to use for cinder client requests.' + comment: 'New param' + + - name: cinder_http_retries + type: integer + default: 3 + help: 'Number of cinderclient retries on failed http calls' + comment: 'New param' + + - name: cinder_api_insecure + type: boolean + default: false + help: 'Allow to perform insecure SSL requests to cinder' + comment: 'New param' + + - name: cinder_cross_az_attach + type: boolean + default: true + help: 'Allow attach between instance and volume in different availability zones.' + comment: 'New param' + + - name: baremetal.sql_connection + type: string + default: 'sqlite:///$state_path/baremetal_$sqlite_db' + help: 'The SQLAlchemy connection string used to connect to the bare-metal database' + comment: 'New param' + + - name: hyperv.instances_path_share + type: string + default: '' + help: "The name of a Windows share name mapped to the 'instances_path' dir and used by the resize feature to copy files to the target host. If left blank, an administrative share will be used, looking for the same 'instances_path' used locally" + comment: 'New param' + + - name: hyperv.force_hyperv_utils_v1 + type: boolean + default: false + help: 'Force V1 WMI utility classes' + comment: 'New param' + + - name: hyperv.force_volumeutils_v1 + type: boolean + default: false + help: 'Force V1 volume utility class' + comment: 'New param' + + - name: hyperv.vswitch_name + type: string + default: ~ + help: 'External virtual switch Name, if not provided, the first external virtual switch is used' + comment: 'New param' + + - name: hyperv.limit_cpu_features + type: boolean + default: false + help: 'Required for live migration among hosts with different CPU features' + comment: 'New param' + + - name: hyperv.config_drive_inject_password + type: boolean + default: false + help: 'Sets the admin password in the config drive image' + comment: 'New param' + + - name: hyperv.qemu_img_cmd + type: string + default: 'qemu-img.exe' + help: 'qemu-img is used to convert between different image types' + comment: 'New param' + + - name: hyperv.config_drive_cdrom + type: boolean + default: false + help: 'Attaches the Config Drive image as a cdrom drive instead of a disk drive' + comment: 'New param' + + - name: hyperv.enable_instance_metrics_collection + type: boolean + default: false + help: "Enables metrics collections for an instance by using Hyper-V's metric APIs. Collected data can by retrieved by other apps and services, e.g.: Ceilometer. Requires Hyper-V / Windows Server 2012 and above" + comment: 'New param' + + - name: hyperv.dynamic_memory_ratio + type: float + default: true + help: 'Enables dynamic memory allocation' + comment: 'New param' + + - name: hyperv.volume_attach_retry_count + type: integer + default: 10 + help: 'The number of times to retry to attach a volume' + comment: 'New param' + + - name: hyperv.volume_attach_retry_interval + type: integer + default: 5 + help: 'Interval between volume attachment attempts, in seconds' + comment: 'New param' + + - name: zookeeper.address + type: string + default: ~ + help: 'The ZooKeeper addresses for servicegroup service in the format of host1:port,host2:port,host3:port' + comment: 'New param' + + - name: zookeeper.recv_timeout + type: integer + default: 4000 + help: 'recv_timeout parameter for the zk session' + comment: 'New param' + + - name: zookeeper.sg_prefix + type: string + default: '/servicegroups' + help: 'The prefix used in ZooKeeper to store ephemeral nodes' + comment: 'New param' + + - name: zookeeper.sg_retry_interval + type: integer + default: 5 + help: 'Number of seconds to wait until retrying to join the session' + comment: 'New param' + + - name: spice.enabled + type: boolean + default: false + help: 'enable spice related features' + comment: 'New param' + + - name: osapi_v3.extensions_blacklist + type: list + default: '' + help: 'A list of v3 API extensions to never load. Specify the extension aliases here.' + comment: 'New param' + + - name: osapi_v3.extensions_whitelist + type: list + default: '' + help: 'If the list is not empty then a v3 API extension will only be loaded if it exists in this list. Specify the extension aliases here.' + comment: 'New param' + + - name: conductor.use_local + type: boolean + default: false + help: 'Perform nova-conductor operations locally' + comment: 'New param' + + - name: cells.topic + type: string + default: 'cells' + help: 'the topic cells nodes listen on' + comment: 'New param' + + - name: cells.manager + type: string + default: 'nova.cells.manager.CellsManager' + help: 'Manager for cells' + comment: 'New param' + + - name: conductor.workers + type: integer + default: ~ + help: 'Number of workers for OpenStack Conductor service' + comment: 'New param' + + - name: keymgr.api_class + type: string + default: 'nova.keymgr.conf_key_mgr.ConfKeyManager' + help: 'The full class name of the key manager API class' + comment: 'New param' + + - name: keymgr.fixed_key + type: string + default: ~ + help: 'Fixed key returned by key manager, specified in hex' + comment: 'New param' + + - name: baremetal.driver + type: string + default: 'nova.virt.baremetal.pxe.PXE' + help: 'Baremetal driver back-end' + comment: 'New param' + + - name: cells.instance_updated_at_threshold + type: integer + default: 3600 + help: 'Number of seconds after an instance was updated or deleted to continue to update cells' + comment: 'New param' + + - name: cells.instance_update_num_instances + type: integer + default: true + help: 'Number of instances to update per periodic task run' + comment: 'New param' + + - name: cells.max_hop_count + type: integer + default: 10 + help: 'Maximum number of hops for cells routing.' + comment: 'New param' + + - name: upgrade_levels.scheduler + type: string + default: ~ + help: 'Set a version cap for messages sent to scheduler services' + comment: 'New param' + + - name: cells.enable + type: boolean + default: false + help: 'Enable cell functionality' + comment: 'New param' + + - name: cells.name + type: string + default: 'nova' + help: 'name of this cell' + comment: 'New param' + + - name: cells.capabilities + type: list + default: 'hypervisorxenserver;kvm,oslinux;windows' + help: 'Key/Multi-value list with the capabilities of the cell' + comment: 'New param' + + - name: cells.call_timeout + type: integer + default: 60 + help: 'Seconds to wait for response from a call to a cell.' + comment: 'New param' + + - name: cells.reserve_percent + type: float + default: 10.0 + help: 'Percentage of cell capacity to hold in reserve. Affects both memory and disk utilization' + comment: 'New param' + + - name: cells.cell_type + type: string + default: ~ + help: 'Type of cell: api or compute' + comment: 'New param' + + - name: cells.mute_child_interval + type: integer + default: 300 + help: 'Number of seconds after which a lack of capability and capacity updates signals the child cell is to be treated as a mute.' + comment: 'New param' + + - name: cells.bandwidth_update_interval + type: integer + default: 600 + help: 'Seconds between bandwidth updates for cells.' + comment: 'New param' + + - name: cells.rpc_driver_queue_base + type: string + default: 'cells.intercell' + help: 'Base queue name to use when communicating between cells. Various topics by message type will be appended to this.' + comment: 'New param' + + - name: cells.scheduler_filter_classes + type: list + default: 'nova.cells.filters.all_filters' + help: "Filter classes the cells scheduler should use. An entry of 'nova.cells.filters.all_filters' maps to all cells filters included with nova_2013_1_3." + comment: 'New param' + + - name: cells.scheduler_retries + type: integer + default: 10 + help: 'How many retries when no cells are available.' + comment: 'New param' + + - name: cells.scheduler_retry_delay + type: integer + default: 2 + help: 'How often to retry in seconds when no cells are available.' + comment: 'New param' + + - name: cells.db_check_interval + type: integer + default: 60 + help: 'Seconds between getting fresh cell info from db.' + comment: 'New param' + + - name: cells.cells_config + type: string + default: ~ + help: 'Configuration file from which to read cells configuration. If given, overrides reading cells from the database.' + comment: 'New param' + + - name: cells.mute_weight_multiplier + type: float + default: -10.0 + help: 'Multiplier used to weigh mute children. ' + comment: 'New param' + + - name: cells.mute_weight_value + type: float + default: 1000.0 + help: 'Weight value assigned to mute children. ' + comment: 'New param' + + - name: database.backend + type: string + default: 'sqlalchemy' + help: 'The backend to use for db' + comment: 'New param' + + - name: database.use_tpool + type: boolean + default: false + help: 'Enable the experimental use of thread pooling for all DB API calls' + comment: 'New param' + + - name: database.connection + type: string + default: 'sqlite:////nova/openstack/common/db/$sqlite_db' + help: 'The SQLAlchemy connection string used to connect to the database' + comment: 'New param' + + - name: database.slave_connection + type: string + default: '' + help: 'The SQLAlchemy connection string used to connect to the slave database' + comment: 'New param' + + - name: database.idle_timeout + type: integer + default: 3600 + help: 'timeout before idle sql connections are reaped' + comment: 'New param' + + - name: database.min_pool_size + type: integer + default: true + help: 'Minimum number of SQL connections to keep open in a pool' + comment: 'New param' + + - name: database.max_pool_size + type: integer + default: ~ + help: 'Maximum number of SQL connections to keep open in a pool' + comment: 'New param' + + - name: database.max_retries + type: integer + default: 10 + help: 'maximum db connection retries during startup.' + comment: 'New param' + + - name: database.retry_interval + type: integer + default: 10 + help: 'interval between retries of opening a sql connection' + comment: 'New param' + + - name: database.max_overflow + type: integer + default: ~ + help: 'If set, use this value for max_overflow with sqlalchemy' + comment: 'New param' + + - name: database.connection_debug + type: integer + default: false + help: 'Verbosity of SQL debugging information. 0=None, 100=Everything' + comment: 'New param' + + - name: database.connection_trace + type: boolean + default: false + help: 'Add python stack traces to SQL as comment strings' + comment: 'New param' + + - name: database.pool_timeout + type: integer + default: ~ + help: 'If set, use this value for pool_timeout with sqlalchemy' + comment: 'New param' + + - name: image_file_url.filesystems + type: list + default: '' + help: 'A list of filesystems that will be configured in this file under the sections image_file_url:' + comment: 'New param' + + - name: baremetal.db_backend + type: string + default: 'sqlalchemy' + help: 'The backend to use for bare-metal database' + comment: 'New param' + + - name: baremetal.inject_password + type: boolean + default: true + help: 'Whether baremetal compute injects password or not' + comment: 'New param' + + - name: baremetal.vif_driver + type: string + default: 'nova.virt.baremetal.vif_driver.BareMetalVIFDriver' + help: 'Baremetal VIF driver.' + comment: 'New param' + + - name: baremetal.volume_driver + type: string + default: 'nova.virt.baremetal.volume_driver.LibvirtVolumeDriver' + help: 'Baremetal volume driver.' + comment: 'New param' + + - name: baremetal.instance_type_extra_specs + type: list + default: '' + help: "a list of additional capabilities corresponding to instance_type_extra_specs for this compute host to advertise. Valid entries are name=value, pairsFor example, 'key1:val1, key2:val2'" + comment: 'New param' + + - name: baremetal.power_manager + type: string + default: 'nova.virt.baremetal.ipmi.IPMI' + help: 'Baremetal power management method' + comment: 'New param' + + - name: baremetal.tftp_root + type: string + default: '/tftpboot' + help: "Baremetal compute node's tftp root path" + comment: 'New param' + + - name: baremetal.terminal + type: string + default: 'shellinaboxd' + help: 'path to baremetal terminal program' + comment: 'New param' + + - name: baremetal.terminal_cert_dir + type: string + default: ~ + help: 'path to baremetal terminal SSL cert(PEM)' + comment: 'New param' + + - name: baremetal.terminal_pid_dir + type: string + default: '$state_path/baremetal/console' + help: 'path to directory stores pidfiles of baremetal_terminal' + comment: 'New param' + + - name: baremetal.ipmi_power_retry + type: integer + default: 5 + help: 'maximal number of retries for IPMI operations' + comment: 'New param' + + - name: baremetal.deploy_kernel + type: string + default: ~ + help: 'Default kernel image ID used in deployment phase' + comment: 'New param' + + - name: baremetal.deploy_ramdisk + type: string + default: ~ + help: 'Default ramdisk image ID used in deployment phase' + comment: 'New param' + + - name: baremetal.net_config_template + type: string + default: '$pybasedir/nova/virt/baremetal/net-dhcp.ubuntu.template' + help: 'Template file for injected network config' + comment: 'New param' + + - name: baremetal.pxe_append_params + type: string + default: ~ + help: 'additional append parameters for baremetal PXE boot' + comment: 'New param' + + - name: baremetal.pxe_config_template + type: string + default: '$pybasedir/nova/virt/baremetal/pxe_config.template' + help: 'Template file for PXE configuration' + comment: 'New param' + + - name: baremetal.pxe_deploy_timeout + type: integer + default: false + help: 'Timeout for PXE deployments. Default: 0' + comment: 'New param' + + - name: baremetal.pxe_network_config + type: boolean + default: false + help: 'If set, pass the network configuration details to the initramfs via cmdline.' + comment: 'New param' + + - name: baremetal.pxe_bootfile_name + type: string + default: 'pxelinux.0' + help: 'This gets passed to Neutron as the bootfile dhcp parameter when the dhcp_options_enabled is set.' + comment: 'New param' + + - name: baremetal.tile_pdu_ip + type: string + default: '10.0.100.1' + help: 'ip address of tilera pdu' + comment: 'New param' + + - name: baremetal.tile_pdu_mgr + type: string + default: '/tftpboot/pdu_mgr' + help: 'management script for tilera pdu' + comment: 'New param' + + - name: baremetal.tile_pdu_off + type: integer + default: 2 + help: 'power status of tilera PDU is OFF' + comment: 'New param' + + - name: baremetal.tile_pdu_on + type: integer + default: true + help: 'power status of tilera PDU is ON' + comment: 'New param' + + - name: baremetal.tile_pdu_status + type: integer + default: 9 + help: 'power status of tilera PDU' + comment: 'New param' + + - name: baremetal.tile_power_wait + type: integer + default: 9 + help: 'wait time in seconds until check the result after tilera power operations' + comment: 'New param' + + - name: baremetal.virtual_power_ssh_host + type: string + default: '' + help: 'ip or name to virtual power host' + comment: 'New param' + + - name: baremetal.virtual_power_ssh_port + type: integer + default: 22 + help: 'Port to use for ssh to virtual power host' + comment: 'New param' + + - name: baremetal.virtual_power_type + type: string + default: 'virsh' + help: 'base command to use for virtual power(vbox,virsh)' + comment: 'New param' + + - name: baremetal.virtual_power_host_user + type: string + default: '' + help: 'user to execute virtual power commands as' + comment: 'New param' + + - name: baremetal.virtual_power_host_pass + type: string + default: '' + help: 'password for virtual power host_user' + comment: 'New param' + + - name: baremetal.virtual_power_host_key + type: string + default: ~ + help: 'ssh key for virtual power host_user' + comment: 'New param' + + - name: baremetal.use_unsafe_iscsi + type: boolean + default: false + help: 'Do not set this out of dev/test environments. If a node does not have a fixed PXE IP address, volumes are exported with globally opened ACL' + comment: 'New param' + + - name: baremetal.iscsi_iqn_prefix + type: string + default: 'iqn.2010-10.org.openstack.baremetal' + help: 'iSCSI IQN prefix used in baremetal volume connections.' + comment: 'New param' + + - name: rpc_notifier2.topics + type: list + default: 'notifications' + help: 'AMQP topic(s) used for OpenStack notifications' + comment: 'New param' + + - name: matchmaker_redis.port + type: integer + default: 6379 + help: 'Use this port to connect to redis host.' + comment: 'New param' + + - name: matchmaker_redis.password + type: string + default: ~ + help: 'Password for Redis server.' + comment: 'New param' + + - name: ssl.cert_file + type: string + default: ~ + help: 'Certificate file to use when starting the server securely' + comment: 'New param' + + - name: trusted_computing.attestation_server + type: string + default: ~ + help: 'attestation server http' + comment: 'New param' + + - name: trusted_computing.attestation_server_ca_file + type: string + default: ~ + help: 'attestation server Cert file for Identity verification' + comment: 'New param' + + - name: trusted_computing.attestation_port + type: string + default: '8443' + help: 'attestation server port' + comment: 'New param' + + - name: trusted_computing.attestation_api_url + type: string + default: '/OpenAttestationWebServices/V1.0' + help: 'attestation web API URL' + comment: 'New param' + + - name: trusted_computing.attestation_auth_blob + type: string + default: ~ + help: 'attestation authorization blob - must change' + comment: 'New param' + + - name: trusted_computing.attestation_auth_timeout + type: integer + default: 60 + help: 'Attestation status cache valid period length' + comment: 'New param' + + - name: upgrade_levels.baseapi + type: string + default: ~ + help: 'Set a version cap for messages sent to the base api in any service' + comment: 'New param' + + - name: upgrade_levels.intercell + type: string + default: ~ + help: 'Set a version cap for messages sent between cells services' + comment: 'New param' + + - name: upgrade_levels.cells + type: string + default: ~ + help: 'Set a version cap for messages sent to local cells services' + comment: 'New param' + + - name: upgrade_levels.compute + type: string + default: ~ + help: 'Set a version cap for messages sent to compute services' + comment: 'New param' + + - name: upgrade_levels.conductor + type: string + default: ~ + help: 'Set a version cap for messages sent to conductor services' + comment: 'New param' + + - name: upgrade_levels.console + type: string + default: ~ + help: 'Set a version cap for messages sent to console services' + comment: 'New param' + + - name: upgrade_levels.consoleauth + type: string + default: ~ + help: 'Set a version cap for messages sent to consoleauth services' + comment: 'New param' + + - name: upgrade_levels.network + type: string + default: ~ + help: 'Set a version cap for messages sent to network services' + comment: 'New param' + + - name: matchmaker_ring.ringfile + type: string + default: '/etc/oslo/matchmaker_ring.json' + help: 'Matchmaker ring file' + comment: 'New param' + + - name: vmware.host_ip + type: string + default: ~ + help: 'URL for connection to VMware ESX/VC host. Required if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' + comment: 'New param' + + - name: vmware.host_username + type: string + default: ~ + help: 'Username for connection to VMware ESX/VC host. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' + comment: 'New param' + + - name: vmware.host_password + type: string + default: ~ + help: 'Password for connection to VMware ESX/VC host. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' + comment: 'New param' + + - name: vmware.cluster_name + type: multi + default: ~ + help: 'Name of a VMware Cluster ComputeResource. Used only if compute_driver is vmwareapi.VMwareVCDriver.' + comment: 'New param' + + - name: vmware.datastore_regex + type: string + default: ~ + help: 'Regex to match the name of a datastore. Used only if compute_driver is vmwareapi.VMwareVCDriver.' + comment: 'New param' + + - name: vmware.task_poll_interval + type: float + default: 5.0 + help: 'The interval used for polling of remote tasks. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' + comment: 'New param' + + - name: vmware.api_retry_count + type: integer + default: 10 + help: 'The number of times we retry on failures, e.g., socket error, etc. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' + comment: 'New param' + + - name: vmware.vnc_port + type: integer + default: 5900 + help: 'VNC starting port' + comment: 'New param' + + - name: vmware.vnc_port_total + type: integer + default: 10000 + help: 'Total number of VNC ports' + comment: 'New param' + + - name: vmware.vnc_password + type: string + default: ~ + help: 'VNC password' + comment: 'New param' + + - name: vmware.use_linked_clone + type: boolean + default: true + help: 'Whether to use linked clone' + comment: 'New param' + + - name: vmware.wsdl_location + type: string + default: ~ + help: 'Optional VIM Service WSDL Location e.g http:///vimService.wsdl. Optional over-ride to default location for bug work-arounds' + comment: 'New param' + + - name: vmware.maximum_objects + type: integer + default: 100 + help: 'The maximum number of ObjectContent data objects that should be returned in a single result. A positive value will cause the operation to suspend the retrieval when the count of objects reaches the specified maximum. The server may still limit the count to something less than the configured value. Any remaining objects may be retrieved with additional requests.' + comment: 'New param' + + - name: vmware.integration_bridge + type: string + default: 'br-int' + help: 'Name of Integration Bridge' + comment: 'New param' + + - name: spice.html5proxy_base_url + type: string + default: 'http://127.0.0.1:6082/spice_auto.html' + help: "location of spice html5 console proxy, in the form 'http://127.0.0.1:6082/spice_auto.html'" + comment: 'New param' + + - name: spice.server_listen + type: string + default: '127.0.0.1' + help: 'IP address on which instance spice server should listen' + comment: 'New param' + + - name: spice.server_proxyclient_address + type: string + default: '127.0.0.1' + help: 'the address to which proxy clients' + comment: 'New param' + + - name: spice.agent_enabled + type: boolean + default: true + help: 'enable spice guest agent support' + comment: 'New param' + + - name: 'filter:authtoken.keymap' + type: string + default: '127.0.0.1' + help: 'keymap for spice' + comment: 'New param' + +# ==================================================== + +- version: '2013.1.4' + added: + + - name: ca_file + type: string + default: 'cacert.pem' + help: 'Filename of root CA' + comment: 'New param' + + - name: key_file + type: string + default: 'private/cakey.pem' + help: 'Filename of private key' + comment: 'New param' + + - name: host + type: string + default: 'nova' + help: 'Name of this node. This can be an opaque identifier. It is not necessarily a hostname, FQDN, or IP address. However, the node name must be valid within an AMQP key, and if using ZeroMQ, a valid hostname, FQDN, or IP address' + comment: 'New param' + + - name: notify_on_any_change + type: boolean + default: false + help: 'If set, send compute.instance.update notifications on instance state changes. Valid values are False for no notifications, True for notifications on any instance changes.' + comment: 'New param' + + - name: notify_on_state_change + type: string + default: ~ + help: "If set, send compute.instance.update notifications on instance state changes. Valid values are None for no notifications, 'vm_state' for notifications on VM state changes, or 'vm_and_task_state' for notifications on VM and task state changes." + comment: 'Default value has changed' + + - name: bindir + type: string + default: '$pybasedir/bin' + help: 'Directory where nova binaries are installed' + comment: 'Default value has changed' + + - name: enabled_apis + type: list + default: ['ec2', 'osapi_compute', 'metadata'] + help: 'a list of APIs to enable by default' + comment: 'Default value has changed' + + - name: enabled_ssl_apis + type: list + default: [] + help: 'a list of APIs with enabled SSL' + comment: 'Default value has changed' + + - name: ec2_listen_port + type: port + default: 8773 + help: 'port for ec2 api to listen' + comment: 'Type has changed' + + - name: osapi_compute_listen_port + type: port + default: 8774 + help: 'list port for osapi compute' + comment: 'Type has changed' + + - name: metadata_listen_port + type: port + default: 8775 + help: 'port for metadata api to listen' + comment: 'Type has changed' + + - name: monkey_patch_modules + type: list + default: ['nova.api.ec2.cloud:nova.openstack.common.notifier.api.notify_decorator', 'nova.compute.api:nova.openstack.common.notifier.api.notify_decorator'] + help: 'List of modules/decorators to monkey patch' + comment: 'Default value has changed' + + - name: api_rate_limit + type: boolean + default: true + help: 'whether to rate limit the api' + comment: 'Default value has changed' + + - name: ec2_host + type: host + default: '$my_ip' + help: 'the ip of the ec2 api server' + comment: 'Type has changed' + + - name: ec2_dmz_host + type: host + default: '$my_ip' + help: 'the internal ip of the ec2 api server' + comment: 'Type has changed' + + - name: ec2_port + type: port + default: 8773 + help: 'the port of the ec2 api server' + comment: 'Type has changed' + + - name: region_list + type: list + default: [] + help: 'list of region=fqdn pairs separated by commas' + comment: 'Default value has changed' + + - name: service_quantum_metadata_proxy + type: boolean + default: false + help: 'Set flag to indicate Quantum will proxy metadata requests and resolve instance ids.' + comment: 'New param' + + - name: quantum_metadata_proxy_shared_secret + type: string + default: '' + help: 'Shared secret to validate proxies Quantum metadata requests' + comment: 'New param' + + - name: osapi_compute_ext_list + type: list + default: [] + help: 'Specify list of extensions to load when using osapi_compute_extension option with nova.api.openstack.compute.contrib.select_extensions' + comment: 'Default value has changed' + + - name: osapi_hide_server_address_states + type: list + default: ['building'] + help: 'List of instance states that should hide network info' + comment: 'Default value has changed' + + - name: enable_network_quota + type: boolean + default: false + help: 'Enables or disables quotaing of tenant networks' + comment: 'Help string has changed' + + - name: use_quantum_default_nets + type: boolean + default: false + help: 'Control for checking for default networks' + comment: 'New param' + + - name: quantum_default_tenant_id + type: string + default: 'default' + help: 'Default tenant id when creating quantum networks' + comment: 'New param' + + - name: vpn_instance_type + type: string + default: 'm1.tiny' + help: 'Instance type for vpn instances' + comment: 'New param' + + - name: dmz_net + type: network + default: '10.0.0.0' + help: 'Network to push into openvpn config' + comment: 'Type has changed' + + - name: dmz_mask + type: network_mask + default: '255.255.255.0' + help: 'Netmask to push into openvpn config' + comment: 'Type has changed' + + - name: non_inheritable_image_properties + type: list + default: ['cache_in_nova', 'bittorrent'] + help: 'These are image properties which a snapshot should not inherit from an instance' + comment: 'Default value has changed' + + - name: default_instance_type + type: string + default: 'm1.small' + help: 'default instance type to use, testing only' + comment: 'New param' + + - name: console_vmrc_port + type: port + default: 443 + help: 'port for VMware VMRC connections' + comment: 'Type has changed' + + - name: console_xvp_multiplex_port + type: port + default: 5900 + help: 'port for XVP to multiplex VNC connections on' + comment: 'Type has changed' + + - name: glance_port + type: port + default: 9292 + help: 'default glance port' + comment: 'Type has changed' + + - name: glance_api_servers + type: list + default: ['$glance_host:$glance_port'] + help: 'A list of the glance api servers available to nova. Prefix with https:// for ssl-based glance api servers.' + comment: 'Default value has changed' + + - name: allowed_direct_url_schemes + type: list + default: [] + help: 'A list of url scheme that can be downloaded directly via the direct_url. Currently supported schemes: [file].' + comment: 'Default value has changed' + + - name: s3_host + type: string + default: '$my_ip' + help: 'hostname or ip for openstack to use when accessing the s3 api' + comment: 'Help string has changed' + + - name: s3_port + type: port + default: 3333 + help: 'port used when accessing the s3 api' + comment: 'Type has changed' + + - name: ldap_dns_soa_refresh + type: integer + default: 1800 + help: 'Refresh interval' + comment: 'Type has changed' + + - name: ldap_dns_soa_retry + type: integer + default: 3600 + help: 'Retry interval' + comment: 'Type has changed' + + - name: ldap_dns_soa_expiry + type: integer + default: 86400 + help: 'Expiry interval' + comment: 'Type has changed' + + - name: ldap_dns_soa_minimum + type: integer + default: 7200 + help: 'Minimum interval' + comment: 'Type has changed' + + - name: dmz_cidr + type: list + default: [] + help: 'A list of dmz range that should be accepted' + comment: 'Default value has changed' + + - name: metadata_port + type: port + default: 8775 + help: 'the port for the metadata api port' + comment: 'Type has changed' + + - name: iptables_top_regex + type: string + default: '' + help: 'Regular expression to match iptables rule that shouldalways be on the top.' + comment: 'Help string has changed' + + - name: iptables_bottom_regex + type: string + default: '' + help: 'Regular expression to match iptables rule that shouldalways be on the bottom.' + comment: 'Help string has changed' + + - name: vlan_interface + type: string + default: ~ + help: 'vlans will bridge into this interface if set' + comment: 'New param' + + - name: fixed_range + type: string + default: '10.0.0.0/8' + help: 'Fixed IP address block' + comment: 'Default value has changed' + + - name: force_dhcp_release + type: boolean + default: false + help: 'If True, send a dhcp release on instance termination' + comment: 'Default value has changed' + + - name: share_dhcp_address + type: boolean + default: false + help: 'If True in multi_host mode, all compute hosts share the same dhcp address.' + comment: 'Help string has changed' + + - name: quantum_url + type: string + default: 'http://127.0.0.1:9696' + help: 'URL for connecting to quantum' + comment: 'New param' + + - name: quantum_url_timeout + type: integer + default: 30 + help: 'timeout value for connecting to quantum in seconds' + comment: 'New param' + + - name: quantum_admin_username + type: string + default: ~ + help: 'username for connecting to quantum in admin context' + comment: 'New param' + + - name: quantum_admin_password + type: string + default: ~ + help: 'password for connecting to quantum in admin context' + comment: 'New param' + + - name: quantum_admin_tenant_name + type: string + default: ~ + help: 'tenant name for connecting to quantum in admin context' + comment: 'New param' + + - name: quantum_region_name + type: string + default: ~ + help: 'region name for connecting to quantum in admin context' + comment: 'New param' + + - name: quantum_admin_auth_url + type: string + default: 'http://localhost:5000/v2.0' + help: 'auth url for connecting to quantum in admin context' + comment: 'New param' + + - name: quantum_api_insecure + type: boolean + default: false + help: 'if set, ignore any SSL validation issues' + comment: 'New param' + + - name: quantum_auth_strategy + type: string + default: 'keystone' + help: 'auth strategy for connecting to quantum in admin context' + comment: 'New param' + + - name: quantum_ovs_bridge + type: string + default: 'br-int' + help: 'Name of Integration Bridge used by Open vSwitch' + comment: 'New param' + + - name: quantum_extension_sync_interval + type: integer + default: 600 + help: 'Number of seconds before querying quantum for extensions' + comment: 'New param' + + - name: security_group_handler + type: string + default: 'nova.network.sg.NullSecurityGroupHandler' + help: 'The full class name of the security group handler class' + comment: 'New param' + + - name: queues + type: multi + default: '' + help: 'Queues to delete' + comment: 'New param' + + - name: delete_exchange + type: boolean + default: false + help: 'delete nova exchange too.' + comment: 'New param' + + - name: cert + type: string + default: 'self.pem' + help: 'SSL certificate file' + comment: 'New param' + + - name: web + type: string + default: '/usr/share/novnc' + help: 'Run webserver on same port. Serve files from DIR.' + comment: 'Default value has changed' + + - name: novncproxy_port + type: port + default: 6080 + help: 'Port on which to listen for incoming requests' + comment: 'Type has changed' + + - name: s3_listen_port + type: port + default: 3333 + help: 'port for s3 api to listen' + comment: 'Type has changed' + + - name: dbapi_use_tpool + type: boolean + default: false + help: 'Enable the experimental use of thread pooling for all DB API calls' + comment: 'New param' + + - name: sql_idle_timeout + type: integer + default: 3600 + help: 'timeout before idle sql connections are reaped' + comment: 'New param' + + - name: sqlite_synchronous + type: boolean + default: true + help: 'If passed, use synchronous mode for sqlite' + comment: 'Help string has changed' + + - name: sql_min_pool_size + type: integer + default: true + help: 'Minimum number of SQL connections to keep open in a pool' + comment: 'New param' + + - name: sql_max_pool_size + type: integer + default: 5 + help: 'Maximum number of SQL connections to keep open in a pool' + comment: 'New param' + + - name: sql_max_retries + type: integer + default: 10 + help: 'maximum db connection retries during startup.' + comment: 'New param' + + - name: sql_retry_interval + type: integer + default: 10 + help: 'interval between retries of opening a sql connection' + comment: 'New param' + + - name: sql_max_overflow + type: integer + default: ~ + help: 'If set, use this value for max_overflow with sqlalchemy' + comment: 'New param' + + - name: sql_connection_debug + type: integer + default: false + help: 'Verbosity of SQL debugging information. 0=None, 100=Everything' + comment: 'New param' + + - name: sql_connection_trace + type: boolean + default: false + help: 'Add python stack traces to SQL as comment strings' + comment: 'New param' + + - name: backdoor_port + type: port + default: ~ + help: 'port for eventlet backdoor to listen' + comment: 'Type has changed' + + - name: lock_path + type: string + default: ~ + help: 'Directory to use for lock files. Default to a temp directory' + comment: 'Help string has changed' + + - name: logfile_mode + type: string + default: 420 + help: 'Default file mode used when creating log files' + comment: 'New param' + + - name: logging_context_format_string + type: string + default: '%(asctime)s.%(msecs)03d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s' + help: 'format string to use for log messages with context' + comment: 'Default value has changed' + + - name: default_log_levels + type: list + default: ['amqplibWARN', 'sqlalchemyWARN', 'botoWARN', 'sudsINFO', 'keystoneINFO', 'eventlet.wsgi.serverWARN'] + help: 'list of logger=LEVEL pairs' + comment: 'Default value has changed' + + - name: log_format + type: string + default: '%(asctime)s %(levelname)8s [%(name)s] %(message)s' + help: 'A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes. Default: %(default)s' + comment: 'Default value has changed' + + - name: log_file + type: string + default: ~ + help: '(Optional) Name of log file to output to. If not set, logging will go to stdout.' + comment: 'Help string has changed' + + - name: log_dir + type: string + default: ~ + help: '(Optional) The directory to keep log files in' + comment: 'Help string has changed' + + - name: default_publisher_id + type: string + default: '$host' + help: 'Default publisher_id for outgoing notifications' + comment: 'Default value has changed' + + - name: notification_topics + type: list + default: ['notifications'] + help: 'AMQP topic used for openstack notifications' + comment: 'Default value has changed' + + - name: allowed_rpc_exception_modules + type: list + default: ['nova.openstack.common.exception', 'nova.exception', 'cinder.exception,exceptions'] + help: 'Modules of exceptions that are permitted to be recreatedupon receiving exception data from an rpc call.' + comment: 'Default value has changed' + + - name: amqp_rpc_single_reply_queue + type: boolean + default: false + help: 'Enable a fast single reply queue if using AMQP based RPC like RabbitMQ or Qpid.' + comment: 'New param' + + - name: rabbit_port + type: port + default: 5672 + help: 'The RabbitMQ broker port where a single node is used' + comment: 'Type has changed' + + - name: rabbit_hosts + type: list + default: ['$rabbit_host:$rabbit_port'] + help: 'RabbitMQ HA cluster host:port pairs' + comment: 'Default value has changed' + + - name: rabbit_durable_queues + type: boolean + default: false + help: 'use durable queues in RabbitMQ' + comment: 'New param' + + - name: qpid_port + type: port + default: 5672 + help: 'Qpid broker port' + comment: 'Type has changed' + + - name: qpid_hosts + type: list + default: ['$qpid_hostname:$qpid_port'] + help: 'Qpid HA cluster host:port pairs' + comment: 'Default value has changed' + + - name: rpc_zmq_port + type: port + default: 9501 + help: 'ZeroMQ receiver listening port' + comment: 'Type has changed' + + - name: rpc_zmq_host + type: string + default: 'sorcha' + help: "Name of this node. Must be a valid hostname, FQDN, or IP address. Must match 'host' option, if running Nova." + comment: 'Default value has changed' + + - name: matchmaker_ringfile + type: string + default: '/etc/nova/matchmaker_ring.json' + help: 'Matchmaker ring file' + comment: 'New param' + + - name: cpu_allocation_ratio + type: 'floating point' + default: '16.0' + help: 'Virtual CPU to Physical CPU allocation ratio' + comment: 'Type has changed' + + - name: disk_allocation_ratio + type: 'floating point' + default: '1.0' + help: 'virtual disk to physical disk allocation ratio' + comment: 'Type has changed' + + - name: isolated_images + type: list + default: [] + help: 'Images to run on isolated host' + comment: 'Default value has changed' + + - name: isolated_hosts + type: list + default: [] + help: 'Host reserved for specific images' + comment: 'Default value has changed' + + - name: ram_allocation_ratio + type: 'floating point' + default: '1.5' + help: 'virtual ram to physical ram allocation ratio' + comment: 'Type has changed' + + - name: scheduler_default_filters + type: list + default: ['RetryFilter', 'AvailabilityZoneFilter', 'RamFilter', 'ComputeFilter', 'ComputeCapabilitiesFilter', 'ImagePropertiesFilter'] + help: 'Which filter class names to use for filtering hosts when not specified in the request.' + comment: 'Default value has changed' + + - name: scheduler_weight_classes + type: list + default: ['nova.scheduler.weights.all_weighers'] + help: 'Which weight class names to use for weighing hosts' + comment: 'New param' + + - name: compute_scheduler_driver + type: string + default: 'nova.scheduler.filter_scheduler.FilterScheduler' + help: 'Driver to use for scheduling compute calls' + comment: 'New param' + + - name: default_scheduler_driver + type: string + default: 'nova.scheduler.chance.ChanceScheduler' + help: 'Default driver to use for scheduling calls' + comment: 'New param' + + - name: least_cost_functions + type: list + default: ~ + help: 'Which cost functions the LeastCostScheduler should use' + comment: 'New param' + + - name: noop_cost_fn_weight + type: 'floating point' + default: '1.0' + help: 'How much weight to give the noop cost function' + comment: 'New param' + + - name: compute_fill_first_cost_fn_weight + type: 'floating point' + default: ~ + help: 'How much weight to give the fill-first cost function. A negative value will reverse behavior: e.g. spread-first' + comment: 'New param' + + - name: ram_weight_multiplier + type: 'floating point' + default: '1.0' + help: 'Multiplier used for weighing ram. Negative numbers mean to stack vs spread.' + comment: 'New param' + + - name: compute_driver + type: string + default: ~ + help: 'Driver to use for controlling virtualization. Options include: libvirt.LibvirtDriver, xenapi.XenAPIDriver, fake.FakeDriver, baremetal.BareMetalDriver, vmwareapi.VMWareESXDriver' + comment: 'Help string has changed' + + - name: vswitch_name + type: string + default: ~ + help: 'External virtual switch Name, if not provided, the first external virtual switch is used' + comment: 'New param' + + - name: limit_cpu_features + type: boolean + default: false + help: 'Required for live migration among hosts with different CPU features' + comment: 'New param' + + - name: config_drive_inject_password + type: boolean + default: false + help: 'Sets the admin password in the config drive image' + comment: 'New param' + + - name: qemu_img_cmd + type: string + default: 'qemu-img.exe' + help: 'qemu-img is used to convert between different image types' + comment: 'New param' + + - name: config_drive_cdrom + type: boolean + default: false + help: 'Attaches the Config Drive image as a cdrom drive instead of a disk drive' + comment: 'New param' + + - name: hyperv_attaching_volume_retry_count + type: integer + default: 10 + help: 'The number of times we retry on attaching volume ' + comment: 'New param' + + - name: hyperv_wait_between_attach_retry + type: integer + default: 5 + help: 'The seconds to wait between an volume attachment attempt' + comment: 'New param' + + - name: force_volumeutils_v1 + type: boolean + default: false + help: 'Force volumeutils v1' + comment: 'New param' + + - name: libvirt_volume_drivers + type: list + default: ['iscsinova.virt.libvirt.volume.LibvirtISCSIVolumeDriver', 'localnova.virt.libvirt.volume.LibvirtVolumeDriver', 'fakenova.virt.libvirt.volume.LibvirtFakeVolumeDriver', 'rbdnova.virt.libvirt.volume.LibvirtNetVolumeDriver', 'sheepdognova.virt.libvirt.volume.LibvirtNetVolumeDriver', 'nfsnova.virt.libvirt.volume.LibvirtNFSVolumeDriver', 'aoenova.virt.libvirt.volume.LibvirtAOEVolumeDriver', 'glusterfsnova.virt.libvirt.volume.LibvirtGlusterfsVolumeDriver', 'fibre_channelnova.virt.libvirt.volume.LibvirtFibreChannelVolumeDriver', 'scalitynova.virt.libvirt.volume.LibvirtScalityVolumeDriver'] + help: 'Libvirt handlers for remote volumes.' + comment: 'Default value has changed' + + - name: disk_cachemodes + type: list + default: [] + help: "Specific cachemodes to use for different disk types e.g: ['file=directsync','block=none']" + comment: 'Default value has changed' + + - name: libvirt_images_type + type: string + default: 'default' + help: 'VM Images format. Acceptable values are: raw, qcow2, lvm, default. If default is specified, then use_cow_images flag is used instead of this one.' + comment: 'Help string has changed' + + - name: vmwareapi_host_ip + type: string + default: ~ + help: 'URL for connection to VMware ESX/VC host. Required if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' + comment: 'New param' + + - name: vmwareapi_host_username + type: string + default: ~ + help: 'Username for connection to VMware ESX/VC host. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' + comment: 'New param' + + - name: vmwareapi_host_password + type: string + default: ~ + help: 'Password for connection to VMware ESX/VC host. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' + comment: 'New param' + + - name: vmwareapi_cluster_name + type: string + default: ~ + help: 'Name of a VMware Cluster ComputeResource. Used only if compute_driver is vmwareapi.VMwareVCDriver.' + comment: 'New param' + + - name: vmwareapi_task_poll_interval + type: 'floating point' + default: '5.0' + help: 'The interval used for polling of remote tasks. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' + comment: 'New param' + + - name: vmwareapi_api_retry_count + type: integer + default: 10 + help: 'The number of times we retry on failures, e.g., socket error, etc. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver.' + comment: 'New param' + + - name: vnc_port + type: port + default: 5900 + help: 'VNC starting port' + comment: 'New param' + + - name: vnc_port_total + type: integer + default: 10000 + help: 'Total number of VNC ports' + comment: 'New param' + + - name: vnc_password + type: string + default: ~ + help: 'VNC password' + comment: 'New param' + + - name: use_linked_clone + type: boolean + default: true + help: 'Whether to use linked clone' + comment: 'New param' + + - name: vmwareapi_vlan_interface + type: string + default: 'vmnic0' + help: 'Physical ethernet adapter name for vlan networking' + comment: 'New param' + + - name: vmwareapi_wsdl_loc + type: string + default: ~ + help: 'Optional VIM Service WSDL Location e.g http:///vimService.wsdl' + comment: 'New param' + + - name: xenapi_disable_agent + type: boolean + default: false + help: 'Disable XenAPI agent. Reduces the amount of time it takes nova to detect that a VM has started, when that VM does not have the agent installed' + comment: 'Help string has changed' + + - name: xenapi_connection_url + type: string + default: ~ + help: 'URL for connection to XenServer/Xen Cloud Platform. Required if compute_driver=xenapi.XenAPIDriver' + comment: 'Help string has changed' + + - name: xenapi_vhd_coalesce_poll_interval + type: 'floating point' + default: '5.0' + help: 'The interval used for polling of coalescing vhds. Used only if compute_driver=xenapi.XenAPIDriver' + comment: 'Type has changed' + + - name: target_port + type: port + default: 3260 + help: 'iSCSI Target Port, 3260 Default' + comment: 'Type has changed' + + - name: sr_matching_filter + type: string + default: 'other-config:i18n-keylocal-storage' + help: 'Filter for finding the SR to be used to install guest instances on. The default value is the Local Storage in default XenServer/XCP installations. To select an SR with a different matching criteria, you could set it to other- config:my_favorite_sr=true. On the other hand, to fall back on the Default SR, as displayed by XenCenter, set this flag to: default-sr:true' + comment: 'Default value has changed' + + - name: xenapi_torrent_seed_chance + type: 'floating point' + default: '1.0' + help: 'Probability that peer will become a seeder.' + comment: 'Type has changed' + + - name: xenapi_torrent_listen_port_start + type: port + default: 6881 + help: 'Beginning of port range to listen on' + comment: 'Type has changed' + + - name: xenapi_torrent_listen_port_end + type: port + default: 6891 + help: 'End of port range to listen on' + comment: 'Type has changed' + + - name: xenapi_image_upload_handler + type: string + default: 'nova.virt.xenapi.imageupload.glance.GlanceStore' + help: 'Object Store Driver used to handle image uploads.' + comment: 'Default value has changed' + + - name: xvpvncproxy_port + type: port + default: 6081 + help: 'Port that the XCP VNC proxy should bind to' + comment: 'Type has changed' + + - name: xvpvncproxy_host + type: host + default: '0.0.0.0' + help: 'Address that the XCP VNC proxy should bind to' + comment: 'Type has changed' + + - name: HYPERV.instances_path_share + type: string + default: '' + help: "The name of a Windows share name mapped to the 'instances_path' dir and used by the resize feature to copy files to the target host. If left blank, an administrative share will be used, looking for the same 'instances_path' used locally" + comment: 'New param' + + - name: cells.scheduler + type: string + default: 'nova.cells.scheduler.CellsScheduler' + help: 'Cells scheduler to use' + comment: 'New param' + + - name: cells.capabilities + type: list + default: ['hypervisorxenserver;kvm', 'oslinux;windows'] + help: 'Key/Multi-value list with the capabilities of the cell' + comment: 'Default value has changed' + + - name: baremetal.instance_type_extra_specs + type: list + default: [] + help: "a list of additional capabilities corresponding to instance_type_extra_specs for this compute host to advertise. Valid entries are name=value, pairs For example, 'key1:val1, key2:val2'" + comment: 'Default value has changed' + + - name: baremetal.virtual_power_type + type: string + default: 'vbox' + help: 'base command to use for virtual power(vbox,virsh)' + comment: 'Default value has changed' + + - name: rpc_notifier2.topics + type: list + default: ['notifications'] + help: 'AMQP topic(s) used for openstack notifications' + comment: 'Default value has changed' + + - name: trusted_computing.attestation_port + type: port + default: 8443 + help: 'attestation server port' + comment: 'Type has changed' + + - name: spice.keymap + type: string + default: 'en-us' + help: 'keymap for spice' + comment: 'New param' + removed: + - ssl.ca_file + - ssl.key_file + - matchmaker_redis.host + - quota_fixed_ips + - vendordata_driver + - service_neutron_metadata_proxy + - neutron_metadata_proxy_shared_secret + - vendordata_jsonfile_path + - use_neutron_default_nets + - neutron_default_tenant_id + - vpn_flavor + - upgrade_levels.cert + - spicehtml5proxy_host + - spicehtml5proxy_port + - allow_migrate_to_same_host + - max_local_block_devices + - default_flavor + - network_allocate_retries + - maximum_instance_delete_attempts + - sync_power_state_interval + - shelved_poll_interval + - shelved_offload_time + - instance_delete_interval + - migrate_max_retries + - iptables_drop_action + - vmware.vlan_interface + - neutron_url + - neutron_url_timeout + - neutron_admin_username + - neutron_admin_password + - neutron_admin_tenant_name + - neutron_region_name + - neutron_admin_auth_url + - neutron_api_insecure + - neutron_auth_strategy + - neutron_ovs_bridge + - neutron_extension_sync_interval + - neutron_ca_certificates_file + - dhcp_options_enabled + - amqp_durable_queues + - amqp_auto_delete + - qpid_topology_version + - matchmaker_heartbeat_freq + - matchmaker_heartbeat_ttl + - pci_alias + - pci_passthrough_whitelist + - restrict_isolated_hosts_to_isolated_images + - cells.scheduler_weight_classes + - cells.ram_weight_multiplier + - resize_fs_using_block_device + - docker_registry_default_port + - vcpu_pin_set + - libvirt_images_rbd_pool + - libvirt_images_rbd_ceph_conf + - num_iser_scan_tries + - libvirt_iser_use_multipath + - qemu_allowed_storage_drivers + - xenapi_use_agent_default + - xenapi_image_compression_level + - xenapi_ipxe_network_name + - xenapi_ipxe_boot_menu_url + - xenapi_ipxe_mkisofs_cmd + - cinder_ca_certificates_file + - hyperv.instances_path_share + - hyperv.force_hyperv_utils_v1 + - hyperv.force_volumeutils_v1 + - hyperv.vswitch_name + - hyperv.limit_cpu_features + - hyperv.config_drive_inject_password + - hyperv.qemu_img_cmd + - hyperv.config_drive_cdrom + - hyperv.enable_instance_metrics_collection + - hyperv.dynamic_memory_ratio + - hyperv.volume_attach_retry_count + - hyperv.volume_attach_retry_interval + - osapi_v3.extensions_blacklist + - osapi_v3.extensions_whitelist + - conductor.workers + - keymgr.api_class + - keymgr.fixed_key + - upgrade_levels.scheduler + - cells.reserve_percent + - cells.cell_type + - cells.mute_child_interval + - cells.bandwidth_update_interval + - cells.scheduler_filter_classes + - cells.cells_config + - cells.mute_weight_multiplier + - cells.mute_weight_value + - database.backend + - database.use_tpool + - database.connection + - database.slave_connection + - database.idle_timeout + - database.min_pool_size + - database.max_pool_size + - database.max_retries + - database.retry_interval + - database.max_overflow + - database.connection_debug + - database.connection_trace + - database.pool_timeout + - image_file_url.filesystems + - baremetal.pxe_network_config + - baremetal.pxe_bootfile_name + - baremetal.tile_pdu_ip + - baremetal.tile_pdu_mgr + - baremetal.tile_pdu_off + - baremetal.tile_pdu_on + - baremetal.tile_pdu_status + - baremetal.tile_power_wait + - baremetal.virtual_power_ssh_port + - baremetal.virtual_power_host_key + - matchmaker_redis.port + - matchmaker_redis.password + - ssl.cert_file + - upgrade_levels.baseapi + - upgrade_levels.intercell + - upgrade_levels.cells + - upgrade_levels.compute + - upgrade_levels.conductor + - upgrade_levels.console + - upgrade_levels.consoleauth + - upgrade_levels.network + - matchmaker_ring.ringfile + - vmware.host_ip + - vmware.host_username + - vmware.host_password + - vmware.cluster_name + - vmware.datastore_regex + - vmware.task_poll_interval + - vmware.api_retry_count + - vmware.vnc_port + - vmware.vnc_port_total + - vmware.vnc_password + - vmware.use_linked_clone + - vmware.wsdl_location + - vmware.maximum_objects + - 'filter:authtoken.keymap' + +# ==================================================== + +- version: '2013.2.0' + checkpoint: true + added: + + - name: internal_service_availability_zone + type: string + default: 'internal' + help: 'availability_zone to show internal services under ' + comment: 'Help string has changed' + + - name: default_availability_zone + type: string + default: 'nova' + help: 'default compute node availability_zone ' + comment: 'Help string has changed' + + - name: crl_file + type: file + default: 'crl.pem' + help: 'Filename of root Certificate Revocation List ' + comment: 'Help string has changed' + + - name: keys_path + type: directory + default: '$state_path/keys' + help: 'Where we keep our keys ' + comment: 'Help string has changed' + + - name: ca_path + type: string + default: '$state_path/CA' + help: 'Where we keep our root CA ' + comment: 'Help string has changed' + + - name: use_project_ca + type: boolean + default: false + help: 'Should we use a CA for each project? ' + comment: 'Help string has changed' + + - name: user_cert_subject + type: string + default: '/C=US/ST=California/O=OpenStack/OU=NovaDev/CN=%.16s-%.16s-%s' + help: 'Subject for certificate for users, %s for project, user, timestamp ' + comment: 'Default value has changed' + + - name: project_cert_subject + type: string + default: '/C=US/ST=California/O=OpenStack/OU=NovaDev/CN=project-ca-%.16s-%s' + help: 'Subject for certificate for projects, %s for project, timestamp ' + comment: 'Default value has changed' + + - name: fatal_exception_format_errors + type: boolean + default: false + help: 'make exception message format errors fatal ' + comment: 'Help string has changed' + + - name: my_ip + type: string + default: '10.0.0.1' + help: 'ip address of this host ' + comment: 'Help string has changed' + + - name: use_ipv6 + type: boolean + default: false + help: 'use ipv6 ' + comment: 'Help string has changed' + + - name: notify_on_state_change + type: string + default: ~ + help: "If set, send compute.instance.update notifications on instance state changes. Valid values are None for no notifications, 'vm_state' for notifications on VM state changes, or 'vm_and_task_state' for notifications on VM and task state changes. " + comment: 'Help string has changed' + + - name: notify_api_faults + type: boolean + default: false + help: 'If set, send api.fault notifications on caught exceptions in the API service. ' + comment: 'Help string has changed' + + - name: pybasedir + type: string + default: '/usr/lib/python/site-packages' + help: 'Directory where the nova python module is installed ' + comment: 'Help string has changed' + + - name: bindir + type: string + default: '/usr/local/bin' + help: 'Directory where nova binaries are installed ' + comment: 'Default value has changed' + + - name: state_path + type: string + default: '$pybasedir' + help: "Top-level directory for maintaining nova's state " + comment: 'Help string has changed' + + - name: policy_file + type: string + default: 'policy.json' + help: 'JSON file representing policy ' + comment: 'Help string has changed' + + - name: policy_default_rule + type: string + default: 'default' + help: 'Rule checked when requested rule is not found ' + comment: 'Help string has changed' + + - name: quota_instances + type: integer + default: 10 + help: 'number of instances allowed per project ' + comment: 'Help string has changed' + + - name: quota_cores + type: integer + default: 20 + help: 'number of instance cores allowed per project ' + comment: 'Help string has changed' + + - name: quota_ram + type: integer + default: 51200 + help: 'megabytes of instance ram allowed per project ' + comment: 'Help string has changed' + + - name: quota_floating_ips + type: integer + default: 10 + help: 'number of floating ips allowed per project ' + comment: 'Help string has changed' + + - name: quota_metadata_items + type: integer + default: 128 + help: 'number of metadata items allowed per instance ' + comment: 'Help string has changed' + + - name: quota_injected_files + type: integer + default: 5 + help: 'number of injected files allowed ' + comment: 'Help string has changed' + + - name: quota_injected_file_content_bytes + type: integer + default: 10240 + help: 'number of bytes allowed per injected file ' + comment: 'Help string has changed' + + - name: quota_injected_file_path_bytes + type: integer + default: 255 + help: 'number of bytes allowed per injected file path ' + comment: 'Help string has changed' + + - name: quota_security_groups + type: integer + default: 10 + help: 'number of security groups per project ' + comment: 'Help string has changed' + + - name: quota_security_group_rules + type: integer + default: 20 + help: 'number of security rules per security group ' + comment: 'Help string has changed' + + - name: quota_key_pairs + type: integer + default: 100 + help: 'number of key pairs per user ' + comment: 'Help string has changed' + + - name: reservation_expire + type: integer + default: 86400 + help: 'number of seconds until a reservation expires ' + comment: 'Help string has changed' + + - name: until_refresh + type: integer + default: false + help: 'count of reservations until usage is refreshed ' + comment: 'Help string has changed' + + - name: max_age + type: integer + default: false + help: 'number of seconds between subsequent usage refreshes ' + comment: 'Help string has changed' + + - name: quota_driver + type: string + default: 'nova.quota.DbQuotaDriver' + help: 'default driver to use for quota checks ' + comment: 'Help string has changed' + + - name: report_interval + type: integer + default: 10 + help: 'seconds between nodes reporting state to datastore ' + comment: 'Help string has changed' + + - name: periodic_enable + type: boolean + default: true + help: 'enable periodic tasks ' + comment: 'Help string has changed' + + - name: periodic_fuzzy_delay + type: integer + default: 60 + help: 'range of seconds to randomly delay when starting the periodic task scheduler to reduce stampeding. (Disable by setting to 0) ' + comment: 'Help string has changed' + + - name: enabled_apis + type: string_list + default: ['ec2', 'osapi_compute', 'metadata'] + help: 'a list of APIs to enable by default ' + comment: 'Type has changed' + + - name: enabled_ssl_apis + type: string_list + default: [] + help: 'a list of APIs with enabled SSL ' + comment: 'Type has changed' + + - name: ec2_listen + type: host + default: '0.0.0.0' + help: 'IP address for EC2 API to listen ' + comment: 'Type has changed' + + - name: ec2_listen_port + type: port + default: 8773 + help: 'port for ec2 api to listen ' + comment: 'Help string has changed' + + - name: ec2_workers + type: integer + default: ~ + help: 'Number of workers for EC2 API service ' + comment: 'Help string has changed' + + - name: osapi_compute_listen + type: host + default: '0.0.0.0' + help: 'IP address for OpenStack API to listen ' + comment: 'Type has changed' + + - name: osapi_compute_listen_port + type: port + default: 8774 + help: 'list port for osapi compute ' + comment: 'Help string has changed' + + - name: osapi_compute_workers + type: integer + default: ~ + help: 'Number of workers for OpenStack API service ' + comment: 'Help string has changed' + + - name: metadata_manager + type: string + default: 'nova.api.manager.MetadataManager' + help: 'OpenStack metadata service manager ' + comment: 'Help string has changed' + + - name: metadata_listen + type: host + default: '0.0.0.0' + help: 'IP address for metadata api to listen ' + comment: 'Type has changed' + + - name: metadata_listen_port + type: port + default: 8775 + help: 'port for metadata api to listen ' + comment: 'Help string has changed' + + - name: metadata_workers + type: integer + default: ~ + help: 'Number of workers for metadata service ' + comment: 'Help string has changed' + + - name: compute_manager + type: string + default: 'nova.compute.manager.ComputeManager' + help: 'full class name for the Manager for compute ' + comment: 'Help string has changed' + + - name: console_manager + type: string + default: 'nova.console.manager.ConsoleProxyManager' + help: 'full class name for the Manager for console proxy ' + comment: 'Help string has changed' + + - name: cert_manager + type: string + default: 'nova.cert.manager.CertManager' + help: 'full class name for the Manager for cert ' + comment: 'Help string has changed' + + - name: network_manager + type: string + default: 'nova.network.manager.VlanManager' + help: 'full class name for the Manager for network ' + comment: 'Help string has changed' + + - name: scheduler_manager + type: string + default: 'nova.scheduler.manager.SchedulerManager' + help: 'full class name for the Manager for scheduler ' + comment: 'Help string has changed' + + - name: service_down_time + type: integer + default: 60 + help: 'maximum time since last check-in for up service ' + comment: 'Help string has changed' + + - name: sqlite_clean_db + type: string + default: 'clean.sqlite' + help: 'File name of clean sqlite db ' + comment: 'Help string has changed' + + - name: monkey_patch + type: boolean + default: false + help: 'Whether to log monkey patching ' + comment: 'Help string has changed' + + - name: monkey_patch_modules + type: string_list + default: ['nova.api.ec2.cloud:nova.notifications.notify_decorator', 'nova.compute.api:nova.notifications.notify_decorator'] + help: 'List of modules/decorators to monkey patch ' + comment: 'Type has changed' + + - name: password_length + type: integer + default: 12 + help: 'Length of generated instance admin passwords ' + comment: 'Help string has changed' + + - name: instance_usage_audit_period + type: string + default: 'month' + help: 'time period to generate instance usages for. Time period must be hour, day, month or year ' + comment: 'Help string has changed' + + - name: rootwrap_config + type: string + default: '/etc/nova/rootwrap.conf' + help: 'Path to the rootwrap configuration file to use for running commands as root ' + comment: 'Help string has changed' + + - name: tempdir + type: string + default: ~ + help: 'Explicitly specify the temporary working directory ' + comment: 'Help string has changed' + + - name: api_paste_config + type: string + default: 'api-paste.ini' + help: 'File name for the paste.deploy config for nova-api ' + comment: 'Help string has changed' + + - name: wsgi_log_format + type: string + default: '%(client_ip)s "%(request_line)s" status: %(status_code)s len: %(body_length)s time: %(wall_seconds).7f' + help: 'A python format string that is used as the template to generate log lines. The following values can be formatted into it: client_ip, date_time, request_line, status_code, body_length, wall_seconds. ' + comment: 'Help string has changed' + + - name: ssl_ca_file + type: string + default: ~ + help: 'CA certificate file to use to verify connecting clients ' + comment: 'Help string has changed' + + - name: ssl_cert_file + type: string + default: ~ + help: 'SSL certificate of API server ' + comment: 'Help string has changed' + + - name: ssl_key_file + type: string + default: ~ + help: 'SSL private key of API server ' + comment: 'Help string has changed' + + - name: tcp_keepidle + type: integer + default: 600 + help: 'Sets the value of TCP_KEEPIDLE in seconds for each server socket. Not supported on OS X. ' + comment: 'Help string has changed' + + - name: api_rate_limit + type: boolean + default: false + help: 'whether to use per-user rate limiting for the api. ' + comment: 'Default value has changed' + + - name: auth_strategy + type: string + default: 'noauth' + help: 'The strategy to use for auth: noauth or keystone. ' + comment: 'Help string has changed' + + - name: use_forwarded_for + type: boolean + default: false + help: 'Treat X-Forwarded-For as the canonical remote address. Only enable this if you have a sanitizing proxy. ' + comment: 'Help string has changed' + + - name: lockout_attempts + type: integer + default: 5 + help: 'Number of failed auths before lockout. ' + comment: 'Help string has changed' + + - name: lockout_minutes + type: integer + default: 15 + help: 'Number of minutes to lockout if triggered. ' + comment: 'Help string has changed' + + - name: lockout_window + type: integer + default: 15 + help: 'Number of minutes for lockout window. ' + comment: 'Help string has changed' + + - name: keystone_ec2_url + type: string + default: 'http://localhost:5000/v2.0/ec2tokens' + help: 'URL to get token from ec2 request. ' + comment: 'Help string has changed' + + - name: ec2_private_dns_show_ip + type: boolean + default: false + help: 'Return the IP address as private dns hostname in describe instances ' + comment: 'Help string has changed' + + - name: ec2_strict_validation + type: boolean + default: true + help: 'Validate security group names according to EC2 specification ' + comment: 'Help string has changed' + + - name: ec2_timestamp_expiry + type: integer + default: 300 + help: 'Time in seconds before ec2 timestamp expires ' + comment: 'Help string has changed' + + - name: ec2_host + type: host + default: '$my_ip' + help: 'the ip of the ec2 api server ' + comment: 'Help string has changed' + + - name: ec2_dmz_host + type: host + default: '$my_ip' + help: 'the internal ip of the ec2 api server ' + comment: 'Help string has changed' + + - name: ec2_port + type: port + default: 8773 + help: 'the port of the ec2 api server ' + comment: 'Help string has changed' + + - name: ec2_scheme + type: string + default: 'http' + help: 'the protocol to use when connecting to the ec2 api server (http, https) ' + comment: 'Help string has changed' + + - name: ec2_path + type: string + default: '/services/Cloud' + help: 'the path prefix used to call the ec2 api server ' + comment: 'Help string has changed' + + - name: region_list + type: string_list + default: [] + help: 'list of region=fqdn pairs separated by commas ' + comment: 'Type has changed' + + - name: config_drive_skip_versions + type: string + default: '1.0 2007-01-19 2007-03-01 2007-08-29 2007-10-10 2007-12-15 2008-02-01 2008-09-01' + help: 'List of metadata versions to skip placing into the config drive ' + comment: 'Help string has changed' + + - name: osapi_max_limit + type: integer + default: 1000 + help: 'the maximum number of items returned in a single response from a collection resource ' + comment: 'Help string has changed' + + - name: osapi_compute_link_prefix + type: string + default: ~ + help: 'Base URL that will be presented to users in links to the OpenStack Compute API ' + comment: 'Help string has changed' + + - name: osapi_glance_link_prefix + type: string + default: ~ + help: 'Base URL that will be presented to users in links to glance resources ' + comment: 'Help string has changed' + + - name: allow_instance_snapshots + type: boolean + default: true + help: 'Permit instance snapshot operations. ' + comment: 'Help string has changed' + + - name: osapi_compute_ext_list + type: string_list + default: [] + help: 'Specify list of extensions to load when using osapi_compute_extension option with nova.api.openstack.compute.contrib.select_extensions ' + comment: 'Type has changed' + + - name: fping_path + type: string + default: '/usr/sbin/fping' + help: 'Full path to fping. ' + comment: 'Help string has changed' + + - name: enable_network_quota + type: boolean + default: false + help: 'Enables or disables quota checking for tenant networks ' + comment: 'Help string has changed' + + - name: osapi_compute_extension + type: string + default: 'nova.api.openstack.compute.contrib.standard_extensions' + help: 'osapi compute extension to load (multi valued)' + comment: 'Type has changed' + + - name: osapi_hide_server_address_states + type: string_list + default: ['building'] + help: 'List of instance states that should hide network info ' + comment: 'Type has changed' + + - name: enable_instance_password + type: boolean + default: true + help: 'Allows use of instance password during server creation ' + comment: 'Help string has changed' + + - name: osapi_max_request_body_size + type: integer + default: 114688 + help: 'the maximum body size per each osapi request(bytes) ' + comment: 'Help string has changed' + + - name: compute_api_class + type: string + default: 'nova.compute.api.API' + help: 'The full class name of the compute API class to use (deprecated) ' + comment: 'Help string has changed' + + - name: cert_topic + type: string + default: 'cert' + help: 'the topic cert nodes listen on ' + comment: 'Help string has changed' + + - name: vpn_image_id + type: string + default: '0' + help: 'image id used when starting up a cloudpipe vpn server ' + comment: 'Help string has changed' + + - name: boot_script_template + type: string + default: '$pybasedir/nova/cloudpipe/bootscript.template' + help: 'Template for cloudpipe instance boot script ' + comment: 'Help string has changed' + + - name: dmz_net + type: network + default: '10.0.0.0' + help: 'Network to push into openvpn config ' + comment: 'Help string has changed' + + - name: dmz_mask + type: network_mask + default: '255.255.255.0' + help: 'Netmask to push into openvpn config ' + comment: 'Help string has changed' + + - name: vpn_key_suffix + type: string + default: '-vpn' + help: 'Suffix to add to project name for vpn key and secgroups ' + comment: 'Help string has changed' + + - name: record + type: boolean + default: false + help: 'Record sessions to FILE.[session_number] ' + comment: 'Help string has changed' + + - name: daemon + type: boolean + default: false + help: 'Become a daemon (background process) ' + comment: 'Help string has changed' + + - name: ssl_only + type: boolean + default: false + help: 'Disallow non-encrypted connections ' + comment: 'Help string has changed' + + - name: source_is_ipv6 + type: boolean + default: false + help: 'Source is ipv6 ' + comment: 'Help string has changed' + + - name: key + type: string + default: ~ + help: 'SSL key file (if separate from cert) ' + comment: 'Help string has changed' + + - name: web + type: string + default: '/usr/share/spice-html5' + help: 'Run webserver on same port. Serve files from DIR. ' + comment: 'Default value has changed' + + - name: novncproxy_host + type: host + default: '0.0.0.0' + help: 'Host on which to listen for incoming requests ' + comment: 'Type has changed' + + - name: novncproxy_port + type: port + default: 6080 + help: 'Port on which to listen for incoming requests ' + comment: 'Help string has changed' + + - name: allow_resize_to_same_host + type: boolean + default: false + help: 'Allow destination machine to match source for resize. Useful when testing in single-host environments. ' + comment: 'Help string has changed' + + - name: default_schedule_zone + type: string + default: ~ + help: "availability zone to use when user doesn't specify one " + comment: 'Help string has changed' + + - name: non_inheritable_image_properties + type: string_list + default: ['cache_in_nova', 'bittorrent'] + help: 'These are image properties which a snapshot should not inherit from an instance ' + comment: 'Type has changed' + + - name: null_kernel + type: string + default: 'nokernel' + help: 'kernel image that indicates not to use a kernel, but to use a raw disk image instead ' + comment: 'Help string has changed' + + - name: multi_instance_display_name_template + type: string + default: '%(name)s-%(uuid)s' + help: "When creating multiple instances with a single request using the os-multiple-create API extension, this template will be used to build the display name for each instance. The benefit is that the instances end up with different hostnames. To restore legacy behavior of every instance having the same name, set this option to '%(name)s'. Valid keys for the template are: name, uuid, count. " + comment: 'Help string has changed' + + - name: console_host + type: string + default: 'nova' + help: 'Console proxy host to use to connect to instances on this host. ' + comment: 'Help string has changed' + + - name: default_access_ip_network_name + type: string + default: ~ + help: 'Name of network to use to set access ips for instances ' + comment: 'Help string has changed' + + - name: defer_iptables_apply + type: boolean + default: false + help: 'Whether to batch up the application of IPTables rules during a host restart and apply all at the end of the init phase ' + comment: 'Help string has changed' + + - name: instances_path + type: string + default: '$state_path/instances' + help: 'where instances are stored on disk ' + comment: 'Help string has changed' + + - name: instance_usage_audit + type: boolean + default: false + help: 'Generate periodic compute.instance.exists notifications ' + comment: 'Help string has changed' + + - name: live_migration_retry_count + type: integer + default: 30 + help: 'Number of 1 second retries needed in live_migration ' + comment: 'Help string has changed' + + - name: resume_guests_state_on_host_boot + type: boolean + default: false + help: 'Whether to start guests that were running before the host rebooted ' + comment: 'Help string has changed' + + - name: bandwidth_poll_interval + type: integer + default: 600 + help: 'interval to pull bandwidth usage info ' + comment: 'Help string has changed' + + - name: heal_instance_info_cache_interval + type: integer + default: 60 + help: 'Number of seconds between instance info_cache self healing updates ' + comment: 'Help string has changed' + + - name: host_state_interval + type: integer + default: 120 + help: 'Interval in seconds for querying the host status ' + comment: 'Help string has changed' + + - name: image_cache_manager_interval + type: integer + default: 2400 + help: 'Number of seconds to wait between runs of the image cache manager ' + comment: 'Help string has changed' + + - name: reclaim_instance_interval + type: integer + default: false + help: 'Interval in seconds for reclaiming deleted instances ' + comment: 'Help string has changed' + + - name: volume_usage_poll_interval + type: integer + default: false + help: 'Interval in seconds for gathering volume usages ' + comment: 'Help string has changed' + + - name: running_deleted_instance_action + type: string + default: 'log' + help: "Action to take if a running deleted instance is detected.Valid options are 'noop', 'log' and 'reap'. Set to 'noop' to disable. " + comment: 'Help string has changed' + + - name: running_deleted_instance_poll_interval + type: integer + default: 1800 + help: 'Number of seconds to wait between runs of the cleanup task. ' + comment: 'Help string has changed' + + - name: running_deleted_instance_timeout + type: integer + default: false + help: 'Number of seconds after being deleted when a running instance should be considered eligible for cleanup. ' + comment: 'Help string has changed' + + - name: reboot_timeout + type: integer + default: false + help: 'Automatically hard reboot an instance if it has been stuck in a rebooting state longer than N seconds. Set to 0 to disable. ' + comment: 'Help string has changed' + + - name: instance_build_timeout + type: integer + default: false + help: 'Amount of time in seconds an instance can be in BUILD before going into ERROR status.Set to 0 to disable. ' + comment: 'Help string has changed' + + - name: rescue_timeout + type: integer + default: false + help: 'Automatically unrescue an instance after N seconds. Set to 0 to disable. ' + comment: 'Help string has changed' + + - name: resize_confirm_window + type: integer + default: false + help: 'Automatically confirm resizes after N seconds. Set to 0 to disable. ' + comment: 'Help string has changed' + + - name: reserved_host_disk_mb + type: integer + default: false + help: 'Amount of disk in MB to reserve for the host ' + comment: 'Help string has changed' + + - name: reserved_host_memory_mb + type: integer + default: 512 + help: 'Amount of memory in MB to reserve for the host ' + comment: 'Help string has changed' + + - name: compute_stats_class + type: string + default: 'nova.compute.stats.Stats' + help: 'Class that will manage stats for the local compute host ' + comment: 'Help string has changed' + + - name: compute_topic + type: string + default: 'compute' + help: 'the topic compute nodes listen on ' + comment: 'Help string has changed' + + - name: console_driver + type: string + default: 'nova.console.xvp.XVPConsoleProxy' + help: 'Driver to use for the console proxy ' + comment: 'Help string has changed' + + - name: stub_compute + type: boolean + default: false + help: 'Stub calls to compute worker for tests ' + comment: 'Help string has changed' + + - name: console_public_hostname + type: string + default: 'nova' + help: 'Publicly visible name for this console host ' + comment: 'Help string has changed' + + - name: console_topic + type: string + default: 'console' + help: 'the topic console proxy nodes listen on ' + comment: 'Help string has changed' + + - name: console_vmrc_port + type: port + default: 443 + help: 'port for VMware VMRC connections ' + comment: 'Help string has changed' + + - name: console_vmrc_error_retries + type: integer + default: 10 + help: 'number of retries for retrieving VMRC information ' + comment: 'Help string has changed' + + - name: console_xvp_conf_template + type: string + default: '$pybasedir/nova/console/xvp.conf.template' + help: 'XVP conf template ' + comment: 'Help string has changed' + + - name: console_xvp_conf + type: string + default: '/etc/xvp.conf' + help: 'generated XVP conf file ' + comment: 'Help string has changed' + + - name: console_xvp_pid + type: string + default: '/var/run/xvp.pid' + help: 'XVP master process pid file ' + comment: 'Help string has changed' + + - name: console_xvp_log + type: string + default: '/var/log/xvp.log' + help: 'XVP log file ' + comment: 'Help string has changed' + + - name: console_xvp_multiplex_port + type: port + default: 5900 + help: 'port for XVP to multiplex VNC connections on ' + comment: 'Help string has changed' + + - name: consoleauth_topic + type: string + default: 'consoleauth' + help: 'the topic console auth proxy nodes listen on ' + comment: 'Help string has changed' + + - name: console_token_ttl + type: integer + default: 600 + help: 'How many seconds before deleting tokens ' + comment: 'Help string has changed' + + - name: consoleauth_manager + type: string + default: 'nova.consoleauth.manager.ConsoleAuthManager' + help: 'Manager for console auth ' + comment: 'Help string has changed' + + - name: enable_new_services + type: boolean + default: true + help: 'Services to be added to the available pool on create ' + comment: 'Help string has changed' + + - name: instance_name_template + type: string + default: 'instance-%08x' + help: 'Template string to be used to generate instance names ' + comment: 'Help string has changed' + + - name: snapshot_name_template + type: string + default: 'snapshot-%s' + help: 'Template string to be used to generate snapshot names ' + comment: 'Help string has changed' + + - name: db_driver + type: string + default: 'nova.db' + help: 'driver to use for database access ' + comment: 'Help string has changed' + + - name: osapi_compute_unique_server_name_scope + type: string + default: '' + help: "When set, compute API will consider duplicate hostnames invalid within the specified scope, regardless of case. Should be empty, 'project' or 'global'. " + comment: 'Help string has changed' + + - name: glance_host + type: string + default: '$my_ip' + help: 'default glance hostname or ip ' + comment: 'Help string has changed' + + - name: glance_port + type: port + default: 9292 + help: 'default glance port ' + comment: 'Help string has changed' + + - name: glance_protocol + type: string + default: 'http' + help: 'Default protocol to use when connecting to glance. Set to https for SSL. ' + comment: 'Help string has changed' + + - name: glance_api_servers + type: string_list + default: ['$glance_host:$glance_port'] + help: 'A list of the glance api servers available to nova. Prefix with https:// for ssl-based glance api servers. ([hostname|ip]:port) ' + comment: 'Type has changed' + + - name: glance_api_insecure + type: boolean + default: false + help: 'Allow to perform insecure SSL (https) requests to glance ' + comment: 'Help string has changed' + + - name: glance_num_retries + type: integer + default: false + help: 'Number retries when downloading an image from glance ' + comment: 'Help string has changed' + + - name: allowed_direct_url_schemes + type: string_list + default: [] + help: 'A list of url scheme that can be downloaded directly via the direct_url. Currently supported schemes: [file]. ' + comment: 'Type has changed' + + - name: image_decryption_dir + type: string + default: '/tmp' + help: 'parent dir for tempdir used for image decryption ' + comment: 'Help string has changed' + + - name: s3_host + type: string + default: '$my_ip' + help: 'hostname or ip for OpenStack to use when accessing the s3 api ' + comment: 'Help string has changed' + + - name: s3_port + type: port + default: 3333 + help: 'port used when accessing the s3 api ' + comment: 'Help string has changed' + + - name: s3_access_key + type: string + default: 'notchecked' + help: 'access key to use for s3 server for images ' + comment: 'Help string has changed' + + - name: s3_secret_key + type: string + default: 'notchecked' + help: 'secret key to use for s3 server for images ' + comment: 'Help string has changed' + + - name: s3_use_ssl + type: boolean + default: false + help: 'whether to use ssl when talking to s3 ' + comment: 'Help string has changed' + + - name: s3_affix_tenant + type: boolean + default: false + help: 'whether to affix the tenant id to the access key when downloading from s3 ' + comment: 'Help string has changed' + + - name: ipv6_backend + type: string + default: 'rfc2462' + help: 'Backend to use for IPv6 generation ' + comment: 'Help string has changed' + + - name: network_api_class + type: string + default: 'nova.network.api.API' + help: 'The full class name of the network API class to use ' + comment: 'Help string has changed' + + - name: network_driver + type: string + default: 'nova.network.linux_net' + help: 'Driver to use for network creation ' + comment: 'Help string has changed' + + - name: default_floating_pool + type: string + default: 'nova' + help: 'Default pool for floating ips ' + comment: 'Help string has changed' + + - name: auto_assign_floating_ip + type: boolean + default: false + help: 'Autoassigning floating ip to VM ' + comment: 'Help string has changed' + + - name: floating_ip_dns_manager + type: string + default: 'nova.network.noop_dns_driver.NoopDNSDriver' + help: 'full class name for the DNS Manager for floating IPs ' + comment: 'Help string has changed' + + - name: instance_dns_manager + type: string + default: 'nova.network.noop_dns_driver.NoopDNSDriver' + help: 'full class name for the DNS Manager for instance IPs ' + comment: 'Help string has changed' + + - name: instance_dns_domain + type: string + default: '' + help: 'full class name for the DNS Zone for instance IPs ' + comment: 'Help string has changed' + + - name: ldap_dns_url + type: string + default: 'ldap://ldap.example.com:389' + help: 'URL for ldap server which will store dns entries ' + comment: 'Help string has changed' + + - name: ldap_dns_user + type: string + default: 'uid=admin,ou=people,dc=example,dc=org' + help: 'user for ldap DNS ' + comment: 'Default value has changed' + + - name: ldap_dns_password + type: string + default: 'password' + help: 'password for ldap DNS ' + comment: 'Help string has changed' + + - name: ldap_dns_soa_hostmaster + type: string + default: 'hostmaster@example.org' + help: 'Hostmaster for ldap dns driver Statement of Authority ' + comment: 'Help string has changed' + + - name: ldap_dns_servers + type: string + default: 'dns.example.org' + help: 'DNS Servers for ldap dns driver (multi valued)' + comment: 'Type has changed' + + - name: ldap_dns_base_dn + type: string + default: 'ou=hosts,dc=example,dc=org' + help: 'Base DN for DNS entries in ldap ' + comment: 'Default value has changed' + + - name: ldap_dns_soa_refresh + type: string + default: '1800' + help: 'Refresh interval (in seconds) for ldap dns driver Statement of Authority ' + comment: 'Type has changed' + + - name: ldap_dns_soa_retry + type: string + default: '3600' + help: 'Retry interval (in seconds) for ldap dns driver Statement of Authority ' + comment: 'Type has changed' + + - name: ldap_dns_soa_expiry + type: string + default: '86400' + help: 'Expiry interval (in seconds) for ldap dns driver Statement of Authority ' + comment: 'Type has changed' + + - name: ldap_dns_soa_minimum + type: string + default: '7200' + help: 'Minimum interval (in seconds) for ldap dns driver Statement of Authority ' + comment: 'Type has changed' + + - name: dhcpbridge_flagfile + type: string + default: '/etc/nova/nova-dhcpbridge.conf' + help: 'location of flagfiles for dhcpbridge (multi valued)' + comment: 'Type has changed' + + - name: networks_path + type: string + default: '$state_path/networks' + help: 'Location to keep network config files ' + comment: 'Help string has changed' + + - name: public_interface + type: string + default: 'eth0' + help: 'Interface for public IP addresses ' + comment: 'Help string has changed' + + - name: network_device_mtu + type: string + default: ~ + help: 'MTU setting for vlan ' + comment: 'Help string has changed' + + - name: dhcpbridge + type: string + default: '$bindir/nova-dhcpbridge' + help: 'location of nova-dhcpbridge ' + comment: 'Help string has changed' + + - name: routing_source_ip + type: string + default: '$my_ip' + help: 'Public IP of network host ' + comment: 'Help string has changed' + + - name: dhcp_lease_time + type: integer + default: 120 + help: 'Lifetime of a DHCP lease in seconds ' + comment: 'Help string has changed' + + - name: dns_server + type: string + default: '' + help: 'if set, uses specific dns server for dnsmasq. Canbe specified multiple times. (multi valued)' + comment: 'Type has changed' + + - name: use_network_dns_servers + type: boolean + default: false + help: 'if set, uses the dns1 and dns2 from the network ref.as dns servers. ' + comment: 'Help string has changed' + + - name: dmz_cidr + type: string_list + default: [] + help: 'A list of dmz range that should be accepted ' + comment: 'Type has changed' + + - name: force_snat_range + type: string + default: '' + help: 'Traffic to this range will always be snatted to the fallback ip, even if it would normally be bridged out of the node. Can be specified multiple times. (multi valued)' + comment: 'Type has changed' + + - name: dnsmasq_config_file + type: string + default: '' + help: 'Override the default dnsmasq settings with this file ' + comment: 'Help string has changed' + + - name: linuxnet_interface_driver + type: string + default: 'nova.network.linux_net.LinuxBridgeInterfaceDriver' + help: 'Driver used to create ethernet devices. ' + comment: 'Help string has changed' + + - name: linuxnet_ovs_integration_bridge + type: string + default: 'br-int' + help: 'Name of Open vSwitch bridge used with linuxnet ' + comment: 'Help string has changed' + + - name: send_arp_for_ha + type: boolean + default: false + help: 'send gratuitous ARPs for HA setup ' + comment: 'Help string has changed' + + - name: send_arp_for_ha_count + type: integer + default: 3 + help: 'send this many gratuitous ARPs for HA setup ' + comment: 'Help string has changed' + + - name: use_single_default_gateway + type: boolean + default: false + help: 'Use single default gateway. Only first nic of vm will get default gateway from dhcp server ' + comment: 'Help string has changed' + + - name: forward_bridge_interface + type: string + default: 'all' + help: 'An interface that bridges can forward to. If this is set to all then all traffic will be forwarded. Can be specified multiple times. (multi valued)' + comment: 'Type has changed' + + - name: metadata_host + type: string + default: '$my_ip' + help: 'the ip for the metadata api server ' + comment: 'Help string has changed' + + - name: metadata_port + type: port + default: 8775 + help: 'the port for the metadata api port ' + comment: 'Help string has changed' + + - name: iptables_top_regex + type: string + default: '' + help: 'Regular expression to match iptables rule that should always be on the top. ' + comment: 'Help string has changed' + + - name: iptables_bottom_regex + type: string + default: '' + help: 'Regular expression to match iptables rule that should always be on the bottom. ' + comment: 'Help string has changed' + + - name: flat_network_bridge + type: string + default: ~ + help: 'Bridge for simple network instances ' + comment: 'Help string has changed' + + - name: flat_network_dns + type: string + default: '8.8.4.4' + help: 'Dns for simple network ' + comment: 'Help string has changed' + + - name: flat_injected + type: boolean + default: false + help: 'Whether to attempt to inject network setup into guest ' + comment: 'Help string has changed' + + - name: flat_interface + type: string + default: ~ + help: 'FlatDhcp will bridge into this interface if set ' + comment: 'Help string has changed' + + - name: vlan_start + type: integer + default: 100 + help: 'First VLAN for private networks ' + comment: 'Help string has changed' + + - name: num_networks + type: integer + default: true + help: 'Number of networks to support ' + comment: 'Help string has changed' + + - name: vpn_ip + type: string + default: '$my_ip' + help: 'Public IP for the cloudpipe VPN servers ' + comment: 'Help string has changed' + + - name: vpn_start + type: integer + default: 1000 + help: 'First Vpn port for private networks ' + comment: 'Help string has changed' + + - name: network_size + type: integer + default: 256 + help: 'Number of addresses in each private subnet ' + comment: 'Help string has changed' + + - name: fixed_range_v6 + type: string + default: 'fd00::/48' + help: 'Fixed IPv6 address block ' + comment: 'Help string has changed' + + - name: gateway + type: string + default: ~ + help: 'Default IPv4 gateway ' + comment: 'Help string has changed' + + - name: gateway_v6 + type: string + default: ~ + help: 'Default IPv6 gateway ' + comment: 'Help string has changed' + + - name: cnt_vpn_clients + type: integer + default: false + help: 'Number of addresses reserved for vpn clients ' + comment: 'Help string has changed' + + - name: fixed_ip_disassociate_timeout + type: integer + default: 600 + help: 'Seconds after which a deallocated ip is disassociated ' + comment: 'Help string has changed' + + - name: create_unique_mac_address_attempts + type: integer + default: 5 + help: 'Number of attempts to create unique mac address ' + comment: 'Help string has changed' + + - name: fake_network + type: boolean + default: false + help: 'If passed, use fake network devices and addresses ' + comment: 'Help string has changed' + + - name: fake_call + type: boolean + default: false + help: 'If True, skip using the queue and make local calls ' + comment: 'Help string has changed' + + - name: teardown_unused_network_gateway + type: boolean + default: false + help: 'If True, unused gateway devices (VLAN and bridge) are deleted in VLAN network mode with multi hosted networks ' + comment: 'Help string has changed' + + - name: force_dhcp_release + type: boolean + default: true + help: 'If True, send a dhcp release on instance termination ' + comment: 'Default value has changed' + + - name: share_dhcp_address + type: boolean + default: false + help: 'If True in multi_host mode, all compute hosts share the same dhcp address. The same IP address used for DHCP will be added on each nova-network node which is only visible to the vms on the same host. ' + comment: 'Help string has changed' + + - name: update_dns_entries + type: boolean + default: false + help: 'If True, when a DNS entry must be updated, it sends a fanout cast to all network hosts to update their DNS entries in multi host mode ' + comment: 'Help string has changed' + + - name: dns_update_periodic_interval + type: integer + default: -1 + help: 'Number of seconds to wait between runs of updates to DNS entries. ' + comment: 'Help string has changed' + + - name: dhcp_domain + type: string + default: 'novalocal' + help: 'domain to use for building the hostnames ' + comment: 'Help string has changed' + + - name: l3_lib + type: string + default: 'nova.network.l3.LinuxNetL3' + help: 'Indicates underlying L3 management library ' + comment: 'Help string has changed' + + - name: network_topic + type: string + default: 'network' + help: 'the topic network nodes listen on ' + comment: 'Help string has changed' + + - name: multi_host + type: boolean + default: false + help: 'Default value for multi_host in networks. Also, if set, some rpc network calls will be sent directly to host. ' + comment: 'Help string has changed' + + - name: security_group_api + type: string + default: 'nova' + help: 'The full class name of the security API class ' + comment: 'Help string has changed' + + - name: buckets_path + type: string + default: '$state_path/buckets' + help: 'path to s3 buckets ' + comment: 'Help string has changed' + + - name: s3_listen + type: host + default: '0.0.0.0' + help: 'IP address for S3 API to listen ' + comment: 'Type has changed' + + - name: s3_listen_port + type: port + default: 3333 + help: 'port for s3 api to listen ' + comment: 'Help string has changed' + + - name: sqlite_db + type: string + default: 'nova.sqlite' + help: 'the filename to use with sqlite ' + comment: 'Help string has changed' + + - name: sqlite_synchronous + type: boolean + default: true + help: 'If true, use synchronous mode for sqlite ' + comment: 'Help string has changed' + + - name: backdoor_port + type: string + default: ~ + help: "Enable eventlet backdoor. Acceptable values are 0, and :, where 0 results in listening on a random tcp port number, results in listening on the specified port number and not enabling backdoorif it is in use and : results in listening on the smallest unused port number within the specified range of port numbers. The chosen port is displayed in the service's log file. " + comment: 'Type has changed' + + - name: disable_process_locking + type: boolean + default: false + help: 'Whether to disable inter-process locks ' + comment: 'Help string has changed' + + - name: lock_path + type: string + default: ~ + help: 'Directory to use for lock files. ' + comment: 'Help string has changed' + + - name: debug + type: boolean + default: false + help: 'Print debugging output (set logging level to DEBUG instead of default WARNING level). ' + comment: 'Help string has changed' + + - name: verbose + type: boolean + default: false + help: 'Print more verbose output (set logging level to INFO instead of default WARNING level). ' + comment: 'Help string has changed' + + - name: use_stderr + type: boolean + default: true + help: 'Log output to standard error ' + comment: 'Help string has changed' + + - name: logging_context_format_string + type: string + default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s' + help: 'format string to use for log messages with context ' + comment: 'Default value has changed' + + - name: logging_default_format_string + type: string + default: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s' + help: 'format string to use for log messages without context ' + comment: 'Help string has changed' + + - name: logging_debug_format_suffix + type: string + default: '%(funcName)s %(pathname)s:%(lineno)d' + help: 'data to append to log format when level is DEBUG ' + comment: 'Help string has changed' + + - name: logging_exception_prefix + type: string + default: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' + help: 'prefix each line of exception output with this format ' + comment: 'Help string has changed' + + - name: default_log_levels + type: string_list + default: ['amqplib=WARN', 'sqlalchemy=WARN', 'boto=WARN', 'suds=INFO', 'keystone=INFO', 'eventlet.wsgi.server=WARN'] + help: 'list of logger=LEVEL pairs ' + comment: 'Type has changed' + + - name: publish_errors + type: boolean + default: false + help: 'publish error events ' + comment: 'Help string has changed' + + - name: fatal_deprecations + type: boolean + default: false + help: 'make deprecations fatal ' + comment: 'Help string has changed' + + - name: instance_format + type: string + default: '"[instance: %(uuid)s] "' + help: 'If an instance is passed with the log message, format it like this ' + comment: 'Help string has changed' + + - name: instance_uuid_format + type: string + default: '"[instance: %(uuid)s] "' + help: 'If an instance UUID is passed with the log message, format it like this ' + comment: 'Help string has changed' + + - name: log_config + type: string + default: ~ + help: 'If this option is specified, the logging configuration file specified is used and overrides any other logging options specified. Please see the Python logging module documentation for details on logging configuration files. ' + comment: 'Help string has changed' + + - name: log_format + type: string + default: ~ + help: 'DEPRECATED. A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes. This option is deprecated. Please use logging_context_format_string and logging_default_format_string instead. ' + comment: 'Default value has changed' + + - name: log_date_format + type: string + default: '%Y-%m-%d %H:%M:%S' + help: 'Format string for %%(asctime)s in log records. Default: %(default)s ' + comment: 'Help string has changed' + + - name: log_file + type: string + default: ~ + help: '(Optional) Name of log file to output to. If no default is set, logging will go to stdout. ' + comment: 'Help string has changed' + + - name: log_dir + type: string + default: ~ + help: '(Optional) The base directory used for relative --log-file paths ' + comment: 'Help string has changed' + + - name: use_syslog + type: boolean + default: false + help: 'Use syslog for logging. ' + comment: 'Help string has changed' + + - name: syslog_log_facility + type: string + default: 'LOG_USER' + help: 'syslog facility to receive log lines ' + comment: 'Help string has changed' + + - name: memcached_servers + type: list + default: ~ + help: 'Memcached servers or None for in process cache. ' + comment: 'Help string has changed' + + - name: notification_driver + type: string + default: '' + help: 'Driver or drivers to handle sending notifications (multi valued)' + comment: 'Type has changed' + + - name: default_notification_level + type: string + default: 'INFO' + help: 'Default notification level for outgoing notifications ' + comment: 'Help string has changed' + + - name: default_publisher_id + type: string + default: ~ + help: 'Default publisher_id for outgoing notifications ' + comment: 'Default value has changed' + + - name: notification_topics + type: string_list + default: ['notifications'] + help: 'AMQP topic used for OpenStack notifications ' + comment: 'Type has changed' + + - name: run_external_periodic_tasks + type: boolean + default: true + help: 'Some periodic tasks can be run in a separate process. Should we run them here? ' + comment: 'Help string has changed' + + - name: rpc_backend + type: string + default: 'nova.openstack.common.rpc.impl_kombu' + help: 'The messaging module to use, defaults to kombu. ' + comment: 'Help string has changed' + + - name: rpc_thread_pool_size + type: integer + default: 64 + help: 'Size of RPC thread pool ' + comment: 'Help string has changed' + + - name: rpc_conn_pool_size + type: integer + default: 30 + help: 'Size of RPC connection pool ' + comment: 'Help string has changed' + + - name: rpc_response_timeout + type: integer + default: 60 + help: 'Seconds to wait for a response from call or multicall ' + comment: 'Help string has changed' + + - name: rpc_cast_timeout + type: integer + default: 30 + help: 'Seconds to wait before a cast expires (TTL). Only supported by impl_zmq. ' + comment: 'Help string has changed' + + - name: allowed_rpc_exception_modules + type: string_list + default: ['nova.exception', 'cinder.exception', 'exceptions'] + help: 'Modules of exceptions that are permitted to be recreatedupon receiving exception data from an rpc call. ' + comment: 'Type has changed' + + - name: fake_rabbit + type: boolean + default: false + help: 'If passed, use a fake RabbitMQ provider ' + comment: 'Help string has changed' + + - name: control_exchange + type: string + default: 'openstack' + help: 'AMQP exchange to connect to if using RabbitMQ or Qpid ' + comment: 'Help string has changed' + + - name: kombu_ssl_version + type: string + default: '' + help: 'SSL version to use (valid only if SSL enabled). valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be available on some distributions ' + comment: 'Help string has changed' + + - name: kombu_ssl_keyfile + type: string + default: '' + help: 'SSL key file (valid only if SSL enabled) ' + comment: 'Help string has changed' + + - name: kombu_ssl_certfile + type: string + default: '' + help: 'SSL cert file (valid only if SSL enabled) ' + comment: 'Help string has changed' + + - name: kombu_ssl_ca_certs + type: string + default: '' + help: 'SSL certification authority file (valid only if SSL enabled) ' + comment: 'Help string has changed' + + - name: rabbit_host + type: host + default: 'localhost' + help: 'The RabbitMQ broker address where a single node is used ' + comment: 'Type has changed' + + - name: rabbit_port + type: port + default: 5672 + help: 'The RabbitMQ broker port where a single node is used ' + comment: 'Help string has changed' + + - name: rabbit_hosts + type: string_list + default: ['$rabbit_host:$rabbit_port'] + help: 'RabbitMQ HA cluster host:port pairs ' + comment: 'Type has changed' + + - name: rabbit_use_ssl + type: boolean + default: false + help: 'connect over SSL for RabbitMQ ' + comment: 'Help string has changed' + + - name: rabbit_userid + type: string + default: 'guest' + help: 'the RabbitMQ userid ' + comment: 'Help string has changed' + + - name: rabbit_password + type: string + default: 'guest' + help: 'the RabbitMQ password ' + comment: 'Help string has changed' + + - name: rabbit_virtual_host + type: string + default: '/' + help: 'the RabbitMQ virtual host ' + comment: 'Help string has changed' + + - name: rabbit_retry_interval + type: integer + default: true + help: 'how frequently to retry connecting with RabbitMQ ' + comment: 'Help string has changed' + + - name: rabbit_retry_backoff + type: integer + default: 2 + help: 'how long to backoff for between retries when connecting to RabbitMQ ' + comment: 'Help string has changed' + + - name: rabbit_max_retries + type: integer + default: false + help: 'maximum retries with trying to connect to RabbitMQ (the default of 0 implies an infinite retry count) ' + comment: 'Help string has changed' + + - name: rabbit_ha_queues + type: boolean + default: false + help: 'use H/A queues in RabbitMQ (x-ha-policy: all).You need to wipe RabbitMQ database when changing this option. ' + comment: 'Help string has changed' + + - name: qpid_hostname + type: string + default: 'localhost' + help: 'Qpid broker hostname ' + comment: 'Help string has changed' + + - name: qpid_port + type: port + default: 5672 + help: 'Qpid broker port ' + comment: 'Help string has changed' + + - name: qpid_hosts + type: string_list + default: ['$qpid_hostname:$qpid_port'] + help: 'Qpid HA cluster host:port pairs ' + comment: 'Type has changed' + + - name: qpid_username + type: string + default: '' + help: 'Username for qpid connection ' + comment: 'Help string has changed' + + - name: qpid_password + type: string + default: '' + help: 'Password for qpid connection ' + comment: 'Help string has changed' + + - name: qpid_sasl_mechanisms + type: string + default: '' + help: 'Space separated list of SASL mechanisms to use for auth ' + comment: 'Help string has changed' + + - name: qpid_heartbeat + type: integer + default: 60 + help: 'Seconds between connection keepalive heartbeats ' + comment: 'Help string has changed' + + - name: qpid_protocol + type: string + default: 'tcp' + help: "Transport to use, either 'tcp' or 'ssl' " + comment: 'Help string has changed' + + - name: qpid_tcp_nodelay + type: boolean + default: true + help: 'Disable Nagle algorithm ' + comment: 'Help string has changed' + + - name: rpc_zmq_bind_address + type: string + default: '*' + help: "ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP. The 'host' option should point or resolve to this address. " + comment: 'Help string has changed' + + - name: rpc_zmq_matchmaker + type: string + default: 'nova.openstack.common.rpc.matchmaker.MatchMakerLocalhost' + help: 'MatchMaker driver ' + comment: 'Help string has changed' + + - name: rpc_zmq_port + type: port + default: 9501 + help: 'ZeroMQ receiver listening port ' + comment: 'Help string has changed' + + - name: rpc_zmq_contexts + type: integer + default: true + help: 'Number of ZeroMQ contexts, defaults to 1 ' + comment: 'Help string has changed' + + - name: rpc_zmq_topic_backlog + type: integer + default: ~ + help: 'Maximum number of ingress messages to locally buffer per topic. Default is unlimited. ' + comment: 'Help string has changed' + + - name: rpc_zmq_ipc_dir + type: string + default: '/var/run/openstack' + help: 'Directory for holding IPC sockets ' + comment: 'Help string has changed' + + - name: rpc_zmq_host + type: string + default: 'nova' + help: "Name of this node. Must be a valid hostname, FQDN, or IP address. Must match 'host' option, if running Nova. " + comment: 'Default value has changed' + + - name: scheduler_host_manager + type: string + default: 'nova.scheduler.host_manager.HostManager' + help: 'The scheduler host manager class to use ' + comment: 'Help string has changed' + + - name: scheduler_max_attempts + type: integer + default: 3 + help: 'Maximum number of attempts to schedule an instance ' + comment: 'Help string has changed' + + - name: scheduler_host_subset_size + type: integer + default: true + help: 'New instances will be scheduled on a host chosen randomly from a subset of the N best hosts. This property defines the subset size that a host is chosen from. A value of 1 chooses the first host returned by the weighing functions. This value must be at least 1. Any value less than 1 will be ignored, and 1 will be used instead ' + comment: 'Help string has changed' + + - name: cpu_allocation_ratio + type: float + default: 16.0 + help: 'Virtual CPU to physical CPU allocation ratio which affects all CPU filters. This configuration specifies a global ratio for CoreFilter. For AggregateCoreFilter, it will fall back to this configuration value if no per-aggregate setting found. ' + comment: 'Type has changed' + + - name: disk_allocation_ratio + type: float + default: true + help: 'virtual disk to physical disk allocation ratio ' + comment: 'Type has changed' + + - name: max_io_ops_per_host + type: integer + default: 8 + help: 'Ignore hosts that have too many builds/resizes/snaps/migrations ' + comment: 'Help string has changed' + + - name: isolated_images + type: string_list + default: [] + help: 'Images to run on isolated host ' + comment: 'Type has changed' + + - name: isolated_hosts + type: string_list + default: [] + help: 'Host reserved for specific images ' + comment: 'Type has changed' + + - name: max_instances_per_host + type: integer + default: 50 + help: 'Ignore hosts that have too many instances ' + comment: 'Help string has changed' + + - name: ram_allocation_ratio + type: float + default: 1.5 + help: 'Virtual ram to physical ram allocation ratio which affects all ram filters. This configuration specifies a global ratio for RamFilter. For AggregateRamFilter, it will fall back to this configuration value if no per-aggregate setting found. ' + comment: 'Type has changed' + + - name: scheduler_available_filters + type: string + default: 'nova.scheduler.filters.all_filters' + help: "Filter classes available to the scheduler which may be specified more than once. An entry of 'nova.scheduler.filters.standard_filters' maps to all filters included with nova. (multi valued)" + comment: 'Type has changed' + + - name: scheduler_default_filters + type: string_list + default: ['RetryFilter', 'AvailabilityZoneFilter', 'RamFilter', 'ComputeFilter', 'ComputeCapabilitiesFilter', 'ImagePropertiesFilter'] + help: 'Which filter class names to use for filtering hosts when not specified in the request. ' + comment: 'Type has changed' + + - name: scheduler_driver + type: string + default: 'nova.scheduler.filter_scheduler.FilterScheduler' + help: 'Default driver to use for the scheduler ' + comment: 'Help string has changed' + + - name: scheduler_topic + type: string + default: 'scheduler' + help: 'the topic scheduler nodes listen on ' + comment: 'Help string has changed' + + - name: scheduler_json_config_location + type: string + default: '' + help: 'Absolute path to scheduler configuration JSON file. ' + comment: 'Help string has changed' + + - name: servicegroup_driver + type: string + default: 'db' + help: 'The driver for servicegroup service (valid options are: db, zk, mc) ' + comment: 'Help string has changed' + + - name: config_drive_format + type: string + default: 'iso9660' + help: 'Config drive format. One of iso9660 (default) or vfat ' + comment: 'Help string has changed' + + - name: config_drive_tempdir + type: string + default: ~ + help: 'Where to put temporary files associated with config drive creation ' + comment: 'Help string has changed' + + - name: force_config_drive + type: string + default: ~ + help: 'Set to force injection to take place on a config drive (if set, valid options are: always) ' + comment: 'Help string has changed' + + - name: mkisofs_cmd + type: string + default: 'genisoimage' + help: 'Name and optionally path of the tool used for ISO image creation ' + comment: 'Help string has changed' + + - name: virt_mkfs + type: string + default: 'windows=mkfs.ntfs --force --fast --label %(fs_label)s %(target)s' + help: 'mkfs commands for ephemeral device. The format is = (multi valued)' + comment: 'Default value has changed' + + - name: timeout_nbd + type: integer + default: 10 + help: 'time to wait for a NBD device coming up ' + comment: 'Help string has changed' + + - name: compute_driver + type: string + default: ~ + help: 'Driver to use for controlling virtualization. Options include: libvirt.LibvirtDriver, xenapi.XenAPIDriver, fake.FakeDriver, baremetal.BareMetalDriver, vmwareapi.VMwareESXDriver, vmwareapi.VMwareVCDriver ' + comment: 'Help string has changed' + + - name: default_ephemeral_format + type: string + default: ~ + help: 'The default format an ephemeral_volume will be formatted with on creation. ' + comment: 'Help string has changed' + + - name: preallocate_images + type: string + default: 'none' + help: "VM image preallocation mode: 'none' => no storage provisioning is done up front, 'space' => storage is fully allocated at instance start " + comment: 'Help string has changed' + + - name: use_cow_images + type: boolean + default: true + help: 'Whether to use cow images ' + comment: 'Help string has changed' + + - name: firewall_driver + type: string + default: ~ + help: 'Firewall driver (defaults to hypervisor specific iptables driver) ' + comment: 'Help string has changed' + + - name: allow_same_net_traffic + type: boolean + default: true + help: 'Whether to allow network traffic from same network ' + comment: 'Help string has changed' + + - name: force_raw_images + type: boolean + default: true + help: 'Force backing images to raw format ' + comment: 'Help string has changed' + + - name: rescue_image_id + type: string + default: ~ + help: 'Rescue ami image ' + comment: 'Help string has changed' + + - name: rescue_kernel_id + type: string + default: ~ + help: 'Rescue aki image ' + comment: 'Help string has changed' + + - name: rescue_ramdisk_id + type: string + default: ~ + help: 'Rescue ari image ' + comment: 'Help string has changed' + + - name: libvirt_type + type: string + default: 'kvm' + help: 'Libvirt domain type (valid options are: kvm, lxc, qemu, uml, xen) ' + comment: 'Help string has changed' + + - name: libvirt_uri + type: string + default: '' + help: 'Override the default libvirt URI (which is dependent on libvirt_type) ' + comment: 'Help string has changed' + + - name: libvirt_inject_password + type: boolean + default: false + help: 'Inject the admin password at boot time, without an agent. ' + comment: 'Help string has changed' + + - name: libvirt_inject_key + type: boolean + default: true + help: 'Inject the ssh public key at boot time ' + comment: 'Help string has changed' + + - name: libvirt_inject_partition + type: integer + default: true + help: 'The partition to inject to : -2 => disable, -1 => inspect (libguestfs only), 0 => not partitioned, >0 => partition number ' + comment: 'Help string has changed' + + - name: use_usb_tablet + type: boolean + default: true + help: 'Sync virtual and real mouse cursors in Windows VMs ' + comment: 'Help string has changed' + + - name: live_migration_uri + type: string + default: 'qemu+tcp://%s/system' + help: "Migration target URI (any included '%s' is replaced with the migration target hostname) " + comment: 'Help string has changed' + + - name: live_migration_flag + type: string + default: 'VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER' + help: 'Migration flags to be set for live migration ' + comment: 'Help string has changed' + + - name: block_migration_flag + type: string + default: 'VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER, VIR_MIGRATE_NON_SHARED_INC' + help: 'Migration flags to be set for block migration ' + comment: 'Help string has changed' + + - name: live_migration_bandwidth + type: integer + default: false + help: 'Maximum bandwidth to be used during migration, in Mbps ' + comment: 'Help string has changed' + + - name: snapshot_image_format + type: string + default: ~ + help: 'Snapshot image format (valid options are : raw, qcow2, vmdk, vdi). Defaults to same as source image ' + comment: 'Help string has changed' + + - name: libvirt_vif_driver + type: string + default: 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver' + help: 'The libvirt VIF driver to configure the VIFs. ' + comment: 'Help string has changed' + + - name: libvirt_volume_drivers + type: string_list + default: ['iscsi=nova.virt.libvirt.volume.LibvirtISCSIVolumeDriver', 'iser=nova.virt.libvirt.volume.LibvirtISERVolumeDriver', 'local=nova.virt.libvirt.volume.LibvirtVolumeDriver', 'fake=nova.virt.libvirt.volume.LibvirtFakeVolumeDriver', 'rbd=nova.virt.libvirt.volume.LibvirtNetVolumeDriver', 'sheepdog=nova.virt.libvirt.volume.LibvirtNetVolumeDriver', 'nfs=nova.virt.libvirt.volume.LibvirtNFSVolumeDriver', 'aoe=nova.virt.libvirt.volume.LibvirtAOEVolumeDriver', 'glusterfs=nova.virt.libvirt.volume.LibvirtGlusterfsVolumeDriver', 'fibre_channel=nova.virt.libvirt.volume.LibvirtFibreChannelVolumeDriver', 'scality=nova.virt.libvirt.volume.LibvirtScalityVolumeDriver'] + help: 'Libvirt handlers for remote volumes. ' + comment: 'Type has changed' + + - name: libvirt_disk_prefix + type: string + default: ~ + help: 'Override the default disk prefix for the devices attached to a server, which is dependent on libvirt_type. (valid options are: sd, xvd, uvd, vd) ' + comment: 'Help string has changed' + + - name: libvirt_wait_soft_reboot_seconds + type: integer + default: 120 + help: 'Number of seconds to wait for instance to shut down after soft reboot request is made. We fall back to hard reboot if instance does not shutdown within this window. ' + comment: 'Help string has changed' + + - name: libvirt_nonblocking + type: boolean + default: true + help: 'Use a separated OS thread pool to realize non-blocking libvirt calls ' + comment: 'Help string has changed' + + - name: libvirt_cpu_mode + type: string + default: ~ + help: "Set to 'host-model' to clone the host CPU feature flags; to 'host-passthrough' to use the host CPU model exactly; to 'custom' to use a named CPU model; to 'none' to not set any CPU model. If libvirt_type='kvm|qemu', it will default to 'host-model', otherwise it will default to 'none' " + comment: 'Help string has changed' + + - name: libvirt_cpu_model + type: string + default: ~ + help: "Set to a named libvirt CPU model (see names listed in /usr/share/libvirt/cpu_map.xml). Only has effect if libvirt_cpu_mode='custom' and libvirt_type='kvm|qemu' " + comment: 'Help string has changed' + + - name: libvirt_snapshots_directory + type: string + default: '$instances_path/snapshots' + help: 'Location where libvirt driver will store snapshots before uploading them to image service ' + comment: 'Help string has changed' + + - name: xen_hvmloader_path + type: string + default: '/usr/lib/xen/boot/hvmloader' + help: 'Location where the Xen hvmloader is kept ' + comment: 'Help string has changed' + + - name: disk_cachemodes + type: string_list + default: [] + help: "Specific cachemodes to use for different disk types e.g: ['file=directsync','block=none'] " + comment: 'Type has changed' + + - name: libvirt_images_type + type: string + default: 'default' + help: 'VM Images format. Acceptable values are: raw, qcow2, lvm,rbd, default. If default is specified, then use_cow_images flag is used instead of this one. ' + comment: 'Help string has changed' + + - name: libvirt_images_volume_group + type: string + default: ~ + help: 'LVM Volume Group that is used for VM images, when you specify libvirt_images_type=lvm. ' + comment: 'Help string has changed' + + - name: libvirt_sparse_logical_volumes + type: boolean + default: false + help: 'Create sparse logical volumes (with virtualsize) if this flag is set to True. ' + comment: 'Help string has changed' + + - name: libvirt_lvm_snapshot_size + type: integer + default: 1000 + help: 'The amount of storage (in megabytes) to allocate for LVM snapshot copy-on-write blocks. ' + comment: 'Help string has changed' + + - name: base_dir_name + type: string + default: '_base' + help: 'Where cached images are stored under $instances_path.This is NOT the full path - just a folder name.For per-compute-host cached images, set to _base_$my_ip ' + comment: 'Help string has changed' + + - name: image_info_filename_pattern + type: string + default: '$instances_path/$base_dir_name/%(image)s.info' + help: 'Allows image information files to be stored in non-standard locations ' + comment: 'Help string has changed' + + - name: remove_unused_base_images + type: boolean + default: true + help: 'Should unused base images be removed? ' + comment: 'Help string has changed' + + - name: remove_unused_kernels + type: boolean + default: false + help: 'Should unused kernel images be removed? This is only safe to enable if all compute nodes have been updated to support this option. This will enabled by default in future. ' + comment: 'Help string has changed' + + - name: remove_unused_resized_minimum_age_seconds + type: integer + default: 3600 + help: 'Unused resized base images younger than this will not be removed ' + comment: 'Help string has changed' + + - name: remove_unused_original_minimum_age_seconds + type: integer + default: 86400 + help: 'Unused unresized base images younger than this will not be removed ' + comment: 'Help string has changed' + + - name: checksum_base_images + type: boolean + default: false + help: 'Write a checksum for files in _base to disk ' + comment: 'Help string has changed' + + - name: checksum_interval_seconds + type: integer + default: 3600 + help: 'How frequently to checksum base images ' + comment: 'Help string has changed' + + - name: libvirt_snapshot_compression + type: boolean + default: false + help: 'Compress snapshot images when possible. This currently applies exclusively to qcow2 images ' + comment: 'Help string has changed' + + - name: libvirt_ovs_bridge + type: string + default: 'br-int' + help: 'Name of Integration Bridge used by Open vSwitch ' + comment: 'Help string has changed' + + - name: libvirt_use_virtio_for_bridges + type: boolean + default: true + help: 'Use virtio for bridge interfaces with KVM/QEMU ' + comment: 'Help string has changed' + + - name: num_iscsi_scan_tries + type: integer + default: 3 + help: 'number of times to rescan iSCSI target to find volume ' + comment: 'Help string has changed' + + - name: rbd_user + type: string + default: ~ + help: 'the RADOS client name for accessing rbd volumes ' + comment: 'Help string has changed' + + - name: rbd_secret_uuid + type: string + default: ~ + help: 'the libvirt uuid of the secret for the rbd_uservolumes ' + comment: 'Help string has changed' + + - name: nfs_mount_point_base + type: string + default: '$state_path/mnt' + help: 'Dir where the nfs volume is mounted on the compute node ' + comment: 'Help string has changed' + + - name: nfs_mount_options + type: string + default: ~ + help: 'Mount options passed to the nfs client. See section of the nfs man page for details ' + comment: 'Help string has changed' + + - name: num_aoe_discover_tries + type: integer + default: 3 + help: 'number of times to rediscover AoE target to find volume ' + comment: 'Help string has changed' + + - name: glusterfs_mount_point_base + type: string + default: '$state_path/mnt' + help: 'Dir where the glusterfs volume is mounted on the compute node ' + comment: 'Help string has changed' + + - name: libvirt_iscsi_use_multipath + type: boolean + default: false + help: 'use multipath connection of the iSCSI volume ' + comment: 'Help string has changed' + + - name: scality_sofs_config + type: string + default: ~ + help: 'Path or URL to Scality SOFS configuration file ' + comment: 'Help string has changed' + + - name: scality_sofs_mount_point + type: string + default: '$state_path/scality' + help: 'Base dir where Scality SOFS shall be mounted ' + comment: 'Help string has changed' + + - name: powervm_mgr_type + type: string + default: 'ivm' + help: 'PowerVM manager type (ivm, hmc) ' + comment: 'Help string has changed' + + - name: powervm_mgr + type: string + default: ~ + help: 'PowerVM manager host or ip ' + comment: 'Help string has changed' + + - name: powervm_mgr_user + type: string + default: ~ + help: 'PowerVM manager user name ' + comment: 'Help string has changed' + + - name: powervm_mgr_passwd + type: string + default: ~ + help: 'PowerVM manager user password ' + comment: 'Help string has changed' + + - name: powervm_img_remote_path + type: string + default: '/home/padmin' + help: 'PowerVM image remote path where images will be moved. Make sure this path can fit your biggest image in glance ' + comment: 'Help string has changed' + + - name: powervm_img_local_path + type: string + default: '/tmp' + help: 'Local directory to download glance images to. Make sure this path can fit your biggest image in glance ' + comment: 'Help string has changed' + + - name: agent_timeout + type: integer + default: 30 + help: 'number of seconds to wait for agent reply ' + comment: 'Help string has changed' + + - name: agent_version_timeout + type: integer + default: 300 + help: 'number of seconds to wait for agent to be fully operational ' + comment: 'Help string has changed' + + - name: agent_resetnetwork_timeout + type: integer + default: 60 + help: 'number of seconds to wait for agent reply to resetnetwork request ' + comment: 'Help string has changed' + + - name: xenapi_agent_path + type: string + default: 'usr/sbin/xe-update-networking' + help: 'Specifies the path in which the xenapi guest agent should be located. If the agent is present, network configuration is not injected into the image. Used if compute_driver=xenapi.XenAPIDriver and flat_injected=True ' + comment: 'Help string has changed' + + - name: xenapi_disable_agent + type: boolean + default: false + help: 'Disables the use of the XenAPI agent in any image regardless of what image properties are present. ' + comment: 'Help string has changed' + + - name: xenapi_connection_url + type: string + default: ~ + help: 'URL for connection to XenServer/Xen Cloud Platform. A special value of unix://local can be used to connect to the local unix socket. Required if compute_driver=xenapi.XenAPIDriver ' + comment: 'Help string has changed' + + - name: xenapi_connection_username + type: string + default: 'root' + help: 'Username for connection to XenServer/Xen Cloud Platform. Used only if compute_driver=xenapi.XenAPIDriver ' + comment: 'Help string has changed' + + - name: xenapi_connection_password + type: string + default: ~ + help: 'Password for connection to XenServer/Xen Cloud Platform. Used only if compute_driver=xenapi.XenAPIDriver ' + comment: 'Help string has changed' + + - name: xenapi_connection_concurrent + type: integer + default: 5 + help: 'Maximum number of concurrent XenAPI connections. Used only if compute_driver=xenapi.XenAPIDriver ' + comment: 'Help string has changed' + + - name: xenapi_vhd_coalesce_poll_interval + type: float + default: 5.0 + help: 'The interval used for polling of coalescing vhds. Used only if compute_driver=xenapi.XenAPIDriver ' + comment: 'Type has changed' + + - name: xenapi_check_host + type: boolean + default: true + help: 'Ensure compute service is running on host XenAPI connects to. ' + comment: 'Help string has changed' + + - name: xenapi_vhd_coalesce_max_attempts + type: integer + default: 5 + help: 'Max number of times to poll for VHD to coalesce. Used only if compute_driver=xenapi.XenAPIDriver ' + comment: 'Help string has changed' + + - name: xenapi_sr_base_path + type: string + default: '/var/run/sr-mount' + help: 'Base path to the storage repository ' + comment: 'Help string has changed' + + - name: target_host + type: string + default: ~ + help: 'iSCSI Target Host ' + comment: 'Help string has changed' + + - name: target_port + type: string + default: '3260' + help: 'iSCSI Target Port, 3260 Default ' + comment: 'Type has changed' + + - name: iqn_prefix + type: string + default: 'iqn.2010-10.org.openstack' + help: 'IQN Prefix ' + comment: 'Help string has changed' + + - name: xenapi_remap_vbd_dev + type: boolean + default: false + help: 'Used to enable the remapping of VBD dev (Works around an issue in Ubuntu Maverick) ' + comment: 'Help string has changed' + + - name: xenapi_remap_vbd_dev_prefix + type: string + default: 'sd' + help: 'Specify prefix to remap VBD dev to (ex. /dev/xvdb -> /dev/sdb) ' + comment: 'Help string has changed' + + - name: xenapi_login_timeout + type: integer + default: 10 + help: 'Timeout in seconds for XenAPI login. ' + comment: 'Help string has changed' + + - name: xenapi_torrent_base_url + type: string + default: ~ + help: 'Base URL for torrent files. ' + comment: 'Help string has changed' + + - name: xenapi_torrent_seed_chance + type: float + default: true + help: 'Probability that peer will become a seeder. (1.0 = 100%) ' + comment: 'Type has changed' + + - name: xenapi_torrent_seed_duration + type: integer + default: 3600 + help: 'Number of seconds after downloading an image via BitTorrent that it should be seeded for other peers. ' + comment: 'Help string has changed' + + - name: xenapi_torrent_max_last_accessed + type: integer + default: 86400 + help: 'Cached torrent files not accessed within this number of seconds can be reaped ' + comment: 'Help string has changed' + + - name: xenapi_torrent_listen_port_start + type: port + default: 6881 + help: 'Beginning of port range to listen on ' + comment: 'Help string has changed' + + - name: xenapi_torrent_listen_port_end + type: port + default: 6891 + help: 'End of port range to listen on ' + comment: 'Help string has changed' + + - name: xenapi_torrent_download_stall_cutoff + type: integer + default: 600 + help: 'Number of seconds a download can remain at the same progress percentage w/o being considered a stall ' + comment: 'Help string has changed' + + - name: xenapi_torrent_max_seeder_processes_per_host + type: integer + default: true + help: 'Maximum number of seeder processes to run concurrently within a given dom0. (-1 = no limit) ' + comment: 'Help string has changed' + + - name: use_join_force + type: boolean + default: true + help: 'To use for hosts with different CPUs ' + comment: 'Help string has changed' + + - name: xenapi_ovs_integration_bridge + type: string + default: 'xapi1' + help: 'Name of Integration Bridge used by Open vSwitch ' + comment: 'Help string has changed' + + - name: cache_images + type: string + default: 'all' + help: 'Cache glance images locally. `all` will cache all images, `some` will only cache images that have the image_property `cache_in_nova=True`, and `none` turns off caching entirely ' + comment: 'Help string has changed' + + - name: default_os_type + type: string + default: 'linux' + help: 'Default OS type ' + comment: 'Help string has changed' + + - name: block_device_creation_timeout + type: integer + default: 10 + help: 'Time to wait for a block device to be created ' + comment: 'Help string has changed' + + - name: max_kernel_ramdisk_size + type: integer + default: 16777216 + help: 'Maximum size in bytes of kernel or ramdisk images ' + comment: 'Help string has changed' + + - name: sr_matching_filter + type: string + default: 'default-sr:true' + help: 'Filter for finding the SR to be used to install guest instances on. To use the Local Storage in default XenServer/XCP installations set this flag to other-config :i18n-key=local-storage. To select an SR with a different matching criteria, you could set it to other- config:my_favorite_sr=true. On the other hand, to fall back on the Default SR, as displayed by XenCenter, set this flag to: default-sr:true ' + comment: 'Default value has changed' + + - name: xenapi_sparse_copy + type: boolean + default: true + help: "Whether to use sparse_copy for copying data on a resize down (False will use standard dd). This speeds up resizes down considerably since large runs of zeros won't have to be rsynced " + comment: 'Help string has changed' + + - name: xenapi_num_vbd_unplug_retries + type: integer + default: 10 + help: 'Maximum number of retries to unplug VBD ' + comment: 'Help string has changed' + + - name: xenapi_torrent_images + type: string + default: 'none' + help: 'Whether or not to download images via Bit Torrent (all|some|none). ' + comment: 'Help string has changed' + + - name: xenapi_running_timeout + type: integer + default: 60 + help: 'number of seconds to wait for instance to go to running state ' + comment: 'Help string has changed' + + - name: xenapi_vif_driver + type: string + default: 'nova.virt.xenapi.vif.XenAPIBridgeDriver' + help: 'The XenAPI VIF driver using XenServer Network APIs. ' + comment: 'Help string has changed' + + - name: xenapi_image_upload_handler + type: string + default: 'nova.virt.xenapi.image.glance.GlanceStore' + help: 'Dom0 plugin driver used to handle image uploads. ' + comment: 'Default value has changed' + + - name: novncproxy_base_url + type: string + default: 'http://127.0.0.1:6080/vnc_auto.html' + help: "location of vnc console proxy, in the form 'http://127.0.0.1:6080/vnc_auto.html' " + comment: 'Help string has changed' + + - name: xvpvncproxy_base_url + type: string + default: 'http://127.0.0.1:6081/console' + help: "location of nova xvp vnc console proxy, in the form 'http://127.0.0.1:6081/console' " + comment: 'Help string has changed' + + - name: vncserver_listen + type: host + default: '127.0.0.1' + help: 'IP address on which instance vncservers should listen ' + comment: 'Type has changed' + + - name: vncserver_proxyclient_address + type: string + default: '127.0.0.1' + help: 'the address to which proxy clients (like nova-xvpvncproxy) should connect ' + comment: 'Help string has changed' + + - name: vnc_enabled + type: boolean + default: true + help: 'enable vnc related features ' + comment: 'Help string has changed' + + - name: vnc_keymap + type: string + default: 'en-us' + help: 'keymap for vnc ' + comment: 'Help string has changed' + + - name: xvpvncproxy_port + type: port + default: 6081 + help: 'Port that the XCP VNC proxy should bind to ' + comment: 'Help string has changed' + + - name: xvpvncproxy_host + type: host + default: '0.0.0.0' + help: 'Address that the XCP VNC proxy should bind to ' + comment: 'Help string has changed' + + - name: volume_api_class + type: string + default: 'nova.volume.cinder.API' + help: 'The full class name of the volume API class to use ' + comment: 'Help string has changed' + + - name: cinder_catalog_info + type: string + default: 'volume:cinder:publicURL' + help: 'Info to match when looking for cinder in the service catalog. Format is : separated values of the form: :: ' + comment: 'Help string has changed' + + - name: cinder_endpoint_template + type: string + default: ~ + help: 'Override service catalog lookup with template for cinder endpoint e.g. http://localhost:8776/v1/%(project_id)s ' + comment: 'Help string has changed' + + - name: os_region_name + type: string + default: ~ + help: 'region name of this node ' + comment: 'Help string has changed' + + - name: cinder_http_retries + type: integer + default: 3 + help: 'Number of cinderclient retries on failed http calls ' + comment: 'Help string has changed' + + - name: cinder_api_insecure + type: boolean + default: false + help: 'Allow to perform insecure SSL requests to cinder ' + comment: 'Help string has changed' + + - name: cinder_cross_az_attach + type: boolean + default: true + help: 'Allow attach between instance and volume in different availability zones. ' + comment: 'Help string has changed' + + - name: baremetal.sql_connection + type: string + default: 'sqlite:///$state_path/baremetal_$sqlite_db' + help: 'The SQLAlchemy connection string used to connect to the bare-metal database ' + comment: 'Help string has changed' + + - name: zookeeper.address + type: string + default: ~ + help: 'The ZooKeeper addresses for servicegroup service in the format of host1:port,host2:port,host3:port ' + comment: 'Help string has changed' + + - name: zookeeper.recv_timeout + type: integer + default: 4000 + help: 'recv_timeout parameter for the zk session ' + comment: 'Help string has changed' + + - name: zookeeper.sg_prefix + type: string + default: '/servicegroups' + help: 'The prefix used in ZooKeeper to store ephemeral nodes ' + comment: 'Help string has changed' + + - name: zookeeper.sg_retry_interval + type: integer + default: 5 + help: 'Number of seconds to wait until retrying to join the session ' + comment: 'Help string has changed' + + - name: spice.enabled + type: boolean + default: false + help: 'enable spice related features ' + comment: 'Help string has changed' + + - name: conductor.use_local + type: boolean + default: false + help: 'Perform nova-conductor operations locally ' + comment: 'Help string has changed' + + - name: cells.topic + type: string + default: 'cells' + help: 'the topic cells nodes listen on ' + comment: 'Help string has changed' + + - name: cells.manager + type: string + default: 'nova.cells.manager.CellsManager' + help: 'Manager for cells ' + comment: 'Help string has changed' + + - name: baremetal.driver + type: string + default: 'nova.virt.baremetal.pxe.PXE' + help: 'Baremetal driver back-end (pxe or tilera) ' + comment: 'Help string has changed' + + - name: cells.instance_updated_at_threshold + type: integer + default: 3600 + help: 'Number of seconds after an instance was updated or deleted to continue to update cells ' + comment: 'Help string has changed' + + - name: cells.instance_update_num_instances + type: integer + default: true + help: 'Number of instances to update per periodic task run ' + comment: 'Help string has changed' + + - name: cells.max_hop_count + type: integer + default: 10 + help: 'Maximum number of hops for cells routing. ' + comment: 'Help string has changed' + + - name: cells.enable + type: boolean + default: false + help: 'Enable cell functionality ' + comment: 'Help string has changed' + + - name: cells.name + type: string + default: 'nova' + help: 'name of this cell ' + comment: 'Help string has changed' + + - name: cells.capabilities + type: string_list + default: ['hypervisor=xenserver;kvm', 'os=linux;windows'] + help: 'Key/Multi-value list with the capabilities of the cell ' + comment: 'Type has changed' + + - name: cells.call_timeout + type: integer + default: 60 + help: 'Seconds to wait for response from a call to a cell. ' + comment: 'Help string has changed' + + - name: cells.rpc_driver_queue_base + type: string + default: 'cells.intercell' + help: 'Base queue name to use when communicating between cells. Various topics by message type will be appended to this. ' + comment: 'Help string has changed' + + - name: cells.scheduler_retries + type: integer + default: 10 + help: 'How many retries when no cells are available. ' + comment: 'Help string has changed' + + - name: cells.scheduler_retry_delay + type: integer + default: 2 + help: 'How often to retry in seconds when no cells are available. ' + comment: 'Help string has changed' + + - name: cells.db_check_interval + type: integer + default: 60 + help: 'Seconds between getting fresh cell info from db. ' + comment: 'Help string has changed' + + - name: baremetal.db_backend + type: string + default: 'sqlalchemy' + help: 'The backend to use for bare-metal database ' + comment: 'Help string has changed' + + - name: baremetal.vif_driver + type: string + default: 'nova.virt.baremetal.vif_driver.BareMetalVIFDriver' + help: 'Baremetal VIF driver. ' + comment: 'Help string has changed' + + - name: baremetal.volume_driver + type: string + default: 'nova.virt.baremetal.volume_driver.LibvirtVolumeDriver' + help: 'Baremetal volume driver. ' + comment: 'Help string has changed' + + - name: baremetal.instance_type_extra_specs + type: string_list + default: [] + help: "a list of additional capabilities corresponding to instance_type_extra_specs for this compute host to advertise. Valid entries are name=value, pairs For example, 'key1:val1, key2:val2' " + comment: 'Type has changed' + + - name: baremetal.power_manager + type: string + default: 'nova.virt.baremetal.ipmi.IPMI' + help: 'Baremetal power management method ' + comment: 'Help string has changed' + + - name: baremetal.tftp_root + type: string + default: '/tftpboot' + help: "Baremetal compute node's tftp root path " + comment: 'Help string has changed' + + - name: baremetal.terminal + type: string + default: 'shellinaboxd' + help: 'path to baremetal terminal program ' + comment: 'Help string has changed' + + - name: baremetal.terminal_cert_dir + type: string + default: ~ + help: 'path to baremetal terminal SSL cert(PEM) ' + comment: 'Help string has changed' + + - name: baremetal.terminal_pid_dir + type: string + default: '$state_path/baremetal/console' + help: 'path to directory stores pidfiles of baremetal_terminal ' + comment: 'Help string has changed' + + - name: baremetal.ipmi_power_retry + type: integer + default: 10 + help: 'maximal number of retries for IPMI operations ' + comment: 'Default value has changed' + + - name: baremetal.deploy_kernel + type: string + default: ~ + help: 'Default kernel image ID used in deployment phase ' + comment: 'Help string has changed' + + - name: baremetal.deploy_ramdisk + type: string + default: ~ + help: 'Default ramdisk image ID used in deployment phase ' + comment: 'Help string has changed' + + - name: baremetal.net_config_template + type: string + default: '$pybasedir/nova/virt/baremetal/net-dhcp.ubuntu.template' + help: 'Template file for injected network config ' + comment: 'Help string has changed' + + - name: baremetal.pxe_append_params + type: string + default: 'nofb nomodeset vga=normal' + help: 'additional append parameters for baremetal PXE boot ' + comment: 'Default value has changed' + + - name: baremetal.pxe_config_template + type: string + default: '$pybasedir/nova/virt/baremetal/pxe_config.template' + help: 'Template file for PXE configuration ' + comment: 'Help string has changed' + + - name: baremetal.pxe_deploy_timeout + type: integer + default: false + help: 'Timeout for PXE deployments. Default: 0 (unlimited) ' + comment: 'Help string has changed' + + - name: baremetal.virtual_power_ssh_host + type: string + default: '' + help: 'ip or name to virtual power host ' + comment: 'Help string has changed' + + - name: baremetal.virtual_power_type + type: string + default: 'virsh' + help: 'base command to use for virtual power(vbox,virsh) ' + comment: 'Default value has changed' + + - name: baremetal.virtual_power_host_user + type: string + default: '' + help: 'user to execute virtual power commands as ' + comment: 'Help string has changed' + + - name: baremetal.virtual_power_host_pass + type: string + default: '' + help: 'password for virtual power host_user ' + comment: 'Help string has changed' + + - name: baremetal.use_unsafe_iscsi + type: boolean + default: false + help: 'Do not set this out of dev/test environments. If a node does not have a fixed PXE IP address, volumes are exported with globally opened ACL ' + comment: 'Help string has changed' + + - name: baremetal.iscsi_iqn_prefix + type: string + default: 'iqn.2010-10.org.openstack.baremetal' + help: 'iSCSI IQN prefix used in baremetal volume connections. ' + comment: 'Help string has changed' + + - name: rpc_notifier2.topics + type: string_list + default: ['notifications'] + help: 'AMQP topic(s) used for OpenStack notifications ' + comment: 'Type has changed' + + - name: trusted_computing.attestation_server + type: string + default: ~ + help: 'attestation server http ' + comment: 'Help string has changed' + + - name: trusted_computing.attestation_server_ca_file + type: string + default: ~ + help: 'attestation server Cert file for Identity verification ' + comment: 'Help string has changed' + + - name: trusted_computing.attestation_port + type: string + default: '8443' + help: 'attestation server port ' + comment: 'Type has changed' + + - name: trusted_computing.attestation_api_url + type: string + default: '/OpenAttestationWebServices/V1.0' + help: 'attestation web API URL ' + comment: 'Help string has changed' + + - name: trusted_computing.attestation_auth_blob + type: string + default: ~ + help: 'attestation authorization blob - must change ' + comment: 'Help string has changed' + + - name: trusted_computing.attestation_auth_timeout + type: integer + default: 60 + help: 'Attestation status cache valid period length ' + comment: 'Help string has changed' + + - name: vmware.integration_bridge + type: string + default: 'br-int' + help: 'Name of Integration Bridge ' + comment: 'Help string has changed' + + - name: spice.html5proxy_base_url + type: string + default: 'http://127.0.0.1:6082/spice_auto.html' + help: "location of spice html5 console proxy, in the form 'http://127.0.0.1:6082/spice_auto.html' " + comment: 'Help string has changed' + + - name: spice.server_listen + type: host + default: '127.0.0.1' + help: 'IP address on which instance spice server should listen ' + comment: 'Type has changed' + + - name: spice.server_proxyclient_address + type: string + default: '127.0.0.1' + help: 'the address to which proxy clients (like nova- spicehtml5proxy) should connect ' + comment: 'Help string has changed' + + - name: spice.agent_enabled + type: boolean + default: true + help: 'enable spice guest agent support ' + comment: 'Help string has changed' + + - name: spice.keymap + type: string + default: 'en-us' + help: 'keymap for spice ' + comment: 'Help string has changed' + + - name: ssl.ca_file + type: string + default: ~ + help: 'CA certificate file to use to verify connecting clients ' + comment: 'New param' + + - name: ssl.key_file + type: string + default: ~ + help: 'Private key file to use when starting the server securely ' + comment: 'New param' + + - name: matchmaker_redis.host + type: string + default: '127.0.0.1' + help: 'Host to locate redis ' + comment: 'New param' + + - name: quota_fixed_ips + type: integer + default: -1 + help: 'number of fixed ips allowed per project (this should be at least the number of instances allowed) ' + comment: 'New param' + + - name: vendordata_driver + type: string + default: 'nova.api.metadata.vendordata_json.JsonFileVendorData' + help: 'Driver to use for vendor data ' + comment: 'New param' + + - name: service_neutron_metadata_proxy + type: boolean + default: false + help: 'Set flag to indicate Neutron will proxy metadata requests and resolve instance ids. ' + comment: 'New param' + + - name: neutron_metadata_proxy_shared_secret + type: string + default: '' + help: 'Shared secret to validate proxies Neutron metadata requests ' + comment: 'New param' + + - name: vendordata_jsonfile_path + type: string + default: ~ + help: 'File to load json formated vendor data from ' + comment: 'New param' + + - name: use_neutron_default_nets + type: string + default: 'False' + help: 'Control for checking for default networks ' + comment: 'New param' + + - name: neutron_default_tenant_id + type: string + default: 'default' + help: 'Default tenant id when creating neutron networks ' + comment: 'New param' + + - name: vpn_flavor + type: string + default: 'm1.tiny' + help: 'Flavor for vpn instances ' + comment: 'New param' + + - name: upgrade_levels.cert + type: string + default: ~ + help: 'Set a version cap for messages sent to cert services ' + comment: 'New param' + + - name: spicehtml5proxy_host + type: host + default: '0.0.0.0' + help: 'Host on which to listen for incoming requests ' + comment: 'New param' + + - name: spicehtml5proxy_port + type: port + default: 6082 + help: 'Port on which to listen for incoming requests ' + comment: 'New param' + + - name: allow_migrate_to_same_host + type: boolean + default: false + help: 'Allow migrate machine to the same host. Useful when testing in single-host environments. ' + comment: 'New param' + + - name: max_local_block_devices + type: integer + default: 3 + help: 'Maximum number of devices that will result in a local image being created on the hypervisor node. Setting this to 0 means nova will allow only boot from volume. A negative number means unlimited. ' + comment: 'New param' + + - name: default_flavor + type: string + default: 'm1.small' + help: 'default flavor to use for the EC2 API only. The Nova API does not support a default flavor. ' + comment: 'New param' + + - name: network_allocate_retries + type: integer + default: false + help: 'Number of times to retry network allocation on failures ' + comment: 'New param' + + - name: maximum_instance_delete_attempts + type: integer + default: 5 + help: "The number of times to attempt to reap an instance's files. " + comment: 'New param' + + - name: sync_power_state_interval + type: integer + default: 600 + help: 'interval to sync power states between the database and the hypervisor ' + comment: 'New param' + + - name: shelved_poll_interval + type: integer + default: 3600 + help: 'Interval in seconds for polling shelved instances to offload ' + comment: 'New param' + + - name: shelved_offload_time + type: integer + default: false + help: 'Time in seconds before a shelved instance is eligible for removing from a host. -1 never offload, 0 offload when shelved ' + comment: 'New param' + + - name: instance_delete_interval + type: integer + default: 300 + help: 'Interval in seconds for retrying failed instance file deletes ' + comment: 'New param' + + - name: migrate_max_retries + type: integer + default: -1 + help: 'Number of times to retry live-migration before failing. If == -1, try until out of hosts. If == 0, only try once, no retries. ' + comment: 'New param' + + - name: iptables_drop_action + type: string + default: 'DROP' + help: 'The table that iptables to jump to when a packet is to be dropped. ' + comment: 'New param' + + - name: vmware.vlan_interface + type: string + default: 'vmnic0' + help: 'Physical ethernet adapter name for vlan networking ' + comment: 'New param' + + - name: neutron_url + type: string + default: 'http://127.0.0.1:9696' + help: 'URL for connecting to neutron ' + comment: 'New param' + + - name: neutron_url_timeout + type: integer + default: 30 + help: 'timeout value for connecting to neutron in seconds ' + comment: 'New param' + + - name: neutron_admin_username + type: string + default: ~ + help: 'username for connecting to neutron in admin context ' + comment: 'New param' + + - name: neutron_admin_password + type: string + default: ~ + help: 'password for connecting to neutron in admin context ' + comment: 'New param' + + - name: neutron_admin_tenant_name + type: string + default: ~ + help: 'tenant name for connecting to neutron in admin context ' + comment: 'New param' + + - name: neutron_region_name + type: string + default: ~ + help: 'region name for connecting to neutron in admin context ' + comment: 'New param' + + - name: neutron_admin_auth_url + type: string + default: 'http://localhost:5000/v2.0' + help: 'auth url for connecting to neutron in admin context ' + comment: 'New param' + + - name: neutron_api_insecure + type: boolean + default: false + help: 'if set, ignore any SSL validation issues ' + comment: 'New param' + + - name: neutron_auth_strategy + type: string + default: 'keystone' + help: 'auth strategy for connecting to neutron in admin context ' + comment: 'New param' + + - name: neutron_ovs_bridge + type: string + default: 'br-int' + help: 'Name of Integration Bridge used by Open vSwitch ' + comment: 'New param' + + - name: neutron_extension_sync_interval + type: integer + default: 600 + help: 'Number of seconds before querying neutron for extensions ' + comment: 'New param' + + - name: neutron_ca_certificates_file + type: string + default: ~ + help: 'Location of ca certificates file to use for neutron client requests. ' + comment: 'New param' + + - name: dhcp_options_enabled + type: boolean + default: false + help: 'Use per-port DHCP options with Neutron ' + comment: 'New param' + + - name: amqp_durable_queues + type: boolean + default: false + help: 'Use durable queues in amqp. ' + comment: 'New param' + + - name: amqp_auto_delete + type: boolean + default: false + help: 'Auto-delete queues in amqp. ' + comment: 'New param' + + - name: qpid_topology_version + type: integer + default: true + help: 'The qpid topology version to use. Version 1 is what was originally used by impl_qpid. Version 2 includes some backwards-incompatible changes that allow broker federation to work. Users should update to version 2 when they are able to take everything down, as it requires a clean break. ' + comment: 'New param' + + - name: matchmaker_heartbeat_freq + type: integer + default: 300 + help: 'Heartbeat frequency ' + comment: 'New param' + + - name: matchmaker_heartbeat_ttl + type: integer + default: 600 + help: 'Heartbeat time-to-live. ' + comment: 'New param' + + - name: pci_alias + type: string + default: '' + help: "An alias for a PCI passthrough device requirement. This allows users to specify the alias in the extra_spec for a flavor, without needing to repeat all the PCI property requirements. For example: pci_alias = { 'name': 'QuicAssist', 'product_id': '0443', 'vendor_id': '8086', 'device_type': 'ACCEL' } defines an alias for the Intel QuickAssist card. (multi valued) (multi valued)" + comment: 'New param' + + - name: pci_passthrough_whitelist + type: string + default: '' + help: "White list of PCI devices available to VMs. For example: pci_passthrough_whitelist = [{'vendor_id': '8086', 'product_id': '0443'}] (multi valued)" + comment: 'New param' + + - name: restrict_isolated_hosts_to_isolated_images + type: boolean + default: true + help: 'Whether to force isolated hosts to run only isolated images ' + comment: 'New param' + + - name: cells.scheduler_weight_classes + type: string_list + default: ['nova.cells.weights.all_weighers'] + help: "Weigher classes the cells scheduler should use. An entry of 'nova.cells.weights.all_weighers'maps to all cell weighers included with nova. " + comment: 'New param' + + - name: cells.ram_weight_multiplier + type: float + default: 10.0 + help: 'Multiplier used for weighing ram. Negative numbers mean to stack vs spread. ' + comment: 'New param' + + - name: injected_network_template + type: string + default: '$pybasedir/nova/virt/interfaces.template' + help: 'Template file for injected network ' + comment: 'New param' + + - name: resize_fs_using_block_device + type: boolean + default: false + help: 'Attempt to resize the filesystem by accessing the image over a block device. This is done by the host and may not be necessary if the image contains a recent version of cloud- init. Possible mechanisms require the nbd driver (for qcow and raw), or loop (for raw). ' + comment: 'New param' + + - name: docker_registry_default_port + type: port + default: 5042 + help: 'Default TCP port to find the docker-registry container ' + comment: 'New param' + + - name: vcpu_pin_set + type: string + default: ~ + help: "Which pcpus can be used by vcpus of instance e.g: '4-12,^8,15' " + comment: 'New param' + + - name: libvirt_images_rbd_pool + type: string + default: 'rbd' + help: 'the RADOS pool in which rbd volumes are stored ' + comment: 'New param' + + - name: libvirt_images_rbd_ceph_conf + type: string + default: '' + help: 'path to the ceph configuration file to use ' + comment: 'New param' + + - name: num_iser_scan_tries + type: integer + default: 3 + help: 'number of times to rescan iSER target to find volume ' + comment: 'New param' + + - name: libvirt_iser_use_multipath + type: boolean + default: false + help: 'use multipath connection of the iSER volume ' + comment: 'New param' + + - name: qemu_allowed_storage_drivers + type: string_list + default: [] + help: 'Protocols listed here will be accessed directly from QEMU. Currently supported protocols: [gluster] ' + comment: 'New param' + + - name: xenapi_use_agent_default + type: boolean + default: false + help: "Determines if the xenapi agent should be used when the image used does not contain a hint to declare if the agent is present or not. The hint is a glance property 'xenapi_use_agent' that has the value 'true' or 'false'. Note that waiting for the agent when it is not present will significantly increase server boot times. " + comment: 'New param' + + - name: xenapi_image_compression_level + type: integer + default: ~ + help: 'Compression level for images, e.g., 9 for gzip -9. Range is 1-9, 9 being most compressed but most CPU intensive on dom0. ' + comment: 'New param' + + - name: xenapi_ipxe_network_name + type: string + default: ~ + help: 'Name of network to use for booting iPXE ISOs ' + comment: 'New param' + + - name: xenapi_ipxe_boot_menu_url + type: string + default: ~ + help: 'URL to the iPXE boot menu ' + comment: 'New param' + + - name: xenapi_ipxe_mkisofs_cmd + type: string + default: 'mkisofs' + help: 'Name and optionally path of the tool used for ISO image creation ' + comment: 'New param' + + - name: cinder_ca_certificates_file + type: string + default: ~ + help: 'Location of ca certificates file to use for cinder client requests. ' + comment: 'New param' + + - name: hyperv.instances_path_share + type: string + default: '' + help: "The name of a Windows share name mapped to the 'instances_path' dir and used by the resize feature to copy files to the target host. If left blank, an administrative share will be used, looking for the same 'instances_path' used locally " + comment: 'New param' + + - name: hyperv.force_hyperv_utils_v1 + type: boolean + default: false + help: 'Force V1 WMI utility classes ' + comment: 'New param' + + - name: hyperv.force_volumeutils_v1 + type: boolean + default: false + help: 'Force V1 volume utility class ' + comment: 'New param' + + - name: hyperv.vswitch_name + type: string + default: ~ + help: 'External virtual switch Name, if not provided, the first external virtual switch is used ' + comment: 'New param' + + - name: hyperv.limit_cpu_features + type: boolean + default: false + help: 'Required for live migration among hosts with different CPU features ' + comment: 'New param' + + - name: hyperv.config_drive_inject_password + type: boolean + default: false + help: 'Sets the admin password in the config drive image ' + comment: 'New param' + + - name: hyperv.qemu_img_cmd + type: string + default: 'qemu-img.exe' + help: 'qemu-img is used to convert between different image types ' + comment: 'New param' + + - name: hyperv.config_drive_cdrom + type: boolean + default: false + help: 'Attaches the Config Drive image as a cdrom drive instead of a disk drive ' + comment: 'New param' + + - name: hyperv.enable_instance_metrics_collection + type: boolean + default: false + help: "Enables metrics collections for an instance by using Hyper-V's metric APIs. Collected data can by retrieved by other apps and services, e.g.: Ceilometer. Requires Hyper-V / Windows Server 2012 and above " + comment: 'New param' + + - name: hyperv.dynamic_memory_ratio + type: float + default: true + help: 'Enables dynamic memory allocation (ballooning) when set to a value greater than 1. The value expresses the ratio between the total RAM assigned to an instance and its startup RAM amount. For example a ratio of 2.0 for an instance with 1024MB of RAM implies 512MB of RAM allocated at startup ' + comment: 'New param' + + - name: hyperv.volume_attach_retry_count + type: integer + default: 10 + help: 'The number of times to retry to attach a volume ' + comment: 'New param' + + - name: hyperv.volume_attach_retry_interval + type: integer + default: 5 + help: 'Interval between volume attachment attempts, in seconds ' + comment: 'New param' + + - name: osapi_v3.extensions_blacklist + type: string_list + default: [] + help: 'A list of v3 API extensions to never load. Specify the extension aliases here. ' + comment: 'New param' + + - name: osapi_v3.extensions_whitelist + type: string_list + default: [] + help: 'If the list is not empty then a v3 API extension will only be loaded if it exists in this list. Specify the extension aliases here. ' + comment: 'New param' + + - name: conductor.workers + type: integer + default: ~ + help: 'Number of workers for OpenStack Conductor service ' + comment: 'New param' + + - name: keymgr.api_class + type: string + default: 'nova.keymgr.conf_key_mgr.ConfKeyManager' + help: 'The full class name of the key manager API class ' + comment: 'New param' + + - name: keymgr.fixed_key + type: string + default: ~ + help: 'Fixed key returned by key manager, specified in hex ' + comment: 'New param' + + - name: upgrade_levels.scheduler + type: string + default: ~ + help: 'Set a version cap for messages sent to scheduler services ' + comment: 'New param' + + - name: cells.reserve_percent + type: float + default: 10.0 + help: 'Percentage of cell capacity to hold in reserve. Affects both memory and disk utilization ' + comment: 'New param' + + - name: cells.cell_type + type: string + default: ~ + help: 'Type of cell: api or compute ' + comment: 'New param' + + - name: cells.mute_child_interval + type: integer + default: 300 + help: 'Number of seconds after which a lack of capability and capacity updates signals the child cell is to be treated as a mute. ' + comment: 'New param' + + - name: cells.bandwidth_update_interval + type: integer + default: 600 + help: 'Seconds between bandwidth updates for cells. ' + comment: 'New param' + + - name: cells.scheduler_filter_classes + type: string_list + default: ['nova.cells.filters.all_filters'] + help: "Filter classes the cells scheduler should use. An entry of 'nova.cells.filters.all_filters'maps to all cells filters included with nova. " + comment: 'New param' + + - name: cells.cells_config + type: string + default: ~ + help: 'Configuration file from which to read cells configuration. If given, overrides reading cells from the database. ' + comment: 'New param' + + - name: cells.mute_weight_multiplier + type: float + default: -10.0 + help: 'Multiplier used to weigh mute children. (The value should be negative.) ' + comment: 'New param' + + - name: cells.mute_weight_value + type: float + default: 1000.0 + help: 'Weight value assigned to mute children. (The value should be positive.) ' + comment: 'New param' + + - name: database.backend + type: string + default: 'sqlalchemy' + help: 'The backend to use for db ' + comment: 'New param' + + - name: database.use_tpool + type: boolean + default: false + help: 'Enable the experimental use of thread pooling for all DB API calls ' + comment: 'New param' + + - name: database.connection + type: string + default: 'sqlite:////nova/openstack/common/db/$sqlite_db' + help: 'The SQLAlchemy connection string used to connect to the database ' + comment: 'New param' + + - name: database.slave_connection + type: string + default: '' + help: 'The SQLAlchemy connection string used to connect to the slave database ' + comment: 'New param' + + - name: database.idle_timeout + type: integer + default: 3600 + help: 'timeout before idle sql connections are reaped ' + comment: 'New param' + + - name: database.min_pool_size + type: integer + default: true + help: 'Minimum number of SQL connections to keep open in a pool ' + comment: 'New param' + + - name: database.max_pool_size + type: integer + default: ~ + help: 'Maximum number of SQL connections to keep open in a pool ' + comment: 'New param' + + - name: database.max_retries + type: integer + default: 10 + help: 'maximum db connection retries during startup. (setting -1 implies an infinite retry count) ' + comment: 'New param' + + - name: database.retry_interval + type: integer + default: 10 + help: 'interval between retries of opening a sql connection ' + comment: 'New param' + + - name: database.max_overflow + type: integer + default: ~ + help: 'If set, use this value for max_overflow with sqlalchemy ' + comment: 'New param' + + - name: database.connection_debug + type: integer + default: false + help: 'Verbosity of SQL debugging information. 0=None, 100=Everything ' + comment: 'New param' + + - name: database.connection_trace + type: boolean + default: false + help: 'Add python stack traces to SQL as comment strings ' + comment: 'New param' + + - name: database.pool_timeout + type: integer + default: ~ + help: 'If set, use this value for pool_timeout with sqlalchemy ' + comment: 'New param' + + - name: image_file_url.filesystems + type: string_list + default: [] + help: 'A list of filesystems that will be configured in this file under the sections image_file_url: ' + comment: 'New param' + + - name: baremetal.pxe_network_config + type: boolean + default: false + help: 'If set, pass the network configuration details to the initramfs via cmdline. ' + comment: 'New param' + + - name: baremetal.pxe_bootfile_name + type: string + default: 'pxelinux.0' + help: 'This gets passed to Neutron as the bootfile dhcp parameter when the dhcp_options_enabled is set. ' + comment: 'New param' + + - name: baremetal.tile_pdu_ip + type: string + default: '10.0.100.1' + help: 'ip address of tilera pdu ' + comment: 'New param' + + - name: baremetal.tile_pdu_mgr + type: string + default: '/tftpboot/pdu_mgr' + help: 'management script for tilera pdu ' + comment: 'New param' + + - name: baremetal.tile_pdu_off + type: integer + default: 2 + help: 'power status of tilera PDU is OFF ' + comment: 'New param' + + - name: baremetal.tile_pdu_on + type: integer + default: true + help: 'power status of tilera PDU is ON ' + comment: 'New param' + + - name: baremetal.tile_pdu_status + type: integer + default: 9 + help: 'power status of tilera PDU ' + comment: 'New param' + + - name: baremetal.tile_power_wait + type: integer + default: 9 + help: 'wait time in seconds until check the result after tilera power operations ' + comment: 'New param' + + - name: baremetal.virtual_power_ssh_port + type: port + default: 22 + help: 'Port to use for ssh to virtual power host ' + comment: 'New param' + + - name: baremetal.virtual_power_host_key + type: string + default: ~ + help: 'ssh key for virtual power host_user ' + comment: 'New param' + + - name: matchmaker_redis.port + type: integer + default: 6379 + help: 'Use this port to connect to redis host. ' + comment: 'New param' + + - name: matchmaker_redis.password + type: string + default: ~ + help: 'Password for Redis server. (optional) ' + comment: 'New param' + + - name: ssl.cert_file + type: string + default: ~ + help: 'Certificate file to use when starting the server securely ' + comment: 'New param' + + - name: upgrade_levels.baseapi + type: string + default: ~ + help: 'Set a version cap for messages sent to the base api in any service ' + comment: 'New param' + + - name: upgrade_levels.intercell + type: string + default: ~ + help: 'Set a version cap for messages sent between cells services ' + comment: 'New param' + + - name: upgrade_levels.cells + type: string + default: ~ + help: 'Set a version cap for messages sent to local cells services ' + comment: 'New param' + + - name: upgrade_levels.compute + type: string + default: ~ + help: 'Set a version cap for messages sent to compute services ' + comment: 'New param' + + - name: upgrade_levels.conductor + type: string + default: ~ + help: 'Set a version cap for messages sent to conductor services ' + comment: 'New param' + + - name: upgrade_levels.console + type: string + default: ~ + help: 'Set a version cap for messages sent to console services ' + comment: 'New param' + + - name: upgrade_levels.consoleauth + type: string + default: ~ + help: 'Set a version cap for messages sent to consoleauth services ' + comment: 'New param' + + - name: upgrade_levels.network + type: string + default: ~ + help: 'Set a version cap for messages sent to network services ' + comment: 'New param' + + - name: matchmaker_ring.ringfile + type: string + default: '/etc/oslo/matchmaker_ring.json' + help: 'Matchmaker ring file (JSON) ' + comment: 'New param' + + - name: vmware.host_ip + type: string + default: ~ + help: 'URL for connection to VMware ESX/VC host. Required if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver. ' + comment: 'New param' + + - name: vmware.host_username + type: string + default: ~ + help: 'Username for connection to VMware ESX/VC host. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver. ' + comment: 'New param' + + - name: vmware.host_password + type: string + default: ~ + help: 'Password for connection to VMware ESX/VC host. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver. ' + comment: 'New param' + + - name: vmware.cluster_name + type: string + default: ~ + help: 'Name of a VMware Cluster ComputeResource. Used only if compute_driver is vmwareapi.VMwareVCDriver. (multi valued)' + comment: 'New param' + + - name: vmware.datastore_regex + type: string + default: ~ + help: 'Regex to match the name of a datastore. Used only if compute_driver is vmwareapi.VMwareVCDriver. ' + comment: 'New param' + + - name: vmware.task_poll_interval + type: float + default: 5.0 + help: 'The interval used for polling of remote tasks. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver. ' + comment: 'New param' + + - name: vmware.api_retry_count + type: integer + default: 10 + help: 'The number of times we retry on failures, e.g., socket error, etc. Used only if compute_driver is vmwareapi.VMwareESXDriver or vmwareapi.VMwareVCDriver. ' + comment: 'New param' + + - name: vmware.vnc_port + type: port + default: 5900 + help: 'VNC starting port ' + comment: 'New param' + + - name: vmware.vnc_port_total + type: integer + default: 10000 + help: 'Total number of VNC ports ' + comment: 'New param' + + - name: vmware.vnc_password + type: string + default: ~ + help: 'DEPRECATED. VNC password. The password-based access to VNC consoles will be removed in the next release. The default value will disable password protection on the VNC console. ' + comment: 'New param' + + - name: vmware.use_linked_clone + type: boolean + default: true + help: 'Whether to use linked clone ' + comment: 'New param' + + - name: vmware.wsdl_location + type: string + default: ~ + help: 'Optional VIM Service WSDL Location e.g http:///vimService.wsdl. Optional over-ride to default location for bug work-arounds ' + comment: 'New param' + + - name: vmware.maximum_objects + type: integer + default: 100 + help: 'The maximum number of ObjectContent data objects that should be returned in a single result. A positive value will cause the operation to suspend the retrieval when the count of objects reaches the specified maximum. The server may still limit the count to something less than the configured value. Any remaining objects may be retrieved with additional requests. ' + comment: 'New param' + +# ==================================================== diff --git a/rubick/schemas/rabbitmq/rabbitmq.conf.yml b/rubick/schemas/rabbitmq/rabbitmq.conf.yml new file mode 100644 index 0000000..e5c06cf --- /dev/null +++ b/rubick/schemas/rabbitmq/rabbitmq.conf.yml @@ -0,0 +1,67 @@ +- version: '3.0.0' + checkpoint: true + added: + + - name: tcp_listeners + type: rabbitmq_bind_list + default: [5672] + help: 'List of ports on which to listen for AMQP connections (without SSL)' + comment: 'New param' + + - name: ssl_listeners + type: rabbitmq_bind_list + default: [] + help: 'List of ports on which to listen for AMQP connections (SSL)' + comment: 'New param' + + - name: ssl_options + type: string_list + default: [] + comment: 'New param' + + - name: vm_memory_high_watermark + type: float + default: 0.4 + comment: 'New param' + + - name: vm_memory_high_watermark_paging_ratio + type: float + default: 0.5 + comment: 'New param' + + - name: disk_free_limit + type: integer + default: 50000000 + comment: 'Default value has changed' + + - name: log_levels + type: string_list + default: ['{connection, info}'] + comment: 'New param' + + - name: frame_max + type: integer + default: 131072 + comment: 'New param' + + - name: heartbeat + type: integer + default: 600 + comment: 'New param' + + - name: default_vhost + type: string + default: '/' + comment: 'New param' + + - name: default_user + type: string + default: 'guest' + comment: 'New param' + + - name: default_pass + type: string + default: 'guest' + comment: 'New param' + +# ==================================================== diff --git a/rubick/schemas/swift_account_server/swift_account_server.conf.yml b/rubick/schemas/swift_account_server/swift_account_server.conf.yml new file mode 100644 index 0000000..656f3cf --- /dev/null +++ b/rubick/schemas/swift_account_server/swift_account_server.conf.yml @@ -0,0 +1,289 @@ +- version: '2013.2.1' + checkpoint: true + added: + + - name: bind_ip + type: string + default: '0.0.0.0' + comment: 'New param' + + - name: bind_port + type: string + default: '6002' + comment: 'New param' + + - name: bind_timeout + type: string + default: '30' + comment: 'New param' + + - name: backlog + type: string + default: '4096' + comment: 'New param' + + - name: user + type: string + default: 'swift' + comment: 'New param' + + - name: swift_dir + type: string + default: '/etc/swift' + comment: 'New param' + + - name: devices + type: string + default: '/srv/node' + comment: 'New param' + + - name: mount_check + type: string + default: 'true' + comment: 'New param' + + - name: disable_fallocate + type: string + default: 'false' + comment: 'New param' + + - name: workers + type: string + default: 'auto' + help: 'Use an integer to override the number of pre-forked processes that will accept connections.' + comment: 'New param' + + - name: max_clients + type: string + default: '1024' + help: 'Maximum concurrent requests per worker' + comment: 'New param' + + - name: account-reaper.log_name + type: string + default: 'account-reaper' + help: "You can override the default log routing for this app here (don't use set!):" + comment: 'New param' + + - name: account-reaper.log_facility + type: string + default: 'LOG_LOCAL0' + help: "You can override the default log routing for this app here (don't use set!):" + comment: 'New param' + + - name: account-reaper.log_level + type: string + default: 'INFO' + help: "You can override the default log routing for this app here (don't use set!):" + comment: 'New param' + + - name: account-reaper.log_address + type: string + default: '/dev/log' + help: "You can override the default log routing for this app here (don't use set!):" + comment: 'New param' + + - name: log_custom_handlers + type: string + default: '' + help: 'comma separated list of functions to call to setup custom log handlers. functions get passed: conf, name, log_to_console, log_route, fmt, logger, adapted_logger' + comment: 'New param' + + - name: log_udp_host + type: string + default: '' + help: 'If set, log_udp_host will override log_address' + comment: 'New param' + + - name: log_udp_port + type: string + default: '514' + help: 'If set, log_udp_host will override log_address' + comment: 'New param' + + - name: log_statsd_host + type: host + default: 'localhost' + help: 'You can enable StatsD logging here:' + comment: 'New param' + + - name: log_statsd_port + type: string + default: '8125' + help: 'You can enable StatsD logging here:' + comment: 'New param' + + - name: log_statsd_default_sample_rate + type: string + default: '1.0' + help: 'You can enable StatsD logging here:' + comment: 'New param' + + - name: log_statsd_sample_rate_factor + type: string + default: '1.0' + help: 'You can enable StatsD logging here:' + comment: 'New param' + + - name: log_statsd_metric_prefix + type: string + default: '' + help: 'You can enable StatsD logging here:' + comment: 'New param' + + - name: db_preallocation + type: string + default: 'off' + help: "If you don't mind the extra disk space usage in overhead, you can turn this on to preallocate disk space with SQLite databases to decrease fragmentation." + comment: 'New param' + + - name: eventlet_debug + type: string + default: 'false' + comment: 'New param' + + - name: fallocate_reserve + type: string + default: '0' + help: "You can set fallocate_reserve to the number of bytes you'd like fallocate to reserve, whether there is space for the given file size or not." + comment: 'New param' + + - name: 'pipeline:main.pipeline' + type: string + default: 'healthcheck recon account-server' + comment: 'New param' + + - name: 'filter:recon.use' + type: string + default: 'egg:swift#recon' + comment: 'New param' + + - name: 'app:account-server.set log_name' + type: string + default: 'account-server' + help: 'You can override the default log routing for this app here:' + comment: 'New param' + + - name: 'app:account-server.set log_facility' + type: string + default: 'LOG_LOCAL0' + help: 'You can override the default log routing for this app here:' + comment: 'New param' + + - name: 'app:account-server.set log_level' + type: string + default: 'INFO' + help: 'You can override the default log routing for this app here:' + comment: 'New param' + + - name: 'app:account-server.set log_requests' + type: string + default: 'true' + help: 'You can override the default log routing for this app here:' + comment: 'New param' + + - name: 'app:account-server.set log_address' + type: string + default: '/dev/log' + help: 'You can override the default log routing for this app here:' + comment: 'New param' + + - name: 'app:account-server.auto_create_account_prefix' + type: string + default: '.' + comment: 'New param' + + - name: 'app:account-server.replication_server' + type: string + default: 'false' + help: "Configure parameter for creating specific server To handle all verbs, including replication verbs, do not specify 'replication_server' (this is the default). To only handle replication, set to a True value (e.g. 'True' or '1'). To handle only non-replication verbs, set to 'False'. Unless you have a separate replication network, you should not specify any value for 'replication_server'." + comment: 'New param' + + - name: 'filter:healthcheck.disable_path' + type: string + default: '' + help: "An optional filesystem path, which if present, will cause the healthcheck URL to return '503 Service Unavailable' with a body of 'DISABLED BY FILE'" + comment: 'New param' + + - name: account-auditor.recon_cache_path + type: string + default: '/var/cache/swift' + comment: 'New param' + + - name: account-replicator.vm_test_mode + type: string + default: 'no' + comment: 'New param' + + - name: account-replicator.per_diff + type: string + default: '1000' + comment: 'New param' + + - name: account-replicator.max_diffs + type: string + default: '100' + comment: 'New param' + + - name: account-reaper.concurrency + type: string + default: '25' + comment: 'New param' + + - name: account-reaper.interval + type: string + default: '3600' + comment: 'New param' + + - name: account-replicator.error_suppression_interval + type: string + default: '60' + help: "How long without an error before a node's error count is reset. This will also be how long before a node is reenabled after suppression is triggered." + comment: 'New param' + + - name: account-replicator.error_suppression_limit + type: string + default: '10' + help: 'How many errors can accumulate before a node is temporarily ignored.' + comment: 'New param' + + - name: account-reaper.node_timeout + type: string + default: '10' + comment: 'New param' + + - name: account-reaper.conn_timeout + type: string + default: '0.5' + comment: 'New param' + + - name: account-replicator.reclaim_age + type: string + default: '604800' + help: 'The replicator also performs reclamation' + comment: 'New param' + + - name: account-replicator.run_pause + type: string + default: '30' + help: 'Time in seconds to wait between replication passes' + comment: 'New param' + + - name: account-auditor.accounts_per_second + type: string + default: '200' + comment: 'New param' + + - name: account-reaper.delay_reaping + type: string + default: '0' + help: 'Normally, the reaper begins deleting account information for deleted accounts immediately; you can set this to delay its work however. The value is in seconds; 2592000 = 30 days for example.' + comment: 'New param' + + - name: account-reaper.reap_warn_after + type: string + default: '2592000' + help: 'If the account fails to be be reaped due to a persistent error, the account reaper will log a message such as: Account has not been reaped since You can search logs for this message if space is not being reclaimed after you delete account(s). Default is 2592000 seconds (30 days). This is in addition to any time requested by delay_reaping.' + comment: 'New param' + +# ==================================================== diff --git a/rubick/schemas/swift_container_server/swift_container_server.conf.yml b/rubick/schemas/swift_container_server/swift_container_server.conf.yml new file mode 100644 index 0000000..1ea95de --- /dev/null +++ b/rubick/schemas/swift_container_server/swift_container_server.conf.yml @@ -0,0 +1,297 @@ +- version: '2013.2.1' + checkpoint: true + added: + + - name: bind_ip + type: string + default: '0.0.0.0' + comment: 'New param' + + - name: bind_port + type: string + default: '6001' + comment: 'New param' + + - name: bind_timeout + type: string + default: '30' + comment: 'New param' + + - name: backlog + type: string + default: '4096' + comment: 'New param' + + - name: user + type: string + default: 'swift' + comment: 'New param' + + - name: swift_dir + type: string + default: '/etc/swift' + comment: 'New param' + + - name: devices + type: string + default: '/srv/node' + comment: 'New param' + + - name: mount_check + type: string + default: 'true' + comment: 'New param' + + - name: disable_fallocate + type: string + default: 'false' + comment: 'New param' + + - name: workers + type: string + default: 'auto' + help: 'Use an integer to override the number of pre-forked processes that will accept connections.' + comment: 'New param' + + - name: max_clients + type: string + default: '1024' + help: 'Maximum concurrent requests per worker' + comment: 'New param' + + - name: allowed_sync_hosts + type: string + default: '127.0.0.1' + help: 'This is a comma separated list of hosts allowed in the X-Container-Sync-To field for containers.' + comment: 'New param' + + - name: container-sync.log_name + type: string + default: 'container-sync' + help: "You can override the default log routing for this app here (don't use set!):" + comment: 'New param' + + - name: container-sync.log_facility + type: string + default: 'LOG_LOCAL0' + help: "You can override the default log routing for this app here (don't use set!):" + comment: 'New param' + + - name: container-sync.log_level + type: string + default: 'INFO' + help: "You can override the default log routing for this app here (don't use set!):" + comment: 'New param' + + - name: container-sync.log_address + type: string + default: '/dev/log' + help: "You can override the default log routing for this app here (don't use set!):" + comment: 'New param' + + - name: log_custom_handlers + type: string + default: '' + help: 'comma separated list of functions to call to setup custom log handlers. functions get passed: conf, name, log_to_console, log_route, fmt, logger, adapted_logger' + comment: 'New param' + + - name: log_udp_host + type: string + default: '' + help: 'If set, log_udp_host will override log_address' + comment: 'New param' + + - name: log_udp_port + type: string + default: '514' + help: 'If set, log_udp_host will override log_address' + comment: 'New param' + + - name: log_statsd_host + type: host + default: 'localhost' + help: 'You can enable StatsD logging here:' + comment: 'New param' + + - name: log_statsd_port + type: string + default: '8125' + help: 'You can enable StatsD logging here:' + comment: 'New param' + + - name: log_statsd_default_sample_rate + type: string + default: '1.0' + help: 'You can enable StatsD logging here:' + comment: 'New param' + + - name: log_statsd_sample_rate_factor + type: string + default: '1.0' + help: 'You can enable StatsD logging here:' + comment: 'New param' + + - name: log_statsd_metric_prefix + type: string + default: '' + help: 'You can enable StatsD logging here:' + comment: 'New param' + + - name: db_preallocation + type: string + default: 'off' + help: "If you don't mind the extra disk space usage in overhead, you can turn this on to preallocate disk space with SQLite databases to decrease fragmentation." + comment: 'New param' + + - name: eventlet_debug + type: string + default: 'false' + comment: 'New param' + + - name: fallocate_reserve + type: string + default: '0' + help: "You can set fallocate_reserve to the number of bytes you'd like fallocate to reserve, whether there is space for the given file size or not." + comment: 'New param' + + - name: 'pipeline:main.pipeline' + type: string + default: 'healthcheck recon container-server' + comment: 'New param' + + - name: 'filter:recon.use' + type: string + default: 'egg:swift#recon' + comment: 'New param' + + - name: 'app:container-server.set log_name' + type: string + default: 'container-server' + help: 'You can override the default log routing for this app here:' + comment: 'New param' + + - name: 'app:container-server.set log_facility' + type: string + default: 'LOG_LOCAL0' + help: 'You can override the default log routing for this app here:' + comment: 'New param' + + - name: 'app:container-server.set log_level' + type: string + default: 'INFO' + help: 'You can override the default log routing for this app here:' + comment: 'New param' + + - name: 'app:container-server.set log_requests' + type: string + default: 'true' + help: 'You can override the default log routing for this app here:' + comment: 'New param' + + - name: 'app:container-server.set log_address' + type: string + default: '/dev/log' + help: 'You can override the default log routing for this app here:' + comment: 'New param' + + - name: container-updater.node_timeout + type: string + default: '3' + comment: 'New param' + + - name: container-updater.conn_timeout + type: string + default: '0.5' + comment: 'New param' + + - name: 'app:container-server.allow_versions' + type: string + default: 'false' + comment: 'New param' + + - name: 'app:container-server.auto_create_account_prefix' + type: string + default: '.' + comment: 'New param' + + - name: 'app:container-server.replication_server' + type: string + default: 'false' + help: "Configure parameter for creating specific server To handle all verbs, including replication verbs, do not specify 'replication_server' (this is the default). To only handle replication, set to a True value (e.g. 'True' or '1'). To handle only non-replication verbs, set to 'False'. Unless you have a separate replication network, you should not specify any value for 'replication_server'." + comment: 'New param' + + - name: 'filter:healthcheck.disable_path' + type: string + default: '' + help: "An optional filesystem path, which if present, will cause the healthcheck URL to return '503 Service Unavailable' with a body of 'DISABLED BY FILE'" + comment: 'New param' + + - name: container-auditor.recon_cache_path + type: string + default: '/var/cache/swift' + help: 'containers_per_second = 200' + comment: 'New param' + + - name: container-replicator.vm_test_mode + type: string + default: 'no' + comment: 'New param' + + - name: container-replicator.per_diff + type: string + default: '1000' + comment: 'New param' + + - name: container-replicator.max_diffs + type: string + default: '100' + comment: 'New param' + + - name: container-updater.concurrency + type: string + default: '4' + comment: 'New param' + + - name: container-sync.interval + type: string + default: '300' + help: 'Will sync each container at most once per interval' + comment: 'New param' + + - name: container-replicator.reclaim_age + type: string + default: '604800' + help: 'The replicator also performs reclamation' + comment: 'New param' + + - name: container-replicator.run_pause + type: string + default: '30' + help: 'Time in seconds to wait between replication passes' + comment: 'New param' + + - name: container-updater.slowdown + type: string + default: '0.01' + help: 'slowdown will sleep that amount between containers' + comment: 'New param' + + - name: container-updater.account_suppression_time + type: string + default: '60' + help: 'Seconds to suppress updating an account that has generated an error' + comment: 'New param' + + - name: container-sync.sync_proxy + type: string + default: 'http://127.0.0.1:8888' + help: 'If you need to use an HTTP Proxy, set it here; defaults to no proxy.' + comment: 'New param' + + - name: container-sync.container_time + type: string + default: '60' + help: 'Maximum amount of time to spend syncing each container per pass' + comment: 'New param' + +# ==================================================== diff --git a/rubick/schemas/swift_object_server/swift_object_server.conf.yml b/rubick/schemas/swift_object_server/swift_object_server.conf.yml new file mode 100644 index 0000000..4f379e1 --- /dev/null +++ b/rubick/schemas/swift_object_server/swift_object_server.conf.yml @@ -0,0 +1,386 @@ +- version: '2013.2.1' + checkpoint: true + added: + + - name: bind_ip + type: string + default: '0.0.0.0' + comment: 'New param' + + - name: bind_port + type: string + default: '6000' + comment: 'New param' + + - name: bind_timeout + type: string + default: '30' + comment: 'New param' + + - name: backlog + type: string + default: '4096' + comment: 'New param' + + - name: user + type: string + default: 'swift' + comment: 'New param' + + - name: swift_dir + type: string + default: '/etc/swift' + comment: 'New param' + + - name: devices + type: string + default: '/srv/node' + comment: 'New param' + + - name: mount_check + type: string + default: 'true' + comment: 'New param' + + - name: disable_fallocate + type: string + default: 'false' + comment: 'New param' + + - name: expiring_objects_container_divisor + type: string + default: '86400' + comment: 'New param' + + - name: workers + type: string + default: 'auto' + help: 'Use an integer to override the number of pre-forked processes that will accept connections.' + comment: 'New param' + + - name: max_clients + type: string + default: '1024' + help: 'Maximum concurrent requests per worker' + comment: 'New param' + + - name: object-auditor.log_name + type: string + default: 'object-auditor' + help: "You can override the default log routing for this app here (don't use set!):" + comment: 'New param' + + - name: object-auditor.log_facility + type: string + default: 'LOG_LOCAL0' + help: "You can override the default log routing for this app here (don't use set!):" + comment: 'New param' + + - name: object-auditor.log_level + type: string + default: 'INFO' + help: "You can override the default log routing for this app here (don't use set!):" + comment: 'New param' + + - name: object-auditor.log_address + type: string + default: '/dev/log' + help: "You can override the default log routing for this app here (don't use set!):" + comment: 'New param' + + - name: log_custom_handlers + type: string + default: '' + help: 'comma separated list of functions to call to setup custom log handlers. functions get passed: conf, name, log_to_console, log_route, fmt, logger, adapted_logger' + comment: 'New param' + + - name: log_udp_host + type: string + default: '' + help: 'If set, log_udp_host will override log_address' + comment: 'New param' + + - name: log_udp_port + type: string + default: '514' + help: 'If set, log_udp_host will override log_address' + comment: 'New param' + + - name: log_statsd_host + type: host + default: 'localhost' + help: 'You can enable StatsD logging here:' + comment: 'New param' + + - name: log_statsd_port + type: string + default: '8125' + help: 'You can enable StatsD logging here:' + comment: 'New param' + + - name: log_statsd_default_sample_rate + type: string + default: '1.0' + help: 'You can enable StatsD logging here:' + comment: 'New param' + + - name: log_statsd_sample_rate_factor + type: string + default: '1.0' + help: 'You can enable StatsD logging here:' + comment: 'New param' + + - name: log_statsd_metric_prefix + type: string + default: '' + help: 'You can enable StatsD logging here:' + comment: 'New param' + + - name: eventlet_debug + type: string + default: 'false' + comment: 'New param' + + - name: fallocate_reserve + type: string + default: '0' + help: "You can set fallocate_reserve to the number of bytes you'd like fallocate to reserve, whether there is space for the given file size or not." + comment: 'New param' + + - name: 'pipeline:main.pipeline' + type: string + default: 'healthcheck recon object-server' + comment: 'New param' + + - name: 'filter:recon.use' + type: string + default: 'egg:swift#recon' + comment: 'New param' + + - name: 'app:object-server.set log_name' + type: string + default: 'object-server' + help: 'You can override the default log routing for this app here:' + comment: 'New param' + + - name: 'app:object-server.set log_facility' + type: string + default: 'LOG_LOCAL0' + help: 'You can override the default log routing for this app here:' + comment: 'New param' + + - name: 'app:object-server.set log_level' + type: string + default: 'INFO' + help: 'You can override the default log routing for this app here:' + comment: 'New param' + + - name: 'app:object-server.set log_requests' + type: string + default: 'true' + help: 'You can override the default log routing for this app here:' + comment: 'New param' + + - name: 'app:object-server.set log_address' + type: string + default: '/dev/log' + help: 'You can override the default log routing for this app here:' + comment: 'New param' + + - name: object-updater.node_timeout + type: string + default: '10' + comment: 'New param' + + - name: object-updater.conn_timeout + type: string + default: '0.5' + comment: 'New param' + + - name: 'app:object-server.network_chunk_size' + type: string + default: '65536' + comment: 'New param' + + - name: 'app:object-server.disk_chunk_size' + type: string + default: '65536' + comment: 'New param' + + - name: 'app:object-server.max_upload_time' + type: string + default: '86400' + comment: 'New param' + + - name: 'app:object-server.slow' + type: string + default: '0' + comment: 'New param' + + - name: 'app:object-server.keep_cache_size' + type: string + default: '5424880' + help: 'Objects smaller than this are not evicted from the buffercache once read' + comment: 'New param' + + - name: 'app:object-server.keep_cache_private' + type: string + default: 'false' + help: 'If true, objects for authenticated GET requests may be kept in buffer cache if small enough' + comment: 'New param' + + - name: 'app:object-server.mb_per_sync' + type: string + default: '512' + help: 'on PUTs, sync data every n MB' + comment: 'New param' + + - name: 'app:object-server.allowed_headers' + type: string + default: 'Content-Disposition, Content-Encoding, X-Delete-At, X-Object-Manifest, X-Static-Large-Object' + help: 'Comma separated list of headers that can be set in metadata on an object. This list is in addition to X-Object-Meta-* headers and cannot include Content-Type, etag, Content-Length, or deleted' + comment: 'New param' + + - name: 'app:object-server.auto_create_account_prefix' + type: string + default: '.' + comment: 'New param' + + - name: 'app:object-server.replication_server' + type: string + default: 'false' + help: "Configure parameter for creating specific server To handle all verbs, including replication verbs, do not specify 'replication_server' (this is the default). To only handle replication, set to a True value (e.g. 'True' or '1'). To handle only non-replication verbs, set to 'False'. Unless you have a separate replication network, you should not specify any value for 'replication_server'." + comment: 'New param' + + - name: 'app:object-server.threads_per_disk' + type: string + default: '0' + help: "Configure parameter for creating specific server To handle all verbs, including replication verbs, do not specify 'replication_server' (this is the default). To only handle replication, set to a True value (e.g. 'True' or '1'). To handle only non-replication verbs, set to 'False'. Unless you have a separate replication network, you should not specify any value for 'replication_server'. A value of 0 means 'don't use thread pools'. A reasonable starting point is 4." + comment: 'New param' + + - name: 'filter:healthcheck.disable_path' + type: string + default: '' + help: "An optional filesystem path, which if present, will cause the healthcheck URL to return '503 Service Unavailable' with a body of 'DISABLED BY FILE'" + comment: 'New param' + + - name: object-auditor.recon_cache_path + type: string + default: '/var/cache/swift' + comment: 'New param' + + - name: 'filter:recon.recon_lock_path' + type: string + default: '/var/lock' + comment: 'New param' + + - name: object-replicator.vm_test_mode + type: string + default: 'no' + comment: 'New param' + + - name: object-replicator.daemonize + type: string + default: 'on' + comment: 'New param' + + - name: object-replicator.run_pause + type: string + default: '30' + comment: 'New param' + + - name: object-updater.concurrency + type: string + default: '1' + comment: 'New param' + + - name: object-replicator.stats_interval + type: string + default: '300' + comment: 'New param' + + - name: object-replicator.rsync_timeout + type: string + default: '900' + help: 'max duration of a partition rsync' + comment: 'New param' + + - name: object-replicator.rsync_bwlimit + type: string + default: '0' + help: 'bandwith limit for rsync in kB/s. 0 means unlimited' + comment: 'New param' + + - name: object-replicator.rsync_io_timeout + type: string + default: '30' + help: 'passed to rsync for io op timeout' + comment: 'New param' + + - name: object-replicator.http_timeout + type: string + default: '60' + help: 'max duration of an http request' + comment: 'New param' + + - name: object-replicator.lockup_timeout + type: string + default: '1800' + help: 'attempts to kill all workers if nothing replicates for lockup_timeout seconds' + comment: 'New param' + + - name: object-replicator.reclaim_age + type: string + default: '604800' + help: 'The replicator also performs reclamation' + comment: 'New param' + + - name: object-replicator.ring_check_interval + type: string + default: '15' + comment: 'New param' + + - name: object-replicator.rsync_error_log_line_length + type: string + default: '0' + help: 'limits how long rsync error log lines are 0 means to log the entire line' + comment: 'New param' + + - name: object-updater.interval + type: string + default: '300' + comment: 'New param' + + - name: object-updater.slowdown + type: string + default: '0.01' + help: 'slowdown will sleep that amount between objects' + comment: 'New param' + + - name: object-auditor.files_per_second + type: string + default: '20' + comment: 'New param' + + - name: object-auditor.bytes_per_second + type: string + default: '10000000' + comment: 'New param' + + - name: object-auditor.log_time + type: string + default: '3600' + comment: 'New param' + + - name: object-auditor.zero_byte_files_per_second + type: string + default: '50' + comment: 'New param' + + - name: object-auditor.object_size_stats + type: string + default: '' + help: 'Takes a comma separated list of ints. If set, the object auditor will increment a counter for every object whose size is <= to the given break points and report the result after a full scan.' + comment: 'New param' + +# ==================================================== diff --git a/rubick/schemas/swift_proxy_server/swift_proxy_server.conf.yml b/rubick/schemas/swift_proxy_server/swift_proxy_server.conf.yml new file mode 100644 index 0000000..23e77f0 --- /dev/null +++ b/rubick/schemas/swift_proxy_server/swift_proxy_server.conf.yml @@ -0,0 +1,757 @@ +- version: '2013.2.1' + checkpoint: true + added: + + - name: bind_ip + type: string + default: '0.0.0.0' + comment: 'New param' + + - name: bind_port + type: string + default: '80' + comment: 'New param' + + - name: bind_timeout + type: string + default: '30' + comment: 'New param' + + - name: backlog + type: string + default: '4096' + comment: 'New param' + + - name: swift_dir + type: string + default: '/etc/swift' + comment: 'New param' + + - name: user + type: string + default: 'swift' + comment: 'New param' + + - name: workers + type: string + default: 'auto' + help: "Use an integer to override the number of pre-forked processes that will accept connections. Should default to the number of effective cpu cores in the system. It's worth noting that individual workers will use many eventlet co-routines to service multiple concurrent requests." + comment: 'New param' + + - name: max_clients + type: string + default: '1024' + help: 'Maximum concurrent requests per worker' + comment: 'New param' + + - name: cert_file + type: string + default: '/etc/swift/proxy.crt' + help: 'Set the following two lines to enable SSL. This is for testing only.' + comment: 'New param' + + - name: key_file + type: string + default: '/etc/swift/proxy.key' + help: 'Set the following two lines to enable SSL. This is for testing only.' + comment: 'New param' + + - name: log_name + type: string + default: 'swift' + help: 'You can specify default log routing here if you want:' + comment: 'New param' + + - name: log_facility + type: string + default: 'LOG_LOCAL0' + help: 'You can specify default log routing here if you want:' + comment: 'New param' + + - name: log_level + type: string + default: 'INFO' + help: 'You can specify default log routing here if you want:' + comment: 'New param' + + - name: log_headers + type: string + default: 'false' + help: 'You can specify default log routing here if you want:' + comment: 'New param' + + - name: log_address + type: string + default: '/dev/log' + help: 'You can specify default log routing here if you want:' + comment: 'New param' + + - name: trans_id_suffix + type: string + default: '' + help: 'This optional suffix (default is empty) that would be appended to the swift transaction id allows one to easily figure out from which cluster that X-Trans-Id belongs to. This is very useful when one is managing more than one swift cluster.' + comment: 'New param' + + - name: log_custom_handlers + type: string + default: '' + help: 'comma separated list of functions to call to setup custom log handlers. functions get passed: conf, name, log_to_console, log_route, fmt, logger, adapted_logger' + comment: 'New param' + + - name: log_udp_host + type: string + default: '' + help: 'If set, log_udp_host will override log_address' + comment: 'New param' + + - name: log_udp_port + type: string + default: '514' + help: 'If set, log_udp_host will override log_address' + comment: 'New param' + + - name: log_statsd_host + type: host + default: 'localhost' + help: 'You can enable StatsD logging here:' + comment: 'New param' + + - name: log_statsd_port + type: string + default: '8125' + help: 'You can enable StatsD logging here:' + comment: 'New param' + + - name: log_statsd_default_sample_rate + type: string + default: '1.0' + help: 'You can enable StatsD logging here:' + comment: 'New param' + + - name: log_statsd_sample_rate_factor + type: string + default: '1.0' + help: 'You can enable StatsD logging here:' + comment: 'New param' + + - name: log_statsd_metric_prefix + type: string + default: '' + help: 'You can enable StatsD logging here:' + comment: 'New param' + + - name: cors_allow_origin + type: string + default: '' + help: 'Use a comma separated list of full url (http://foo.bar:1234,https://foo.bar)' + comment: 'New param' + + - name: client_timeout + type: string + default: '60' + comment: 'New param' + + - name: eventlet_debug + type: string + default: 'false' + comment: 'New param' + + - name: 'pipeline:main.pipeline' + type: string + default: 'catch_errors healthcheck proxy-logging cache bulk slo ratelimit tempauth container-quotas account-quotas proxy-logging proxy-server' + comment: 'New param' + + - name: 'filter:account-quotas.use' + type: string + default: 'egg:swift#account_quotas' + comment: 'New param' + + - name: 'filter:cname_lookup.set log_name' + type: string + default: 'cname_lookup' + help: 'Note: this middleware requires python-dnspython You can override the default log routing for this filter here:' + comment: 'New param' + + - name: 'filter:cname_lookup.set log_facility' + type: string + default: 'LOG_LOCAL0' + help: 'Note: this middleware requires python-dnspython You can override the default log routing for this filter here:' + comment: 'New param' + + - name: 'filter:cname_lookup.set log_level' + type: string + default: 'INFO' + help: 'Note: this middleware requires python-dnspython You can override the default log routing for this filter here:' + comment: 'New param' + + - name: 'filter:cname_lookup.set log_address' + type: string + default: '/dev/log' + help: 'Note: this middleware requires python-dnspython You can override the default log routing for this filter here:' + comment: 'New param' + + - name: 'app:proxy-server.log_handoffs' + type: string + default: 'true' + comment: 'New param' + + - name: 'app:proxy-server.recheck_account_existence' + type: string + default: '60' + comment: 'New param' + + - name: 'app:proxy-server.recheck_container_existence' + type: string + default: '60' + comment: 'New param' + + - name: 'app:proxy-server.object_chunk_size' + type: string + default: '8192' + comment: 'New param' + + - name: 'app:proxy-server.client_chunk_size' + type: string + default: '8192' + comment: 'New param' + + - name: 'app:proxy-server.node_timeout' + type: string + default: '10' + comment: 'New param' + + - name: 'app:proxy-server.conn_timeout' + type: string + default: '0.5' + comment: 'New param' + + - name: 'app:proxy-server.error_suppression_interval' + type: string + default: '60' + help: "How long without an error before a node's error count is reset. This will also be how long before a node is reenabled after suppression is triggered." + comment: 'New param' + + - name: 'app:proxy-server.error_suppression_limit' + type: string + default: '10' + help: 'How many errors can accumulate before a node is temporarily ignored.' + comment: 'New param' + + - name: 'app:proxy-server.allow_account_management' + type: string + default: 'false' + help: "If set to 'true' any authorized user may create and delete accounts; if 'false' no one, even authorized, can." + comment: 'New param' + + - name: 'app:proxy-server.object_post_as_copy' + type: string + default: 'true' + help: "Set object_post_as_copy = false to turn on fast posts where only the metadata changes are stored anew and the original data file is kept in place. This makes for quicker posts; but since the container metadata isn't updated in this mode, features like container sync won't be able to sync posts." + comment: 'New param' + + - name: 'app:proxy-server.account_autocreate' + type: string + default: 'false' + help: "If set to 'true' authorized accounts that do not yet exist within the Swift cluster will be automatically created." + comment: 'New param' + + - name: 'app:proxy-server.max_containers_per_account' + type: string + default: '0' + help: 'If set to a positive value, trying to create a container when the account already has at least this maximum containers will result in a 403 Forbidden. Note: This is a soft limit, meaning a user might exceed the cap for recheck_account_existence before the 403s kick in.' + comment: 'New param' + + - name: 'app:proxy-server.max_containers_whitelist' + type: string + default: '' + help: 'This is a comma separated list of account hashes that ignore the max_containers_per_account cap.' + comment: 'New param' + + - name: 'app:proxy-server.deny_host_headers' + type: string + default: '' + help: 'Comma separated list of Host headers to which the proxy will deny requests.' + comment: 'New param' + + - name: 'app:proxy-server.auto_create_account_prefix' + type: string + default: '.' + help: 'Prefix used when automatically creating accounts.' + comment: 'New param' + + - name: 'app:proxy-server.put_queue_depth' + type: string + default: '10' + help: 'Depth of the proxy put queue.' + comment: 'New param' + + - name: 'app:proxy-server.rate_limit_after_segment' + type: string + default: '10' + help: 'Start rate-limiting object segment serving after the Nth segment of a segmented object.' + comment: 'New param' + + - name: 'app:proxy-server.rate_limit_segments_per_sec' + type: string + default: '1' + help: 'Once segment rate-limiting kicks in for an object, limit segments served to N per second.' + comment: 'New param' + + - name: 'app:proxy-server.sorting_method' + type: string + default: 'shuffle' + help: "Storage nodes can be chosen at random (shuffle), by using timing measurements (timing), or by using an explicit match (affinity). Using timing measurements may allow for lower overall latency, while using affinity allows for finer control. In both the timing and affinity cases, equally-sorting nodes are still randomly chosen to spread load. The valid values for sorting_method are 'affinity', 'shuffle', and 'timing'." + comment: 'New param' + + - name: 'app:proxy-server.timing_expiry' + type: string + default: '300' + help: "If the 'timing' sorting_method is used, the timings will only be valid for the number of seconds configured by timing_expiry." + comment: 'New param' + + - name: 'app:proxy-server.allow_static_large_object' + type: string + default: 'true' + help: "If set to false will treat objects with X-Static-Large-Object header set as a regular object on GETs, i.e. will return that object's contents. Should be set to false if slo is not used in pipeline." + comment: 'New param' + + - name: 'app:proxy-server.max_large_object_get_time' + type: string + default: '86400' + help: 'The maximum time (seconds) that a large object connection is allowed to last.' + comment: 'New param' + + - name: 'app:proxy-server.request_node_count' + type: string + default: '2 * replicas' + help: "Set to the number of nodes to contact for a normal request. You can use '* replicas' at the end to have it use the number given times the number of replicas for the ring being used for the request." + comment: 'New param' + + - name: 'app:proxy-server.read_affinity' + type: string + default: '' + help: 'Example: first read from region 1 zone 1, then region 1 zone 2, then anything in region 2, then everything else: read_affinity = r1z1=100, r1z2=200, r2=300 Default is empty, meaning no preference.' + comment: 'New param' + + - name: 'app:proxy-server.write_affinity' + type: string + default: '' + help: 'Example: try to write to regions 1 and 2 before writing to any other nodes: write_affinity = r1, r2 Default is empty, meaning no preference.' + comment: 'New param' + + - name: 'app:proxy-server.write_affinity_node_count' + type: string + default: '2 * replicas' + help: "The number of local (as governed by the write_affinity setting) nodes to attempt to contact first, before any non-local ones. You can use '* replicas' at the end to have it use the number given times the number of replicas for the ring being used for the request." + comment: 'New param' + + - name: 'app:proxy-server.swift_owner_headers' + type: string + default: 'x-container-read, x-container-write, x-container-sync-key, x-container-sync-to, x-account-meta-temp-url-key, x-account-meta-temp-url-key-2' + help: 'These are the headers whose values will only be shown to swift_owners. The exact definition of a swift_owner is up to the auth system in use, but usually indicates administrative responsibilities.' + comment: 'New param' + + - name: 'filter:cname_lookup.set log_headers' + type: string + default: 'false' + help: 'Note: this middleware requires python-dnspython You can override the default log routing for this filter here:' + comment: 'New param' + + - name: 'filter:tempauth.reseller_prefix' + type: string + default: 'AUTH' + help: 'The reseller prefix will verify a token begins with this prefix before even attempting to validate it. Also, with authorization, only Swift storage accounts with this prefix will be authorized by this middleware. Useful if multiple auth systems are in use for one Swift cluster.' + comment: 'New param' + + - name: 'filter:tempauth.auth_prefix' + type: string + default: '/auth/' + help: 'The auth prefix will cause requests beginning with this prefix to be routed to the auth subsystem, for granting tokens, etc.' + comment: 'New param' + + - name: 'filter:tempauth.token_life' + type: string + default: '86400' + help: 'The auth prefix will cause requests beginning with this prefix to be routed to the auth subsystem, for granting tokens, etc.' + comment: 'New param' + + - name: 'filter:tempauth.allow_overrides' + type: string + default: 'true' + help: "This allows middleware higher in the WSGI pipeline to override auth processing, useful for middleware such as tempurl and formpost. If you know you're not going to use such middleware and you want a bit of extra security, you can set this to false." + comment: 'New param' + + - name: 'filter:tempauth.storage_url_scheme' + type: string + default: 'default' + help: 'This specifies what scheme to return with storage urls: http, https, or default (chooses based on what the server is running as) This can be useful with an SSL load balancer in front of a non-SSL server.' + comment: 'New param' + + - name: 'filter:tempauth.user_admin_admin' + type: string + default: 'admin .admin .reseller_admin' + help: 'Lastly, you need to list all the accounts/users you want here. The format is: user__ = [group] [group] [...] [storage_url] or if you want underscores in or , you can base64 encode them (with no equal signs) and use this format: user64__ = [group] [group] [...] [storage_url] There are special groups of: .reseller_admin = can do anything to any account for this auth .admin = can do anything within the account If neither of these groups are specified, the user can only access containers that have been explicitly allowed for them by a .admin or .reseller_admin. The trailing optional storage_url allows you to specify an alternate url to hand back to the user upon authentication. If not specified, this defaults to $HOST/v1/_ where $HOST will do its best to resolve to what the requester would need to use to reach this host. Here are example entries, required for running the tests:' + comment: 'New param' + + - name: 'filter:tempauth.user_test_tester' + type: string + default: 'testing .admin' + help: 'Lastly, you need to list all the accounts/users you want here. The format is: user__ = [group] [group] [...] [storage_url] or if you want underscores in or , you can base64 encode them (with no equal signs) and use this format: user64__ = [group] [group] [...] [storage_url] There are special groups of: .reseller_admin = can do anything to any account for this auth .admin = can do anything within the account If neither of these groups are specified, the user can only access containers that have been explicitly allowed for them by a .admin or .reseller_admin. The trailing optional storage_url allows you to specify an alternate url to hand back to the user upon authentication. If not specified, this defaults to $HOST/v1/_ where $HOST will do its best to resolve to what the requester would need to use to reach this host. Here are example entries, required for running the tests:' + comment: 'New param' + + - name: 'filter:tempauth.user_test2_tester2' + type: string + default: 'testing2 .admin' + help: 'Lastly, you need to list all the accounts/users you want here. The format is: user__ = [group] [group] [...] [storage_url] or if you want underscores in or , you can base64 encode them (with no equal signs) and use this format: user64__ = [group] [group] [...] [storage_url] There are special groups of: .reseller_admin = can do anything to any account for this auth .admin = can do anything within the account If neither of these groups are specified, the user can only access containers that have been explicitly allowed for them by a .admin or .reseller_admin. The trailing optional storage_url allows you to specify an alternate url to hand back to the user upon authentication. If not specified, this defaults to $HOST/v1/_ where $HOST will do its best to resolve to what the requester would need to use to reach this host. Here are example entries, required for running the tests:' + comment: 'New param' + + - name: 'filter:tempauth.user_test_tester3' + type: string + default: 'testing3' + help: 'Lastly, you need to list all the accounts/users you want here. The format is: user__ = [group] [group] [...] [storage_url] or if you want underscores in or , you can base64 encode them (with no equal signs) and use this format: user64__ = [group] [group] [...] [storage_url] There are special groups of: .reseller_admin = can do anything to any account for this auth .admin = can do anything within the account If neither of these groups are specified, the user can only access containers that have been explicitly allowed for them by a .admin or .reseller_admin. The trailing optional storage_url allows you to specify an alternate url to hand back to the user upon authentication. If not specified, this defaults to $HOST/v1/_ where $HOST will do its best to resolve to what the requester would need to use to reach this host. Here are example entries, required for running the tests:' + comment: 'New param' + + - name: 'filter:tempauth.paste.filter_factory' + type: string + default: 'keystoneclient.middleware.auth_token:filter_factory' + help: '[filter:authtoken]' + comment: 'New param' + + - name: 'filter:tempauth.auth_host' + type: string + default: 'keystonehost' + help: '[filter:authtoken]' + comment: 'New param' + + - name: 'filter:tempauth.auth_port' + type: string + default: '35357' + help: '[filter:authtoken]' + comment: 'New param' + + - name: 'filter:tempauth.auth_protocol' + type: string + default: 'http' + help: '[filter:authtoken]' + comment: 'New param' + + - name: 'filter:tempauth.auth_uri' + type: string + default: 'http://keystonehost:5000/' + help: '[filter:authtoken]' + comment: 'New param' + + - name: 'filter:tempauth.admin_tenant_name' + type: string + default: 'service' + help: '[filter:authtoken]' + comment: 'New param' + + - name: 'filter:tempauth.admin_user' + type: string + default: 'swift' + help: '[filter:authtoken]' + comment: 'New param' + + - name: 'filter:tempauth.admin_password' + type: string + default: 'password' + help: '[filter:authtoken]' + comment: 'New param' + + - name: 'filter:tempauth.delay_auth_decision' + type: string + default: '1' + help: '[filter:authtoken]' + comment: 'New param' + + - name: 'filter:tempauth.cache' + type: string + default: 'swift.cache' + help: '[filter:authtoken]' + comment: 'New param' + + - name: 'filter:tempauth.operator_roles' + type: string + default: 'admin, swiftoperator' + help: '[filter:keystoneauth] Operator roles is the role which user would be allowed to manage a tenant and be able to create container or give ACL to others.' + comment: 'New param' + + - name: 'filter:tempauth.reseller_admin_role' + type: string + default: 'ResellerAdmin' + help: '[filter:keystoneauth] Operator roles is the role which user would be allowed to manage a tenant and be able to create container or give ACL to others. The reseller admin role has the ability to create and delete accounts' + comment: 'New param' + + - name: 'filter:healthcheck.disable_path' + type: string + default: '' + help: "An optional filesystem path, which if present, will cause the healthcheck URL to return '503 Service Unavailable' with a body of 'DISABLED BY FILE'. This facility may be used to temporarily remove a Swift node from a load balancer pool during maintenance or upgrade (remove the file to allow the node back into the load balancer pool)." + comment: 'New param' + + - name: 'filter:cache.memcache_servers' + type: string + default: '127.0.0.1:11211' + help: 'If not set here, the value for memcache_servers will be read from memcache.conf (see memcache.conf-sample) or lacking that file, it will default to the value below. You can specify multiple servers separated with commas, as in: 10.1.2.3:11211,10.1.2.4:11211' + comment: 'New param' + + - name: 'filter:cache.memcache_serialization_support' + type: string + default: '2' + help: 'Sets how memcache values are serialized and deserialized: 0 = older, insecure pickle serialization 1 = json serialization but pickles can still be read (still insecure) 2 = json serialization only (secure and the default) If not set here, the value for memcache_serialization_support will be read from /etc/swift/memcache.conf (see memcache.conf-sample). To avoid an instant full cache flush, existing installations should upgrade with 0, then set to 1 and reload, then after some time (24 hours) set to 2 and reload. In the future, the ability to use pickle serialization will be removed.' + comment: 'New param' + + - name: 'filter:ratelimit.clock_accuracy' + type: string + default: '1000' + help: "clock_accuracy should represent how accurate the proxy servers' system clocks are with each other. 1000 means that all the proxies' clock are accurate to each other within 1 millisecond. No ratelimit should be higher than the clock accuracy." + comment: 'New param' + + - name: 'filter:ratelimit.max_sleep_time_seconds' + type: string + default: '60' + comment: 'New param' + + - name: 'filter:ratelimit.log_sleep_time_seconds' + type: string + default: '0' + help: 'log_sleep_time_seconds of 0 means disabled' + comment: 'New param' + + - name: 'filter:ratelimit.rate_buffer_seconds' + type: string + default: '5' + help: "allows for slow rates (e.g. running up to 5 sec's behind) to catch up." + comment: 'New param' + + - name: 'filter:ratelimit.account_ratelimit' + type: string + default: '0' + help: 'account_ratelimit of 0 means disabled' + comment: 'New param' + + - name: 'filter:ratelimit.account_whitelist' + type: string + default: 'a,b' + help: 'these are comma separated lists of account names' + comment: 'New param' + + - name: 'filter:ratelimit.account_blacklist' + type: string + default: 'c,d' + help: 'these are comma separated lists of account names' + comment: 'New param' + + - name: 'filter:ratelimit.with container_limit_x' + type: string + default: 'r' + comment: 'New param' + + - name: 'filter:ratelimit.container_ratelimit_0' + type: string + default: '100' + help: 'for containers of size x limit write requests per second to r. The container rate will be linearly interpolated from the values given. With the values below, a container of size 5 will get a rate of 75.' + comment: 'New param' + + - name: 'filter:ratelimit.container_ratelimit_10' + type: string + default: '50' + help: 'for containers of size x limit write requests per second to r. The container rate will be linearly interpolated from the values given. With the values below, a container of size 5 will get a rate of 75.' + comment: 'New param' + + - name: 'filter:ratelimit.container_ratelimit_50' + type: string + default: '20' + help: 'for containers of size x limit write requests per second to r. The container rate will be linearly interpolated from the values given. With the values below, a container of size 5 will get a rate of 75.' + comment: 'New param' + + - name: 'filter:ratelimit.container_listing_ratelimit_0' + type: string + default: '100' + help: 'Similarly to the above container-level write limits, the following will limit container GET (listing) requests.' + comment: 'New param' + + - name: 'filter:ratelimit.container_listing_ratelimit_10' + type: string + default: '50' + help: 'Similarly to the above container-level write limits, the following will limit container GET (listing) requests.' + comment: 'New param' + + - name: 'filter:ratelimit.container_listing_ratelimit_50' + type: string + default: '20' + help: 'Similarly to the above container-level write limits, the following will limit container GET (listing) requests.' + comment: 'New param' + + - name: 'filter:cname_lookup.storage_domain' + type: string + default: 'example.com' + comment: 'New param' + + - name: 'filter:domain_remap.path_root' + type: string + default: 'v1' + comment: 'New param' + + - name: 'filter:domain_remap.reseller_prefixes' + type: string + default: 'AUTH' + comment: 'New param' + + - name: 'filter:cname_lookup.lookup_depth' + type: string + default: '1' + comment: 'New param' + + - name: 'filter:tempurl.methods' + type: string + default: 'GET HEAD PUT' + help: 'The methods allowed with Temp URLs.' + comment: 'New param' + + - name: 'filter:tempurl.incoming_remove_headers' + type: string + default: 'x-timestamp' + help: "The headers to remove from incoming requests. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match. incoming_allow_headers is a list of exceptions to these removals." + comment: 'New param' + + - name: 'filter:tempurl.incoming_allow_headers' + type: string + default: '' + help: "The headers allowed as exceptions to incoming_remove_headers. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match." + comment: 'New param' + + - name: 'filter:tempurl.outgoing_remove_headers' + type: string + default: 'x-object-meta-*' + help: "The headers to remove from outgoing responses. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match. outgoing_allow_headers is a list of exceptions to these removals." + comment: 'New param' + + - name: 'filter:name_check.forbidden_chars' + type: string + default: "\\'\"`<>" + comment: 'New param' + + - name: 'filter:name_check.maximum_length' + type: string + default: '255' + comment: 'New param' + + - name: 'filter:name_check.forbidden_regexp' + type: string + default: '/\\./|/\\.\\./|/\\.$|/\\.\\.$' + comment: 'New param' + + - name: 'filter:list-endpoints.list_endpoints_path' + type: string + default: '/endpoints/' + comment: 'New param' + + - name: 'filter:proxy-logging.access_log_name' + type: string + default: 'swift' + help: "If not set, logging directives from [DEFAULT] without 'access_' will be used" + comment: 'New param' + + - name: 'filter:proxy-logging.access_log_facility' + type: string + default: 'LOG_LOCAL0' + help: "If not set, logging directives from [DEFAULT] without 'access_' will be used" + comment: 'New param' + + - name: 'filter:proxy-logging.access_log_level' + type: string + default: 'INFO' + help: "If not set, logging directives from [DEFAULT] without 'access_' will be used" + comment: 'New param' + + - name: 'filter:proxy-logging.access_log_address' + type: string + default: '/dev/log' + help: "If not set, logging directives from [DEFAULT] without 'access_' will be used" + comment: 'New param' + + - name: 'filter:proxy-logging.access_log_udp_host' + type: string + default: '' + help: 'If set, access_log_udp_host will override access_log_address' + comment: 'New param' + + - name: 'filter:proxy-logging.access_log_udp_port' + type: string + default: '514' + help: 'If set, access_log_udp_host will override access_log_address' + comment: 'New param' + + - name: 'filter:proxy-logging.access_log_statsd_host' + type: host + default: 'localhost' + help: 'You can use log_statsd_* from [DEFAULT] or override them here:' + comment: 'New param' + + - name: 'filter:proxy-logging.access_log_statsd_port' + type: string + default: '8125' + help: 'You can use log_statsd_* from [DEFAULT] or override them here:' + comment: 'New param' + + - name: 'filter:proxy-logging.access_log_statsd_default_sample_rate' + type: string + default: '1.0' + help: 'You can use log_statsd_* from [DEFAULT] or override them here:' + comment: 'New param' + + - name: 'filter:proxy-logging.access_log_statsd_sample_rate_factor' + type: string + default: '1.0' + help: 'You can use log_statsd_* from [DEFAULT] or override them here:' + comment: 'New param' + + - name: 'filter:proxy-logging.access_log_statsd_metric_prefix' + type: string + default: '' + help: 'You can use log_statsd_* from [DEFAULT] or override them here:' + comment: 'New param' + + - name: 'filter:proxy-logging.access_log_headers' + type: string + default: 'false' + help: 'You can use log_statsd_* from [DEFAULT] or override them here:' + comment: 'New param' + + - name: 'filter:bulk.max_containers_per_extraction' + type: string + default: '10000' + comment: 'New param' + + - name: 'filter:bulk.max_failed_extractions' + type: string + default: '1000' + comment: 'New param' + + - name: 'filter:bulk.max_deletes_per_request' + type: string + default: '10000' + comment: 'New param' + + - name: 'filter:bulk.yield_frequency' + type: string + default: '60' + comment: 'New param' + + - name: 'filter:slo.max_manifest_segments' + type: string + default: '1000' + comment: 'New param' + + - name: 'filter:slo.max_manifest_size' + type: string + default: '2097152' + comment: 'New param' + + - name: 'filter:slo.min_segment_size' + type: string + default: '1048576' + comment: 'New param' + +# ====================================================