openstack/glance
Code Issues Proposed changes

Refresh Glance example configs for antelope milestone 3

Browse Source 
Change-Id: Id27f12aecce5a981dedf0bc3513a2f19a1e2a24d
This commit is contained in:
Pranali Deore 2023-02-16 09:37:25 +00:00
parent b20cc91e6f
commit 1d54dddaa0
4 changed files with 93 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
etc/glance-api.conf
View File

@ -487,32 +487,6 @@
# * [DEFAULT]/node_staging_uri (list value) # * [DEFAULT]/node_staging_uri (list value)
#enabled_import_methods = [glance-direct,web-download,copy-image] #enabled_import_methods = [glance-direct,web-download,copy-image]
# DEPRECATED:
# Enforce API access based on common persona definitions used across OpenStack.
# Enabling this option formalizes project-specific read/write operations, like
# creating private images or updating the status of shared image, behind the
# `member` role. It also formalizes a read-only variant useful for
# project-specific API operations, like listing private images in a project,
# behind the `reader` role.
#
# Operators should take an opportunity to understand glance's new image
# policies,
# audit assignments in their deployment, and update permissions using the
# default
# roles in keystone (e.g., `admin`, `member`, and `reader`).
#
# Related options:
# * [oslo_policy]/enforce_new_defaults
# (boolean value)
# This option is deprecated for removal since Wallaby.
# Its value may be silently ignored in the future.
# Reason:
# This option has been introduced to require operators to opt into enforcing
# authorization based on common RBAC personas, which is EXPERIMENTAL as of the
# Wallaby release. This behavior will be the default and STABLE in a future
# release, allowing this option to be removed.
#enforce_secure_rbac = false
# #
# The URL to this worker. # The URL to this worker.
# #
@ -1771,6 +1745,11 @@
# (string value) # (string value)
#mysql_sql_mode = TRADITIONAL #mysql_sql_mode = TRADITIONAL
# For Galera only, configure wsrep_sync_wait causality checks on new
# connections. Default is None, meaning don't configure any setting. (integer
# value)
#mysql_wsrep_sync_wait = <None>
# DEPRECATED: If True, transparently enables support for handling MySQL Cluster # DEPRECATED: If True, transparently enables support for handling MySQL Cluster
# (NDB). (boolean value) # (NDB). (boolean value)
# This option is deprecated for removal since 12.1.0. # This option is deprecated for removal since 12.1.0.
@ -2224,6 +2203,22 @@
# (string value) # (string value)
#s3_store_host = <None> #s3_store_host = <None>
#
# The S3 region name.
#
# This parameter will set the region_name used by boto.
# If this parameter is not set, we we will try to compute it from the
# s3_store_host.
#
# Possible values:
# * A valid region name
#
# Related Options:
# * s3_store_host
#
# (string value)
#s3_store_region_name =
# #
# The S3 query token access key. # The S3 query token access key.
# #
@ -3941,6 +3936,22 @@
# (string value) # (string value)
#s3_store_host = <None> #s3_store_host = <None>
#
# The S3 region name.
#
# This parameter will set the region_name used by boto.
# If this parameter is not set, we we will try to compute it from the
# s3_store_host.
#
# Possible values:
# * A valid region name
#
# Related Options:
# * s3_store_host
#
# (string value)
#s3_store_region_name =
# #
# The S3 query token access key. # The S3 query token access key.
# #
@ -4872,6 +4883,14 @@
# Deprecated group/name - [DEFAULT]/disk_formats # Deprecated group/name - [DEFAULT]/disk_formats
#disk_formats = ami,ari,aki,vhd,vhdx,vmdk,raw,qcow2,vdi,iso,ploop #disk_formats = ami,ari,aki,vhd,vhdx,vmdk,raw,qcow2,vdi,iso,ploop
# A list of strings describing allowed VMDK 'create-type' subformats that will
# be allowed. This is recommended to only include single-file-with-sparse-header
# variants to avoid potential host file exposure due to processing named
# extents. If this list is empty, then no VDMK image types allowed. Note that
# this is currently only checked during image conversion (if enabled), and
# limits the types of VMDK images we will convert from. (list value)
#vmdk_allowed_types = streamOptimized,monolithicSparse
[key_manager] [key_manager]
@ -5761,7 +5780,7 @@
# ``InvalidScope`` exception will be raised. If ``False``, a message will be # ``InvalidScope`` exception will be raised. If ``False``, a message will be
# logged informing operators that policies are being invoked with mismatching # logged informing operators that policies are being invoked with mismatching
# scope. (boolean value) # scope. (boolean value)
#enforce_scope = false #enforce_scope = true
# This option controls whether or not to use old deprecated defaults when # This option controls whether or not to use old deprecated defaults when
# evaluating policies. If ``True``, the old deprecated defaults are not going to # evaluating policies. If ``True``, the old deprecated defaults are not going to
@ -5772,7 +5791,7 @@
# deprecated policy check string is logically OR'd with the new policy check # deprecated policy check string is logically OR'd with the new policy check
# string, allowing for a graceful upgrade experience between releases with new # string, allowing for a graceful upgrade experience between releases with new
# policies, which is the default behavior. (boolean value) # policies, which is the default behavior. (boolean value)
#enforce_new_defaults = false #enforce_new_defaults = true
# The relative or absolute path of a file that maps roles to permissions for a # The relative or absolute path of a file that maps roles to permissions for a
# given service. Relative paths must be specified in relation to the # given service. Relative paths must be specified in relation to the

46
etc/glance-cache.conf
View File

@ -429,32 +429,6 @@
# * [DEFAULT]/node_staging_uri (list value) # * [DEFAULT]/node_staging_uri (list value)
#enabled_import_methods = [glance-direct,web-download,copy-image] #enabled_import_methods = [glance-direct,web-download,copy-image]
# DEPRECATED:
# Enforce API access based on common persona definitions used across OpenStack.
# Enabling this option formalizes project-specific read/write operations, like
# creating private images or updating the status of shared image, behind the
# `member` role. It also formalizes a read-only variant useful for
# project-specific API operations, like listing private images in a project,
# behind the `reader` role.
#
# Operators should take an opportunity to understand glance's new image
# policies,
# audit assignments in their deployment, and update permissions using the
# default
# roles in keystone (e.g., `admin`, `member`, and `reader`).
#
# Related options:
# * [oslo_policy]/enforce_new_defaults
# (boolean value)
# This option is deprecated for removal since Wallaby.
# Its value may be silently ignored in the future.
# Reason:
# This option has been introduced to require operators to opt into enforcing
# authorization based on common RBAC personas, which is EXPERIMENTAL as of the
# Wallaby release. This behavior will be the default and STABLE in a future
# release, allowing this option to be removed.
#enforce_secure_rbac = false
# #
# The URL to this worker. # The URL to this worker.
# #
@ -1557,6 +1531,22 @@
# (string value) # (string value)
#s3_store_host = <None> #s3_store_host = <None>
#
# The S3 region name.
#
# This parameter will set the region_name used by boto.
# If this parameter is not set, we we will try to compute it from the
# s3_store_host.
#
# Possible values:
# * A valid region name
#
# Related Options:
# * s3_store_host
#
# (string value)
#s3_store_region_name =
# #
# The S3 query token access key. # The S3 query token access key.
# #
@ -2468,7 +2458,7 @@
# ``InvalidScope`` exception will be raised. If ``False``, a message will be # ``InvalidScope`` exception will be raised. If ``False``, a message will be
# logged informing operators that policies are being invoked with mismatching # logged informing operators that policies are being invoked with mismatching
# scope. (boolean value) # scope. (boolean value)
#enforce_scope = false #enforce_scope = true
# This option controls whether or not to use old deprecated defaults when # This option controls whether or not to use old deprecated defaults when
# evaluating policies. If ``True``, the old deprecated defaults are not going to # evaluating policies. If ``True``, the old deprecated defaults are not going to
@ -2479,7 +2469,7 @@
# deprecated policy check string is logically OR'd with the new policy check # deprecated policy check string is logically OR'd with the new policy check
# string, allowing for a graceful upgrade experience between releases with new # string, allowing for a graceful upgrade experience between releases with new
# policies, which is the default behavior. (boolean value) # policies, which is the default behavior. (boolean value)
#enforce_new_defaults = false #enforce_new_defaults = true
# The relative or absolute path of a file that maps roles to permissions for a # The relative or absolute path of a file that maps roles to permissions for a
# given service. Relative paths must be specified in relation to the # given service. Relative paths must be specified in relation to the

5
etc/glance-manage.conf
View File

@ -178,6 +178,11 @@
# (string value) # (string value)
#mysql_sql_mode = TRADITIONAL #mysql_sql_mode = TRADITIONAL
# For Galera only, configure wsrep_sync_wait causality checks on new
# connections. Default is None, meaning don't configure any setting. (integer
# value)
#mysql_wsrep_sync_wait = <None>
# DEPRECATED: If True, transparently enables support for handling MySQL Cluster # DEPRECATED: If True, transparently enables support for handling MySQL Cluster
# (NDB). (boolean value) # (NDB). (boolean value)
# This option is deprecated for removal since 12.1.0. # This option is deprecated for removal since 12.1.0.

51
etc/glance-scrubber.conf
View File

@ -429,32 +429,6 @@
# * [DEFAULT]/node_staging_uri (list value) # * [DEFAULT]/node_staging_uri (list value)
#enabled_import_methods = [glance-direct,web-download,copy-image] #enabled_import_methods = [glance-direct,web-download,copy-image]
# DEPRECATED:
# Enforce API access based on common persona definitions used across OpenStack.
# Enabling this option formalizes project-specific read/write operations, like
# creating private images or updating the status of shared image, behind the
# `member` role. It also formalizes a read-only variant useful for
# project-specific API operations, like listing private images in a project,
# behind the `reader` role.
#
# Operators should take an opportunity to understand glance's new image
# policies,
# audit assignments in their deployment, and update permissions using the
# default
# roles in keystone (e.g., `admin`, `member`, and `reader`).
#
# Related options:
# * [oslo_policy]/enforce_new_defaults
# (boolean value)
# This option is deprecated for removal since Wallaby.
# Its value may be silently ignored in the future.
# Reason:
# This option has been introduced to require operators to opt into enforcing
# authorization based on common RBAC personas, which is EXPERIMENTAL as of the
# Wallaby release. This behavior will be the default and STABLE in a future
# release, allowing this option to be removed.
#enforce_secure_rbac = false
# #
# The URL to this worker. # The URL to this worker.
# #
@ -789,6 +763,11 @@
# (string value) # (string value)
#mysql_sql_mode = TRADITIONAL #mysql_sql_mode = TRADITIONAL
# For Galera only, configure wsrep_sync_wait causality checks on new
# connections. Default is None, meaning don't configure any setting. (integer
# value)
#mysql_wsrep_sync_wait = <None>
# DEPRECATED: If True, transparently enables support for handling MySQL Cluster # DEPRECATED: If True, transparently enables support for handling MySQL Cluster
# (NDB). (boolean value) # (NDB). (boolean value)
# This option is deprecated for removal since 12.1.0. # This option is deprecated for removal since 12.1.0.
@ -1654,6 +1633,22 @@
# (string value) # (string value)
#s3_store_host = <None> #s3_store_host = <None>
#
# The S3 region name.
#
# This parameter will set the region_name used by boto.
# If this parameter is not set, we we will try to compute it from the
# s3_store_host.
#
# Possible values:
# * A valid region name
#
# Related Options:
# * s3_store_host
#
# (string value)
#s3_store_region_name =
# #
# The S3 query token access key. # The S3 query token access key.
# #
@ -2581,7 +2576,7 @@
# ``InvalidScope`` exception will be raised. If ``False``, a message will be # ``InvalidScope`` exception will be raised. If ``False``, a message will be
# logged informing operators that policies are being invoked with mismatching # logged informing operators that policies are being invoked with mismatching
# scope. (boolean value) # scope. (boolean value)
#enforce_scope = false #enforce_scope = true
# This option controls whether or not to use old deprecated defaults when # This option controls whether or not to use old deprecated defaults when
# evaluating policies. If ``True``, the old deprecated defaults are not going to # evaluating policies. If ``True``, the old deprecated defaults are not going to
@ -2592,7 +2587,7 @@
# deprecated policy check string is logically OR'd with the new policy check # deprecated policy check string is logically OR'd with the new policy check
# string, allowing for a graceful upgrade experience between releases with new # string, allowing for a graceful upgrade experience between releases with new
# policies, which is the default behavior. (boolean value) # policies, which is the default behavior. (boolean value)
#enforce_new_defaults = false #enforce_new_defaults = true
# The relative or absolute path of a file that maps roles to permissions for a # The relative or absolute path of a file that maps roles to permissions for a
# given service. Relative paths must be specified in relation to the # given service. Relative paths must be specified in relation to the