Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / heat / b3d83a9a09c88f5d0b4c696a70d6c8826d8a2d66 / . / heat / files / newton / heat.conf.Debian
blob: 1f97cd8cf01f0e8b8cb0d9930d6e478ddd9e39c3 [file] [log] [blame]
{%- from "heat/map.jinja" import server, system_cacerts_file with context %}
[DEFAULT]
#
# From oslo.log
#
region_name_for_services={{ server.region }}
# Print debugging output (set logging level to DEBUG instead of default WARNING
# level). (boolean value)
#debug = false
# Print more verbose output (set logging level to INFO instead of default
# WARNING level). (boolean value)
#verbose = false
verbose = true
# The name of a logging configuration file. This file is appended to any
# existing logging configuration files. For details about logging configuration
# files, see the Python logging module documentation. (string value)
# Deprecated group/name - [DEFAULT]/log_config
#log_config_append = <None>
# DEPRECATED. A logging.Formatter log message format string which may use any
# of the available logging.LogRecord attributes. This option is deprecated.
# Please use logging_context_format_string and logging_default_format_string
# instead. (string value)
#log_format = <None>
# List of directories to search for plug-ins. (list value)
{%- if server.get('dir', {}).plugins is defined %}
plugin_dirs=/usr/lib64/heat,/usr/lib/heat,/usr/local/lib/heat,/usr/local/lib64/heat,{{ server.dir.plugins|join(",") }}
{%- endif %}
heat_metadata_server_url={{ server.metadata.protocol }}://{{ server.metadata.host }}:{{ server.metadata.port }}
# URL of the Heat waitcondition server. (string value)
heat_waitcondition_server_url={{ server.waitcondition.protocol }}://{{ server.waitcondition.host }}:{{ server.waitcondition.port }}/v1/waitcondition
# URL of the Heat CloudWatch server. (string value)
heat_watch_server_url={{ server.watch.protocol }}://{{ server.watch.host }}:{{ server.watch.port }}
# Format string for %%(asctime)s in log records. Default: %(default)s . (string
# value)
#log_date_format = %Y-%m-%d %H:%M:%S
instance_connection_is_secure=0
# (Optional) Name of log file to output to. If no default is set, logging will
# go to stdout. (string value)
# Deprecated group/name - [DEFAULT]/logfile
#log_file = <None>
log_file=/var/log/heat/heat.log
# (Optional) The base directory used for relative --log-file paths. (string
# value)
# Deprecated group/name - [DEFAULT]/logdir
#log_dir = <None>
# Use syslog for logging. Existing syslog format is DEPRECATED during I, and
# will change in J to honor RFC5424. (boolean value)
#use_syslog = false
workers=4
{%- if server.stack_domain_admin is defined %}
# Keystone username, a user with roles sufficient to manage
# users and projects in the stack_user_domain. (string value)
stack_domain_admin = heat_domain_admin
# Keystone password for stack_domain_admin user. (string
# value)
stack_domain_admin_password={{ server.stack_domain_admin.password }}
stack_user_domain_name = heat_user_domain
{%- else %}
# Keystone username, a user with roles sufficient to manage
# users and projects in the stack_user_domain. (string value)
#stack_domain_admin=<None>
# Keystone password for stack_domain_admin user. (string
# value)
#stack_domain_admin_password=<None>
{%- endif %}
# (Optional) Enables or disables syslog rfc5424 format for logging. If enabled,
# prefixes the MSG part of the syslog message with APP-NAME (RFC5424). The
# format without the APP-NAME is deprecated in I, and will be removed in J.
# (boolean value)
#use_syslog_rfc_format = false
# Syslog facility to receive log lines. (string value)
#syslog_log_facility = LOG_USER
# Log output to standard error. (boolean value)
#use_stderr = true
# Format string to use for log messages with context. (string value)
#logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s
# Format string to use for log messages without context. (string value)
#logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s
# Data to append to log format when level is DEBUG. (string value)
#logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d
# Prefix each line of exception output with this format. (string value)
#logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s
# List of logger=LEVEL pairs. (list value)
#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN
# Enables or disables publication of error events. (boolean value)
#publish_errors = false
# Enables or disables fatal status of deprecations. (boolean value)
#fatal_deprecations = false
# The format for an instance that is passed with the log message. (string
# value)
#instance_format = "[instance: %(uuid)s] "
# The format for an instance UUID that is passed with the log message. (string
# value)
#instance_uuid_format = "[instance: %(uuid)s] "
#
# From oslo.messaging
#
# Size of RPC connection pool. (integer value)
#rpc_conn_pool_size = 30
# ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP.
# The "host" option should point or resolve to this address. (string value)
#rpc_zmq_bind_address = *
# MatchMaker driver. (string value)
#rpc_zmq_matchmaker = local
# ZeroMQ receiver listening port. (integer value)
#rpc_zmq_port = 9501
# Number of ZeroMQ contexts, defaults to 1. (integer value)
#rpc_zmq_contexts = 1
# Maximum number of ingress messages to locally buffer per topic. Default is
# unlimited. (integer value)
#rpc_zmq_topic_backlog = <None>
# Directory for holding IPC sockets. (string value)
#rpc_zmq_ipc_dir = /var/run/openstack
# Name of this node. Must be a valid hostname, FQDN, or IP address. Must match
# "host" option, if running Nova. (string value)
#rpc_zmq_host = localhost
# Seconds to wait before a cast expires (TTL). Only supported by impl_zmq.
# (integer value)
#rpc_cast_timeout = 30
# Heartbeat frequency. (integer value)
#matchmaker_heartbeat_freq = 300
# Heartbeat time-to-live. (integer value)
#matchmaker_heartbeat_ttl = 600
# Size of RPC thread pool. (integer value)
#rpc_thread_pool_size = 64
# Driver or drivers to handle sending notifications. (multi valued)
#notification_driver =
{%- if server.notification is mapping %}
notification_driver = {{ server.notification.get('driver', 'messagingv2') }}
{%- if server.notification.topics is defined %}
notification_topics = {{ server.notification.topics }}
{%- endif %}
{%- elif server.notification %}
notification_driver = messagingv2
{%- endif %}
# AMQP topic used for OpenStack notifications. (list value)
# Deprecated group/name - [rpc_notifier2]/topics
#notification_topics = notifications
# Seconds to wait for a response from a call. (integer value)
#rpc_response_timeout = 60
rpc_response_timeout = 600
# A URL representing the messaging driver to use and its full configuration. If
# not set, we fall back to the rpc_backend option and driver specific
# configuration. (string value)
#transport_url = <None>
# The messaging driver to use, defaults to rabbit. Other drivers include qpid
# and zmq. (string value)
#rpc_backend = rabbit
{%- set rabbit_port = server.message_queue.get('port', 5671 if server.message_queue.get('ssl',{}).get('enabled', False) else 5672) %}
{%- if server.message_queue.members is defined %}
transport_url = rabbit://{% for member in server.message_queue.members -%}
{{ server.message_queue.user }}:{{ server.message_queue.password }}@{{ member.host }}:{{ member.get('port', rabbit_port) }}
{%- if not loop.last -%},{%- endif -%}
{%- endfor -%}
/{{ server.message_queue.virtual_host }}
{%- else %}
transport_url = rabbit://{{ server.message_queue.user }}:{{ server.message_queue.password }}@{{ server.message_queue.host }}:{{ rabbit_port }}/{{ server.message_queue.virtual_host }}
{%- endif %}
# The default exchange under which topics are scoped. May be overridden by an
# exchange name specified in the transport_url option. (string value)
#control_exchange = openstack
max_resources_per_stack=20000
max_json_body_size=10880000
max_template_size=5440000
{%- if server.max_stacks_per_tenant is defined %}
max_stacks_per_tenant = {{ server.max_stacks_per_tenant }}
{%- endif %}
[heat_api]
#
# Options defined in heat.common.wsgi
#
# Address to bind the server. Useful when selecting a
# particular network interface. (string value)
bind_host = {{ server.bind.api.address }}
# The port on which the server will listen. (integer value)
#bind_port=8004
# Number of backlog requests to configure the socket with.
# (integer value)
#backlog=4096
# Location of the SSL certificate file to use for SSL mode.
# (string value)
#cert_file=<None>
# Location of the SSL key file to use for enabling SSL mode.
# (string value)
#key_file=<None>
# Number of workers for Heat service. (integer value)
#workers=0
# Maximum line size of message headers to be accepted.
# max_header_line may need to be increased when using large
# tokens (typically those generated by the Keystone v3 API
# with big service catalogs). (integer value)
#max_header_line=16384
[heat_api_cfn]
#
# Options defined in heat.common.wsgi
#
# Address to bind the server. Useful when selecting a
# particular network interface. (string value)
bind_host = {{ server.bind.api_cfn.address }}
# The port on which the server will listen. (integer value)
#bind_port=8000
# Number of backlog requests to configure the socket with.
# (integer value)
#backlog=4096
# Location of the SSL certificate file to use for SSL mode.
# (string value)
#cert_file=<None>
# Location of the SSL key file to use for enabling SSL mode.
# (string value)
#key_file=<None>
# Number of workers for Heat service. (integer value)
#workers=0
# Maximum line size of message headers to be accepted.
# max_header_line may need to be increased when using large
# tokens (typically those generated by the Keystone v3 API
# with big service catalogs). (integer value)
#max_header_line=16384
[heat_api_cloudwatch]
#
# Options defined in heat.common.wsgi
#
# Address to bind the server. Useful when selecting a
# particular network interface. (string value)
bind_host = {{ server.bind.api_cloudwatch.address }}
# The port on which the server will listen. (integer value)
#bind_port=8003
# Number of backlog requests to configure the socket with.
# (integer value)
#backlog=4096
# Location of the SSL certificate file to use for SSL mode.
# (string value)
#cert_file=<None>
# Location of the SSL key file to use for enabling SSL mode.
# (string value)
#key_file=<None>
# Number of workers for Heat service. (integer value)
#workers=0
# Maximum line size of message headers to be accepted.
# max_header_line may need to be increased when using large
# tokens (typically those generated by the Keystone v3 API
# with big service catalogs.) (integer value)
#max_header_line=16384
[database]
#
# From oslo.db
#
# The file name to use with SQLite. (string value)
# Deprecated group/name - [DEFAULT]/sqlite_db
#sqlite_db = oslo.sqlite
# If True, SQLite uses synchronous mode. (boolean value)
# Deprecated group/name - [DEFAULT]/sqlite_synchronous
#sqlite_synchronous = true
# The back end to use for the database. (string value)
# Deprecated group/name - [DEFAULT]/db_backend
#backend = sqlalchemy
# The SQLAlchemy connection string to use to connect to the database. (string
# value)
# Deprecated group/name - [DEFAULT]/sql_connection
# Deprecated group/name - [DATABASE]/sql_connection
# Deprecated group/name - [sql]/connection
#connection = <None>
connection = {{ server.database.engine }}+pymysql://{{ server.database.user }}:{{ server.database.password }}@{{ server.database.host }}/{{ server.database.name }}?charset=utf8{%- if server.database.get('ssl',{}).get('enabled',False) %}&ssl_ca={{ server.database.ssl.get('cacert_file', system_cacerts_file) }}{% endif %}
# The SQLAlchemy connection string to use to connect to the slave database.
# (string value)
#slave_connection = <None>
# The SQL mode to be used for MySQL sessions. This option, including the
# default, overrides any server-set SQL mode. To use whatever SQL mode is set
# by the server configuration, set this to no value. Example: mysql_sql_mode=
# (string value)
#mysql_sql_mode = TRADITIONAL
# Timeout before idle SQL connections are reaped. (integer value)
# Deprecated group/name - [DEFAULT]/sql_idle_timeout
# Deprecated group/name - [DATABASE]/sql_idle_timeout
# Deprecated group/name - [sql]/idle_timeout
#idle_timeout = 3600
# Minimum number of SQL connections to keep open in a pool. (integer value)
# Deprecated group/name - [DEFAULT]/sql_min_pool_size
# Deprecated group/name - [DATABASE]/sql_min_pool_size
#min_pool_size = 1
# Maximum number of SQL connections to keep open in a pool. (integer value)
# Deprecated group/name - [DEFAULT]/sql_max_pool_size
# Deprecated group/name - [DATABASE]/sql_max_pool_size
#max_pool_size = <None>
max_pool_size = 30
# Maximum number of database connection retries during startup. Set to -1 to
# specify an infinite retry count. (integer value)
# Deprecated group/name - [DEFAULT]/sql_max_retries
# Deprecated group/name - [DATABASE]/sql_max_retries
#max_retries = 10
max_retries = -1
# Interval between retries of opening a SQL connection. (integer value)
# Deprecated group/name - [DEFAULT]/sql_retry_interval
# Deprecated group/name - [DATABASE]/reconnect_interval
#retry_interval = 10
# If set, use this value for max_overflow with SQLAlchemy. (integer value)
# Deprecated group/name - [DEFAULT]/sql_max_overflow
# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow
#max_overflow = <None>
max_overflow = 60
# Verbosity of SQL debugging information: 0=None, 100=Everything. (integer
# value)
# Deprecated group/name - [DEFAULT]/sql_connection_debug
#connection_debug = 0
# Add Python stack traces to SQL as comment strings. (boolean value)
# Deprecated group/name - [DEFAULT]/sql_connection_trace
#connection_trace = false
# If set, use this value for pool_timeout with SQLAlchemy. (integer value)
# Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout
#pool_timeout = <None>
# Enable the experimental use of database reconnect on connection lost.
# (boolean value)
#use_db_reconnect = false
# Seconds between retries of a database transaction. (integer value)
#db_retry_interval = 1
# If True, increases the interval between retries of a database operation up to
# db_max_retry_interval. (boolean value)
#db_inc_retry_interval = true
# If db_inc_retry_interval is set, the maximum seconds between retries of a
# database operation. (integer value)
#db_max_retry_interval = 10
# Maximum retries in case of connection error or deadlock error before error is
# raised. Set to -1 to specify an infinite retry count. (integer value)
#db_max_retries = 20
[keystone_authtoken]
auth_type = password
auth_uri=http://{{ server.identity.host }}:5000/v2.0
#identity_uri=http://{{ server.identity.host }}:35357
#admin_user={{ server.identity.user }}
#admin_password={{ server.identity.password }}
#admin_tenant_name={{ server.identity.tenant }}
auth_url=http://{{ server.identity.host }}:35357
username = {{ server.identity.user }}
password = {{ server.identity.password }}
project_name = {{ server.identity.tenant }}
project_domain_name = Default
user_domain_name = Default
{%- if server.cache is defined %}
memcached_servers={%- for member in server.cache.members %}{{ member.host }}:11211{% if not loop.last %},{% endif %}{%- endfor %}
{%- endif %}
{%- if server.cache is defined %}
[cache]
enabled=True
backend=oslo_cache.memcache_pool
memcached_servers={%- for member in server.cache.members %}{{ member.host }}:11211{% if not loop.last %},{% endif %}{%- endfor %}
{%- endif %}
[trustee]
auth_plugin = password
auth_url = http://{{ server.identity.host }}:35357
username = {{ server.identity.user }}
password = {{ server.identity.password }}
user_domain_name = default
project_domain_id = {{ server.identity.get('domain', 'default') }}
user_domain_id = {{ server.identity.get('domain', 'default') }}
[oslo_middleware]
enable_proxy_headers_parsing = True
[matchmaker_redis]
#
# From oslo.messaging
#
# Host to locate redis. (string value)
#host = 127.0.0.1
# Use this port to connect to redis host. (integer value)
#port = 6379
# Password for Redis server (optional). (string value)
#password = <None>
[matchmaker_ring]
#
# From oslo.messaging
#
# Matchmaker ring file (JSON). (string value)
# Deprecated group/name - [DEFAULT]/matchmaker_ringfile
#ringfile = /etc/oslo/matchmaker_ring.json
[oslo_messaging_amqp]
#
# From oslo.messaging
#
# address prefix used when sending to a specific server (string value)
# Deprecated group/name - [amqp1]/server_request_prefix
#server_request_prefix = exclusive
# address prefix used when broadcasting to all servers (string value)
# Deprecated group/name - [amqp1]/broadcast_prefix
#broadcast_prefix = broadcast
# address prefix when sending to any server in group (string value)
# Deprecated group/name - [amqp1]/group_request_prefix
#group_request_prefix = unicast
# Name for the AMQP container (string value)
# Deprecated group/name - [amqp1]/container_name
#container_name = <None>
# Timeout for inactive connections (in seconds) (integer value)
# Deprecated group/name - [amqp1]/idle_timeout
#idle_timeout = 0
# Debug: dump AMQP frames to stdout (boolean value)
# Deprecated group/name - [amqp1]/trace
#trace = false
# CA certificate PEM file for verifing server certificate (string value)
# Deprecated group/name - [amqp1]/ssl_ca_file
#ssl_ca_file =
# Identifying certificate PEM file to present to clients (string value)
# Deprecated group/name - [amqp1]/ssl_cert_file
#ssl_cert_file =
# Private key PEM file used to sign cert_file certificate (string value)
# Deprecated group/name - [amqp1]/ssl_key_file
#ssl_key_file =
# Password for decrypting ssl_key_file (if encrypted) (string value)
# Deprecated group/name - [amqp1]/ssl_key_password
#ssl_key_password = <None>
# Accept clients using either SSL or plain TCP (boolean value)
# Deprecated group/name - [amqp1]/allow_insecure_clients
#allow_insecure_clients = false
[oslo_messaging_qpid]
#
# From oslo.messaging
#
# Use durable queues in AMQP. (boolean value)
# Deprecated group/name - [DEFAULT]/rabbit_durable_queues
#amqp_durable_queues = false
# Auto-delete queues in AMQP. (boolean value)
# Deprecated group/name - [DEFAULT]/amqp_auto_delete
#amqp_auto_delete = false
# Qpid broker hostname. (string value)
# Deprecated group/name - [DEFAULT]/qpid_hostname
#qpid_hostname = localhost
# Qpid broker port. (integer value)
# Deprecated group/name - [DEFAULT]/qpid_port
#qpid_port = 5672
# Qpid HA cluster host:port pairs. (list value)
# Deprecated group/name - [DEFAULT]/qpid_hosts
#qpid_hosts = $qpid_hostname:$qpid_port
# Username for Qpid connection. (string value)
# Deprecated group/name - [DEFAULT]/qpid_username
#qpid_username =
# Password for Qpid connection. (string value)
# Deprecated group/name - [DEFAULT]/qpid_password
#qpid_password =
# Space separated list of SASL mechanisms to use for auth. (string value)
# Deprecated group/name - [DEFAULT]/qpid_sasl_mechanisms
#qpid_sasl_mechanisms =
# Seconds between connection keepalive heartbeats. (integer value)
# Deprecated group/name - [DEFAULT]/qpid_heartbeat
#qpid_heartbeat = 60
# Transport to use, either 'tcp' or 'ssl'. (string value)
# Deprecated group/name - [DEFAULT]/qpid_protocol
#qpid_protocol = tcp
# Whether to disable the Nagle algorithm. (boolean value)
# Deprecated group/name - [DEFAULT]/qpid_tcp_nodelay
#qpid_tcp_nodelay = true
# The number of prefetched messages held by receiver. (integer value)
# Deprecated group/name - [DEFAULT]/qpid_receiver_capacity
#qpid_receiver_capacity = 1
# The qpid topology version to use. Version 1 is what was originally used by
# impl_qpid. Version 2 includes some backwards-incompatible changes that allow
# broker federation to work. Users should update to version 2 when they are
# able to take everything down, as it requires a clean break. (integer value)
# Deprecated group/name - [DEFAULT]/qpid_topology_version
#qpid_topology_version = 1
[oslo_messaging_rabbit]
#
# From oslo.messaging
#
{%- if server.message_queue.get('ssl',{}).get('enabled', False) %}
rabbit_use_ssl=true
{%- if server.message_queue.ssl.version is defined %}
kombu_ssl_version = {{ server.message_queue.ssl.version }}
{%- elif salt['grains.get']('pythonversion') > [2,7,8] %}
kombu_ssl_version = TLSv1_2
{%- endif %}
{%- if server.message_queue.ssl.cacert_file is defined %}
kombu_ssl_ca_certs = {{ server.message_queue.ssl.cacert_file }}
{%- else %}
kombu_ssl_ca_certs={{ system_cacerts_file }}
{%- endif %}
{%- endif %}
# Use durable queues in AMQP. (boolean value)
# Deprecated group/name - [DEFAULT]/rabbit_durable_queues
#amqp_durable_queues = false
# Auto-delete queues in AMQP. (boolean value)
# Deprecated group/name - [DEFAULT]/amqp_auto_delete
#amqp_auto_delete = false
# SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and
# SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some
# distributions. (string value)
# Deprecated group/name - [DEFAULT]/kombu_ssl_version
#kombu_ssl_version =
# SSL key file (valid only if SSL enabled). (string value)
# Deprecated group/name - [DEFAULT]/kombu_ssl_keyfile
#kombu_ssl_keyfile =
# SSL cert file (valid only if SSL enabled). (string value)
# Deprecated group/name - [DEFAULT]/kombu_ssl_certfile
#kombu_ssl_certfile =
# SSL certification authority file (valid only if SSL enabled). (string value)
# Deprecated group/name - [DEFAULT]/kombu_ssl_ca_certs
#kombu_ssl_ca_certs =
# How long to wait before reconnecting in response to an AMQP consumer cancel
# notification. (floating point value)
# Deprecated group/name - [DEFAULT]/kombu_reconnect_delay
#kombu_reconnect_delay = 1.0
# Connect over SSL for RabbitMQ. (boolean value)
#rabbit_use_ssl=false
# The RabbitMQ login method. (string value)
#rabbit_login_method=AMQPLAIN
# The RabbitMQ virtual host. (string value)
# How frequently to retry connecting with RabbitMQ. (integer
# value)
#rabbit_retry_interval=1
# How long to backoff for between retries when connecting to
# RabbitMQ. (integer value)
#rabbit_retry_backoff=2
# Maximum number of RabbitMQ connection retries. Default is 0
# (infinite retry count). (integer value)
#rabbit_max_retries=0
#rabbit_host = localhost
# The RabbitMQ broker port where a single node is used. (integer value)
# Deprecated group/name - [DEFAULT]/rabbit_port
#rabbit_port = 5672
# RabbitMQ HA cluster host:port pairs. (list value)
# Deprecated group/name - [DEFAULT]/rabbit_hosts
#rabbit_hosts = $rabbit_host:$rabbit_port
# Connect over SSL for RabbitMQ. (boolean value)
# Deprecated group/name - [DEFAULT]/rabbit_use_ssl
#rabbit_use_ssl = false
# The RabbitMQ userid. (string value)
# Deprecated group/name - [DEFAULT]/rabbit_userid
#rabbit_userid = guest
# The RabbitMQ password. (string value)
# Deprecated group/name - [DEFAULT]/rabbit_password
#rabbit_password = guest
# The RabbitMQ login method. (string value)
# Deprecated group/name - [DEFAULT]/rabbit_login_method
#rabbit_login_method = AMQPLAIN
# The RabbitMQ virtual host. (string value)
# Deprecated group/name - [DEFAULT]/rabbit_virtual_host
#rabbit_virtual_host = /
# How frequently to retry connecting with RabbitMQ. (integer value)
#rabbit_retry_interval = 1
# How long to backoff for between retries when connecting to RabbitMQ. (integer
# value)
# Deprecated group/name - [DEFAULT]/rabbit_retry_backoff
#rabbit_retry_backoff = 2
# Maximum number of RabbitMQ connection retries. Default is 0 (infinite retry
# count). (integer value)
# Deprecated group/name - [DEFAULT]/rabbit_max_retries
#rabbit_max_retries = 0
# Use HA queues in RabbitMQ (x-ha-policy: all). If you change this option, you
# must wipe the RabbitMQ database. (boolean value)
# Deprecated group/name - [DEFAULT]/rabbit_ha_queues
#rabbit_ha_queues = false
# Number of seconds after which the Rabbit broker is considered down if
# heartbeat's keep-alive fails (0 disable the heartbeat). (integer value)
#heartbeat_timeout_threshold = 60
# How often times during the heartbeat_timeout_threshold we check the
# heartbeat. (integer value)
#heartbeat_rate = 2
# Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake (boolean value)
# Deprecated group/name - [DEFAULT]/fake_rabbit
#fake_rabbit = false
[ec2authtoken]
#
# Options defined in heat.api.aws.ec2token
#
# Authentication Endpoint URI. (string value)
auth_uri=http://{{ server.identity.host }}:5000/v2.0
# Allow orchestration of multiple clouds. (boolean value)
#multi_cloud=false
# Allowed keystone endpoints for auth_uri when multi_cloud is
# enabled. At least one endpoint needs to be specified. (list
# value)
#allowed_auth_uris=
keystone_ec2_uri=http://{{ server.identity.host }}:5000/v2.0/ec2tokens
[clients]
endpoint_type = {{ server.identity.get('endpoint_type_default', 'publicURL') }}
[clients_heat]
endpoint_type = {{ server.identity.get('endpoint_type_heat',
server.identity.get('endpoint_type_default', 'publicURL')) }}
[clients_keystone]
{%- if server.clients.keystone is defined %}
auth_uri= {{ server.clients.keystone.protocol }}://{{ server.clients.keystone.host }}:{{ server.clients.keystone.port }}
insecure = {{ server.clients.keystone.get('insecure', false) }}
{%- else %}
auth_uri=http://{{ server.identity.host }}:35357
{%- endif %}
{%- if pillar.get('opencontrail', {}).get('client', {}).get('enabled', False) %}
{%- from "opencontrail/map.jinja" import client with context %}
[clients_contrail]
user={{ client.identity.user }}
password={{ client.identity.password }}
tenant={{ client.identity.tenant }}
auth_host_ip={{ client.identity.host }}
api_server={{ client.api.host }}
api_port={{ client.api.port }}
{%- endif %}
[cors]
#
# From oslo.middleware.cors
#
# Indicate whether this resource may be shared with the domain
# received in the requests "origin" header. (list value)
#allowed_origin = <None>
{%- if server.cors.allowed_origin is defined %}
allowed_origin = {{ server.cors.allowed_origin }}
{%- endif %}
# Indicate that the actual request can include user credentials
# (boolean value)
#allow_credentials = true
{%- if server.cors.allow_credentials is defined %}
allow_credentials = {{ server.cors.allow_credentials }}
{%- endif %}
# Indicate which headers are safe to expose to the API. Defaults to
# HTTP Simple Headers. (list value)
#expose_headers = X-Image-Meta-Checksum,X-Auth-Token,X-Subject-Token,X-Service-Token,X-OpenStack-Request-ID
{%- if server.cors.expose_headers is defined %}
expose_headers = {{ server.cors.expose_headers }}
{%- endif %}
# Maximum cache age of CORS preflight requests. (integer value)
#max_age = 3600
{%- if server.cors.max_age is defined %}
max_age = {{ server.cors.max_age }}
{%- endif %}
# Indicate which methods can be used during the actual request. (list
# value)
#allow_methods = GET,PUT,POST,DELETE,PATCH
{%- if server.cors.allow_methods is defined %}
allow_methods = {{ server.cors.allow_methods }}
{%- endif %}
# Indicate which header field names may be used during the actual
# request. (list value)
#allow_headers = Content-MD5,X-Image-Meta-Checksum,X-Storage-Token,Accept-Encoding,X-Auth-Token,X-Identity-Status,X-Roles,X-Service-Catalog,X-User-Id,X-Tenant-Id,X-OpenStack-Request-ID
{%- if server.cors.allow_headers is defined %}
allow_headers = {{ server.cors.allow_headers }}
{%- endif %}