stackforge/rubick
Code Issues Proposed changes

Merge branch 'master' of github.com:MirantisLabs/rubick

Browse Source 
Conflicts:
	joker/__init__.py
	joker/nodes.py
This commit is contained in:
Ryabin Sergey 2013-10-28 15:48:58 +04:00
commit 557c576376
9 changed files with 4176 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
joker/__init__.py
View File

@ -51,7 +51,7 @@ class Joker():
if os.path.exists(filePath):
os.remove(filePath)
def addNode(self, name, host, user, port=22):
def addNode(self, name, host, port=22, user='root'):
node = Node(name, host, port)
node.assignCredential(user, self.default_key, None)

10
joker/nodes.py
View File

@ -28,7 +28,6 @@ class Node():
self.link = None
self.keyPath = TMP_KEY_PATH % (name, os.getpid())
slaves = []
def dumpKey(self, path, key):
f = open(path, "w", stat.S_IRUSR | stat.S_IWUSR)
@ -43,13 +42,16 @@ class Node():
def proxyCommandGen(self, masterHost, masterPort, masterUser,
masterKeyfile):
return "ssh -i %s -p%d %s@%s nc -q0 %s %d" % (masterKey, masterPort,
masterUser, masterHost, self.hostName, self.accessPort)
return "ssh -i %s -o StrictHostChecking=no -p%d %s@%s nc -q0 %s %d" % (
masterKeyfile, masterPort, masterUser, masterHost,
self.hostName, self.accessPort)
def discoverHwAddr(self):
try:
(stdout, stderr) = self.runCommand(
"ip addr | grep -A2 BROADCAST,MULTICAST,UP,LOWER_UP | awk '/link\/ether/ {ether=$2} /inet/ {print $2 \" \" ether}'")
"ip addr | grep -A2 BROADCAST,MULTICAST,UP,LOWER_UP | "
"awk '/link\/ether/ {ether=$2} /inet/ {print $2 \" \" ether}'")
except:
raise()

2
rubick/celery.py
View File

@ -10,6 +10,8 @@ from rubick.discovery import OpenstackDiscovery
import rubick.inspections
# Silence PEP8 "unused import"
assert rubick.inspections
import rubick.schemas
assert rubick.schemas
broker_url = os.getenv('CELERY_BROKER_URL', 'redis://localhost:6379/0')
backend_url = os.getenv('CELERY_RESULT_BACKEND', broker_url)

6
rubick/discovery.py
View File

@ -159,9 +159,9 @@ class JokerNodeDiscovery(object):
count = 0
for node in parse_nodes_info(initial_nodes):
j.addNode('node%d' % count,
node['host'],
node['port'],
node['username'])
host=node['host'],
port=node['port'],
user=node['username'])
nodes = []
for j_node_info in j.discover():

1249
rubick/schemas/cinder/v2013_2.py Normal file
View File

File diff suppressed because it is too large Load Diff

395
rubick/schemas/glance/v2013_2.py Normal file
View File

@ -0,0 +1,395 @@
from rubick.schema import ConfigSchemaRegistry
glance = ConfigSchemaRegistry.register_schema(project='glance')
with glance.version('2013.2') as glance_2013_2:
glance_2013_2.section('DEFAULT')
glance_2013_2.param('verbose', type='string', default='False',
description="Show more verbose log output (sets INFO log level output)")
glance_2013_2.param('debug', type='string', default='False',
description="Show debugging output in logs (sets DEBUG log level output)")
glance_2013_2.param('default_store', type='string', default='file',
description="Which backend scheme should Glance use by default is not specified in a request to add a new image to Glance? Known schemes are determined by the known_stores option below. Default: 'file'")
glance_2013_2.param(
'known_stores', type='string', default='glance.store.filesystem.Store,',
description="List of which store classes and store class locations are currently known to glance at startup.")
glance_2013_2.param(
'image_size_cap', type='string', default='1099511627776',
description="Maximum image size (in bytes) that may be uploaded through the Glance API server. Defaults to 1 TB. WARNING: this value should only be increased after careful consideration and must be set to a value under 8 EB (9223372036854775808).")
glance_2013_2.param('bind_host', type='host', default='0.0.0.0',
description="Address to bind the API server")
glance_2013_2.param('bind_port', type='string',
default='9292', description="Port the bind the API server to")
glance_2013_2.param(
'log_file', type='string', default='/var/log/glance/api.log',
description="Log to this file. Make sure you do not set the same log file for both the API and registry servers!")
glance_2013_2.param('backlog', type='string', default='4096',
description="Backlog requests when creating socket")
glance_2013_2.param('tcp_keepidle', type='string', default='600',
description="TCP_KEEPIDLE value in seconds when creating socket. Not supported on OS X.")
glance_2013_2.param(
'sql_connection', type='string', default='sqlite:///glance.sqlite',
description="SQLAlchemy connection string for the reference implementation registry server. Any valid SQLAlchemy connection string is fine. See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine")
glance_2013_2.param('sql_idle_timeout', type='string', default='3600',
description="MySQL uses a default `wait_timeout` of 8 hours, after which it will drop idle connections. This can result in 'MySQL Gone Away' exceptions. If you notice this, you can lower this value to ensure that SQLAlchemy reconnects before MySQL can drop the connection.")
glance_2013_2.param('workers', type='string', default='1',
description="Number of Glance API worker processes to start. On machines with more than one CPU increasing this value may improve performance (especially if using SSL with compression turned on). It is typically recommended to set this value to the number of CPUs present on your machine.")
glance_2013_2.param('admin_role', type='string', default='admin',
description="Role used to identify an authenticated user as administrator")
glance_2013_2.param(
'allow_anonymous_access', type='string', default='False',
description="Allow unauthenticated users to access the API with read-only privileges. This only applies when using ContextMiddleware.")
glance_2013_2.param('enable_v1_api', type='string', default='True',
description="Allow access to version 1 of glance api")
glance_2013_2.param('enable_v2_api', type='string', default='True',
description="Allow access to version 2 of glance api")
glance_2013_2.param(
'show_image_direct_url', type='string', default='False',
description="Return the URL that references where the data is stored on the backend storage system. For example, if using the file system store a URL of 'file:///path/to/image' will be returned to the user in the 'direct_url' meta-data field. The default value is false.")
glance_2013_2.param(
'send_identity_headers', type='string', default='False',
description="Send headers containing user and tenant information when making requests to the v1 glance registry. This allows the registry to function as if a user is authenticated without the need to authenticate a user itself using the auth_token middleware. The default value is false.")
glance_2013_2.param(
'container_formats', type='string', default='ami,ari,aki,bare,ovf',
description="Supported values for the 'container_format' image attribute")
glance_2013_2.param(
'disk_formats', type='string', default='ami,ari,aki,vhd,vmdk,raw,qcow2,vdi,iso',
description="Supported values for the 'disk_format' image attribute")
glance_2013_2.param('lock_path', type='string', default=None,
description="Directory to use for lock files. Default to a temp directory (string value). This setting needs to be the same for both glance-scrubber and glance-api.")
glance_2013_2.param('property_protection_file', type='string', default='',
description="Property Protections config file This file contains the rules for property protections and the roles associated with it. If this config value is not specified, by default, property protections won't be enforced. If a value is specified and the file is not found, then an HTTPInternalServerError will be thrown.")
glance_2013_2.param('user_storage_quota', type='string', default='0',
description="Set a system wide quota for every user. This value is the total number of bytes that a user can use across all storage systems. A value of 0 means unlimited.")
glance_2013_2.param('use_syslog', type='string', default='False',
description="Send logs to syslog (/dev/log) instead of to file specified by `log_file`")
glance_2013_2.param(
'syslog_log_facility', type='string', default='LOG_LOCAL0',
description="Facility to use. If unset defaults to LOG_USER.")
glance_2013_2.param(
'cert_file', type='string', default='/path/to/certfile',
description="Certificate file to use when starting API server securely")
glance_2013_2.param('key_file', type='string', default='/path/to/keyfile',
description="Private key file to use when starting API server securely")
glance_2013_2.param('ca_file', type='string', default='/path/to/cafile',
description="CA certificate file to use to verify connecting clients")
glance_2013_2.param(
'metadata_encryption_key', type='string', default='<16, 24 or 32 char registry metadata key>',
description="AES key for encrypting store 'location' metadata, including -- if used -- Swift or S3 credentials Should be set to a random string of length 16, 24 or 32 bytes")
glance_2013_2.param('registry_host', type='host', default='0.0.0.0',
description="Address to find the registry server")
glance_2013_2.param('registry_port', type='string', default='9191',
description="Port the registry server is listening on")
glance_2013_2.param(
'registry_client_protocol', type='string', default='http',
description="What protocol to use when connecting to the registry server? Set to https for secure HTTP communication")
glance_2013_2.param(
'registry_client_key_file', type='string', default='/path/to/key/file',
description="The path to the key file to use in SSL connections to the registry server, if any. Alternately, you may set the GLANCE_CLIENT_KEY_FILE environ variable to a filepath of the key file")
glance_2013_2.param(
'registry_client_cert_file', type='string', default='/path/to/cert/file',
description="The path to the cert file to use in SSL connections to the registry server, if any. Alternately, you may set the GLANCE_CLIENT_CERT_FILE environ variable to a filepath of the cert file")
glance_2013_2.param(
'registry_client_ca_file', type='string', default='/path/to/ca/file',
description="The path to the certifying authority cert file to use in SSL connections to the registry server, if any. Alternately, you may set the GLANCE_CLIENT_CA_FILE environ variable to a filepath of the CA cert file")
glance_2013_2.param(
'registry_client_insecure', type='string', default='False',
description="When using SSL in connections to the registry server, do not require validation via a certifying authority. This is the registry's equivalent of specifying --insecure on the command line using glanceclient for the API Default: False")
glance_2013_2.param(
'registry_client_timeout', type='string', default='600',
description="The period of time, in seconds, that the API server will wait for a registry request to complete. A value of '0' implies no timeout. Default: 600")
glance_2013_2.param('db_auto_create', type='string', default='False',
description="Whether to automatically create the database tables. Default: False")
glance_2013_2.param('sqlalchemy_debug', type='string', default='True',
description="Enable DEBUG log messages from sqlalchemy which prints every database query and response. Default: False")
glance_2013_2.param('notifier_strategy', type='string', default='noop',
description="Notifications can be sent when images are create, updated or deleted. There are three methods of sending notifications, logging (via the log_file directive), rabbit (via a rabbitmq queue), qpid (via a Qpid message queue), or noop (no notifications sent, the default)")
glance_2013_2.param('rabbit_host', type='host', default='localhost',
description="Configuration options if sending notifications via rabbitmq (these are the defaults)")
glance_2013_2.param('rabbit_port', type='string', default='5672',
description="Configuration options if sending notifications via rabbitmq (these are the defaults)")
glance_2013_2.param('rabbit_use_ssl', type='string', default='false',
description="Configuration options if sending notifications via rabbitmq (these are the defaults)")
glance_2013_2.param('rabbit_userid', type='string', default='guest',
description="Configuration options if sending notifications via rabbitmq (these are the defaults)")
glance_2013_2.param('rabbit_password', type='string', default='guest',
description="Configuration options if sending notifications via rabbitmq (these are the defaults)")
glance_2013_2.param('rabbit_virtual_host', type='string', default='/',
description="Configuration options if sending notifications via rabbitmq (these are the defaults)")
glance_2013_2.param(
'rabbit_notification_exchange', type='string', default='glance',
description="Configuration options if sending notifications via rabbitmq (these are the defaults)")
glance_2013_2.param(
'rabbit_notification_topic', type='string', default='notifications',
description="Configuration options if sending notifications via rabbitmq (these are the defaults)")
glance_2013_2.param(
'rabbit_durable_queues', type='string', default='False',
description="Configuration options if sending notifications via rabbitmq (these are the defaults)")
glance_2013_2.param(
'qpid_notification_exchange', type='string', default='glance',
description="Configuration options if sending notifications via Qpid (these are the defaults)")
glance_2013_2.param(
'qpid_notification_topic', type='string', default='notifications',
description="Configuration options if sending notifications via Qpid (these are the defaults)")
glance_2013_2.param('qpid_host', type='host', default='localhost',
description="Configuration options if sending notifications via Qpid (these are the defaults)")
glance_2013_2.param('qpid_port', type='string', default='5672',
description="Configuration options if sending notifications via Qpid (these are the defaults)")
glance_2013_2.param('qpid_username', type='string', default='',
description="Configuration options if sending notifications via Qpid (these are the defaults)")
glance_2013_2.param('qpid_password', type='string', default='',
description="Configuration options if sending notifications via Qpid (these are the defaults)")
glance_2013_2.param('qpid_sasl_mechanisms', type='string', default='',
description="Configuration options if sending notifications via Qpid (these are the defaults)")
glance_2013_2.param('qpid_reconnect_timeout', type='string', default='0',
description="Configuration options if sending notifications via Qpid (these are the defaults)")
glance_2013_2.param('qpid_reconnect_limit', type='string', default='0',
description="Configuration options if sending notifications via Qpid (these are the defaults)")
glance_2013_2.param(
'qpid_reconnect_interval_min', type='string', default='0',
description="Configuration options if sending notifications via Qpid (these are the defaults)")
glance_2013_2.param(
'qpid_reconnect_interval_max', type='string', default='0',
description="Configuration options if sending notifications via Qpid (these are the defaults)")
glance_2013_2.param('qpid_reconnect_interval', type='string', default='0',
description="Configuration options if sending notifications via Qpid (these are the defaults)")
glance_2013_2.param('qpid_heartbeat', type='string', default='5',
description="Configuration options if sending notifications via Qpid (these are the defaults)")
glance_2013_2.param('qpid_protocol', type='string', default='tcp',
description="Configuration options if sending notifications via Qpid (these are the defaults) Set to 'ssl' to enable SSL")
glance_2013_2.param('qpid_tcp_nodelay', type='string', default='True',
description="Configuration options if sending notifications via Qpid (these are the defaults) Set to 'ssl' to enable SSL")
glance_2013_2.param(
'filesystem_store_datadir', type='string', default='/var/lib/glance/images/',
description="Directory that the Filesystem backend store writes image data to")
glance_2013_2.param(
'filesystem_store_metadata_file', type='string', default='None',
description="A path to a JSON file that contains metadata describing the storage system. When show_multiple_locations is True the information in this file will be returned with any location that is contained in this store.")
glance_2013_2.param('swift_store_auth_version', type='string', default='2',
description="Version of the authentication service to use Valid versions are '2' for keystone and '1' for swauth and rackspace")
glance_2013_2.param(
'swift_store_auth_address', type='string', default='127.0.0.1:5000/v2.0/',
description="Address where the Swift authentication service lives Valid schemes are 'http://' and 'https://' If no scheme specified, default to 'https://' For swauth, use something like '127.0.0.1:8080/v1.0/'")
glance_2013_2.param('swift_store_user', type='string', default='jdoe:jdoe',
description="User to authenticate against the Swift authentication service If you use Swift authentication service, set it to 'account':'user' where 'account' is a Swift storage account and 'user' is a user in that account")
glance_2013_2.param(
'swift_store_key', type='string', default='a86850deb2742ec3cb41518e26aa2d89',
description="Auth key for the user authenticating against the Swift authentication service")
glance_2013_2.param(
'swift_store_container', type='string', default='glance',
description="Container within the account that the account should use for storing images in Swift")
glance_2013_2.param('swift_store_create_container_on_put', type='string',
default='False', description="Do we create the container if it does not exist?")
glance_2013_2.param(
'swift_store_large_object_size', type='string', default='5120',
description="What size, in MB, should Glance start chunking image files and do a large object manifest in Swift? By default, this is the maximum object size in Swift, which is 5GB")
glance_2013_2.param(
'swift_store_large_object_chunk_size', type='string', default='200',
description="When doing a large object manifest, what size, in MB, should Glance write chunks to Swift? This amount of data is written to a temporary disk buffer during the process of chunking the image file, and the default is 200MB")
glance_2013_2.param('swift_enable_snet', type='string', default='False',
description="To use ServiceNET for authentication, prefix hostname of `swift_store_auth_address` with 'snet-'. Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/")
glance_2013_2.param(
'swift_store_multi_tenant', type='string', default='False',
description="If set to True enables multi-tenant storage mode which causes Glance images to be stored in tenant specific Swift accounts.")
glance_2013_2.param('swift_store_admin_tenants', type='string', default='',
description="A list of swift ACL strings that will be applied as both read and write ACLs to the containers created by Glance in multi-tenant mode. This grants the specified tenants/users read and write access to all newly created image objects. The standard swift ACL string formats are allowed, including: <tenant_id>:<username> <tenant_name>:<username> *:<username> Multiple ACLs can be combined using a comma separated list, for example: swift_store_admin_tenants = service:glance,*:admin")
glance_2013_2.param('swift_store_region', type='string', default='',
description="The region of the swift endpoint to be used for single tenant. This setting is only necessary if the tenant has multiple swift endpoints.")
glance_2013_2.param(
'swift_store_ssl_compression', type='string', default='True',
description="If set to False, disables SSL layer compression of https swift requests. Setting to 'False' may improve performance for images which are already in a compressed format, eg qcow2. If set to True, enables SSL layer compression (provided it is supported by the target swift proxy).")
glance_2013_2.param(
's3_store_host', type='string', default='127.0.0.1:8080/v1.0/',
description="Address where the S3 authentication service lives Valid schemes are 'http://' and 'https://' If no scheme specified, default to 'http://'")
glance_2013_2.param(
's3_store_access_key', type='string', default='<20-char AWS access key>',
description="User to authenticate against the S3 authentication service")
glance_2013_2.param(
's3_store_secret_key', type='string', default='<40-char AWS secret key>',
description="Auth key for the user authenticating against the S3 authentication service")
glance_2013_2.param(
's3_store_bucket', type='string', default='<lowercased 20-char aws access key>glance',
description="Container within the account that the account should use for storing images in S3. Note that S3 has a flat namespace, so you need a unique bucket name for your glance images. An easy way to do this is append your AWS access key to 'glance'. S3 buckets in AWS *must* be lowercased, so remember to lowercase your AWS access key if you use it in your bucket name below!")
glance_2013_2.param('s3_store_create_bucket_on_put', type='string',
default='False', description="Do we create the bucket if it does not exist?")
glance_2013_2.param(
's3_store_object_buffer_dir', type='string', default='/path/to/dir',
description="When sending images to S3, the data will first be written to a temporary buffer on disk. By default the platform's temporary directory will be used. If required, an alternative directory can be specified here.")
glance_2013_2.param(
's3_store_bucket_url_format', type='string', default='subdomain',
description="When forming a bucket url, boto will either set the bucket name as the subdomain or as the first token of the path. Amazon's S3 service will accept it as the subdomain, but Swift's S3 middleware requires it be in the path. Set this to 'path' or 'subdomain' - defaults to 'subdomain'.")
glance_2013_2.param(
'rbd_store_ceph_conf', type='string', default='/etc/ceph/ceph.conf',
description="Ceph configuration file path If using cephx authentication, this file should include a reference to the right keyring in a client.<USER> section")
glance_2013_2.param('rbd_store_user', type='string', default='glance',
description="RADOS user to authenticate as (only applicable if using cephx)")
glance_2013_2.param('rbd_store_pool', type='string', default='images',
description="RADOS pool in which images are stored")
glance_2013_2.param('rbd_store_chunk_size', type='string', default='8',
description="Images will be chunked into objects of this size (in megabytes). For best performance, this should be a power of two")
glance_2013_2.param('sheepdog_store_address',
type='string', default='localhost', description="")
glance_2013_2.param(
'sheepdog_store_port', type='string', default='7000', description="")
glance_2013_2.param(
'sheepdog_store_chunk_size', type='string', default='64',
description="Images will be chunked into objects of this size (in megabytes). For best performance, this should be a power of two")
glance_2013_2.param(
'cinder_catalog_info', type='string', default='volume:cinder:publicURL',
description="Info to match when looking for cinder in the service catalog Format is : separated values of the form: <service_type>:<service_name>:<endpoint_type> ")
glance_2013_2.param(
'cinder_endpoint_template', type='string', default=None,
description="Override service catalog lookup with template for cinder endpoint e.g. http://localhost:8776/v1/%(project_id)s ")
glance_2013_2.param('os_region_name', type='string',
default=None, description="Region name of this node ")
glance_2013_2.param(
'cinder_ca_certificates_file', type='string', default=None,
description="Location of ca certicates file to use for cinder client requests ")
glance_2013_2.param('cinder_http_retries', type='integer', default=3,
description="Number of cinderclient retries on failed http calls ")
glance_2013_2.param('cinder_api_insecure', type='boolean', default=False,
description="Allow to perform insecure SSL requests to cinder ")
glance_2013_2.param('delayed_delete', type='string',
default='False', description="Turn on/off delayed delete")
glance_2013_2.param('scrub_time', type='string',
default='43200', description="Delayed delete time in seconds")
glance_2013_2.param(
'scrubber_datadir', type='string', default='/var/lib/glance/scrubber',
description="Directory that the scrubber will use to remind itself of what to delete Make sure this is also set in glance-scrubber.conf")
glance_2013_2.param(
'image_cache_dir', type='string', default='/var/lib/glance/image-cache/',
description="Base directory that the Image Cache uses")
glance_2013_2.section('keystone_authtoken')
glance_2013_2.param(
'auth_host', type='host', default='127.0.0.1', description="")
glance_2013_2.param(
'auth_port', type='string', default='35357', description="")
glance_2013_2.param(
'auth_protocol', type='string', default='http', description="")
glance_2013_2.param('admin_tenant_name', type='string',
default='%SERVICE_TENANT_NAME%', description="")
glance_2013_2.param(
'admin_user', type='string', default='%SERVICE_USER%', description="")
glance_2013_2.param('admin_password', type='string',
default='%SERVICE_PASSWORD%', description="")
glance_2013_2.section('paste_deploy')
glance_2013_2.param(
'config_file', type='string', default='glance-api-paste.ini',
description="Name of the paste configuration file that defines the available pipelines")
glance_2013_2.param('flavor', type='string', default='',
description="Partial name of a pipeline in your paste configuration file with the service name removed. For example, if your paste section name is [pipeline:glance-api-keystone], you would configure the flavor below as 'keystone'.")

370
rubick/schemas/keystone/v2013_2.py Normal file
View File

@ -0,0 +1,370 @@
from rubick.schema import ConfigSchemaRegistry
keystone = ConfigSchemaRegistry.register_schema(project='keystone')
with keystone.version('2013.2') as keystone_2013_2:
keystone_2013_2.section('DEFAULT')
keystone_2013_2.param('admin_token', type='string', default='ADMIN',
description="A 'shared secret' between keystone and other openstack services")
keystone_2013_2.param('bind_host', type='host', default='0.0.0.0',
description="The IP address of the network interface to listen on")
keystone_2013_2.param('public_port', type='string', default='5000',
description="The port number which the public service listens on")
keystone_2013_2.param('admin_port', type='string', default='35357',
description="The port number which the public admin listens on")
keystone_2013_2.param(
'public_endpoint', type='string', default='http://localhost:%(public_port)s/',
description="The base endpoint URLs for keystone that are advertised to clients (NOTE: this does NOT affect how keystone listens for connections)")
keystone_2013_2.param(
'admin_endpoint', type='string', default='http://localhost:%(admin_port)s/',
description="The base endpoint URLs for keystone that are advertised to clients (NOTE: this does NOT affect how keystone listens for connections)")
keystone_2013_2.param('compute_port', type='string', default='8774',
description="The port number which the OpenStack Compute service listens on")
keystone_2013_2.param('policy_file', type='string', default='policy.json',
description="Path to your policy definition containing identity actions")
keystone_2013_2.param(
'policy_default_rule', type='string', default='admin_required',
description="Rule to check if no matching policy definition is found FIXME(dolph): This should really be defined as [policy] default_rule")
keystone_2013_2.param(
'member_role_id', type='string', default='9fe2ff9ee4384b1894a90878d3e92bab',
description="Role for migrating membership relationships During a SQL upgrade, the following values will be used to create a new role that will replace records in the user_tenant_membership table with explicit role grants. After migration, the member_role_id will be used in the API add_user_to_project, and member_role_name will be ignored.")
keystone_2013_2.param(
'member_role_name', type='string', default='_member_',
description="Role for migrating membership relationships During a SQL upgrade, the following values will be used to create a new role that will replace records in the user_tenant_membership table with explicit role grants. After migration, the member_role_id will be used in the API add_user_to_project, and member_role_name will be ignored.")
keystone_2013_2.param(
'max_request_body_size', type='string', default='114688',
description="enforced by optional sizelimit middleware (keystone.middleware:RequestBodySizeLimiter)")
keystone_2013_2.param('max_param_size', type='string', default='64',
description="limit the sizes of user & tenant ID/names")
keystone_2013_2.param('max_token_size', type='string', default='8192',
description="similar to max_param_size, but provides an exception for token values")
keystone_2013_2.param('debug', type='string', default='False',
description="=== Logging Options === Print debugging output (includes plaintext request logging, potentially including passwords)")
keystone_2013_2.param('verbose', type='string',
default='False', description="Print more verbose output")
keystone_2013_2.param('log_file', type='string', default='keystone.log',
description="Name of log file to output to. If not set, logging will go to stdout.")
keystone_2013_2.param(
'log_dir', type='string', default='/var/log/keystone',
description="The directory to keep log files in (will be prepended to --logfile)")
keystone_2013_2.param('use_syslog', type='string',
default='False', description="Use syslog for logging.")
keystone_2013_2.param('syslog_log_facility', type='string',
default='LOG_USER', description="syslog facility to receive log lines")
keystone_2013_2.param('log_config', type='string', default='logging.conf',
description="If this option is specified, the logging configuration file specified is used and overrides any other logging options specified. Please see the Python logging module documentation for details on logging configuration files.")
keystone_2013_2.param('log_format', type='string',
default='%(asctime)s %(levelname)8s [%(name)s] %(message)s', description="A logging.Formatter log message format string which may use any of the available logging.LogRecord attributes.")
keystone_2013_2.param(
'log_date_format', type='string', default='%Y-%m-%d %H:%M:%S',
description="Format string for %(asctime)s in log records.")
keystone_2013_2.param(
'onready', type='string', default='keystone.common.systemd',
description="onready allows you to send a notification when the process is ready to serve For example, to have it notify using systemd, one could set shell command: onready = systemd-notify --ready or a module with notify() method:")
keystone_2013_2.param(
'notification_driver', type='string', default='keystone.openstack.common.notifier.rpc_notifier',
description="notification_driver can be defined multiple times Do nothing driver (the default) notification_driver = keystone.openstack.common.notifier.no_op_notifier Logging driver example (not enabled by default) notification_driver = keystone.openstack.common.notifier.log_notifier RPC driver example (not enabled by default)")
keystone_2013_2.param(
'default_notification_level', type='string', default='INFO',
description="Default notification level for outgoing notifications")
keystone_2013_2.param('default_publisher_id', type='string', default='',
description="Default publisher_id for outgoing notifications; included in the payload.")
keystone_2013_2.param(
'notification_topics', type='string', default='notifications',
description="AMQP topics to publish to when using the RPC notification driver. Multiple values can be specified by separating with commas. The actual topic names will be %s.%(default_notification_level)s")
keystone_2013_2.param(
'rpc_backend', type='string', default='keystone.openstack.common.rpc.impl_kombu',
description="The messaging module to use, defaults to kombu.")
keystone_2013_2.param('rpc_thread_pool_size', type='string',
default='64', description="Size of RPC thread pool")
keystone_2013_2.param('rpc_conn_pool_size', type='string',
default='30', description="Size of RPC connection pool")
keystone_2013_2.param('rpc_response_timeout', type='string', default='60',
description="Seconds to wait for a response from call or multicall")
keystone_2013_2.param('rpc_cast_timeout', type='string', default='30',
description="Seconds to wait before a cast expires (TTL). Only supported by impl_zmq.")
keystone_2013_2.param(
'allowed_rpc_exception_modules', type='string', default='keystone.openstack.common.exception,nova.exception,cinder.exception,exceptions',
description="Modules of exceptions that are permitted to be recreated upon receiving exception data from an rpc call.")
keystone_2013_2.param('fake_rabbit', type='string', default='False',
description="If True, use a fake RabbitMQ provider")
keystone_2013_2.param(
'control_exchange', type='string', default='openstack',
description="AMQP exchange to connect to if using RabbitMQ or Qpid")
keystone_2013_2.section('sql')
keystone_2013_2.param(
'connection', type='string', default='sqlite:///keystone.db',
description="The SQLAlchemy connection string used to connect to the database")
keystone_2013_2.param('idle_timeout', type='string', default='200',
description="the timeout before idle sql connections are reaped")
keystone_2013_2.section('identity')
keystone_2013_2.param(
'driver', type='string', default='keystone.identity.backends.sql.Identity', description="")
keystone_2013_2.param(
'default_domain_id', type='string', default='default',
description="This references the domain to use for all Identity API v2 requests (which are not aware of domains). A domain with this ID will be created for you by keystone-manage db_sync in migration 008. The domain referenced by this ID cannot be deleted on the v3 API, to prevent accidentally breaking the v2 API. There is nothing special about this domain, other than the fact that it must exist to order to maintain support for your v2 clients.")
keystone_2013_2.param(
'domain_specific_drivers_enabled', type='string', default='False',
description="A subset (or all) of domains can have their own identity driver, each with their own partial configuration file in a domain configuration directory. Only values specific to the domain need to be placed in the domain specific configuration file. This feature is disabled by default; set domain_specific_drivers_enabled to True to enable.")
keystone_2013_2.param(
'domain_config_dir', type='string', default='/etc/keystone/domains',
description="A subset (or all) of domains can have their own identity driver, each with their own partial configuration file in a domain configuration directory. Only values specific to the domain need to be placed in the domain specific configuration file. This feature is disabled by default; set domain_specific_drivers_enabled to True to enable.")
keystone_2013_2.param('max_password_length', type='string', default='4096',
description="Maximum supported length for user passwords; decrease to improve performance.")
keystone_2013_2.section('credential')
keystone_2013_2.param(
'driver', type='string', default='keystone.credential.backends.sql.Credential', description="")
keystone_2013_2.section('trust')
keystone_2013_2.param(
'driver', type='string', default='keystone.trust.backends.sql.Trust', description="")
keystone_2013_2.param('enabled', type='string', default='True',
description="delegation and impersonation features can be optionally disabled")
keystone_2013_2.section('os_inherit')
keystone_2013_2.param('enabled', type='string', default='False',
description="role-assignment inheritance to projects from owning domain can be optionally enabled")
keystone_2013_2.section('catalog')
keystone_2013_2.param(
'driver', type='string', default='keystone.catalog.backends.sql.Catalog',
description="dynamic, sql-based backend (supports API/CLI-based management commands)")
keystone_2013_2.param(
'driver', type='string', default='keystone.catalog.backends.templated.TemplatedCatalog',
description="static, file-based backend (does *NOT* support any management commands)")
keystone_2013_2.param('template_file', type='string',
default='default_catalog.templates', description="")
keystone_2013_2.section('endpoint_filter')
keystone_2013_2.param(
'driver', type='string', default='keystone.contrib.endpoint_filter.backends.sql.EndpointFilter',
description="extension for creating associations between project and endpoints in order to provide a tailored catalog for project-scoped token requests.")
keystone_2013_2.param(
'return_all_endpoints_if_no_filter', type='string', default='True',
description="extension for creating associations between project and endpoints in order to provide a tailored catalog for project-scoped token requests.")
keystone_2013_2.section('token')
keystone_2013_2.param(
'driver', type='string', default='keystone.token.backends.sql.Token', description="Provides token persistence.")
keystone_2013_2.param('provider', type='string', default='',
description="Controls the token construction, validation, and revocation operations. Core providers are keystone.token.providers.[pki|uuid].Provider")
keystone_2013_2.param('expiration', type='string', default='86400',
description="Amount of time a token should remain valid (in seconds)")
keystone_2013_2.param('bind', type='string', default='',
description="External auth mechanisms that should add bind information to token. eg kerberos, x509")
keystone_2013_2.param(
'enforce_token_bind', type='string', default='permissive',
description="Enforcement policy on tokens presented to keystone with bind information. One of disabled, permissive, strict, required or a specifically required bind mode e.g. kerberos or x509 to require binding to that authentication.")
keystone_2013_2.param('caching', type='string', default='True',
description="Token specific caching toggle. This has no effect unless the global caching option is set to True")
keystone_2013_2.param('cache_time', type='string', default='',
description="Token specific cache time-to-live (TTL) in seconds.")
keystone_2013_2.param(
'revocation_cache_time', type='string', default='3600',
description="Revocation-List specific cache time-to-live (TTL) in seconds.")
keystone_2013_2.section('cache')
keystone_2013_2.param('enabled', type='string', default='False',
description="Global cache functionality toggle.")
keystone_2013_2.param(
'config_prefix', type='string', default='cache.keystone',
description="Prefix for building the configuration dictionary for the cache region. This should not need to be changed unless there is another dogpile.cache region with the same configuration name")
keystone_2013_2.param('expiration_time', type='string', default='600',
description="Default TTL, in seconds, for any cached item in the dogpile.cache region. This applies to any cached method that doesn't have an explicit cache expiration time defined for it.")
keystone_2013_2.param(
'backend', type='string', default='keystone.common.cache.noop',
description="Dogpile.cache backend module. It is recommended that Memcache (dogpile.cache.memcache) or Redis (dogpile.cache.redis) be used in production deployments. Small workloads (single process) like devstack can use the dogpile.cache.memory backend.")
keystone_2013_2.param('backend_argument', type='string', default='',
description="Arguments supplied to the backend module. Specify this option once per argument to be passed to the dogpile.cache backend. Example format: <argname>:<value>")
keystone_2013_2.param('proxies', type='string', default='',
description="Proxy Classes to import that will affect the way the dogpile.cache backend functions. See the dogpile.cache documentation on changing-backend-behavior. Comma delimited list e.g. my.dogpile.proxy.Class, my.dogpile.proxyClass2")
keystone_2013_2.param('use_key_mangler', type='string', default='True',
description="Use a key-mangling function (sha1) to ensure fixed length cache-keys. This is toggle-able for debugging purposes, it is highly recommended to always leave this set to True.")
keystone_2013_2.param(
'debug_cache_backend', type='string', default='False',
description="Extra debugging from the cache backend (cache keys, get/set/delete/etc calls) This is only really useful if you need to see the specific cache-backend get/set/delete calls with the keys/values. Typically this should be left set to False.")
keystone_2013_2.section('policy')
keystone_2013_2.param(
'driver', type='string', default='keystone.policy.backends.sql.Policy', description="")
keystone_2013_2.section('ec2')
keystone_2013_2.param(
'driver', type='string', default='keystone.contrib.ec2.backends.kvs.Ec2', description="")
keystone_2013_2.section('assignment')
keystone_2013_2.param('driver', type='string', default='', description="")
keystone_2013_2.param('caching', type='string', default='True',
description="Assignment specific caching toggle. This has no effect unless the global caching option is set to True")
keystone_2013_2.param('cache_time', type='string', default='',
description="Assignment specific cache time-to-live (TTL) in seconds.")
keystone_2013_2.section('oauth1')
keystone_2013_2.param(
'driver', type='string', default='keystone.contrib.oauth1.backends.sql.OAuth1', description="")
keystone_2013_2.param(
'request_token_duration', type='string', default='28800',
description="The Identity service may include expire attributes. If no such attribute is included, then the token lasts indefinitely. Specify how quickly the request token will expire (in seconds)")
keystone_2013_2.param(
'access_token_duration', type='string', default='86400',
description="The Identity service may include expire attributes. If no such attribute is included, then the token lasts indefinitely. Specify how quickly the request token will expire (in seconds) Specify how quickly the access token will expire (in seconds)")
keystone_2013_2.section('ssl')
keystone_2013_2.param(
'enable', type='string', default='True', description="")
keystone_2013_2.param('certfile', type='string',
default='/etc/keystone/pki/certs/ssl_cert.pem', description="")
keystone_2013_2.param(
'keyfile', type='string', default='/etc/keystone/pki/private/ssl_key.pem', description="")
keystone_2013_2.param('ca_certs', type='string',
default='/etc/keystone/pki/certs/cacert.pem', description="")
keystone_2013_2.param(
'ca_key', type='string', default='/etc/keystone/pki/private/cakey.pem', description="")
keystone_2013_2.param(
'key_size', type='string', default='1024', description="")
keystone_2013_2.param(
'valid_days', type='string', default='3650', description="")
keystone_2013_2.param(
'cert_required', type='string', default='False', description="")
keystone_2013_2.param('cert_subject', type='string',
default='/C=US/ST=Unset/L=Unset/O=Unset/CN=localhost', description="")
keystone_2013_2.section('signing')
keystone_2013_2.param('token_format', type='string', default='',
description="Deprecated in favor of provider in the [token] section Allowed values are PKI or UUID")
keystone_2013_2.param('certfile', type='string',
default='/etc/keystone/pki/certs/signing_cert.pem', description="")
keystone_2013_2.param(
'keyfile', type='string', default='/etc/keystone/pki/private/signing_key.pem', description="")
keystone_2013_2.param('ca_certs', type='string',
default='/etc/keystone/pki/certs/cacert.pem', description="")
keystone_2013_2.param(
'ca_key', type='string', default='/etc/keystone/pki/private/cakey.pem', description="")
keystone_2013_2.param(
'key_size', type='string', default='2048', description="")
keystone_2013_2.param(
'valid_days', type='string', default='3650', description="")
keystone_2013_2.param('cert_subject', type='string',
default='/C=US/ST=Unset/L=Unset/O=Unset/CN=www.example.com', description="")
keystone_2013_2.section('ldap')
keystone_2013_2.section('auth')
keystone_2013_2.param(
'methods', type='string', default='external,password,token,oauth1', description="")
keystone_2013_2.param('external', type='string',
default='keystone.auth.plugins.external.ExternalDefault', description="")
keystone_2013_2.param('password', type='string',
default='keystone.auth.plugins.password.Password', description="")
keystone_2013_2.param(
'token', type='string', default='keystone.auth.plugins.token.Token', description="")
keystone_2013_2.param(
'oauth1', type='string', default='keystone.auth.plugins.oauth1.OAuth', description="")
keystone_2013_2.section('paste_deploy')
keystone_2013_2.param(
'config_file', type='string', default='keystone-paste.ini',
description="Name of the paste configuration file that defines the available pipelines")

2149
rubick/schemas/nova/v2013_2.py Normal file
View File

File diff suppressed because it is too large Load Diff

2
rubick/schemas/schema_generator.py
View File

@ -92,7 +92,7 @@ with {0}.version('{1}') as {2}:""".format(project, version, conf_variable)
f.write("\n\n %s.param('%s', type='%s', default=%s" % (
conf_variable, param_name, param_type, repr(param_value)))
f.write(", description=\"%s\"" % (
description.replace('"', '\"')))
description.replace('"', '\'')))
f.write(")")