| {%- from "heat/map.jinja" import server with context %} |
| [DEFAULT] |
| |
| # |
| # From oslo.log |
| # |
| |
| region_name_for_services={{ server.region }} |
| |
| # Print debugging output (set logging level to DEBUG instead of default WARNING |
| # level). (boolean value) |
| #debug = false |
| |
| # Print more verbose output (set logging level to INFO instead of default |
| # WARNING level). (boolean value) |
| #verbose = false |
| verbose = true |
| |
| # The name of a logging configuration file. This file is appended to any |
| # existing logging configuration files. For details about logging configuration |
| # files, see the Python logging module documentation. (string value) |
| # Deprecated group/name - [DEFAULT]/log_config |
| #log_config_append = <None> |
| |
| # DEPRECATED. A logging.Formatter log message format string which may use any |
| # of the available logging.LogRecord attributes. This option is deprecated. |
| # Please use logging_context_format_string and logging_default_format_string |
| # instead. (string value) |
| #log_format = <None> |
| |
| # List of directories to search for plug-ins. (list value) |
| {%- if server.get('dir', {}).plugins is defined %} |
| plugin_dirs={{ server.dir.plugins|join(",") }} |
| {%- endif %} |
| |
| heat_metadata_server_url=http://{{ server.metadata.host }}:{{ server.metadata.port }} |
| |
| # URL of the Heat waitcondition server. (string value) |
| heat_waitcondition_server_url=http://{{ server.waitcondition.host }}:{{ server.waitcondition.port }}/v1/waitcondition |
| |
| # URL of the Heat CloudWatch server. (string value) |
| heat_watch_server_url=http://{{ server.watch.host }}:{{ server.watch.port }} |
| # Format string for %%(asctime)s in log records. Default: %(default)s . (string |
| # value) |
| #log_date_format = %Y-%m-%d %H:%M:%S |
| |
| # (Optional) Name of log file to output to. If no default is set, logging will |
| # go to stdout. (string value) |
| # Deprecated group/name - [DEFAULT]/logfile |
| #log_file = <None> |
| log_file=/var/log/heat/heat.log |
| |
| # (Optional) The base directory used for relative --log-file paths. (string |
| # value) |
| # Deprecated group/name - [DEFAULT]/logdir |
| #log_dir = <None> |
| |
| # Use syslog for logging. Existing syslog format is DEPRECATED during I, and |
| # will change in J to honor RFC5424. (boolean value) |
| #use_syslog = false |
| |
| workers=4 |
| |
| {%- if server.stack_domain_admin is defined %} |
| |
| # Keystone username, a user with roles sufficient to manage |
| # users and projects in the stack_user_domain. (string value) |
| stack_domain_admin = heat_domain_admin |
| |
| # Keystone password for stack_domain_admin user. (string |
| # value) |
| stack_domain_admin_password={{ server.stack_domain_admin.password }} |
| |
| stack_user_domain_name = heat_user_domain |
| |
| {%- else %} |
| |
| # Keystone username, a user with roles sufficient to manage |
| # users and projects in the stack_user_domain. (string value) |
| #stack_domain_admin=<None> |
| |
| # Keystone password for stack_domain_admin user. (string |
| # value) |
| #stack_domain_admin_password=<None> |
| |
| {%- endif %} |
| |
| # (Optional) Enables or disables syslog rfc5424 format for logging. If enabled, |
| # prefixes the MSG part of the syslog message with APP-NAME (RFC5424). The |
| # format without the APP-NAME is deprecated in I, and will be removed in J. |
| # (boolean value) |
| #use_syslog_rfc_format = false |
| |
| # Syslog facility to receive log lines. (string value) |
| #syslog_log_facility = LOG_USER |
| |
| # Log output to standard error. (boolean value) |
| #use_stderr = true |
| |
| # Format string to use for log messages with context. (string value) |
| #logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s |
| |
| # Format string to use for log messages without context. (string value) |
| #logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s |
| |
| # Data to append to log format when level is DEBUG. (string value) |
| #logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d |
| |
| # Prefix each line of exception output with this format. (string value) |
| #logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s |
| |
| # List of logger=LEVEL pairs. (list value) |
| #default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN |
| |
| # Enables or disables publication of error events. (boolean value) |
| #publish_errors = false |
| |
| # Enables or disables fatal status of deprecations. (boolean value) |
| #fatal_deprecations = false |
| |
| # The format for an instance that is passed with the log message. (string |
| # value) |
| #instance_format = "[instance: %(uuid)s] " |
| |
| # The format for an instance UUID that is passed with the log message. (string |
| # value) |
| #instance_uuid_format = "[instance: %(uuid)s] " |
| |
| # |
| # From oslo.messaging |
| # |
| |
| # Size of RPC connection pool. (integer value) |
| #rpc_conn_pool_size = 30 |
| |
| # ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP. |
| # The "host" option should point or resolve to this address. (string value) |
| #rpc_zmq_bind_address = * |
| |
| # MatchMaker driver. (string value) |
| #rpc_zmq_matchmaker = local |
| |
| # ZeroMQ receiver listening port. (integer value) |
| #rpc_zmq_port = 9501 |
| |
| # Number of ZeroMQ contexts, defaults to 1. (integer value) |
| #rpc_zmq_contexts = 1 |
| |
| # Maximum number of ingress messages to locally buffer per topic. Default is |
| # unlimited. (integer value) |
| #rpc_zmq_topic_backlog = <None> |
| |
| # Directory for holding IPC sockets. (string value) |
| #rpc_zmq_ipc_dir = /var/run/openstack |
| |
| # Name of this node. Must be a valid hostname, FQDN, or IP address. Must match |
| # "host" option, if running Nova. (string value) |
| #rpc_zmq_host = localhost |
| |
| # Seconds to wait before a cast expires (TTL). Only supported by impl_zmq. |
| # (integer value) |
| #rpc_cast_timeout = 30 |
| |
| # Heartbeat frequency. (integer value) |
| #matchmaker_heartbeat_freq = 300 |
| |
| # Heartbeat time-to-live. (integer value) |
| #matchmaker_heartbeat_ttl = 600 |
| |
| # Size of RPC thread pool. (integer value) |
| #rpc_thread_pool_size = 64 |
| |
| # Driver or drivers to handle sending notifications. (multi valued) |
| #notification_driver = |
| {%- if server.notification is mapping %} |
| notification_driver = {{ server.notification.get('driver', 'messagingv2') }} |
| {%- if server.notification.topics is defined %} |
| notification_topics = {{ server.notification.topics }} |
| {%- endif %} |
| {%- elif server.notification %} |
| notification_driver = messagingv2 |
| {% endif %} |
| |
| # AMQP topic used for OpenStack notifications. (list value) |
| # Deprecated group/name - [rpc_notifier2]/topics |
| #notification_topics = notifications |
| |
| # Seconds to wait for a response from a call. (integer value) |
| #rpc_response_timeout = 60 |
| |
| # A URL representing the messaging driver to use and its full configuration. If |
| # not set, we fall back to the rpc_backend option and driver specific |
| # configuration. (string value) |
| #transport_url = <None> |
| |
| # The messaging driver to use, defaults to rabbit. Other drivers include qpid |
| # and zmq. (string value) |
| #rpc_backend = rabbit |
| rpc_backend = rabbit |
| |
| # The default exchange under which topics are scoped. May be overridden by an |
| # exchange name specified in the transport_url option. (string value) |
| #control_exchange = openstack |
| |
| [heat_api] |
| |
| # |
| # Options defined in heat.common.wsgi |
| # |
| |
| # Address to bind the server. Useful when selecting a |
| # particular network interface. (string value) |
| bind_host={{ server.bind.api.address }} |
| |
| # The port on which the server will listen. (integer value) |
| #bind_port=8004 |
| |
| # Number of backlog requests to configure the socket with. |
| # (integer value) |
| #backlog=4096 |
| |
| # Location of the SSL certificate file to use for SSL mode. |
| # (string value) |
| #cert_file=<None> |
| |
| # Location of the SSL key file to use for enabling SSL mode. |
| # (string value) |
| #key_file=<None> |
| |
| # Number of workers for Heat service. (integer value) |
| #workers=0 |
| |
| # Maximum line size of message headers to be accepted. |
| # max_header_line may need to be increased when using large |
| # tokens (typically those generated by the Keystone v3 API |
| # with big service catalogs). (integer value) |
| #max_header_line=16384 |
| |
| |
| [heat_api_cfn] |
| |
| # |
| # Options defined in heat.common.wsgi |
| # |
| |
| # Address to bind the server. Useful when selecting a |
| # particular network interface. (string value) |
| bind_host={{ server.bind.api_cfn.address }} |
| |
| # The port on which the server will listen. (integer value) |
| #bind_port=8000 |
| |
| # Number of backlog requests to configure the socket with. |
| # (integer value) |
| #backlog=4096 |
| |
| # Location of the SSL certificate file to use for SSL mode. |
| # (string value) |
| #cert_file=<None> |
| |
| # Location of the SSL key file to use for enabling SSL mode. |
| # (string value) |
| #key_file=<None> |
| |
| # Number of workers for Heat service. (integer value) |
| #workers=0 |
| |
| # Maximum line size of message headers to be accepted. |
| # max_header_line may need to be increased when using large |
| # tokens (typically those generated by the Keystone v3 API |
| # with big service catalogs). (integer value) |
| #max_header_line=16384 |
| |
| |
| [heat_api_cloudwatch] |
| |
| # |
| # Options defined in heat.common.wsgi |
| # |
| |
| # Address to bind the server. Useful when selecting a |
| # particular network interface. (string value) |
| bind_host={{ server.bind.api_cloudwatch.address }} |
| |
| # The port on which the server will listen. (integer value) |
| #bind_port=8003 |
| |
| # Number of backlog requests to configure the socket with. |
| # (integer value) |
| #backlog=4096 |
| |
| # Location of the SSL certificate file to use for SSL mode. |
| # (string value) |
| #cert_file=<None> |
| |
| # Location of the SSL key file to use for enabling SSL mode. |
| # (string value) |
| #key_file=<None> |
| |
| # Number of workers for Heat service. (integer value) |
| #workers=0 |
| |
| # Maximum line size of message headers to be accepted. |
| # max_header_line may need to be increased when using large |
| # tokens (typically those generated by the Keystone v3 API |
| # with big service catalogs.) (integer value) |
| #max_header_line=16384 |
| |
| |
| [database] |
| |
| # |
| # From oslo.db |
| # |
| |
| # The file name to use with SQLite. (string value) |
| # Deprecated group/name - [DEFAULT]/sqlite_db |
| #sqlite_db = oslo.sqlite |
| |
| # If True, SQLite uses synchronous mode. (boolean value) |
| # Deprecated group/name - [DEFAULT]/sqlite_synchronous |
| #sqlite_synchronous = true |
| |
| # The back end to use for the database. (string value) |
| # Deprecated group/name - [DEFAULT]/db_backend |
| #backend = sqlalchemy |
| |
| # The SQLAlchemy connection string to use to connect to the database. (string |
| # value) |
| # Deprecated group/name - [DEFAULT]/sql_connection |
| # Deprecated group/name - [DATABASE]/sql_connection |
| # Deprecated group/name - [sql]/connection |
| #connection = <None> |
| connection = {{ server.database.engine }}://{{ server.database.user }}:{{ server.database.password }}@{{ server.database.host }}/{{ server.database.name }} |
| |
| # The SQLAlchemy connection string to use to connect to the slave database. |
| # (string value) |
| #slave_connection = <None> |
| |
| # The SQL mode to be used for MySQL sessions. This option, including the |
| # default, overrides any server-set SQL mode. To use whatever SQL mode is set |
| # by the server configuration, set this to no value. Example: mysql_sql_mode= |
| # (string value) |
| #mysql_sql_mode = TRADITIONAL |
| |
| # Timeout before idle SQL connections are reaped. (integer value) |
| # Deprecated group/name - [DEFAULT]/sql_idle_timeout |
| # Deprecated group/name - [DATABASE]/sql_idle_timeout |
| # Deprecated group/name - [sql]/idle_timeout |
| #idle_timeout = 3600 |
| |
| # Minimum number of SQL connections to keep open in a pool. (integer value) |
| # Deprecated group/name - [DEFAULT]/sql_min_pool_size |
| # Deprecated group/name - [DATABASE]/sql_min_pool_size |
| #min_pool_size = 1 |
| |
| # Maximum number of SQL connections to keep open in a pool. (integer value) |
| # Deprecated group/name - [DEFAULT]/sql_max_pool_size |
| # Deprecated group/name - [DATABASE]/sql_max_pool_size |
| #max_pool_size = <None> |
| |
| # Maximum number of database connection retries during startup. Set to -1 to |
| # specify an infinite retry count. (integer value) |
| # Deprecated group/name - [DEFAULT]/sql_max_retries |
| # Deprecated group/name - [DATABASE]/sql_max_retries |
| #max_retries = 10 |
| |
| # Interval between retries of opening a SQL connection. (integer value) |
| # Deprecated group/name - [DEFAULT]/sql_retry_interval |
| # Deprecated group/name - [DATABASE]/reconnect_interval |
| #retry_interval = 10 |
| |
| # If set, use this value for max_overflow with SQLAlchemy. (integer value) |
| # Deprecated group/name - [DEFAULT]/sql_max_overflow |
| # Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow |
| #max_overflow = <None> |
| |
| # Verbosity of SQL debugging information: 0=None, 100=Everything. (integer |
| # value) |
| # Deprecated group/name - [DEFAULT]/sql_connection_debug |
| #connection_debug = 0 |
| |
| # Add Python stack traces to SQL as comment strings. (boolean value) |
| # Deprecated group/name - [DEFAULT]/sql_connection_trace |
| #connection_trace = false |
| |
| # If set, use this value for pool_timeout with SQLAlchemy. (integer value) |
| # Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout |
| #pool_timeout = <None> |
| |
| # Enable the experimental use of database reconnect on connection lost. |
| # (boolean value) |
| #use_db_reconnect = false |
| |
| # Seconds between retries of a database transaction. (integer value) |
| #db_retry_interval = 1 |
| |
| # If True, increases the interval between retries of a database operation up to |
| # db_max_retry_interval. (boolean value) |
| #db_inc_retry_interval = true |
| |
| # If db_inc_retry_interval is set, the maximum seconds between retries of a |
| # database operation. (integer value) |
| #db_max_retry_interval = 10 |
| |
| # Maximum retries in case of connection error or deadlock error before error is |
| # raised. Set to -1 to specify an infinite retry count. (integer value) |
| #db_max_retries = 20 |
| |
| |
| [keystone_authtoken] |
| |
| # |
| # From keystonemiddleware.auth_token |
| # |
| auth_host = {{ server.identity.host }} |
| |
| # Port of the admin Identity API endpoint. Deprecated, use |
| # identity_uri. (integer value) |
| auth_port = 35357 |
| |
| # Protocol of the admin Identity API endpoint (http or https). |
| # Deprecated, use identity_uri. (string value) |
| auth_protocol=http |
| |
| # Complete public Identity API endpoint (string value) |
| auth_uri=http://{{ server.identity.host }}:5000/v3 |
| |
| # Complete admin Identity API endpoint. This should specify |
| # the unversioned root endpoint e.g. https://localhost:35357/ |
| # (string value) |
| identity_uri=http://{{ server.identity.host }}:35357/ |
| |
| # API version of the admin Identity API endpoint (string |
| # value) |
| #auth_version=<None> |
| auth_version=v3.0 |
| |
| # Do not handle authorization requests within the middleware, |
| # but delegate the authorization decision to downstream WSGI |
| # components (boolean value) |
| #delay_auth_decision=false |
| |
| # Request timeout value for communicating with Identity API |
| # server. (boolean value) |
| #http_connect_timeout=<None> |
| |
| # How many times are we trying to reconnect when communicating |
| # with Identity API Server. (integer value) |
| #http_request_max_retries=3 |
| |
| # This option is deprecated and may be removed in a future |
| # release. Single shared secret with the Keystone |
| # configuration used for bootstrapping a Keystone |
| # installation, or otherwise bypassing the normal |
| # authentication process. This option should not be used, use |
| # `admin_user` and `admin_password` instead. (string value) |
| #admin_token=<None> |
| |
| # Keystone account username (string value) |
| admin_user = {{ server.identity.user }} |
| |
| # Keystone account password (string value) |
| admin_password = {{ server.identity.password }} |
| |
| # Keystone service account tenant name to validate user tokens |
| # (string value) |
| admin_tenant_name = {{ server.identity.tenant }} |
| # Complete public Identity API endpoint. (string value) |
| #auth_uri = <None> |
| |
| # API version of the admin Identity API endpoint. (string value) |
| #auth_version = <None> |
| |
| # Do not handle authorization requests within the middleware, but delegate the |
| # authorization decision to downstream WSGI components. (boolean value) |
| #delay_auth_decision = false |
| |
| # Request timeout value for communicating with Identity API server. (integer |
| # value) |
| #http_connect_timeout = <None> |
| |
| # How many times are we trying to reconnect when communicating with Identity |
| # API Server. (integer value) |
| #http_request_max_retries = 3 |
| |
| # Env key for the swift cache. (string value) |
| #cache = <None> |
| |
| # Required if identity server requires client certificate (string value) |
| #certfile = <None> |
| |
| # Required if identity server requires client certificate (string value) |
| #keyfile = <None> |
| |
| # A PEM encoded Certificate Authority to use when verifying HTTPs connections. |
| # Defaults to system CAs. (string value) |
| #cafile = <None> |
| |
| # Verify HTTPS connections. (boolean value) |
| #insecure = false |
| |
| # Directory used to cache files related to PKI tokens. (string value) |
| #signing_dir = <None> |
| |
| # Optionally specify a list of memcached server(s) to use for caching. If left |
| # undefined, tokens will instead be cached in-process. (list value) |
| # Deprecated group/name - [DEFAULT]/memcache_servers |
| #memcached_servers = <None> |
| |
| # In order to prevent excessive effort spent validating tokens, the middleware |
| # caches previously-seen tokens for a configurable duration (in seconds). Set |
| # to -1 to disable caching completely. (integer value) |
| #token_cache_time = 300 |
| |
| # Determines the frequency at which the list of revoked tokens is retrieved |
| # from the Identity service (in seconds). A high number of revocation events |
| # combined with a low cache duration may significantly reduce performance. |
| # (integer value) |
| #revocation_cache_time = 10 |
| |
| # (Optional) If defined, indicate whether token data should be authenticated or |
| # authenticated and encrypted. Acceptable values are MAC or ENCRYPT. If MAC, |
| # token data is authenticated (with HMAC) in the cache. If ENCRYPT, token data |
| # is encrypted and authenticated in the cache. If the value is not one of these |
| # options or empty, auth_token will raise an exception on initialization. |
| # (string value) |
| #memcache_security_strategy = <None> |
| |
| # (Optional, mandatory if memcache_security_strategy is defined) This string is |
| # used for key derivation. (string value) |
| #memcache_secret_key = <None> |
| |
| # (Optional) Number of seconds memcached server is considered dead before it is |
| # tried again. (integer value) |
| #memcache_pool_dead_retry = 300 |
| |
| # (Optional) Maximum total number of open connections to every memcached |
| # server. (integer value) |
| #memcache_pool_maxsize = 10 |
| |
| # (Optional) Socket timeout in seconds for communicating with a memcache |
| # server. (integer value) |
| #memcache_pool_socket_timeout = 3 |
| |
| # (Optional) Number of seconds a connection to memcached is held unused in the |
| # pool before it is closed. (integer value) |
| #memcache_pool_unused_timeout = 60 |
| |
| # (Optional) Number of seconds that an operation will wait to get a memcache |
| # client connection from the pool. (integer value) |
| #memcache_pool_conn_get_timeout = 10 |
| |
| # (Optional) Use the advanced (eventlet safe) memcache client pool. The |
| # advanced pool will only work under python 2.x. (boolean value) |
| #memcache_use_advanced_pool = false |
| |
| # (Optional) Indicate whether to set the X-Service-Catalog header. If False, |
| # middleware will not ask for service catalog on token validation and will not |
| # set the X-Service-Catalog header. (boolean value) |
| #include_service_catalog = true |
| |
| # Used to control the use and type of token binding. Can be set to: "disabled" |
| # to not check token binding. "permissive" (default) to validate binding |
| # information if the bind type is of a form known to the server and ignore it |
| # if not. "strict" like "permissive" but if the bind type is unknown the token |
| # will be rejected. "required" any form of token binding is needed to be |
| # allowed. Finally the name of a binding method that must be present in tokens. |
| # (string value) |
| #enforce_token_bind = permissive |
| |
| # If true, the revocation list will be checked for cached tokens. This requires |
| # that PKI tokens are configured on the identity server. (boolean value) |
| #check_revocations_for_cached = false |
| |
| # Hash algorithms to use for hashing PKI tokens. This may be a single algorithm |
| # or multiple. The algorithms are those supported by Python standard |
| # hashlib.new(). The hashes will be tried in the order given, so put the |
| # preferred one first for performance. The result of the first hash will be |
| # stored in the cache. This will typically be set to multiple values only while |
| # migrating from a less secure algorithm to a more secure one. Once all the old |
| # tokens are expired this option should be set to a single value for better |
| # performance. (list value) |
| #hash_algorithms = md5 |
| |
| # Prefix to prepend at the beginning of the path. Deprecated, use identity_uri. |
| # (string value) |
| #auth_admin_prefix = |
| |
| # Host providing the admin Identity API endpoint. Deprecated, use identity_uri. |
| # (string value) |
| #auth_host = 127.0.0.1 |
| |
| # Port of the admin Identity API endpoint. Deprecated, use identity_uri. |
| # (integer value) |
| #auth_port = 35357 |
| |
| # Protocol of the admin Identity API endpoint (http or https). Deprecated, use |
| # identity_uri. (string value) |
| #auth_protocol = https |
| |
| # Complete admin Identity API endpoint. This should specify the unversioned |
| # root endpoint e.g. https://localhost:35357/ (string value) |
| #identity_uri = <None> |
| |
| # This option is deprecated and may be removed in a future release. Single |
| # shared secret with the Keystone configuration used for bootstrapping a |
| # Keystone installation, or otherwise bypassing the normal authentication |
| # process. This option should not be used, use `admin_user` and |
| # `admin_password` instead. (string value) |
| #admin_token = <None> |
| |
| # Service username. (string value) |
| #admin_user = <None> |
| |
| # Service user password. (string value) |
| #admin_password = <None> |
| |
| # Service tenant name. (string value) |
| #admin_tenant_name = admin |
| |
| |
| [matchmaker_redis] |
| |
| # |
| # From oslo.messaging |
| # |
| |
| # Host to locate redis. (string value) |
| #host = 127.0.0.1 |
| |
| # Use this port to connect to redis host. (integer value) |
| #port = 6379 |
| |
| # Password for Redis server (optional). (string value) |
| #password = <None> |
| |
| |
| [matchmaker_ring] |
| |
| # |
| # From oslo.messaging |
| # |
| |
| # Matchmaker ring file (JSON). (string value) |
| # Deprecated group/name - [DEFAULT]/matchmaker_ringfile |
| #ringfile = /etc/oslo/matchmaker_ring.json |
| |
| |
| [oslo_messaging_amqp] |
| |
| # |
| # From oslo.messaging |
| # |
| |
| # address prefix used when sending to a specific server (string value) |
| # Deprecated group/name - [amqp1]/server_request_prefix |
| #server_request_prefix = exclusive |
| |
| # address prefix used when broadcasting to all servers (string value) |
| # Deprecated group/name - [amqp1]/broadcast_prefix |
| #broadcast_prefix = broadcast |
| |
| # address prefix when sending to any server in group (string value) |
| # Deprecated group/name - [amqp1]/group_request_prefix |
| #group_request_prefix = unicast |
| |
| # Name for the AMQP container (string value) |
| # Deprecated group/name - [amqp1]/container_name |
| #container_name = <None> |
| |
| # Timeout for inactive connections (in seconds) (integer value) |
| # Deprecated group/name - [amqp1]/idle_timeout |
| #idle_timeout = 0 |
| |
| # Debug: dump AMQP frames to stdout (boolean value) |
| # Deprecated group/name - [amqp1]/trace |
| #trace = false |
| |
| # CA certificate PEM file for verifing server certificate (string value) |
| # Deprecated group/name - [amqp1]/ssl_ca_file |
| #ssl_ca_file = |
| |
| # Identifying certificate PEM file to present to clients (string value) |
| # Deprecated group/name - [amqp1]/ssl_cert_file |
| #ssl_cert_file = |
| |
| # Private key PEM file used to sign cert_file certificate (string value) |
| # Deprecated group/name - [amqp1]/ssl_key_file |
| #ssl_key_file = |
| |
| # Password for decrypting ssl_key_file (if encrypted) (string value) |
| # Deprecated group/name - [amqp1]/ssl_key_password |
| #ssl_key_password = <None> |
| |
| # Accept clients using either SSL or plain TCP (boolean value) |
| # Deprecated group/name - [amqp1]/allow_insecure_clients |
| #allow_insecure_clients = false |
| |
| |
| [oslo_messaging_qpid] |
| |
| # |
| # From oslo.messaging |
| # |
| |
| # Use durable queues in AMQP. (boolean value) |
| # Deprecated group/name - [DEFAULT]/rabbit_durable_queues |
| #amqp_durable_queues = false |
| |
| # Auto-delete queues in AMQP. (boolean value) |
| # Deprecated group/name - [DEFAULT]/amqp_auto_delete |
| #amqp_auto_delete = false |
| |
| # Qpid broker hostname. (string value) |
| # Deprecated group/name - [DEFAULT]/qpid_hostname |
| #qpid_hostname = localhost |
| |
| # Qpid broker port. (integer value) |
| # Deprecated group/name - [DEFAULT]/qpid_port |
| #qpid_port = 5672 |
| |
| # Qpid HA cluster host:port pairs. (list value) |
| # Deprecated group/name - [DEFAULT]/qpid_hosts |
| #qpid_hosts = $qpid_hostname:$qpid_port |
| |
| # Username for Qpid connection. (string value) |
| # Deprecated group/name - [DEFAULT]/qpid_username |
| #qpid_username = |
| |
| # Password for Qpid connection. (string value) |
| # Deprecated group/name - [DEFAULT]/qpid_password |
| #qpid_password = |
| |
| # Space separated list of SASL mechanisms to use for auth. (string value) |
| # Deprecated group/name - [DEFAULT]/qpid_sasl_mechanisms |
| #qpid_sasl_mechanisms = |
| |
| # Seconds between connection keepalive heartbeats. (integer value) |
| # Deprecated group/name - [DEFAULT]/qpid_heartbeat |
| #qpid_heartbeat = 60 |
| |
| # Transport to use, either 'tcp' or 'ssl'. (string value) |
| # Deprecated group/name - [DEFAULT]/qpid_protocol |
| #qpid_protocol = tcp |
| |
| # Whether to disable the Nagle algorithm. (boolean value) |
| # Deprecated group/name - [DEFAULT]/qpid_tcp_nodelay |
| #qpid_tcp_nodelay = true |
| |
| # The number of prefetched messages held by receiver. (integer value) |
| # Deprecated group/name - [DEFAULT]/qpid_receiver_capacity |
| #qpid_receiver_capacity = 1 |
| |
| # The qpid topology version to use. Version 1 is what was originally used by |
| # impl_qpid. Version 2 includes some backwards-incompatible changes that allow |
| # broker federation to work. Users should update to version 2 when they are |
| # able to take everything down, as it requires a clean break. (integer value) |
| # Deprecated group/name - [DEFAULT]/qpid_topology_version |
| #qpid_topology_version = 1 |
| |
| |
| [oslo_messaging_rabbit] |
| |
| # |
| # From oslo.messaging |
| # |
| |
| # Use durable queues in AMQP. (boolean value) |
| # Deprecated group/name - [DEFAULT]/rabbit_durable_queues |
| #amqp_durable_queues = false |
| |
| # Auto-delete queues in AMQP. (boolean value) |
| # Deprecated group/name - [DEFAULT]/amqp_auto_delete |
| #amqp_auto_delete = false |
| |
| # SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and |
| # SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some |
| # distributions. (string value) |
| # Deprecated group/name - [DEFAULT]/kombu_ssl_version |
| #kombu_ssl_version = |
| |
| # SSL key file (valid only if SSL enabled). (string value) |
| # Deprecated group/name - [DEFAULT]/kombu_ssl_keyfile |
| #kombu_ssl_keyfile = |
| |
| # SSL cert file (valid only if SSL enabled). (string value) |
| # Deprecated group/name - [DEFAULT]/kombu_ssl_certfile |
| #kombu_ssl_certfile = |
| |
| # SSL certification authority file (valid only if SSL enabled). (string value) |
| # Deprecated group/name - [DEFAULT]/kombu_ssl_ca_certs |
| #kombu_ssl_ca_certs = |
| |
| # How long to wait before reconnecting in response to an AMQP consumer cancel |
| # notification. (floating point value) |
| # Deprecated group/name - [DEFAULT]/kombu_reconnect_delay |
| #kombu_reconnect_delay = 1.0 |
| {%- if server.message_queue.members is defined %} |
| rabbit_hosts = {% for member in server.message_queue.members -%} |
| {{ member.host }}:{{ member.get('port', 5672) }} |
| {%- if not loop.last -%},{%- endif -%} |
| {%- endfor -%} |
| {%- else %} |
| rabbit_host = {{ server.message_queue.host }} |
| rabbit_port = {{ server.message_queue.port }} |
| {%- endif %} |
| |
| |
| |
| # Connect over SSL for RabbitMQ. (boolean value) |
| #rabbit_use_ssl=false |
| |
| # The RabbitMQ userid. (string value) |
| rabbit_userid = {{ server.message_queue.user }} |
| |
| # The RabbitMQ password. (string value) |
| rabbit_password = {{ server.message_queue.password }} |
| |
| # The RabbitMQ login method. (string value) |
| #rabbit_login_method=AMQPLAIN |
| |
| # The RabbitMQ virtual host. (string value) |
| rabbit_virtual_host = {{ server.message_queue.virtual_host }} |
| |
| # How frequently to retry connecting with RabbitMQ. (integer |
| # value) |
| #rabbit_retry_interval=1 |
| |
| # How long to backoff for between retries when connecting to |
| # RabbitMQ. (integer value) |
| #rabbit_retry_backoff=2 |
| |
| # Maximum number of RabbitMQ connection retries. Default is 0 |
| # (infinite retry count). (integer value) |
| #rabbit_max_retries=0 |
| |
| #rabbit_host = localhost |
| |
| # The RabbitMQ broker port where a single node is used. (integer value) |
| # Deprecated group/name - [DEFAULT]/rabbit_port |
| #rabbit_port = 5672 |
| |
| # RabbitMQ HA cluster host:port pairs. (list value) |
| # Deprecated group/name - [DEFAULT]/rabbit_hosts |
| #rabbit_hosts = $rabbit_host:$rabbit_port |
| |
| # Connect over SSL for RabbitMQ. (boolean value) |
| # Deprecated group/name - [DEFAULT]/rabbit_use_ssl |
| #rabbit_use_ssl = false |
| |
| # The RabbitMQ userid. (string value) |
| # Deprecated group/name - [DEFAULT]/rabbit_userid |
| #rabbit_userid = guest |
| |
| # The RabbitMQ password. (string value) |
| # Deprecated group/name - [DEFAULT]/rabbit_password |
| #rabbit_password = guest |
| |
| # The RabbitMQ login method. (string value) |
| # Deprecated group/name - [DEFAULT]/rabbit_login_method |
| #rabbit_login_method = AMQPLAIN |
| |
| # The RabbitMQ virtual host. (string value) |
| # Deprecated group/name - [DEFAULT]/rabbit_virtual_host |
| #rabbit_virtual_host = / |
| |
| # How frequently to retry connecting with RabbitMQ. (integer value) |
| #rabbit_retry_interval = 1 |
| |
| # How long to backoff for between retries when connecting to RabbitMQ. (integer |
| # value) |
| # Deprecated group/name - [DEFAULT]/rabbit_retry_backoff |
| #rabbit_retry_backoff = 2 |
| |
| # Maximum number of RabbitMQ connection retries. Default is 0 (infinite retry |
| # count). (integer value) |
| # Deprecated group/name - [DEFAULT]/rabbit_max_retries |
| #rabbit_max_retries = 0 |
| |
| # Use HA queues in RabbitMQ (x-ha-policy: all). If you change this option, you |
| # must wipe the RabbitMQ database. (boolean value) |
| # Deprecated group/name - [DEFAULT]/rabbit_ha_queues |
| #rabbit_ha_queues = false |
| |
| # Number of seconds after which the Rabbit broker is considered down if |
| # heartbeat's keep-alive fails (0 disable the heartbeat). (integer value) |
| #heartbeat_timeout_threshold = 60 |
| |
| # How often times during the heartbeat_timeout_threshold we check the |
| # heartbeat. (integer value) |
| #heartbeat_rate = 2 |
| |
| # Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake (boolean value) |
| # Deprecated group/name - [DEFAULT]/fake_rabbit |
| #fake_rabbit = false |
| |
| [ec2authtoken] |
| |
| # |
| # Options defined in heat.api.aws.ec2token |
| # |
| |
| # Authentication Endpoint URI. (string value) |
| auth_uri=http://{{ server.identity.host }}:5000/v2.0 |
| |
| # Allow orchestration of multiple clouds. (boolean value) |
| #multi_cloud=false |
| |
| # Allowed keystone endpoints for auth_uri when multi_cloud is |
| # enabled. At least one endpoint needs to be specified. (list |
| # value) |
| #allowed_auth_uris= |
| |
| keystone_ec2_uri=http://{{ server.identity.host }}:5000/v2.0/ec2tokens |
| |
| {%- if pillar.get('opencontrail', {}).get('client', {}).get('enabled', False) %} |
| |
| {%- from "opencontrail/map.jinja" import client with context %} |
| |
| [clients_contrail] |
| |
| user={{ client.identity.user }} |
| password={{ client.identity.password }} |
| tenant={{ client.identity.tenant }} |
| auth_host_ip={{ client.identity.host }} |
| api_server={{ client.api.host }} |
| api_port={{ client.api.port }} |
| |
| {%- endif %} |
| |
| {%- if pillar.get('salt', {}).get('client', {}).get('enabled', False) %} |
| |
| {%- set client = pillar.get('salt', {}).get('client', {}) %} |
| |
| [clients_salt] |
| |
| user={{ client.user }} |
| password={{ client.password }} |
| host={{ client.host }} |
| |
| {%- endif %} |