cat tripleo.conf [DEFAULT]auth_strategy = noauth## From oslo.log#

1. cat tripleo.conf
2. [DEFAULT]
3. auth_strategy = noauth
4.  
5. #
6. # From oslo.log
7. #
8.  
9. # Print debugging output (set logging level to DEBUG instead of
10. # default INFO level). (boolean value)
11. #debug = false
12.  
13. # If set to false, will disable INFO logging level, making WARNING the
14. # default. (boolean value)
15. # This option is deprecated for removal.
16. # Its value may be silently ignored in the future.
17. #verbose = true
18.  
19. # The name of a logging configuration file. This file is appended to
20. # any existing logging configuration files. For details about logging
21. # configuration files, see the Python logging module documentation.
22. # Note that when logging configuration files are used then all logging
23. # configuration is set in the configuration file and other logging
24. # configuration options are ignored (for example, log_format). (string
25. # value)
26. # Deprecated group/name - [DEFAULT]/log_config
27. #log_config_append = <None>
28.  
29. # DEPRECATED. A logging.Formatter log message format string which may
30. # use any of the available logging.LogRecord attributes. This option
31. # is deprecated. Please use logging_context_format_string and
32. # logging_default_format_string instead. This option is ignored if
33. # log_config_append is set. (string value)
34. #log_format = <None>
35.  
36. # Format string for %%(asctime)s in log records. Default: %(default)s
37. # . This option is ignored if log_config_append is set. (string value)
38. #log_date_format = %Y-%m-%d %H:%M:%S
39.  
40. # (Optional) Name of log file to output to. If no default is set,
41. # logging will go to stdout. This option is ignored if
42. # log_config_append is set. (string value)
43. # Deprecated group/name - [DEFAULT]/logfile
44. #log_file = <None>
45.  
46. # (Optional) The base directory used for relative --log-file paths.
47. # This option is ignored if log_config_append is set. (string value)
48. # Deprecated group/name - [DEFAULT]/logdir
49. #log_dir = <None>
50.  
51. # (Optional) Uses logging handler designed to watch file system. When
52. # log file is moved or removed this handler will open a new log file
53. # with specified path instantaneously. It makes sense only if log-file
54. # option is specified and Linux platform is used. This option is
55. # ignored if log_config_append is set. (boolean value)
56. #watch_log_file = false
57.  
58. # Use syslog for logging. Existing syslog format is DEPRECATED and
59. # will be changed later to honor RFC5424. This option is ignored if
60. # log_config_append is set. (boolean value)
61. #use_syslog = false
62.  
63. # (Optional) Enables or disables syslog rfc5424 format for logging. If
64. # enabled, prefixes the MSG part of the syslog message with APP-NAME
65. # (RFC5424). The format without the APP-NAME is deprecated in Kilo,
66. # and will be removed in Mitaka, along with this option. This option
67. # is ignored if log_config_append is set. (boolean value)
68. # This option is deprecated for removal.
69. # Its value may be silently ignored in the future.
70. #use_syslog_rfc_format = true
71.  
72. # Syslog facility to receive log lines. This option is ignored if
73. # log_config_append is set. (string value)
74. #syslog_log_facility = LOG_USER
75.  
76. # Log output to standard error. This option is ignored if
77. # log_config_append is set. (boolean value)
78. #use_stderr = true
79.  
80. # Format string to use for log messages with context. (string value)
81. #logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s
82.  
83. # Format string to use for log messages without context. (string
84. # value)
85. #logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s
86.  
87. # Data to append to log format when level is DEBUG. (string value)
88. #logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d
89.  
90. # Prefix each line of exception output with this format. (string
91. # value)
92. #logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s
93.  
94. # List of logger=LEVEL pairs. This option is ignored if
95. # log_config_append is set. (list value)
96. #default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN
97.  
98. # Enables or disables publication of error events. (boolean value)
99. #publish_errors = false
100.  
101. # The format for an instance that is passed with the log message.
102. # (string value)
103. #instance_format = "[instance: %(uuid)s] "
104.  
105. # The format for an instance UUID that is passed with the log message.
106. # (string value)
107. #instance_uuid_format = "[instance: %(uuid)s] "
108.  
109. # Format string for user_identity field of the
110. # logging_context_format_string (string value)
111. #logging_user_identity_format = %(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s
112.  
113. # Enables or disables fatal status of deprecations. (boolean value)
114. #fatal_deprecations = false
115.  
116. #
117. # From tripleo_common.conf
118. #
119.  
120. # IP to listen on (string value)
121. #listen_address = 0.0.0.0
122.  
123. # Port to listen on. (integer value)
124. #listen_port = 8585
125.  
126. # Authentication method used on the TripleO API. Either "noauth" or
127. # "keystone" are currently valid options. "noauth" will disable all
128. # authentication. (string value)
129. # Allowed values: keystone, noauth
130. #auth_strategy = keystone
131.  
132. # DEPRECATED: use auth_strategy. (boolean value)
133. # This option is deprecated for removal.
134. # Its value may be silently ignored in the future.
135. #authenticate = <None>
136.  
137. # SSL Enabled/Disabled (boolean value)
138. #use_ssl = false
139.  
140. # Path to SSL certificate (string value)
141. #ssl_cert_path =
142.  
143. # Path to SSL key (string value)
144. #ssl_key_path =
145.  
146. # The green thread pool size. (integer value)
147. #max_concurrency = 1000
148.  
149.  
150. [cors]
151.  
152. #
153. # From oslo.middleware.cors
154. #
155.  
156. # Indicate whether this resource may be shared with the domain
157. # received in the requests "origin" header. (list value)
158. #allowed_origin = <None>
159.  
160. # Indicate that the actual request can include user credentials
161. # (boolean value)
162. #allow_credentials = true
163.  
164. # Indicate which headers are safe to expose to the API. Defaults to
165. # HTTP Simple Headers. (list value)
166. #expose_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma
167.  
168. # Maximum cache age of CORS preflight requests. (integer value)
169. #max_age = 3600
170.  
171. # Indicate which methods can be used during the actual request. (list
172. # value)
173. #allow_methods = GET,POST,PUT,DELETE,OPTIONS
174.  
175. # Indicate which header field names may be used during the actual
176. # request. (list value)
177. #allow_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma
178. allowed_origin=*
179. allow_methods=GET,POST,PATCH,PUT,DELETE,OPTIONS
180. allow_headers=Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma,X-Auth-Token
181.  
182. [cors.subdomain]
183.  
184. #
185. # From oslo.middleware.cors
186. #
187.  
188. # Indicate whether this resource may be shared with the domain
189. # received in the requests "origin" header. (list value)
190. #allowed_origin = <None>
191.  
192. # Indicate that the actual request can include user credentials
193. # (boolean value)
194. #allow_credentials = true
195.  
196. # Indicate which headers are safe to expose to the API. Defaults to
197. # HTTP Simple Headers. (list value)
198. #expose_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma
199.  
200. # Maximum cache age of CORS preflight requests. (integer value)
201. #max_age = 3600
202.  
203. # Indicate which methods can be used during the actual request. (list
204. # value)
205. #allow_methods = GET,POST,PUT,DELETE,OPTIONS
206.  
207. # Indicate which header field names may be used during the actual
208. # request. (list value)
209. #allow_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma
210.  
211.  
212. [heat]
213.  
214. #
215. # From tripleo_common.clients
216. #
217.  
218. # Heat API service endpoint type in keystone (string value)
219. #endpoint_type = publicURL
220.  
221.  
222. [keystone]
223.  
224. #
225. # From tripleo_common.clients
226. #
227.  
228. # The name of a user the overcloud is deployed on behalf of (string
229. # value)
230. #username = admin
231.  
232. # The pass of a user the overcloud is deployed on behalf of (string
233. # value)
234. password = bd631ce835a34feb3dca5333904243c796014eb1
235.  
236. # The tenant name the overcloud is deployed on behalf of (string
237. # value)
238. #tenant_name = admin
239.  
240. # Keystone authentication URL (string value)
241. #auth_url = http://localhost:35357/v2.0
242.  
243. # Keystone authentication API version (string value)
244. #auth_version = 2
245.  
246. # Set to False when Heat API uses HTTPS (boolean value)
247. #insecure = true
248.  
249.  
250. [keystone_authtoken]
251.  
252. #
253. # From keystonemiddleware.auth_token
254. #
255.  
256. # Complete public Identity API endpoint. (string value)
257. #auth_uri = <None>
258.  
259. # API version of the admin Identity API endpoint. (string value)
260. #auth_version = <None>
261.  
262. # Do not handle authorization requests within the middleware, but
263. # delegate the authorization decision to downstream WSGI components.
264. # (boolean value)
265. #delay_auth_decision = false
266.  
267. # Request timeout value for communicating with Identity API server.
268. # (integer value)
269. #http_connect_timeout = <None>
270.  
271. # How many times are we trying to reconnect when communicating with
272. # Identity API Server. (integer value)
273. #http_request_max_retries = 3
274.  
275. # Env key for the swift cache. (string value)
276. #cache = <None>
277.  
278. # Required if identity server requires client certificate (string
279. # value)
280. #certfile = <None>
281.  
282. # Required if identity server requires client certificate (string
283. # value)
284. #keyfile = <None>
285.  
286. # A PEM encoded Certificate Authority to use when verifying HTTPs
287. # connections. Defaults to system CAs. (string value)
288. #cafile = <None>
289.  
290. # Verify HTTPS connections. (boolean value)
291. #insecure = false
292.  
293. # The region in which the identity server can be found. (string value)
294. #region_name = <None>
295.  
296. # Directory used to cache files related to PKI tokens. (string value)
297. #signing_dir = <None>
298.  
299. # Optionally specify a list of memcached server(s) to use for caching.
300. # If left undefined, tokens will instead be cached in-process. (list
301. # value)
302. # Deprecated group/name - [DEFAULT]/memcache_servers
303. #memcached_servers = <None>
304.  
305. # In order to prevent excessive effort spent validating tokens, the
306. # middleware caches previously-seen tokens for a configurable duration
307. # (in seconds). Set to -1 to disable caching completely. (integer
308. # value)
309. #token_cache_time = 300
310.  
311. # Determines the frequency at which the list of revoked tokens is
312. # retrieved from the Identity service (in seconds). A high number of
313. # revocation events combined with a low cache duration may
314. # significantly reduce performance. (integer value)
315. #revocation_cache_time = 10
316.  
317. # (Optional) If defined, indicate whether token data should be
318. # authenticated or authenticated and encrypted. Acceptable values are
319. # MAC or ENCRYPT. If MAC, token data is authenticated (with HMAC) in
320. # the cache. If ENCRYPT, token data is encrypted and authenticated in
321. # the cache. If the value is not one of these options or empty,
322. # auth_token will raise an exception on initialization. (string value)
323. #memcache_security_strategy = <None>
324.  
325. # (Optional, mandatory if memcache_security_strategy is defined) This
326. # string is used for key derivation. (string value)
327. #memcache_secret_key = <None>
328.  
329. # (Optional) Number of seconds memcached server is considered dead
330. # before it is tried again. (integer value)
331. #memcache_pool_dead_retry = 300
332.  
333. # (Optional) Maximum total number of open connections to every
334. # memcached server. (integer value)
335. #memcache_pool_maxsize = 10
336.  
337. # (Optional) Socket timeout in seconds for communicating with a
338. # memcached server. (integer value)
339. #memcache_pool_socket_timeout = 3
340.  
341. # (Optional) Number of seconds a connection to memcached is held
342. # unused in the pool before it is closed. (integer value)
343. #memcache_pool_unused_timeout = 60
344.  
345. # (Optional) Number of seconds that an operation will wait to get a
346. # memcached client connection from the pool. (integer value)
347. #memcache_pool_conn_get_timeout = 10
348.  
349. # (Optional) Use the advanced (eventlet safe) memcached client pool.
350. # The advanced pool will only work under python 2.x. (boolean value)
351. #memcache_use_advanced_pool = false
352.  
353. # (Optional) Indicate whether to set the X-Service-Catalog header. If
354. # False, middleware will not ask for service catalog on token
355. # validation and will not set the X-Service-Catalog header. (boolean
356. # value)
357. #include_service_catalog = true
358.  
359. # Used to control the use and type of token binding. Can be set to:
360. # "disabled" to not check token binding. "permissive" (default) to
361. # validate binding information if the bind type is of a form known to
362. # the server and ignore it if not. "strict" like "permissive" but if
363. # the bind type is unknown the token will be rejected. "required" any
364. # form of token binding is needed to be allowed. Finally the name of a
365. # binding method that must be present in tokens. (string value)
366. #enforce_token_bind = permissive
367.  
368. # If true, the revocation list will be checked for cached tokens. This
369. # requires that PKI tokens are configured on the identity server.
370. # (boolean value)
371. #check_revocations_for_cached = false
372.  
373. # Hash algorithms to use for hashing PKI tokens. This may be a single
374. # algorithm or multiple. The algorithms are those supported by Python
375. # standard hashlib.new(). The hashes will be tried in the order given,
376. # so put the preferred one first for performance. The result of the
377. # first hash will be stored in the cache. This will typically be set
378. # to multiple values only while migrating from a less secure algorithm
379. # to a more secure one. Once all the old tokens are expired this
380. # option should be set to a single value for better performance. (list
381. # value)
382. #hash_algorithms = md5
383.  
384. # Prefix to prepend at the beginning of the path. Deprecated, use
385. # identity_uri. (string value)
386. #auth_admin_prefix =
387.  
388. # Host providing the admin Identity API endpoint. Deprecated, use
389. # identity_uri. (string value)
390. #auth_host = 127.0.0.1
391.  
392. # Port of the admin Identity API endpoint. Deprecated, use
393. # identity_uri. (integer value)
394. #auth_port = 35357
395.  
396. # Protocol of the admin Identity API endpoint (http or https).
397. # Deprecated, use identity_uri. (string value)
398. #auth_protocol = https
399.  
400. # Complete admin Identity API endpoint. This should specify the
401. # unversioned root endpoint e.g. https://localhost:35357/ (string
402. # value)
403. #identity_uri = <None>
404.  
405. # This option is deprecated and may be removed in a future release.
406. # Single shared secret with the Keystone configuration used for
407. # bootstrapping a Keystone installation, or otherwise bypassing the
408. # normal authentication process. This option should not be used, use
409. # `admin_user` and `admin_password` instead. (string value)
410. #admin_token = <None>
411.  
412. # Service username. (string value)
413. #admin_user = <None>
414.  
415. # Service user password. (string value)
416. #admin_password = <None>
417.  
418. # Service tenant name. (string value)
419. #admin_tenant_name = admin
420.  
421. # Authentication type to load (unknown value)
422. # Deprecated group/name - [DEFAULT]/auth_plugin
423. #auth_type = <None>
424.  
425. # Config Section from which to load plugin specific options (unknown
426. # value)
427. #auth_section = <None>
428.  
429.  
430. [swift]
431.  
432. #
433. # From tripleo_common.clients
434. #
435.  
436. # Maximum number of times to retry a Swift request, before failing.
437. # (integer value)
438. #max_retries = 2
439.  
440. # Swift endpoint type. (string value)
441. #os_endpoint_type = internalURL