summaryrefslogtreecommitdiff
path: root/doc/source/configuration/settings.rst
Commit message (Collapse)AuthorAgeFilesLines
* Fix applying OPENSTACK_SERVER_DEFAULT_USER_DATA valueAndrey Kurilin2023-01-281-4/+4
| | | | | | | | | | | | | The final revision of I86ac21bf82c1667135abd4f20fb4514da0899450 is buggy and doesn't work. This commit fixes it and adds a proper test. Also, this commit updates the docs with a proper horizon version that corresponds to Zed release (the feature was introduced before final Zed cut so the author tried to guess the final release number). Change-Id: Id921b69df13af3cc209236f0446d82dd30e4d8a2 (cherry picked from commit c8ee8c1965b280e24fb6266cbb2523230fea605f)
* Extend settings with OPENSTACK_SERVER_DEFAULT_USER_DATAAndrey Kurilin2022-09-011-1/+12
| | | | | | | | | The new setting should allow an administrator to specify default user_data for new VMs. The default user_data can be a string template that accepts request object which has info about the user, so the default user_data can be personalized. Change-Id: I86ac21bf82c1667135abd4f20fb4514da0899450
* Merge "Add new settings to LAUNCH_INSTANCE_DEFAULTS"Zuul2022-08-301-0/+26
|\
| * Add new settings to LAUNCH_INSTANCE_DEFAULTSAndrey Kurilin2022-08-291-0/+26
| | | | | | | | | | | | | | | | | | | | | | The new settings ``LAUNCH_INSTANCE_DEFAULTS.enable_metadata`` and ``LAUNCH_INSTANCE_DEFAULTS.enable_net_ports`` allow to hide Metadata and Network Ports tabs from launch instance workflow. It is implemented in the similar way to existing enable_scheduler_hints setting and doesn't change default behaviour Change-Id: I3d1ae5ab6cee614dd2c400f66570e320efbe6100
* | Update OPENSTACK_ENDPOINT_TYPE documentationTobias Urdin2022-06-081-3/+1
|/ | | | | | | | | The [1] change updated the behavior but the doc was never updated so it's no longer valid. [1] https://review.opendev.org/c/openstack/horizon/+/730781 Change-Id: I2b592f1c50018658309b60103b73dd70f19c843b
* Deprecate Django based Panel for Images, Keypair, and rolesmanchandavishal2022-05-101-0/+7
| | | | | | | | | | | As discussed in the horizon meetings or in horizon PTG sessions, horizon team agreed to deprecate django version of Images, Keypair and Roles panel as we think that feature gaps between the two implementations have been closed. Let's mark the Django version as deprecated for all these panels and gather more attention from operators. Change-Id: I965f9dbdd5e78b52a788f73b359c1c6fbc18637e
* Add SYSTEM_SCOPE_SERVICES setting that hides panelsRadomir Dopieralski2022-03-101-0/+13
| | | | | | | | | | Since not all services are ready to use the system scope token, we need a way to disable and enable the use of system scope token on a per-service basis. This setting let us configure which services should use the system scope token. By default the list is empty and system scope token is not used at all. Change-Id: I5e0cdc7288221571f183a37b800c19dc4cff5707
* Create Horizon session control logicHugo Brito2022-02-281-0/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Multiple Simultaneous Logins Control is a feature designed for securing Horizon dashboard sessions. The default Horizon configuration allows the same user to login several times (e.g. different browsers) simultaneously, that is, the same user can have more than one active session for Horizon dashboard. When there is the need to control the active sessions that one user can have simultaneously, it will be possible to configure the Horizon dashboard to disallow more than one active session per user. When multiple simultaneously sessions are disabled, the most recent authenticated session will be considered the valid one and the previous session will be invalidated. The following manual tests encompass both simulteaneous session control configuration: 'allow' and 'disconnect' and were verified with this code change before submitting it: Test Plan: PASS: Verify that a user is able to login to Horizon dashboard (when configuration is 'disconnect') PASS: Verify that a user is able to start a second Horizon dashboard session and the first session is finished (when configuration is 'disconnect') Failure Path: PASS: Verify that when a user fails to authenticate a second Horizon dashboard session the first session stills active (when configuration is 'disconnect') Regression: PASS: Verify that a user is able to login to Horizon dashboard (when configuration is default: 'allow') PASS: Verify that a user is able to start multiple simultaneous Horizon dashboard sessions (when configuration is default: 'allow') Implements: blueprint handle-multiple-login-sessions-from-same-user-in-horizon Signed-off-by: Hugo Brito <hugo.brito@windriver.com> Co-authored-by: Thales Elero Cervi <thaleselero.cervi@windriver.com> Change-Id: I8462aa98398dd8f27fe24d911c9bfaa7f303eb93
* Merge "Update default value of OPENSTACK_KEYSTONE_DEFAULT_ROLE"Zuul2022-02-101-1/+6
|\
| * Update default value of OPENSTACK_KEYSTONE_DEFAULT_ROLEmanchandavishal2022-01-171-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | This patch update default value of OPENSTACK_KEYSTONE_DEFAULT_ROLE to 'member' from '_member_'. If a user tries to create a new project now it leads to "Could not find default role "_member_" in Keystone" error. Also long time ago keystone-bootstrap changed the default member role that is created to member from the legacy _member_ role. Any deployments that might still be using _member_ should set this explicitly. Closes-Bug: #1957173 Change-Id: I1fc7f44326b82ceb303f8d663ff0b42f0bdf7855
* | Merge "Drop Django based implementation of launch instance"21.0.0Zuul2022-01-251-41/+0
|\ \
| * | Drop Django based implementation of launch instancemanchandavishal2022-01-241-41/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | horizon already deprecated launch instance Django based implementation in the wallaby cycle [1]. This patch remove code for launch instance Django based implementation as angular based implementation is the default one from long and all features gaps between angular and Django implementation is closed. It also moves SetAdvanced step code to ``resize_instance.py`` as ``workflows/create_instance.py`` file is deleted and remove server_group option from Advanced Options of resizing instance action because "server_group" is not required while resizing an instance as per nova-api reference [2]. Closes-Bug: #1869222 [1] https://review.opendev.org/c/openstack/horizon/+/779125 [2] https://docs.openstack.org/api-ref/compute/?expanded=resize-server-resize-action-detail#resize-server-resize-action Change-Id: I5e01cd81f309491f1a58ea93911030366a86e3c7
* | | Fix hardcoded link error in sphinx 4.4.0manchandavishal2022-01-211-9/+9
| |/ |/| | | | | | | | | | | | | | | | | | | | | | | horizon doc job is failing because sphinx 4.4.0 raise an error for the hardcoded extlinks link [1]. This patch fixes those links to unblock the doc gate job. Closes-Bug: #1958290 Co-Authored-By: Akihiro Motoki <amotoki@gmail.com> [1] https://github.com/sphinx-doc/sphinx/pull/9800 Change-Id: Ica1a16522421a697efdab882afe6d9c08ff05e0b
* | Use OPENSTACK_KEYSTONE_URL instead of HTTP_REFERRERGeorgina Shippey2022-01-121-0/+17
|/ | | | | | | | | | By using OPENSTACK_KEYSTONE_URL instead of the HTTP_REFERRER the authentication request between Horizon and Keystone continues to work in situations where the HTTP_REFERRER is an external keystone endpoint that Horizon does not have access to. Change-Id: I9c5c8d59c5f5a8570dbb563ae224d45406a73ba5 Closes-bug: #1874705
* Add default_availability_zone for VM creationDavid Hill2021-03-131-0/+21
| | | | | | | | | Add the LAUNCH_INSTANCE_DEFAULTS.default_availability_zone settings in VM creation dashboard in order to let administrator select a default availability zone instead of a random one when many are available. Co-Authored-By: Akihiro Motoki <amotoki@gmail.com> Change-Id: I297ff7f3c8e725c24c7f7687786c784f61f5d4e2
* Deprecate Django launch instance formAkihiro Motoki2021-03-091-0/+5
| | | | | | | | | As discussed in the horizon meeting, we think that feature gaps between the two implementations have been closed. Let's mark the Django version as deprecated and gather more attentions from operators. Change-Id: I55379c0897bad46decfabb443afe9439a31a3164
* Support policy-in-code and deprecated policyAkihiro Motoki2021-01-271-6/+35
| | | | | | | | | | | | This commit allows horizon to handle deprecated policy rules. The approach is explained in the document updated by this change. oslo.policy requirement is updated. oslo.policy 3.2.0 is chosen just because it is the first release in Victoria cycle. requirements.txt and lower-constraints.txt are updated accordingly including oslo.policy dependencies. Change-Id: If5059d03f6bd7e94796065aa1b51c0c23ac85f5e
* Drop OPENSTACK_NOVA_EXTENSIONS_BLACKLIST finallyAkihiro Motoki2020-10-271-35/+0
| | | | | | | | Part of the removal of OPENSTACK_NOVA_EXTENSIONS_BLACKLIST (3/3) Clean up nova extensions related code in the API layer. Change-Id: I9730095365342cac1023f4112bae4b3a28cdeaf7
* Add new setting for SimpleTenantUsageAkihiro Motoki2020-10-271-0/+12
| | | | | | | | | | This introduces a new setting OPENSTACK_USE_SIMPLE_TENANT_USAGE as a replace of SimpleTenantUsage in OPENSTACK_NOVA_EXTENSIONS_BLACKLIST. We received feedbacks on the need to control whether SimpleTenantUsage is used or not, so we need a new setting before retiring OPENSTACK_NOVA_EXTENSIONS_BLACKLIST. Change-Id: Ib786ea2ac232fcd851f4b276b9144c14c0b62a0a
* Merge "Clarify the plan of OPENSTACK_NOVA_EXTENSIONS_BLACKLIST deprecation"Zuul2020-09-211-0/+22
|\
| * Clarify the plan of OPENSTACK_NOVA_EXTENSIONS_BLACKLIST deprecationAkihiro Motoki2020-09-101-0/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit clarify the plan on the removal of OPENSTACK_NOVA_EXTENSIONS_BLACKLIST setting. We received feedbacks that SimpleTenantUsage nova API feature can affect the nova API performance in larger deployments like [1]. Stopping the usage of SimpleTenantUsage in horizon is a good workaround and it was the main motivation we introduced this setting. Considering the situation that nova dropped the extension mechanism, I believe the right way is to introduce a new setting which controls the usage of SimpleTenantUsage rather than keeping the blacklist setting. The current deprecation notice does not explain the migration path. This commit clarifies the current plan. [1] https://review.opendev.org/#/c/743600/ Change-Id: I10fdbf23b56745b1be6497532530dd394c62ff29
* | doc: Update default value of REST_API_REQUIRED_SETTINGSPierre Riteau2020-09-091-3/+4
|/ | | | Change-Id: I9b4367c54f070711344c24339bf769b5e4f034e5
* Remove ceilometer from osprofile backendTakashi Kajinami2020-05-221-1/+1
| | | | | | | | | Ceilometer support in osprofile was removed long ago[1] and no longer available. [1] 0bb909c7a039f17b957d920c93d366d89e581280 Change-Id: I11be3a2f854ac75ba5dc3fd82e84cb3d99f81034
* Add support for multiple swift storage policiesSimon Merrick2020-04-161-0/+13
| | | | | | | | + Adds endpoint for listing available policies + Support to select a storage policy for new containers + Display container storage polcy on dashboard. Change-Id: I588452fd5d6417859f5dd19ccedcb18f420ab646
* Revert "Explicitly set LOCALE_PATHS for Horizon apps"Ivan Kolodyazhny2020-02-191-17/+0
| | | | | | | | | | This reverts commit 4e911e2889ebe7f0a577a0323649dceb9cef363c. We don't need this change on the latest master. I'm unable to reproduce an original bug without this patch. Closes-Bug: #1834167 Change-Id: Iaffdb64fb0bc58525554ac9d40d2aeadb0876ffd
* Allow to set default instance boot sourceIvan Kolodyazhny2020-02-181-0/+14
| | | | | | | | This introduces a new config option `DEFAULT_BOOT_SOURCE` to allow operators to configure a default instance boot source. Change-Id: Ia9b0d1d24ae69958b6606b9a645bd54f70b3aacc Implements: blueprint default-instance-boot-source
* Deprecate OPENSTACK_NOVA_EXTENSIONS_BLACKLISTAkihiro Motoki2019-12-171-0/+2
| | | | | | | | | | All of the nova API extensions have been mainlined several releases ago and there is no potential performance issue in the nova API. This option is used only to toggle features in horizon and there seems no performance issues controlled by the option in horizon. Considering this situation, this option is deprecated now. Change-Id: If8e58e8324bad919ea45d0ccb10e21371d97f470
* Changed default identity url to horizon白子玉2019-12-061-2/+6
| | | | | | | The keystone doesn't use 5000 port anymore from Newton version. And all the references should be changed together. Change-Id: I3f02686ab5b3abf48f129fde92e90427ca148317
* Enable OPENSTACK_NEUTRON_NETWORK[enable_quotas] by defaultAkihiro Motoki2019-10-181-2/+6
| | | | | | | | | | | neutron supports the qutoas API from long ago and most deployments are expected to enable the neutron quotas support in horizon. This commit changes the default value of enable_quotas in OPENSTACK_NEUTRON_NETWORK to True. Part of blueprint ini-based-configuration Change-Id: I5923f08752e6a5ccd4c9cf2fa1deb6c879111f43
* Documentation and release notes for changing expired passwordsRadomir Dopieralski2019-09-181-0/+13
| | | | | Change-Id: I723f45e7ffe1f61bed244642c49eba24dafd7427 Part of blueprint: allow-users-change-expired-password
* Merge "Drop deprecated Keystone V2 API support"Zuul2019-09-121-2/+2
|\
| * Drop deprecated Keystone V2 API supportIvan Kolodyazhny2019-09-121-2/+2
| | | | | | | | | | | | | | Keystone V2 API was deprecated in Stein release in Horizon and removed from Keystone in Queens release. Change-Id: I917e273d3174adf0874e516b3d635ccb8ba58a27
* | Downloadable Kubernetes configuration fileClaudio Pisa2019-09-121-1/+51
|/ | | | | | | | | | Kubernetes can use OpenStack application credentials for authentication. Generate a kubeconfig file and make it available to download along with the openrc and clouds.yaml files. blueprint kubernetes-config-gen Change-Id: I298370e7abf4f0d480bd5199060f24bab6d6daaa
* Explicitly set LOCALE_PATHS for Horizon appsIvan Kolodyazhny2019-06-211-0/+17
| | | | | | | | | Set absolute paths in the LOCALE_PATHS configuration param to allow Django work with current supported locales. Change-Id: I62fffe04860b7b4b63f227ad99729ab4e8384d8f Related-Bug: #1818639 Closes-Bug: #1830886
* Fix typo in an OPENSTACK_PROFILER setting referenceIvan Kolodyazhny2019-05-201-1/+1
| | | | Change-Id: I16b62d21287865aeeb6238bae369b616e89aa10e
* Remove deprecated SHOW_KEYSTONE_V2_RC config optionIvan Kolodyazhny2019-05-141-37/+1
| | | | | | | | | SHOW_KEYSTONE_V2_RC is deprecated since Stein release and it's safe to remove it now. Keystone v2 support removal will be implemented in a follow up patch. Change-Id: Ib3098789a3aef47f4f4b84fd56f03376ce2ea96f
* Remove ENABLE_FLAVOR_EDIT config optionIvan Kolodyazhny2019-05-041-23/+0
| | | | | | | ENABLE_FLAVOR_EDIT is deprecated since Pike release and is not used anywhere. Change-Id: I06d5252c8f7bd955025587393f5d8ff00fe01c3b
* Replace git.openstack.org URLs with opendev.org URLsZhongShengping2019-04-241-4/+4
| | | | | | | Thorough replacement of git.openstack.org URLs with their opendev.org counterparts. Change-Id: I7f5506455ed52e4670b8e428548e931db13b13db
* Change Cinder API version in the documentationIvan Kolodyazhny2019-04-111-4/+2
| | | | | | | | | | Cinder API v3 is a default version for Horizon so we need to use it in the documentation. data-processing API version is removed from the Horizon documentation since it's availale in a separate plugin. Change-Id: I5f178b70f73c23f8220f44a418eec689f0bc3b1c
* Merge "Allow to specify custom templates for clouds.yaml and openrc"Zuul2019-01-231-0/+77
|\
| * Allow to specify custom templates for clouds.yaml and openrcAkihiro Motoki2019-01-131-0/+77
| | | | | | | | | | Change-Id: I1ef6899f4d14c660eba50f16e813c280657475fc Closes-Bug: #1795851
* | Merge "Allow to hide openrc and clouds.yaml download links"Zuul2019-01-131-0/+19
|\ \ | |/
| * Allow to hide openrc and clouds.yaml download linksAkihiro Motoki2018-12-231-0/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | Operators now can control whether the links of "Download OpenRC" and "Download clouds.yaml" are displayed or not via new settings SHOW_OPENRC_FILE and SHOW_OPENSTACK_CLOUDS_YAML. openrc and clouds.yaml files provided by horizon now assume the basic simple deployment and do not cover keystone authentication like saml2, openid and so on. The default openrc and clouds.yaml from horizon do not make sense for such environments. Change-Id: I1407a24387c7d7bd2c20c995cebf1350f8090e72 Partial-Bug: #1795851
* | Merge "Add RBAC policies feature to horizon dashboard"Zuul2019-01-041-0/+11
|\ \
| * | Add RBAC policies feature to horizon dashboardshutingm2019-01-021-0/+11
| | | | | | | | | | | | | | | | | | | | | | | | Add RBAC Policies panel to support Role-Based Access Control functionality. Implements: blueprint rbac-policies Change-Id: I883ad629d735dadf49e8bf9c50475050fdfcf797
* | | Merge "SHOW_KEYSTONE_V2_RC defaults to False"Zuul2019-01-031-2/+25
|\ \ \ | | |/ | |/|
| * | SHOW_KEYSTONE_V2_RC defaults to FalseAkihiro Motoki2018-12-231-2/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In favor of keystone v2 support, SHOW_KEYSTONE_V2_RC now defaults to False. SHOW_KEYSTONE_V2_RC setting is also deprecated. Along with this change, "v3" part of "OpenStack RC File (Identity API v3)" is now unnecessary, so "v3" information is dropped. Change-Id: If0359e2dc1f2c8fb5f3c87046fd23043f94abc21
* | | Change session timeout to an idle timeout valueAdrian Turjak2018-12-231-3/+18
|/ / | | | | | | | | | | | | | | | | | | | | | | | | Add a new config SESSION_REFRESH (default True) which turns SESSION_TIMEOUT into an idle timeout rather than a hard timeout. The existing hard timeout is awful UX, and while SESSION_TIMEOUT could be set to a higher value, it still makes for a somewhat unpleasant experience. Co-Authored-By: Akihiro Motoki <amotoki@gmail.com> Change-Id: Icc6942e62c4e8d2fac57988b0a2233a8073b1944
* | Drop pki token check from Token class in openstack_authThomas Bechtold2018-12-091-12/+0
|/ | | | | | | | | | | | PKI Tokens got removed from Keystone in 2016[1] so this check is no longer needed. OPENSTACK_TOKEN_HASH_ALGORITHM setting is dropped as it is used only in PKI token check. [1] https://review.openstack.org/#/c/374479/ Change-Id: I2de02fe6fab531842752b03c5e17af2bcf502cd8
* Merge "fix typo"Zuul2018-11-041-3/+3
|\
View Lorry Controller Status