Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [defaulsing ]
- # show more verbose log output (sets info log level output)
- verbose = false
- # show debugging output in logs (sets debug log level output)
- debug = false
- # which backend store should keystone use by default.
- # default: 'sqlite'
- # available choices are 'sqlite' [future will include ldap, pam, etc]
- default_store = sqlite
- # log to this file. make sure you do not set the same log
- # file for both the api and registry servers!
- log_file = keystone.log
- # list of backends to be configured
- backends = keystone.backends.sqlalchemy
- #for ldap support, add: ,keystone.backends.ldap
- # dictionary maps every service to a header.missing services would get header
- # x_(service_name) key => service name, value => header name
- service-header-mappings = {
- 'nova' : 'x-server-management-url',
- 'swift' : 'x-storage-url',
- 'cdn' : 'x-cdn-management-url'}
- # address to bind the api server
- # todo properties defined within app not available via pipeline.
- service_host = 0.0.0.0
- # port the bind the api server to
- service_port = 5000
- # address to bind the admin api server
- admin_host = 0.0.0.0
- # port the bind the admin api server to
- admin_port = 35357
- #role that allows to perform admin operations.
- keystone-admin-role = admin
- #role that allows to perform service admin operations.
- keystone-service-admin-role = keystoneserviceadmin
- #tells whether password user need to be hashed in the backend
- hash-password = true
- [keystone.backends.sqlalchemy]
- # sqlalchemy connection string for the reference implementation registry
- # server. any valid sqlalchemy connection string is fine.
- # see: http://bit.ly/ideipi
- sql_connection = mysql://keystone:[email protected]/keystone
- backend_entities = ['userroleassociation', 'endpoints', 'role', 'tenant',
- 'user', 'credentials', 'endpointtemplates', 'token',
- 'service']
- # period in seconds after which sqlalchemy should reestablish its connection
- # to the database.
- sql_idle_timeout = 30
- [pipeline:admin]
- pipeline =
- urlrewritefilter
- admin_api
- [pipeline:keystone-legacy-auth]
- pipeline =
- urlrewritefilter
- legacy_auth
- rax-key-extension
- service_api
- [app:service_api]
- paste.app_factory = keystone.server:service_app_factory
- [app:admin_api]
- paste.app_factory = keystone.server:admin_app_factory
- [filter:urlrewritefilter]
- paste.filter_factory = keystone.middleware.url:filter_factory
- [filter:legacy_auth]
- paste.filter_factory = keystone.frontends.legacy_token_auth:filter_factory
- [filter:rax-key-extension]
- paste.filter_factory = keystone.contrib.extensions.service.raxkey.frontend:filter_factory
- [filter:debug]
- paste.filter_factory = keystone.common.wsgi:debug_filter_factory
- [identity]
- driver = keystone.identity.backends.sql.identity
- [catalog]
- driver = keystone.catalog.backends.templated.templatedcatalog
- template_file = ./etc/default_catalog.templates
- [token]
- driver = keystone.token.backends.kvs.token
- # amount of time a token should remain valid (in seconds)
- expiration = 86400
- [policy]
- driver = keystone.policy.backends.rules.policy
- [ec2]
- driver = keystone.contrib.ec2.backends.kvs.ec2
Advertisement
Add Comment
Please, Sign In to add comment
