Add manila rocky configs and update kitchen
Change-Id: I51d340095b107056fc4d25de50524019c1f3a181
Related-Prod: PROD-23720 (PROD:23720)
diff --git a/manila/files/rocky/_backend_general.conf b/manila/files/rocky/_backend_general.conf
new file mode 100644
index 0000000..9554749
--- /dev/null
+++ b/manila/files/rocky/_backend_general.conf
@@ -0,0 +1,23 @@
+{%- if backend.dhss is defined %}
+driver_handles_share_servers = {{ backend.dhss }}
+{%- endif %}
+
+{%- if backend.share_backend_name is defined %}
+share_backend_name = {{ backend.share_backend_name }}
+{%- endif %}
+
+{%- if backend.share_driver is defined %}
+share_driver = {{ backend.share_driver }}
+{%- endif %}
+
+{%- if backend.service_instance_password is defined %}
+service_instance_password = {{ backend.service_instance_password }}
+{%- endif %}
+
+{%- if backend.service_instance_user is defined %}
+service_instance_user = {{ backend.service_instance_user }}
+{%- endif %}
+
+{%- if backend.service_image_name is defined %}
+service_image_name = {{ backend.service_image_name }}
+{%- endif %}
diff --git a/manila/files/rocky/_backend_glusterfs.conf b/manila/files/rocky/_backend_glusterfs.conf
new file mode 100644
index 0000000..a584d3d
--- /dev/null
+++ b/manila/files/rocky/_backend_glusterfs.conf
@@ -0,0 +1,33 @@
+{%- if backend.glusterfs_server_password is defined %}
+glusterfs_server_password = {{ backend.glusterfs_server_password }}
+{%- endif %}
+{%- if backend.glusterfs_path_to_private_key is defined %}
+glusterfs_path_to_private_key = {{ backend.glusterfs_path_to_private_key }}
+{%- endif %}
+{%- if backend.glusterfs_nfs_server_type is defined %}
+glusterfs_nfs_server_type = {{ backend.glusterfs_nfs_server_type }}
+{%- endif %}
+{%- if backend.glusterfs_ganesha_server_ip is defined %}
+glusterfs_ganesha_server_ip = {{ backend.glusterfs_ganesha_server_ip }}
+{%- endif %}
+{%- if backend.glusterfs_ganesha_server_username is defined %}
+glusterfs_ganesha_server_username = {{ backend.glusterfs_ganesha_server_username }}
+{%- endif %}
+{%- if backend.glusterfs_ganesha_server_password is defined %}
+glusterfs_ganesha_server_password = {{ backend.glusterfs_ganesha_server_password }}
+{%- endif %}
+{%- if backend.glusterfs_share_layout is defined %}
+glusterfs_share_layout = {{ backend.glusterfs_share_layout }}
+{%- endif %}
+{%- if backend.glusterfs_target is defined %}
+glusterfs_target = {{ backend.glusterfs_target }}
+{%- endif %}
+{%- if backend.glusterfs_mount_point_base is defined %}
+glusterfs_mount_point_base = {{ backend.glusterfs_mount_point_base }}
+{%- endif %}
+{%- if backend.glusterfs_servers is defined %}
+glusterfs_servers = {{ ','.join(backend.glusterfs_servers) }}
+{%- endif %}
+{%- if backend.glusterfs_volume_pattern is defined %}
+glusterfs_volume_pattern = {{ backend.glusterfs_volume_pattern }}
+{%- endif %}
diff --git a/manila/files/rocky/_backend_lvm.conf b/manila/files/rocky/_backend_lvm.conf
new file mode 100644
index 0000000..ab31b62
--- /dev/null
+++ b/manila/files/rocky/_backend_lvm.conf
@@ -0,0 +1,15 @@
+{%- if backend.lvm_share_export_root is defined %}
+lvm_share_export_root = {{ backend.lvm_share_export_root }}
+{%- endif %}
+{%- if backend.lvm_share_export_ips is defined %}
+lvm_share_export_ips = {{ ','.join(backend.lvm_share_export_ips) }}
+{%- endif %}
+{%- if backend.lvm_share_mirrors is defined %}
+lvm_share_mirrors = {{ backend.lvm_share_mirrors }}
+{%- endif %}
+{%- if backend.lvm_share_volume_group is defined %}
+lvm_share_volume_group = {{ backend.lvm_share_volume_group }}
+{%- endif %}
+{%- if backend.lvm_share_helpers is defined %}
+lvm_share_helpers = {{ backend.lvm_share_helpers }}
+{%- endif %}
diff --git a/manila/files/rocky/_backend_nexenta.conf b/manila/files/rocky/_backend_nexenta.conf
new file mode 100644
index 0000000..02926ac
--- /dev/null
+++ b/manila/files/rocky/_backend_nexenta.conf
@@ -0,0 +1,42 @@
+{%- if backend.nexenta_host is defined %}
+nexenta_host = {{ backend.nexenta_host }}
+{%- endif %}
+{%- if backend.nexenta_rest_port is defined %}
+nexenta_rest_port = {{ backend.nexenta_rest_port }}
+{%- endif %}
+{%- if backend.nexenta_retry_count is defined %}
+nexenta_retry_count = {{ backend.nexenta_retry_count }}
+{%- endif %}
+{%- if backend.nexenta_rest_protocol is defined %}
+nexenta_rest_protocol = {{ backend.nexenta_rest_protocol }}
+{%- endif %}
+{%- if backend.nexenta_user is defined %}
+nexenta_user = {{ backend.nexenta_user }}
+{%- endif %}
+{%- if backend.nexenta_password is defined %}
+nexenta_password = {{ backend.nexenta_password }}
+{%- endif %}
+{%- if backend.nexenta_volume is defined %}
+nexenta_volume = {{ backend.nexenta_volume }}
+{%- endif %}
+{%- if backend.nexenta_pool is defined %}
+nexenta_pool = {{ backend.nexenta_pool }}
+{%- endif %}
+{%- if backend.nexenta_nfs is defined %}
+nexenta_nfs = {{ backend.nexenta_nfs }}
+{%- endif %}
+{%- if backend.nexenta_nfs_share is defined %}
+nexenta_nfs_share = {{ backend.nexenta_nfs_share }}
+{%- endif %}
+{%- if backend.nexenta_dataset_compression is defined %}
+nexenta_dataset_compression = {{ backend.nexenta_dataset_compression }}
+{%- endif %}
+{%- if backend.nexenta_dataset_dedupe is defined %}
+nexenta_dataset_dedupe = {{ backend.nexenta_dataset_dedupe }}
+{%- endif %}
+{%- if backend.nexenta_thin_provisioning is defined %}
+nexenta_thin_provisioning = {{ backend.nexenta_thin_provisioning }}
+{%- endif %}
+{%- if backend.nexenta_mount_point_base is defined %}
+nexenta_mount_point_base = {{ backend.nexenta_mount_point_base }}
+{%- endif %}
diff --git a/manila/files/rocky/api-paste.ini b/manila/files/rocky/api-paste.ini
new file mode 100644
index 0000000..42395c1
--- /dev/null
+++ b/manila/files/rocky/api-paste.ini
@@ -0,0 +1,59 @@
+#############
+# OpenStack #
+#############
+
+[composite:osapi_share]
+use = call:manila.api:root_app_factory
+/: apiversions
+/v1: openstack_share_api
+/v2: openstack_share_api_v2
+
+[composite:openstack_share_api]
+use = call:manila.api.middleware.auth:pipeline_factory
+noauth = cors faultwrap http_proxy_to_wsgi sizelimit noauth api
+keystone = cors faultwrap http_proxy_to_wsgi sizelimit authtoken keystonecontext api
+keystone_nolimit = cors faultwrap http_proxy_to_wsgi sizelimit authtoken keystonecontext api
+
+[composite:openstack_share_api_v2]
+use = call:manila.api.middleware.auth:pipeline_factory
+noauth = cors faultwrap http_proxy_to_wsgi sizelimit noauth apiv2
+keystone = cors faultwrap http_proxy_to_wsgi sizelimit authtoken keystonecontext apiv2
+keystone_nolimit = cors faultwrap http_proxy_to_wsgi sizelimit authtoken keystonecontext apiv2
+
+[filter:faultwrap]
+paste.filter_factory = manila.api.middleware.fault:FaultWrapper.factory
+
+[filter:noauth]
+paste.filter_factory = manila.api.middleware.auth:NoAuthMiddleware.factory
+
+[filter:sizelimit]
+paste.filter_factory = oslo_middleware.sizelimit:RequestBodySizeLimiter.factory
+
+[filter:http_proxy_to_wsgi]
+paste.filter_factory = oslo_middleware.http_proxy_to_wsgi:HTTPProxyToWSGI.factory
+
+[app:api]
+paste.app_factory = manila.api.v1.router:APIRouter.factory
+
+[app:apiv2]
+paste.app_factory = manila.api.v2.router:APIRouter.factory
+
+[pipeline:apiversions]
+pipeline = cors faultwrap http_proxy_to_wsgi osshareversionapp
+
+[app:osshareversionapp]
+paste.app_factory = manila.api.versions:VersionsRouter.factory
+
+##########
+# Shared #
+##########
+
+[filter:keystonecontext]
+paste.filter_factory = manila.api.middleware.auth:ManilaKeystoneContext.factory
+
+[filter:authtoken]
+paste.filter_factory = keystonemiddleware.auth_token:filter_factory
+
+[filter:cors]
+paste.filter_factory = oslo_middleware.cors:filter_factory
+oslo_config_project = manila
diff --git a/manila/files/rocky/manila.conf b/manila/files/rocky/manila.conf
new file mode 100644
index 0000000..f8c40e0
--- /dev/null
+++ b/manila/files/rocky/manila.conf
@@ -0,0 +1,1794 @@
+{%- from "manila/map.jinja" import cfg,scheduler,share,data with context -%}
+[DEFAULT]
+
+#
+# From manila
+#
+
+# The maximum number of items returned in a single response from a
+# collection resource. (integer value)
+#osapi_max_limit = 1000
+{%- if cfg.osapi_max_limit is defined %}
+osapi_max_limit = {{ cfg.osapi_max_limit }}
+{%- endif %}
+
+# Base URL to be presented to users in links to the Share API (string
+# value)
+#osapi_share_base_URL = <None>
+{%- if cfg.osapi_share_base_url is defined %}
+osapi_share_base_URL = {{ cfg.osapi_share_base_url }}
+{%- endif %}
+
+# Treat X-Forwarded-For as the canonical remote address. Only enable
+# this if you have a sanitizing proxy. (boolean value)
+#use_forwarded_for = false
+{%- if cfg.use_forwarded_for is defined %}
+use_forwarded_for = {{ cfg.use_forwarded_for }}
+{%- endif %}
+
+# Top-level directory for maintaining manila's state. (string value)
+#state_path = /var/lib/manila
+
+# IP address of this host. (host address value)
+#my_ip = <your_ip>
+
+# The topic scheduler nodes listen on. (string value)
+#scheduler_topic = manila-scheduler
+
+# The topic share nodes listen on. (string value)
+#share_topic = manila-share
+
+# The topic data nodes listen on. (string value)
+#data_topic = manila-data
+
+# Whether to rate limit the API. (boolean value)
+#api_rate_limit = true
+
+# Specify list of extensions to load when using osapi_share_extension
+# option with manila.api.contrib.select_extensions. (list value)
+#osapi_share_ext_list =
+
+# The osapi share extensions to load. (list value)
+#osapi_share_extension = manila.api.contrib.standard_extensions
+
+# The filename to use with sqlite. (string value)
+#sqlite_db = manila.sqlite
+
+# If passed, use synchronous mode for sqlite. (boolean value)
+#sqlite_synchronous = true
+
+# Timeout before idle SQL connections are reaped. (integer value)
+#sql_idle_timeout = 3600
+
+# Maximum database connection retries during startup. (setting -1
+# implies an infinite retry count). (integer value)
+#sql_max_retries = 10
+
+# Interval between retries of opening a SQL connection. (integer
+# value)
+#sql_retry_interval = 10
+
+# Full class name for the scheduler manager. (string value)
+#scheduler_manager = manila.scheduler.manager.SchedulerManager
+{%- if scheduler.manager is defined %}
+scheduler_manager = {{ scheduler.manager }}
+{%- endif %}
+
+# Full class name for the share manager. (string value)
+#share_manager = manila.share.manager.ShareManager
+{%- if share.manager is defined %}
+share_manager = {{ share.manager }}
+{%- endif %}
+
+# Full class name for the data manager. (string value)
+#data_manager = manila.data.manager.DataManager
+{%- if data.manager is defined %}
+data_manager = {{ data.manager }}
+{%- endif %}
+
+# Name of this node. This can be an opaque identifier. It is not
+# necessarily a hostname, FQDN, or IP address. (host address value)
+#host = <your_hostname>
+
+# Availability zone of this node. (string value)
+#storage_availability_zone = nova
+{%- if cfg.storage_availability_zone is defined %}
+storage_availability_zone = {{ cfg.storage_availability_zone }}
+{%- endif %}
+
+
+# Default share type to use. (string value)
+#default_share_type = <None>
+{%- if cfg.default_share_type is defined %}
+default_share_type = {{ cfg.default_share_type }}
+{%- endif %}
+
+# Default share group type to use. (string value)
+#default_share_group_type = <None>
+{%- if cfg.default_share_group_type is defined %}
+default_share_group_type = {{ cfg.default_share_group_type }}
+{%- endif %}
+
+# Memcached servers or None for in process cache. (list value)
+#memcached_servers = <None>
+{%- if cfg.memcached_servers is defined %}
+memcached_servers = {{ cfg.memcached_servers }}
+{%- endif %}
+
+# Time period to generate share usages for. Time period must be hour,
+# day, month or year. (string value)
+#share_usage_audit_period = month
+
+# Deprecated: command to use for running commands as root. (string
+# value)
+#root_helper = sudo
+
+# Path to the rootwrap configuration file to use for running commands
+# as root. (string value)
+#rootwrap_config = <None>
+rootwrap_config = {{ cfg.get('rootwrap_config', '/etc/manila/rootwrap.conf') }}
+
+# Whether to log monkey patching. (boolean value)
+#monkey_patch = false
+
+# List of modules or decorators to monkey patch. (list value)
+#monkey_patch_modules =
+
+# Maximum time since last check-in for up service. (integer value)
+#service_down_time = 60
+
+# The full class name of the share API class to use. (string value)
+#share_api_class = manila.share.api.API
+
+# The strategy to use for auth. Supports noauth, keystone, and
+# deprecated. (string value)
+#auth_strategy = keystone
+{%- if cfg.get('identity', {}).get('engine') is defined %}
+auth_strategy = {{ cfg.identity.engine }}
+{%- endif %}
+
+# A list of share backend names to use. These backend names should be
+# backed by a unique [CONFIG] group with its options. (list value)
+#enabled_share_backends = <None>
+{%- if cfg.enabled_share_backends is defined %}
+{%- set enabled_share_backends = [] %}
+{%- for name, backend in cfg.enabled_share_backends.iteritems() %}
+{%- if backend.get('enabled', False ) %}
+{%- do enabled_share_backends.append(backend.name) %}
+{%- endif %}
+{%- endfor %}
+enabled_share_backends = {{ ','.join(enabled_share_backends) }}
+{%- endif %}
+
+# Specify list of protocols to be allowed for share creation.
+# Available values are '('NFS', 'CIFS', 'GLUSTERFS', 'HDFS', 'CEPHFS',
+# 'MAPRFS')' (list value)
+#enabled_share_protocols = NFS,CIFS
+{%- if cfg.enabled_share_protocols is defined %}
+enabled_share_protocols = {{ cfg.enabled_share_protocols }}
+{%- endif %}
+
+# The full class name of the Compute API class to use. (string value)
+#compute_api_class = manila.compute.nova.API
+
+# The back end URL to use for distributed coordination. (string value)
+#backend_url = file://$state_path
+
+# Time to wait for access rules to be allowed/denied on backends when
+# migrating a share (seconds). (integer value)
+#data_access_wait_access_rules_timeout = 180
+
+# A list of the IPs of the node interface connected to the admin
+# network. Used for allowing access to the mounting shares. Default is
+# []. (list value)
+#data_node_access_ips =
+
+# DEPRECATED: The IP of the node interface connected to the admin
+# network. Used for allowing access to the mounting shares. (string
+# value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: New config option 'data_node_access_ips' added to support
+# multiple IPs, including IPv6 addresses alongside IPv4.
+#data_node_access_ip = <None>
+
+# The certificate installed in the data node in order to allow access
+# to certificate authentication-based shares. (string value)
+#data_node_access_cert = <None>
+
+# The admin user name registered in the security service in order to
+# allow access to user authentication-based shares. (string value)
+#data_node_access_admin_user = <None>
+
+# Mount options to be included in the mount command for share
+# protocols. Use dictionary format, example: {'nfs': '-o nfsvers=3',
+# 'cifs': '-o user=foo,pass=bar'} (dict value)
+#data_node_mount_options =
+
+# The backend to use for database. (string value)
+#db_backend = sqlalchemy
+
+# Services to be added to the available pool on create. (boolean
+# value)
+#enable_new_services = true
+
+# Template string to be used to generate share names. (string value)
+#share_name_template = share-%s
+
+# Template string to be used to generate share snapshot names. (string
+# value)
+#share_snapshot_name_template = share-snapshot-%s
+
+# Driver to use for database access. (string value)
+#db_driver = manila.db
+
+# Whether to make exception message format errors fatal. (boolean
+# value)
+#fatal_exception_format_errors = false
+
+# Message minimum life in seconds. (integer value)
+#message_ttl = 2592000
+
+# Interval between periodic task runs to clean expired messages in
+# seconds. (integer value)
+#message_reap_interval = 86400
+
+# Name of Open vSwitch bridge to use. (string value)
+#ovs_integration_bridge = br-int
+
+# The full class name of the Networking API class to use. (string
+# value)
+#network_api_class = manila.network.neutron.neutron_network_plugin.NeutronNetworkPlugin
+
+# Whether to support IPv4 network resource, Default=True. (boolean
+# value)
+#network_plugin_ipv4_enabled = true
+
+# Whether to support IPv6 network resource, Default=False. If this
+# option is True, the value of 'network_plugin_ipv4_enabled' will be
+# ignored. (boolean value)
+#network_plugin_ipv6_enabled = false
+
+# The name of the physical network to determine which net segment is
+# used. This opt is optional and will only be used for networks
+# configured with multiple segments. (string value)
+#neutron_physical_net_name = <None>
+
+# Default Neutron network that will be used for share server creation.
+# This opt is used only with class 'NeutronSingleNetworkPlugin'.
+# (string value)
+#neutron_net_id = <None>
+
+# Default Neutron subnet that will be used for share server creation.
+# Should be assigned to network defined in opt 'neutron_net_id'. This
+# opt is used only with class 'NeutronSingleNetworkPlugin'. (string
+# value)
+#neutron_subnet_id = <None>
+
+# vNIC type used for binding. (string value)
+# Possible values:
+# baremetal - <No description provided>
+# normal - <No description provided>
+# direct - <No description provided>
+# direct-physical - <No description provided>
+# macvtap - <No description provided>
+#neutron_vnic_type = baremetal
+
+# Host ID to be used when creating neutron port. If not set host is
+# set to manila-share host by default. (string value)
+#neutron_host_id = f7cbde3e94ce
+
+# A list of binding profiles to be used during port binding. This
+# option can be used with the NeutronBindNetworkPlugin. The value for
+# this option has to be a comma separated list of names that
+# correspond to each binding profile. Each binding profile needs to be
+# specified as an individual configuration section using the binding
+# profile name as the section name. (list value)
+#neutron_binding_profiles = <None>
+
+# Switch ID for binding profile. (string value)
+#neutron_switch_id = <None>
+
+# Port ID on the given switch. (string value)
+#neutron_port_id = <None>
+
+# Switch label. For example: 'switch_ip: 10.4.30.5'. Multiple key-
+# value pairs separated by commas are accepted. (dict value)
+#neutron_switch_info = <None>
+
+# Gateway address that should be used. Required. (string value)
+#standalone_network_plugin_gateway = <None>
+
+# Network mask that will be used. Can be either decimal like '24' or
+# binary like '255.255.255.0'. Required. (string value)
+#standalone_network_plugin_mask = <None>
+
+# Network type, such as 'flat', 'vlan', 'vxlan' or 'gre'. Empty value
+# is alias for 'flat'. It will be assigned to share-network and share
+# drivers will be able to use this for network interfaces within
+# provisioned share servers. Optional. (string value)
+# Possible values:
+# flat - <No description provided>
+# vlan - <No description provided>
+# vxlan - <No description provided>
+# gre - <No description provided>
+#standalone_network_plugin_network_type = <None>
+
+# Set it if network has segmentation (VLAN, VXLAN, etc...). It will be
+# assigned to share-network and share drivers will be able to use this
+# for network interfaces within provisioned share servers. Optional.
+# Example: 1001 (integer value)
+#standalone_network_plugin_segmentation_id = <None>
+
+# Can be IP address, range of IP addresses or list of addresses or
+# ranges. Contains addresses from IP network that are allowed to be
+# used. If empty, then will be assumed that all host addresses from
+# network can be used. Optional. Examples: 10.0.0.10 or
+# 10.0.0.10-10.0.0.20 or
+# 10.0.0.10-10.0.0.20,10.0.0.30-10.0.0.40,10.0.0.50 (list value)
+#standalone_network_plugin_allowed_ip_ranges = <None>
+
+# Maximum Transmission Unit (MTU) value of the network. Default value
+# is 1500. (integer value)
+#standalone_network_plugin_mtu = 1500
+
+# Number of shares allowed per project. (integer value)
+#quota_shares = 50
+
+# Number of share snapshots allowed per project. (integer value)
+#quota_snapshots = 50
+
+# Number of share gigabytes allowed per project. (integer value)
+#quota_gigabytes = 1000
+
+# Number of snapshot gigabytes allowed per project. (integer value)
+#quota_snapshot_gigabytes = 1000
+
+# Number of share-networks allowed per project. (integer value)
+#quota_share_networks = 10
+
+# Number of share groups allowed. (integer value)
+#quota_share_groups = 50
+
+# Number of share group snapshots allowed. (integer value)
+#quota_share_group_snapshots = 50
+
+# Number of seconds until a reservation expires. (integer value)
+#reservation_expire = 86400
+
+# Count of reservations until usage is refreshed. (integer value)
+#until_refresh = 0
+
+# Number of seconds between subsequent usage refreshes. (integer
+# value)
+#max_age = 0
+
+# Default driver to use for quota checks. (string value)
+#quota_driver = manila.quota.DbQuotaDriver
+
+# The scheduler host manager class to use. (string value)
+#scheduler_host_manager = manila.scheduler.host_manager.HostManager
+
+# Maximum number of attempts to schedule a share. (integer value)
+#scheduler_max_attempts = 3
+
+# Which filter class names to use for filtering hosts when not
+# specified in the request. (list value)
+#scheduler_default_filters = AvailabilityZoneFilter,CapacityFilter,CapabilitiesFilter,DriverFilter,ShareReplicationFilter
+
+# Which weigher class names to use for weighing hosts. (list value)
+#scheduler_default_weighers = CapacityWeigher,GoodnessWeigher
+
+# Which filter class names to use for filtering hosts creating share
+# group when not specified in the request. (list value)
+#scheduler_default_share_group_filters = AvailabilityZoneFilter,ConsistentSnapshotFilter
+
+# Default scheduler driver to use. (string value)
+#scheduler_driver = manila.scheduler.drivers.filter.FilterScheduler
+
+# Absolute path to scheduler configuration JSON file. (string value)
+#scheduler_json_config_location =
+
+# Maximum number of volume gigabytes to allow per host. (integer
+# value)
+#max_gigabytes = 10000
+
+# Multiplier used for weighing share capacity. Negative numbers mean
+# to stack vs spread. (floating point value)
+#capacity_weight_multiplier = 1.0
+
+# Multiplier used for weighing pools which have existing share
+# servers. Negative numbers mean to spread vs stack. (floating point
+# value)
+#pool_weight_multiplier = 1.0
+
+# Seconds between nodes reporting state to datastore. (integer value)
+#report_interval = 10
+
+# Seconds between running periodic tasks. (integer value)
+#periodic_interval = 60
+
+# Range of seconds to randomly delay when starting the periodic task
+# scheduler to reduce stampeding. (Disable by setting to 0) (integer
+# value)
+#periodic_fuzzy_delay = 60
+
+# IP address for OpenStack Share API to listen on. (host address
+# value)
+#osapi_share_listen = ::
+
+# Port for OpenStack Share API to listen on. (port value)
+# Minimum value: 0
+# Maximum value: 65535
+#osapi_share_listen_port = 8786
+
+# Number of workers for OpenStack Share API service. (integer value)
+#osapi_share_workers = 1
+
+# Wraps the socket in a SSL context if True is set. A certificate file
+# and key file must be specified. (boolean value)
+#osapi_share_use_ssl = false
+
+# If set to False, then share creation from snapshot will be performed
+# on the same host. If set to True, then scheduling step will be used.
+# (boolean value)
+#use_scheduler_creating_share_from_snapshot = false
+
+# Directory where Ganesha config files are stored. (string value)
+#ganesha_config_dir = /etc/ganesha
+
+# Path to main Ganesha config file. (string value)
+#ganesha_config_path = $ganesha_config_dir/ganesha.conf
+
+# Name of the ganesha nfs service. (string value)
+#ganesha_service_name = ganesha.nfsd
+
+# Location of Ganesha database file. (Ganesha module only.) (string
+# value)
+#ganesha_db_path = $state_path/manila-ganesha.db
+
+# Path to directory containing Ganesha export configuration. (Ganesha
+# module only.) (string value)
+#ganesha_export_dir = $ganesha_config_dir/export.d
+
+# Path to directory containing Ganesha export block templates.
+# (Ganesha module only.) (string value)
+#ganesha_export_template_dir = /etc/manila/ganesha-export-templ.d
+
+# Persist Ganesha exports and export counter in Ceph RADOS objects,
+# highly available storage. (boolean value)
+#ganesha_rados_store_enable = false
+
+# Name of the Ceph RADOS pool to store Ganesha exports and export
+# counter. (string value)
+#ganesha_rados_store_pool_name = <None>
+
+# Name of the Ceph RADOS object used as the Ganesha export counter.
+# (string value)
+#ganesha_rados_export_counter = ganesha-export-counter
+
+# Name of the Ceph RADOS object used to store a list of the export
+# RADOS object URLS. (string value)
+#ganesha_rados_export_index = ganesha-export-index
+
+# Number of times to attempt to run flakey shell commands. (integer
+# value)
+#num_shell_tries = 3
+
+# The percentage of backend capacity reserved. (integer value)
+#reserved_share_percentage = 0
+
+# The backend name for a given driver implementation. (string value)
+#share_backend_name = <None>
+
+# Name of the configuration group in the Manila conf file to look for
+# network config options.If not set, the share backend's config group
+# will be used.If an option is not found within provided group,
+# then'DEFAULT' group will be used for search of option. (string
+# value)
+#network_config_group = <None>
+
+# There are two possible approaches for share drivers in Manila. First
+# is when share driver is able to handle share-servers and second when
+# not. Drivers can support either both or only one of these
+# approaches. So, set this opt to True if share driver is able to
+# handle share servers and it is desired mode else set False. It is
+# set to None by default to make this choice intentional. (boolean
+# value)
+#driver_handles_share_servers = <None>
+{%- if cfg.dhss is defined %}
+driver_handles_share_servers = {{ cfg.dhss }}
+{%- endif %}
+
+# Float representation of the over subscription ratio when thin
+# provisioning is involved. Default ratio is 20.0, meaning provisioned
+# capacity can be 20 times the total physical capacity. If the ratio
+# is 10.5, it means provisioned capacity can be 10.5 times the total
+# physical capacity. A ratio of 1.0 means provisioned capacity cannot
+# exceed the total physical capacity. A ratio lower than 1.0 is
+# invalid. (floating point value)
+#max_over_subscription_ratio = 20.0
+
+# List of files and folders to be ignored when migrating shares. Items
+# should be names (not including any path). (list value)
+#migration_ignore_files = lost+found
+
+# The template for mounting shares for this backend. Must specify the
+# executable with all necessary parameters for the protocol supported.
+# 'proto' template element may not be required if included in the
+# command. 'export' and 'path' template elements are required. It is
+# advisable to separate different commands per backend. (string value)
+#share_mount_template = mount -vt %(proto)s %(options)s %(export)s %(path)s
+
+# The template for unmounting shares for this backend. Must specify
+# the executable with all necessary parameters for the protocol
+# supported. 'path' template element is required. It is advisable to
+# separate different commands per backend. (string value)
+#share_unmount_template = umount -v %(path)s
+
+# Protocol access mapping for this backend. Should be a dictionary
+# comprised of {'access_type1': ['share_proto1', 'share_proto2'],
+# 'access_type2': ['share_proto2', 'share_proto3']}. (dict value)
+#protocol_access_mapping = ip:['nfs'],user:['cifs']
+
+# DEPRECATED: Specify whether read only access rule mode is supported
+# in this backend. Obsolete. (boolean value)
+# Deprecated group/name - [DEFAULT]/migration_readonly_support
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: All drivers are now required to support read-only access
+# rules.
+#migration_readonly_rules_support = true
+
+# If share driver requires to setup admin network for share, then
+# define network plugin config options in some separate config group
+# and set its name here. Used only with another option
+# 'driver_handles_share_servers' set to 'True'. (string value)
+#admin_network_config_group = <None>
+
+# A string specifying the replication domain that the backend belongs
+# to. This option needs to be specified the same in the configuration
+# sections of all backends that support replication between each
+# other. If this option is not specified in the group, it means that
+# replication is not enabled on the backend. (string value)
+#replication_domain = <None>
+
+# String representation for an equation that will be used to filter
+# hosts. (string value)
+#filter_function = <None>
+
+# String representation for an equation that will be used to determine
+# the goodness of a host. (string value)
+#goodness_function = <None>
+
+# Backend server SSH connection timeout. (integer value)
+#ssh_conn_timeout = 60
+
+# Minimum number of connections in the SSH pool. (integer value)
+#ssh_min_pool_conn = 1
+
+# Maximum number of connections in the SSH pool. (integer value)
+#ssh_max_pool_conn = 10
+
+# The full class name of the Private Data Driver class to use. (string
+# value)
+#drivers_private_storage_class = manila.share.drivers_private_data.SqlStorageDriver
+
+# Fully qualified path to the ceph.conf file. (string value)
+#cephfs_conf_path =
+
+# The name of the cluster in use, if it is not the default ('ceph').
+# (string value)
+#cephfs_cluster_name = <None>
+
+# The name of the ceph auth identity to use. (string value)
+#cephfs_auth_id = manila
+
+# The prefix of the cephfs volume path. (string value)
+#cephfs_volume_path_prefix = /volumes
+
+# Whether to enable snapshots in this driver. (boolean value)
+#cephfs_enable_snapshots = false
+
+# The type of protocol helper to use. Default is CEPHFS. (string
+# value)
+# Possible values:
+# CEPHFS - <No description provided>
+# NFS - <No description provided>
+#cephfs_protocol_helper_type = CEPHFS
+
+# Whether the NFS-Ganesha server is remote to the driver. (boolean
+# value)
+#cephfs_ganesha_server_is_remote = false
+
+# The IP address of the NFS-Ganesha server. (string value)
+#cephfs_ganesha_server_ip = <None>
+
+# The username to authenticate as in the remote NFS-Ganesha server
+# host. (string value)
+#cephfs_ganesha_server_username = root
+
+# The path of the driver host's private SSH key file. (string value)
+#cephfs_ganesha_path_to_private_key = <None>
+
+# The password to authenticate as the user in the remote Ganesha
+# server host. This is not required if
+# 'cephfs_ganesha_path_to_private_key' is configured. (string value)
+#cephfs_ganesha_server_password = <None>
+
+# Linux bridge used by container hypervisor to plug host-side veth to.
+# It will be unplugged from here by the driver. (string value)
+#container_linux_bridge_name = docker0
+
+# OVS bridge to use to plug a container to. (string value)
+#container_ovs_bridge_name = br-int
+
+# Determines whether to allow guest access to CIFS share or not.
+# (boolean value)
+#container_cifs_guest_ok = true
+
+# Image to be used for a container-based share server. (string value)
+#container_image_name = manila-docker-container
+
+# Container helper which provides container-related operations to the
+# driver. (string value)
+#container_helper = manila.share.drivers.container.container_helper.DockerExecHelper
+
+# Helper which facilitates interaction with share server. (string
+# value)
+#container_protocol_helper = manila.share.drivers.container.protocol_helper.DockerCIFSHelper
+
+# Helper which facilitates interaction with storage solution used to
+# actually store data. By default LVM is used to provide storage for a
+# share. (string value)
+#container_storage_helper = manila.share.drivers.container.storage_helper.LVMHelper
+
+# LVM volume group to use for volumes. This volume group must be
+# created by the cloud administrator independently from manila
+# operations. (string value)
+#container_volume_group = manila_docker_volumes
+
+# User name for the EMC server. (string value)
+#emc_nas_login = <None>
+
+# Password for the EMC server. (string value)
+#emc_nas_password = <None>
+
+# EMC server hostname or IP address. (host address value)
+#emc_nas_server = <None>
+
+# Port number for the EMC server. (port value)
+# Minimum value: 0
+# Maximum value: 65535
+#emc_nas_server_port = 8080
+
+# Use secure connection to server. (boolean value)
+#emc_nas_server_secure = true
+
+# Share backend. (string value)
+# Possible values:
+# isilon - <No description provided>
+# vnx - <No description provided>
+# unity - <No description provided>
+# vmax - <No description provided>
+#emc_share_backend = <None>
+
+# The root directory where shares will be located. (string value)
+#emc_nas_root_dir = <None>
+
+# If set to False the https client will not validate the SSL
+# certificate of the backend endpoint. (boolean value)
+#emc_ssl_cert_verify = true
+
+# Can be used to specify a non default path to a CA_BUNDLE file or
+# directory with certificates of trusted CAs, which will be used to
+# validate the backend. (string value)
+#emc_ssl_cert_path = <None>
+
+# Data mover to host the NAS server. (string value)
+#vmax_server_container = <None>
+
+# Comma separated list of pools that can be used to persist share
+# data. (list value)
+#vmax_share_data_pools = <None>
+
+# Comma separated list of ports that can be used for share server
+# interfaces. Members of the list can be Unix-style glob expressions.
+# (list value)
+#vmax_ethernet_ports = <None>
+
+# Path to smb config. (string value)
+#smb_template_config_path = $state_path/smb.conf
+
+# Volume name template. (string value)
+#volume_name_template = manila-share-%s
+
+# Volume snapshot name template. (string value)
+#volume_snapshot_name_template = manila-snapshot-%s
+
+# Parent path in service instance where shares will be mounted.
+# (string value)
+#share_mount_path = /shares
+
+# Maximum time to wait for creating cinder volume. (integer value)
+#max_time_to_create_volume = 180
+
+# Maximum time to wait for extending cinder volume. (integer value)
+#max_time_to_extend_volume = 180
+
+# Maximum time to wait for attaching cinder volume. (integer value)
+#max_time_to_attach = 120
+
+# Path to SMB config in service instance. (string value)
+#service_instance_smb_config_path = $share_mount_path/smb.conf
+
+# Specify list of share export helpers. (list value)
+#share_helpers = CIFS=manila.share.drivers.helpers.CIFSHelperIPAccess,NFS=manila.share.drivers.helpers.NFSHelper
+
+# Filesystem type of the share volume. (string value)
+# Possible values:
+# ext4 - <No description provided>
+# ext3 - <No description provided>
+#share_volume_fstype = ext4
+
+# Name or id of cinder volume type which will be used for all volumes
+# created by driver. (string value)
+#cinder_volume_type = <None>
+
+# Remote GlusterFS server node's login password. This is not required
+# if 'glusterfs_path_to_private_key' is configured. (string value)
+# Deprecated group/name - [DEFAULT]/glusterfs_native_server_password
+#glusterfs_server_password = <None>
+
+# Path of Manila host's private SSH key file. (string value)
+# Deprecated group/name - [DEFAULT]/glusterfs_native_path_to_private_key
+#glusterfs_path_to_private_key = <None>
+
+# Type of NFS server that mediate access to the Gluster volumes
+# (Gluster or Ganesha). (string value)
+#glusterfs_nfs_server_type = Gluster
+
+# Remote Ganesha server node's IP address. (host address value)
+#glusterfs_ganesha_server_ip = <None>
+
+# Remote Ganesha server node's username. (string value)
+#glusterfs_ganesha_server_username = root
+
+# Remote Ganesha server node's login password. This is not required if
+# 'glusterfs_path_to_private_key' is configured. (string value)
+#glusterfs_ganesha_server_password = <None>
+
+# Specifies GlusterFS share layout, that is, the method of associating
+# backing GlusterFS resources to shares. (string value)
+#glusterfs_share_layout = <None>
+
+# Specifies the GlusterFS volume to be mounted on the Manila host. It
+# is of the form [remoteuser@]<volserver>:<volid>. (string value)
+#glusterfs_target = <None>
+
+# Base directory containing mount points for Gluster volumes. (string
+# value)
+#glusterfs_mount_point_base = $state_path/mnt
+
+# List of GlusterFS servers that can be used to create shares. Each
+# GlusterFS server should be of the form [remoteuser@]<volserver>, and
+# they are assumed to belong to distinct Gluster clusters. (list
+# value)
+# Deprecated group/name - [DEFAULT]/glusterfs_targets
+#glusterfs_servers =
+
+# Regular expression template used to filter GlusterFS volumes for
+# share creation. The regex template can optionally (ie. with support
+# of the GlusterFS backend) contain the #{size} parameter which
+# matches an integer (sequence of digits) in which case the value
+# shall be interpreted as size of the volume in GB. Examples: "manila-
+# share-volume-\d+$", "manila-share-volume-#{size}G-\d+$"; with
+# matching volume names, respectively: "manila-share-volume-12",
+# "manila-share-volume-3G-13". In latter example, the number that
+# matches "#{size}", that is, 3, is an indication that the size of
+# volume is 3G. (string value)
+#glusterfs_volume_pattern = <None>
+
+# The IP of the HDFS namenode. (host address value)
+#hdfs_namenode_ip = <None>
+
+# The port of HDFS namenode service. (port value)
+# Minimum value: 0
+# Maximum value: 65535
+#hdfs_namenode_port = 9000
+
+# HDFS namenode SSH port. (port value)
+# Minimum value: 0
+# Maximum value: 65535
+#hdfs_ssh_port = 22
+
+# HDFS namenode ssh login name. (string value)
+#hdfs_ssh_name = <None>
+
+# HDFS namenode SSH login password, This parameter is not necessary,
+# if 'hdfs_ssh_private_key' is configured. (string value)
+#hdfs_ssh_pw = <None>
+
+# Path to HDFS namenode SSH private key for login. (string value)
+#hdfs_ssh_private_key = <None>
+
+# HNAS management interface IP for communication between Manila
+# controller and HNAS. (host address value)
+# Deprecated group/name - [DEFAULT]/hds_hnas_ip
+#hitachi_hnas_ip = <None>
+
+# HNAS username Base64 String in order to perform tasks such as create
+# file-systems and network interfaces. (string value)
+# Deprecated group/name - [DEFAULT]/hds_hnas_user
+#hitachi_hnas_user = <None>
+
+# HNAS user password. Required only if private key is not provided.
+# (string value)
+# Deprecated group/name - [DEFAULT]/hds_hnas_password
+#hitachi_hnas_password = <None>
+
+# Specify which EVS this backend is assigned to. (integer value)
+# Deprecated group/name - [DEFAULT]/hds_hnas_evs_id
+#hitachi_hnas_evs_id = <None>
+
+# Specify IP for mounting shares. (host address value)
+# Deprecated group/name - [DEFAULT]/hds_hnas_evs_ip
+#hitachi_hnas_evs_ip = <None>
+
+# Specify IP for mounting shares in the Admin network. (host address
+# value)
+#hitachi_hnas_admin_network_ip = <None>
+
+# Specify file-system name for creating shares. (string value)
+# Deprecated group/name - [DEFAULT]/hds_hnas_file_system_name
+#hitachi_hnas_file_system_name = <None>
+
+# RSA/DSA private key value used to connect into HNAS. Required only
+# if password is not provided. (string value)
+# Deprecated group/name - [DEFAULT]/hds_hnas_ssh_private_key
+#hitachi_hnas_ssh_private_key = <None>
+
+# The IP of the clusters admin node. Only set in HNAS multinode
+# clusters. (host address value)
+# Deprecated group/name - [DEFAULT]/hds_hnas_cluster_admin_ip0
+#hitachi_hnas_cluster_admin_ip0 = <None>
+
+# The time (in seconds) to wait for stalled HNAS jobs before aborting.
+# (integer value)
+# Deprecated group/name - [DEFAULT]/hds_hnas_stalled_job_timeout
+#hitachi_hnas_stalled_job_timeout = 30
+
+# Python class to be used for driver helper. (string value)
+# Deprecated group/name - [DEFAULT]/hds_hnas_driver_helper
+#hitachi_hnas_driver_helper = manila.share.drivers.hitachi.hnas.ssh.HNASSSHBackend
+
+# By default, CIFS snapshots are not allowed to be taken when the
+# share has clients connected because consistent point-in-time replica
+# cannot be guaranteed for all files. Enabling this might cause
+# inconsistent snapshots on CIFS shares. (boolean value)
+# Deprecated group/name - [DEFAULT]/hds_hnas_allow_cifs_snapshot_while_mounted
+#hitachi_hnas_allow_cifs_snapshot_while_mounted = false
+
+# HSP management host for communication between Manila controller and
+# HSP. (host address value)
+#hitachi_hsp_host = <None>
+
+# HSP username to perform tasks such as create filesystems and shares.
+# (string value)
+#hitachi_hsp_username = <None>
+
+# HSP password for the username provided. (string value)
+#hitachi_hsp_password = <None>
+
+# 3PAR WSAPI Server Url like https://<3par ip>:8080/api/v1 (string
+# value)
+# Deprecated group/name - [DEFAULT]/hp3par_api_url
+#hpe3par_api_url =
+
+# 3PAR username with the 'edit' role (string value)
+# Deprecated group/name - [DEFAULT]/hp3par_username
+#hpe3par_username =
+
+# 3PAR password for the user specified in hpe3par_username (string
+# value)
+# Deprecated group/name - [DEFAULT]/hp3par_password
+#hpe3par_password =
+
+# IP address of SAN controller (host address value)
+# Deprecated group/name - [DEFAULT]/hp3par_san_ip
+#hpe3par_san_ip = <None>
+
+# Username for SAN controller (string value)
+# Deprecated group/name - [DEFAULT]/hp3par_san_login
+#hpe3par_san_login =
+
+# Password for SAN controller (string value)
+# Deprecated group/name - [DEFAULT]/hp3par_san_password
+#hpe3par_san_password =
+
+# SSH port to use with SAN (port value)
+# Minimum value: 0
+# Maximum value: 65535
+# Deprecated group/name - [DEFAULT]/hp3par_san_ssh_port
+#hpe3par_san_ssh_port = 22
+
+# The File Provisioning Group (FPG) to use (FPG)
+# Deprecated group/name - [DEFAULT]/hp3par_fpg
+#hpe3par_fpg = <None>
+
+# Use one filestore per share (boolean value)
+# Deprecated group/name - [DEFAULT]/hp3par_fstore_per_share
+#hpe3par_fstore_per_share = false
+
+# Require IP access rules for CIFS (in addition to user) (boolean
+# value)
+#hpe3par_require_cifs_ip = false
+
+# Enable HTTP debugging to 3PAR (boolean value)
+# Deprecated group/name - [DEFAULT]/hp3par_debug
+#hpe3par_debug = false
+
+# File system admin user name for CIFS. (string value)
+# Deprecated group/name - [DEFAULT]/hp3par_cifs_admin_access_username
+#hpe3par_cifs_admin_access_username =
+
+# File system admin password for CIFS. (string value)
+# Deprecated group/name - [DEFAULT]/hp3par_cifs_admin_access_password
+#hpe3par_cifs_admin_access_password =
+
+# File system domain for the CIFS admin user. (string value)
+# Deprecated group/name - [DEFAULT]/hp3par_cifs_admin_access_domain
+#hpe3par_cifs_admin_access_domain = LOCAL_CLUSTER
+
+# The path where shares will be mounted when deleting nested file
+# trees. (string value)
+# Deprecated group/name - [DEFAULT]/hpe3par_share_mount_path
+#hpe3par_share_mount_path = /mnt/
+
+# The configuration file for the Manila Huawei driver. (string value)
+#manila_huawei_conf_file = /etc/manila/manila_huawei_conf.xml
+
+# IP to be added to GPFS export string. (host address value)
+#gpfs_share_export_ip = <None>
+
+# Base folder where exported shares are located. (string value)
+#gpfs_mount_point_base = $state_path/mnt
+
+# NFS Server type. Valid choices are "CES" (Ganesha NFS) or "KNFS"
+# (Kernel NFS). (string value)
+#gpfs_nfs_server_type = CES
+
+# A list of the fully qualified NFS server names that make up the
+# OpenStack Manila configuration. (list value)
+#gpfs_nfs_server_list = <None>
+
+# True:when Manila services are running on one of the Spectrum Scale
+# node. False:when Manila services are not running on any of the
+# Spectrum Scale node. (boolean value)
+#is_gpfs_node = false
+
+# GPFS server SSH port. (port value)
+# Minimum value: 0
+# Maximum value: 65535
+#gpfs_ssh_port = 22
+
+# GPFS server SSH login name. (string value)
+#gpfs_ssh_login = <None>
+
+# GPFS server SSH login password. The password is not needed, if
+# 'gpfs_ssh_private_key' is configured. (string value)
+#gpfs_ssh_password = <None>
+
+# Path to GPFS server SSH private key for login. (string value)
+#gpfs_ssh_private_key = <None>
+
+# Specify list of share export helpers. (list value)
+#gpfs_share_helpers = KNFS=manila.share.drivers.ibm.gpfs.KNFSHelper,CES=manila.share.drivers.ibm.gpfs.CESHelper
+
+# DEPRECATED: Options to use when exporting a share using kernel NFS
+# server. Note that these defaults can be overridden when a share is
+# created by passing metadata with key name export_options. (string
+# value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: This option isn't used any longer. Please use share-type
+# extra specs for export options.
+#knfs_export_options = rw,sync,no_root_squash,insecure,no_wdelay,no_subtree_check
+
+# Administrative user account name used to access the INFINIDAT
+# Infinibox storage system. (string value)
+#infinibox_login = <None>
+
+# Password for the administrative user account specified in the
+# infinibox_login option. (string value)
+#infinibox_password = <None>
+
+# The name (or IP address) for the INFINIDAT Infinibox storage system.
+# (host address value)
+#infinibox_hostname = <None>
+
+# Name of the pool from which volumes are allocated. (string value)
+#infinidat_pool_name = <None>
+
+# Name of the NAS network space on the INFINIDAT InfiniBox. (string
+# value)
+#infinidat_nas_network_space_name = <None>
+
+# Use thin provisioning. (boolean value)
+#infinidat_thin_provision = true
+
+# IP address for the AS13000 storage. (host address value)
+#as13000_nas_ip = <None>
+
+# Port number for the AS13000 storage. (port value)
+# Minimum value: 0
+# Maximum value: 65535
+#as13000_nas_port = 8088
+
+# Username for the AS13000 storage (string value)
+#as13000_nas_login = <None>
+
+# Password for the AS13000 storage (string value)
+#as13000_nas_password = <None>
+
+# The Storage Pools Manila should use, a comma separated list (list
+# value)
+#as13000_share_pools = <None>
+
+# The effective time of token validity in seconds. (integer value)
+#as13000_token_available_time = 3600
+
+# The list of IPs or hostnames of nodes where mapr-core is installed.
+# (list value)
+#maprfs_clinode_ip = <None>
+
+# CLDB node SSH port. (port value)
+# Minimum value: 0
+# Maximum value: 65535
+#maprfs_ssh_port = 22
+
+# Cluster admin user ssh login name. (string value)
+#maprfs_ssh_name = mapr
+
+# Cluster node SSH login password, This parameter is not necessary, if
+# 'maprfs_ssh_private_key' is configured. (string value)
+#maprfs_ssh_pw = <None>
+
+# Path to SSH private key for login. (string value)
+#maprfs_ssh_private_key = <None>
+
+# Path in MapRFS where share volumes must be created. (string value)
+#maprfs_base_volume_dir = /
+
+# The list of IPs or hostnames of ZooKeeper nodes. (list value)
+#maprfs_zookeeper_ip = <None>
+
+# The list of IPs or hostnames of CLDB nodes. (list value)
+#maprfs_cldb_ip = <None>
+
+# Specify whether existing volume should be renamed when start
+# managing. (boolean value)
+#maprfs_rename_managed_volume = true
+
+# Base folder where exported shares are located. (string value)
+#lvm_share_export_root = $state_path/mnt
+
+# DEPRECATED: IP to be added to export string. (string value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: Use lvm_share_export_ips instead.
+#lvm_share_export_ip = <None>
+
+# List of IPs to export shares. (list value)
+#lvm_share_export_ips = <None>
+
+# If set, create LVMs with multiple mirrors. Note that this requires
+# lvm_mirrors + 2 PVs with available space. (integer value)
+#lvm_share_mirrors = 0
+
+# Name for the VG that will contain exported shares. (string value)
+#lvm_share_volume_group = lvm-shares
+
+# Specify list of share export helpers. (list value)
+#lvm_share_helpers = CIFS=manila.share.drivers.helpers.CIFSHelperUserAccess,NFS=manila.share.drivers.helpers.NFSHelper
+
+# The storage family type used on the storage system; valid values
+# include ontap_cluster for using clustered Data ONTAP. (string value)
+#netapp_storage_family = ontap_cluster
+
+# The hostname (or IP address) for the storage system. (host address
+# value)
+# Deprecated group/name - [DEFAULT]/netapp_nas_server_hostname
+#netapp_server_hostname = <None>
+
+# The TCP port to use for communication with the storage system or
+# proxy server. If not specified, Data ONTAP drivers will use 80 for
+# HTTP and 443 for HTTPS. (port value)
+# Minimum value: 0
+# Maximum value: 65535
+#netapp_server_port = <None>
+
+# The transport protocol used when communicating with the storage
+# system or proxy server. Valid values are http or https. (string
+# value)
+# Deprecated group/name - [DEFAULT]/netapp_nas_transport_type
+#netapp_transport_type = http
+
+# Administrative user account name used to access the storage system.
+# (string value)
+# Deprecated group/name - [DEFAULT]/netapp_nas_login
+#netapp_login = <None>
+
+# Password for the administrative user account specified in the
+# netapp_login option. (string value)
+# Deprecated group/name - [DEFAULT]/netapp_nas_password
+#netapp_password = <None>
+
+# The NFS protocol versions that will be enabled. Supported values
+# include nfs3, nfs4.0, nfs4.1. This option only applies when the
+# option driver_handles_share_servers is set to True. (list value)
+#netapp_enabled_share_protocols = nfs3,nfs4.0
+
+# NetApp volume name template. (string value)
+# Deprecated group/name - [DEFAULT]/netapp_nas_volume_name_template
+#netapp_volume_name_template = share_%(share_id)s
+
+# Name template to use for new Vserver. (string value)
+#netapp_vserver_name_template = os_%s
+
+# NetApp QoS policy group name template. (string value)
+#netapp_qos_policy_group_name_template = qos_share_%(share_id)s
+
+# Pattern for overriding the selection of network ports on which to
+# create Vserver LIFs. (string value)
+#netapp_port_name_search_pattern = (.*)
+
+# Logical interface (LIF) name template (string value)
+#netapp_lif_name_template = os_%(net_allocation_id)s
+
+# Pattern for searching available aggregates for provisioning. (string
+# value)
+#netapp_aggregate_name_search_pattern = (.*)
+
+# Name of aggregate to create Vserver root volumes on. This option
+# only applies when the option driver_handles_share_servers is set to
+# True. (string value)
+#netapp_root_volume_aggregate = <None>
+
+# Root volume name. (string value)
+# Deprecated group/name - [DEFAULT]/netapp_root_volume_name
+#netapp_root_volume = root
+
+# The percentage of share space set aside as reserve for snapshot
+# usage; valid values range from 0 to 90. (integer value)
+# Minimum value: 0
+# Maximum value: 90
+#netapp_volume_snapshot_reserve_percent = 5
+
+# This option forces all existing shares to have their snapshot
+# directory visibility set to either 'visible' or 'hidden' during
+# driver startup. If set to 'default', nothing will be changed during
+# startup. This will not affect new shares, which will have their
+# snapshot directory always visible, unless toggled by the share type
+# extra spec 'netapp:hide_snapdir'. (string value)
+# Possible values:
+# visible - <No description provided>
+# hidden - <No description provided>
+# default - <No description provided>
+#netapp_reset_snapdir_visibility = default
+
+# The maximum time in seconds to wait for existing snapmirror
+# transfers to complete before aborting when promoting a replica.
+# (integer value)
+# Minimum value: 0
+#netapp_snapmirror_quiesce_timeout = 3600
+
+# The maximum time in seconds to wait for the completion of a volume
+# move operation after the cutover was triggered. (integer value)
+# Minimum value: 0
+#netapp_volume_move_cutover_timeout = 3600
+
+# IP address of Nexenta storage appliance. (host address value)
+#nexenta_host = <None>
+
+# Port to connect to Nexenta REST API server. (integer value)
+#nexenta_rest_port = 8457
+
+# Number of retries for unsuccessful API calls. (integer value)
+#nexenta_retry_count = 6
+
+# Use http or https for REST connection (default auto). (string value)
+# Possible values:
+# http - <No description provided>
+# https - <No description provided>
+# auto - <No description provided>
+#nexenta_rest_protocol = auto
+
+# User name to connect to Nexenta SA. (string value)
+#nexenta_user = admin
+
+# Password to connect to Nexenta SA. (string value)
+#nexenta_password = <None>
+
+# Volume name on NexentaStor. (string value)
+#nexenta_volume = volume1
+
+# Pool name on NexentaStor. (string value)
+#nexenta_pool = pool1
+
+# On if share over NFS is enabled. (boolean value)
+#nexenta_nfs = true
+
+# Parent folder on NexentaStor. (string value)
+#nexenta_nfs_share = nfs_share
+
+# Compression value for new ZFS folders. (string value)
+# Possible values:
+# on - <No description provided>
+# off - <No description provided>
+# gzip - <No description provided>
+# gzip-1 - <No description provided>
+# gzip-2 - <No description provided>
+# gzip-3 - <No description provided>
+# gzip-4 - <No description provided>
+# gzip-5 - <No description provided>
+# gzip-6 - <No description provided>
+# gzip-7 - <No description provided>
+# gzip-8 - <No description provided>
+# gzip-9 - <No description provided>
+# lzjb - <No description provided>
+# zle - <No description provided>
+# lz4 - <No description provided>
+#nexenta_dataset_compression = on
+
+# Deduplication value for new ZFS folders. (string value)
+# Possible values:
+# on - <No description provided>
+# off - <No description provided>
+# sha256 - <No description provided>
+# verify - <No description provided>
+# sha256, verify - <No description provided>
+#nexenta_dataset_dedupe = off
+
+# If True shares will not be space guaranteed and overprovisioning
+# will be enabled. (boolean value)
+#nexenta_thin_provisioning = true
+
+# Base directory that contains NFS share mount points. (string value)
+#nexenta_mount_point_base = $state_path/mnt
+
+# The URL to manage QNAP Storage. (string value)
+#qnap_management_url = <None>
+
+# NAS share IP for mounting shares. (host address value)
+#qnap_share_ip = <None>
+
+# Username for QNAP storage. (string value)
+#qnap_nas_login = <None>
+
+# Password for QNAP storage. (string value)
+#qnap_nas_password = <None>
+
+# Pool within which QNAP shares must be created. (string value)
+#qnap_poolname = <None>
+
+# URL of the Quobyte API server (http or https) (string value)
+#quobyte_api_url = <None>
+
+# The X.509 CA file to verify the server cert. (string value)
+#quobyte_api_ca = <None>
+
+# Actually deletes shares (vs. unexport) (boolean value)
+#quobyte_delete_shares = false
+
+# Username for Quobyte API server. (string value)
+#quobyte_api_username = admin
+
+# Password for Quobyte API server (string value)
+#quobyte_api_password = quobyte
+
+# Name of volume configuration used for new shares. (string value)
+#quobyte_volume_configuration = BASE
+
+# Default owning user for new volumes. (string value)
+#quobyte_default_volume_user = root
+
+# Default owning group for new volumes. (string value)
+#quobyte_default_volume_group = root
+
+# User in service instance that will be used for authentication.
+# (string value)
+#service_instance_user = <None>
+
+# Password for service instance user. (string value)
+#service_instance_password = <None>
+
+# Path to host's private key. (string value)
+#path_to_private_key = <None>
+
+# Maximum time in seconds to wait for creating service instance.
+# (integer value)
+#max_time_to_build_instance = 300
+
+# Block SSH connection to the service instance from other networks
+# than service network. (boolean value)
+#limit_ssh_access = false
+
+# Name or ID of service instance in Nova to use for share exports.
+# Used only when share servers handling is disabled. (string value)
+#service_instance_name_or_id = <None>
+
+# Can be either name of network that is used by service instance
+# within Nova to get IP address or IP address itself (either IPv4 or
+# IPv6) for managing shares there. Used only when share servers
+# handling is disabled. (host address value)
+#service_net_name_or_ip = <None>
+
+# Can be either name of network that is used by service instance
+# within Nova to get IP address or IP address itself (either IPv4 or
+# IPv6) for exporting shares. Used only when share servers handling is
+# disabled. (host address value)
+#tenant_net_name_or_ip = <None>
+
+# Name of image in Glance, that will be used for service instance
+# creation. Only used if driver_handles_share_servers=True. (string
+# value)
+#service_image_name = manila-service-image
+
+# Name of service instance. Only used if
+# driver_handles_share_servers=True. (string value)
+#service_instance_name_template = manila_service_instance_%s
+
+# Keypair name that will be created and used for service instances.
+# Only used if driver_handles_share_servers=True. (string value)
+#manila_service_keypair_name = manila-service
+
+# Path to hosts public key. Only used if
+# driver_handles_share_servers=True. (string value)
+#path_to_public_key = ~/.ssh/id_rsa.pub
+
+# Security group name, that will be used for service instance
+# creation. Only used if driver_handles_share_servers=True. (string
+# value)
+#service_instance_security_group = manila-service
+
+# ID of flavor, that will be used for service instance creation. Only
+# used if driver_handles_share_servers=True. (integer value)
+#service_instance_flavor_id = 100
+
+# Name of manila service network. Used only with Neutron. Only used if
+# driver_handles_share_servers=True. (string value)
+#service_network_name = manila_service_network
+
+# CIDR of manila service network. Used only with Neutron and if
+# driver_handles_share_servers=True. (string value)
+#service_network_cidr = 10.254.0.0/16
+
+# This mask is used for dividing service network into subnets, IP
+# capacity of subnet with this mask directly defines possible amount
+# of created service VMs per tenant's subnet. Used only with Neutron
+# and if driver_handles_share_servers=True. (integer value)
+#service_network_division_mask = 28
+
+# Vif driver. Used only with Neutron and if
+# driver_handles_share_servers=True. (string value)
+#interface_driver = manila.network.linux.interface.OVSInterfaceDriver
+
+# Attach share server directly to share network. Used only with
+# Neutron and if driver_handles_share_servers=True. (boolean value)
+#connect_share_server_to_tenant_network = false
+
+# ID of neutron network used to communicate with admin network, to
+# create additional admin export locations on. (string value)
+#admin_network_id = <None>
+
+# ID of neutron subnet used to communicate with admin network, to
+# create additional admin export locations on. Related to
+# 'admin_network_id'. (string value)
+#admin_subnet_id = <None>
+
+# Tegile NAS server hostname or IP address. (host address value)
+#tegile_nas_server = <None>
+
+# User name for the Tegile NAS server. (string value)
+#tegile_nas_login = <None>
+
+# Password for the Tegile NAS server. (string value)
+#tegile_nas_password = <None>
+
+# Create shares in this project (string value)
+#tegile_default_project = <None>
+
+# Path to the x509 certificate used for accessing the service
+# instance. (string value)
+#winrm_cert_pem_path = ~/.ssl/cert.pem
+
+# Path to the x509 certificate key. (string value)
+#winrm_cert_key_pem_path = ~/.ssl/key.pem
+
+# Use x509 certificates in order to authenticate to the service
+# instance. (boolean value)
+#winrm_use_cert_based_auth = false
+
+# WinRM connection timeout. (integer value)
+#winrm_conn_timeout = 60
+
+# WinRM operation timeout. (integer value)
+#winrm_operation_timeout = 60
+
+# WinRM retry count. (integer value)
+#winrm_retry_count = 3
+
+# WinRM retry interval in seconds (integer value)
+#winrm_retry_interval = 5
+
+# IP to be added to user-facing export location. Required. (host
+# address value)
+#zfs_share_export_ip = <None>
+
+# IP to be added to admin-facing export location. Required. (host
+# address value)
+#zfs_service_ip = <None>
+
+# Specify list of zpools that are allowed to be used by backend. Can
+# contain nested datasets. Examples: Without nested dataset:
+# 'zpool_name'. With nested dataset: 'zpool_name/nested_dataset_name'.
+# Required. (list value)
+#zfs_zpool_list = <None>
+
+# Define here list of options that should be applied for each dataset
+# creation if needed. Example: compression=gzip,dedup=off. Note that,
+# for secondary replicas option 'readonly' will be set to 'on' and for
+# active replicas to 'off' in any way. Also, 'quota' will be equal to
+# share size. Optional. (list value)
+#zfs_dataset_creation_options = <None>
+
+# Prefix to be used in each dataset name. Optional. (string value)
+#zfs_dataset_name_prefix = manila_share_
+
+# Prefix to be used in each dataset snapshot name. Optional. (string
+# value)
+#zfs_dataset_snapshot_name_prefix = manila_share_snapshot_
+
+# Remote ZFS storage hostname that should be used for SSH'ing.
+# Optional. (boolean value)
+#zfs_use_ssh = false
+
+# SSH user that will be used in 2 cases: 1) By manila-share service in
+# case it is located on different host than its ZFS storage. 2) By
+# manila-share services with other ZFS backends that perform
+# replication. It is expected that SSH'ing will be key-based,
+# passwordless. This user should be passwordless sudoer. Optional.
+# (string value)
+#zfs_ssh_username = <None>
+
+# Password for user that is used for SSH'ing ZFS storage host. Not
+# used for replication operations. They require passwordless SSH
+# access. Optional. (string value)
+#zfs_ssh_user_password = <None>
+
+# Path to SSH private key that should be used for SSH'ing ZFS storage
+# host. Not used for replication operations. Optional. (string value)
+#zfs_ssh_private_key_path = <None>
+
+# Specify list of share export helpers for ZFS storage. It should look
+# like following:
+# 'FOO_protocol=foo.FooClass,BAR_protocol=bar.BarClass'. Required.
+# (list value)
+#zfs_share_helpers = NFS=manila.share.drivers.zfsonlinux.utils.NFSviaZFSHelper
+
+# Set snapshot prefix for usage in ZFS replication. Required. (string
+# value)
+#zfs_replica_snapshot_prefix = tmp_snapshot_for_replication_
+
+# Set snapshot prefix for usage in ZFS migration. Required. (string
+# value)
+#zfs_migration_snapshot_prefix = tmp_snapshot_for_share_migration_
+
+# ZFSSA management IP address. (host address value)
+#zfssa_host = <None>
+
+# IP address for data. (host address value)
+#zfssa_data_ip = <None>
+
+# ZFSSA management authorized username. (string value)
+#zfssa_auth_user = <None>
+
+# ZFSSA management authorized user's password. (string value)
+#zfssa_auth_password = <None>
+
+# ZFSSA storage pool name. (string value)
+#zfssa_pool = <None>
+
+# ZFSSA project name. (string value)
+#zfssa_project = <None>
+
+# Controls checksum used for data blocks. (string value)
+#zfssa_nas_checksum = fletcher4
+
+# Data compression-off, lzjb, gzip-2, gzip, gzip-9. (string value)
+#zfssa_nas_compression = off
+
+# Controls behavior when servicing synchronous writes. (string value)
+#zfssa_nas_logbias = latency
+
+# Location of project in ZFS/SA. (string value)
+#zfssa_nas_mountpoint =
+
+# Controls whether a share quota includes snapshot. (string value)
+#zfssa_nas_quota_snap = true
+
+# Controls whether file ownership can be changed. (string value)
+#zfssa_nas_rstchown = true
+
+# Controls whether the share is scanned for viruses. (string value)
+#zfssa_nas_vscan = false
+
+# REST connection timeout (in seconds). (string value)
+#zfssa_rest_timeout = <None>
+
+# Driver policy for share manage. A strict policy checks for a schema
+# named manila_managed, and makes sure its value is true. A loose
+# policy does not check for the schema. (string value)
+# Possible values:
+# loose - <No description provided>
+# strict - <No description provided>
+#zfssa_manage_policy = loose
+
+# Whether to enable pre hooks or not. (boolean value)
+#enable_pre_hooks = false
+
+# Whether to enable post hooks or not. (boolean value)
+#enable_post_hooks = false
+
+# Whether to enable periodic hooks or not. (boolean value)
+#enable_periodic_hooks = false
+
+# Whether to suppress pre hook errors (allow driver perform actions)
+# or not. (boolean value)
+#suppress_pre_hooks_errors = false
+
+# Whether to suppress post hook errors (allow driver's results to pass
+# through) or not. (boolean value)
+#suppress_post_hooks_errors = false
+
+# Interval in seconds between execution of periodic hooks. Used when
+# option 'enable_periodic_hooks' is set to True. Default is 300.
+# (floating point value)
+#periodic_hooks_interval = 300.0
+
+# Driver to use for share creation. (string value)
+#share_driver = manila.share.drivers.generic.GenericShareDriver
+
+# Driver(s) to perform some additional actions before and after share
+# driver actions and on a periodic basis. Default is []. (list value)
+#hook_drivers =
+
+# Whether share servers will be deleted on deletion of the last share.
+# (boolean value)
+#delete_share_server_with_last_share = false
+
+# If set to True, then manila will deny access and remove all access
+# rules on share unmanage.If set to False - nothing will be changed.
+# (boolean value)
+#unmanage_remove_access_rules = false
+
+# If set to True, then Manila will delete all share servers which were
+# unused more than specified time .If set to False - automatic
+# deletion of share servers will be disabled. (boolean value)
+#automatic_share_server_cleanup = true
+
+# Unallocated share servers reclamation time interval (minutes).
+# Minimum value is 10 minutes, maximum is 60 minutes. The reclamation
+# function is run every 10 minutes and delete share servers which were
+# unused more than unused_share_server_cleanup_interval option
+# defines. This value reflects the shortest time Manila will wait for
+# a share server to go unutilized before deleting it. (integer value)
+# Minimum value: 10
+# Maximum value: 60
+#unused_share_server_cleanup_interval = 10
+
+# This value, specified in seconds, determines how often the share
+# manager will poll for the health (replica_state) of each replica
+# instance. (integer value)
+#replica_state_update_interval = 300
+
+# This value, specified in seconds, determines how often the share
+# manager will poll the driver to perform the next step of migration
+# in the storage backend, for a migrating share. (integer value)
+#migration_driver_continue_update_interval = 60
+
+# This value, specified in seconds, determines how often the share
+# manager will poll the driver to update the share usage size in the
+# storage backend, for shares in that backend. (integer value)
+#share_usage_size_update_interval = 300
+
+# If set to True, share usage size will be polled for in the interval
+# specified with "share_usage_size_update_interval". Usage data can be
+# consumed by telemetry integration. If telemetry is not configured,
+# this option must be set to False. If set to False - gathering share
+# usage size will be disabled. (boolean value)
+#enable_gathering_share_usage_size = false
+
+# The full class name of the Volume API class to use. (string value)
+#volume_api_class = manila.volume.cinder.API
+
+# Sets the value of TCP_KEEPALIVE (True/False) for each server socket.
+# (boolean value)
+#tcp_keepalive = true
+
+# Sets the value of TCP_KEEPINTVL in seconds for each server socket.
+# Not supported on OS X. (integer value)
+#tcp_keepalive_interval = <None>
+
+# Sets the value of TCP_KEEPCNT for each server socket. Not supported
+# on OS X. (integer value)
+#tcp_keepalive_count = <None>
+
+# If set to true, the logging level will be set to DEBUG instead of
+# the default INFO level. (boolean value)
+# Note: This option can be changed without restarting.
+#debug = false
+
+{%- if cfg.logging is defined %}
+{%- set _data = cfg.logging %}
+{%- include "oslo_templates/files/rocky/oslo/_log.conf" %}
+{%- endif %}
+
+
+{%- set _data = cfg.message_queue %}
+{%- include "oslo_templates/files/rocky/oslo/messaging/_default.conf" %}
+
+
+[cinder]
+{%- set _service_catalog = cfg.get('cinder', cfg.get('identity', {})) %}
+{%- set auth_type = _data.get('auth_type', 'password') %}
+{%- include "oslo_templates/files/rocky/keystoneauth/_type_" + auth_type + ".conf" %}
+
+
+[cors]
+{%- if cfg.cors is defined %}
+{%- set _data = cfg.cors %}
+{%- include "oslo_templates/files/rocky/oslo/_cors.conf" %}
+{%- endif %}
+
+
+[database]
+{%- set _data = cfg.database %}
+{%- if _data.ssl is defined and 'cacert_file' not in _data.get('ssl', {}).keys() %}{% do _data['ssl'].update({'cacert_file': cfg.cacert_file}) %}{% endif %}
+{%- include "oslo_templates/files/rocky/oslo/_database.conf" %}
+
+
+[healthcheck]
+{%- include "oslo_templates/files/rocky/oslo/_healthcheck.conf" %}
+
+
+[keystone_authtoken]
+{%- set _data = cfg.get('identity', {}) %}
+{%- if 'cacert_file' not in _data.keys() %}{% do _data.update({'cacert_file': cfg.cacert_file}) %}{% endif %}
+{%- set auth_type = _data.get('auth_type', 'password') %}
+{%- include "oslo_templates/files/rocky/keystonemiddleware/_auth_token.conf" %}
+{%- include "oslo_templates/files/rocky/keystoneauth/_type_" + auth_type + ".conf" %}
+
+
+[matchmaker_redis]
+
+#
+# From oslo.messaging
+#
+
+# DEPRECATED: Host to locate redis. (string value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: Replaced by [DEFAULT]/transport_url
+#host = 127.0.0.1
+
+# DEPRECATED: Use this port to connect to redis host. (port value)
+# Minimum value: 0
+# Maximum value: 65535
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: Replaced by [DEFAULT]/transport_url
+#port = 6379
+
+# DEPRECATED: Password for Redis server (optional). (string value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: Replaced by [DEFAULT]/transport_url
+#password =
+
+# DEPRECATED: List of Redis Sentinel hosts (fault tolerance mode),
+# e.g., [host:port, host1:port ... ] (list value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+# Reason: Replaced by [DEFAULT]/transport_url
+#sentinel_hosts =
+
+# Redis replica set name. (string value)
+#sentinel_group_name = oslo-messaging-zeromq
+
+# Time in ms to wait between connection attempts. (integer value)
+#wait_timeout = 2000
+
+# Time in ms to wait before the transaction is killed. (integer value)
+#check_timeout = 20000
+
+# Timeout in ms on blocking socket operations. (integer value)
+#socket_timeout = 10000
+
+
+[neutron]
+{%- set _service_catalog = cfg.get('neutron', cfg.get('identity', {})) %}
+{%- set auth_type = _data.get('auth_type', 'password') %}
+{%- include "oslo_templates/files/rocky/keystoneauth/_type_" + auth_type + ".conf" %}
+
+
+[nova]
+{%- set _service_catalog = cfg.get('nova', cfg.get('identity', {})) %}
+{%- set auth_type = _data.get('auth_type', 'password') %}
+{%- include "oslo_templates/files/rocky/keystoneauth/_type_" + auth_type + ".conf" %}
+
+[oslo_concurrency]
+{%- set _data = cfg.get('concurrency', {}) %}
+{%- include "oslo_templates/files/rocky/oslo/_concurrency.conf" %}
+
+
+{%- if cfg.message_queue is defined %}
+{%- set _data = cfg.message_queue %}
+{%- if _data.engine == 'rabbitmq' %}
+ {%- set messaging_engine = 'rabbit' %}
+{%- else %}
+ {%- set messaging_engine = _data.engine %}
+{%- endif %}
+[oslo_messaging_{{ messaging_engine }}]
+{%- include "oslo_templates/files/rocky/oslo/messaging/_" + messaging_engine + ".conf" %}
+{%- endif %}
+
+
+[oslo_messaging_notifications]
+{%- set _data = cfg.get('notification', {}) %}
+{%- include "oslo_templates/files/rocky/oslo/messaging/_notifications.conf" %}
+
+
+[oslo_middleware]
+{%- set _data = cfg %}
+{%- include "oslo_templates/files/rocky/oslo/_middleware.conf" %}
+
+
+[oslo_policy]
+{%- if cfg.policy is defined %}
+{%- set _data = cfg.policy %}
+{%- include "oslo_templates/files/rocky/oslo/_policy.conf" %}
+{%- endif %}
+
+
+[ssl]
+{%- include "oslo_templates/files/rocky/oslo/service/_ssl.conf" %}
+
+
+{%- if cfg.enabled_share_backends is defined %}
+{%- for name, backend in cfg.enabled_share_backends.iteritems() %}
+[{{ backend.name }}]
+{%- include "manila/files/"+ cfg.version +"/_backend_general.conf" %}
+{%- include "manila/files/"+ cfg.version +"/_backend_"+ backend.type +".conf" %}
+{%- endfor %}
+{%- endif %}
+
+# Certificate file to use when starting the server securely. (string
+# value)
+# Deprecated group/name - [DEFAULT]/ssl_cert_file
+#cert_file = <None>
+
+# Private key file to use when starting the server securely. (string
+# value)
+# Deprecated group/name - [DEFAULT]/ssl_key_file
+#key_file = <None>
+
+# SSL version to use (valid only if SSL enabled). Valid values are
+# TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be
+# available on some distributions. (string value)
+#version = <None>
+
+# Sets the list of available ciphers. value should be a string in the
+# OpenSSL cipher list format. (string value)
+#ciphers = <None>
diff --git a/manila/files/rocky/policy.json b/manila/files/rocky/policy.json
new file mode 100644
index 0000000..19d5385
--- /dev/null
+++ b/manila/files/rocky/policy.json
@@ -0,0 +1,146 @@
+{
+ "context_is_admin": "role:admin",
+ "admin_or_owner": "is_admin:True or project_id:%(project_id)s",
+ "default": "rule:admin_or_owner",
+ "admin_api": "is_admin:True",
+ "availability_zone:index": "rule:default",
+ "scheduler_stats:pools:index": "rule:admin_api",
+ "scheduler_stats:pools:detail": "rule:admin_api",
+ "share:create": "",
+ "share:get": "rule:default",
+ "share:get_all": "rule:default",
+ "share:update": "rule:default",
+ "share:delete": "rule:default",
+ "share:force_delete": "rule:admin_api",
+ "share:manage": "rule:admin_api",
+ "share:unmanage": "rule:admin_api",
+ "share:create_snapshot": "rule:default",
+ "share:list_by_host": "rule:admin_api",
+ "share:list_by_share_server_id": "rule:admin_api",
+ "share:access_get": "rule:default",
+ "share:access_get_all": "rule:default",
+ "share:extend": "rule:default",
+ "share:shrink": "rule:default",
+ "share:migration_start": "rule:admin_api",
+ "share:migration_complete": "rule:admin_api",
+ "share:migration_cancel": "rule:admin_api",
+ "share:migration_get_progress": "rule:admin_api",
+ "share:reset_task_state": "rule:admin_api",
+ "share:reset_status": "rule:admin_api",
+ "share:revert_to_snapshot": "rule:default",
+ "share:allow_access": "rule:default",
+ "share:deny_access": "rule:default",
+ "share:delete_snapshot": "rule:default",
+ "share:snapshot_update": "rule:default",
+ "share:update_share_metadata": "rule:default",
+ "share:delete_share_metadata": "rule:default",
+ "share:get_share_metadata": "rule:default",
+ "share_instance_export_location:index": "rule:admin_api",
+ "share_instance_export_location:show": "rule:admin_api",
+ "share_type:create": "rule:admin_api",
+ "share_type:show": "rule:default",
+ "share_type:index": "rule:default",
+ "share_type:default": "rule:default",
+ "share_type:delete": "rule:admin_api",
+ "share_type:list_project_access": "rule:admin_api",
+ "share_type:add_project_access": "rule:admin_api",
+ "share_type:remove_project_access": "rule:admin_api",
+ "share_types_extra_spec:create": "rule:admin_api",
+ "share_types_extra_spec:show": "rule:admin_api",
+ "share_types_extra_spec:index": "rule:admin_api",
+ "share_types_extra_spec:update": "rule:admin_api",
+ "share_types_extra_spec:delete": "rule:admin_api",
+ "share_snapshot:get_snapshot": "rule:default",
+ "share_snapshot:get_all_snapshots": "rule:default",
+ "share_snapshot:force_delete": "rule:admin_api",
+ "share_snapshot:manage_snapshot": "rule:admin_api",
+ "share_snapshot:unmanage_snapshot": "rule:admin_api",
+ "share_snapshot:reset_status": "rule:admin_api",
+ "share_snapshot:access_list": "rule:default",
+ "share_snapshot:allow_access": "rule:default",
+ "share_snapshot:deny_access": "rule:default",
+ "share_snapshot_export_location:index": "rule:default",
+ "share_snapshot_export_location:show": "rule:default",
+ "share_snapshot_instance:show": "rule:admin_api",
+ "share_snapshot_instance:index": "rule:admin_api",
+ "share_snapshot_instance:detail": "rule:admin_api",
+ "share_snapshot_instance:reset_status": "rule:admin_api",
+ "share_snapshot_instance_export_location:index": "rule:admin_api",
+ "share_snapshot_instance_export_location:show": "rule:admin_api",
+ "share_server:index": "rule:admin_api",
+ "share_server:show": "rule:admin_api",
+ "share_server:details": "rule:admin_api",
+ "share_server:delete": "rule:admin_api",
+ "service:index": "rule:admin_api",
+ "service:update": "rule:admin_api",
+ "quota_set:update": "rule:admin_api",
+ "quota_set:show": "rule:default",
+ "quota_set:delete": "rule:admin_api",
+ "quota_class_set:update": "rule:admin_api",
+ "quota_class_set:show": "rule:default",
+ "share_group_types_spec:create": "rule:admin_api",
+ "share_group_types_spec:index": "rule:admin_api",
+ "share_group_types_spec:show": "rule:admin_api",
+ "share_group_types_spec:update": "rule:admin_api",
+ "share_group_types_spec:delete": "rule:admin_api",
+ "share_group_type:create": "rule:admin_api",
+ "share_group_type:index": "rule:default",
+ "share_group_type:show": "rule:default",
+ "share_group_type:default": "rule:default",
+ "share_group_type:delete": "rule:admin_api",
+ "share_group_type:list_project_access": "rule:admin_api",
+ "share_group_type:add_project_access": "rule:admin_api",
+ "share_group_type:remove_project_access": "rule:admin_api",
+ "share_group_snapshot:create": "rule:default",
+ "share_group_snapshot:get": "rule:default",
+ "share_group_snapshot:get_all": "rule:default",
+ "share_group_snapshot:update": "rule:default",
+ "share_group_snapshot:delete": "rule:default",
+ "share_group_snapshot:force_delete": "rule:admin_api",
+ "share_group_snapshot:reset_status": "rule:admin_api",
+ "share_group:create": "rule:default",
+ "share_group:get": "rule:default",
+ "share_group:get_all": "rule:default",
+ "share_group:update": "rule:default",
+ "share_group:delete": "rule:default",
+ "share_group:force_delete": "rule:admin_api",
+ "share_group:reset_status": "rule:admin_api",
+ "share_replica:create": "rule:default",
+ "share_replica:get_all": "rule:default",
+ "share_replica:show": "rule:default",
+ "share_replica:delete": "rule:default",
+ "share_replica:force_delete": "rule:admin_api",
+ "share_replica:promote": "rule:default",
+ "share_replica:resync": "rule:admin_api",
+ "share_replica:reset_replica_state": "rule:admin_api",
+ "share_replica:reset_status": "rule:admin_api",
+ "share_network:create": "rule:default",
+ "share_network:show": "rule:default",
+ "share_network:index": "rule:default",
+ "share_network:detail": "rule:default",
+ "share_network:update": "rule:default",
+ "share_network:delete": "rule:default",
+ "share_network:add_security_service": "rule:default",
+ "share_network:remove_security_service": "rule:default",
+ "share_network:get_all_share_networks": "rule:admin_api",
+ "security_service:create": "rule:default",
+ "security_service:show": "rule:default",
+ "security_service:detail": "rule:default",
+ "security_service:index": "rule:default",
+ "security_service:update": "rule:default",
+ "security_service:delete": "rule:default",
+ "security_service:get_all_security_services": "rule:admin_api",
+ "share_export_location:index": "rule:default",
+ "share_export_location:show": "rule:default",
+ "share_instance:index": "rule:admin_api",
+ "share_instance:show": "rule:admin_api",
+ "share_instance:force_delete": "rule:admin_api",
+ "share_instance:reset_status": "rule:admin_api",
+ "message:get": "rule:default",
+ "message:get_all": "rule:default",
+ "message:delete": "rule:default",
+ "share_access_rule:get": "rule:default",
+ "share_access_rule:index": "rule:default",
+ "share_access_metadata:update": "rule:default",
+ "share_access_metadata:delete": "rule:default"
+}
diff --git a/tests/pillar/repo_mcp_openstack_queens.sls b/tests/pillar/repo_mcp_openstack_queens.sls
new file mode 100644
index 0000000..a8c7e77
--- /dev/null
+++ b/tests/pillar/repo_mcp_openstack_queens.sls
@@ -0,0 +1,12 @@
+linux:
+ system:
+ enabled: true
+ repo:
+ mirantis_openstack_repo:
+ source: "deb http://mirror.mirantis.com/nightly/openstack-queens/{{ grains.get('oscodename') }} {{ grains.get('oscodename') }} main"
+ architectures: amd64
+ key_url: "http://mirror.mirantis.com/nightly/openstack-queens/{{ grains.get('oscodename') }}/archive-queens.key"
+ pin:
+ - pin: 'release l=queens'
+ priority: 1050
+ package: '*'
\ No newline at end of file
diff --git a/tests/pillar/repo_mcp_openstack_rocky.sls b/tests/pillar/repo_mcp_openstack_rocky.sls
new file mode 100644
index 0000000..026ac5c
--- /dev/null
+++ b/tests/pillar/repo_mcp_openstack_rocky.sls
@@ -0,0 +1,12 @@
+linux:
+ system:
+ enabled: true
+ repo:
+ mirantis_openstack_repo:
+ source: "deb http://mirror.mirantis.com/nightly/openstack-rocky/{{ grains.get('oscodename') }} {{ grains.get('oscodename') }} main"
+ architectures: amd64
+ key_url: "http://mirror.mirantis.com/nightly/openstack-rocky/{{ grains.get('oscodename') }}/archive-openstack-rocky.key"
+ pin:
+ - pin: 'release l=rocky'
+ priority: 1050
+ package: '*'
\ No newline at end of file