[DEFAULT]
#
# From nova
#
# Number of times to retry live-migration before failing. If == -1, try until
# out of hosts. If == 0, only try once, no retries. (integer value)
#migrate_max_retries = -1
# The topic console auth proxy nodes listen on (string value)
#consoleauth_topic = consoleauth
# DEPRECATED: The driver to use for database access (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#db_driver = nova.db
# Backend to use for IPv6 generation (string value)
#ipv6_backend = rfc2462
# The driver for servicegroup service. (string value)
# Allowed values: db, mc
#servicegroup_driver = db
# Image ID used when starting up a cloudpipe vpn server (string value)
#vpn_image_id = 0
# Flavor for vpn instances (string value)
#vpn_flavor = m1.tiny
# Template for cloudpipe instance boot script (string value)
#boot_script_template = $pybasedir/nova/cloudpipe/bootscript.template
# Network to push into openvpn config (string value)
#dmz_net = 10.0.0.0
# Netmask to push into openvpn config (string value)
#dmz_mask = 255.255.255.0
# Suffix to add to project name for vpn key and secgroups (string value)
#vpn_key_suffix = -vpn
# This is the filename that will be used for storing websocket frames received
# and sent by a proxy service (like VNC, spice, serial) running on this host.
# If this is not set (default), no recording will be done. (string value)
#record = <None>
# Become a daemon (background process) (boolean value)
#daemon = false
# Disallow non-encrypted connections (boolean value)
#ssl_only = false
# Source is ipv6 (boolean value)
#source_is_ipv6 = false
# SSL certificate file (string value)
#cert = self.pem
# SSL key file (if separate from cert) (string value)
#key = <None>
# Run webserver on same port. Serve files from DIR. (string value)
#web = /usr/share/spice-html5
# Driver to use for the console proxy (string value)
console_driver = nova.console.fake.FakeConsoleProxy
# Stub calls to compute worker for tests (boolean value)
#stub_compute = false
# Publicly visible name for this console host (string value)
#console_public_hostname =
# The topic console proxy nodes listen on (string value)
#console_topic = console
# XVP conf template (string value)
#console_xvp_conf_template = $pybasedir/nova/console/xvp.conf.template
# Generated XVP conf file (string value)
#console_xvp_conf = /etc/xvp.conf
# XVP master process pid file (string value)
#console_xvp_pid = /var/run/xvp.pid
# XVP log file (string value)
#console_xvp_log = /var/log/xvp.log
# Port for XVP to multiplex VNC connections on (integer value)
# Minimum value: 1
# Maximum value: 65535
#console_xvp_multiplex_port = 5900
# How many seconds before deleting tokens (integer value)
#console_token_ttl = 600
# Filename of root CA (string value)
#ca_file = cacert.pem
# Filename of private key (string value)
#key_file = private/cakey.pem
# Filename of root Certificate Revocation List (string value)
#crl_file = crl.pem
# Where we keep our keys (string value)
#keys_path = $state_path/keys
# Where we keep our root CA (string value)
#ca_path = $state_path/CA
# Should we use a CA for each project? (boolean value)
#use_project_ca = false
# Subject for certificate for users, %s for project, user, timestamp (string
# value)
#user_cert_subject = /C=US/ST=California/O=OpenStack/OU=NovaDev/CN=%.16s-%.16s-%s
# Subject for certificate for projects, %s for project, timestamp (string
# value)
#project_cert_subject = /C=US/ST=California/O=OpenStack/OU=NovaDev/CN=project-ca-%.16s-%s
# Services to be added to the available pool on create (boolean value)
#enable_new_services = true
# Template string to be used to generate instance names (string value)
#instance_name_template = instance-%08x
# Template string to be used to generate snapshot names (string value)
#snapshot_name_template = snapshot-%s
# When set, compute API will consider duplicate hostnames invalid within the
# specified scope, regardless of case. Should be empty, "project" or "global".
# (string value)
#osapi_compute_unique_server_name_scope =
# Make exception message format errors fatal (boolean value)
#fatal_exception_format_errors = false
# IP address of this host (string value)
#my_ip =
# Block storage IP address of this host (string value)
#my_block_storage_ip = $my_ip
# Name of this node. This can be an opaque identifier. It is not necessarily
# a hostname, FQDN, or IP address. However, the node name must be valid within
# an AMQP key, and if using ZeroMQ, a valid hostname, FQDN, or IP address
# (string value)
#host =
# Use IPv6 (boolean value)
#use_ipv6 = false
# If set, send compute.instance.update notifications on instance state changes.
# Valid values are None for no notifications, "vm_state" for notifications on
# VM state changes, or "vm_and_task_state" for notifications on VM and task
# state changes. (string value)
#notify_on_state_change = <None>
# If set, send api.fault notifications on caught exceptions in the API service.
# (boolean value)
#notify_api_faults = false
# Default notification level for outgoing notifications (string value)
# Allowed values: DEBUG, INFO, WARN, ERROR, CRITICAL
#default_notification_level = INFO
# Default publisher_id for outgoing notifications (string value)
#default_publisher_id = <None>
# DEPRECATED: THIS VALUE SHOULD BE SET WHEN CREATING THE NETWORK. If True in
# multi_host mode, all compute hosts share the same dhcp address. The same IP
# address used for DHCP will be added on each nova-network node which is only
# visible to the vms on the same host. (boolean value)
#share_dhcp_address = false
# DEPRECATED: THIS VALUE SHOULD BE SET WHEN CREATING THE NETWORK. MTU setting
# for network interface. (integer value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#network_device_mtu = <None>
# Directory where the nova python module is installed (string value)
pybasedir = /usr/lib/python2.7/vendor-packages
# Directory where nova binaries are installed (string value)
bindir = /usr/lib/nova
# Top-level directory for maintaining nova's state (string value)
state_path = /var/lib/nova
# Number of instances allowed per project (integer value)
#quota_instances = 10
# Number of instance cores allowed per project (integer value)
#quota_cores = 20
# Megabytes of instance RAM allowed per project (integer value)
#quota_ram = 51200
# Number of floating IPs allowed per project (integer value)
#quota_floating_ips = 10
# Number of fixed IPs allowed per project (this should be at least the number
# of instances allowed) (integer value)
#quota_fixed_ips = -1
# Number of metadata items allowed per instance (integer value)
#quota_metadata_items = 128
# Number of injected files allowed (integer value)
#quota_injected_files = 5
# Number of bytes allowed per injected file (integer value)
#quota_injected_file_content_bytes = 10240
# Length of injected file path (integer value)
#quota_injected_file_path_length = 255
# Number of security groups per project (integer value)
#quota_security_groups = 10
# Number of security rules per security group (integer value)
#quota_security_group_rules = 20
# Number of key pairs per user (integer value)
#quota_key_pairs = 100
# Number of server groups per project (integer value)
#quota_server_groups = 10
# Number of servers per server group (integer value)
#quota_server_group_members = 10
# Number of seconds until a reservation expires (integer value)
#reservation_expire = 86400
# Count of reservations until usage is refreshed. This defaults to 0(off) to
# avoid additional load but it is useful to turn on to help keep quota usage up
# to date and reduce the impact of out of sync usage issues. (integer value)
#until_refresh = 0
# Number of seconds between subsequent usage refreshes. This defaults to 0(off)
# to avoid additional load but it is useful to turn on to help keep quota usage
# up to date and reduce the impact of out of sync usage issues. Note that
# quotas are not updated on a periodic task, they will update on a new
# reservation if max_age has passed since the last reservation (integer value)
#max_age = 0
# Default driver to use for quota checks (string value)
#quota_driver = nova.quota.DbQuotaDriver
# Seconds between nodes reporting state to datastore (integer value)
#report_interval = 10
# Enable periodic tasks (boolean value)
#periodic_enable = true
# Range of seconds to randomly delay when starting the periodic task scheduler
# to reduce stampeding. (Disable by setting to 0) (integer value)
#periodic_fuzzy_delay = 60
# A list of APIs to enable by default (list value)
#enabled_apis = osapi_compute,metadata
# A list of APIs with enabled SSL (list value)
#enabled_ssl_apis =
# The IP address on which the OpenStack API will listen. (string value)
#osapi_compute_listen = 0.0.0.0
# The port on which the OpenStack API will listen. (integer value)
# Minimum value: 1
# Maximum value: 65535
#osapi_compute_listen_port = 8774
# Number of workers for OpenStack API service. The default will be the number
# of CPUs available. (integer value)
osapi_compute_workers = 1
# DEPRECATED: OpenStack metadata service manager (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#metadata_manager = nova.api.manager.MetadataManager
# The IP address on which the metadata API will listen. (string value)
#metadata_listen = 0.0.0.0
# The port on which the metadata API will listen. (integer value)
# Minimum value: 1
# Maximum value: 65535
#metadata_listen_port = 8775
# Number of workers for metadata service. The default will be the number of
# CPUs available. (integer value)
metadata_workers = 1
# DEPRECATED: Full class name for the Manager for compute (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#compute_manager = nova.compute.manager.ComputeManager
# DEPRECATED: Full class name for the Manager for console proxy (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#console_manager = nova.console.manager.ConsoleProxyManager
# DEPRECATED: Manager for console auth (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#consoleauth_manager = nova.consoleauth.manager.ConsoleAuthManager
# DEPRECATED: Full class name for the Manager for cert (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#cert_manager = nova.cert.manager.CertManager
# Full class name for the Manager for network (string value)
#network_manager = nova.network.manager.VlanManager
# DEPRECATED: Full class name for the Manager for scheduler (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#scheduler_manager = nova.scheduler.manager.SchedulerManager
# Maximum time since last check-in for up service (integer value)
#service_down_time = 60
# Whether to apply monkey patching (boolean value)
#monkey_patch = false
# List of modules/decorators to monkey patch (list value)
#monkey_patch_modules = nova.compute.api:nova.notifications.notify_decorator
# Length of generated instance admin passwords (integer value)
#password_length = 12
# Time period to generate instance usages for. Time period must be hour, day,
# month or year (string value)
#instance_usage_audit_period = month
# Start and use a daemon that can run the commands that need to be run with
# root privileges. This option is usually enabled on nodes that run nova
# compute processes (boolean value)
#use_rootwrap_daemon = false
# Path to the rootwrap configuration file to use for running commands as root
# (string value)
#rootwrap_config = /etc/nova/rootwrap.conf
# Explicitly specify the temporary working directory (string value)
#tempdir = <None>
# DEPRECATED: The full class name of the volume API class to use (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#volume_api_class = nova.volume.cinder.API
#
# From nova.api
#
# File to load JSON formatted vendor data from (string value)
#vendordata_jsonfile_path = <None>
# Permit instance snapshot operations. (boolean value)
#allow_instance_snapshots = true
# Whether to use per-user rate limiting for the api. This option is only used
# by v2 api. Rate limiting is removed from v2.1 api. (boolean value)
#api_rate_limit = false
#
# The strategy to use for auth: keystone or noauth2. noauth2 is designed for
# testing only, as it does no actual credential checking. noauth2 provides
# administrative credentials only if 'admin' is specified as the username.
# (string value)
# Allowed values: keystone, noauth2
#auth_strategy = keystone
# Treat X-Forwarded-For as the canonical remote address. Only enable this if
# you have a sanitizing proxy. (boolean value)
#use_forwarded_for = false
# List of metadata versions to skip placing into the config drive (string
# value)
#config_drive_skip_versions = 1.0 2007-01-19 2007-03-01 2007-08-29 2007-10-10 2007-12-15 2008-02-01 2008-09-01
# DEPRECATED: Driver to use for vendor data (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#vendordata_driver = nova.api.metadata.vendordata_json.JsonFileVendorData
# Time in seconds to cache metadata; 0 to disable metadata caching entirely
# (not recommended). Increasingthis should improve response times of the
# metadata API when under heavy load. Higher values may increase memoryusage
# and result in longer times for host metadata changes to take effect. (integer
# value)
#metadata_cache_expiration = 15
# The maximum number of items returned in a single response from a collection
# resource (integer value)
#osapi_max_limit = 1000
# Base URL that will be presented to users in links to the OpenStack Compute
# API (string value)
#osapi_compute_link_prefix = <None>
# Base URL that will be presented to users in links to glance resources (string
# value)
#osapi_glance_link_prefix = <None>
# DEPRECATED: Specify list of extensions to load when using
# osapi_compute_extension option with
# nova.api.openstack.compute.legacy_v2.contrib.select_extensions This option
# will be removed in the near future. After that point you have to run all of
# the API. (list value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#osapi_compute_ext_list =
# Full path to fping. (string value)
fping_path = /usr/bin/fping
# Enables or disables quota checking for tenant networks (boolean value)
#enable_network_quota = false
# Control for checking for default networks (string value)
#use_neutron_default_nets = False
# Default tenant id when creating neutron networks (string value)
#neutron_default_tenant_id = default
# Number of private networks allowed per project (integer value)
#quota_networks = 3
# osapi compute extension to load. This option will be removed in the near
# future. After that point you have to run all of the API. (multi valued)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#osapi_compute_extension = nova.api.openstack.compute.legacy_v2.contrib.standard_extensions
# List of instance states that should hide network info (list value)
#osapi_hide_server_address_states = building
# Enables returning of the instance password by the relevant server API calls
# such as create, rebuild or rescue, If the hypervisor does not support
# password injection then the password returned will not be correct (boolean
# value)
#enable_instance_password = true
#
# From nova.cache_utils
#
# DEPRECATED: Memcached servers or None for in process cache.
# "memcached_servers" opt is deprecated in Mitaka. In Newton release oslo.cache
# config options should be used as this option will be removed. Please add a
# [cache] group in your nova.conf file and add "enable" and "memcache_servers"
# option in this section. (list value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#memcached_servers = <None>
#
# From nova.compute
#
# Default flavor to use for the EC2 API only. The Nova API does not support a
# default flavor. (string value)
#default_flavor = m1.small
# Console proxy host to use to connect to instances on this host. (string
# value)
#console_host =
# Name of network to use to set access IPs for instances (string value)
#default_access_ip_network_name = <None>
# Whether to batch up the application of IPTables rules during a host restart
# and apply all at the end of the init phase (boolean value)
#defer_iptables_apply = false
# Where instances are stored on disk (string value)
#instances_path = $state_path/instances
# Generate periodic compute.instance.exists notifications (boolean value)
#instance_usage_audit = false
# Number of 1 second retries needed in live_migration (integer value)
#live_migration_retry_count = 30
# Whether to start guests that were running before the host rebooted (boolean
# value)
#resume_guests_state_on_host_boot = false
# Number of times to retry network allocation on failures (integer value)
#network_allocate_retries = 0
# Maximum number of instance builds to run concurrently (integer value)
#max_concurrent_builds = 10
# Maximum number of live migrations to run concurrently. This limit is enforced
# to avoid outbound live migrations overwhelming the host/network and causing
# failures. It is not recommended that you change this unless you are very sure
# that doing so is safe and stable in your environment. (integer value)
#max_concurrent_live_migrations = 1
# Number of times to retry block device allocation on failures.
# Starting with Liberty, Cinder can use image volume cache. This may help with
# block device allocation performance. Look at the cinder
# image_volume_cache_enabled configuration option. (integer value)
#block_device_allocate_retries = 60
# The number of times to attempt to reap an instance's files. (integer value)
#maximum_instance_delete_attempts = 5
# Interval to pull network bandwidth usage info. Not supported on all
# hypervisors. Set to -1 to disable. Setting this to 0 will run at the default
# rate. (integer value)
#bandwidth_poll_interval = 600
# Interval to sync power states between the database and the hypervisor. Set to
# -1 to disable. Setting this to 0 will run at the default rate. (integer
# value)
#sync_power_state_interval = 600
# Number of seconds between instance network information cache updates (integer
# value)
#heal_instance_info_cache_interval = 60
# Interval in seconds for reclaiming deleted instances. It takes effect only
# when value is greater than 0. (integer value)
# Minimum value: 0
#reclaim_instance_interval = 0
# Interval in seconds for gathering volume usages (integer value)
#volume_usage_poll_interval = 0
# Interval in seconds for polling shelved instances to offload. Set to -1 to
# disable.Setting this to 0 will run at the default rate. (integer value)
#shelved_poll_interval = 3600
# Time in seconds before a shelved instance is eligible for removing from a
# host. -1 never offload, 0 offload immediately when shelved (integer value)
#shelved_offload_time = 0
# Interval in seconds for retrying failed instance file deletes. Set to -1 to
# disable. Setting this to 0 will run at the default rate. (integer value)
#instance_delete_interval = 300
# Waiting time interval (seconds) between block device allocation retries on
# failures (integer value)
#block_device_allocate_retries_interval = 3
# Waiting time interval (seconds) between sending the scheduler a list of
# current instance UUIDs to verify that its view of instances is in sync with
# nova. If the CONF option `scheduler_tracks_instance_changes` is False,
# changing this option will have no effect. (integer value)
#scheduler_instance_sync_interval = 120
# Interval in seconds for updating compute resources. A number less than 0
# means to disable the task completely. Leaving this at the default of 0 will
# cause this to run at the default periodic interval. Setting it to any
# positive value will cause it to run at approximately that number of seconds.
# (integer value)
#update_resources_interval = 0
# Action to take if a running deleted instance is detected.Set to 'noop' to
# take no action. (string value)
# Allowed values: noop, log, shutdown, reap
#running_deleted_instance_action = reap
# Number of seconds to wait between runs of the cleanup task. (integer value)
#running_deleted_instance_poll_interval = 1800
# Number of seconds after being deleted when a running instance should be
# considered eligible for cleanup. (integer value)
#running_deleted_instance_timeout = 0
# Automatically hard reboot an instance if it has been stuck in a rebooting
# state longer than N seconds. Set to 0 to disable. (integer value)
#reboot_timeout = 0
# Amount of time in seconds an instance can be in BUILD before going into ERROR
# status. Set to 0 to disable. (integer value)
#instance_build_timeout = 0
# Automatically unrescue an instance after N seconds. Set to 0 to disable.
# (integer value)
#rescue_timeout = 0
# Automatically confirm resizes and cold migrations after N seconds. Set to 0
# to disable. (integer value)
#resize_confirm_window = 0
# Total amount of time to wait in seconds for an instance to perform a clean
# shutdown. (integer value)
#shutdown_timeout = 60
# Monitor classes available to the compute which may be specified more than
# once. This option is DEPRECATED and no longer used. Use setuptools entry
# points to list available monitor plugins. (multi valued)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#compute_available_monitors =
# A list of monitors that can be used for getting compute metrics. You can use
# the alias/name from the setuptools entry points for nova.compute.monitors.*
# namespaces. If no namespace is supplied, the "cpu." namespace is assumed for
# backwards-compatibility. An example value that would enable both the CPU and
# NUMA memory bandwidth monitors that used the virt driver variant:
# ["cpu.virt_driver", "numa_mem_bw.virt_driver"] (list value)
#compute_monitors =
# Amount of disk in MB to reserve for the host (integer value)
#reserved_host_disk_mb = 0
# Amount of memory in MB to reserve for the host (integer value)
#reserved_host_memory_mb = 512
# DEPRECATED: Class that will manage stats for the local compute host (string
# value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#compute_stats_class = nova.compute.stats.Stats
# DEPRECATED: The names of the extra resources to track. The Extensible
# Resource Tracker is deprecated and will be removed in the 14.0.0 release. If
# you use this functionality and have custom resources that are managed by the
# Extensible Resource Tracker, please contact the Nova development team by
# posting to the openstack-dev mailing list. There is no future planned support
# for the tracking of custom resources. (list value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#compute_resources =
# Virtual CPU to physical CPU allocation ratio which affects all CPU filters.
# This configuration specifies a global ratio for CoreFilter. For
# AggregateCoreFilter, it will fall back to this configuration value if no per-
# aggregate setting found. NOTE: This can be set per-compute, or if set to 0.0,
# the value set on the scheduler node(s) will be used and defaulted to 16.0
# (floating point value)
#cpu_allocation_ratio = 0.0
# Virtual ram to physical ram allocation ratio which affects all ram filters.
# This configuration specifies a global ratio for RamFilter. For
# AggregateRamFilter, it will fall back to this configuration value if no per-
# aggregate setting found. NOTE: This can be set per-compute, or if set to 0.0,
# the value set on the scheduler node(s) will be used and defaulted to 1.5
# (floating point value)
#ram_allocation_ratio = 0.0
# This is the virtual disk to physical disk allocation ratio used by the
# disk_filter.py script to determine if a host has sufficient disk space to fit
# a requested instance. A ratio greater than 1.0 will result in over-
# subscription of the available physical disk, which can be useful for more
# efficiently packing instances created with images that do not use the entire
# virtual disk,such as sparse or compressed images. It can be set to a value
# between 0.0 and 1.0 in order to preserve a percentage of the disk for uses
# other than instances.NOTE: This can be set per-compute, or if set to 0.0, the
# value set on the scheduler node(s) will be used and defaulted to 1.0
# (floating point value)
#disk_allocation_ratio = 0.0
# The topic compute nodes listen on (string value)
#compute_topic = compute
#
# From nova.conf
#
# The availability_zone to show internal services under (string value)
#internal_service_availability_zone = internal
# Default compute node availability_zone (string value)
#default_availability_zone = nova
#
# Determines the RPC topic that the cert nodes listen on. The default is
# 'cert',
# and for most deployments there is no need to ever change it.
#
# Possible values:
#
# Any string.
#
# * Services which consume this:
#
# ``nova-cert``
#
# * Related options:
#
# None
# (string value)
#cert_topic = cert
# Allow destination machine to match source for resize. Useful when testing in
# single-host environments. (boolean value)
#allow_resize_to_same_host = false
# Availability zone to use when user doesn't specify one (string value)
#default_schedule_zone = <None>
# These are image properties which a snapshot should not inherit from an
# instance (list value)
#non_inheritable_image_properties = cache_in_nova,bittorrent
# Kernel image that indicates not to use a kernel, but to use a raw disk image
# instead (string value)
#null_kernel = nokernel
# When creating multiple instances with a single request using the os-multiple-
# create API extension, this template will be used to build the display name
# for each instance. The benefit is that the instances end up with different
# hostnames. To restore legacy behavior of every instance having the same name,
# set this option to "%(name)s". Valid keys for the template are: name, uuid,
# count. (string value)
#multi_instance_display_name_template = %(name)s-%(count)d
# Maximum number of devices that will result in a local image being created on
# the hypervisor node. A negative number means unlimited. Setting
# max_local_block_devices to 0 means that any request that attempts to create a
# local disk will fail. This option is meant to limit the number of local discs
# (so root local disc that is the result of --image being used, and any other
# ephemeral and swap disks). 0 does not mean that images will be automatically
# converted to volumes and boot instances from volumes - it just means that all
# requests that attempt to create a local disk will fail. (integer value)
#max_local_block_devices = 3
#
# An alias for a PCI passthrough device requirement.
#
# This allows users to specify the alias in the extra_spec for a flavor,
# without
# needing to repeat all the PCI property requirements.
#
# Possible Values:
#
# * A list of JSON values which describe the aliases. For example:
#
# pci_alias = {
# "name": "QuickAssist",
# "product_id": "0443",
# "vendor_id": "8086",
# "device_type": "type-PCI"
# }
#
# defines an alias for the Intel QuickAssist card. (multi valued). Valid key
# values are :
#
# * "name"
# * "product_id"
# * "vendor_id"
# * "device_type"
#
# Services which consume this:
#
# * nova-compute
#
# Related options:
#
# * None (multi valued)
#pci_alias =
#
# White list of PCI devices available to VMs.
#
# Possible values:
#
# * A JSON dictionary which describe a whitelisted PCI device. It should take
# the following format:
#
# ["device_id": "<id>",] ["product_id": "<id>",]
# ["address": "[[[[<domain>]:]<bus>]:][<slot>][.[<function>]]" |
# "devname": "PCI Device Name",]
# {"tag": "<tag_value>",}
#
# where '[' indicates zero or one occurrences, '{' indicates zero or multiple
# occurrences, and '|' mutually exclusive options. Note that any missing
# fields are automatically wildcarded. Valid examples are:
#
# pci_passthrough_whitelist = {"devname":"eth0",
# "physical_network":"physnet"}
# pci_passthrough_whitelist = {"address":"*:0a:00.*"}
# pci_passthrough_whitelist = {"address":":0a:00.",
# "physical_network":"physnet1"}
# pci_passthrough_whitelist = {"vendor_id":"1137",
# "product_id":"0071"}
# pci_passthrough_whitelist = {"vendor_id":"1137",
# "product_id":"0071",
# "address": "0000:0a:00.1",
# "physical_network":"physnet1"}
#
# The following are invalid, as they specify mutually exclusive options:
#
# pci_passthrough_whitelist = {"devname":"eth0",
# "physical_network":"physnet",
# "address":"*:0a:00.*"}
#
# * A JSON list of JSON dictionaries corresponding to the above format. For
# example:
#
# pci_passthrough_whitelist = [{"product_id":"0001", "vendor_id":"8086"},
# {"product_id":"0002", "vendor_id":"8086"}]
#
# Services which consume this:
#
# * nova-compute
#
# Related options:
#
# * None (multi valued)
#pci_passthrough_whitelist =
#
# New instances will be scheduled on a host chosen randomly from a subset of
# the
# N best hosts, where N is the value set by this option. Valid values are 1 or
# greater. Any value less than one will be treated as 1.
#
# Setting this to a value greater than 1 will reduce the chance that multiple
# scheduler processes handling similar requests will select the same host,
# creating a potential race condition. By selecting a host randomly from the N
# hosts that best fit the request, the chance of a conflict is reduced.
# However,
# the higher you set this value, the less optimal the chosen host may be for a
# given request.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# None
# (integer value)
#scheduler_host_subset_size = 1
#
# This option specifies the filters used for filtering baremetal hosts. The
# value
# should be a list of strings, with each string being the name of a filter
# class
# to be used. When used, they will be applied in order, so place your most
# restrictive filters first to make the filtering process more efficient.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# If the 'scheduler_use_baremetal_filters' option is False, this option has
# no effect.
# (list value)
#baremetal_scheduler_default_filters = RetryFilter,AvailabilityZoneFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ExactRamFilter,ExactDiskFilter,ExactCoreFilter
#
# Set this to True to tell the nova scheduler that it should use the filters
# specified in the 'baremetal_scheduler_default_filters' option. If you are not
# scheduling baremetal nodes, leave this at the default setting of False.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# If this option is set to True, then the filters specified in the
# 'baremetal_scheduler_default_filters' are used instead of the filters
# specified in 'scheduler_default_filters'.
# (boolean value)
#scheduler_use_baremetal_filters = false
#
# This is an unordered list of the filter classes the Nova scheduler may apply.
# Only the filters specified in the 'scheduler_default_filters' option will be
# used, but any filter appearing in that option must also be included in this
# list.
#
# By default, this is set to all filters that are included with Nova. If you
# wish
# to change this, replace this with a list of strings, where each element is
# the
# path to a filter.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# scheduler_default_filters
# (multi valued)
#scheduler_available_filters = nova.scheduler.filters.all_filters
#
# This option is the list of filter class names that will be used for filtering
# hosts. The use of 'default' in the name of this option implies that other
# filters may sometimes be used, but that is not the case. These filters will
# be
# applied in the order they are listed, so place your most restrictive filters
# first to make the filtering process more efficient.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# All of the filters in this option *must* be present in the
# 'scheduler_available_filters' option, or a SchedulerHostFilterNotFound
# exception will be raised.
# (list value)
#scheduler_default_filters = RetryFilter,AvailabilityZoneFilter,RamFilter,DiskFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter
#
# This is a list of weigher class names. Only hosts which pass the filters are
# weighed. The weight for any host starts at 0, and the weighers order these
# hosts by adding to or subtracting from the weight assigned by the previous
# weigher. Weights may become negative.
#
# An instance will be scheduled to one of the N most-weighted hosts, where N is
# 'scheduler_host_subset_size'.
#
# By default, this is set to all weighers that are included with Nova. If you
# wish to change this, replace this with a list of strings, where each element
# is
# the path to a weigher.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# None
# (list value)
#scheduler_weight_classes = nova.scheduler.weights.all_weighers
#
# The scheduler may need information about the instances on a host in order to
# evaluate its filters and weighers. The most common need for this information
# is
# for the (anti-)affinity filters, which need to choose a host based on the
# instances already running on a host.
#
# If the configured filters and weighers do not need this information,
# disabling
# this option will improve performance. It may also be disabled when the
# tracking
# overhead proves too heavy, although this will cause classes requiring host
# usage data to query the database on each request instead.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# None
# (boolean value)
#scheduler_tracks_instance_changes = true
#
# This is the message queue topic that the scheduler 'listens' on. It is used
# when the scheduler service is started up to configure the queue, and whenever
# an RPC call to the scheduler is made. There is almost never any reason to
# ever
# change this value.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# None
# (string value)
#scheduler_topic = scheduler
#
# The scheduler host manager to use, which manages the in-memory picture of the
# hosts that the scheduler uses.
#
# The option value should be chosen from one of the entrypoints under the
# namespace 'nova.scheduler.host_manager' of file 'setup.cfg'. For example,
# 'host_manager' is the default setting. Aside from the default, the only other
# option as of the Mitaka release is 'ironic_host_manager', which should be
# used
# if you're using Ironic to provision bare-metal instances.
#
# This option also supports a full class path style, for example
# "nova.scheduler.host_manager.HostManager", but note this support is
# deprecated
# and will be dropped in the N release.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# None
# (string value)
#scheduler_host_manager = host_manager
#
# The class of the driver used by the scheduler. This should be chosen from one
# of the entrypoints under the namespace 'nova.scheduler.driver' of file
# 'setup.cfg'. If nothing is specified in this option, the 'filter_scheduler'
# is
# used.
#
# This option also supports deprecated full Python path to the class to be
# used.
# For example, "nova.scheduler.filter_scheduler.FilterScheduler". But note:
# this
# support will be dropped in the N Release.
#
# Other options are:
#
# * 'caching_scheduler' which aggressively caches the system state for
# better
# individual scheduler performance at the risk of more retries when running
# multiple schedulers.
#
# * 'chance_scheduler' which simply picks a host at random.
#
# * 'fake_scheduler' which is used for testing.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# None
# (string value)
#scheduler_driver = filter_scheduler
#
# This value controls how often (in seconds) to run periodic tasks in the
# scheduler. The specific tasks that are run for each period are determined by
# the particular scheduler being used.
#
# If this is larger than the nova-service 'service_down_time' setting, Nova may
# report the scheduler service as down. This is because the scheduler driver is
# responsible for sending a heartbeat and it will only do that as often as this
# option allows. As each scheduler can work a little differently than the
# others,
# be sure to test this with your selected scheduler.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# ``nova-service service_down_time``
# (integer value)
#scheduler_driver_task_period = 60
#
# The absolute path to the scheduler configuration JSON file, if any. This file
# location is monitored by the scheduler for changes and reloads it if needed.
# It
# is converted from JSON to a Python data structure, and passed into the
# filtering and weighing functions of the scheduler, which can use it for
# dynamic
# configuration.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# None
# (string value)
#scheduler_json_config_location =
#
# If there is a need to restrict some images to only run on certain designated
# hosts, list those image UUIDs here.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect. Also note that this setting
# only affects scheduling if the 'IsolatedHostsFilter' filter is enabled.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# scheduler/isolated_hosts
# scheduler/restrict_isolated_hosts_to_isolated_images
# (list value)
#isolated_images =
#
# If there is a need to restrict some images to only run on certain designated
# hosts, list those host names here.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect. Also note that this setting
# only affects scheduling if the 'IsolatedHostsFilter' filter is enabled.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# scheduler/isolated_images
# scheduler/restrict_isolated_hosts_to_isolated_images
# (list value)
#isolated_hosts =
#
# This setting determines if the scheduler's isolated_hosts filter will allow
# non-isolated images on a host designated as an isolated host. When set to
# True
# (the default), non-isolated images will not be allowed to be built on
# isolated
# hosts. When False, non-isolated images can be built on both isolated and
# non-isolated hosts alike.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect. Also note that this setting
# only affects scheduling if the 'IsolatedHostsFilter' filter is enabled. Even
# then, this option doesn't affect the behavior of requests for isolated
# images,
# which will *always* be restricted to isolated hosts.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# scheduler/isolated_images
# scheduler/isolated_hosts
# (boolean value)
#restrict_isolated_hosts_to_isolated_images = true
#
# This setting caps the number of instances on a host that can be actively
# performing IO (in a build, resize, snapshot, migrate, rescue, or unshelve
# task
# state) before that host becomes ineligible to build new instances.
#
# Valid values are positive integers: 1 or greater.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect. Also note that this setting
# only affects scheduling if the 'io_ops_filter' filter is enabled.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# None
# (integer value)
#max_io_ops_per_host = 8
#
# Images and hosts can be configured so that certain images can only be
# scheduled
# to hosts in a particular aggregate. This is done with metadata values set on
# the host aggregate that are identified by beginning with the value of this
# option. If the host is part of an aggregate with such a metadata key, the
# image
# in the request spec must have the value of that metadata in its properties in
# order for the scheduler to consider the host as acceptable.
#
# Valid values are strings.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect. Also note that this setting
# only affects scheduling if the 'aggregate_image_properties_isolation' filter
# is
# enabled.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# aggregate_image_properties_isolation_separator
# (string value)
#aggregate_image_properties_isolation_namespace = <None>
#
# When using the aggregate_image_properties_isolation filter, the relevant
# metadata keys are prefixed with the namespace defined in the
# aggregate_image_properties_isolation_namespace configuration option plus a
# separator. This option defines the separator to be used. It defaults to a
# period ('.').
#
# Valid values are strings.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect. Also note that this setting
# only affects scheduling if the 'aggregate_image_properties_isolation' filter
# is
# enabled.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# aggregate_image_properties_isolation_namespace
# (string value)
#aggregate_image_properties_isolation_separator = .
#
# If you need to limit the number of instances on any given host, set this
# option
# to the maximum number of instances you want to allow. The
# num_instances_filter
# will reject any host that has at least as many instances as this option's
# value.
#
# Valid values are positive integers; setting it to zero will cause all hosts
# to
# be rejected if the num_instances_filter is active.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect. Also note that this setting
# only affects scheduling if the 'num_instances_filter' filter is enabled.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# None
# (integer value)
#max_instances_per_host = 50
#
# This option determines how hosts with more or less available RAM are weighed.
# A
# positive value will result in the scheduler preferring hosts with more
# available RAM, and a negative number will result in the scheduler preferring
# hosts with less available RAM. Another way to look at it is that positive
# values for this option will tend to spread instances across many hosts, while
# negative values will tend to fill up (stack) hosts as much as possible before
# scheduling to a less-used host. The absolute value, whether positive or
# negative, controls how strong the RAM weigher is relative to other weighers.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect. Also note that this setting
# only affects scheduling if the 'ram' weigher is enabled.
#
# Valid values are numeric, either integer or float.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# None
# (floating point value)
#ram_weight_multiplier = 1.0
# Multiplier used for weighing free disk space. Negative numbers mean to stack
# vs spread. (floating point value)
#disk_weight_multiplier = 1.0
#
# This option determines how hosts with differing workloads are weighed.
# Negative
# values, such as the default, will result in the scheduler preferring hosts
# with
# lighter workloads whereas positive values will prefer hosts with heavier
# workloads. Another way to look at it is that positive values for this option
# will tend to schedule instances onto hosts that are already busy, while
# negative values will tend to distribute the workload across more hosts. The
# absolute value, whether positive or negative, controls how strong the io_ops
# weigher is relative to other weighers.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect. Also note that this setting
# only affects scheduling if the 'io_ops' weigher is enabled.
#
# Valid values are numeric, either integer or float.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# None
# (floating point value)
#io_ops_weight_multiplier = -1.0
#
# This is the maximum number of attempts that will be made to schedule an
# instance before it is assumed that the failures aren't due to normal
# occasional
# race conflicts, but rather some other problem. When this is reached a
# MaxRetriesExceeded exception is raised, and the instance is set to an error
# state.
#
# Valid values are positive integers (1 or greater).
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# None
# (integer value)
#scheduler_max_attempts = 3
# Multiplier used for weighing hosts for group soft-affinity. Only a positive
# value is meaningful. Negative means that the behavior will change to the
# opposite, which is soft-anti-affinity. (floating point value)
#soft_affinity_weight_multiplier = 1.0
# Multiplier used for weighing hosts for group soft-anti-affinity. Only a
# positive value is meaningful. Negative means that the behavior will change to
# the opposite, which is soft-affinity. (floating point value)
#soft_anti_affinity_weight_multiplier = 1.0
# Defines which physical CPUs (pCPUs) can be used by instance
# virtual CPUs (vCPUs).
#
# Possible values:
#
# * A comma-separated list of physical CPU numbers that virtual CPUs can be
# allocated to by default. Each element should be either a single CPU number,
# a range of CPU numbers, or a caret followed by a CPU number to be
# excluded from a previous range. For example:
#
# vcpu_pin_set = "4-12,^8,15"
#
# Services which consume this:
#
# * ``nova-scheduler``
# * ``nova-compute``
#
# Interdependencies to other options:
#
# * None
# (string value)
#vcpu_pin_set = <None>
# Defines which driver to use for controlling virtualization.
#
# Possible values:
#
# * ``libvirt.LibvirtDriver``
# * ``xenapi.XenAPIDriver``
# * ``fake.FakeDriver``
# * ``ironic.IronicDriver``
# * ``vmwareapi.VMwareVCDriver``
# * ``hyperv.HyperVDriver``
# * ``solariszones.SolarisZonesDriver``
#
# Services which consume this:
#
# * ``nova-compute``
#
# Interdependencies to other options:
#
# * None
# (string value)
compute_driver = solariszones.SolarisZonesDriver
# The default format an ephemeral_volume will be formatted
# with on creation.
#
# Possible values:
#
# * ``ext2``
# * ``ext3``
# * ``ext4``
# * ``xfs``
# * ``ntfs`` (only for Windows guests)
#
# Services which consume this:
#
# * ``nova-compute``
#
# Interdependencies to other options:
#
# * None
# (string value)
#default_ephemeral_format = <None>
# The image preallocation mode to use. Image preallocation allows
# storage for instance images to be allocated up front when the instance is
# initially provisioned. This ensures immediate feedback is given if enough
# space isn't available. In addition, it should significantly improve
# performance on writes to new blocks and may even improve I/O performance to
# prewritten blocks due to reduced fragmentation.
#
# Possible values:
#
# * "none" => no storage provisioning is done up front
# * "space" => storage is fully allocated at instance start
#
# Services which consume this:
#
# * ``nova-compute``
#
# Interdependencies to other options:
#
# * None
# (string value)
# Allowed values: none, space
#preallocate_images = none
# Enable use of copy-on-write (cow) images.
#
# QEMU/KVM allow the use of qcow2 as backing files. By disabling this,
# backing files will not be used.
#
# Possible values:
#
# * True: Enable use of cow images
# * False: Disable use of cow images
#
# Services which consume this:
#
# * ``nova-compute``
#
# Interdependencies to other options:
#
# * None
# (boolean value)
#use_cow_images = true
# Determine if instance should boot or fail on VIF plugging timeout.
#
# Nova sends a port update to Neutron after an instance has been scheduled,
# providing Neutron with the necessary information to finish setup of the port.
# Once completed, Neutron notifies Nova that it has finished setting up the
# port, at which point Nova resumes the boot of the instance since network
# connectivity is now supposed to be present. A timeout will occur if the reply
# is not received after a given interval.
#
# This option determines what Nova does when the VIF plugging timeout event
# happens. When enabled, the instance will error out. When disabled, the
# instance will continue to boot on the assumption that the port is ready.
#
# Possible values:
#
# * True: Instances should fail after VIF plugging timeout
# * False: Instances should continue booting after VIF plugging timeout
#
# Services which consume this:
#
# * ``nova-compute``
#
# Interdependencies to other options:
#
# * None
# (boolean value)
#vif_plugging_is_fatal = true
# Timeout for Neutron VIF plugging event message arrival.
#
# Number of seconds to wait for Neutron vif plugging events to
# arrive before continuing or failing (see 'vif_plugging_is_fatal'). If this is
# set to zero and 'vif_plugging_is_fatal' is False, events should not be
# expected to arrive at all.
#
# Possible values:
#
# * A time interval in seconds
#
# Services which consume this:
#
# * ``nova-compute``
#
# Interdependencies to other options:
#
# * None
# (integer value)
#vif_plugging_timeout = 300
# Firewall driver to use with ``nova-network`` service.
#
# This option only applies when using the ``nova-network`` service. When using
# another networking services, such as Neutron, this should be to set to the
# ``NoopFirewallDriver``.
#
# If unset (the default), this will default to the hypervisor-specified
# default driver.
#
# Possible values:
#
# * nova.virt.firewall.IptablesFirewallDriver
# * nova.virt.firewall.NoopFirewallDriver
# * nova.virt.libvirt.firewall.IptablesFirewallDriver
# * [...]
#
# Services which consume this:
#
# * nova-network
#
# Interdependencies to other options:
#
# * ``use_neutron``: This must be set to ``False`` to enable ``nova-network``
# networking
# (string value)
#firewall_driver = <None>
# Determine whether to allow network traffic from same network.
#
# When set to true, hosts on the same subnet are not filtered and are allowed
# to pass all types of traffic between them. On a flat network, this allows
# all instances from all projects unfiltered communication. With VLAN
# networking, this allows access between instances within the same project.
#
# This option only applies when using the ``nova-network`` service. When using
# another networking services, such as Neutron, security groups or other
# approaches should be used.
#
# Possible values:
#
# * True: Network traffic should be allowed pass between all instances on the
# same network, regardless of their tenant and security policies
# * False: Network traffic should not be allowed pass between instances unless
# it is unblocked in a security group
#
# Services which consume this:
#
# * nova-network
#
# Interdependencies to other options:
#
# * ``use_neutron``: This must be set to ``False`` to enable ``nova-network``
# networking
# * ``firewall_driver``: This must be set to
# ``nova.virt.libvirt.firewall.IptablesFirewallDriver`` to ensure the
# libvirt firewall driver is enabled.
# (boolean value)
#allow_same_net_traffic = true
# Force conversion of backing images to raw format.
#
# Possible values:
#
# * True: Backing image files will be converted to raw image format
# * False: Backing image files will not be converted
#
# Services which consume this:
#
# * nova-compute
#
# Interdependencies to other options:
#
# * ``compute_driver``: Only the libvirt driver uses this option.
# (boolean value)
#force_raw_images = true
# Template file for injected network (string value)
#injected_network_template = $pybasedir/nova/virt/interfaces.template
# Name of the mkfs commands for ephemeral device. The format is <os_type>=<mkfs
# command> (multi valued)
#virt_mkfs =
# Attempt to resize the filesystem by accessing the image over a block device.
# This is done by the host and may not be necessary if the image contains a
# recent version of cloud-init. Possible mechanisms require the nbd driver (for
# qcow and raw), or loop (for raw). (boolean value)
#resize_fs_using_block_device = false
# Amount of time, in seconds, to wait for NBD device start up. (integer value)
#timeout_nbd = 10
# File name for the paste.deploy config for nova-api (string value)
#api_paste_config = api-paste.ini
# A python format string that is used as the template to generate log lines.
# The following values can be formatted into it: client_ip, date_time,
# request_line, status_code, body_length, wall_seconds. (string value)
#wsgi_log_format = %(client_ip)s "%(request_line)s" status: %(status_code)s len: %(body_length)s time: %(wall_seconds).7f
# The HTTP header used to determine the scheme for the original request, even
# if it was removed by an SSL terminating proxy. Typical value is
# "HTTP_X_FORWARDED_PROTO". (string value)
#secure_proxy_ssl_header = <None>
# CA certificate file to use to verify connecting clients (string value)
#ssl_ca_file = <None>
# SSL certificate of API server (string value)
#ssl_cert_file = <None>
# SSL private key of API server (string value)
#ssl_key_file = <None>
# Sets the value of TCP_KEEPIDLE in seconds for each server socket. Not
# supported on OS X. (integer value)
#tcp_keepidle = 600
# Size of the pool of greenthreads used by wsgi (integer value)
#wsgi_default_pool_size = 1000
# Maximum line size of message headers to be accepted. max_header_line may need
# to be increased when using large tokens (typically those generated by the
# Keystone v3 API with big service catalogs). (integer value)
#max_header_line = 16384
# If False, closes the client socket connection explicitly. (boolean value)
#wsgi_keep_alive = true
# Timeout for client connections' socket operations. If an incoming connection
# is idle for this number of seconds it will be closed. A value of '0' means
# wait forever. (integer value)
#client_socket_timeout = 900
#
# From nova.network
#
# DEPRECATED: The full class name of the network API class to use.
# ``use_neutron`` should be used instead. (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#network_api_class = nova.network.api.API
#
# Whether to use Neutron or Nova Network as the back end for networking.
# Defaults to False (indicating Nova network). Set to True to use neutron.
# (boolean value)
use_neutron = true
# Driver to use for network creation (string value)
network_driver = nova.network.solaris_net
# Default pool for floating IPs (string value)
#default_floating_pool = nova
# Autoassigning floating IP to VM (boolean value)
#auto_assign_floating_ip = false
# Full class name for the DNS Manager for floating IPs (string value)
#floating_ip_dns_manager = nova.network.noop_dns_driver.NoopDNSDriver
# Full class name for the DNS Manager for instance IPs (string value)
#instance_dns_manager = nova.network.noop_dns_driver.NoopDNSDriver
# Full class name for the DNS Zone for instance IPs (string value)
#instance_dns_domain =
# URL for LDAP server which will store DNS entries (string value)
#ldap_dns_url = ldap://ldap.example.com:389
# User for LDAP DNS (string value)
#ldap_dns_user = uid=admin,ou=people,dc=example,dc=org
# Password for LDAP DNS (string value)
#ldap_dns_password = password
# Hostmaster for LDAP DNS driver Statement of Authority (string value)
#ldap_dns_soa_hostmaster = hostmaster@example.org
# DNS Servers for LDAP DNS driver (multi valued)
#ldap_dns_servers = dns.example.org
# Base DN for DNS entries in LDAP (string value)
#ldap_dns_base_dn = ou=hosts,dc=example,dc=org
# Refresh interval (in seconds) for LDAP DNS driver Statement of Authority
# (string value)
#ldap_dns_soa_refresh = 1800
# Retry interval (in seconds) for LDAP DNS driver Statement of Authority
# (string value)
#ldap_dns_soa_retry = 3600
# Expiry interval (in seconds) for LDAP DNS driver Statement of Authority
# (string value)
#ldap_dns_soa_expiry = 86400
# Minimum interval (in seconds) for LDAP DNS driver Statement of Authority
# (string value)
#ldap_dns_soa_minimum = 7200
# Location of flagfiles for dhcpbridge (multi valued)
#dhcpbridge_flagfile = /etc/nova/nova-dhcpbridge.conf
# Location to keep network config files (string value)
#networks_path = $state_path/networks
# Interface for public IP addresses (string value)
#public_interface = eth0
# Location of nova-dhcpbridge (string value)
#dhcpbridge = $bindir/nova-dhcpbridge
# Public IP of network host (string value)
#routing_source_ip = $my_ip
# Lifetime of a DHCP lease in seconds (integer value)
#dhcp_lease_time = 86400
# If set, uses specific DNS server for dnsmasq. Can be specified multiple
# times. (multi valued)
#dns_server =
# If set, uses the dns1 and dns2 from the network ref. as dns servers. (boolean
# value)
#use_network_dns_servers = false
# A list of dmz ranges that should be accepted (list value)
#dmz_cidr =
# Traffic to this range will always be snatted to the fallback IP, even if it
# would normally be bridged out of the node. Can be specified multiple times.
# (multi valued)
#force_snat_range =
# Override the default dnsmasq settings with this file (string value)
#dnsmasq_config_file =
# Driver used to create ethernet devices. (string value)
#linuxnet_interface_driver = nova.network.linux_net.LinuxBridgeInterfaceDriver
# Name of Open vSwitch bridge used with linuxnet (string value)
#linuxnet_ovs_integration_bridge = br-int
# Send gratuitous ARPs for HA setup (boolean value)
#send_arp_for_ha = false
# Send this many gratuitous ARPs for HA setup (integer value)
#send_arp_for_ha_count = 3
# Use single default gateway. Only first nic of vm will get default gateway
# from dhcp server (boolean value)
#use_single_default_gateway = false
# An interface that bridges can forward to. If this is set to all then all
# traffic will be forwarded. Can be specified multiple times. (multi valued)
#forward_bridge_interface = all
# The IP address for the metadata API server (string value)
#metadata_host = $my_ip
# The port for the metadata API port (integer value)
# Minimum value: 1
# Maximum value: 65535
#metadata_port = 8775
# Regular expression to match the iptables rule that should always be on the
# top. (string value)
#iptables_top_regex =
# Regular expression to match the iptables rule that should always be on the
# bottom. (string value)
#iptables_bottom_regex =
# The table that iptables to jump to when a packet is to be dropped. (string
# value)
#iptables_drop_action = DROP
# Amount of time, in seconds, that ovs_vsctl should wait for a response from
# the database. 0 is to wait forever. (integer value)
#ovs_vsctl_timeout = 120
# If passed, use fake network devices and addresses (boolean value)
#fake_network = false
# Number of times to retry ebtables commands on failure. (integer value)
#ebtables_exec_attempts = 3
# Number of seconds to wait between ebtables retries. (floating point value)
#ebtables_retry_interval = 1.0
# Bridge for simple network instances (string value)
#flat_network_bridge = <None>
# DNS server for simple network (string value)
#flat_network_dns = 8.8.4.4
# Whether to attempt to inject network setup into guest (boolean value)
#flat_injected = false
# FlatDhcp will bridge into this interface if set (string value)
#flat_interface = <None>
# First VLAN for private networks (integer value)
# Minimum value: 1
# Maximum value: 4094
#vlan_start = 100
# VLANs will bridge into this interface if set (string value)
#vlan_interface = <None>
# Number of networks to support (integer value)
#num_networks = 1
# Public IP for the cloudpipe VPN servers (string value)
#vpn_ip = $my_ip
# First Vpn port for private networks (integer value)
#vpn_start = 1000
# Number of addresses in each private subnet (integer value)
#network_size = 256
# Fixed IPv6 address block (string value)
#fixed_range_v6 = fd00::/48
# Default IPv4 gateway (string value)
#gateway = <None>
# Default IPv6 gateway (string value)
#gateway_v6 = <None>
# Number of addresses reserved for vpn clients (integer value)
#cnt_vpn_clients = 0
# Seconds after which a deallocated IP is disassociated (integer value)
#fixed_ip_disassociate_timeout = 600
# Number of attempts to create unique mac address (integer value)
#create_unique_mac_address_attempts = 5
# If True, skip using the queue and make local calls (boolean value)
#fake_call = false
# If True, unused gateway devices (VLAN and bridge) are deleted in VLAN network
# mode with multi hosted networks (boolean value)
#teardown_unused_network_gateway = false
# If True, send a dhcp release on instance termination (boolean value)
#force_dhcp_release = true
# If True, when a DNS entry must be updated, it sends a fanout cast to all
# network hosts to update their DNS entries in multi host mode (boolean value)
#update_dns_entries = false
# Number of seconds to wait between runs of updates to DNS entries. (integer
# value)
#dns_update_periodic_interval = -1
# Domain to use for building the hostnames (string value)
#dhcp_domain = novalocal
# Indicates underlying L3 management library (string value)
#l3_lib = nova.network.l3.LinuxNetL3
# The topic network nodes listen on (string value)
#network_topic = network
# Default value for multi_host in networks. Also, if set, some rpc network
# calls will be sent directly to host. (boolean value)
#multi_host = false
# DEPRECATED: The full class name of the security API class (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#security_group_api = nova
#
# From nova.virt
#
# Config drive format. (string value)
# Allowed values: iso9660, vfat
#config_drive_format = iso9660
# Force injection to take place on a config drive (boolean value)
#force_config_drive = false
# Name and optionally path of the tool used for ISO image creation (string
# value)
#mkisofs_cmd = genisoimage
# Number of seconds to wait between runs of the image cache manager. Set to -1
# to disable. Setting this to 0 will run at the default rate. (integer value)
#image_cache_manager_interval = 2400
# Where cached images are stored under $instances_path. This is NOT the full
# path - just a folder name. For per-compute-host cached images, set to
# _base_$my_ip (string value)
#image_cache_subdirectory_name = _base
# Should unused base images be removed? (boolean value)
#remove_unused_base_images = true
# Unused unresized base images younger than this will not be removed (integer
# value)
#remove_unused_original_minimum_age_seconds = 86400
#
# From oslo.log
#
# If set to true, the logging level will be set to DEBUG instead of the default
# INFO level. (boolean value)
#debug = false
# If set to false, the logging level will be set to WARNING instead of the
# default INFO level. (boolean value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#verbose = true
# The name of a logging configuration file. This file is appended to any
# existing logging configuration files. For details about logging configuration
# files, see the Python logging module documentation. Note that when logging
# configuration files are used then all logging configuration is set in the
# configuration file and other logging configuration options are ignored (for
# example, logging_context_format_string). (string value)
# Deprecated group/name - [DEFAULT]/log_config
#log_config_append = <None>
# Defines the format string for %%(asctime)s in log records. Default:
# %(default)s . This option is ignored if log_config_append is set. (string
# value)
#log_date_format = %Y-%m-%d %H:%M:%S
# (Optional) Name of log file to send logging output to. If no default is set,
# logging will go to stderr as defined by use_stderr. This option is ignored if
# log_config_append is set. (string value)
# Deprecated group/name - [DEFAULT]/logfile
#log_file = <None>
# (Optional) The base directory used for relative log_file paths. This option
# is ignored if log_config_append is set. (string value)
# Deprecated group/name - [DEFAULT]/logdir
#log_dir = <None>
# Uses logging handler designed to watch file system. When log file is moved or
# removed this handler will open a new log file with specified path
# instantaneously. It makes sense only if log_file option is specified and
# Linux platform is used. This option is ignored if log_config_append is set.
# (boolean value)
#watch_log_file = false
# Use syslog for logging. Existing syslog format is DEPRECATED and will be
# changed later to honor RFC5424. This option is ignored if log_config_append
# is set. (boolean value)
#use_syslog = false
# Syslog facility to receive log lines. This option is ignored if
# log_config_append is set. (string value)
#syslog_log_facility = LOG_USER
# Log output to standard error. This option is ignored if log_config_append is
# set. (boolean value)
#use_stderr = true
# Format string to use for log messages with context. (string value)
#logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s
# Format string to use for log messages when context is undefined. (string
# value)
#logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s
# Additional data to append to log message when logging level for the message
# is DEBUG. (string value)
#logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d
# Prefix each line of exception output with this format. (string value)
#logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s
# Defines the format string for %(user_identity)s that is used in
# logging_context_format_string. (string value)
#logging_user_identity_format = %(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s
# List of package logging levels in logger=LEVEL pairs. This option is ignored
# if log_config_append is set. (list value)
#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN,keystoneauth=WARN,oslo.cache=INFO,dogpile.core.dogpile=INFO
# Enables or disables publication of error events. (boolean value)
#publish_errors = false
# The format for an instance that is passed with the log message. (string
# value)
#instance_format = "[instance: %(uuid)s] "
# The format for an instance UUID that is passed with the log message. (string
# value)
#instance_uuid_format = "[instance: %(uuid)s] "
# Enables or disables fatal status of deprecations. (boolean value)
#fatal_deprecations = false
#
# From oslo.messaging
#
# Size of RPC connection pool. (integer value)
# Deprecated group/name - [DEFAULT]/rpc_conn_pool_size
#rpc_conn_pool_size = 30
# ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP.
# The "host" option should point or resolve to this address. (string value)
#rpc_zmq_bind_address = *
# MatchMaker driver. (string value)
# Allowed values: redis, dummy
#rpc_zmq_matchmaker = redis
# Type of concurrency used. Either "native" or "eventlet" (string value)
#rpc_zmq_concurrency = eventlet
# Number of ZeroMQ contexts, defaults to 1. (integer value)
#rpc_zmq_contexts = 1
# Maximum number of ingress messages to locally buffer per topic. Default is
# unlimited. (integer value)
#rpc_zmq_topic_backlog = <None>
# Directory for holding IPC sockets. (string value)
#rpc_zmq_ipc_dir = /var/run/openstack
# Name of this node. Must be a valid hostname, FQDN, or IP address. Must match
# "host" option, if running Nova. (string value)
#rpc_zmq_host = localhost
# Seconds to wait before a cast expires (TTL). The default value of -1
# specifies an infinite linger period. The value of 0 specifies no linger
# period. Pending messages shall be discarded immediately when the socket is
# closed. Only supported by impl_zmq. (integer value)
#rpc_cast_timeout = -1
# The default number of seconds that poll should wait. Poll raises timeout
# exception when timeout expired. (integer value)
#rpc_poll_timeout = 1
# Expiration timeout in seconds of a name service record about existing target
# ( < 0 means no timeout). (integer value)
#zmq_target_expire = 120
# Use PUB/SUB pattern for fanout methods. PUB/SUB always uses proxy. (boolean
# value)
#use_pub_sub = true
# Minimal port number for random ports range. (port value)
# Minimum value: 0
# Maximum value: 65535
#rpc_zmq_min_port = 49152
# Maximal port number for random ports range. (integer value)
# Minimum value: 1
# Maximum value: 65536
#rpc_zmq_max_port = 65536
# Number of retries to find free port number before fail with ZMQBindError.
# (integer value)
#rpc_zmq_bind_port_retries = 100
# Size of executor thread pool. (integer value)
# Deprecated group/name - [DEFAULT]/rpc_thread_pool_size
#executor_thread_pool_size = 64
# Seconds to wait for a response from a call. (integer value)
#rpc_response_timeout = 60
# A URL representing the messaging driver to use and its full configuration. If
# not set, we fall back to the rpc_backend option and driver specific
# configuration. (string value)
#transport_url = <None>
# The messaging driver to use, defaults to rabbit. Other drivers include amqp
# and zmq. (string value)
#rpc_backend = rabbit
# The default exchange under which topics are scoped. May be overridden by an
# exchange name specified in the transport_url option. (string value)
#control_exchange = openstack
#
# From oslo.service.periodic_task
#
# Some periodic tasks can be run in a separate process. Should we run them
# here? (boolean value)
#run_external_periodic_tasks = true
#
# From oslo.service.service
#
# Enable eventlet backdoor. Acceptable values are 0, <port>, and
# <start>:<end>, where 0 results in listening on a random tcp port number;
# <port> results in listening on the specified port number (and not enabling
# backdoor if that port is in use); and <start>:<end> results in listening on
# the smallest unused port number within the specified range of port numbers.
# The chosen port is displayed in the service's log file. (string value)
#backdoor_port = <None>
# Enable eventlet backdoor, using the provided path as a unix socket that can
# receive connections. This option is mutually exclusive with 'backdoor_port'
# in that only one should be provided. If both are provided then the existence
# of this option overrides the usage of that option. (string value)
#backdoor_socket = <None>
# Enables or disables logging values of all registered options when starting a
# service (at DEBUG level). (boolean value)
#log_options = true
# Specify a timeout after which a gracefully shutdown server will exit. Zero
# value means endless wait. (integer value)
#graceful_shutdown_timeout = 60
[api_database]
#
# From nova
#
# The SQLAlchemy connection string to use to connect to the Nova API database.
# (string value)
connection = mysql://%SERVICE_USER%:%SERVICE_PASSWORD%@localhost/nova_api
# If True, SQLite uses synchronous mode. (boolean value)
#sqlite_synchronous = true
# The SQLAlchemy connection string to use to connect to the slave database.
# (string value)
#slave_connection = <None>
# The SQL mode to be used for MySQL sessions. This option, including the
# default, overrides any server-set SQL mode. To use whatever SQL mode is set
# by the server configuration, set this to no value. Example: mysql_sql_mode=
# (string value)
#mysql_sql_mode = TRADITIONAL
# This configures the MySQL storage engine. This allows for OpenStack to
# support different storage engine such as InnoDB, NDB, etc. By default, this
# value will be set to InnoDB. For MySQL Cluster, set to NDBCLUSTER. Example:
# mysql_storage_engine= (string value)
#mysql_storage_engine = InnoDB
# Timeout before idle SQL connections are reaped. (integer value)
#idle_timeout = 3600
# Maximum number of SQL connections to keep open in a pool. (integer value)
#max_pool_size = <None>
# Maximum number of database connection retries during startup. Set to -1 to
# specify an infinite retry count. (integer value)
#max_retries = 10
# Interval between retries of opening a SQL connection. (integer value)
#retry_interval = 10
# If set, use this value for max_overflow with SQLAlchemy. (integer value)
#max_overflow = <None>
# Verbosity of SQL debugging information: 0=None, 100=Everything. (integer
# value)
#connection_debug = 0
# Add Python stack traces to SQL as comment strings. (boolean value)
#connection_trace = false
# If set, use this value for pool_timeout with SQLAlchemy. (integer value)
#pool_timeout = <None>
[barbican]
#
# From castellan.config
#
# Use this endpoint to connect to Barbican, for example:
# "http://localhost:9311/" (string value)
#barbican_endpoint = <None>
# Version of the Barbican API, for example: "v1" (string value)
#barbican_api_version = <None>
# Use this endpoint to connect to Keystone (string value)
#auth_endpoint = http://localhost:5000/v3
# Number of seconds to wait before retrying poll for key creation completion
# (integer value)
#retry_delay = 1
# Number of times to retry poll for key creation completion (integer value)
#number_of_retries = 60
#
# From nova
#
# Info to match when looking for barbican in the service catalog. Format is:
# separated values of the form: <service_type>:<service_name>:<endpoint_type>
# (string value)
#catalog_info = key-manager:barbican:public
# Override service catalog lookup with template for barbican endpoint e.g.
# http://localhost:9311/v1/%(project_id)s (string value)
#endpoint_template = <None>
# Region name of this node (string value)
#os_region_name = <None>
[cache]
#
# From oslo.cache
#
# Prefix for building the configuration dictionary for the cache region. This
# should not need to be changed unless there is another dogpile.cache region
# with the same configuration name. (string value)
#config_prefix = cache.oslo
# Default TTL, in seconds, for any cached item in the dogpile.cache region.
# This applies to any cached method that doesn't have an explicit cache
# expiration time defined for it. (integer value)
#expiration_time = 600
# Dogpile.cache backend module. It is recommended that Memcache with pooling
# (oslo_cache.memcache_pool) or Redis (dogpile.cache.redis) be used in
# production deployments. Small workloads (single process) like devstack can
# use the dogpile.cache.memory backend. (string value)
#backend = dogpile.cache.null
# Arguments supplied to the backend module. Specify this option once per
# argument to be passed to the dogpile.cache backend. Example format:
# "<argname>:<value>". (multi valued)
#backend_argument =
# Proxy classes to import that will affect the way the dogpile.cache backend
# functions. See the dogpile.cache documentation on changing-backend-behavior.
# (list value)
#proxies =
# Global toggle for caching. (boolean value)
#enabled = false
# Extra debugging from the cache backend (cache keys, get/set/delete/etc
# calls). This is only really useful if you need to see the specific cache-
# backend get/set/delete calls with the keys/values. Typically this should be
# left set to false. (boolean value)
#debug_cache_backend = false
# Memcache servers in the format of "host:port". (dogpile.cache.memcache and
# oslo_cache.memcache_pool backends only). (list value)
#memcache_servers = localhost:11211
# Number of seconds memcached server is considered dead before it is tried
# again. (dogpile.cache.memcache and oslo_cache.memcache_pool backends only).
# (integer value)
#memcache_dead_retry = 300
# Timeout in seconds for every call to a server. (dogpile.cache.memcache and
# oslo_cache.memcache_pool backends only). (integer value)
#memcache_socket_timeout = 3
# Max total number of open connections to every memcached server.
# (oslo_cache.memcache_pool backend only). (integer value)
#memcache_pool_maxsize = 10
# Number of seconds a connection to memcached is held unused in the pool before
# it is closed. (oslo_cache.memcache_pool backend only). (integer value)
#memcache_pool_unused_timeout = 60
# Number of seconds that an operation will wait to get a memcache client
# connection. (integer value)
#memcache_pool_connection_get_timeout = 10
[cells]
#
# From nova.conf
#
#
# Enable cell functionality
#
# When this functionality is enabled, it lets you to scale an OpenStack
# Compute cloud in a more distributed fashion without having to use
# complicated technologies like database and message queue clustering.
# Cells are configured as a tree. The top-level cell should have a host
# that runs a nova-api service, but no nova-compute services. Each
# child cell should run all of the typical nova-* services in a regular
# Compute cloud except for nova-api. You can think of cells as a normal
# Compute deployment in that each cell has its own database server and
# message queue broker.
#
# Possible values:
#
# * True: Enables the feature
# * False: Disables the feature
#
# Services which consume this:
#
# * nova-api
# * nova-cells
# * nova-compute
#
# Related options:
#
# * name: A unique cell name must be given when this functionality
# is enabled.
# * cell_type: Cell type should be defined for all cells.
# (boolean value)
#enable = false
#
# Topic
#
# This is the message queue topic that cells nodes listen on. It is
# used when the cells service is started up to configure the queue,
# and whenever an RPC call to the scheduler is made.
#
# Possible values:
#
# * cells: This is the recommended and the default value.
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * None
# (string value)
#topic = cells
#
# DEPRECATED: Manager for cells
#
# The nova-cells manager class. This class defines RPC methods that
# the local cell may call. This class is NOT used for messages coming
# from other cells. That communication is driver-specific.
#
# Communication to other cells happens via the nova.cells.messaging module.
# The MessageRunner from that module will handle routing the message to
# the correct cell via the communication driver. Most methods below
# create 'targeted' (where we want to route a message to a specific cell)
# or 'broadcast' (where we want a message to go to multiple cells)
# messages.
#
# Scheduling requests get passed to the scheduler class.
#
# Possible values:
#
# * 'nova.cells.manager.CellsManager' is the only possible value for
# this option as of the Mitaka release
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * None
# (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#manager = nova.cells.manager.CellsManager
#
# Name of the current cell
#
# This value must be unique for each cell. Name of a cell is used as
# its id, leaving this option unset or setting the same name for
# two or more cells may cause unexpected behaviour.
#
# Possible values:
#
# * Unique name string
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * enabled: This option is meaningful only when cells service
# is enabled
# (string value)
#name = nova
#
# Cell capabilities
#
# List of arbitrary key=value pairs defining capabilities of the
# current cell to be sent to the parent cells. These capabilities
# are intended to be used in cells scheduler filters/weighers.
#
# Possible values:
#
# * key=value pairs list for example;
# ``hypervisor=xenserver;kvm,os=linux;windows``
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * None
# (list value)
#capabilities = hypervisor=xenserver;kvm,os=linux;windows
#
# Call timeout
#
# Cell messaging module waits for response(s) to be put into the
# eventlet queue. This option defines the seconds waited for
# response from a call to a cell.
#
# Possible values:
#
# * Time in seconds.
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * None
# (integer value)
#call_timeout = 60
#
# Reserve percentage
#
# Percentage of cell capacity to hold in reserve, so the minimum
# amount of free resource is considered to be;
# min_free = total * (reserve_percent / 100.0)
# This option affects both memory and disk utilization.
# The primary purpose of this reserve is to ensure some space is
# available for users who want to resize their instance to be larger.
# Note that currently once the capacity expands into this reserve
# space this option is ignored.
#
# Possible values:
#
# * Float percentage value
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * None
# (floating point value)
#reserve_percent = 10.0
#
# Type of cell
#
# When cells feature is enabled the hosts in the OpenStack Compute
# cloud are partitioned into groups. Cells are configured as a tree.
# The top-level cell's cell_type must be set to ``api``. All other
# cells are defined as a ``compute cell`` by default.
#
# Possible values:
#
# * api: Cell type of top-level cell.
# * compute: Cell type of all child cells. (Default)
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * compute_api_class: This option must be set to cells api driver
# for the top-level cell (nova.compute.cells_api.ComputeCellsAPI)
# * quota_driver: Disable quota checking for the child cells.
# (nova.quota.NoopQuotaDriver)
# (string value)
# Allowed values: api, compute
#cell_type = compute
#
# Mute child interval
#
# Number of seconds after which a lack of capability and capacity
# update the child cell is to be treated as a mute cell. Then the
# child cell will be weighed as recommend highly that it be skipped.
#
# Possible values:
#
# * Time in seconds.
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * None
# (integer value)
#mute_child_interval = 300
#
# Bandwidth update interval
#
# Seconds between bandwidth usage cache updates for cells.
#
# Possible values:
#
# * Time in seconds.
#
# Services which consume this:
#
# * nova-compute
#
# Related options:
#
# * None
# (integer value)
#bandwidth_update_interval = 600
#
# Instance update sync database limit
#
# Number of instances to pull from the database at one time for
# a sync. If there are more instances to update the results will
# be paged through.
#
# Possible values:
#
# * Number of instances.
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * None
# (integer value)
#instance_update_sync_database_limit = 100
#
# Mute weight multiplier
#
# Multiplier used to weigh mute children. Mute children cells are
# recommended to be skipped so their weight is multiplied by this
# negative value.
#
# Possible values:
#
# * Negative numeric number
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * None
# (floating point value)
#mute_weight_multiplier = -10000.0
#
# Ram weight multiplier
#
# Multiplier used for weighing ram. Negative numbers indicate that
# Compute should stack VMs on one host instead of spreading out new
# VMs to more hosts in the cell.
#
# Possible values:
#
# * Numeric multiplier
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * None
# (floating point value)
#ram_weight_multiplier = 10.0
#
# Offset weight multiplier
#
# Multiplier used to weigh offset weigher. Cells with higher
# weight_offsets in the DB will be preferred. The weight_offset
# is a property of a cell stored in the database. It can be used
# by a deployer to have scheduling decisions favor or disfavor
# cells based on the setting.
#
# Possible values:
#
# * Numeric multiplier
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * None
# (floating point value)
#offset_weight_multiplier = 1.0
#
# Cells communication driver
#
# Driver for cell<->cell communication via RPC. This is used to
# setup the RPC consumers as well as to send a message to another cell.
# 'nova.cells.rpc_driver.CellsRPCDriver' starts up 2 separate servers
# for handling inter-cell communication via RPC.
#
# Possible values:
#
# * 'nova.cells.rpc_driver.CellsRPCDriver' is the default driver
# * Otherwise it should be the full Python path to the class to be used
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * None
# (string value)
#driver = nova.cells.rpc_driver.CellsRPCDriver
#
# Instance updated at threshold
#
# Number of seconds after an instance was updated or deleted to
# continue to update cells. This option lets cells manager to only
# attempt to sync instances that have been updated recently.
# i.e., a threshold of 3600 means to only update instances that
# have modified in the last hour.
#
# Possible values:
#
# * Threshold in seconds
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * This value is used with the ``instance_update_num_instances``
# value in a periodic task run.
# (integer value)
#instance_updated_at_threshold = 3600
#
# Instance update num instances
#
# On every run of the periodic task, nova cells manager will attempt to
# sync instance_updated_at_threshold number of instances. When the
# manager gets the list of instances, it shuffles them so that multiple
# nova-cells services do not attempt to sync the same instances in
# lockstep.
#
# Possible values:
#
# * Positive integer number
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * This value is used with the ``instance_updated_at_threshold``
# value in a periodic task run.
# (integer value)
#instance_update_num_instances = 1
#
# Maximum hop count
#
# When processing a targeted message, if the local cell is not the
# target, a route is defined between neighbouring cells. And the
# message is processed across the whole routing path. This option
# defines the maximum hop counts until reaching the target.
#
# Possible values:
#
# * Positive integer value
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * None
# (integer value)
#max_hop_count = 10
#
# Cells scheduler
#
# The class of the driver used by the cells scheduler. This should be
# the full Python path to the class to be used. If nothing is specified
# in this option, the CellsScheduler is used.
#
#
# Possible values:
#
# * 'nova.cells.scheduler.CellsScheduler' is the default option
# * Otherwise it should be the full Python path to the class to be used
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * None
# (string value)
#scheduler = nova.cells.scheduler.CellsScheduler
#
# RPC driver queue base
#
# When sending a message to another cell by JSON-ifying the message
# and making an RPC cast to 'process_message', a base queue is used.
# This option defines the base queue name to be used when communicating
# between cells. Various topics by message type will be appended to this.
#
# Possible values:
#
# * The base queue name to be used when communicating between cells.
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * None
# (string value)
#rpc_driver_queue_base = cells.intercell
#
# Scheduler filter classes
#
# Filter classes the cells scheduler should use. An entry of
# "nova.cells.filters.all_filters" maps to all cells filters
# included with nova. As of the Mitaka release the following
# filter classes are available:
#
# Different cell filter: A scheduler hint of 'different_cell'
# with a value of a full cell name may be specified to route
# a build away from a particular cell.
#
# Image properties filter: Image metadata named
# 'hypervisor_version_requires' with a version specification
# may be specified to ensure the build goes to a cell which
# has hypervisors of the required version. If either the version
# requirement on the image or the hypervisor capability of the
# cell is not present, this filter returns without filtering out
# the cells.
#
# Target cell filter: A scheduler hint of 'target_cell' with a
# value of a full cell name may be specified to route a build to
# a particular cell. No error handling is done as there's no way
# to know whether the full path is a valid.
#
# As an admin user, you can also add a filter that directs builds
# to a particular cell.
#
#
# Possible values:
#
# * 'nova.cells.filters.all_filters' is the default option
# * Otherwise it should be the full Python path to the class to be used
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * None
# (list value)
#scheduler_filter_classes = nova.cells.filters.all_filters
#
# Scheduler weight classes
#
# Weigher classes the cells scheduler should use. An entry of
# "nova.cells.weights.all_weighers" maps to all cell weighers
# included with nova. As of the Mitaka release the following
# weight classes are available:
#
# mute_child: Downgrades the likelihood of child cells being
# chosen for scheduling requests, which haven't sent capacity
# or capability updates in a while. Options include
# mute_weight_multiplier (multiplier for mute children; value
# should be negative).
#
# ram_by_instance_type: Select cells with the most RAM capacity
# for the instance type being requested. Because higher weights
# win, Compute returns the number of available units for the
# instance type requested. The ram_weight_multiplier option defaults
# to 10.0 that adds to the weight by a factor of 10. Use a negative
# number to stack VMs on one host instead of spreading out new VMs
# to more hosts in the cell.
#
# weight_offset: Allows modifying the database to weight a particular
# cell. The highest weight will be the first cell to be scheduled for
# launching an instance. When the weight_offset of a cell is set to 0,
# it is unlikely to be picked but it could be picked if other cells
# have a lower weight, like if they're full. And when the weight_offset
# is set to a very high value (for example, '999999999999999'), it is
# likely to be picked if another cell do not have a higher weight.
#
# Possible values:
#
# * 'nova.cells.weights.all_weighers' is the default option
# * Otherwise it should be the full Python path to the class to be used
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * None
# (list value)
#scheduler_weight_classes = nova.cells.weights.all_weighers
#
# Scheduler retries
#
# How many retries when no cells are available. Specifies how many
# times the scheduler tries to launch a new instance when no cells
# are available.
#
# Possible values:
#
# * Positive integer value
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * This value is used with the ``scheduler_retry_delay`` value
# while retrying to find a suitable cell.
# (integer value)
#scheduler_retries = 10
#
# Scheduler retry delay
#
# Specifies the delay (in seconds) between scheduling retries when no
# cell can be found to place the new instance on. When the instance
# could not be scheduled to a cell after ``scheduler_retries`` in
# combination with ``scheduler_retry_delay``, then the scheduling
# of the instance failed.
#
# Possible values:
#
# * Time in seconds.
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * This value is used with the ``scheduler_retries`` value
# while retrying to find a suitable cell.
# (integer value)
#scheduler_retry_delay = 2
#
# DB check interval
#
# Cell state manager updates cell status for all cells from the DB
# only after this particular interval time is passed. Otherwise cached
# status are used. If this value is 0 or negative all cell status are
# updated from the DB whenever a state is needed.
#
# Possible values:
#
# * Interval time, in seconds.
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * None
# (integer value)
#db_check_interval = 60
#
# Optional cells configuration
#
# Configuration file from which to read cells configuration. If given,
# overrides reading cells from the database.
#
# Cells store all inter-cell communication data, including user names
# and passwords, in the database. Because the cells data is not updated
# very frequently, use this option to specify a JSON file to store
# cells data. With this configuration, the database is no longer
# consulted when reloading the cells data. The file must have columns
# present in the Cell model (excluding common database fields and the
# id column). You must specify the queue connection information through
# a transport_url field, instead of username, password, and so on.
#
# The transport_url has the following form:
# rabbit://USERNAME:PASSWORD@HOSTNAME:PORT/VIRTUAL_HOST
#
# Possible values:
#
# The scheme can be either qpid or rabbit, the following sample shows
# this optional configuration:
#
# {
# "parent": {
# "name": "parent",
# "api_url": "http://api.example.com:8774",
# "transport_url": "rabbit://rabbit.example.com",
# "weight_offset": 0.0,
# "weight_scale": 1.0,
# "is_parent": true
# },
# "cell1": {
# "name": "cell1",
# "api_url": "http://api.example.com:8774",
# "transport_url": "rabbit://rabbit1.example.com",
# "weight_offset": 0.0,
# "weight_scale": 1.0,
# "is_parent": false
# },
# "cell2": {
# "name": "cell2",
# "api_url": "http://api.example.com:8774",
# "transport_url": "rabbit://rabbit2.example.com",
# "weight_offset": 0.0,
# "weight_scale": 1.0,
# "is_parent": false
# }
# }
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * None
# (string value)
#cells_config = <None>
[cinder]
#
# From nova
#
# Info to match when looking for cinder in the service catalog. Format is:
# separated values of the form: <service_type>:<service_name>:<endpoint_type>
# (string value)
#catalog_info = volumev2:cinderv2:publicURL
# Override service catalog lookup with template for cinder endpoint e.g.
# http://localhost:8776/v1/%(project_id)s (string value)
#endpoint_template = <None>
# Region name of this node (string value)
#os_region_name = <None>
# Number of cinderclient retries on failed http calls (integer value)
#http_retries = 3
# Allow attach between instance and volume in different availability zones. If
# False, volumes attached to an instance must be in the same availability zone
# in Cinder as the instance availability zone in Nova. This also means care
# should be taken when booting an instance from a volume where source is not
# "volume" because Nova will attempt to create a volume using the same
# availability zone as what is assigned to the instance. If that AZ is not in
# Cinder (or allow_availability_zone_fallback=False in cinder.conf), the volume
# create request will fail and the instance will fail the build request.
# (boolean value)
#cross_az_attach = true
[conductor]
#
# From nova.conf
#
# DEPRECATED: Perform nova-conductor operations locally. This legacy mode was
# introduced to bridge a gap during the transition to the conductor service. It
# no longer represents a reasonable alternative for deployers. Removal may be
# as early as 14.0 (boolean value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#use_local = false
# The topic on which conductor nodes listen (string value)
#topic = conductor
# DEPRECATED: Full class name for the Manager for conductor. Removal in 14.0
# (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#manager = nova.conductor.manager.ConductorManager
# Number of workers for OpenStack Conductor service. The default will be the
# number of CPUs available. (integer value)
workers = 1
[cors]
#
# From oslo.middleware
#
# Indicate whether this resource may be shared with the domain received in the
# requests "origin" header. (list value)
#allowed_origin = <None>
# Indicate that the actual request can include user credentials (boolean value)
#allow_credentials = true
# Indicate which headers are safe to expose to the API. Defaults to HTTP Simple
# Headers. (list value)
#expose_headers = X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token,X-Service-Token
# Maximum cache age of CORS preflight requests. (integer value)
#max_age = 3600
# Indicate which methods can be used during the actual request. (list value)
#allow_methods = GET,PUT,POST,DELETE,PATCH
# Indicate which header field names may be used during the actual request.
# (list value)
#allow_headers = X-Auth-Token,X-Openstack-Request-Id,X-Identity-Status,X-Roles,X-Service-Catalog,X-User-Id,X-Tenant-Id
[cors.subdomain]
#
# From oslo.middleware
#
# Indicate whether this resource may be shared with the domain received in the
# requests "origin" header. (list value)
#allowed_origin = <None>
# Indicate that the actual request can include user credentials (boolean value)
#allow_credentials = true
# Indicate which headers are safe to expose to the API. Defaults to HTTP Simple
# Headers. (list value)
#expose_headers = X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token,X-Service-Token
# Maximum cache age of CORS preflight requests. (integer value)
#max_age = 3600
# Indicate which methods can be used during the actual request. (list value)
#allow_methods = GET,PUT,POST,DELETE,PATCH
# Indicate which header field names may be used during the actual request.
# (list value)
#allow_headers = X-Auth-Token,X-Openstack-Request-Id,X-Identity-Status,X-Roles,X-Service-Catalog,X-User-Id,X-Tenant-Id
[database]
#
# From nova
#
# The file name to use with SQLite. (string value)
# Deprecated group/name - [DEFAULT]/sqlite_db
#sqlite_db = oslo.sqlite
# If True, SQLite uses synchronous mode. (boolean value)
# Deprecated group/name - [DEFAULT]/sqlite_synchronous
#sqlite_synchronous = true
# The back end to use for the database. (string value)
# Deprecated group/name - [DEFAULT]/db_backend
#backend = sqlalchemy
# The SQLAlchemy connection string to use to connect to the database. (string
# value)
# Deprecated group/name - [DEFAULT]/sql_connection
# Deprecated group/name - [DATABASE]/sql_connection
# Deprecated group/name - [sql]/connection
connection = mysql://%SERVICE_USER%:%SERVICE_PASSWORD%@localhost/nova
# The SQLAlchemy connection string to use to connect to the slave database.
# (string value)
#slave_connection = <None>
# The SQL mode to be used for MySQL sessions. This option, including the
# default, overrides any server-set SQL mode. To use whatever SQL mode is set
# by the server configuration, set this to no value. Example: mysql_sql_mode=
# (string value)
#mysql_sql_mode = TRADITIONAL
# This configures the MySQL storage engine. This allows for OpenStack to
# support different storage engine such as InnoDB, NDB, etc. By default, this
# value will be set to InnoDB. For MySQL Cluster, set to NDBCLUSTER. Example:
# mysql_storage_engine= (string value)
#mysql_storage_engine = InnoDB
# Timeout before idle SQL connections are reaped. (integer value)
# Deprecated group/name - [DEFAULT]/sql_idle_timeout
# Deprecated group/name - [DATABASE]/sql_idle_timeout
# Deprecated group/name - [sql]/idle_timeout
#idle_timeout = 3600
# Minimum number of SQL connections to keep open in a pool. (integer value)
# Deprecated group/name - [DEFAULT]/sql_min_pool_size
# Deprecated group/name - [DATABASE]/sql_min_pool_size
#min_pool_size = 1
# Maximum number of SQL connections to keep open in a pool. (integer value)
# Deprecated group/name - [DEFAULT]/sql_max_pool_size
# Deprecated group/name - [DATABASE]/sql_max_pool_size
#max_pool_size = <None>
# Maximum number of database connection retries during startup. Set to -1 to
# specify an infinite retry count. (integer value)
# Deprecated group/name - [DEFAULT]/sql_max_retries
# Deprecated group/name - [DATABASE]/sql_max_retries
#max_retries = 10
# Interval between retries of opening a SQL connection. (integer value)
# Deprecated group/name - [DEFAULT]/sql_retry_interval
# Deprecated group/name - [DATABASE]/reconnect_interval
#retry_interval = 10
# If set, use this value for max_overflow with SQLAlchemy. (integer value)
# Deprecated group/name - [DEFAULT]/sql_max_overflow
# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow
#max_overflow = 50
# Verbosity of SQL debugging information: 0=None, 100=Everything. (integer
# value)
# Deprecated group/name - [DEFAULT]/sql_connection_debug
#connection_debug = 0
# Add Python stack traces to SQL as comment strings. (boolean value)
# Deprecated group/name - [DEFAULT]/sql_connection_trace
#connection_trace = false
# If set, use this value for pool_timeout with SQLAlchemy. (integer value)
# Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout
#pool_timeout = <None>
# Enable the experimental use of database reconnect on connection lost.
# (boolean value)
#use_db_reconnect = false
# Seconds between retries of a database transaction. (integer value)
#db_retry_interval = 1
# If True, increases the interval between retries of a database operation up to
# db_max_retry_interval. (boolean value)
#db_inc_retry_interval = true
# If db_inc_retry_interval is set, the maximum seconds between retries of a
# database operation. (integer value)
#db_max_retry_interval = 10
# Maximum retries in case of connection error or deadlock error before error is
# raised. Set to -1 to specify an infinite retry count. (integer value)
#db_max_retries = 20
#
# From oslo.db.concurrency
#
# Enable the experimental use of thread pooling for all DB API calls (boolean
# value)
# Deprecated group/name - [DEFAULT]/dbapi_use_tpool
#use_tpool = false
[ephemeral_storage_encryption]
#
# From nova.conf
#
# Whether to encrypt ephemeral storage (boolean value)
#enabled = false
# The cipher and mode to be used to encrypt ephemeral storage. Which ciphers
# are available ciphers depends on kernel support. See /proc/crypto for the
# list of available options. (string value)
#cipher = aes-xts-plain64
# The bit length of the encryption key to be used to encrypt ephemeral storage
# (in XTS mode only half of the bits are used for encryption key) (integer
# value)
#key_size = 512
[glance]
#
# From nova
#
# DEPRECATED: Glance server hostname or IP address. Use the "api_servers"
# option instead. (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#host = $my_ip
# DEPRECATED: Glance server port. Use the "api_servers" option instead.
# (integer value)
# Minimum value: 1
# Maximum value: 65535
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#port = 9292
# DEPRECATED: Protocol to use when connecting to glance. Set to https for SSL.
# Use the "api_servers" option instead. (string value)
# Allowed values: http, https
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#protocol = http
#
# A list of the glance api servers endpoints available to nova. These
# should be fully qualified urls of the form
# "scheme://hostname:port[/path]" (i.e. "http://10.0.1.0:9292" or
# "https://my.glance.server/image") (list value)
#api_servers = <None>
# Allow to perform insecure SSL (https) requests to glance (boolean value)
#api_insecure = false
# Number of retries when uploading / downloading an image to / from glance.
# (integer value)
#num_retries = 0
# A list of url scheme that can be downloaded directly via the direct_url.
# Currently supported schemes: [file]. (list value)
#allowed_direct_url_schemes =
# Require Nova to perform signature verification on each image downloaded from
# Glance. (boolean value)
#verify_glance_signatures = false
[guestfs]
#
# From nova.virt
#
# Enable guestfs debug (boolean value)
#debug = false
[image_file_url]
#
# From nova
#
# List of file systems that are configured in this file in the
# image_file_url:<list entry name> sections (list value)
#filesystems =
[ironic]
#
# From nova.conf
#
# Version of Ironic API service endpoint. DEPRECATED: Setting the API version
# is not possible anymore. (integer value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#api_version = 1
# URL for Ironic API endpoint. (string value)
#api_endpoint = <None>
# Ironic keystone admin name (string value)
#admin_username = %SERVICE_USER%
# Ironic keystone admin password. (string value)
#admin_password = %SERVICE_PASSWORD%
# Ironic keystone auth token.DEPRECATED: use admin_username, admin_password,
# and admin_tenant_name instead (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#admin_auth_token = <None>
# Keystone public API endpoint. (string value)
#admin_url = http://127.0.0.1:5000/v2.0/
# Log level override for ironicclient. Set this in order to override the global
# "default_log_levels", "verbose", and "debug" settings. DEPRECATED: use
# standard logging configuration. (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#client_log_level = <None>
# Ironic keystone tenant name. (string value)
#admin_tenant_name = %SERVICE_TENANT_NAME%
# How many retries when a request does conflict. If <= 0, only try once, no
# retries. (integer value)
#api_max_retries = 60
# How often to retry in seconds when a request does conflict (integer value)
#api_retry_interval = 2
[key_manager]
#
# From castellan.config
#
# The full class name of the key manager API class (string value)
#api_class = castellan.key_manager.barbican_key_manager.BarbicanKeyManager
# The type of authentication credential to create. Possible values are 'token',
# 'password', 'keystone_token', and 'keystone_password'. Required if no context
# is passed to the credential factory. (string value)
#auth_type = <None>
# Token for authentication. Required for 'token' and 'keystone_token' auth_type
# if no context is passed to the credential factory. (string value)
#token = <None>
# Username for authentication. Required for 'password' auth_type. Optional for
# the 'keystone_password' auth_type. (string value)
#username = <None>
# Password for authentication. Required for 'password' and 'keystone_password'
# auth_type. (string value)
#password = <None>
# User ID for authentication. Optional for 'keystone_token' and
# 'keystone_password' auth_type. (string value)
#user_id = <None>
# User's domain ID for authentication. Optional for 'keystone_token' and
# 'keystone_password' auth_type. (string value)
#user_domain_id = <None>
# User's domain name for authentication. Optional for 'keystone_token' and
# 'keystone_password' auth_type. (string value)
#user_domain_name = <None>
# Trust ID for trust scoping. Optional for 'keystone_token' and
# 'keystone_password' auth_type. (string value)
#trust_id = <None>
# Domain ID for domain scoping. Optional for 'keystone_token' and
# 'keystone_password' auth_type. (string value)
#domain_id = <None>
# Domain name for domain scoping. Optional for 'keystone_token' and
# 'keystone_password' auth_type. (string value)
#domain_name = <None>
# Project ID for project scoping. Optional for 'keystone_token' and
# 'keystone_password' auth_type. (string value)
#project_id = <None>
# Project name for project scoping. Optional for 'keystone_token' and
# 'keystone_password' auth_type. (string value)
#project_name = <None>
# Project's domain ID for project. Optional for 'keystone_token' and
# 'keystone_password' auth_type. (string value)
#project_domain_id = <None>
# Project's domain name for project. Optional for 'keystone_token' and
# 'keystone_password' auth_type. (string value)
#project_domain_name = <None>
# Allow fetching a new token if the current one is going to expire. Optional
# for 'keystone_token' and 'keystone_password' auth_type. (boolean value)
#reauthenticate = true
[keymgr]
#
# From nova
#
# Fixed key returned by key manager, specified in hex (string value)
#fixed_key = <None>
# The full class name of the key manager API class (string value)
#api_class = nova.keymgr.conf_key_mgr.ConfKeyManager
[keystone_authtoken]
#
# From keystonemiddleware.auth_token
#
# Complete public Identity API endpoint. (string value)
auth_uri = http://127.0.0.1:5000/v2.0/
# API version of the admin Identity API endpoint. (string value)
#auth_version = <None>
# Do not handle authorization requests within the middleware, but delegate the
# authorization decision to downstream WSGI components. (boolean value)
#delay_auth_decision = false
# Request timeout value for communicating with Identity API server. (integer
# value)
#http_connect_timeout = <None>
# How many times are we trying to reconnect when communicating with Identity
# API Server. (integer value)
#http_request_max_retries = 3
# Env key for the swift cache. (string value)
#cache = <None>
# Required if identity server requires client certificate (string value)
#certfile = <None>
# Required if identity server requires client certificate (string value)
#keyfile = <None>
# A PEM encoded Certificate Authority to use when verifying HTTPs connections.
# Defaults to system CAs. (string value)
#cafile = <None>
# Verify HTTPS connections. (boolean value)
#insecure = false
# The region in which the identity server can be found. (string value)
#region_name = <None>
# Directory used to cache files related to PKI tokens. (string value)
signing_dir = $state_path/keystone-signing
# Optionally specify a list of memcached server(s) to use for caching. If left
# undefined, tokens will instead be cached in-process. (list value)
# Deprecated group/name - [DEFAULT]/memcache_servers
#memcached_servers = <None>
# In order to prevent excessive effort spent validating tokens, the middleware
# caches previously-seen tokens for a configurable duration (in seconds). Set
# to -1 to disable caching completely. (integer value)
#token_cache_time = 300
# Determines the frequency at which the list of revoked tokens is retrieved
# from the Identity service (in seconds). A high number of revocation events
# combined with a low cache duration may significantly reduce performance.
# (integer value)
#revocation_cache_time = 10
# (Optional) If defined, indicate whether token data should be authenticated or
# authenticated and encrypted. If MAC, token data is authenticated (with HMAC)
# in the cache. If ENCRYPT, token data is encrypted and authenticated in the
# cache. If the value is not one of these options or empty, auth_token will
# raise an exception on initialization. (string value)
# Allowed values: None, MAC, ENCRYPT
#memcache_security_strategy = None
# (Optional, mandatory if memcache_security_strategy is defined) This string is
# used for key derivation. (string value)
#memcache_secret_key = <None>
# (Optional) Number of seconds memcached server is considered dead before it is
# tried again. (integer value)
#memcache_pool_dead_retry = 300
# (Optional) Maximum total number of open connections to every memcached
# server. (integer value)
#memcache_pool_maxsize = 10
# (Optional) Socket timeout in seconds for communicating with a memcached
# server. (integer value)
#memcache_pool_socket_timeout = 3
# (Optional) Number of seconds a connection to memcached is held unused in the
# pool before it is closed. (integer value)
#memcache_pool_unused_timeout = 60
# (Optional) Number of seconds that an operation will wait to get a memcached
# client connection from the pool. (integer value)
#memcache_pool_conn_get_timeout = 10
# (Optional) Use the advanced (eventlet safe) memcached client pool. The
# advanced pool will only work under python 2.x. (boolean value)
#memcache_use_advanced_pool = false
# (Optional) Indicate whether to set the X-Service-Catalog header. If False,
# middleware will not ask for service catalog on token validation and will not
# set the X-Service-Catalog header. (boolean value)
#include_service_catalog = true
# Used to control the use and type of token binding. Can be set to: "disabled"
# to not check token binding. "permissive" (default) to validate binding
# information if the bind type is of a form known to the server and ignore it
# if not. "strict" like "permissive" but if the bind type is unknown the token
# will be rejected. "required" any form of token binding is needed to be
# allowed. Finally the name of a binding method that must be present in tokens.
# (string value)
#enforce_token_bind = permissive
# If true, the revocation list will be checked for cached tokens. This requires
# that PKI tokens are configured on the identity server. (boolean value)
#check_revocations_for_cached = false
# Hash algorithms to use for hashing PKI tokens. This may be a single algorithm
# or multiple. The algorithms are those supported by Python standard
# hashlib.new(). The hashes will be tried in the order given, so put the
# preferred one first for performance. The result of the first hash will be
# stored in the cache. This will typically be set to multiple values only while
# migrating from a less secure algorithm to a more secure one. Once all the old
# tokens are expired this option should be set to a single value for better
# performance. (list value)
#hash_algorithms = md5
# Authentication type to load (unknown value)
# Deprecated group/name - [DEFAULT]/auth_plugin
#auth_type = <None>
# Config Section from which to load plugin specific options (unknown value)
#auth_section = <None>
# Complete admin Identity API endpoint. This should specify the unversioned
# root endpoint e.g. https://localhost:35357/ (string value)
identity_uri = http://127.0.0.1:35357/
# Service username. (string value)
admin_user = %SERVICE_USER%
# Service user password. (string value)
admin_password = %SERVICE_PASSWORD%
# Service tenant name. (string value)
admin_tenant_name = %SERVICE_TENANT_NAME%
[libvirt]
#
# From nova.virt
#
# Rescue ami image. This will not be used if an image id is provided by the
# user. (string value)
#rescue_image_id = <None>
# Rescue aki image (string value)
#rescue_kernel_id = <None>
# Rescue ari image (string value)
#rescue_ramdisk_id = <None>
# Libvirt domain type (string value)
# Allowed values: kvm, lxc, qemu, uml, xen, parallels
#virt_type = kvm
# Override the default libvirt URI (which is dependent on virt_type) (string
# value)
#connection_uri =
# Inject the admin password at boot time, without an agent. (boolean value)
#inject_password = false
# Inject the ssh public key at boot time (boolean value)
#inject_key = false
# The partition to inject to : -2 => disable, -1 => inspect (libguestfs only),
# 0 => not partitioned, >0 => partition number (integer value)
#inject_partition = -2
# Sync virtual and real mouse cursors in Windows VMs (boolean value)
#use_usb_tablet = true
# Live migration target ip or hostname (if this option is set to None, which is
# the default, the hostname of the migration target compute node will be used)
# (string value)
#live_migration_inbound_addr = <None>
# Override the default libvirt live migration target URI (which is dependent on
# virt_type) (any included "%s" is replaced with the migration target hostname)
# (string value)
#live_migration_uri = <None>
# Migration flags to be set for live migration (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: The correct live migration flags can be inferred from the new
# live_migration_tunnelled config option. live_migration_flag will be removed
# to avoid potential misconfiguration.
#live_migration_flag = VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER, VIR_MIGRATE_LIVE, VIR_MIGRATE_TUNNELLED
# Migration flags to be set for block migration (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
# Reason: The correct block migration flags can be inferred from the new
# live_migration_tunnelled config option. block_migration_flag will be removed
# to avoid potential misconfiguration.
#block_migration_flag = VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER, VIR_MIGRATE_LIVE, VIR_MIGRATE_TUNNELLED, VIR_MIGRATE_NON_SHARED_INC
# Whether to use tunnelled migration, where migration data is transported over
# the libvirtd connection. If True, we use the VIR_MIGRATE_TUNNELLED migration
# flag, avoiding the need to configure the network to allow direct hypervisor
# to hypervisor communication. If False, use the native transport. If not set,
# Nova will choose a sensible default based on, for example the availability of
# native encryption support in the hypervisor. (boolean value)
#live_migration_tunnelled = <None>
# Maximum bandwidth(in MiB/s) to be used during migration. If set to 0, will
# choose a suitable default. Some hypervisors do not support this feature and
# will return an error if bandwidth is not 0. Please refer to the libvirt
# documentation for further details (integer value)
#live_migration_bandwidth = 0
# Maximum permitted downtime, in milliseconds, for live migration switchover.
# Will be rounded up to a minimum of 100ms. Use a large value if guest liveness
# is unimportant. (integer value)
#live_migration_downtime = 500
# Number of incremental steps to reach max downtime value. Will be rounded up
# to a minimum of 3 steps (integer value)
#live_migration_downtime_steps = 10
# Time to wait, in seconds, between each step increase of the migration
# downtime. Minimum delay is 10 seconds. Value is per GiB of guest RAM + disk
# to be transferred, with lower bound of a minimum of 2 GiB per device (integer
# value)
#live_migration_downtime_delay = 75
# Time to wait, in seconds, for migration to successfully complete transferring
# data before aborting the operation. Value is per GiB of guest RAM + disk to
# be transferred, with lower bound of a minimum of 2 GiB. Should usually be
# larger than downtime delay * downtime steps. Set to 0 to disable timeouts.
# (integer value)
#live_migration_completion_timeout = 800
# Time to wait, in seconds, for migration to make forward progress in
# transferring data before aborting the operation. Set to 0 to disable
# timeouts. (integer value)
#live_migration_progress_timeout = 150
# Snapshot image format. Defaults to same as source image (string value)
# Allowed values: raw, qcow2, vmdk, vdi
#snapshot_image_format = <None>
# Override the default disk prefix for the devices attached to a server, which
# is dependent on virt_type. (valid options are: sd, xvd, uvd, vd) (string
# value)
#disk_prefix = <None>
# Number of seconds to wait for instance to shut down after soft reboot request
# is made. We fall back to hard reboot if instance does not shutdown within
# this window. (integer value)
#wait_soft_reboot_seconds = 120
# Set to "host-model" to clone the host CPU feature flags; to "host-
# passthrough" to use the host CPU model exactly; to "custom" to use a named
# CPU model; to "none" to not set any CPU model. If virt_type="kvm|qemu", it
# will default to "host-model", otherwise it will default to "none" (string
# value)
# Allowed values: host-model, host-passthrough, custom, none
#cpu_mode = <None>
# Set to a named libvirt CPU model (see names listed in
# /usr/share/libvirt/cpu_map.xml). Only has effect if cpu_mode="custom" and
# virt_type="kvm|qemu" (string value)
#cpu_model = <None>
# Location where libvirt driver will store snapshots before uploading them to
# image service (string value)
#snapshots_directory = $instances_path/snapshots
# Location where the Xen hvmloader is kept (string value)
#xen_hvmloader_path = /usr/lib/xen/boot/hvmloader
# Specific cachemodes to use for different disk types e.g:
# file=directsync,block=none (list value)
#disk_cachemodes =
# A path to a device that will be used as source of entropy on the host.
# Permitted options are: /dev/random or /dev/hwrng (string value)
#rng_dev_path = <None>
# For qemu or KVM guests, set this option to specify a default machine type per
# host architecture. You can find a list of supported machine types in your
# environment by checking the output of the "virsh capabilities"command. The
# format of the value for this config option is host-arch=machine-type. For
# example: x86_64=machinetype1,armv7l=machinetype2 (list value)
#hw_machine_type = <None>
# The data source used to the populate the host "serial" UUID exposed to guest
# in the virtual BIOS. (string value)
# Allowed values: none, os, hardware, auto
#sysinfo_serial = auto
# A number of seconds to memory usage statistics period. Zero or negative value
# mean to disable memory usage statistics. (integer value)
#mem_stats_period_seconds = 10
# List of uid targets and ranges.Syntax is guest-uid:host-uid:countMaximum of 5
# allowed. (list value)
#uid_maps =
# List of guid targets and ranges.Syntax is guest-gid:host-gid:countMaximum of
# 5 allowed. (list value)
#gid_maps =
# In a realtime host context vCPUs for guest will run in that scheduling
# priority. Priority depends on the host kernel (usually 1-99) (integer value)
#realtime_scheduler_priority = 1
# VM Images format. If default is specified, then use_cow_images flag is used
# instead of this one. (string value)
# Allowed values: raw, qcow2, lvm, rbd, ploop, default
#images_type = default
# LVM Volume Group that is used for VM images, when you specify
# images_type=lvm. (string value)
#images_volume_group = <None>
# Create sparse logical volumes (with virtualsize) if this flag is set to True.
# (boolean value)
#sparse_logical_volumes = false
# The RADOS pool in which rbd volumes are stored (string value)
#images_rbd_pool = rbd
# Path to the ceph configuration file to use (string value)
#images_rbd_ceph_conf =
# Discard option for nova managed disks. Need Libvirt(1.0.6) Qemu1.5 (raw
# format) Qemu1.6(qcow2 format) (string value)
# Allowed values: ignore, unmap
#hw_disk_discard = <None>
# Allows image information files to be stored in non-standard locations (string
# value)
#image_info_filename_pattern = $instances_path/$image_cache_subdirectory_name/%(image)s.info
# DEPRECATED: Should unused kernel images be removed? This is only safe to
# enable if all compute nodes have been updated to support this option (running
# Grizzly or newer level compute). This will be the default behavior in the
# 13.0.0 release. (boolean value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#remove_unused_kernels = true
# Unused resized base images younger than this will not be removed (integer
# value)
#remove_unused_resized_minimum_age_seconds = 3600
# Write a checksum for files in _base to disk (boolean value)
#checksum_base_images = false
# How frequently to checksum base images (integer value)
#checksum_interval_seconds = 3600
# Method used to wipe old volumes. (string value)
# Allowed values: none, zero, shred
#volume_clear = zero
# Size in MiB to wipe at start of old volumes. 0 => all (integer value)
#volume_clear_size = 0
# Compress snapshot images when possible. This currently applies exclusively to
# qcow2 images (boolean value)
#snapshot_compression = false
# Use virtio for bridge interfaces with KVM/QEMU (boolean value)
#use_virtio_for_bridges = true
# Protocols listed here will be accessed directly from QEMU. Currently
# supported protocols: [gluster] (list value)
#qemu_allowed_storage_drivers =
# Number of times to rediscover AoE target to find volume (integer value)
#num_aoe_discover_tries = 3
# Directory where the glusterfs volume is mounted on the compute node (string
# value)
#glusterfs_mount_point_base = $state_path/mnt
# Number of times to rescan iSCSI target to find volume (integer value)
#num_iscsi_scan_tries = 5
# Use multipath connection of the iSCSI or FC volume (boolean value)
#iscsi_use_multipath = false
# The iSCSI transport iface to use to connect to target in case offload support
# is desired. Default format is of the form <transport_name>.<hwaddress> where
# <transport_name> is one of (be2iscsi, bnx2i, cxgb3i, cxgb4i, qla4xxx, ocs)
# and <hwaddress> is the MAC address of the interface and can be generated via
# the iscsiadm -m iface command. Do not confuse the iscsi_iface parameter to be
# provided here with the actual transport name. (string value)
# Deprecated group/name - [DEFAULT]/iscsi_transport
#iscsi_iface = <None>
# Number of times to rescan iSER target to find volume (integer value)
#num_iser_scan_tries = 5
# Use multipath connection of the iSER volume (boolean value)
#iser_use_multipath = false
# The RADOS client name for accessing rbd volumes (string value)
#rbd_user = <None>
# The libvirt UUID of the secret for the rbd_uservolumes (string value)
#rbd_secret_uuid = <None>
# Directory where the NFS volume is mounted on the compute node (string value)
#nfs_mount_point_base = $state_path/mnt
# Mount options passed to the NFS client. See section of the nfs man page for
# details (string value)
#nfs_mount_options = <None>
# Directory where the Quobyte volume is mounted on the compute node (string
# value)
#quobyte_mount_point_base = $state_path/mnt
# Path to a Quobyte Client configuration file. (string value)
#quobyte_client_cfg = <None>
# Use ssh or rsync transport for creating, copying, removing files on the
# remote host. (string value)
# Allowed values: ssh, rsync
#remote_filesystem_transport = ssh
# Path or URL to Scality SOFS configuration file (string value)
#scality_sofs_config = <None>
# Base dir where Scality SOFS shall be mounted (string value)
#scality_sofs_mount_point = $state_path/scality
# Directory where the SMBFS shares are mounted on the compute node (string
# value)
#smbfs_mount_point_base = $state_path/mnt
# Mount options passed to the SMBFS client. See mount.cifs man page for
# details. Note that the libvirt-qemu uid and gid must be specified. (string
# value)
#smbfs_mount_options =
[matchmaker_redis]
#
# From oslo.messaging
#
# Host to locate redis. (string value)
#host = 127.0.0.1
# Use this port to connect to redis host. (port value)
# Minimum value: 0
# Maximum value: 65535
#port = 6379
# Password for Redis server (optional). (string value)
#password =
# List of Redis Sentinel hosts (fault tolerance mode) e.g.
# [host:port, host1:port ... ] (list value)
#sentinel_hosts =
# Redis replica set name. (string value)
#sentinel_group_name = oslo-messaging-zeromq
# Time in ms to wait between connection attempts. (integer value)
#wait_timeout = 500
# Time in ms to wait before the transaction is killed. (integer value)
#check_timeout = 20000
# Timeout in ms on blocking socket operations (integer value)
#socket_timeout = 1000
[metrics]
#
# From nova.conf
#
#
# When using metrics to weight the suitability of a host, you can use this
# option
# to change how the calculated weight influences the weight assigned to a host
# as
# follows:
#
# * Greater than 1.0: increases the effect of the metric on overall weight.
#
# * Equal to 1.0: No change to the calculated weight.
#
# * Less than 1.0, greater than 0: reduces the effect of the metric on
# overall weight.
#
# * 0: The metric value is ignored, and the value of the
# 'weight_of_unavailable' option is returned instead.
#
# * Greater than -1.0, less than 0: the effect is reduced and reversed.
#
# * -1.0: the effect is reversed
#
# * Less than -1.0: the effect is increased proportionally and reversed.
#
# Valid values are numeric, either integer or float.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# weight_of_unavailable
# (floating point value)
#weight_multiplier = 1.0
#
# This setting specifies the metrics to be weighed and the relative ratios for
# each metric. This should be a single string value, consisting of a series of
# one or more 'name=ratio' pairs, separated by commas, where 'name' is the name
# of the metric to be weighed, and 'ratio' is the relative weight for that
# metric.
#
# Note that if the ratio is set to 0, the metric value is ignored, and instead
# the weight will be set to the value of the 'weight_of_unavailable' option.
#
# As an example, let's consider the case where this option is set to:
#
# ``name1=1.0, name2=-1.3``
#
# The final weight will be:
#
# ``(name1.value * 1.0) + (name2.value * -1.3)``
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# weight_of_unavailable
# (list value)
#weight_setting =
#
# This setting determines how any unavailable metrics are treated. If this
# option
# is set to True, any hosts for which a metric is unavailable will raise an
# exception, so it is recommended to also use the MetricFilter to filter out
# those hosts before weighing.
#
# When this option is False, any metric being unavailable for a host will set
# the
# host weight to 'weight_of_unavailable'.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# weight_of_unavailable
# (boolean value)
#required = true
#
# When any of the following conditions are met, this value will be used in
# place
# of any actual metric value:
#
# * One of the metrics named in 'weight_setting' is not available for a
# host,
# and the value of 'required' is False.
#
# * The ratio specified for a metric in 'weight_setting' is 0.
#
# * The 'weight_multiplier' option is set to 0.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# weight_setting
# required
# weight_multiplier
# (floating point value)
#weight_of_unavailable = -10000.0
[neutron]
#
# From nova.api
#
# Set flag to indicate Neutron will proxy metadata requests and resolve
# instance ids. (boolean value)
service_metadata_proxy = true
# Shared secret to validate proxies Neutron metadata requests (string value)
#metadata_proxy_shared_secret =
#
# From nova.network
#
# URL for connecting to neutron (string value)
#url = http://127.0.0.1:9696
# Region name for connecting to neutron in admin context (string value)
#region_name = <None>
# Default OVS bridge name to use if not specified by Neutron (string value)
ovs_bridge = br_int0
# Number of seconds before querying neutron for extensions (integer value)
#extension_sync_interval = 600
#
# From nova.network.neutronv2
#
# Authentication URL (unknown value)
auth_url = http://127.0.0.1:5000/v2.0/
# Authentication type to load (unknown value)
# Deprecated group/name - [DEFAULT]/auth_plugin
auth_type = v2password
# PEM encoded Certificate Authority to use when verifying HTTPs connections.
# (string value)
# Deprecated group/name - [neutron]/ca_certificates_file
#cafile = <None>
# PEM encoded client certificate cert file (string value)
#certfile = <None>
# Optional domain ID to use with v3 and v2 parameters. It will be used for both
# the user and project domain in v3 and ignored in v2 authentication. (unknown
# value)
#default_domain_id = <None>
# Optional domain name to use with v3 API and v2 parameters. It will be used
# for both the user and project domain in v3 and ignored in v2 authentication.
# (unknown value)
#default_domain_name = <None>
# Domain ID to scope to (unknown value)
#domain_id = <None>
# Domain name to scope to (unknown value)
#domain_name = <None>
# Verify HTTPS connections. (boolean value)
# Deprecated group/name - [neutron]/api_insecure
#insecure = false
# PEM encoded client certificate key file (string value)
#keyfile = <None>
# User's password (unknown value)
password = %SERVICE_PASSWORD%
# Domain ID containing project (unknown value)
#project_domain_id = <None>
# Domain name containing project (unknown value)
#project_domain_name = <None>
# Project ID to scope to (unknown value)
# Deprecated group/name - [DEFAULT]/tenant-id
#project_id = <None>
# Project name to scope to (unknown value)
# Deprecated group/name - [DEFAULT]/tenant-name
#project_name = <None>
# Tenant ID (unknown value)
#tenant_id = <None>
# Tenant Name (unknown value)
tenant_name = %SERVICE_TENANT_NAME%
# Timeout value for http requests (integer value)
# Deprecated group/name - [neutron]/url_timeout
#timeout = <None>
# Trust ID (unknown value)
#trust_id = <None>
# User's domain id (unknown value)
#user_domain_id = <None>
# User's domain name (unknown value)
#user_domain_name = <None>
# User id (unknown value)
#user_id = <None>
# Username (unknown value)
# Deprecated group/name - [DEFAULT]/user-name
username = %SERVICE_USER%
[osapi_v21]
#
# From nova.api
#
# DEPRECATED: Whether the V2.1 API is enabled or not. This option will be
# removed in the near future. (boolean value)
# Deprecated group/name - [osapi_v21]/enabled
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#enabled = true
# DEPRECATED: A list of v2.1 API extensions to never load. Specify the
# extension aliases here. This option will be removed in the near future. After
# that point you have to run all of the API. (list value)
# Deprecated group/name - [osapi_v21]/extensions_blacklist
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#extensions_blacklist =
# DEPRECATED: If the list is not empty then a v2.1 API extension will only be
# loaded if it exists in this list. Specify the extension aliases here. This
# option will be removed in the near future. After that point you have to run
# all of the API. (list value)
# Deprecated group/name - [osapi_v21]/extensions_whitelist
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#extensions_whitelist =
# DEPRECATED: The validation regex for project_ids used in urls. This defaults
# to [0-9a-f\-]+ if not set, which matches normal uuids created by keystone.
# (string value)
# Deprecated group/name - [osapi_v21]/project_id_regex
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#project_id_regex = <None>
[oslo_concurrency]
#
# From oslo.concurrency
#
# Enables or disables inter-process locks. (boolean value)
# Deprecated group/name - [DEFAULT]/disable_process_locking
#disable_process_locking = false
# Directory to use for lock files. For security, the specified directory
# should only be writable by the user running the processes that need locking.
# Defaults to environment variable OSLO_LOCK_PATH. If external locks are used,
# a lock path must be set. (string value)
# Deprecated group/name - [DEFAULT]/lock_path
lock_path = $state_path/lock
[oslo_messaging_amqp]
#
# From oslo.messaging
#
# address prefix used when sending to a specific server (string value)
# Deprecated group/name - [amqp1]/server_request_prefix
#server_request_prefix = exclusive
# address prefix used when broadcasting to all servers (string value)
# Deprecated group/name - [amqp1]/broadcast_prefix
#broadcast_prefix = broadcast
# address prefix when sending to any server in group (string value)
# Deprecated group/name - [amqp1]/group_request_prefix
#group_request_prefix = unicast
# Name for the AMQP container (string value)
# Deprecated group/name - [amqp1]/container_name
#container_name = <None>
# Timeout for inactive connections (in seconds) (integer value)
# Deprecated group/name - [amqp1]/idle_timeout
#idle_timeout = 0
# Debug: dump AMQP frames to stdout (boolean value)
# Deprecated group/name - [amqp1]/trace
#trace = false
# CA certificate PEM file to verify server certificate (string value)
# Deprecated group/name - [amqp1]/ssl_ca_file
#ssl_ca_file =
# Identifying certificate PEM file to present to clients (string value)
# Deprecated group/name - [amqp1]/ssl_cert_file
#ssl_cert_file =
# Private key PEM file used to sign cert_file certificate (string value)
# Deprecated group/name - [amqp1]/ssl_key_file
#ssl_key_file =
# Password for decrypting ssl_key_file (if encrypted) (string value)
# Deprecated group/name - [amqp1]/ssl_key_password
#ssl_key_password = <None>
# Accept clients using either SSL or plain TCP (boolean value)
# Deprecated group/name - [amqp1]/allow_insecure_clients
#allow_insecure_clients = false
# Space separated list of acceptable SASL mechanisms (string value)
# Deprecated group/name - [amqp1]/sasl_mechanisms
#sasl_mechanisms =
# Path to directory that contains the SASL configuration (string value)
# Deprecated group/name - [amqp1]/sasl_config_dir
#sasl_config_dir =
# Name of configuration file (without .conf suffix) (string value)
# Deprecated group/name - [amqp1]/sasl_config_name
#sasl_config_name =
# User name for message broker authentication (string value)
# Deprecated group/name - [amqp1]/username
#username =
# Password for message broker authentication (string value)
# Deprecated group/name - [amqp1]/password
#password =
[oslo_messaging_notifications]
#
# From oslo.messaging
#
# The Drivers(s) to handle sending notifications. Possible values are
# messaging, messagingv2, routing, log, test, noop (multi valued)
# Deprecated group/name - [DEFAULT]/notification_driver
#driver =
# A URL representing the messaging driver to use for notifications. If not set,
# we fall back to the same configuration used for RPC. (string value)
# Deprecated group/name - [DEFAULT]/notification_transport_url
#transport_url = <None>
# AMQP topic used for OpenStack notifications. (list value)
# Deprecated group/name - [rpc_notifier2]/topics
# Deprecated group/name - [DEFAULT]/notification_topics
#topics = notifications
[oslo_messaging_rabbit]
#
# From oslo.messaging
#
# Use durable queues in AMQP. (boolean value)
# Deprecated group/name - [DEFAULT]/amqp_durable_queues
# Deprecated group/name - [DEFAULT]/rabbit_durable_queues
#amqp_durable_queues = false
# Auto-delete queues in AMQP. (boolean value)
# Deprecated group/name - [DEFAULT]/amqp_auto_delete
#amqp_auto_delete = false
# SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and
# SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some
# distributions. (string value)
# Deprecated group/name - [DEFAULT]/kombu_ssl_version
#kombu_ssl_version =
# SSL key file (valid only if SSL enabled). (string value)
# Deprecated group/name - [DEFAULT]/kombu_ssl_keyfile
#kombu_ssl_keyfile =
# SSL cert file (valid only if SSL enabled). (string value)
# Deprecated group/name - [DEFAULT]/kombu_ssl_certfile
#kombu_ssl_certfile =
# SSL certification authority file (valid only if SSL enabled). (string value)
# Deprecated group/name - [DEFAULT]/kombu_ssl_ca_certs
#kombu_ssl_ca_certs =
# How long to wait before reconnecting in response to an AMQP consumer cancel
# notification. (floating point value)
# Deprecated group/name - [DEFAULT]/kombu_reconnect_delay
#kombu_reconnect_delay = 1.0
# EXPERIMENTAL: Possible values are: gzip, bz2. If not set compression will not
# be used. This option may notbe available in future versions. (string value)
#kombu_compression = <None>
# How long to wait a missing client beforce abandoning to send it its replies.
# This value should not be longer than rpc_response_timeout. (integer value)
# Deprecated group/name - [DEFAULT]/kombu_reconnect_timeout
#kombu_missing_consumer_retry_timeout = 60
# Determines how the next RabbitMQ node is chosen in case the one we are
# currently connected to becomes unavailable. Takes effect only if more than
# one RabbitMQ node is provided in config. (string value)
# Allowed values: round-robin, shuffle
#kombu_failover_strategy = round-robin
# The RabbitMQ broker address where a single node is used. (string value)
# Deprecated group/name - [DEFAULT]/rabbit_host
#rabbit_host = localhost
# The RabbitMQ broker port where a single node is used. (port value)
# Minimum value: 0
# Maximum value: 65535
# Deprecated group/name - [DEFAULT]/rabbit_port
#rabbit_port = 5672
# RabbitMQ HA cluster host:port pairs. (list value)
# Deprecated group/name - [DEFAULT]/rabbit_hosts
#rabbit_hosts = $rabbit_host:$rabbit_port
# Connect over SSL for RabbitMQ. (boolean value)
# Deprecated group/name - [DEFAULT]/rabbit_use_ssl
#rabbit_use_ssl = false
# The RabbitMQ userid. (string value)
# Deprecated group/name - [DEFAULT]/rabbit_userid
#rabbit_userid = guest
# The RabbitMQ password. (string value)
# Deprecated group/name - [DEFAULT]/rabbit_password
#rabbit_password = guest
# The RabbitMQ login method. (string value)
# Deprecated group/name - [DEFAULT]/rabbit_login_method
#rabbit_login_method = AMQPLAIN
# The RabbitMQ virtual host. (string value)
# Deprecated group/name - [DEFAULT]/rabbit_virtual_host
#rabbit_virtual_host = /
# How frequently to retry connecting with RabbitMQ. (integer value)
#rabbit_retry_interval = 1
# How long to backoff for between retries when connecting to RabbitMQ. (integer
# value)
# Deprecated group/name - [DEFAULT]/rabbit_retry_backoff
#rabbit_retry_backoff = 2
# Maximum interval of RabbitMQ connection retries. Default is 30 seconds.
# (integer value)
#rabbit_interval_max = 30
# Maximum number of RabbitMQ connection retries. Default is 0 (infinite retry
# count). (integer value)
# Deprecated group/name - [DEFAULT]/rabbit_max_retries
#rabbit_max_retries = 0
# Try to use HA queues in RabbitMQ (x-ha-policy: all). If you change this
# option, you must wipe the RabbitMQ database. In RabbitMQ 3.0, queue mirroring
# is no longer controlled by the x-ha-policy argument when declaring a queue.
# If you just want to make sure that all queues (except those with auto-
# generated names) are mirrored across all nodes, run: "rabbitmqctl set_policy
# HA '^(?!amq\.).*' '{"ha-mode": "all"}' " (boolean value)
# Deprecated group/name - [DEFAULT]/rabbit_ha_queues
#rabbit_ha_queues = false
# Positive integer representing duration in seconds for queue TTL (x-expires).
# Queues which are unused for the duration of the TTL are automatically
# deleted. The parameter affects only reply and fanout queues. (integer value)
# Minimum value: 1
#rabbit_transient_queues_ttl = 1800
# Specifies the number of messages to prefetch. Setting to zero allows
# unlimited messages. (integer value)
#rabbit_qos_prefetch_count = 0
# Number of seconds after which the Rabbit broker is considered down if
# heartbeat's keep-alive fails (0 disable the heartbeat). EXPERIMENTAL (integer
# value)
#heartbeat_timeout_threshold = 60
# How often times during the heartbeat_timeout_threshold we check the
# heartbeat. (integer value)
#heartbeat_rate = 2
# Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake (boolean value)
# Deprecated group/name - [DEFAULT]/fake_rabbit
#fake_rabbit = false
# Maximum number of channels to allow (integer value)
#channel_max = <None>
# The maximum byte size for an AMQP frame (integer value)
#frame_max = <None>
# How often to send heartbeats for consumer's connections (integer value)
#heartbeat_interval = 1
# Enable SSL (boolean value)
#ssl = <None>
# Arguments passed to ssl.wrap_socket (dict value)
#ssl_options = <None>
# Set socket timeout in seconds for connection's socket (floating point value)
#socket_timeout = 0.25
# Set TCP_USER_TIMEOUT in seconds for connection's socket (floating point
# value)
#tcp_user_timeout = 0.25
# Set delay for reconnection to some host which has connection error (floating
# point value)
#host_connection_reconnect_delay = 0.25
# Maximum number of connections to keep queued. (integer value)
#pool_max_size = 10
# Maximum number of connections to create above `pool_max_size`. (integer
# value)
#pool_max_overflow = 0
# Default number of seconds to wait for a connections to available (integer
# value)
#pool_timeout = 30
# Lifetime of a connection (since creation) in seconds or None for no
# recycling. Expired connections are closed on acquire. (integer value)
#pool_recycle = 600
# Threshold at which inactive (since release) connections are considered stale
# in seconds or None for no staleness. Stale connections are closed on acquire.
# (integer value)
#pool_stale = 60
# Persist notification messages. (boolean value)
#notification_persistence = false
# Exchange name for for sending notifications (string value)
#default_notification_exchange = ${control_exchange}_notification
# Max number of not acknowledged message which RabbitMQ can send to
# notification listener. (integer value)
#notification_listener_prefetch_count = 100
# Reconnecting retry count in case of connectivity problem during sending
# notification, -1 means infinite retry. (integer value)
#default_notification_retry_attempts = -1
# Reconnecting retry delay in case of connectivity problem during sending
# notification message (floating point value)
#notification_retry_delay = 0.25
# Time to live for rpc queues without consumers in seconds. (integer value)
#rpc_queue_expiration = 60
# Exchange name for sending RPC messages (string value)
#default_rpc_exchange = ${control_exchange}_rpc
# Exchange name for receiving RPC replies (string value)
#rpc_reply_exchange = ${control_exchange}_rpc_reply
# Max number of not acknowledged message which RabbitMQ can send to rpc
# listener. (integer value)
#rpc_listener_prefetch_count = 100
# Max number of not acknowledged message which RabbitMQ can send to rpc reply
# listener. (integer value)
#rpc_reply_listener_prefetch_count = 100
# Reconnecting retry count in case of connectivity problem during sending
# reply. -1 means infinite retry during rpc_timeout (integer value)
#rpc_reply_retry_attempts = -1
# Reconnecting retry delay in case of connectivity problem during sending
# reply. (floating point value)
#rpc_reply_retry_delay = 0.25
# Reconnecting retry count in case of connectivity problem during sending RPC
# message, -1 means infinite retry. If actual retry attempts in not 0 the rpc
# request could be processed more then one time (integer value)
#default_rpc_retry_attempts = -1
# Reconnecting retry delay in case of connectivity problem during sending RPC
# message (floating point value)
#rpc_retry_delay = 0.25
[oslo_middleware]
#
# From oslo.middleware
#
# The maximum body size for each request, in bytes. (integer value)
# Deprecated group/name - [DEFAULT]/osapi_max_request_body_size
# Deprecated group/name - [DEFAULT]/max_request_body_size
#max_request_body_size = 114688
# The HTTP Header that will be used to determine what the original request
# protocol scheme was, even if it was hidden by an SSL termination proxy.
# (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#secure_proxy_ssl_header = X-Forwarded-Proto
[oslo_policy]
#
# From oslo.policy
#
# The JSON file that defines policies. (string value)
# Deprecated group/name - [DEFAULT]/policy_file
#policy_file = policy.json
# Default rule. Enforced when a requested rule is not found. (string value)
# Deprecated group/name - [DEFAULT]/policy_default_rule
#policy_default_rule = default
# Directories where policy configuration files are stored. They can be relative
# to any directory in the search path defined by the config_dir option, or
# absolute paths. The file defined by policy_file must exist for these
# directories to be searched. Missing or empty directories are ignored. (multi
# valued)
# Deprecated group/name - [DEFAULT]/policy_dirs
#policy_dirs = policy.d
[oslo_reports]
#
# From oslo.reports
#
# Path to a log directory where to create a file (string value)
#log_dir = <None>
[oslo_versionedobjects]
#
# From oslo.versionedobjects
#
# Make exception message format errors fatal (boolean value)
#fatal_exception_format_errors = false
[rdp]
#
# From nova
#
# Location of RDP html5 console proxy, in the form "http://127.0.0.1:6083/"
# (string value)
#html5_proxy_base_url = http://127.0.0.1:6083/
# Enable RDP related features (boolean value)
#enabled = false
[serial_console]
#
# From nova.conf
#
#
# Enable the serial console feature.
#
# In order to use this feature, the service ``nova-serialproxy`` needs to run.
# This service is typically executed on the controller node.
#
# Possible values:
#
# * True: Enables the feature
# * False: Disables the feature
#
# Services which consume this:
#
# * ``nova-compute``
#
# Interdependencies to other options:
#
# * None
# (boolean value)
#enabled = false
#
# A range of TCP ports a guest can use for its backend.
#
# Each instance which gets created will use one port out of this range. If the
# range is not big enough to provide another port for an new instance, this
# instance won't get launched.
#
# Possible values:
#
# Each string which passes the regex ``\d+:\d+`` For example ``10000:20000``.
# Be sure that the first port number is lower than the second port number.
#
# Services which consume this:
#
# * ``nova-compute``
#
# Interdependencies to other options:
#
# * None
# (string value)
#port_range = 10000:20000
#
# The URL an end user would use to connect to the ``nova-serialproxy`` service.
#
# The ``nova-serialproxy`` service is called with this token enriched URL
# and establishes the connection to the proper instance.
#
# Possible values:
#
# * <scheme><IP-address><port-number>
#
# Services which consume this:
#
# * ``nova-compute``
#
# Interdependencies to other options:
#
# * The IP address must be identical to the address to which the
# ``nova-serialproxy`` service is listening (see option ``serialproxy_host``
# in this section).
# * The port must be the same as in the option ``serialproxy_port`` of this
# section.
# * If you choose to use a secured websocket connection, then start this option
# with ``wss://`` instead of the unsecured ``ws://``. The options ``cert``
# and ``key`` in the ``[DEFAULT]`` section have to be set for that.
# (string value)
#base_url = ws://127.0.0.1:6083/
#
# DEPRECATED: this option has no effect anymore. Please use
# "proxyclient_address" instead. This option is deprecated and will be removed
# in future releases. (string value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#listen = 127.0.0.1
#
# The IP address to which proxy clients (like ``nova-serialproxy``) should
# connect to get the serial console of an instance.
#
# This is typically the IP address of the host of a ``nova-compute`` service.
#
# Possible values:
#
# * An IP address
#
# Services which consume this:
#
# * ``nova-compute``
#
# Interdependencies to other options:
#
# * None
# (string value)
#proxyclient_address = 127.0.0.1
#
# The IP address which is used by the ``nova-serialproxy`` service to listen
# for incoming requests.
#
# The ``nova-serialproxy`` service listens on this IP address for incoming
# connection requests to instances which expose serial console.
#
# Possible values:
#
# * An IP address
#
# Services which consume this:
#
# * ``nova-serialproxy``
#
# Interdependencies to other options:
#
# * Ensure that this is the same IP address which is defined in the option
# ``base_url`` of this section or use ``0.0.0.0`` to listen on all addresses.
# (string value)
#serialproxy_host = 0.0.0.0
#
# The port number which is used by the ``nova-serialproxy`` service to listen
# for incoming requests.
#
# The ``nova-serialproxy`` service listens on this port number for incoming
# connection requests to instances which expose serial console.
#
# Possible values:
#
# * A port number
#
# Services which consume this:
#
# * ``nova-serialproxy``
#
# Interdependencies to other options:
#
# * Ensure that this is the same port number which is defined in the option
# ``base_url`` of this section.
# (integer value)
# Minimum value: 1
# Maximum value: 65535
#serialproxy_port = 6083
[solariszones]
#
# From nova.virt
#
# Cinder volume type to use for boot volumes (string value)
#boot_volume_type = <None>
# Cinder availability zone to use for boot volumes (string value)
#boot_volume_az = <None>
# Default path to Glance cache for Solaris Zones. (string value)
#glancecache_dirname = /var/share/nova/images
# Cipher to use for encryption of memory traffic during live migration. If not
# specified, a common encryption algorithm will be negotiated. Options include:
# none or the name of a supported OpenSSL cipher algorithm. (string value)
#live_migration_cipher = <None>
# Location to store snapshots before uploading them to the Glance image
# service. (string value)
#solariszones_snapshots_directory = $instances_path/snapshots
# Default path for suspend images for Solaris Zones. (string value)
#zones_suspend_path = /var/share/zones/SYSsuspend
# Allow kernel boot options to be set in instance metadata. (boolean value)
#solariszones_boot_options = true
[spice]
#
# From nova
#
# Host on which to listen for incoming requests (string value)
#html5proxy_host = 0.0.0.0
# Port on which to listen for incoming requests (integer value)
# Minimum value: 1
# Maximum value: 65535
#html5proxy_port = 6082
# Location of spice HTML5 console proxy, in the form
# "http://127.0.0.1:6082/spice_auto.html" (string value)
#html5proxy_base_url = http://127.0.0.1:6082/spice_auto.html
# IP address on which instance spice server should listen (string value)
#server_listen = 127.0.0.1
# The address to which proxy clients (like nova-spicehtml5proxy) should connect
# (string value)
#server_proxyclient_address = 127.0.0.1
# Enable spice related features (boolean value)
#enabled = false
# Enable spice guest agent support (boolean value)
#agent_enabled = true
# Keymap for spice (string value)
#keymap = en-us
[ssl]
#
# From oslo.service.sslutils
#
# CA certificate file to use to verify connecting clients. (string value)
# Deprecated group/name - [DEFAULT]/ssl_ca_file
#ca_file = <None>
# Certificate file to use when starting the server securely. (string value)
# Deprecated group/name - [DEFAULT]/ssl_cert_file
#cert_file = <None>
# Private key file to use when starting the server securely. (string value)
# Deprecated group/name - [DEFAULT]/ssl_key_file
#key_file = <None>
# SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and
# SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some
# distributions. (string value)
#version = <None>
# Sets the list of available ciphers. value should be a string in the OpenSSL
# cipher list format. (string value)
#ciphers = <None>
[trusted_computing]
#
# From nova.conf
#
#
# The host to use as the attestation server.
#
# Cloud computing pools can involve thousands of compute nodes located at
# different geographical locations, making it difficult for cloud providers to
# identify a node's trustworthiness. When using the Trusted filter, users can
# request that their VMs only be placed on nodes that have been verified by the
# attestation server specified in this option.
#
# The value is a string, and can be either an IP address or FQDN.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect. Also note that this setting
# only affects scheduling if the 'TrustedFilter' filter is enabled.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# attestation_server_ca_file
# attestation_port
# attestation_api_url
# attestation_auth_blob
# attestation_auth_timeout
# attestation_insecure_ssl
# (string value)
#attestation_server = <None>
#
# The absolute path to the certificate to use for authentication when
# connecting
# to the attestation server. See the `attestation_server` help text for more
# information about host verification.
#
# The value is a string, and must point to a file that is readable by the
# scheduler.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect. Also note that this setting
# only affects scheduling if the 'TrustedFilter' filter is enabled.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# attestation_server
# attestation_port
# attestation_api_url
# attestation_auth_blob
# attestation_auth_timeout
# attestation_insecure_ssl
# (string value)
#attestation_server_ca_file = <None>
#
# The port to use when connecting to the attestation server. See the
# `attestation_server` help text for more information about host verification.
#
# Valid values are strings, not integers, but must be digits only.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect. Also note that this setting
# only affects scheduling if the 'TrustedFilter' filter is enabled.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# attestation_server
# attestation_server_ca_file
# attestation_api_url
# attestation_auth_blob
# attestation_auth_timeout
# attestation_insecure_ssl
# (string value)
#attestation_port = 8443
#
# The URL on the attestation server to use. See the `attestation_server` help
# text for more information about host verification.
#
# This value must be just that path portion of the full URL, as it will be
# joined
# to the host specified in the attestation_server option.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect. Also note that this setting
# only affects scheduling if the 'TrustedFilter' filter is enabled.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# attestation_server
# attestation_server_ca_file
# attestation_port
# attestation_auth_blob
# attestation_auth_timeout
# attestation_insecure_ssl
# (string value)
#attestation_api_url = /OpenAttestationWebServices/V1.0
#
# Attestation servers require a specific blob that is used to authenticate. The
# content and format of the blob are determined by the particular attestation
# server being used. There is no default value; you must supply the value as
# specified by your attestation service. See the `attestation_server` help text
# for more information about host verification.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect. Also note that this setting
# only affects scheduling if the 'TrustedFilter' filter is enabled.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# attestation_server
# attestation_server_ca_file
# attestation_port
# attestation_api_url
# attestation_auth_timeout
# attestation_insecure_ssl
# (string value)
#attestation_auth_blob = <None>
#
# This value controls how long a successful attestation is cached. Once this
# period has elapsed, a new attestation request will be made. See the
# `attestation_server` help text for more information about host verification.
#
# The value is in seconds. Valid values must be positive integers for any
# caching; setting this to zero or a negative value will result in calls to the
# attestation_server for every request, which may impact performance.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect. Also note that this setting
# only affects scheduling if the 'TrustedFilter' filter is enabled.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# attestation_server
# attestation_server_ca_file
# attestation_port
# attestation_api_url
# attestation_auth_blob
# attestation_insecure_ssl
# (integer value)
#attestation_auth_timeout = 60
#
# When set to True, the SSL certificate verification is skipped for the
# attestation service. See the `attestation_server` help text for more
# information about host verification.
#
# Valid values are True or False. The default is False.
#
# This option is only used by the FilterScheduler and its subclasses; if you
# use
# a different scheduler, this option has no effect. Also note that this setting
# only affects scheduling if the 'TrustedFilter' filter is enabled.
#
# * Services that use this:
#
# ``nova-scheduler``
#
# * Related options:
#
# attestation_server
# attestation_server_ca_file
# attestation_port
# attestation_api_url
# attestation_auth_blob
# attestation_auth_timeout
# (boolean value)
#attestation_insecure_ssl = false
[upgrade_levels]
#
# From nova
#
# Set a version cap for messages sent to the base api in any service (string
# value)
#baseapi = <None>
# Set a version cap for messages sent to conductor services (string value)
#conductor = <None>
# Set a version cap for messages sent to console services (string value)
#console = <None>
# Set a version cap for messages sent to consoleauth services (string value)
#consoleauth = <None>
#
# From nova.compute
#
# Set a version cap for messages sent to compute services. Set this option to
# "auto" if you want to let the compute RPC module automatically determine what
# version to use based on the service versions in the deployment. Otherwise,
# you can set this to a specific version to pin this service to messages at a
# particular level. All services of a single type (i.e. compute) should be
# configured to use the same version, and it should be set to the minimum
# commonly-supported version of all those services in the deployment. (string
# value)
#compute = <None>
#
# From nova.conf
#
#
# Intercell version
#
# Intercell RPC API is the client side of the Cell<->Cell RPC API.
# Use this option to set a version cap for messages sent between
# cells services.
#
# Possible values:
#
# * None: This is the default value.
# * grizzly: message version 1.0.
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * None
# (string value)
#intercell = <None>
#
# Cells version
#
# Cells client-side RPC API version. Use this option to set a version
# cap for messages sent to local cells services.
#
# Possible values:
#
# * None: This is the default value.
# * grizzly: message version 1.6.
# * havana: message version 1.24.
# * icehouse: message version 1.27.
# * juno: message version 1.29.
# * kilo: message version 1.34.
# * liberty: message version 1.37.
#
# Services which consume this:
#
# * nova-cells
#
# Related options:
#
# * None
# (string value)
#cells = <None>
#
# Specifies the maximum version for messages sent from cert services. This
# should
# be the minimum value that is supported by all of the deployed cert services.
#
# Possible values:
#
# Any valid OpenStack release name, in lower case, such as 'mitaka' or
# 'liberty'.
# Alternatively, it can be any string representing a version number in the
# format
# 'N.N'; for example, possible values might be '1.12' or '2.0'.
#
# * Services which consume this:
#
# ``nova-cert``
#
# * Related options:
#
# None
# (string value)
#cert = <None>
#
# Sets a version cap (limit) for messages sent to scheduler services. In the
# situation where there were multiple scheduler services running, and they were
# not being upgraded together, you would set this to the lowest deployed
# version
# to guarantee that other services never send messages that any of your running
# schedulers cannot understand.
#
# This is rarely needed in practice as most deployments run a single scheduler.
# It exists mainly for design compatibility with the other services, such as
# compute, which are routinely upgraded in a rolling fashion.
#
# * Services that use this:
#
# ``nova-compute, nova-conductor``
#
# * Related options:
#
# None
# (string value)
#scheduler = <None>
#
# From nova.network
#
# Set a version cap for messages sent to network services (string value)
#network = <None>
[vmware]
#
# From nova.virt
#
# The maximum number of ObjectContent data objects that should be returned in a
# single result. A positive value will cause the operation to suspend the
# retrieval when the count of objects reaches the specified maximum. The server
# may still limit the count to something less than the configured value. Any
# remaining objects may be retrieved with additional requests. (integer value)
#maximum_objects = 100
# The PBM status. (boolean value)
#pbm_enabled = false
# PBM service WSDL file location URL. e.g.
# file:///opt/SDK/spbm/wsdl/pbmService.wsdl Not setting this will disable
# storage policy based placement of instances. (string value)
#pbm_wsdl_location = <None>
# The PBM default policy. If pbm_wsdl_location is set and there is no defined
# storage policy for the specific request then this policy will be used.
# (string value)
#pbm_default_policy = <None>
# Hostname or IP address for connection to VMware vCenter host. (string value)
#host_ip = <None>
# Port for connection to VMware vCenter host. (port value)
# Minimum value: 0
# Maximum value: 65535
#host_port = 443
# Username for connection to VMware vCenter host. (string value)
#host_username = <None>
# Password for connection to VMware vCenter host. (string value)
#host_password = <None>
# Specify a CA bundle file to use in verifying the vCenter server certificate.
# (string value)
#ca_file = <None>
# If true, the vCenter server certificate is not verified. If false, then the
# default CA truststore is used for verification. This option is ignored if
# "ca_file" is set. (boolean value)
#insecure = false
# Name of a VMware Cluster ComputeResource. (string value)
#cluster_name = <None>
# Regex to match the name of a datastore. (string value)
#datastore_regex = <None>
# The interval used for polling of remote tasks. (floating point value)
#task_poll_interval = 0.5
# The number of times we retry on failures, e.g., socket error, etc. (integer
# value)
#api_retry_count = 10
# VNC starting port (port value)
# Minimum value: 0
# Maximum value: 65535
#vnc_port = 5900
# Total number of VNC ports (integer value)
#vnc_port_total = 10000
# Whether to use linked clone (boolean value)
#use_linked_clone = true
# Optional VIM Service WSDL Location e.g http://<server>/vimService.wsdl.
# Optional over-ride to default location for bug work-arounds (string value)
#wsdl_location = <None>
# Physical ethernet adapter name for vlan networking (string value)
#vlan_interface = vmnic0
# This option should be configured only when using the NSX-MH Neutron plugin.
# This is the name of the integration bridge on the ESXi. This should not be
# set for any other Neutron plugin. Hence the default value is not set. (string
# value)
#integration_bridge = <None>
# Set this value if affected by an increased network latency causing repeated
# characters when typing in a remote console. (integer value)
#console_delay_seconds = <None>
# Identifies the remote system that serial port traffic will be sent to. If
# this is not set, no serial ports will be added to the created VMs. (string
# value)
#serial_port_service_uri = <None>
# Identifies a proxy service that provides network access to the
# serial_port_service_uri. This option is ignored if serial_port_service_uri is
# not specified. (string value)
#serial_port_proxy_uri = <None>
# The prefix for where cached images are stored. This is NOT the full path -
# just a folder prefix. This should only be used when a datastore cache should
# be shared between compute nodes. Note: this should only be used when the
# compute nodes have a shared file system. (string value)
#cache_prefix = <None>
[vnc]
#
# Virtual Network Computer (VNC) can be used to provide remote desktop
# console access to instances for tenants and/or administrators.
#
# From nova.conf
#
# Enable VNC related features.
#
# Guests will get created with graphical devices to support this. Clients
# (for example Horizon) can then establish a VNC connection to the guest.
#
# Possible values:
#
# * True: Enables the feature
# * False: Disables the feature
#
# Services which consume this:
#
# * ``nova-compute``
#
# Related options:
#
# * None
# (boolean value)
# Deprecated group/name - [DEFAULT]/vnc_enabled
#enabled = true
# Keymap for VNC.
#
# The keyboard mapping (keymap) determines which keyboard layout a VNC
# session should use by default.
#
# Possible values:
#
# * A keyboard layout which is supported by the underlying hypervisor on
# this node. This is usually an 'IETF language tag' (for example
# 'en-us'). If you use QEMU as hypervisor, you should find the list
# of supported keyboard layouts at ``/usr/share/qemu/keymaps``.
#
# Services which consume this:
#
# * ``nova-compute``
#
# Related options:
#
# * None
# (string value)
# Deprecated group/name - [DEFAULT]/vnc_keymap
#keymap = en-us
#
# The IP address on which an instance should listen to for incoming VNC
# connection requests on this node.
#
# Possible values:
#
# * An IP address
#
# Services which consume this:
#
# * ``nova-compute``
#
# Related options:
#
# * None
# (string value)
# Deprecated group/name - [DEFAULT]/vncserver_listen
#vncserver_listen = 127.0.0.1
#
# Private, internal address of VNC console proxy.
#
# The VNC proxy is an OpenStack component that enables compute service
# users to access their instances through VNC clients.
#
# This option sets the private address to which proxy clients, such as
# ``nova-xvpvncproxy``, should connect to.
#
# Possible values:
#
# * An IP address
#
# Services which consume this:
#
# * ``nova-compute``
#
# Related options:
#
# * None
# (string value)
# Deprecated group/name - [DEFAULT]/vncserver_proxyclient_address
#vncserver_proxyclient_address = 127.0.0.1
#
# IP address that the noVNC console proxy should bind to.
#
# The VNC proxy is an OpenStack component that enables compute service
# users to access their instances through VNC clients. noVNC provides
# VNC support through a websocket-based client.
#
# This option sets the private address to which the noVNC console proxy
# service should bind to.
#
# Possible values:
#
# * An IP address
#
# Services which consume this:
#
# * ``nova-compute``
#
# Related options:
#
# * novncproxy_port
# * novncproxy_base_url
# (string value)
# Deprecated group/name - [DEFAULT]/novncproxy_host
#novncproxy_host = 0.0.0.0
#
# Port that the noVNC console proxy should bind to.
#
# The VNC proxy is an OpenStack component that enables compute service
# users to access their instances through VNC clients. noVNC provides
# VNC support through a websocket-based client.
#
# This option sets the private port to which the noVNC console proxy
# service should bind to.
#
# Possible values:
#
# * A port number
#
# Services which consume this:
#
# * ``nova-compute``
#
# Related options:
#
# * novncproxy_host
# * novncproxy_base_url
# (integer value)
# Minimum value: 1
# Maximum value: 65535
# Deprecated group/name - [DEFAULT]/novncproxy_port
#novncproxy_port = 6080
#
# Public address of noVNC VNC console proxy.
#
# The VNC proxy is an OpenStack component that enables compute service
# users to access their instances through VNC clients. noVNC provides
# VNC support through a websocket-based client.
#
# This option sets the public base URL to which client systems will
# connect. noVNC clients can use this address to connect to the noVNC
# instance and, by extension, the VNC sessions.
#
# Possible values:
#
# * A URL
#
# Services which consume this:
#
# * ``nova-compute``
#
# Related options:
#
# * novncproxy_host
# * novncproxy_port
# (string value)
# Deprecated group/name - [DEFAULT]/novncproxy_base_url
novncproxy_base_url = http://$my_ip:6080/vnc_auto.html
#
# IP address that the XVP VNC console proxy should bind to.
#
# The VNC proxy is an OpenStack component that enables compute service
# users to access their instances through VNC clients. Xen provides
# the Xenserver VNC Proxy, or XVP, as an alternative to the
# websocket-based noVNC proxy used by Libvirt. In contrast to noVNC,
# XVP clients are Java-based.
#
# This option sets the private address to which the XVP VNC console proxy
# service should bind to.
#
# Possible values:
#
# * An IP address
#
# Services which consume this:
#
# * ``nova-compute``
#
# Related options:
#
# * xvpvncproxy_port
# * xvpvncproxy_base_url
# (string value)
# Deprecated group/name - [DEFAULT]/xvpvncproxy_host
#xvpvncproxy_host = 0.0.0.0
#
# Port that the XVP VNC console proxy should bind to.
#
# The VNC proxy is an OpenStack component that enables compute service
# users to access their instances through VNC clients. Xen provides
# the Xenserver VNC Proxy, or XVP, as an alternative to the
# websocket-based noVNC proxy used by Libvirt. In contrast to noVNC,
# XVP clients are Java-based.
#
# This option sets the private port to which the XVP VNC console proxy
# service should bind to.
#
# Possible values:
#
# * A port number
#
# Services which consume this:
#
# * ``nova-compute``
#
# Related options:
#
# * xvpvncproxy_host
# * xvpvncproxy_base_url
# (integer value)
# Minimum value: 1
# Maximum value: 65535
# Deprecated group/name - [DEFAULT]/xvpvncproxy_port
#xvpvncproxy_port = 6081
#
# Public address of XVP VNC console proxy.
#
# The VNC proxy is an OpenStack component that enables compute service
# users to access their instances through VNC clients. Xen provides
# the Xenserver VNC Proxy, or XVP, as an alternative to the
# websocket-based noVNC proxy used by Libvirt. In contrast to noVNC,
# XVP clients are Java-based.
#
# This option sets the public base URL to which client systems will
# connect. XVP clients can use this address to connect to the XVP
# instance and, by extension, the VNC sessions.
#
# Possible values:
#
# * A URL
#
# Services which consume this:
#
# * ``nova-compute``
#
# Related options:
#
# * xvpvncproxy_host
# * xvpvncproxy_port
# (string value)
# Deprecated group/name - [DEFAULT]/xvpvncproxy_base_url
#xvpvncproxy_base_url = http://127.0.0.1:6081/console
[workarounds]
#
# From nova
#
# This option allows a fallback to sudo for performance reasons. For example
# see https://bugs.launchpad.net/nova/+bug/1415106 (boolean value)
#disable_rootwrap = false
# When using libvirt 1.2.2 live snapshots fail intermittently under load. This
# config option provides a mechanism to enable live snapshot while this is
# resolved. See https://bugs.launchpad.net/nova/+bug/1334398 (boolean value)
#disable_libvirt_livesnapshot = true
# DEPRECATED: Whether to destroy instances on startup when we suspect they have
# previously been evacuated. This can result in data loss if undesired. See
# https://launchpad.net/bugs/1419785 (boolean value)
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#destroy_after_evacuate = true
# Whether or not to handle events raised from the compute driver's 'emit_event'
# method. These are lifecycle events raised from compute drivers that implement
# the method. An example of a lifecycle event is an instance starting or
# stopping. If the instance is going through task state changes due to an API
# operation, like resize, the events are ignored. However, this is an advanced
# feature which allows the hypervisor to signal to the compute service that an
# unexpected state change has occurred in an instance and the instance can be
# shutdown automatically - which can inherently race in reboot operations or
# when the compute service or host is rebooted, either planned or due to an
# unexpected outage. Care should be taken when using this and
# sync_power_state_interval is negative since then if any instances are out of
# sync between the hypervisor and the Nova database they will have to be
# synchronized manually. See https://bugs.launchpad.net/bugs/1444630 (boolean
# value)
#handle_virt_lifecycle_events = true
[xenserver]
#
# From nova.virt
#
# Name of Integration Bridge used by Open vSwitch (string value)
#ovs_integration_bridge = xapi1
# Number of seconds to wait for agent reply (integer value)
#agent_timeout = 30
# Number of seconds to wait for agent to be fully operational (integer value)
#agent_version_timeout = 300
# Number of seconds to wait for agent reply to resetnetwork request (integer
# value)
#agent_resetnetwork_timeout = 60
# Specifies the path in which the XenAPI guest agent should be located. If the
# agent is present, network configuration is not injected into the image. Used
# if compute_driver=xenapi.XenAPIDriver and flat_injected=True (string value)
#agent_path = usr/sbin/xe-update-networking
# Disables the use of the XenAPI agent in any image regardless of what image
# properties are present. (boolean value)
#disable_agent = false
# Determines if the XenAPI agent should be used when the image used does not
# contain a hint to declare if the agent is present or not. The hint is a
# glance property "xenapi_use_agent" that has the value "True" or "False". Note
# that waiting for the agent when it is not present will significantly increase
# server boot times. (boolean value)
#use_agent_default = false
# Timeout in seconds for XenAPI login. (integer value)
#login_timeout = 10
# Maximum number of concurrent XenAPI connections. Used only if
# compute_driver=xenapi.XenAPIDriver (integer value)
#connection_concurrent = 5
# URL for connection to XenServer/Xen Cloud Platform. A special value of
# unix://local can be used to connect to the local unix socket. Required if
# compute_driver=xenapi.XenAPIDriver (string value)
#connection_url = <None>
# Username for connection to XenServer/Xen Cloud Platform. Used only if
# compute_driver=xenapi.XenAPIDriver (string value)
#connection_username = root
# Password for connection to XenServer/Xen Cloud Platform. Used only if
# compute_driver=xenapi.XenAPIDriver (string value)
#connection_password = <None>
# The interval used for polling of coalescing vhds. Used only if
# compute_driver=xenapi.XenAPIDriver (floating point value)
#vhd_coalesce_poll_interval = 5.0
# Ensure compute service is running on host XenAPI connects to. (boolean value)
#check_host = true
# Max number of times to poll for VHD to coalesce. Used only if
# compute_driver=xenapi.XenAPIDriver (integer value)
#vhd_coalesce_max_attempts = 20
# Base path to the storage repository (string value)
#sr_base_path = /var/run/sr-mount
# The iSCSI Target Host (string value)
#target_host = <None>
# The iSCSI Target Port, default is port 3260 (string value)
#target_port = 3260
# IQN Prefix (string value)
#iqn_prefix = iqn.2010-10.org.openstack
# Used to enable the remapping of VBD dev (Works around an issue in Ubuntu
# Maverick) (boolean value)
#remap_vbd_dev = false
# Specify prefix to remap VBD dev to (ex. /dev/xvdb -> /dev/sdb) (string value)
#remap_vbd_dev_prefix = sd
# Base URL for torrent files; must contain a slash character (see RFC 1808,
# step 6) (string value)
#torrent_base_url = <None>
# Probability that peer will become a seeder. (1.0 = 100%) (floating point
# value)
#torrent_seed_chance = 1.0
# Number of seconds after downloading an image via BitTorrent that it should be
# seeded for other peers. (integer value)
#torrent_seed_duration = 3600
# Cached torrent files not accessed within this number of seconds can be reaped
# (integer value)
#torrent_max_last_accessed = 86400
# Beginning of port range to listen on (integer value)
# Minimum value: 1
# Maximum value: 65535
#torrent_listen_port_start = 6881
# End of port range to listen on (integer value)
# Minimum value: 1
# Maximum value: 65535
#torrent_listen_port_end = 6891
# Number of seconds a download can remain at the same progress percentage w/o
# being considered a stall (integer value)
#torrent_download_stall_cutoff = 600
# Maximum number of seeder processes to run concurrently within a given dom0.
# (-1 = no limit) (integer value)
#torrent_max_seeder_processes_per_host = 1
# To use for hosts with different CPUs (boolean value)
#use_join_force = true
# Cache glance images locally. `all` will cache all images, `some` will only
# cache images that have the image_property `cache_in_nova=True`, and `none`
# turns off caching entirely (string value)
# Allowed values: all, some, none
#cache_images = all
# Compression level for images, e.g., 9 for gzip -9. Range is 1-9, 9 being most
# compressed but most CPU intensive on dom0. (integer value)
# Minimum value: 1
# Maximum value: 9
#image_compression_level = <None>
# Default OS type (string value)
#default_os_type = linux
# Time to wait for a block device to be created (integer value)
#block_device_creation_timeout = 10
# Maximum size in bytes of kernel or ramdisk images (integer value)
#max_kernel_ramdisk_size = 16777216
# Filter for finding the SR to be used to install guest instances on. To use
# the Local Storage in default XenServer/XCP installations set this flag to
# other-config:i18n-key=local-storage. To select an SR with a different
# matching criteria, you could set it to other-config:my_favorite_sr=true. On
# the other hand, to fall back on the Default SR, as displayed by XenCenter,
# set this flag to: default-sr:true (string value)
#sr_matching_filter = default-sr:true
# Whether to use sparse_copy for copying data on a resize down (False will use
# standard dd). This speeds up resizes down considerably since large runs of
# zeros won't have to be rsynced (boolean value)
#sparse_copy = true
# Maximum number of retries to unplug VBD. if <=0, should try once and no retry
# (integer value)
#num_vbd_unplug_retries = 10
# Whether or not to download images via Bit Torrent. (string value)
# Allowed values: all, some, none
#torrent_images = none
# Name of network to use for booting iPXE ISOs (string value)
#ipxe_network_name = <None>
# URL to the iPXE boot menu (string value)
#ipxe_boot_menu_url = <None>
# Name and optionally path of the tool used for ISO image creation (string
# value)
#ipxe_mkisofs_cmd = mkisofs
# Number of seconds to wait for instance to go to running state (integer value)
#running_timeout = 60
# The XenAPI VIF driver using XenServer Network APIs. (string value)
#vif_driver = nova.virt.xenapi.vif.XenAPIBridgeDriver
# Dom0 plugin driver used to handle image uploads. (string value)
#image_upload_handler = nova.virt.xenapi.image.glance.GlanceStore
# Number of seconds to wait for an SR to settle if the VDI does not exist when
# first introduced (integer value)
#introduce_vdi_retry_wait = 20