Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- cat tripleo.conf
- [DEFAULT]
- auth_strategy = noauth
- #
- # From oslo.log
- #
- # Print debugging output (set logging level to DEBUG instead of
- # default INFO level). (boolean value)
- #debug = false
- # If set to false, will disable INFO logging level, making WARNING the
- # default. (boolean value)
- # This option is deprecated for removal.
- # Its value may be silently ignored in the future.
- #verbose = true
- # The name of a logging configuration file. This file is appended to
- # any existing logging configuration files. For details about logging
- # configuration files, see the Python logging module documentation.
- # Note that when logging configuration files are used then all logging
- # configuration is set in the configuration file and other logging
- # configuration options are ignored (for example, log_format). (string
- # value)
- # Deprecated group/name - [DEFAULT]/log_config
- #log_config_append = <None>
- # DEPRECATED. A logging.Formatter log message format string which may
- # use any of the available logging.LogRecord attributes. This option
- # is deprecated. Please use logging_context_format_string and
- # logging_default_format_string instead. This option is ignored if
- # log_config_append is set. (string value)
- #log_format = <None>
- # Format string for %%(asctime)s in log records. Default: %(default)s
- # . This option is ignored if log_config_append is set. (string value)
- #log_date_format = %Y-%m-%d %H:%M:%S
- # (Optional) Name of log file to output to. If no default is set,
- # logging will go to stdout. This option is ignored if
- # log_config_append is set. (string value)
- # Deprecated group/name - [DEFAULT]/logfile
- #log_file = <None>
- # (Optional) The base directory used for relative --log-file paths.
- # This option is ignored if log_config_append is set. (string value)
- # Deprecated group/name - [DEFAULT]/logdir
- #log_dir = <None>
- # (Optional) Uses logging handler designed to watch file system. When
- # log file is moved or removed this handler will open a new log file
- # with specified path instantaneously. It makes sense only if log-file
- # option is specified and Linux platform is used. This option is
- # ignored if log_config_append is set. (boolean value)
- #watch_log_file = false
- # Use syslog for logging. Existing syslog format is DEPRECATED and
- # will be changed later to honor RFC5424. This option is ignored if
- # log_config_append is set. (boolean value)
- #use_syslog = false
- # (Optional) Enables or disables syslog rfc5424 format for logging. If
- # enabled, prefixes the MSG part of the syslog message with APP-NAME
- # (RFC5424). The format without the APP-NAME is deprecated in Kilo,
- # and will be removed in Mitaka, along with this option. This option
- # is ignored if log_config_append is set. (boolean value)
- # This option is deprecated for removal.
- # Its value may be silently ignored in the future.
- #use_syslog_rfc_format = true
- # Syslog facility to receive log lines. This option is ignored if
- # log_config_append is set. (string value)
- #syslog_log_facility = LOG_USER
- # Log output to standard error. This option is ignored if
- # log_config_append is set. (boolean value)
- #use_stderr = true
- # Format string to use for log messages with context. (string value)
- #logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s
- # Format string to use for log messages without context. (string
- # value)
- #logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s
- # Data to append to log format when level is DEBUG. (string value)
- #logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d
- # Prefix each line of exception output with this format. (string
- # value)
- #logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s
- # List of logger=LEVEL pairs. This option is ignored if
- # log_config_append is set. (list value)
- #default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN
- # Enables or disables publication of error events. (boolean value)
- #publish_errors = false
- # The format for an instance that is passed with the log message.
- # (string value)
- #instance_format = "[instance: %(uuid)s] "
- # The format for an instance UUID that is passed with the log message.
- # (string value)
- #instance_uuid_format = "[instance: %(uuid)s] "
- # Format string for user_identity field of the
- # logging_context_format_string (string value)
- #logging_user_identity_format = %(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s
- # Enables or disables fatal status of deprecations. (boolean value)
- #fatal_deprecations = false
- #
- # From tripleo_common.conf
- #
- # IP to listen on (string value)
- #listen_address = 0.0.0.0
- # Port to listen on. (integer value)
- #listen_port = 8585
- # Authentication method used on the TripleO API. Either "noauth" or
- # "keystone" are currently valid options. "noauth" will disable all
- # authentication. (string value)
- # Allowed values: keystone, noauth
- #auth_strategy = keystone
- # DEPRECATED: use auth_strategy. (boolean value)
- # This option is deprecated for removal.
- # Its value may be silently ignored in the future.
- #authenticate = <None>
- # SSL Enabled/Disabled (boolean value)
- #use_ssl = false
- # Path to SSL certificate (string value)
- #ssl_cert_path =
- # Path to SSL key (string value)
- #ssl_key_path =
- # The green thread pool size. (integer value)
- #max_concurrency = 1000
- [cors]
- #
- # From oslo.middleware.cors
- #
- # Indicate whether this resource may be shared with the domain
- # received in the requests "origin" header. (list value)
- #allowed_origin = <None>
- # Indicate that the actual request can include user credentials
- # (boolean value)
- #allow_credentials = true
- # Indicate which headers are safe to expose to the API. Defaults to
- # HTTP Simple Headers. (list value)
- #expose_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma
- # Maximum cache age of CORS preflight requests. (integer value)
- #max_age = 3600
- # Indicate which methods can be used during the actual request. (list
- # value)
- #allow_methods = GET,POST,PUT,DELETE,OPTIONS
- # Indicate which header field names may be used during the actual
- # request. (list value)
- #allow_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma
- allowed_origin=*
- allow_methods=GET,POST,PATCH,PUT,DELETE,OPTIONS
- allow_headers=Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma,X-Auth-Token
- [cors.subdomain]
- #
- # From oslo.middleware.cors
- #
- # Indicate whether this resource may be shared with the domain
- # received in the requests "origin" header. (list value)
- #allowed_origin = <None>
- # Indicate that the actual request can include user credentials
- # (boolean value)
- #allow_credentials = true
- # Indicate which headers are safe to expose to the API. Defaults to
- # HTTP Simple Headers. (list value)
- #expose_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma
- # Maximum cache age of CORS preflight requests. (integer value)
- #max_age = 3600
- # Indicate which methods can be used during the actual request. (list
- # value)
- #allow_methods = GET,POST,PUT,DELETE,OPTIONS
- # Indicate which header field names may be used during the actual
- # request. (list value)
- #allow_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma
- [heat]
- #
- # From tripleo_common.clients
- #
- # Heat API service endpoint type in keystone (string value)
- #endpoint_type = publicURL
- [keystone]
- #
- # From tripleo_common.clients
- #
- # The name of a user the overcloud is deployed on behalf of (string
- # value)
- #username = admin
- # The pass of a user the overcloud is deployed on behalf of (string
- # value)
- password = bd631ce835a34feb3dca5333904243c796014eb1
- # The tenant name the overcloud is deployed on behalf of (string
- # value)
- #tenant_name = admin
- # Keystone authentication URL (string value)
- #auth_url = http://localhost:35357/v2.0
- # Keystone authentication API version (string value)
- #auth_version = 2
- # Set to False when Heat API uses HTTPS (boolean value)
- #insecure = true
- [keystone_authtoken]
- #
- # From keystonemiddleware.auth_token
- #
- # Complete public Identity API endpoint. (string value)
- #auth_uri = <None>
- # API version of the admin Identity API endpoint. (string value)
- #auth_version = <None>
- # Do not handle authorization requests within the middleware, but
- # delegate the authorization decision to downstream WSGI components.
- # (boolean value)
- #delay_auth_decision = false
- # Request timeout value for communicating with Identity API server.
- # (integer value)
- #http_connect_timeout = <None>
- # How many times are we trying to reconnect when communicating with
- # Identity API Server. (integer value)
- #http_request_max_retries = 3
- # Env key for the swift cache. (string value)
- #cache = <None>
- # Required if identity server requires client certificate (string
- # value)
- #certfile = <None>
- # Required if identity server requires client certificate (string
- # value)
- #keyfile = <None>
- # A PEM encoded Certificate Authority to use when verifying HTTPs
- # connections. Defaults to system CAs. (string value)
- #cafile = <None>
- # Verify HTTPS connections. (boolean value)
- #insecure = false
- # The region in which the identity server can be found. (string value)
- #region_name = <None>
- # Directory used to cache files related to PKI tokens. (string value)
- #signing_dir = <None>
- # Optionally specify a list of memcached server(s) to use for caching.
- # If left undefined, tokens will instead be cached in-process. (list
- # value)
- # Deprecated group/name - [DEFAULT]/memcache_servers
- #memcached_servers = <None>
- # In order to prevent excessive effort spent validating tokens, the
- # middleware caches previously-seen tokens for a configurable duration
- # (in seconds). Set to -1 to disable caching completely. (integer
- # value)
- #token_cache_time = 300
- # Determines the frequency at which the list of revoked tokens is
- # retrieved from the Identity service (in seconds). A high number of
- # revocation events combined with a low cache duration may
- # significantly reduce performance. (integer value)
- #revocation_cache_time = 10
- # (Optional) If defined, indicate whether token data should be
- # authenticated or authenticated and encrypted. Acceptable values are
- # MAC or ENCRYPT. If MAC, token data is authenticated (with HMAC) in
- # the cache. If ENCRYPT, token data is encrypted and authenticated in
- # the cache. If the value is not one of these options or empty,
- # auth_token will raise an exception on initialization. (string value)
- #memcache_security_strategy = <None>
- # (Optional, mandatory if memcache_security_strategy is defined) This
- # string is used for key derivation. (string value)
- #memcache_secret_key = <None>
- # (Optional) Number of seconds memcached server is considered dead
- # before it is tried again. (integer value)
- #memcache_pool_dead_retry = 300
- # (Optional) Maximum total number of open connections to every
- # memcached server. (integer value)
- #memcache_pool_maxsize = 10
- # (Optional) Socket timeout in seconds for communicating with a
- # memcached server. (integer value)
- #memcache_pool_socket_timeout = 3
- # (Optional) Number of seconds a connection to memcached is held
- # unused in the pool before it is closed. (integer value)
- #memcache_pool_unused_timeout = 60
- # (Optional) Number of seconds that an operation will wait to get a
- # memcached client connection from the pool. (integer value)
- #memcache_pool_conn_get_timeout = 10
- # (Optional) Use the advanced (eventlet safe) memcached client pool.
- # The advanced pool will only work under python 2.x. (boolean value)
- #memcache_use_advanced_pool = false
- # (Optional) Indicate whether to set the X-Service-Catalog header. If
- # False, middleware will not ask for service catalog on token
- # validation and will not set the X-Service-Catalog header. (boolean
- # value)
- #include_service_catalog = true
- # Used to control the use and type of token binding. Can be set to:
- # "disabled" to not check token binding. "permissive" (default) to
- # validate binding information if the bind type is of a form known to
- # the server and ignore it if not. "strict" like "permissive" but if
- # the bind type is unknown the token will be rejected. "required" any
- # form of token binding is needed to be allowed. Finally the name of a
- # binding method that must be present in tokens. (string value)
- #enforce_token_bind = permissive
- # If true, the revocation list will be checked for cached tokens. This
- # requires that PKI tokens are configured on the identity server.
- # (boolean value)
- #check_revocations_for_cached = false
- # Hash algorithms to use for hashing PKI tokens. This may be a single
- # algorithm or multiple. The algorithms are those supported by Python
- # standard hashlib.new(). The hashes will be tried in the order given,
- # so put the preferred one first for performance. The result of the
- # first hash will be stored in the cache. This will typically be set
- # to multiple values only while migrating from a less secure algorithm
- # to a more secure one. Once all the old tokens are expired this
- # option should be set to a single value for better performance. (list
- # value)
- #hash_algorithms = md5
- # Prefix to prepend at the beginning of the path. Deprecated, use
- # identity_uri. (string value)
- #auth_admin_prefix =
- # Host providing the admin Identity API endpoint. Deprecated, use
- # identity_uri. (string value)
- #auth_host = 127.0.0.1
- # Port of the admin Identity API endpoint. Deprecated, use
- # identity_uri. (integer value)
- #auth_port = 35357
- # Protocol of the admin Identity API endpoint (http or https).
- # Deprecated, use identity_uri. (string value)
- #auth_protocol = https
- # Complete admin Identity API endpoint. This should specify the
- # unversioned root endpoint e.g. https://localhost:35357/ (string
- # value)
- #identity_uri = <None>
- # This option is deprecated and may be removed in a future release.
- # Single shared secret with the Keystone configuration used for
- # bootstrapping a Keystone installation, or otherwise bypassing the
- # normal authentication process. This option should not be used, use
- # `admin_user` and `admin_password` instead. (string value)
- #admin_token = <None>
- # Service username. (string value)
- #admin_user = <None>
- # Service user password. (string value)
- #admin_password = <None>
- # Service tenant name. (string value)
- #admin_tenant_name = admin
- # Authentication type to load (unknown value)
- # Deprecated group/name - [DEFAULT]/auth_plugin
- #auth_type = <None>
- # Config Section from which to load plugin specific options (unknown
- # value)
- #auth_section = <None>
- [swift]
- #
- # From tripleo_common.clients
- #
- # Maximum number of times to retry a Swift request, before failing.
- # (integer value)
- #max_retries = 2
- # Swift endpoint type. (string value)
- #os_endpoint_type = internalURL
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement