Type: | boolean |
---|---|
Default: | true |
Whether to allow users to specify image properties beyond what the image schema provides
Type: | integer |
---|---|
Default: | 128 |
Maximum number of image members per image. Negative values evaluate to unlimited.
Type: | integer |
---|---|
Default: | 128 |
Maximum number of properties allowed on an image. Negative values evaluate to unlimited.
Type: | integer |
---|---|
Default: | 128 |
Maximum number of tags allowed on an image. Negative values evaluate to unlimited.
Type: | integer |
---|---|
Default: | 10 |
Maximum number of locations allowed on an image. Negative values evaluate to unlimited.
Type: | string |
---|---|
Default: | glance.db.sqlalchemy.api |
Python module path of data access API
Type: | integer |
---|---|
Default: | 25 |
Default value for the number of items returned by a request if not specified explicitly in the request
Type: | integer |
---|---|
Default: | 1000 |
Maximum permissible number of items that could be returned by a request
Type: | boolean |
---|---|
Default: | false |
Whether to include the backend image storage location in image properties. Revealing storage location can be a security risk, so use this setting with caution!
Type: | boolean |
---|---|
Default: | false |
Whether to include the backend image locations in image properties. For example, if using the file system store a URL of “file:///path/to/image” will be returned to the user in the ‘direct_url’ meta-data field. Revealing storage location can be a security risk, so use this setting with caution! Setting this to true overrides the show_image_direct_url option.
Type: | integer |
---|---|
Default: | 1099511627776 |
Maximum Value: | 9223372036854775808 |
Maximum size of image a user can upload in bytes. Defaults to 1099511627776 bytes (1 TB).WARNING: this value should only be increased after careful consideration and must be set to a value under 8 EB (9223372036854775808).
Type: | string |
---|---|
Default: | 0 |
Set a system wide quota for every user. This value is the total capacity that a user can use across all storage systems. A value of 0 means unlimited.Optional unit can be specified for the value. Accepted units are B, KB, MB, GB and TB representing Bytes, KiloBytes, MegaBytes, GigaBytes and TeraBytes respectively. If no unit is specified then Bytes is assumed. Note that there should not be any space between value and unit and units are case sensitive.
Type: | boolean |
---|---|
Default: | true |
Deploy the v1 OpenStack Images API.
Type: | boolean |
---|---|
Default: | true |
Deploy the v2 OpenStack Images API.
Type: | boolean |
---|---|
Default: | true |
Deploy the v1 OpenStack Registry API.
Type: | boolean |
---|---|
Default: | true |
Deploy the v2 OpenStack Registry API.
Type: | string |
---|---|
Default: | <None> |
The hostname/IP of the pydev process listening for debug connections
Type: | unknown type |
---|---|
Default: | 5678 |
Minimum Value: | 0 |
Maximum Value: | 65535 |
The port on which a pydev process is listening for connections.
Type: | string |
---|---|
Default: | <None> |
AES key for encrypting store ‘location’ metadata. This includes, if used, Swift or S3 credentials. Should be set to a random string of length 16, 24 or 32 bytes
Type: | string |
---|---|
Default: | sha256 |
Digest algorithm which will be used for digital signature. Use the command “openssl list-message-digest-algorithms” to get the available algorithms supported by the version of OpenSSL on the platform. Examples are “sha1”, “sha256”, “sha512”, etc.
Type: | integer |
---|---|
Default: | 0 |
The amount of time in seconds to delay before performing a delete.
Type: | integer |
---|---|
Default: | 1 |
The size of thread pool to be used for scrubbing images. The default is one, which signifies serial scrubbing. Any value above one indicates the max number of images that may be scrubbed in parallel.
Type: | boolean |
---|---|
Default: | false |
Turn on/off delayed delete.
Type: | string |
---|---|
Default: | admin |
Role used to identify an authenticated user as administrator. Provide a string value representing a Keystone role to identify an administrative user. Users with this role will be granted administrative privileges. The default value for this option is ‘admin’. Services which consume this: * glance-api * glare-api * glance-registry * glance-scrubber Possible values: * A string value which is a valid Keystone role Related options: * None
Type: | boolean |
---|---|
Default: | false |
Whether to pass through headers containing user and tenant information when making requests to the registry. This allows the registry to use the context middleware without keystonemiddleware’s auth_token middleware, removing calls to the keystone auth service. It is recommended that when using this option, secure communication between glance api and glance registry is ensured by means other than auth_token middleware.
Type: | integer |
---|---|
Default: | 300 |
Loop time between checking for new items to schedule for delete.
Type: | boolean |
---|---|
Default: | false |
Run as a long-running process. When not specified (the default) run the scrub operation once and then exits. When specified do not exit and run scrub on wakeup_time interval as specified in the config.
Type: | string |
---|---|
Default: | http |
The protocol to use for communication with the registry server. Either http or https.
Type: | string |
---|---|
Default: | <None> |
The path to the key file to use in SSL connections to the registry server, if any. Alternately, you may set the GLANCE_CLIENT_KEY_FILE environment variable to a filepath of the key file
Type: | string |
---|---|
Default: | <None> |
The path to the cert file to use in SSL connections to the registry server, if any. Alternately, you may set the GLANCE_CLIENT_CERT_FILE environment variable to a filepath of the CA cert file
Type: | string |
---|---|
Default: | <None> |
The path to the certifying authority cert file to use in SSL connections to the registry server, if any. Alternately, you may set the GLANCE_CLIENT_CA_FILE environment variable to a filepath of the CA cert file.
Type: | boolean |
---|---|
Default: | false |
When using SSL in connections to the registry server, do not require validation via a certifying authority. This is the registry’s equivalent of specifying –insecure on the command line using glanceclient for the API.
Type: | integer |
---|---|
Default: | 600 |
The period of time, in seconds, that the API server will wait for a registry request to complete. A value of 0 implies no timeout.
Type: | boolean |
---|---|
Default: | true |
Whether to pass through the user token when making requests to the registry. To prevent failures with token expiration during big files upload, it is recommended to set this parameter to False.If “use_user_token” is not in effect, then admin credentials can be specified.
Warning
This option is deprecated for removal. Its value may be silently ignored in the future.
Reason: | This option was considered harmful and has been deprecated in M release. It will be removed in O release. For more information read OSSN-0060. Related functionality with uploading big images has been implemented with Keystone trusts support. |
---|
Type: | string |
---|---|
Default: | <None> |
The administrators user name. If “use_user_token” is not in effect, then admin credentials can be specified.
Warning
This option is deprecated for removal. Its value may be silently ignored in the future.
Reason: | This option was considered harmful and has been deprecated in M release. It will be removed in O release. For more information read OSSN-0060. Related functionality with uploading big images has been implemented with Keystone trusts support. |
---|
Type: | string |
---|---|
Default: | <None> |
The administrators password. If “use_user_token” is not in effect, then admin credentials can be specified.
Warning
This option is deprecated for removal. Its value may be silently ignored in the future.
Reason: | This option was considered harmful and has been deprecated in M release. It will be removed in O release. For more information read OSSN-0060. Related functionality with uploading big images has been implemented with Keystone trusts support. |
---|
Type: | string |
---|---|
Default: | <None> |
The tenant name of the administrative user. If “use_user_token” is not in effect, then admin tenant name can be specified.
Warning
This option is deprecated for removal. Its value may be silently ignored in the future.
Reason: | This option was considered harmful and has been deprecated in M release. It will be removed in O release. For more information read OSSN-0060. Related functionality with uploading big images has been implemented with Keystone trusts support. |
---|
Type: | string |
---|---|
Default: | <None> |
The URL to the keystone service. If “use_user_token” is not in effect and using keystone auth, then URL of keystone can be specified.
Warning
This option is deprecated for removal. Its value may be silently ignored in the future.
Reason: | This option was considered harmful and has been deprecated in M release. It will be removed in O release. For more information read OSSN-0060. Related functionality with uploading big images has been implemented with Keystone trusts support. |
---|
Type: | string |
---|---|
Default: | noauth |
The strategy to use for authentication. If “use_user_token” is not in effect, then auth strategy can be specified.
Warning
This option is deprecated for removal. Its value may be silently ignored in the future.
Reason: | This option was considered harmful and has been deprecated in M release. It will be removed in O release. For more information read OSSN-0060. Related functionality with uploading big images has been implemented with Keystone trusts support. |
---|
Type: | string |
---|---|
Default: | <None> |
The region for the authentication service. If “use_user_token” is not in effect and using keystone auth, then region name can be specified.
Warning
This option is deprecated for removal. Its value may be silently ignored in the future.
Reason: | This option was considered harmful and has been deprecated in M release. It will be removed in O release. For more information read OSSN-0060. Related functionality with uploading big images has been implemented with Keystone trusts support. |
---|
Type: | string |
---|---|
Default: | 0.0.0.0 |
Address to find the registry server.
Type: | unknown type |
---|---|
Default: | 9191 |
Minimum Value: | 0 |
Maximum Value: | 65535 |
Port the registry server is listening on.
Type: | boolean |
---|---|
Default: | false |
Mutable: | This option can be changed without restarting. |
If set to true, the logging level will be set to DEBUG instead of the default INFO level.
Type: | boolean |
---|---|
Default: | true |
If set to false, the logging level will be set to WARNING instead of the default INFO level.
Warning
This option is deprecated for removal. Its value may be silently ignored in the future.
Type: | string |
---|---|
Default: | <None> |
Mutable: | This option can be changed without restarting. |
The name of a logging configuration file. This file is appended to any existing logging configuration files. For details about logging configuration files, see the Python logging module documentation. Note that when logging configuration files are used then all logging configuration is set in the configuration file and other logging configuration options are ignored (for example, logging_context_format_string).
Group | Name |
---|---|
DEFAULT | log_config |
Type: | string |
---|---|
Default: | %Y-%m-%d %H:%M:%S |
Defines the format string for %(asctime)s in log records. Default: the value above . This option is ignored if log_config_append is set.
Type: | string |
---|---|
Default: | <None> |
(Optional) Name of log file to send logging output to. If no default is set, logging will go to stderr as defined by use_stderr. This option is ignored if log_config_append is set.
Group | Name |
---|---|
DEFAULT | logfile |
Type: | string |
---|---|
Default: | <None> |
(Optional) The base directory used for relative log_file paths. This option is ignored if log_config_append is set.
Group | Name |
---|---|
DEFAULT | logdir |
Type: | boolean |
---|---|
Default: | false |
Uses logging handler designed to watch file system. When log file is moved or removed this handler will open a new log file with specified path instantaneously. It makes sense only if log_file option is specified and Linux platform is used. This option is ignored if log_config_append is set.
Type: | boolean |
---|---|
Default: | false |
Use syslog for logging. Existing syslog format is DEPRECATED and will be changed later to honor RFC5424. This option is ignored if log_config_append is set.
Type: | string |
---|---|
Default: | LOG_USER |
Syslog facility to receive log lines. This option is ignored if log_config_append is set.
Type: | boolean |
---|---|
Default: | true |
Log output to standard error. This option is ignored if log_config_append is set.
Type: | string |
---|---|
Default: | %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s |
Format string to use for log messages with context.
Type: | string |
---|---|
Default: | %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s |
Format string to use for log messages when context is undefined.
Type: | string |
---|---|
Default: | %(funcName)s %(pathname)s:%(lineno)d |
Additional data to append to log message when logging level for the message is DEBUG.
Type: | string |
---|---|
Default: | %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s |
Prefix each line of exception output with this format.
Type: | string |
---|---|
Default: | %(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s |
Defines the format string for %(user_identity)s that is used in logging_context_format_string.
Type: | list |
---|---|
Default: | amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN,keystoneauth=WARN,oslo.cache=INFO,dogpile.core.dogpile=INFO |
List of package logging levels in logger=LEVEL pairs. This option is ignored if log_config_append is set.
Type: | boolean |
---|---|
Default: | false |
Enables or disables publication of error events.
Type: | string |
---|---|
Default: | "[instance: %(uuid)s] " |
The format for an instance that is passed with the log message.
Type: | string |
---|---|
Default: | "[instance: %(uuid)s] " |
The format for an instance UUID that is passed with the log message.
Type: | boolean |
---|---|
Default: | false |
Enables or disables fatal status of deprecations.
Type: | string |
---|---|
Default: | oslo.sqlite |
The file name to use with SQLite.
Group | Name |
---|---|
DEFAULT | sqlite_db |
Warning
This option is deprecated for removal. Its value may be silently ignored in the future.
Reason: | Should use config option connection or slave_connection to connect the database. |
---|
Type: | boolean |
---|---|
Default: | true |
If True, SQLite uses synchronous mode.
Group | Name |
---|---|
DEFAULT | sqlite_synchronous |
Type: | string |
---|---|
Default: | sqlalchemy |
The back end to use for the database.
Group | Name |
---|---|
DEFAULT | db_backend |
Type: | string |
---|---|
Default: | <None> |
The SQLAlchemy connection string to use to connect to the database.
Group | Name |
---|---|
DEFAULT | sql_connection |
DATABASE | sql_connection |
sql | connection |
Type: | string |
---|---|
Default: | <None> |
The SQLAlchemy connection string to use to connect to the slave database.
Type: | string |
---|---|
Default: | TRADITIONAL |
The SQL mode to be used for MySQL sessions. This option, including the default, overrides any server-set SQL mode. To use whatever SQL mode is set by the server configuration, set this to no value. Example: mysql_sql_mode=
Type: | integer |
---|---|
Default: | 3600 |
Timeout before idle SQL connections are reaped.
Group | Name |
---|---|
DEFAULT | sql_idle_timeout |
DATABASE | sql_idle_timeout |
sql | idle_timeout |
Type: | integer |
---|---|
Default: | 1 |
Minimum number of SQL connections to keep open in a pool.
Group | Name |
---|---|
DEFAULT | sql_min_pool_size |
DATABASE | sql_min_pool_size |
Type: | integer |
---|---|
Default: | <None> |
Maximum number of SQL connections to keep open in a pool.
Group | Name |
---|---|
DEFAULT | sql_max_pool_size |
DATABASE | sql_max_pool_size |
Type: | integer |
---|---|
Default: | 10 |
Maximum number of database connection retries during startup. Set to -1 to specify an infinite retry count.
Group | Name |
---|---|
DEFAULT | sql_max_retries |
DATABASE | sql_max_retries |
Type: | integer |
---|---|
Default: | 10 |
Interval between retries of opening a SQL connection.
Group | Name |
---|---|
DEFAULT | sql_retry_interval |
DATABASE | reconnect_interval |
Type: | integer |
---|---|
Default: | 50 |
If set, use this value for max_overflow with SQLAlchemy.
Group | Name |
---|---|
DEFAULT | sql_max_overflow |
DATABASE | sqlalchemy_max_overflow |
Type: | integer |
---|---|
Default: | 0 |
Verbosity of SQL debugging information: 0=None, 100=Everything.
Group | Name |
---|---|
DEFAULT | sql_connection_debug |
Type: | boolean |
---|---|
Default: | false |
Add Python stack traces to SQL as comment strings.
Group | Name |
---|---|
DEFAULT | sql_connection_trace |
Type: | integer |
---|---|
Default: | <None> |
If set, use this value for pool_timeout with SQLAlchemy.
Group | Name |
---|---|
DATABASE | sqlalchemy_pool_timeout |
Type: | boolean |
---|---|
Default: | false |
Enable the experimental use of database reconnect on connection lost.
Type: | integer |
---|---|
Default: | 1 |
Seconds between retries of a database transaction.
Type: | boolean |
---|---|
Default: | true |
If True, increases the interval between retries of a database operation up to db_max_retry_interval.
Type: | integer |
---|---|
Default: | 10 |
If db_inc_retry_interval is set, the maximum seconds between retries of a database operation.
Type: | integer |
---|---|
Default: | 20 |
Maximum retries in case of connection error or deadlock error before error is raised. Set to -1 to specify an infinite retry count.
Type: | boolean |
---|---|
Default: | false |
Enable the experimental use of thread pooling for all DB API calls
Group | Name |
---|---|
DEFAULT | dbapi_use_tpool |
Type: | list |
---|---|
Default: | file,http |
List of stores enabled. Valid stores are: cinder, file, http, rbd, sheepdog, swift, vsphere
Type: | string |
---|---|
Default: | file |
Default scheme to use to store image data. The scheme must be registered by one of the stores defined by the ‘stores’ config option.
Type: | integer |
---|---|
Default: | 0 |
Minimum interval seconds to execute updating dynamic storage capabilities based on backend status then. It’s not a periodic routine, the update logic will be executed only when interval seconds elapsed and an operation of store has triggered. The feature will be enabled only when the option value greater then zero.
Type: | integer |
---|---|
Default: | 64 |
Images will be chunked into objects of this size (in megabytes). For best performance, this should be a power of two.
Type: | integer |
---|---|
Default: | 7000 |
Port of sheep daemon.
Type: | string |
---|---|
Default: | 127.0.0.1 |
IP address of sheep daemon.
Type: | integer |
---|---|
Default: | 8 |
RADOS images will be chunked into objects of this size (in megabytes). For best performance, this should be a power of two.
Type: | string |
---|---|
Default: | images |
RADOS pool in which images are stored.
Type: | string |
---|---|
Default: | <None> |
RADOS user to authenticate as (only applicable if using Cephx. If <None>, a default will be chosen based on the client. section in rbd_store_ceph_conf)
Type: | string |
---|---|
Default: | /etc/ceph/ceph.conf |
Ceph configuration file path. If <None>, librados will locate the default config. If using cephx authentication, this file should include a reference to the right keyring in a client.<USER> section
Type: | integer |
---|---|
Default: | 0 |
Timeout value (in seconds) used when connecting to ceph cluster. If value <= 0, no timeout is set and default librados value is used.
Type: | string |
---|---|
Default: | <None> |
Specify the path to the CA bundle file to use in verifying the remote server certificate.
Type: | boolean |
---|---|
Default: | true |
If true, the remote server certificate is not verified. If false, then the default CA truststore is used for verification. This option is ignored if “https_ca_certificates_file” is set.
Type: | dict |
---|---|
Default: |
Specify the http/https proxy information that should be used to connect to the remote server. The proxy information should be a key value pair of the scheme and proxy. e.g. http:10.0.0.1:3128. You can specify proxies for multiple schemes by separating the key value pairs with a comma.e.g. http:10.0.0.1:3128, https:10.0.0.1:1080.
Type: | string |
---|---|
Default: | /var/lib/glance/images |
Directory to which the Filesystem backend store writes images.
Type: | multi-valued |
---|---|
Default: |
List of directories and its priorities to which the Filesystem backend store writes images.
Type: | string |
---|---|
Default: | <None> |
The path to a file which contains the metadata to be returned with any location associated with this store. The file must contain a valid JSON object. The object should contain the keys ‘id’ and ‘mountpoint’. The value for both keys should be ‘string’.
Type: | integer |
---|---|
Default: | 0 |
The required permission for created image file. In this way the user other service used, e.g. Nova, who consumes the image could be the exclusive member of the group that owns the files created. Assigning it less then or equal to zero means don’t change the default permission of the file. This value will be decoded as an octal digit.
Type: | string |
---|---|
Default: | 127.0.0.1 |
Address of the ESX/ESXi or vCenter Server target system. This configuration option sets the address of the ESX/ESXi or vCenter Server target system. This option is required when using the VMware storage backend. The address can contain an IP address (127.0.0.1) or a DNS name (www.my-domain.com). Possible Values: * A valid IPv4 or IPv6 address * A valid DNS name Related options: * vmware_server_username * vmware_server_password
Type: | string |
---|---|
Default: | root |
Server username. This configuration option takes the username for authenticating with the VMware ESX/ESXi or vCenter Server. This option is required when using the VMware storage backend. Possible Values: * Any string that is the username for a user with appropriate privileges Related options: * vmware_server_host * vmware_server_password
Type: | string |
---|---|
Default: | vmware |
Server password. This configuration option takes the password for authenticating with the VMware ESX/ESXi or vCenter Server. This option is required when using the VMware storage backend. Possible Values: * Any string that is a password corresponding to the username specified using the “vmware_server_username” option Related options: * vmware_server_host * vmware_server_username
Type: | integer |
---|---|
Default: | 10 |
Minimum Value: | 1 |
The number of VMware API retries. This configuration option specifies the number of times the VMware ESX/VC server API must be retried upon connection related issues or server API call overload. It is not possible to specify ‘retry forever’. Possible Values: * Any positive integer value Related options: * None
Type: | integer |
---|---|
Default: | 5 |
Minimum Value: | 1 |
Interval in seconds used for polling remote tasks invoked on VMware ESX/VC server. This configuration option takes in the sleep time in seconds for polling an on-going async task as part of the VMWare ESX/VC server API call. Possible Values: * Any positive integer value Related options: * None
Type: | string |
---|---|
Default: | /openstack_glance |
The directory where the glance images will be stored in the datastore. This configuration option specifies the path to the directory where the glance images will be stored in the VMware datastore. If this option is not set, the default directory where the glance images are stored is openstack_glance. Possible Values: * Any string that is a valid path to a directory Related options: * None
Type: | boolean |
---|---|
Default: | false |
Set verification of the ESX/vCenter server certificate. This configuration option takes a boolean value to determine whether or not to verify the ESX/vCenter server certificate. If this option is set to True, the ESX/vCenter server certificate is not verified. If this option is set to False, then the default CA truststore is used for verification. This option is ignored if the “vmware_ca_file” option is set. In that case, the ESX/vCenter server certificate will then be verified using the file specified using the “vmware_ca_file” option . Possible Values: * True * False Related options: * vmware_ca_file
Group | Name |
---|---|
glance_store | vmware_api_insecure |
Type: | string |
---|---|
Default: | /etc/ssl/certs/ca-certificates.crt |
Absolute path to the CA bundle file. This configuration option enables the operator to use a custom Cerificate Authority File to verify the ESX/vCenter certificate. If this option is set, the “vmware_insecure” option will be ignored and the CA file specified will be used to authenticate the ESX/vCenter server certificate and establish a secure connection to the server. Possible Values: * Any string that is a valid absolute path to a CA file Related options: * vmware_insecure
Type: | multi-valued |
---|---|
Default: |
The datastores where the image can be stored. This configuration option specifies the datastores where the image can be stored in the VMWare store backend. This option may be specified multiple times for specifying multiple datastores. The datastore name should be specified after its datacenter path, separated by ”:”. An optional weight may be given after the datastore name, separated again by ”:” to specify the priority. Thus, the required format becomes <datacenter_path>:<datastore_name>:<optional_weight>. When adding an image, the datastore with highest weight will be selected, unless there is not enough free space available in cases where the image size is already known. If no weight is given, it is assumed to be zero and the directory will be considered for selection last. If multiple datastores have the same weight, then the one with the most free space available is selected. Possible Values: * Any string of the format: <datacenter_path>:<datastore_name>:<optional_weight> Related options: * None
Type: | string |
---|---|
Default: | volumev2::publicURL |
Info to match when looking for cinder in the service catalog. Format is : separated values of the form: <service_type>:<service_name>:<endpoint_type>
Type: | string |
---|---|
Default: | <None> |
Override service catalog lookup with template for cinder endpoint.
Type: | string |
---|---|
Default: | <None> |
Region name of this node. If specified, it will be used to locate OpenStack services for stores.
Group | Name |
---|---|
glance_store | os_region_name |
Type: | string |
---|---|
Default: | <None> |
Location of ca certificates file to use for cinder client requests.
Type: | integer |
---|---|
Default: | 3 |
Number of cinderclient retries on failed http calls
Type: | integer |
---|---|
Default: | 300 |
Time period of time in seconds to wait for a cinder volume transition to complete.
Type: | boolean |
---|---|
Default: | false |
Allow to perform insecure SSL requests to cinder
Type: | string |
---|---|
Default: | <None> |
The address where the Cinder authentication service is listening. If <None>, the cinder endpoint in the service catalog is used.
Type: | string |
---|---|
Default: | <None> |
User name to authenticate against Cinder. If <None>, the user of current context is used.
Type: | string |
---|---|
Default: | <None> |
Password for the user authenticating against Cinder. If <None>, the current context auth token is used.
Type: | string |
---|---|
Default: | <None> |
Project name where the image is stored in Cinder. If <None>, the project in current context is used.
Type: | string |
---|---|
Default: | /etc/glance/rootwrap.conf |
Path to the rootwrap configuration file to use for running commands as root.
Type: | boolean |
---|---|
Default: | false |
If True, swiftclient won’t check for a valid SSL certificate when authenticating.
Type: | string |
---|---|
Default: | <None> |
A string giving the CA certificate file to use in SSL connections for verifying certs.
Type: | string |
---|---|
Default: | <None> |
The region of the swift endpoint to be used for single tenant. This setting is only necessary if the tenant has multiple swift endpoints.
Type: | string |
---|---|
Default: | <None> |
If set, the configured endpoint will be used. If None, the storage url from the auth response will be used.
Type: | string |
---|---|
Default: | publicURL |
A string giving the endpoint type of the swift service to use (publicURL, adminURL or internalURL). This setting is only used if swift_store_auth_version is 2.
Type: | string |
---|---|
Default: | object-store |
A string giving the service type of the swift service to use. This setting is only used if swift_store_auth_version is 2.
Type: | string |
---|---|
Default: | glance |
Name of single container to store images/name prefix for multiple containers When a single container is being used to store images, this configuration option indicates the container within the Glance account to be used for storing all images. When multiple containers are used to store images, this will be the name prefix for all containers. Usage of single/multiple containers can be controlled using the configuration option swift_store_multiple_containers_seed. When using multiple containers, the containers will be named after the value set for this configuration option with the first N chars of the image UUID as the suffix delimited by an underscore (where N is specified by swift_store_multiple_containers_seed). Example: if the seed is set to 3 and swift_store_container = glance, then an image with UUID fdae39a1-bac5-4238-aba4-69bcc726e848 would be placed in the container glance_fda. All dashes in the UUID are included when creating the container name but do not count toward the character limit, so when N=10 the container name would be glance_fdae39a1-ba. Services which consume this: * None (directly consumed by the Swift driver) Possible values: * If using single container, this configuration option can be any string that is a valid swift container name in Glance’s Swift account * If using multiple containers, this configuration option can be any string as long as it satisfies the container naming rules enforced by Swift. The value of swift_store_multiple_containers_seed should be taken into account as well. Related options: * swift_store_multiple_containers_seed * swift_store_multi_tenant * swift_store_create_container_on_put
Type: | integer |
---|---|
Default: | 5120 |
Minimum Value: | 1 |
The size threshold, in MB, after which Glance will start segmenting image data. Swift has an upper limit on the size of a single uploaded object. By default, this is 5GB. To upload objects bigger than this limit, objects are segmented into multiple smaller objects that are tied together with a manifest file. For more detail, refer to http://docs.openstack.org/developer/swift/overview_large_objects.html This configuration option specifies the size threshold over which the Swift driver will start segmenting image data into multiple smaller files. Currently, the Swift driver only supports creating Dynamic Large Objects. NOTE: This should be set by taking into account the large object limit enforced by the Swift cluster in consideration. Services which consume this: * None (directly consumed by the Swift driver) Possible values: * A positive integer that is less than or equal to the large object limit enforced by the Swift cluster in consideration. Related options: * swift_store_large_object_chunk_size
Type: | integer |
---|---|
Default: | 200 |
Minimum Value: | 1 |
The maximum size, in MB, of the segments when image data is segmented. When image data is segmented to upload images that are larger than the limit enforced by the Swift cluster, image data is broken into segments that are no bigger than the size specified by this configuration option. Refer to swift_store_large_object_size for more detail. For example: if swift_store_large_object_size is 5GB and swift_store_large_object_chunk_size is 1GB, an image of size 6.2GB will be segmented into 7 segments where the first six segments will be 1GB in size and the seventh segment will be 0.2GB. Services which consume this: * None (directly consumed by the Swift driver) Possible values: * A positive integer that is less than or equal to the large object limit enforced by Swift cluster in consideration. Related options: * swift_store_large_object_size
Type: | boolean |
---|---|
Default: | false |
Create container, if it doesn’t already exist, when uploading image. At the time of uploading an image, if the corresponding container doesn’t exist, it will be created provided this configuration option is set to True. By default, it won’t be created. This behavior is applicable for both single and multiple containers mode. Services which consume this: * None (directly consumed by the Swift driver) Possible values: * True * False Related options: * None
Type: | boolean |
---|---|
Default: | false |
Store images in tenant’s Swift account. This enables multi-tenant storage mode which causes Glance images to be stored in tenant specific Swift accounts. If this is disabled, Glance stores all images in its own account. More details multi-tenant store can be found at https://wiki.openstack.org/wiki/GlanceSwiftTenantSpecificStorage Services which consume this: * None (directly consumed by the Swift driver) Possible values: * True * False Related options: * None
Type: | integer |
---|---|
Default: | 0 |
Minimum Value: | 0 |
Maximum Value: | 32 |
Seed indicating the number of containers to use for storing images. When using a single-tenant store, images can be stored in one or more than one containers. When set to 0, all images will be stored in one single container. When set to an integer value between 1 and 32, multiple containers will be used to store images. This configuration option will determine how many containers are created. The total number of containers that will be used is equal to 16^N, so if this config option is set to 2, then 16^2=256 containers will be used to store images. Please refer to swift_store_container for more detail on the naming convention. More detail about using multiple containers can be found at https://specs.openstack.org/openstack/glance-specs/specs/kilo/swift-store-multiple-containers.html NOTE: This is used only when swift_store_multi_tenant is disabled. Services which consume this: * None (directly consumed only by the Swift driver) Possible values: * A non-negative integer less than or equal to 32 Related options: * swift_store_container * swift_store_multi_tenant * swift_store_create_container_on_put
Type: | list |
---|---|
Default: |
A list of tenants that will be granted read/write access on all Swift containers created by Glance in multi-tenant mode.
Type: | boolean |
---|---|
Default: | true |
If set to False, disables SSL layer compression of https swift requests. Setting to False may improve performance for images which are already in a compressed format, eg qcow2.
Type: | integer |
---|---|
Default: | 0 |
The number of times a Swift download will be retried before the request fails.
Type: | integer |
---|---|
Default: | 60 |
The period of time (in seconds) before token expiration when glance_store will try to request new user token. Default value 60 sec means that if token is going to expire in 1 min then glance_store requests new user token.
Type: | boolean |
---|---|
Default: | true |
If set to True create a trust for each add/get request to Multi-tenant store in order to prevent authentication token to be expired during uploading/downloading data. If set to False then user token is used for Swift connection (so no overhead on trust creation). Please note that this option is considered only and only if swift_store_multi_tenant=True
Type: | string |
---|---|
Default: | ref1 |
The reference to the default swift account/backing store parameters to use for adding new images.
Type: | string |
---|---|
Default: | 2 |
Version of the authentication service to use. Valid versions are 2 and 3 for keystone and 1 (deprecated) for swauth and rackspace.
Warning
This option is deprecated for removal. Its value may be silently ignored in the future.
Reason: | Use “auth_version” in swift_store_config_file. |
---|
Type: | string |
---|---|
Default: | <None> |
The address where the Swift authentication service is listening.
Warning
This option is deprecated for removal. Its value may be silently ignored in the future.
Reason: | Use “auth_address” in swift_store_config_file |
---|
Type: | string |
---|---|
Default: | <None> |
The user to authenticate against the Swift authentication service.
Warning
This option is deprecated for removal. Its value may be silently ignored in the future.
Reason: | Use “user” in swift_store_config_file. |
---|
Type: | string |
---|---|
Default: | <None> |
Auth key for the user authenticating against the Swift authentication service.
Warning
This option is deprecated for removal. Its value may be silently ignored in the future.
Reason: | Use “key” in swift_store_config_file. |
---|
Type: | string |
---|---|
Default: | <None> |
The config file that has the swift account(s)configs.
Type: | boolean |
---|---|
Default: | false |
Enables or disables inter-process locks.
Group | Name |
---|---|
DEFAULT | disable_process_locking |
Type: | string |
---|---|
Default: | <None> |
Directory to use for lock files. For security, the specified directory should only be writable by the user running the processes that need locking. Defaults to environment variable OSLO_LOCK_PATH. If external locks are used, a lock path must be set.
Group | Name |
---|---|
DEFAULT | lock_path |
Type: | string |
---|---|
Default: | policy.json |
The JSON file that defines policies.
Group | Name |
---|---|
DEFAULT | policy_file |
Type: | string |
---|---|
Default: | default |
Default rule. Enforced when a requested rule is not found.
Group | Name |
---|---|
DEFAULT | policy_default_rule |
Type: | multi-valued |
---|---|
Default: | policy.d |
Directories where policy configuration files are stored. They can be relative to any directory in the search path defined by the config_dir option, or absolute paths. The file defined by policy_file must exist for these directories to be searched. Missing or empty directories are ignored.
Group | Name |
---|---|
DEFAULT | policy_dirs |