diff --git a/doc/common/samples/manila.conf.sample b/doc/common/samples/manila.conf.sample new file mode 100644 index 0000000000..6d2ece1a53 --- /dev/null +++ b/doc/common/samples/manila.conf.sample @@ -0,0 +1,1895 @@ +[DEFAULT] + +# +# From manila +# + +# The maximum number of items returned in a single response from a +# collection resource. (integer value) +#osapi_max_limit = 1000 + +# Base URL to be presented to users in links to the Share API (string +# value) +#osapi_share_base_URL = + +# Treat X-Forwarded-For as the canonical remote address. Only enable +# this if you have a sanitizing proxy. (boolean value) +#use_forwarded_for = false + +# File name for the paste.deploy config for manila-api. (string value) +#api_paste_config = api-paste.ini + +# Top-level directory for maintaining manila's state. (string value) +#state_path = /var/lib/manila + +# IP address of this host. (string value) +#my_ip = 16.93.118.243 + +# The topic scheduler nodes listen on. (string value) +#scheduler_topic = manila-scheduler + +# The topic share nodes listen on. (string value) +#share_topic = manila-share + +# Deploy v1 of the Manila API. This option is deprecated, is not used, +# and will be removed in a future release. (boolean value) +#enable_v1_api = false + +# Deploy v2 of the Manila API. This option is deprecated, is not used, +# and will be removed in a future release. (boolean value) +#enable_v2_api = false + +# Whether to rate limit the API. (boolean value) +#api_rate_limit = true + +# Specify list of extensions to load when using osapi_share_extension +# option with manila.api.contrib.select_extensions. (list value) +#osapi_share_ext_list = + +# The osapi share extension to load. (multi valued) +#osapi_share_extension = manila.api.contrib.standard_extensions + +# The filename to use with sqlite. (string value) +#sqlite_db = manila.sqlite + +# If passed, use synchronous mode for sqlite. (boolean value) +#sqlite_synchronous = true + +# Timeout before idle SQL connections are reaped. (integer value) +#sql_idle_timeout = 3600 + +# Maximum database connection retries during startup. (setting -1 +# implies an infinite retry count). (integer value) +#sql_max_retries = 10 + +# Interval between retries of opening a SQL connection. (integer +# value) +#sql_retry_interval = 10 + +# Full class name for the scheduler manager. (string value) +#scheduler_manager = manila.scheduler.manager.SchedulerManager + +# Full class name for the share manager. (string value) +#share_manager = manila.share.manager.ShareManager + +# Name of this node. This can be an opaque identifier. It is not +# necessarily a hostname, FQDN, or IP address. (string value) +#host = markstur + +# Availability zone of this node. (string value) +#storage_availability_zone = nova + +# Default share type to use. (string value) +#default_share_type = + +# Memcached servers or None for in process cache. (list value) +#memcached_servers = + +# Time period to generate share usages for. Time period must be hour, +# day, month or year. (string value) +#share_usage_audit_period = month + +# Deprecated: command to use for running commands as root. (string +# value) +#root_helper = sudo + +# Path to the rootwrap configuration file to use for running commands +# as root. (string value) +#rootwrap_config = + +# Whether to log monkey patching. (boolean value) +#monkey_patch = false + +# List of modules or decorators to monkey patch. (list value) +#monkey_patch_modules = + +# Maximum time since last check-in for up service. (integer value) +#service_down_time = 60 + +# The full class name of the share API class to use. (string value) +#share_api_class = manila.share.api.API + +# The strategy to use for auth. Supports noauth, keystone, and +# deprecated. (string value) +#auth_strategy = keystone + +# A list of share backend names to use. These backend names should be +# backed by a unique [CONFIG] group with its options. (list value) +#enabled_share_backends = + +# Specify list of protocols to be allowed for share creation. +# Available values are '('NFS', 'CIFS', 'GLUSTERFS', 'HDFS')' (list +# value) +#enabled_share_protocols = NFS,CIFS + +# The full class name of the Compute API class to use. (string value) +#compute_api_class = manila.compute.nova.API + +# Info to match when looking for nova in the service catalog. Format +# is separated values of the form: +# :: (string value) +#nova_catalog_info = compute:nova:publicURL + +# Same as nova_catalog_info, but for admin endpoint. (string value) +#nova_catalog_admin_info = compute:nova:adminURL + +# Region name of this node. (string value) +#os_region_name = + +# Location of CA certificates file to use for nova client requests. +# (string value) +#nova_ca_certificates_file = + +# Allow to perform insecure SSL requests to nova. (boolean value) +#nova_api_insecure = false + +# Nova admin username. (string value) +#nova_admin_username = nova + +# Nova admin password. (string value) +#nova_admin_password = + +# Nova admin tenant name. (string value) +#nova_admin_tenant_name = service + +# Identity service URL. (string value) +#nova_admin_auth_url = http://localhost:5000/v2.0 + +# Version of Nova API to be used. (string value) +#nova_api_microversion = 2.10 + +# The backend to use for database. (string value) +#db_backend = sqlalchemy + +# Services to be added to the available pool on create. (boolean +# value) +#enable_new_services = true + +# Template string to be used to generate share names. (string value) +#share_name_template = share-%s + +# Template string to be used to generate share snapshot names. (string +# value) +#share_snapshot_name_template = share-snapshot-%s + +# Driver to use for database access. (string value) +#db_driver = manila.db + +# Whether to make exception message format errors fatal. (boolean +# value) +#fatal_exception_format_errors = false + +# Name of Open vSwitch bridge to use. (string value) +#ovs_integration_bridge = br-int + +# The full class name of the Networking API class to use. (string +# value) +# Deprecated group/name - [DEFAULT]/network_api_class +#network_api_class = manila.network.neutron.neutron_network_plugin.NeutronNetworkPlugin + +# URL for connecting to neutron. (string value) +# Deprecated group/name - [DEFAULT]/neutron_url +#neutron_url = http://127.0.0.1:9696 + +# Timeout value for connecting to neutron in seconds. (integer value) +# Deprecated group/name - [DEFAULT]/neutron_url_timeout +#neutron_url_timeout = 30 + +# Username for connecting to neutron in admin context. (string value) +# Deprecated group/name - [DEFAULT]/neutron_admin_username +#neutron_admin_username = neutron + +# Password for connecting to neutron in admin context. (string value) +# Deprecated group/name - [DEFAULT]/neutron_admin_password +#neutron_admin_password = + +# Project name for connecting to Neutron in admin context. (string +# value) +# Deprecated group/name - [DEFAULT]/neutron_admin_tenant_name +#neutron_admin_project_name = service + +# Auth URL for connecting to neutron in admin context. (string value) +# Deprecated group/name - [DEFAULT]/neutron_admin_auth_url +#neutron_admin_auth_url = http://localhost:5000/v2.0 + +# If set, ignore any SSL validation issues. (boolean value) +# Deprecated group/name - [DEFAULT]/neutron_api_insecure +#neutron_api_insecure = false + +# Auth strategy for connecting to neutron in admin context. (string +# value) +# Deprecated group/name - [DEFAULT]/neutron_auth_strategy +#neutron_auth_strategy = keystone + +# Location of CA certificates file to use for neutron client requests. +# (string value) +# Deprecated group/name - [DEFAULT]/neutron_ca_certificates_file +#neutron_ca_certificates_file = + +# Default Neutron network that will be used for share server creation. +# This opt is used only with class 'NeutronSingleNetworkPlugin'. +# (string value) +# Deprecated group/name - [DEFAULT]/neutron_net_id +#neutron_net_id = + +# Default Neutron subnet that will be used for share server creation. +# Should be assigned to network defined in opt 'neutron_net_id'. This +# opt is used only with class 'NeutronSingleNetworkPlugin'. (string +# value) +# Deprecated group/name - [DEFAULT]/neutron_subnet_id +#neutron_subnet_id = + +# Default Nova network that will be used for share servers. This opt +# is used only with class 'NovaSingleNetworkPlugin'. (string value) +# Deprecated group/name - [DEFAULT]/nova_single_network_plugin_net_id +#nova_single_network_plugin_net_id = + +# Gateway IPv4 address that should be used. Required. (string value) +# Deprecated group/name - [DEFAULT]/standalone_network_plugin_gateway +#standalone_network_plugin_gateway = + +# Network mask that will be used. Can be either decimal like '24' or +# binary like '255.255.255.0'. Required. (string value) +# Deprecated group/name - [DEFAULT]/standalone_network_plugin_mask +#standalone_network_plugin_mask = + +# Set it if network has segmentation (VLAN, VXLAN, etc...). It will be +# assigned to share-network and share drivers will be able to use this +# for network interfaces within provisioned share servers. Optional. +# Example: 1001 (string value) +# Deprecated group/name - [DEFAULT]/standalone_network_plugin_segmentation_id +#standalone_network_plugin_segmentation_id = + +# Can be IP address, range of IP addresses or list of addresses or +# ranges. Contains addresses from IP network that are allowed to be +# used. If empty, then will be assumed that all host addresses from +# network can be used. Optional. Examples: 10.0.0.10 or +# 10.0.0.10-10.0.0.20 or +# 10.0.0.10-10.0.0.20,10.0.0.30-10.0.0.40,10.0.0.50 (list value) +# Deprecated group/name - [DEFAULT]/standalone_network_plugin_allowed_ip_ranges +#standalone_network_plugin_allowed_ip_ranges = + +# IP version of network. Optional.Allowed values are '4' and '6'. +# Default value is '4'. (integer value) +# Deprecated group/name - [DEFAULT]/standalone_network_plugin_ip_version +#standalone_network_plugin_ip_version = 4 + +# Number of shares allowed per project. (integer value) +#quota_shares = 50 + +# Number of share snapshots allowed per project. (integer value) +#quota_snapshots = 50 + +# Number of share gigabytes allowed per project. (integer value) +#quota_gigabytes = 1000 + +# Number of snapshot gigabytes allowed per project. (integer value) +#quota_snapshot_gigabytes = 1000 + +# Number of share-networks allowed per project. (integer value) +#quota_share_networks = 10 + +# Number of seconds until a reservation expires. (integer value) +#reservation_expire = 86400 + +# Count of reservations until usage is refreshed. (integer value) +#until_refresh = 0 + +# Number of seconds between subsequent usage refreshes. (integer +# value) +#max_age = 0 + +# Default driver to use for quota checks. (string value) +#quota_driver = manila.quota.DbQuotaDriver + +# The scheduler host manager class to use. (string value) +#scheduler_host_manager = manila.scheduler.host_manager.HostManager + +# Maximum number of attempts to schedule a share. (integer value) +#scheduler_max_attempts = 3 + +# Which filter class names to use for filtering hosts when not +# specified in the request. (list value) +#scheduler_default_filters = AvailabilityZoneFilter,CapacityFilter,CapabilitiesFilter,ConsistencyGroupFilter + +# Which weigher class names to use for weighing hosts. (list value) +#scheduler_default_weighers = CapacityWeigher + +# Default scheduler driver to use. (string value) +#scheduler_driver = manila.scheduler.filter_scheduler.FilterScheduler + +# Absolute path to scheduler configuration JSON file. (string value) +#scheduler_json_config_location = + +# Maximum number of volume gigabytes to allow per host. (integer +# value) +#max_gigabytes = 10000 + +# Multiplier used for weighing share capacity. Negative numbers mean +# to stack vs spread. (floating point value) +#capacity_weight_multiplier = 1.0 + +# Multiplier used for weighing pools which have existing share +# servers. Negative numbers mean to spread vs stack. (floating point +# value) +#pool_weight_multiplier = 1.0 + +# Seconds between nodes reporting state to datastore. (integer value) +#report_interval = 10 + +# Seconds between running periodic tasks. (integer value) +#periodic_interval = 60 + +# Range of seconds to randomly delay when starting the periodic task +# scheduler to reduce stampeding. (Disable by setting to 0) (integer +# value) +#periodic_fuzzy_delay = 60 + +# IP address for OpenStack Share API to listen on. (string value) +#osapi_share_listen = :: + +# Port for OpenStack Share API to listen on. (integer value) +#osapi_share_listen_port = 8786 + +# Number of workers for OpenStack Share API service. (integer value) +#osapi_share_workers = 1 + +# If set to False, then share creation from snapshot will be performed +# on the same host. If set to True, then scheduling step will be used. +# (boolean value) +#use_scheduler_creating_share_from_snapshot = false + +# Directory where Ganesha config files are stored. (string value) +#ganesha_config_dir = /etc/ganesha + +# Path to main Ganesha config file. (string value) +#ganesha_config_path = $ganesha_config_dir/ganesha.conf + +# Name of the ganesha nfs service. (string value) +#ganesha_service_name = ganesha.nfsd + +# Location of Ganesha database file. (Ganesha module only.) (string +# value) +#ganesha_db_path = $state_path/manila-ganesha.db + +# Path to directory containing Ganesha export configuration. (Ganesha +# module only.) (string value) +#ganesha_export_dir = $ganesha_config_dir/export.d + +# Path to directory containing Ganesha export block templates. +# (Ganesha module only.) (string value) +#ganesha_export_template_dir = /etc/manila/ganesha-export-templ.d + +# Number of times to attempt to run flakey shell commands. (integer +# value) +#num_shell_tries = 3 + +# The percentage of backend capacity reserved. (integer value) +#reserved_share_percentage = 0 + +# The backend name for a given driver implementation. (string value) +#share_backend_name = + +# Name of the configuration group in the Manila conf file to look for +# network config options.If not set, the share backend's config group +# will be used.If an option is not found within provided group, +# then'DEFAULT' group will be used for search of option. (string +# value) +#network_config_group = + +# There are two possible approaches for share drivers in Manila. First +# is when share driver is able to handle share-servers and second when +# not. Drivers can support either both or only one of these +# approaches. So, set this opt to True if share driver is able to +# handle share servers and it is desired mode else set False. It is +# set to None by default to make this choice intentional. (boolean +# value) +#driver_handles_share_servers = + +# Float representation of the over subscription ratio when thin +# provisioning is involved. Default ratio is 20.0, meaning provisioned +# capacity can be 20 times the total physical capacity. If the ratio +# is 10.5, it means provisioned capacity can be 10.5 times the total +# physical capacity. A ratio of 1.0 means provisioned capacity cannot +# exceed the total physical capacity. A ratio lower than 1.0 is +# invalid. (floating point value) +#max_over_subscription_ratio = 20.0 + +# Temporary path to create and mount shares during migration. (string +# value) +#migration_tmp_location = /tmp/ + +# List of files and folders to be ignored when migrating shares. Items +# should be names (not including any path). (list value) +#migration_ignore_files = lost+found + +# Time to wait for access rules to be allowed/denied on backends when +# migrating shares using generic approach (seconds). (integer value) +#migration_wait_access_rules_timeout = 90 + +# Timeout for creating and deleting share instances when performing +# share migration (seconds). (integer value) +#migration_create_delete_share_timeout = 300 + +# Backend IP in admin network to use for mounting shares during +# migration. (string value) +#migration_mounting_backend_ip = + +# The IP of the node responsible for copying data during migration, +# such as the data copy service node, reachable by the backend. +# (string value) +#migration_data_copy_node_ip = + +# The command for mounting shares for this backend. Must specifythe +# executable and all necessary parameters for the protocol supported. +# It is advisable to separate protocols per backend. (string value) +#migration_protocol_mount_command = + +# Specify whether read only access mode is supported in thisbackend. +# (boolean value) +#migration_readonly_support = true + +# Backend server SSH connection timeout. (integer value) +#ssh_conn_timeout = 60 + +# Minimum number of connections in the SSH pool. (integer value) +#ssh_min_pool_conn = 1 + +# Maximum number of connections in the SSH pool. (integer value) +#ssh_max_pool_conn = 10 + +# The full class name of the Private Data Driver class to use. (string +# value) +#drivers_private_storage_class = manila.share.drivers_private_data.SqlStorageDriver + +# User name for the EMC server. (string value) +#emc_nas_login = + +# Password for the EMC server. (string value) +#emc_nas_password = + +# EMC server hostname or IP address. (string value) +#emc_nas_server = + +# Port number for the EMC server. (integer value) +#emc_nas_server_port = 8080 + +# Use secure connection to server. (boolean value) +#emc_nas_server_secure = true + +# Share backend. (string value) +#emc_share_backend = + +# Container of share servers. (string value) +#emc_nas_server_container = server_2 + +# EMC pool name. (string value) +#emc_nas_pool_name = + +# The root directory where shares will be located. (string value) +#emc_nas_root_dir = + +# Path to smb config. (string value) +#smb_template_config_path = $state_path/smb.conf + +# Volume name template. (string value) +#volume_name_template = manila-share-%s + +# Volume snapshot name template. (string value) +#volume_snapshot_name_template = manila-snapshot-%s + +# Parent path in service instance where shares will be mounted. +# (string value) +#share_mount_path = /shares + +# Maximum time to wait for creating cinder volume. (integer value) +#max_time_to_create_volume = 180 + +# Maximum time to wait for extending cinder volume. (integer value) +#max_time_to_extend_volume = 180 + +# Maximum time to wait for attaching cinder volume. (integer value) +#max_time_to_attach = 120 + +# Path to SMB config in service instance. (string value) +#service_instance_smb_config_path = $share_mount_path/smb.conf + +# Specify list of share export helpers. (list value) +#share_helpers = CIFS=manila.share.drivers.generic.CIFSHelper,NFS=manila.share.drivers.generic.NFSHelper + +# Filesystem type of the share volume. (string value) +# Allowed values: ext4, ext3 +#share_volume_fstype = ext4 + +# Name or id of cinder volume type which will be used for all volumes +# created by driver. (string value) +#cinder_volume_type = + +# Type of NFS server that mediate access to the Gluster volumes +# (Gluster or Ganesha). (string value) +#glusterfs_nfs_server_type = Gluster + +# Remote Ganesha server node's IP address. (string value) +#glusterfs_ganesha_server_ip = + +# Remote Ganesha server node's username. (string value) +#glusterfs_ganesha_server_username = root + +# Remote Ganesha server node's login password. This is not required if +# 'glusterfs_path_to_private_key' is configured. (string value) +#glusterfs_ganesha_server_password = + +# Specifies GlusterFS share layout, that is, the method of associating +# backing GlusterFS resources to shares. (string value) +#glusterfs_share_layout = + +# Specifies the GlusterFS volume to be mounted on the Manila host. It +# is of the form [remoteuser@]:. (string value) +#glusterfs_target = + +# Base directory containing mount points for Gluster volumes. (string +# value) +#glusterfs_mount_point_base = $state_path/mnt + +# Remote GlusterFS server node's login password. This is not required +# if 'glusterfs_path_to_private_key' is configured. (string value) +#glusterfs_server_password = + +# Path of Manila host's private SSH key file. (string value) +#glusterfs_path_to_private_key = + +# List of GlusterFS servers that can be used to create shares. Each +# GlusterFS server should be of the form [remoteuser@], and +# they are assumed to belong to distinct Gluster clusters. (list +# value) +# Deprecated group/name - [DEFAULT]/glusterfs_targets +#glusterfs_servers = + +# Remote GlusterFS server node's login password. This is not required +# if 'glusterfs_native_path_to_private_key' is configured. (string +# value) +#glusterfs_native_server_password = + +# Path of Manila host's private SSH key file. (string value) +#glusterfs_native_path_to_private_key = + +# Regular expression template used to filter GlusterFS volumes for +# share creation. The regex template can optionally (ie. with support +# of the GlusterFS backend) contain the #{size} parameter which +# matches an integer (sequence of digits) in which case the value +# shall be interpreted as size of the volume in GB. Examples: "manila- +# share-volume-\d+$", "manila-share-volume-#{size}G-\d+$"; with +# matching volume names, respectively: "manila-share-volume-12", +# "manila-share-volume-3G-13". In latter example, the number that +# matches "#{size}", that is, 3, is an indication that the size of +# volume is 3G. (string value) +#glusterfs_volume_pattern = + +# The IP of the HDFS namenode. (string value) +#hdfs_namenode_ip = + +# The port of HDFS namenode service. (integer value) +#hdfs_namenode_port = 9000 + +# HDFS namenode SSH port. (integer value) +#hdfs_ssh_port = 22 + +# HDFS namenode ssh login name. (string value) +#hdfs_ssh_name = + +# HDFS namenode SSH login password, This parameter is not necessary, +# if 'hdfs_ssh_private_key' is configured. (string value) +#hdfs_ssh_pw = + +# Path to HDFS namenode SSH private key for login. (string value) +#hdfs_ssh_private_key = + +# HNAS management interface IP for communication between Manila +# controller and HNAS. (string value) +#hds_hnas_ip = + +# HNAS username Base64 String in order to perform tasks such as create +# file-systems and network interfaces. (string value) +#hds_hnas_user = + +# HNAS user password. Required only if private key is not provided. +# (string value) +#hds_hnas_password = + +# Specify which EVS this backend is assigned to. (string value) +#hds_hnas_evs_id = + +# Specify IP for mounting shares. (string value) +#hds_hnas_evs_ip = + +# Specify file-system name for creating shares. (string value) +#hds_hnas_file_system_name = + +# RSA/DSA private key value used to connect into HNAS. Required only +# if password is not provided. (string value) +#hds_hnas_ssh_private_key = + +# The IP of the clusters admin node. Only set in HNAS multinode +# clusters. (string value) +#hds_hnas_cluster_admin_ip0 = + +# The time (in seconds) to wait for stalled HNAS jobs before aborting. +# (integer value) +#hds_hnas_stalled_job_timeout = 30 + +# 3PAR WSAPI Server Url like https://<3par ip>:8080/api/v1 (string +# value) +#hp3par_api_url = + +# 3PAR username with the 'edit' role (string value) +#hp3par_username = + +# 3PAR password for the user specified in hp3par_username (string +# value) +#hp3par_password = + +# IP address of SAN controller (string value) +#hp3par_san_ip = + +# Username for SAN controller (string value) +#hp3par_san_login = + +# Password for SAN controller (string value) +#hp3par_san_password = + +# SSH port to use with SAN (integer value) +#hp3par_san_ssh_port = 22 + +# The File Provisioning Group (FPG) to use (string value) +#hp3par_fpg = OpenStack + +# The IP address for shares not using a share server (string value) +#hp3par_share_ip_address = + +# Use one filestore per share (boolean value) +#hp3par_fstore_per_share = false + +# Enable HTTP debugging to 3PAR (boolean value) +#hp3par_debug = false + +# The configuration file for the Manila Huawei driver. (string value) +#manila_huawei_conf_file = /etc/manila/manila_huawei_conf.xml + +# The storage family type used on the storage system; valid values +# include ontap_cluster for using clustered Data ONTAP. (string value) +#netapp_storage_family = ontap_cluster + +# The hostname (or IP address) for the storage system. (string value) +# Deprecated group/name - [DEFAULT]/netapp_nas_server_hostname +#netapp_server_hostname = + +# The TCP port to use for communication with the storage system or +# proxy server. If not specified, Data ONTAP drivers will use 80 for +# HTTP and 443 for HTTPS. (integer value) +#netapp_server_port = + +# The transport protocol used when communicating with the storage +# system or proxy server. Valid values are http or https. (string +# value) +# Deprecated group/name - [DEFAULT]/netapp_nas_transport_type +#netapp_transport_type = http + +# Administrative user account name used to access the storage system. +# (string value) +# Deprecated group/name - [DEFAULT]/netapp_nas_login +#netapp_login = + +# Password for the administrative user account specified in the +# netapp_login option. (string value) +# Deprecated group/name - [DEFAULT]/netapp_nas_password +#netapp_password = + +# NetApp volume name template. (string value) +# Deprecated group/name - [DEFAULT]/netapp_nas_volume_name_template +#netapp_volume_name_template = share_%(share_id)s + +# Name template to use for new Vserver. (string value) +#netapp_vserver_name_template = os_%s + +# Pattern for overriding the selection of network ports on which to +# create Vserver LIFs. (string value) +#netapp_port_name_search_pattern = (.*) + +# Logical interface (LIF) name template (string value) +#netapp_lif_name_template = os_%(net_allocation_id)s + +# Pattern for searching available aggregates for provisioning. (string +# value) +#netapp_aggregate_name_search_pattern = (.*) + +# Name of aggregate to create Vserver root volumes on. This option +# only applies when the option driver_handles_share_servers is set to +# True. (string value) +#netapp_root_volume_aggregate = + +# Root volume name. (string value) +# Deprecated group/name - [DEFAULT]/netapp_root_volume_name +#netapp_root_volume = root + +# URL of the Quobyte API server (http or https) (string value) +#quobyte_api_url = + +# The X.509 CA file to verify the server cert. (string value) +#quobyte_api_ca = + +# Actually deletes shares (vs. unexport) (boolean value) +#quobyte_delete_shares = false + +# Username for Quobyte API server. (string value) +#quobyte_api_username = admin + +# Password for Quobyte API server (string value) +#quobyte_api_password = quobyte + +# Name of volume configuration used for new shares. (string value) +#quobyte_volume_configuration = BASE + +# Default owning user for new volumes. (string value) +#quobyte_default_volume_user = root + +# Default owning group for new volumes. (string value) +#quobyte_default_volume_group = root + +# User in service instance that will be used for authentication. +# (string value) +#service_instance_user = + +# Password for service instance user. (string value) +#service_instance_password = + +# Path to host's private key. (string value) +#path_to_private_key = ~/.ssh/id_rsa + +# Maximum time in seconds to wait for creating service instance. +# (integer value) +#max_time_to_build_instance = 300 + +# Name or ID of service instance in Nova to use for share exports. +# Used only when share servers handling is disabled. (string value) +#service_instance_name_or_id = + +# Can be either name of network that is used by service instance +# within Nova to get IP address or IP address itself for managing +# shares there. Used only when share servers handling is disabled. +# (string value) +#service_net_name_or_ip = + +# Can be either name of network that is used by service instance +# within Nova to get IP address or IP address itself for exporting +# shares. Used only when share servers handling is disabled. (string +# value) +#tenant_net_name_or_ip = + +# Name of image in Glance, that will be used for service instance +# creation. (string value) +#service_image_name = manila-service-image + +# Name of service instance. (string value) +#service_instance_name_template = manila_service_instance_%s + +# Keypair name that will be created and used for service instances. +# (string value) +#manila_service_keypair_name = manila-service + +# Path to hosts public key. (string value) +#path_to_public_key = ~/.ssh/id_rsa.pub + +# Security group name, that will be used for service instance +# creation. (string value) +#service_instance_security_group = manila-service + +# ID of flavor, that will be used for service instance creation. +# (integer value) +#service_instance_flavor_id = 100 + +# Name of manila service network. Used only with Neutron. (string +# value) +#service_network_name = manila_service_network + +# CIDR of manila service network. Used only with Neutron. (string +# value) +#service_network_cidr = 10.254.0.0/16 + +# This mask is used for dividing service network into subnets, IP +# capacity of subnet with this mask directly defines possible amount +# of created service VMs per tenant's subnet. Used only with Neutron. +# (integer value) +#service_network_division_mask = 28 + +# Vif driver. Used only with Neutron. (string value) +#interface_driver = manila.network.linux.interface.OVSInterfaceDriver + +# Attach share server directly to share network. Used only with +# Neutron. (boolean value) +#connect_share_server_to_tenant_network = false + +# Allowed values are ['nova', 'neutron']. (string value) +#service_instance_network_helper_type = neutron + +# Path to the x509 certificate used for accessing the serviceinstance. +# (string value) +#winrm_cert_pem_path = ~/.ssl/cert.pem + +# Path to the x509 certificate key. (string value) +#winrm_cert_key_pem_path = ~/.ssl/key.pem + +# Use x509 certificates in order to authenticate to theservice +# instance. (boolean value) +#winrm_use_cert_based_auth = false + +# WinRM connection timeout. (integer value) +#winrm_conn_timeout = 60 + +# WinRM operation timeout. (integer value) +#winrm_operation_timeout = 60 + +# WinRM retry count. (integer value) +#winrm_retry_count = 3 + +# WinRM retry interval in seconds (integer value) +#winrm_retry_interval = 5 + +# ZFSSA management IP address. (string value) +#zfssa_host = + +# IP address for data. (string value) +#zfssa_data_ip = + +# ZFSSA management authorized username. (string value) +#zfssa_auth_user = + +# ZFSSA management authorized userpassword. (string value) +#zfssa_auth_password = + +# ZFSSA storage pool name. (string value) +#zfssa_pool = + +# ZFSSA project name. (string value) +#zfssa_project = + +# Controls checksum used for data blocks. (string value) +#zfssa_nas_checksum = fletcher4 + +# Data compression-off, lzjb, gzip-2, gzip, gzip-9. (string value) +#zfssa_nas_compression = off + +# Controls behavior when servicing synchronous writes. (string value) +#zfssa_nas_logbias = latency + +# Location of project in ZFS/SA. (string value) +#zfssa_nas_mountpoint = + +# Controls whether a share quota includes snapshot. (string value) +#zfssa_nas_quota_snap = true + +# Controls whether file ownership can be changed. (string value) +#zfssa_nas_rstchown = true + +# Controls whether the share is scanned for viruses. (string value) +#zfssa_nas_vscan = false + +# REST connection timeout (in seconds). (string value) +#zfssa_rest_timeout = + +# Whether to enable pre hooks or not. (boolean value) +# Deprecated group/name - [DEFAULT]/enable_pre_hooks +#enable_pre_hooks = false + +# Whether to enable post hooks or not. (boolean value) +# Deprecated group/name - [DEFAULT]/enable_post_hooks +#enable_post_hooks = false + +# Whether to enable periodic hooks or not. (boolean value) +# Deprecated group/name - [DEFAULT]/enable_periodic_hooks +#enable_periodic_hooks = false + +# Whether to suppress pre hook errors (allow driver perform actions) +# or not. (boolean value) +# Deprecated group/name - [DEFAULT]/suppress_pre_hooks_errors +#suppress_pre_hooks_errors = false + +# Whether to suppress post hook errors (allow driver's results to pass +# through) or not. (boolean value) +# Deprecated group/name - [DEFAULT]/suppress_post_hooks_errors +#suppress_post_hooks_errors = false + +# Interval in seconds between execution of periodic hooks. Used when +# option 'enable_periodic_hooks' is set to True. Default is 300. +# (floating point value) +# Deprecated group/name - [DEFAULT]/periodic_hooks_interval +#periodic_hooks_interval = 300.0 + +# Driver to use for share creation. (string value) +#share_driver = manila.share.drivers.generic.GenericShareDriver + +# Driver(s) to perform some additional actions before and after share +# driver actions and on a periodic basis. Default is []. (list value) +# Deprecated group/name - [DEFAULT]/hook_drivers +#hook_drivers = + +# Whether share servers will be deleted on deletion of the last share. +# (boolean value) +#delete_share_server_with_last_share = false + +# If set to True, then manila will deny access and remove all access +# rules on share unmanage.If set to False - nothing will be changed. +# (boolean value) +#unmanage_remove_access_rules = false + +# If set to True, then Manila will delete all share servers which were +# unused more than specified time .If set to False - automatic +# deletion of share servers will be disabled. (boolean value) +# Deprecated group/name - [DEFAULT]/automatic_share_server_cleanup +#automatic_share_server_cleanup = true + +# Unallocated share servers reclamation time interval (minutes). +# Minimum value is 10 minutes, maximum is 60 minutes. The reclamation +# function is run every 10 minutes and delete share servers which were +# unused more than unused_share_server_cleanup_interval option +# defines. This value reflects the shortest time Manila will wait for +# a share server to go unutilized before deleting it. (integer value) +# Deprecated group/name - [DEFAULT]/unused_share_server_cleanup_interval +#unused_share_server_cleanup_interval = 10 + +# The full class name of the Volume API class to use. (string value) +#volume_api_class = manila.volume.cinder.API + +# Info to match when looking for cinder in the service catalog. Format +# is separated values of the form: +# :: (string value) +#cinder_catalog_info = volume:cinder:publicURL + +# Region name of this node. (string value) +#os_region_name = + +# Location of CA certificates file to use for cinder client requests. +# (string value) +#cinder_ca_certificates_file = + +# Number of cinderclient retries on failed HTTP calls. (integer value) +#cinder_http_retries = 3 + +# Allow to perform insecure SSL requests to cinder. (boolean value) +#cinder_api_insecure = false + +# Allow attaching between instances and volumes in different +# availability zones. (boolean value) +#cinder_cross_az_attach = true + +# Cinder admin username. (string value) +#cinder_admin_username = cinder + +# Cinder admin password. (string value) +#cinder_admin_password = + +# Cinder admin tenant name. (string value) +#cinder_admin_tenant_name = service + +# Identity service URL. (string value) +#cinder_admin_auth_url = http://localhost:5000/v2.0 + +# Maximum line size of message headers to be accepted. Option +# max_header_line may need to be increased when using large tokens +# (typically those generated by the Keystone v3 API with big service +# catalogs). (integer value) +#max_header_line = 16384 + +# Timeout for client connections socket operations. If an incoming +# connection is idle for this number of seconds it will be closed. A +# value of '0' means wait forever. (integer value) +#client_socket_timeout = 900 + +# If False, closes the client socket connection explicitly. Setting it +# to True to maintain backward compatibility. Recommended setting is +# set it to False. (boolean value) +#wsgi_keep_alive = true + +# Number of backlog requests to configure the socket with. (integer +# value) +#backlog = 4096 + +# Sets the value of TCP_KEEPALIVE (True/False) for each server socket. +# (boolean value) +#tcp_keepalive = true + +# Sets the value of TCP_KEEPIDLE in seconds for each server socket. +# Not supported on OS X. (integer value) +#tcp_keepidle = 600 + +# Sets the value of TCP_KEEPINTVL in seconds for each server socket. +# Not supported on OS X. (integer value) +#tcp_keepalive_interval = + +# Sets the value of TCP_KEEPCNT for each server socket. Not supported +# on OS X. (integer value) +#tcp_keepalive_count = + +# CA certificate file to use to verify connecting clients. (string +# value) +#ssl_ca_file = + +# Certificate file to use when starting the server securely. (string +# value) +#ssl_cert_file = + +# Private key file to use when starting the server securely. (string +# value) +#ssl_key_file = + +# +# From manila +# + +# Print debugging output (set logging level to DEBUG instead of +# default INFO level). (boolean value) +#debug = false + +# If set to false, will disable INFO logging level, making WARNING the +# default. (boolean value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#verbose = true + +# The name of a logging configuration file. This file is appended to +# any existing logging configuration files. For details about logging +# configuration files, see the Python logging module documentation. +# (string value) +# Deprecated group/name - [DEFAULT]/log_config +#log_config_append = + +# DEPRECATED. A logging.Formatter log message format string which may +# use any of the available logging.LogRecord attributes. This option +# is deprecated. Please use logging_context_format_string and +# logging_default_format_string instead. (string value) +#log_format = + +# Format string for %%(asctime)s in log records. Default: %(default)s +# . (string value) +#log_date_format = %Y-%m-%d %H:%M:%S + +# (Optional) Name of log file to output to. If no default is set, +# logging will go to stdout. (string value) +# Deprecated group/name - [DEFAULT]/logfile +#log_file = + +# (Optional) The base directory used for relative --log-file paths. +# (string value) +# Deprecated group/name - [DEFAULT]/logdir +#log_dir = + +# Use syslog for logging. Existing syslog format is DEPRECATED and +# will be changed later to honor RFC5424. (boolean value) +#use_syslog = false + +# (Optional) Enables or disables syslog rfc5424 format for logging. If +# enabled, prefixes the MSG part of the syslog message with APP-NAME +# (RFC5424). The format without the APP-NAME is deprecated in Kilo, +# and will be removed in Mitaka, along with this option. (boolean +# value) +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#use_syslog_rfc_format = true + +# Syslog facility to receive log lines. (string value) +#syslog_log_facility = LOG_USER + +# Log output to standard error. (boolean value) +#use_stderr = true + +# Format string to use for log messages with context. (string value) +#logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s + +# Format string to use for log messages without context. (string +# value) +#logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s + +# Data to append to log format when level is DEBUG. (string value) +#logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d + +# Prefix each line of exception output with this format. (string +# value) +#logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s + +# List of logger=LEVEL pairs. (list value) +#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN + +# Enables or disables publication of error events. (boolean value) +#publish_errors = false + +# The format for an instance that is passed with the log message. +# (string value) +#instance_format = "[instance: %(uuid)s] " + +# The format for an instance UUID that is passed with the log message. +# (string value) +#instance_uuid_format = "[instance: %(uuid)s] " + +# Enables or disables fatal status of deprecations. (boolean value) +#fatal_deprecations = false + +# +# From oslo.messaging +# + +# Size of RPC connection pool. (integer value) +# Deprecated group/name - [DEFAULT]/rpc_conn_pool_size +#rpc_conn_pool_size = 30 + +# ZeroMQ bind address. Should be a wildcard (*), an ethernet +# interface, or IP. The "host" option should point or resolve to this +# address. (string value) +#rpc_zmq_bind_address = * + +# MatchMaker driver. (string value) +#rpc_zmq_matchmaker = local + +# ZeroMQ receiver listening port. (integer value) +#rpc_zmq_port = 9501 + +# Number of ZeroMQ contexts, defaults to 1. (integer value) +#rpc_zmq_contexts = 1 + +# Maximum number of ingress messages to locally buffer per topic. +# Default is unlimited. (integer value) +#rpc_zmq_topic_backlog = + +# Directory for holding IPC sockets. (string value) +#rpc_zmq_ipc_dir = /var/run/openstack + +# Name of this node. Must be a valid hostname, FQDN, or IP address. +# Must match "host" option, if running Nova. (string value) +#rpc_zmq_host = localhost + +# Seconds to wait before a cast expires (TTL). Only supported by +# impl_zmq. (integer value) +#rpc_cast_timeout = 30 + +# Heartbeat frequency. (integer value) +#matchmaker_heartbeat_freq = 300 + +# Heartbeat time-to-live. (integer value) +#matchmaker_heartbeat_ttl = 600 + +# Size of executor thread pool. (integer value) +# Deprecated group/name - [DEFAULT]/rpc_thread_pool_size +#executor_thread_pool_size = 64 + +# The Drivers(s) to handle sending notifications. Possible values are +# messaging, messagingv2, routing, log, test, noop (multi valued) +#notification_driver = + +# AMQP topic used for OpenStack notifications. (list value) +# Deprecated group/name - [rpc_notifier2]/topics +#notification_topics = notifications + +# Seconds to wait for a response from a call. (integer value) +#rpc_response_timeout = 60 + +# A URL representing the messaging driver to use and its full +# configuration. If not set, we fall back to the rpc_backend option +# and driver specific configuration. (string value) +#transport_url = + +# The messaging driver to use, defaults to rabbit. Other drivers +# include qpid and zmq. (string value) +#rpc_backend = rabbit + +# The default exchange under which topics are scoped. May be +# overridden by an exchange name specified in the transport_url +# option. (string value) +#control_exchange = openstack + + +[cors] + +# +# From manila +# + +# Indicate whether this resource may be shared with the domain +# received in the requests "origin" header. (string value) +#allowed_origin = + +# Indicate that the actual request can include user credentials +# (boolean value) +#allow_credentials = true + +# Indicate which headers are safe to expose to the API. Defaults to +# HTTP Simple Headers. (list value) +#expose_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma + +# Maximum cache age of CORS preflight requests. (integer value) +#max_age = 3600 + +# Indicate which methods can be used during the actual request. (list +# value) +#allow_methods = GET,POST,PUT,DELETE,OPTIONS + +# Indicate which header field names may be used during the actual +# request. (list value) +#allow_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma + + +[cors.subdomain] + +# +# From manila +# + +# Indicate whether this resource may be shared with the domain +# received in the requests "origin" header. (string value) +#allowed_origin = + +# Indicate that the actual request can include user credentials +# (boolean value) +#allow_credentials = true + +# Indicate which headers are safe to expose to the API. Defaults to +# HTTP Simple Headers. (list value) +#expose_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma + +# Maximum cache age of CORS preflight requests. (integer value) +#max_age = 3600 + +# Indicate which methods can be used during the actual request. (list +# value) +#allow_methods = GET,POST,PUT,DELETE,OPTIONS + +# Indicate which header field names may be used during the actual +# request. (list value) +#allow_headers = Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma + + +[database] + +# +# From oslo.db +# + +# The file name to use with SQLite. (string value) +# Deprecated group/name - [DEFAULT]/sqlite_db +#sqlite_db = oslo.sqlite + +# If True, SQLite uses synchronous mode. (boolean value) +# Deprecated group/name - [DEFAULT]/sqlite_synchronous +#sqlite_synchronous = true + +# The back end to use for the database. (string value) +# Deprecated group/name - [DEFAULT]/db_backend +#backend = sqlalchemy + +# The SQLAlchemy connection string to use to connect to the database. +# (string value) +# Deprecated group/name - [DEFAULT]/sql_connection +# Deprecated group/name - [DATABASE]/sql_connection +# Deprecated group/name - [sql]/connection +#connection = + +# The SQLAlchemy connection string to use to connect to the slave +# database. (string value) +#slave_connection = + +# The SQL mode to be used for MySQL sessions. This option, including +# the default, overrides any server-set SQL mode. To use whatever SQL +# mode is set by the server configuration, set this to no value. +# Example: mysql_sql_mode= (string value) +#mysql_sql_mode = TRADITIONAL + +# Timeout before idle SQL connections are reaped. (integer value) +# Deprecated group/name - [DEFAULT]/sql_idle_timeout +# Deprecated group/name - [DATABASE]/sql_idle_timeout +# Deprecated group/name - [sql]/idle_timeout +#idle_timeout = 3600 + +# Minimum number of SQL connections to keep open in a pool. (integer +# value) +# Deprecated group/name - [DEFAULT]/sql_min_pool_size +# Deprecated group/name - [DATABASE]/sql_min_pool_size +#min_pool_size = 1 + +# Maximum number of SQL connections to keep open in a pool. (integer +# value) +# Deprecated group/name - [DEFAULT]/sql_max_pool_size +# Deprecated group/name - [DATABASE]/sql_max_pool_size +#max_pool_size = + +# Maximum number of database connection retries during startup. Set to +# -1 to specify an infinite retry count. (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_retries +# Deprecated group/name - [DATABASE]/sql_max_retries +#max_retries = 10 + +# Interval between retries of opening a SQL connection. (integer +# value) +# Deprecated group/name - [DEFAULT]/sql_retry_interval +# Deprecated group/name - [DATABASE]/reconnect_interval +#retry_interval = 10 + +# If set, use this value for max_overflow with SQLAlchemy. (integer +# value) +# Deprecated group/name - [DEFAULT]/sql_max_overflow +# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow +#max_overflow = + +# Verbosity of SQL debugging information: 0=None, 100=Everything. +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_connection_debug +#connection_debug = 0 + +# Add Python stack traces to SQL as comment strings. (boolean value) +# Deprecated group/name - [DEFAULT]/sql_connection_trace +#connection_trace = false + +# If set, use this value for pool_timeout with SQLAlchemy. (integer +# value) +# Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout +#pool_timeout = + +# Enable the experimental use of database reconnect on connection +# lost. (boolean value) +#use_db_reconnect = false + +# Seconds between retries of a database transaction. (integer value) +#db_retry_interval = 1 + +# If True, increases the interval between retries of a database +# operation up to db_max_retry_interval. (boolean value) +#db_inc_retry_interval = true + +# If db_inc_retry_interval is set, the maximum seconds between retries +# of a database operation. (integer value) +#db_max_retry_interval = 10 + +# Maximum retries in case of connection error or deadlock error before +# error is raised. Set to -1 to specify an infinite retry count. +# (integer value) +#db_max_retries = 20 + +# +# From oslo.db.concurrency +# + +# Enable the experimental use of thread pooling for all DB API calls +# (boolean value) +# Deprecated group/name - [DEFAULT]/dbapi_use_tpool +#use_tpool = false + + +[keystone_authtoken] + +# +# From keystonemiddleware.auth_token +# + +# Complete public Identity API endpoint. (string value) +#auth_uri = + +# API version of the admin Identity API endpoint. (string value) +#auth_version = + +# Do not handle authorization requests within the middleware, but +# delegate the authorization decision to downstream WSGI components. +# (boolean value) +#delay_auth_decision = false + +# Request timeout value for communicating with Identity API server. +# (integer value) +#http_connect_timeout = + +# How many times are we trying to reconnect when communicating with +# Identity API Server. (integer value) +#http_request_max_retries = 3 + +# Env key for the swift cache. (string value) +#cache = + +# Required if identity server requires client certificate (string +# value) +#certfile = + +# Required if identity server requires client certificate (string +# value) +#keyfile = + +# A PEM encoded Certificate Authority to use when verifying HTTPs +# connections. Defaults to system CAs. (string value) +#cafile = + +# Verify HTTPS connections. (boolean value) +#insecure = false + +# The region in which the identity server can be found. (string value) +#region_name = + +# Directory used to cache files related to PKI tokens. (string value) +#signing_dir = + +# Optionally specify a list of memcached server(s) to use for caching. +# If left undefined, tokens will instead be cached in-process. (list +# value) +# Deprecated group/name - [DEFAULT]/memcache_servers +#memcached_servers = + +# In order to prevent excessive effort spent validating tokens, the +# middleware caches previously-seen tokens for a configurable duration +# (in seconds). Set to -1 to disable caching completely. (integer +# value) +#token_cache_time = 300 + +# Determines the frequency at which the list of revoked tokens is +# retrieved from the Identity service (in seconds). A high number of +# revocation events combined with a low cache duration may +# significantly reduce performance. (integer value) +#revocation_cache_time = 10 + +# (Optional) If defined, indicate whether token data should be +# authenticated or authenticated and encrypted. Acceptable values are +# MAC or ENCRYPT. If MAC, token data is authenticated (with HMAC) in +# the cache. If ENCRYPT, token data is encrypted and authenticated in +# the cache. If the value is not one of these options or empty, +# auth_token will raise an exception on initialization. (string value) +#memcache_security_strategy = + +# (Optional, mandatory if memcache_security_strategy is defined) This +# string is used for key derivation. (string value) +#memcache_secret_key = + +# (Optional) Number of seconds memcached server is considered dead +# before it is tried again. (integer value) +#memcache_pool_dead_retry = 300 + +# (Optional) Maximum total number of open connections to every +# memcached server. (integer value) +#memcache_pool_maxsize = 10 + +# (Optional) Socket timeout in seconds for communicating with a +# memcached server. (integer value) +#memcache_pool_socket_timeout = 3 + +# (Optional) Number of seconds a connection to memcached is held +# unused in the pool before it is closed. (integer value) +#memcache_pool_unused_timeout = 60 + +# (Optional) Number of seconds that an operation will wait to get a +# memcached client connection from the pool. (integer value) +#memcache_pool_conn_get_timeout = 10 + +# (Optional) Use the advanced (eventlet safe) memcached client pool. +# The advanced pool will only work under python 2.x. (boolean value) +#memcache_use_advanced_pool = false + +# (Optional) Indicate whether to set the X-Service-Catalog header. If +# False, middleware will not ask for service catalog on token +# validation and will not set the X-Service-Catalog header. (boolean +# value) +#include_service_catalog = true + +# Used to control the use and type of token binding. Can be set to: +# "disabled" to not check token binding. "permissive" (default) to +# validate binding information if the bind type is of a form known to +# the server and ignore it if not. "strict" like "permissive" but if +# the bind type is unknown the token will be rejected. "required" any +# form of token binding is needed to be allowed. Finally the name of a +# binding method that must be present in tokens. (string value) +#enforce_token_bind = permissive + +# If true, the revocation list will be checked for cached tokens. This +# requires that PKI tokens are configured on the identity server. +# (boolean value) +#check_revocations_for_cached = false + +# Hash algorithms to use for hashing PKI tokens. This may be a single +# algorithm or multiple. The algorithms are those supported by Python +# standard hashlib.new(). The hashes will be tried in the order given, +# so put the preferred one first for performance. The result of the +# first hash will be stored in the cache. This will typically be set +# to multiple values only while migrating from a less secure algorithm +# to a more secure one. Once all the old tokens are expired this +# option should be set to a single value for better performance. (list +# value) +#hash_algorithms = md5 + +# Prefix to prepend at the beginning of the path. Deprecated, use +# identity_uri. (string value) +#auth_admin_prefix = + +# Host providing the admin Identity API endpoint. Deprecated, use +# identity_uri. (string value) +#auth_host = 127.0.0.1 + +# Port of the admin Identity API endpoint. Deprecated, use +# identity_uri. (integer value) +#auth_port = 35357 + +# Protocol of the admin Identity API endpoint (http or https). +# Deprecated, use identity_uri. (string value) +#auth_protocol = https + +# Complete admin Identity API endpoint. This should specify the +# unversioned root endpoint e.g. https://localhost:35357/ (string +# value) +#identity_uri = + +# This option is deprecated and may be removed in a future release. +# Single shared secret with the Keystone configuration used for +# bootstrapping a Keystone installation, or otherwise bypassing the +# normal authentication process. This option should not be used, use +# `admin_user` and `admin_password` instead. (string value) +#admin_token = + +# Service username. (string value) +#admin_user = + +# Service user password. (string value) +#admin_password = + +# Service tenant name. (string value) +#admin_tenant_name = admin + + +[matchmaker_redis] + +# +# From oslo.messaging +# + +# Host to locate redis. (string value) +#host = 127.0.0.1 + +# Use this port to connect to redis host. (integer value) +#port = 6379 + +# Password for Redis server (optional). (string value) +#password = + + +[matchmaker_ring] + +# +# From oslo.messaging +# + +# Matchmaker ring file (JSON). (string value) +# Deprecated group/name - [DEFAULT]/matchmaker_ringfile +#ringfile = /etc/oslo/matchmaker_ring.json + + +[oslo_concurrency] + +# +# From manila +# + +# Enables or disables inter-process locks. (boolean value) +# Deprecated group/name - [DEFAULT]/disable_process_locking +#disable_process_locking = false + +# Directory to use for lock files. For security, the specified +# directory should only be writable by the user running the processes +# that need locking. Defaults to environment variable OSLO_LOCK_PATH. +# If external locks are used, a lock path must be set. (string value) +# Deprecated group/name - [DEFAULT]/lock_path +#lock_path = + + +[oslo_messaging_amqp] + +# +# From oslo.messaging +# + +# address prefix used when sending to a specific server (string value) +# Deprecated group/name - [amqp1]/server_request_prefix +#server_request_prefix = exclusive + +# address prefix used when broadcasting to all servers (string value) +# Deprecated group/name - [amqp1]/broadcast_prefix +#broadcast_prefix = broadcast + +# address prefix when sending to any server in group (string value) +# Deprecated group/name - [amqp1]/group_request_prefix +#group_request_prefix = unicast + +# Name for the AMQP container (string value) +# Deprecated group/name - [amqp1]/container_name +#container_name = + +# Timeout for inactive connections (in seconds) (integer value) +# Deprecated group/name - [amqp1]/idle_timeout +#idle_timeout = 0 + +# Debug: dump AMQP frames to stdout (boolean value) +# Deprecated group/name - [amqp1]/trace +#trace = false + +# CA certificate PEM file to verify server certificate (string value) +# Deprecated group/name - [amqp1]/ssl_ca_file +#ssl_ca_file = + +# Identifying certificate PEM file to present to clients (string +# value) +# Deprecated group/name - [amqp1]/ssl_cert_file +#ssl_cert_file = + +# Private key PEM file used to sign cert_file certificate (string +# value) +# Deprecated group/name - [amqp1]/ssl_key_file +#ssl_key_file = + +# Password for decrypting ssl_key_file (if encrypted) (string value) +# Deprecated group/name - [amqp1]/ssl_key_password +#ssl_key_password = + +# Accept clients using either SSL or plain TCP (boolean value) +# Deprecated group/name - [amqp1]/allow_insecure_clients +#allow_insecure_clients = false + + +[oslo_messaging_qpid] + +# +# From oslo.messaging +# + +# Use durable queues in AMQP. (boolean value) +# Deprecated group/name - [DEFAULT]/amqp_durable_queues +# Deprecated group/name - [DEFAULT]/rabbit_durable_queues +#amqp_durable_queues = false + +# Auto-delete queues in AMQP. (boolean value) +# Deprecated group/name - [DEFAULT]/amqp_auto_delete +#amqp_auto_delete = false + +# Send a single AMQP reply to call message. The current behaviour +# since oslo-incubator is to send two AMQP replies - first one with +# the payload, a second one to ensure the other have finish to send +# the payload. We are going to remove it in the N release, but we must +# keep backward compatible at the same time. This option provides such +# compatibility - it defaults to False in Liberty and can be turned on +# for early adopters with a new installations or for testing. Please +# note, that this option will be removed in the Mitaka release. +# (boolean value) +#send_single_reply = false + +# Qpid broker hostname. (string value) +# Deprecated group/name - [DEFAULT]/qpid_hostname +#qpid_hostname = localhost + +# Qpid broker port. (integer value) +# Deprecated group/name - [DEFAULT]/qpid_port +#qpid_port = 5672 + +# Qpid HA cluster host:port pairs. (list value) +# Deprecated group/name - [DEFAULT]/qpid_hosts +#qpid_hosts = $qpid_hostname:$qpid_port + +# Username for Qpid connection. (string value) +# Deprecated group/name - [DEFAULT]/qpid_username +#qpid_username = + +# Password for Qpid connection. (string value) +# Deprecated group/name - [DEFAULT]/qpid_password +#qpid_password = + +# Space separated list of SASL mechanisms to use for auth. (string +# value) +# Deprecated group/name - [DEFAULT]/qpid_sasl_mechanisms +#qpid_sasl_mechanisms = + +# Seconds between connection keepalive heartbeats. (integer value) +# Deprecated group/name - [DEFAULT]/qpid_heartbeat +#qpid_heartbeat = 60 + +# Transport to use, either 'tcp' or 'ssl'. (string value) +# Deprecated group/name - [DEFAULT]/qpid_protocol +#qpid_protocol = tcp + +# Whether to disable the Nagle algorithm. (boolean value) +# Deprecated group/name - [DEFAULT]/qpid_tcp_nodelay +#qpid_tcp_nodelay = true + +# The number of prefetched messages held by receiver. (integer value) +# Deprecated group/name - [DEFAULT]/qpid_receiver_capacity +#qpid_receiver_capacity = 1 + +# The qpid topology version to use. Version 1 is what was originally +# used by impl_qpid. Version 2 includes some backwards-incompatible +# changes that allow broker federation to work. Users should update +# to version 2 when they are able to take everything down, as it +# requires a clean break. (integer value) +# Deprecated group/name - [DEFAULT]/qpid_topology_version +#qpid_topology_version = 1 + + +[oslo_messaging_rabbit] + +# +# From oslo.messaging +# + +# Use durable queues in AMQP. (boolean value) +# Deprecated group/name - [DEFAULT]/amqp_durable_queues +# Deprecated group/name - [DEFAULT]/rabbit_durable_queues +#amqp_durable_queues = false + +# Auto-delete queues in AMQP. (boolean value) +# Deprecated group/name - [DEFAULT]/amqp_auto_delete +#amqp_auto_delete = false + +# Send a single AMQP reply to call message. The current behaviour +# since oslo-incubator is to send two AMQP replies - first one with +# the payload, a second one to ensure the other have finish to send +# the payload. We are going to remove it in the N release, but we must +# keep backward compatible at the same time. This option provides such +# compatibility - it defaults to False in Liberty and can be turned on +# for early adopters with a new installations or for testing. Please +# note, that this option will be removed in the Mitaka release. +# (boolean value) +#send_single_reply = false + +# SSL version to use (valid only if SSL enabled). Valid values are +# TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be +# available on some distributions. (string value) +# Deprecated group/name - [DEFAULT]/kombu_ssl_version +#kombu_ssl_version = + +# SSL key file (valid only if SSL enabled). (string value) +# Deprecated group/name - [DEFAULT]/kombu_ssl_keyfile +#kombu_ssl_keyfile = + +# SSL cert file (valid only if SSL enabled). (string value) +# Deprecated group/name - [DEFAULT]/kombu_ssl_certfile +#kombu_ssl_certfile = + +# SSL certification authority file (valid only if SSL enabled). +# (string value) +# Deprecated group/name - [DEFAULT]/kombu_ssl_ca_certs +#kombu_ssl_ca_certs = + +# How long to wait before reconnecting in response to an AMQP consumer +# cancel notification. (floating point value) +# Deprecated group/name - [DEFAULT]/kombu_reconnect_delay +#kombu_reconnect_delay = 1.0 + +# How long to wait before considering a reconnect attempt to have +# failed. This value should not be longer than rpc_response_timeout. +# (integer value) +#kombu_reconnect_timeout = 60 + +# The RabbitMQ broker address where a single node is used. (string +# value) +# Deprecated group/name - [DEFAULT]/rabbit_host +#rabbit_host = localhost + +# The RabbitMQ broker port where a single node is used. (integer +# value) +# Deprecated group/name - [DEFAULT]/rabbit_port +#rabbit_port = 5672 + +# RabbitMQ HA cluster host:port pairs. (list value) +# Deprecated group/name - [DEFAULT]/rabbit_hosts +#rabbit_hosts = $rabbit_host:$rabbit_port + +# Connect over SSL for RabbitMQ. (boolean value) +# Deprecated group/name - [DEFAULT]/rabbit_use_ssl +#rabbit_use_ssl = false + +# The RabbitMQ userid. (string value) +# Deprecated group/name - [DEFAULT]/rabbit_userid +#rabbit_userid = guest + +# The RabbitMQ password. (string value) +# Deprecated group/name - [DEFAULT]/rabbit_password +#rabbit_password = guest + +# The RabbitMQ login method. (string value) +# Deprecated group/name - [DEFAULT]/rabbit_login_method +#rabbit_login_method = AMQPLAIN + +# The RabbitMQ virtual host. (string value) +# Deprecated group/name - [DEFAULT]/rabbit_virtual_host +#rabbit_virtual_host = / + +# How frequently to retry connecting with RabbitMQ. (integer value) +#rabbit_retry_interval = 1 + +# How long to backoff for between retries when connecting to RabbitMQ. +# (integer value) +# Deprecated group/name - [DEFAULT]/rabbit_retry_backoff +#rabbit_retry_backoff = 2 + +# Maximum number of RabbitMQ connection retries. Default is 0 +# (infinite retry count). (integer value) +# Deprecated group/name - [DEFAULT]/rabbit_max_retries +#rabbit_max_retries = 0 + +# Use HA queues in RabbitMQ (x-ha-policy: all). If you change this +# option, you must wipe the RabbitMQ database. (boolean value) +# Deprecated group/name - [DEFAULT]/rabbit_ha_queues +#rabbit_ha_queues = false + +# Number of seconds after which the Rabbit broker is considered down +# if heartbeat's keep-alive fails (0 disable the heartbeat). +# EXPERIMENTAL (integer value) +#heartbeat_timeout_threshold = 60 + +# How often times during the heartbeat_timeout_threshold we check the +# heartbeat. (integer value) +#heartbeat_rate = 2 + +# Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake +# (boolean value) +# Deprecated group/name - [DEFAULT]/fake_rabbit +#fake_rabbit = false + + +[oslo_middleware] + +# +# From manila +# + +# The maximum body size for each request, in bytes. (integer value) +# Deprecated group/name - [DEFAULT]/osapi_max_request_body_size +# Deprecated group/name - [DEFAULT]/max_request_body_size +#max_request_body_size = 114688 + +# +# From manila +# + +# The HTTP Header that will be used to determine what the original +# request protocol scheme was, even if it was hidden by an SSL +# termination proxy. (string value) +#secure_proxy_ssl_header = X-Forwarded-Proto + + +[oslo_policy] + +# +# From manila +# + +# The JSON file that defines policies. (string value) +# Deprecated group/name - [DEFAULT]/policy_file +#policy_file = policy.json + +# Default rule. Enforced when a requested rule is not found. (string +# value) +# Deprecated group/name - [DEFAULT]/policy_default_rule +#policy_default_rule = default + +# Directories where policy configuration files are stored. They can be +# relative to any directory in the search path defined by the +# config_dir option, or absolute paths. The file defined by +# policy_file must exist for these directories to be searched. +# Missing or empty directories are ignored. (multi valued) +# Deprecated group/name - [DEFAULT]/policy_dirs +# This option is deprecated for removal. +# Its value may be silently ignored in the future. +#policy_dirs = policy.d diff --git a/doc/common/tables/manila-amqp.xml b/doc/common/tables/manila-amqp.xml new file mode 100644 index 0000000000..9677b703bc --- /dev/null +++ b/doc/common/tables/manila-amqp.xml @@ -0,0 +1,38 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of AMQP configuration options
Configuration option = Default valueDescription
[DEFAULT]
= openstack(StrOpt) The default exchange under which topics are scoped. May be overridden by an exchange name specified in the transport_url option.
= [](MultiStrOpt) The Drivers(s) to handle sending notifications. Possible values are messaging, messagingv2, routing, log, test, noop
= notifications(ListOpt) AMQP topic used for OpenStack notifications.
= None(StrOpt) A URL representing the messaging driver to use and its full configuration. If not set, we fall back to the rpc_backend option and driver specific configuration.
+
diff --git a/doc/common/tables/manila-api.xml b/doc/common/tables/manila-api.xml new file mode 100644 index 0000000000..143735cba7 --- /dev/null +++ b/doc/common/tables/manila-api.xml @@ -0,0 +1,112 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of API configuration options
Configuration option = Default valueDescription
[DEFAULT]
= api-paste.ini(StrOpt) File name for the paste.deploy config for manila-api.
= True(BoolOpt) Whether to rate limit the API.
= False(BoolOpt) Deploy v1 of the Manila API. This option is deprecated, is not used, and will be removed in a future release.
= False(BoolOpt) Deploy v2 of the Manila API. This option is deprecated, is not used, and will be removed in a future release.
= 16384(IntOpt) Maximum line size of message headers to be accepted. Option max_header_line may need to be increased when using large tokens (typically those generated by the Keystone v3 API with big service catalogs).
= 1000(IntOpt) The maximum number of items returned in a single response from a collection resource.
= None(StrOpt) Base URL to be presented to users in links to the Share API
= (ListOpt) Specify list of extensions to load when using osapi_share_extension option with manila.api.contrib.select_extensions.
= ['manila.api.contrib.standard_extensions'](MultiStrOpt) The osapi share extension to load.
= ::(StrOpt) IP address for OpenStack Share API to listen on.
= 8786(IntOpt) Port for OpenStack Share API to listen on.
= 1(IntOpt) Number of workers for OpenStack Share API service.
= manila.share.api.API(StrOpt) The full class name of the share API class to use.
= manila.volume.cinder.API(StrOpt) The full class name of the Volume API class to use.
= manila-share-%s(StrOpt) Volume name template.
= manila-snapshot-%s(StrOpt) Volume snapshot name template.
[oslo_middleware]
= 114688(IntOpt) The maximum body size for each request, in bytes.
= X-Forwarded-Proto(StrOpt) The HTTP Header that will be used to determine what the original request protocol scheme was, even if it was hidden by an SSL termination proxy.
[oslo_policy]
= default(StrOpt) Default rule. Enforced when a requested rule is not found.
= ['policy.d'](MultiStrOpt) Directories where policy configuration files are stored. They can be relative to any directory in the search path defined by the config_dir option, or absolute paths. The file defined by policy_file must exist for these directories to be searched. Missing or empty directories are ignored.
= policy.json(StrOpt) The JSON file that defines policies.
+
diff --git a/doc/common/tables/manila-auth.xml b/doc/common/tables/manila-auth.xml new file mode 100644 index 0000000000..42afa31a62 --- /dev/null +++ b/doc/common/tables/manila-auth.xml @@ -0,0 +1,26 @@ + + + + + + + + + + + + + + + + + + + + + + +
Description of Authorization configuration options
Configuration option = Default valueDescription
[DEFAULT]
= keystone(StrOpt) The strategy to use for auth. Supports noauth, keystone, and deprecated.
+
diff --git a/doc/common/tables/manila-auth_token.xml b/doc/common/tables/manila-auth_token.xml new file mode 100644 index 0000000000..b472316405 --- /dev/null +++ b/doc/common/tables/manila-auth_token.xml @@ -0,0 +1,174 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of Authorization Token configuration options
Configuration option = Default valueDescription
[keystone_authtoken]
= None(StrOpt) Service user password.
= admin(StrOpt) Service tenant name.
= None(StrOpt) This option is deprecated and may be removed in a future release. Single shared secret with the Keystone configuration used for bootstrapping a Keystone installation, or otherwise bypassing the normal authentication process. This option should not be used, use `admin_user` and `admin_password` instead.
= None(StrOpt) Service username.
= (StrOpt) Prefix to prepend at the beginning of the path. Deprecated, use identity_uri.
= 127.0.0.1(StrOpt) Host providing the admin Identity API endpoint. Deprecated, use identity_uri.
= None(StrOpt) Name of the plugin to load
= 35357(IntOpt) Port of the admin Identity API endpoint. Deprecated, use identity_uri.
= https(StrOpt) Protocol of the admin Identity API endpoint (http or https). Deprecated, use identity_uri.
= None(StrOpt) Config Section from which to load plugin specific options
= None(StrOpt) Complete public Identity API endpoint.
= None(StrOpt) API version of the admin Identity API endpoint.
= None(StrOpt) Env key for the swift cache.
= None(StrOpt) A PEM encoded Certificate Authority to use when verifying HTTPs connections. Defaults to system CAs.
= None(StrOpt) Required if identity server requires client certificate
= False(BoolOpt) If true, the revocation list will be checked for cached tokens. This requires that PKI tokens are configured on the identity server.
= False(BoolOpt) Do not handle authorization requests within the middleware, but delegate the authorization decision to downstream WSGI components.
= permissive(StrOpt) Used to control the use and type of token binding. Can be set to: "disabled" to not check token binding. "permissive" (default) to validate binding information if the bind type is of a form known to the server and ignore it if not. "strict" like "permissive" but if the bind type is unknown the token will be rejected. "required" any form of token binding is needed to be allowed. Finally the name of a binding method that must be present in tokens.
= md5(ListOpt) Hash algorithms to use for hashing PKI tokens. This may be a single algorithm or multiple. The algorithms are those supported by Python standard hashlib.new(). The hashes will be tried in the order given, so put the preferred one first for performance. The result of the first hash will be stored in the cache. This will typically be set to multiple values only while migrating from a less secure algorithm to a more secure one. Once all the old tokens are expired this option should be set to a single value for better performance.
= None(IntOpt) Request timeout value for communicating with Identity API server.
= 3(IntOpt) How many times are we trying to reconnect when communicating with Identity API Server.
= None(StrOpt) Complete admin Identity API endpoint. This should specify the unversioned root endpoint e.g. https://localhost:35357/
= True(BoolOpt) (Optional) Indicate whether to set the X-Service-Catalog header. If False, middleware will not ask for service catalog on token validation and will not set the X-Service-Catalog header.
= False(BoolOpt) Verify HTTPS connections.
= None(StrOpt) Required if identity server requires client certificate
= 10(IntOpt) (Optional) Number of seconds that an operation will wait to get a memcached client connection from the pool.
= 300(IntOpt) (Optional) Number of seconds memcached server is considered dead before it is tried again.
= 10(IntOpt) (Optional) Maximum total number of open connections to every memcached server.
= 3(IntOpt) (Optional) Socket timeout in seconds for communicating with a memcached server.
= 60(IntOpt) (Optional) Number of seconds a connection to memcached is held unused in the pool before it is closed.
= None(StrOpt) (Optional, mandatory if memcache_security_strategy is defined) This string is used for key derivation.
= None(StrOpt) (Optional) If defined, indicate whether token data should be authenticated or authenticated and encrypted. Acceptable values are MAC or ENCRYPT. If MAC, token data is authenticated (with HMAC) in the cache. If ENCRYPT, token data is encrypted and authenticated in the cache. If the value is not one of these options or empty, auth_token will raise an exception on initialization.
= False(BoolOpt) (Optional) Use the advanced (eventlet safe) memcached client pool. The advanced pool will only work under python 2.x.
= None(ListOpt) Optionally specify a list of memcached server(s) to use for caching. If left undefined, tokens will instead be cached in-process.
= None(StrOpt) The region in which the identity server can be found.
= 10(IntOpt) Determines the frequency at which the list of revoked tokens is retrieved from the Identity service (in seconds). A high number of revocation events combined with a low cache duration may significantly reduce performance.
= None(StrOpt) Directory used to cache files related to PKI tokens.
= 300(IntOpt) In order to prevent excessive effort spent validating tokens, the middleware caches previously-seen tokens for a configurable duration (in seconds). Set to -1 to disable caching completely.
+
diff --git a/doc/common/tables/manila-ca.xml b/doc/common/tables/manila-ca.xml new file mode 100644 index 0000000000..401c1a454e --- /dev/null +++ b/doc/common/tables/manila-ca.xml @@ -0,0 +1,34 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of Certificate Authority configuration options
Configuration option = Default valueDescription
[DEFAULT]
= None(StrOpt) CA certificate file to use to verify connecting clients.
= None(StrOpt) Certificate file to use when starting the server securely.
= None(StrOpt) Private key file to use when starting the server securely.
+
diff --git a/doc/common/tables/manila-common.xml b/doc/common/tables/manila-common.xml new file mode 100644 index 0000000000..5fd6148c3d --- /dev/null +++ b/doc/common/tables/manila-common.xml @@ -0,0 +1,150 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of Common configuration options
Configuration option = Default valueDescription
[DEFAULT]
= 900(IntOpt) Timeout for client connections socket operations. If an incoming connection is idle for this number of seconds it will be closed. A value of '0' means wait forever.
= manila.compute.nova.API(StrOpt) The full class name of the Compute API class to use.
= True(BoolOpt) Services to be added to the available pool on create.
= localhost(StrOpt) Name of this node. This can be an opaque identifier. It is not necessarily a hostname, FQDN, or IP address.
= 20.0(FloatOpt) Float representation of the over subscription ratio when thin provisioning is involved. Default ratio is 20.0, meaning provisioned capacity can be 20 times the total physical capacity. If the ratio is 10.5, it means provisioned capacity can be 10.5 times the total physical capacity. A ratio of 1.0 means provisioned capacity cannot exceed the total physical capacity. A ratio lower than 1.0 is invalid.
= None(ListOpt) Memcached servers or None for in process cache.
= False(BoolOpt) Whether to log monkey patching.
= (ListOpt) List of modules or decorators to monkey patch.
= 10.0.0.1(StrOpt) IP address of this host.
= 3(IntOpt) Number of times to attempt to run flakey shell commands.
= 60(IntOpt) Range of seconds to randomly delay when starting the periodic task scheduler to reduce stampeding. (Disable by setting to 0)
= 300.0(FloatOpt) Interval in seconds between execution of periodic hooks. Used when option 'enable_periodic_hooks' is set to True. Default is 300.
= 60(IntOpt) Seconds between running periodic tasks.
= 10(IntOpt) Seconds between nodes reporting state to datastore.
= 0(IntOpt) The percentage of backend capacity reserved.
= None(StrOpt) Path to the rootwrap configuration file to use for running commands as root.
= 60(IntOpt) Maximum time since last check-in for up service.
= 3600(IntOpt) Timeout before idle SQL connections are reaped.
= 10(IntOpt) Maximum database connection retries during startup. (setting -1 implies an infinite retry count).
= 10(IntOpt) Interval between retries of opening a SQL connection.
= clean.sqlite(StrOpt) File name of clean sqlite database.
= manila.sqlite(StrOpt) The filename to use with sqlite.
= True(BoolOpt) If passed, use synchronous mode for sqlite.
= /var/lib/manila(StrOpt) Top-level directory for maintaining manila's state.
= nova(StrOpt) Availability zone of this node.
= True(BoolOpt) Sets the value of TCP_KEEPALIVE (True/False) for each server socket.
= None(IntOpt) Sets the value of TCP_KEEPCNT for each server socket. Not supported on OS X.
= None(IntOpt) Sets the value of TCP_KEEPINTVL in seconds for each server socket. Not supported on OS X.
= 600(IntOpt) Sets the value of TCP_KEEPIDLE in seconds for each server socket. Not supported on OS X.
= 0(IntOpt) Count of reservations until usage is refreshed.
= False(BoolOpt) Treat X-Forwarded-For as the canonical remote address. Only enable this if you have a sanitizing proxy.
= True(BoolOpt) If False, closes the client socket connection explicitly. Setting it to True to maintain backward compatibility. Recommended setting is set it to False.
+
diff --git a/doc/common/tables/manila-compute.xml b/doc/common/tables/manila-compute.xml new file mode 100644 index 0000000000..9e854d468d --- /dev/null +++ b/doc/common/tables/manila-compute.xml @@ -0,0 +1,62 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of Compute configuration options
Configuration option = Default valueDescription
[DEFAULT]
= http://localhost:5000/v2.0(StrOpt) Identity service URL.
= None(StrOpt) Nova admin password.
= service(StrOpt) Nova admin tenant name.
= nova(StrOpt) Nova admin username.
= False(BoolOpt) Allow to perform insecure SSL requests to nova.
= 2.10(StrOpt) Version of Nova API to be used.
= None(StrOpt) Location of CA certificates file to use for nova client requests.
= compute:nova:adminURL(StrOpt) Same as nova_catalog_info, but for admin endpoint.
= compute:nova:publicURL(StrOpt) Info to match when looking for nova in the service catalog. Format is separated values of the form: <service_type>:<service_name>:<endpoint_type>
= None(StrOpt) Region name of this node.
+
diff --git a/doc/common/tables/manila-cors.xml b/doc/common/tables/manila-cors.xml new file mode 100644 index 0000000000..332553e609 --- /dev/null +++ b/doc/common/tables/manila-cors.xml @@ -0,0 +1,73 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of CORS configuration options
Configuration option = Default valueDescription
[cors]
= True(BoolOpt) Indicate that the actual request can include user credentials
= Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma(ListOpt) Indicate which header field names may be used during the actual request.
= GET, POST, PUT, DELETE, OPTIONS(ListOpt) Indicate which methods can be used during the actual request.
= None(StrOpt) Indicate whether this resource may be shared with the domain received in the requests "origin" header.
= Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma(ListOpt) Indicate which headers are safe to expose to the API. Defaults to HTTP Simple Headers.
= 3600(IntOpt) Maximum cache age of CORS preflight requests.
[cors.subdomain]
= True(BoolOpt) Indicate that the actual request can include user credentials
= Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma(ListOpt) Indicate which header field names may be used during the actual request.
= GET, POST, PUT, DELETE, OPTIONS(ListOpt) Indicate which methods can be used during the actual request.
= None(StrOpt) Indicate whether this resource may be shared with the domain received in the requests "origin" header.
= Content-Type, Cache-Control, Content-Language, Expires, Last-Modified, Pragma(ListOpt) Indicate which headers are safe to expose to the API. Defaults to HTTP Simple Headers.
= 3600(IntOpt) Maximum cache age of CORS preflight requests.
+
diff --git a/doc/common/tables/manila-database.xml b/doc/common/tables/manila-database.xml new file mode 100644 index 0000000000..f1de2a60e8 --- /dev/null +++ b/doc/common/tables/manila-database.xml @@ -0,0 +1,113 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of Database configuration options
Configuration option = Default valueDescription
[DEFAULT]
= sqlalchemy(StrOpt) The backend to use for database.
= manila.db(StrOpt) Driver to use for database access.
[database]
= sqlalchemy(StrOpt) The back end to use for the database.
= None(StrOpt) The SQLAlchemy connection string to use to connect to the database.
= 0(IntOpt) Verbosity of SQL debugging information: 0=None, 100=Everything.
= False(BoolOpt) Add Python stack traces to SQL as comment strings.
= True(BoolOpt) If True, increases the interval between retries of a database operation up to db_max_retry_interval.
= 20(IntOpt) Maximum retries in case of connection error or deadlock error before error is raised. Set to -1 to specify an infinite retry count.
= 10(IntOpt) If db_inc_retry_interval is set, the maximum seconds between retries of a database operation.
= 1(IntOpt) Seconds between retries of a database transaction.
= 3600(IntOpt) Timeout before idle SQL connections are reaped.
= None(IntOpt) If set, use this value for max_overflow with SQLAlchemy.
= None(IntOpt) Maximum number of SQL connections to keep open in a pool.
= 10(IntOpt) Maximum number of database connection retries during startup. Set to -1 to specify an infinite retry count.
= 1(IntOpt) Minimum number of SQL connections to keep open in a pool.
= TRADITIONAL(StrOpt) The SQL mode to be used for MySQL sessions. This option, including the default, overrides any server-set SQL mode. To use whatever SQL mode is set by the server configuration, set this to no value. Example: mysql_sql_mode=
= None(IntOpt) If set, use this value for pool_timeout with SQLAlchemy.
= 10(IntOpt) Interval between retries of opening a SQL connection.
= None(StrOpt) The SQLAlchemy connection string to use to connect to the slave database.
= oslo.sqlite(StrOpt) The file name to use with SQLite.
= True(BoolOpt) If True, SQLite uses synchronous mode.
= False(BoolOpt) Enable the experimental use of database reconnect on connection lost.
+
diff --git a/doc/common/tables/manila-emc.xml b/doc/common/tables/manila-emc.xml new file mode 100644 index 0000000000..64aeb38734 --- /dev/null +++ b/doc/common/tables/manila-emc.xml @@ -0,0 +1,58 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of EMC Share Drivers configuration options
Configuration option = Default valueDescription
[DEFAULT]
= None(StrOpt) User name for the EMC server.
= None(StrOpt) Password for the EMC server.
= None(StrOpt) EMC pool name.
= None(StrOpt) The root directory where shares will be located.
= None(StrOpt) EMC server hostname or IP address.
= server_2(StrOpt) Container of share servers.
= 8080(IntOpt) Port number for the EMC server.
= True(BoolOpt) Use secure connection to server.
= None(StrOpt) Share backend.
+
diff --git a/doc/common/tables/manila-ganesha.xml b/doc/common/tables/manila-ganesha.xml new file mode 100644 index 0000000000..cdc7f42a6d --- /dev/null +++ b/doc/common/tables/manila-ganesha.xml @@ -0,0 +1,46 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of Ganesha configuration options
Configuration option = Default valueDescription
[DEFAULT]
= /etc/ganesha(StrOpt) Directory where Ganesha config files are stored.
= $ganesha_config_dir/ganesha.conf(StrOpt) Path to main Ganesha config file.
= $state_path/manila-ganesha.db(StrOpt) Location of Ganesha database file. (Ganesha module only.)
= $ganesha_config_dir/export.d(StrOpt) Path to directory containing Ganesha export configuration. (Ganesha module only.)
= /etc/manila/ganesha-export-templ.d(StrOpt) Path to directory containing Ganesha export block templates. (Ganesha module only.)
= ganesha.nfsd(StrOpt) Name of the ganesha nfs service.
+
diff --git a/doc/common/tables/manila-glusterfs.xml b/doc/common/tables/manila-glusterfs.xml new file mode 100644 index 0000000000..26f323c182 --- /dev/null +++ b/doc/common/tables/manila-glusterfs.xml @@ -0,0 +1,74 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of GlusterFS Share Drivers configuration options
Configuration option = Default valueDescription
[DEFAULT]
= None(StrOpt) Remote Ganesha server node's IP address.
= None(StrOpt) Remote Ganesha server node's login password. This is not required if 'glusterfs_path_to_private_key' is configured.
= root(StrOpt) Remote Ganesha server node's username.
= $state_path/mnt(StrOpt) Base directory containing mount points for Gluster volumes.
= None(StrOpt) Path of Manila host's private SSH key file.
= None(StrOpt) Remote GlusterFS server node's login password. This is not required if 'glusterfs_native_path_to_private_key' is configured.
= Gluster(StrOpt) Type of NFS server that mediate access to the Gluster volumes (Gluster or Ganesha).
= None(StrOpt) Path of Manila host's private SSH key file.
= None(StrOpt) Remote GlusterFS server node's login password. This is not required if 'glusterfs_path_to_private_key' is configured.
= (ListOpt) List of GlusterFS servers that can be used to create shares. Each GlusterFS server should be of the form [remoteuser@]<volserver>, and they are assumed to belong to distinct Gluster clusters.
= None(StrOpt) Specifies GlusterFS share layout, that is, the method of associating backing GlusterFS resources to shares.
= None(StrOpt) Specifies the GlusterFS volume to be mounted on the Manila host. It is of the form [remoteuser@]<volserver>:<volid>.
= None(StrOpt) Regular expression template used to filter GlusterFS volumes for share creation. The regex template can optionally (ie. with support of the GlusterFS backend) contain the #{size} parameter which matches an integer (sequence of digits) in which case the value shall be interpreted as size of the volume in GB. Examples: "manila-share-volume-\d+$", "manila-share-volume-#{size}G-\d+$"; with matching volume names, respectively: "manila-share-volume-12", "manila-share-volume-3G-13". In latter example, the number that matches "#{size}", that is, 3, is an indication that the size of volume is 3G.
+
diff --git a/doc/common/tables/manila-hdfs.xml b/doc/common/tables/manila-hdfs.xml new file mode 100644 index 0000000000..f06ea8a8a1 --- /dev/null +++ b/doc/common/tables/manila-hdfs.xml @@ -0,0 +1,46 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of HDFS Share Driver configuration options
Configuration option = Default valueDescription
[DEFAULT]
= None(StrOpt) The IP of the HDFS namenode.
= 9000(IntOpt) The port of HDFS namenode service.
= None(StrOpt) HDFS namenode ssh login name.
= 22(IntOpt) HDFS namenode SSH port.
= None(StrOpt) Path to HDFS namenode SSH private key for login.
= None(StrOpt) HDFS namenode SSH login password, This parameter is not necessary, if 'hdfs_ssh_private_key' is configured.
+
diff --git a/doc/common/tables/manila-hds_hnas.xml b/doc/common/tables/manila-hds_hnas.xml new file mode 100644 index 0000000000..5b71f187f6 --- /dev/null +++ b/doc/common/tables/manila-hds_hnas.xml @@ -0,0 +1,58 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of HDS NAS Share Driver configuration options
Configuration option = Default valueDescription
[DEFAULT]
= None(StrOpt) The IP of the clusters admin node. Only set in HNAS multinode clusters.
= None(StrOpt) Specify which EVS this backend is assigned to.
= None(StrOpt) Specify IP for mounting shares.
= None(StrOpt) Specify file-system name for creating shares.
= None(StrOpt) HNAS management interface IP for communication between Manila controller and HNAS.
= None(StrOpt) HNAS user password. Required only if private key is not provided.
= None(StrOpt) RSA/DSA private key value used to connect into HNAS. Required only if password is not provided.
= 30(IntOpt) The time (in seconds) to wait for stalled HNAS jobs before aborting.
= None(StrOpt) HNAS username Base64 String in order to perform tasks such as create file-systems and network interfaces.
+
diff --git a/doc/common/tables/manila-hp3par.xml b/doc/common/tables/manila-hp3par.xml new file mode 100644 index 0000000000..f5a3cea1b4 --- /dev/null +++ b/doc/common/tables/manila-hp3par.xml @@ -0,0 +1,66 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of HP 3PAR Share Driver configuration options
Configuration option = Default valueDescription
[DEFAULT]
= (StrOpt) 3PAR WSAPI Server Url like https://<3par ip>:8080/api/v1
= False(BoolOpt) Enable HTTP debugging to 3PAR
= OpenStack(StrOpt) The File Provisioning Group (FPG) to use
= False(BoolOpt) Use one filestore per share
= (StrOpt) 3PAR password for the user specified in hp3par_username
= (StrOpt) IP address of SAN controller
= (StrOpt) Username for SAN controller
= (StrOpt) Password for SAN controller
= 22(IntOpt) SSH port to use with SAN
= (StrOpt) The IP address for shares not using a share server
= (StrOpt) 3PAR username with the 'edit' role
+
diff --git a/doc/common/tables/manila-huawei.xml b/doc/common/tables/manila-huawei.xml new file mode 100644 index 0000000000..dfc7192b92 --- /dev/null +++ b/doc/common/tables/manila-huawei.xml @@ -0,0 +1,26 @@ + + + + + + + + + + + + + + + + + + + + + + +
Description of Huawei Share Driver configuration options
Configuration option = Default valueDescription
[DEFAULT]
= /etc/manila/manila_huawei_conf.xml(StrOpt) The configuration file for the Manila Huawei driver.
+
diff --git a/doc/common/tables/manila-logging.xml b/doc/common/tables/manila-logging.xml new file mode 100644 index 0000000000..3212f57bbb --- /dev/null +++ b/doc/common/tables/manila-logging.xml @@ -0,0 +1,106 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of Logging configuration options
Configuration option = Default valueDescription
[DEFAULT]
= False(BoolOpt) Print debugging output (set logging level to DEBUG instead of default INFO level).
= amqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN, websocket=WARN, requests.packages.urllib3.util.retry=WARN, urllib3.util.retry=WARN, keystonemiddleware=WARN, routes.middleware=WARN, stevedore=WARN, taskflow=WARN(ListOpt) List of logger=LEVEL pairs.
= False(BoolOpt) Enables or disables fatal status of deprecations.
= False(BoolOpt) Whether to make exception message format errors fatal.
= "[instance: %(uuid)s] "(StrOpt) The format for an instance that is passed with the log message.
= "[instance: %(uuid)s] "(StrOpt) The format for an instance UUID that is passed with the log message.
= None(StrOpt) The name of a logging configuration file. This file is appended to any existing logging configuration files. For details about logging configuration files, see the Python logging module documentation.
= %Y-%m-%d %H:%M:%S(StrOpt) Format string for %%(asctime)s in log records. Default: %(default)s .
= None(StrOpt) (Optional) The base directory used for relative --log-file paths.
= None(StrOpt) (Optional) Name of log file to output to. If no default is set, logging will go to stdout.
= None(StrOpt) DEPRECATED. A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes. This option is deprecated. Please use logging_context_format_string and logging_default_format_string instead.
= %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s(StrOpt) Format string to use for log messages with context.
= %(funcName)s %(pathname)s:%(lineno)d(StrOpt) Data to append to log format when level is DEBUG.
= %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s(StrOpt) Format string to use for log messages without context.
= %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s(StrOpt) Prefix each line of exception output with this format.
= False(BoolOpt) Enables or disables publication of error events.
= LOG_USER(StrOpt) Syslog facility to receive log lines.
= True(BoolOpt) Log output to standard error.
= False(BoolOpt) Use syslog for logging. Existing syslog format is DEPRECATED and will be changed later to honor RFC5424.
= True(BoolOpt) (Optional) Enables or disables syslog rfc5424 format for logging. If enabled, prefixes the MSG part of the syslog message with APP-NAME (RFC5424). The format without the APP-NAME is deprecated in Kilo, and will be removed in Mitaka, along with this option.
= True(BoolOpt) If set to false, will disable INFO logging level, making WARNING the default.
+
diff --git a/doc/common/tables/manila-netapp.xml b/doc/common/tables/manila-netapp.xml new file mode 100644 index 0000000000..c3092c64e6 --- /dev/null +++ b/doc/common/tables/manila-netapp.xml @@ -0,0 +1,78 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of NetApp Share Drivers configuration options
Configuration option = Default valueDescription
[DEFAULT]
= (.*)(StrOpt) Pattern for searching available aggregates for provisioning.
= os_%(net_allocation_id)s(StrOpt) Logical interface (LIF) name template
= None(StrOpt) Administrative user account name used to access the storage system.
= None(StrOpt) Password for the administrative user account specified in the netapp_login option.
= (.*)(StrOpt) Pattern for overriding the selection of network ports on which to create Vserver LIFs.
= root(StrOpt) Root volume name.
= None(StrOpt) Name of aggregate to create Vserver root volumes on. This option only applies when the option driver_handles_share_servers is set to True.
= None(StrOpt) The hostname (or IP address) for the storage system.
= None(IntOpt) The TCP port to use for communication with the storage system or proxy server. If not specified, Data ONTAP drivers will use 80 for HTTP and 443 for HTTPS.
= ontap_cluster(StrOpt) The storage family type used on the storage system; valid values include ontap_cluster for using clustered Data ONTAP.
= None(StrOpt) Comma-separated list of options that control which trace info is written to the debug logs. Values include method and api.
= http(StrOpt) The transport protocol used when communicating with the storage system or proxy server. Valid values are http or https.
= share_%(share_id)s(StrOpt) NetApp volume name template.
= os_%s(StrOpt) Name template to use for new Vserver.
+
diff --git a/doc/common/tables/manila-qpid.xml b/doc/common/tables/manila-qpid.xml new file mode 100644 index 0000000000..d0a46e43c7 --- /dev/null +++ b/doc/common/tables/manila-qpid.xml @@ -0,0 +1,78 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of QPID configuration options
Configuration option = Default valueDescription
[oslo_messaging_qpid]
= False(BoolOpt) Auto-delete queues in AMQP.
= False(BoolOpt) Use durable queues in AMQP.
= 60(IntOpt) Seconds between connection keepalive heartbeats.
= localhost(StrOpt) Qpid broker hostname.
= $qpid_hostname:$qpid_port(ListOpt) Qpid HA cluster host:port pairs.
= (StrOpt) Password for Qpid connection.
= 5672(IntOpt) Qpid broker port.
= tcp(StrOpt) Transport to use, either 'tcp' or 'ssl'.
= 1(IntOpt) The number of prefetched messages held by receiver.
= (StrOpt) Space separated list of SASL mechanisms to use for auth.
= True(BoolOpt) Whether to disable the Nagle algorithm.
= 1(IntOpt) The qpid topology version to use. Version 1 is what was originally used by impl_qpid. Version 2 includes some backwards-incompatible changes that allow broker federation to work. Users should update to version 2 when they are able to take everything down, as it requires a clean break.
= (StrOpt) Username for Qpid connection.
= False(BoolOpt) Send a single AMQP reply to call message. The current behaviour since oslo-incubator is to send two AMQP replies - first one with the payload, a second one to ensure the other have finish to send the payload. We are going to remove it in the N release, but we must keep backward compatible at the same time. This option provides such compatibility - it defaults to False in Liberty and can be turned on for early adopters with a new installations or for testing. Please note, that this option will be removed in the Mitaka release.
+
diff --git a/doc/common/tables/manila-quobyte.xml b/doc/common/tables/manila-quobyte.xml new file mode 100644 index 0000000000..22e56cf6aa --- /dev/null +++ b/doc/common/tables/manila-quobyte.xml @@ -0,0 +1,54 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of Quobyte Share Driver configuration options
Configuration option = Default valueDescription
[DEFAULT]
= None(StrOpt) The X.509 CA file to verify the server cert.
= quobyte(StrOpt) Password for Quobyte API server
= None(StrOpt) URL of the Quobyte API server (http or https)
= admin(StrOpt) Username for Quobyte API server.
= root(StrOpt) Default owning group for new volumes.
= root(StrOpt) Default owning user for new volumes.
= False(BoolOpt) Actually deletes shares (vs. unexport)
= BASE(StrOpt) Name of volume configuration used for new shares.
+
diff --git a/doc/common/tables/manila-quota.xml b/doc/common/tables/manila-quota.xml new file mode 100644 index 0000000000..93e7389eb6 --- /dev/null +++ b/doc/common/tables/manila-quota.xml @@ -0,0 +1,54 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of Quota configuration options
Configuration option = Default valueDescription
[DEFAULT]
= 0(IntOpt) Number of seconds between subsequent usage refreshes.
= manila.quota.DbQuotaDriver(StrOpt) Default driver to use for quota checks.
= 1000(IntOpt) Number of share gigabytes allowed per project.
= 10(IntOpt) Number of share-networks allowed per project.
= 50(IntOpt) Number of shares allowed per project.
= 1000(IntOpt) Number of snapshot gigabytes allowed per project.
= 50(IntOpt) Number of share snapshots allowed per project.
= 86400(IntOpt) Number of seconds until a reservation expires.
+
diff --git a/doc/common/tables/manila-rabbitmq.xml b/doc/common/tables/manila-rabbitmq.xml new file mode 100644 index 0000000000..8cb6ea60c1 --- /dev/null +++ b/doc/common/tables/manila-rabbitmq.xml @@ -0,0 +1,118 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of RabbitMQ configuration options
Configuration option = Default valueDescription
[oslo_messaging_rabbit]
= False(BoolOpt) Auto-delete queues in AMQP.
= False(BoolOpt) Use durable queues in AMQP.
= False(BoolOpt) Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake
= 2(IntOpt) How often times during the heartbeat_timeout_threshold we check the heartbeat.
= 60(IntOpt) Number of seconds after which the Rabbit broker is considered down if heartbeat's keep-alive fails (0 disable the heartbeat). EXPERIMENTAL
= 1.0(FloatOpt) How long to wait before reconnecting in response to an AMQP consumer cancel notification.
= 60(IntOpt) How long to wait before considering a reconnect attempt to have failed. This value should not be longer than rpc_response_timeout.
= (StrOpt) SSL certification authority file (valid only if SSL enabled).
= (StrOpt) SSL cert file (valid only if SSL enabled).
= (StrOpt) SSL key file (valid only if SSL enabled).
= (StrOpt) SSL version to use (valid only if SSL enabled). Valid values are TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may be available on some distributions.
= False(BoolOpt) Use HA queues in RabbitMQ (x-ha-policy: all). If you change this option, you must wipe the RabbitMQ database.
= localhost(StrOpt) The RabbitMQ broker address where a single node is used.
= $rabbit_host:$rabbit_port(ListOpt) RabbitMQ HA cluster host:port pairs.
= AMQPLAIN(StrOpt) The RabbitMQ login method.
= 0(IntOpt) Maximum number of RabbitMQ connection retries. Default is 0 (infinite retry count).
= guest(StrOpt) The RabbitMQ password.
= 5672(IntOpt) The RabbitMQ broker port where a single node is used.
= 2(IntOpt) How long to backoff for between retries when connecting to RabbitMQ.
= 1(IntOpt) How frequently to retry connecting with RabbitMQ.
= False(BoolOpt) Connect over SSL for RabbitMQ.
= guest(StrOpt) The RabbitMQ userid.
= /(StrOpt) The RabbitMQ virtual host.
= False(BoolOpt) Send a single AMQP reply to call message. The current behaviour since oslo-incubator is to send two AMQP replies - first one with the payload, a second one to ensure the other have finish to send the payload. We are going to remove it in the N release, but we must keep backward compatible at the same time. This option provides such compatibility - it defaults to False in Liberty and can be turned on for early adopters with a new installations or for testing. Please note, that this option will be removed in the Mitaka release.
+
diff --git a/doc/common/tables/manila-redis.xml b/doc/common/tables/manila-redis.xml new file mode 100644 index 0000000000..815dfba4d4 --- /dev/null +++ b/doc/common/tables/manila-redis.xml @@ -0,0 +1,41 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of Redis configuration options
Configuration option = Default valueDescription
[matchmaker_redis]
= 127.0.0.1(StrOpt) Host to locate redis.
= None(StrOpt) Password for Redis server (optional).
= 6379(IntOpt) Use this port to connect to redis host.
[matchmaker_ring]
= /etc/oslo/matchmaker_ring.json(StrOpt) Matchmaker ring file (JSON).
+
diff --git a/doc/common/tables/manila-rpc.xml b/doc/common/tables/manila-rpc.xml new file mode 100644 index 0000000000..b751b02454 --- /dev/null +++ b/doc/common/tables/manila-rpc.xml @@ -0,0 +1,108 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of RPC configuration options
Configuration option = Default valueDescription
[DEFAULT]
= 300(IntOpt) Heartbeat frequency.
= 600(IntOpt) Heartbeat time-to-live.
= rabbit(StrOpt) The messaging driver to use, defaults to rabbit. Other drivers include qpid and zmq.
= 30(IntOpt) Seconds to wait before a cast expires (TTL). Only supported by impl_zmq.
= 30(IntOpt) Size of RPC connection pool.
= 60(IntOpt) Seconds to wait for a response from a call.
= manila-share(StrOpt) The topic share nodes listen on.
[oslo_concurrency]
= False(BoolOpt) Enables or disables inter-process locks.
= None(StrOpt) Directory to use for lock files. For security, the specified directory should only be writable by the user running the processes that need locking. Defaults to environment variable OSLO_LOCK_PATH. If external locks are used, a lock path must be set.
[oslo_messaging_amqp]
= False(BoolOpt) Accept clients using either SSL or plain TCP
= broadcast(StrOpt) address prefix used when broadcasting to all servers
= None(StrOpt) Name for the AMQP container
= unicast(StrOpt) address prefix when sending to any server in group
= 0(IntOpt) Timeout for inactive connections (in seconds)
= exclusive(StrOpt) address prefix used when sending to a specific server
= (StrOpt) CA certificate PEM file to verify server certificate
= (StrOpt) Identifying certificate PEM file to present to clients
= (StrOpt) Private key PEM file used to sign cert_file certificate
= None(StrOpt) Password for decrypting ssl_key_file (if encrypted)
= False(BoolOpt) Debug: dump AMQP frames to stdout
+
diff --git a/doc/common/tables/manila-san.xml b/doc/common/tables/manila-san.xml new file mode 100644 index 0000000000..c0d863fa8d --- /dev/null +++ b/doc/common/tables/manila-san.xml @@ -0,0 +1,34 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of SAN configuration options
Configuration option = Default valueDescription
[DEFAULT]
= 60(IntOpt) Backend server SSH connection timeout.
= 10(IntOpt) Maximum number of connections in the SSH pool.
= 1(IntOpt) Minimum number of connections in the SSH pool.
+
diff --git a/doc/common/tables/manila-scheduler.xml b/doc/common/tables/manila-scheduler.xml new file mode 100644 index 0000000000..a2fd9e9cc1 --- /dev/null +++ b/doc/common/tables/manila-scheduler.xml @@ -0,0 +1,62 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of Scheduler configuration options
Configuration option = Default valueDescription
[DEFAULT]
= 1.0(FloatOpt) Multiplier used for weighing share capacity. Negative numbers mean to stack vs spread.
= 1.0(FloatOpt) Multiplier used for weighing pools which have existing share servers. Negative numbers mean to spread vs stack.
= AvailabilityZoneFilter, CapacityFilter, CapabilitiesFilter, ConsistencyGroupFilter(ListOpt) Which filter class names to use for filtering hosts when not specified in the request.
= CapacityWeigher(ListOpt) Which weigher class names to use for weighing hosts.
= manila.scheduler.filter_scheduler.FilterScheduler(StrOpt) Default scheduler driver to use.
= manila.scheduler.host_manager.HostManager(StrOpt) The scheduler host manager class to use.
= (StrOpt) Absolute path to scheduler configuration JSON file.
= manila.scheduler.manager.SchedulerManager(StrOpt) Full class name for the scheduler manager.
= 3(IntOpt) Maximum number of attempts to schedule a share.
= manila-scheduler(StrOpt) The topic scheduler nodes listen on.
+
diff --git a/doc/common/tables/manila-share.xml b/doc/common/tables/manila-share.xml new file mode 100644 index 0000000000..5066af4a70 --- /dev/null +++ b/doc/common/tables/manila-share.xml @@ -0,0 +1,266 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of Share configuration options
Configuration option = Default valueDescription
[DEFAULT]
= True(BoolOpt) If set to True, then Manila will delete all share servers which were unused more than specified time .If set to False - automatic deletion of share servers will be disabled.
= 4096(IntOpt) Number of backlog requests to configure the socket with.
= False(BoolOpt) Attach share server directly to share network. Used only with Neutron.
= None(StrOpt) Default share type to use.
= False(BoolOpt) Whether share servers will be deleted on deletion of the last share.
= None(BoolOpt) There are two possible approaches for share drivers in Manila. First is when share driver is able to handle share-servers and second when not. Drivers can support either both or only one of these approaches. So, set this opt to True if share driver is able to handle share servers and it is desired mode else set False. It is set to None by default to make this choice intentional.
= False(BoolOpt) Whether to enable periodic hooks or not.
= False(BoolOpt) Whether to enable post hooks or not.
= False(BoolOpt) Whether to enable pre hooks or not.
= None(ListOpt) A list of share backend names to use. These backend names should be backed by a unique [CONFIG] group with its options.
= NFS, CIFS(ListOpt) Specify list of protocols to be allowed for share creation. Available values are '('NFS', 'CIFS', 'GLUSTERFS', 'HDFS')'
= 64(IntOpt) Size of executor thread pool.
= (ListOpt) Driver(s) to perform some additional actions before and after share driver actions and on a periodic basis. Default is [].
= manila.network.linux.interface.OVSInterfaceDriver(StrOpt) Vif driver. Used only with Neutron.
= manila-service(StrOpt) Keypair name that will be created and used for service instances.
= 120(IntOpt) Maximum time to wait for attaching cinder volume.
= 300(IntOpt) Maximum time in seconds to wait for creating service instance.
= 180(IntOpt) Maximum time to wait for creating cinder volume.
= 180(IntOpt) Maximum time to wait for extending cinder volume.
= 300(IntOpt) Timeout for creating and deleting share instances when performing share migration (seconds).
= None(StrOpt) The IP of the node responsible for copying data during migration, such as the data copy service node, reachable by the backend.
= lost+found(ListOpt) List of files and folders to be ignored when migrating shares. Items should be names (not including any path).
= None(StrOpt) Backend IP in admin network to use for mounting shares during migration.
= None(StrOpt) The command for mounting shares for this backend. Must specifythe executable and all necessary parameters for the protocol supported. It is advisable to separate protocols per backend.
= True(BoolOpt) Specify whether read only access mode is supported in thisbackend.
= /tmp/(StrOpt) Temporary path to create and mount shares during migration.
= 90(IntOpt) Time to wait for access rules to be allowed/denied on backends when migrating shares using generic approach (seconds).
= None(StrOpt) Name of the configuration group in the Manila conf file to look for network config options.If not set, the share backend's config group will be used.If an option is not found within provided group, then'DEFAULT' group will be used for search of option.
= br-int(StrOpt) Name of Open vSwitch bridge to use.
= ~/.ssh/id_rsa(StrOpt) Path to host's private key.
= ~/.ssh/id_rsa.pub(StrOpt) Path to hosts public key.
= sudo(StrOpt) Deprecated: command to use for running commands as root.
= manila-service-image(StrOpt) Name of image in Glance, that will be used for service instance creation.
= 100(IntOpt) ID of flavor, that will be used for service instance creation.
= None(StrOpt) Name or ID of service instance in Nova to use for share exports. Used only when share servers handling is disabled.
= manila_service_instance_%s(StrOpt) Name of service instance.
= neutron(StrOpt) Allowed values are ['nova', 'neutron'].
= None(StrOpt) Password for service instance user.
= manila-service(StrOpt) Security group name, that will be used for service instance creation.
= $share_mount_path/smb.conf(StrOpt) Path to SMB config in service instance.
= None(StrOpt) User in service instance that will be used for authentication.
= None(StrOpt) Can be either name of network that is used by service instance within Nova to get IP address or IP address itself for managing shares there. Used only when share servers handling is disabled.
= 10.254.0.0/16(StrOpt) CIDR of manila service network. Used only with Neutron.
= 28(IntOpt) This mask is used for dividing service network into subnets, IP capacity of subnet with this mask directly defines possible amount of created service VMs per tenant's subnet. Used only with Neutron.
= manila_service_network(StrOpt) Name of manila service network. Used only with Neutron.
= None(StrOpt) The backend name for a given driver implementation.
= manila.share.drivers.generic.GenericShareDriver(StrOpt) Driver to use for share creation.
= CIFS=manila.share.drivers.generic.CIFSHelper, NFS=manila.share.drivers.generic.NFSHelper(ListOpt) Specify list of share export helpers.
= manila.share.manager.ShareManager(StrOpt) Full class name for the share manager.
= /shares(StrOpt) Parent path in service instance where shares will be mounted.
= share-%s(StrOpt) Template string to be used to generate share names.
= share-snapshot-%s(StrOpt) Template string to be used to generate share snapshot names.
= month(StrOpt) Time period to generate share usages for. Time period must be hour, day, month or year.
= ext4(StrOpt) Filesystem type of the share volume.
= $state_path/smb.conf(StrOpt) Path to smb config.
= False(BoolOpt) Whether to suppress post hook errors (allow driver's results to pass through) or not.
= False(BoolOpt) Whether to suppress pre hook errors (allow driver perform actions) or not.
= None(StrOpt) Can be either name of network that is used by service instance within Nova to get IP address or IP address itself for exporting shares. Used only when share servers handling is disabled.
= False(BoolOpt) If set to True, then manila will deny access and remove all access rules on share unmanage.If set to False - nothing will be changed.
= 10(IntOpt) Unallocated share servers reclamation time interval (minutes). Minimum value is 10 minutes, maximum is 60 minutes. The reclamation function is run every 10 minutes and delete share servers which were unused more than unused_share_server_cleanup_interval option defines. This value reflects the shortest time Manila will wait for a share server to go unutilized before deleting it.
= False(BoolOpt) If set to False, then share creation from snapshot will be performed on the same host. If set to True, then scheduling step will be used.
+
diff --git a/doc/common/tables/manila-storage.xml b/doc/common/tables/manila-storage.xml new file mode 100644 index 0000000000..9594920bcf --- /dev/null +++ b/doc/common/tables/manila-storage.xml @@ -0,0 +1,66 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of Storage configuration options
Configuration option = Default valueDescription
[DEFAULT]
= http://localhost:5000/v2.0(StrOpt) Identity service URL.
= None(StrOpt) Cinder admin password.
= service(StrOpt) Cinder admin tenant name.
= cinder(StrOpt) Cinder admin username.
= False(BoolOpt) Allow to perform insecure SSL requests to cinder.
= None(StrOpt) Location of CA certificates file to use for cinder client requests.
= volume:cinder:publicURL(StrOpt) Info to match when looking for cinder in the service catalog. Format is separated values of the form: <service_type>:<service_name>:<endpoint_type>
= True(BoolOpt) Allow attaching between instances and volumes in different availability zones.
= 3(IntOpt) Number of cinderclient retries on failed HTTP calls.
= None(StrOpt) Name or id of cinder volume type which will be used for all volumes created by driver.
= 10000(IntOpt) Maximum number of volume gigabytes to allow per host.
+
diff --git a/doc/common/tables/manila-winrm.xml b/doc/common/tables/manila-winrm.xml new file mode 100644 index 0000000000..f6455beebb --- /dev/null +++ b/doc/common/tables/manila-winrm.xml @@ -0,0 +1,50 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of WinRM configuration options
Configuration option = Default valueDescription
[DEFAULT]
= ~/.ssl/key.pem(StrOpt) Path to the x509 certificate key.
= ~/.ssl/cert.pem(StrOpt) Path to the x509 certificate used for accessing the serviceinstance.
= 60(IntOpt) WinRM connection timeout.
= 60(IntOpt) WinRM operation timeout.
= 3(IntOpt) WinRM retry count.
= 5(IntOpt) WinRM retry interval in seconds
= False(BoolOpt) Use x509 certificates in order to authenticate to theservice instance.
+
diff --git a/doc/common/tables/manila-zeromq.xml b/doc/common/tables/manila-zeromq.xml new file mode 100644 index 0000000000..5c0134df6e --- /dev/null +++ b/doc/common/tables/manila-zeromq.xml @@ -0,0 +1,50 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of ZeroMQ configuration options
Configuration option = Default valueDescription
[DEFAULT]
= *(StrOpt) ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP. The "host" option should point or resolve to this address.
= 1(IntOpt) Number of ZeroMQ contexts, defaults to 1.
= localhost(StrOpt) Name of this node. Must be a valid hostname, FQDN, or IP address. Must match "host" option, if running Nova.
= /var/run/openstack(StrOpt) Directory for holding IPC sockets.
= local(StrOpt) MatchMaker driver.
= 9501(IntOpt) ZeroMQ receiver listening port.
= None(IntOpt) Maximum number of ingress messages to locally buffer per topic. Default is unlimited.
+
diff --git a/doc/common/tables/manila-zfssa.xml b/doc/common/tables/manila-zfssa.xml new file mode 100644 index 0000000000..61ed435bae --- /dev/null +++ b/doc/common/tables/manila-zfssa.xml @@ -0,0 +1,78 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Description of ZFSSA Share Driver configuration options
Configuration option = Default valueDescription
[DEFAULT]
= None(StrOpt) ZFSSA management authorized userpassword.
= None(StrOpt) ZFSSA management authorized username.
= None(StrOpt) IP address for data.
= None(StrOpt) ZFSSA management IP address.
= fletcher4(StrOpt) Controls checksum used for data blocks.
= off(StrOpt) Data compression-off, lzjb, gzip-2, gzip, gzip-9.
= latency(StrOpt) Controls behavior when servicing synchronous writes.
= (StrOpt) Location of project in ZFS/SA.
= true(StrOpt) Controls whether a share quota includes snapshot.
= true(StrOpt) Controls whether file ownership can be changed.
= false(StrOpt) Controls whether the share is scanned for viruses.
= None(StrOpt) ZFSSA storage pool name.
= None(StrOpt) ZFSSA project name.
= None(StrOpt) REST connection timeout (in seconds).
+
diff --git a/doc/config-reference/bk-config-ref.xml b/doc/config-reference/bk-config-ref.xml index e1b72b2856..9e57be9966 100644 --- a/doc/config-reference/bk-config-ref.xml +++ b/doc/config-reference/bk-config-ref.xml @@ -145,6 +145,8 @@ + + diff --git a/doc/config-reference/ch_sharedfilesystemsconfigure.xml b/doc/config-reference/ch_sharedfilesystemsconfigure.xml new file mode 100644 index 0000000000..a14397c419 --- /dev/null +++ b/doc/config-reference/ch_sharedfilesystemsconfigure.xml @@ -0,0 +1,16 @@ + + + Shared File Systems + The Shared File Systems service works with many different + drivers that you can configure by using these instructions. + + + + + + + diff --git a/doc/config-reference/conf-changes/manila.xml b/doc/config-reference/conf-changes/manila.xml new file mode 100644 index 0000000000..b76046da28 --- /dev/null +++ b/doc/config-reference/conf-changes/manila.xml @@ -0,0 +1,63 @@ + +
+ + New, updated, and deprecated options in Liberty for Shared File Systems + + + + + + + + + + + + + + +
New options
Option = default value(Type) Help string
[DEFAULT] TODO:This needs to be generated.
+ + + + + + + + + + + + + + + + + + + + + + + + + + + +
New default values
OptionPrevious default valueNew default value
[DEFAULT] auth_strategynoauthkeystone
[DEFAULT] default_log_levelsamqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN, websocket=WARN, requests.packages.urllib3.util.retry=WARN, urllib3.util.retry=WARN, keystonemiddleware=WARN, routes.middleware=WARN, stevedore=WARNamqp=WARN, amqplib=WARN, boto=WARN, qpid=WARN, sqlalchemy=WARN, suds=INFO, oslo.messaging=INFO, iso8601=WARN, requests.packages.urllib3.connectionpool=WARN, urllib3.connectionpool=WARN, websocket=WARN, requests.packages.urllib3.util.retry=WARN, urllib3.util.retry=WARN, keystonemiddleware=WARN, routes.middleware=WARN, stevedore=WARN, taskflow=WARN
[DEFAULT] logging_exception_prefix%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s%(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s
+ + + + + + + + + + + + + + +
Deprecated options
Deprecated optionNew Option
[DEFAULT] TODOThis table needs to be generated.
+
diff --git a/doc/config-reference/shared-file-systems/drivers/emc-isilon-driver.xml b/doc/config-reference/shared-file-systems/drivers/emc-isilon-driver.xml new file mode 100644 index 0000000000..5153ef8082 --- /dev/null +++ b/doc/config-reference/shared-file-systems/drivers/emc-isilon-driver.xml @@ -0,0 +1,137 @@ +
+ EMC Isilon driver + + The EMC Shared File Systems driver framework (EMCShareDriver) + utilizes EMC + storage products to provide shared file systems to OpenStack. The EMC + driver is a plug-in based driver which is designed to use + different plug-ins to manage different EMC storage products. + + + The Isilon driver is a plug-in for the EMC framework which allows + the Shared File Systems service to interface with an Isilon back end to + provide a shared filesystem. The EMC driver framework with the + Isilon plug-in is referred to as the "Isilon Driver" in + this document. + + + This Isilon Driver interfaces with an Isilon cluster via the REST + Isilon Platform API (PAPI) and the RESTful Access to Namespace API + (RAN). + + + Requirements + + + + Isilon cluster running OneFS 7.2 or higher + + + + + + Supported operations + + The following operations will be supported on an Isilon cluster: + + + + + Create CIFS/NFS share. + + + + + Delete CIFS/NFS share. + + + + + Allow CIFS/NFS share access. + + + + + Only IP access type is supported for NFS and CIFS. + + + + + * Only RW access is supported. + + + + + Deny CIFS/NFS share access + + + + + Create snapshot + + + + + Delete snapshot + + + + + Create share from snapshot + + + + + + Backend configuration + + The following parameters need to be configured in the Shared + File Systems service configuration file for the Isilon driver: + +
+ + share_driver = manila.share.drivers.emc.driver.EMCShareDriver + emc_share_backend = isilon emc_nas_server = <IP address of + Isilon cluster> emc_nas_login = <username> + emc_nas_password = <password> isilon_share_root_dir = + <directory on Isilon where shares will be created> + +
+ + Restart of manila-share service is needed for the configuration + changes to take effect. + +
+ + Restrictions + + The Isilon driver has the following restrictions: + + + + + Only IP access type is supported for NFS and CIFS. + + + + + Only FLAT network is supported. + + + + + Quotas are not yet supported. + + + + + + Driver configuration options + + Configuration options specific to this driver are documented here: + . + + +
diff --git a/doc/config-reference/shared-file-systems/drivers/emc-vnx-driver.xml b/doc/config-reference/shared-file-systems/drivers/emc-vnx-driver.xml new file mode 100644 index 0000000000..0cd61f8878 --- /dev/null +++ b/doc/config-reference/shared-file-systems/drivers/emc-vnx-driver.xml @@ -0,0 +1,466 @@ +
+ EMC VNX driver + + EMC Shared File Systems service driver framework (EMCShareDriver) + utilizes the EMC storage products to provide the shared file systems + to OpenStack. The EMC driver is a plug-in based driver which is designed + to use different plug-ins to manage different EMC storage products. + + + VNX plug-in is the plug-in which manages the VNX to provide shared + filesystems. EMC driver framework with VNX plug-in is referred to as + VNX driver in this document. + + + This driver performs the operations on VNX by XMLAPI and the File + command line. Each back end manages one Data Mover of VNX. Multiple + Shared File Systems service back ends need to be configured to manage + multiple Data Movers. + + + Requirements + + + + VNX OE for File version 7.1 or higher + + + + + VNX Unified, File only, or Gateway system with single storage + back end + + + + + The following licenses should be activated on VNX for File: + + + + + CIFS + + + + + NFS + + + + + SnapSure (for snapshot) + + + + + ReplicationV2 (for create share from snapshot) + + + + + + + + Supported operations + + The following operations will be supported on VNX array: + + + + + Create CIFS/NFS share. + + + + + Delete CIFS/NFS share. + + + + + Allow CIFS/NFS share access. + + + + + Only IP access type is supported for NFS. + + + + + * Only user access type is supported for CIFS. + + + + + Deny CIFS/NFS share access. + + + + + Create snapshot. + + + + + Delete snapshot. + + + + + Create share from snapshot. + + + + + While the generic driver creates shared filesystems based on + cinder volumes attached to nova VMs, the VNX driver performs + similar operations using the Data Movers on the array. + + + + Pre-configurations on VNX + + + + Enable Unicode on Data Mover. + + + + + VNX driver requires that the Unicode is enabled on Data Mover. + + + CAUTION: After enabling Unicode, you cannot disable it. If there + are some filesystems created before Unicode is enabled on the VNX, + consult the storage administrator before enabling Unicode. + + + To check the Unicode status on Data Mover, use the following VNX + File command on VNX control station: + +
+ + server_cifs <mover_name> | head where: mover_name = + <name of the Data Mover> + +
+ + Check the value of I18N mode field. UNICODE mode is shown as + I18N mode = + UNICODE + + + To enable the Unicode for Data Mover: + +
+ + uc_config -on -mover <mover_name> where: mover_name = + <name of the Data Mover> + +
+ + Refer to the document + Using International Character Sets on VNX for File on [EMC support + site](http://support.emc.com) + for more information. + + + + + Enable CIFS service on Data Mover. + + + + + Ensure the CIFS service is enabled on the Data Mover which is + going to be managed by VNX driver. + + + To start the CIFS service, use the following command: + +
+ + server_setup <mover_name> -Protocol cifs -option start + [=<n>] where: <mover_name> = <name of the Data + Mover> [=<n>] = <number of threads for CIFS + users> + +
+ + Note: If there is 1 GB of memory on the Data Mover, the default is + 96 threads; however, if there is over 1 GB of memory, the default + number of threads is 256. + + + To check the CIFS service status, use this command: + +
+ + server_cifs <mover_name> | head where: <mover_name> + = <name of the Data Mover> + +
+ + The command output will show the number of CIFS threads started. + + + + + NTP settings on Data Mover. + + + + + VNX driver only supports CIFS share creation with share network + which has an Active Directory security-service associated. + + + Creating CIFS share requires that the time on the Data Mover is in + sync with the Active Directory domain so that the CIFS server can + join the domain. Otherwise, the domain join will fail when + creating share with this security service. There is a limitation + that the time of the domains used by security-services even for + different tenants and different share networks should be in sync. + Time difference should be less than 10 minutes. + + + It is recommended to set the NTP server to the same public NTP + server on both the Data Mover and domains used in security + services to ensure the time is in sync everywhere. + + + Check the date and time on Data Mover: + +
+ + server_date <mover_name> where: mover_name = <name of + the Data Mover> + +
+ + Set the NTP server for Data Mover: + +
+ + server_date <mover_name> timesvc start ntp <host> + [<host> ...] where: mover_name = <name of the Data + Mover> host = <IP address of the time server host> + +
+ + Note: The host must be running the NTP protocol. Only 4 host + entries are allowed. + + + + + Configure User Mapping on the Data Mover. + + + + + Before creating CIFS share using VNX driver, you must select a + method of mapping Windows SIDs to UIDs and GIDs. EMC recommends + using usermapper in single protocol (CIFS) environment which is + enabled on VNX by default. + + + To check usermapper status, use this command syntax: + +
+ + server_usermapper <movername> where: <movername> = + <name of the Data Mover> + +
+ + If usermapper is not started, the following command can be used to + start the usermapper: + +
+ + server_usermapper <movername> -enable where: + <movername> = <name of the Data Mover> + +
+ + For multiple protocol environment, refer to + Configuring VNX User Mapping on [EMC support + site](http://support.emc.com) + for additional information. + + + + + Network Connection. + + + + + In the current release, the share created by VNX driver uses the + first network device (physical port on NIC) of Data Mover to + access the network. + + + Go to Unisphere to check the device list: Settings -> Network + -> Settings for File (Unified system only) -> Device. + +
+ + Backend configuration + + The following parameters need to be configured in + /etc/manila/manila.conf for the VNX driver: + +
+ + emc_share_backend = vnx emc_nas_server = <IP address> + emc_nas_password = <password> emc_nas_login = <user> + emc_nas_server_container = <Data Mover name> + emc_nas_pool_name = <pool name> share_driver = + manila.share.drivers.emc.driver.EMCShareDriver + +
+ + + + emc_share_backend is the plug-in name. Set it to + vnx for the VNX driver. + + + + + emc_nas_server is the control station IP address of the VNX + system to be managed. + + + + + emc_nas_password and emc_nas_login fields are used to provide + credentials to the VNX system. Only local users of VNX File is + supported. + + + + + emc_nas_server_container field is the name of the Data Mover + to serve the share service. + + + + + emc_nas_pool_name is the pool name user wants to create volume + from. The pools can be created using Unisphere for VNX. + + + + + Restart of manila-share service is needed for the configuration + changes to take effect. + +
+ + Restrictions + + The VNX driver has the following restrictions: + + + + + Only IP access type is supported for NFS. + + + + + Only user access type is supported for CIFS. + + + + + Only FLAT network and VLAN network are supported. + + + + + VLAN network is supported with limitations. The neutron + subnets in different VLANs that are used to create share + networks cannot have overlapped address spaces. Otherwise, VNX + may have a problem to communicate with the hosts in the VLANs. + To create shares for different VLANs with same subnet address, + use different Data Movers. + + + + + The 'Active Directory' security service is the only supported + security service type and it is required to create CIFS + shares. + + + + + Only one security service can be configured for each share + network. + + + + + Active Directory domain name of the 'active_directory' + security service should be unique even for different tenants. + + + + + The time on Data Mover and the Active Directory domains used + in security services should be in sync (time difference should + be less than 10 minutes). It is recommended to use same NTP + server on both the Data Mover and Active Directory domains. + + + + + On VNX the snapshot is stored in the SavVols. VNX system + allows the space used by SavVol to be created and extended + until the sum of the space consumed by all SavVols on the + system exceeds the default 20% of the total space available on + the system. If the 20% threshold value is reached, an alert + will be generated on VNX. Continuing to create snapshot will + cause the old snapshot to be inactivated (and the snapshot + data to be abandoned). The limit percentage value can be + changed manually by storage administrator based on the storage + needs. Administrator is recommended to configure the + notification on the SavVol usage. Refer to Using VNX SnapSure + document on [EMC support + site](http://support.emc.com) + for more information. + + + + + VNX has limitations on the overall numbers of Virtual Data + Movers, filesystems, shares, checkpoints, etc. Virtual + Data Mover(VDM) is created by the VNX driver on the VNX to + serve as the Shared File Systems service share server. + Similarly, filesystem is + created, mounted, and exported from the VDM over CIFS or NFS + protocol to serve as the Shared File Systems service share. + The VNX checkpoint serves as the Shared File Systems service + share snapshot. Refer to the + NAS Support Matrix document on [EMC support + site](http://support.emc.com) + for the limitations and configure the quotas accordingly. + + + + + + Driver configuration options + + Configuration options specific to this driver are documented here: + . + + +
diff --git a/doc/config-reference/shared-file-systems/drivers/generic-driver.xml b/doc/config-reference/shared-file-systems/drivers/generic-driver.xml new file mode 100644 index 0000000000..6bd32c6995 --- /dev/null +++ b/doc/config-reference/shared-file-systems/drivers/generic-driver.xml @@ -0,0 +1,206 @@ +
+ Generic approach for share provisioning + + The Shared File Systems service can be configured to + use nova VMs and cinder volumes. There are two modules that handle + them in the Shared File Systems service: + + + service_instance module creates VMs in nova + with predefined image called service image. This module can be used + by any driver for provisioning of service VMs to be able to + separate share resources among tenants. + + + 'generic' module operates + with cinder volumes and VMs created by + service_instance module, + then creates shared filesystems based on volumes attached to VMs. + + + + Network configurations + + Each driver can handle networking in its own way, see: + https://wiki.openstack.org/wiki/manila/Networking. + + + + + One of two possible configurations can be chosen for share + provisioning + + + + using service_instance module: + + + + + + - Service VM has one net interface from net that is connected + to public router. + + + + For successful creation of share, user network should be + connected to public router too. + + + + + + - Service VM has two net interfaces, first one connected to + service network, + + + + second one connected directly to user's network. + + + + + + + Requirements for service image + + + + Linux based distro + + + + + NFS server + + + + + Samba server >=3.2.0, that can be configured by data stored + in registry + + + + + SSH server + + + + + Two net interfaces configured to DHCP (see network approaches) + + + + + 'exportfs' and 'net conf' libraries used for share actions + + + + + + + Following files will be used, so if their paths differ one + needs to create at + + + + least symlinks for them: + + + + + + + + /etc/exports (permanent file with NFS exports) + + + + + /var/lib/nfs/etab (temporary file with NFS exports used by + 'exportfs') + + + + + /etc/fstab (permanent file with mounted filesystems) + + + + + /etc/mtab (temporary file with mounted filesystems used by + 'mount') + + + + + + + + Supported shared filesystems + + + + NFS (access by IP) + + + + + CIFS (access by IP) + + + + + + Known restrictions + + + + One of nova's configurations only allows 26 shares per server. + This limit comes from the maximum number of virtual PCI + interfaces that are used for block device attaching. There are + 28 virtual PCI interfaces, in this configuration, two of them + are used for server needs and other 26 are used for attaching + block devices that are used for shares. + + + + + Juno version works only with neutron. Each share should be + created with neutron-net and neutron-subnet IDs provided via + share-network entity. + + + + + Juno version handles security group, flavor, image, keypair + for nova VM and also creates service networks, but does not + use availability zones for nova VMs and volume types for + cinder block devices. + + + + + Juno version does not use security services data provided with + share-network. These data will be just ignored. + + + + + Liberty version adds a share extend capability. Share access + will be briefly interrupted during an extend operation. + + + + + Liberty version adds a share shrink capability, but this + capability is not effective because generic driver shrinks + only filesystem size and doesn't shrink the size of cinder + volume. + + + + +
diff --git a/doc/config-reference/shared-file-systems/drivers/glusterfs-driver.xml b/doc/config-reference/shared-file-systems/drivers/glusterfs-driver.xml new file mode 100644 index 0000000000..d0687d3256 --- /dev/null +++ b/doc/config-reference/shared-file-systems/drivers/glusterfs-driver.xml @@ -0,0 +1,217 @@ +
+ GlusterFS driver + + GlusterFS driver uses GlusterFS, an open source distributed file + system, as the storage back end for serving file shares to the + Shared File Systems clients. + + + Supported shared filesystems + + + + NFS (access by IP) + + + + + + Supported operations + + + + Create NFS share. + + + + + Delete NFS share. + + + + + Allow NFS share access. + + + + + only 'rw' access + + + + + + + Deny NFS share access. + + + + + + Requirements + + + + Install glusterfs-server package, version >= 3.5.x, on the + storage back end. + + + + + Install NFS-Ganesha, version >=2.1, if using NFS-Ganesha as + the NFS server for the GlusterFS back end. + + + + + Install glusterfs and glusterfs-fuse package, version + >=3.5.x, on the Shared File Systems service host. + + + + + Establish network connection between the Shared File Systems service + host and the storage back end. + + + + + + Shared File Systems service driver configuration setting + + The following parameters in the Shared File Systems service's + configuration file need to be set: + + + + + share_driver = + manila.share.drivers.glusterfs.GlusterfsShareDriver + + + + + If the back-end GlusterFS server runs on the Shared File Systems + service host machine, + + + + + glusterfs_target = + <glustervolserver>:/<glustervolid> + + + + + And if the back-end GlusterFS server runs remotely, + + + + + glusterfs_target = + <username>@<glustervolserver>:/<glustervolid> + + + + + + + The following configuration parameters are optional: + + + + + + + glusterfs_nfs_server_type = + + + + <NFS server type used by the GlusterFS + back end, Gluster or Ganesha. Gluster is the default + type> + + + + + + + + + + glusterfs_mount_point_base = + + + + <base path of GlusterFS volume mounted on the + Shared File Systems service host> + + + + + + + + glusterfs_path_to_private_key = <path to Shared File Systems + service host's private key file> + + + + + glusterfs_server_password = <password of remote GlusterFS + server machine> + + + + + + Known restrictions + + + + The driver does not support network segmented multi-tenancy + model, but instead works over a flat network, where the + tenants share a network. + + + + + If NFS Ganesha is the NFS server used by the GlusterFS + back end, then the shares can be accessed by NFSv3 and v4 + protocols. However, if Gluster NFS is used by the GlusterFS + back end, then the shares can only be accessed by NFSv3 + protocol. + + + + + All Shared File Systems service shares, which map to + subdirectories within a + GlusterFS volume, are currently created within a single + GlusterFS volume of a GlusterFS storage pool. + + + + + The driver does not provide read-only access level for shares. + + + + + + + Driver configuration options + + Configuration options specific to this driver are documented here: + . + + +
diff --git a/doc/config-reference/shared-file-systems/drivers/glusterfs-native-driver.xml b/doc/config-reference/shared-file-systems/drivers/glusterfs-native-driver.xml new file mode 100644 index 0000000000..6f747bfb0f --- /dev/null +++ b/doc/config-reference/shared-file-systems/drivers/glusterfs-native-driver.xml @@ -0,0 +1,270 @@ +
+ GlusterFS Native driver + + GlusterFS Native driver uses GlusterFS, an open source distributed + file system, as the storage back end for serving file shares to + Shared File Systems service clients. + + + A Shared File Systems service share is a GlusterFS volume. + This driver uses flat-network + (share-server-less) model. Instances directly talk with the + GlusterFS back end storage pool. The instances use 'glusterfs' + protocol to mount the GlusterFS shares. Access to each share is + allowed via TLS Certificates. Only the instance which has the TLS + trust established with the GlusterFS back end can mount and hence use + the share. Currently only 'rw' access is supported. + + + Network approach + + L3 connectivity between the storage back end and the host running + the Shared File Systems share service should exist. + + + + Supported shared filesystems + + + + GlusterFS (access by TLS Certificates (cert + access type)) + + + + + + Multi-tenancy model + + The driver does not support network segmented multi-tenancy model. + Instead multi-tenancy is supported using tenant specific TLS + certificates. + + + + Supported operations + + + + Create GlusterFS share. + + + + + Delete GlusterFS share. + + + + + Allow GlusterFS share access (rw). + + + + + Deny GlusterFS share access. + + + + + Create GlusterFS snapshot. + + + + + Delete GlusterFS snapshot. + + + + + + Requirements + + + + Install glusterfs-server package, version >= 3.6.x, on the + storage back end. + + + + + Install glusterfs and glusterfs-fuse package, version + >=3.6.x, on the Shared File Systems service host. + + + + + Establish network connection between the Shared File Systems + service host and the storage back end. + + + + + + Shared File Systems service driver configuration setting + + The following parameters in the Shared File Systems service's + configuration file need to be + set: + + + + + + + share_driver = + + + + manila.share.drivers.glusterfs_native.GlusterfsNativeShareDriver + + + + + + + + + + glusterfs_servers = List of GlusterFS servers which + provide volumes + + + + that can be used to create shares. The servers are + expected to be of distinct Gluster clusters (ie. should + not be gluster peers). Each server should be of the form + [<remoteuser>@]<glustervolserver>. + + + The optional <remoteuser>@ part + of the server URI indicates SSH access for cluster + management (see related optional parameters below). If + it is not given, direct command line management is + performed (the Shared File Systems service host is + assumed to be part of the + GlusterFS cluster the server belongs to). + + + + + + + + + + glusterfs_volume_pattern = Regular expression template + + + + used to filter GlusterFS volumes for share creation. The + regex template can contain the #{size} parameter which + matches a number (sequence of digits) and the value + shall be interpreted as size of the volume in GB. + Examples: manila-share-volume-\d+$, + manila-share-volume-#{size}G-\d+$; + with matching volume names, respectively: + manila-share-volume-12, + manila-share-volume-3G-13". In + latter example, the number that matches + #{size}, that is, 3, is an indication + that the size of volume is 3G. + + + + + + + + The following configuration parameters are optional: + + + + + + + glusterfs_mount_point_base = + + + + <base path of GlusterFS + volume mounted on the Shared File Systems service host> + + + + + + + + glusterfs_path_to_private_key = <path to Shared File Systems + service host's private key file> + + + + + glusterfs_server_password = <password of remote GlusterFS + server machine> + + + + + + Known restrictions + + + + GlusterFS volumes are not created on demand. A pre-existing + set of GlusterFS volumes should be supplied by the GlusterFS + cluster(s), conforming to the naming convention encoded by + glusterfs_volume_pattern. However, the + GlusterFS endpoint is allowed to extend this set any time (so + the Shared File Systems service and GlusterFS endpoints are + expected to communicate + volume supply/demand out-of-band). + glusterfs_volume_pattern can include a size + hint (with #{size} syntax), which, if + present, requires the GlusterFS end to indicate the size of + the shares in GB in the name. (On share creation, the + Shared File Systems service picks + volumes at least as big as the requested + one.) + + + + + Certificate setup (also known as trust setup) between instance and + storage back end is out of band of the Shared File Systems service. + + + + + Support for 'create_share_from_snapshot' is planned for + Liberty release. + + + + + For the Shared File Systems service to use GlusterFS volumes, + the name of the trashcan + directory in GlusterFS volumes must not be changed from the + default. + + + + + + + Driver configuration options + + Configuration options specific to this driver are documented here: + . + + +
diff --git a/doc/config-reference/shared-file-systems/drivers/hdfs-native-driver.xml b/doc/config-reference/shared-file-systems/drivers/hdfs-native-driver.xml new file mode 100644 index 0000000000..335ebab4d4 --- /dev/null +++ b/doc/config-reference/shared-file-systems/drivers/hdfs-native-driver.xml @@ -0,0 +1,204 @@ +
+ HDFS native driver + + HDFS native driver is a plug-in based on the Shared File Systems + service, which uses Hadoop distributed file system (HDFS), a + distributed file system designed to hold very large amounts of data, + and provide high-throughput access to the data. + + + A Shared File Systems service share in this driver is a subdirectory + in hdfs root + directory. Instances talk directly to the HDFS storage back end with + 'hdfs' protocol. And access to each share is allowed by user based + access type, which is aligned with HDFS ACLs to support access + control of multiple users and groups. + + + Network configuration + + The storage back end and Shared File Systems service hosts should + be in a flat network, + otherwise, the L3 connectivity between them should exist. + + + + Supported shared filesystems + + + + HDFS (authentication by user) + + + + + + Supported operations + + + + Create HDFS share. + + + + + Delete HDFS share. + + + + + Allow HDFS share access. + + + + + Only support user access type. + + + + + * Support level of access (ro/rw). + + + + + Deny HDFS share access. + + + + + Create snapshot. + + + + + Delete snapshot. + + + + + Create share from snapshot. + + + + + + Requirements + + + + Install HDFS package, version >= 2.4.x, on the storage + back end. + + + + + To enable access control, the HDFS file system must have ACLs + enabled. + + + + + Establish network connection between the Shared File Systems + service host and storage back end. + + + + + + Shared File Systems service driver configuration + + + + share_driver = + manila.share.drivers.hdfs.hdfs_native.HDFSNativeShareDriver + + + + + + + hdfs_namenode_ip = the IP address of the HDFS namenode, + and only single + + + + namenode is supported now + + + + + + + + hdfs_namenode_port = the port of the HDFS namenode service + + + + + hdfs_ssh_port = HDFS namenode SSH port + + + + + hdfs_ssh_name = HDFS namenode SSH login name + + + + + + + hdfs_ssh_pw = HDFS namenode SSH login password, this + parameter is not + + + + necessary, if the following hdfs_ssh_private_key is + configured + + + + + + + + hdfs_ssh_private_key = Path to the HDFS namenode private key + to ssh login + + + + + + Known restrictions + + + + This driver does not support network segmented multi-tenancy + model. Instead multi-tenancy is supported by the tenant + specific user authentication. + + + + + Only support for single HDFS namenode in Kilo release. + + + + + + + Driver configuration options + + Configuration options specific to this driver are documented here: + . + + +
diff --git a/doc/config-reference/shared-file-systems/drivers/hp-3par-share-driver.xml b/doc/config-reference/shared-file-systems/drivers/hp-3par-share-driver.xml new file mode 100644 index 0000000000..5e0b377518 --- /dev/null +++ b/doc/config-reference/shared-file-systems/drivers/hp-3par-share-driver.xml @@ -0,0 +1,500 @@ +
+ HP 3PAR driver + + The HP 3PAR driver provides NFS and CIFS shared file systems + to OpenStack using HP 3PAR's File Persona capabilities. + + + Supported operations + + The following operations are supported with HP 3PAR File Persona: + + + + + Create/delete NFS and CIFS shares. + + + + + Shares are not accessible until access rules allow access. + + + + + + + Allow/deny NFS share access. + + + + + IP access rules are required for NFS share access. + + + + + User access rules are not allowed for NFS shares. + + + + + Access level (RW/RO) is ignored. + + + + + Shares created from snapshots are always read-only. + + + + + Shares not created from snapshots are read-write (and + subject to ACLs). + + + + + + + Allow/deny CIFS share access. + + + + + Both IP and user access rules are required for CIFS share + access. + + + + + User access requires a 3PAR local user (LDAP and AD is not + yet supported). + + + + + Access level (RW/RO) is ignored. + + + + + Shares created from snapshots are always read-only. + + + + + Shares not created from snapshots are read-write (and + subject to ACLs). + + + + + + + Create/delete snapshots. + + + + + Create shares from snapshots. + + + + + Shares created from snapshots are always read-only. + + + + + + + Share networks are not supported. Shares are created directly on + the 3PAR without the use of a share server or service VM. Network + connectivity is setup outside of the Shared File Systems service. + + + + Requirements + + On the system running the manila-share service: + + + + + hp3parclient version 3.2.1 or newer from PyPI. + + + + + On the HP 3PAR array: + + + + + HP 3PAR Operating System software version 3.2.1 MU3 or higher. + + + + + A license that enables the File Persona feature. + + + + + The array class and hardware configuration must support File. + Persona + + + + + + Pre-configuration on the HP 3PAR + + + + HP 3PAR File Persona must be initialized and started (startfs). + + + + + A File Provisioning Group (FPG) must be created for use with + the Shared File Systems service. + + + + + A Virtual File Server (VFS) must be created for the FPG. + + + + + The VFS must be configured with an appropriate share export IP + address. + + + + + A local user in the Administrators group is needed for CIFS + shares. + + + + + + Backend configuration + + The following parameters need to be configured in the Shared + File Systems service configuration file for the HP 3PAR driver: + + + + + share_backend_name = <back end name to enable> + + + + + share_driver = + manila.share.drivers.hp.hp_3par_driver.HP3ParShareDriver + + + + + driver_handles_share_servers = False + + + + + hp3par_fpg = <FPG to use for share creation> + + + + + hp3par_share_ip_address = <IP address to use for share + export location> + + + + + hp3par_san_ip = <IP address for SSH access to the SAN + controller> + + + + + hp3par_api_url = <3PAR WS API Server URL> + + + + + hp3par_username = <3PAR username with the 'edit' role> + + + + + hp3par_password = <3PAR password for the user specified in + hp3par_username> + + + + + hp3par_san_login = <Username for SSH access to the SAN + controller> + + + + + hp3par_san_password = <Password for SSH access to the SAN + controller> + + + + + hp3par_debug = <False or True for extra debug logging> + + + + + The hp3par_share_ip_address must be a valid IP address for the + configured FPG's VFS. This IP address is used in export locations + for shares that are created. Networking must be configured to + allow connectivity from clients to shares. + + + Restart of manila-share service is needed for the configuration + changes to take effect. + + + + Network approach + + Connectivity between the storage array (SSH/CLI and WSAPI) and the + Shared File Systems service host is required for share management. + + + Connectivity between the clients and the VFS is required for + mounting and using the shares. This includes: + + + + + Routing from the client to the external network + + + + + Assigning the client an external IP address (e.g., a floating + IP) + + + + + Configuring the Shared File Systems service host networking + properly for IP forwarding + + + + + Configuring the VFS networking properly for client subnets + + + + + + Share types + + When creating a share, a share type can be specified to determine + where and how the share will be created. If a share type is not + specified, the default_share_type set in the Shared File Systems + service configuration + file is used. + + + The Shared File Systems service requires that the share type + includes the + driver_handles_share_servers extra-spec. This ensures that the + share will be created on a back end that supports the requested + driver_handles_share_servers (share networks) capability. For the + HP 3PAR driver, this must be set to False. + + + Another common Shared File Systems service extra-spec used to determine + where a share + is created is share_backend_name. When this extra-spec is defined + in the share type, the share will be created on a back end with a + matching share_backend_name. + + + The HP 3PAR driver automatically reports capabilities based on the + FPG used for each back end. Share types with extra specs can be + created by an administrator to control which share types are + allowed to use FPGs with or without specific capabilities. The + following extra-specs are used with the capabilities filter and + the HP 3PAR driver: + + + + + hp3par_flash_cache = '<is> True' or '<is> False' + + + + + thin_provisioning = '<is> True' or '<is> False' + + + + + dedupe = '<is> True' or '<is> False' + + + + + hp3par_flash_cache will be reported as True for back ends that have + 3PAR's Adaptive Flash Cache enabled. + + + thin_provisioning will be reported as True for back ends that use + thin provisioned volumes. FPGs that use fully provisioned volumes + will report False. Backends that use thin provisioning also + support the Shared File Systems service's over-subscription feature. + + + dedupe will be reported as True for back ends that use + deduplication technology. + + + Scoped extra-specs are used to influence vendor-specific + implementation details. Scoped extra-specs use a prefix followed + by a colon. For HP 3PAR these extra-specs have a prefix of hp3par. + + + The following HP 3PAR extra-specs are used when creating CIFS + (SMB) shares: + + + + + hp3par:smb_access_based_enum = true or false + + + + + hp3par:smb_continuous_avail = true or false + + + + + hp3par:smb_cache = off, manual, optimized or auto + + + + + smb_access_based_enum (Access Based Enumeration) specifies if + users can see only the files and directories to which they have + been allowed access on the shares. The default is false. + + + smb_continuous_avail (Continuous Availability) specifies if SMB3 + continuous availability features should be enabled for this share. + If not specified, the default is true. This setting will be + ignored with hp3parclient 3.2.1 or earlier. + + + smb_cache specifies client-side caching for offline files. Valid + values are: + + + + + `off`: The client must not cache any files from this share. + The share is configured to disallow caching. + + + + + `manual`: The client must allow only manual caching for the + files open from this share. + + + + + `optimized`: The client may cache every file that it opens + from this share. Also, the client may satisfy the file + requests from its local cache. The share is configured to + allow automatic caching of programs and documents. + + + + + `auto`: The client may cache every file that it opens from + this share. The share is configured to allow automatic caching + of documents. + + + + + If this is not specified, the default is manual. + + + + + The following HP 3PAR extra-specs are used when creating NFS + shares: + + + + + hp3par:nfs_options = Comma separated list of NFS export + options. + + + + + The NFS export options have the following limitations: + +
+ + + + ro and rw are not allowed (will be determined by the driver). + + + + + no_subtree_check and fsid are not allowed per HP 3PAR CLI + support. + + + + + (in)secure and (no_)root_squash are not allowed because the + HP 3PAR driver controls those settings. + + + +
+ + All other NFS options are forwarded to the HP 3PAR as part of + share creation. The HP 3PAR will do additional validation at share + creation time. Refer to HP 3PAR CLI help for more details. + +
+ + + Driver configuration options + + Configuration options specific to this driver are documented here: + . + + +
diff --git a/doc/config-reference/shared-file-systems/drivers/huawei-nas-driver.xml b/doc/config-reference/shared-file-systems/drivers/huawei-nas-driver.xml new file mode 100644 index 0000000000..bdf929699c --- /dev/null +++ b/doc/config-reference/shared-file-systems/drivers/huawei-nas-driver.xml @@ -0,0 +1,253 @@ +
+ Huawei driver + + Huawei NAS driver is a plug-in based the Shared File Systems service. + The Huawei NAS driver can be used to provide functions such as the + share and snapshot for virtual machines(instances) in OpenStack. + Huawei NAS driver enables the OceanStor V3 series V300R002 storage + system to provide only network filesystems for OpenStack. + + + Requirements + + + + The OceanStor V3 series V300R002 storage system. + + + + + The following licenses should be activated on V3 for File: + + + + + CIFS + + + + + NFS + + + + + HyperSnap License (for snapshot) + + + + + + + + Supported operations + + The following operations is supported on V3 storage: + + + + + Create CIFS/NFS share. + + + + + Delete CIFS/NFS share. + + + + + Allow CIFS/NFS share access. + + + + + Only IP access type is supported for NFS. + + + + + * Only USER access type is supported for CIFS. + + + + + Deny CIFS/NFS share access. + + + + + Create snapshot. + + + + + Delete snapshot. + + + + + + Pre-configurations on Huawei + + 1. Create a driver configuration file. The driver configuration + file name must be the same as the manila_huawei_conf_file item in + the manila_conf configuration file. + + + 2. Configure Product. Product indicates the storage system type. + For the OceanStor V3 series V300R002 storage systems, the driver + configuration file is as follows: + + +<?xml version='1.0' encoding='UTF-8'?> +<Config> + <Storage> + <Product>V3</Product> + <LogicalPortIP>x.x.x.x</LogicalPortIP> + <RestURL>https://x.x.x.x:8088/deviceManager/rest/</RestURL> + <UserName>xxxxxxxxx</UserName> + <UserPassword>xxxxxxxxx</UserPassword> + </Storage> + <Filesystem> + <AllocType>Thin</AllocType> + <StoragePool>xxxxxxxxx</StoragePool> + <WaitInterval>3</WaitInterval> + <Timeout>60</Timeout> + </Filesystem> +</Config> + + + + + Product is a type of a storage product. Set it to V3. + + + + + LogicalPortIP is a IP address of the logical port. + + + + + RestURL is a access address of the REST interface. + + + + + UserName is a user name of an administrator. + + + + + UserPassword is a password of an administrator. + + + + + AllocType is a type of file system space allocation. Valid + values are Thick or Thin. + + + + + StoragePool is a name of a storage pool to be used. + + + + + WaitInterval is the interval time of querying the file system + status. + + + + + Timeout is the timeout period for wating command execution of + a device to complete. + + + + + + Backend configuration + + 1. Modify the manila.conf Shared File Systems service configuration + file and add + share_driver and manila_huawei_conf_file items. Example for + configuring a storage system: + + + + + share_driver = + manila.share.drivers.huawei.huawei_nas.HuaweiNasDriver + + + + + manila_huawei_conf_file = /etc/manila/manila_huawei_conf.xml + + + + + driver_handles_share_servers = False + + + +
+ + As far as the Shared File Systems service requires share type + for creation of shares, make sure that + used share type has extra spec + driver_handles_share_servers set to False otherwise Huawei + back end will be filtered by manila-scheduler. If you do + not provide share type with share creation request then + default share type and its extra specs will be used. + +
+ + Restart of manila-share service is needed for the configuration + changes to take effect. + +
+ + Restrictions + + The Huawei driver has the following restrictions: + + + + + Only IP access type is supported for NFS. + + + + + Only USER access type is supported for CIFS. + + + + + Only one StoragePool can be configured in the configuration + file. + + + + + + + Driver configuration options + + Configuration options specific to this driver are documented here: + . + + +
diff --git a/doc/config-reference/shared-file-systems/drivers/ibm-gpfs-driver.xml b/doc/config-reference/shared-file-systems/drivers/ibm-gpfs-driver.xml new file mode 100644 index 0000000000..50a40a7a84 --- /dev/null +++ b/doc/config-reference/shared-file-systems/drivers/ibm-gpfs-driver.xml @@ -0,0 +1,239 @@ +
+ IBM GPFS driver + + GPFS driver uses IBM General Parallel File System (GPFS), a + high-performance, clustered file system, developed by IBM, as the + storage back end for serving file shares to the Shared File Systems + service clients. + + + Supported shared filesystems + + + + NFS (access by IP) + + + + + + Supported operations + + + + Create NFS share. + + + + + Delete NFS share. + + + + + Create share snapshot. + + + + + Delete share snapshot. + + + + + Create share from a share snapshot. + + + + + Allow NFS share access. + + + + + Currently only 'rw' access level is supported. + + + + + + + Deny NFS share access. + + + + + + Requirements + + + + Install GPFS with server license, version >= 2.0, on the + storage back end. + + + + + Install Kernel NFS or Ganesha NFS server on the storage + back-end servers. + + + + + If using Ganesha NFS, currently NFS Ganesha v1.5 and v2.0 are + supported. + + + + + Create a GPFS cluster and create a filesystem on the cluster, + that will be used to create the Shared File Systems service shares. + + + + + Enable quotas for the GPFS file system (mmchfs -Q yes). + + + + + Establish network connection between the Shared File Systems + Service host and the storage back end. + + + + + + Shared File Systems service driver configuration setting + + The following parameters in the Shared File Systems service + configuration file need to be set: + + + + + share_driver = manila.share.drivers.ibm.gpfs.GPFSShareDriver + + + + + gpfs_share_export_ip = <IP to be added to GPFS export + string> + + + + + If the back-end GPFS server is not running on the Shared File + Systems service host + machine, the following options are required to SSH to the + remote GPFS back-end server: + + + + + gpfs_ssh_login = <GPFS server SSH login name> + + + and one of the following settings is required to execute + commands over SSH: + + + + + gpfs_ssh_private_key = <path to GPFS server SSH private + key for login> + + + + + gpfs_ssh_password = <GPFS server SSH login password> + + + + + + + The following configuration parameters are optional: + + + + + gpfs_mount_point_base = <base folder where exported shares + are located> + + + + + gpfs_nfs_server_type = <KNFS|GNFS> + + + + + gpfs_nfs_server_list = <list of the fully qualified NFS + server names> + + + + + gpfs_ssh_port = <ssh port number> + + + + + + + knfs_export_options = <options to use when creating a + share using kernel> + + + + <NFS server> + + + + + + + + Restart of manila-share service is needed for the configuration + changes to take effect. + + + + Known restrictions + + + + The driver does not support a segmented-network multi-tenancy + model but instead works over a flat network where the tenants + share a network. + + + + + While using remote GPFS node, with Ganesha NFS, + 'gpfs_ssh_private_key' for remote login to the GPFS node must + be specified and there must be a passwordless authentication + already setup between the manila-share service and the remote + GPFS node. + + + + + + + Driver configuration options + + Configuration options specific to this driver are documented here: + . + + +
diff --git a/doc/config-reference/shared-file-systems/drivers/netapp-cluster-mode-driver.xml b/doc/config-reference/shared-file-systems/drivers/netapp-cluster-mode-driver.xml new file mode 100644 index 0000000000..f32356ac8d --- /dev/null +++ b/doc/config-reference/shared-file-systems/drivers/netapp-cluster-mode-driver.xml @@ -0,0 +1,96 @@ +
+ NetApp Clustered Data ONTAP driver + + The Shared File Systems service can be configured to + use NetApp clustered Data ONTAP version 8. + + + Network approach + + L3 connectivity between the storage cluster and Shared File Systems + service host should exist, and VLAN segmentation should be configured. + + + The clustered Data ONTAP driver creates storage virtual machines + (SVM, previously known as vServers) as representations of the + Shared File Systems service share server interface, configures + logical interfaces (LIFs) and stores shares there. + + + + Supported shared filesystems + + + + NFS (access by IP) + + + + + CIFS (authentication by user) + + + + + + Required licenses + + + + NFS + + + + + CIFS + + + + + FlexClone + + + + + + Known restrictions + + + + For CIFS shares an external active directory service is + required. Its data should be provided via security-service + that is attached to used share-network. + + + + + Share access rule by user for CIFS shares can be created only + for existing user in active directory. + + + + + To be able to configure clients to security services, the time + on these external security services and storage should be + synchronized. The maximum allowed clock skew is 5 minutes. + + + + + + + Driver configuration options + + Configuration options specific to this driver are documented here: + . + + +
diff --git a/doc/config-reference/shared-file-systems/section_manila-log-files.xml b/doc/config-reference/shared-file-systems/section_manila-log-files.xml new file mode 100644 index 0000000000..85187fa35f --- /dev/null +++ b/doc/config-reference/shared-file-systems/section_manila-log-files.xml @@ -0,0 +1,77 @@ + +
+ Log files used by Shared File Systems + The corresponding log file of each Shared File Systems service + is stored in the /var/log/manila/ + directory of the host on which each service runs. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Log files used by Shared File Systems services
+ Log file + + Service/interface (for CentOS, Fedora, openSUSE, Red Hat + Enterprise Linux, and SUSE Linux Enterprise) + + Service/interface (for Ubuntu and Debian) +
+ api.log + + openstack-manila-api + + manila-api +
+ manila-manage.log + + manila-manage + + manila-manage +
+ scheduler.log + + openstack-manila-scheduler + + manila-scheduler +
+ share.log + + openstack-manila-share + + manila-share +
+
diff --git a/doc/config-reference/shared-file-systems/section_manila-misc.xml b/doc/config-reference/shared-file-systems/section_manila-misc.xml new file mode 100644 index 0000000000..d2c62a91a7 --- /dev/null +++ b/doc/config-reference/shared-file-systems/section_manila-misc.xml @@ -0,0 +1,45 @@ + +
+ Configuration Options + + + These following options can be set in the manila.conf file. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
diff --git a/doc/config-reference/shared-file-systems/section_manila-sample-configuration-files.xml b/doc/config-reference/shared-file-systems/section_manila-sample-configuration-files.xml new file mode 100644 index 0000000000..18122dc217 --- /dev/null +++ b/doc/config-reference/shared-file-systems/section_manila-sample-configuration-files.xml @@ -0,0 +1,40 @@ +
+ Shared File Systems sample configuration files + All the files in this section can be found in /etc/manila. +
+ manila.conf + The manila.conf file is installed in + /etc/manila by default. When you manually + install the Shared File Systems service, the options in the + manila.conf file are set to default values. + The manila.conf file contains most + of the options to configure the Shared File Systems service. + + + + + +
+
+ api-paste.ini + Use the api-paste.ini file to configure the Shared File Systems API service. + + +
+
+ policy.json + The policy.json file defines additional access controls that apply to the Shared File Systems service. + +
+
+ rootwrap.conf + The rootwrap.conf file defines configuration values used by the + rootwrap script when the Shared File Systems service must + escalate its privileges to those of the root user. + +
+
diff --git a/doc/config-reference/shared-file-systems/section_share-drivers.xml b/doc/config-reference/shared-file-systems/section_share-drivers.xml new file mode 100644 index 0000000000..8c5d6a49e1 --- /dev/null +++ b/doc/config-reference/shared-file-systems/section_share-drivers.xml @@ -0,0 +1,28 @@ + +
+ Share drivers + To use different share drivers for the manila-share service, use + the parameters described in these sections. + The share drivers are included in the Shared File Systems repository + (https://git.openstack.org/cgit/openstack/manila/tree/manila/share/drivers). + To set a share driver, use the share_driver flag. + For example, to use the generic reference driver: + + share_driver=manila.share.drivers.generic.GenericShareDriver + + + + + + + + + + + +
diff --git a/doc/config-reference/shared-file-systems/section_shared-file-systems-overview.xml b/doc/config-reference/shared-file-systems/section_shared-file-systems-overview.xml new file mode 100644 index 0000000000..87ba9588e2 --- /dev/null +++ b/doc/config-reference/shared-file-systems/section_shared-file-systems-overview.xml @@ -0,0 +1,104 @@ + +
+ Introduction to the Shared File Systems service + The Shared File Systems service provides shared file systems that + Compute instances can consume. + The Shared File Systems service provides: + + + manila-api. A WSGI app that authenticates + and routes requests throughout the Shared File Systems service. It supports the + OpenStack APIs. + + + manila-scheduler. Schedules and routes + requests to the appropriate share service. The scheduler uses configurable filters + and weighers to route requests. The Filter Scheduler is the default and enables + filters on things like Capacity, Availability Zone, Share Types, and Capabilities + as well as custom filters. + + + manila-share. + Manages back-end devices that provide shared file systems. + A manila-share service can run in one of two modes, with or without handling of + share servers. Share servers export file shares via share networks. + When share servers are not used, the networking requirements are handled + outside of Manila. + + + The Shared File Systems service contains the following components: + + + Back-end storage devices. The Shared File + Services service requires some form of back-end shared file system provider + that the service is built on. The reference implementation uses the Block Storage + service (Cinder) and a service VM to provide shares. Additional drivers are + used to access shared file systems from a variety of vendor solutions. + + + Users and tenants (projects). The Shared File + Systems service can be used by many different cloud computing consumers or customers + (tenants on a shared system), using role-based access assignments. Roles control the + actions that a user is allowed to perform. In the default configuration, most + actions do not require a particular role unless they are restricted to + administrators, but this can be configured by the system administrator in the + appropriate policy.json file that maintains the rules. + A user's access to manage particular shares is limited by tenant. Guest access + to mount and use shares is secured by IP and/or user access rules. + Quotas used to control resource consumption across available hardware resources + are per tenant. + For tenants, quota controls are available to limit: + + + The number of shares that can be created. + + + The number of gigabytes that can be provisioned for shares. + + + The number of share snapshots that can be created. + + + The number of gigabytes that can be provisioned for share snapshots. + + + The number of share networks that can be created. + + + You can revise the default quota values with the Shared File Systems CLI, + so the limits placed by quotas are editable by admin users. + + + Shares, snapshots, and share networks. The basic + resources offered by the Shared File Systems service are shares, snapshots + and share networks: + + + Shares. A share is a unit of storage + with a protocol, a size, and an access list. Shares are the basic + primitive provided by Manila. All shares exist on a + backend. Some shares are associated with share networks and share servers. + The main protocols supported are NFS and CIFS, but other protocols are + supported as well. + + + Snapshots. A snapshot is a point in + time copy of a share. Snapshots can only be used to create new shares + (containing the snapshotted data). Shares cannot be deleted until all + associated snapshots are deleted. + + + Share networks. A share network is a + tenant-defined object that informs Manila about the security and + network configuration for a group of shares. Share networks are only + relevant for backends that manage share servers. A share network contains + a security service and network/subnet. + + + + +
diff --git a/tools/autogenerate-config-flagmappings/manila.flagmappings b/tools/autogenerate-config-flagmappings/manila.flagmappings new file mode 100644 index 0000000000..ab1281780c --- /dev/null +++ b/tools/autogenerate-config-flagmappings/manila.flagmappings @@ -0,0 +1,424 @@ +api_paste_config api +api_rate_limit api +auth_strategy auth +automatic_share_server_cleanup share +backlog share +capacity_weight_multiplier scheduler +cinder_admin_auth_url storage +cinder_admin_password storage +cinder_admin_tenant_name storage +cinder_admin_username storage +cinder_api_insecure storage +cinder_ca_certificates_file storage +cinder_catalog_info storage +cinder_cross_az_attach storage +cinder_http_retries storage +cinder_volume_type storage +client_socket_timeout common +compute_api_class common +connect_share_server_to_tenant_network share +control_exchange amqp +db_backend database +db_driver database +debug logging +default_log_levels logging +default_share_type share +delete_share_server_with_last_share share +driver_handles_share_servers share +emc_nas_login emc +emc_nas_password emc +emc_nas_pool_name emc +emc_nas_root_dir emc +emc_nas_server emc +emc_nas_server_container emc +emc_nas_server_port emc +emc_nas_server_secure emc +emc_share_backend emc +enable_new_services common +enable_periodic_hooks share +enable_post_hooks share +enable_pre_hooks share +enable_v1_api api +enable_v2_api api +enabled_share_backends share +enabled_share_protocols share +executor_thread_pool_size share +fatal_deprecations logging +fatal_exception_format_errors logging +ganesha_config_dir ganesha +ganesha_config_path ganesha +ganesha_db_path ganesha +ganesha_export_dir ganesha +ganesha_export_template_dir ganesha +ganesha_service_name ganesha +glusterfs_ganesha_server_ip glusterfs +glusterfs_ganesha_server_password glusterfs +glusterfs_ganesha_server_username glusterfs +glusterfs_mount_point_base glusterfs +glusterfs_native_path_to_private_key glusterfs +glusterfs_native_server_password glusterfs +glusterfs_nfs_server_type glusterfs +glusterfs_path_to_private_key glusterfs +glusterfs_server_password glusterfs +glusterfs_servers glusterfs +glusterfs_share_layout glusterfs +glusterfs_target glusterfs +glusterfs_volume_pattern glusterfs +hdfs_namenode_ip hdfs +hdfs_namenode_port hdfs +hdfs_ssh_name hdfs +hdfs_ssh_port hdfs +hdfs_ssh_private_key hdfs +hdfs_ssh_pw hdfs +hds_hnas_cluster_admin_ip0 hds_hnas +hds_hnas_evs_id hds_hnas +hds_hnas_evs_ip hds_hnas +hds_hnas_file_system_name hds_hnas +hds_hnas_ip hds_hnas +hds_hnas_password hds_hnas +hds_hnas_ssh_private_key hds_hnas +hds_hnas_stalled_job_timeout hds_hnas +hds_hnas_user hds_hnas +hook_drivers share +host common +hp3par_api_url hp3par +hp3par_debug hp3par +hp3par_fpg hp3par +hp3par_fstore_per_share hp3par +hp3par_password hp3par +hp3par_san_ip hp3par +hp3par_san_login hp3par +hp3par_san_password hp3par +hp3par_san_ssh_port hp3par +hp3par_share_ip_address hp3par +hp3par_username hp3par +instance_format logging +instance_uuid_format logging +interface_driver share +log_config_append logging +log_date_format logging +log_dir logging +log_file logging +log_format logging +logging_context_format_string logging +logging_debug_format_suffix logging +logging_default_format_string logging +logging_exception_prefix logging +manila_huawei_conf_file huawei +manila_service_keypair_name share +matchmaker_heartbeat_freq rpc +matchmaker_heartbeat_ttl rpc +max_age quota +max_gigabytes storage +max_header_line api +max_over_subscription_ratio common +max_time_to_attach share +max_time_to_build_instance share +max_time_to_create_volume share +max_time_to_extend_volume share +memcached_servers common +migration_create_delete_share_timeout share +migration_data_copy_node_ip share +migration_ignore_files share +migration_mounting_backend_ip share +migration_protocol_mount_command share +migration_readonly_support share +migration_tmp_location share +migration_wait_access_rules_timeout share +monkey_patch common +monkey_patch_modules common +my_ip common +netapp_aggregate_name_search_pattern netapp +netapp_lif_name_template netapp +netapp_login netapp +netapp_password netapp +netapp_port_name_search_pattern netapp +netapp_root_volume netapp +netapp_root_volume_aggregate netapp +netapp_server_hostname netapp +netapp_server_port netapp +netapp_storage_family netapp +netapp_trace_flags netapp +netapp_transport_type netapp +netapp_volume_name_template netapp +netapp_vserver_name_template netapp +network_config_group share +notification_driver amqp +notification_topics amqp +nova_admin_auth_url compute +nova_admin_password compute +nova_admin_tenant_name compute +nova_admin_username compute +nova_api_insecure compute +nova_api_microversion compute +nova_ca_certificates_file compute +nova_catalog_admin_info compute +nova_catalog_info compute +num_shell_tries common +os_region_name compute +osapi_max_limit api +osapi_share_base_URL api +osapi_share_ext_list api +osapi_share_extension api +osapi_share_listen api +osapi_share_listen_port api +osapi_share_workers api +ovs_integration_bridge share +path_to_private_key share +path_to_public_key share +periodic_fuzzy_delay common +periodic_hooks_interval common +periodic_interval common +pool_weight_multiplier scheduler +publish_errors logging +quobyte_api_ca quobyte +quobyte_api_password quobyte +quobyte_api_url quobyte +quobyte_api_username quobyte +quobyte_default_volume_group quobyte +quobyte_default_volume_user quobyte +quobyte_delete_shares quobyte +quobyte_volume_configuration quobyte +quota_driver quota +quota_gigabytes quota +quota_share_networks quota +quota_shares quota +quota_snapshot_gigabytes quota +quota_snapshots quota +report_interval common +reservation_expire quota +reserved_share_percentage common +root_helper share +rootwrap_config common +rpc_backend rpc +rpc_cast_timeout rpc +rpc_conn_pool_size rpc +rpc_response_timeout rpc +rpc_zmq_bind_address zeromq +rpc_zmq_contexts zeromq +rpc_zmq_host zeromq +rpc_zmq_ipc_dir zeromq +rpc_zmq_matchmaker zeromq +rpc_zmq_port zeromq +rpc_zmq_topic_backlog zeromq +scheduler_default_filters scheduler +scheduler_default_weighers scheduler +scheduler_driver scheduler +scheduler_host_manager scheduler +scheduler_json_config_location scheduler +scheduler_manager scheduler +scheduler_max_attempts scheduler +scheduler_topic scheduler +service_down_time common +service_image_name share +service_instance_flavor_id share +service_instance_name_or_id share +service_instance_name_template share +service_instance_network_helper_type share +service_instance_password share +service_instance_security_group share +service_instance_smb_config_path share +service_instance_user share +service_net_name_or_ip share +service_network_cidr share +service_network_division_mask share +service_network_name share +share_api_class api +share_backend_name share +share_driver share +share_helpers share +share_manager share +share_mount_path share +share_name_template share +share_snapshot_name_template share +share_topic rpc +share_usage_audit_period share +share_volume_fstype share +smb_template_config_path share +sql_idle_timeout common +sql_max_retries common +sql_retry_interval common +sqlite_clean_db common +sqlite_db common +sqlite_synchronous common +ssh_conn_timeout san +ssh_max_pool_conn san +ssh_min_pool_conn san +ssl_ca_file ca +ssl_cert_file ca +ssl_key_file ca +state_path common +storage_availability_zone common +suppress_post_hooks_errors share +suppress_pre_hooks_errors share +syslog_log_facility logging +tcp_keepalive common +tcp_keepalive_count common +tcp_keepalive_interval common +tcp_keepidle common +tenant_net_name_or_ip share +transport_url amqp +unmanage_remove_access_rules share +until_refresh common +unused_share_server_cleanup_interval share +use_forwarded_for common +use_scheduler_creating_share_from_snapshot share +use_stderr logging +use_syslog logging +use_syslog_rfc_format logging +verbose logging +volume_api_class api +volume_name_template api +volume_snapshot_name_template api +winrm_cert_key_pem_path winrm +winrm_cert_pem_path winrm +winrm_conn_timeout winrm +winrm_operation_timeout winrm +winrm_retry_count winrm +winrm_retry_interval winrm +winrm_use_cert_based_auth winrm +wsgi_keep_alive common +zfssa_auth_password zfssa +zfssa_auth_user zfssa +zfssa_data_ip zfssa +zfssa_host zfssa +zfssa_nas_checksum zfssa +zfssa_nas_compression zfssa +zfssa_nas_logbias zfssa +zfssa_nas_mountpoint zfssa +zfssa_nas_quota_snap zfssa +zfssa_nas_rstchown zfssa +zfssa_nas_vscan zfssa +zfssa_pool zfssa +zfssa_project zfssa +zfssa_rest_timeout zfssa +cors/allow_credentials cors +cors/allow_headers cors +cors/allow_methods cors +cors/allowed_origin cors +cors/expose_headers cors +cors/max_age cors +cors.subdomain/allow_credentials cors +cors.subdomain/allow_headers cors +cors.subdomain/allow_methods cors +cors.subdomain/allowed_origin cors +cors.subdomain/expose_headers cors +cors.subdomain/max_age cors +database/backend database +database/connection database +database/connection_debug database +database/connection_trace database +database/db_inc_retry_interval database +database/db_max_retries database +database/db_max_retry_interval database +database/db_retry_interval database +database/idle_timeout database +database/max_overflow database +database/max_pool_size database +database/max_retries database +database/min_pool_size database +database/mysql_sql_mode database +database/pool_timeout database +database/retry_interval database +database/slave_connection database +database/sqlite_db database +database/sqlite_synchronous database +database/use_db_reconnect database +keystone_authtoken/admin_password auth_token +keystone_authtoken/admin_tenant_name auth_token +keystone_authtoken/admin_token auth_token +keystone_authtoken/admin_user auth_token +keystone_authtoken/auth_admin_prefix auth_token +keystone_authtoken/auth_host auth_token +keystone_authtoken/auth_plugin auth_token +keystone_authtoken/auth_port auth_token +keystone_authtoken/auth_protocol auth_token +keystone_authtoken/auth_section auth_token +keystone_authtoken/auth_uri auth_token +keystone_authtoken/auth_version auth_token +keystone_authtoken/cache auth_token +keystone_authtoken/cafile auth_token +keystone_authtoken/certfile auth_token +keystone_authtoken/check_revocations_for_cached auth_token +keystone_authtoken/delay_auth_decision auth_token +keystone_authtoken/enforce_token_bind auth_token +keystone_authtoken/hash_algorithms auth_token +keystone_authtoken/http_connect_timeout auth_token +keystone_authtoken/http_request_max_retries auth_token +keystone_authtoken/identity_uri auth_token +keystone_authtoken/include_service_catalog auth_token +keystone_authtoken/insecure auth_token +keystone_authtoken/keyfile auth_token +keystone_authtoken/memcache_pool_conn_get_timeout auth_token +keystone_authtoken/memcache_pool_dead_retry auth_token +keystone_authtoken/memcache_pool_maxsize auth_token +keystone_authtoken/memcache_pool_socket_timeout auth_token +keystone_authtoken/memcache_pool_unused_timeout auth_token +keystone_authtoken/memcache_secret_key auth_token +keystone_authtoken/memcache_security_strategy auth_token +keystone_authtoken/memcache_use_advanced_pool auth_token +keystone_authtoken/memcached_servers auth_token +keystone_authtoken/region_name auth_token +keystone_authtoken/revocation_cache_time auth_token +keystone_authtoken/signing_dir auth_token +keystone_authtoken/token_cache_time auth_token +matchmaker_redis/host redis +matchmaker_redis/password redis +matchmaker_redis/port redis +matchmaker_ring/ringfile redis +oslo_concurrency/disable_process_locking rpc +oslo_concurrency/lock_path rpc +oslo_messaging_amqp/allow_insecure_clients rpc +oslo_messaging_amqp/broadcast_prefix rpc +oslo_messaging_amqp/container_name rpc +oslo_messaging_amqp/group_request_prefix rpc +oslo_messaging_amqp/idle_timeout rpc +oslo_messaging_amqp/server_request_prefix rpc +oslo_messaging_amqp/ssl_ca_file rpc +oslo_messaging_amqp/ssl_cert_file rpc +oslo_messaging_amqp/ssl_key_file rpc +oslo_messaging_amqp/ssl_key_password rpc +oslo_messaging_amqp/trace rpc +oslo_messaging_qpid/amqp_auto_delete qpid +oslo_messaging_qpid/amqp_durable_queues qpid +oslo_messaging_qpid/qpid_heartbeat qpid +oslo_messaging_qpid/qpid_hostname qpid +oslo_messaging_qpid/qpid_hosts qpid +oslo_messaging_qpid/qpid_password qpid +oslo_messaging_qpid/qpid_port qpid +oslo_messaging_qpid/qpid_protocol qpid +oslo_messaging_qpid/qpid_receiver_capacity qpid +oslo_messaging_qpid/qpid_sasl_mechanisms qpid +oslo_messaging_qpid/qpid_tcp_nodelay qpid +oslo_messaging_qpid/qpid_topology_version qpid +oslo_messaging_qpid/qpid_username qpid +oslo_messaging_qpid/send_single_reply qpid +oslo_messaging_rabbit/amqp_auto_delete rabbitmq +oslo_messaging_rabbit/amqp_durable_queues rabbitmq +oslo_messaging_rabbit/fake_rabbit rabbitmq +oslo_messaging_rabbit/heartbeat_rate rabbitmq +oslo_messaging_rabbit/heartbeat_timeout_threshold rabbitmq +oslo_messaging_rabbit/kombu_reconnect_delay rabbitmq +oslo_messaging_rabbit/kombu_reconnect_timeout rabbitmq +oslo_messaging_rabbit/kombu_ssl_ca_certs rabbitmq +oslo_messaging_rabbit/kombu_ssl_certfile rabbitmq +oslo_messaging_rabbit/kombu_ssl_keyfile rabbitmq +oslo_messaging_rabbit/kombu_ssl_version rabbitmq +oslo_messaging_rabbit/rabbit_ha_queues rabbitmq +oslo_messaging_rabbit/rabbit_host rabbitmq +oslo_messaging_rabbit/rabbit_hosts rabbitmq +oslo_messaging_rabbit/rabbit_login_method rabbitmq +oslo_messaging_rabbit/rabbit_max_retries rabbitmq +oslo_messaging_rabbit/rabbit_password rabbitmq +oslo_messaging_rabbit/rabbit_port rabbitmq +oslo_messaging_rabbit/rabbit_retry_backoff rabbitmq +oslo_messaging_rabbit/rabbit_retry_interval rabbitmq +oslo_messaging_rabbit/rabbit_use_ssl rabbitmq +oslo_messaging_rabbit/rabbit_userid rabbitmq +oslo_messaging_rabbit/rabbit_virtual_host rabbitmq +oslo_messaging_rabbit/send_single_reply rabbitmq +oslo_middleware/max_request_body_size api +oslo_middleware/secure_proxy_ssl_header api +oslo_policy/policy_default_rule api +oslo_policy/policy_dirs api +oslo_policy/policy_file api diff --git a/tools/autogenerate-config-flagmappings/manila.headers b/tools/autogenerate-config-flagmappings/manila.headers new file mode 100644 index 0000000000..680319eaf8 --- /dev/null +++ b/tools/autogenerate-config-flagmappings/manila.headers @@ -0,0 +1,32 @@ +amqp AMQP +api API +auth Authorization +auth_token Authorization Token +ca Certificate Authority +common Common +compute Compute +cors CORS +database Database +emc EMC Share Drivers +ganesha Ganesha +glusterfs GlusterFS Share Drivers +gpfs IBM GPFS Share Driver +hdfs HDFS Share Driver +hds_hnas HDS NAS Share Driver +hp3par HP 3PAR Share Driver +huawei Huawei Share Driver +logging Logging +netapp NetApp Share Drivers +qpid QPID +quobyte Quobyte Share Driver +quota Quota +rabbitmq RabbitMQ +redis Redis +rpc RPC +san SAN +scheduler Scheduler +share Share +storage Storage +winrm WinRM +zeromq ZeroMQ +zfssa ZFSSA Share Driver