diff options
author | Jenkins <jenkins@review.openstack.org> | 2014-06-10 11:57:58 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2014-06-10 11:57:58 +0000 |
commit | cc07a851b0345404c123db8d7b4c325056bd6870 (patch) | |
tree | 1d843c2767259ea8707e0f555069c1905bbc5746 /etc | |
parent | c23067fc81a46013de21934b7275d3a1e094b96c (diff) | |
parent | 52ad1edea2bb6f4209879064488d1bafb6eaef13 (diff) | |
download | heat-cc07a851b0345404c123db8d7b4c325056bd6870.tar.gz |
Merge "Use entry points for config generation"
Diffstat (limited to 'etc')
-rw-r--r-- | etc/heat/heat.conf.sample | 227 |
1 files changed, 131 insertions, 96 deletions
diff --git a/etc/heat/heat.conf.sample b/etc/heat/heat.conf.sample index fe9570079..b9f2d3332 100644 --- a/etc/heat/heat.conf.sample +++ b/etc/heat/heat.conf.sample @@ -1,13 +1,13 @@ [DEFAULT] # -# Options defined in heat.api.middleware.ssl +# Options defined in heat.common.config # -# The HTTP Header that will be used to determine which the -# original request protocol scheme was, even if it was removed -# by an SSL terminator proxy. (string value) -#secure_proxy_ssl_header=X-Forwarded-Proto +# Name of the engine node. This can be an opaque identifier. +# It is not necessarily a hostname, FQDN, or IP address. +# (string value) +#host=heat # @@ -74,10 +74,10 @@ # notification module. (string value) #onready=<None> -# Name of the engine node. This can be an opaque identifier. -# It is not necessarily a hostname, FQDN, or IP address. -# (string value) -#host=heat + +# +# Options defined in heat.common.config +# # Seconds between running periodic tasks. (integer value) #periodic_interval=60 @@ -125,6 +125,29 @@ # value) #max_nested_stack_depth=3 +# Number of heat-engine processes to fork and run. (integer +# value) +#num_engine_workers=1 + + +# +# Options defined in heat.common.wsgi +# + +# Maximum raw byte size of JSON request body. Should be larger +# than max_template_size. (integer value) +#max_json_body_size=1048576 + + +# +# Options defined in heat.api.middleware.ssl +# + +# The HTTP Header that will be used to determine which the +# original request protocol scheme was, even if it was removed +# by an SSL terminator proxy. (string value) +#secure_proxy_ssl_header=X-Forwarded-Proto + # # Options defined in heat.common.crypt @@ -145,15 +168,6 @@ # -# Options defined in heat.common.wsgi -# - -# Maximum raw byte size of JSON request body. Should be larger -# than max_template_size. (integer value) -#max_json_body_size=1048576 - - -# # Options defined in heat.engine.clients # @@ -190,7 +204,7 @@ # Options defined in heat.openstack.common.lockutils # -# Whether to disable inter-process locks (boolean value) +# Enables or disables inter-process locks. (boolean value) #disable_process_locking=false # Directory to use for lock files. (string value) @@ -209,47 +223,48 @@ # of default WARNING level). (boolean value) #verbose=false -# Log output to standard error (boolean value) +# Log output to standard error. (boolean value) #use_stderr=true -# format string to use for log messages with context (string +# Format string to use for log messages with context. (string # value) #logging_context_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s -# format string to use for log messages without context +# Format string to use for log messages without context. # (string value) #logging_default_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s -# data to append to log format when level is DEBUG (string +# Data to append to log format when level is DEBUG. (string # value) #logging_debug_format_suffix=%(funcName)s %(pathname)s:%(lineno)d -# prefix each line of exception output with this format +# Prefix each line of exception output with this format. # (string value) #logging_exception_prefix=%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s -# list of logger=LEVEL pairs (list value) -#default_log_levels=amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,iso8601=WARN +# List of logger=LEVEL pairs. (list value) +#default_log_levels=amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN -# publish error events (boolean value) +# Enables or disables publication of error events. (boolean +# value) #publish_errors=false -# make deprecations fatal (boolean value) +# Enables or disables fatal status of deprecations. (boolean +# value) #fatal_deprecations=false -# If an instance is passed with the log message, format it -# like this (string value) +# The format for an instance that is passed with the log +# message. (string value) #instance_format="[instance: %(uuid)s] " -# If an instance UUID is passed with the log message, format -# it like this (string value) +# The format for an instance UUID that is passed with the log +# message. (string value) #instance_uuid_format="[instance: %(uuid)s] " -# The name of logging configuration file. It does not disable -# existing loggers, but just appends specified logging -# configuration to any other existing logging options. Please -# see the Python logging module documentation for details on -# logging configuration files. (string value) +# The name of a logging configuration file. This file is +# appended to any existing logging configuration files. For +# details about logging configuration files, see the Python +# logging module documentation. (string value) # Deprecated group/name - [DEFAULT]/log_config #log_config_append=<None> @@ -261,7 +276,7 @@ #log_format=<None> # Format string for %%(asctime)s in log records. Default: -# %(default)s (string value) +# %(default)s . (string value) #log_date_format=%Y-%m-%d %H:%M:%S # (Optional) Name of log file to output to. If no default is @@ -270,14 +285,23 @@ #log_file=<None> # (Optional) The base directory used for relative --log-file -# paths (string value) +# paths. (string value) # Deprecated group/name - [DEFAULT]/logdir #log_dir=<None> -# Use syslog for logging. (boolean value) +# Use syslog for logging. Existing syslog format is DEPRECATED +# during I, and will chang in J to honor RFC5424. (boolean +# value) #use_syslog=false -# syslog facility to receive log lines (string value) +# (Optional) Enables or disables syslog rfc5424 format for +# logging. If enabled, prefixes the MSG part of the syslog +# message with APP-NAME (RFC5424). The format without the APP- +# NAME is deprecated in I, and will be removed in J. (boolean +# value) +#use_syslog_rfc_format=false + +# Syslog facility to receive log lines. (string value) #syslog_log_facility=LOG_USER @@ -318,11 +342,11 @@ # Options defined in heat.openstack.common.policy # -# JSON file containing policy (string value) +# The JSON file that defines policies. (string value) #policy_file=policy.json -# Rule enforced when requested rule is not found (string -# value) +# Default rule. Enforced when a requested rule is not found. +# (string value) #policy_default_rule=default @@ -376,9 +400,9 @@ # Options defined in heat.openstack.common.rpc.impl_kombu # -# SSL version to use (valid only if SSL enabled). valid values -# are TLSv1, SSLv23 and SSLv3. SSLv2 may be available on some -# distributions (string value) +# If SSL is enabled, the SSL version to use. Valid values are +# TLSv1, SSLv23 and SSLv3. SSLv2 might be available on some +# distributions. (string value) #kombu_ssl_version= # SSL key file (valid only if SSL enabled) (string value) @@ -402,33 +426,32 @@ # RabbitMQ HA cluster host:port pairs (list value) #rabbit_hosts=$rabbit_host:$rabbit_port -# connect over SSL for RabbitMQ (boolean value) +# Connect over SSL for RabbitMQ (boolean value) #rabbit_use_ssl=false -# the RabbitMQ userid (string value) +# The RabbitMQ userid (string value) #rabbit_userid=guest -# the RabbitMQ password (string value) +# The RabbitMQ password (string value) #rabbit_password=guest -# the RabbitMQ virtual host (string value) +# The RabbitMQ virtual host (string value) #rabbit_virtual_host=/ -# how frequently to retry connecting with RabbitMQ (integer +# How frequently to retry connecting with RabbitMQ (integer # value) #rabbit_retry_interval=1 -# how long to backoff for between retries when connecting to +# How long to backoff for between retries when connecting to # RabbitMQ (integer value) #rabbit_retry_backoff=2 -# maximum retries with trying to connect to RabbitMQ (the -# default of 0 implies an infinite retry count) (integer -# value) +# Maximum number of RabbitMQ connection retries. Default is 0 +# (infinite retry count) (integer value) #rabbit_max_retries=0 -# use H/A queues in RabbitMQ (x-ha-policy: all).You need to -# wipe RabbitMQ database when changing this option. (boolean +# Use HA queues in RabbitMQ (x-ha-policy: all). If you change +# this option, you must wipe the RabbitMQ database. (boolean # value) #rabbit_ha_queues=false @@ -613,7 +636,7 @@ #insecure=false -[clients_heat] +[clients_glance] # # Options defined in heat.common.config @@ -639,12 +662,8 @@ # (boolean value) #insecure=false -# Optional heat url in format like -# http://0.0.0.0:8004/v1/%(tenant_id)s. (string value) -#url=<None> - -[clients_keystone] +[clients_heat] # # Options defined in heat.common.config @@ -671,7 +690,16 @@ #insecure=false -[clients_neutron] +# +# Options defined in heat.common.config +# + +# Optional heat url in format like +# http://0.0.0.0:8004/v1/%(tenant_id)s. (string value) +#url=<None> + + +[clients_keystone] # # Options defined in heat.common.config @@ -698,7 +726,7 @@ #insecure=false -[clients_glance] +[clients_neutron] # # Options defined in heat.common.config @@ -1037,24 +1065,30 @@ # Options defined in keystoneclient.middleware.auth_token # -# Prefix to prepend at the beginning of the path (string -# value) +# Prefix to prepend at the beginning of the path. Deprecated, +# use identity_uri. (string value) #auth_admin_prefix= -# Host providing the admin Identity API endpoint (string -# value) +# Host providing the admin Identity API endpoint. Deprecated, +# use identity_uri. (string value) #auth_host=127.0.0.1 -# Port of the admin Identity API endpoint (integer value) +# Port of the admin Identity API endpoint. Deprecated, use +# identity_uri. (integer value) #auth_port=35357 -# Protocol of the admin Identity API endpoint(http or https) -# (string value) +# Protocol of the admin Identity API endpoint (http or https). +# Deprecated, use identity_uri. (string value) #auth_protocol=https # Complete public Identity API endpoint (string value) #auth_uri=<None> +# Complete admin Identity API endpoint. This should specify +# the unversioned root endpoint e.g. https://localhost:35357/ +# (string value) +#identity_uri=<None> + # API version of the admin Identity API endpoint (string # value) #auth_version=<None> @@ -1072,9 +1106,12 @@ # with Identity API Server. (integer value) #http_request_max_retries=3 -# Single shared secret with the Keystone configuration used -# for bootstrapping a Keystone installation, or otherwise -# bypassing the normal authentication process. (string value) +# This option is deprecated and may be removed in a future +# release. Single shared secret with the Keystone +# configuration used for bootstrapping a Keystone +# installation, or otherwise bypassing the normal +# authentication process. This option should not be used, use +# `admin_user` and `admin_password` instead. (string value) #admin_token=<None> # Keystone account username (string value) @@ -1126,7 +1163,7 @@ # number of revocation events combined with a low cache # duration may significantly reduce performance. (integer # value) -#revocation_cache_time=300 +#revocation_cache_time=10 # (optional) if defined, indicate whether token data should be # authenticated or authenticated and encrypted. Acceptable @@ -1159,6 +1196,23 @@ # value) #enforce_token_bind=permissive +# If true, the revocation list will be checked for cached +# tokens. This requires that PKI tokens are configured on the +# Keystone server. (boolean value) +#check_revocations_for_cached=false + +# Hash algorithms to use for hashing PKI tokens. This may be a +# single algorithm or multiple. The algorithms are those +# supported by Python standard hashlib.new(). The hashes will +# be tried in the order given, so put the preferred one first +# for performance. The result of the first hash will be stored +# in the cache. This will typically be set to multiple values +# only while migrating from a less secure algorithm to a more +# secure one. Once all the old tokens are expired this option +# should be set to a single value for better performance. +# (list value) +#hash_algorithms=md5 + [matchmaker_redis] @@ -1223,22 +1277,3 @@ #topics=notifications -[ssl] - -# -# Options defined in heat.openstack.common.sslutils -# - -# CA certificate file to use to verify connecting clients -# (string value) -#ca_file=<None> - -# Certificate file to use when starting the server securely -# (string value) -#cert_file=<None> - -# Private key file to use when starting the server securely -# (string value) -#key_file=<None> - - |