[DEFAULT] # # Options defined in oslo.messaging # # Use durable queues in amqp. (boolean value) # Deprecated group/name - [DEFAULT]/rabbit_durable_queues #amqp_durable_queues=false # Auto-delete queues in amqp. (boolean value) #amqp_auto_delete=false # Size of RPC connection pool. (integer value) #rpc_conn_pool_size=30 # Qpid broker hostname. (string value) #qpid_hostname=localhost # Qpid broker port. (integer value) #qpid_port=5672 # Qpid HA cluster host:port pairs. (list value) #qpid_hosts=$qpid_hostname:$qpid_port # Username for Qpid connection. (string value) #qpid_username= # Password for Qpid connection. (string value) #qpid_password= # Space separated list of SASL mechanisms to use for auth. # (string value) #qpid_sasl_mechanisms= # Seconds between connection keepalive heartbeats. (integer # value) #qpid_heartbeat=60 # Transport to use, either 'tcp' or 'ssl'. (string value) #qpid_protocol=tcp # Whether to disable the Nagle algorithm. (boolean value) #qpid_tcp_nodelay=true # The number of prefetched messages held by receiver. (integer # value) #qpid_receiver_capacity=1 # The qpid topology version to use. Version 1 is what was # originally used by impl_qpid. Version 2 includes some # backwards-incompatible changes that allow broker federation # to work. Users should update to version 2 when they are # able to take everything down, as it requires a clean break. # (integer value) #qpid_topology_version=1 # SSL version to use (valid only if SSL enabled). valid values # are TLSv1, SSLv23 and SSLv3. SSLv2 may be available on some # distributions. (string value) #kombu_ssl_version= # SSL key file (valid only if SSL enabled). (string value) #kombu_ssl_keyfile= # SSL cert file (valid only if SSL enabled). (string value) #kombu_ssl_certfile= # SSL certification authority file (valid only if SSL # enabled). (string value) #kombu_ssl_ca_certs= # How long to wait before reconnecting in response to an AMQP # consumer cancel notification. (floating point value) #kombu_reconnect_delay=1.0 # The RabbitMQ broker address where a single node is used. # (string value) rabbit_host={{ RABBITMQ_HOST }} # The RabbitMQ broker port where a single node is used. # (integer value) rabbit_port={{ RABBITMQ_PORT }} # RabbitMQ HA cluster host:port pairs. (list value) #rabbit_hosts=$rabbit_host:$rabbit_port # Connect over SSL for RabbitMQ. (boolean value) #rabbit_use_ssl=false # The RabbitMQ userid. (string value) rabbit_userid={{ RABBITMQ_USER }} # The RabbitMQ password. (string value) rabbit_password={{ RABBITMQ_PASSWORD }} # the RabbitMQ login method (string value) #rabbit_login_method=AMQPLAIN # The RabbitMQ virtual host. (string value) #rabbit_virtual_host=/ # How frequently to retry connecting with RabbitMQ. (integer # value) #rabbit_retry_interval=1 # How long to backoff for between retries when connecting to # RabbitMQ. (integer value) #rabbit_retry_backoff=2 # Maximum number of RabbitMQ connection retries. Default is 0 # (infinite retry count). (integer value) #rabbit_max_retries=0 # Use HA queues in RabbitMQ (x-ha-policy: all). If you change # this option, you must wipe the RabbitMQ database. (boolean # value) #rabbit_ha_queues=false # If passed, use a fake RabbitMQ provider. (boolean value) #fake_rabbit=false # ZeroMQ bind address. Should be a wildcard (*), an ethernet # interface, or IP. The "host" option should point or resolve # to this address. (string value) #rpc_zmq_bind_address=* # MatchMaker driver. (string value) #rpc_zmq_matchmaker=oslo.messaging._drivers.matchmaker.MatchMakerLocalhost # ZeroMQ receiver listening port. (integer value) #rpc_zmq_port=9501 # Number of ZeroMQ contexts, defaults to 1. (integer value) #rpc_zmq_contexts=1 # Maximum number of ingress messages to locally buffer per # topic. Default is unlimited. (integer value) #rpc_zmq_topic_backlog= # Directory for holding IPC sockets. (string value) #rpc_zmq_ipc_dir=/var/run/openstack # Name of this node. Must be a valid hostname, FQDN, or IP # address. Must match "host" option, if running Nova. (string # value) #rpc_zmq_host=ironic # Seconds to wait before a cast expires (TTL). Only supported # by impl_zmq. (integer value) #rpc_cast_timeout=30 # Heartbeat frequency. (integer value) #matchmaker_heartbeat_freq=300 # Heartbeat time-to-live. (integer value) #matchmaker_heartbeat_ttl=600 # Size of RPC greenthread pool. (integer value) #rpc_thread_pool_size=64 # Driver or drivers to handle sending notifications. (multi # valued) #notification_driver= # AMQP topic used for OpenStack notifications. (list value) # Deprecated group/name - [rpc_notifier2]/topics #notification_topics=notifications # Seconds to wait for a response from a call. (integer value) #rpc_response_timeout=60 # A URL representing the messaging driver to use and its full # configuration. If not set, we fall back to the rpc_backend # option and driver specific configuration. (string value) #transport_url= # The messaging driver to use, defaults to rabbit. Other # drivers include qpid and zmq. (string value) #rpc_backend=rabbit # The default exchange under which topics are scoped. May be # overridden by an exchange name specified in the # transport_url option. (string value) #control_exchange=openstack # # Options defined in ironic.netconf # # IP address of this host. (string value) my_ip={{ MANAGEMENT_INTERFACE_IP_ADDRESS }} # Use IPv6. (boolean value) #use_ipv6=false # # Options defined in ironic.api.app # # Method to use for authentication: noauth or keystone. # (string value) #auth_strategy=keystone # # Options defined in ironic.common.driver_factory # # Specify the list of drivers to load during service # initialization. Missing drivers, or drivers which fail to # initialize, will prevent the conductor service from # starting. The option default is a recommended set of # production-oriented drivers. A complete list of drivers # present on your system may be found by enumerating the # "ironic.drivers" entrypoint. An example may be found in the # developer documentation online. (list value) enabled_drivers=pxe_ipmitool,pxe_ssh # # Options defined in ironic.common.exception # # Make exception message format errors fatal. (boolean value) #fatal_exception_format_errors=false # # Options defined in ironic.common.hash_ring # # Exponent to determine number of hash partitions to use when # distributing load across conductors. Larger values will # result in more even distribution of load and less load when # rebalancing the ring, but more memory usage. Number of # partitions per conductor is (2^hash_partition_exponent). # This determines the granularity of rebalancing: given 10 # hosts, and an exponent of the 2, there are 40 partitions in # the ring.A few thousand partitions should make rebalancing # smooth in most cases. The default is suitable for up to a # few hundred conductors. Too many partitions has a CPU # impact. (integer value) #hash_partition_exponent=5 # [Experimental Feature] Number of hosts to map onto each hash # partition. Setting this to more than one will cause # additional conductor services to prepare deployment # environments and potentially allow the Ironic cluster to # recover more quickly if a conductor instance is terminated. # (integer value) #hash_distribution_replicas=1 # # Options defined in ironic.common.images # # Force backing images to raw format. (boolean value) #force_raw_images=true # Path to isolinux binary file. (string value) #isolinux_bin=/usr/lib/syslinux/isolinux.bin # Template file for isolinux configuration file. (string # value) #isolinux_config_template=$pybasedir/common/isolinux_config.template # # Options defined in ironic.common.paths # # Directory where the ironic python module is installed. # (string value) #pybasedir=/usr/lib/python/site-packages/ironic # Directory where ironic binaries are installed. (string # value) #bindir=$pybasedir/bin # Top-level directory for maintaining ironic's state. (string # value) #state_path=$pybasedir # # Options defined in ironic.common.policy # # JSON file representing policy. (string value) #policy_file=policy.json # Rule checked when requested rule is not found. (string # value) #policy_default_rule=default # # Options defined in ironic.common.service # # Seconds between running periodic tasks. (integer value) #periodic_interval=60 # Name of this node. This can be an opaque identifier. It is # not necessarily a hostname, FQDN, or IP address. However, # the node name must be valid within an AMQP key, and if using # ZeroMQ, a valid hostname, FQDN, or IP address. (string # value) #host=ironic # # Options defined in ironic.common.utils # # Path to the rootwrap configuration file to use for running # commands as root. (string value) #rootwrap_config=/etc/ironic/rootwrap.conf # Explicitly specify the temporary working directory. (string # value) #tempdir= # # Options defined in ironic.drivers.modules.image_cache # # Run image downloads and raw format conversions in parallel. # (boolean value) #parallel_image_downloads=false # # Options defined in ironic.openstack.common.eventlet_backdoor # # Enable eventlet backdoor. Acceptable values are 0, , # and :, where 0 results in listening on a random # tcp port number; results in listening on the # specified port number (and not enabling backdoor if that # port is in use); and : results in listening on # the smallest unused port number within the specified range # of port numbers. The chosen port is displayed in the # service's log file. (string value) #backdoor_port= # # Options defined in ironic.openstack.common.lockutils # # Enables or disables inter-process locks. (boolean value) #disable_process_locking=false # Directory to use for lock files. (string value) #lock_path= # # Options defined in ironic.openstack.common.log # # Print debugging output (set logging level to DEBUG instead # of default WARNING level). (boolean value) #debug=false # Print more verbose output (set logging level to INFO instead # of default WARNING level). (boolean value) #verbose=false # Log output to standard error. (boolean value) #use_stderr=true # Format string to use for log messages with context. (string # value) #logging_context_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s # Format string to use for log messages without context. # (string value) #logging_default_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s # Data to append to log format when level is DEBUG. (string # value) #logging_debug_format_suffix=%(funcName)s %(pathname)s:%(lineno)d # Prefix each line of exception output with this format. # (string value) #logging_exception_prefix=%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s # List of logger=LEVEL pairs. (list value) #default_log_levels=amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN # Enables or disables publication of error events. (boolean # value) #publish_errors=false # Enables or disables fatal status of deprecations. (boolean # value) #fatal_deprecations=false # The format for an instance that is passed with the log # message. (string value) #instance_format="[instance: %(uuid)s] " # The format for an instance UUID that is passed with the log # message. (string value) #instance_uuid_format="[instance: %(uuid)s] " # The name of a logging configuration file. This file is # appended to any existing logging configuration files. For # details about logging configuration files, see the Python # logging module documentation. (string value) # Deprecated group/name - [DEFAULT]/log_config #log_config_append= # DEPRECATED. A logging.Formatter log message format string # which may use any of the available logging.LogRecord # attributes. This option is deprecated. Please use # logging_context_format_string and # logging_default_format_string instead. (string value) #log_format= # Format string for %%(asctime)s in log records. Default: # %(default)s . (string value) #log_date_format=%Y-%m-%d %H:%M:%S # (Optional) Name of log file to output to. If no default is # set, logging will go to stdout. (string value) # Deprecated group/name - [DEFAULT]/logfile #log_file= # (Optional) The base directory used for relative --log-file # paths. (string value) # Deprecated group/name - [DEFAULT]/logdir #log_dir= # Use syslog for logging. Existing syslog format is DEPRECATED # during I, and will change in J to honor RFC5424. (boolean # value) #use_syslog=false # (Optional) Enables or disables syslog rfc5424 format for # logging. If enabled, prefixes the MSG part of the syslog # message with APP-NAME (RFC5424). The format without the APP- # NAME is deprecated in I, and will be removed in J. (boolean # value) #use_syslog_rfc_format=false # Syslog facility to receive log lines. (string value) #syslog_log_facility=LOG_USER # # Options defined in ironic.openstack.common.periodic_task # # Some periodic tasks can be run in a separate process. Should # we run them here? (boolean value) #run_external_periodic_tasks=true [agent] # # Options defined in ironic.drivers.modules.agent # # Additional append parameters for baremetal PXE boot. (string # value) #agent_pxe_append_params=nofb nomodeset vga=normal # Template file for PXE configuration. (string value) #agent_pxe_config_template=$pybasedir/drivers/modules/agent_config.template # Neutron bootfile DHCP parameter. (string value) #agent_pxe_bootfile_name=pxelinux.0 # Maximum interval (in seconds) for agent heartbeats. (integer # value) #heartbeat_timeout=300 # # Options defined in ironic.drivers.modules.agent_client # # API version to use for communicating with the ramdisk agent. # (string value) #agent_api_version=v1 [api] # # Options defined in ironic.api # # The listen IP for the Ironic API server. (string value) #host_ip=0.0.0.0 # The port for the Ironic API server. (integer value) #port=6385 # The maximum number of items returned in a single response # from a collection resource. (integer value) #max_limit=1000 [conductor] # # Options defined in ironic.conductor.manager # # URL of Ironic API service. If not set ironic can get the # current value from the keystone service catalog. (string # value) api_url=http://{{ MANAGEMENT_INTERFACE_IP_ADDRESS }}:6385 # Seconds between conductor heart beats. (integer value) #heartbeat_interval=10 # Maximum time (in seconds) since the last check-in of a # conductor. (integer value) #heartbeat_timeout=60 # Interval between syncing the node power state to the # database, in seconds. (integer value) #sync_power_state_interval=60 # Interval between checks of provision timeouts, in seconds. # (integer value) #check_provision_state_interval=60 # Timeout (seconds) for waiting callback from deploy ramdisk. # 0 - unlimited. (integer value) #deploy_callback_timeout=1800 # During sync_power_state, should the hardware power state be # set to the state recorded in the database (True) or should # the database be updated based on the hardware state (False). # (boolean value) #force_power_state_during_sync=true # During sync_power_state failures, limit the number of times # Ironic should try syncing the hardware node power state with # the node power state in DB (integer value) #power_state_sync_max_retries=3 # Maximum number of worker threads that can be started # simultaneously by a periodic task. Should be less than RPC # thread pool size. (integer value) #periodic_max_workers=8 # The size of the workers greenthread pool. (integer value) #workers_pool_size=100 # Number of attempts to grab a node lock. (integer value) #node_locked_retry_attempts=3 # Seconds to sleep between node lock attempts. (integer value) #node_locked_retry_interval=1 # Enable sending sensor data message via the notification bus # (boolean value) #send_sensor_data=false # Seconds between conductor sending sensor data message to # ceilometer via the notification bus. (integer value) #send_sensor_data_interval=600 # List of comma separated metric types which need to be sent # to Ceilometer. The default value, "ALL", is a special value # meaning send all the sensor data. (list value) #send_sensor_data_types=ALL # When conductors join or leave the cluster, existing # conductors may need to update any persistent local state as # nodes are moved around the cluster. This option controls how # often, in seconds, each conductor will check for nodes that # it should "take over". Set it to a negative value to disable # the check entirely. (integer value) #sync_local_state_interval=180 [console] # # Options defined in ironic.drivers.modules.console_utils # # Path to serial console terminal program (string value) #terminal=shellinaboxd # Directory containing the terminal SSL cert(PEM) for serial # console access (string value) #terminal_cert_dir= # Directory for holding terminal pid files. If not specified, # the temporary directory will be used. (string value) #terminal_pid_dir= # Time interval (in seconds) for checking the status of # console subprocess. (integer value) #subprocess_checking_interval=1 # Time (in seconds) to wait for the console subprocess to # start. (integer value) #subprocess_timeout=10 [database] # # Options defined in oslo.db # # The file name to use with SQLite. (string value) #sqlite_db=oslo.sqlite # If True, SQLite uses synchronous mode. (boolean value) #sqlite_synchronous=true # The back end to use for the database. (string value) # Deprecated group/name - [DEFAULT]/db_backend #backend=sqlalchemy # The SQLAlchemy connection string to use to connect to the # database. (string value) # Deprecated group/name - [DEFAULT]/sql_connection # Deprecated group/name - [DATABASE]/sql_connection # Deprecated group/name - [sql]/connection connection=postgresql://{{ IRONIC_DB_USER}}:{{ IRONIC_DB_PASSWORD }}@{{ CONTROLLER_HOST_ADDRESS }}/ironic # The SQLAlchemy connection string to use to connect to the # slave database. (string value) #slave_connection= # The SQL mode to be used for MySQL sessions. This option, # including the default, overrides any server-set SQL mode. To # use whatever SQL mode is set by the server configuration, # set this to no value. Example: mysql_sql_mode= (string # value) #mysql_sql_mode=TRADITIONAL # Timeout before idle SQL connections are reaped. (integer # value) # Deprecated group/name - [DEFAULT]/sql_idle_timeout # Deprecated group/name - [DATABASE]/sql_idle_timeout # Deprecated group/name - [sql]/idle_timeout #idle_timeout=3600 # Minimum number of SQL connections to keep open in a pool. # (integer value) # Deprecated group/name - [DEFAULT]/sql_min_pool_size # Deprecated group/name - [DATABASE]/sql_min_pool_size #min_pool_size=1 # Maximum number of SQL connections to keep open in a pool. # (integer value) # Deprecated group/name - [DEFAULT]/sql_max_pool_size # Deprecated group/name - [DATABASE]/sql_max_pool_size #max_pool_size= # Maximum db connection retries during startup. Set to -1 to # specify an infinite retry count. (integer value) # Deprecated group/name - [DEFAULT]/sql_max_retries # Deprecated group/name - [DATABASE]/sql_max_retries #max_retries=10 # Interval between retries of opening a SQL connection. # (integer value) # Deprecated group/name - [DEFAULT]/sql_retry_interval # Deprecated group/name - [DATABASE]/reconnect_interval #retry_interval=10 # If set, use this value for max_overflow with SQLAlchemy. # (integer value) # Deprecated group/name - [DEFAULT]/sql_max_overflow # Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow #max_overflow= # Verbosity of SQL debugging information: 0=None, # 100=Everything. (integer value) # Deprecated group/name - [DEFAULT]/sql_connection_debug #connection_debug=0 # Add Python stack traces to SQL as comment strings. (boolean # value) # Deprecated group/name - [DEFAULT]/sql_connection_trace #connection_trace=false # If set, use this value for pool_timeout with SQLAlchemy. # (integer value) # Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout #pool_timeout= # Enable the experimental use of database reconnect on # connection lost. (boolean value) #use_db_reconnect=false # Seconds between database connection retries. (integer value) #db_retry_interval=1 # If True, increases the interval between database connection # retries up to db_max_retry_interval. (boolean value) #db_inc_retry_interval=true # If db_inc_retry_interval is set, the maximum seconds between # database connection retries. (integer value) #db_max_retry_interval=10 # Maximum database connection retries before error is raised. # Set to -1 to specify an infinite retry count. (integer # value) #db_max_retries=20 # # Options defined in ironic.db.sqlalchemy.models # # MySQL engine to use. (string value) #mysql_engine=InnoDB [dhcp] # # Options defined in ironic.common.dhcp_factory # # DHCP provider to use. "neutron" uses Neutron, and "none" # uses a no-op provider. (string value) #dhcp_provider=neutron [disk_partitioner] # # Options defined in ironic.common.disk_partitioner # # After Ironic has completed creating the partition table, it # continues to check for activity on the attached iSCSI device # status at this interval prior to copying the image to the # node, in seconds (integer value) #check_device_interval=1 # The maximum number of times to check that the device is not # accessed by another process. If the device is still busy # after that, the disk partitioning will be treated as having # failed. (integer value) #check_device_max_retries=20 [glance] # # Options defined in ironic.common.glance_service.v2.image_service # # A list of URL schemes that can be downloaded directly via # the direct_url. Currently supported schemes: [file]. (list # value) #allowed_direct_url_schemes= # The secret token given to Swift to allow temporary URL # downloads. Required for temporary URLs. (string value) #swift_temp_url_key= # The length of time in seconds that the temporary URL will be # valid for. Defaults to 20 minutes. If some deploys get a 401 # response code when trying to download from the temporary # URL, try raising this duration. (integer value) #swift_temp_url_duration=1200 # The "endpoint" (scheme, hostname, optional port) for the # Swift URL of the form # "endpoint_url/api_version/account/container/object_id". Do # not include trailing "/". For example, use # "https://swift.example.com". Required for temporary URLs. # (string value) #swift_endpoint_url= # The Swift API version to create a temporary URL for. # Defaults to "v1". Swift temporary URL format: # "endpoint_url/api_version/account/container/object_id" # (string value) #swift_api_version=v1 # The account that Glance uses to communicate with Swift. The # format is "AUTH_uuid". "uuid" is the UUID for the account # configured in the glance-api.conf. Required for temporary # URLs. For example: # "AUTH_a422b2-91f3-2f46-74b7-d7c9e8958f5d30". Swift temporary # URL format: # "endpoint_url/api_version/account/container/object_id" # (string value) #swift_account= # The Swift container Glance is configured to store its images # in. Defaults to "glance", which is the default in glance- # api.conf. Swift temporary URL format: # "endpoint_url/api_version/account/container/object_id" # (string value) #swift_container=glance # # Options defined in ironic.common.image_service # # Default glance hostname or IP address. (string value) glance_host={{ CONTROLLER_HOST_ADDRESS }} # Default glance port. (integer value) #glance_port=9292 # Default protocol to use when connecting to glance. Set to # https for SSL. (string value) #glance_protocol=http # A list of the glance api servers available to ironic. Prefix # with https:// for SSL-based glance API servers. Format is # [hostname|IP]:port. (string value) #glance_api_servers= # Allow to perform insecure SSL (https) requests to glance. # (boolean value) #glance_api_insecure=false # Number of retries when downloading an image from glance. # (integer value) #glance_num_retries=0 # Default protocol to use when connecting to glance. Set to # https for SSL. (string value) #auth_strategy=keystone [ilo] # # Options defined in ironic.drivers.modules.ilo.common # # Timeout (in seconds) for iLO operations (integer value) #client_timeout=60 # Port to be used for iLO operations (integer value) #client_port=443 # The Swift iLO container to store data. (string value) #swift_ilo_container=ironic_ilo_container # Amount of time in seconds for Swift objects to auto-expire. # (integer value) #swift_object_expiry_timeout=900 # # Options defined in ironic.drivers.modules.ilo.power # # Number of times a power operation needs to be retried # (integer value) #power_retry=6 # Amount of time in seconds to wait in between power # operations (integer value) #power_wait=2 [ipmi] # # Options defined in ironic.drivers.modules.ipminative # # Maximum time in seconds to retry IPMI operations. (integer # value) #retry_timeout=60 # Minimum time, in seconds, between IPMI operations sent to a # server. There is a risk with some hardware that setting this # too low may cause the BMC to crash. Recommended setting is 5 # seconds. (integer value) #min_command_interval=5 [keystone_authtoken] # # Options defined in keystonemiddleware.auth_token # # Prefix to prepend at the beginning of the path. Deprecated, # use identity_uri. (string value) #auth_admin_prefix= # Host providing the admin Identity API endpoint. Deprecated, # use identity_uri. (string value) #auth_host=127.0.0.1 # Port of the admin Identity API endpoint. Deprecated, use # identity_uri. (integer value) #auth_port=35357 # Protocol of the admin Identity API endpoint (http or https). # Deprecated, use identity_uri. (string value) #auth_protocol=https # Complete public Identity API endpoint (string value) auth_uri=http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0 # Complete admin Identity API endpoint. This should specify # the unversioned root endpoint e.g. https://localhost:35357/ # (string value) identity_uri = http://{{ CONTROLLER_HOST_ADDRESS }}:35357 # API version of the admin Identity API endpoint (string # value) #auth_version= # Do not handle authorization requests within the middleware, # but delegate the authorization decision to downstream WSGI # components (boolean value) #delay_auth_decision=false # Request timeout value for communicating with Identity API # server. (boolean value) #http_connect_timeout= # How many times are we trying to reconnect when communicating # with Identity API Server. (integer value) #http_request_max_retries=3 # This option is deprecated and may be removed in a future # release. Single shared secret with the Keystone # configuration used for bootstrapping a Keystone # installation, or otherwise bypassing the normal # authentication process. This option should not be used, use # `admin_user` and `admin_password` instead. (string value) #admin_token= # Keystone account username (string value) admin_user={{ IRONIC_SERVICE_USER }} # Keystone account password (string value) admin_password={{ IRONIC_SERVICE_PASSWORD }} # Keystone service account tenant name to validate user tokens # (string value) admin_tenant_name=service # Env key for the swift cache (string value) #cache= # Required if Keystone server requires client certificate # (string value) #certfile= # Required if Keystone server requires client certificate # (string value) #keyfile= # A PEM encoded Certificate Authority to use when verifying # HTTPs connections. Defaults to system CAs. (string value) #cafile= # Verify HTTPS connections. (boolean value) #insecure=false # Directory used to cache files related to PKI tokens (string # value) #signing_dir= # Optionally specify a list of memcached server(s) to use for # caching. If left undefined, tokens will instead be cached # in-process. (list value) # Deprecated group/name - [DEFAULT]/memcache_servers #memcached_servers= # In order to prevent excessive effort spent validating # tokens, the middleware caches previously-seen tokens for a # configurable duration (in seconds). Set to -1 to disable # caching completely. (integer value) #token_cache_time=300 # Determines the frequency at which the list of revoked tokens # is retrieved from the Identity service (in seconds). A high # number of revocation events combined with a low cache # duration may significantly reduce performance. (integer # value) #revocation_cache_time=10 # (optional) if defined, indicate whether token data should be # authenticated or authenticated and encrypted. Acceptable # values are MAC or ENCRYPT. If MAC, token data is # authenticated (with HMAC) in the cache. If ENCRYPT, token # data is encrypted and authenticated in the cache. If the # value is not one of these options or empty, auth_token will # raise an exception on initialization. (string value) #memcache_security_strategy= # (optional, mandatory if memcache_security_strategy is # defined) this string is used for key derivation. (string # value) #memcache_secret_key= # (optional) number of seconds memcached server is considered # dead before it is tried again. (integer value) #memcache_pool_dead_retry=300 # (optional) max total number of open connections to every # memcached server. (integer value) #memcache_pool_maxsize=10 # (optional) socket timeout in seconds for communicating with # a memcache server. (integer value) #memcache_pool_socket_timeout=3 # (optional) number of seconds a connection to memcached is # held unused in the pool before it is closed. (integer value) #memcache_pool_unused_timeout=60 # (optional) number of seconds that an operation will wait to # get a memcache client connection from the pool. (integer # value) #memcache_pool_conn_get_timeout=10 # (optional) use the advanced (eventlet safe) memcache client # pool. The advanced pool will only work under python 2.x. # (boolean value) #memcache_use_advanced_pool=false # (optional) indicate whether to set the X-Service-Catalog # header. If False, middleware will not ask for service # catalog on token validation and will not set the X-Service- # Catalog header. (boolean value) #include_service_catalog=true # Used to control the use and type of token binding. Can be # set to: "disabled" to not check token binding. "permissive" # (default) to validate binding information if the bind type # is of a form known to the server and ignore it if not. # "strict" like "permissive" but if the bind type is unknown # the token will be rejected. "required" any form of token # binding is needed to be allowed. Finally the name of a # binding method that must be present in tokens. (string # value) #enforce_token_bind=permissive # If true, the revocation list will be checked for cached # tokens. This requires that PKI tokens are configured on the # Keystone server. (boolean value) #check_revocations_for_cached=false # Hash algorithms to use for hashing PKI tokens. This may be a # single algorithm or multiple. The algorithms are those # supported by Python standard hashlib.new(). The hashes will # be tried in the order given, so put the preferred one first # for performance. The result of the first hash will be stored # in the cache. This will typically be set to multiple values # only while migrating from a less secure algorithm to a more # secure one. Once all the old tokens are expired this option # should be set to a single value for better performance. # (list value) #hash_algorithms=md5 [matchmaker_redis] # # Options defined in oslo.messaging # # Host to locate redis. (string value) #host=127.0.0.1 # Use this port to connect to redis host. (integer value) #port=6379 # Password for Redis server (optional). (string value) #password= [matchmaker_ring] # # Options defined in oslo.messaging # # Matchmaker ring file (JSON). (string value) # Deprecated group/name - [DEFAULT]/matchmaker_ringfile #ringfile=/etc/oslo/matchmaker_ring.json [neutron] # # Options defined in ironic.dhcp.neutron # # URL for connecting to neutron. (string value) url=http://{{ CONTROLLER_HOST_ADDRESS }}:9696 # Timeout value for connecting to neutron in seconds. (integer # value) #url_timeout=30 # Default authentication strategy to use when connecting to # neutron. Can be either "keystone" or "noauth". Running # neutron in noauth mode (related to but not affected by this # setting) is insecure and should only be used for testing. # (string value) #auth_strategy=keystone [pxe] # # Options defined in ironic.drivers.modules.iscsi_deploy # # Additional append parameters for baremetal PXE boot. (string # value) #pxe_append_params=nofb nomodeset vga=normal # Default file system format for ephemeral partition, if one # is created. (string value) #default_ephemeral_format=ext4 # Directory where images are stored on disk. (string value) #images_path=/var/lib/ironic/images/ # Directory where master instance images are stored on disk. # (string value) #instance_master_path=/var/lib/ironic/master_images # Maximum size (in MiB) of cache for master images, including # those in use. (integer value) #image_cache_size=20480 # Maximum TTL (in minutes) for old master images in cache. # (integer value) #image_cache_ttl=10080 # The disk devices to scan while doing the deploy. (string # value) #disk_devices=cciss/c0d0,sda,hda,vda # # Options defined in ironic.drivers.modules.pxe # # Template file for PXE configuration. (string value) #pxe_config_template=$pybasedir/drivers/modules/pxe_config.template # Template file for PXE configuration for UEFI boot loader. # (string value) #uefi_pxe_config_template=$pybasedir/drivers/modules/elilo_efi_pxe_config.template # IP address of Ironic compute node's tftp server. (string # value) #tftp_server=$my_ip # Ironic compute node's tftp root path. (string value) tftp_root=/srv/tftp_root/ # Directory where master tftp images are stored on disk. # (string value) tftp_master_path=/srv/tftp_root/master_images # Bootfile DHCP parameter. (string value) #pxe_bootfile_name=pxelinux.0 # Bootfile DHCP parameter for UEFI boot mode. (string value) #uefi_pxe_bootfile_name=elilo.efi # Ironic compute node's HTTP server URL. Example: # http://192.1.2.3:8080 (string value) #http_url= # Ironic compute node's HTTP root path. (string value) #http_root=/httpboot # Enable iPXE boot. (boolean value) #ipxe_enabled=false # The path to the main iPXE script file. (string value) #ipxe_boot_script=$pybasedir/drivers/modules/boot.ipxe [seamicro] # # Options defined in ironic.drivers.modules.seamicro # # Maximum retries for SeaMicro operations (integer value) #max_retry=3 # Seconds to wait for power action to be completed (integer # value) #action_timeout=10 [snmp] # # Options defined in ironic.drivers.modules.snmp # # Seconds to wait for power action to be completed (integer # value) #power_timeout=10 [ssh] # # Options defined in ironic.drivers.modules.ssh # # libvirt uri (string value) #libvirt_uri=qemu:///system [swift] # # Options defined in ironic.common.swift # # Maximum number of times to retry a Swift request, before # failing. (integer value) #swift_max_retries=2