--- a/components/openstack/glance/Makefile Wed Sep 07 14:48:41 2016 -0700
+++ b/components/openstack/glance/Makefile Wed Sep 07 14:48:42 2016 -0700
@@ -26,20 +26,19 @@
include ../../../make-rules/shared-macros.mk
COMPONENT_NAME= glance
-COMPONENT_CODENAME= kilo
-COMPONENT_VERSION= 2015.1.2
-COMPONENT_BE_VERSION= 2015.1
+COMPONENT_CODENAME= mitaka
+COMPONENT_VERSION= 12.0.0
+COMPONENT_BE_VERSION= 2016.1
COMPONENT_SRC= $(COMPONENT_NAME)-$(COMPONENT_VERSION)
COMPONENT_ARCHIVE= $(COMPONENT_SRC).tar.gz
COMPONENT_ARCHIVE_HASH= \
- sha256:e46bc6648a74a643cef3825dcd44c7e275ed3385b96cab83ef50c4c514932541
-COMPONENT_ARCHIVE_URL= http://launchpad.net/$(COMPONENT_NAME)/$(COMPONENT_CODENAME)/$(COMPONENT_VERSION)/+download/$(COMPONENT_ARCHIVE)
+ sha256:42213a4cd59bbcaa5f34d09ff48494a4d9831de9f27fc8541726a685a4c4f509
+COMPONENT_ARCHIVE_URL= https://tarballs.openstack.org/$(COMPONENT_NAME)/$(COMPONENT_ARCHIVE)
COMPONENT_SIG_URL= $(COMPONENT_ARCHIVE_URL).asc
COMPONENT_PROJECT_URL= http://www.openstack.org/
COMPONENT_BUGDB= service/glance
-IPS_COMPONENT_VERSION= 0.$(COMPONENT_VERSION)
-TPNO= 25785
+TPNO= 30299
PKG_VARS += COMPONENT_BE_VERSION
@@ -85,14 +84,10 @@
REQUIRED_PACKAGES += library/python/eventlet-27
REQUIRED_PACKAGES += library/python/glance_store-27
REQUIRED_PACKAGES += library/python/iniparse-27
-REQUIRED_PACKAGES += library/python/m2crypto-27
REQUIRED_PACKAGES += library/python/oslo.config-27
REQUIRED_PACKAGES += library/python/oslo.messaging-27
-REQUIRED_PACKAGES += library/python/oslo.serialization-27
REQUIRED_PACKAGES += library/python/oslo.utils-27
-REQUIRED_PACKAGES += library/python/osprofiler-27
REQUIRED_PACKAGES += library/python/six-27
REQUIRED_PACKAGES += library/python/sqlalchemy-27
REQUIRED_PACKAGES += library/python/sqlalchemy-migrate-27
-REQUIRED_PACKAGES += library/python/webob-27
REQUIRED_PACKAGES += system/core-os
--- a/components/openstack/glance/files/glance-api.conf Wed Sep 07 14:48:41 2016 -0700
+++ b/components/openstack/glance/files/glance-api.conf Wed Sep 07 14:48:42 2016 -0700
@@ -5,7 +5,7 @@
#
# When true, this option sets the owner of an image to be the tenant.
-# Otherwise, the owner of the image will be the authenticated user
+# Otherwise, the owner of the image will be the authenticated user
# issuing the request. (boolean value)
#owner_is_tenant = true
@@ -18,6 +18,9 @@
# value)
#allow_anonymous_access = false
+# Limits request ID length. (integer value)
+#max_request_id_length = 64
+
# Public url to use for versions endpoint. The default is None, which
# will use the request's host_url attribute to populate the URL base.
# If Glance is operating behind a proxy, you will want to change this
@@ -64,19 +67,20 @@
# For example, if using the file system store a URL of
# "file:///path/to/image" will be returned to the user in the
# 'direct_url' meta-data field. Revealing storage location can be a
-# security risk, so use this setting with caution! The overrides
-# show_image_direct_url. (boolean value)
+# security risk, so use this setting with caution! Setting this to
+# true overrides the show_image_direct_url option. (boolean value)
#show_multiple_locations = false
# Maximum size of image a user can upload in bytes. Defaults to
-# 1099511627776 bytes (1 TB).WARNING: this value should only be
+# 1099511627776 bytes (1 TB). WARNING: this value should only be
# increased after careful consideration and must be set to a value
# under 8 EB (9223372036854775808). (integer value)
+# Maximum value: 9223372036854775808
#image_size_cap = 1099511627776
# Set a system wide quota for every user. This value is the total
# capacity that a user can use across all storage systems. A value of
-# 0 means unlimited.Optional unit can be specified for the value.
+# 0 means unlimited. Optional unit can be specified for the value.
# Accepted units are B, KB, MB, GB and TB representing Bytes,
# KiloBytes, MegaBytes, GigaBytes and TeraBytes respectively. If no
# unit is specified then Bytes is assumed. Note that there should not
@@ -101,7 +105,9 @@
#pydev_worker_debug_host = <None>
# The port on which a pydev process is listening for connections.
-# (integer value)
+# (port value)
+# Minimum value: 0
+# Maximum value: 65535
#pydev_worker_debug_port = 5678
# AES key for encrypting store 'location' metadata. This includes, if
@@ -109,14 +115,12 @@
# length 16, 24 or 32 bytes (string value)
#metadata_encryption_key = <None>
-# Digest algorithm which will be used for digital signature; the
-# default is sha1 the default in Kilo for a smooth upgrade process,
-# and it will be updated with sha256 in next release(L). Use the
+# Digest algorithm which will be used for digital signature. Use the
# command "openssl list-message-digest-algorithms" to get the
# available algorithms supported by the version of OpenSSL on the
# platform. Examples are "sha1", "sha256", "sha512", etc. (string
# value)
-#digest_algorithm = sha1
+#digest_algorithm = sha256
# This value sets what strategy will be used to determine the image
# location order. Currently two strategies are packaged with Glance
@@ -124,7 +128,7 @@
# Allowed values: location_order, store_type
#location_strategy = location_order
-# The location of the property protection file.This file contains the
+# The location of the property protection file. This file contains the
# rules for property protections and the roles/policies associated
# with it. If this config value is not specified, by default, property
# protections won't be enforced. If a value is specified and the file
@@ -139,13 +143,15 @@
# Modules of exceptions that are permitted to be recreated upon
# receiving exception data from an rpc call. (list value)
-#allowed_rpc_exception_modules = openstack.common.exception,glance.common.exception,exceptions
+#allowed_rpc_exception_modules = glance.common.exception,builtins,exceptions
# Address to bind the server. Useful when selecting a particular
# network interface. (string value)
#bind_host = 0.0.0.0
-# The port on which the server will listen. (integer value)
+# The port on which the server will listen. (port value)
+# Minimum value: 0
+# Maximum value: 65535
#bind_port = <None>
# The number of child process workers that will be created to service
@@ -170,7 +176,7 @@
# Timeout for client connections' socket operations. If an incoming
# connection is idle for this number of seconds it will be closed. A
# value of '0' means wait forever. (integer value)
-#client_socket_timeout = 0
+#client_socket_timeout = 900
# The backlog value that will be used when creating the TCP listener
# socket. (integer value)
@@ -201,15 +207,16 @@
#image_cache_driver = sqlite
# The upper limit (the maximum size of accumulated cache in bytes)
-# beyond which pruner, if running, starts cleaning the images cache.
-# (integer value)
+# beyond which the cache pruner, if running, starts cleaning the image
+# cache. (integer value)
#image_cache_max_size = 10737418240
-# The amount of time to let an image remain in the cache without being
-# accessed. (integer value)
+# The amount of time to let an incomplete image remain in the cache,
+# before the cache cleaner, if running, will remove the incomplete
+# image. (integer value)
#image_cache_stall_time = 86400
-# Base directory that the Image Cache uses. (string value)
+# Base directory that the image cache uses. (string value)
#image_cache_dir = <None>
# Default publisher_id for outgoing notifications. (string value)
@@ -227,41 +234,85 @@
# Address to find the registry server. (string value)
#registry_host = 0.0.0.0
-# Port the registry server is listening on. (integer value)
+# Port the registry server is listening on. (port value)
+# Minimum value: 0
+# Maximum value: 65535
#registry_port = 9191
# Whether to pass through the user token when making requests to the
-# registry. (boolean value)
-# WARNING: DO NOT CHANGE THIS VALUE. Setting use_user_token to False
-# allows for unintended privilege escalation within the Glance API server.
-# See https://wiki.openstack.org/wiki/OSSN/OSSN-0060
+# registry. To prevent failures with token expiration during big files
+# upload, it is recommended to set this parameter to False. If
+# "use_user_token" is not in effect, then admin credentials can be
+# specified. (boolean value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: This option was considered harmful and has been deprecated
+# in M release. It will be removed in O release. For more information
+# read OSSN-0060. Related functionality with uploading big images has
+# been implemented with Keystone trusts support.
#use_user_token = true
# The administrators user name. If "use_user_token" is not in effect,
# then admin credentials can be specified. (string value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: This option was considered harmful and has been deprecated
+# in M release. It will be removed in O release. For more information
+# read OSSN-0060. Related functionality with uploading big images has
+# been implemented with Keystone trusts support.
#admin_user = <None>
# The administrators password. If "use_user_token" is not in effect,
# then admin credentials can be specified. (string value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: This option was considered harmful and has been deprecated
+# in M release. It will be removed in O release. For more information
+# read OSSN-0060. Related functionality with uploading big images has
+# been implemented with Keystone trusts support.
#admin_password = <None>
# The tenant name of the administrative user. If "use_user_token" is
# not in effect, then admin tenant name can be specified. (string
# value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: This option was considered harmful and has been deprecated
+# in M release. It will be removed in O release. For more information
+# read OSSN-0060. Related functionality with uploading big images has
+# been implemented with Keystone trusts support.
#admin_tenant_name = <None>
# The URL to the keystone service. If "use_user_token" is not in
# effect and using keystone auth, then URL of keystone can be
# specified. (string value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: This option was considered harmful and has been deprecated
+# in M release. It will be removed in O release. For more information
+# read OSSN-0060. Related functionality with uploading big images has
+# been implemented with Keystone trusts support.
#auth_url = <None>
# The strategy to use for authentication. If "use_user_token" is not
# in effect, then auth strategy can be specified. (string value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: This option was considered harmful and has been deprecated
+# in M release. It will be removed in O release. For more information
+# read OSSN-0060. Related functionality with uploading big images has
+# been implemented with Keystone trusts support.
#auth_strategy = noauth
# The region for the authentication service. If "use_user_token" is
# not in effect and using keystone auth, then region name can be
# specified. (string value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: This option was considered harmful and has been deprecated
+# in M release. It will be removed in O release. For more information
+# read OSSN-0060. Related functionality with uploading big images has
+# been implemented with Keystone trusts support.
#auth_region = <None>
# The protocol to use for communication with the registry server.
@@ -305,105 +356,105 @@
# than auth_token middleware. (boolean value)
#send_identity_headers = false
-# Directory that the scrubber will use to track information about what
-# to delete. Make sure this is set in glance-api.conf and glance-
-# scrubber.conf. (string value)
-#scrubber_datadir = /var/lib/glance/scrubber
-
# The amount of time in seconds to delay before performing a delete.
# (integer value)
#scrub_time = 0
-# A boolean that determines if the scrubber should clean up the files
-# it uses for taking data. Only one server in your deployment should
-# be designated the cleanup host. (boolean value)
-#cleanup_scrubber = false
+# The size of thread pool to be used for scrubbing images. The default
+# is one, which signifies serial scrubbing. Any value above one
+# indicates the max number of images that may be scrubbed in parallel.
+# (integer value)
+#scrub_pool_size = 1
# Turn on/off delayed delete. (boolean value)
#delayed_delete = false
-# Items must have a modified time that is older than this value in
-# order to be candidates for cleanup. (integer value)
-#cleanup_scrubber_time = 86400
-
#
# From oslo.log
#
-# Print debugging output (set logging level to DEBUG instead of
-# default WARNING level). (boolean value)
+# If set to true, the logging level will be set to DEBUG instead of
+# the default INFO level. (boolean value)
#debug = false
-# Print more verbose output (set logging level to INFO instead of
-# default WARNING level). (boolean value)
-#verbose = false
+# If set to false, the logging level will be set to WARNING instead of
+# the default INFO level. (boolean value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+#verbose = true
# The name of a logging configuration file. This file is appended to
# any existing logging configuration files. For details about logging
# configuration files, see the Python logging module documentation.
-# (string value)
+# Note that when logging configuration files are used then all logging
+# configuration is set in the configuration file and other logging
+# configuration options are ignored (for example,
+# logging_context_format_string). (string value)
# Deprecated group/name - [DEFAULT]/log_config
#log_config_append = <None>
-# DEPRECATED. A logging.Formatter log message format string which may
-# use any of the available logging.LogRecord attributes. This option
-# is deprecated. Please use logging_context_format_string and
-# logging_default_format_string instead. (string value)
-#log_format = <None>
-
-# Format string for %%(asctime)s in log records. Default: %(default)s
-# . (string value)
+# Defines the format string for %%(asctime)s in log records. Default:
+# %(default)s . This option is ignored if log_config_append is set.
+# (string value)
#log_date_format = %Y-%m-%d %H:%M:%S
-# (Optional) Name of log file to output to. If no default is set,
-# logging will go to stdout. (string value)
+# (Optional) Name of log file to send logging output to. If no default
+# is set, logging will go to stderr as defined by use_stderr. This
+# option is ignored if log_config_append is set. (string value)
# Deprecated group/name - [DEFAULT]/logfile
#log_file = <None>
-# (Optional) The base directory used for relative --log-file paths.
-# (string value)
+# (Optional) The base directory used for relative log_file paths.
+# This option is ignored if log_config_append is set. (string value)
# Deprecated group/name - [DEFAULT]/logdir
#log_dir = <None>
-# Use syslog for logging. Existing syslog format is DEPRECATED during
-# I, and will change in J to honor RFC5424. (boolean value)
+# Uses logging handler designed to watch file system. When log file is
+# moved or removed this handler will open a new log file with
+# specified path instantaneously. It makes sense only if log_file
+# option is specified and Linux platform is used. This option is
+# ignored if log_config_append is set. (boolean value)
+#watch_log_file = false
+
+# Use syslog for logging. Existing syslog format is DEPRECATED and
+# will be changed later to honor RFC5424. This option is ignored if
+# log_config_append is set. (boolean value)
#use_syslog = false
-# (Optional) Enables or disables syslog rfc5424 format for logging. If
-# enabled, prefixes the MSG part of the syslog message with APP-NAME
-# (RFC5424). The format without the APP-NAME is deprecated in I, and
-# will be removed in J. (boolean value)
-#use_syslog_rfc_format = false
-
-# Syslog facility to receive log lines. (string value)
+# Syslog facility to receive log lines. This option is ignored if
+# log_config_append is set. (string value)
#syslog_log_facility = LOG_USER
-# Log output to standard error. (boolean value)
+# Log output to standard error. This option is ignored if
+# log_config_append is set. (boolean value)
#use_stderr = true
# Format string to use for log messages with context. (string value)
#logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s
-# Format string to use for log messages without context. (string
-# value)
+# Format string to use for log messages when context is undefined.
+# (string value)
#logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s
-# Data to append to log format when level is DEBUG. (string value)
+# Additional data to append to log message when logging level for the
+# message is DEBUG. (string value)
#logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d
# Prefix each line of exception output with this format. (string
# value)
-#logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s
+#logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s
-# List of logger=LEVEL pairs. (list value)
-#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN
+# Defines the format string for %(user_identity)s that is used in
+# logging_context_format_string. (string value)
+#logging_user_identity_format = %(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s
+
+# List of package logging levels in logger=LEVEL pairs. This option is
+# ignored if log_config_append is set. (list value)
+#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN,keystoneauth=WARN,oslo.cache=INFO,dogpile.core.dogpile=INFO
# Enables or disables publication of error events. (boolean value)
#publish_errors = false
-# Enables or disables fatal status of deprecations. (boolean value)
-#fatal_deprecations = false
-
# The format for an instance that is passed with the log message.
# (string value)
#instance_format = "[instance: %(uuid)s] "
@@ -412,20 +463,29 @@
# (string value)
#instance_uuid_format = "[instance: %(uuid)s] "
+# Enables or disables fatal status of deprecations. (boolean value)
+#fatal_deprecations = false
+
#
# From oslo.messaging
#
+# Size of RPC connection pool. (integer value)
+# Deprecated group/name - [DEFAULT]/rpc_conn_pool_size
+#rpc_conn_pool_size = 30
+
# ZeroMQ bind address. Should be a wildcard (*), an ethernet
# interface, or IP. The "host" option should point or resolve to this
# address. (string value)
#rpc_zmq_bind_address = *
# MatchMaker driver. (string value)
-#rpc_zmq_matchmaker = local
+# Allowed values: redis, dummy
+#rpc_zmq_matchmaker = redis
-# ZeroMQ receiver listening port. (integer value)
-#rpc_zmq_port = 9501
+# Type of concurrency used. Either "native" or "eventlet" (string
+# value)
+#rpc_zmq_concurrency = eventlet
# Number of ZeroMQ contexts, defaults to 1. (integer value)
#rpc_zmq_contexts = 1
@@ -441,25 +501,41 @@
# Must match "host" option, if running Nova. (string value)
#rpc_zmq_host = localhost
-# Seconds to wait before a cast expires (TTL). Only supported by
-# impl_zmq. (integer value)
-#rpc_cast_timeout = 30
+# Seconds to wait before a cast expires (TTL). The default value of -1
+# specifies an infinite linger period. The value of 0 specifies no
+# linger period. Pending messages shall be discarded immediately when
+# the socket is closed. Only supported by impl_zmq. (integer value)
+#rpc_cast_timeout = -1
-# Heartbeat frequency. (integer value)
-#matchmaker_heartbeat_freq = 300
+# The default number of seconds that poll should wait. Poll raises
+# timeout exception when timeout expired. (integer value)
+#rpc_poll_timeout = 1
-# Heartbeat time-to-live. (integer value)
-#matchmaker_heartbeat_ttl = 600
+# Expiration timeout in seconds of a name service record about
+# existing target ( < 0 means no timeout). (integer value)
+#zmq_target_expire = 120
+
+# Use PUB/SUB pattern for fanout methods. PUB/SUB always uses proxy.
+# (boolean value)
+#use_pub_sub = true
-# Size of RPC thread pool. (integer value)
-#rpc_thread_pool_size = 64
+# Minimal port number for random ports range. (port value)
+# Minimum value: 0
+# Maximum value: 65535
+#rpc_zmq_min_port = 49152
-# Driver or drivers to handle sending notifications. (multi valued)
-#notification_driver =
+# Maximal port number for random ports range. (integer value)
+# Minimum value: 1
+# Maximum value: 65536
+#rpc_zmq_max_port = 65536
-# AMQP topic used for OpenStack notifications. (list value)
-# Deprecated group/name - [rpc_notifier2]/topics
-#notification_topics = notifications
+# Number of retries to find free port number before fail with
+# ZMQBindError. (integer value)
+#rpc_zmq_bind_port_retries = 100
+
+# Size of executor thread pool. (integer value)
+# Deprecated group/name - [DEFAULT]/rpc_thread_pool_size
+#executor_thread_pool_size = 64
# Seconds to wait for a response from a call. (integer value)
#rpc_response_timeout = 60
@@ -470,7 +546,7 @@
#transport_url = <None>
# The messaging driver to use, defaults to rabbit. Other drivers
-# include qpid and zmq. (string value)
+# include amqp and zmq. (string value)
#rpc_backend = rabbit
# The default exchange under which topics are scoped. May be
@@ -479,6 +555,66 @@
#control_exchange = openstack
+[cors]
+
+#
+# From oslo.middleware
+#
+
+# Indicate whether this resource may be shared with the domain
+# received in the requests "origin" header. (list value)
+#allowed_origin = <None>
+
+# Indicate that the actual request can include user credentials
+# (boolean value)
+#allow_credentials = true
+
+# Indicate which headers are safe to expose to the API. Defaults to
+# HTTP Simple Headers. (list value)
+#expose_headers = X-Image-Meta-Checksum,X-Auth-Token,X-Subject-Token,X-Service-Token,X-OpenStack-Request-ID
+
+# Maximum cache age of CORS preflight requests. (integer value)
+#max_age = 3600
+
+# Indicate which methods can be used during the actual request. (list
+# value)
+#allow_methods = GET,PUT,POST,DELETE,PATCH
+
+# Indicate which header field names may be used during the actual
+# request. (list value)
+#allow_headers = Content-MD5,X-Image-Meta-Checksum,X-Storage-Token,Accept-Encoding,X-Auth-Token,X-Identity-Status,X-Roles,X-Service-Catalog,X-User-Id,X-Tenant-Id,X-OpenStack-Request-ID
+
+
+[cors.subdomain]
+
+#
+# From oslo.middleware
+#
+
+# Indicate whether this resource may be shared with the domain
+# received in the requests "origin" header. (list value)
+#allowed_origin = <None>
+
+# Indicate that the actual request can include user credentials
+# (boolean value)
+#allow_credentials = true
+
+# Indicate which headers are safe to expose to the API. Defaults to
+# HTTP Simple Headers. (list value)
+#expose_headers = X-Image-Meta-Checksum,X-Auth-Token,X-Subject-Token,X-Service-Token,X-OpenStack-Request-ID
+
+# Maximum cache age of CORS preflight requests. (integer value)
+#max_age = 3600
+
+# Indicate which methods can be used during the actual request. (list
+# value)
+#allow_methods = GET,PUT,POST,DELETE,PATCH
+
+# Indicate which header field names may be used during the actual
+# request. (list value)
+#allow_headers = Content-MD5,X-Image-Meta-Checksum,X-Storage-Token,Accept-Encoding,X-Auth-Token,X-Identity-Status,X-Roles,X-Service-Catalog,X-User-Id,X-Tenant-Id,X-OpenStack-Request-ID
+
+
[database]
#
@@ -514,12 +650,6 @@
# Example: mysql_sql_mode= (string value)
#mysql_sql_mode = TRADITIONAL
-# This configures the MySQL storage engine. This allows for OpenStack to
-# support different storage engines such as InnoDB, NDB, etc. By Default,
-# this value will be set to InnoDB. For MySQL Cluster, set to NDBCLUSTER.
-# Example: mysql_storage_engine=(string value)
-#mysql_storage_engine = InnoDB
-
# Timeout before idle SQL connections are reaped. (integer value)
# Deprecated group/name - [DEFAULT]/sql_idle_timeout
# Deprecated group/name - [DATABASE]/sql_idle_timeout
@@ -554,7 +684,7 @@
# value)
# Deprecated group/name - [DEFAULT]/sql_max_overflow
# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow
-#max_overflow = <None>
+#max_overflow = 50
# Verbosity of SQL debugging information: 0=None, 100=Everything.
# (integer value)
@@ -590,6 +720,15 @@
# (integer value)
#db_max_retries = 20
+#
+# From oslo.db.concurrency
+#
+
+# Enable the experimental use of thread pooling for all DB API calls
+# (boolean value)
+# Deprecated group/name - [DEFAULT]/dbapi_use_tpool
+#use_tpool = false
+
[glance_store]
@@ -597,7 +736,8 @@
# From glance.store
#
-# List of stores enabled (list value)
+# List of stores enabled. Valid stores are: cinder, file, http, rbd,
+# sheepdog, swift, s3, vsphere (list value)
#stores = file,http
# Default scheme to use to store image data. The scheme must be
@@ -613,10 +753,6 @@
# (integer value)
#store_capabilities_update_min_interval = 0
-#
-# From glance.store
-#
-
# Images will be chunked into objects of this size (in megabytes). For
# best performance, this should be a power of two. (integer value)
#sheepdog_store_chunk_size = 64
@@ -646,9 +782,31 @@
# (string value)
#rbd_store_ceph_conf = /etc/ceph/ceph.conf
+# Timeout value (in seconds) used when connecting to ceph cluster. If
+# value <= 0, no timeout is set and default librados value is used.
+# (integer value)
+#rados_connect_timeout = 0
+
+# Specify the path to the CA bundle file to use in verifying the
+# remote server certificate. (string value)
+#https_ca_certificates_file = <None>
+
+# If true, the remote server certificate is not verified. If false,
+# then the default CA truststore is used for verification. This option
+# is ignored if "https_ca_certificates_file" is set. (boolean value)
+#https_insecure = true
+
+# Specify the http/https proxy information that should be used to
+# connect to the remote server. The proxy information should be a key
+# value pair of the scheme and proxy. e.g. http:10.0.0.1:3128. You can
+# specify proxies for multiple schemes by seperating the key value
+# pairs with a comma.e.g. http:10.0.0.1:3128, https:10.0.0.1:1080.
+# (dict value)
+#http_proxy_information =
+
# Directory to which the Filesystem backend store writes images.
# (string value)
-filesystem_store_datadir = /var/lib/glance/images/
+#filesystem_store_datadir = /var/lib/glance/images
# List of directories and its priorities to which the Filesystem
# backend store writes images. (multi valued)
@@ -669,15 +827,6 @@
# digit. (integer value)
#filesystem_store_file_perm = 0
-# Hostname or IP address of the instance to connect to, or a mongodb
-# URI, or a list of hostnames / mongodb URIs. If host is an IPv6
-# literal it must be enclosed in '[' and ']' characters following the
-# RFC2732 URL syntax (e.g. '[::1]' for localhost) (string value)
-#mongodb_store_uri = <None>
-
-# Database to use (string value)
-#mongodb_store_db = <None>
-
# The host where the S3 server is listening. (string value)
#s3_store_host = <None>
@@ -715,6 +864,21 @@
# (integer value)
#s3_store_thread_pools = 10
+# Enable the use of a proxy. (boolean value)
+#s3_store_enable_proxy = false
+
+# Address or hostname for the proxy server. (string value)
+#s3_store_proxy_host = <None>
+
+# The port to use when connecting over a proxy. (integer value)
+#s3_store_proxy_port = 8080
+
+# The username to connect to the proxy. (string value)
+#s3_store_proxy_user = <None>
+
+# The password to use when connecting over a proxy. (string value)
+#s3_store_proxy_password = <None>
+
# ESX/ESXi or vCenter Server target system. The server value can be an
# IP address or a DNS name. (string value)
#vmware_server_host = <None>
@@ -727,18 +891,6 @@
# value)
#vmware_server_password = <None>
-# DEPRECATED. Inventory path to a datacenter. If the
-# vmware_server_host specified is an ESX/ESXi, the
-# vmware_datacenter_path is optional. If specified, it should be "ha-
-# datacenter". This option is deprecated in favor of vmware_datastores
-# and will be removed in the Liberty release. (string value)
-#vmware_datacenter_path = ha-datacenter
-
-# DEPRECATED. Datastore associated with the datacenter. This option is
-# deprecated in favor of vmware_datastores and will be removed in the
-# Liberty release. (string value)
-#vmware_datastore_name = <None>
-
# Number of times VMware ESX/VC server API must be retried upon
# connection related issues. (integer value)
#vmware_api_retry_count = 10
@@ -751,36 +903,43 @@
# the VMware datastore. (string value)
#vmware_store_image_dir = /openstack_glance
-# Allow to perform insecure SSL requests to ESX/VC. (boolean value)
-#vmware_api_insecure = false
+# If true, the ESX/vCenter server certificate is not verified. If
+# false, then the default CA truststore is used for verification. This
+# option is ignored if "vmware_ca_file" is set. (boolean value)
+# Deprecated group/name - [DEFAULT]/vmware_api_insecure
+#vmware_insecure = false
+
+# Specify a CA bundle file to use in verifying the ESX/vCenter server
+# certificate. (string value)
+#vmware_ca_file = <None>
# A list of datastores where the image can be stored. This option may
-# be specified multiple times for specifying multiple datastores.
-# Either one of vmware_datastore_name or vmware_datastores is
-# required. The datastore name should be specified after its
-# datacenter path, seperated by ":". An optional weight may be given
-# after the datastore name, seperated again by ":". Thus, the required
-# format becomes <datacenter_path>:<datastore_name>:<optional_weight>.
-# When adding an image, the datastore with highest weight will be
-# selected, unless there is not enough free space available in cases
-# where the image size is already known. If no weight is given, it is
-# assumed to be zero and the directory will be considered for
-# selection last. If multiple datastores have the same weight, then
-# the one with the most free space available is selected. (multi
-# valued)
+# be specified multiple times for specifying multiple datastores. The
+# datastore name should be specified after its datacenter path,
+# seperated by ":". An optional weight may be given after the
+# datastore name, seperated again by ":". Thus, the required format
+# becomes <datacenter_path>:<datastore_name>:<optional_weight>. When
+# adding an image, the datastore with highest weight will be selected,
+# unless there is not enough free space available in cases where the
+# image size is already known. If no weight is given, it is assumed to
+# be zero and the directory will be considered for selection last. If
+# multiple datastores have the same weight, then the one with the most
+# free space available is selected. (multi valued)
#vmware_datastores =
# Info to match when looking for cinder in the service catalog. Format
# is : separated values of the form:
# <service_type>:<service_name>:<endpoint_type> (string value)
-#cinder_catalog_info = volume:cinder:publicURL
+#cinder_catalog_info = volumev2::publicURL
# Override service catalog lookup with template for cinder endpoint
-# e.g. http://localhost:8776/v1/%(project_id)s (string value)
+# e.g. http://localhost:8776/v2/%(tenant)s (string value)
#cinder_endpoint_template = <None>
-# Region name of this node (string value)
-#os_region_name = <None>
+# Region name of this node. If specified, it will be used to locate
+# OpenStack services for stores. (string value)
+# Deprecated group/name - [DEFAULT]/os_region_name
+#cinder_os_region_name = <None>
# Location of ca certicates file to use for cinder client requests.
# (string value)
@@ -789,13 +948,33 @@
# Number of cinderclient retries on failed http calls (integer value)
#cinder_http_retries = 3
+# Time period of time in seconds to wait for a cinder volume
+# transition to complete. (integer value)
+#cinder_state_transition_timeout = 300
+
# Allow to perform insecure SSL requests to cinder (boolean value)
#cinder_api_insecure = false
-# Version of the authentication service to use. Valid versions are 2
-# for keystone and 1 for swauth and rackspace. (deprecated) (string
+# The address where the Cinder authentication service is listening. If
+# <None>, the cinder endpoint in the service catalog is used. (string
# value)
-#swift_store_auth_version = 2
+#cinder_store_auth_address = <None>
+
+# User name to authenticate against Cinder. If <None>, the user of
+# current context is used. (string value)
+#cinder_store_user_name = <None>
+
+# Password for the user authenticating against Cinder. If <None>, the
+# current context auth token is used. (string value)
+#cinder_store_password = <None>
+
+# Project name where the image is stored in Cinder. If <None>, the
+# project in current context is used. (string value)
+#cinder_store_project_name = <None>
+
+# Path to the rootwrap configuration file to use for running commands
+# as root. (string value)
+#rootwrap_config = /etc/glance/rootwrap.conf
# If True, swiftclient won't check for a valid SSL certificate when
# authenticating. (boolean value)
@@ -850,7 +1029,7 @@
# When set to 0, a single-tenant store will only use one container to
# store all images. When set to an integer value between 1 and 32, a
# single-tenant store will use multiple containers to store images,
-# and this value will determine how many containers are created.Used
+# and this value will determine how many containers are created. Used
# only when swift_store_multi_tenant is disabled. The total number of
# containers that will be used is equal to 16^N, so if this config
# option is set to 2, then 16^2=256 containers will be used to store
@@ -871,20 +1050,42 @@
# request fails. (integer value)
#swift_store_retry_get_count = 0
+# The period of time (in seconds) before token expirationwhen
+# glance_store will try to reques new user token. Default value 60 sec
+# means that if token is going to expire in 1 min then glance_store
+# request new user token. (integer value)
+#swift_store_expire_soon_interval = 60
+
+# If set to True create a trust for each add/get request to Multi-
+# tenant store in order to prevent authentication token to be expired
+# during uploading/downloading data. If set to False then user token
+# is used for Swift connection (so no overhead on trust creation).
+# Please note that this option is considered only and only if
+# swift_store_multi_tenant=True (boolean value)
+#swift_store_use_trusts = true
+
# The reference to the default swift account/backing store parameters
# to use for adding new images. (string value)
#default_swift_reference = ref1
-# The address where the Swift authentication service is
-# listening.(deprecated) (string value)
+# Version of the authentication service to use. Valid versions are 2
+# and 3 for keystone and 1 (deprecated) for swauth and rackspace.
+# (deprecated - use "auth_version" in swift_store_config_file) (string
+# value)
+#swift_store_auth_version = 2
+
+# The address where the Swift authentication service is listening.
+# (deprecated - use "auth_address" in swift_store_config_file) (string
+# value)
#swift_store_auth_address = <None>
# The user to authenticate against the Swift authentication service
-# (deprecated) (string value)
+# (deprecated - use "user" in swift_store_config_file) (string value)
#swift_store_user = <None>
# Auth key for the user authenticating against the Swift
-# authentication service. (deprecated) (string value)
+# authentication service. (deprecated - use "key" in
+# swift_store_config_file) (string value)
#swift_store_key = <None>
# The config file that has the swift account(s)configs. (string value)
@@ -900,7 +1101,7 @@
# Supported values for the 'container_format' image attribute (list
# value)
# Deprecated group/name - [DEFAULT]/container_formats
-#container_formats = ami,ari,aki,bare,ovf,ova,uar
+#container_formats = ami,ari,aki,bare,ovf,ova,docker,uar
# Supported values for the 'disk_format' image attribute (list value)
# Deprecated group/name - [DEFAULT]/disk_formats
@@ -950,6 +1151,9 @@
# Verify HTTPS connections. (boolean value)
#insecure = false
+# The region in which the identity server can be found. (string value)
+#region_name = <None>
+
# Directory used to cache files related to PKI tokens. (string value)
signing_dir = /var/lib/glance/keystone-signing
@@ -972,12 +1176,13 @@
#revocation_cache_time = 10
# (Optional) If defined, indicate whether token data should be
-# authenticated or authenticated and encrypted. Acceptable values are
-# MAC or ENCRYPT. If MAC, token data is authenticated (with HMAC) in
-# the cache. If ENCRYPT, token data is encrypted and authenticated in
-# the cache. If the value is not one of these options or empty,
-# auth_token will raise an exception on initialization. (string value)
-#memcache_security_strategy = <None>
+# authenticated or authenticated and encrypted. If MAC, token data is
+# authenticated (with HMAC) in the cache. If ENCRYPT, token data is
+# encrypted and authenticated in the cache. If the value is not one of
+# these options or empty, auth_token will raise an exception on
+# initialization. (string value)
+# Allowed values: None, MAC, ENCRYPT
+#memcache_security_strategy = None
# (Optional, mandatory if memcache_security_strategy is defined) This
# string is used for key derivation. (string value)
@@ -992,7 +1197,7 @@
#memcache_pool_maxsize = 10
# (Optional) Socket timeout in seconds for communicating with a
-# memcache server. (integer value)
+# memcached server. (integer value)
#memcache_pool_socket_timeout = 3
# (Optional) Number of seconds a connection to memcached is held
@@ -1000,10 +1205,10 @@
#memcache_pool_unused_timeout = 60
# (Optional) Number of seconds that an operation will wait to get a
-# memcache client connection from the pool. (integer value)
+# memcached client connection from the pool. (integer value)
#memcache_pool_conn_get_timeout = 10
-# (Optional) Use the advanced (eventlet safe) memcache client pool.
+# (Optional) Use the advanced (eventlet safe) memcached client pool.
# The advanced pool will only work under python 2.x. (boolean value)
#memcache_use_advanced_pool = false
@@ -1038,34 +1243,18 @@
# value)
#hash_algorithms = md5
-# Prefix to prepend at the beginning of the path. Deprecated, use
-# identity_uri. (string value)
-#auth_admin_prefix =
-
-# Host providing the admin Identity API endpoint. Deprecated, use
-# identity_uri. (string value)
-#auth_host = 127.0.0.1
-
-# Port of the admin Identity API endpoint. Deprecated, use
-# identity_uri. (integer value)
-#auth_port = 35357
+# Authentication type to load (unknown value)
+# Deprecated group/name - [DEFAULT]/auth_plugin
+#auth_type = <None>
-# Protocol of the admin Identity API endpoint (http or https).
-# Deprecated, use identity_uri. (string value)
-#auth_protocol = https
+# Config Section from which to load plugin specific options (unknown
+# value)
+#auth_section = <None>
-# Complete admin Identity API endpoint. This should specify the
-# unversioned root endpoint e.g. https://localhost:35357/ (string
-# value)
+# Complete admin Identity API endpoint. This should specify the unversioned
+# root endpoint e.g. https://localhost:35357/ (string value)
identity_uri = http://127.0.0.1:35357/
-# This option is deprecated and may be removed in a future release.
-# Single shared secret with the Keystone configuration used for
-# bootstrapping a Keystone installation, or otherwise bypassing the
-# normal authentication process. This option should not be used, use
-# `admin_user` and `admin_password` instead. (string value)
-#admin_token = <None>
-
# Service username. (string value)
admin_user = %SERVICE_USER%
@@ -1075,13 +1264,6 @@
# Service tenant name. (string value)
admin_tenant_name = %SERVICE_TENANT_NAME%
-# Name of the plugin to load (string value)
-#auth_plugin = <None>
-
-# Config Section from which to load plugin specific options (string
-# value)
-#auth_section = <None>
-
[matchmaker_redis]
@@ -1092,22 +1274,29 @@
# Host to locate redis. (string value)
#host = 127.0.0.1
-# Use this port to connect to redis host. (integer value)
+# Use this port to connect to redis host. (port value)
+# Minimum value: 0
+# Maximum value: 65535
#port = 6379
# Password for Redis server (optional). (string value)
-#password = <None>
+#password =
+# List of Redis Sentinel hosts (fault tolerance mode) e.g.
+# [host:port, host1:port ... ] (list value)
+#sentinel_hosts =
-[matchmaker_ring]
+# Redis replica set name. (string value)
+#sentinel_group_name = oslo-messaging-zeromq
-#
-# From oslo.messaging
-#
+# Time in ms to wait between connection attempts. (integer value)
+#wait_timeout = 500
-# Matchmaker ring file (JSON). (string value)
-# Deprecated group/name - [DEFAULT]/matchmaker_ringfile
-#ringfile = /etc/oslo/matchmaker_ring.json
+# Time in ms to wait before the transaction is killed. (integer value)
+#check_timeout = 20000
+
+# Timeout in ms on blocking socket operations (integer value)
+#socket_timeout = 1000
[oslo_concurrency]
@@ -1125,7 +1314,7 @@
# that need locking. Defaults to environment variable OSLO_LOCK_PATH.
# If external locks are used, a lock path must be set. (string value)
# Deprecated group/name - [DEFAULT]/lock_path
-#lock_path = <None>
+lock_path = /var/lib/glance/lock
[oslo_messaging_amqp]
@@ -1158,8 +1347,7 @@
# Deprecated group/name - [amqp1]/trace
#trace = false
-# CA certificate PEM file for verifing server certificate (string
-# value)
+# CA certificate PEM file to verify server certificate (string value)
# Deprecated group/name - [amqp1]/ssl_ca_file
#ssl_ca_file =
@@ -1181,73 +1369,49 @@
# Deprecated group/name - [amqp1]/allow_insecure_clients
#allow_insecure_clients = false
+# Space separated list of acceptable SASL mechanisms (string value)
+# Deprecated group/name - [amqp1]/sasl_mechanisms
+#sasl_mechanisms =
-[oslo_messaging_qpid]
+# Path to directory that contains the SASL configuration (string
+# value)
+# Deprecated group/name - [amqp1]/sasl_config_dir
+#sasl_config_dir =
+
+# Name of configuration file (without .conf suffix) (string value)
+# Deprecated group/name - [amqp1]/sasl_config_name
+#sasl_config_name =
+
+# User name for message broker authentication (string value)
+# Deprecated group/name - [amqp1]/username
+#username =
+
+# Password for message broker authentication (string value)
+# Deprecated group/name - [amqp1]/password
+#password =
+
+
+[oslo_messaging_notifications]
#
# From oslo.messaging
#
-# Use durable queues in AMQP. (boolean value)
-# Deprecated group/name - [DEFAULT]/rabbit_durable_queues
-#amqp_durable_queues = false
-
-# Auto-delete queues in AMQP. (boolean value)
-# Deprecated group/name - [DEFAULT]/amqp_auto_delete
-#amqp_auto_delete = false
-
-# Size of RPC connection pool. (integer value)
-# Deprecated group/name - [DEFAULT]/rpc_conn_pool_size
-#rpc_conn_pool_size = 30
-
-# Qpid broker hostname. (string value)
-# Deprecated group/name - [DEFAULT]/qpid_hostname
-#qpid_hostname = localhost
-
-# Qpid broker port. (integer value)
-# Deprecated group/name - [DEFAULT]/qpid_port
-#qpid_port = 5672
-
-# Qpid HA cluster host:port pairs. (list value)
-# Deprecated group/name - [DEFAULT]/qpid_hosts
-#qpid_hosts = $qpid_hostname:$qpid_port
-
-# Username for Qpid connection. (string value)
-# Deprecated group/name - [DEFAULT]/qpid_username
-#qpid_username =
+# The Drivers(s) to handle sending notifications. Possible values are
+# messaging, messagingv2, routing, log, test, noop (multi valued)
+# Deprecated group/name - [DEFAULT]/notification_driver
+#driver =
-# Password for Qpid connection. (string value)
-# Deprecated group/name - [DEFAULT]/qpid_password
-#qpid_password =
-
-# Space separated list of SASL mechanisms to use for auth. (string
-# value)
-# Deprecated group/name - [DEFAULT]/qpid_sasl_mechanisms
-#qpid_sasl_mechanisms =
-
-# Seconds between connection keepalive heartbeats. (integer value)
-# Deprecated group/name - [DEFAULT]/qpid_heartbeat
-#qpid_heartbeat = 60
+# A URL representing the messaging driver to use for notifications. If
+# not set, we fall back to the same configuration used for RPC.
+# (string value)
+# Deprecated group/name - [DEFAULT]/notification_transport_url
+#transport_url = <None>
-# Transport to use, either 'tcp' or 'ssl'. (string value)
-# Deprecated group/name - [DEFAULT]/qpid_protocol
-#qpid_protocol = tcp
-
-# Whether to disable the Nagle algorithm. (boolean value)
-# Deprecated group/name - [DEFAULT]/qpid_tcp_nodelay
-#qpid_tcp_nodelay = true
-
-# The number of prefetched messages held by receiver. (integer value)
-# Deprecated group/name - [DEFAULT]/qpid_receiver_capacity
-#qpid_receiver_capacity = 1
-
-# The qpid topology version to use. Version 1 is what was originally
-# used by impl_qpid. Version 2 includes some backwards-incompatible
-# changes that allow broker federation to work. Users should update
-# to version 2 when they are able to take everything down, as it
-# requires a clean break. (integer value)
-# Deprecated group/name - [DEFAULT]/qpid_topology_version
-#qpid_topology_version = 1
+# AMQP topic used for OpenStack notifications. (list value)
+# Deprecated group/name - [rpc_notifier2]/topics
+# Deprecated group/name - [DEFAULT]/notification_topics
+#topics = notifications
[oslo_messaging_rabbit]
@@ -1257,6 +1421,7 @@
#
# Use durable queues in AMQP. (boolean value)
+# Deprecated group/name - [DEFAULT]/amqp_durable_queues
# Deprecated group/name - [DEFAULT]/rabbit_durable_queues
#amqp_durable_queues = false
@@ -1264,10 +1429,6 @@
# Deprecated group/name - [DEFAULT]/amqp_auto_delete
#amqp_auto_delete = false
-# Size of RPC connection pool. (integer value)
-# Deprecated group/name - [DEFAULT]/rpc_conn_pool_size
-#rpc_conn_pool_size = 30
-
# SSL version to use (valid only if SSL enabled). Valid values are
# TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be
# available on some distributions. (string value)
@@ -1292,13 +1453,31 @@
# Deprecated group/name - [DEFAULT]/kombu_reconnect_delay
#kombu_reconnect_delay = 1.0
+# EXPERIMENTAL: Possible values are: gzip, bz2. If not set compression
+# will not be used. This option may notbe available in future
+# versions. (string value)
+#kombu_compression = <None>
+
+# How long to wait a missing client beforce abandoning to send it its
+# replies. This value should not be longer than rpc_response_timeout.
+# (integer value)
+# Deprecated group/name - [DEFAULT]/kombu_reconnect_timeout
+#kombu_missing_consumer_retry_timeout = 60
+
+# Determines how the next RabbitMQ node is chosen in case the one we
+# are currently connected to becomes unavailable. Takes effect only if
+# more than one RabbitMQ node is provided in config. (string value)
+# Allowed values: round-robin, shuffle
+#kombu_failover_strategy = round-robin
+
# The RabbitMQ broker address where a single node is used. (string
# value)
# Deprecated group/name - [DEFAULT]/rabbit_host
#rabbit_host = localhost
-# The RabbitMQ broker port where a single node is used. (integer
-# value)
+# The RabbitMQ broker port where a single node is used. (port value)
+# Minimum value: 0
+# Maximum value: 65535
# Deprecated group/name - [DEFAULT]/rabbit_port
#rabbit_port = 5672
@@ -1334,21 +1513,40 @@
# Deprecated group/name - [DEFAULT]/rabbit_retry_backoff
#rabbit_retry_backoff = 2
+# Maximum interval of RabbitMQ connection retries. Default is 30
+# seconds. (integer value)
+#rabbit_interval_max = 30
+
# Maximum number of RabbitMQ connection retries. Default is 0
# (infinite retry count). (integer value)
# Deprecated group/name - [DEFAULT]/rabbit_max_retries
#rabbit_max_retries = 0
-# Use HA queues in RabbitMQ (x-ha-policy: all). If you change this
-# option, you must wipe the RabbitMQ database. (boolean value)
+# Try to use HA queues in RabbitMQ (x-ha-policy: all). If you change
+# this option, you must wipe the RabbitMQ database. In RabbitMQ 3.0,
+# queue mirroring is no longer controlled by the x-ha-policy argument
+# when declaring a queue. If you just want to make sure that all
+# queues (except those with auto-generated names) are mirrored across
+# all nodes, run: "rabbitmqctl set_policy HA '^(?!amq\.).*' '{"ha-
+# mode": "all"}' " (boolean value)
# Deprecated group/name - [DEFAULT]/rabbit_ha_queues
#rabbit_ha_queues = false
+# Positive integer representing duration in seconds for queue TTL
+# (x-expires). Queues which are unused for the duration of the TTL are
+# automatically deleted. The parameter affects only reply and fanout
+# queues. (integer value)
+# Minimum value: 1
+#rabbit_transient_queues_ttl = 1800
+
+# Specifies the number of messages to prefetch. Setting to zero allows
+# unlimited messages. (integer value)
+#rabbit_qos_prefetch_count = 0
+
# Number of seconds after which the Rabbit broker is considered down
-# if heartbeat's keep-alive fails (0 disables the heartbeat, >0
-# enables it. Enabling heartbeats requires kombu>=3.0.7 and
-# amqp>=1.4.0). EXPERIMENTAL (integer value)
-#heartbeat_timeout_threshold = 0
+# if heartbeat's keep-alive fails (0 disable the heartbeat).
+# EXPERIMENTAL (integer value)
+#heartbeat_timeout_threshold = 60
# How often times during the heartbeat_timeout_threshold we check the
# heartbeat. (integer value)
@@ -1359,6 +1557,129 @@
# Deprecated group/name - [DEFAULT]/fake_rabbit
#fake_rabbit = false
+# Maximum number of channels to allow (integer value)
+#channel_max = <None>
+
+# The maximum byte size for an AMQP frame (integer value)
+#frame_max = <None>
+
+# How often to send heartbeats for consumer's connections (integer
+# value)
+#heartbeat_interval = 1
+
+# Enable SSL (boolean value)
+#ssl = <None>
+
+# Arguments passed to ssl.wrap_socket (dict value)
+#ssl_options = <None>
+
+# Set socket timeout in seconds for connection's socket (floating
+# point value)
+#socket_timeout = 0.25
+
+# Set TCP_USER_TIMEOUT in seconds for connection's socket (floating
+# point value)
+#tcp_user_timeout = 0.25
+
+# Set delay for reconnection to some host which has connection error
+# (floating point value)
+#host_connection_reconnect_delay = 0.25
+
+# Maximum number of connections to keep queued. (integer value)
+#pool_max_size = 10
+
+# Maximum number of connections to create above `pool_max_size`.
+# (integer value)
+#pool_max_overflow = 0
+
+# Default number of seconds to wait for a connections to available
+# (integer value)
+#pool_timeout = 30
+
+# Lifetime of a connection (since creation) in seconds or None for no
+# recycling. Expired connections are closed on acquire. (integer
+# value)
+#pool_recycle = 600
+
+# Threshold at which inactive (since release) connections are
+# considered stale in seconds or None for no staleness. Stale
+# connections are closed on acquire. (integer value)
+#pool_stale = 60
+
+# Persist notification messages. (boolean value)
+#notification_persistence = false
+
+# Exchange name for for sending notifications (string value)
+#default_notification_exchange = ${control_exchange}_notification
+
+# Max number of not acknowledged message which RabbitMQ can send to
+# notification listener. (integer value)
+#notification_listener_prefetch_count = 100
+
+# Reconnecting retry count in case of connectivity problem during
+# sending notification, -1 means infinite retry. (integer value)
+#default_notification_retry_attempts = -1
+
+# Reconnecting retry delay in case of connectivity problem during
+# sending notification message (floating point value)
+#notification_retry_delay = 0.25
+
+# Time to live for rpc queues without consumers in seconds. (integer
+# value)
+#rpc_queue_expiration = 60
+
+# Exchange name for sending RPC messages (string value)
+#default_rpc_exchange = ${control_exchange}_rpc
+
+# Exchange name for receiving RPC replies (string value)
+#rpc_reply_exchange = ${control_exchange}_rpc_reply
+
+# Max number of not acknowledged message which RabbitMQ can send to
+# rpc listener. (integer value)
+#rpc_listener_prefetch_count = 100
+
+# Max number of not acknowledged message which RabbitMQ can send to
+# rpc reply listener. (integer value)
+#rpc_reply_listener_prefetch_count = 100
+
+# Reconnecting retry count in case of connectivity problem during
+# sending reply. -1 means infinite retry during rpc_timeout (integer
+# value)
+#rpc_reply_retry_attempts = -1
+
+# Reconnecting retry delay in case of connectivity problem during
+# sending reply. (floating point value)
+#rpc_reply_retry_delay = 0.25
+
+# Reconnecting retry count in case of connectivity problem during
+# sending RPC message, -1 means infinite retry. If actual retry
+# attempts in not 0 the rpc request could be processed more then one
+# time (integer value)
+#default_rpc_retry_attempts = -1
+
+# Reconnecting retry delay in case of connectivity problem during
+# sending RPC message (floating point value)
+#rpc_retry_delay = 0.25
+
+
+[oslo_middleware]
+
+#
+# From oslo.middleware
+#
+
+# The maximum body size for each request, in bytes. (integer value)
+# Deprecated group/name - [DEFAULT]/osapi_max_request_body_size
+# Deprecated group/name - [DEFAULT]/max_request_body_size
+#max_request_body_size = 114688
+
+# The HTTP Header that will be used to determine what the original
+# request protocol scheme was, even if it was hidden by an SSL
+# termination proxy. (string value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+#secure_proxy_ssl_header = X-Forwarded-Proto
+
[oslo_policy]
@@ -1412,6 +1733,10 @@
# If False doesn't trace SQL requests. (boolean value)
#trace_sqlalchemy = false
+# Secret key to use to sign Glance API and Glance Registry services
+# tracing messages. (string value)
+#hmac_keys = SECRET_KEY
+
[store_type_location_strategy]
--- a/components/openstack/glance/files/glance-api.xml Wed Sep 07 14:48:41 2016 -0700
+++ b/components/openstack/glance/files/glance-api.xml Wed Sep 07 14:48:42 2016 -0700
@@ -64,6 +64,11 @@
<exec_method timeout_seconds="60" type="method" name="stop"
exec=":kill"/>
+ <property_group name="startd" type="framework">
+ <!-- glance-api manages its children so we should ignore their death -->
+ <propval name='ignore_error' type='astring' value='signal' />
+ </property_group>
+
<instance name='default' enabled='false'>
<!-- to start/stop/refresh the service -->
<property_group name='general' type='framework'>
--- a/components/openstack/glance/files/glance-cache.conf Wed Sep 07 14:48:41 2016 -0700
+++ b/components/openstack/glance/files/glance-cache.conf Wed Sep 07 14:48:42 2016 -0700
@@ -44,19 +44,20 @@
# For example, if using the file system store a URL of
# "file:///path/to/image" will be returned to the user in the
# 'direct_url' meta-data field. Revealing storage location can be a
-# security risk, so use this setting with caution! The overrides
-# show_image_direct_url. (boolean value)
+# security risk, so use this setting with caution! Setting this to
+# true overrides the show_image_direct_url option. (boolean value)
#show_multiple_locations = false
# Maximum size of image a user can upload in bytes. Defaults to
-# 1099511627776 bytes (1 TB).WARNING: this value should only be
+# 1099511627776 bytes (1 TB). WARNING: this value should only be
# increased after careful consideration and must be set to a value
# under 8 EB (9223372036854775808). (integer value)
+# Maximum value: 9223372036854775808
#image_size_cap = 1099511627776
# Set a system wide quota for every user. This value is the total
# capacity that a user can use across all storage systems. A value of
-# 0 means unlimited.Optional unit can be specified for the value.
+# 0 means unlimited. Optional unit can be specified for the value.
# Accepted units are B, KB, MB, GB and TB representing Bytes,
# KiloBytes, MegaBytes, GigaBytes and TeraBytes respectively. If no
# unit is specified then Bytes is assumed. Note that there should not
@@ -81,7 +82,9 @@
#pydev_worker_debug_host = <None>
# The port on which a pydev process is listening for connections.
-# (integer value)
+# (port value)
+# Minimum value: 0
+# Maximum value: 65535
#pydev_worker_debug_port = 5678
# AES key for encrypting store 'location' metadata. This includes, if
@@ -89,14 +92,12 @@
# length 16, 24 or 32 bytes (string value)
#metadata_encryption_key = <None>
-# Digest algorithm which will be used for digital signature; the
-# default is sha1 the default in Kilo for a smooth upgrade process,
-# and it will be updated with sha256 in next release(L). Use the
+# Digest algorithm which will be used for digital signature. Use the
# command "openssl list-message-digest-algorithms" to get the
# available algorithms supported by the version of OpenSSL on the
# platform. Examples are "sha1", "sha256", "sha512", etc. (string
# value)
-#digest_algorithm = sha1
+#digest_algorithm = sha256
# The path to the sqlite file database that will be used for image
# cache management. (string value)
@@ -106,135 +107,188 @@
#image_cache_driver = sqlite
# The upper limit (the maximum size of accumulated cache in bytes)
-# beyond which pruner, if running, starts cleaning the images cache.
-# (integer value)
+# beyond which the cache pruner, if running, starts cleaning the image
+# cache. (integer value)
#image_cache_max_size = 10737418240
-# The amount of time to let an image remain in the cache without being
-# accessed. (integer value)
+# The amount of time to let an incomplete image remain in the cache,
+# before the cache cleaner, if running, will remove the incomplete
+# image. (integer value)
#image_cache_stall_time = 86400
-# Base directory that the Image Cache uses. (string value)
+# Base directory that the image cache uses. (string value)
#image_cache_dir = <None>
# Address to find the registry server. (string value)
#registry_host = 0.0.0.0
-# Port the registry server is listening on. (integer value)
+# Port the registry server is listening on. (port value)
+# Minimum value: 0
+# Maximum value: 65535
#registry_port = 9191
# Whether to pass through the user token when making requests to the
-# registry. (boolean value)
-# WARNING: DO NOT CHANGE THIS VALUE. Setting use_user_token to False
-# allows for unintended privilege escalation within the Glance API server.
-# See https://wiki.openstack.org/wiki/OSSN/OSSN-0060
+# registry. To prevent failures with token expiration during big files
+# upload, it is recommended to set this parameter to False. If
+# "use_user_token" is not in effect, then admin credentials can be
+# specified. (boolean value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: This option was considered harmful and has been deprecated
+# in M release. It will be removed in O release. For more information
+# read OSSN-0060. Related functionality with uploading big images has
+# been implemented with Keystone trusts support.
#use_user_token = true
# The administrators user name. If "use_user_token" is not in effect,
# then admin credentials can be specified. (string value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: This option was considered harmful and has been deprecated
+# in M release. It will be removed in O release. For more information
+# read OSSN-0060. Related functionality with uploading big images has
+# been implemented with Keystone trusts support.
admin_user = %SERVICE_USER%
# The administrators password. If "use_user_token" is not in effect,
# then admin credentials can be specified. (string value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: This option was considered harmful and has been deprecated
+# in M release. It will be removed in O release. For more information
+# read OSSN-0060. Related functionality with uploading big images has
+# been implemented with Keystone trusts support.
admin_password = %SERVICE_PASSWORD%
# The tenant name of the administrative user. If "use_user_token" is
# not in effect, then admin tenant name can be specified. (string
# value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: This option was considered harmful and has been deprecated
+# in M release. It will be removed in O release. For more information
+# read OSSN-0060. Related functionality with uploading big images has
+# been implemented with Keystone trusts support.
admin_tenant_name = %SERVICE_TENANT_NAME%
# The URL to the keystone service. If "use_user_token" is not in
# effect and using keystone auth, then URL of keystone can be
# specified. (string value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: This option was considered harmful and has been deprecated
+# in M release. It will be removed in O release. For more information
+# read OSSN-0060. Related functionality with uploading big images has
+# been implemented with Keystone trusts support.
auth_url = http://127.0.0.1:5000/v2.0/
# The strategy to use for authentication. If "use_user_token" is not
# in effect, then auth strategy can be specified. (string value)
-#auth_strategy = noauth
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: This option was considered harmful and has been deprecated
+# in M release. It will be removed in O release. For more information
+# read OSSN-0060. Related functionality with uploading big images has
+# been implemented with Keystone trusts support.
+auth_strategy = keystone
# The region for the authentication service. If "use_user_token" is
# not in effect and using keystone auth, then region name can be
# specified. (string value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: This option was considered harmful and has been deprecated
+# in M release. It will be removed in O release. For more information
+# read OSSN-0060. Related functionality with uploading big images has
+# been implemented with Keystone trusts support.
#auth_region = <None>
#
# From oslo.log
#
-# Print debugging output (set logging level to DEBUG instead of
-# default WARNING level). (boolean value)
+# If set to true, the logging level will be set to DEBUG instead of
+# the default INFO level. (boolean value)
#debug = false
-# Print more verbose output (set logging level to INFO instead of
-# default WARNING level). (boolean value)
-#verbose = false
+# If set to false, the logging level will be set to WARNING instead of
+# the default INFO level. (boolean value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+#verbose = true
# The name of a logging configuration file. This file is appended to
# any existing logging configuration files. For details about logging
# configuration files, see the Python logging module documentation.
-# (string value)
+# Note that when logging configuration files are used then all logging
+# configuration is set in the configuration file and other logging
+# configuration options are ignored (for example,
+# logging_context_format_string). (string value)
# Deprecated group/name - [DEFAULT]/log_config
#log_config_append = <None>
-# DEPRECATED. A logging.Formatter log message format string which may
-# use any of the available logging.LogRecord attributes. This option
-# is deprecated. Please use logging_context_format_string and
-# logging_default_format_string instead. (string value)
-#log_format = <None>
-
-# Format string for %%(asctime)s in log records. Default: %(default)s
-# . (string value)
+# Defines the format string for %%(asctime)s in log records. Default:
+# %(default)s . This option is ignored if log_config_append is set.
+# (string value)
#log_date_format = %Y-%m-%d %H:%M:%S
-# (Optional) Name of log file to output to. If no default is set,
-# logging will go to stdout. (string value)
+# (Optional) Name of log file to send logging output to. If no default
+# is set, logging will go to stderr as defined by use_stderr. This
+# option is ignored if log_config_append is set. (string value)
# Deprecated group/name - [DEFAULT]/logfile
#log_file = <None>
-# (Optional) The base directory used for relative --log-file paths.
-# (string value)
+# (Optional) The base directory used for relative log_file paths.
+# This option is ignored if log_config_append is set. (string value)
# Deprecated group/name - [DEFAULT]/logdir
#log_dir = <None>
-# Use syslog for logging. Existing syslog format is DEPRECATED during
-# I, and will change in J to honor RFC5424. (boolean value)
+# Uses logging handler designed to watch file system. When log file is
+# moved or removed this handler will open a new log file with
+# specified path instantaneously. It makes sense only if log_file
+# option is specified and Linux platform is used. This option is
+# ignored if log_config_append is set. (boolean value)
+#watch_log_file = false
+
+# Use syslog for logging. Existing syslog format is DEPRECATED and
+# will be changed later to honor RFC5424. This option is ignored if
+# log_config_append is set. (boolean value)
#use_syslog = false
-# (Optional) Enables or disables syslog rfc5424 format for logging. If
-# enabled, prefixes the MSG part of the syslog message with APP-NAME
-# (RFC5424). The format without the APP-NAME is deprecated in I, and
-# will be removed in J. (boolean value)
-#use_syslog_rfc_format = false
-
-# Syslog facility to receive log lines. (string value)
+# Syslog facility to receive log lines. This option is ignored if
+# log_config_append is set. (string value)
#syslog_log_facility = LOG_USER
-# Log output to standard error. (boolean value)
+# Log output to standard error. This option is ignored if
+# log_config_append is set. (boolean value)
#use_stderr = true
# Format string to use for log messages with context. (string value)
#logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s
-# Format string to use for log messages without context. (string
-# value)
+# Format string to use for log messages when context is undefined.
+# (string value)
#logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s
-# Data to append to log format when level is DEBUG. (string value)
+# Additional data to append to log message when logging level for the
+# message is DEBUG. (string value)
#logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d
# Prefix each line of exception output with this format. (string
# value)
-#logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s
+#logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s
-# List of logger=LEVEL pairs. (list value)
-#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN
+# Defines the format string for %(user_identity)s that is used in
+# logging_context_format_string. (string value)
+#logging_user_identity_format = %(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s
+
+# List of package logging levels in logger=LEVEL pairs. This option is
+# ignored if log_config_append is set. (list value)
+#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN,keystoneauth=WARN,oslo.cache=INFO,dogpile.core.dogpile=INFO
# Enables or disables publication of error events. (boolean value)
#publish_errors = false
-# Enables or disables fatal status of deprecations. (boolean value)
-#fatal_deprecations = false
-
# The format for an instance that is passed with the log message.
# (string value)
#instance_format = "[instance: %(uuid)s] "
@@ -243,6 +297,9 @@
# (string value)
#instance_uuid_format = "[instance: %(uuid)s] "
+# Enables or disables fatal status of deprecations. (boolean value)
+#fatal_deprecations = false
+
[glance_store]
@@ -250,7 +307,8 @@
# From glance.store
#
-# List of stores enabled (list value)
+# List of stores enabled. Valid stores are: cinder, file, http, rbd,
+# sheepdog, swift, s3, vsphere (list value)
#stores = file,http
# Default scheme to use to store image data. The scheme must be
@@ -266,10 +324,6 @@
# (integer value)
#store_capabilities_update_min_interval = 0
-#
-# From glance.store
-#
-
# Images will be chunked into objects of this size (in megabytes). For
# best performance, this should be a power of two. (integer value)
#sheepdog_store_chunk_size = 64
@@ -299,9 +353,31 @@
# (string value)
#rbd_store_ceph_conf = /etc/ceph/ceph.conf
+# Timeout value (in seconds) used when connecting to ceph cluster. If
+# value <= 0, no timeout is set and default librados value is used.
+# (integer value)
+#rados_connect_timeout = 0
+
+# Specify the path to the CA bundle file to use in verifying the
+# remote server certificate. (string value)
+#https_ca_certificates_file = <None>
+
+# If true, the remote server certificate is not verified. If false,
+# then the default CA truststore is used for verification. This option
+# is ignored if "https_ca_certificates_file" is set. (boolean value)
+#https_insecure = true
+
+# Specify the http/https proxy information that should be used to
+# connect to the remote server. The proxy information should be a key
+# value pair of the scheme and proxy. e.g. http:10.0.0.1:3128. You can
+# specify proxies for multiple schemes by seperating the key value
+# pairs with a comma.e.g. http:10.0.0.1:3128, https:10.0.0.1:1080.
+# (dict value)
+#http_proxy_information =
+
# Directory to which the Filesystem backend store writes images.
# (string value)
-filesystem_store_datadir = /var/lib/glance/images/
+#filesystem_store_datadir = /var/lib/glance/images
# List of directories and its priorities to which the Filesystem
# backend store writes images. (multi valued)
@@ -322,15 +398,6 @@
# digit. (integer value)
#filesystem_store_file_perm = 0
-# Hostname or IP address of the instance to connect to, or a mongodb
-# URI, or a list of hostnames / mongodb URIs. If host is an IPv6
-# literal it must be enclosed in '[' and ']' characters following the
-# RFC2732 URL syntax (e.g. '[::1]' for localhost) (string value)
-#mongodb_store_uri = <None>
-
-# Database to use (string value)
-#mongodb_store_db = <None>
-
# The host where the S3 server is listening. (string value)
#s3_store_host = <None>
@@ -368,6 +435,21 @@
# (integer value)
#s3_store_thread_pools = 10
+# Enable the use of a proxy. (boolean value)
+#s3_store_enable_proxy = false
+
+# Address or hostname for the proxy server. (string value)
+#s3_store_proxy_host = <None>
+
+# The port to use when connecting over a proxy. (integer value)
+#s3_store_proxy_port = 8080
+
+# The username to connect to the proxy. (string value)
+#s3_store_proxy_user = <None>
+
+# The password to use when connecting over a proxy. (string value)
+#s3_store_proxy_password = <None>
+
# ESX/ESXi or vCenter Server target system. The server value can be an
# IP address or a DNS name. (string value)
#vmware_server_host = <None>
@@ -380,18 +462,6 @@
# value)
#vmware_server_password = <None>
-# DEPRECATED. Inventory path to a datacenter. If the
-# vmware_server_host specified is an ESX/ESXi, the
-# vmware_datacenter_path is optional. If specified, it should be "ha-
-# datacenter". This option is deprecated in favor of vmware_datastores
-# and will be removed in the Liberty release. (string value)
-#vmware_datacenter_path = ha-datacenter
-
-# DEPRECATED. Datastore associated with the datacenter. This option is
-# deprecated in favor of vmware_datastores and will be removed in the
-# Liberty release. (string value)
-#vmware_datastore_name = <None>
-
# Number of times VMware ESX/VC server API must be retried upon
# connection related issues. (integer value)
#vmware_api_retry_count = 10
@@ -404,36 +474,43 @@
# the VMware datastore. (string value)
#vmware_store_image_dir = /openstack_glance
-# Allow to perform insecure SSL requests to ESX/VC. (boolean value)
-#vmware_api_insecure = false
+# If true, the ESX/vCenter server certificate is not verified. If
+# false, then the default CA truststore is used for verification. This
+# option is ignored if "vmware_ca_file" is set. (boolean value)
+# Deprecated group/name - [DEFAULT]/vmware_api_insecure
+#vmware_insecure = false
+
+# Specify a CA bundle file to use in verifying the ESX/vCenter server
+# certificate. (string value)
+#vmware_ca_file = <None>
# A list of datastores where the image can be stored. This option may
-# be specified multiple times for specifying multiple datastores.
-# Either one of vmware_datastore_name or vmware_datastores is
-# required. The datastore name should be specified after its
-# datacenter path, seperated by ":". An optional weight may be given
-# after the datastore name, seperated again by ":". Thus, the required
-# format becomes <datacenter_path>:<datastore_name>:<optional_weight>.
-# When adding an image, the datastore with highest weight will be
-# selected, unless there is not enough free space available in cases
-# where the image size is already known. If no weight is given, it is
-# assumed to be zero and the directory will be considered for
-# selection last. If multiple datastores have the same weight, then
-# the one with the most free space available is selected. (multi
-# valued)
+# be specified multiple times for specifying multiple datastores. The
+# datastore name should be specified after its datacenter path,
+# seperated by ":". An optional weight may be given after the
+# datastore name, seperated again by ":". Thus, the required format
+# becomes <datacenter_path>:<datastore_name>:<optional_weight>. When
+# adding an image, the datastore with highest weight will be selected,
+# unless there is not enough free space available in cases where the
+# image size is already known. If no weight is given, it is assumed to
+# be zero and the directory will be considered for selection last. If
+# multiple datastores have the same weight, then the one with the most
+# free space available is selected. (multi valued)
#vmware_datastores =
# Info to match when looking for cinder in the service catalog. Format
# is : separated values of the form:
# <service_type>:<service_name>:<endpoint_type> (string value)
-#cinder_catalog_info = volume:cinder:publicURL
+#cinder_catalog_info = volumev2::publicURL
# Override service catalog lookup with template for cinder endpoint
-# e.g. http://localhost:8776/v1/%(project_id)s (string value)
+# e.g. http://localhost:8776/v2/%(tenant)s (string value)
#cinder_endpoint_template = <None>
-# Region name of this node (string value)
-#os_region_name = <None>
+# Region name of this node. If specified, it will be used to locate
+# OpenStack services for stores. (string value)
+# Deprecated group/name - [DEFAULT]/os_region_name
+#cinder_os_region_name = <None>
# Location of ca certicates file to use for cinder client requests.
# (string value)
@@ -442,13 +519,33 @@
# Number of cinderclient retries on failed http calls (integer value)
#cinder_http_retries = 3
+# Time period of time in seconds to wait for a cinder volume
+# transition to complete. (integer value)
+#cinder_state_transition_timeout = 300
+
# Allow to perform insecure SSL requests to cinder (boolean value)
#cinder_api_insecure = false
-# Version of the authentication service to use. Valid versions are 2
-# for keystone and 1 for swauth and rackspace. (deprecated) (string
+# The address where the Cinder authentication service is listening. If
+# <None>, the cinder endpoint in the service catalog is used. (string
# value)
-#swift_store_auth_version = 2
+#cinder_store_auth_address = <None>
+
+# User name to authenticate against Cinder. If <None>, the user of
+# current context is used. (string value)
+#cinder_store_user_name = <None>
+
+# Password for the user authenticating against Cinder. If <None>, the
+# current context auth token is used. (string value)
+#cinder_store_password = <None>
+
+# Project name where the image is stored in Cinder. If <None>, the
+# project in current context is used. (string value)
+#cinder_store_project_name = <None>
+
+# Path to the rootwrap configuration file to use for running commands
+# as root. (string value)
+#rootwrap_config = /etc/glance/rootwrap.conf
# If True, swiftclient won't check for a valid SSL certificate when
# authenticating. (boolean value)
@@ -503,7 +600,7 @@
# When set to 0, a single-tenant store will only use one container to
# store all images. When set to an integer value between 1 and 32, a
# single-tenant store will use multiple containers to store images,
-# and this value will determine how many containers are created.Used
+# and this value will determine how many containers are created. Used
# only when swift_store_multi_tenant is disabled. The total number of
# containers that will be used is equal to 16^N, so if this config
# option is set to 2, then 16^2=256 containers will be used to store
@@ -524,20 +621,42 @@
# request fails. (integer value)
#swift_store_retry_get_count = 0
+# The period of time (in seconds) before token expirationwhen
+# glance_store will try to reques new user token. Default value 60 sec
+# means that if token is going to expire in 1 min then glance_store
+# request new user token. (integer value)
+#swift_store_expire_soon_interval = 60
+
+# If set to True create a trust for each add/get request to Multi-
+# tenant store in order to prevent authentication token to be expired
+# during uploading/downloading data. If set to False then user token
+# is used for Swift connection (so no overhead on trust creation).
+# Please note that this option is considered only and only if
+# swift_store_multi_tenant=True (boolean value)
+#swift_store_use_trusts = true
+
# The reference to the default swift account/backing store parameters
# to use for adding new images. (string value)
#default_swift_reference = ref1
-# The address where the Swift authentication service is
-# listening.(deprecated) (string value)
+# Version of the authentication service to use. Valid versions are 2
+# and 3 for keystone and 1 (deprecated) for swauth and rackspace.
+# (deprecated - use "auth_version" in swift_store_config_file) (string
+# value)
+#swift_store_auth_version = 2
+
+# The address where the Swift authentication service is listening.
+# (deprecated - use "auth_address" in swift_store_config_file) (string
+# value)
#swift_store_auth_address = <None>
# The user to authenticate against the Swift authentication service
-# (deprecated) (string value)
+# (deprecated - use "user" in swift_store_config_file) (string value)
#swift_store_user = <None>
# Auth key for the user authenticating against the Swift
-# authentication service. (deprecated) (string value)
+# authentication service. (deprecated - use "key" in
+# swift_store_config_file) (string value)
#swift_store_key = <None>
# The config file that has the swift account(s)configs. (string value)
@@ -559,7 +678,7 @@
# that need locking. Defaults to environment variable OSLO_LOCK_PATH.
# If external locks are used, a lock path must be set. (string value)
# Deprecated group/name - [DEFAULT]/lock_path
-#lock_path = <None>
+lock_path = /var/lib/glance/lock
[oslo_policy]
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openstack/glance/files/glance-glare.conf Wed Sep 07 14:48:42 2016 -0700
@@ -0,0 +1,1439 @@
+[DEFAULT]
+
+#
+# From glance.glare
+#
+
+# When true, this option sets the owner of an image to be the tenant.
+# Otherwise, the owner of the image will be the authenticated user
+# issuing the request. (boolean value)
+#owner_is_tenant = true
+
+# Role used to identify an authenticated user as administrator.
+# (string value)
+#admin_role = admin
+
+# Allow unauthenticated users to access the API with read-only
+# privileges. This only applies when using ContextMiddleware. (boolean
+# value)
+#allow_anonymous_access = false
+
+# Limits request ID length. (integer value)
+#max_request_id_length = 64
+
+# Public url to use for versions endpoint. The default is None, which
+# will use the request's host_url attribute to populate the URL base.
+# If Glance is operating behind a proxy, you will want to change this
+# to represent the proxy's URL. (string value)
+#public_endpoint = <None>
+
+# Address to bind the server. Useful when selecting a particular
+# network interface. (string value)
+#bind_host = 0.0.0.0
+
+# The port on which the server will listen. (port value)
+# Minimum value: 0
+# Maximum value: 65535
+#bind_port = <None>
+
+# The number of child process workers that will be created to service
+# requests. The default will be equal to the number of CPUs available.
+# (integer value)
+workers = 1
+
+# Maximum line size of message headers to be accepted. max_header_line
+# may need to be increased when using large tokens (typically those
+# generated by the Keystone v3 API with big service catalogs (integer
+# value)
+#max_header_line = 16384
+
+# If False, server will return the header "Connection: close", If
+# True, server will return "Connection: Keep-Alive" in its responses.
+# In order to close the client socket connection explicitly after the
+# response is sent and read successfully by the client, you simply
+# have to set this option to False when you create a wsgi server.
+# (boolean value)
+#http_keepalive = true
+
+# Timeout for client connections' socket operations. If an incoming
+# connection is idle for this number of seconds it will be closed. A
+# value of '0' means wait forever. (integer value)
+#client_socket_timeout = 900
+
+# The backlog value that will be used when creating the TCP listener
+# socket. (integer value)
+#backlog = 4096
+
+# The value for the socket option TCP_KEEPIDLE. This is the time in
+# seconds that the connection must be idle before TCP starts sending
+# keepalive probes. (integer value)
+#tcp_keepidle = 600
+
+# CA certificate file to use to verify connecting clients. (string
+# value)
+#ca_file = <None>
+
+# Certificate file to use when starting API server securely. (string
+# value)
+#cert_file = <None>
+
+# Private key file to use when starting API server securely. (string
+# value)
+#key_file = <None>
+
+# If False fully disable profiling feature. (boolean value)
+#enabled = false
+
+# If False doesn't trace SQL requests. (boolean value)
+#trace_sqlalchemy = false
+
+# Secret key to use to sign Glance API and Glance Registry services
+# tracing messages. (string value)
+#hmac_keys = SECRET_KEY
+
+# Default publisher_id for outgoing notifications. (string value)
+#default_publisher_id = image.localhost
+
+# List of disabled notifications. A notification can be given either
+# as a notification type to disable a single event, or as a
+# notification group prefix to disable all events within a group.
+# Example: if this config option is set to ["image.create",
+# "metadef_namespace"], then "image.create" notification will not be
+# sent after image is created and none of the notifications for
+# metadefinition namespaces will be sent. (list value)
+#disabled_notifications =
+
+#
+# From oslo.log
+#
+
+# If set to true, the logging level will be set to DEBUG instead of
+# the default INFO level. (boolean value)
+#debug = false
+
+# If set to false, the logging level will be set to WARNING instead of
+# the default INFO level. (boolean value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+#verbose = true
+
+# The name of a logging configuration file. This file is appended to
+# any existing logging configuration files. For details about logging
+# configuration files, see the Python logging module documentation.
+# Note that when logging configuration files are used then all logging
+# configuration is set in the configuration file and other logging
+# configuration options are ignored (for example,
+# logging_context_format_string). (string value)
+# Deprecated group/name - [DEFAULT]/log_config
+#log_config_append = <None>
+
+# Defines the format string for %%(asctime)s in log records. Default:
+# %(default)s . This option is ignored if log_config_append is set.
+# (string value)
+#log_date_format = %Y-%m-%d %H:%M:%S
+
+# (Optional) Name of log file to send logging output to. If no default
+# is set, logging will go to stderr as defined by use_stderr. This
+# option is ignored if log_config_append is set. (string value)
+# Deprecated group/name - [DEFAULT]/logfile
+#log_file = <None>
+
+# (Optional) The base directory used for relative log_file paths.
+# This option is ignored if log_config_append is set. (string value)
+# Deprecated group/name - [DEFAULT]/logdir
+#log_dir = <None>
+
+# Uses logging handler designed to watch file system. When log file is
+# moved or removed this handler will open a new log file with
+# specified path instantaneously. It makes sense only if log_file
+# option is specified and Linux platform is used. This option is
+# ignored if log_config_append is set. (boolean value)
+#watch_log_file = false
+
+# Use syslog for logging. Existing syslog format is DEPRECATED and
+# will be changed later to honor RFC5424. This option is ignored if
+# log_config_append is set. (boolean value)
+#use_syslog = false
+
+# Syslog facility to receive log lines. This option is ignored if
+# log_config_append is set. (string value)
+#syslog_log_facility = LOG_USER
+
+# Log output to standard error. This option is ignored if
+# log_config_append is set. (boolean value)
+#use_stderr = true
+
+# Format string to use for log messages with context. (string value)
+#logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s
+
+# Format string to use for log messages when context is undefined.
+# (string value)
+#logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s
+
+# Additional data to append to log message when logging level for the
+# message is DEBUG. (string value)
+#logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d
+
+# Prefix each line of exception output with this format. (string
+# value)
+#logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s
+
+# Defines the format string for %(user_identity)s that is used in
+# logging_context_format_string. (string value)
+#logging_user_identity_format = %(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s
+
+# List of package logging levels in logger=LEVEL pairs. This option is
+# ignored if log_config_append is set. (list value)
+#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN,keystoneauth=WARN,oslo.cache=INFO,dogpile.core.dogpile=INFO
+
+# Enables or disables publication of error events. (boolean value)
+#publish_errors = false
+
+# The format for an instance that is passed with the log message.
+# (string value)
+#instance_format = "[instance: %(uuid)s] "
+
+# The format for an instance UUID that is passed with the log message.
+# (string value)
+#instance_uuid_format = "[instance: %(uuid)s] "
+
+# Enables or disables fatal status of deprecations. (boolean value)
+#fatal_deprecations = false
+
+#
+# From oslo.messaging
+#
+
+# Size of RPC connection pool. (integer value)
+# Deprecated group/name - [DEFAULT]/rpc_conn_pool_size
+#rpc_conn_pool_size = 30
+
+# ZeroMQ bind address. Should be a wildcard (*), an ethernet
+# interface, or IP. The "host" option should point or resolve to this
+# address. (string value)
+#rpc_zmq_bind_address = *
+
+# MatchMaker driver. (string value)
+# Allowed values: redis, dummy
+#rpc_zmq_matchmaker = redis
+
+# Type of concurrency used. Either "native" or "eventlet" (string
+# value)
+#rpc_zmq_concurrency = eventlet
+
+# Number of ZeroMQ contexts, defaults to 1. (integer value)
+#rpc_zmq_contexts = 1
+
+# Maximum number of ingress messages to locally buffer per topic.
+# Default is unlimited. (integer value)
+#rpc_zmq_topic_backlog = <None>
+
+# Directory for holding IPC sockets. (string value)
+#rpc_zmq_ipc_dir = /var/run/openstack
+
+# Name of this node. Must be a valid hostname, FQDN, or IP address.
+# Must match "host" option, if running Nova. (string value)
+#rpc_zmq_host = localhost
+
+# Seconds to wait before a cast expires (TTL). The default value of -1
+# specifies an infinite linger period. The value of 0 specifies no
+# linger period. Pending messages shall be discarded immediately when
+# the socket is closed. Only supported by impl_zmq. (integer value)
+#rpc_cast_timeout = -1
+
+# The default number of seconds that poll should wait. Poll raises
+# timeout exception when timeout expired. (integer value)
+#rpc_poll_timeout = 1
+
+# Expiration timeout in seconds of a name service record about
+# existing target ( < 0 means no timeout). (integer value)
+#zmq_target_expire = 120
+
+# Use PUB/SUB pattern for fanout methods. PUB/SUB always uses proxy.
+# (boolean value)
+#use_pub_sub = true
+
+# Minimal port number for random ports range. (port value)
+# Minimum value: 0
+# Maximum value: 65535
+#rpc_zmq_min_port = 49152
+
+# Maximal port number for random ports range. (integer value)
+# Minimum value: 1
+# Maximum value: 65536
+#rpc_zmq_max_port = 65536
+
+# Number of retries to find free port number before fail with
+# ZMQBindError. (integer value)
+#rpc_zmq_bind_port_retries = 100
+
+# Size of executor thread pool. (integer value)
+# Deprecated group/name - [DEFAULT]/rpc_thread_pool_size
+#executor_thread_pool_size = 64
+
+# Seconds to wait for a response from a call. (integer value)
+#rpc_response_timeout = 60
+
+# A URL representing the messaging driver to use and its full
+# configuration. If not set, we fall back to the rpc_backend option
+# and driver specific configuration. (string value)
+#transport_url = <None>
+
+# The messaging driver to use, defaults to rabbit. Other drivers
+# include amqp and zmq. (string value)
+#rpc_backend = rabbit
+
+# The default exchange under which topics are scoped. May be
+# overridden by an exchange name specified in the transport_url
+# option. (string value)
+#control_exchange = openstack
+
+
+[cors]
+
+#
+# From oslo.middleware
+#
+
+# Indicate whether this resource may be shared with the domain
+# received in the requests "origin" header. (list value)
+#allowed_origin = <None>
+
+# Indicate that the actual request can include user credentials
+# (boolean value)
+#allow_credentials = true
+
+# Indicate which headers are safe to expose to the API. Defaults to
+# HTTP Simple Headers. (list value)
+#expose_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma
+
+# Maximum cache age of CORS preflight requests. (integer value)
+#max_age = 3600
+
+# Indicate which methods can be used during the actual request. (list
+# value)
+#allow_methods = GET,POST,PUT,DELETE,OPTIONS
+
+# Indicate which header field names may be used during the actual
+# request. (list value)
+#allow_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma
+
+
+[cors.subdomain]
+
+#
+# From oslo.middleware
+#
+
+# Indicate whether this resource may be shared with the domain
+# received in the requests "origin" header. (list value)
+#allowed_origin = <None>
+
+# Indicate that the actual request can include user credentials
+# (boolean value)
+#allow_credentials = true
+
+# Indicate which headers are safe to expose to the API. Defaults to
+# HTTP Simple Headers. (list value)
+#expose_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma
+
+# Maximum cache age of CORS preflight requests. (integer value)
+#max_age = 3600
+
+# Indicate which methods can be used during the actual request. (list
+# value)
+#allow_methods = GET,POST,PUT,DELETE,OPTIONS
+
+# Indicate which header field names may be used during the actual
+# request. (list value)
+#allow_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma
+
+
+[database]
+
+#
+# From oslo.db
+#
+
+# The file name to use with SQLite. (string value)
+# Deprecated group/name - [DEFAULT]/sqlite_db
+#sqlite_db = oslo.sqlite
+
+# If True, SQLite uses synchronous mode. (boolean value)
+# Deprecated group/name - [DEFAULT]/sqlite_synchronous
+#sqlite_synchronous = true
+
+# The back end to use for the database. (string value)
+# Deprecated group/name - [DEFAULT]/db_backend
+#backend = sqlalchemy
+
+# The SQLAlchemy connection string to use to connect to the database.
+# (string value)
+# Deprecated group/name - [DEFAULT]/sql_connection
+# Deprecated group/name - [DATABASE]/sql_connection
+# Deprecated group/name - [sql]/connection
+connection = mysql://%SERVICE_USER%:%SERVICE_PASSWORD%@localhost/glance
+
+# The SQLAlchemy connection string to use to connect to the slave
+# database. (string value)
+#slave_connection = <None>
+
+# The SQL mode to be used for MySQL sessions. This option, including
+# the default, overrides any server-set SQL mode. To use whatever SQL
+# mode is set by the server configuration, set this to no value.
+# Example: mysql_sql_mode= (string value)
+#mysql_sql_mode = TRADITIONAL
+
+# Timeout before idle SQL connections are reaped. (integer value)
+# Deprecated group/name - [DEFAULT]/sql_idle_timeout
+# Deprecated group/name - [DATABASE]/sql_idle_timeout
+# Deprecated group/name - [sql]/idle_timeout
+#idle_timeout = 3600
+
+# Minimum number of SQL connections to keep open in a pool. (integer
+# value)
+# Deprecated group/name - [DEFAULT]/sql_min_pool_size
+# Deprecated group/name - [DATABASE]/sql_min_pool_size
+#min_pool_size = 1
+
+# Maximum number of SQL connections to keep open in a pool. (integer
+# value)
+# Deprecated group/name - [DEFAULT]/sql_max_pool_size
+# Deprecated group/name - [DATABASE]/sql_max_pool_size
+#max_pool_size = <None>
+
+# Maximum number of database connection retries during startup. Set to
+# -1 to specify an infinite retry count. (integer value)
+# Deprecated group/name - [DEFAULT]/sql_max_retries
+# Deprecated group/name - [DATABASE]/sql_max_retries
+#max_retries = 10
+
+# Interval between retries of opening a SQL connection. (integer
+# value)
+# Deprecated group/name - [DEFAULT]/sql_retry_interval
+# Deprecated group/name - [DATABASE]/reconnect_interval
+#retry_interval = 10
+
+# If set, use this value for max_overflow with SQLAlchemy. (integer
+# value)
+# Deprecated group/name - [DEFAULT]/sql_max_overflow
+# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow
+#max_overflow = 50
+
+# Verbosity of SQL debugging information: 0=None, 100=Everything.
+# (integer value)
+# Deprecated group/name - [DEFAULT]/sql_connection_debug
+#connection_debug = 0
+
+# Add Python stack traces to SQL as comment strings. (boolean value)
+# Deprecated group/name - [DEFAULT]/sql_connection_trace
+#connection_trace = false
+
+# If set, use this value for pool_timeout with SQLAlchemy. (integer
+# value)
+# Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout
+#pool_timeout = <None>
+
+# Enable the experimental use of database reconnect on connection
+# lost. (boolean value)
+#use_db_reconnect = false
+
+# Seconds between retries of a database transaction. (integer value)
+#db_retry_interval = 1
+
+# If True, increases the interval between retries of a database
+# operation up to db_max_retry_interval. (boolean value)
+#db_inc_retry_interval = true
+
+# If db_inc_retry_interval is set, the maximum seconds between retries
+# of a database operation. (integer value)
+#db_max_retry_interval = 10
+
+# Maximum retries in case of connection error or deadlock error before
+# error is raised. Set to -1 to specify an infinite retry count.
+# (integer value)
+#db_max_retries = 20
+
+#
+# From oslo.db.concurrency
+#
+
+# Enable the experimental use of thread pooling for all DB API calls
+# (boolean value)
+# Deprecated group/name - [DEFAULT]/dbapi_use_tpool
+#use_tpool = false
+
+
+[glance_store]
+
+#
+# From glance.store
+#
+
+# List of stores enabled. Valid stores are: cinder, file, http, rbd,
+# sheepdog, swift, s3, vsphere (list value)
+#stores = file,http
+
+# Default scheme to use to store image data. The scheme must be
+# registered by one of the stores defined by the 'stores' config
+# option. (string value)
+#default_store = file
+
+# Minimum interval seconds to execute updating dynamic storage
+# capabilities based on backend status then. It's not a periodic
+# routine, the update logic will be executed only when interval
+# seconds elapsed and an operation of store has triggered. The feature
+# will be enabled only when the option value greater then zero.
+# (integer value)
+#store_capabilities_update_min_interval = 0
+
+# Images will be chunked into objects of this size (in megabytes). For
+# best performance, this should be a power of two. (integer value)
+#sheepdog_store_chunk_size = 64
+
+# Port of sheep daemon. (integer value)
+#sheepdog_store_port = 7000
+
+# IP address of sheep daemon. (string value)
+#sheepdog_store_address = localhost
+
+# RADOS images will be chunked into objects of this size (in
+# megabytes). For best performance, this should be a power of two.
+# (integer value)
+#rbd_store_chunk_size = 8
+
+# RADOS pool in which images are stored. (string value)
+#rbd_store_pool = images
+
+# RADOS user to authenticate as (only applicable if using Cephx. If
+# <None>, a default will be chosen based on the client. section in
+# rbd_store_ceph_conf) (string value)
+#rbd_store_user = <None>
+
+# Ceph configuration file path. If <None>, librados will locate the
+# default config. If using cephx authentication, this file should
+# include a reference to the right keyring in a client.<USER> section
+# (string value)
+#rbd_store_ceph_conf = /etc/ceph/ceph.conf
+
+# Timeout value (in seconds) used when connecting to ceph cluster. If
+# value <= 0, no timeout is set and default librados value is used.
+# (integer value)
+#rados_connect_timeout = 0
+
+# Specify the path to the CA bundle file to use in verifying the
+# remote server certificate. (string value)
+#https_ca_certificates_file = <None>
+
+# If true, the remote server certificate is not verified. If false,
+# then the default CA truststore is used for verification. This option
+# is ignored if "https_ca_certificates_file" is set. (boolean value)
+#https_insecure = true
+
+# Specify the http/https proxy information that should be used to
+# connect to the remote server. The proxy information should be a key
+# value pair of the scheme and proxy. e.g. http:10.0.0.1:3128. You can
+# specify proxies for multiple schemes by seperating the key value
+# pairs with a comma.e.g. http:10.0.0.1:3128, https:10.0.0.1:1080.
+# (dict value)
+#http_proxy_information =
+
+# Directory to which the Filesystem backend store writes images.
+# (string value)
+#filesystem_store_datadir = /var/lib/glance/images
+
+# List of directories and its priorities to which the Filesystem
+# backend store writes images. (multi valued)
+#filesystem_store_datadirs =
+
+# The path to a file which contains the metadata to be returned with
+# any location associated with this store. The file must contain a
+# valid JSON object. The object should contain the keys 'id' and
+# 'mountpoint'. The value for both keys should be 'string'. (string
+# value)
+#filesystem_store_metadata_file = <None>
+
+# The required permission for created image file. In this way the user
+# other service used, e.g. Nova, who consumes the image could be the
+# exclusive member of the group that owns the files created. Assigning
+# it less then or equal to zero means don't change the default
+# permission of the file. This value will be decoded as an octal
+# digit. (integer value)
+#filesystem_store_file_perm = 0
+
+# The host where the S3 server is listening. (string value)
+#s3_store_host = <None>
+
+# The S3 query token access key. (string value)
+#s3_store_access_key = <None>
+
+# The S3 query token secret key. (string value)
+#s3_store_secret_key = <None>
+
+# The S3 bucket to be used to store the Glance data. (string value)
+#s3_store_bucket = <None>
+
+# The local directory where uploads will be staged before they are
+# transferred into S3. (string value)
+#s3_store_object_buffer_dir = <None>
+
+# A boolean to determine if the S3 bucket should be created on upload
+# if it does not exist or if an error should be returned to the user.
+# (boolean value)
+#s3_store_create_bucket_on_put = false
+
+# The S3 calling format used to determine the bucket. Either subdomain
+# or path can be used. (string value)
+#s3_store_bucket_url_format = subdomain
+
+# What size, in MB, should S3 start chunking image files and do a
+# multipart upload in S3. (integer value)
+#s3_store_large_object_size = 100
+
+# What multipart upload part size, in MB, should S3 use when uploading
+# parts. The size must be greater than or equal to 5M. (integer value)
+#s3_store_large_object_chunk_size = 10
+
+# The number of thread pools to perform a multipart upload in S3.
+# (integer value)
+#s3_store_thread_pools = 10
+
+# Enable the use of a proxy. (boolean value)
+#s3_store_enable_proxy = false
+
+# Address or hostname for the proxy server. (string value)
+#s3_store_proxy_host = <None>
+
+# The port to use when connecting over a proxy. (integer value)
+#s3_store_proxy_port = 8080
+
+# The username to connect to the proxy. (string value)
+#s3_store_proxy_user = <None>
+
+# The password to use when connecting over a proxy. (string value)
+#s3_store_proxy_password = <None>
+
+# ESX/ESXi or vCenter Server target system. The server value can be an
+# IP address or a DNS name. (string value)
+#vmware_server_host = <None>
+
+# Username for authenticating with VMware ESX/VC server. (string
+# value)
+#vmware_server_username = <None>
+
+# Password for authenticating with VMware ESX/VC server. (string
+# value)
+#vmware_server_password = <None>
+
+# Number of times VMware ESX/VC server API must be retried upon
+# connection related issues. (integer value)
+#vmware_api_retry_count = 10
+
+# The interval used for polling remote tasks invoked on VMware ESX/VC
+# server. (integer value)
+#vmware_task_poll_interval = 5
+
+# The name of the directory where the glance images will be stored in
+# the VMware datastore. (string value)
+#vmware_store_image_dir = /openstack_glance
+
+# If true, the ESX/vCenter server certificate is not verified. If
+# false, then the default CA truststore is used for verification. This
+# option is ignored if "vmware_ca_file" is set. (boolean value)
+# Deprecated group/name - [DEFAULT]/vmware_api_insecure
+#vmware_insecure = false
+
+# Specify a CA bundle file to use in verifying the ESX/vCenter server
+# certificate. (string value)
+#vmware_ca_file = <None>
+
+# A list of datastores where the image can be stored. This option may
+# be specified multiple times for specifying multiple datastores. The
+# datastore name should be specified after its datacenter path,
+# seperated by ":". An optional weight may be given after the
+# datastore name, seperated again by ":". Thus, the required format
+# becomes <datacenter_path>:<datastore_name>:<optional_weight>. When
+# adding an image, the datastore with highest weight will be selected,
+# unless there is not enough free space available in cases where the
+# image size is already known. If no weight is given, it is assumed to
+# be zero and the directory will be considered for selection last. If
+# multiple datastores have the same weight, then the one with the most
+# free space available is selected. (multi valued)
+#vmware_datastores =
+
+# Info to match when looking for cinder in the service catalog. Format
+# is : separated values of the form:
+# <service_type>:<service_name>:<endpoint_type> (string value)
+#cinder_catalog_info = volumev2::publicURL
+
+# Override service catalog lookup with template for cinder endpoint
+# e.g. http://localhost:8776/v2/%(tenant)s (string value)
+#cinder_endpoint_template = <None>
+
+# Region name of this node. If specified, it will be used to locate
+# OpenStack services for stores. (string value)
+# Deprecated group/name - [DEFAULT]/os_region_name
+#cinder_os_region_name = <None>
+
+# Location of ca certicates file to use for cinder client requests.
+# (string value)
+#cinder_ca_certificates_file = <None>
+
+# Number of cinderclient retries on failed http calls (integer value)
+#cinder_http_retries = 3
+
+# Time period of time in seconds to wait for a cinder volume
+# transition to complete. (integer value)
+#cinder_state_transition_timeout = 300
+
+# Allow to perform insecure SSL requests to cinder (boolean value)
+#cinder_api_insecure = false
+
+# The address where the Cinder authentication service is listening. If
+# <None>, the cinder endpoint in the service catalog is used. (string
+# value)
+#cinder_store_auth_address = <None>
+
+# User name to authenticate against Cinder. If <None>, the user of
+# current context is used. (string value)
+#cinder_store_user_name = <None>
+
+# Password for the user authenticating against Cinder. If <None>, the
+# current context auth token is used. (string value)
+#cinder_store_password = <None>
+
+# Project name where the image is stored in Cinder. If <None>, the
+# project in current context is used. (string value)
+#cinder_store_project_name = <None>
+
+# Path to the rootwrap configuration file to use for running commands
+# as root. (string value)
+#rootwrap_config = /etc/glance/rootwrap.conf
+
+# If True, swiftclient won't check for a valid SSL certificate when
+# authenticating. (boolean value)
+#swift_store_auth_insecure = false
+
+# A string giving the CA certificate file to use in SSL connections
+# for verifying certs. (string value)
+#swift_store_cacert = <None>
+
+# The region of the swift endpoint to be used for single tenant. This
+# setting is only necessary if the tenant has multiple swift
+# endpoints. (string value)
+#swift_store_region = <None>
+
+# If set, the configured endpoint will be used. If None, the storage
+# url from the auth response will be used. (string value)
+#swift_store_endpoint = <None>
+
+# A string giving the endpoint type of the swift service to use
+# (publicURL, adminURL or internalURL). This setting is only used if
+# swift_store_auth_version is 2. (string value)
+#swift_store_endpoint_type = publicURL
+
+# A string giving the service type of the swift service to use. This
+# setting is only used if swift_store_auth_version is 2. (string
+# value)
+#swift_store_service_type = object-store
+
+# Container within the account that the account should use for storing
+# images in Swift when using single container mode. In multiple
+# container mode, this will be the prefix for all containers. (string
+# value)
+#swift_store_container = glance
+
+# The size, in MB, that Glance will start chunking image files and do
+# a large object manifest in Swift. (integer value)
+#swift_store_large_object_size = 5120
+
+# The amount of data written to a temporary disk buffer during the
+# process of chunking the image file. (integer value)
+#swift_store_large_object_chunk_size = 200
+
+# A boolean value that determines if we create the container if it
+# does not exist. (boolean value)
+#swift_store_create_container_on_put = false
+
+# If set to True, enables multi-tenant storage mode which causes
+# Glance images to be stored in tenant specific Swift accounts.
+# (boolean value)
+#swift_store_multi_tenant = false
+
+# When set to 0, a single-tenant store will only use one container to
+# store all images. When set to an integer value between 1 and 32, a
+# single-tenant store will use multiple containers to store images,
+# and this value will determine how many containers are created. Used
+# only when swift_store_multi_tenant is disabled. The total number of
+# containers that will be used is equal to 16^N, so if this config
+# option is set to 2, then 16^2=256 containers will be used to store
+# images. (integer value)
+#swift_store_multiple_containers_seed = 0
+
+# A list of tenants that will be granted read/write access on all
+# Swift containers created by Glance in multi-tenant mode. (list
+# value)
+#swift_store_admin_tenants =
+
+# If set to False, disables SSL layer compression of https swift
+# requests. Setting to False may improve performance for images which
+# are already in a compressed format, eg qcow2. (boolean value)
+#swift_store_ssl_compression = true
+
+# The number of times a Swift download will be retried before the
+# request fails. (integer value)
+#swift_store_retry_get_count = 0
+
+# The period of time (in seconds) before token expirationwhen
+# glance_store will try to reques new user token. Default value 60 sec
+# means that if token is going to expire in 1 min then glance_store
+# request new user token. (integer value)
+#swift_store_expire_soon_interval = 60
+
+# If set to True create a trust for each add/get request to Multi-
+# tenant store in order to prevent authentication token to be expired
+# during uploading/downloading data. If set to False then user token
+# is used for Swift connection (so no overhead on trust creation).
+# Please note that this option is considered only and only if
+# swift_store_multi_tenant=True (boolean value)
+#swift_store_use_trusts = true
+
+# The reference to the default swift account/backing store parameters
+# to use for adding new images. (string value)
+#default_swift_reference = ref1
+
+# Version of the authentication service to use. Valid versions are 2
+# and 3 for keystone and 1 (deprecated) for swauth and rackspace.
+# (deprecated - use "auth_version" in swift_store_config_file) (string
+# value)
+#swift_store_auth_version = 2
+
+# The address where the Swift authentication service is listening.
+# (deprecated - use "auth_address" in swift_store_config_file) (string
+# value)
+#swift_store_auth_address = <None>
+
+# The user to authenticate against the Swift authentication service
+# (deprecated - use "user" in swift_store_config_file) (string value)
+#swift_store_user = <None>
+
+# Auth key for the user authenticating against the Swift
+# authentication service. (deprecated - use "key" in
+# swift_store_config_file) (string value)
+#swift_store_key = <None>
+
+# The config file that has the swift account(s)configs. (string value)
+#swift_store_config_file = <None>
+
+
+[keystone_authtoken]
+
+#
+# From keystonemiddleware.auth_token
+#
+
+# Complete public Identity API endpoint. (string value)
+auth_uri = http://127.0.0.1:5000/v2.0/
+
+# API version of the admin Identity API endpoint. (string value)
+#auth_version = <None>
+
+# Do not handle authorization requests within the middleware, but
+# delegate the authorization decision to downstream WSGI components.
+# (boolean value)
+#delay_auth_decision = false
+
+# Request timeout value for communicating with Identity API server.
+# (integer value)
+#http_connect_timeout = <None>
+
+# How many times are we trying to reconnect when communicating with
+# Identity API Server. (integer value)
+#http_request_max_retries = 3
+
+# Env key for the swift cache. (string value)
+#cache = <None>
+
+# Required if identity server requires client certificate (string
+# value)
+#certfile = <None>
+
+# Required if identity server requires client certificate (string
+# value)
+#keyfile = <None>
+
+# A PEM encoded Certificate Authority to use when verifying HTTPs
+# connections. Defaults to system CAs. (string value)
+#cafile = <None>
+
+# Verify HTTPS connections. (boolean value)
+#insecure = false
+
+# The region in which the identity server can be found. (string value)
+#region_name = <None>
+
+# Directory used to cache files related to PKI tokens. (string value)
+signing_dir = /var/lib/glance/keystone-signing
+
+# Optionally specify a list of memcached server(s) to use for caching.
+# If left undefined, tokens will instead be cached in-process. (list
+# value)
+# Deprecated group/name - [DEFAULT]/memcache_servers
+#memcached_servers = <None>
+
+# In order to prevent excessive effort spent validating tokens, the
+# middleware caches previously-seen tokens for a configurable duration
+# (in seconds). Set to -1 to disable caching completely. (integer
+# value)
+#token_cache_time = 300
+
+# Determines the frequency at which the list of revoked tokens is
+# retrieved from the Identity service (in seconds). A high number of
+# revocation events combined with a low cache duration may
+# significantly reduce performance. (integer value)
+#revocation_cache_time = 10
+
+# (Optional) If defined, indicate whether token data should be
+# authenticated or authenticated and encrypted. If MAC, token data is
+# authenticated (with HMAC) in the cache. If ENCRYPT, token data is
+# encrypted and authenticated in the cache. If the value is not one of
+# these options or empty, auth_token will raise an exception on
+# initialization. (string value)
+# Allowed values: None, MAC, ENCRYPT
+#memcache_security_strategy = None
+
+# (Optional, mandatory if memcache_security_strategy is defined) This
+# string is used for key derivation. (string value)
+#memcache_secret_key = <None>
+
+# (Optional) Number of seconds memcached server is considered dead
+# before it is tried again. (integer value)
+#memcache_pool_dead_retry = 300
+
+# (Optional) Maximum total number of open connections to every
+# memcached server. (integer value)
+#memcache_pool_maxsize = 10
+
+# (Optional) Socket timeout in seconds for communicating with a
+# memcached server. (integer value)
+#memcache_pool_socket_timeout = 3
+
+# (Optional) Number of seconds a connection to memcached is held
+# unused in the pool before it is closed. (integer value)
+#memcache_pool_unused_timeout = 60
+
+# (Optional) Number of seconds that an operation will wait to get a
+# memcached client connection from the pool. (integer value)
+#memcache_pool_conn_get_timeout = 10
+
+# (Optional) Use the advanced (eventlet safe) memcached client pool.
+# The advanced pool will only work under python 2.x. (boolean value)
+#memcache_use_advanced_pool = false
+
+# (Optional) Indicate whether to set the X-Service-Catalog header. If
+# False, middleware will not ask for service catalog on token
+# validation and will not set the X-Service-Catalog header. (boolean
+# value)
+#include_service_catalog = true
+
+# Used to control the use and type of token binding. Can be set to:
+# "disabled" to not check token binding. "permissive" (default) to
+# validate binding information if the bind type is of a form known to
+# the server and ignore it if not. "strict" like "permissive" but if
+# the bind type is unknown the token will be rejected. "required" any
+# form of token binding is needed to be allowed. Finally the name of a
+# binding method that must be present in tokens. (string value)
+#enforce_token_bind = permissive
+
+# If true, the revocation list will be checked for cached tokens. This
+# requires that PKI tokens are configured on the identity server.
+# (boolean value)
+#check_revocations_for_cached = false
+
+# Hash algorithms to use for hashing PKI tokens. This may be a single
+# algorithm or multiple. The algorithms are those supported by Python
+# standard hashlib.new(). The hashes will be tried in the order given,
+# so put the preferred one first for performance. The result of the
+# first hash will be stored in the cache. This will typically be set
+# to multiple values only while migrating from a less secure algorithm
+# to a more secure one. Once all the old tokens are expired this
+# option should be set to a single value for better performance. (list
+# value)
+#hash_algorithms = md5
+
+# Authentication type to load (unknown value)
+# Deprecated group/name - [DEFAULT]/auth_plugin
+#auth_type = <None>
+
+# Config Section from which to load plugin specific options (unknown
+# value)
+#auth_section = <None>
+
+# Complete admin Identity API endpoint. This should specify the unversioned
+# root endpoint e.g. https://localhost:35357/ (string value)
+identity_uri = http://127.0.0.1:35357/
+
+# Service username. (string value)
+admin_user = %SERVICE_USER%
+
+# Service user password. (string value)
+admin_password = %SERVICE_PASSWORD%
+
+# Service tenant name. (string value)
+admin_tenant_name = %SERVICE_TENANT_NAME%
+
+
+[matchmaker_redis]
+
+#
+# From oslo.messaging
+#
+
+# Host to locate redis. (string value)
+#host = 127.0.0.1
+
+# Use this port to connect to redis host. (port value)
+# Minimum value: 0
+# Maximum value: 65535
+#port = 6379
+
+# Password for Redis server (optional). (string value)
+#password =
+
+# List of Redis Sentinel hosts (fault tolerance mode) e.g.
+# [host:port, host1:port ... ] (list value)
+#sentinel_hosts =
+
+# Redis replica set name. (string value)
+#sentinel_group_name = oslo-messaging-zeromq
+
+# Time in ms to wait between connection attempts. (integer value)
+#wait_timeout = 500
+
+# Time in ms to wait before the transaction is killed. (integer value)
+#check_timeout = 20000
+
+# Timeout in ms on blocking socket operations (integer value)
+#socket_timeout = 1000
+
+
+[oslo_concurrency]
+
+#
+# From oslo.concurrency
+#
+
+# Enables or disables inter-process locks. (boolean value)
+# Deprecated group/name - [DEFAULT]/disable_process_locking
+#disable_process_locking = false
+
+# Directory to use for lock files. For security, the specified
+# directory should only be writable by the user running the processes
+# that need locking. Defaults to environment variable OSLO_LOCK_PATH.
+# If external locks are used, a lock path must be set. (string value)
+# Deprecated group/name - [DEFAULT]/lock_path
+lock_path = /var/lib/glance/lock
+
+
+[oslo_messaging_amqp]
+
+#
+# From oslo.messaging
+#
+
+# address prefix used when sending to a specific server (string value)
+# Deprecated group/name - [amqp1]/server_request_prefix
+#server_request_prefix = exclusive
+
+# address prefix used when broadcasting to all servers (string value)
+# Deprecated group/name - [amqp1]/broadcast_prefix
+#broadcast_prefix = broadcast
+
+# address prefix when sending to any server in group (string value)
+# Deprecated group/name - [amqp1]/group_request_prefix
+#group_request_prefix = unicast
+
+# Name for the AMQP container (string value)
+# Deprecated group/name - [amqp1]/container_name
+#container_name = <None>
+
+# Timeout for inactive connections (in seconds) (integer value)
+# Deprecated group/name - [amqp1]/idle_timeout
+#idle_timeout = 0
+
+# Debug: dump AMQP frames to stdout (boolean value)
+# Deprecated group/name - [amqp1]/trace
+#trace = false
+
+# CA certificate PEM file to verify server certificate (string value)
+# Deprecated group/name - [amqp1]/ssl_ca_file
+#ssl_ca_file =
+
+# Identifying certificate PEM file to present to clients (string
+# value)
+# Deprecated group/name - [amqp1]/ssl_cert_file
+#ssl_cert_file =
+
+# Private key PEM file used to sign cert_file certificate (string
+# value)
+# Deprecated group/name - [amqp1]/ssl_key_file
+#ssl_key_file =
+
+# Password for decrypting ssl_key_file (if encrypted) (string value)
+# Deprecated group/name - [amqp1]/ssl_key_password
+#ssl_key_password = <None>
+
+# Accept clients using either SSL or plain TCP (boolean value)
+# Deprecated group/name - [amqp1]/allow_insecure_clients
+#allow_insecure_clients = false
+
+# Space separated list of acceptable SASL mechanisms (string value)
+# Deprecated group/name - [amqp1]/sasl_mechanisms
+#sasl_mechanisms =
+
+# Path to directory that contains the SASL configuration (string
+# value)
+# Deprecated group/name - [amqp1]/sasl_config_dir
+#sasl_config_dir =
+
+# Name of configuration file (without .conf suffix) (string value)
+# Deprecated group/name - [amqp1]/sasl_config_name
+#sasl_config_name =
+
+# User name for message broker authentication (string value)
+# Deprecated group/name - [amqp1]/username
+#username =
+
+# Password for message broker authentication (string value)
+# Deprecated group/name - [amqp1]/password
+#password =
+
+
+[oslo_messaging_notifications]
+
+#
+# From oslo.messaging
+#
+
+# The Drivers(s) to handle sending notifications. Possible values are
+# messaging, messagingv2, routing, log, test, noop (multi valued)
+# Deprecated group/name - [DEFAULT]/notification_driver
+#driver =
+
+# A URL representing the messaging driver to use for notifications. If
+# not set, we fall back to the same configuration used for RPC.
+# (string value)
+# Deprecated group/name - [DEFAULT]/notification_transport_url
+#transport_url = <None>
+
+# AMQP topic used for OpenStack notifications. (list value)
+# Deprecated group/name - [rpc_notifier2]/topics
+# Deprecated group/name - [DEFAULT]/notification_topics
+#topics = notifications
+
+
+[oslo_messaging_rabbit]
+
+#
+# From oslo.messaging
+#
+
+# Use durable queues in AMQP. (boolean value)
+# Deprecated group/name - [DEFAULT]/amqp_durable_queues
+# Deprecated group/name - [DEFAULT]/rabbit_durable_queues
+#amqp_durable_queues = false
+
+# Auto-delete queues in AMQP. (boolean value)
+# Deprecated group/name - [DEFAULT]/amqp_auto_delete
+#amqp_auto_delete = false
+
+# SSL version to use (valid only if SSL enabled). Valid values are
+# TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be
+# available on some distributions. (string value)
+# Deprecated group/name - [DEFAULT]/kombu_ssl_version
+#kombu_ssl_version =
+
+# SSL key file (valid only if SSL enabled). (string value)
+# Deprecated group/name - [DEFAULT]/kombu_ssl_keyfile
+#kombu_ssl_keyfile =
+
+# SSL cert file (valid only if SSL enabled). (string value)
+# Deprecated group/name - [DEFAULT]/kombu_ssl_certfile
+#kombu_ssl_certfile =
+
+# SSL certification authority file (valid only if SSL enabled).
+# (string value)
+# Deprecated group/name - [DEFAULT]/kombu_ssl_ca_certs
+#kombu_ssl_ca_certs =
+
+# How long to wait before reconnecting in response to an AMQP consumer
+# cancel notification. (floating point value)
+# Deprecated group/name - [DEFAULT]/kombu_reconnect_delay
+#kombu_reconnect_delay = 1.0
+
+# EXPERIMENTAL: Possible values are: gzip, bz2. If not set compression
+# will not be used. This option may notbe available in future
+# versions. (string value)
+#kombu_compression = <None>
+
+# How long to wait a missing client beforce abandoning to send it its
+# replies. This value should not be longer than rpc_response_timeout.
+# (integer value)
+# Deprecated group/name - [DEFAULT]/kombu_reconnect_timeout
+#kombu_missing_consumer_retry_timeout = 60
+
+# Determines how the next RabbitMQ node is chosen in case the one we
+# are currently connected to becomes unavailable. Takes effect only if
+# more than one RabbitMQ node is provided in config. (string value)
+# Allowed values: round-robin, shuffle
+#kombu_failover_strategy = round-robin
+
+# The RabbitMQ broker address where a single node is used. (string
+# value)
+# Deprecated group/name - [DEFAULT]/rabbit_host
+#rabbit_host = localhost
+
+# The RabbitMQ broker port where a single node is used. (port value)
+# Minimum value: 0
+# Maximum value: 65535
+# Deprecated group/name - [DEFAULT]/rabbit_port
+#rabbit_port = 5672
+
+# RabbitMQ HA cluster host:port pairs. (list value)
+# Deprecated group/name - [DEFAULT]/rabbit_hosts
+#rabbit_hosts = $rabbit_host:$rabbit_port
+
+# Connect over SSL for RabbitMQ. (boolean value)
+# Deprecated group/name - [DEFAULT]/rabbit_use_ssl
+#rabbit_use_ssl = false
+
+# The RabbitMQ userid. (string value)
+# Deprecated group/name - [DEFAULT]/rabbit_userid
+#rabbit_userid = guest
+
+# The RabbitMQ password. (string value)
+# Deprecated group/name - [DEFAULT]/rabbit_password
+#rabbit_password = guest
+
+# The RabbitMQ login method. (string value)
+# Deprecated group/name - [DEFAULT]/rabbit_login_method
+#rabbit_login_method = AMQPLAIN
+
+# The RabbitMQ virtual host. (string value)
+# Deprecated group/name - [DEFAULT]/rabbit_virtual_host
+#rabbit_virtual_host = /
+
+# How frequently to retry connecting with RabbitMQ. (integer value)
+#rabbit_retry_interval = 1
+
+# How long to backoff for between retries when connecting to RabbitMQ.
+# (integer value)
+# Deprecated group/name - [DEFAULT]/rabbit_retry_backoff
+#rabbit_retry_backoff = 2
+
+# Maximum interval of RabbitMQ connection retries. Default is 30
+# seconds. (integer value)
+#rabbit_interval_max = 30
+
+# Maximum number of RabbitMQ connection retries. Default is 0
+# (infinite retry count). (integer value)
+# Deprecated group/name - [DEFAULT]/rabbit_max_retries
+#rabbit_max_retries = 0
+
+# Try to use HA queues in RabbitMQ (x-ha-policy: all). If you change
+# this option, you must wipe the RabbitMQ database. In RabbitMQ 3.0,
+# queue mirroring is no longer controlled by the x-ha-policy argument
+# when declaring a queue. If you just want to make sure that all
+# queues (except those with auto-generated names) are mirrored across
+# all nodes, run: "rabbitmqctl set_policy HA '^(?!amq\.).*' '{"ha-
+# mode": "all"}' " (boolean value)
+# Deprecated group/name - [DEFAULT]/rabbit_ha_queues
+#rabbit_ha_queues = false
+
+# Positive integer representing duration in seconds for queue TTL
+# (x-expires). Queues which are unused for the duration of the TTL are
+# automatically deleted. The parameter affects only reply and fanout
+# queues. (integer value)
+# Minimum value: 1
+#rabbit_transient_queues_ttl = 1800
+
+# Specifies the number of messages to prefetch. Setting to zero allows
+# unlimited messages. (integer value)
+#rabbit_qos_prefetch_count = 0
+
+# Number of seconds after which the Rabbit broker is considered down
+# if heartbeat's keep-alive fails (0 disable the heartbeat).
+# EXPERIMENTAL (integer value)
+#heartbeat_timeout_threshold = 60
+
+# How often times during the heartbeat_timeout_threshold we check the
+# heartbeat. (integer value)
+#heartbeat_rate = 2
+
+# Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake
+# (boolean value)
+# Deprecated group/name - [DEFAULT]/fake_rabbit
+#fake_rabbit = false
+
+# Maximum number of channels to allow (integer value)
+#channel_max = <None>
+
+# The maximum byte size for an AMQP frame (integer value)
+#frame_max = <None>
+
+# How often to send heartbeats for consumer's connections (integer
+# value)
+#heartbeat_interval = 1
+
+# Enable SSL (boolean value)
+#ssl = <None>
+
+# Arguments passed to ssl.wrap_socket (dict value)
+#ssl_options = <None>
+
+# Set socket timeout in seconds for connection's socket (floating
+# point value)
+#socket_timeout = 0.25
+
+# Set TCP_USER_TIMEOUT in seconds for connection's socket (floating
+# point value)
+#tcp_user_timeout = 0.25
+
+# Set delay for reconnection to some host which has connection error
+# (floating point value)
+#host_connection_reconnect_delay = 0.25
+
+# Maximum number of connections to keep queued. (integer value)
+#pool_max_size = 10
+
+# Maximum number of connections to create above `pool_max_size`.
+# (integer value)
+#pool_max_overflow = 0
+
+# Default number of seconds to wait for a connections to available
+# (integer value)
+#pool_timeout = 30
+
+# Lifetime of a connection (since creation) in seconds or None for no
+# recycling. Expired connections are closed on acquire. (integer
+# value)
+#pool_recycle = 600
+
+# Threshold at which inactive (since release) connections are
+# considered stale in seconds or None for no staleness. Stale
+# connections are closed on acquire. (integer value)
+#pool_stale = 60
+
+# Persist notification messages. (boolean value)
+#notification_persistence = false
+
+# Exchange name for for sending notifications (string value)
+#default_notification_exchange = ${control_exchange}_notification
+
+# Max number of not acknowledged message which RabbitMQ can send to
+# notification listener. (integer value)
+#notification_listener_prefetch_count = 100
+
+# Reconnecting retry count in case of connectivity problem during
+# sending notification, -1 means infinite retry. (integer value)
+#default_notification_retry_attempts = -1
+
+# Reconnecting retry delay in case of connectivity problem during
+# sending notification message (floating point value)
+#notification_retry_delay = 0.25
+
+# Time to live for rpc queues without consumers in seconds. (integer
+# value)
+#rpc_queue_expiration = 60
+
+# Exchange name for sending RPC messages (string value)
+#default_rpc_exchange = ${control_exchange}_rpc
+
+# Exchange name for receiving RPC replies (string value)
+#rpc_reply_exchange = ${control_exchange}_rpc_reply
+
+# Max number of not acknowledged message which RabbitMQ can send to
+# rpc listener. (integer value)
+#rpc_listener_prefetch_count = 100
+
+# Max number of not acknowledged message which RabbitMQ can send to
+# rpc reply listener. (integer value)
+#rpc_reply_listener_prefetch_count = 100
+
+# Reconnecting retry count in case of connectivity problem during
+# sending reply. -1 means infinite retry during rpc_timeout (integer
+# value)
+#rpc_reply_retry_attempts = -1
+
+# Reconnecting retry delay in case of connectivity problem during
+# sending reply. (floating point value)
+#rpc_reply_retry_delay = 0.25
+
+# Reconnecting retry count in case of connectivity problem during
+# sending RPC message, -1 means infinite retry. If actual retry
+# attempts in not 0 the rpc request could be processed more then one
+# time (integer value)
+#default_rpc_retry_attempts = -1
+
+# Reconnecting retry delay in case of connectivity problem during
+# sending RPC message (floating point value)
+#rpc_retry_delay = 0.25
+
+
+[oslo_middleware]
+
+#
+# From oslo.middleware
+#
+
+# The maximum body size for each request, in bytes. (integer value)
+# Deprecated group/name - [DEFAULT]/osapi_max_request_body_size
+# Deprecated group/name - [DEFAULT]/max_request_body_size
+#max_request_body_size = 114688
+
+# The HTTP Header that will be used to determine what the original
+# request protocol scheme was, even if it was hidden by an SSL
+# termination proxy. (string value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+#secure_proxy_ssl_header = X-Forwarded-Proto
+
+
+[oslo_policy]
+
+#
+# From oslo.policy
+#
+
+# The JSON file that defines policies. (string value)
+# Deprecated group/name - [DEFAULT]/policy_file
+#policy_file = policy.json
+
+# Default rule. Enforced when a requested rule is not found. (string
+# value)
+# Deprecated group/name - [DEFAULT]/policy_default_rule
+#policy_default_rule = default
+
+# Directories where policy configuration files are stored. They can be
+# relative to any directory in the search path defined by the
+# config_dir option, or absolute paths. The file defined by
+# policy_file must exist for these directories to be searched.
+# Missing or empty directories are ignored. (multi valued)
+# Deprecated group/name - [DEFAULT]/policy_dirs
+#policy_dirs = policy.d
+
+
+[paste_deploy]
+
+#
+# From glance.glare
+#
+
+# Partial name of a pipeline in your paste configuration file with the
+# service name removed. For example, if your paste section name is
+# [pipeline:glance-api-keystone] use the value "keystone" (string
+# value)
+flavor = keystone
+
+# Name of the paste configuration file. (string value)
+#config_file = <None>
--- a/components/openstack/glance/files/glance-manage.conf Wed Sep 07 14:48:41 2016 -0700
+++ b/components/openstack/glance/files/glance-manage.conf Wed Sep 07 14:48:42 2016 -0700
@@ -11,80 +11,88 @@
# From oslo.log
#
-# Print debugging output (set logging level to DEBUG instead of
-# default WARNING level). (boolean value)
+# If set to true, the logging level will be set to DEBUG instead of
+# the default INFO level. (boolean value)
#debug = false
-# Print more verbose output (set logging level to INFO instead of
-# default WARNING level). (boolean value)
-#verbose = false
+# If set to false, the logging level will be set to WARNING instead of
+# the default INFO level. (boolean value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+#verbose = true
# The name of a logging configuration file. This file is appended to
# any existing logging configuration files. For details about logging
# configuration files, see the Python logging module documentation.
-# (string value)
+# Note that when logging configuration files are used then all logging
+# configuration is set in the configuration file and other logging
+# configuration options are ignored (for example,
+# logging_context_format_string). (string value)
# Deprecated group/name - [DEFAULT]/log_config
#log_config_append = <None>
-# DEPRECATED. A logging.Formatter log message format string which may
-# use any of the available logging.LogRecord attributes. This option
-# is deprecated. Please use logging_context_format_string and
-# logging_default_format_string instead. (string value)
-#log_format = <None>
-
-# Format string for %%(asctime)s in log records. Default: %(default)s
-# . (string value)
+# Defines the format string for %%(asctime)s in log records. Default:
+# %(default)s . This option is ignored if log_config_append is set.
+# (string value)
#log_date_format = %Y-%m-%d %H:%M:%S
-# (Optional) Name of log file to output to. If no default is set,
-# logging will go to stdout. (string value)
+# (Optional) Name of log file to send logging output to. If no default
+# is set, logging will go to stderr as defined by use_stderr. This
+# option is ignored if log_config_append is set. (string value)
# Deprecated group/name - [DEFAULT]/logfile
#log_file = <None>
-# (Optional) The base directory used for relative --log-file paths.
-# (string value)
+# (Optional) The base directory used for relative log_file paths.
+# This option is ignored if log_config_append is set. (string value)
# Deprecated group/name - [DEFAULT]/logdir
#log_dir = <None>
-# Use syslog for logging. Existing syslog format is DEPRECATED during
-# I, and will change in J to honor RFC5424. (boolean value)
+# Uses logging handler designed to watch file system. When log file is
+# moved or removed this handler will open a new log file with
+# specified path instantaneously. It makes sense only if log_file
+# option is specified and Linux platform is used. This option is
+# ignored if log_config_append is set. (boolean value)
+#watch_log_file = false
+
+# Use syslog for logging. Existing syslog format is DEPRECATED and
+# will be changed later to honor RFC5424. This option is ignored if
+# log_config_append is set. (boolean value)
#use_syslog = false
-# (Optional) Enables or disables syslog rfc5424 format for logging. If
-# enabled, prefixes the MSG part of the syslog message with APP-NAME
-# (RFC5424). The format without the APP-NAME is deprecated in I, and
-# will be removed in J. (boolean value)
-#use_syslog_rfc_format = false
-
-# Syslog facility to receive log lines. (string value)
+# Syslog facility to receive log lines. This option is ignored if
+# log_config_append is set. (string value)
#syslog_log_facility = LOG_USER
-# Log output to standard error. (boolean value)
+# Log output to standard error. This option is ignored if
+# log_config_append is set. (boolean value)
#use_stderr = true
# Format string to use for log messages with context. (string value)
#logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s
-# Format string to use for log messages without context. (string
-# value)
+# Format string to use for log messages when context is undefined.
+# (string value)
#logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s
-# Data to append to log format when level is DEBUG. (string value)
+# Additional data to append to log message when logging level for the
+# message is DEBUG. (string value)
#logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d
# Prefix each line of exception output with this format. (string
# value)
-#logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s
+#logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s
-# List of logger=LEVEL pairs. (list value)
-#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN
+# Defines the format string for %(user_identity)s that is used in
+# logging_context_format_string. (string value)
+#logging_user_identity_format = %(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s
+
+# List of package logging levels in logger=LEVEL pairs. This option is
+# ignored if log_config_append is set. (list value)
+#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN,keystoneauth=WARN,oslo.cache=INFO,dogpile.core.dogpile=INFO
# Enables or disables publication of error events. (boolean value)
#publish_errors = false
-# Enables or disables fatal status of deprecations. (boolean value)
-#fatal_deprecations = false
-
# The format for an instance that is passed with the log message.
# (string value)
#instance_format = "[instance: %(uuid)s] "
@@ -93,6 +101,9 @@
# (string value)
#instance_uuid_format = "[instance: %(uuid)s] "
+# Enables or disables fatal status of deprecations. (boolean value)
+#fatal_deprecations = false
+
[database]
@@ -163,7 +174,7 @@
# value)
# Deprecated group/name - [DEFAULT]/sql_max_overflow
# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow
-#max_overflow = <None>
+#max_overflow = 50
# Verbosity of SQL debugging information: 0=None, 100=Everything.
# (integer value)
@@ -199,344 +210,11 @@
# (integer value)
#db_max_retries = 20
-
-[glance_store]
-
#
-# From glance.store
-#
-
-# List of stores enabled (list value)
-#stores = file,http
-
-# Default scheme to use to store image data. The scheme must be
-# registered by one of the stores defined by the 'stores' config
-# option. (string value)
-#default_store = file
-
-# Minimum interval seconds to execute updating dynamic storage
-# capabilities based on backend status then. It's not a periodic
-# routine, the update logic will be executed only when interval
-# seconds elapsed and an operation of store has triggered. The feature
-# will be enabled only when the option value greater then zero.
-# (integer value)
-#store_capabilities_update_min_interval = 0
-
-#
-# From glance.store
+# From oslo.db.concurrency
#
-# Images will be chunked into objects of this size (in megabytes). For
-# best performance, this should be a power of two. (integer value)
-#sheepdog_store_chunk_size = 64
-
-# Port of sheep daemon. (integer value)
-#sheepdog_store_port = 7000
-
-# IP address of sheep daemon. (string value)
-#sheepdog_store_address = localhost
-
-# RADOS images will be chunked into objects of this size (in
-# megabytes). For best performance, this should be a power of two.
-# (integer value)
-#rbd_store_chunk_size = 8
-
-# RADOS pool in which images are stored. (string value)
-#rbd_store_pool = images
-
-# RADOS user to authenticate as (only applicable if using Cephx. If
-# <None>, a default will be chosen based on the client. section in
-# rbd_store_ceph_conf) (string value)
-#rbd_store_user = <None>
-
-# Ceph configuration file path. If <None>, librados will locate the
-# default config. If using cephx authentication, this file should
-# include a reference to the right keyring in a client.<USER> section
-# (string value)
-#rbd_store_ceph_conf = /etc/ceph/ceph.conf
-
-# Directory to which the Filesystem backend store writes images.
-# (string value)
-filesystem_store_datadir = /var/lib/glance/images/
-
-# List of directories and its priorities to which the Filesystem
-# backend store writes images. (multi valued)
-#filesystem_store_datadirs =
-
-# The path to a file which contains the metadata to be returned with
-# any location associated with this store. The file must contain a
-# valid JSON object. The object should contain the keys 'id' and
-# 'mountpoint'. The value for both keys should be 'string'. (string
-# value)
-#filesystem_store_metadata_file = <None>
-
-# The required permission for created image file. In this way the user
-# other service used, e.g. Nova, who consumes the image could be the
-# exclusive member of the group that owns the files created. Assigning
-# it less then or equal to zero means don't change the default
-# permission of the file. This value will be decoded as an octal
-# digit. (integer value)
-#filesystem_store_file_perm = 0
-
-# Hostname or IP address of the instance to connect to, or a mongodb
-# URI, or a list of hostnames / mongodb URIs. If host is an IPv6
-# literal it must be enclosed in '[' and ']' characters following the
-# RFC2732 URL syntax (e.g. '[::1]' for localhost) (string value)
-#mongodb_store_uri = <None>
-
-# Database to use (string value)
-#mongodb_store_db = <None>
-
-# The host where the S3 server is listening. (string value)
-#s3_store_host = <None>
-
-# The S3 query token access key. (string value)
-#s3_store_access_key = <None>
-
-# The S3 query token secret key. (string value)
-#s3_store_secret_key = <None>
-
-# The S3 bucket to be used to store the Glance data. (string value)
-#s3_store_bucket = <None>
-
-# The local directory where uploads will be staged before they are
-# transferred into S3. (string value)
-#s3_store_object_buffer_dir = <None>
-
-# A boolean to determine if the S3 bucket should be created on upload
-# if it does not exist or if an error should be returned to the user.
+# Enable the experimental use of thread pooling for all DB API calls
# (boolean value)
-#s3_store_create_bucket_on_put = false
-
-# The S3 calling format used to determine the bucket. Either subdomain
-# or path can be used. (string value)
-#s3_store_bucket_url_format = subdomain
-
-# What size, in MB, should S3 start chunking image files and do a
-# multipart upload in S3. (integer value)
-#s3_store_large_object_size = 100
-
-# What multipart upload part size, in MB, should S3 use when uploading
-# parts. The size must be greater than or equal to 5M. (integer value)
-#s3_store_large_object_chunk_size = 10
-
-# The number of thread pools to perform a multipart upload in S3.
-# (integer value)
-#s3_store_thread_pools = 10
-
-# ESX/ESXi or vCenter Server target system. The server value can be an
-# IP address or a DNS name. (string value)
-#vmware_server_host = <None>
-
-# Username for authenticating with VMware ESX/VC server. (string
-# value)
-#vmware_server_username = <None>
-
-# Password for authenticating with VMware ESX/VC server. (string
-# value)
-#vmware_server_password = <None>
-
-# DEPRECATED. Inventory path to a datacenter. If the
-# vmware_server_host specified is an ESX/ESXi, the
-# vmware_datacenter_path is optional. If specified, it should be "ha-
-# datacenter". This option is deprecated in favor of vmware_datastores
-# and will be removed in the Liberty release. (string value)
-#vmware_datacenter_path = ha-datacenter
-
-# DEPRECATED. Datastore associated with the datacenter. This option is
-# deprecated in favor of vmware_datastores and will be removed in the
-# Liberty release. (string value)
-#vmware_datastore_name = <None>
-
-# Number of times VMware ESX/VC server API must be retried upon
-# connection related issues. (integer value)
-#vmware_api_retry_count = 10
-
-# The interval used for polling remote tasks invoked on VMware ESX/VC
-# server. (integer value)
-#vmware_task_poll_interval = 5
-
-# The name of the directory where the glance images will be stored in
-# the VMware datastore. (string value)
-#vmware_store_image_dir = /openstack_glance
-
-# Allow to perform insecure SSL requests to ESX/VC. (boolean value)
-#vmware_api_insecure = false
-
-# A list of datastores where the image can be stored. This option may
-# be specified multiple times for specifying multiple datastores.
-# Either one of vmware_datastore_name or vmware_datastores is
-# required. The datastore name should be specified after its
-# datacenter path, seperated by ":". An optional weight may be given
-# after the datastore name, seperated again by ":". Thus, the required
-# format becomes <datacenter_path>:<datastore_name>:<optional_weight>.
-# When adding an image, the datastore with highest weight will be
-# selected, unless there is not enough free space available in cases
-# where the image size is already known. If no weight is given, it is
-# assumed to be zero and the directory will be considered for
-# selection last. If multiple datastores have the same weight, then
-# the one with the most free space available is selected. (multi
-# valued)
-#vmware_datastores =
-
-# Info to match when looking for cinder in the service catalog. Format
-# is : separated values of the form:
-# <service_type>:<service_name>:<endpoint_type> (string value)
-#cinder_catalog_info = volume:cinder:publicURL
-
-# Override service catalog lookup with template for cinder endpoint
-# e.g. http://localhost:8776/v1/%(project_id)s (string value)
-#cinder_endpoint_template = <None>
-
-# Region name of this node (string value)
-#os_region_name = <None>
-
-# Location of ca certicates file to use for cinder client requests.
-# (string value)
-#cinder_ca_certificates_file = <None>
-
-# Number of cinderclient retries on failed http calls (integer value)
-#cinder_http_retries = 3
-
-# Allow to perform insecure SSL requests to cinder (boolean value)
-#cinder_api_insecure = false
-
-# Version of the authentication service to use. Valid versions are 2
-# for keystone and 1 for swauth and rackspace. (deprecated) (string
-# value)
-#swift_store_auth_version = 2
-
-# If True, swiftclient won't check for a valid SSL certificate when
-# authenticating. (boolean value)
-#swift_store_auth_insecure = false
-
-# A string giving the CA certificate file to use in SSL connections
-# for verifying certs. (string value)
-#swift_store_cacert = <None>
-
-# The region of the swift endpoint to be used for single tenant. This
-# setting is only necessary if the tenant has multiple swift
-# endpoints. (string value)
-#swift_store_region = <None>
-
-# If set, the configured endpoint will be used. If None, the storage
-# url from the auth response will be used. (string value)
-#swift_store_endpoint = <None>
-
-# A string giving the endpoint type of the swift service to use
-# (publicURL, adminURL or internalURL). This setting is only used if
-# swift_store_auth_version is 2. (string value)
-#swift_store_endpoint_type = publicURL
-
-# A string giving the service type of the swift service to use. This
-# setting is only used if swift_store_auth_version is 2. (string
-# value)
-#swift_store_service_type = object-store
-
-# Container within the account that the account should use for storing
-# images in Swift when using single container mode. In multiple
-# container mode, this will be the prefix for all containers. (string
-# value)
-#swift_store_container = glance
-
-# The size, in MB, that Glance will start chunking image files and do
-# a large object manifest in Swift. (integer value)
-#swift_store_large_object_size = 5120
-
-# The amount of data written to a temporary disk buffer during the
-# process of chunking the image file. (integer value)
-#swift_store_large_object_chunk_size = 200
-
-# A boolean value that determines if we create the container if it
-# does not exist. (boolean value)
-#swift_store_create_container_on_put = false
-
-# If set to True, enables multi-tenant storage mode which causes
-# Glance images to be stored in tenant specific Swift accounts.
-# (boolean value)
-#swift_store_multi_tenant = false
-
-# When set to 0, a single-tenant store will only use one container to
-# store all images. When set to an integer value between 1 and 32, a
-# single-tenant store will use multiple containers to store images,
-# and this value will determine how many containers are created.Used
-# only when swift_store_multi_tenant is disabled. The total number of
-# containers that will be used is equal to 16^N, so if this config
-# option is set to 2, then 16^2=256 containers will be used to store
-# images. (integer value)
-#swift_store_multiple_containers_seed = 0
-
-# A list of tenants that will be granted read/write access on all
-# Swift containers created by Glance in multi-tenant mode. (list
-# value)
-#swift_store_admin_tenants =
-
-# If set to False, disables SSL layer compression of https swift
-# requests. Setting to False may improve performance for images which
-# are already in a compressed format, eg qcow2. (boolean value)
-#swift_store_ssl_compression = true
-
-# The number of times a Swift download will be retried before the
-# request fails. (integer value)
-#swift_store_retry_get_count = 0
-
-# The reference to the default swift account/backing store parameters
-# to use for adding new images. (string value)
-#default_swift_reference = ref1
-
-# The address where the Swift authentication service is
-# listening.(deprecated) (string value)
-#swift_store_auth_address = <None>
-
-# The user to authenticate against the Swift authentication service
-# (deprecated) (string value)
-#swift_store_user = <None>
-
-# Auth key for the user authenticating against the Swift
-# authentication service. (deprecated) (string value)
-#swift_store_key = <None>
-
-# The config file that has the swift account(s)configs. (string value)
-#swift_store_config_file = <None>
-
-
-[oslo_concurrency]
-
-#
-# From oslo.concurrency
-#
-
-# Enables or disables inter-process locks. (boolean value)
-# Deprecated group/name - [DEFAULT]/disable_process_locking
-#disable_process_locking = false
-
-# Directory to use for lock files. For security, the specified
-# directory should only be writable by the user running the processes
-# that need locking. Defaults to environment variable OSLO_LOCK_PATH.
-# If external locks are used, a lock path must be set. (string value)
-# Deprecated group/name - [DEFAULT]/lock_path
-#lock_path = <None>
-
-
-[oslo_policy]
-
-#
-# From oslo.policy
-#
-
-# The JSON file that defines policies. (string value)
-# Deprecated group/name - [DEFAULT]/policy_file
-#policy_file = policy.json
-
-# Default rule. Enforced when a requested rule is not found. (string
-# value)
-# Deprecated group/name - [DEFAULT]/policy_default_rule
-#policy_default_rule = default
-
-# Directories where policy configuration files are stored. They can be
-# relative to any directory in the search path defined by the
-# config_dir option, or absolute paths. The file defined by
-# policy_file must exist for these directories to be searched.
-# Missing or empty directories are ignored. (multi valued)
-# Deprecated group/name - [DEFAULT]/policy_dirs
-#policy_dirs = policy.d
+# Deprecated group/name - [DEFAULT]/dbapi_use_tpool
+#use_tpool = false
--- a/components/openstack/glance/files/glance-registry.conf Wed Sep 07 14:48:41 2016 -0700
+++ b/components/openstack/glance/files/glance-registry.conf Wed Sep 07 14:48:42 2016 -0700
@@ -5,7 +5,7 @@
#
# When true, this option sets the owner of an image to be the tenant.
-# Otherwise, the owner of the image will be the authenticated user
+# Otherwise, the owner of the image will be the authenticated user
# issuing the request. (boolean value)
#owner_is_tenant = true
@@ -18,6 +18,9 @@
# value)
#allow_anonymous_access = false
+# Limits request ID length. (integer value)
+#max_request_id_length = 64
+
# Whether to allow users to specify image properties beyond what the
# image schema provides (boolean value)
#allow_additional_image_properties = true
@@ -58,19 +61,20 @@
# For example, if using the file system store a URL of
# "file:///path/to/image" will be returned to the user in the
# 'direct_url' meta-data field. Revealing storage location can be a
-# security risk, so use this setting with caution! The overrides
-# show_image_direct_url. (boolean value)
+# security risk, so use this setting with caution! Setting this to
+# true overrides the show_image_direct_url option. (boolean value)
#show_multiple_locations = false
# Maximum size of image a user can upload in bytes. Defaults to
-# 1099511627776 bytes (1 TB).WARNING: this value should only be
+# 1099511627776 bytes (1 TB). WARNING: this value should only be
# increased after careful consideration and must be set to a value
# under 8 EB (9223372036854775808). (integer value)
+# Maximum value: 9223372036854775808
#image_size_cap = 1099511627776
# Set a system wide quota for every user. This value is the total
# capacity that a user can use across all storage systems. A value of
-# 0 means unlimited.Optional unit can be specified for the value.
+# 0 means unlimited. Optional unit can be specified for the value.
# Accepted units are B, KB, MB, GB and TB representing Bytes,
# KiloBytes, MegaBytes, GigaBytes and TeraBytes respectively. If no
# unit is specified then Bytes is assumed. Note that there should not
@@ -95,7 +99,9 @@
#pydev_worker_debug_host = <None>
# The port on which a pydev process is listening for connections.
-# (integer value)
+# (port value)
+# Minimum value: 0
+# Maximum value: 65535
#pydev_worker_debug_port = 5678
# AES key for encrypting store 'location' metadata. This includes, if
@@ -103,20 +109,20 @@
# length 16, 24 or 32 bytes (string value)
#metadata_encryption_key = <None>
-# Digest algorithm which will be used for digital signature; the
-# default is sha1 the default in Kilo for a smooth upgrade process,
-# and it will be updated with sha256 in next release(L). Use the
+# Digest algorithm which will be used for digital signature. Use the
# command "openssl list-message-digest-algorithms" to get the
# available algorithms supported by the version of OpenSSL on the
# platform. Examples are "sha1", "sha256", "sha512", etc. (string
# value)
-#digest_algorithm = sha1
+#digest_algorithm = sha256
# Address to bind the server. Useful when selecting a particular
# network interface. (string value)
#bind_host = 0.0.0.0
-# The port on which the server will listen. (integer value)
+# The port on which the server will listen. (port value)
+# Minimum value: 0
+# Maximum value: 65535
#bind_port = <None>
# The backlog value that will be used when creating the TCP listener
@@ -162,86 +168,94 @@
# Timeout for client connections' socket operations. If an incoming
# connection is idle for this number of seconds it will be closed. A
# value of '0' means wait forever. (integer value)
-#client_socket_timeout = 0
+#client_socket_timeout = 900
#
# From oslo.log
#
-# Print debugging output (set logging level to DEBUG instead of
-# default WARNING level). (boolean value)
+# If set to true, the logging level will be set to DEBUG instead of
+# the default INFO level. (boolean value)
#debug = false
-# Print more verbose output (set logging level to INFO instead of
-# default WARNING level). (boolean value)
-#verbose = false
+# If set to false, the logging level will be set to WARNING instead of
+# the default INFO level. (boolean value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+#verbose = true
# The name of a logging configuration file. This file is appended to
# any existing logging configuration files. For details about logging
# configuration files, see the Python logging module documentation.
-# (string value)
+# Note that when logging configuration files are used then all logging
+# configuration is set in the configuration file and other logging
+# configuration options are ignored (for example,
+# logging_context_format_string). (string value)
# Deprecated group/name - [DEFAULT]/log_config
#log_config_append = <None>
-# DEPRECATED. A logging.Formatter log message format string which may
-# use any of the available logging.LogRecord attributes. This option
-# is deprecated. Please use logging_context_format_string and
-# logging_default_format_string instead. (string value)
-#log_format = <None>
-
-# Format string for %%(asctime)s in log records. Default: %(default)s
-# . (string value)
+# Defines the format string for %%(asctime)s in log records. Default:
+# %(default)s . This option is ignored if log_config_append is set.
+# (string value)
#log_date_format = %Y-%m-%d %H:%M:%S
-# (Optional) Name of log file to output to. If no default is set,
-# logging will go to stdout. (string value)
+# (Optional) Name of log file to send logging output to. If no default
+# is set, logging will go to stderr as defined by use_stderr. This
+# option is ignored if log_config_append is set. (string value)
# Deprecated group/name - [DEFAULT]/logfile
#log_file = <None>
-# (Optional) The base directory used for relative --log-file paths.
-# (string value)
+# (Optional) The base directory used for relative log_file paths.
+# This option is ignored if log_config_append is set. (string value)
# Deprecated group/name - [DEFAULT]/logdir
#log_dir = <None>
-# Use syslog for logging. Existing syslog format is DEPRECATED during
-# I, and will change in J to honor RFC5424. (boolean value)
+# Uses logging handler designed to watch file system. When log file is
+# moved or removed this handler will open a new log file with
+# specified path instantaneously. It makes sense only if log_file
+# option is specified and Linux platform is used. This option is
+# ignored if log_config_append is set. (boolean value)
+#watch_log_file = false
+
+# Use syslog for logging. Existing syslog format is DEPRECATED and
+# will be changed later to honor RFC5424. This option is ignored if
+# log_config_append is set. (boolean value)
#use_syslog = false
-# (Optional) Enables or disables syslog rfc5424 format for logging. If
-# enabled, prefixes the MSG part of the syslog message with APP-NAME
-# (RFC5424). The format without the APP-NAME is deprecated in I, and
-# will be removed in J. (boolean value)
-#use_syslog_rfc_format = false
-
-# Syslog facility to receive log lines. (string value)
+# Syslog facility to receive log lines. This option is ignored if
+# log_config_append is set. (string value)
#syslog_log_facility = LOG_USER
-# Log output to standard error. (boolean value)
+# Log output to standard error. This option is ignored if
+# log_config_append is set. (boolean value)
#use_stderr = true
# Format string to use for log messages with context. (string value)
#logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s
-# Format string to use for log messages without context. (string
-# value)
+# Format string to use for log messages when context is undefined.
+# (string value)
#logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s
-# Data to append to log format when level is DEBUG. (string value)
+# Additional data to append to log message when logging level for the
+# message is DEBUG. (string value)
#logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d
# Prefix each line of exception output with this format. (string
# value)
-#logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s
+#logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s
-# List of logger=LEVEL pairs. (list value)
-#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN
+# Defines the format string for %(user_identity)s that is used in
+# logging_context_format_string. (string value)
+#logging_user_identity_format = %(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s
+
+# List of package logging levels in logger=LEVEL pairs. This option is
+# ignored if log_config_append is set. (list value)
+#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN,keystoneauth=WARN,oslo.cache=INFO,dogpile.core.dogpile=INFO
# Enables or disables publication of error events. (boolean value)
#publish_errors = false
-# Enables or disables fatal status of deprecations. (boolean value)
-#fatal_deprecations = false
-
# The format for an instance that is passed with the log message.
# (string value)
#instance_format = "[instance: %(uuid)s] "
@@ -250,20 +264,29 @@
# (string value)
#instance_uuid_format = "[instance: %(uuid)s] "
+# Enables or disables fatal status of deprecations. (boolean value)
+#fatal_deprecations = false
+
#
# From oslo.messaging
#
+# Size of RPC connection pool. (integer value)
+# Deprecated group/name - [DEFAULT]/rpc_conn_pool_size
+#rpc_conn_pool_size = 30
+
# ZeroMQ bind address. Should be a wildcard (*), an ethernet
# interface, or IP. The "host" option should point or resolve to this
# address. (string value)
#rpc_zmq_bind_address = *
# MatchMaker driver. (string value)
-#rpc_zmq_matchmaker = local
+# Allowed values: redis, dummy
+#rpc_zmq_matchmaker = redis
-# ZeroMQ receiver listening port. (integer value)
-#rpc_zmq_port = 9501
+# Type of concurrency used. Either "native" or "eventlet" (string
+# value)
+#rpc_zmq_concurrency = eventlet
# Number of ZeroMQ contexts, defaults to 1. (integer value)
#rpc_zmq_contexts = 1
@@ -279,25 +302,41 @@
# Must match "host" option, if running Nova. (string value)
#rpc_zmq_host = localhost
-# Seconds to wait before a cast expires (TTL). Only supported by
-# impl_zmq. (integer value)
-#rpc_cast_timeout = 30
+# Seconds to wait before a cast expires (TTL). The default value of -1
+# specifies an infinite linger period. The value of 0 specifies no
+# linger period. Pending messages shall be discarded immediately when
+# the socket is closed. Only supported by impl_zmq. (integer value)
+#rpc_cast_timeout = -1
-# Heartbeat frequency. (integer value)
-#matchmaker_heartbeat_freq = 300
+# The default number of seconds that poll should wait. Poll raises
+# timeout exception when timeout expired. (integer value)
+#rpc_poll_timeout = 1
-# Heartbeat time-to-live. (integer value)
-#matchmaker_heartbeat_ttl = 600
+# Expiration timeout in seconds of a name service record about
+# existing target ( < 0 means no timeout). (integer value)
+#zmq_target_expire = 120
+
+# Use PUB/SUB pattern for fanout methods. PUB/SUB always uses proxy.
+# (boolean value)
+#use_pub_sub = true
-# Size of RPC thread pool. (integer value)
-#rpc_thread_pool_size = 64
+# Minimal port number for random ports range. (port value)
+# Minimum value: 0
+# Maximum value: 65535
+#rpc_zmq_min_port = 49152
-# Driver or drivers to handle sending notifications. (multi valued)
-#notification_driver =
+# Maximal port number for random ports range. (integer value)
+# Minimum value: 1
+# Maximum value: 65536
+#rpc_zmq_max_port = 65536
-# AMQP topic used for OpenStack notifications. (list value)
-# Deprecated group/name - [rpc_notifier2]/topics
-#notification_topics = notifications
+# Number of retries to find free port number before fail with
+# ZMQBindError. (integer value)
+#rpc_zmq_bind_port_retries = 100
+
+# Size of executor thread pool. (integer value)
+# Deprecated group/name - [DEFAULT]/rpc_thread_pool_size
+#executor_thread_pool_size = 64
# Seconds to wait for a response from a call. (integer value)
#rpc_response_timeout = 60
@@ -308,7 +347,7 @@
#transport_url = <None>
# The messaging driver to use, defaults to rabbit. Other drivers
-# include qpid and zmq. (string value)
+# include amqp and zmq. (string value)
#rpc_backend = rabbit
# The default exchange under which topics are scoped. May be
@@ -317,6 +356,66 @@
#control_exchange = openstack
+[cors]
+
+#
+# From oslo.middleware
+#
+
+# Indicate whether this resource may be shared with the domain
+# received in the requests "origin" header. (list value)
+#allowed_origin = <None>
+
+# Indicate that the actual request can include user credentials
+# (boolean value)
+#allow_credentials = true
+
+# Indicate which headers are safe to expose to the API. Defaults to
+# HTTP Simple Headers. (list value)
+#expose_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma
+
+# Maximum cache age of CORS preflight requests. (integer value)
+#max_age = 3600
+
+# Indicate which methods can be used during the actual request. (list
+# value)
+#allow_methods = GET,POST,PUT,DELETE,OPTIONS
+
+# Indicate which header field names may be used during the actual
+# request. (list value)
+#allow_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma
+
+
+[cors.subdomain]
+
+#
+# From oslo.middleware
+#
+
+# Indicate whether this resource may be shared with the domain
+# received in the requests "origin" header. (list value)
+#allowed_origin = <None>
+
+# Indicate that the actual request can include user credentials
+# (boolean value)
+#allow_credentials = true
+
+# Indicate which headers are safe to expose to the API. Defaults to
+# HTTP Simple Headers. (list value)
+#expose_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma
+
+# Maximum cache age of CORS preflight requests. (integer value)
+#max_age = 3600
+
+# Indicate which methods can be used during the actual request. (list
+# value)
+#allow_methods = GET,POST,PUT,DELETE,OPTIONS
+
+# Indicate which header field names may be used during the actual
+# request. (list value)
+#allow_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma
+
+
[database]
#
@@ -352,12 +451,6 @@
# Example: mysql_sql_mode= (string value)
#mysql_sql_mode = TRADITIONAL
-# This configures the MySQL storage engine. This allows for OpenStack to
-# support different storage engines such as InnoDB, NDB, etc. By Default,
-# this value will be set to InnoDB. For MySQL Cluster, set to NDBCLUSTER.
-# Example: mysql_storage_engine=(string value)
-#mysql_storage_engine = InnoDB
-
# Timeout before idle SQL connections are reaped. (integer value)
# Deprecated group/name - [DEFAULT]/sql_idle_timeout
# Deprecated group/name - [DATABASE]/sql_idle_timeout
@@ -392,7 +485,7 @@
# value)
# Deprecated group/name - [DEFAULT]/sql_max_overflow
# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow
-#max_overflow = <None>
+#max_overflow = 50
# Verbosity of SQL debugging information: 0=None, 100=Everything.
# (integer value)
@@ -428,6 +521,15 @@
# (integer value)
#db_max_retries = 20
+#
+# From oslo.db.concurrency
+#
+
+# Enable the experimental use of thread pooling for all DB API calls
+# (boolean value)
+# Deprecated group/name - [DEFAULT]/dbapi_use_tpool
+#use_tpool = false
+
[glance_store]
@@ -435,7 +537,8 @@
# From glance.store
#
-# List of stores enabled (list value)
+# List of stores enabled. Valid stores are: cinder, file, http, rbd,
+# sheepdog, swift, s3, vsphere (list value)
#stores = file,http
# Default scheme to use to store image data. The scheme must be
@@ -451,10 +554,6 @@
# (integer value)
#store_capabilities_update_min_interval = 0
-#
-# From glance.store
-#
-
# Images will be chunked into objects of this size (in megabytes). For
# best performance, this should be a power of two. (integer value)
#sheepdog_store_chunk_size = 64
@@ -484,9 +583,31 @@
# (string value)
#rbd_store_ceph_conf = /etc/ceph/ceph.conf
+# Timeout value (in seconds) used when connecting to ceph cluster. If
+# value <= 0, no timeout is set and default librados value is used.
+# (integer value)
+#rados_connect_timeout = 0
+
+# Specify the path to the CA bundle file to use in verifying the
+# remote server certificate. (string value)
+#https_ca_certificates_file = <None>
+
+# If true, the remote server certificate is not verified. If false,
+# then the default CA truststore is used for verification. This option
+# is ignored if "https_ca_certificates_file" is set. (boolean value)
+#https_insecure = true
+
+# Specify the http/https proxy information that should be used to
+# connect to the remote server. The proxy information should be a key
+# value pair of the scheme and proxy. e.g. http:10.0.0.1:3128. You can
+# specify proxies for multiple schemes by seperating the key value
+# pairs with a comma.e.g. http:10.0.0.1:3128, https:10.0.0.1:1080.
+# (dict value)
+#http_proxy_information =
+
# Directory to which the Filesystem backend store writes images.
# (string value)
-filesystem_store_datadir = /var/lib/glance/images/
+#filesystem_store_datadir = /var/lib/glance/images
# List of directories and its priorities to which the Filesystem
# backend store writes images. (multi valued)
@@ -507,15 +628,6 @@
# digit. (integer value)
#filesystem_store_file_perm = 0
-# Hostname or IP address of the instance to connect to, or a mongodb
-# URI, or a list of hostnames / mongodb URIs. If host is an IPv6
-# literal it must be enclosed in '[' and ']' characters following the
-# RFC2732 URL syntax (e.g. '[::1]' for localhost) (string value)
-#mongodb_store_uri = <None>
-
-# Database to use (string value)
-#mongodb_store_db = <None>
-
# The host where the S3 server is listening. (string value)
#s3_store_host = <None>
@@ -553,6 +665,21 @@
# (integer value)
#s3_store_thread_pools = 10
+# Enable the use of a proxy. (boolean value)
+#s3_store_enable_proxy = false
+
+# Address or hostname for the proxy server. (string value)
+#s3_store_proxy_host = <None>
+
+# The port to use when connecting over a proxy. (integer value)
+#s3_store_proxy_port = 8080
+
+# The username to connect to the proxy. (string value)
+#s3_store_proxy_user = <None>
+
+# The password to use when connecting over a proxy. (string value)
+#s3_store_proxy_password = <None>
+
# ESX/ESXi or vCenter Server target system. The server value can be an
# IP address or a DNS name. (string value)
#vmware_server_host = <None>
@@ -565,18 +692,6 @@
# value)
#vmware_server_password = <None>
-# DEPRECATED. Inventory path to a datacenter. If the
-# vmware_server_host specified is an ESX/ESXi, the
-# vmware_datacenter_path is optional. If specified, it should be "ha-
-# datacenter". This option is deprecated in favor of vmware_datastores
-# and will be removed in the Liberty release. (string value)
-#vmware_datacenter_path = ha-datacenter
-
-# DEPRECATED. Datastore associated with the datacenter. This option is
-# deprecated in favor of vmware_datastores and will be removed in the
-# Liberty release. (string value)
-#vmware_datastore_name = <None>
-
# Number of times VMware ESX/VC server API must be retried upon
# connection related issues. (integer value)
#vmware_api_retry_count = 10
@@ -589,36 +704,43 @@
# the VMware datastore. (string value)
#vmware_store_image_dir = /openstack_glance
-# Allow to perform insecure SSL requests to ESX/VC. (boolean value)
-#vmware_api_insecure = false
+# If true, the ESX/vCenter server certificate is not verified. If
+# false, then the default CA truststore is used for verification. This
+# option is ignored if "vmware_ca_file" is set. (boolean value)
+# Deprecated group/name - [DEFAULT]/vmware_api_insecure
+#vmware_insecure = false
+
+# Specify a CA bundle file to use in verifying the ESX/vCenter server
+# certificate. (string value)
+#vmware_ca_file = <None>
# A list of datastores where the image can be stored. This option may
-# be specified multiple times for specifying multiple datastores.
-# Either one of vmware_datastore_name or vmware_datastores is
-# required. The datastore name should be specified after its
-# datacenter path, seperated by ":". An optional weight may be given
-# after the datastore name, seperated again by ":". Thus, the required
-# format becomes <datacenter_path>:<datastore_name>:<optional_weight>.
-# When adding an image, the datastore with highest weight will be
-# selected, unless there is not enough free space available in cases
-# where the image size is already known. If no weight is given, it is
-# assumed to be zero and the directory will be considered for
-# selection last. If multiple datastores have the same weight, then
-# the one with the most free space available is selected. (multi
-# valued)
+# be specified multiple times for specifying multiple datastores. The
+# datastore name should be specified after its datacenter path,
+# seperated by ":". An optional weight may be given after the
+# datastore name, seperated again by ":". Thus, the required format
+# becomes <datacenter_path>:<datastore_name>:<optional_weight>. When
+# adding an image, the datastore with highest weight will be selected,
+# unless there is not enough free space available in cases where the
+# image size is already known. If no weight is given, it is assumed to
+# be zero and the directory will be considered for selection last. If
+# multiple datastores have the same weight, then the one with the most
+# free space available is selected. (multi valued)
#vmware_datastores =
# Info to match when looking for cinder in the service catalog. Format
# is : separated values of the form:
# <service_type>:<service_name>:<endpoint_type> (string value)
-#cinder_catalog_info = volume:cinder:publicURL
+#cinder_catalog_info = volumev2::publicURL
# Override service catalog lookup with template for cinder endpoint
-# e.g. http://localhost:8776/v1/%(project_id)s (string value)
+# e.g. http://localhost:8776/v2/%(tenant)s (string value)
#cinder_endpoint_template = <None>
-# Region name of this node (string value)
-#os_region_name = <None>
+# Region name of this node. If specified, it will be used to locate
+# OpenStack services for stores. (string value)
+# Deprecated group/name - [DEFAULT]/os_region_name
+#cinder_os_region_name = <None>
# Location of ca certicates file to use for cinder client requests.
# (string value)
@@ -627,13 +749,33 @@
# Number of cinderclient retries on failed http calls (integer value)
#cinder_http_retries = 3
+# Time period of time in seconds to wait for a cinder volume
+# transition to complete. (integer value)
+#cinder_state_transition_timeout = 300
+
# Allow to perform insecure SSL requests to cinder (boolean value)
#cinder_api_insecure = false
-# Version of the authentication service to use. Valid versions are 2
-# for keystone and 1 for swauth and rackspace. (deprecated) (string
+# The address where the Cinder authentication service is listening. If
+# <None>, the cinder endpoint in the service catalog is used. (string
# value)
-#swift_store_auth_version = 2
+#cinder_store_auth_address = <None>
+
+# User name to authenticate against Cinder. If <None>, the user of
+# current context is used. (string value)
+#cinder_store_user_name = <None>
+
+# Password for the user authenticating against Cinder. If <None>, the
+# current context auth token is used. (string value)
+#cinder_store_password = <None>
+
+# Project name where the image is stored in Cinder. If <None>, the
+# project in current context is used. (string value)
+#cinder_store_project_name = <None>
+
+# Path to the rootwrap configuration file to use for running commands
+# as root. (string value)
+#rootwrap_config = /etc/glance/rootwrap.conf
# If True, swiftclient won't check for a valid SSL certificate when
# authenticating. (boolean value)
@@ -688,7 +830,7 @@
# When set to 0, a single-tenant store will only use one container to
# store all images. When set to an integer value between 1 and 32, a
# single-tenant store will use multiple containers to store images,
-# and this value will determine how many containers are created.Used
+# and this value will determine how many containers are created. Used
# only when swift_store_multi_tenant is disabled. The total number of
# containers that will be used is equal to 16^N, so if this config
# option is set to 2, then 16^2=256 containers will be used to store
@@ -709,20 +851,42 @@
# request fails. (integer value)
#swift_store_retry_get_count = 0
+# The period of time (in seconds) before token expirationwhen
+# glance_store will try to reques new user token. Default value 60 sec
+# means that if token is going to expire in 1 min then glance_store
+# request new user token. (integer value)
+#swift_store_expire_soon_interval = 60
+
+# If set to True create a trust for each add/get request to Multi-
+# tenant store in order to prevent authentication token to be expired
+# during uploading/downloading data. If set to False then user token
+# is used for Swift connection (so no overhead on trust creation).
+# Please note that this option is considered only and only if
+# swift_store_multi_tenant=True (boolean value)
+#swift_store_use_trusts = true
+
# The reference to the default swift account/backing store parameters
# to use for adding new images. (string value)
#default_swift_reference = ref1
-# The address where the Swift authentication service is
-# listening.(deprecated) (string value)
+# Version of the authentication service to use. Valid versions are 2
+# and 3 for keystone and 1 (deprecated) for swauth and rackspace.
+# (deprecated - use "auth_version" in swift_store_config_file) (string
+# value)
+#swift_store_auth_version = 2
+
+# The address where the Swift authentication service is listening.
+# (deprecated - use "auth_address" in swift_store_config_file) (string
+# value)
#swift_store_auth_address = <None>
# The user to authenticate against the Swift authentication service
-# (deprecated) (string value)
+# (deprecated - use "user" in swift_store_config_file) (string value)
#swift_store_user = <None>
# Auth key for the user authenticating against the Swift
-# authentication service. (deprecated) (string value)
+# authentication service. (deprecated - use "key" in
+# swift_store_config_file) (string value)
#swift_store_key = <None>
# The config file that has the swift account(s)configs. (string value)
@@ -772,6 +936,9 @@
# Verify HTTPS connections. (boolean value)
#insecure = false
+# The region in which the identity server can be found. (string value)
+#region_name = <None>
+
# Directory used to cache files related to PKI tokens. (string value)
signing_dir = /var/lib/glance/keystone-signing
@@ -794,12 +961,13 @@
#revocation_cache_time = 10
# (Optional) If defined, indicate whether token data should be
-# authenticated or authenticated and encrypted. Acceptable values are
-# MAC or ENCRYPT. If MAC, token data is authenticated (with HMAC) in
-# the cache. If ENCRYPT, token data is encrypted and authenticated in
-# the cache. If the value is not one of these options or empty,
-# auth_token will raise an exception on initialization. (string value)
-#memcache_security_strategy = <None>
+# authenticated or authenticated and encrypted. If MAC, token data is
+# authenticated (with HMAC) in the cache. If ENCRYPT, token data is
+# encrypted and authenticated in the cache. If the value is not one of
+# these options or empty, auth_token will raise an exception on
+# initialization. (string value)
+# Allowed values: None, MAC, ENCRYPT
+#memcache_security_strategy = None
# (Optional, mandatory if memcache_security_strategy is defined) This
# string is used for key derivation. (string value)
@@ -814,7 +982,7 @@
#memcache_pool_maxsize = 10
# (Optional) Socket timeout in seconds for communicating with a
-# memcache server. (integer value)
+# memcached server. (integer value)
#memcache_pool_socket_timeout = 3
# (Optional) Number of seconds a connection to memcached is held
@@ -822,10 +990,10 @@
#memcache_pool_unused_timeout = 60
# (Optional) Number of seconds that an operation will wait to get a
-# memcache client connection from the pool. (integer value)
+# memcached client connection from the pool. (integer value)
#memcache_pool_conn_get_timeout = 10
-# (Optional) Use the advanced (eventlet safe) memcache client pool.
+# (Optional) Use the advanced (eventlet safe) memcached client pool.
# The advanced pool will only work under python 2.x. (boolean value)
#memcache_use_advanced_pool = false
@@ -860,34 +1028,18 @@
# value)
#hash_algorithms = md5
-# Prefix to prepend at the beginning of the path. Deprecated, use
-# identity_uri. (string value)
-#auth_admin_prefix =
-
-# Host providing the admin Identity API endpoint. Deprecated, use
-# identity_uri. (string value)
-#auth_host = 127.0.0.1
-
-# Port of the admin Identity API endpoint. Deprecated, use
-# identity_uri. (integer value)
-#auth_port = 35357
+# Authentication type to load (unknown value)
+# Deprecated group/name - [DEFAULT]/auth_plugin
+#auth_type = <None>
-# Protocol of the admin Identity API endpoint (http or https).
-# Deprecated, use identity_uri. (string value)
-#auth_protocol = https
+# Config Section from which to load plugin specific options (unknown
+# value)
+#auth_section = <None>
-# Complete admin Identity API endpoint. This should specify the
-# unversioned root endpoint e.g. https://localhost:35357/ (string
-# value)
+# Complete admin Identity API endpoint. This should specify the unversioned
+# root endpoint e.g. https://localhost:35357/ (string value)
identity_uri = http://127.0.0.1:35357/
-# This option is deprecated and may be removed in a future release.
-# Single shared secret with the Keystone configuration used for
-# bootstrapping a Keystone installation, or otherwise bypassing the
-# normal authentication process. This option should not be used, use
-# `admin_user` and `admin_password` instead. (string value)
-#admin_token = <None>
-
# Service username. (string value)
admin_user = %SERVICE_USER%
@@ -897,13 +1049,6 @@
# Service tenant name. (string value)
admin_tenant_name = %SERVICE_TENANT_NAME%
-# Name of the plugin to load (string value)
-#auth_plugin = <None>
-
-# Config Section from which to load plugin specific options (string
-# value)
-#auth_section = <None>
-
[matchmaker_redis]
@@ -914,22 +1059,29 @@
# Host to locate redis. (string value)
#host = 127.0.0.1
-# Use this port to connect to redis host. (integer value)
+# Use this port to connect to redis host. (port value)
+# Minimum value: 0
+# Maximum value: 65535
#port = 6379
# Password for Redis server (optional). (string value)
-#password = <None>
+#password =
+# List of Redis Sentinel hosts (fault tolerance mode) e.g.
+# [host:port, host1:port ... ] (list value)
+#sentinel_hosts =
-[matchmaker_ring]
+# Redis replica set name. (string value)
+#sentinel_group_name = oslo-messaging-zeromq
-#
-# From oslo.messaging
-#
+# Time in ms to wait between connection attempts. (integer value)
+#wait_timeout = 500
-# Matchmaker ring file (JSON). (string value)
-# Deprecated group/name - [DEFAULT]/matchmaker_ringfile
-#ringfile = /etc/oslo/matchmaker_ring.json
+# Time in ms to wait before the transaction is killed. (integer value)
+#check_timeout = 20000
+
+# Timeout in ms on blocking socket operations (integer value)
+#socket_timeout = 1000
[oslo_concurrency]
@@ -947,7 +1099,7 @@
# that need locking. Defaults to environment variable OSLO_LOCK_PATH.
# If external locks are used, a lock path must be set. (string value)
# Deprecated group/name - [DEFAULT]/lock_path
-#lock_path = <None>
+lock_path = /var/lib/glance/lock
[oslo_messaging_amqp]
@@ -980,8 +1132,7 @@
# Deprecated group/name - [amqp1]/trace
#trace = false
-# CA certificate PEM file for verifing server certificate (string
-# value)
+# CA certificate PEM file to verify server certificate (string value)
# Deprecated group/name - [amqp1]/ssl_ca_file
#ssl_ca_file =
@@ -1003,73 +1154,49 @@
# Deprecated group/name - [amqp1]/allow_insecure_clients
#allow_insecure_clients = false
+# Space separated list of acceptable SASL mechanisms (string value)
+# Deprecated group/name - [amqp1]/sasl_mechanisms
+#sasl_mechanisms =
-[oslo_messaging_qpid]
+# Path to directory that contains the SASL configuration (string
+# value)
+# Deprecated group/name - [amqp1]/sasl_config_dir
+#sasl_config_dir =
+
+# Name of configuration file (without .conf suffix) (string value)
+# Deprecated group/name - [amqp1]/sasl_config_name
+#sasl_config_name =
+
+# User name for message broker authentication (string value)
+# Deprecated group/name - [amqp1]/username
+#username =
+
+# Password for message broker authentication (string value)
+# Deprecated group/name - [amqp1]/password
+#password =
+
+
+[oslo_messaging_notifications]
#
# From oslo.messaging
#
-# Use durable queues in AMQP. (boolean value)
-# Deprecated group/name - [DEFAULT]/rabbit_durable_queues
-#amqp_durable_queues = false
-
-# Auto-delete queues in AMQP. (boolean value)
-# Deprecated group/name - [DEFAULT]/amqp_auto_delete
-#amqp_auto_delete = false
-
-# Size of RPC connection pool. (integer value)
-# Deprecated group/name - [DEFAULT]/rpc_conn_pool_size
-#rpc_conn_pool_size = 30
-
-# Qpid broker hostname. (string value)
-# Deprecated group/name - [DEFAULT]/qpid_hostname
-#qpid_hostname = localhost
-
-# Qpid broker port. (integer value)
-# Deprecated group/name - [DEFAULT]/qpid_port
-#qpid_port = 5672
-
-# Qpid HA cluster host:port pairs. (list value)
-# Deprecated group/name - [DEFAULT]/qpid_hosts
-#qpid_hosts = $qpid_hostname:$qpid_port
-
-# Username for Qpid connection. (string value)
-# Deprecated group/name - [DEFAULT]/qpid_username
-#qpid_username =
+# The Drivers(s) to handle sending notifications. Possible values are
+# messaging, messagingv2, routing, log, test, noop (multi valued)
+# Deprecated group/name - [DEFAULT]/notification_driver
+#driver =
-# Password for Qpid connection. (string value)
-# Deprecated group/name - [DEFAULT]/qpid_password
-#qpid_password =
-
-# Space separated list of SASL mechanisms to use for auth. (string
-# value)
-# Deprecated group/name - [DEFAULT]/qpid_sasl_mechanisms
-#qpid_sasl_mechanisms =
-
-# Seconds between connection keepalive heartbeats. (integer value)
-# Deprecated group/name - [DEFAULT]/qpid_heartbeat
-#qpid_heartbeat = 60
+# A URL representing the messaging driver to use for notifications. If
+# not set, we fall back to the same configuration used for RPC.
+# (string value)
+# Deprecated group/name - [DEFAULT]/notification_transport_url
+#transport_url = <None>
-# Transport to use, either 'tcp' or 'ssl'. (string value)
-# Deprecated group/name - [DEFAULT]/qpid_protocol
-#qpid_protocol = tcp
-
-# Whether to disable the Nagle algorithm. (boolean value)
-# Deprecated group/name - [DEFAULT]/qpid_tcp_nodelay
-#qpid_tcp_nodelay = true
-
-# The number of prefetched messages held by receiver. (integer value)
-# Deprecated group/name - [DEFAULT]/qpid_receiver_capacity
-#qpid_receiver_capacity = 1
-
-# The qpid topology version to use. Version 1 is what was originally
-# used by impl_qpid. Version 2 includes some backwards-incompatible
-# changes that allow broker federation to work. Users should update
-# to version 2 when they are able to take everything down, as it
-# requires a clean break. (integer value)
-# Deprecated group/name - [DEFAULT]/qpid_topology_version
-#qpid_topology_version = 1
+# AMQP topic used for OpenStack notifications. (list value)
+# Deprecated group/name - [rpc_notifier2]/topics
+# Deprecated group/name - [DEFAULT]/notification_topics
+#topics = notifications
[oslo_messaging_rabbit]
@@ -1079,6 +1206,7 @@
#
# Use durable queues in AMQP. (boolean value)
+# Deprecated group/name - [DEFAULT]/amqp_durable_queues
# Deprecated group/name - [DEFAULT]/rabbit_durable_queues
#amqp_durable_queues = false
@@ -1086,10 +1214,6 @@
# Deprecated group/name - [DEFAULT]/amqp_auto_delete
#amqp_auto_delete = false
-# Size of RPC connection pool. (integer value)
-# Deprecated group/name - [DEFAULT]/rpc_conn_pool_size
-#rpc_conn_pool_size = 30
-
# SSL version to use (valid only if SSL enabled). Valid values are
# TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be
# available on some distributions. (string value)
@@ -1114,13 +1238,31 @@
# Deprecated group/name - [DEFAULT]/kombu_reconnect_delay
#kombu_reconnect_delay = 1.0
+# EXPERIMENTAL: Possible values are: gzip, bz2. If not set compression
+# will not be used. This option may notbe available in future
+# versions. (string value)
+#kombu_compression = <None>
+
+# How long to wait a missing client beforce abandoning to send it its
+# replies. This value should not be longer than rpc_response_timeout.
+# (integer value)
+# Deprecated group/name - [DEFAULT]/kombu_reconnect_timeout
+#kombu_missing_consumer_retry_timeout = 60
+
+# Determines how the next RabbitMQ node is chosen in case the one we
+# are currently connected to becomes unavailable. Takes effect only if
+# more than one RabbitMQ node is provided in config. (string value)
+# Allowed values: round-robin, shuffle
+#kombu_failover_strategy = round-robin
+
# The RabbitMQ broker address where a single node is used. (string
# value)
# Deprecated group/name - [DEFAULT]/rabbit_host
#rabbit_host = localhost
-# The RabbitMQ broker port where a single node is used. (integer
-# value)
+# The RabbitMQ broker port where a single node is used. (port value)
+# Minimum value: 0
+# Maximum value: 65535
# Deprecated group/name - [DEFAULT]/rabbit_port
#rabbit_port = 5672
@@ -1156,21 +1298,40 @@
# Deprecated group/name - [DEFAULT]/rabbit_retry_backoff
#rabbit_retry_backoff = 2
+# Maximum interval of RabbitMQ connection retries. Default is 30
+# seconds. (integer value)
+#rabbit_interval_max = 30
+
# Maximum number of RabbitMQ connection retries. Default is 0
# (infinite retry count). (integer value)
# Deprecated group/name - [DEFAULT]/rabbit_max_retries
#rabbit_max_retries = 0
-# Use HA queues in RabbitMQ (x-ha-policy: all). If you change this
-# option, you must wipe the RabbitMQ database. (boolean value)
+# Try to use HA queues in RabbitMQ (x-ha-policy: all). If you change
+# this option, you must wipe the RabbitMQ database. In RabbitMQ 3.0,
+# queue mirroring is no longer controlled by the x-ha-policy argument
+# when declaring a queue. If you just want to make sure that all
+# queues (except those with auto-generated names) are mirrored across
+# all nodes, run: "rabbitmqctl set_policy HA '^(?!amq\.).*' '{"ha-
+# mode": "all"}' " (boolean value)
# Deprecated group/name - [DEFAULT]/rabbit_ha_queues
#rabbit_ha_queues = false
+# Positive integer representing duration in seconds for queue TTL
+# (x-expires). Queues which are unused for the duration of the TTL are
+# automatically deleted. The parameter affects only reply and fanout
+# queues. (integer value)
+# Minimum value: 1
+#rabbit_transient_queues_ttl = 1800
+
+# Specifies the number of messages to prefetch. Setting to zero allows
+# unlimited messages. (integer value)
+#rabbit_qos_prefetch_count = 0
+
# Number of seconds after which the Rabbit broker is considered down
-# if heartbeat's keep-alive fails (0 disables the heartbeat, >0
-# enables it. Enabling heartbeats requires kombu>=3.0.7 and
-# amqp>=1.4.0). EXPERIMENTAL (integer value)
-#heartbeat_timeout_threshold = 0
+# if heartbeat's keep-alive fails (0 disable the heartbeat).
+# EXPERIMENTAL (integer value)
+#heartbeat_timeout_threshold = 60
# How often times during the heartbeat_timeout_threshold we check the
# heartbeat. (integer value)
@@ -1181,6 +1342,129 @@
# Deprecated group/name - [DEFAULT]/fake_rabbit
#fake_rabbit = false
+# Maximum number of channels to allow (integer value)
+#channel_max = <None>
+
+# The maximum byte size for an AMQP frame (integer value)
+#frame_max = <None>
+
+# How often to send heartbeats for consumer's connections (integer
+# value)
+#heartbeat_interval = 1
+
+# Enable SSL (boolean value)
+#ssl = <None>
+
+# Arguments passed to ssl.wrap_socket (dict value)
+#ssl_options = <None>
+
+# Set socket timeout in seconds for connection's socket (floating
+# point value)
+#socket_timeout = 0.25
+
+# Set TCP_USER_TIMEOUT in seconds for connection's socket (floating
+# point value)
+#tcp_user_timeout = 0.25
+
+# Set delay for reconnection to some host which has connection error
+# (floating point value)
+#host_connection_reconnect_delay = 0.25
+
+# Maximum number of connections to keep queued. (integer value)
+#pool_max_size = 10
+
+# Maximum number of connections to create above `pool_max_size`.
+# (integer value)
+#pool_max_overflow = 0
+
+# Default number of seconds to wait for a connections to available
+# (integer value)
+#pool_timeout = 30
+
+# Lifetime of a connection (since creation) in seconds or None for no
+# recycling. Expired connections are closed on acquire. (integer
+# value)
+#pool_recycle = 600
+
+# Threshold at which inactive (since release) connections are
+# considered stale in seconds or None for no staleness. Stale
+# connections are closed on acquire. (integer value)
+#pool_stale = 60
+
+# Persist notification messages. (boolean value)
+#notification_persistence = false
+
+# Exchange name for for sending notifications (string value)
+#default_notification_exchange = ${control_exchange}_notification
+
+# Max number of not acknowledged message which RabbitMQ can send to
+# notification listener. (integer value)
+#notification_listener_prefetch_count = 100
+
+# Reconnecting retry count in case of connectivity problem during
+# sending notification, -1 means infinite retry. (integer value)
+#default_notification_retry_attempts = -1
+
+# Reconnecting retry delay in case of connectivity problem during
+# sending notification message (floating point value)
+#notification_retry_delay = 0.25
+
+# Time to live for rpc queues without consumers in seconds. (integer
+# value)
+#rpc_queue_expiration = 60
+
+# Exchange name for sending RPC messages (string value)
+#default_rpc_exchange = ${control_exchange}_rpc
+
+# Exchange name for receiving RPC replies (string value)
+#rpc_reply_exchange = ${control_exchange}_rpc_reply
+
+# Max number of not acknowledged message which RabbitMQ can send to
+# rpc listener. (integer value)
+#rpc_listener_prefetch_count = 100
+
+# Max number of not acknowledged message which RabbitMQ can send to
+# rpc reply listener. (integer value)
+#rpc_reply_listener_prefetch_count = 100
+
+# Reconnecting retry count in case of connectivity problem during
+# sending reply. -1 means infinite retry during rpc_timeout (integer
+# value)
+#rpc_reply_retry_attempts = -1
+
+# Reconnecting retry delay in case of connectivity problem during
+# sending reply. (floating point value)
+#rpc_reply_retry_delay = 0.25
+
+# Reconnecting retry count in case of connectivity problem during
+# sending RPC message, -1 means infinite retry. If actual retry
+# attempts in not 0 the rpc request could be processed more then one
+# time (integer value)
+#default_rpc_retry_attempts = -1
+
+# Reconnecting retry delay in case of connectivity problem during
+# sending RPC message (floating point value)
+#rpc_retry_delay = 0.25
+
+
+[oslo_middleware]
+
+#
+# From oslo.middleware
+#
+
+# The maximum body size for each request, in bytes. (integer value)
+# Deprecated group/name - [DEFAULT]/osapi_max_request_body_size
+# Deprecated group/name - [DEFAULT]/max_request_body_size
+#max_request_body_size = 114688
+
+# The HTTP Header that will be used to determine what the original
+# request protocol scheme was, even if it was hidden by an SSL
+# termination proxy. (string value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+#secure_proxy_ssl_header = X-Forwarded-Proto
+
[oslo_policy]
@@ -1233,3 +1517,7 @@
# If False doesn't trace SQL requests. (boolean value)
#trace_sqlalchemy = false
+
+# Secret key to use to sign Glance API and Glance Registry services
+# tracing messages. (string value)
+#hmac_keys = SECRET_KEY
--- a/components/openstack/glance/files/glance-registry.xml Wed Sep 07 14:48:41 2016 -0700
+++ b/components/openstack/glance/files/glance-registry.xml Wed Sep 07 14:48:42 2016 -0700
@@ -64,6 +64,12 @@
<exec_method timeout_seconds="60" type="method" name="stop"
exec=":kill"/>
+ <property_group name="startd" type="framework">
+ <!-- glance-registry manages its children so we should ignore their
+ death -->
+ <propval name='ignore_error' type='astring' value='signal' />
+ </property_group>
+
<instance name='default' enabled='false'>
<!-- to start/stop/refresh the service -->
<property_group name='general' type='framework'>
--- a/components/openstack/glance/files/glance-scrubber.conf Wed Sep 07 14:48:41 2016 -0700
+++ b/components/openstack/glance/files/glance-scrubber.conf Wed Sep 07 14:48:42 2016 -0700
@@ -44,19 +44,20 @@
# For example, if using the file system store a URL of
# "file:///path/to/image" will be returned to the user in the
# 'direct_url' meta-data field. Revealing storage location can be a
-# security risk, so use this setting with caution! The overrides
-# show_image_direct_url. (boolean value)
+# security risk, so use this setting with caution! Setting this to
+# true overrides the show_image_direct_url option. (boolean value)
#show_multiple_locations = false
# Maximum size of image a user can upload in bytes. Defaults to
-# 1099511627776 bytes (1 TB).WARNING: this value should only be
+# 1099511627776 bytes (1 TB). WARNING: this value should only be
# increased after careful consideration and must be set to a value
# under 8 EB (9223372036854775808). (integer value)
+# Maximum value: 9223372036854775808
#image_size_cap = 1099511627776
# Set a system wide quota for every user. This value is the total
# capacity that a user can use across all storage systems. A value of
-# 0 means unlimited.Optional unit can be specified for the value.
+# 0 means unlimited. Optional unit can be specified for the value.
# Accepted units are B, KB, MB, GB and TB representing Bytes,
# KiloBytes, MegaBytes, GigaBytes and TeraBytes respectively. If no
# unit is specified then Bytes is assumed. Note that there should not
@@ -81,7 +82,9 @@
#pydev_worker_debug_host = <None>
# The port on which a pydev process is listening for connections.
-# (integer value)
+# (port value)
+# Minimum value: 0
+# Maximum value: 65535
#pydev_worker_debug_port = 5678
# AES key for encrypting store 'location' metadata. This includes, if
@@ -89,35 +92,38 @@
# length 16, 24 or 32 bytes (string value)
#metadata_encryption_key = <None>
-# Digest algorithm which will be used for digital signature; the
-# default is sha1 the default in Kilo for a smooth upgrade process,
-# and it will be updated with sha256 in next release(L). Use the
+# Digest algorithm which will be used for digital signature. Use the
# command "openssl list-message-digest-algorithms" to get the
# available algorithms supported by the version of OpenSSL on the
# platform. Examples are "sha1", "sha256", "sha512", etc. (string
# value)
-#digest_algorithm = sha1
-
-# Directory that the scrubber will use to track information about what
-# to delete. Make sure this is set in glance-api.conf and glance-
-# scrubber.conf. (string value)
-#scrubber_datadir = /var/lib/glance/scrubber
+#digest_algorithm = sha256
# The amount of time in seconds to delay before performing a delete.
# (integer value)
#scrub_time = 0
-# A boolean that determines if the scrubber should clean up the files
-# it uses for taking data. Only one server in your deployment should
-# be designated the cleanup host. (boolean value)
-#cleanup_scrubber = false
+# The size of thread pool to be used for scrubbing images. The default
+# is one, which signifies serial scrubbing. Any value above one
+# indicates the max number of images that may be scrubbed in parallel.
+# (integer value)
+#scrub_pool_size = 1
# Turn on/off delayed delete. (boolean value)
#delayed_delete = false
-# Items must have a modified time that is older than this value in
-# order to be candidates for cleanup. (integer value)
-#cleanup_scrubber_time = 86400
+# Role used to identify an authenticated user as administrator.
+# (string value)
+#admin_role = admin
+
+# Whether to pass through headers containing user and tenant
+# information when making requests to the registry. This allows the
+# registry to use the context middleware without keystonemiddleware's
+# auth_token middleware, removing calls to the keystone auth service.
+# It is recommended that when using this option, secure communication
+# between glance api and glance registry is ensured by means other
+# than auth_token middleware. (boolean value)
+#send_identity_headers = false
# Loop time between checking for new items to schedule for delete.
# (integer value)
@@ -129,121 +135,208 @@
# (boolean value)
daemon = true
+# The protocol to use for communication with the registry server.
+# Either http or https. (string value)
+#registry_client_protocol = http
+
+# The path to the key file to use in SSL connections to the registry
+# server, if any. Alternately, you may set the GLANCE_CLIENT_KEY_FILE
+# environment variable to a filepath of the key file (string value)
+#registry_client_key_file = <None>
+
+# The path to the cert file to use in SSL connections to the registry
+# server, if any. Alternately, you may set the GLANCE_CLIENT_CERT_FILE
+# environment variable to a filepath of the CA cert file (string
+# value)
+#registry_client_cert_file = <None>
+
+# The path to the certifying authority cert file to use in SSL
+# connections to the registry server, if any. Alternately, you may set
+# the GLANCE_CLIENT_CA_FILE environment variable to a filepath of the
+# CA cert file. (string value)
+#registry_client_ca_file = <None>
+
+# When using SSL in connections to the registry server, do not require
+# validation via a certifying authority. This is the registry's
+# equivalent of specifying --insecure on the command line using
+# glanceclient for the API. (boolean value)
+#registry_client_insecure = false
+
+# The period of time, in seconds, that the API server will wait for a
+# registry request to complete. A value of 0 implies no timeout.
+# (integer value)
+#registry_client_timeout = 600
+
# Whether to pass through the user token when making requests to the
-# registry. (boolean value)
+# registry. To prevent failures with token expiration during big files
+# upload, it is recommended to set this parameter to False. If
+# "use_user_token" is not in effect, then admin credentials can be
+# specified. (boolean value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: This option was considered harmful and has been deprecated
+# in M release. It will be removed in O release. For more information
+# read OSSN-0060. Related functionality with uploading big images has
+# been implemented with Keystone trusts support.
#use_user_token = true
# The administrators user name. If "use_user_token" is not in effect,
# then admin credentials can be specified. (string value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: This option was considered harmful and has been deprecated
+# in M release. It will be removed in O release. For more information
+# read OSSN-0060. Related functionality with uploading big images has
+# been implemented with Keystone trusts support.
admin_user = %SERVICE_USER%
# The administrators password. If "use_user_token" is not in effect,
# then admin credentials can be specified. (string value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: This option was considered harmful and has been deprecated
+# in M release. It will be removed in O release. For more information
+# read OSSN-0060. Related functionality with uploading big images has
+# been implemented with Keystone trusts support.
admin_password = %SERVICE_PASSWORD%
# The tenant name of the administrative user. If "use_user_token" is
# not in effect, then admin tenant name can be specified. (string
# value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: This option was considered harmful and has been deprecated
+# in M release. It will be removed in O release. For more information
+# read OSSN-0060. Related functionality with uploading big images has
+# been implemented with Keystone trusts support.
admin_tenant_name = %SERVICE_TENANT_NAME%
# The URL to the keystone service. If "use_user_token" is not in
# effect and using keystone auth, then URL of keystone can be
# specified. (string value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: This option was considered harmful and has been deprecated
+# in M release. It will be removed in O release. For more information
+# read OSSN-0060. Related functionality with uploading big images has
+# been implemented with Keystone trusts support.
auth_url = http://127.0.0.1:5000/v2.0/
# The strategy to use for authentication. If "use_user_token" is not
# in effect, then auth strategy can be specified. (string value)
-#auth_strategy = noauth
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: This option was considered harmful and has been deprecated
+# in M release. It will be removed in O release. For more information
+# read OSSN-0060. Related functionality with uploading big images has
+# been implemented with Keystone trusts support.
+auth_strategy = keystone
# The region for the authentication service. If "use_user_token" is
# not in effect and using keystone auth, then region name can be
# specified. (string value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: This option was considered harmful and has been deprecated
+# in M release. It will be removed in O release. For more information
+# read OSSN-0060. Related functionality with uploading big images has
+# been implemented with Keystone trusts support.
#auth_region = <None>
# Address to find the registry server. (string value)
#registry_host = 0.0.0.0
-# Port the registry server is listening on. (integer value)
+# Port the registry server is listening on. (port value)
+# Minimum value: 0
+# Maximum value: 65535
#registry_port = 9191
#
# From oslo.log
#
-# Print debugging output (set logging level to DEBUG instead of
-# default WARNING level). (boolean value)
+# If set to true, the logging level will be set to DEBUG instead of
+# the default INFO level. (boolean value)
#debug = false
-# Print more verbose output (set logging level to INFO instead of
-# default WARNING level). (boolean value)
-#verbose = false
+# If set to false, the logging level will be set to WARNING instead of
+# the default INFO level. (boolean value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+#verbose = true
# The name of a logging configuration file. This file is appended to
# any existing logging configuration files. For details about logging
# configuration files, see the Python logging module documentation.
-# (string value)
+# Note that when logging configuration files are used then all logging
+# configuration is set in the configuration file and other logging
+# configuration options are ignored (for example,
+# logging_context_format_string). (string value)
# Deprecated group/name - [DEFAULT]/log_config
#log_config_append = <None>
-# DEPRECATED. A logging.Formatter log message format string which may
-# use any of the available logging.LogRecord attributes. This option
-# is deprecated. Please use logging_context_format_string and
-# logging_default_format_string instead. (string value)
-#log_format = <None>
-
-# Format string for %%(asctime)s in log records. Default: %(default)s
-# . (string value)
+# Defines the format string for %%(asctime)s in log records. Default:
+# %(default)s . This option is ignored if log_config_append is set.
+# (string value)
#log_date_format = %Y-%m-%d %H:%M:%S
-# (Optional) Name of log file to output to. If no default is set,
-# logging will go to stdout. (string value)
+# (Optional) Name of log file to send logging output to. If no default
+# is set, logging will go to stderr as defined by use_stderr. This
+# option is ignored if log_config_append is set. (string value)
# Deprecated group/name - [DEFAULT]/logfile
#log_file = <None>
-# (Optional) The base directory used for relative --log-file paths.
-# (string value)
+# (Optional) The base directory used for relative log_file paths.
+# This option is ignored if log_config_append is set. (string value)
# Deprecated group/name - [DEFAULT]/logdir
#log_dir = <None>
-# Use syslog for logging. Existing syslog format is DEPRECATED during
-# I, and will change in J to honor RFC5424. (boolean value)
+# Uses logging handler designed to watch file system. When log file is
+# moved or removed this handler will open a new log file with
+# specified path instantaneously. It makes sense only if log_file
+# option is specified and Linux platform is used. This option is
+# ignored if log_config_append is set. (boolean value)
+#watch_log_file = false
+
+# Use syslog for logging. Existing syslog format is DEPRECATED and
+# will be changed later to honor RFC5424. This option is ignored if
+# log_config_append is set. (boolean value)
#use_syslog = false
-# (Optional) Enables or disables syslog rfc5424 format for logging. If
-# enabled, prefixes the MSG part of the syslog message with APP-NAME
-# (RFC5424). The format without the APP-NAME is deprecated in I, and
-# will be removed in J. (boolean value)
-#use_syslog_rfc_format = false
-
-# Syslog facility to receive log lines. (string value)
+# Syslog facility to receive log lines. This option is ignored if
+# log_config_append is set. (string value)
#syslog_log_facility = LOG_USER
-# Log output to standard error. (boolean value)
+# Log output to standard error. This option is ignored if
+# log_config_append is set. (boolean value)
#use_stderr = true
# Format string to use for log messages with context. (string value)
#logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s
-# Format string to use for log messages without context. (string
-# value)
+# Format string to use for log messages when context is undefined.
+# (string value)
#logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s
-# Data to append to log format when level is DEBUG. (string value)
+# Additional data to append to log message when logging level for the
+# message is DEBUG. (string value)
#logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d
# Prefix each line of exception output with this format. (string
# value)
-#logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s
+#logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s
-# List of logger=LEVEL pairs. (list value)
-#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN
+# Defines the format string for %(user_identity)s that is used in
+# logging_context_format_string. (string value)
+#logging_user_identity_format = %(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s
+
+# List of package logging levels in logger=LEVEL pairs. This option is
+# ignored if log_config_append is set. (list value)
+#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN,keystoneauth=WARN,oslo.cache=INFO,dogpile.core.dogpile=INFO
# Enables or disables publication of error events. (boolean value)
#publish_errors = false
-# Enables or disables fatal status of deprecations. (boolean value)
-#fatal_deprecations = false
-
# The format for an instance that is passed with the log message.
# (string value)
#instance_format = "[instance: %(uuid)s] "
@@ -252,305 +345,123 @@
# (string value)
#instance_uuid_format = "[instance: %(uuid)s] "
+# Enables or disables fatal status of deprecations. (boolean value)
+#fatal_deprecations = false
-[glance_store]
+
+[database]
#
-# From glance.store
-#
-
-# List of stores enabled (list value)
-#stores = file,http
-
-# Default scheme to use to store image data. The scheme must be
-# registered by one of the stores defined by the 'stores' config
-# option. (string value)
-#default_store = file
-
-# Minimum interval seconds to execute updating dynamic storage
-# capabilities based on backend status then. It's not a periodic
-# routine, the update logic will be executed only when interval
-# seconds elapsed and an operation of store has triggered. The feature
-# will be enabled only when the option value greater then zero.
-# (integer value)
-#store_capabilities_update_min_interval = 0
-
-#
-# From glance.store
+# From oslo.db
#
-# Images will be chunked into objects of this size (in megabytes). For
-# best performance, this should be a power of two. (integer value)
-#sheepdog_store_chunk_size = 64
-
-# Port of sheep daemon. (integer value)
-#sheepdog_store_port = 7000
-
-# IP address of sheep daemon. (string value)
-#sheepdog_store_address = localhost
-
-# RADOS images will be chunked into objects of this size (in
-# megabytes). For best performance, this should be a power of two.
-# (integer value)
-#rbd_store_chunk_size = 8
+# The file name to use with SQLite. (string value)
+# Deprecated group/name - [DEFAULT]/sqlite_db
+#sqlite_db = oslo.sqlite
-# RADOS pool in which images are stored. (string value)
-#rbd_store_pool = images
-
-# RADOS user to authenticate as (only applicable if using Cephx. If
-# <None>, a default will be chosen based on the client. section in
-# rbd_store_ceph_conf) (string value)
-#rbd_store_user = <None>
-
-# Ceph configuration file path. If <None>, librados will locate the
-# default config. If using cephx authentication, this file should
-# include a reference to the right keyring in a client.<USER> section
-# (string value)
-#rbd_store_ceph_conf = /etc/ceph/ceph.conf
-
-# Directory to which the Filesystem backend store writes images.
-# (string value)
-filesystem_store_datadir = /var/lib/glance/images/
+# If True, SQLite uses synchronous mode. (boolean value)
+# Deprecated group/name - [DEFAULT]/sqlite_synchronous
+#sqlite_synchronous = true
-# List of directories and its priorities to which the Filesystem
-# backend store writes images. (multi valued)
-#filesystem_store_datadirs =
-
-# The path to a file which contains the metadata to be returned with
-# any location associated with this store. The file must contain a
-# valid JSON object. The object should contain the keys 'id' and
-# 'mountpoint'. The value for both keys should be 'string'. (string
-# value)
-#filesystem_store_metadata_file = <None>
+# The back end to use for the database. (string value)
+# Deprecated group/name - [DEFAULT]/db_backend
+#backend = sqlalchemy
-# The required permission for created image file. In this way the user
-# other service used, e.g. Nova, who consumes the image could be the
-# exclusive member of the group that owns the files created. Assigning
-# it less then or equal to zero means don't change the default
-# permission of the file. This value will be decoded as an octal
-# digit. (integer value)
-#filesystem_store_file_perm = 0
+# The SQLAlchemy connection string to use to connect to the database.
+# (string value)
+# Deprecated group/name - [DEFAULT]/sql_connection
+# Deprecated group/name - [DATABASE]/sql_connection
+# Deprecated group/name - [sql]/connection
+connection = mysql://%SERVICE_USER%:%SERVICE_PASSWORD%@localhost/glance
-# Hostname or IP address of the instance to connect to, or a mongodb
-# URI, or a list of hostnames / mongodb URIs. If host is an IPv6
-# literal it must be enclosed in '[' and ']' characters following the
-# RFC2732 URL syntax (e.g. '[::1]' for localhost) (string value)
-#mongodb_store_uri = <None>
-
-# Database to use (string value)
-#mongodb_store_db = <None>
-
-# The host where the S3 server is listening. (string value)
-#s3_store_host = <None>
-
-# The S3 query token access key. (string value)
-#s3_store_access_key = <None>
+# The SQLAlchemy connection string to use to connect to the slave
+# database. (string value)
+#slave_connection = <None>
-# The S3 query token secret key. (string value)
-#s3_store_secret_key = <None>
-
-# The S3 bucket to be used to store the Glance data. (string value)
-#s3_store_bucket = <None>
-
-# The local directory where uploads will be staged before they are
-# transferred into S3. (string value)
-#s3_store_object_buffer_dir = <None>
-
-# A boolean to determine if the S3 bucket should be created on upload
-# if it does not exist or if an error should be returned to the user.
-# (boolean value)
-#s3_store_create_bucket_on_put = false
+# The SQL mode to be used for MySQL sessions. This option, including
+# the default, overrides any server-set SQL mode. To use whatever SQL
+# mode is set by the server configuration, set this to no value.
+# Example: mysql_sql_mode= (string value)
+#mysql_sql_mode = TRADITIONAL
-# The S3 calling format used to determine the bucket. Either subdomain
-# or path can be used. (string value)
-#s3_store_bucket_url_format = subdomain
-
-# What size, in MB, should S3 start chunking image files and do a
-# multipart upload in S3. (integer value)
-#s3_store_large_object_size = 100
-
-# What multipart upload part size, in MB, should S3 use when uploading
-# parts. The size must be greater than or equal to 5M. (integer value)
-#s3_store_large_object_chunk_size = 10
-
-# The number of thread pools to perform a multipart upload in S3.
-# (integer value)
-#s3_store_thread_pools = 10
+# Timeout before idle SQL connections are reaped. (integer value)
+# Deprecated group/name - [DEFAULT]/sql_idle_timeout
+# Deprecated group/name - [DATABASE]/sql_idle_timeout
+# Deprecated group/name - [sql]/idle_timeout
+#idle_timeout = 3600
-# ESX/ESXi or vCenter Server target system. The server value can be an
-# IP address or a DNS name. (string value)
-#vmware_server_host = <None>
-
-# Username for authenticating with VMware ESX/VC server. (string
+# Minimum number of SQL connections to keep open in a pool. (integer
# value)
-#vmware_server_username = <None>
-
-# Password for authenticating with VMware ESX/VC server. (string
-# value)
-#vmware_server_password = <None>
+# Deprecated group/name - [DEFAULT]/sql_min_pool_size
+# Deprecated group/name - [DATABASE]/sql_min_pool_size
+#min_pool_size = 1
-# DEPRECATED. Inventory path to a datacenter. If the
-# vmware_server_host specified is an ESX/ESXi, the
-# vmware_datacenter_path is optional. If specified, it should be "ha-
-# datacenter". This option is deprecated in favor of vmware_datastores
-# and will be removed in the Liberty release. (string value)
-#vmware_datacenter_path = ha-datacenter
-
-# DEPRECATED. Datastore associated with the datacenter. This option is
-# deprecated in favor of vmware_datastores and will be removed in the
-# Liberty release. (string value)
-#vmware_datastore_name = <None>
+# Maximum number of SQL connections to keep open in a pool. (integer
+# value)
+# Deprecated group/name - [DEFAULT]/sql_max_pool_size
+# Deprecated group/name - [DATABASE]/sql_max_pool_size
+#max_pool_size = <None>
-# Number of times VMware ESX/VC server API must be retried upon
-# connection related issues. (integer value)
-#vmware_api_retry_count = 10
-
-# The interval used for polling remote tasks invoked on VMware ESX/VC
-# server. (integer value)
-#vmware_task_poll_interval = 5
-
-# The name of the directory where the glance images will be stored in
-# the VMware datastore. (string value)
-#vmware_store_image_dir = /openstack_glance
+# Maximum number of database connection retries during startup. Set to
+# -1 to specify an infinite retry count. (integer value)
+# Deprecated group/name - [DEFAULT]/sql_max_retries
+# Deprecated group/name - [DATABASE]/sql_max_retries
+#max_retries = 10
-# Allow to perform insecure SSL requests to ESX/VC. (boolean value)
-#vmware_api_insecure = false
+# Interval between retries of opening a SQL connection. (integer
+# value)
+# Deprecated group/name - [DEFAULT]/sql_retry_interval
+# Deprecated group/name - [DATABASE]/reconnect_interval
+#retry_interval = 10
-# A list of datastores where the image can be stored. This option may
-# be specified multiple times for specifying multiple datastores.
-# Either one of vmware_datastore_name or vmware_datastores is
-# required. The datastore name should be specified after its
-# datacenter path, seperated by ":". An optional weight may be given
-# after the datastore name, seperated again by ":". Thus, the required
-# format becomes <datacenter_path>:<datastore_name>:<optional_weight>.
-# When adding an image, the datastore with highest weight will be
-# selected, unless there is not enough free space available in cases
-# where the image size is already known. If no weight is given, it is
-# assumed to be zero and the directory will be considered for
-# selection last. If multiple datastores have the same weight, then
-# the one with the most free space available is selected. (multi
-# valued)
-#vmware_datastores =
-
-# Info to match when looking for cinder in the service catalog. Format
-# is : separated values of the form:
-# <service_type>:<service_name>:<endpoint_type> (string value)
-#cinder_catalog_info = volume:cinder:publicURL
-
-# Override service catalog lookup with template for cinder endpoint
-# e.g. http://localhost:8776/v1/%(project_id)s (string value)
-#cinder_endpoint_template = <None>
-
-# Region name of this node (string value)
-#os_region_name = <None>
+# If set, use this value for max_overflow with SQLAlchemy. (integer
+# value)
+# Deprecated group/name - [DEFAULT]/sql_max_overflow
+# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow
+#max_overflow = 50
-# Location of ca certicates file to use for cinder client requests.
-# (string value)
-#cinder_ca_certificates_file = <None>
-
-# Number of cinderclient retries on failed http calls (integer value)
-#cinder_http_retries = 3
-
-# Allow to perform insecure SSL requests to cinder (boolean value)
-#cinder_api_insecure = false
-
-# Version of the authentication service to use. Valid versions are 2
-# for keystone and 1 for swauth and rackspace. (deprecated) (string
-# value)
-#swift_store_auth_version = 2
+# Verbosity of SQL debugging information: 0=None, 100=Everything.
+# (integer value)
+# Deprecated group/name - [DEFAULT]/sql_connection_debug
+#connection_debug = 0
-# If True, swiftclient won't check for a valid SSL certificate when
-# authenticating. (boolean value)
-#swift_store_auth_insecure = false
-
-# A string giving the CA certificate file to use in SSL connections
-# for verifying certs. (string value)
-#swift_store_cacert = <None>
+# Add Python stack traces to SQL as comment strings. (boolean value)
+# Deprecated group/name - [DEFAULT]/sql_connection_trace
+#connection_trace = false
-# The region of the swift endpoint to be used for single tenant. This
-# setting is only necessary if the tenant has multiple swift
-# endpoints. (string value)
-#swift_store_region = <None>
-
-# If set, the configured endpoint will be used. If None, the storage
-# url from the auth response will be used. (string value)
-#swift_store_endpoint = <None>
-
-# A string giving the endpoint type of the swift service to use
-# (publicURL, adminURL or internalURL). This setting is only used if
-# swift_store_auth_version is 2. (string value)
-#swift_store_endpoint_type = publicURL
+# If set, use this value for pool_timeout with SQLAlchemy. (integer
+# value)
+# Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout
+#pool_timeout = <None>
-# A string giving the service type of the swift service to use. This
-# setting is only used if swift_store_auth_version is 2. (string
-# value)
-#swift_store_service_type = object-store
-
-# Container within the account that the account should use for storing
-# images in Swift when using single container mode. In multiple
-# container mode, this will be the prefix for all containers. (string
-# value)
-#swift_store_container = glance
+# Enable the experimental use of database reconnect on connection
+# lost. (boolean value)
+#use_db_reconnect = false
-# The size, in MB, that Glance will start chunking image files and do
-# a large object manifest in Swift. (integer value)
-#swift_store_large_object_size = 5120
-
-# The amount of data written to a temporary disk buffer during the
-# process of chunking the image file. (integer value)
-#swift_store_large_object_chunk_size = 200
+# Seconds between retries of a database transaction. (integer value)
+#db_retry_interval = 1
-# A boolean value that determines if we create the container if it
-# does not exist. (boolean value)
-#swift_store_create_container_on_put = false
-
-# If set to True, enables multi-tenant storage mode which causes
-# Glance images to be stored in tenant specific Swift accounts.
-# (boolean value)
-#swift_store_multi_tenant = false
+# If True, increases the interval between retries of a database
+# operation up to db_max_retry_interval. (boolean value)
+#db_inc_retry_interval = true
-# When set to 0, a single-tenant store will only use one container to
-# store all images. When set to an integer value between 1 and 32, a
-# single-tenant store will use multiple containers to store images,
-# and this value will determine how many containers are created.Used
-# only when swift_store_multi_tenant is disabled. The total number of
-# containers that will be used is equal to 16^N, so if this config
-# option is set to 2, then 16^2=256 containers will be used to store
-# images. (integer value)
-#swift_store_multiple_containers_seed = 0
+# If db_inc_retry_interval is set, the maximum seconds between retries
+# of a database operation. (integer value)
+#db_max_retry_interval = 10
-# A list of tenants that will be granted read/write access on all
-# Swift containers created by Glance in multi-tenant mode. (list
-# value)
-#swift_store_admin_tenants =
-
-# If set to False, disables SSL layer compression of https swift
-# requests. Setting to False may improve performance for images which
-# are already in a compressed format, eg qcow2. (boolean value)
-#swift_store_ssl_compression = true
+# Maximum retries in case of connection error or deadlock error before
+# error is raised. Set to -1 to specify an infinite retry count.
+# (integer value)
+#db_max_retries = 20
-# The number of times a Swift download will be retried before the
-# request fails. (integer value)
-#swift_store_retry_get_count = 0
-
-# The reference to the default swift account/backing store parameters
-# to use for adding new images. (string value)
-#default_swift_reference = ref1
+#
+# From oslo.db.concurrency
+#
-# The address where the Swift authentication service is
-# listening.(deprecated) (string value)
-#swift_store_auth_address = <None>
-
-# The user to authenticate against the Swift authentication service
-# (deprecated) (string value)
-#swift_store_user = <None>
-
-# Auth key for the user authenticating against the Swift
-# authentication service. (deprecated) (string value)
-#swift_store_key = <None>
-
-# The config file that has the swift account(s)configs. (string value)
-#swift_store_config_file = <None>
+# Enable the experimental use of thread pooling for all DB API calls
+# (boolean value)
+# Deprecated group/name - [DEFAULT]/dbapi_use_tpool
+#use_tpool = false
[oslo_concurrency]
@@ -568,7 +479,7 @@
# that need locking. Defaults to environment variable OSLO_LOCK_PATH.
# If external locks are used, a lock path must be set. (string value)
# Deprecated group/name - [DEFAULT]/lock_path
-#lock_path = <None>
+lock_path = /var/lib/glance/lock
[oslo_policy]
--- a/components/openstack/glance/files/glance-upgrade Wed Sep 07 14:48:41 2016 -0700
+++ b/components/openstack/glance/files/glance-upgrade Wed Sep 07 14:48:42 2016 -0700
@@ -28,37 +28,28 @@
GLANCE_API_MAPPINGS = {
- # Deprecated group/name
- ('DEFAULT', 'container_formats'): ('image_format', 'container_formats'),
- ('DEFAULT', 'disk_formats'): ('image_format', 'disk_formats'),
- ('DEFAULT', 'matchmaker_ringfile'): ('matchmaker_ring', 'ringfile'),
- ('DEFAULT', 'rabbit_durable_queues'): ('oslo_messaging_qpid',
- 'amqp_durable_queues'),
- ('DEFAULT', 'qpid_hostname'): ('oslo_messaging_qpid', 'qpid_hostname'),
- ('DEFAULT', 'qpid_port'): ('oslo_messaging_qpid', 'qpid_port'),
- ('DEFAULT', 'qpid_username'): ('oslo_messaging_qpid', 'qpid_username'),
- ('DEFAULT', 'qpid_password'): ('oslo_messaging_qpid', 'qpid_password'),
- ('DEFAULT', 'qpid_sasl_mechanisms'): ('oslo_messaging_qpid',
- 'qpid_sasl_mechanisms'),
- ('DEFAULT', 'qpid_heartbeat'): ('oslo_messaging_qpid', 'qpid_heartbeat'),
- ('DEFAULT', 'qpid_protocol'): ('oslo_messaging_qpid', 'qpid_protocol'),
- ('DEFAULT', 'qpid_tcp_nodelay'): ('oslo_messaging_qpid',
- 'qpid_tcp_nodelay'),
- ('DEFAULT', 'rabbit_host'): ('oslo_messaging_rabbit', 'rabbit_host'),
- ('DEFAULT', 'rabbit_port'): ('oslo_messaging_rabbit', 'rabbit_port'),
- ('DEFAULT', 'rabbit_use_ssl'): ('oslo_messaging_rabbit', 'rabbit_use_ssl'),
- ('DEFAULT', 'rabbit_userid'): ('oslo_messaging_rabbit', 'rabbit_userid'),
- ('DEFAULT', 'rabbit_password'): ('oslo_messaging_rabbit',
- 'rabbit_password'),
- ('DEFAULT', 'rabbit_virtual_host'): ('oslo_messaging_rabbit',
- 'rabbit_virtual_host'),
- ('task', 'eventlet_executor_pool_size'):
- ('taskflow_executor', 'max_workers'),
- ('DEFAULT', 'log-format'): (None, None),
+ # Deprecated from Kilo to Mitaka
('DEFAULT', 'log_format'): (None, None),
('DEFAULT', 'use-syslog'): (None, None),
- ('glance_store', 'vmware_datacenter_path'): (None, None),
- ('glance_store', 'vmware_datastore_name'): (None, None),
+ ('DEFAULT', 'rpc_thread_pool_size'):
+ ('DEFAULT', 'executor_thread_pool_size'),
+ ('DEFAULT', 'notification_driver'):
+ ('oslo_messaging_notifications', 'driver'),
+ ('DEFAULT', 'notification_topics'):
+ ('oslo_messaging_notifications', 'topics'),
+ ('glance_store', 'os_region_name'):
+ ('glance_store', 'cinder_os_region_name'),
+ ('keystone_authtoken', 'auth_plugin'):
+ ('keystone_authtoken', 'auth_type'),
+ ('DEFAULT', 'scrubber_datadir'): (None, None),
+ ('DEFAULT', 'cleanup_scrubber'): (None, None),
+ ('DEFAULT', 'cleanup_scrubber_time'): (None, None),
+ ('DEFAULT', 'use_syslog_rfc_format'): (None, None),
+ ('DEFAULT', 'rpc_zmq_port'): (None, None),
+ ('DEFAULT', 'matchmaker_heartbeat_freq'): (None, None),
+ ('DEFAULT', 'matchmaker_heartbeat_ttl'): (None, None),
+ ('glance_store', 'mongodb_store_uri'): (None, None),
+ ('glance_store', 'mongodb_store_db'): (None, None),
}
GLANCE_API_EXCEPTIONS = [
@@ -125,6 +116,13 @@
('oslo_messaging_qpid', 'qpid_tcp_nodelay'),
]
+GLANCE_CACHE_MAPPINGS = {
+ # Deprecated group/name
+ ('DEFAULT', 'log_format'): (None, None),
+ ('DEFAULT', 'use-syslog'): (None, None),
+ ('DEFAULT', 'use_syslog_rfc_format'): (None, None),
+}
+
GLANCE_CACHE_EXCEPTIONS = [
('DEFAULT', 'log_file'),
('DEFAULT', 'image_cache_dir'),
@@ -140,27 +138,24 @@
]
GLANCE_REGISTRY_MAPPINGS = {
- # Deprecate group/name
- ('DEFAULT', 'rabbit_durable_queues'): ('oslo_messaging_qpid',
- 'rabbit_durable_queues'),
- ('DEFAULT', 'qpid_hostname'): ('oslo_messaging_qpid', 'qpid_hostname'),
- ('DEFAULT', 'qpid_port'): ('oslo_messaging_qpid', 'qpid_port'),
- ('DEFAULT', 'qpid_username'): ('oslo_messaging_qpid', 'qpid_username'),
- ('DEFAULT', 'qpid_password'): ('oslo_messaging_qpid', 'qpid_password'),
- ('DEFAULT', 'qpid_sasl_mechanisms'): ('oslo_messaging_qpid',
- 'qpid_sasl_mechanisms'),
- ('DEFAULT', 'qpid_heartbeat'): ('oslo_messaging_qpid', 'qpid_heartbeat'),
- ('DEFAULT', 'qpid_protocol'): ('oslo_messaging_qpid', 'qpid_protocol'),
- ('DEFAULT', 'qpid_tcp_nodelay'): ('oslo_messaging_qpid',
- 'qpid_tcp_nodelay'),
- ('DEFAULT', 'rabbit_host'): ('oslo_messaging_rabbit', 'rabbit_host'),
- ('DEFAULT', 'rabbit_port'): ('oslo_messaging_rabbit', 'rabbit_port'),
- ('DEFAULT', 'rabbit_use_ssl'): ('oslo_messaging_rabbit', 'rabbit_use_ssl'),
- ('DEFAULT', 'rabbit_userid'): ('oslo_messaging_rabbit', 'rabbit_userid'),
- ('DEFAULT', 'rabbit_password'): ('oslo_messaging_rabbit',
- 'rabbit_password'),
- ('DEFAULT', 'rabbit_virtual_host'): ('oslo_messaging_rabbit',
- 'rabbit_virtual_host'),
+ # Deprecated group/name
+ ('DEFAULT', 'log_format'): (None, None),
+ ('DEFAULT', 'use-syslog'): (None, None),
+ ('DEFAULT', 'rpc_zmq_port'): (None, None),
+ ('DEFAULT', 'matchmaker_heartbeat_freq'): (None, None),
+ ('DEFAULT', 'matchmaker_heartbeat_ttl'): (None, None),
+ ('DEFAULT', 'rpc_thread_pool_size'):
+ ('DEFAULT', 'executor_thread_pool_size'),
+ ('DEFAULT', 'notification_driver'):
+ ('oslo_messaging_notifications', 'driver'),
+ ('DEFAULT', 'notification_topics'):
+ ('oslo_messaging_notifications', 'topics'),
+ ('glance_store', 'mongodb_store_uri'): (None, None),
+ ('glance_store', 'mongodb_store_db'): (None, None),
+ ('glance_store', 'os_region_name'):
+ ('glance_store', 'cinder_os_region_name'),
+ ('keystone_authtoken', 'auth_plugin'):
+ ('keystone_authtoken', 'auth_type'),
}
GLANCE_REGISTRY_EXCEPTIONS = [
@@ -204,8 +199,11 @@
('paste_deploy', 'flavor'),
]
-# TODO: Add mappings?
-# GLANCE_SCRUBBER_MAPPINGS
+GLANCE_SCRUBBER_MAPPINGS = {
+ # Deprecated group/name
+ ('DEFAULT', 'log_format'): (None, None),
+ ('DEFAULT', 'use_syslog_rfc_format'): (None, None),
+}
GLANCE_SCRUBBER_EXCEPTIONS = [
('DEFAULT', 'log_file'),
@@ -252,14 +250,14 @@
modify_conf('/etc/glance/glance-api.conf', GLANCE_API_MAPPINGS,
GLANCE_API_EXCEPTIONS)
modify_conf('/etc/glance/glance-api-paste.ini')
- modify_conf('/etc/glance/glance-cache.conf',
- exception_list=GLANCE_CACHE_EXCEPTIONS)
+ modify_conf('/etc/glance/glance-cache.conf', GLANCE_CACHE_MAPPINGS,
+ GLANCE_CACHE_EXCEPTIONS)
modify_conf('/etc/glance/glance-registry.conf',
GLANCE_REGISTRY_MAPPINGS,
exception_list=GLANCE_REGISTRY_EXCEPTIONS)
modify_conf('/etc/glance/glance-registry-paste.ini')
modify_conf('/etc/glance/glance-scrubber.conf',
- exception_list=GLANCE_SCRUBBER_EXCEPTIONS)
+ GLANCE_SCRUBBER_MAPPINGS, GLANCE_SCRUBBER_EXCEPTIONS)
config = iniparse.RawConfigParser()
config.read('/etc/glance/glance-api.conf')
--- a/components/openstack/glance/glance.p5m Wed Sep 07 14:48:41 2016 -0700
+++ b/components/openstack/glance/glance.p5m Wed Sep 07 14:48:42 2016 -0700
@@ -28,7 +28,7 @@
set name=pkg.summary value="OpenStack Glance (Image Service)"
set name=pkg.description \
value="OpenStack Glance provides services for discovering, registering, and retrieving virtual machine images. Glance has a RESTful API that allows querying of VM image metadata as well as retrieval of the actual image. VM images made available through Glance can be stored in a variety of locations from simple file systems to object-storage systems like OpenStack Swift."
-set name=pkg.human-version value="Kilo $(COMPONENT_VERSION)"
+set name=pkg.human-version value="Mitaka $(COMPONENT_VERSION)"
set name=com.oracle.info.description value="Glance, the OpenStack image service"
set name=com.oracle.info.tpno value=$(TPNO)
set name=info.classification \
@@ -41,7 +41,8 @@
set name=info.upstream-url value=$(COMPONENT_PROJECT_URL)
set name=openstack.upgrade-id reboot-needed=true value=$(COMPONENT_BE_VERSION)
set name=org.opensolaris.arc-caseid value=PSARC/2013/350 value=PSARC/2014/055 \
- value=PSARC/2014/207 value=PSARC/2015/110 value=PSARC/2015/535
+ value=PSARC/2014/207 value=PSARC/2015/110 value=PSARC/2015/535 \
+ value=PSARC/2016/455
set name=org.opensolaris.consolidation value=$(CONSOLIDATION)
#
dir path=etc/glance owner=glance group=glance mode=0700
@@ -62,6 +63,18 @@
file etc/glance-swift.conf.sample path=etc/glance/glance-swift.conf \
owner=glance group=glance mode=0644 overlay=allow preserve=renamenew
file etc/metadefs/README path=etc/glance/metadefs/README
+file etc/metadefs/cim-processor-allocation-setting-data.json \
+ path=etc/glance/metadefs/cim-processor-allocation-setting-data.json \
+ owner=glance group=glance mode=0644 overlay=allow preserve=renamenew
+file etc/metadefs/cim-resource-allocation-setting-data.json \
+ path=etc/glance/metadefs/cim-resource-allocation-setting-data.json \
+ owner=glance group=glance mode=0644 overlay=allow preserve=renamenew
+file etc/metadefs/cim-storage-allocation-setting-data.json \
+ path=etc/glance/metadefs/cim-storage-allocation-setting-data.json \
+ owner=glance group=glance mode=0644 overlay=allow preserve=renamenew
+file etc/metadefs/cim-virtual-system-setting-data.json \
+ path=etc/glance/metadefs/cim-virtual-system-setting-data.json \
+ owner=glance group=glance mode=0644 overlay=allow preserve=renamenew
file etc/metadefs/compute-aggr-disk-filter.json \
path=etc/glance/metadefs/compute-aggr-disk-filter.json owner=glance \
group=glance mode=0644 overlay=allow preserve=renamenew
@@ -71,6 +84,12 @@
file etc/metadefs/compute-aggr-num-instances.json \
path=etc/glance/metadefs/compute-aggr-num-instances.json owner=glance \
group=glance mode=0644 overlay=allow preserve=renamenew
+file etc/metadefs/compute-cpu-pinning.json \
+ path=etc/glance/metadefs/compute-cpu-pinning.json owner=glance \
+ group=glance mode=0644 overlay=allow preserve=renamenew
+file etc/metadefs/compute-guest-memory-backing.json \
+ path=etc/glance/metadefs/compute-guest-memory-backing.json owner=glance \
+ group=glance mode=0644 overlay=allow preserve=renamenew
file etc/metadefs/compute-guest-shutdown.json \
path=etc/glance/metadefs/compute-guest-shutdown.json owner=glance \
group=glance mode=0644 overlay=allow preserve=renamenew
@@ -131,6 +150,11 @@
file etc/metadefs/software-webservers.json \
path=etc/glance/metadefs/software-webservers.json owner=glance \
group=glance mode=0644 overlay=allow preserve=renamenew
+file etc/metadefs/storage-volume-type.json \
+ path=etc/glance/metadefs/storage-volume-type.json owner=glance \
+ group=glance mode=0644 overlay=allow preserve=renamenew
+file etc/ovf-metadata.json.sample path=etc/glance/ovf-metadata.json \
+ owner=glance group=glance mode=0644 overlay=allow preserve=renamenew
file etc/policy.json path=etc/glance/policy.json owner=glance group=glance \
mode=0644 overlay=allow preserve=renamenew
file etc/property-protections-policies.conf.sample \
@@ -140,7 +164,7 @@
path=etc/glance/property-protections-roles.conf owner=glance group=glance \
mode=0644 overlay=allow preserve=renamenew
file etc/schema-image.json path=etc/glance/schema-image.json owner=glance \
- group=glance
+ group=glance mode=0644 overlay=allow preserve=renamenew
file files/glance.auth_attr \
path=etc/security/auth_attr.d/cloud:openstack:glance group=sys
file files/glance.exec_attr \
@@ -167,6 +191,7 @@
mode=0555
file usr/bin/glance-cache-pruner path=usr/lib/glance/glance-cache-pruner \
mode=0555
+file usr/bin/glance-glare path=usr/lib/glance/glance-glare mode=0555
file usr/bin/glance-registry path=usr/lib/glance/glance-registry mode=0555
file usr/bin/glance-scrubber path=usr/lib/glance/glance-scrubber mode=0555
file path=usr/lib/python$(PYVER)/vendor-packages/glance-$(COMPONENT_VERSION)-py$(PYVER).egg-info/PKG-INFO
@@ -182,6 +207,11 @@
file path=usr/lib/python$(PYVER)/vendor-packages/glance/api/authorization.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/api/cached_images.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/api/common.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/api/glare/__init__.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/api/glare/v0_1/__init__.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/api/glare/v0_1/glare.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/api/glare/v0_1/router.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/api/glare/versions.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/api/middleware/__init__.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/api/middleware/cache.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/api/middleware/cache_manage.py
@@ -218,57 +248,60 @@
file path=usr/lib/python$(PYVER)/vendor-packages/glance/api/v2/router.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/api/v2/schemas.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/api/v2/tasks.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/api/v3/__init__.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/api/v3/router.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/api/versions.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/artifacts/__init__.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/async/__init__.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/async/flows/__init__.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/async/flows/base_import.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/async/flows/convert.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/async/flows/introspect.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/async/flows/ovf_process.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/async/taskflow_executor.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/async/utils.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/cmd/__init__.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/cmd/agent_notification.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/cmd/api.py \
+ pkg.depend.bypass-generate=.*/notifier.* \
pkg.depend.bypass-generate=.*/oslo_log.* \
- pkg.depend.bypass-generate=.*/oslo_messaging.*
+ pkg.depend.bypass-generate=.*/osprofiler.*
file path=usr/lib/python$(PYVER)/vendor-packages/glance/cmd/cache_cleaner.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/cmd/cache_manage.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/cmd/cache_manage.py \
+ pkg.depend.bypass-generate=.*/prettytable.* \
+ pkg.depend.bypass-generate=.*/six.*
file \
path=usr/lib/python$(PYVER)/vendor-packages/glance/cmd/cache_prefetcher.py \
pkg.depend.bypass-generate=.*/oslo_log.*
file path=usr/lib/python$(PYVER)/vendor-packages/glance/cmd/cache_pruner.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/cmd/control.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/cmd/index.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/cmd/glare.py \
+ pkg.depend.bypass-generate=.*/notifier.* \
+ pkg.depend.bypass-generate=.*/oslo_log.* \
+ pkg.depend.bypass-generate=.*/osprofiler.*
file path=usr/lib/python$(PYVER)/vendor-packages/glance/cmd/manage.py \
pkg.depend.bypass-generate=.*/oslo_db.* \
- pkg.depend.bypass-generate=.*/oslo_log.*
+ pkg.depend.bypass-generate=.*/oslo_log.* \
+ pkg.depend.bypass-generate=.*/sqlalchemy.*
file path=usr/lib/python$(PYVER)/vendor-packages/glance/cmd/registry.py \
pkg.depend.bypass-generate=.*/oslo_log.* \
- pkg.depend.bypass-generate=.*/oslo_messaging.*
+ pkg.depend.bypass-generate=.*/osprofiler.* \
+ pkg.depend.bypass-generate=.*/registry.*
file path=usr/lib/python$(PYVER)/vendor-packages/glance/cmd/replicator.py \
pkg.depend.bypass-generate=.*/oslo_log.* \
- pkg.depend.bypass-generate=.*/six.*
+ pkg.depend.bypass-generate=.*/oslo_serialization.* \
+ pkg.depend.bypass-generate=.*/six.* pkg.depend.bypass-generate=.*/webob.*
file path=usr/lib/python$(PYVER)/vendor-packages/glance/cmd/scrubber.py \
pkg.depend.bypass-generate=.*/oslo_log.*
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/cmd/search.py \
- pkg.depend.bypass-generate=.*/oslo_log.* \
- pkg.depend.bypass-generate=.*/oslo_messaging.*
file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/__init__.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/artifacts/__init__.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/artifacts/declarative.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/artifacts/definitions.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/artifacts/loader.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/artifacts/serialization.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/auth.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/client.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/config.py \
- pkg.depend.bypass-generate=.*/oslo_concurrency.* \
- pkg.depend.bypass-generate=.*/oslo_policy.* \
- pkg.depend.bypass-generate=.*/paste.*
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/crypt.py \
- pkg.depend.bypass-generate=.*/six.*
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/config.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/crypt.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/exception.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/glare/__init__.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/glare/declarative.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/glare/definitions.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/glare/loader.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/glare/serialization.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/jsonpatchvalidator.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/location_strategy/__init__.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/location_strategy/location_order.py
@@ -280,8 +313,11 @@
file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/scripts/image_import/main.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/scripts/utils.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/semver_db.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/signature_utils.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/store_utils.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/swift_store_utils.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/timeutils.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/trust_auth.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/utils.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/wsgi.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/common/wsme_utils.py
@@ -316,7 +352,7 @@
file path=usr/lib/python$(PYVER)/vendor-packages/glance/db/simple/api.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/db/sqlalchemy/__init__.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/db/sqlalchemy/api.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/db/sqlalchemy/artifacts.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/db/sqlalchemy/glare.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/db/sqlalchemy/metadata.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/db/sqlalchemy/metadef_api/__init__.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/db/sqlalchemy/metadef_api/namespace.py
@@ -384,13 +420,23 @@
file path=usr/lib/python$(PYVER)/vendor-packages/glance/db/sqlalchemy/migrate_repo/versions/039_add_changes_to_satisfy_models_metadef.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/db/sqlalchemy/migrate_repo/versions/040_add_changes_to_satisfy_metadefs_tags.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/db/sqlalchemy/migrate_repo/versions/041_add_artifact_tables.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/db/sqlalchemy/migrate_repo/versions/042_add_changes_to_reinstall_unique_metadef_constraints.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/db/sqlalchemy/migrate_repo/versions/043_add_image_created_updated_idx.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/db/sqlalchemy/migrate_repo/versions/044_update_metadef_os_nova_server.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/db/sqlalchemy/migrate_repo/versions/__init__.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/db/sqlalchemy/models.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/db/sqlalchemy/models_artifacts.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/db/sqlalchemy/models_glare.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/db/sqlalchemy/models_metadef.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/domain/__init__.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/domain/proxy.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/gateway.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/glare/__init__.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/glare/dependency.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/glare/domain/__init__.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/glare/domain/proxy.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/glare/gateway.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/glare/location.py
+file path=usr/lib/python$(PYVER)/vendor-packages/glance/glare/updater.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/hacking/__init__.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/hacking/checks.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/i18n.py
@@ -404,20 +450,8 @@
file path=usr/lib/python$(PYVER)/vendor-packages/glance/image_cache/drivers/xattr.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/image_cache/prefetcher.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/image_cache/pruner.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/listener.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/location.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/notifier.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/openstack/__init__.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/openstack/common/README
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/openstack/common/__init__.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/openstack/common/_i18n.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/openstack/common/eventlet_backdoor.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/openstack/common/fileutils.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/openstack/common/local.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/openstack/common/loopingcall.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/openstack/common/service.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/openstack/common/systemd.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/openstack/common/threadgroup.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/opts.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/quota/__init__.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/registry/__init__.py
@@ -436,19 +470,6 @@
file path=usr/lib/python$(PYVER)/vendor-packages/glance/registry/client/v2/client.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/schema.py
file path=usr/lib/python$(PYVER)/vendor-packages/glance/scrubber.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/search/__init__.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/search/api/__init__.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/search/api/v0_1/__init__.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/search/api/v0_1/router.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/search/api/v0_1/search.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/search/plugins/__init__.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/search/plugins/base.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/search/plugins/images.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/search/plugins/images_notification_handler.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/search/plugins/metadefs.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/search/plugins/metadefs_notification_handler.py
-file path=usr/lib/python$(PYVER)/vendor-packages/glance/service.py \
- pkg.depend.bypass-generate=.*/oslo_log.*
file path=usr/lib/python$(PYVER)/vendor-packages/glance/version.py
dir path=var/lib/glance owner=glance group=glance mode=0700
dir path=var/log/glance owner=glance group=glance mode=0700
@@ -463,32 +484,61 @@
# to flush this out.
depend type=group fmri=library/python/dnspython-$(PYV)
+# force a group dependency on the optional glanceclient; pkgdepend work is
+# needed to flush this out.
+depend type=group fmri=library/python/glanceclient-$(PYV)
+
# force a group dependency on the optional pysendfile; pkgdepend work is needed
# to flush this out.
depend type=group fmri=library/python/pysendfile-$(PYV)
-# To upgrade to Kilo version, Juno version of the package must be on the system
-depend type=origin fmri=cloud/openstack/[email protected] root-image=true
+# To upgrade to the Mitaka version, the Kilo version of the package must be on
+# the system
+depend type=origin fmri=cloud/openstack/[email protected] root-image=true
+
+# force a dependency on castellan; pkgdepend work is needed to flush this out.
+depend type=require fmri=library/python/castellan-$(PYV)
+
+# force a dependency on cryptography; pkgdepend work is needed to flush this
+# out.
+depend type=require fmri=library/python/cryptography-$(PYV)
+
+# force a dependency on debtcollector; pkgdepend work is needed to flush this
+# out.
+depend type=require fmri=library/python/debtcollector-$(PYV)
# force a dependency on enum; pkgdepend work is needed to flush this out.
depend type=require fmri=library/python/enum-$(PYV)
-# force a dependency on glanceclient; pkgdepend work is needed to flush this
-# out.
-depend type=require fmri=library/python/glanceclient-$(PYV)
-
-# force a dependency on greenlet; pkgdepend work is needed to flush this out.
-depend type=require fmri=library/python/greenlet-$(PYV)
+# force a dependency on futurist; pkgdepend work is needed to flush this out.
+depend type=require fmri=library/python/futurist-$(PYV)
# force a dependency on httplib2; pkgdepend work is needed to flush this out.
depend type=require fmri=library/python/httplib2-$(PYV)
+# force a dependency on iso8601; pkgdepend work is needed to flush this out.
+depend type=require fmri=library/python/iso8601-$(PYV)
+
# force a dependency on jsonschema; pkgdepend work is needed to flush this out.
depend type=require fmri=library/python/jsonschema-$(PYV)
+# force a dependency on keystoneauth1; pkgdepend work is needed to flush this
+# out.
+depend type=require fmri=library/python/keystoneauth1-$(PYV)
+
+# force a dependency on keystoneclient; pkgdepend work is needed to flush this
+# out.
+depend type=require fmri=library/python/keystoneclient-$(PYV)
+
# force a dependency on keystonemiddleware; used via a paste.deploy filter
depend type=require fmri=library/python/keystonemiddleware-$(PYV)
+# force a dependency on m2crypto; pkgdepend work is needed to flush this out.
+depend type=require fmri=library/python/m2crypto-$(PYV)
+
+# force a dependency on monotonic; pkgdepend work is needed to flush this out.
+depend type=require fmri=library/python/monotonic-$(PYV)
+
# force a dependency on oslo.concurrency; pkgdepend work is needed to flush this
# out.
depend type=require fmri=library/python/oslo.concurrency-$(PYV)
@@ -506,9 +556,20 @@
# force a dependency on oslo.log; pkgdepend work is needed to flush this out.
depend type=require fmri=library/python/oslo.log-$(PYV)
+# force a dependency on oslo.middleware; pkgdepend work is needed to flush this
+# out.
+depend type=require fmri=library/python/oslo.middleware-$(PYV)
+
# force a dependency on oslo.policy; pkgdepend work is needed to flush this out.
depend type=require fmri=library/python/oslo.policy-$(PYV)
+# force a dependency on oslo.serialization; pkgdepend work is needed to flush
+# this out.
+depend type=require fmri=library/python/oslo.serialization-$(PYV)
+
+# force a dependency on osprofiler; pkgdepend work is needed to flush this out.
+depend type=require fmri=library/python/osprofiler-$(PYV)
+
# force a dependency on paste; pkgdepend work is needed to flush this out.
depend type=require fmri=library/python/paste-$(PYV)
@@ -519,6 +580,9 @@
# force a dependency on pbr; pkgdepend work is needed to flush this out.
depend type=require fmri=library/python/pbr-$(PYV)
+# force a dependency on prettytable; pkgdepend work is needed to flush this out.
+depend type=require fmri=library/python/prettytable-$(PYV)
+
# force a dependency on pyopenssl; pkgdepend work is needed to flush this out.
depend type=require fmri=library/python/pyopenssl-$(PYV)
@@ -541,6 +605,9 @@
# force a dependency on taskflow; pkgdepend work is needed to flush this out.
depend type=require fmri=library/python/taskflow-$(PYV)
+# force a dependency on webob; pkgdepend work is needed to flush this out.
+depend type=require fmri=library/python/webob-$(PYV)
+
# force a dependency on wsme; pkgdepend work is needed to flush this out.
depend type=require fmri=library/python/wsme-$(PYV)
--- a/components/openstack/glance/patches/01-nopycrypto.patch Wed Sep 07 14:48:41 2016 -0700
+++ b/components/openstack/glance/patches/01-nopycrypto.patch Wed Sep 07 14:48:42 2016 -0700
@@ -4,9 +4,9 @@
Convert urlsafe_encrypt() and urlsafe_decrypt() to use M2Crypto instead
of PyCrypto.
---- glance-2015.1.2/glance/common/crypt.py.~1~ 2015-10-13 09:38:23.000000000 -0700
-+++ glance-2015.1.2/glance/common/crypt.py 2016-01-24 16:48:24.788282369 -0800
-@@ -20,14 +20,30 @@ Routines for URL-safe encrypting/decrypt
+--- glance-12.0.0.0rc1/glance/common/crypt.py.~1~ 2016-03-16 06:18:49.000000000 -0700
++++ glance-12.0.0.0rc1/glance/common/crypt.py 2016-03-30 02:26:55.580507508 -0700
+@@ -18,14 +18,28 @@ Routines for URL-safe encrypting/decrypt
"""
import base64
@@ -15,13 +15,15 @@
-from Crypto.Cipher import AES
-from Crypto import Random
-from Crypto.Random import random
-+from glance.common import exception
+ from oslo_utils import encodeutils
+ import six
+-# NOTE(jokke): simplified transition to py3, behaves like py2 xrange
+-from six.moves import range
+
+from M2Crypto.EVP import Cipher
- # NOTE(jokke): simplified transition to py3, behaves like py2 xrange
- from six.moves import range
-
-
++
++from glance.common import exception
++
+def _key_to_alg(key):
+ """Return a M2Crypto-compatible AES-CBC algorithm name given a key."""
+ aes_algs = {
@@ -35,14 +37,12 @@
+ msg = ('Invalid AES key length, %d bits') % keylen
+ raise exception.Invalid(msg)
+ return aes_algs[keylen]
-+
-+
+
+
def urlsafe_encrypt(key, plaintext, blocksize=16):
- """
- Encrypts plaintext. Resulting ciphertext will contain URL-safe characters
-@@ -37,20 +53,12 @@ def urlsafe_encrypt(key, plaintext, bloc
+@@ -39,23 +53,14 @@ def urlsafe_encrypt(key, plaintext, bloc
- :returns : Resulting ciphertext
+ :returns: Resulting ciphertext
"""
- def pad(text):
- """
@@ -50,29 +50,34 @@
- """
- pad_length = (blocksize - len(text) % blocksize)
- sr = random.StrongRandom()
-- pad = ''.join(chr(sr.randint(1, 0xFF)) for i in range(pad_length - 1))
+- pad = b''.join(six.int2byte(sr.randint(1, 0xFF))
+- for i in range(pad_length - 1))
- # We use chr(0) as a delimiter between text and padding
-- return text + chr(0) + pad
+- return text + b'\0' + pad
+ plaintext = encodeutils.to_utf8(plaintext)
+ key = encodeutils.to_utf8(key)
# random initial 16 bytes for CBC
- init_vector = Random.get_random_bytes(16)
- cypher = AES.new(key, AES.MODE_CBC, init_vector)
-- padded = cypher.encrypt(pad(str(plaintext)))
+- padded = cypher.encrypt(pad(six.binary_type(plaintext)))
+ init_vector = os.urandom(16)
+ cipher = Cipher(alg=_key_to_alg(key), key=key, iv=init_vector, op=1)
+ padded = cipher.update(str(plaintext))
+ padded = padded + cipher.final()
- return base64.urlsafe_b64encode(init_vector + padded)
-
-
-@@ -64,6 +72,7 @@ def urlsafe_decrypt(key, ciphertext):
- """
- # Cast from unicode
- ciphertext = base64.urlsafe_b64decode(str(ciphertext))
+ encoded = base64.urlsafe_b64encode(init_vector + padded)
+ if six.PY3:
+ encoded = encoded.decode('ascii')
+@@ -76,9 +81,9 @@ def urlsafe_decrypt(key, ciphertext):
+ ciphertext = encodeutils.to_utf8(ciphertext)
+ key = encodeutils.to_utf8(key)
+ ciphertext = base64.urlsafe_b64decode(ciphertext)
- cypher = AES.new(key, AES.MODE_CBC, ciphertext[:16])
- padded = cypher.decrypt(ciphertext[16:])
-- return padded[:padded.rfind(chr(0))]
+- text = padded[:padded.rfind(b'\0')]
+ cipher = Cipher(alg=_key_to_alg(key), key=key, iv=ciphertext[:16], op=0)
+ padded = cipher.update(ciphertext[16:])
-+ padded = padded + cipher.final()
-+ return padded
++ text = padded + cipher.final()
+ if six.PY3:
+ text = text.decode('utf-8')
+ return text
--- a/components/openstack/glance/patches/02-zfs-uar-formats.patch Wed Sep 07 14:48:41 2016 -0700
+++ b/components/openstack/glance/patches/02-zfs-uar-formats.patch Wed Sep 07 14:48:42 2016 -0700
@@ -1,14 +1,14 @@
In-house patch to add 'uar' and 'zfs' container and disk formats to
registered image types. Patch has not yet been submitted upstream.
---- glance-2015.1.2/glance/common/config.py.~1~ 2015-10-13 09:38:23.000000000 -0700
-+++ glance-2015.1.2/glance/common/config.py 2016-01-19 12:23:11.283140667 -0800
-@@ -47,14 +47,14 @@ paste_deploy_opts = [
+--- glance-12.0.0/glance/common/config.py.~1~ 2016-04-07 00:37:11.000000000 -0700
++++ glance-12.0.0/glance/common/config.py 2016-06-27 18:46:02.569983220 -0700
+@@ -42,14 +42,14 @@ paste_deploy_opts = [
]
image_format_opts = [
cfg.ListOpt('container_formats',
-- default=['ami', 'ari', 'aki', 'bare', 'ovf', 'ova'],
-+ default=['ami', 'ari', 'aki', 'bare', 'ovf', 'ova', 'uar'],
+- default=['ami', 'ari', 'aki', 'bare', 'ovf', 'ova', 'docker'],
++ default=['ami', 'ari', 'aki', 'bare', 'ovf', 'ova', 'docker', 'uar'],
help=_("Supported values for the 'container_format' "
"image attribute"),
deprecated_opts=[cfg.DeprecatedOpt('container_formats',
--- a/components/openstack/glance/patches/03-Partial_Content.patch Wed Sep 07 14:48:41 2016 -0700
+++ b/components/openstack/glance/patches/03-Partial_Content.patch Wed Sep 07 14:48:42 2016 -0700
@@ -5,9 +5,9 @@
https://bugs.launchpad.net/glance/+bug/1399851
https://bugs.launchpad.net/glance/+bug/1417069
---- glance-2015.1.2/glance/api/v2/image_data.py.~1~ 2015-10-13 09:38:23.000000000 -0700
-+++ glance-2015.1.2/glance/api/v2/image_data.py 2016-01-19 12:23:11.296863244 -0800
-@@ -211,6 +211,8 @@ class ResponseSerializer(wsgi.JSONRespon
+--- glance-12.0.0/glance/api/v2/image_data.py.~1~ 2016-04-07 00:37:11.000000000 -0700
++++ glance-12.0.0/glance/api/v2/image_data.py 2016-06-27 18:46:02.584760065 -0700
+@@ -281,6 +281,8 @@ class ResponseSerializer(wsgi.JSONRespon
def download(self, response, image):
offset, chunk_size = 0, None
@@ -16,7 +16,7 @@
range_val = response.request.get_content_range()
if range_val:
-@@ -222,6 +224,21 @@ class ResponseSerializer(wsgi.JSONRespon
+@@ -292,6 +294,21 @@ class ResponseSerializer(wsgi.JSONRespon
if range_val.stop is not None:
chunk_size = range_val.stop - offset
@@ -38,7 +38,7 @@
response.headers['Content-Type'] = 'application/octet-stream'
try:
-@@ -246,7 +263,9 @@ class ResponseSerializer(wsgi.JSONRespon
+@@ -317,7 +334,9 @@ class ResponseSerializer(wsgi.JSONRespon
response.headers['Content-MD5'] = image.checksum
# NOTE(markwash): "response.app_iter = ..." also erroneously resets the
# content-length
@@ -49,9 +49,9 @@
def upload(self, response, result):
response.status_int = 204
---- glance-2015.1.2/glance/common/wsgi.py.~1~ 2015-10-13 09:38:23.000000000 -0700
-+++ glance-2015.1.2/glance/common/wsgi.py 2016-01-19 12:23:11.297682604 -0800
-@@ -752,7 +752,7 @@ class Request(webob.Request):
+--- glance-12.0.0/glance/common/wsgi.py.~1~ 2016-04-07 00:37:13.000000000 -0700
++++ glance-12.0.0/glance/common/wsgi.py 2016-06-27 18:46:02.583921325 -0700
+@@ -762,7 +762,7 @@ class Request(webob.Request):
return self.accept_language.best_match(langs)
def get_content_range(self):
@@ -60,7 +60,7 @@
range_str = self.headers.get('Content-Range')
if range_str is not None:
range_ = webob.byterange.ContentRange.parse(range_str)
-@@ -761,6 +761,16 @@ class Request(webob.Request):
+@@ -771,6 +771,16 @@ class Request(webob.Request):
raise webob.exc.HTTPBadRequest(explanation=msg)
return range_
--- a/components/openstack/glance/patches/04-requirements.patch Wed Sep 07 14:48:41 2016 -0700
+++ b/components/openstack/glance/patches/04-requirements.patch Wed Sep 07 14:48:42 2016 -0700
@@ -1,91 +1,33 @@
In-house patch to remove unnecessary dependencies from Glance's
requirements files. The specific reasons are as follows:
-anyjson Not applicable
-
iso8601 Not applicable
-kombu Not applicable
-
-oslo.vmware Not applicable
-
-posix-ipc Not applicable
-
pycrypto Not applicable to Solaris (M2Crypto used instead)
python-keystoneclient Not applicable
-python-swiftclient Not applicable
-
---- glance-2015.1.2/glance.egg-info/requires.txt.~1~ 2015-10-13 09:41:01.000000000 -0700
-+++ glance-2015.1.2/glance.egg-info/requires.txt 2016-01-24 20:34:20.750596736 -0800
-@@ -1,16 +1,12 @@
- pbr!=0.7,<1.0,>=0.6
- greenlet>=0.3.2
- SQLAlchemy<=0.9.99,>=0.9.7
--anyjson>=0.3.3
- eventlet!=0.17.0,>=0.16.1
- PasteDeploy>=1.5.0
- Routes!=2.0,>=1.12.3
- WebOb>=1.2.3
- sqlalchemy-migrate!=0.9.8,<0.10.0,>=0.9.5
- httplib2>=0.7.5
--kombu>=2.5.0
--pycrypto>=2.6
--iso8601>=0.1.9
- oslo.config<1.10.0,>=1.9.3 # Apache-2.0
- oslo.concurrency<1.9.0,>=1.8.2 # Apache-2.0
- oslo.context<0.3.0,>=0.2.0 # Apache-2.0
-@@ -19,12 +15,8 @@ stevedore<1.4.0,>=1.3.0 # Apache-2.0
- taskflow<0.8.0,>=0.7.1
- keystonemiddleware<1.6.0,>=1.5.0
- WSME<0.7,>=0.6
--posix-ipc
--python-swiftclient<2.5.0,>=2.2.0
--oslo.vmware<0.12.0,>=0.11.1 # Apache-2.0
- Paste
- jsonschema<3.0.0,>=2.0.0
--python-keystoneclient<1.4.0,>=1.2.0
- pyOpenSSL>=0.11
- six>=1.9.0
- oslo.db<1.8.0,>=1.7.0 # Apache-2.0
---- glance-2015.1.2/requirements.txt.~1~ 2015-10-13 09:38:23.000000000 -0700
-+++ glance-2015.1.2/requirements.txt 2016-01-24 20:43:04.064101395 -0800
-@@ -11,16 +11,12 @@ greenlet>=0.3.2
+--- glance-12.0.0.0rc1/requirements.txt.~4~ 2016-03-16 06:18:49.000000000 -0700
++++ glance-12.0.0.0rc1/requirements.txt 2016-03-30 02:29:36.594153408 -0700
+@@ -13,7 +13,6 @@ Routes!=2.0,>=1.12.3;python_version!='2.
+ WebOb>=1.2.3 # MIT
+ sqlalchemy-migrate>=0.9.6 # Apache-2.0
+ httplib2>=0.7.5 # MIT
+-pycrypto>=2.6 # Public Domain
+ oslo.config>=3.7.0 # Apache-2.0
+ oslo.concurrency>=3.5.0 # Apache-2.0
+ oslo.context>=0.2.0 # Apache-2.0
+@@ -31,7 +30,6 @@ PrettyTable<0.8,>=0.7 # BSD
+ Paste # MIT
- # < 0.8.0/0.8 does not work, see https://bugs.launchpad.net/bugs/1153983
- SQLAlchemy<=0.9.99,>=0.9.7
--anyjson>=0.3.3
- eventlet!=0.17.0,>=0.16.1
- PasteDeploy>=1.5.0
- Routes!=2.0,>=1.12.3
- WebOb>=1.2.3
- sqlalchemy-migrate!=0.9.8,<0.10.0,>=0.9.5
- httplib2>=0.7.5
--kombu>=2.5.0
--pycrypto>=2.6
--iso8601>=0.1.9
- oslo.config<1.10.0,>=1.9.3 # Apache-2.0
- oslo.concurrency<1.9.0,>=1.8.2 # Apache-2.0
- oslo.context<0.3.0,>=0.2.0 # Apache-2.0
-@@ -29,20 +25,11 @@ stevedore<1.4.0,>=1.3.0 # Apache-2.0
- taskflow<0.8.0,>=0.7.1
- keystonemiddleware<1.6.0,>=1.5.0
- WSME<0.7,>=0.6
--# For openstack/common/lockutils
--posix-ipc
--
--# For Swift storage backend.
--python-swiftclient<2.5.0,>=2.2.0
--
--# For VMware storage backed.
--oslo.vmware<0.12.0,>=0.11.1 # Apache-2.0
+ jsonschema!=2.5.0,<3.0.0,>=2.0.0 # MIT
+-python-keystoneclient!=1.8.0,!=2.1.0,>=1.6.0 # Apache-2.0
+ pyOpenSSL>=0.14 # Apache-2.0
+ # Required by openstack.common libraries
+ six>=1.9.0 # MIT
+@@ -59,5 +57,4 @@ cryptography>=1.0 # BSD/Apache-2.0
+ debtcollector>=1.2.0 # Apache-2.0
- # For paste.util.template used in keystone.common.template
- Paste
-
- jsonschema<3.0.0,>=2.0.0
--python-keystoneclient<1.4.0,>=1.2.0
- pyOpenSSL>=0.11
- # Required by openstack.common libraries
- six>=1.9.0
+ # timeutils
+-iso8601>=0.1.9 # MIT
+ monotonic>=0.6 # Apache-2.0
--- a/components/openstack/glance/patches/05-launchpad-1496012.patch Wed Sep 07 14:48:41 2016 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,45 +0,0 @@
-This patch has been integrated into Glance 11.0.0 in Liberty but has
-not yet been back-ported to Kilo.
-
-commit fa30891cf659360207b71d9345666478d4554582
-Author: Erno Kuvaja <[email protected]>
-Date: Tue Sep 15 14:57:29 2015 +0000
-
- Update Glance example configs to reflect Liberty
-
- Adding taskflow_executor_opts into the opts so they will be included.
-
- Closes-bug: #1496012
-
- Depends-On: I52ebf810f4699826baa2bdf91d28e24d902cf950
- Change-Id: I9c0988a70f691482258f5f3ba9a5cf5601a81ddf
-
-diff --git a/glance/opts.py b/glance/opts.py
-index 1542d13..a626a3b 100644
---- a/glance/opts.py
-+++ b/glance/opts.py
-@@ -25,6 +25,7 @@ import itertools
-
- import glance.api.middleware.context
- import glance.api.versions
-+import glance.async.taskflow_executor
- import glance.common.config
- import glance.common.location_strategy
- import glance.common.location_strategy.store_type
-@@ -51,6 +52,7 @@ _api_opts = [
- glance.common.wsgi.bind_opts,
- glance.common.wsgi.eventlet_opts,
- glance.common.wsgi.socket_opts,
-+ glance.common.wsgi.profiler_opts,
- glance.image_cache.drivers.sqlite.sqlite_opts,
- glance.image_cache.image_cache_opts,
- glance.notifier.notifier_opts,
-@@ -61,6 +63,8 @@ _api_opts = [
- glance.scrubber.scrubber_opts))),
- ('image_format', glance.common.config.image_format_opts),
- ('task', glance.common.config.task_opts),
-+ ('taskflow_executor',
-+ glance.async.taskflow_executor.taskflow_executor_opts),
- ('store_type_location_strategy',
- glance.common.location_strategy.store_type.store_type_opts),
- ('paste_deploy', glance.common.config.paste_deploy_opts)
--- a/components/openstack/glance/patches/06-launchpad-1500361.patch Wed Sep 07 14:48:41 2016 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,39 +0,0 @@
-This patch has been integrated into Glance 11.0.0 in Liberty but has
-not yet been back-ported to Kilo.
-
-commit b7fb5bf0f89f657ead98024ee0168f2c2fa7a776
-Author: Erno Kuvaja <[email protected]>
-Date: Mon Sep 28 10:44:38 2015 +0000
-
- Return missing authtoken options
-
- Example configs were missing keystone_authtoken section after moving
- to generated config files. This change returns that to generation.
-
- Closes-Bug: #1500361
-
- Change-Id: I6ee82c38061d483cea7254d155d9a72436880e84
- (cherry picked from commit b1d2d938d282ccd51986e57a638f8ea5bec56b0f)
-
-diff --git a/etc/oslo-config-generator/glance-api.conf b/etc/oslo-config-generator/glance-api.conf
-index d60dc12..3f24718 100644
---- a/etc/oslo-config-generator/glance-api.conf
-+++ b/etc/oslo-config-generator/glance-api.conf
-@@ -7,5 +7,5 @@ namespace = oslo.messaging
- namespace = oslo.db
- namespace = oslo.db.concurrency
- namespace = oslo.policy
--namespace = keystoneclient.middleware.auth_token
-+namespace = keystonemiddleware.auth_token
- namespace = oslo.log
-diff --git a/etc/oslo-config-generator/glance-registry.conf b/etc/oslo-config-generator/glance-registry.conf
-index 0663fc1..961abd9 100644
---- a/etc/oslo-config-generator/glance-registry.conf
-+++ b/etc/oslo-config-generator/glance-registry.conf
-@@ -6,5 +6,5 @@ namespace = oslo.messaging
- namespace = oslo.db
- namespace = oslo.db.concurrency
- namespace = oslo.policy
--namespace = keystoneclient.middleware.auth_token
-+namespace = keystonemiddleware.auth_token
- namespace = oslo.log
--- a/components/openstack/glance/patches/07-profiler_opts.patch Wed Sep 07 14:48:41 2016 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,32 +0,0 @@
-This internal patch is cherry picked from commit
-3bdb51e947e0595d4a0514f3cf29b321cd6f9483 and addresses an issue where
-the [profiler] options appears in the wrong section. This change will
-appear in the initial Mitaka release but has not yet been back-ported
-to Kilo.
-
---- glance-2015.1.2/glance/opts.py.~2~ 2016-01-24 16:51:48.000000000 -0800
-+++ glance-2015.1.2/glance/opts.py 2016-01-25 19:10:40.596155047 -0800
-@@ -52,7 +52,6 @@ _api_opts = [
- glance.common.wsgi.bind_opts,
- glance.common.wsgi.eventlet_opts,
- glance.common.wsgi.socket_opts,
-- glance.common.wsgi.profiler_opts,
- glance.image_cache.drivers.sqlite.sqlite_opts,
- glance.image_cache.image_cache_opts,
- glance.notifier.notifier_opts,
-@@ -67,6 +66,7 @@ _api_opts = [
- glance.async.taskflow_executor.taskflow_executor_opts),
- ('store_type_location_strategy',
- glance.common.location_strategy.store_type.store_type_opts),
-+ ('profiler', glance.common.wsgi.profiler_opts),
- ('paste_deploy', glance.common.config.paste_deploy_opts)
- ]
- _registry_opts = [
-@@ -76,6 +76,7 @@ _registry_opts = [
- glance.common.wsgi.bind_opts,
- glance.common.wsgi.socket_opts,
- glance.common.wsgi.eventlet_opts))),
-+ ('profiler', glance.common.wsgi.profiler_opts),
- ('paste_deploy', glance.common.config.paste_deploy_opts)
- ]
- _scrubber_opts = [
--- a/components/openstack/glance/patches/08-CVE-2016-0757.patch Wed Sep 07 14:48:41 2016 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,338 +0,0 @@
-This fix will be included in future 2015.1.3 (kilo) and 11.0.2
-(liberty) releases.
-
-From c5c731c7153d6d46c27260474d2811d504dfac5c Mon Sep 17 00:00:00 2001
-From: Erno Kuvaja <[email protected]>
-Date: Tue, 19 Jan 2016 13:37:05 +0000
-Subject: [PATCH] Prevent user to remove last location of the image
-
-If the last location of the image is removed, image transitions back to queued.
-This allows user to upload new data into the existing image record. By
-preventing removal of the last location we prevent the image transition back to
-queued.
-
-This change also prevents doing the same operation via replacing the locations
-with empty list.
-
-SecurityImpact
-DocImpact
-APIImpact
-
-Conflicts:
- glance/tests/unit/v2/test_images_resource.py
-
-Conflicts:
- glance/api/v2/images.py
-
-Change-Id: Ieb03aaba887492819f9c58aa67f7acfcea81720e
-Closes-Bug: #1525915
-(cherry picked from commit e9e45baa9aaf58e69964419b6b4fb2048d115a0c)
----
- glance/api/v2/images.py | 19 +++-
- glance/tests/functional/v2/test_images.py | 14 ---
- glance/tests/unit/v2/test_images_resource.py | 122 ++++-----------------
- ...oving-last-image-location-d5ee3e00efe14f34.yaml | 10 ++
- 4 files changed, 44 insertions(+), 121 deletions(-)
- create mode 100644 releasenotes/notes/Prevent-removing-last-image-location-d5ee3e00efe14f34.yaml
-
-diff --git a/glance/api/v2/images.py b/glance/api/v2/images.py
-index 22c8e70..90435ac 100644
---- a/glance/api/v2/images.py
-+++ b/glance/api/v2/images.py
-@@ -168,7 +168,10 @@ class ImagesController(object):
- path = change['path']
- path_root = path[0]
- value = change['value']
-- if path_root == 'locations':
-+ if path_root == 'locations' and value == []:
-+ msg = _("Cannot set locations to empty list.")
-+ raise webob.exc.HTTPForbidden(message=msg)
-+ elif path_root == 'locations' and value != []:
- self._do_replace_locations(image, value)
- else:
- if hasattr(image, path_root):
-@@ -201,7 +204,10 @@ class ImagesController(object):
- path = change['path']
- path_root = path[0]
- if path_root == 'locations':
-- self._do_remove_locations(image, path[1])
-+ try:
-+ self._do_remove_locations(image, path[1])
-+ except exception.Forbidden as e:
-+ raise webob.exc.HTTPForbidden(e.msg)
- else:
- if hasattr(image, path_root):
- msg = _("Property %s may not be removed.")
-@@ -285,6 +291,11 @@ class ImagesController(object):
- explanation=utils.exception_to_str(ve))
-
- def _do_remove_locations(self, image, path_pos):
-+ if len(image.locations) == 1:
-+ LOG.debug("User forbidden to remove last location of image %s",
-+ image.image_id)
-+ msg = _("Cannot remove last location in the image.")
-+ raise exception.Forbidden(message=msg)
- pos = self._get_locations_op_pos(path_pos,
- len(image.locations), False)
- if pos is None:
-@@ -294,11 +305,11 @@ class ImagesController(object):
- # NOTE(zhiyan): this actually deletes the location
- # from the backend store.
- image.locations.pop(pos)
-+ # TODO(jokke): Fix this, we should catch what store throws and
-+ # provide definitely something else than IternalServerError to user.
- except Exception as e:
- raise webob.exc.HTTPInternalServerError(
- explanation=utils.exception_to_str(e))
-- if len(image.locations) == 0 and image.status == 'active':
-- image.status = 'queued'
-
-
- class RequestDeserializer(wsgi.JSONRequestDeserializer):
-diff --git a/glance/tests/functional/v2/test_images.py b/glance/tests/functional/v2/test_images.py
-index 35d3ab2..c27c27f 100644
---- a/glance/tests/functional/v2/test_images.py
-+++ b/glance/tests/functional/v2/test_images.py
-@@ -489,20 +489,6 @@ class TestImages(functional.FunctionalTest):
- response = requests.patch(path, headers=headers, data=data)
- self.assertEqual(200, response.status_code, response.text)
-
-- # Remove all locations of the image then the image size shouldn't be
-- # able to access
-- path = self._url('/v2/images/%s' % image2_id)
-- media_type = 'application/openstack-images-v2.1-json-patch'
-- headers = self._headers({'content-type': media_type})
-- doc = [{'op': 'replace', 'path': '/locations', 'value': []}]
-- data = jsonutils.dumps(doc)
-- response = requests.patch(path, headers=headers, data=data)
-- self.assertEqual(200, response.status_code, response.text)
-- image = jsonutils.loads(response.text)
-- self.assertIsNone(image['size'])
-- self.assertIsNone(image['virtual_size'])
-- self.assertEqual('queued', image['status'])
--
- # Deletion should work. Deleting image-1
- path = self._url('/v2/images/%s' % image_id)
- response = requests.delete(path, headers=self._headers())
-diff --git a/glance/tests/unit/v2/test_images_resource.py b/glance/tests/unit/v2/test_images_resource.py
-index be4e60a..9cc1f25 100644
---- a/glance/tests/unit/v2/test_images_resource.py
-+++ b/glance/tests/unit/v2/test_images_resource.py
-@@ -1323,26 +1323,6 @@ class TestImagesController(base.IsolatedUnitTest):
- self.assertRaises(webob.exc.HTTPConflict, self.controller.update,
- another_request, created_image.image_id, changes)
-
-- def test_update_replace_locations(self):
-- self.stubs.Set(store, 'get_size_from_backend',
-- unit_test_utils.fake_get_size_from_backend)
-- request = unit_test_utils.get_fake_request()
-- changes = [{'op': 'replace', 'path': ['locations'], 'value': []}]
-- output = self.controller.update(request, UUID1, changes)
-- self.assertEqual(UUID1, output.image_id)
-- self.assertEqual(0, len(output.locations))
-- self.assertEqual('queued', output.status)
-- self.assertIsNone(output.size)
--
-- new_location = {'url': '%s/fake_location' % BASE_URI, 'metadata': {}}
-- changes = [{'op': 'replace', 'path': ['locations'],
-- 'value': [new_location]}]
-- output = self.controller.update(request, UUID1, changes)
-- self.assertEqual(UUID1, output.image_id)
-- self.assertEqual(1, len(output.locations))
-- self.assertEqual(new_location, output.locations[0])
-- self.assertEqual('active', output.status)
--
- def test_update_replace_locations_non_empty(self):
- new_location = {'url': '%s/fake_location' % BASE_URI, 'metadata': {}}
- request = unit_test_utils.get_fake_request()
-@@ -1354,35 +1334,9 @@ class TestImagesController(base.IsolatedUnitTest):
- def test_update_replace_locations_invalid(self):
- request = unit_test_utils.get_fake_request()
- changes = [{'op': 'replace', 'path': ['locations'], 'value': []}]
-- output = self.controller.update(request, UUID1, changes)
-- self.assertEqual(UUID1, output.image_id)
-- self.assertEqual(0, len(output.locations))
-- self.assertEqual('queued', output.status)
--
-- request = unit_test_utils.get_fake_request()
-- changes = [{'op': 'replace', 'path': ['locations'],
-- 'value': [{'url': 'unknow://foo', 'metadata': {}}]}]
-- self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update,
-+ self.assertRaises(webob.exc.HTTPForbidden, self.controller.update,
- request, UUID1, changes)
-
-- def test_update_replace_locations_status_exception(self):
-- self.stubs.Set(store, 'get_size_from_backend',
-- unit_test_utils.fake_get_size_from_backend)
-- request = unit_test_utils.get_fake_request()
-- changes = [{'op': 'replace', 'path': ['locations'], 'value': []}]
-- output = self.controller.update(request, UUID2, changes)
-- self.assertEqual(UUID2, output.image_id)
-- self.assertEqual(0, len(output.locations))
-- self.assertEqual('queued', output.status)
--
-- self.db.image_update(None, UUID2, {'disk_format': None})
--
-- new_location = {'url': '%s/fake_location' % BASE_URI, 'metadata': {}}
-- changes = [{'op': 'replace', 'path': ['locations'],
-- 'value': [new_location]}]
-- self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update,
-- request, UUID2, changes)
--
- def test_update_add_property(self):
- request = unit_test_utils.get_fake_request()
-
-@@ -1506,24 +1460,6 @@ class TestImagesController(base.IsolatedUnitTest):
- self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update,
- request, UUID1, changes)
-
-- def test_update_add_locations_status_exception(self):
-- self.stubs.Set(store, 'get_size_from_backend',
-- unit_test_utils.fake_get_size_from_backend)
-- request = unit_test_utils.get_fake_request()
-- changes = [{'op': 'replace', 'path': ['locations'], 'value': []}]
-- output = self.controller.update(request, UUID2, changes)
-- self.assertEqual(UUID2, output.image_id)
-- self.assertEqual(0, len(output.locations))
-- self.assertEqual('queued', output.status)
--
-- self.db.image_update(None, UUID2, {'disk_format': None})
--
-- new_location = {'url': '%s/fake_location' % BASE_URI, 'metadata': {}}
-- changes = [{'op': 'add', 'path': ['locations', '-'],
-- 'value': new_location}]
-- self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update,
-- request, UUID2, changes)
--
- def test_update_add_duplicate_locations(self):
- new_location = {'url': '%s/fake_location' % BASE_URI, 'metadata': {}}
- request = unit_test_utils.get_fake_request()
-@@ -1537,23 +1473,6 @@ class TestImagesController(base.IsolatedUnitTest):
- self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update,
- request, UUID1, changes)
-
-- def test_update_replace_duplicate_locations(self):
-- self.stubs.Set(store, 'get_size_from_backend',
-- unit_test_utils.fake_get_size_from_backend)
-- request = unit_test_utils.get_fake_request()
-- changes = [{'op': 'replace', 'path': ['locations'], 'value': []}]
-- output = self.controller.update(request, UUID1, changes)
-- self.assertEqual(UUID1, output.image_id)
-- self.assertEqual(0, len(output.locations))
-- self.assertEqual('queued', output.status)
--
-- new_location = {'url': '%s/fake_location' % BASE_URI, 'metadata': {}}
-- changes = [{'op': 'replace', 'path': ['locations'],
-- 'value': [new_location, new_location]}]
--
-- self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update,
-- request, UUID1, changes)
--
- def test_update_add_too_many_locations(self):
- self.config(image_location_quota=1)
- request = unit_test_utils.get_fake_request()
-@@ -1654,9 +1573,12 @@ class TestImagesController(base.IsolatedUnitTest):
- {'op': 'add', 'path': ['locations', '-'],
- 'value': {'url': '%s/fake_location_1' % BASE_URI,
- 'metadata': {}}},
-+ {'op': 'add', 'path': ['locations', '-'],
-+ 'value': {'url': '%s/fake_location_2' % BASE_URI,
-+ 'metadata': {}}},
- ]
- self.controller.update(request, UUID1, changes)
-- self.config(image_location_quota=1)
-+ self.config(image_location_quota=2)
-
- # We must remove two properties to avoid being
- # over the limit of 1 property
-@@ -1669,8 +1591,8 @@ class TestImagesController(base.IsolatedUnitTest):
- ]
- output = self.controller.update(request, UUID1, changes)
- self.assertEqual(UUID1, output.image_id)
-- self.assertEqual(1, len(output.locations))
-- self.assertIn('fake_location_3', output.locations[0]['url'])
-+ self.assertEqual(2, len(output.locations))
-+ self.assertIn('fake_location_3', output.locations[1]['url'])
- self.assertNotEqual(output.created_at, output.updated_at)
-
- def test_update_remove_base_property(self):
-@@ -1711,24 +1633,23 @@ class TestImagesController(base.IsolatedUnitTest):
- unit_test_utils.fake_get_size_from_backend)
-
- request = unit_test_utils.get_fake_request()
-- changes = [{'op': 'remove', 'path': ['locations', '0']}]
-- output = self.controller.update(request, UUID1, changes)
-- self.assertEqual(output.image_id, UUID1)
-- self.assertEqual(0, len(output.locations))
-- self.assertEqual('queued', output.status)
-- self.assertIsNone(output.size)
--
- new_location = {'url': '%s/fake_location' % BASE_URI, 'metadata': {}}
- changes = [{'op': 'add', 'path': ['locations', '-'],
- 'value': new_location}]
-+ self.controller.update(request, UUID1, changes)
-+ changes = [{'op': 'remove', 'path': ['locations', '0']}]
- output = self.controller.update(request, UUID1, changes)
- self.assertEqual(UUID1, output.image_id)
- self.assertEqual(1, len(output.locations))
-- self.assertEqual(new_location, output.locations[0])
- self.assertEqual('active', output.status)
-
- def test_update_remove_location_invalid_pos(self):
- request = unit_test_utils.get_fake_request()
-+ changes = [
-+ {'op': 'add', 'path': ['locations', '-'],
-+ 'value': {'url': '%s/fake_location' % BASE_URI,
-+ 'metadata': {}}}]
-+ self.controller.update(request, UUID1, changes)
- changes = [{'op': 'remove', 'path': ['locations', None]}]
- self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update,
- request, UUID1, changes)
-@@ -1750,6 +1671,11 @@ class TestImagesController(base.IsolatedUnitTest):
- fake_delete_image_location_from_backend)
-
- request = unit_test_utils.get_fake_request()
-+ changes = [
-+ {'op': 'add', 'path': ['locations', '-'],
-+ 'value': {'url': '%s/fake_location' % BASE_URI,
-+ 'metadata': {}}}]
-+ self.controller.update(request, UUID1, changes)
- changes = [{'op': 'remove', 'path': ['locations', '0']}]
- self.assertRaises(webob.exc.HTTPInternalServerError,
- self.controller.update, request, UUID1, changes)
-@@ -2036,16 +1962,6 @@ class TestImagesControllerPolicies(base.IsolatedUnitTest):
- self.assertRaises(webob.exc.HTTPForbidden, self.controller.update,
- request, UUID1, changes)
-
-- self.stubs.Set(self.store_utils, 'delete_image_location_from_backend',
-- fake_delete_image_location_from_backend)
--
-- changes = [{'op': 'replace', 'path': ['locations'], 'value': []}]
-- self.controller.update(request, UUID1, changes)
-- changes = [{'op': 'replace', 'path': ['locations'],
-- 'value': [new_location]}]
-- self.assertRaises(webob.exc.HTTPForbidden, self.controller.update,
-- request, UUID1, changes)
--
- def test_update_delete_image_location_unauthorized(self):
- rules = {"delete_image_location": False}
- self.policy.set_rules(rules)
-diff --git a/releasenotes/notes/Prevent-removing-last-image-location-d5ee3e00efe14f34.yaml b/releasenotes/notes/Prevent-removing-last-image-location-d5ee3e00efe14f34.yaml
-new file mode 100644
-index 0000000..344e6e5
---- /dev/null
-+++ b/releasenotes/notes/Prevent-removing-last-image-location-d5ee3e00efe14f34.yaml
-@@ -0,0 +1,10 @@
-+---
-+security:
-+ - Fixing bug 1525915; image might be transitioning
-+ from active to queued by regular user by removing
-+ last location of image (or replacing locations
-+ with empty list). This allows user to re-upload
-+ data to the image breaking Glance's promise of
-+ image data immutability. From now on, last
-+ location cannot be removed and locations cannot
-+ be replaced with empty list.
---
-1.9.1
-
--- a/components/openstack/glance/patches/09-glance-conf.patch Wed Sep 07 14:48:41 2016 -0700
+++ b/components/openstack/glance/patches/09-glance-conf.patch Wed Sep 07 14:48:42 2016 -0700
@@ -3,72 +3,38 @@
These changes are meant as a follow-on to Launchpad bug 1500361 but
they have not yet been submitted upstream.
---- glance-2015.1.2/etc/oslo-config-generator/glance-api.conf.orig Mon Mar 7 09:53:06 2016
-+++ glance-2015.1.2/etc/oslo-config-generator/glance-api.conf Tue Mar 8 10:41:39 2016
-@@ -1,11 +1,12 @@
- [DEFAULT]
- output_file = etc/glance-api.conf.sample
- namespace = glance.api
-+namespace = glance.index
-+namespace = glance.manage
- namespace = glance.store
-+namespace = keystonemiddleware.auth_token
- namespace = oslo.concurrency
--namespace = oslo.messaging
- namespace = oslo.db
--namespace = oslo.db.concurrency
--namespace = oslo.policy
--namespace = keystonemiddleware.auth_token
+--- glance-12.0.0/etc/oslo-config-generator/glance-api.conf.~1~ 2016-04-07 00:37:11.000000000 -0700
++++ glance-12.0.0/etc/oslo-config-generator/glance-api.conf 2016-07-30 00:39:05.833802230 -0700
+@@ -9,4 +9,4 @@ namespace = oslo.db.concurrency
+ namespace = oslo.policy
+ namespace = keystonemiddleware.auth_token
namespace = oslo.log
-+namespace = oslo.messaging
-+namespace = oslo.policy
---- glance-2015.1.2/etc/oslo-config-generator/glance-cache.conf.orig Tue Oct 13 09:38:21 2015
-+++ glance-2015.1.2/etc/oslo-config-generator/glance-cache.conf Wed Mar 9 23:44:29 2016
-@@ -1,5 +1,7 @@
- [DEFAULT]
- output_file = etc/glance-cache.conf.sample
+-namespace = oslo.middleware.cors
++namespace = oslo.middleware
+--- glance-12.0.0/etc/oslo-config-generator/glance-cache.conf.~1~ 2016-04-07 00:37:11.000000000 -0700
++++ glance-12.0.0/etc/oslo-config-generator/glance-cache.conf 2016-07-30 00:39:33.080265565 -0700
+@@ -3,3 +3,5 @@ output_file = etc/glance-cache.conf.samp
namespace = glance.cache
-+namespace = glance.store
-+namespace = oslo.concurrency
namespace = oslo.log
namespace = oslo.policy
---- glance-2015.1.2/etc/oslo-config-generator/glance-manage.conf.orig Tue Oct 13 09:38:21 2015
-+++ glance-2015.1.2/etc/oslo-config-generator/glance-manage.conf Thu Mar 10 01:06:41 2016
-@@ -1,6 +1,8 @@
- [DEFAULT]
- output_file = etc/glance-manage.conf.sample
- namespace = glance.manage
+namespace = glance.store
+namespace = oslo.concurrency
- namespace = oslo.db
--namespace = oslo.db.concurrency
+--- glance-12.0.0/etc/oslo-config-generator/glance-glare.conf.~1~ 2016-04-07 00:37:11.000000000 -0700
++++ glance-12.0.0/etc/oslo-config-generator/glance-glare.conf 2016-07-30 00:39:05.834807800 -0700
+@@ -6,4 +6,7 @@ namespace = oslo.db
+ namespace = oslo.db.concurrency
+ namespace = keystonemiddleware.auth_token
namespace = oslo.log
-+namespace = oslo.policy
---- glance-2015.1.2/etc/oslo-config-generator/glance-registry.conf.orig Mon Mar 7 09:53:06 2016
-+++ glance-2015.1.2/etc/oslo-config-generator/glance-registry.conf Thu Mar 10 00:57:58 2016
-@@ -2,9 +2,9 @@
- output_file = etc/glance-registry.conf.sample
- namespace = glance.registry
- namespace = glance.store
--namespace = oslo.messaging
--namespace = oslo.db
--namespace = oslo.db.concurrency
--namespace = oslo.policy
- namespace = keystonemiddleware.auth_token
+-namespace = oslo.middleware.cors
++namespace = oslo.middleware
+namespace = oslo.concurrency
-+namespace = oslo.db
- namespace = oslo.log
+namespace = oslo.messaging
+namespace = oslo.policy
---- glance-2015.1.2/etc/oslo-config-generator/glance-scrubber.conf.orig Tue Oct 13 09:38:21 2015
-+++ glance-2015.1.2/etc/oslo-config-generator/glance-scrubber.conf Thu Mar 10 01:21:02 2016
-@@ -1,8 +1,7 @@
- [DEFAULT]
- output_file = etc/glance-scrubber.conf.sample
- namespace = glance.scrubber
-+namespace = glance.store
- namespace = oslo.concurrency
--namespace = oslo.db
--namespace = oslo.db.concurrency
+--- glance-12.0.0/etc/oslo-config-generator/glance-registry.conf.~1~ 2016-04-07 00:37:11.000000000 -0700
++++ glance-12.0.0/etc/oslo-config-generator/glance-registry.conf 2016-07-30 00:39:05.835268420 -0700
+@@ -8,3 +8,5 @@ namespace = oslo.db.concurrency
+ namespace = oslo.policy
+ namespace = keystonemiddleware.auth_token
namespace = oslo.log
- namespace = oslo.policy
++namespace = oslo.concurrency
++namespace = oslo.middleware
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openstack/glance/patches/10-glance-wsgi.patch Wed Sep 07 14:48:42 2016 -0700
@@ -0,0 +1,16 @@
+In-house patch to fix glance-api to not respawn a new child when it knows it is
+terminating. This patch is Solaris specific and not necassarily suitable for
+upstream.
+
+--- glance-12.0.0/glance/common/wsgi.py.~2~ 2016-06-29 08:34:58.341184299 -0700
++++ glance-12.0.0/glance/common/wsgi.py 2016-06-29 08:35:31.903341381 -0700
+@@ -359,7 +359,8 @@ class Server(object):
+ pid, status = os.wait()
+ if os.WIFEXITED(status) or os.WIFSIGNALED(status):
+ self._remove_children(pid)
+- self._verify_and_respawn_children(pid, status)
++ if self.running:
++ self._verify_and_respawn_children(pid, status)
+ except OSError as err:
+ if err.errno not in (errno.EINTR, errno.ECHILD):
+ raise
--- a/components/openstack/glance/patches/14-launchpad-1471080.patch Wed Sep 07 14:48:41 2016 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,40 +0,0 @@
-commit 356e66c2397a4a1ae3dd1fca2870958f5969aceb
-Author: wangxiyuan <[email protected]>
-Date: Fri Jul 3 11:45:57 2015 +0800
-
- Fix wrong check when create image without data.
-
- The default value of 'locations' is [].So there is a wrong check in
- db/sqlalchemy/api.py.
- When create an image without data, The function '_image_locations_set'
- should not be executed.
-
- Change-Id: Ie4cb29ab0d714d3ce67f717d5eaf641424efa5b7
- Closes-bug:#1471080
-
---- glance-2015.1.2/glance/db/sqlalchemy/api.py.~1~ 2015-10-13 09:38:23.000000000 -0700
-+++ glance-2015.1.2/glance/db/sqlalchemy/api.py 2016-03-04 01:02:00.749647525 -0800
-@@ -790,7 +790,7 @@ def _image_update(context, values, image
- _set_properties_for_image(context, image_ref, properties, purge_props,
- session)
-
-- if location_data is not None:
-+ if location_data:
- _image_locations_set(context, image_ref.id, location_data,
- session=session)
-
---- glance-2015.1.2/glance/tests/functional/db/base.py.~1~ 2015-10-13 09:38:23.000000000 -0700
-+++ glance-2015.1.2/glance/tests/functional/db/base.py 2016-03-04 01:02:00.751553768 -0800
-@@ -191,6 +191,12 @@ class DriverTests(object):
- for l in image['locations']]
- self.assertEqual(locations, actual)
-
-+ def test_image_create_without_locations(self):
-+ locations = []
-+ fixture = {'status': 'queued',
-+ 'locations': locations}
-+ self.db_api.image_create(self.context, fixture)
-+
- def test_image_create_with_location_data(self):
- location_data = [{'url': 'a', 'metadata': {'key': 'value'},
- 'status': 'active'},
--- a/components/openstack/glance/patches/15-mysql_cluster_support.patch Wed Sep 07 14:48:41 2016 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,1215 +0,0 @@
-This patchset is for bug:
-
-22725863 - Glance needs to support MySQL Cluster
-
-This fixes the following aspects of Glance:
-1. Implementation of an oslo.db configuration parameter to specify the MySQL
- storage engine (mysql_storage_engine).
-2. Replacement of hardcoded SQL statements that set the engine to "InnoDB"
- to the above configuration value.
-3. Logic to handle SQL differences between MySQL InnoDB and MySQL Cluster (NDB).
- This includes column lengths, constraints, foreign keys, and indexes.
-
-This has not been committed upstream, but has been filed in launchpad:
-
-https://bugs.launchpad.net/glance/+bug/1564110
-
-
---- glance-2015.1.2/glance/tests/unit/test_migrations.py.orig 2016-07-29 11:30:42.506075746 -0600
-+++ glance-2015.1.2/glance/tests/unit/test_migrations.py 2016-07-28 18:16:26.555277376 -0600
-@@ -127,7 +127,7 @@ class MigrationsMixin(test_migrations.Wa
- sqlalchemy.Boolean(),
- nullable=False,
- default=False),
-- mysql_engine='InnoDB')
-+ mysql_engine=CONF.database.mysql_storage_engine)
- images_001.create()
-
- def test_version_control_existing_db(self):
-@@ -1650,10 +1650,10 @@ class TestMysqlMigrations(test_base.MySQ
- noninnodb = self.migrate_engine.execute(
- "SELECT count(*) "
- "FROM information_schema.TABLES "
-- "WHERE TABLE_SCHEMA='%s' "
-- "AND ENGINE!='InnoDB' "
-+ "WHERE TABLE_SCHEMA='%(table_schema)s' "
-+ "AND ENGINE!='%(mysql_storage_engine)s' "
- "AND TABLE_NAME!='migrate_version'"
-- % self.migrate_engine.url.database)
-+ % dict(table_schema=self.migrate_engine.url.database, mysql_storage_engine=CONF.database.mysql_storage_engine))
- count = noninnodb.scalar()
- self.assertEqual(count, 0, "%d non InnoDB tables created" % count)
-
---- glance-2015.1.2/glance/db/sqlalchemy/models_metadef.py.orig 2016-07-29 11:30:50.672701806 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/models_metadef.py 2016-07-29 11:37:23.040809599 -0600
-@@ -16,6 +16,7 @@
- SQLAlchemy models for glance metadata schema
- """
-
-+from oslo_config import cfg
- from oslo_db.sqlalchemy import models
- from oslo_utils import timeutils
- from sqlalchemy import Boolean
-@@ -31,6 +32,7 @@ from sqlalchemy import Text
-
- from glance.db.sqlalchemy.models import JSONEncodedDict
-
-+CONF = cfg.CONF
-
- class DictionaryBase(models.ModelBase):
- metadata = None
-@@ -48,7 +50,7 @@ BASE_DICT = declarative_base(cls=Diction
- class GlanceMetadefBase(models.TimestampMixin):
- """Base class for Glance Metadef Models."""
-
-- __table_args__ = {'mysql_engine': 'InnoDB'}
-+ __table_args__ = {'mysql_engine': CONF.database.mysql_storage_engine}
- __table_initialized__ = False
- __protected_attributes__ = set(["created_at", "updated_at"])
-
---- glance-2015.1.2/glance/db/sqlalchemy/models_artifacts.py.orig 2016-07-29 11:30:58.519236555 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/models_artifacts.py 2016-07-28 18:16:26.556002509 -0600
-@@ -14,6 +14,8 @@
-
- import uuid
-
-+from oslo_config import cfg
-+from oslo_db import options as db_options
- from oslo_db.sqlalchemy import models
- from oslo_utils import timeutils
- from sqlalchemy import BigInteger
-@@ -36,6 +38,9 @@ from glance.common import semver_db
- from glance import i18n
- from oslo_log import log as os_logging
-
-+CONF = cfg.CONF
-+db_options.set_defaults(CONF)
-+
- BASE = declarative.declarative_base()
- LOG = os_logging.getLogger(__name__)
- _LW = i18n._LW
-@@ -44,7 +49,7 @@ _LW = i18n._LW
- class ArtifactBase(models.ModelBase, models.TimestampMixin):
- """Base class for Artifact Models."""
-
-- __table_args__ = {'mysql_engine': 'InnoDB'}
-+ __table_args__ = {'mysql_engine': CONF.database.mysql_storage_engine}
- __table_initialized__ = False
- __protected_attributes__ = set([
- "created_at", "updated_at"])
-@@ -102,7 +107,7 @@ class Artifact(BASE, ArtifactBase):
- Index('ix_artifact_state', 'state'),
- Index('ix_artifact_owner', 'owner'),
- Index('ix_artifact_visibility', 'visibility'),
-- {'mysql_engine': 'InnoDB'})
-+ {'mysql_engine': CONF.database.mysql_storage_engine})
-
- __protected_attributes__ = ArtifactBase.__protected_attributes__.union(
- set(['published_at', 'deleted_at']))
-@@ -219,7 +224,7 @@ class ArtifactDependency(BASE, ArtifactB
- 'artifact_dest'),
- Index('ix_artifact_dependencies_direct_dependencies',
- 'artifact_source', 'is_direct'),
-- {'mysql_engine': 'InnoDB'})
-+ {'mysql_engine': CONF.database.mysql_storage_engine})
-
- id = Column(String(36), primary_key=True, nullable=False,
- default=lambda: str(uuid.uuid4()))
-@@ -248,7 +253,7 @@ class ArtifactTag(BASE, ArtifactBase):
- __table_args__ = (Index('ix_artifact_tags_artifact_id', 'artifact_id'),
- Index('ix_artifact_tags_artifact_id_tag_value',
- 'artifact_id', 'value'),
-- {'mysql_engine': 'InnoDB'},)
-+ {'mysql_engine': CONF.database.mysql_storage_engine},)
-
- id = Column(String(36), primary_key=True, nullable=False,
- default=lambda: str(uuid.uuid4()))
-@@ -265,7 +270,7 @@ class ArtifactProperty(BASE, ArtifactBas
- __table_args__ = (
- Index('ix_artifact_properties_artifact_id', 'artifact_id'),
- Index('ix_artifact_properties_name', 'name'),
-- {'mysql_engine': 'InnoDB'},)
-+ {'mysql_engine': CONF.database.mysql_storage_engine},)
- id = Column(String(36), primary_key=True, nullable=False,
- default=lambda: str(uuid.uuid4()))
- artifact_id = Column(String(36), ForeignKey('artifacts.id'),
-@@ -287,7 +292,7 @@ class ArtifactBlob(BASE, ArtifactBase):
- __table_args__ = (
- Index('ix_artifact_blobs_artifact_id', 'artifact_id'),
- Index('ix_artifact_blobs_name', 'name'),
-- {'mysql_engine': 'InnoDB'},)
-+ {'mysql_engine': CONF.database.mysql_storage_engine},)
- id = Column(String(36), primary_key=True, nullable=False,
- default=lambda: str(uuid.uuid4()))
- artifact_id = Column(String(36), ForeignKey('artifacts.id'),
-@@ -306,7 +311,7 @@ class ArtifactBlobLocation(BASE, Artifac
- __tablename__ = 'artifact_blob_locations'
- __table_args__ = (Index('ix_artifact_blob_locations_blob_id',
- 'blob_id'),
-- {'mysql_engine': 'InnoDB'})
-+ {'mysql_engine': CONF.database.mysql_storage_engine})
-
- id = Column(String(36), primary_key=True, nullable=False,
- default=lambda: str(uuid.uuid4()))
---- glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/007_add_owner.py.orig 2016-07-29 11:31:06.067376033 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/007_add_owner.py 2016-07-29 11:38:21.570131052 -0600
-@@ -14,12 +14,14 @@
- # under the License.
-
- from migrate.changeset import * # noqa
-+from oslo_config import cfg
- from sqlalchemy import * # noqa
-
- from glance.db.sqlalchemy.migrate_repo.schema import (
- Boolean, DateTime, BigInteger, Integer, String,
- Text, from_migration_import) # noqa
-
-+CONF = cfg.CONF
-
- def get_images_table(meta):
- """
-@@ -50,7 +52,7 @@ def get_images_table(meta):
- index=True),
- Column('checksum', String(32)),
- Column('owner', String(255)),
-- mysql_engine='InnoDB',
-+ mysql_engine=CONF.database.mysql_storage_engine,
- extend_existing=True)
-
- return images
---- glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/003_add_disk_format.py.orig 2016-07-29 11:31:13.058662840 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/003_add_disk_format.py 2016-07-29 11:38:43.705439106 -0600
-@@ -14,11 +14,13 @@
- # under the License.
-
- from migrate.changeset import * # noqa
-+from oslo_config import cfg
- from sqlalchemy import * # noqa
-
- from glance.db.sqlalchemy.migrate_repo.schema import (
- Boolean, DateTime, Integer, String, Text, from_migration_import) # noqa
-
-+CONF = cfg.CONF
-
- def get_images_table(meta):
- """
-@@ -47,7 +49,7 @@ def get_images_table(meta):
- nullable=False,
- default=False,
- index=True),
-- mysql_engine='InnoDB',
-+ mysql_engine=CONF.database.mysql_storage_engine,
- extend_existing=True)
-
- return images
---- glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/005_size_big_integer.py.orig 2016-07-29 11:31:20.152951372 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/005_size_big_integer.py 2016-07-29 11:39:04.202176317 -0600
-@@ -14,12 +14,14 @@
- # under the License.
-
- from migrate.changeset import * # noqa
-+from oslo_config import cfg
- from sqlalchemy import * # noqa
-
- from glance.db.sqlalchemy.migrate_repo.schema import (
- Boolean, DateTime, BigInteger, Integer, String,
- Text, from_migration_import) # noqa
-
-+CONF = cfg.CONF
-
- def get_images_table(meta):
- """
-@@ -48,7 +50,7 @@ def get_images_table(meta):
- nullable=False,
- default=False,
- index=True),
-- mysql_engine='InnoDB',
-+ mysql_engine=CONF.database.mysql_storage_engine,
- extend_existing=True)
-
- return images
---- glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/022_image_member_index.py.orig 2016-07-29 11:31:30.015287184 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/022_image_member_index.py 2016-07-29 11:39:26.850998479 -0600
-@@ -16,11 +16,13 @@
- import re
-
- from migrate.changeset import UniqueConstraint
-+from oslo_config import cfg
- from oslo_db import exception as db_exception
- from sqlalchemy import and_, func, orm
- from sqlalchemy import MetaData, Table
- from sqlalchemy.exc import OperationalError, ProgrammingError
-
-+CONF = cfg.CONF
-
- NEW_KEYNAME = 'image_members_image_id_member_deleted_at_key'
- ORIGINAL_KEYNAME_RE = re.compile('image_members_image_id.*_key')
-@@ -28,21 +30,24 @@ ORIGINAL_KEYNAME_RE = re.compile('image_
-
- def upgrade(migrate_engine):
- image_members = _get_image_members_table(migrate_engine)
--
-- if migrate_engine.name in ('mysql', 'postgresql'):
-- try:
-- UniqueConstraint('image_id',
-- name=_get_original_keyname(migrate_engine.name),
-- table=image_members).drop()
-- except (OperationalError, ProgrammingError, db_exception.DBError):
-- UniqueConstraint('image_id',
-- name=_infer_original_keyname(image_members),
-- table=image_members).drop()
-- UniqueConstraint('image_id',
-- 'member',
-- 'deleted_at',
-- name=NEW_KEYNAME,
-- table=image_members).create()
-+ # MySQL Cluster, a.k.a. NDB does not support the original constraint and index.
-+ # Only if we are not using MySQL Cluster, will the index be dropped.
-+ if CONF.database.mysql_storage_engine != "NDBCLUSTER":
-+ if migrate_engine.name in ('mysql', 'postgresql'):
-+ try:
-+ UniqueConstraint('image_id',
-+ name=_get_original_keyname(migrate_engine.name),
-+ table=image_members).drop()
-+ except (OperationalError, ProgrammingError, db_exception.DBError):
-+ UniqueConstraint('image_id',
-+ name=_infer_original_keyname(image_members),
-+ table=image_members).drop()
-+
-+ UniqueConstraint('image_id',
-+ 'member',
-+ 'deleted_at',
-+ name=NEW_KEYNAME,
-+ table=image_members).create()
-
-
- def downgrade(migrate_engine):
-@@ -53,10 +58,13 @@ def downgrade(migrate_engine):
- UniqueConstraint('image_id',
- name=NEW_KEYNAME,
- table=image_members).drop()
-- UniqueConstraint('image_id',
-- 'member',
-- name=_get_original_keyname(migrate_engine.name),
-- table=image_members).create()
-+ # MySQL Cluster, a.k.a. NDB does not support the original constraint and index.
-+ # Only if we are not using MySQL Cluster, will the index be created.
-+ if CONF.database.mysql_storage_engine != "NDBCLUSTER":
-+ UniqueConstraint('image_id',
-+ 'member',
-+ name=_get_original_keyname(migrate_engine.name),
-+ table=image_members).create()
-
-
- def _get_image_members_table(migrate_engine):
---- glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/040_add_changes_to_satisfy_metadefs_tags.py.orig 2016-07-29 11:31:37.098719056 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/040_add_changes_to_satisfy_metadefs_tags.py 2016-07-29 11:40:01.035865900 -0600
-@@ -10,15 +10,18 @@
- # License for the specific language governing permissions and limitations
- # under the License.
-
--
-+from oslo_config import cfg
- import sqlalchemy
- from sqlalchemy import (Table, Index)
-
-+CONF = cfg.CONF
-
- def upgrade(migrate_engine):
- if migrate_engine.name == 'mysql':
- meta = sqlalchemy.MetaData()
- meta.bind = migrate_engine
- metadef_tags = Table('metadef_tags', meta, autoload=True)
-- Index('namespace_id', metadef_tags.c.namespace_id,
-- metadef_tags.c.name).drop()
-+ # MySQL Cluster, a.k.a NDB, does not support this index drop.
-+ if CONF.database.mysql_storage_engine != "NDBCLUSTER":
-+ Index('namespace_id', metadef_tags.c.namespace_id,
-+ metadef_tags.c.name).drop()
---- glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/001_add_images_table.py.orig 2016-07-29 11:31:43.878178070 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/001_add_images_table.py 2016-07-29 11:40:32.274838992 -0600
-@@ -13,11 +13,13 @@
- # License for the specific language governing permissions and limitations
- # under the License.
-
-+from oslo_config import cfg
- from sqlalchemy.schema import (Column, MetaData, Table)
-
- from glance.db.sqlalchemy.migrate_repo.schema import (
- Boolean, DateTime, Integer, String, Text, create_tables, drop_tables) # noqa
-
-+CONF = cfg.CONF
-
- def define_images_table(meta):
- images = Table('images',
-@@ -41,7 +43,7 @@ def define_images_table(meta):
- nullable=False,
- default=False,
- index=True),
-- mysql_engine='InnoDB',
-+ mysql_engine=CONF.database.mysql_storage_engine,
- extend_existing=True)
-
- return images
---- glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/014_add_image_tags_table.py.orig 2016-07-29 11:31:50.742219079 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/014_add_image_tags_table.py 2016-07-29 11:40:52.393996743 -0600
-@@ -13,10 +13,12 @@
- # License for the specific language governing permissions and limitations
- # under the License.
-
-+from oslo_config import cfg
- from sqlalchemy import schema
-
- from glance.db.sqlalchemy.migrate_repo import schema as glance_schema
-
-+CONF = cfg.CONF
-
- def define_image_tags_table(meta):
- # Load the images table so the foreign key can be set up properly
-@@ -46,7 +48,7 @@ def define_image_tags_table(meta):
- glance_schema.Boolean(),
- nullable=False,
- default=False),
-- mysql_engine='InnoDB')
-+ mysql_engine=CONF.database.mysql_storage_engine)
-
- schema.Index('ix_image_tags_image_id',
- image_tags.c.image_id)
---- glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/038_add_metadef_tags_table.py.orig 2016-07-29 11:31:57.299857482 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/038_add_metadef_tags_table.py 2016-07-29 11:41:20.227494209 -0600
-@@ -12,28 +12,46 @@
- # License for the specific language governing permissions and limitations
- # under the License.
-
-+from oslo_config import cfg
- from sqlalchemy.schema import (
- Column, Index, MetaData, Table, UniqueConstraint) # noqa
-
- from glance.db.sqlalchemy.migrate_repo.schema import (
- DateTime, Integer, String, create_tables, drop_tables) # noqa
-
-+CONF = cfg.CONF
-
- def define_metadef_tags_table(meta):
- _constr_kwargs = {}
-- metadef_tags = Table('metadef_tags',
-- meta,
-- Column('id', Integer(), primary_key=True,
-- nullable=False),
-- Column('namespace_id', Integer(),
-- nullable=False),
-- Column('name', String(80), nullable=False),
-- Column('created_at', DateTime(), nullable=False),
-- Column('updated_at', DateTime()),
-- UniqueConstraint('namespace_id', 'name',
-- **_constr_kwargs),
-- mysql_engine='InnoDB',
-- extend_existing=False)
-+
-+ # MySQL Cluster, a.k.a. NDB, does not support this constraint.
-+ # If MySQL Cluster is enabled, the constraint will not be configured.
-+ if CONF.database.mysql_storage_engine == "NDBCLUSTER":
-+ metadef_tags = Table('metadef_tags',
-+ meta,
-+ Column('id', Integer(), primary_key=True,
-+ nullable=False),
-+ Column('namespace_id', Integer(),
-+ nullable=False),
-+ Column('name', String(80), nullable=False),
-+ Column('created_at', DateTime(), nullable=False),
-+ Column('updated_at', DateTime()),
-+ mysql_engine=CONF.database.mysql_storage_engine,
-+ extend_existing=False)
-+ else:
-+ metadef_tags = Table('metadef_tags',
-+ meta,
-+ Column('id', Integer(), primary_key=True,
-+ nullable=False),
-+ Column('namespace_id', Integer(),
-+ nullable=False),
-+ Column('name', String(80), nullable=False),
-+ Column('created_at', DateTime(), nullable=False),
-+ Column('updated_at', DateTime()),
-+ UniqueConstraint('namespace_id', 'name',
-+ **_constr_kwargs),
-+ mysql_engine=CONF.database.mysql_storage_engine,
-+ extend_existing=False)
-
- if meta.bind.name != 'ibm_db_sa':
- Index('ix_tags_namespace_id_name',
---- glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/006_key_to_name.py.orig 2016-07-29 11:32:03.190044222 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/006_key_to_name.py 2016-07-29 11:41:49.183401048 -0600
-@@ -14,11 +14,13 @@
- # under the License.
-
- from migrate.changeset import * # noqa
-+from oslo_config import cfg
- from sqlalchemy import * # noqa
-
- from glance.db.sqlalchemy.migrate_repo.schema import (
- Boolean, DateTime, Integer, String, Text, from_migration_import) # noqa
-
-+CONF = cfg.CONF
-
- def get_images_table(meta):
- """
-@@ -63,7 +65,7 @@ def get_image_properties_table(meta):
- default=False,
- index=True),
- UniqueConstraint('image_id', 'name'),
-- mysql_engine='InnoDB',
-+ mysql_engine=CONF.database.mysql_storage_engine,
- extend_existing=True)
-
- return image_properties
---- glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/030_add_tasks_table.py.orig 2016-07-29 11:32:09.114402435 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/030_add_tasks_table.py 2016-07-29 11:42:12.979551894 -0600
-@@ -14,11 +14,13 @@
- # License for the specific language governing permissions and limitations
- # under the License.
-
-+from oslo_config import cfg
- from sqlalchemy.schema import (Column, MetaData, Table, Index)
-
- from glance.db.sqlalchemy.migrate_repo.schema import (
- Boolean, DateTime, String, Text, create_tables, drop_tables) # noqa
-
-+CONF = cfg.CONF
-
- def define_tasks_table(meta):
- tasks = Table('tasks',
-@@ -38,7 +40,7 @@ def define_tasks_table(meta):
- Boolean(),
- nullable=False,
- default=False),
-- mysql_engine='InnoDB',
-+ mysql_engine=CONF.database.mysql_storage_engine,
- extend_existing=True)
-
- Index('ix_tasks_type', tasks.c.type)
---- glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/039_add_changes_to_satisfy_models_metadef.py.orig 2016-07-29 11:32:16.102449889 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/039_add_changes_to_satisfy_models_metadef.py 2016-07-29 11:42:34.666058988 -0600
-@@ -11,11 +11,13 @@
- # under the License.
-
- import migrate
-+from oslo_config import cfg
- import sqlalchemy
- from sqlalchemy import inspect
- from sqlalchemy import (Table, Index, UniqueConstraint)
- from sqlalchemy.schema import (AddConstraint, DropConstraint)
-
-+CONF = cfg.CONF
-
- def upgrade(migrate_engine):
- meta = sqlalchemy.MetaData()
-@@ -36,10 +38,17 @@ def upgrade(migrate_engine):
- Index('ix_objects_namespace_id_name', metadef_objects.c.namespace_id,
- metadef_objects.c.name).drop()
-
-+ fkc = migrate.ForeignKeyConstraint([metadef_properties.c.namespace_id],
-+ [metadef_namespaces.c.id],
-+ name='metadef_properties_ibfk_1')
-+ fkc.drop()
-+
- Index('ix_metadef_properties_namespace_id_name',
- metadef_properties.c.namespace_id,
- metadef_properties.c.name).drop()
-
-+ fkc.create()
-+
- fkc = migrate.ForeignKeyConstraint([metadef_tags.c.namespace_id],
- [metadef_namespaces.c.id])
- fkc.create()
-@@ -57,9 +66,16 @@ def upgrade(migrate_engine):
- metadef_tags.c.name)
- uc.create()
-
-+ fkc = migrate.ForeignKeyConstraint([metadef_tags.c.namespace_id],
-+ [metadef_namespaces.c.id],
-+ name='metadef_tags_namespace_id_fkey')
-+ fkc.drop()
-+
- Index('ix_tags_namespace_id_name', metadef_tags.c.namespace_id,
- metadef_tags.c.name).drop()
-
-+ fkc.create()
-+
- Index('ix_metadef_tags_name', metadef_tags.c.name).create()
-
- Index('ix_metadef_tags_namespace_id', metadef_tags.c.namespace_id,
-@@ -190,7 +206,6 @@ def downgrade(migrate_engine):
- fkc = migrate.ForeignKeyConstraint([metadef_tags.c.namespace_id],
- [metadef_namespaces.c.id])
- fkc.drop()
--
- Index('ix_tags_namespace_id_name', metadef_tags.c.namespace_id,
- metadef_tags.c.name).create()
- else:
---- glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/008_add_image_members_table.py.orig 2016-07-29 11:32:22.100185363 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/008_add_image_members_table.py 2016-07-29 11:42:54.820310263 -0600
-@@ -14,12 +14,14 @@
- # under the License.
-
- from migrate.changeset import * # noqa
-+from oslo_config import cfg
- from sqlalchemy import * # noqa
-
- from glance.db.sqlalchemy.migrate_repo.schema import (
- Boolean, DateTime, Integer, String, create_tables,
- drop_tables, from_migration_import) # noqa
-
-+CONF = cfg.CONF
-
- def get_images_table(meta):
- """
-@@ -45,40 +47,71 @@ def get_image_properties_table(meta):
-
- def get_image_members_table(meta):
- images = get_images_table(meta) # noqa
--
-- image_members = Table('image_members',
-- meta,
-- Column('id',
-- Integer(),
-- primary_key=True,
-- nullable=False),
-- Column('image_id',
-- Integer(),
-- ForeignKey('images.id'),
-- nullable=False,
-- index=True),
-- Column('member', String(255), nullable=False),
-- Column('can_share',
-- Boolean(),
-- nullable=False,
-- default=False),
-- Column('created_at', DateTime(), nullable=False),
-- Column('updated_at', DateTime()),
-- Column('deleted_at', DateTime()),
-- Column('deleted',
-- Boolean(),
-- nullable=False,
-- default=False,
-- index=True),
-- UniqueConstraint('image_id', 'member'),
-- mysql_engine='InnoDB',
-- extend_existing=True)
-+
-+ # MySQL Cluster, a.k.a. NDB, does not support this constraint and index.
-+ # If MySQl Cluster is being used, the constraint and index will not be created.
-+ if CONF.database.mysql_storage_engine == "NDBCLUSTER":
-+ image_members = Table('image_members',
-+ meta,
-+ Column('id',
-+ Integer(),
-+ primary_key=True,
-+ nullable=False),
-+ Column('image_id',
-+ Integer(),
-+ ForeignKey('images.id'),
-+ nullable=False,
-+ index=True),
-+ Column('member', String(255), nullable=False),
-+ Column('can_share',
-+ Boolean(),
-+ nullable=False,
-+ default=False),
-+ Column('created_at', DateTime(), nullable=False),
-+ Column('updated_at', DateTime()),
-+ Column('deleted_at', DateTime()),
-+ Column('deleted',
-+ Boolean(),
-+ nullable=False,
-+ default=False,
-+ index=True),
-+ mysql_engine=CONF.database.mysql_storage_engine,
-+ extend_existing=True)
-+ else:
-+ image_members = Table('image_members',
-+ meta,
-+ Column('id',
-+ Integer(),
-+ primary_key=True,
-+ nullable=False),
-+ Column('image_id',
-+ Integer(),
-+ ForeignKey('images.id'),
-+ nullable=False,
-+ index=True),
-+ Column('member', String(255), nullable=False),
-+ Column('can_share',
-+ Boolean(),
-+ nullable=False,
-+ default=False),
-+ Column('created_at', DateTime(), nullable=False),
-+ Column('updated_at', DateTime()),
-+ Column('deleted_at', DateTime()),
-+ Column('deleted',
-+ Boolean(),
-+ nullable=False,
-+ default=False,
-+ index=True),
-+ UniqueConstraint('image_id', 'member'),
-+ mysql_engine=CONF.database.mysql_storage_engine,
-+ extend_existing=True)
-
- # DB2: an index has already been created for the UniqueConstraint option
- # specified on the Table() statement above.
-- if meta.bind.name != "ibm_db_sa":
-- Index('ix_image_members_image_id_member', image_members.c.image_id,
-- image_members.c.member)
-+ if CONF.database.mysql_storage_engine != "NDBCLUSTER":
-+ if meta.bind.name != "ibm_db_sa":
-+ Index('ix_image_members_image_id_member', image_members.c.image_id,
-+ image_members.c.member)
-
- return image_members
-
---- glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/002_add_image_properties_table.py.orig 2016-07-29 11:32:28.641283394 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/002_add_image_properties_table.py 2016-07-29 11:43:17.467512143 -0600
-@@ -13,6 +13,7 @@
- # License for the specific language governing permissions and limitations
- # under the License.
-
-+from oslo_config import cfg
- from sqlalchemy.schema import (
- Column, ForeignKey, Index, MetaData, Table, UniqueConstraint)
-
-@@ -20,6 +21,7 @@ from glance.db.sqlalchemy.migrate_repo.s
- Boolean, DateTime, Integer, String, Text, create_tables, drop_tables,
- from_migration_import) # noqa
-
-+CONF = cfg.CONF
-
- def define_image_properties_table(meta):
- (define_images_table,) = from_migration_import(
-@@ -36,31 +38,58 @@ def define_image_properties_table(meta):
- if meta.bind.name == 'ibm_db_sa':
- constr_kwargs['name'] = 'ix_image_properties_image_id_key'
-
-- image_properties = Table('image_properties',
-- meta,
-- Column('id',
-- Integer(),
-- primary_key=True,
-- nullable=False),
-- Column('image_id',
-- Integer(),
-- ForeignKey('images.id'),
-- nullable=False,
-- index=True),
-- Column('key', String(255), nullable=False),
-- Column('value', Text()),
-- Column('created_at', DateTime(), nullable=False),
-- Column('updated_at', DateTime()),
-- Column('deleted_at', DateTime()),
-- Column('deleted',
-- Boolean(),
-- nullable=False,
-- default=False,
-- index=True),
-- UniqueConstraint('image_id', 'key',
-- **constr_kwargs),
-- mysql_engine='InnoDB',
-- extend_existing=True)
-+ # MySQL Cluster, a.k.a. NDB, does not support the constraint here.
-+ # This will remove the constraint if MySQL Cluster is being used.
-+ if CONF.database.mysql_storage_engine == "NDBCLUSTER":
-+ image_properties = Table('image_properties',
-+ meta,
-+ Column('id',
-+ Integer(),
-+ primary_key=True,
-+ nullable=False),
-+ Column('image_id',
-+ Integer(),
-+ ForeignKey('images.id'),
-+ nullable=False,
-+ index=True),
-+ Column('key', String(255), nullable=False),
-+ Column('value', Text()),
-+ Column('created_at', DateTime(), nullable=False),
-+ Column('updated_at', DateTime()),
-+ Column('deleted_at', DateTime()),
-+ Column('deleted',
-+ Boolean(),
-+ nullable=False,
-+ default=False,
-+ index=True),
-+ mysql_engine=CONF.database.mysql_storage_engine,
-+ extend_existing=True)
-+ else:
-+ image_properties = Table('image_properties',
-+ meta,
-+ Column('id',
-+ Integer(),
-+ primary_key=True,
-+ nullable=False),
-+ Column('image_id',
-+ Integer(),
-+ ForeignKey('images.id'),
-+ nullable=False,
-+ index=True),
-+ Column('key', String(255), nullable=False),
-+ Column('value', Text()),
-+ Column('created_at', DateTime(), nullable=False),
-+ Column('updated_at', DateTime()),
-+ Column('deleted_at', DateTime()),
-+ Column('deleted',
-+ Boolean(),
-+ nullable=False,
-+ default=False,
-+ index=True),
-+ UniqueConstraint('image_id', 'key',
-+ **constr_kwargs),
-+ mysql_engine=CONF.database.mysql_storage_engine,
-+ extend_existing=True)
-
- if meta.bind.name != 'ibm_db_sa':
- Index('ix_image_properties_image_id_key',
---- glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/035_add_metadef_tables.py.orig 2016-07-29 11:32:34.891435682 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/035_add_metadef_tables.py 2016-07-29 11:43:39.940493840 -0600
-@@ -12,6 +12,7 @@
- # License for the specific language governing permissions and limitations
- # under the License.
-
-+from oslo_config import cfg
- from oslo_utils import timeutils
- import sqlalchemy
- from sqlalchemy.schema import (
-@@ -21,6 +22,7 @@ from glance.db.sqlalchemy.migrate_repo.s
- Boolean, DateTime, Integer, String, Text, create_tables,
- drop_tables) # noqa
-
-+CONF = cfg.CONF
-
- RESOURCE_TYPES = [u'OS::Glance::Image', u'OS::Cinder::Volume',
- u'OS::Nova::Flavor', u'OS::Nova::Aggregate',
-@@ -65,7 +67,7 @@ def define_metadef_namespaces_table(meta
- Column('created_at', DateTime(), nullable=False),
- Column('updated_at', DateTime()),
- UniqueConstraint('namespace', **_constr_kwargs),
-- mysql_engine='InnoDB',
-+ mysql_engine=CONF.database.mysql_storage_engine,
- extend_existing=True)
-
- if meta.bind.name != 'ibm_db_sa':
-@@ -80,22 +82,41 @@ def define_metadef_objects_table(meta):
- if meta.bind.name == 'ibm_db_sa':
- _constr_kwargs['name'] = 'ix_objects_namespace_id_name'
-
-- objects = Table('metadef_objects',
-- meta,
-- Column('id', Integer(), primary_key=True, nullable=False),
-- Column('namespace_id', Integer(),
-- ForeignKey('metadef_namespaces.id'),
-- nullable=False),
-- Column('name', String(80), nullable=False),
-- Column('description', Text()),
-- Column('required', Text()),
-- Column('schema', Text(), nullable=False),
-- Column('created_at', DateTime(), nullable=False),
-- Column('updated_at', DateTime()),
-- UniqueConstraint('namespace_id', 'name',
-- **_constr_kwargs),
-- mysql_engine='InnoDB',
-- extend_existing=True)
-+ # MySQL Cluster, a.k.a. NDB, requires explicit foreign key names
-+ if CONF.database.mysql_storage_engine == "NDBCLUSTER":
-+ objects = Table('metadef_objects',
-+ meta,
-+ Column('id', Integer(), primary_key=True, nullable=False),
-+ Column('namespace_id', Integer(),
-+ ForeignKey('metadef_namespaces.id', name='metadef_objects_ibfk_1'),
-+ nullable=False),
-+ Column('name', String(80), nullable=False),
-+ Column('description', Text()),
-+ Column('required', Text()),
-+ Column('schema', Text(), nullable=False),
-+ Column('created_at', DateTime(), nullable=False),
-+ Column('updated_at', DateTime()),
-+ UniqueConstraint('namespace_id', 'name',
-+ **_constr_kwargs),
-+ mysql_engine=CONF.database.mysql_storage_engine,
-+ extend_existing=True)
-+ else:
-+ objects = Table('metadef_objects',
-+ meta,
-+ Column('id', Integer(), primary_key=True, nullable=False),
-+ Column('namespace_id', Integer(),
-+ ForeignKey('metadef_namespaces.id'),
-+ nullable=False),
-+ Column('name', String(80), nullable=False),
-+ Column('description', Text()),
-+ Column('required', Text()),
-+ Column('schema', Text(), nullable=False),
-+ Column('created_at', DateTime(), nullable=False),
-+ Column('updated_at', DateTime()),
-+ UniqueConstraint('namespace_id', 'name',
-+ **_constr_kwargs),
-+ mysql_engine=CONF.database.mysql_storage_engine,
-+ extend_existing=True)
-
- if meta.bind.name != 'ibm_db_sa':
- Index('ix_objects_namespace_id_name',
-@@ -111,19 +132,35 @@ def define_metadef_properties_table(meta
- if meta.bind.name == 'ibm_db_sa':
- _constr_kwargs['name'] = 'ix_metadef_properties_namespace_id_name'
-
-- metadef_properties = Table(
-- 'metadef_properties',
-- meta,
-- Column('id', Integer(), primary_key=True, nullable=False),
-- Column('namespace_id', Integer(), ForeignKey('metadef_namespaces.id'),
-- nullable=False),
-- Column('name', String(80), nullable=False),
-- Column('schema', Text(), nullable=False),
-- Column('created_at', DateTime(), nullable=False),
-- Column('updated_at', DateTime()),
-- UniqueConstraint('namespace_id', 'name', **_constr_kwargs),
-- mysql_engine='InnoDB',
-- extend_existing=True)
-+ # MySQL Cluster, a.k.a. NDB, requires explicit foreign key names
-+ if CONF.database.mysql_storage_engine == "NDBCLUSTER":
-+ metadef_properties = Table(
-+ 'metadef_properties',
-+ meta,
-+ Column('id', Integer(), primary_key=True, nullable=False),
-+ Column('namespace_id', Integer(), ForeignKey('metadef_namespaces.id', name='metadef_properties_ibfk_1'),
-+ nullable=False),
-+ Column('name', String(80), nullable=False),
-+ Column('schema', Text(), nullable=False),
-+ Column('created_at', DateTime(), nullable=False),
-+ Column('updated_at', DateTime()),
-+ UniqueConstraint('namespace_id', 'name', **_constr_kwargs),
-+ mysql_engine=CONF.database.mysql_storage_engine,
-+ extend_existing=True)
-+ else:
-+ metadef_properties = Table(
-+ 'metadef_properties',
-+ meta,
-+ Column('id', Integer(), primary_key=True, nullable=False),
-+ Column('namespace_id', Integer(), ForeignKey('metadef_namespaces.id'),
-+ nullable=False),
-+ Column('name', String(80), nullable=False),
-+ Column('schema', Text(), nullable=False),
-+ Column('created_at', DateTime(), nullable=False),
-+ Column('updated_at', DateTime()),
-+ UniqueConstraint('namespace_id', 'name', **_constr_kwargs),
-+ mysql_engine=CONF.database.mysql_storage_engine,
-+ extend_existing=True)
-
- if meta.bind.name != 'ibm_db_sa':
- Index('ix_metadef_properties_namespace_id_name',
-@@ -148,7 +185,7 @@ def define_metadef_resource_types_table(
- Column('created_at', DateTime(), nullable=False),
- Column('updated_at', DateTime()),
- UniqueConstraint('name', **_constr_kwargs),
-- mysql_engine='InnoDB',
-+ mysql_engine=CONF.database.mysql_storage_engine,
- extend_existing=True)
-
- if meta.bind.name != 'ibm_db_sa':
-@@ -164,23 +201,41 @@ def define_metadef_namespace_resource_ty
- if meta.bind.name == 'ibm_db_sa':
- _constr_kwargs['name'] = 'ix_metadef_ns_res_types_res_type_id_ns_id'
-
-- metadef_associations = Table(
-- 'metadef_namespace_resource_types',
-- meta,
-- Column('resource_type_id', Integer(),
-- ForeignKey('metadef_resource_types.id'),
-- primary_key=True, nullable=False),
-- Column('namespace_id', Integer(),
-- ForeignKey('metadef_namespaces.id'),
-- primary_key=True, nullable=False),
-- Column('properties_target', String(80)),
-- Column('prefix', String(80)),
-- Column('created_at', DateTime(), nullable=False),
-- Column('updated_at', DateTime()),
-- UniqueConstraint('resource_type_id', 'namespace_id',
-- **_constr_kwargs),
-- mysql_engine='InnoDB',
-- extend_existing=True)
-+ # MySQL Cluster, a.k.a. NDB, does not support these foreign keys, which are later removed.
-+ if CONF.database.mysql_storage_engine == "NDBCLUSTER":
-+ metadef_associations = Table(
-+ 'metadef_namespace_resource_types',
-+ meta,
-+ Column('resource_type_id', Integer(),
-+ primary_key=True, nullable=False),
-+ Column('namespace_id', Integer(),
-+ primary_key=True, nullable=False),
-+ Column('properties_target', String(80)),
-+ Column('prefix', String(80)),
-+ Column('created_at', DateTime(), nullable=False),
-+ Column('updated_at', DateTime()),
-+ UniqueConstraint('resource_type_id', 'namespace_id',
-+ **_constr_kwargs),
-+ mysql_engine=CONF.database.mysql_storage_engine,
-+ extend_existing=True)
-+ else:
-+ metadef_associations = Table(
-+ 'metadef_namespace_resource_types',
-+ meta,
-+ Column('resource_type_id', Integer(),
-+ ForeignKey('metadef_resource_types.id'),
-+ primary_key=True, nullable=False),
-+ Column('namespace_id', Integer(),
-+ ForeignKey('metadef_namespaces.id'),
-+ primary_key=True, nullable=False),
-+ Column('properties_target', String(80)),
-+ Column('prefix', String(80)),
-+ Column('created_at', DateTime(), nullable=False),
-+ Column('updated_at', DateTime()),
-+ UniqueConstraint('resource_type_id', 'namespace_id',
-+ **_constr_kwargs),
-+ mysql_engine=CONF.database.mysql_storage_engine,
-+ extend_existing=True)
-
- if meta.bind.name != 'ibm_db_sa':
- Index('ix_metadef_ns_res_types_res_type_id_ns_id',
---- glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/037_add_changes_to_satisfy_models.py.orig 2016-07-29 11:32:40.844072755 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/037_add_changes_to_satisfy_models.py 2016-07-29 11:44:01.300274699 -0600
-@@ -10,6 +10,7 @@
- # License for the specific language governing permissions and limitations
- # under the License.
-
-+from oslo_config import cfg
- import sqlalchemy
- from sqlalchemy import Table, Index, UniqueConstraint, Sequence
- from sqlalchemy.schema import (AddConstraint, DropConstraint, CreateIndex,
-@@ -17,6 +18,7 @@ from sqlalchemy.schema import (AddConstr
- from sqlalchemy import sql
- from sqlalchemy import update
-
-+CONF = cfg.CONF
-
- def upgrade(migrate_engine):
- meta = sqlalchemy.MetaData()
-@@ -74,10 +76,14 @@ def upgrade(migrate_engine):
-
- images.c.id.alter(server_default=None)
- if migrate_engine.name == 'mysql':
-- constraint = UniqueConstraint(image_properties.c.image_id,
-- image_properties.c.name,
-- name='image_id')
-- migrate_engine.execute(DropConstraint(constraint))
-+ # MySQL Cluster, a.k.a. NDB, does not support the constraint here.
-+ # This will only add the constraint if MySQL Cluster is not being used.
-+ if CONF.database.mysql_storage_engine != "NDBCLUSTER":
-+ constraint = UniqueConstraint(image_properties.c.image_id,
-+ image_properties.c.name,
-+ name='image_id')
-+ migrate_engine.execute(DropConstraint(constraint))
-+
- image_locations = Table('image_locations', meta, autoload=True)
- if len(image_locations.foreign_keys) == 0:
- migrate_engine.execute(AddConstraint(ForeignKeyConstraint(
---- glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/009_add_mindisk_and_minram.py.orig 2016-07-29 11:32:47.075511757 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/009_add_mindisk_and_minram.py 2016-07-29 11:44:23.917127924 -0600
-@@ -14,11 +14,13 @@
- # under the License.
-
- from migrate.changeset import * # noqa
-+from oslo_config import cfg
- from sqlalchemy import * # noqa
-
- from glance.db.sqlalchemy.migrate_repo.schema import (
- Boolean, DateTime, Integer, String, Text, from_migration_import) # noqa
-
-+CONF = cfg.CONF
-
- def get_images_table(meta):
- """
-@@ -51,7 +53,7 @@ def get_images_table(meta):
- Column('owner', String(255)),
- Column('min_disk', Integer(), default=0),
- Column('min_ram', Integer(), default=0),
-- mysql_engine='InnoDB',
-+ mysql_engine=CONF.database.mysql_storage_engine,
- extend_existing=True)
-
- return images
---- glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/032_add_task_info_table.py.orig 2016-07-29 11:32:53.180994551 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/032_add_task_info_table.py 2016-07-29 11:44:45.316686633 -0600
-@@ -13,6 +13,7 @@
- # License for the specific language governing permissions and limitations
- # under the License.
-
-+from oslo_config import cfg
- from sqlalchemy.schema import (Column, ForeignKey, MetaData, Table)
-
- from glance.db.sqlalchemy.migrate_repo.schema import (String,
-@@ -22,6 +23,7 @@ from glance.db.sqlalchemy.migrate_repo.s
-
- TASKS_MIGRATE_COLUMNS = ['input', 'message', 'result']
-
-+CONF = cfg.CONF
-
- def define_task_info_table(meta):
- Table('tasks', meta, autoload=True)
-@@ -37,7 +39,7 @@ def define_task_info_table(meta):
- Column('input', Text()),
- Column('result', Text()),
- Column('message', Text()),
-- mysql_engine='InnoDB')
-+ mysql_engine=CONF.database.mysql_storage_engine)
-
- return task_info
-
---- glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/004_add_checksum.py.orig 2016-07-29 11:32:58.755972142 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/004_add_checksum.py 2016-07-29 11:45:04.732540072 -0600
-@@ -14,11 +14,13 @@
- # under the License.
-
- from migrate.changeset import * # noqa
-+from oslo_config import cfg
- from sqlalchemy import * # noqa
-
- from glance.db.sqlalchemy.migrate_repo.schema import (
- Boolean, DateTime, Integer, String, Text, from_migration_import) # noqa
-
-+CONF = cfg.CONF
-
- def get_images_table(meta):
- """
-@@ -48,7 +50,7 @@ def get_images_table(meta):
- default=False,
- index=True),
- Column('checksum', String(32)),
-- mysql_engine='InnoDB',
-+ mysql_engine=CONF.database.mysql_storage_engine,
- extend_existing=True)
-
- return images
---- glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/021_set_engine_mysql_innodb.py.orig 2016-07-29 11:33:05.406762219 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/021_set_engine_mysql_innodb.py 2016-07-29 11:45:30.188972755 -0600
-@@ -14,21 +14,24 @@
- # License for the specific language governing permissions and limitations
- # under the License.
-
-+from oslo_config import cfg
- from sqlalchemy import MetaData
-
- tables = ['image_locations']
-
-+CONF = cfg.CONF
-
- def upgrade(migrate_engine):
- meta = MetaData()
- meta.bind = migrate_engine
- if migrate_engine.name == "mysql":
-- d = migrate_engine.execute("SHOW TABLE STATUS WHERE Engine!='InnoDB';")
-+ d = migrate_engine.execute("SHOW TABLE STATUS WHERE Engine!='%s';" %
-+ CONF.database.mysql_storage_engine)
- for row in d.fetchall():
- table_name = row[0]
- if table_name in tables:
-- migrate_engine.execute("ALTER TABLE %s Engine=InnoDB" %
-- table_name)
-+ migrate_engine.execute("ALTER TABLE %(db_table)s Engine=%(mysql_storage_engine)s" %
-+ dict(db_table=table_name, mysql_storage_engine=CONF.database.mysql_storage_engine))
-
-
- def downgrade(migrate_engine):
---- glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/041_add_artifact_tables.py.orig 2016-07-29 11:33:13.687025321 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/migrate_repo/versions/041_add_artifact_tables.py 2016-07-29 11:45:55.382385404 -0600
-@@ -12,6 +12,7 @@
- # License for the specific language governing permissions and limitations
- # under the License.
-
-+from oslo_config import cfg
- from sqlalchemy.schema import (Column, ForeignKey, Index, MetaData, Table)
-
-
-@@ -19,6 +20,7 @@ from glance.db.sqlalchemy.migrate_repo.s
- BigInteger, Boolean, DateTime, Integer, Numeric, String, Text,
- create_tables) # noqa
-
-+CONF = cfg.CONF
-
- def define_artifacts_table(meta):
- artifacts = Table('artifacts',
-@@ -43,7 +45,7 @@ def define_artifacts_table(meta):
- nullable=False),
- Column('deleted_at', DateTime()),
- Column('published_at', DateTime()),
-- mysql_engine='InnoDB',
-+ mysql_engine=CONF.database.mysql_storage_engine,
- extend_existing=True)
-
- Index('ix_artifact_name_and_version', artifacts.c.name,
-@@ -68,7 +70,7 @@ def define_artifact_tags_table(meta):
- Column('created_at', DateTime(), nullable=False),
- Column('updated_at', DateTime(),
- nullable=False),
-- mysql_engine='InnoDB',
-+ mysql_engine=CONF.database.mysql_storage_engine,
- extend_existing=True)
-
- Index('ix_artifact_tags_artifact_id', artifact_tags.c.artifact_id)
-@@ -100,7 +102,7 @@ def define_artifact_dependencies_table(m
- nullable=False),
- Column('updated_at', DateTime(),
- nullable=False),
-- mysql_engine='InnoDB',
-+ mysql_engine=CONF.database.mysql_storage_engine,
- extend_existing=True)
-
- Index('ix_artifact_dependencies_source_id',
-@@ -131,7 +133,7 @@ def define_artifact_blobs_table(meta):
- Column('created_at', DateTime(), nullable=False),
- Column('updated_at', DateTime(),
- nullable=False),
-- mysql_engine='InnoDB',
-+ mysql_engine=CONF.database.mysql_storage_engine,
- extend_existing=True)
- Index('ix_artifact_blobs_artifact_id',
- artifact_blobs.c.artifact_id)
-@@ -161,7 +163,7 @@ def define_artifact_properties_table(met
- Column('updated_at', DateTime(),
- nullable=False),
- Column('position', Integer()),
-- mysql_engine='InnoDB',
-+ mysql_engine=CONF.database.mysql_storage_engine,
- extend_existing=True)
- Index('ix_artifact_properties_artifact_id',
- artifact_properties.c.artifact_id)
-@@ -186,7 +188,7 @@ def define_artifact_blob_locations_table
- Column('position', Integer()),
- Column('status', String(36),
- nullable=True),
-- mysql_engine='InnoDB',
-+ mysql_engine=CONF.database.mysql_storage_engine,
- extend_existing=True)
- Index('ix_artifact_blob_locations_blob_id',
- artifact_blob_locations.c.blob_id)
---- glance-2015.1.2/glance/db/sqlalchemy/models.py.orig 2016-07-29 11:33:19.907591270 -0600
-+++ glance-2015.1.2/glance/db/sqlalchemy/models.py 2016-07-29 11:46:37.517783749 -0600
-@@ -21,6 +21,7 @@ SQLAlchemy models for glance data
- import uuid
-
- from oslo.serialization import jsonutils
-+from oslo_config import cfg
- from oslo_db.sqlalchemy import models
- from oslo_utils import timeutils
- from sqlalchemy import BigInteger
-@@ -39,6 +40,7 @@ from sqlalchemy import Text
- from sqlalchemy.types import TypeDecorator
- from sqlalchemy import UniqueConstraint
-
-+CONF = cfg.CONF
-
- BASE = declarative_base()
-
-@@ -67,7 +69,7 @@ class JSONEncodedDict(TypeDecorator):
- class GlanceBase(models.ModelBase, models.TimestampMixin):
- """Base class for Glance Models."""
-
-- __table_args__ = {'mysql_engine': 'InnoDB'}
-+ __table_args__ = {'mysql_engine': CONF.database.mysql_storage_engine}
- __table_initialized__ = False
- __protected_attributes__ = set([
- "created_at", "updated_at", "deleted_at", "deleted"])