| author | Rich Burridge <rich.burridge@oracle.com> |
| Fri, 06 Feb 2015 12:30:31 -0800 | |
| changeset 3744 | a74b6fa1af7a |
| parent 1944 | 56ac2df1785b |
| child 3998 | 5bd484384122 |
| permissions | -rw-r--r-- |
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
1 |
[DEFAULT] |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
2 |
# A "shared secret" between keystone and other openstack services |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
3 |
# admin_token = ADMIN |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
4 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
5 |
# The IP address of the network interface to listen on |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
6 |
# bind_host = 0.0.0.0 |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
7 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
8 |
# The port number which the public service listens on |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
9 |
# public_port = 5000 |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
10 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
11 |
# The port number which the public admin listens on |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
12 |
# admin_port = 35357 |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
13 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
14 |
# The base endpoint URLs for keystone that are advertised to clients |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
15 |
# (NOTE: this does NOT affect how keystone listens for connections) |
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
16 |
# public_endpoint = http://localhost:%(public_port)s/ |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
17 |
# admin_endpoint = http://localhost:%(admin_port)s/ |
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
18 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
19 |
# The port number which the OpenStack Compute service listens on |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
20 |
# compute_port = 8774 |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
21 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
22 |
# Path to your policy definition containing identity actions |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
23 |
# policy_file = policy.json |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
24 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
25 |
# Rule to check if no matching policy definition is found |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
26 |
# FIXME(dolph): This should really be defined as [policy] default_rule |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
27 |
# policy_default_rule = admin_required |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
28 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
29 |
# Role for migrating membership relationships |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
30 |
# During a SQL upgrade, the following values will be used to create a new role |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
31 |
# that will replace records in the user_tenant_membership table with explicit |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
32 |
# role grants. After migration, the member_role_id will be used in the API |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
33 |
# add_user_to_project, and member_role_name will be ignored. |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
34 |
# member_role_id = 9fe2ff9ee4384b1894a90878d3e92bab |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
35 |
# member_role_name = _member_ |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
36 |
|
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
37 |
# enforced by optional sizelimit middleware (keystone.middleware:RequestBodySizeLimiter) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
38 |
# max_request_body_size = 114688 |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
39 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
40 |
# limit the sizes of user & tenant ID/names |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
41 |
# max_param_size = 64 |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
42 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
43 |
# similar to max_param_size, but provides an exception for token values |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
44 |
# max_token_size = 8192 |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
45 |
|
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
46 |
# === Logging Options === |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
47 |
# Print debugging output |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
48 |
# (includes plaintext request logging, potentially including passwords) |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
49 |
# debug = False |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
50 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
51 |
# Print more verbose output |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
52 |
# verbose = False |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
53 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
54 |
# Name of log file to output to. If not set, logging will go to stdout. |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
55 |
# log_file = keystone.log |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
56 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
57 |
# The directory to keep log files in (will be prepended to --logfile) |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
58 |
# log_dir = /var/log/keystone |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
59 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
60 |
# Use syslog for logging. |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
61 |
# use_syslog = False |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
62 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
63 |
# syslog facility to receive log lines |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
64 |
# syslog_log_facility = LOG_USER |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
65 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
66 |
# If this option is specified, the logging configuration file specified is |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
67 |
# used and overrides any other logging options specified. Please see the |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
68 |
# Python logging module documentation for details on logging configuration |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
69 |
# files. |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
70 |
# log_config = logging.conf |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
71 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
72 |
# A logging.Formatter log message format string which may use any of the |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
73 |
# available logging.LogRecord attributes. |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
74 |
# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
75 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
76 |
# Format string for %(asctime)s in log records. |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
77 |
# log_date_format = %Y-%m-%d %H:%M:%S |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
78 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
79 |
# onready allows you to send a notification when the process is ready to serve |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
80 |
# For example, to have it notify using systemd, one could set shell command: |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
81 |
# onready = systemd-notify --ready |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
82 |
# or a module with notify() method: |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
83 |
# onready = keystone.common.systemd |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
84 |
|
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
85 |
# === Notification Options === |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
86 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
87 |
# Notifications can be sent when users or projects are created, updated or |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
88 |
# deleted. There are three methods of sending notifications: logging (via the |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
89 |
# log_file directive), rpc (via a message queue) and no_op (no notifications |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
90 |
# sent, the default) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
91 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
92 |
# notification_driver can be defined multiple times |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
93 |
# Do nothing driver (the default) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
94 |
# notification_driver = keystone.openstack.common.notifier.no_op_notifier |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
95 |
# Logging driver example (not enabled by default) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
96 |
# notification_driver = keystone.openstack.common.notifier.log_notifier |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
97 |
# RPC driver example (not enabled by default) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
98 |
# notification_driver = keystone.openstack.common.notifier.rpc_notifier |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
99 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
100 |
# Default notification level for outgoing notifications |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
101 |
# default_notification_level = INFO |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
102 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
103 |
# Default publisher_id for outgoing notifications; included in the payload. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
104 |
# default_publisher_id = |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
105 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
106 |
# AMQP topics to publish to when using the RPC notification driver. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
107 |
# Multiple values can be specified by separating with commas. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
108 |
# The actual topic names will be %s.%(default_notification_level)s |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
109 |
# notification_topics = notifications |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
110 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
111 |
# === RPC Options === |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
112 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
113 |
# For Keystone, these options apply only when the RPC notification driver is |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
114 |
# used. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
115 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
116 |
# The messaging module to use, defaults to kombu. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
117 |
# rpc_backend = keystone.openstack.common.rpc.impl_kombu |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
118 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
119 |
# Size of RPC thread pool |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
120 |
# rpc_thread_pool_size = 64 |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
121 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
122 |
# Size of RPC connection pool |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
123 |
# rpc_conn_pool_size = 30 |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
124 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
125 |
# Seconds to wait for a response from call or multicall |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
126 |
# rpc_response_timeout = 60 |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
127 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
128 |
# Seconds to wait before a cast expires (TTL). Only supported by impl_zmq. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
129 |
# rpc_cast_timeout = 30 |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
130 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
131 |
# Modules of exceptions that are permitted to be recreated upon receiving |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
132 |
# exception data from an rpc call. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
133 |
# allowed_rpc_exception_modules = keystone.openstack.common.exception,nova.exception,cinder.exception,exceptions |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
134 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
135 |
# If True, use a fake RabbitMQ provider |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
136 |
# fake_rabbit = False |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
137 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
138 |
# AMQP exchange to connect to if using RabbitMQ or Qpid |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
139 |
# control_exchange = openstack |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
140 |
|
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
141 |
[sql] |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
142 |
# The SQLAlchemy connection string used to connect to the database |
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
143 |
connection = sqlite:////var/lib/keystone/keystone.sqlite |
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
144 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
145 |
# the timeout before idle sql connections are reaped |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
146 |
# idle_timeout = 200 |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
147 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
148 |
[identity] |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
149 |
# driver = keystone.identity.backends.sql.Identity |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
150 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
151 |
# This references the domain to use for all Identity API v2 requests (which are |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
152 |
# not aware of domains). A domain with this ID will be created for you by |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
153 |
# keystone-manage db_sync in migration 008. The domain referenced by this ID |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
154 |
# cannot be deleted on the v3 API, to prevent accidentally breaking the v2 API. |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
155 |
# There is nothing special about this domain, other than the fact that it must |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
156 |
# exist to order to maintain support for your v2 clients. |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
157 |
# default_domain_id = default |
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
158 |
# |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
159 |
# A subset (or all) of domains can have their own identity driver, each with |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
160 |
# their own partial configuration file in a domain configuration directory. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
161 |
# Only values specific to the domain need to be placed in the domain specific |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
162 |
# configuration file. This feature is disabled by default; set |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
163 |
# domain_specific_drivers_enabled to True to enable. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
164 |
# domain_specific_drivers_enabled = False |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
165 |
# domain_config_dir = /etc/keystone/domains |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
166 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
167 |
# Maximum supported length for user passwords; decrease to improve performance. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
168 |
# max_password_length = 4096 |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
169 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
170 |
[credential] |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
171 |
# driver = keystone.credential.backends.sql.Credential |
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
172 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
173 |
[trust] |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
174 |
# driver = keystone.trust.backends.sql.Trust |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
175 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
176 |
# delegation and impersonation features can be optionally disabled |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
177 |
# enabled = True |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
178 |
|
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
179 |
[os_inherit] |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
180 |
# role-assignment inheritance to projects from owning domain can be |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
181 |
# optionally enabled |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
182 |
# enabled = False |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
183 |
|
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
184 |
[catalog] |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
185 |
# dynamic, sql-based backend (supports API/CLI-based management commands) |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
186 |
# driver = keystone.catalog.backends.sql.Catalog |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
187 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
188 |
# static, file-based backend (does *NOT* support any management commands) |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
189 |
# driver = keystone.catalog.backends.templated.TemplatedCatalog |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
190 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
191 |
# template_file = default_catalog.templates |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
192 |
|
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
193 |
[endpoint_filter] |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
194 |
# extension for creating associations between project and endpoints in order to |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
195 |
# provide a tailored catalog for project-scoped token requests. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
196 |
# driver = keystone.contrib.endpoint_filter.backends.sql.EndpointFilter |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
197 |
# return_all_endpoints_if_no_filter = True |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
198 |
|
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
199 |
[token] |
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
200 |
# Provides token persistence. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
201 |
# driver = keystone.token.backends.sql.Token |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
202 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
203 |
# Controls the token construction, validation, and revocation operations. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
204 |
# Core providers are keystone.token.providers.[pki|uuid].Provider |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
205 |
# provider = |
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
206 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
207 |
# Amount of time a token should remain valid (in seconds) |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
208 |
# expiration = 86400 |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
209 |
|
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
210 |
# External auth mechanisms that should add bind information to token. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
211 |
# eg kerberos, x509 |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
212 |
# bind = |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
213 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
214 |
# Enforcement policy on tokens presented to keystone with bind information. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
215 |
# One of disabled, permissive, strict, required or a specifically required bind |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
216 |
# mode e.g. kerberos or x509 to require binding to that authentication. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
217 |
# enforce_token_bind = permissive |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
218 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
219 |
# Token specific caching toggle. This has no effect unless the global caching |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
220 |
# option is set to True |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
221 |
# caching = True |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
222 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
223 |
# Token specific cache time-to-live (TTL) in seconds. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
224 |
# cache_time = |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
225 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
226 |
# Revocation-List specific cache time-to-live (TTL) in seconds. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
227 |
# revocation_cache_time = 3600 |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
228 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
229 |
[cache] |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
230 |
# Global cache functionality toggle. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
231 |
# enabled = False |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
232 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
233 |
# Prefix for building the configuration dictionary for the cache region. This |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
234 |
# should not need to be changed unless there is another dogpile.cache region |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
235 |
# with the same configuration name |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
236 |
# config_prefix = cache.keystone |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
237 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
238 |
# Default TTL, in seconds, for any cached item in the dogpile.cache region. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
239 |
# This applies to any cached method that doesn't have an explicit cache |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
240 |
# expiration time defined for it. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
241 |
# expiration_time = 600 |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
242 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
243 |
# Dogpile.cache backend module. It is recommended that Memcache |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
244 |
# (dogpile.cache.memcache) or Redis (dogpile.cache.redis) be used in production |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
245 |
# deployments. Small workloads (single process) like devstack can use the |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
246 |
# dogpile.cache.memory backend. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
247 |
# backend = keystone.common.cache.noop |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
248 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
249 |
# Arguments supplied to the backend module. Specify this option once per |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
250 |
# argument to be passed to the dogpile.cache backend. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
251 |
# Example format: <argname>:<value> |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
252 |
# backend_argument = |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
253 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
254 |
# Proxy Classes to import that will affect the way the dogpile.cache backend |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
255 |
# functions. See the dogpile.cache documentation on changing-backend-behavior. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
256 |
# Comma delimited list e.g. my.dogpile.proxy.Class, my.dogpile.proxyClass2 |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
257 |
# proxies = |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
258 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
259 |
# Use a key-mangling function (sha1) to ensure fixed length cache-keys. This |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
260 |
# is toggle-able for debugging purposes, it is highly recommended to always |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
261 |
# leave this set to True. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
262 |
# use_key_mangler = True |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
263 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
264 |
# Extra debugging from the cache backend (cache keys, get/set/delete/etc calls) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
265 |
# This is only really useful if you need to see the specific cache-backend |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
266 |
# get/set/delete calls with the keys/values. Typically this should be left |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
267 |
# set to False. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
268 |
# debug_cache_backend = False |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
269 |
|
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
270 |
[policy] |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
271 |
# driver = keystone.policy.backends.sql.Policy |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
272 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
273 |
[ec2] |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
274 |
# driver = keystone.contrib.ec2.backends.kvs.Ec2 |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
275 |
|
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
276 |
[assignment] |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
277 |
# driver = |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
278 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
279 |
# Assignment specific caching toggle. This has no effect unless the global |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
280 |
# caching option is set to True |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
281 |
# caching = True |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
282 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
283 |
# Assignment specific cache time-to-live (TTL) in seconds. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
284 |
# cache_time = |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
285 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
286 |
[oauth1] |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
287 |
# driver = keystone.contrib.oauth1.backends.sql.OAuth1 |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
288 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
289 |
# The Identity service may include expire attributes. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
290 |
# If no such attribute is included, then the token lasts indefinitely. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
291 |
# Specify how quickly the request token will expire (in seconds) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
292 |
# request_token_duration = 28800 |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
293 |
# Specify how quickly the access token will expire (in seconds) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
294 |
# access_token_duration = 86400 |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
295 |
|
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
296 |
[ssl] |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
297 |
#enable = True |
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
298 |
#certfile = /etc/keystone/pki/certs/ssl_cert.pem |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
299 |
#keyfile = /etc/keystone/pki/private/ssl_key.pem |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
300 |
#ca_certs = /etc/keystone/pki/certs/cacert.pem |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
301 |
#ca_key = /etc/keystone/pki/private/cakey.pem |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
302 |
#key_size = 1024 |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
303 |
#valid_days = 3650 |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
304 |
#cert_required = False |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
305 |
#cert_subject = /C=US/ST=Unset/L=Unset/O=Unset/CN=localhost |
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
306 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
307 |
[signing] |
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
308 |
# Deprecated in favor of provider in the [token] section |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
309 |
# Allowed values are PKI or UUID |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
310 |
#token_format = |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
311 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
312 |
#certfile = /etc/keystone/pki/certs/signing_cert.pem |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
313 |
#keyfile = /etc/keystone/pki/private/signing_key.pem |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
314 |
#ca_certs = /etc/keystone/pki/certs/cacert.pem |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
315 |
#ca_key = /etc/keystone/pki/private/cakey.pem |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
316 |
#key_size = 2048 |
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
317 |
#valid_days = 3650 |
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
318 |
#cert_subject = /C=US/ST=Unset/L=Unset/O=Unset/CN=www.example.com |
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
319 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
320 |
[ldap] |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
321 |
# url = ldap://localhost |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
322 |
# user = dc=Manager,dc=example,dc=com |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
323 |
# password = None |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
324 |
# suffix = cn=example,cn=com |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
325 |
# use_dumb_member = False |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
326 |
# allow_subtree_delete = False |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
327 |
# dumb_member = cn=dumb,dc=example,dc=com |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
328 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
329 |
# Maximum results per page; a value of zero ('0') disables paging (default)
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
330 |
# page_size = 0 |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
331 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
332 |
# The LDAP dereferencing option for queries. This can be either 'never', |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
333 |
# 'searching', 'always', 'finding' or 'default'. The 'default' option falls |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
334 |
# back to using default dereferencing configured by your ldap.conf. |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
335 |
# alias_dereferencing = default |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
336 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
337 |
# The LDAP scope for queries, this can be either 'one' |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
338 |
# (onelevel/singleLevel) or 'sub' (subtree/wholeSubtree) |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
339 |
# query_scope = one |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
340 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
341 |
# user_tree_dn = ou=Users,dc=example,dc=com |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
342 |
# user_filter = |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
343 |
# user_objectclass = inetOrgPerson |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
344 |
# user_id_attribute = cn |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
345 |
# user_name_attribute = sn |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
346 |
# user_mail_attribute = email |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
347 |
# user_pass_attribute = userPassword |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
348 |
# user_enabled_attribute = enabled |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
349 |
# user_enabled_mask = 0 |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
350 |
# user_enabled_default = True |
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
351 |
# user_attribute_ignore = default_project_id,tenants |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
352 |
# user_default_project_id_attribute = |
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
353 |
# user_allow_create = True |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
354 |
# user_allow_update = True |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
355 |
# user_allow_delete = True |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
356 |
# user_enabled_emulation = False |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
357 |
# user_enabled_emulation_dn = |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
358 |
|
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
359 |
# tenant_tree_dn = ou=Projects,dc=example,dc=com |
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
360 |
# tenant_filter = |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
361 |
# tenant_objectclass = groupOfNames |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
362 |
# tenant_domain_id_attribute = businessCategory |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
363 |
# tenant_id_attribute = cn |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
364 |
# tenant_member_attribute = member |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
365 |
# tenant_name_attribute = ou |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
366 |
# tenant_desc_attribute = desc |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
367 |
# tenant_enabled_attribute = enabled |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
368 |
# tenant_attribute_ignore = |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
369 |
# tenant_allow_create = True |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
370 |
# tenant_allow_update = True |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
371 |
# tenant_allow_delete = True |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
372 |
# tenant_enabled_emulation = False |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
373 |
# tenant_enabled_emulation_dn = |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
374 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
375 |
# role_tree_dn = ou=Roles,dc=example,dc=com |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
376 |
# role_filter = |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
377 |
# role_objectclass = organizationalRole |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
378 |
# role_id_attribute = cn |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
379 |
# role_name_attribute = ou |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
380 |
# role_member_attribute = roleOccupant |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
381 |
# role_attribute_ignore = |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
382 |
# role_allow_create = True |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
383 |
# role_allow_update = True |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
384 |
# role_allow_delete = True |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
385 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
386 |
# group_tree_dn = |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
387 |
# group_filter = |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
388 |
# group_objectclass = groupOfNames |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
389 |
# group_id_attribute = cn |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
390 |
# group_name_attribute = ou |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
391 |
# group_member_attribute = member |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
392 |
# group_desc_attribute = desc |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
393 |
# group_attribute_ignore = |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
394 |
# group_allow_create = True |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
395 |
# group_allow_update = True |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
396 |
# group_allow_delete = True |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
397 |
|
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
398 |
# ldap TLS options |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
399 |
# if both tls_cacertfile and tls_cacertdir are set then |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
400 |
# tls_cacertfile will be used and tls_cacertdir is ignored |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
401 |
# valid options for tls_req_cert are demand, never, and allow |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
402 |
# use_tls = False |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
403 |
# tls_cacertfile = |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
404 |
# tls_cacertdir = |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
405 |
# tls_req_cert = demand |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
406 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
407 |
# Additional attribute mappings can be used to map ldap attributes to internal |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
408 |
# keystone attributes. This allows keystone to fulfill ldap objectclass |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
409 |
# requirements. An example to map the description and gecos attributes to a |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
410 |
# user's name would be: |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
411 |
# user_additional_attribute_mapping = description:name, gecos:name |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
412 |
# |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
413 |
# domain_additional_attribute_mapping = |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
414 |
# group_additional_attribute_mapping = |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
415 |
# role_additional_attribute_mapping = |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
416 |
# project_additional_attribute_mapping = |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
417 |
# user_additional_attribute_mapping = |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
418 |
|
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
419 |
[auth] |
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
420 |
methods = external,password,token,oauth1 |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
421 |
#external = keystone.auth.plugins.external.ExternalDefault |
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
422 |
password = keystone.auth.plugins.password.Password |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
423 |
token = keystone.auth.plugins.token.Token |
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
424 |
oauth1 = keystone.auth.plugins.oauth1.OAuth |
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
425 |
|
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
426 |
[paste_deploy] |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
427 |
# Name of the paste configuration file that defines the available pipelines |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
428 |
config_file = keystone-paste.ini |