From 985bd8c07973ec182eafb0ff89ee32807e7066fc Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Fri, 29 May 2015 12:07:22 +0000 Subject: Cinder: Update the cinder.conf with kilo example Generated with: ./tools/config/generate_sample.sh -b . -p cinder -o etc/cinder Also install some generic configuration files at build time, and remove them from the manifest. --- openstack/manifest | 2 - openstack/usr/share/openstack/cinder/api-paste.ini | 60 - openstack/usr/share/openstack/cinder/cinder.conf | 1560 +++++++++++--------- openstack/usr/share/openstack/cinder/policy.json | 80 - strata/openstack-services/cinder.morph | 5 +- 5 files changed, 862 insertions(+), 845 deletions(-) delete mode 100644 openstack/usr/share/openstack/cinder/api-paste.ini delete mode 100644 openstack/usr/share/openstack/cinder/policy.json diff --git a/openstack/manifest b/openstack/manifest index 521b04ec..da38a638 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -12,8 +12,6 @@ template 0100644 0 0 /etc/tempest/tempest.conf 0100644 0 0 /usr/share/openstack/cinder-db.yml 0100644 0 0 /usr/share/openstack/cinder-lvs.yml 0100644 0 0 /usr/share/openstack/cinder/cinder.conf -0100644 0 0 /usr/share/openstack/cinder/api-paste.ini -0100644 0 0 /usr/share/openstack/cinder/policy.json 0040755 0 0 /usr/share/openstack/extras 0100644 0 0 /usr/share/openstack/extras/00-disable-device.network 0100644 0 0 /usr/share/openstack/extras/60-device-dhcp.network diff --git a/openstack/usr/share/openstack/cinder/api-paste.ini b/openstack/usr/share/openstack/cinder/api-paste.ini deleted file mode 100644 index ba922d5f..00000000 --- a/openstack/usr/share/openstack/cinder/api-paste.ini +++ /dev/null @@ -1,60 +0,0 @@ -############# -# OpenStack # -############# - -[composite:osapi_volume] -use = call:cinder.api:root_app_factory -/: apiversions -/v1: openstack_volume_api_v1 -/v2: openstack_volume_api_v2 - -[composite:openstack_volume_api_v1] -use = call:cinder.api.middleware.auth:pipeline_factory -noauth = request_id faultwrap sizelimit osprofiler noauth apiv1 -keystone = request_id faultwrap sizelimit osprofiler authtoken keystonecontext apiv1 -keystone_nolimit = request_id faultwrap sizelimit osprofiler authtoken keystonecontext apiv1 - -[composite:openstack_volume_api_v2] -use = call:cinder.api.middleware.auth:pipeline_factory -noauth = request_id faultwrap sizelimit osprofiler noauth apiv2 -keystone = request_id faultwrap sizelimit osprofiler authtoken keystonecontext apiv2 -keystone_nolimit = request_id faultwrap sizelimit osprofiler authtoken keystonecontext apiv2 - -[filter:request_id] -paste.filter_factory = cinder.openstack.common.middleware.request_id:RequestIdMiddleware.factory - -[filter:faultwrap] -paste.filter_factory = cinder.api.middleware.fault:FaultWrapper.factory - -[filter:osprofiler] -paste.filter_factory = osprofiler.web:WsgiMiddleware.factory -hmac_keys = SECRET_KEY -enabled = yes - -[filter:noauth] -paste.filter_factory = cinder.api.middleware.auth:NoAuthMiddleware.factory - -[filter:sizelimit] -paste.filter_factory = cinder.api.middleware.sizelimit:RequestBodySizeLimiter.factory - -[app:apiv1] -paste.app_factory = cinder.api.v1.router:APIRouter.factory - -[app:apiv2] -paste.app_factory = cinder.api.v2.router:APIRouter.factory - -[pipeline:apiversions] -pipeline = faultwrap osvolumeversionapp - -[app:osvolumeversionapp] -paste.app_factory = cinder.api.versions:Versions.factory - -########## -# Shared # -########## - -[filter:keystonecontext] -paste.filter_factory = cinder.api.middleware.auth:CinderKeystoneContext.factory - -[filter:authtoken] -paste.filter_factory = keystonemiddleware.auth_token:filter_factory diff --git a/openstack/usr/share/openstack/cinder/cinder.conf b/openstack/usr/share/openstack/cinder/cinder.conf index a58004b5..8afdb941 100644 --- a/openstack/usr/share/openstack/cinder/cinder.conf +++ b/openstack/usr/share/openstack/cinder/cinder.conf @@ -4,130 +4,13 @@ # Options defined in oslo.messaging # -# Use durable queues in AMQP. (boolean value) -# Deprecated group/name - [DEFAULT]/rabbit_durable_queues -#amqp_durable_queues=false - -# Auto-delete queues in AMQP. (boolean value) -#amqp_auto_delete=false - -# Size of RPC connection pool. (integer value) -#rpc_conn_pool_size=30 - -# Qpid broker hostname. (string value) -#qpid_hostname=localhost - -# Qpid broker port. (integer value) -#qpid_port=5672 - -# Qpid HA cluster host:port pairs. (list value) -#qpid_hosts=$qpid_hostname:$qpid_port - -# Username for Qpid connection. (string value) -#qpid_username= - -# Password for Qpid connection. (string value) -#qpid_password= - -# Space separated list of SASL mechanisms to use for auth. -# (string value) -#qpid_sasl_mechanisms= - -# Seconds between connection keepalive heartbeats. (integer -# value) -#qpid_heartbeat=60 - -# Transport to use, either 'tcp' or 'ssl'. (string value) -#qpid_protocol=tcp - -# Whether to disable the Nagle algorithm. (boolean value) -#qpid_tcp_nodelay=true - -# The number of prefetched messages held by receiver. (integer -# value) -#qpid_receiver_capacity=1 - -# The qpid topology version to use. Version 1 is what was -# originally used by impl_qpid. Version 2 includes some -# backwards-incompatible changes that allow broker federation -# to work. Users should update to version 2 when they are -# able to take everything down, as it requires a clean break. -# (integer value) -#qpid_topology_version=1 - -# SSL version to use (valid only if SSL enabled). valid values -# are TLSv1 and SSLv23. SSLv2 and SSLv3 may be available on -# some distributions. (string value) -#kombu_ssl_version= - -# SSL key file (valid only if SSL enabled). (string value) -#kombu_ssl_keyfile= - -# SSL cert file (valid only if SSL enabled). (string value) -#kombu_ssl_certfile= - -# SSL certification authority file (valid only if SSL -# enabled). (string value) -#kombu_ssl_ca_certs= - -# How long to wait before reconnecting in response to an AMQP -# consumer cancel notification. (floating point value) -#kombu_reconnect_delay=1.0 - -# The RabbitMQ broker address where a single node is used. -# (string value) -rabbit_host={{ RABBITMQ_HOST }} - -# The RabbitMQ broker port where a single node is used. -# (integer value) -rabbit_port={{ RABBITMQ_PORT }} - -# RabbitMQ HA cluster host:port pairs. (list value) -#rabbit_hosts=$rabbit_host:$rabbit_port - -# Connect over SSL for RabbitMQ. (boolean value) -#rabbit_use_ssl=false - -# The RabbitMQ userid. (string value) -rabbit_userid={{ RABBITMQ_USER }} - -# The RabbitMQ password. (string value) -rabbit_password={{ RABBITMQ_PASSWORD }} - -# the RabbitMQ login method (string value) -#rabbit_login_method=AMQPLAIN - -# The RabbitMQ virtual host. (string value) -#rabbit_virtual_host=/ - -# How frequently to retry connecting with RabbitMQ. (integer -# value) -#rabbit_retry_interval=1 - -# How long to backoff for between retries when connecting to -# RabbitMQ. (integer value) -#rabbit_retry_backoff=2 - -# Maximum number of RabbitMQ connection retries. Default is 0 -# (infinite retry count). (integer value) -#rabbit_max_retries=0 - -# Use HA queues in RabbitMQ (x-ha-policy: all). If you change -# this option, you must wipe the RabbitMQ database. (boolean -# value) -#rabbit_ha_queues=false - -# Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake -# (boolean value) -#fake_rabbit=false - # ZeroMQ bind address. Should be a wildcard (*), an ethernet # interface, or IP. The "host" option should point or resolve # to this address. (string value) #rpc_zmq_bind_address=* # MatchMaker driver. (string value) -#rpc_zmq_matchmaker=oslo.messaging._drivers.matchmaker.MatchMakerLocalhost +#rpc_zmq_matchmaker=local # ZeroMQ receiver listening port. (integer value) #rpc_zmq_port=9501 @@ -157,12 +40,12 @@ rabbit_password={{ RABBITMQ_PASSWORD }} # Heartbeat time-to-live. (integer value) #matchmaker_heartbeat_ttl=600 -# Size of RPC greenthread pool. (integer value) +# Size of RPC thread pool. (integer value) #rpc_thread_pool_size=64 # Driver or drivers to handle sending notifications. (multi # valued) -notification_driver=messagingv2 +#notification_driver= # AMQP topic used for OpenStack notifications. (list value) # Deprecated group/name - [rpc_notifier2]/topics @@ -178,12 +61,12 @@ notification_driver=messagingv2 # The messaging driver to use, defaults to rabbit. Other # drivers include qpid and zmq. (string value) -rpc_backend=rabbit +#rpc_backend=rabbit # The default exchange under which topics are scoped. May be # overridden by an exchange name specified in the # transport_url option. (string value) -control_exchange=cinder +#control_exchange=openstack # @@ -306,6 +189,12 @@ control_exchange=cinder # with big service catalogs). (integer value) #max_header_line=16384 +# Timeout for client connections' socket operations. If an +# incoming connection is idle for this number of seconds it +# will be closed. A value of '0' means wait forever. (integer +# value) +#client_socket_timeout=900 + # If False, closes the client socket connection explicitly. # Setting it to True to maintain backward compatibility. # Recommended setting is set it to False. (boolean value) @@ -371,6 +260,26 @@ control_exchange=cinder #osapi_max_request_body_size=114688 +# +# Options defined in cinder.api.views.versions +# + +# Public url to use for versions endpoint. The default is +# None, which will use the request's host_url attribute to +# populate the URL base. If Cinder is operating behind a +# proxy, you will want to change this to represent the proxy's +# URL. (string value) +#public_endpoint= + + +# +# Options defined in cinder.backup.chunkeddriver +# + +# Compression algorithm (None to disable) (string value) +#backup_compression_algorithm=zlib + + # # Options defined in cinder.backup.driver # @@ -378,7 +287,15 @@ control_exchange=cinder # Backup metadata version to be used when backing up volume # metadata. If this number is bumped, make sure the service # doing the restore supports the new version. (integer value) -#backup_metadata_version=1 +#backup_metadata_version=2 + +# The number of chunks or objects, for which one Ceilometer +# notification will be sent (integer value) +#backup_object_number_per_notification=10 + +# Interval, in seconds, between two progress notifications +# reporting the backup status (integer value) +#backup_timer_interval=120 # @@ -414,6 +331,42 @@ control_exchange=cinder #restore_discard_excess_bytes=true +# +# Options defined in cinder.backup.drivers.nfs +# + +# The maximum size in bytes of the files used to hold backups. +# If the volume being backed up exceeds this size, then it +# will be backed up into multiple files. (integer value) +#backup_file_size=1999994880 + +# The size in bytes that changes are tracked for incremental +# backups. backup_swift_object_size has to be multiple of +# backup_swift_block_size. (integer value) +#backup_sha_block_size_bytes=32768 + +# Enable or Disable the timer to send the periodic progress +# notifications to Ceilometer when backing up the volume to +# the backend storage. The default value is True to enable the +# timer. (boolean value) +#backup_enable_progress_timer=true + +# Base dir containing mount point for NFS share. (string +# value) +#backup_mount_point_base=$state_path/backup_mount + +# NFS share in fqdn:path, ipv4addr:path, or "[ipv6addr]:path" +# format. (string value) +#backup_share= + +# Mount options passed to the NFS client. See NFS man page for +# details. (string value) +#backup_mount_options= + +# Custom container to use for backups. (string value) +#backup_container= + + # # Options defined in cinder.backup.drivers.swift # @@ -450,6 +403,11 @@ control_exchange=cinder # The size in bytes of Swift backup objects (integer value) #backup_swift_object_size=52428800 +# The size in bytes that changes are tracked for incremental +# backups. backup_swift_object_size has to be multiple of +# backup_swift_block_size. (integer value) +#backup_swift_block_size=32768 + # The number of retries to make for Swift operations (integer # value) #backup_swift_retry_attempts=3 @@ -458,8 +416,11 @@ control_exchange=cinder # value) #backup_swift_retry_backoff=2 -# Compression algorithm (None to disable) (string value) -#backup_compression_algorithm=zlib +# Enable or Disable the timer to send the periodic progress +# notifications to Ceilometer when backing up the volume to +# the Swift backend storage. The default value is True to +# enable the timer. (boolean value) +#backup_swift_enable_progress_timer=true # @@ -486,24 +447,52 @@ control_exchange=cinder #backup_driver=cinder.backup.drivers.swift +# +# Options defined in cinder.cmd.volume +# + +# Backend override of host value. (string value) +# Deprecated group/name - [DEFAULT]/host +#backend_host= + + +# +# Options defined in cinder.cmd.volume_usage_audit +# + +# If this option is specified then the start time specified is +# used instead of the start time of the last completed audit +# period. (string value) +#start_time= + +# If this option is specified then the end time specified is +# used instead of the end time of the last completed audit +# period. (string value) +#end_time= + +# Send the volume and snapshot create and delete notifications +# generated in the specified period. (boolean value) +#send_actions=false + + # # Options defined in cinder.common.config # # File name for the paste.deploy config for cinder-api (string # value) -api_paste_config=api-paste.ini +#api_paste_config=api-paste.ini # Top-level directory for maintaining cinder's state (string # value) # Deprecated group/name - [DEFAULT]/pybasedir -state_path=/var/lib/cinder +#state_path=/var/lib/cinder # IP address of this host (string value) -my_ip={{ MANAGEMENT_INTERFACE_IP_ADDRESS }} +#my_ip=10.0.0.1 # Default glance host name or IP (string value) -glance_host={{ CONTROLLER_HOST_ADDRESS }} +#glance_host=$my_ip # Default glance port (integer value) #glance_port=9292 @@ -597,7 +586,7 @@ glance_host={{ CONTROLLER_HOST_ADDRESS }} # Path to the rootwrap configuration file to use for running # commands as root (string value) -rootwrap_config=/etc/cinder/rootwrap.conf +#rootwrap_config=/etc/cinder/rootwrap.conf # Enable monkey patching (boolean value) #monkey_patch=false @@ -619,14 +608,14 @@ rootwrap_config=/etc/cinder/rootwrap.conf # The strategy to use for auth. Supports noauth, keystone, and # deprecated. (string value) -auth_strategy=keystone +#auth_strategy=noauth # A list of backend names to use. These backend names should # be backed by a unique [CONFIG] group with its options (list # value) #enabled_backends= -# Whether snapshots count against GigaByte quota (boolean +# Whether snapshots count against gigabyte quota (boolean # value) #no_snapshot_gb_quota=false @@ -642,6 +631,19 @@ auth_strategy=keystone # (string value) #consistencygroup_api_class=cinder.consistencygroup.api.API +# OpenStack privileged account username. Used for requests to +# other services (such as Nova) that require an account with +# special rights. (string value) +#os_privileged_user_name= + +# Password associated with the OpenStack privileged account. +# (string value) +#os_privileged_user_password= + +# Tenant name associated with the OpenStack privileged +# account. (string value) +#os_privileged_user_tenant= + # # Options defined in cinder.compute @@ -659,11 +661,11 @@ auth_strategy=keystone # Match this value when searching for nova in the service # catalog. Format is: separated values of the form: # :: (string value) -#nova_catalog_info=compute:nova:publicURL +#nova_catalog_info=compute:Compute Service:publicURL # Same as nova_catalog_info, but for admin endpoint. (string # value) -#nova_catalog_admin_info=compute:nova:adminURL +#nova_catalog_admin_info=compute:Compute Service:adminURL # Override service catalog lookup with template for nova # endpoint e.g. http://localhost:8774/v2/%(project_id)s @@ -690,16 +692,13 @@ auth_strategy=keystone # Options defined in cinder.db.api # -# The backend to use for db (string value) -#db_backend=sqlalchemy - # Services to be added to the available pool on create # (boolean value) #enable_new_services=true # Template string to be used to generate volume names (string # value) -volume_name_template=volume-%s +#volume_name_template=volume-%s # Template string to be used to generate snapshot names # (string value) @@ -755,112 +754,6 @@ volume_name_template=volume-%s #backdoor_port= -# -# Options defined in cinder.openstack.common.lockutils -# - -# Whether to disable inter-process locks (boolean value) -#disable_process_locking=false - -# Directory to use for lock files. Default to a temp directory -# (string value) -lock_path=/var/lock/cinder - - -# -# Options defined in cinder.openstack.common.log -# - -# Print debugging output (set logging level to DEBUG instead -# of default WARNING level). (boolean value) -#debug=false - -# Print more verbose output (set logging level to INFO instead -# of default WARNING level). (boolean value) -#verbose=false - -# Log output to standard error. (boolean value) -#use_stderr=true - -# Format string to use for log messages with context. (string -# value) -#logging_context_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s - -# Format string to use for log messages without context. -# (string value) -#logging_default_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s - -# Data to append to log format when level is DEBUG. (string -# value) -#logging_debug_format_suffix=%(funcName)s %(pathname)s:%(lineno)d - -# Prefix each line of exception output with this format. -# (string value) -#logging_exception_prefix=%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s - -# List of logger=LEVEL pairs. (list value) -#default_log_levels=amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN - -# Enables or disables publication of error events. (boolean -# value) -#publish_errors=false - -# Enables or disables fatal status of deprecations. (boolean -# value) -#fatal_deprecations=false - -# The format for an instance that is passed with the log -# message. (string value) -#instance_format="[instance: %(uuid)s] " - -# The format for an instance UUID that is passed with the log -# message. (string value) -#instance_uuid_format="[instance: %(uuid)s] " - -# The name of a logging configuration file. This file is -# appended to any existing logging configuration files. For -# details about logging configuration files, see the Python -# logging module documentation. (string value) -# Deprecated group/name - [DEFAULT]/log_config -#log_config_append= - -# DEPRECATED. A logging.Formatter log message format string -# which may use any of the available logging.LogRecord -# attributes. This option is deprecated. Please use -# logging_context_format_string and -# logging_default_format_string instead. (string value) -#log_format= - -# Format string for %%(asctime)s in log records. Default: -# %(default)s . (string value) -#log_date_format=%Y-%m-%d %H:%M:%S - -# (Optional) Name of log file to output to. If no default is -# set, logging will go to stdout. (string value) -# Deprecated group/name - [DEFAULT]/logfile -#log_file= - -# (Optional) The base directory used for relative --log-file -# paths. (string value) -# Deprecated group/name - [DEFAULT]/logdir -#log_dir= - -# Use syslog for logging. Existing syslog format is DEPRECATED -# during I, and will change in J to honor RFC5424. (boolean -# value) -use_syslog = True - -# (Optional) Enables or disables syslog rfc5424 format for -# logging. If enabled, prefixes the MSG part of the syslog -# message with APP-NAME (RFC5424). The format without the APP- -# NAME is deprecated in I, and will be removed in J. (boolean -# value) -#use_syslog_rfc_format=false - -# Syslog facility to receive log lines. (string value) -#syslog_log_facility=LOG_USER - - # # Options defined in cinder.openstack.common.periodic_task # @@ -881,6 +774,23 @@ use_syslog = True # (string value) #policy_default_rule=default +# Directories where policy configuration files are stored. +# They can be relative to any directory in the search path +# defined by the config_dir option, or absolute paths. The +# file defined by policy_file must exist for these directories +# to be searched. Missing or empty directories are ignored. +# (multi valued) +#policy_dirs=policy.d + + +# +# Options defined in cinder.openstack.common.versionutils +# + +# Enables or disables fatal status of deprecations. (boolean +# value) +#fatal_deprecations=false + # # Options defined in cinder.scheduler.driver @@ -995,12 +905,12 @@ use_syslog = True # volume (integer value) #num_iser_scan_tries=3 -# The maximum number of iSER target IDs per host (integer -# value) -#iser_num_targets=100 +# This option is deprecated and unused. It will be removed in +# the Liberty release. (integer value) +#iser_num_targets= # Prefix for iSER volumes (string value) -#iser_target_prefix=iqn.2010-10.org.iser.openstack: +#iser_target_prefix=iqn.2010-10.org.openstack: # The IP address that the iSER daemon is listening on (string # value) @@ -1022,16 +932,20 @@ use_syslog = True # value) #reserved_percentage=0 -# The maximum number of iSCSI target IDs per host (integer -# value) -#iscsi_num_targets=100 +# This option is deprecated and unused. It will be removed in +# the Liberty release. (integer value) +#iscsi_num_targets= # Prefix for iSCSI volumes (string value) #iscsi_target_prefix=iqn.2010-10.org.openstack: # The IP address that the iSCSI daemon is listening on (string # value) -iscsi_ip_address={{ MANAGEMENT_INTERFACE_IP_ADDRESS }} +#iscsi_ip_address=$my_ip + +# The list of secondary IP addresses of the iSCSI daemon (list +# value) +#iscsi_secondary_ip_addresses= # The port that the iSCSI daemon is listening on (integer # value) @@ -1044,15 +958,19 @@ iscsi_ip_address={{ MANAGEMENT_INTERFACE_IP_ADDRESS }} # The backend name for a given driver implementation (string # value) -volume_backend_name=LVM_iSCSI +#volume_backend_name= # Do we attach/detach volumes in cinder using multipath for # volume to image and image to volume transfers? (boolean # value) #use_multipath_for_image_xfer=false -# Method used to wipe old volumes (valid options are: none, -# zero, shred) (string value) +# If this is set to True, attachment of volumes for image +# transfer will be aborted when multipathd is not running. +# Otherwise, it will fallback to single path. (boolean value) +#enforce_multipath_for_image_xfer=false + +# Method used to wipe old volumes (string value) #volume_clear=zero # Size in MiB to wipe at start of old volumes. 0 => all @@ -1065,18 +983,24 @@ volume_backend_name=LVM_iSCSI #volume_clear_ionice= # iSCSI target user-land tool to use. tgtadm is default, use -# lioadm for LIO iSCSI support, iseradm for the ISER protocol, -# or fake for testing. (string value) -iscsi_helper=lioadm +# lioadm for LIO iSCSI support, scstadmin for SCST target +# support, iseradm for the ISER protocol, ietadm for iSCSI +# Enterprise Target, iscsictl for Chelsio iSCSI Target or fake +# for testing. (string value) +#iscsi_helper=tgtadm # Volume configuration file storage directory (string value) -volumes_dir=$state_path/volumes +#volumes_dir=$state_path/volumes # IET configuration file (string value) #iet_conf=/etc/iet/ietd.conf -# Comma-separated list of initiator IQNs allowed to connect to -# the iSCSI target. (From Nova compute nodes.) (string value) +# Chiscsi (CXT) global defaults configuration file (string +# value) +#chiscsi_conf=/etc/chelsio-iscsi/chiscsi.conf + +# This option is deprecated and unused. It will be removed in +# the next release. (string value) #lio_initiator_iqns= # Sets the behavior of the iSCSI target to either perform @@ -1102,6 +1026,13 @@ volumes_dir=$state_path/volumes # value) #iscsi_write_cache=on +# Determines the iSCSI protocol for new iSCSI volumes, created +# with tgtadm or lioadm target helpers. In order to enable +# RDMA, this parameter should be set with the value "iser". +# The supported iSCSI protocol values are "iscsi" and "iser". +# (string value) +#iscsi_protocol=iscsi + # The path to the client certificate key for verification, if # the driver supports it. (string value) #driver_client_cert_key= @@ -1110,6 +1041,57 @@ volumes_dir=$state_path/volumes # driver supports it. (string value) #driver_client_cert= +# Tell driver to use SSL for connection to backend storage if +# the driver supports it. (boolean value) +#driver_use_ssl=false + +# Float representation of the over subscription ratio when +# thin provisioning is involved. Default ratio is 20.0, +# meaning provisioned capacity can be 20 times of the total +# physical capacity. If the ratio is 10.5, it means +# provisioned capacity can be 10.5 times of the total physical +# capacity. A ratio of 1.0 means provisioned capacity cannot +# exceed the total physical capacity. A ratio lower than 1.0 +# will be ignored and the default value will be used instead. +# (floating point value) +#max_over_subscription_ratio=20.0 + +# Certain ISCSI targets have predefined target names, SCST +# target driver uses this name. (string value) +#scst_target_iqn_name= + +# SCST target implementation can choose from multiple SCST +# target drivers. (string value) +#scst_target_driver=iscsi + +# Option to enable/disable CHAP authentication for targets. +# (boolean value) +# Deprecated group/name - [DEFAULT]/eqlx_use_chap +#use_chap_auth=false + +# CHAP user name. (string value) +# Deprecated group/name - [DEFAULT]/eqlx_chap_login +#chap_username= + +# Password for specified CHAP account name. (string value) +# Deprecated group/name - [DEFAULT]/eqlx_chap_password +#chap_password= + +# Namespace for driver private data values to be saved in. +# (string value) +#driver_data_namespace= + +# String representation for an equation that will be used to +# filter hosts. Only used when the driver filter is set to be +# used by the Cinder scheduler. (string value) +#filter_function= + +# String representation for an equation that will be used to +# determine the goodness of a host. Only used when using the +# goodness weigher is set to be used by the Cinder scheduler. +# (string value) +#goodness_function= + # # Options defined in cinder.volume.drivers.block_device @@ -1120,31 +1102,47 @@ volumes_dir=$state_path/volumes # -# Options defined in cinder.volume.drivers.coraid +# Options defined in cinder.volume.drivers.cloudbyte.options # -# IP address of Coraid ESM (string value) -#coraid_esm_address= +# These values will be used for CloudByte storage's addQos API +# call. (dict value) +#cb_add_qosgroup=latency:15,iops:10,graceallowed:false,iopscontrol:true,memlimit:0,throughput:0,tpcontrol:false,networkspeed:0 + +# Driver will use this API key to authenticate against the +# CloudByte storage's management interface. (string value) +#cb_apikey=None -# User name to connect to Coraid ESM (string value) -#coraid_user=admin +# CloudByte storage specific account name. This maps to a +# project name in OpenStack. (string value) +#cb_account_name=None -# Name of group on Coraid ESM to which coraid_user belongs -# (must have admin privilege) (string value) -#coraid_group=admin +# This corresponds to the name of Tenant Storage Machine (TSM) +# in CloudByte storage. A volume will be created in this TSM. +# (string value) +#cb_tsm_name=None -# Password to connect to Coraid ESM (string value) -#coraid_password=password +# A retry value in seconds. Will be used by the driver to +# check if volume creation was successful in CloudByte +# storage. (integer value) +#cb_confirm_volume_create_retry_interval=5 -# Volume Type key name to store ESM Repository Name (string +# Will confirm a successful volume creation in CloudByte +# storage by making this many number of attempts. (integer # value) -#coraid_repository_key=coraid_repository +#cb_confirm_volume_create_retries=3 + +# These values will be used for CloudByte storage's +# createVolume API call. (dict value) +#cb_create_volume=compression:off,deduplication:off,blocklength:512B,sync:always,protocoltype:ISCSI,recordsize:16k # # Options defined in cinder.volume.drivers.datera # +# DEPRECATED: This will be removed in the Liberty release. Use +# san_login and san_password instead. This directly sets the # Datera API token. (string value) #datera_api_token= @@ -1158,6 +1156,25 @@ volumes_dir=$state_path/volumes #datera_num_replicas=3 +# +# Options defined in cinder.volume.drivers.dell.dell_storagecenter_common +# + +# Storage Center System Serial Number (integer value) +#dell_sc_ssn=64702 + +# Dell API port (integer value) +#dell_sc_api_port=3033 + +# Name of the server folder to use on the Storage Center +# (string value) +#dell_sc_server_folder=openstack + +# Name of the volume folder to use on the Storage Center +# (string value) +#dell_sc_volume_folder=openstack + + # # Options defined in cinder.volume.drivers.emc.emc_vmax_common # @@ -1211,59 +1228,68 @@ volumes_dir=$state_path/volumes # False. (boolean value) #initiator_auto_registration=false +# Automatically deregister initiators after the related +# storage group is destroyed. By default, the value is False. +# (boolean value) +#initiator_auto_deregistration=false + +# Report free_capacity_gb as 0 when the limit to maximum +# number of pool LUNs is reached. By default, the value is +# False. (boolean value) +#check_max_pool_luns_threshold=false + +# Delete a LUN even if it is in Storage Groups. (boolean +# value) +#force_delete_lun_in_storagegroup=false + + +# +# Options defined in cinder.volume.drivers.emc.xtremio +# + +# XMS cluster id in multi-cluster environment (string value) +#xtremio_cluster_name= + # # Options defined in cinder.volume.drivers.eqlx # -# Group name to use for creating volumes (string value) +# Group name to use for creating volumes. Defaults to +# "group-0". (string value) #eqlx_group_name=group-0 -# Timeout for the Group Manager cli command execution (integer -# value) +# Timeout for the Group Manager cli command execution. Default +# is 30. (integer value) #eqlx_cli_timeout=30 -# Maximum retry count for reconnection (integer value) +# Maximum retry count for reconnection. Default is 5. (integer +# value) #eqlx_cli_max_retries=5 -# Use CHAP authentication for targets? (boolean value) +# Use CHAP authentication for targets. Note that this option +# is deprecated in favour of "use_chap_auth" as specified in +# cinder/volume/driver.py and will be removed in next release. +# (boolean value) #eqlx_use_chap=false -# Existing CHAP account name (string value) +# Existing CHAP account name. Note that this option is +# deprecated in favour of "chap_username" as specified in +# cinder/volume/driver.py and will be removed in next release. +# (string value) #eqlx_chap_login=admin -# Password for specified CHAP account name (string value) +# Password for specified CHAP account name. Note that this +# option is deprecated in favour of "chap_password" as +# specified in cinder/volume/driver.py and will be removed in +# the next release (string value) #eqlx_chap_password=password -# Pool in which volumes will be created (string value) +# Pool in which volumes will be created. Defaults to +# "default". (string value) #eqlx_pool=default -# -# Options defined in cinder.volume.drivers.fujitsu_eternus_dx_common -# - -# The configuration file for the Cinder SMI-S driver (string -# value) -#cinder_smis_config_file=/etc/cinder/cinder_fujitsu_eternus_dx.xml - - -# -# Options defined in cinder.volume.drivers.fusionio.ioControl -# - -# amount of time wait for iSCSI target to come online (integer -# value) -#fusionio_iocontrol_targetdelay=5 - -# number of retries for GET operations (integer value) -#fusionio_iocontrol_retry=3 - -# verify the array certificate on each transaction (boolean -# value) -#fusionio_iocontrol_verify_cert=true - - # # Options defined in cinder.volume.drivers.glusterfs # @@ -1406,6 +1432,20 @@ volumes_dir=$state_path/volumes #cinder_huawei_conf_file=/etc/cinder/cinder_huawei_conf.xml +# +# Options defined in cinder.volume.drivers.ibm.flashsystem +# + +# Connection protocol should be FC. (string value) +#flashsystem_connection_protocol=FC + +# Connect with multipath (FC only). (boolean value) +#flashsystem_multipath_enabled=false + +# Allows vdisk to multi host mapping. (boolean value) +#flashsystem_multihostmap_enabled=true + + # # Options defined in cinder.volume.drivers.ibm.gpfs # @@ -1452,22 +1492,6 @@ volumes_dir=$state_path/volumes # Options defined in cinder.volume.drivers.ibm.ibmnas # -# IP address or Hostname of NAS system. (string value) -#nas_ip= - -# User name to connect to NAS system. (string value) -#nas_login=admin - -# Password to connect to NAS system. (string value) -#nas_password= - -# SSH port to use to connect to NAS system. (integer value) -#nas_ssh_port=22 - -# Filename of private key to use for SSH authentication. -# (string value) -#nas_private_key= - # IBMNAS platform type to be used as backend storage; valid # values are - v7ku : for using IBM Storwize V7000 Unified, # sonas : for using IBM Scale Out NAS, gpfs-nas : for using @@ -1550,8 +1574,7 @@ volumes_dir=$state_path/volumes # value) #xiv_ds8k_proxy=xiv_ds8k_openstack.nova_proxy.XIVDS8KNovaProxy -# Connection type to the IBM Storage Array -# (fibre_channel|iscsi) (string value) +# Connection type to the IBM Storage Array (string value) #xiv_ds8k_connection_type=iscsi # CHAP authentication mode, effective only for iscsi @@ -1565,17 +1588,22 @@ volumes_dir=$state_path/volumes # Name for the VG that will contain exported volumes (string # value) -volume_group=cinder-volumes +#volume_group=cinder-volumes # If >0, create LVs with multiple mirrors. Note that this # requires lvm_mirrors + 2 PVs with available space (integer # value) #lvm_mirrors=0 -# Type of LVM volumes to deploy; (default or thin) (string -# value) +# Type of LVM volumes to deploy (string value) #lvm_type=default +# LVM conf file to use for the LVM driver in Cinder; this +# setting is ignored if the specified file does not exist (You +# can also specify 'None' to not use a conf file even if one +# exists). (string value) +#lvm_conf_file=/etc/cinder/lvm.conf + # # Options defined in cinder.volume.drivers.netapp.options @@ -1584,11 +1612,18 @@ volume_group=cinder-volumes # The vFiler unit on which provisioning of block storage # volumes will be done. This option is only used by the driver # when connecting to an instance with a storage family of Data -# ONTAP operating in 7-Mode and the storage protocol selected -# is iSCSI. Only use this option when utilizing the MultiStore -# feature on the NetApp storage system. (string value) +# ONTAP operating in 7-Mode. Only use this option when +# utilizing the MultiStore feature on the NetApp storage +# system. (string value) #netapp_vfiler= +# The name of the config.conf stanza for a Data ONTAP (7-mode) +# HA partner. This option is only used by the driver when +# connecting to an instance with a storage family of Data +# ONTAP operating in 7-Mode, and it is required if the storage +# protocol selected is FC. (string value) +#netapp_partner_backend_name= + # Administrative user account name used to access the storage # system or proxy server. (string value) #netapp_login= @@ -1599,14 +1634,7 @@ volume_group=cinder-volumes # This option specifies the virtual storage server (Vserver) # name on the storage cluster on which provisioning of block -# storage volumes should occur. If using the NFS storage -# protocol, this parameter is mandatory for storage service -# catalog support (utilized by Cinder volume type extra_specs -# support). If this option is specified, the exports belonging -# to the Vserver will only be used for provisioning in the -# future. Block storage volumes on exports not belonging to -# the Vserver specified by this option will continue to -# function normally. (string value) +# storage volumes should occur. (string value) #netapp_vserver= # The hostname (or IP address) for the storage system or proxy @@ -1614,11 +1642,10 @@ volume_group=cinder-volumes #netapp_server_hostname= # The TCP port to use for communication with the storage -# system or proxy server. Traditionally, port 80 is used for -# HTTP and port 443 is used for HTTPS; however, this value -# should be changed if an alternate port has been configured -# on the storage system or proxy server. (integer value) -#netapp_server_port=80 +# system or proxy server. If not specified, Data ONTAP drivers +# will use 80 for HTTP and 443 for HTTPS; E-Series will use +# 8080 for HTTP and 8443 for HTTPS. (integer value) +#netapp_server_port= # This option is used to specify the path to the E-Series # proxy application on a proxy server. The value is combined @@ -1687,11 +1714,11 @@ volume_group=cinder-volumes #netapp_size_multiplier=1.2 # This option is only utilized when the storage protocol is -# configured to use iSCSI. This option is used to restrict -# provisioning to the specified controller volumes. Specify -# the value of this option to be a comma separated list of -# NetApp controller volume names to be used for provisioning. -# (string value) +# configured to use iSCSI or FC. This option is used to +# restrict provisioning to the specified controller volumes. +# Specify the value of this option to be a comma separated +# list of NetApp controller volume names to be used for +# provisioning. (string value) #netapp_volume_list= # The storage family type used on the storage system; valid @@ -1701,88 +1728,14 @@ volume_group=cinder-volumes #netapp_storage_family=ontap_cluster # The storage protocol to be used on the data path with the -# storage system; valid values are iscsi or nfs. (string -# value) +# storage system. (string value) #netapp_storage_protocol= # The transport protocol used when communicating with the -# storage system or proxy server. Valid values are http or -# https. (string value) +# storage system or proxy server. (string value) #netapp_transport_type=http -# -# Options defined in cinder.volume.drivers.nexenta.options -# - -# IP address of Nexenta SA (string value) -#nexenta_host= - -# HTTP port to connect to Nexenta REST API server (integer -# value) -#nexenta_rest_port=2000 - -# Use http or https for REST connection (default auto) (string -# value) -#nexenta_rest_protocol=auto - -# User name to connect to Nexenta SA (string value) -#nexenta_user=admin - -# Password to connect to Nexenta SA (string value) -#nexenta_password=nexenta - -# Nexenta target portal port (integer value) -#nexenta_iscsi_target_portal_port=3260 - -# SA Pool that holds all volumes (string value) -#nexenta_volume=cinder - -# IQN prefix for iSCSI targets (string value) -#nexenta_target_prefix=iqn.1986-03.com.sun:02:cinder- - -# Prefix for iSCSI target groups on SA (string value) -#nexenta_target_group_prefix=cinder/ - -# File with the list of available nfs shares (string value) -#nexenta_shares_config=/etc/cinder/nfs_shares - -# Base directory that contains NFS share mount points (string -# value) -#nexenta_mount_point_base=$state_path/mnt - -# Enables or disables the creation of volumes as sparsed files -# that take no space. If disabled (False), volume is created -# as a regular file, which takes a long time. (boolean value) -#nexenta_sparsed_volumes=true - -# Default compression value for new ZFS folders. (string -# value) -#nexenta_volume_compression=on - -# If set True cache NexentaStor appliance volroot option -# value. (boolean value) -#nexenta_nms_cache_volroot=true - -# Enable stream compression, level 1..9. 1 - gives best speed; -# 9 - gives best compression. (integer value) -#nexenta_rrmgr_compression=0 - -# TCP Buffer size in KiloBytes. (integer value) -#nexenta_rrmgr_tcp_buf_size=4096 - -# Number of TCP connections. (integer value) -#nexenta_rrmgr_connections=2 - -# Block size for volumes (default=blank means 8KB) (string -# value) -#nexenta_blocksize= - -# Enables or disables the creation of sparse volumes (boolean -# value) -#nexenta_sparse=false - - # # Options defined in cinder.volume.drivers.nfs # @@ -1813,6 +1766,11 @@ volume_group=cinder-volumes # nfs man page for details. (string value) #nfs_mount_options= +# The number of attempts to mount nfs shares before raising an +# error. At least one attempt will be made to mount an nfs +# share, regardless of the value specified. (integer value) +#nfs_mount_attempts=3 + # # Options defined in cinder.volume.drivers.nimble @@ -1825,6 +1783,15 @@ volume_group=cinder-volumes #nimble_subnet_label=* +# +# Options defined in cinder.volume.drivers.openvstorage +# + +# Vpool to use for volumes - backend is defined by vpool not +# by us. (string value) +#vpool_name= + + # # Options defined in cinder.volume.drivers.prophetstor.options # @@ -1845,6 +1812,31 @@ volume_group=cinder-volumes #pure_api_token= +# +# Options defined in cinder.volume.drivers.quobyte +# + +# URL to the Quobyte volume e.g., quobyte:/// (string value) +#quobyte_volume_url= + +# Path to a Quobyte Client configuration file. (string value) +#quobyte_client_cfg= + +# Create volumes as sparse files which take no space. If set +# to False, volume is created as regular file.In such case +# volume creation takes a lot of time. (boolean value) +#quobyte_sparsed_volumes=true + +# Create volumes as QCOW2 files rather than raw files. +# (boolean value) +#quobyte_qcow2_volumes=true + +# Base dir containing the mount point for the Quobyte volume. +# (string value) +#quobyte_mount_point_base=$state_path/mnt + + # # Options defined in cinder.volume.drivers.rbd # @@ -1869,7 +1861,8 @@ volume_group=cinder-volumes # Directory where temporary image files are stored when the # volume driver does not write them directly to the volume. -# (string value) +# Warning: this option is now deprecated, please use +# image_conversion_dir instead. (string value) #volume_tmp_dir= # Maximum number of nested volume clones that are taken before @@ -1907,6 +1900,32 @@ volume_group=cinder-volumes # (string value) #nas_private_key= +# Allow network-attached storage systems to operate in a +# secure environment where root level access is not permitted. +# If set to False, access is as the root user and insecure. If +# set to True, access is not as root. If set to auto, a check +# is done to determine if this is a new installation: True is +# used if so, otherwise False. Default is auto. (string value) +#nas_secure_file_operations=auto + +# Set more secure file permissions on network-attached storage +# volume files to restrict broad other/world access. If set to +# False, volumes are created with open permissions. If set to +# True, volumes are created with permissions for the cinder +# user and group (660). If set to auto, a check is done to +# determine if this is a new installation: True is used if so, +# otherwise False. Default is auto. (string value) +#nas_secure_file_permissions=auto + +# Path to the share to use for storing Cinder volumes. For +# example: "/srv/export1" for an NFS server export available +# at 10.0.5.10:/srv/export1 . (string value) +#nas_share_path= + +# Options used to mount the storage backend file system where +# Cinder volumes are stored. (string value) +#nas_mount_options= + # # Options defined in cinder.volume.drivers.san.hp.hp_3par_common @@ -1922,11 +1941,11 @@ volume_group=cinder-volumes # 3PAR Super user password (string value) #hp3par_password= -# The CPG to use for volume creation (string value) +# List of the CPG(s) to use for volume creation (list value) #hp3par_cpg=OpenStack -# The CPG to use for Snapshots for volumes. If empty -# hp3par_cpg will be used (string value) +# The CPG to use for Snapshots for volumes. If empty the +# userCPG will be used. (string value) #hp3par_cpg_snap= # The time in hours to retain a snapshot. You can't delete it @@ -1973,14 +1992,6 @@ volume_group=cinder-volumes #hplefthand_debug=false -# -# Options defined in cinder.volume.drivers.san.hp.hp_msa_common -# - -# The VDisk to use for volume creation. (string value) -#msa_vdisk=OpenStack - - # # Options defined in cinder.volume.drivers.san.san # @@ -2021,15 +2032,6 @@ volume_group=cinder-volumes #ssh_max_pool_conn=5 -# -# Options defined in cinder.volume.drivers.san.solaris -# - -# The ZFS path under which to create zvols for volumes. -# (string value) -#san_zfs_volume_base=rpool/ - - # # Options defined in cinder.volume.drivers.scality # @@ -2053,8 +2055,7 @@ volume_group=cinder-volumes #smbfs_shares_config=/etc/cinder/smbfs_shares # Default format that will be used when creating volumes if no -# volume format is specified. Can be set to: raw, qcow2, vhd -# or vhdx. (string value) +# volume format is specified. (string value) #smbfs_default_volume_format=qcow2 # Create volumes as sparsed files which take no space rather @@ -2097,11 +2098,47 @@ volume_group=cinder-volumes # default behavior). The default is NO prefix. (string value) #sf_account_prefix= +# Account name on the SolidFire Cluster to use as owner of +# template/cache volumes (created if does not exist). (string +# value) +#sf_template_account_name=openstack-vtemplate + +# Create an internal cache of copy of images when a bootable +# volume is created to eliminate fetch from glance and qemu- +# conversion on subsequent calls. (boolean value) +#sf_allow_template_caching=true + # SolidFire API port. Useful if the device api is behind a # proxy on a different port. (integer value) #sf_api_port=443 +# +# Options defined in cinder.volume.drivers.srb +# + +# Comma-separated list of REST servers IP to connect to. (eg +# http://IP1/,http://IP2:81/path (string value) +#srb_base_urls= + + +# +# Options defined in cinder.volume.drivers.violin.v6000_common +# + +# IP address or hostname of mg-a (string value) +#gateway_mga= + +# IP address or hostname of mg-b (string value) +#gateway_mgb= + +# Use igroups to manage targets and initiators (boolean value) +#use_igroups=false + +# Global backend request timeout, in seconds (integer value) +#request_timeout=300 + + # # Options defined in cinder.volume.drivers.vmware.vmdk # @@ -2165,98 +2202,55 @@ volume_group=cinder-volumes # -# Options defined in cinder.volume.drivers.zadara +# Options defined in cinder.volume.drivers.xio # -# Management IP of Zadara VPSA (string value) -#zadara_vpsa_ip= +# Default storage pool for volumes. (integer value) +#ise_storage_pool=1 -# Zadara VPSA port number (string value) -#zadara_vpsa_port= +# Raid level for ISE volumes. (integer value) +#ise_raid=1 -# Use SSL connection (boolean value) -#zadara_vpsa_use_ssl=false +# Number of retries (per port) when establishing connection to +# ISE management port. (integer value) +#ise_connection_retries=5 -# User name for the VPSA (string value) -#zadara_user= +# Interval (secs) between retries. (integer value) +#ise_retry_interval=1 -# Password for the VPSA (string value) -#zadara_password= +# Number on retries to get completion status after issuing a +# command to ISE. (integer value) +#ise_completion_retries=30 -# Name of VPSA storage pool for volumes (string value) -#zadara_vpsa_poolname= -# Default thin provisioning policy for volumes (boolean value) -#zadara_vol_thin=true - -# Default encryption policy for volumes (boolean value) -#zadara_vol_encrypt=false +# +# Options defined in cinder.volume.drivers.zfssa.zfssanfs +# -# Default template for VPSA volume names (string value) -#zadara_vol_name_template=OS_%s +# Data path IP address (string value) +#zfssa_data_ip= -# Automatically detach from servers on volume delete (boolean -# value) -#zadara_vpsa_auto_detach_on_delete=true +# HTTPS port number (string value) +#zfssa_https_port=443 -# Don't halt on deletion of non-existing volumes (boolean +# Options to be passed while mounting share over nfs (string # value) -#zadara_vpsa_allow_nonexistent_delete=true - - -# -# Options defined in cinder.volume.drivers.zfssa.zfssaiscsi -# +#zfssa_nfs_mount_options= # Storage pool name. (string value) -#zfssa_pool= +#zfssa_nfs_pool= # Project name. (string value) -#zfssa_project= - -# Block size: 512, 1k, 2k, 4k, 8k, 16k, 32k, 64k, 128k. -# (string value) -#zfssa_lun_volblocksize=8k +#zfssa_nfs_project=NFSProject -# Flag to enable sparse (thin-provisioned): True, False. -# (boolean value) -#zfssa_lun_sparse=false +# Share name. (string value) +#zfssa_nfs_share=nfs_share -# Data compression-off, lzjb, gzip-2, gzip, gzip-9. (string -# value) -#zfssa_lun_compression= +# Data compression. (string value) +#zfssa_nfs_share_compression=off # Synchronous write bias-latency, throughput. (string value) -#zfssa_lun_logbias= - -# iSCSI initiator group. (string value) -#zfssa_initiator_group= - -# iSCSI initiator IQNs. (comma separated) (string value) -#zfssa_initiator= - -# iSCSI initiator CHAP user. (string value) -#zfssa_initiator_user= - -# iSCSI initiator CHAP password. (string value) -#zfssa_initiator_password= - -# iSCSI target group name. (string value) -#zfssa_target_group=tgt-grp - -# iSCSI target CHAP user. (string value) -#zfssa_target_user= - -# iSCSI target CHAP password. (string value) -#zfssa_target_password= - -# iSCSI target portal (Data-IP:Port, w.x.y.z:3260). (string -# value) -#zfssa_target_portal= - -# Network interfaces of iSCSI targets. (comma separated) -# (string value) -#zfssa_target_interfaces= +#zfssa_nfs_share_logbias=latency # REST connection timeout. (seconds) (integer value) #zfssa_rest_timeout= @@ -2267,7 +2261,7 @@ volume_group=cinder-volumes # # Driver to use for volume creation (string value) -volume_driver=cinder.volume.drivers.lvm.LVMISCSIDriver +#volume_driver=cinder.volume.drivers.lvm.LVMISCSIDriver # Timeout for creating the volume to migrate to when # performing volume migration (seconds) (integer value) @@ -2281,7 +2275,12 @@ volume_driver=cinder.volume.drivers.lvm.LVMISCSIDriver #zoning_mode=none # User defined capabilities, a JSON formatted string -# specifying key/value pairs. (string value) +# specifying key/value pairs. The key/value pairs can be used +# by the CapabilitiesFilter to select between backends when +# requests specify volume types. For example, specifying a +# service level or the geographical location of a backend, +# then creating a volume type to allow the user to select by +# these different properties. (string value) #extra_capabilities={} @@ -2349,112 +2348,6 @@ volume_driver=cinder.volume.drivers.lvm.LVMISCSIDriver [database] -# -# Options defined in oslo.db -# - -# The file name to use with SQLite. (string value) -#sqlite_db=oslo.sqlite - -# If True, SQLite uses synchronous mode. (boolean value) -#sqlite_synchronous=true - -# The back end to use for the database. (string value) -# Deprecated group/name - [DEFAULT]/db_backend -#backend=sqlalchemy - -# The SQLAlchemy connection string to use to connect to the -# database. (string value) -# Deprecated group/name - [DEFAULT]/sql_connection -# Deprecated group/name - [DATABASE]/sql_connection -# Deprecated group/name - [sql]/connection -connection=postgresql://{{ CINDER_DB_USER }}:{{ CINDER_DB_PASSWORD }}@{{ CONTROLLER_HOST_ADDRESS }}/cinder - -# The SQLAlchemy connection string to use to connect to the -# slave database. (string value) -#slave_connection= - -# The SQL mode to be used for MySQL sessions. This option, -# including the default, overrides any server-set SQL mode. To -# use whatever SQL mode is set by the server configuration, -# set this to no value. Example: mysql_sql_mode= (string -# value) -#mysql_sql_mode=TRADITIONAL - -# Timeout before idle SQL connections are reaped. (integer -# value) -# Deprecated group/name - [DEFAULT]/sql_idle_timeout -# Deprecated group/name - [DATABASE]/sql_idle_timeout -# Deprecated group/name - [sql]/idle_timeout -#idle_timeout=3600 - -# Minimum number of SQL connections to keep open in a pool. -# (integer value) -# Deprecated group/name - [DEFAULT]/sql_min_pool_size -# Deprecated group/name - [DATABASE]/sql_min_pool_size -#min_pool_size=1 - -# Maximum number of SQL connections to keep open in a pool. -# (integer value) -# Deprecated group/name - [DEFAULT]/sql_max_pool_size -# Deprecated group/name - [DATABASE]/sql_max_pool_size -#max_pool_size= - -# Maximum number of database connection retries during -# startup. Set to -1 to specify an infinite retry count. -# (integer value) -# Deprecated group/name - [DEFAULT]/sql_max_retries -# Deprecated group/name - [DATABASE]/sql_max_retries -#max_retries=10 - -# Interval between retries of opening a SQL connection. -# (integer value) -# Deprecated group/name - [DEFAULT]/sql_retry_interval -# Deprecated group/name - [DATABASE]/reconnect_interval -#retry_interval=10 - -# If set, use this value for max_overflow with SQLAlchemy. -# (integer value) -# Deprecated group/name - [DEFAULT]/sql_max_overflow -# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow -#max_overflow= - -# Verbosity of SQL debugging information: 0=None, -# 100=Everything. (integer value) -# Deprecated group/name - [DEFAULT]/sql_connection_debug -#connection_debug=0 - -# Add Python stack traces to SQL as comment strings. (boolean -# value) -# Deprecated group/name - [DEFAULT]/sql_connection_trace -#connection_trace=false - -# If set, use this value for pool_timeout with SQLAlchemy. -# (integer value) -# Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout -#pool_timeout= - -# Enable the experimental use of database reconnect on -# connection lost. (boolean value) -#use_db_reconnect=false - -# Seconds between database connection retries. (integer value) -#db_retry_interval=1 - -# If True, increases the interval between database connection -# retries up to db_max_retry_interval. (boolean value) -#db_inc_retry_interval=true - -# If db_inc_retry_interval is set, the maximum seconds between -# database connection retries. (integer value) -#db_max_retry_interval=10 - -# Maximum database connection retries before error is raised. -# Set to -1 to specify an infinite retry count. (integer -# value) -#db_max_retries=20 - - # # Options defined in oslo.db.concurrency # @@ -2491,15 +2384,16 @@ connection=postgresql://{{ CINDER_DB_USER }}:{{ CINDER_DB_PASSWORD }}@{{ CONTROL # value) #zone_driver=cinder.zonemanager.drivers.brocade.brcd_fc_zone_driver.BrcdFCZoneDriver -# Zoning policy configured by user (string value) +# Zoning policy configured by user; valid values include +# "initiator-target" or "initiator" (string value) #zoning_policy=initiator-target -# Comma separated list of fibre channel fabric names. This +# Comma separated list of Fibre Channel fabric names. This # list of names is used to retrieve other SAN credentials for # connecting to each SAN fabric (string value) #fc_fabric_names= -# FC San Lookup Service (string value) +# FC SAN Lookup Service (string value) #fc_san_lookup_service=cinder.zonemanager.drivers.brocade.brcd_fc_san_lookup_service.BrcdFCSanLookupService @@ -2528,7 +2422,7 @@ connection=postgresql://{{ CINDER_DB_USER }}:{{ CINDER_DB_PASSWORD }}@{{ CONTROL # # Authentication url for encryption service. (string value) -#encryption_auth_url=http://localhost:5000/v2.0 +#encryption_auth_url=http://localhost:5000/v3 # Url for encryption service. (string value) #encryption_api_url=http://localhost:9311/v1 @@ -2540,73 +2434,34 @@ connection=postgresql://{{ CINDER_DB_USER }}:{{ CINDER_DB_PASSWORD }}@{{ CONTROL # Options defined in keystonemiddleware.auth_token # -# Prefix to prepend at the beginning of the path. Deprecated, -# use identity_uri. (string value) -#auth_admin_prefix= +# Complete public Identity API endpoint. (string value) +#auth_uri= -# Host providing the admin Identity API endpoint. Deprecated, -# use identity_uri. (string value) -#auth_host=127.0.0.1 - -# Port of the admin Identity API endpoint. Deprecated, use -# identity_uri. (integer value) -#auth_port=35357 - -# Protocol of the admin Identity API endpoint (http or https). -# Deprecated, use identity_uri. (string value) -#auth_protocol=https - -# Complete public Identity API endpoint (string value) -auth_uri = http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0 - -# Complete admin Identity API endpoint. This should specify -# the unversioned root endpoint e.g. https://localhost:35357/ -# (string value) -identity_uri = http://{{ CONTROLLER_HOST_ADDRESS }}:35357 - -# API version of the admin Identity API endpoint (string +# API version of the admin Identity API endpoint. (string # value) #auth_version= # Do not handle authorization requests within the middleware, # but delegate the authorization decision to downstream WSGI -# components (boolean value) +# components. (boolean value) #delay_auth_decision=false # Request timeout value for communicating with Identity API -# server. (boolean value) +# server. (integer value) #http_connect_timeout= # How many times are we trying to reconnect when communicating # with Identity API Server. (integer value) #http_request_max_retries=3 -# This option is deprecated and may be removed in a future -# release. Single shared secret with the Keystone -# configuration used for bootstrapping a Keystone -# installation, or otherwise bypassing the normal -# authentication process. This option should not be used, use -# `admin_user` and `admin_password` instead. (string value) -#admin_token= - -# Keystone account username (string value) -admin_user={{ CINDER_SERVICE_USER }} - -# Keystone account password (string value) -admin_password={{ CINDER_SERVICE_PASSWORD }} - -# Keystone service account tenant name to validate user tokens -# (string value) -admin_tenant_name=service - -# Env key for the swift cache (string value) +# Env key for the swift cache. (string value) #cache= -# Required if Keystone server requires client certificate +# Required if identity server requires client certificate # (string value) #certfile= -# Required if Keystone server requires client certificate +# Required if identity server requires client certificate # (string value) #keyfile= @@ -2617,7 +2472,7 @@ admin_tenant_name=service # Verify HTTPS connections. (boolean value) #insecure=false -# Directory used to cache files related to PKI tokens (string +# Directory used to cache files related to PKI tokens. (string # value) #signing_dir= @@ -2640,7 +2495,7 @@ admin_tenant_name=service # value) #revocation_cache_time=10 -# (optional) if defined, indicate whether token data should be +# (Optional) If defined, indicate whether token data should be # authenticated or authenticated and encrypted. Acceptable # values are MAC or ENCRYPT. If MAC, token data is # authenticated (with HMAC) in the cache. If ENCRYPT, token @@ -2649,38 +2504,38 @@ admin_tenant_name=service # raise an exception on initialization. (string value) #memcache_security_strategy= -# (optional, mandatory if memcache_security_strategy is -# defined) this string is used for key derivation. (string +# (Optional, mandatory if memcache_security_strategy is +# defined) This string is used for key derivation. (string # value) #memcache_secret_key= -# (optional) number of seconds memcached server is considered +# (Optional) Number of seconds memcached server is considered # dead before it is tried again. (integer value) #memcache_pool_dead_retry=300 -# (optional) max total number of open connections to every +# (Optional) Maximum total number of open connections to every # memcached server. (integer value) #memcache_pool_maxsize=10 -# (optional) socket timeout in seconds for communicating with +# (Optional) Socket timeout in seconds for communicating with # a memcache server. (integer value) #memcache_pool_socket_timeout=3 -# (optional) number of seconds a connection to memcached is +# (Optional) Number of seconds a connection to memcached is # held unused in the pool before it is closed. (integer value) #memcache_pool_unused_timeout=60 -# (optional) number of seconds that an operation will wait to +# (Optional) Number of seconds that an operation will wait to # get a memcache client connection from the pool. (integer # value) #memcache_pool_conn_get_timeout=10 -# (optional) use the advanced (eventlet safe) memcache client +# (Optional) Use the advanced (eventlet safe) memcache client # pool. The advanced pool will only work under python 2.x. # (boolean value) #memcache_use_advanced_pool=false -# (optional) indicate whether to set the X-Service-Catalog +# (Optional) Indicate whether to set the X-Service-Catalog # header. If False, middleware will not ask for service # catalog on token validation and will not set the X-Service- # Catalog header. (boolean value) @@ -2699,7 +2554,7 @@ admin_tenant_name=service # If true, the revocation list will be checked for cached # tokens. This requires that PKI tokens are configured on the -# Keystone server. (boolean value) +# identity server. (boolean value) #check_revocations_for_cached=false # Hash algorithms to use for hashing PKI tokens. This may be a @@ -2747,7 +2602,6 @@ admin_tenant_name=service # # Options defined in oslo.messaging # -# NOTE: Options in this group are supported when using oslo.messaging >=1.5.0. # address prefix used when sending to a specific server # (string value) @@ -2791,6 +2645,157 @@ admin_tenant_name=service #allow_insecure_clients=false +[oslo_messaging_qpid] + +# +# Options defined in oslo.messaging +# + +# Use durable queues in AMQP. (boolean value) +# Deprecated group/name - [DEFAULT]/rabbit_durable_queues +#amqp_durable_queues=false + +# Auto-delete queues in AMQP. (boolean value) +#amqp_auto_delete=false + +# Size of RPC connection pool. (integer value) +#rpc_conn_pool_size=30 + +# Qpid broker hostname. (string value) +#qpid_hostname=localhost + +# Qpid broker port. (integer value) +#qpid_port=5672 + +# Qpid HA cluster host:port pairs. (list value) +#qpid_hosts=$qpid_hostname:$qpid_port + +# Username for Qpid connection. (string value) +#qpid_username= + +# Password for Qpid connection. (string value) +#qpid_password= + +# Space separated list of SASL mechanisms to use for auth. +# (string value) +#qpid_sasl_mechanisms= + +# Seconds between connection keepalive heartbeats. (integer +# value) +#qpid_heartbeat=60 + +# Transport to use, either 'tcp' or 'ssl'. (string value) +#qpid_protocol=tcp + +# Whether to disable the Nagle algorithm. (boolean value) +#qpid_tcp_nodelay=true + +# The number of prefetched messages held by receiver. (integer +# value) +#qpid_receiver_capacity=1 + +# The qpid topology version to use. Version 1 is what was +# originally used by impl_qpid. Version 2 includes some +# backwards-incompatible changes that allow broker federation +# to work. Users should update to version 2 when they are +# able to take everything down, as it requires a clean break. +# (integer value) +#qpid_topology_version=1 + + +[oslo_messaging_rabbit] + +# +# Options defined in oslo.messaging +# + +# Use durable queues in AMQP. (boolean value) +# Deprecated group/name - [DEFAULT]/rabbit_durable_queues +#amqp_durable_queues=false + +# Auto-delete queues in AMQP. (boolean value) +#amqp_auto_delete=false + +# Size of RPC connection pool. (integer value) +#rpc_conn_pool_size=30 + +# SSL version to use (valid only if SSL enabled). Valid values +# are TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may +# be available on some distributions. (string value) +#kombu_ssl_version= + +# SSL key file (valid only if SSL enabled). (string value) +#kombu_ssl_keyfile= + +# SSL cert file (valid only if SSL enabled). (string value) +#kombu_ssl_certfile= + +# SSL certification authority file (valid only if SSL +# enabled). (string value) +#kombu_ssl_ca_certs= + +# How long to wait before reconnecting in response to an AMQP +# consumer cancel notification. (floating point value) +#kombu_reconnect_delay=1.0 + +# The RabbitMQ broker address where a single node is used. +# (string value) +#rabbit_host=localhost + +# The RabbitMQ broker port where a single node is used. +# (integer value) +#rabbit_port=5672 + +# RabbitMQ HA cluster host:port pairs. (list value) +#rabbit_hosts=$rabbit_host:$rabbit_port + +# Connect over SSL for RabbitMQ. (boolean value) +#rabbit_use_ssl=false + +# The RabbitMQ userid. (string value) +#rabbit_userid=guest + +# The RabbitMQ password. (string value) +#rabbit_password=guest + +# The RabbitMQ login method. (string value) +#rabbit_login_method=AMQPLAIN + +# The RabbitMQ virtual host. (string value) +#rabbit_virtual_host=/ + +# How frequently to retry connecting with RabbitMQ. (integer +# value) +#rabbit_retry_interval=1 + +# How long to backoff for between retries when connecting to +# RabbitMQ. (integer value) +#rabbit_retry_backoff=2 + +# Maximum number of RabbitMQ connection retries. Default is 0 +# (infinite retry count). (integer value) +#rabbit_max_retries=0 + +# Use HA queues in RabbitMQ (x-ha-policy: all). If you change +# this option, you must wipe the RabbitMQ database. (boolean +# value) +#rabbit_ha_queues=false + +# Number of seconds after which the Rabbit broker is +# considered down if heartbeat's keep-alive fails (0 disables +# the heartbeat, >0 enables it. Enabling heartbeats requires +# kombu>=3.0.7 and amqp>=1.4.0). EXPERIMENTAL (integer value) +#heartbeat_timeout_threshold=0 + +# How often times during the heartbeat_timeout_threshold we +# check the heartbeat. (integer value) +#heartbeat_rate=2 + +# Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake +# (boolean value) +#fake_rabbit=false + + [profiler] # @@ -2804,22 +2809,173 @@ admin_tenant_name=service #trace_sqlalchemy=false -[ssl] +[DEFAULT] + + +[keystone_authtoken] # -# Options defined in cinder.openstack.common.sslutils +# From keystonemiddleware.auth_token # -# CA certificate file to use to verify connecting clients -# (string value) -#ca_file= +# Complete public Identity API endpoint. (string value) +#auth_uri = -# Certificate file to use when starting the server securely -# (string value) -#cert_file= +# API version of the admin Identity API endpoint. (string value) +#auth_version = -# Private key file to use when starting the server securely -# (string value) -#key_file= +# Do not handle authorization requests within the middleware, but +# delegate the authorization decision to downstream WSGI components. +# (boolean value) +#delay_auth_decision = false + +# Request timeout value for communicating with Identity API server. +# (integer value) +#http_connect_timeout = + +# How many times are we trying to reconnect when communicating with +# Identity API Server. (integer value) +#http_request_max_retries = 3 + +# Env key for the swift cache. (string value) +#cache = + +# Required if identity server requires client certificate (string +# value) +#certfile = + +# Required if identity server requires client certificate (string +# value) +#keyfile = + +# A PEM encoded Certificate Authority to use when verifying HTTPs +# connections. Defaults to system CAs. (string value) +#cafile = + +# Verify HTTPS connections. (boolean value) +#insecure = false + +# Directory used to cache files related to PKI tokens. (string value) +#signing_dir = + +# Optionally specify a list of memcached server(s) to use for caching. +# If left undefined, tokens will instead be cached in-process. (list +# value) +# Deprecated group/name - [DEFAULT]/memcache_servers +#memcached_servers = + +# In order to prevent excessive effort spent validating tokens, the +# middleware caches previously-seen tokens for a configurable duration +# (in seconds). Set to -1 to disable caching completely. (integer +# value) +#token_cache_time = 300 + +# Determines the frequency at which the list of revoked tokens is +# retrieved from the Identity service (in seconds). A high number of +# revocation events combined with a low cache duration may +# significantly reduce performance. (integer value) +#revocation_cache_time = 10 + +# (Optional) If defined, indicate whether token data should be +# authenticated or authenticated and encrypted. Acceptable values are +# MAC or ENCRYPT. If MAC, token data is authenticated (with HMAC) in +# the cache. If ENCRYPT, token data is encrypted and authenticated in +# the cache. If the value is not one of these options or empty, +# auth_token will raise an exception on initialization. (string value) +#memcache_security_strategy = + +# (Optional, mandatory if memcache_security_strategy is defined) This +# string is used for key derivation. (string value) +#memcache_secret_key = + +# (Optional) Number of seconds memcached server is considered dead +# before it is tried again. (integer value) +#memcache_pool_dead_retry = 300 + +# (Optional) Maximum total number of open connections to every +# memcached server. (integer value) +#memcache_pool_maxsize = 10 + +# (Optional) Socket timeout in seconds for communicating with a +# memcache server. (integer value) +#memcache_pool_socket_timeout = 3 + +# (Optional) Number of seconds a connection to memcached is held +# unused in the pool before it is closed. (integer value) +#memcache_pool_unused_timeout = 60 + +# (Optional) Number of seconds that an operation will wait to get a +# memcache client connection from the pool. (integer value) +#memcache_pool_conn_get_timeout = 10 + +# (Optional) Use the advanced (eventlet safe) memcache client pool. +# The advanced pool will only work under python 2.x. (boolean value) +#memcache_use_advanced_pool = false + +# (Optional) Indicate whether to set the X-Service-Catalog header. If +# False, middleware will not ask for service catalog on token +# validation and will not set the X-Service-Catalog header. (boolean +# value) +#include_service_catalog = true + +# Used to control the use and type of token binding. Can be set to: +# "disabled" to not check token binding. "permissive" (default) to +# validate binding information if the bind type is of a form known to +# the server and ignore it if not. "strict" like "permissive" but if +# the bind type is unknown the token will be rejected. "required" any +# form of token binding is needed to be allowed. Finally the name of a +# binding method that must be present in tokens. (string value) +#enforce_token_bind = permissive + +# If true, the revocation list will be checked for cached tokens. This +# requires that PKI tokens are configured on the identity server. +# (boolean value) +#check_revocations_for_cached = false + +# Hash algorithms to use for hashing PKI tokens. This may be a single +# algorithm or multiple. The algorithms are those supported by Python +# standard hashlib.new(). The hashes will be tried in the order given, +# so put the preferred one first for performance. The result of the +# first hash will be stored in the cache. This will typically be set +# to multiple values only while migrating from a less secure algorithm +# to a more secure one. Once all the old tokens are expired this +# option should be set to a single value for better performance. (list +# value) +#hash_algorithms = md5 + +# Prefix to prepend at the beginning of the path. Deprecated, use +# identity_uri. (string value) +#auth_admin_prefix = + +# Host providing the admin Identity API endpoint. Deprecated, use +# identity_uri. (string value) +#auth_host = 127.0.0.1 + +# Port of the admin Identity API endpoint. Deprecated, use +# identity_uri. (integer value) +#auth_port = 35357 + +# Protocol of the admin Identity API endpoint (http or https). +# Deprecated, use identity_uri. (string value) +#auth_protocol = https + +# Complete admin Identity API endpoint. This should specify the +# unversioned root endpoint e.g. https://localhost:35357/ (string +# value) +#identity_uri = + +# This option is deprecated and may be removed in a future release. +# Single shared secret with the Keystone configuration used for +# bootstrapping a Keystone installation, or otherwise bypassing the +# normal authentication process. This option should not be used, use +# `admin_user` and `admin_password` instead. (string value) +#admin_token = + +# Service username. (string value) +#admin_user = +# Service user password. (string value) +#admin_password = +# Service tenant name. (string value) +#admin_tenant_name = admin diff --git a/openstack/usr/share/openstack/cinder/policy.json b/openstack/usr/share/openstack/cinder/policy.json deleted file mode 100644 index 8f3a7b2f..00000000 --- a/openstack/usr/share/openstack/cinder/policy.json +++ /dev/null @@ -1,80 +0,0 @@ -{ - "context_is_admin": "role:admin", - "admin_or_owner": "is_admin:True or project_id:%(project_id)s", - "default": "rule:admin_or_owner", - - "admin_api": "is_admin:True", - - "volume:create": "", - "volume:get_all": "", - "volume:get_volume_metadata": "", - "volume:get_volume_admin_metadata": "rule:admin_api", - "volume:delete_volume_admin_metadata": "rule:admin_api", - "volume:update_volume_admin_metadata": "rule:admin_api", - "volume:get_snapshot": "", - "volume:get_all_snapshots": "", - "volume:extend": "", - "volume:update_readonly_flag": "", - "volume:retype": "", - - "volume_extension:types_manage": "rule:admin_api", - "volume_extension:types_extra_specs": "rule:admin_api", - "volume_extension:volume_type_encryption": "rule:admin_api", - "volume_extension:volume_encryption_metadata": "rule:admin_or_owner", - "volume_extension:extended_snapshot_attributes": "", - "volume_extension:volume_image_metadata": "", - - "volume_extension:quotas:show": "", - "volume_extension:quotas:update": "rule:admin_api", - "volume_extension:quota_classes": "", - - "volume_extension:volume_admin_actions:reset_status": "rule:admin_api", - "volume_extension:snapshot_admin_actions:reset_status": "rule:admin_api", - "volume_extension:backup_admin_actions:reset_status": "rule:admin_api", - "volume_extension:volume_admin_actions:force_delete": "rule:admin_api", - "volume_extension:volume_admin_actions:force_detach": "rule:admin_api", - "volume_extension:snapshot_admin_actions:force_delete": "rule:admin_api", - "volume_extension:volume_admin_actions:migrate_volume": "rule:admin_api", - "volume_extension:volume_admin_actions:migrate_volume_completion": "rule:admin_api", - - "volume_extension:volume_host_attribute": "rule:admin_api", - "volume_extension:volume_tenant_attribute": "rule:admin_or_owner", - "volume_extension:volume_mig_status_attribute": "rule:admin_api", - "volume_extension:hosts": "rule:admin_api", - "volume_extension:services": "rule:admin_api", - - "volume_extension:volume_manage": "rule:admin_api", - "volume_extension:volume_unmanage": "rule:admin_api", - - "volume:services": "rule:admin_api", - - "volume:create_transfer": "", - "volume:accept_transfer": "", - "volume:delete_transfer": "", - "volume:get_all_transfers": "", - - "volume_extension:replication:promote": "rule:admin_api", - "volume_extension:replication:reenable": "rule:admin_api", - - "backup:create" : "", - "backup:delete": "", - "backup:get": "", - "backup:get_all": "", - "backup:restore": "", - "backup:backup-import": "rule:admin_api", - "backup:backup-export": "rule:admin_api", - - "snapshot_extension:snapshot_actions:update_snapshot_status": "", - - "consistencygroup:create" : "group:nobody", - "consistencygroup:delete": "group:nobody", - "consistencygroup:get": "group:nobody", - "consistencygroup:get_all": "group:nobody", - - "consistencygroup:create_cgsnapshot" : "", - "consistencygroup:delete_cgsnapshot": "", - "consistencygroup:get_cgsnapshot": "", - "consistencygroup:get_all_cgsnapshots": "", - - "scheduler_extension:scheduler_stats:get_pools" : "rule:admin_api" -} diff --git a/strata/openstack-services/cinder.morph b/strata/openstack-services/cinder.morph index cd680b09..a0fc879f 100644 --- a/strata/openstack-services/cinder.morph +++ b/strata/openstack-services/cinder.morph @@ -2,7 +2,10 @@ name: cinder kind: chunk build-system: python-distutils post-install-commands: -# Install rootwrap.conf +# Install some default configuration files +- install -D -m 644 etc/cinder/logging_sample.conf "$DESTDIR"/etc/cinder/logging.conf +- install -D -m 644 etc/cinder/api-paste.ini "$DESTDIR"/etc/cinder/api-paste.ini +- install -D -m 644 etc/cinder/policy.json "$DESTDIR"/etc/cinder/policy.json - install -D -m 640 etc/cinder/rootwrap.conf "$DESTDIR"/etc/cinder/rootwrap.conf # Move rootwrap files to a proper location - mkdir -p "$DESTDIR"/etc/cinder/rootwrap.d -- cgit v1.2.1