diff --git a/config_samples/config/host1/filesystem b/config_samples/config/host1/filesystem deleted file mode 100644 index 09b33e5..0000000 --- a/config_samples/config/host1/filesystem +++ /dev/null @@ -1,20 +0,0 @@ -# type | source filesystem | reference file | owner | group | permissions - -dir|/etc/cinder|cinder|cinder|0750 -file|/etc/cinder/cinder.conf|etc/cinder/cinder.conf|cinder|cinder|0640 -file|/etc/cinder/logging.conf|etc/cinder/logging.conf|cinder|cinder|0640 -file|/etc/cinder/api-paste.ini|etc/cinder/api-paste.ini|cinder|cinder|0640 -file|/etc/cinder/policy.json|etc/cinder/policy.json|cinder|cinder|0640 -file|/etc/cinder/rootwrap.conf|etc/cinder/rootwrap.conf|cinder|cinder|0640 - -dir|/etc/glance|glance|glance|0750 -file|/etc/glance/glance-cache.conf|etc/glance/glance-cache.conf|glance|glance|0640 -file|/etc/glance/glance-api.conf|etc/glance/glance-api.conf|glance|glance|0640 -file|/etc/glance/glance-api-paste.ini|etc/glance/glance-api-paste.ini|glance|glance|0640 -file|/etc/glance/logging.conf|etc/glance/logging.conf|glance|glance|0640 -file|/etc/glance/glance-registry.conf|etc/glance/glance-registry.conf|glance|glance|0640 -file|/etc/glance/policy.json|etc/glance/policy.json|glance|glance|0640 -file|/etc/glance/schema-image.json|etc/glance/schema-image.json|glance|glance|0640 -file|/etc/glance/glance-scrubber.conf|etc/glance/glance-scrubber.conf|glance|glance|0640 -file|/etc/glance/glance-registry-paste.ini|etc/glance/glance-registry-paste.ini|glance|glance|0640 - diff --git a/config_samples/config/host1/root/etc/cinder/api-paste.ini b/config_samples/config/host1/root/etc/cinder/api-paste.ini deleted file mode 100644 index 5bfd738..0000000 --- a/config_samples/config/host1/root/etc/cinder/api-paste.ini +++ /dev/null @@ -1,52 +0,0 @@ -############# -# OpenStack # -############# - -[composite:osapi_volume] -use = call:cinder.api:root_app_factory -/: apiversions -/v1: openstack_volume_api_v1 -/v2: openstack_volume_api_v2 - -[composite:openstack_volume_api_v1] -use = call:cinder.api.middleware.auth:pipeline_factory -noauth = faultwrap sizelimit noauth apiv1 -keystone = faultwrap sizelimit authtoken keystonecontext apiv1 -keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv1 - -[composite:openstack_volume_api_v2] -use = call:cinder.api.middleware.auth:pipeline_factory -noauth = faultwrap sizelimit noauth apiv2 -keystone = faultwrap sizelimit authtoken keystonecontext apiv2 -keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv2 - -[filter:faultwrap] -paste.filter_factory = cinder.api.middleware.fault:FaultWrapper.factory - -[filter:noauth] -paste.filter_factory = cinder.api.middleware.auth:NoAuthMiddleware.factory - -[filter:sizelimit] -paste.filter_factory = cinder.api.middleware.sizelimit:RequestBodySizeLimiter.factory - -[app:apiv1] -paste.app_factory = cinder.api.v1.router:APIRouter.factory - -[app:apiv2] -paste.app_factory = cinder.api.v2.router:APIRouter.factory - -[pipeline:apiversions] -pipeline = faultwrap osvolumeversionapp - -[app:osvolumeversionapp] -paste.app_factory = cinder.api.versions:Versions.factory - -########## -# Shared # -########## - -[filter:keystonecontext] -paste.filter_factory = cinder.api.middleware.auth:CinderKeystoneContext.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory diff --git a/config_samples/config/host1/root/etc/cinder/cinder.conf b/config_samples/config/host1/root/etc/cinder/cinder.conf deleted file mode 100644 index 5c54d4a..0000000 --- a/config_samples/config/host1/root/etc/cinder/cinder.conf +++ /dev/null @@ -1,35 +0,0 @@ -[DEFAULT] -state_path = /var/lib/cinder -lock_path = /var/lib/cinder/tmp -volumes_dir = /etc/cinder/volumes -iscsi_helper = tgtadm -sql_connection = mysql://cinder:ziNOHbWN@192.168.0.2/cinder?charset=utf8 -rpc_backend = cinder.openstack.common.rpc.impl_kombu -rootwrap_config = /etc/cinder/rootwrap.conf -use_syslog=true -api_paste_config=/etc/cinder/api-paste.ini -debug=True -volume_group=cinder -log_config=/etc/cinder/logging.conf -rabbit_userid=nova -bind_host=0.0.0.0 -osapi_volume_listen=0.0.0.0 -iscsi_ip_address=192.168.1.4 -auth_strategy=keystone -glance_api_servers=192.168.0.2:9292 -rabbit_virtual_host=/ -rabbit_hosts=192.168.0.2:5672 -verbose=True -rabbit_ha_queues=True -rabbit_password=HNmMv5tY -rabbit_port=5672 - -[keystone_authtoken] -admin_tenant_name = services -admin_user = cinder -admin_password = 6LwUQj84 -auth_host = 192.168.0.2 -auth_port = 35357 -auth_protocol = http -signing_dirname = /tmp/keystone-signing-cinder -signing_dir=/tmp/keystone-signing-cinder diff --git a/config_samples/config/host1/root/etc/cinder/logging.conf b/config_samples/config/host1/root/etc/cinder/logging.conf deleted file mode 100644 index ee2835e..0000000 --- a/config_samples/config/host1/root/etc/cinder/logging.conf +++ /dev/null @@ -1,35 +0,0 @@ -[loggers] -keys = root - -# devel is reserved for future usage -[handlers] -keys = production,devel - -[formatters] -keys = normal,debug - -[logger_root] -level = NOTSET -handlers = production -propagate = 1 -#qualname = cinder - -[formatter_debug] -format = cinder-%(name)s %(levelname)s: %(module)s %(funcName)s %(message)s - -[formatter_normal] -format = cinder-%(name)s %(levelname)s: %(message)s - -# Extended logging info to LOG_LOCAL3 with debug:True and verbose:True -# Note: local copy goes to /var/log/cinder-all.log -[handler_production] -class = handlers.SysLogHandler -level = DEBUG -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL3) -formatter = normal - -# TODO find out how it could be usefull and how it should be used -[handler_devel] -class = StreamHandler -formatter = debug -args = (sys.stdout,) diff --git a/config_samples/config/host1/root/etc/cinder/policy.json b/config_samples/config/host1/root/etc/cinder/policy.json deleted file mode 100644 index f2bcc1b..0000000 --- a/config_samples/config/host1/root/etc/cinder/policy.json +++ /dev/null @@ -1,33 +0,0 @@ -{ - "context_is_admin": [["role:admin"]], - "admin_or_owner": [["is_admin:True"], ["project_id:%(project_id)s"]], - "default": [["rule:admin_or_owner"]], - - "admin_api": [["is_admin:True"]], - - "volume:create": [], - "volume:get_all": [], - "volume:get_volume_metadata": [], - "volume:get_snapshot": [], - "volume:get_all_snapshots": [], - - "volume_extension:types_manage": [["rule:admin_api"]], - "volume_extension:types_extra_specs": [["rule:admin_api"]], - "volume_extension:extended_snapshot_attributes": [], - "volume_extension:volume_image_metadata": [], - - "volume_extension:quotas:show": [], - "volume_extension:quotas:update": [["rule:admin_api"]], - "volume_extension:quota_classes": [], - - "volume_extension:volume_admin_actions:reset_status": [["rule:admin_api"]], - "volume_extension:snapshot_admin_actions:reset_status": [["rule:admin_api"]], - "volume_extension:volume_admin_actions:force_delete": [["rule:admin_api"]], - "volume_extension:snapshot_admin_actions:force_delete": [["rule:admin_api"]], - - "volume_extension:volume_host_attribute": [["rule:admin_api"]], - "volume_extension:volume_tenant_attribute": [["rule:admin_api"]], - "volume_extension:hosts": [["rule:admin_api"]], - "volume_extension:services": [["rule:admin_api"]], - "volume:services": [["rule:admin_api"]] -} diff --git a/config_samples/config/host1/root/etc/cinder/rootwrap.conf b/config_samples/config/host1/root/etc/cinder/rootwrap.conf deleted file mode 100644 index dfa8a99..0000000 --- a/config_samples/config/host1/root/etc/cinder/rootwrap.conf +++ /dev/null @@ -1,27 +0,0 @@ -# Configuration for cinder-rootwrap -# This file should be owned by (and only-writeable by) the root user - -[DEFAULT] -# List of directories to load filter definitions from (separated by ','). -# These directories MUST all be only writeable by root ! -filters_path=/etc/cinder/rootwrap.d,/usr/share/cinder/rootwrap - -# List of directories to search executables in, in case filters do not -# explicitely specify a full path (separated by ',') -# If not specified, defaults to system PATH environment variable. -# These directories MUST all be only writeable by root ! -exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin - -# Enable logging to syslog -# Default value is False -use_syslog=False - -# Which syslog facility to use. -# Valid values include auth, authpriv, syslog, user0, user1... -# Default value is 'syslog' -syslog_log_facility=syslog - -# Which messages to log. -# INFO means log all usage -# ERROR means only log unsuccessful attempts -syslog_log_level=ERROR diff --git a/config_samples/config/host1/root/etc/glance/glance-api-paste.ini b/config_samples/config/host1/root/etc/glance/glance-api-paste.ini deleted file mode 100644 index 0b29bc9..0000000 --- a/config_samples/config/host1/root/etc/glance/glance-api-paste.ini +++ /dev/null @@ -1,57 +0,0 @@ -# Use this pipeline for no auth or image caching - DEFAULT -[pipeline:glance-api] -pipeline = versionnegotiation unauthenticated-context rootapp - -# Use this pipeline for image caching and no auth -[pipeline:glance-api-caching] -pipeline = versionnegotiation unauthenticated-context cache rootapp - -# Use this pipeline for caching w/ management interface but no auth -[pipeline:glance-api-cachemanagement] -pipeline = versionnegotiation unauthenticated-context cache cachemanage rootapp - -# Use this pipeline for keystone auth -[pipeline:glance-api-keystone] -pipeline = versionnegotiation authtoken context rootapp - -# Use this pipeline for keystone auth with image caching -[pipeline:glance-api-keystone+caching] -pipeline = versionnegotiation authtoken context cache rootapp - -# Use this pipeline for keystone auth with caching and cache management -[pipeline:glance-api-keystone+cachemanagement] -pipeline = versionnegotiation authtoken context cache cachemanage rootapp - -[composite:rootapp] -paste.composite_factory = glance.api:root_app_factory -/: apiversions -/v1: apiv1app -/v2: apiv2app - -[app:apiversions] -paste.app_factory = glance.api.versions:create_resource - -[app:apiv1app] -paste.app_factory = glance.api.v1.router:API.factory - -[app:apiv2app] -paste.app_factory = glance.api.v2.router:API.factory - -[filter:versionnegotiation] -paste.filter_factory = glance.api.middleware.version_negotiation:VersionNegotiationFilter.factory - -[filter:cache] -paste.filter_factory = glance.api.middleware.cache:CacheFilter.factory - -[filter:cachemanage] -paste.filter_factory = glance.api.middleware.cache_manage:CacheManageFilter.factory - -[filter:context] -paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory - -[filter:unauthenticated-context] -paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory -delay_auth_decision = true diff --git a/config_samples/config/host1/root/etc/glance/glance-api.conf b/config_samples/config/host1/root/etc/glance/glance-api.conf deleted file mode 100644 index 87867b2..0000000 --- a/config_samples/config/host1/root/etc/glance/glance-api.conf +++ /dev/null @@ -1,363 +0,0 @@ -[DEFAULT] -# Show more verbose log output (sets INFO log level output) -#verbose = False -verbose = true - -# Show debugging output in logs (sets DEBUG log level output) -#debug = False -debug = true - -# Which backend scheme should Glance use by default is not specified -# in a request to add a new image to Glance? Known schemes are determined -# by the known_stores option below. -# Default: 'file' -default_store = file - -# List of which store classes and store class locations are -# currently known to glance at startup. -#known_stores = glance.store.filesystem.Store, -# glance.store.http.Store, -# glance.store.rbd.Store, -# glance.store.s3.Store, -# glance.store.swift.Store, - - -# Maximum image size (in bytes) that may be uploaded through the -# Glance API server. Defaults to 1 TB. -# WARNING: this value should only be increased after careful consideration -# and must be set to a value under 8 EB (9223372036854775808). -#image_size_cap = 1099511627776 - -# Address to bind the API server -bind_host = 0.0.0.0 - -# Port the bind the API server to -bind_port = 9292 - -# Log to this file. Make sure you do not set the same log -# file for both the API and registry servers! - -# Backlog requests when creating socket -backlog = 4096 - -# TCP_KEEPIDLE value in seconds when creating socket. -# Not supported on OS X. -#tcp_keepidle = 600 - -# SQLAlchemy connection string for the reference implementation -# registry server. Any valid SQLAlchemy connection string is fine. -# See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine -sql_connection = mysql://glance:fXcrTaoy@127.0.0.1/glance - -# Period in seconds after which SQLAlchemy should reestablish its connection -# to the database. -# -# MySQL uses a default `wait_timeout` of 8 hours, after which it will drop -# idle connections. This can result in 'MySQL Gone Away' exceptions. If you -# notice this, you can lower this value to ensure that SQLAlchemy reconnects -# before MySQL can drop the connection. -sql_idle_timeout = 3600 - -# Number of Glance API worker processes to start. -# On machines with more than one CPU increasing this value -# may improve performance (especially if using SSL with -# compression turned on). It is typically recommended to set -# this value to the number of CPUs present on your machine. -workers = 8 - -# Role used to identify an authenticated user as administrator -#admin_role = admin - -# Allow unauthenticated users to access the API with read-only -# privileges. This only applies when using ContextMiddleware. -#allow_anonymous_access = False - -# Allow access to version 1 of glance api -#enable_v1_api = True - -# Allow access to version 2 of glance api -#enable_v2_api = True - -# Return the URL that references where the data is stored on -# the backend storage system. For example, if using the -# file system store a URL of 'file:///path/to/image' will -# be returned to the user in the 'direct_url' meta-data field. -# The default value is false. -#show_image_direct_url = False - -# ================= Syslog Options ============================ - -# Send logs to syslog (/dev/log) instead of to file specified -# by `log_file` -#use_syslog = False -use_syslog = true - -# Facility to use. If unset defaults to LOG_USER. -#syslog_log_facility = LOG_LOCAL0 - -# ================= SSL Options =============================== - -# Certificate file to use when starting API server securely -#cert_file = /path/to/certfile - -# Private key file to use when starting API server securely -#key_file = /path/to/keyfile - -# CA certificate file to use to verify connecting clients -#ca_file = /path/to/cafile - -# ================= Security Options ========================== - -# AES key for encrypting store 'location' metadata, including -# -- if used -- Swift or S3 credentials -# Should be set to a random string of length 16, 24 or 32 bytes -#metadata_encryption_key = <16, 24 or 32 char registry metadata key> - -# ============ Registry Options =============================== - -# Address to find the registry server -registry_host = 127.0.0.1 - -# Port the registry server is listening on -registry_port = 9191 - -# What protocol to use when connecting to the registry server? -# Set to https for secure HTTP communication -registry_client_protocol = http - -# The path to the key file to use in SSL connections to the -# registry server, if any. Alternately, you may set the -# GLANCE_CLIENT_KEY_FILE environ variable to a filepath of the key file -#registry_client_key_file = /path/to/key/file - -# The path to the cert file to use in SSL connections to the -# registry server, if any. Alternately, you may set the -# GLANCE_CLIENT_CERT_FILE environ variable to a filepath of the cert file -#registry_client_cert_file = /path/to/cert/file - -# The path to the certifying authority cert file to use in SSL connections -# to the registry server, if any. Alternately, you may set the -# GLANCE_CLIENT_CA_FILE environ variable to a filepath of the CA cert file -#registry_client_ca_file = /path/to/ca/file - -# When using SSL in connections to the registry server, do not require -# validation via a certifying authority. This is the registry's equivalent of -# specifying --insecure on the command line using glanceclient for the API -# Default: False -#registry_client_insecure = False - -# The period of time, in seconds, that the API server will wait for a registry -# request to complete. A value of '0' implies no timeout. -# Default: 600 -#registry_client_timeout = 600 - -# Whether to automatically create the database tables. -# Default: False -#db_auto_create = False - -# ============ Notification System Options ===================== - -# Notifications can be sent when images are create, updated or deleted. -# There are three methods of sending notifications, logging (via the -# log_file directive), rabbit (via a rabbitmq queue), qpid (via a Qpid -# message queue), or noop (no notifications sent, the default) -notifier_strategy = noop - -# Configuration options if sending notifications via rabbitmq (these are -# the defaults) -rabbit_host = localhost -rabbit_port = 5672 -rabbit_use_ssl = false -rabbit_userid = guest -rabbit_password = guest -rabbit_virtual_host = / -rabbit_notification_exchange = glance -rabbit_notification_topic = notifications -rabbit_durable_queues = False - -# Configuration options if sending notifications via Qpid (these are -# the defaults) -qpid_notification_exchange = glance -qpid_notification_topic = notifications -qpid_host = localhost -qpid_port = 5672 -qpid_username = -qpid_password = -qpid_sasl_mechanisms = -qpid_reconnect_timeout = 0 -qpid_reconnect_limit = 0 -qpid_reconnect_interval_min = 0 -qpid_reconnect_interval_max = 0 -qpid_reconnect_interval = 0 -qpid_heartbeat = 5 -# Set to 'ssl' to enable SSL -qpid_protocol = tcp -qpid_tcp_nodelay = True - -# ============ Filesystem Store Options ======================== - -# Directory that the Filesystem backend store -# writes image data to -filesystem_store_datadir = /var/lib/glance/images/ - -# ============ Swift Store Options ============================= - -# Version of the authentication service to use -# Valid versions are '2' for keystone and '1' for swauth and rackspace -swift_store_auth_version = 2 - -# Address where the Swift authentication service lives -# Valid schemes are 'http://' and 'https://' -# If no scheme specified, default to 'https://' -# For swauth, use something like '127.0.0.1:8080/v1.0/' -swift_store_auth_address = 127.0.0.1:5000/v2.0/ - -# User to authenticate against the Swift authentication service -# If you use Swift authentication service, set it to 'account':'user' -# where 'account' is a Swift storage account and 'user' -# is a user in that account -swift_store_user = jdoe:jdoe - -# Auth key for the user authenticating against the -# Swift authentication service -swift_store_key = a86850deb2742ec3cb41518e26aa2d89 - -# Container within the account that the account should use -# for storing images in Swift -swift_store_container = glance - -# Do we create the container if it does not exist? -swift_store_create_container_on_put = False - -# What size, in MB, should Glance start chunking image files -# and do a large object manifest in Swift? By default, this is -# the maximum object size in Swift, which is 5GB -swift_store_large_object_size = 5120 - -# When doing a large object manifest, what size, in MB, should -# Glance write chunks to Swift? This amount of data is written -# to a temporary disk buffer during the process of chunking -# the image file, and the default is 200MB -swift_store_large_object_chunk_size = 200 - -# Whether to use ServiceNET to communicate with the Swift storage servers. -# (If you aren't RACKSPACE, leave this False!) -# -# To use ServiceNET for authentication, prefix hostname of -# `swift_store_auth_address` with 'snet-'. -# Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/ -swift_enable_snet = False - -# If set to True enables multi-tenant storage mode which causes Glance images -# to be stored in tenant specific Swift accounts. -#swift_store_multi_tenant = False - -# A list of swift ACL strings that will be applied as both read and -# write ACLs to the containers created by Glance in multi-tenant -# mode. This grants the specified tenants/users read and write access -# to all newly created image objects. The standard swift ACL string -# formats are allowed, including: -# : -# : -# *: -# Multiple ACLs can be combined using a comma separated list, for -# example: swift_store_admin_tenants = service:glance,*:admin -#swift_store_admin_tenants = - -# The region of the swift endpoint to be used for single tenant. This setting -# is only necessary if the tenant has multiple swift endpoints. -#swift_store_region = - -# ============ S3 Store Options ============================= - -# Address where the S3 authentication service lives -# Valid schemes are 'http://' and 'https://' -# If no scheme specified, default to 'http://' -s3_store_host = 127.0.0.1:8080/v1.0/ - -# User to authenticate against the S3 authentication service -s3_store_access_key = <20-char AWS access key> - -# Auth key for the user authenticating against the -# S3 authentication service -s3_store_secret_key = <40-char AWS secret key> - -# Container within the account that the account should use -# for storing images in S3. Note that S3 has a flat namespace, -# so you need a unique bucket name for your glance images. An -# easy way to do this is append your AWS access key to "glance". -# S3 buckets in AWS *must* be lowercased, so remember to lowercase -# your AWS access key if you use it in your bucket name below! -s3_store_bucket = glance - -# Do we create the bucket if it does not exist? -s3_store_create_bucket_on_put = False - -# When sending images to S3, the data will first be written to a -# temporary buffer on disk. By default the platform's temporary directory -# will be used. If required, an alternative directory can be specified here. -#s3_store_object_buffer_dir = /path/to/dir - -# When forming a bucket url, boto will either set the bucket name as the -# subdomain or as the first token of the path. Amazon's S3 service will -# accept it as the subdomain, but Swift's S3 middleware requires it be -# in the path. Set this to 'path' or 'subdomain' - defaults to 'subdomain'. -#s3_store_bucket_url_format = subdomain - -# ============ RBD Store Options ============================= - -# Ceph configuration file path -# If using cephx authentication, this file should -# include a reference to the right keyring -# in a client. section -rbd_store_ceph_conf = /etc/ceph/ceph.conf - -# RADOS user to authenticate as (only applicable if using cephx) -rbd_store_user = glance - -# RADOS pool in which images are stored -rbd_store_pool = images - -# Images will be chunked into objects of this size (in megabytes). -# For best performance, this should be a power of two -rbd_store_chunk_size = 8 - -# ============ Delayed Delete Options ============================= - -# Turn on/off delayed delete -delayed_delete = False - -# Delayed delete time in seconds -scrub_time = 43200 - -# Directory that the scrubber will use to remind itself of what to delete -# Make sure this is also set in glance-scrubber.conf -scrubber_datadir = /var/lib/glance/scrubber - -# =============== Image Cache Options ============================= - -# Base directory that the Image Cache uses -image_cache_dir = /var/lib/glance/image-cache/ -log_config=/etc/glance/logging.conf - -[keystone_authtoken] -auth_host = 127.0.0.1 -auth_port = 35357 -auth_protocol = http -admin_tenant_name = services -admin_user = glance -admin_password = HJhOWm8t -signing_dirname=/tmp/keystone-signing-glance -auth_uri=http://127.0.0.1:35357 -signing_dir=/tmp/keystone-signing-glance - -[paste_deploy] -# Name of the paste configuration file that defines the available pipelines -#config_file = glance-api-paste.ini - -# Partial name of a pipeline in your paste configuration file with the -# service name removed. For example, if your paste section name is -# [pipeline:glance-api-keystone], you would configure the flavor below -# as 'keystone'. -#flavor= -flavor=keystone+cachemanagement diff --git a/config_samples/config/host1/root/etc/glance/glance-cache.conf b/config_samples/config/host1/root/etc/glance/glance-cache.conf deleted file mode 100644 index d45247d..0000000 --- a/config_samples/config/host1/root/etc/glance/glance-cache.conf +++ /dev/null @@ -1,149 +0,0 @@ -[DEFAULT] -# Show more verbose log output (sets INFO log level output) -#verbose = False -verbose = true - -# Show debugging output in logs (sets DEBUG log level output) -#debug = False -debug = true - -log_file = /var/log/glance/image-cache.log - -# Send logs to syslog (/dev/log) instead of to file specified by `log_file` -#use_syslog = False -use_syslog = true - -# Directory that the Image Cache writes data to -image_cache_dir = /var/lib/glance/image-cache/ - -# Number of seconds after which we should consider an incomplete image to be -# stalled and eligible for reaping -image_cache_stall_time = 86400 - -# image_cache_invalid_entry_grace_period - seconds -# -# If an exception is raised as we're writing to the cache, the cache-entry is -# deemed invalid and moved to /invalid so that it can be -# inspected for debugging purposes. -# -# This is number of seconds to leave these invalid images around before they -# are elibible to be reaped. -image_cache_invalid_entry_grace_period = 3600 - -# Max cache size in bytes -image_cache_max_size = 10737418240 - -# Address to find the registry server -registry_host = 127.0.0.1 - -# Port the registry server is listening on -registry_port = 9191 - -# Auth settings if using Keystone -# auth_url = http://127.0.0.1:5000/v2.0/ -auth_url = http://127.0.0.1:35357 -# admin_tenant_name = %SERVICE_TENANT_NAME% -admin_tenant_name = services -# admin_user = %SERVICE_USER% -admin_user = glance -# admin_password = %SERVICE_PASSWORD% -admin_password = HJhOWm8t - -# List of which store classes and store class locations are -# currently known to glance at startup. -# known_stores = glance.store.filesystem.Store, -# glance.store.http.Store, -# glance.store.rbd.Store, -# glance.store.s3.Store, -# glance.store.swift.Store, - -# ============ Filesystem Store Options ======================== - -# Directory that the Filesystem backend store -# writes image data to -filesystem_store_datadir = /var/lib/glance/images/ - -# ============ Swift Store Options ============================= - -# Version of the authentication service to use -# Valid versions are '2' for keystone and '1' for swauth and rackspace -swift_store_auth_version = 2 - -# Address where the Swift authentication service lives -# Valid schemes are 'http://' and 'https://' -# If no scheme specified, default to 'https://' -# For swauth, use something like '127.0.0.1:8080/v1.0/' -swift_store_auth_address = 127.0.0.1:5000/v2.0/ - -# User to authenticate against the Swift authentication service -# If you use Swift authentication service, set it to 'account':'user' -# where 'account' is a Swift storage account and 'user' -# is a user in that account -swift_store_user = jdoe:jdoe - -# Auth key for the user authenticating against the -# Swift authentication service -swift_store_key = a86850deb2742ec3cb41518e26aa2d89 - -# Container within the account that the account should use -# for storing images in Swift -swift_store_container = glance - -# Do we create the container if it does not exist? -swift_store_create_container_on_put = False - -# What size, in MB, should Glance start chunking image files -# and do a large object manifest in Swift? By default, this is -# the maximum object size in Swift, which is 5GB -swift_store_large_object_size = 5120 - -# When doing a large object manifest, what size, in MB, should -# Glance write chunks to Swift? This amount of data is written -# to a temporary disk buffer during the process of chunking -# the image file, and the default is 200MB -swift_store_large_object_chunk_size = 200 - -# Whether to use ServiceNET to communicate with the Swift storage servers. -# (If you aren't RACKSPACE, leave this False!) -# -# To use ServiceNET for authentication, prefix hostname of -# `swift_store_auth_address` with 'snet-'. -# Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/ -swift_enable_snet = False - -# ============ S3 Store Options ============================= - -# Address where the S3 authentication service lives -# Valid schemes are 'http://' and 'https://' -# If no scheme specified, default to 'http://' -s3_store_host = 127.0.0.1:8080/v1.0/ - -# User to authenticate against the S3 authentication service -s3_store_access_key = <20-char AWS access key> - -# Auth key for the user authenticating against the -# S3 authentication service -s3_store_secret_key = <40-char AWS secret key> - -# Container within the account that the account should use -# for storing images in S3. Note that S3 has a flat namespace, -# so you need a unique bucket name for your glance images. An -# easy way to do this is append your AWS access key to "glance". -# S3 buckets in AWS *must* be lowercased, so remember to lowercase -# your AWS access key if you use it in your bucket name below! -s3_store_bucket = glance - -# Do we create the bucket if it does not exist? -s3_store_create_bucket_on_put = False - -# When sending images to S3, the data will first be written to a -# temporary buffer on disk. By default the platform's temporary directory -# will be used. If required, an alternative directory can be specified here. -# s3_store_object_buffer_dir = /path/to/dir - -# ================= Security Options ========================== - -# AES key for encrypting store 'location' metadata, including -# -- if used -- Swift or S3 credentials -# Should be set to a random string of length 16, 24 or 32 bytes -# metadata_encryption_key = <16, 24 or 32 char registry metadata key> diff --git a/config_samples/config/host1/root/etc/glance/glance-registry-paste.ini b/config_samples/config/host1/root/etc/glance/glance-registry-paste.ini deleted file mode 100644 index 5519c5c..0000000 --- a/config_samples/config/host1/root/etc/glance/glance-registry-paste.ini +++ /dev/null @@ -1,19 +0,0 @@ -# Use this pipeline for no auth - DEFAULT -[pipeline:glance-registry] -pipeline = unauthenticated-context registryapp - -# Use this pipeline for keystone auth -[pipeline:glance-registry-keystone] -pipeline = authtoken context registryapp - -[app:registryapp] -paste.app_factory = glance.registry.api.v1:API.factory - -[filter:context] -paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory - -[filter:unauthenticated-context] -paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory diff --git a/config_samples/config/host1/root/etc/glance/glance-registry.conf b/config_samples/config/host1/root/etc/glance/glance-registry.conf deleted file mode 100644 index fd23e1c..0000000 --- a/config_samples/config/host1/root/etc/glance/glance-registry.conf +++ /dev/null @@ -1,96 +0,0 @@ -[DEFAULT] -# Show more verbose log output (sets INFO log level output) -#verbose = False -verbose = true - -# Show debugging output in logs (sets DEBUG log level output) -#debug = False -debug = true - -# Address to bind the registry server -bind_host = 0.0.0.0 - -# Port the bind the registry server to -bind_port = 9191 - -# Log to this file. Make sure you do not set the same log -# file for both the API and registry servers! - -# Backlog requests when creating socket -backlog = 4096 - -# TCP_KEEPIDLE value in seconds when creating socket. -# Not supported on OS X. -#tcp_keepidle = 600 - -# SQLAlchemy connection string for the reference implementation -# registry server. Any valid SQLAlchemy connection string is fine. -# See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine -sql_connection = mysql://glance:fXcrTaoy@127.0.0.1/glance - -# Period in seconds after which SQLAlchemy should reestablish its connection -# to the database. -# -# MySQL uses a default `wait_timeout` of 8 hours, after which it will drop -# idle connections. This can result in 'MySQL Gone Away' exceptions. If you -# notice this, you can lower this value to ensure that SQLAlchemy reconnects -# before MySQL can drop the connection. -sql_idle_timeout = 3600 - -# Limit the api to return `param_limit_max` items in a call to a container. If -# a larger `limit` query param is provided, it will be reduced to this value. -api_limit_max = 1000 - -# If a `limit` query param is not provided in an api request, it will -# default to `limit_param_default` -limit_param_default = 25 - -# Role used to identify an authenticated user as administrator -#admin_role = admin - -# Whether to automatically create the database tables. -# Default: False -#db_auto_create = False - -# ================= Syslog Options ============================ - -# Send logs to syslog (/dev/log) instead of to file specified -# by `log_file` -#use_syslog = False -use_syslog = true - -# Facility to use. If unset defaults to LOG_USER. -#syslog_log_facility = LOG_LOCAL1 - -# ================= SSL Options =============================== - -# Certificate file to use when starting registry server securely -#cert_file = /path/to/certfile - -# Private key file to use when starting registry server securely -#key_file = /path/to/keyfile - -# CA certificate file to use to verify connecting clients -#ca_file = /path/to/cafile -log_config=/etc/glance/logging.conf - -[keystone_authtoken] -auth_host = 127.0.0.1 -auth_port = 35357 -auth_protocol = http -admin_tenant_name = services -admin_user = glance -admin_password = HJhOWm8t -signing_dir=/tmp/keystone-signing-glance -signing_dirname=/tmp/keystone-signing-glance - -[paste_deploy] -# Name of the paste configuration file that defines the available pipelines -#config_file = glance-registry-paste.ini - -# Partial name of a pipeline in your paste configuration file with the -# service name removed. For example, if your paste section name is -# [pipeline:glance-registry-keystone], you would configure the flavor below -# as 'keystone'. -#flavor= -flavor=keystone diff --git a/config_samples/config/host1/root/etc/glance/glance-scrubber.conf b/config_samples/config/host1/root/etc/glance/glance-scrubber.conf deleted file mode 100644 index 9273043..0000000 --- a/config_samples/config/host1/root/etc/glance/glance-scrubber.conf +++ /dev/null @@ -1,40 +0,0 @@ -[DEFAULT] -# Show more verbose log output (sets INFO log level output) -#verbose = False - -# Show debugging output in logs (sets DEBUG log level output) -#debug = False - -# Log to this file. Make sure you do not set the same log -# file for both the API and registry servers! -log_file = /var/log/glance/scrubber.log - -# Send logs to syslog (/dev/log) instead of to file specified by `log_file` -#use_syslog = False - -# Should we run our own loop or rely on cron/scheduler to run us -daemon = False - -# Loop time between checking for new items to schedule for delete -wakeup_time = 300 - -# Directory that the scrubber will use to remind itself of what to delete -# Make sure this is also set in glance-api.conf -scrubber_datadir = /var/lib/glance/scrubber - -# Only one server in your deployment should be designated the cleanup host -cleanup_scrubber = False - -# pending_delete items older than this time are candidates for cleanup -cleanup_scrubber_time = 86400 - -# Address to find the registry server for cleanups -registry_host = 0.0.0.0 - -# Port the registry server is listening on -registry_port = 9191 - -# AES key for encrypting store 'location' metadata, including -# -- if used -- Swift or S3 credentials -# Should be set to a random string of length 16, 24 or 32 bytes -#metadata_encryption_key = <16, 24 or 32 char registry metadata key> diff --git a/config_samples/config/host1/root/etc/glance/logging.conf b/config_samples/config/host1/root/etc/glance/logging.conf deleted file mode 100644 index fc6b948..0000000 --- a/config_samples/config/host1/root/etc/glance/logging.conf +++ /dev/null @@ -1,35 +0,0 @@ -[loggers] -keys = root - -# devel is reserved for future usage -[handlers] -keys = production,devel - -[formatters] -keys = normal,debug - -[logger_root] -level = NOTSET -handlers = production -propagate = 1 -#qualname = glance - -[formatter_debug] -format = glance-%(name)s %(levelname)s: %(module)s %(funcName)s %(message)s - -[formatter_normal] -format = glance-%(name)s %(levelname)s: %(message)s - -# Extended logging info to LOG_LOCAL2 with debug:true and verbose:true -# Note: local copy goes to /var/log/glance-all.log -[handler_production] -class = handlers.SysLogHandler -level = DEBUG -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL2) -formatter = normal - -# TODO find out how it could be usefull and how it should be used -[handler_devel] -class = StreamHandler -formatter = debug -args = (sys.stdout,) diff --git a/config_samples/config/host1/root/etc/glance/policy.json b/config_samples/config/host1/root/etc/glance/policy.json deleted file mode 100644 index 30ef83c..0000000 --- a/config_samples/config/host1/root/etc/glance/policy.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "default": "", - "manage_image_cache": "role:admin" -} diff --git a/config_samples/config/host1/root/etc/glance/schema-image.json b/config_samples/config/host1/root/etc/glance/schema-image.json deleted file mode 100644 index 5aafd6b..0000000 --- a/config_samples/config/host1/root/etc/glance/schema-image.json +++ /dev/null @@ -1,28 +0,0 @@ -{ - "kernel_id": { - "type": "string", - "pattern": "^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$", - "description": "ID of image stored in Glance that should be used as the kernel when booting an AMI-style image." - }, - "ramdisk_id": { - "type": "string", - "pattern": "^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$", - "description": "ID of image stored in Glance that should be used as the ramdisk when booting an AMI-style image." - }, - "instance_uuid": { - "type": "string", - "description": "ID of instance used to create this image." - }, - "architecture": { - "description": "Operating system architecture as specified in http://docs.openstack.org/trunk/openstack-compute/admin/content/adding-images.html", - "type": "string" - }, - "os_distro": { - "description": "Common name of operating system distribution as specified in http://docs.openstack.org/trunk/openstack-compute/admin/content/adding-images.html", - "type": "string" - }, - "os_version": { - "description": "Operating system version as specified by the distributor", - "type": "string" - } -} diff --git a/config_samples/config/host1/services.json b/config_samples/config/host1/services.json deleted file mode 100644 index 14a69a6..0000000 --- a/config_samples/config/host1/services.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "cinder": { - "version": "2013.1" - }, - "glance": { - "version": "2013.1" - } -} - diff --git a/config_samples/config/host2/filesystem b/config_samples/config/host2/filesystem deleted file mode 100644 index a71fd5f..0000000 --- a/config_samples/config/host2/filesystem +++ /dev/null @@ -1,16 +0,0 @@ -# type | source filesystem | reference file | owner | group | permissions - -dir|/etc/keystone|keystone|keystone|0750 -file|/etc/keystone/logging.conf|etc/keystone/logging.conf|keystone|keystone|0640 -file|/etc/keystone/default_catalog.templates|etc/keystone/default_catalog.templates|keystone|keystone|0640 -file|/etc/keystone/policy.json|etc/keystone/policy.json|keystone|keystone|0640 -file|/etc/keystone/keystone.conf|etc/keystone/keystone.conf|keystone|keystone|0640 - -dir|/etc/nova|nova|nova|0750 -file|/etc/nova/logging.conf|etc/nova/logging.conf|nova|nova|0640 -file|/etc/nova/api-paste.ini|etc/nova/api-paste.ini|nova|nova|0640 -file|/etc/nova/policy.json|etc/nova/policy.json|nova|nova|0640 -file|/etc/nova/rootwrap.conf|etc/nova/rootwrap.conf|nova|nova|0640 -file|/etc/nova/release|etc/nova/release|nova|nova|0640 -file|/etc/nova/nova.conf|etc/nova/nova.conf|nova|nova|0640 - diff --git a/config_samples/config/host2/root/etc/keystone/default_catalog.templates b/config_samples/config/host2/root/etc/keystone/default_catalog.templates deleted file mode 100644 index eb1e044..0000000 --- a/config_samples/config/host2/root/etc/keystone/default_catalog.templates +++ /dev/null @@ -1,27 +0,0 @@ -# config for TemplatedCatalog, using camelCase because I don't want to do -# translations for keystone compat -catalog.RegionOne.identity.publicURL = http://localhost:$(public_port)s/v2.0 -catalog.RegionOne.identity.adminURL = http://localhost:$(admin_port)s/v2.0 -catalog.RegionOne.identity.internalURL = http://localhost:$(public_port)s/v2.0 -catalog.RegionOne.identity.name = Identity Service - -# fake compute service for now to help novaclient tests work -catalog.RegionOne.compute.publicURL = http://localhost:$(compute_port)s/v1.1/$(tenant_id)s -catalog.RegionOne.compute.adminURL = http://localhost:$(compute_port)s/v1.1/$(tenant_id)s -catalog.RegionOne.compute.internalURL = http://localhost:$(compute_port)s/v1.1/$(tenant_id)s -catalog.RegionOne.compute.name = Compute Service - -catalog.RegionOne.volume.publicURL = http://localhost:8776/v1/$(tenant_id)s -catalog.RegionOne.volume.adminURL = http://localhost:8776/v1/$(tenant_id)s -catalog.RegionOne.volume.internalURL = http://localhost:8776/v1/$(tenant_id)s -catalog.RegionOne.volume.name = Volume Service - -catalog.RegionOne.ec2.publicURL = http://localhost:8773/services/Cloud -catalog.RegionOne.ec2.adminURL = http://localhost:8773/services/Admin -catalog.RegionOne.ec2.internalURL = http://localhost:8773/services/Cloud -catalog.RegionOne.ec2.name = EC2 Service - -catalog.RegionOne.image.publicURL = http://localhost:9292/v1 -catalog.RegionOne.image.adminURL = http://localhost:9292/v1 -catalog.RegionOne.image.internalURL = http://localhost:9292/v1 -catalog.RegionOne.image.name = Image Service diff --git a/config_samples/config/host2/root/etc/keystone/keystone.conf b/config_samples/config/host2/root/etc/keystone/keystone.conf deleted file mode 100644 index 912dce7..0000000 --- a/config_samples/config/host2/root/etc/keystone/keystone.conf +++ /dev/null @@ -1,320 +0,0 @@ -[DEFAULT] -# A "shared secret" between keystone and other openstack services -# admin_token = ADMIN -admin_token = 5nP3wXsf - -# The IP address of the network interface to listen on -# bind_host = 0.0.0.0 -bind_host = 0.0.0.0 - -# The port number which the public service listens on -# public_port = 5000 -public_port = 5000 - -# The port number which the public admin listens on -# admin_port = 35357 -admin_port = 35357 - -# The base endpoint URLs for keystone that are advertised to clients -# (NOTE: this does NOT affect how keystone listens for connections) -# public_endpoint = http://localhost:%(public_port)d/ -# admin_endpoint = http://localhost:%(admin_port)d/ - -# The port number which the OpenStack Compute service listens on -# compute_port = 8774 -compute_port = 3000 - -# Path to your policy definition containing identity actions -# policy_file = policy.json - -# Rule to check if no matching policy definition is found -# FIXME(dolph): This should really be defined as [policy] default_rule -# policy_default_rule = admin_required - -# Role for migrating membership relationships -# During a SQL upgrade, the following values will be used to create a new role -# that will replace records in the user_tenant_membership table with explicit -# role grants. After migration, the member_role_id will be used in the API -# add_user_to_project, and member_role_name will be ignored. -# member_role_id = 9fe2ff9ee4384b1894a90878d3e92bab -# member_role_name = _member_ - -# === Logging Options === -# Print debugging output -# (includes plaintext request logging, potentially including passwords) -# debug = False -debug = true - -# Print more verbose output -# verbose = False -verbose = true - -# Name of log file to output to. If not set, logging will go to stdout. -# log_file = keystone.log - -# The directory to keep log files in (will be prepended to --logfile) -# log_dir = /var/log/keystone - -# Use syslog for logging. -# use_syslog = False -use_syslog = true - -# syslog facility to receive log lines -# syslog_log_facility = LOG_USER - -# If this option is specified, the logging configuration file specified is -# used and overrides any other logging options specified. Please see the -# Python logging module documentation for details on logging configuration -# files. -# log_config = logging.conf -log_config = /etc/keystone/logging.conf - -# A logging.Formatter log message format string which may use any of the -# available logging.LogRecord attributes. -# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s - -# Format string for %(asctime)s in log records. -# log_date_format = %Y-%m-%d %H:%M:%S - -# onready allows you to send a notification when the process is ready to serve -# For example, to have it notify using systemd, one could set shell command: -# onready = systemd-notify --ready -# or a module with notify() method: -# onready = keystone.common.systemd - -[sql] -connection = mysql://keystone:8aInLVPS@127.0.0.1/keystone -# The SQLAlchemy connection string used to connect to the database -# connection = sqlite:///keystone.db - -# the timeout before idle sql connections are reaped -# idle_timeout = 200 -idle_timeout = 200 - -[identity] -driver = keystone.identity.backends.sql.Identity -# driver = keystone.identity.backends.sql.Identity - -# This references the domain to use for all Identity API v2 requests (which are -# not aware of domains). A domain with this ID will be created for you by -# keystone-manage db_sync in migration 008. The domain referenced by this ID -# cannot be deleted on the v3 API, to prevent accidentally breaking the v2 API. -# There is nothing special about this domain, other than the fact that it must -# exist to order to maintain support for your v2 clients. -# default_domain_id = default - -[trust] -# driver = keystone.trust.backends.sql.Trust - -# delegation and impersonation features can be optionally disabled -# enabled = True - -[catalog] -template_file = /etc/keystone/default_catalog.templates -driver = keystone.catalog.backends.sql.Catalog -# dynamic, sql-based backend (supports API/CLI-based management commands) -# driver = keystone.catalog.backends.sql.Catalog - -# static, file-based backend (does *NOT* support any management commands) -# driver = keystone.catalog.backends.templated.TemplatedCatalog - -# template_file = default_catalog.templates - -[token] -driver = keystone.token.backends.sql.Token -# driver = keystone.token.backends.kvs.Token - -# Amount of time a token should remain valid (in seconds) -# expiration = 86400 - -[policy] -# driver = keystone.policy.backends.sql.Policy -driver = keystone.policy.backends.rules.Policy - -[ec2] -driver = keystone.contrib.ec2.backends.sql.Ec2 -# driver = keystone.contrib.ec2.backends.kvs.Ec2 - -[ssl] -#enable = True -#certfile = /etc/keystone/ssl/certs/keystone.pem -#keyfile = /etc/keystone/ssl/private/keystonekey.pem -#ca_certs = /etc/keystone/ssl/certs/ca.pem -#cert_required = True - -[signing] -#token_format = PKI -token_format = UUID -#certfile = /etc/keystone/ssl/certs/signing_cert.pem -#keyfile = /etc/keystone/ssl/private/signing_key.pem -#ca_certs = /etc/keystone/ssl/certs/ca.pem -#key_size = 1024 -#valid_days = 3650 -#ca_password = None - -[ldap] -# url = ldap://localhost -# user = dc=Manager,dc=example,dc=com -# password = None -# suffix = cn=example,cn=com -# use_dumb_member = False -# allow_subtree_delete = False -# dumb_member = cn=dumb,dc=example,dc=com - -# Maximum results per page; a value of zero ('0') disables paging (default) -# page_size = 0 - -# The LDAP dereferencing option for queries. This can be either 'never', -# 'searching', 'always', 'finding' or 'default'. The 'default' option falls -# back to using default dereferencing configured by your ldap.conf. -# alias_dereferencing = default - -# The LDAP scope for queries, this can be either 'one' -# (onelevel/singleLevel) or 'sub' (subtree/wholeSubtree) -# query_scope = one - -# user_tree_dn = ou=Users,dc=example,dc=com -# user_filter = -# user_objectclass = inetOrgPerson -# user_domain_id_attribute = businessCategory -# user_id_attribute = cn -# user_name_attribute = sn -# user_mail_attribute = email -# user_pass_attribute = userPassword -# user_enabled_attribute = enabled -# user_enabled_mask = 0 -# user_enabled_default = True -# user_attribute_ignore = tenant_id,tenants -# user_allow_create = True -# user_allow_update = True -# user_allow_delete = True -# user_enabled_emulation = False -# user_enabled_emulation_dn = - -# tenant_tree_dn = ou=Groups,dc=example,dc=com -# tenant_filter = -# tenant_objectclass = groupOfNames -# tenant_domain_id_attribute = businessCategory -# tenant_id_attribute = cn -# tenant_member_attribute = member -# tenant_name_attribute = ou -# tenant_desc_attribute = desc -# tenant_enabled_attribute = enabled -# tenant_attribute_ignore = -# tenant_allow_create = True -# tenant_allow_update = True -# tenant_allow_delete = True -# tenant_enabled_emulation = False -# tenant_enabled_emulation_dn = - -# role_tree_dn = ou=Roles,dc=example,dc=com -# role_filter = -# role_objectclass = organizationalRole -# role_id_attribute = cn -# role_name_attribute = ou -# role_member_attribute = roleOccupant -# role_attribute_ignore = -# role_allow_create = True -# role_allow_update = True -# role_allow_delete = True - -# group_tree_dn = -# group_filter = -# group_objectclass = groupOfNames -# group_id_attribute = cn -# group_name_attribute = ou -# group_member_attribute = member -# group_desc_attribute = desc -# group_attribute_ignore = -# group_allow_create = True -# group_allow_update = True -# group_allow_delete = True - -[auth] -methods = password,token -password = keystone.auth.plugins.password.Password -token = keystone.auth.plugins.token.Token - -[filter:debug] -paste.filter_factory = keystone.common.wsgi:Debug.factory - -[filter:token_auth] -paste.filter_factory = keystone.middleware:TokenAuthMiddleware.factory - -[filter:admin_token_auth] -paste.filter_factory = keystone.middleware:AdminTokenAuthMiddleware.factory - -[filter:xml_body] -paste.filter_factory = keystone.middleware:XmlBodyMiddleware.factory - -[filter:json_body] -paste.filter_factory = keystone.middleware:JsonBodyMiddleware.factory - -[filter:user_crud_extension] -paste.filter_factory = keystone.contrib.user_crud:CrudExtension.factory - -[filter:crud_extension] -paste.filter_factory = keystone.contrib.admin_crud:CrudExtension.factory - -[filter:ec2_extension] -paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory - -[filter:s3_extension] -paste.filter_factory = keystone.contrib.s3:S3Extension.factory - -[filter:url_normalize] -paste.filter_factory = keystone.middleware:NormalizingFilter.factory - -[filter:sizelimit] -paste.filter_factory = keystone.middleware:RequestBodySizeLimiter.factory - -[filter:stats_monitoring] -paste.filter_factory = keystone.contrib.stats:StatsMiddleware.factory - -[filter:stats_reporting] -paste.filter_factory = keystone.contrib.stats:StatsExtension.factory - -[filter:access_log] -paste.filter_factory = keystone.contrib.access:AccessLogMiddleware.factory - -[app:public_service] -paste.app_factory = keystone.service:public_app_factory - -[app:service_v3] -paste.app_factory = keystone.service:v3_app_factory - -[app:admin_service] -paste.app_factory = keystone.service:admin_app_factory - -[pipeline:public_api] -pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug ec2_extension user_crud_extension public_service - -[pipeline:admin_api] -pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension crud_extension admin_service - -[pipeline:api_v3] -pipeline = access_log sizelimit stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension service_v3 - -[app:public_version_service] -paste.app_factory = keystone.service:public_version_app_factory - -[app:admin_version_service] -paste.app_factory = keystone.service:admin_version_app_factory - -[pipeline:public_version_api] -pipeline = stats_monitoring url_normalize xml_body public_version_service - -[pipeline:admin_version_api] -pipeline = stats_monitoring url_normalize xml_body admin_version_service - -[composite:main] -use = egg:Paste#urlmap -/v2.0 = public_api -/v3 = api_v3 -/ = public_version_api - -[composite:admin] -use = egg:Paste#urlmap -/v2.0 = admin_api -/v3 = api_v3 -/ = admin_version_api diff --git a/config_samples/config/host2/root/etc/keystone/logging.conf b/config_samples/config/host2/root/etc/keystone/logging.conf deleted file mode 100644 index 14619d9..0000000 --- a/config_samples/config/host2/root/etc/keystone/logging.conf +++ /dev/null @@ -1,35 +0,0 @@ -[loggers] -keys = root - -# devel is reserved for future usage -[handlers] -keys = production,devel - -[formatters] -keys = normal,debug - -[logger_root] -level = NOTSET -handlers = production -propagate = 1 -#qualname = keystone - -[formatter_debug] -format = keystone-%(name)s %(levelname)s: %(module)s %(funcName)s %(message)s - -[formatter_normal] -format = keystone-%(name)s %(levelname)s: %(message)s - -# Extended logging info to LOG_LOCAL7 with debug:true and verbose:true -# Note: local copy goes to /var/log/keystone-all.log -[handler_production] -class = handlers.SysLogHandler -level = DEBUG -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL7) -formatter = normal - -# TODO find out how it could be usefull and how it should be used -[handler_devel] -class = StreamHandler -formatter = debug -args = (sys.stdout,) diff --git a/config_samples/config/host2/root/etc/keystone/policy.json b/config_samples/config/host2/root/etc/keystone/policy.json deleted file mode 100644 index f53161e..0000000 --- a/config_samples/config/host2/root/etc/keystone/policy.json +++ /dev/null @@ -1,86 +0,0 @@ -{ - "admin_required": [["role:admin"], ["is_admin:1"]], - "owner" : [["user_id:%(user_id)s"]], - "admin_or_owner": [["rule:admin_required"], ["rule:owner"]], - - "default": [["rule:admin_required"]], - - "identity:get_service": [["rule:admin_required"]], - "identity:list_services": [["rule:admin_required"]], - "identity:create_service": [["rule:admin_required"]], - "identity:update_service": [["rule:admin_required"]], - "identity:delete_service": [["rule:admin_required"]], - - "identity:get_endpoint": [["rule:admin_required"]], - "identity:list_endpoints": [["rule:admin_required"]], - "identity:create_endpoint": [["rule:admin_required"]], - "identity:update_endpoint": [["rule:admin_required"]], - "identity:delete_endpoint": [["rule:admin_required"]], - - "identity:get_domain": [["rule:admin_required"]], - "identity:list_domains": [["rule:admin_required"]], - "identity:create_domain": [["rule:admin_required"]], - "identity:update_domain": [["rule:admin_required"]], - "identity:delete_domain": [["rule:admin_required"]], - - "identity:get_project": [["rule:admin_required"]], - "identity:list_projects": [["rule:admin_required"]], - "identity:list_user_projects": [["rule:admin_or_owner"]], - "identity:create_project": [["rule:admin_or_owner"]], - "identity:update_project": [["rule:admin_required"]], - "identity:delete_project": [["rule:admin_required"]], - - "identity:get_user": [["rule:admin_required"]], - "identity:list_users": [["rule:admin_required"]], - "identity:create_user": [["rule:admin_required"]], - "identity:update_user": [["rule:admin_or_owner"]], - "identity:delete_user": [["rule:admin_required"]], - - "identity:get_group": [["rule:admin_required"]], - "identity:list_groups": [["rule:admin_required"]], - "identity:list_groups_for_user": [["rule:admin_or_owner"]], - "identity:create_group": [["rule:admin_required"]], - "identity:update_group": [["rule:admin_required"]], - "identity:delete_group": [["rule:admin_required"]], - "identity:list_users_in_group": [["rule:admin_required"]], - "identity:remove_user_from_group": [["rule:admin_required"]], - "identity:check_user_in_group": [["rule:admin_required"]], - "identity:add_user_to_group": [["rule:admin_required"]], - - "identity:get_credential": [["rule:admin_required"]], - "identity:list_credentials": [["rule:admin_required"]], - "identity:create_credential": [["rule:admin_required"]], - "identity:update_credential": [["rule:admin_required"]], - "identity:delete_credential": [["rule:admin_required"]], - - "identity:get_role": [["rule:admin_required"]], - "identity:list_roles": [["rule:admin_required"]], - "identity:create_role": [["rule:admin_required"]], - "identity:update_role": [["rule:admin_required"]], - "identity:delete_role": [["rule:admin_required"]], - - "identity:check_grant": [["rule:admin_required"]], - "identity:list_grants": [["rule:admin_required"]], - "identity:create_grant": [["rule:admin_required"]], - "identity:revoke_grant": [["rule:admin_required"]], - - "identity:get_policy": [["rule:admin_required"]], - "identity:list_policies": [["rule:admin_required"]], - "identity:create_policy": [["rule:admin_required"]], - "identity:update_policy": [["rule:admin_required"]], - "identity:delete_policy": [["rule:admin_required"]], - - "identity:check_token": [["rule:admin_required"]], - "identity:validate_token": [["rule:admin_required"]], - "identity:revocation_list": [["rule:admin_required"]], - "identity:revoke_token": [["rule:admin_required"], - ["user_id:%(user_id)s"]], - - "identity:create_trust": [["user_id:%(trust.trustor_user_id)s"]], - "identity:get_trust": [["rule:admin_or_owner"]], - "identity:list_trusts": [["@"]], - "identity:list_roles_for_trust": [["@"]], - "identity:check_role_for_trust": [["@"]], - "identity:get_role_for_trust": [["@"]], - "identity:delete_trust": [["@"]] -} diff --git a/config_samples/config/host2/root/etc/nova/api-paste.ini b/config_samples/config/host2/root/etc/nova/api-paste.ini deleted file mode 100644 index a9f53df..0000000 --- a/config_samples/config/host2/root/etc/nova/api-paste.ini +++ /dev/null @@ -1,107 +0,0 @@ -############ -# Metadata # -############ -[composite:metadata] -use = egg:Paste#urlmap -/: meta - -[pipeline:meta] -pipeline = ec2faultwrap logrequest metaapp - -[app:metaapp] -paste.app_factory = nova.api.metadata.handler:MetadataRequestHandler.factory - -####### -# EC2 # -####### - -[composite:ec2] -use = egg:Paste#urlmap -/services/Cloud: ec2cloud - -[composite:ec2cloud] -use = call:nova.api.auth:pipeline_factory -noauth = ec2faultwrap logrequest ec2noauth cloudrequest validator ec2executor -keystone = ec2faultwrap logrequest ec2keystoneauth cloudrequest validator ec2executor - -[filter:ec2faultwrap] -paste.filter_factory = nova.api.ec2:FaultWrapper.factory - -[filter:logrequest] -paste.filter_factory = nova.api.ec2:RequestLogging.factory - -[filter:ec2lockout] -paste.filter_factory = nova.api.ec2:Lockout.factory - -[filter:ec2keystoneauth] -paste.filter_factory = nova.api.ec2:EC2KeystoneAuth.factory - -[filter:ec2noauth] -paste.filter_factory = nova.api.ec2:NoAuth.factory - -[filter:cloudrequest] -controller = nova.api.ec2.cloud.CloudController -paste.filter_factory = nova.api.ec2:Requestify.factory - -[filter:authorizer] -paste.filter_factory = nova.api.ec2:Authorizer.factory - -[filter:validator] -paste.filter_factory = nova.api.ec2:Validator.factory - -[app:ec2executor] -paste.app_factory = nova.api.ec2:Executor.factory - -############# -# Openstack # -############# - -[composite:osapi_compute] -use = call:nova.api.openstack.urlmap:urlmap_factory -/: oscomputeversions -/v1.1: openstack_compute_api_v2 -/v2: openstack_compute_api_v2 - -[composite:openstack_compute_api_v2] -use = call:nova.api.auth:pipeline_factory -noauth = faultwrap sizelimit noauth ratelimit osapi_compute_app_v2 -keystone = faultwrap sizelimit authtoken keystonecontext ratelimit osapi_compute_app_v2 -keystone_nolimit = faultwrap sizelimit authtoken keystonecontext osapi_compute_app_v2 - -[filter:faultwrap] -paste.filter_factory = nova.api.openstack:FaultWrapper.factory - -[filter:noauth] -paste.filter_factory = nova.api.openstack.auth:NoAuthMiddleware.factory - -[filter:ratelimit] -paste.filter_factory = nova.api.openstack.compute.limits:RateLimitingMiddleware.factory -limits=(POST, "*", .*, 1000, MINUTE);(POST, "*/servers", ^/servers, 1000, DAY);(PUT, "*", .*, 1000, MINUTE);(GET, "*changes-since*", .*changes-since.*, 1000, MINUTE);(DELETE, "*", .*, 1000, MINUTE) - -[filter:sizelimit] -paste.filter_factory = nova.api.sizelimit:RequestBodySizeLimiter.factory - -[app:osapi_compute_app_v2] -paste.app_factory = nova.api.openstack.compute:APIRouter.factory - -[pipeline:oscomputeversions] -pipeline = faultwrap oscomputeversionapp - -[app:oscomputeversionapp] -paste.app_factory = nova.api.openstack.compute.versions:Versions.factory - -########## -# Shared # -########## - -[filter:keystonecontext] -paste.filter_factory = nova.api.auth:NovaKeystoneContext.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory -# signing_dir is configurable, but the default behavior of the authtoken -# middleware should be sufficient. It will create a temporary directory -# in the home directory for the user the nova process is running as. -#signing_dir = /var/lib/nova/keystone-signing -# Workaround for https://bugs.launchpad.net/nova/+bug/1154809 -auth_version = v2.0 diff --git a/config_samples/config/host2/root/etc/nova/logging.conf b/config_samples/config/host2/root/etc/nova/logging.conf deleted file mode 100644 index 9c497a0..0000000 --- a/config_samples/config/host2/root/etc/nova/logging.conf +++ /dev/null @@ -1,35 +0,0 @@ -[loggers] -keys = root - -# devel is reserved for future usage -[handlers] -keys = production,devel - -[formatters] -keys = normal,debug - -[logger_root] -level = NOTSET -handlers = production -propagate = 1 -#qualname = nova - -[formatter_debug] -format = nova-%(name)s %(levelname)s: %(module)s %(funcName)s %(message)s - -[formatter_normal] -format = nova-%(name)s %(levelname)s: %(message)s - -# Extended logging info to LOG_LOCAL6 with debug:true and verbose:true -# Note: local copy goes to /var/log/nova-all.log -[handler_production] -class = handlers.SysLogHandler -level = DEBUG -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL6) -formatter = normal - -# TODO find out how it could be usefull and how it should be used -[handler_devel] -class = StreamHandler -formatter = debug -args = (sys.stdout,) diff --git a/config_samples/config/host2/root/etc/nova/nova.conf b/config_samples/config/host2/root/etc/nova/nova.conf deleted file mode 100644 index 5b2867f..0000000 --- a/config_samples/config/host2/root/etc/nova/nova.conf +++ /dev/null @@ -1,71 +0,0 @@ -[DEFAULT] -state_path = /var/lib/nova -lock_path = /var/lib/nova/tmp -volumes_dir = /etc/nova/volumes -dhcpbridge = /usr/bin/nova-dhcpbridge -dhcpbridge_flagfile = /etc/nova/nova.conf -force_dhcp_release = true -injected_network_template = /usr/share/nova/interfaces.template -libvirt_nonblocking = True -libvirt_inject_partition = -1 -network_manager = nova.network.manager.VlanManager -iscsi_helper = tgtadm -sql_connection = mysql://nova:4ZDJNk2l@192.168.0.2/nova -compute_driver = libvirt.LibvirtDriver -firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver -rpc_backend = nova.rpc.impl_kombu -rootwrap_config = /etc/nova/rootwrap.conf -debug=true -vncserver_proxyclient_address=192.168.0.3 -rabbit_hosts=192.168.0.2:5672 -osapi_compute_listen=192.168.0.3 -ec2_listen=192.168.0.3 -glance_api_servers=192.168.0.2:9292 -rabbit_userid=nova -rabbit_ha_queues=True -rabbit_password=HNmMv5tY -verbose=true -logging_default_format_string=%(levelname)s %(name)s [-] %(instance)s %(message)s -logging_context_format_string=%(levelname)s %(name)s [%(request_id)s %(user_id)s %(project_id)s] %(instance)s %(message)s -enabled_apis=metadata -vnc_enabled=true -rabbit_virtual_host=/ -image_service=nova.image.glance.GlanceImageService -volume_api_class=nova.volume.cinder.API -log_config=/etc/nova/logging.conf -rabbit_port=5672 -vlan_start=383 -api_paste_config=/etc/nova/api-paste.ini -novncproxy_base_url=http://172.18.165.37:6080/vnc_auto.html -public_interface=eth1 -service_down_time=60 -syslog_log_facility=LOCAL6 -vncserver_listen=192.168.0.3 -osapi_volume_listen=192.168.0.3 -metadata_listen=192.168.0.3 -auth_strategy=keystone -fixed_range=10.0.1.0/24 -use_syslog=True -dhcp_domain=novalocal -use_cow_images=true -compute_scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler -start_guests_on_host_boot=true -metadata_host=192.168.0.3 -memcached_servers=127.0.0.1:11211 -send_arp_for_ha=True -multi_host=True -allow_resize_to_same_host=True -libvirt_type=kvm -vlan_interface=eth0 -connection_type=libvirt - -[keystone_authtoken] -admin_tenant_name = services -admin_user = nova -admin_password = 8UKGDGt8 -auth_host = 192.168.0.2 -auth_port = 35357 -auth_protocol = http -signing_dir = /tmp/keystone-signing-nova -signing_dirname=/tmp/keystone-signing-nova - diff --git a/config_samples/config/host2/root/etc/nova/policy.json b/config_samples/config/host2/root/etc/nova/policy.json deleted file mode 100644 index 5a6800f..0000000 --- a/config_samples/config/host2/root/etc/nova/policy.json +++ /dev/null @@ -1,161 +0,0 @@ -{ - "context_is_admin": "role:admin", - "admin_or_owner": "is_admin:True or project_id:%(project_id)s", - "default": "rule:admin_or_owner", - - - "compute:create": "", - "compute:create:attach_network": "", - "compute:create:attach_volume": "", - "compute:create:forced_host": "is_admin:True", - "compute:get_all": "", - "compute:get_all_tenants": "", - - - "admin_api": "is_admin:True", - "compute_extension:accounts": "rule:admin_api", - "compute_extension:admin_actions": "rule:admin_api", - "compute_extension:admin_actions:pause": "rule:admin_or_owner", - "compute_extension:admin_actions:unpause": "rule:admin_or_owner", - "compute_extension:admin_actions:suspend": "rule:admin_or_owner", - "compute_extension:admin_actions:resume": "rule:admin_or_owner", - "compute_extension:admin_actions:lock": "rule:admin_api", - "compute_extension:admin_actions:unlock": "rule:admin_api", - "compute_extension:admin_actions:resetNetwork": "rule:admin_api", - "compute_extension:admin_actions:injectNetworkInfo": "rule:admin_api", - "compute_extension:admin_actions:createBackup": "rule:admin_or_owner", - "compute_extension:admin_actions:migrateLive": "rule:admin_api", - "compute_extension:admin_actions:resetState": "rule:admin_api", - "compute_extension:admin_actions:migrate": "rule:admin_api", - "compute_extension:aggregates": "rule:admin_api", - "compute_extension:agents": "rule:admin_api", - "compute_extension:attach_interfaces": "", - "compute_extension:baremetal_nodes": "rule:admin_api", - "compute_extension:cells": "rule:admin_api", - "compute_extension:certificates": "", - "compute_extension:cloudpipe": "rule:admin_api", - "compute_extension:cloudpipe_update": "rule:admin_api", - "compute_extension:console_output": "", - "compute_extension:consoles": "", - "compute_extension:coverage_ext": "rule:admin_api", - "compute_extension:createserverext": "", - "compute_extension:deferred_delete": "", - "compute_extension:disk_config": "", - "compute_extension:evacuate": "rule:admin_api", - "compute_extension:extended_server_attributes": "rule:admin_api", - "compute_extension:extended_status": "", - "compute_extension:extended_availability_zone": "", - "compute_extension:extended_ips": "", - "compute_extension:fixed_ips": "rule:admin_api", - "compute_extension:flavor_access": "", - "compute_extension:flavor_disabled": "", - "compute_extension:flavor_rxtx": "", - "compute_extension:flavor_swap": "", - "compute_extension:flavorextradata": "", - "compute_extension:flavorextraspecs:index": "", - "compute_extension:flavorextraspecs:show": "", - "compute_extension:flavorextraspecs:create": "rule:admin_api", - "compute_extension:flavorextraspecs:update": "rule:admin_api", - "compute_extension:flavorextraspecs:delete": "rule:admin_api", - "compute_extension:flavormanage": "rule:admin_api", - "compute_extension:floating_ip_dns": "", - "compute_extension:floating_ip_pools": "", - "compute_extension:floating_ips": "", - "compute_extension:floating_ips_bulk": "rule:admin_api", - "compute_extension:fping": "", - "compute_extension:fping:all_tenants": "rule:admin_api", - "compute_extension:hide_server_addresses": "is_admin:False", - "compute_extension:hosts": "rule:admin_api", - "compute_extension:hypervisors": "rule:admin_api", - "compute_extension:image_size": "", - "compute_extension:instance_actions": "", - "compute_extension:instance_actions:events": "rule:admin_api", - "compute_extension:instance_usage_audit_log": "rule:admin_api", - "compute_extension:keypairs": "", - "compute_extension:multinic": "", - "compute_extension:networks": "rule:admin_api", - "compute_extension:networks:view": "", - "compute_extension:networks_associate": "rule:admin_api", - "compute_extension:quotas:show": "", - "compute_extension:quotas:update": "rule:admin_api", - "compute_extension:quota_classes": "", - "compute_extension:rescue": "", - "compute_extension:security_group_default_rules": "rule:admin_api", - "compute_extension:security_groups": "", - "compute_extension:server_diagnostics": "rule:admin_api", - "compute_extension:server_password": "", - "compute_extension:services": "rule:admin_api", - "compute_extension:simple_tenant_usage:show": "rule:admin_or_owner", - "compute_extension:simple_tenant_usage:list": "rule:admin_api", - "compute_extension:users": "rule:admin_api", - "compute_extension:virtual_interfaces": "", - "compute_extension:virtual_storage_arrays": "", - "compute_extension:volumes": "", - "compute_extension:volume_attachments:index": "", - "compute_extension:volume_attachments:show": "", - "compute_extension:volume_attachments:create": "", - "compute_extension:volume_attachments:delete": "", - "compute_extension:volumetypes": "", - "compute_extension:availability_zone:list": "", - "compute_extension:availability_zone:detail": "rule:admin_api", - - - "volume:create": "", - "volume:get_all": "", - "volume:get_volume_metadata": "", - "volume:get_snapshot": "", - "volume:get_all_snapshots": "", - - - "volume_extension:types_manage": "rule:admin_api", - "volume_extension:types_extra_specs": "rule:admin_api", - "volume_extension:volume_admin_actions:reset_status": "rule:admin_api", - "volume_extension:snapshot_admin_actions:reset_status": "rule:admin_api", - "volume_extension:volume_admin_actions:force_delete": "rule:admin_api", - - - "network:get_all": "", - "network:get": "", - "network:create": "", - "network:delete": "", - "network:associate": "", - "network:disassociate": "", - "network:get_vifs_by_instance": "", - "network:allocate_for_instance": "", - "network:deallocate_for_instance": "", - "network:validate_networks": "", - "network:get_instance_uuids_by_ip_filter": "", - "network:get_instance_id_by_floating_address": "", - "network:setup_networks_on_host": "", - "network:get_backdoor_port": "", - - "network:get_floating_ip": "", - "network:get_floating_ip_pools": "", - "network:get_floating_ip_by_address": "", - "network:get_floating_ips_by_project": "", - "network:get_floating_ips_by_fixed_address": "", - "network:allocate_floating_ip": "", - "network:deallocate_floating_ip": "", - "network:associate_floating_ip": "", - "network:disassociate_floating_ip": "", - "network:release_floating_ip": "", - "network:migrate_instance_start": "", - "network:migrate_instance_finish": "", - - "network:get_fixed_ip": "", - "network:get_fixed_ip_by_address": "", - "network:add_fixed_ip_to_instance": "", - "network:remove_fixed_ip_from_instance": "", - "network:add_network_to_project": "", - "network:get_instance_nw_info": "", - - "network:get_dns_domains": "", - "network:add_dns_entry": "", - "network:modify_dns_entry": "", - "network:delete_dns_entry": "", - "network:get_dns_entries_by_address": "", - "network:get_dns_entries_by_name": "", - "network:create_private_dns_domain": "", - "network:create_public_dns_domain": "", - "network:delete_dns_domain": "" -} diff --git a/config_samples/config/host2/root/etc/nova/release b/config_samples/config/host2/root/etc/nova/release deleted file mode 100644 index f9d3fe4..0000000 --- a/config_samples/config/host2/root/etc/nova/release +++ /dev/null @@ -1,4 +0,0 @@ -[Nova] -vendor = Red Hat Inc. -product = OpenStack Nova -package = mira.1 diff --git a/config_samples/config/host2/root/etc/nova/rootwrap.conf b/config_samples/config/host2/root/etc/nova/rootwrap.conf deleted file mode 100644 index fb2997a..0000000 --- a/config_samples/config/host2/root/etc/nova/rootwrap.conf +++ /dev/null @@ -1,27 +0,0 @@ -# Configuration for nova-rootwrap -# This file should be owned by (and only-writeable by) the root user - -[DEFAULT] -# List of directories to load filter definitions from (separated by ','). -# These directories MUST all be only writeable by root ! -filters_path=/etc/nova/rootwrap.d,/usr/share/nova/rootwrap - -# List of directories to search executables in, in case filters do not -# explicitely specify a full path (separated by ',') -# If not specified, defaults to system PATH environment variable. -# These directories MUST all be only writeable by root ! -exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin - -# Enable logging to syslog -# Default value is False -use_syslog=False - -# Which syslog facility to use. -# Valid values include auth, authpriv, syslog, user0, user1... -# Default value is 'syslog' -syslog_log_facility=syslog - -# Which messages to log. -# INFO means log all usage -# ERROR means only log unsuccessful attempts -syslog_log_level=ERROR diff --git a/config_samples/config/host2/services.json b/config_samples/config/host2/services.json deleted file mode 100644 index d720a3d..0000000 --- a/config_samples/config/host2/services.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "keystone": { - "version": "2013.1" - }, - "nova": { - "version": "2013.1" - } -} - diff --git a/config_samples/devstack/host1/apache2/apache2.conf b/config_samples/devstack/host1/apache2/apache2.conf deleted file mode 100644 index a3d6da1..0000000 --- a/config_samples/devstack/host1/apache2/apache2.conf +++ /dev/null @@ -1,237 +0,0 @@ -# -# Based upon the NCSA server configuration files originally by Rob McCool. -# -# This is the main Apache server configuration file. It contains the -# configuration directives that give the server its instructions. -# See http://httpd.apache.org/docs/2.2/ for detailed information about -# the directives. -# -# Do NOT simply read the instructions in here without understanding -# what they do. They're here only as hints or reminders. If you are unsure -# consult the online docs. You have been warned. -# -# The configuration directives are grouped into three basic sections: -# 1. Directives that control the operation of the Apache server process as a -# whole (the 'global environment'). -# 2. Directives that define the parameters of the 'main' or 'default' server, -# which responds to requests that aren't handled by a virtual host. -# These directives also provide default values for the settings -# of all virtual hosts. -# 3. Settings for virtual hosts, which allow Web requests to be sent to -# different IP addresses or hostnames and have them handled by the -# same Apache server process. -# -# Configuration and logfile names: If the filenames you specify for many -# of the server's control files begin with "/" (or "drive:/" for Win32), the -# server will use that explicit path. If the filenames do *not* begin -# with "/", the value of ServerRoot is prepended -- so "foo.log" -# with ServerRoot set to "/etc/apache2" will be interpreted by the -# server as "/etc/apache2/foo.log". -# - -### Section 1: Global Environment -# -# The directives in this section affect the overall operation of Apache, -# such as the number of concurrent requests it can handle or where it -# can find its configuration files. -# - -# -# ServerRoot: The top of the directory tree under which the server's -# configuration, error, and log files are kept. -# -# NOTE! If you intend to place this on an NFS (or otherwise network) -# mounted filesystem then please read the LockFile documentation (available -# at ); -# you will save yourself a lot of trouble. -# -# Do NOT add a slash at the end of the directory path. -# -#ServerRoot "/etc/apache2" - -# -# The accept serialization lock file MUST BE STORED ON A LOCAL DISK. -# -LockFile ${APACHE_LOCK_DIR}/accept.lock - -# -# PidFile: The file in which the server should record its process -# identification number when it starts. -# This needs to be set in /etc/apache2/envvars -# -PidFile ${APACHE_PID_FILE} - -# -# Timeout: The number of seconds before receives and sends time out. -# -Timeout 300 - -# -# KeepAlive: Whether or not to allow persistent connections (more than -# one request per connection). Set to "Off" to deactivate. -# -KeepAlive On - -# -# MaxKeepAliveRequests: The maximum number of requests to allow -# during a persistent connection. Set to 0 to allow an unlimited amount. -# We recommend you leave this number high, for maximum performance. -# -MaxKeepAliveRequests 100 - -# -# KeepAliveTimeout: Number of seconds to wait for the next request from the -# same client on the same connection. -# -KeepAliveTimeout 5 - -## -## Server-Pool Size Regulation (MPM specific) -## - -# prefork MPM -# StartServers: number of server processes to start -# MinSpareServers: minimum number of server processes which are kept spare -# MaxSpareServers: maximum number of server processes which are kept spare -# MaxClients: maximum number of server processes allowed to start -# MaxRequestsPerChild: maximum number of requests a server process serves - - StartServers 5 - MinSpareServers 5 - MaxSpareServers 10 - MaxClients 150 - MaxRequestsPerChild 0 - - -# worker MPM -# StartServers: initial number of server processes to start -# MinSpareThreads: minimum number of worker threads which are kept spare -# MaxSpareThreads: maximum number of worker threads which are kept spare -# ThreadLimit: ThreadsPerChild can be changed to this maximum value during a -# graceful restart. ThreadLimit can only be changed by stopping -# and starting Apache. -# ThreadsPerChild: constant number of worker threads in each server process -# MaxClients: maximum number of simultaneous client connections -# MaxRequestsPerChild: maximum number of requests a server process serves - - StartServers 2 - MinSpareThreads 25 - MaxSpareThreads 75 - ThreadLimit 64 - ThreadsPerChild 25 - MaxClients 150 - MaxRequestsPerChild 0 - - -# event MPM -# StartServers: initial number of server processes to start -# MinSpareThreads: minimum number of worker threads which are kept spare -# MaxSpareThreads: maximum number of worker threads which are kept spare -# ThreadsPerChild: constant number of worker threads in each server process -# MaxClients: maximum number of simultaneous client connections -# MaxRequestsPerChild: maximum number of requests a server process serves - - StartServers 2 - MinSpareThreads 25 - MaxSpareThreads 75 - ThreadLimit 64 - ThreadsPerChild 25 - MaxClients 150 - MaxRequestsPerChild 0 - - -# These need to be set in /etc/apache2/envvars -User ${APACHE_RUN_USER} -Group ${APACHE_RUN_GROUP} - -# -# AccessFileName: The name of the file to look for in each directory -# for additional configuration directives. See also the AllowOverride -# directive. -# - -AccessFileName .htaccess - -# -# The following lines prevent .htaccess and .htpasswd files from being -# viewed by Web clients. -# - - Order allow,deny - Deny from all - Satisfy all - - -# -# DefaultType is the default MIME type the server will use for a document -# if it cannot otherwise determine one, such as from filename extensions. -# If your server contains mostly text or HTML documents, "text/plain" is -# a good value. If most of your content is binary, such as applications -# or images, you may want to use "application/octet-stream" instead to -# keep browsers from trying to display binary files as though they are -# text. -# -# It is also possible to omit any default MIME type and let the -# client's browser guess an appropriate action instead. Typically the -# browser will decide based on the file's extension then. In cases -# where no good assumption can be made, letting the default MIME type -# unset is suggested instead of forcing the browser to accept -# incorrect metadata. -# -DefaultType None - - -# -# HostnameLookups: Log the names of clients or just their IP addresses -# e.g., www.apache.org (on) or 204.62.129.132 (off). -# The default is off because it'd be overall better for the net if people -# had to knowingly turn this feature on, since enabling it means that -# each client request will result in AT LEAST one lookup request to the -# nameserver. -# -HostnameLookups Off - -# ErrorLog: The location of the error log file. -# If you do not specify an ErrorLog directive within a -# container, error messages relating to that virtual host will be -# logged here. If you *do* define an error logfile for a -# container, that host's errors will be logged there and not here. -# -ErrorLog ${APACHE_LOG_DIR}/error.log - -# -# LogLevel: Control the number of messages logged to the error_log. -# Possible values include: debug, info, notice, warn, error, crit, -# alert, emerg. -# -LogLevel warn - -# Include module configuration: -Include mods-enabled/*.load -Include mods-enabled/*.conf - -# Include all the user configurations: -Include httpd.conf - -# Include ports listing -Include ports.conf - -# -# The following directives define some format nicknames for use with -# a CustomLog directive (see below). -# If you are behind a reverse proxy, you might want to change %h into %{X-Forwarded-For}i -# -LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined -LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined -LogFormat "%h %l %u %t \"%r\" %>s %O" common -LogFormat "%{Referer}i -> %U" referer -LogFormat "%{User-agent}i" agent - -# Include of directories ignores editors' and dpkg's backup files, -# see README.Debian for details. - -# Include generic snippets of statements -Include conf.d/ - -# Include the virtual host configurations: -Include sites-enabled/ diff --git a/config_samples/devstack/host1/apache2/conf.d/charset b/config_samples/devstack/host1/apache2/conf.d/charset deleted file mode 100644 index 40d7198..0000000 --- a/config_samples/devstack/host1/apache2/conf.d/charset +++ /dev/null @@ -1,6 +0,0 @@ -# Read the documentation before enabling AddDefaultCharset. -# In general, it is only a good idea if you know that all your files -# have this encoding. It will override any encoding given in the files -# in meta http-equiv or xml encoding tags. - -#AddDefaultCharset UTF-8 diff --git a/config_samples/devstack/host1/apache2/conf.d/javascript-common.conf b/config_samples/devstack/host1/apache2/conf.d/javascript-common.conf deleted file mode 100644 index 7e5dbd3..0000000 --- a/config_samples/devstack/host1/apache2/conf.d/javascript-common.conf +++ /dev/null @@ -1,5 +0,0 @@ -Alias /javascript /usr/share/javascript/ - - - Options FollowSymLinks MultiViews - diff --git a/config_samples/devstack/host1/apache2/conf.d/localized-error-pages b/config_samples/devstack/host1/apache2/conf.d/localized-error-pages deleted file mode 100644 index 2a2e83f..0000000 --- a/config_samples/devstack/host1/apache2/conf.d/localized-error-pages +++ /dev/null @@ -1,79 +0,0 @@ -# -# Customizable error responses come in three flavors: -# 1) plain text 2) local redirects 3) external redirects -# -# Some examples: -#ErrorDocument 500 "The server made a boo boo." -#ErrorDocument 404 /missing.html -#ErrorDocument 404 "/cgi-bin/missing_handler.pl" -#ErrorDocument 402 http://www.example.com/subscription_info.html -# - -# -# Putting this all together, we can internationalize error responses. -# -# We use Alias to redirect any /error/HTTP_.html.var response to -# our collection of by-error message multi-language collections. We use -# includes to substitute the appropriate text. -# -# You can modify the messages' appearance without changing any of the -# default HTTP_.html.var files by adding the line: -# -# Alias /error/include/ "/your/include/path/" -# -# which allows you to create your own set of files by starting with the -# /usr/share/apache2/error/include/ files and copying them to /your/include/path/, -# even on a per-VirtualHost basis. If you include the Alias in the global server -# context, is has to come _before_ the 'Alias /error/ ...' line. -# -# The default include files will display your Apache version number and your -# ServerAdmin email address regardless of the setting of ServerSignature. -# -# WARNING: The configuration below will NOT work out of the box if you have a -# SetHandler directive in a context somewhere. Adding -# the following three lines AFTER the context should -# make it work in most cases: -# -# SetHandler none -# -# -# The internationalized error documents require mod_alias, mod_include -# and mod_negotiation. To activate them, uncomment the following 37 lines. - -# -# -# -# -# Alias /error/ "/usr/share/apache2/error/" -# -# -# AllowOverride None -# Options IncludesNoExec -# AddOutputFilter Includes html -# AddHandler type-map var -# Order allow,deny -# Allow from all -# LanguagePriority en cs de es fr it nl sv pt-br ro -# ForceLanguagePriority Prefer Fallback -# -# -# ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var -# ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var -# ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var -# ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var -# ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var -# ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var -# ErrorDocument 410 /error/HTTP_GONE.html.var -# ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var -# ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var -# ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var -# ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var -# ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var -# ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var -# ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var -# ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var -# ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var -# ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var -# -# -# diff --git a/config_samples/devstack/host1/apache2/conf.d/other-vhosts-access-log b/config_samples/devstack/host1/apache2/conf.d/other-vhosts-access-log deleted file mode 100644 index 9f7aecd..0000000 --- a/config_samples/devstack/host1/apache2/conf.d/other-vhosts-access-log +++ /dev/null @@ -1,2 +0,0 @@ -# Define an access log for VirtualHosts that don't define their own logfile -CustomLog ${APACHE_LOG_DIR}/other_vhosts_access.log vhost_combined diff --git a/config_samples/devstack/host1/apache2/conf.d/security b/config_samples/devstack/host1/apache2/conf.d/security deleted file mode 100644 index 081d77e..0000000 --- a/config_samples/devstack/host1/apache2/conf.d/security +++ /dev/null @@ -1,51 +0,0 @@ -# -# Disable access to the entire file system except for the directories that -# are explicitly allowed later. -# -# This currently breaks the configurations that come with some web application -# Debian packages. -# -# -# AllowOverride None -# Order Deny,Allow -# Deny from all -# - - -# Changing the following options will not really affect the security of the -# server, but might make attacks slightly more difficult in some cases. - -# -# ServerTokens -# This directive configures what you return as the Server HTTP response -# Header. The default is 'Full' which sends information about the OS-Type -# and compiled in modules. -# Set to one of: Full | OS | Minimal | Minor | Major | Prod -# where Full conveys the most information, and Prod the least. -# -#ServerTokens Minimal -ServerTokens OS -#ServerTokens Full - -# -# Optionally add a line containing the server version and virtual host -# name to server-generated pages (internal error documents, FTP directory -# listings, mod_status and mod_info output etc., but not CGI generated -# documents or custom error documents). -# Set to "EMail" to also include a mailto: link to the ServerAdmin. -# Set to one of: On | Off | EMail -# -#ServerSignature Off -ServerSignature On - -# -# Allow TRACE method -# -# Set to "extended" to also reflect the request body (only for testing and -# diagnostic purposes). -# -# Set to one of: On | Off | extended -# -TraceEnable Off -#TraceEnable On - diff --git a/config_samples/devstack/host1/apache2/envvars b/config_samples/devstack/host1/apache2/envvars deleted file mode 100644 index 0a4cc94..0000000 --- a/config_samples/devstack/host1/apache2/envvars +++ /dev/null @@ -1,37 +0,0 @@ -# envvars - default environment variables for apache2ctl - -# this won't be correct after changing uid -unset HOME - -# for supporting multiple apache2 instances -if [ "${APACHE_CONFDIR##/etc/apache2-}" != "${APACHE_CONFDIR}" ] ; then - SUFFIX="-${APACHE_CONFDIR##/etc/apache2-}" -else - SUFFIX= -fi - -# Since there is no sane way to get the parsed apache2 config in scripts, some -# settings are defined via environment variables and then used in apache2ctl, -# /etc/init.d/apache2, /etc/logrotate.d/apache2, etc. -export APACHE_RUN_USER=www-data -export APACHE_RUN_GROUP=www-data -export APACHE_PID_FILE=/var/run/apache2$SUFFIX.pid -export APACHE_RUN_DIR=/var/run/apache2$SUFFIX -export APACHE_LOCK_DIR=/var/lock/apache2$SUFFIX -# Only /var/log/apache2 is handled by /etc/logrotate.d/apache2. -export APACHE_LOG_DIR=/var/log/apache2$SUFFIX - -## The locale used by some modules like mod_dav -export LANG=C -## Uncomment the following line to use the system default locale instead: -#. /etc/default/locale - -export LANG - -## The command to get the status for 'apache2ctl status'. -## Some packages providing 'www-browser' need '--dump' instead of '-dump'. -#export APACHE_LYNX='www-browser -dump' - -## If you need a higher file descriptor limit, uncomment and adjust the -## following line (default is 8192): -#APACHE_ULIMIT_MAX_FILES='ulimit -n 65536' diff --git a/config_samples/devstack/host1/apache2/httpd.conf b/config_samples/devstack/host1/apache2/httpd.conf deleted file mode 100644 index e69de29..0000000 diff --git a/config_samples/devstack/host1/apache2/magic b/config_samples/devstack/host1/apache2/magic deleted file mode 100644 index cdf9ac5..0000000 --- a/config_samples/devstack/host1/apache2/magic +++ /dev/null @@ -1,935 +0,0 @@ -# Magic data for mod_mime_magic (originally for file(1) command) -# -# The format is 4-5 columns: -# Column #1: byte number to begin checking from, ">" indicates continuation -# Column #2: type of data to match -# Column #3: contents of data to match -# Column #4: MIME type of result -# Column #5: MIME encoding of result (optional) - -#------------------------------------------------------------------------------ -# Localstuff: file(1) magic for locally observed files -# Add any locally observed files here. - -# Real Audio (Magic .ra\0375) -0 belong 0x2e7261fd audio/x-pn-realaudio -0 string .RMF application/vnd.rn-realmedia - -#video/x-pn-realvideo -#video/vnd.rn-realvideo -#application/vnd.rn-realmedia -# sigh, there are many mimes for that but the above are the most common. - -# Taken from magic, converted to magic.mime -# mime types according to http://www.geocities.com/nevilo/mod.htm: -# audio/it .it -# audio/x-zipped-it .itz -# audio/xm fasttracker modules -# audio/x-s3m screamtracker modules -# audio/s3m screamtracker modules -# audio/x-zipped-mod mdz -# audio/mod mod -# audio/x-mod All modules (mod, s3m, 669, mtm, med, xm, it, mdz, stm, itz, xmz, s3z) - -# Taken from loader code from mikmod version 2.14 -# by Steve McIntyre (stevem@chiark.greenend.org.uk) -# added title printing on 2003-06-24 -0 string MAS_UTrack_V00 ->14 string >/0 audio/x-mod -#audio/x-tracker-module - -#0 string UN05 MikMod UNI format module sound data - -0 string Extended\ Module: audio/x-mod -#audio/x-tracker-module -##>17 string >\0 Title: "%s" - -21 string/c \!SCREAM! audio/x-mod -#audio/x-screamtracker-module -21 string BMOD2STM audio/x-mod -#audio/x-screamtracker-module -1080 string M.K. audio/x-mod -#audio/x-protracker-module -#>0 string >\0 Title: "%s" -1080 string M!K! audio/x-mod -#audio/x-protracker-module -#>0 string >\0 Title: "%s" -1080 string FLT4 audio/x-mod -#audio/x-startracker-module -#>0 string >\0 Title: "%s" -1080 string FLT8 audio/x-mod -#audio/x-startracker-module -#>0 string >\0 Title: "%s" -1080 string 4CHN audio/x-mod -#audio/x-fasttracker-module -#>0 string >\0 Title: "%s" -1080 string 6CHN audio/x-mod -#audio/x-fasttracker-module -#>0 string >\0 Title: "%s" -1080 string 8CHN audio/x-mod -#audio/x-fasttracker-module -#>0 string >\0 Title: "%s" -1080 string CD81 audio/x-mod -#audio/x-oktalyzer-tracker-module -#>0 string >\0 Title: "%s" -1080 string OKTA audio/x-mod -#audio/x-oktalyzer-tracker-module -#>0 string >\0 Title: "%s" -# Not good enough. -#1082 string CH -#>1080 string >/0 %.2s-channel Fasttracker "oktalyzer" module sound data -1080 string 16CN audio/x-mod -#audio/x-taketracker-module -#>0 string >\0 Title: "%s" -1080 string 32CN audio/x-mod -#audio/x-taketracker-module -#>0 string >\0 Title: "%s" - -# Impuse tracker module (it) -0 string IMPM audio/x-mod -#>4 string >\0 "%s" -#>40 leshort !0 compatible w/ITv%x -#>42 leshort !0 created w/ITv%x - -#------------------------------------------------------------------------------ -# end local stuff -#------------------------------------------------------------------------------ - -# xml based formats! - -# svg - -0 string \38 string \<\!DOCTYPE\040svg image/svg+xml - - -# xml -0 string \2 short 0xbabe application/java - -#------------------------------------------------------------------------------ -# audio: file(1) magic for sound formats -# -# from Jan Nicolai Langfeldt , -# - -# Sun/NeXT audio data -0 string .snd ->12 belong 1 audio/basic ->12 belong 2 audio/basic ->12 belong 3 audio/basic ->12 belong 4 audio/basic ->12 belong 5 audio/basic ->12 belong 6 audio/basic ->12 belong 7 audio/basic - ->12 belong 23 audio/x-adpcm - -# DEC systems (e.g. DECstation 5000) use a variant of the Sun/NeXT format -# that uses little-endian encoding and has a different magic number -# (0x0064732E in little-endian encoding). -0 lelong 0x0064732E ->12 lelong 1 audio/x-dec-basic ->12 lelong 2 audio/x-dec-basic ->12 lelong 3 audio/x-dec-basic ->12 lelong 4 audio/x-dec-basic ->12 lelong 5 audio/x-dec-basic ->12 lelong 6 audio/x-dec-basic ->12 lelong 7 audio/x-dec-basic -# compressed (G.721 ADPCM) ->12 lelong 23 audio/x-dec-adpcm - -# Bytes 0-3 of AIFF, AIFF-C, & 8SVX audio files are "FORM" -# AIFF audio data -8 string AIFF audio/x-aiff -# AIFF-C audio data -8 string AIFC audio/x-aiff -# IFF/8SVX audio data -8 string 8SVX audio/x-aiff - - - -# Creative Labs AUDIO stuff -# Standard MIDI data -0 string MThd audio/unknown -#>9 byte >0 (format %d) -#>11 byte >1 using %d channels -# Creative Music (CMF) data -0 string CTMF audio/unknown -# SoundBlaster instrument data -0 string SBI audio/unknown -# Creative Labs voice data -0 string Creative\ Voice\ File audio/unknown -## is this next line right? it came this way... -#>19 byte 0x1A -#>23 byte >0 - version %d -#>22 byte >0 \b.%d - -# [GRR 950115: is this also Creative Labs? Guessing that first line -# should be string instead of unknown-endian long...] -#0 long 0x4e54524b MultiTrack sound data -#0 string NTRK MultiTrack sound data -#>4 long x - version %ld - -# Microsoft WAVE format (*.wav) -# [GRR 950115: probably all of the shorts and longs should be leshort/lelong] -# Microsoft RIFF -0 string RIFF -# - WAVE format ->8 string WAVE audio/x-wav ->8 string/B AVI video/x-msvideo -# ->8 string CDRA image/x-coreldraw - -# AAC (aka MPEG-2 NBC) -0 beshort&0xfff6 0xfff0 audio/X-HX-AAC-ADTS -0 string ADIF audio/X-HX-AAC-ADIF -0 beshort&0xffe0 0x56e0 audio/MP4A-LATM -0 beshort 0x4De1 audio/MP4A-LATM - -# MPEG Layer 3 sound files -0 beshort&0xfffe =0xfffa audio/mpeg -#MP3 with ID3 tag -0 string ID3 audio/mpeg -# Ogg/Vorbis -0 string OggS application/ogg - -#------------------------------------------------------------------------------ -# c-lang: file(1) magic for C programs or various scripts -# - -# XPM icons (Greg Roelofs, newt@uchicago.edu) -# ideally should go into "images", but entries below would tag XPM as C source -0 string /*\ XPM image/x-xpmi 7bit - -# 3DS (3d Studio files) -#16 beshort 0x3d3d image/x-3ds - -# this first will upset you if you're a PL/1 shop... (are there any left?) -# in which case rm it; ascmagic will catch real C programs -# C or REXX program text -#0 string /* text/x-c -# C++ program text -#0 string // text/x-c++ - -#------------------------------------------------------------------------------ -# commands: file(1) magic for various shells and interpreters -# -#0 string :\ shell archive or commands for antique kernel text -0 string #!/bin/sh application/x-shellscript -0 string #!\ /bin/sh application/x-shellscript -0 string #!/bin/csh application/x-shellscript -0 string #!\ /bin/csh application/x-shellscript -# korn shell magic, sent by George Wu, gwu@clyde.att.com -0 string #!/bin/ksh application/x-shellscript -0 string #!\ /bin/ksh application/x-shellscript -0 string #!/bin/tcsh application/x-shellscript -0 string #!\ /bin/tcsh application/x-shellscript -0 string #!/usr/local/tcsh application/x-shellscript -0 string #!\ /usr/local/tcsh application/x-shellscript -0 string #!/usr/local/bin/tcsh application/x-shellscript -0 string #!\ /usr/local/bin/tcsh application/x-shellscript -# bash shell magic, from Peter Tobias (tobias@server.et-inf.fho-emden.de) -0 string #!/bin/bash application/x-shellscript -0 string #!\ /bin/bash application/x-shellscript -0 string #!/usr/local/bin/bash application/x-shellscript -0 string #!\ /usr/local/bin/bash application/x-shellscript - -# -# zsh/ash/ae/nawk/gawk magic from cameron@cs.unsw.oz.au (Cameron Simpson) -0 string #!/bin/zsh application/x-shellscript -0 string #!/usr/bin/zsh application/x-shellscript -0 string #!/usr/local/bin/zsh application/x-shellscript -0 string #!\ /usr/local/bin/zsh application/x-shellscript -0 string #!/usr/local/bin/ash application/x-shellscript -0 string #!\ /usr/local/bin/ash application/x-shellscript -#0 string #!/usr/local/bin/ae Neil Brown's ae -#0 string #!\ /usr/local/bin/ae Neil Brown's ae -0 string #!/bin/nawk application/x-nawk -0 string #!\ /bin/nawk application/x-nawk -0 string #!/usr/bin/nawk application/x-nawk -0 string #!\ /usr/bin/nawk application/x-nawk -0 string #!/usr/local/bin/nawk application/x-nawk -0 string #!\ /usr/local/bin/nawk application/x-nawk -0 string #!/bin/gawk application/x-gawk -0 string #!\ /bin/gawk application/x-gawk -0 string #!/usr/bin/gawk application/x-gawk -0 string #!\ /usr/bin/gawk application/x-gawk -0 string #!/usr/local/bin/gawk application/x-gawk -0 string #!\ /usr/local/bin/gawk application/x-gawk -# -0 string #!/bin/awk application/x-awk -0 string #!\ /bin/awk application/x-awk -0 string #!/usr/bin/awk application/x-awk -0 string #!\ /usr/bin/awk application/x-awk -# update to distinguish from *.vcf files by Joerg Jenderek: joerg dot jenderek at web dot de -#0 regex BEGIN[[:space:]]*[{] application/x-awk - -# For Larry Wall's perl language. The ``eval'' line recognizes an -# outrageously clever hack for USG systems. -# Keith Waclena -0 string #!/bin/perl application/x-perl -0 string #!\ /bin/perl application/x-perl -0 string eval\ "exec\ /bin/perl application/x-perl -0 string #!/usr/bin/perl application/x-perl -0 string #!\ /usr/bin/perl application/x-perl -0 string eval\ "exec\ /usr/bin/perl application/x-perl -0 string #!/usr/local/bin/perl application/x-perl -0 string #!\ /usr/local/bin/perl application/x-perl -0 string eval\ "exec\ /usr/local/bin/perl application/x-perl - -#------------------------------------------------------------------------------ -# compress: file(1) magic for pure-compression formats (no archives) -# -# compress, gzip, pack, compact, huf, squeeze, crunch, freeze, yabba, whap, etc. -# -# Formats for various forms of compressed data -# Formats for "compress" proper have been moved into "compress.c", -# because it tries to uncompress it to figure out what's inside. - -# standard unix compress -#0 string \037\235 application/x-compress - -# gzip (GNU zip, not to be confused with [Info-ZIP/PKWARE] zip archiver) -#0 string \037\213 application/x-gzip - -0 string PK\003\004 application/x-zip - -# RAR archiver (Greg Roelofs, newt@uchicago.edu) -0 string Rar! application/x-rar - -# According to gzip.h, this is the correct byte order for packed data. -0 string \037\036 application/octet-stream -# -# This magic number is byte-order-independent. -# -0 short 017437 application/octet-stream - -# XXX - why *two* entries for "compacted data", one of which is -# byte-order independent, and one of which is byte-order dependent? -# -# compacted data -0 short 0x1fff application/octet-stream -0 string \377\037 application/octet-stream -# huf output -0 short 0145405 application/octet-stream - -# Squeeze and Crunch... -# These numbers were gleaned from the Unix versions of the programs to -# handle these formats. Note that I can only uncrunch, not crunch, and -# I didn't have a crunched file handy, so the crunch number is untested. -# Keith Waclena -#0 leshort 0x76FF squeezed data (CP/M, DOS) -#0 leshort 0x76FE crunched data (CP/M, DOS) - -# Freeze -#0 string \037\237 Frozen file 2.1 -#0 string \037\236 Frozen file 1.0 (or gzip 0.5) - -# lzh? -#0 string \037\240 LZH compressed data - -257 string ustar\0 application/x-tar posix -257 string ustar\040\040\0 application/x-tar gnu - -0 short 070707 application/x-cpio -0 short 0143561 application/x-cpio swapped - -0 string = application/x-archive -0 string \! application/x-archive ->8 string debian application/x-debian-package - -#------------------------------------------------------------------------------ -# -# RPM: file(1) magic for Red Hat Packages Erik Troan (ewt@redhat.com) -# -0 beshort 0xedab ->2 beshort 0xeedb application/x-rpm - -0 lelong&0x8080ffff 0x0000081a application/x-arc lzw -0 lelong&0x8080ffff 0x0000091a application/x-arc squashed -0 lelong&0x8080ffff 0x0000021a application/x-arc uncompressed -0 lelong&0x8080ffff 0x0000031a application/x-arc packed -0 lelong&0x8080ffff 0x0000041a application/x-arc squeezed -0 lelong&0x8080ffff 0x0000061a application/x-arc crunched - -0 leshort 0xea60 application/x-arj - -# LHARC/LHA archiver (Greg Roelofs, newt@uchicago.edu) -2 string -lh0- application/x-lharc lh0 -2 string -lh1- application/x-lharc lh1 -2 string -lz4- application/x-lharc lz4 -2 string -lz5- application/x-lharc lz5 -# [never seen any but the last; -lh4- reported in comp.compression:] -2 string -lzs- application/x-lha lzs -2 string -lh\ - application/x-lha lh -2 string -lhd- application/x-lha lhd -2 string -lh2- application/x-lha lh2 -2 string -lh3- application/x-lha lh3 -2 string -lh4- application/x-lha lh4 -2 string -lh5- application/x-lha lh5 -2 string -lh6- application/x-lha lh6 -2 string -lh7- application/x-lha lh7 -# Shell archives -10 string #\ This\ is\ a\ shell\ archive application/octet-stream x-shell - -#------------------------------------------------------------------------------ -# frame: file(1) magic for FrameMaker files -# -# This stuff came on a FrameMaker demo tape, most of which is -# copyright, but this file is "published" as witness the following: -# -0 string \ -# -0 string/cB \14 byte 12 (OS/2 1.x format) -#>14 byte 64 (OS/2 2.x format) -#>14 byte 40 (Windows 3.x format) -#0 string IC icon -#0 string PI pointer -#0 string CI color icon -#0 string CP color pointer -#0 string BA bitmap array - -# CDROM Filesystems -32769 string CD001 application/x-iso9660 - -# Newer StuffIt archives (grant@netbsd.org) -0 string StuffIt application/x-stuffit -#>162 string >0 : %s - -# BinHex is the Macintosh ASCII-encoded file format (see also "apple") -# Daniel Quinlan, quinlan@yggdrasil.com -11 string must\ be\ converted\ with\ BinHex\ 4 application/mac-binhex40 -##>41 string x \b, version %.3s - - -#------------------------------------------------------------------------------ -# lisp: file(1) magic for lisp programs -# -# various lisp types, from Daniel Quinlan (quinlan@yggdrasil.com) -0 string ;; text/plain 8bit -# Emacs 18 - this is always correct, but not very magical. -0 string \012( application/x-elc -# Emacs 19 -0 string ;ELC\023\000\000\000 application/x-elc - -#------------------------------------------------------------------------------ -# mail.news: file(1) magic for mail and news -# -# There are tests to ascmagic.c to cope with mail and news. -0 string Relay-Version: message/rfc822 7bit -0 string #!\ rnews message/rfc822 7bit -0 string N#!\ rnews message/rfc822 7bit -0 string Forward\ to message/rfc822 7bit -0 string Pipe\ to message/rfc822 7bit -0 string Return-Path: message/rfc822 7bit -0 string Received: message/rfc822 -0 string Path: message/news 8bit -0 string Xref: message/news 8bit -0 string From: message/rfc822 7bit -0 string Article message/news 8bit -#------------------------------------------------------------------------------ -# msword: file(1) magic for MS Word files -# -# Contributor claims: -# Reversed-engineered MS Word magic numbers -# - -0 string \376\067\0\043 application/msword -0 string \320\317\021\340\241\261 application/msword -0 string \333\245-\0\0\0 application/msword - - - -#------------------------------------------------------------------------------ -# printer: file(1) magic for printer-formatted files -# - -# PostScript -0 string %! application/postscript -0 string \004%! application/postscript - -# Acrobat -# (due to clamen@cs.cmu.edu) -0 string %PDF- application/pdf - -#------------------------------------------------------------------------------ -# sc: file(1) magic for "sc" spreadsheet -# -38 string Spreadsheet application/x-sc - -#------------------------------------------------------------------------------ -# tex: file(1) magic for TeX files -# -# XXX - needs byte-endian stuff (big-endian and little-endian DVI?) -# -# From - -# Although we may know the offset of certain text fields in TeX DVI -# and font files, we can't use them reliably because they are not -# zero terminated. [but we do anyway, christos] -0 string \367\002 application/x-dvi -#0 string \367\203 TeX generic font data -#0 string \367\131 TeX packed font data -#0 string \367\312 TeX virtual font data -#0 string This\ is\ TeX, TeX transcript text -#0 string This\ is\ METAFONT, METAFONT transcript text - -# There is no way to detect TeX Font Metric (*.tfm) files without -# breaking them apart and reading the data. The following patterns -# match most *.tfm files generated by METAFONT or afm2tfm. -2 string \000\021 application/x-tex-tfm -2 string \000\022 application/x-tex-tfm -#>34 string >\0 (%s) - -# Texinfo and GNU Info, from Daniel Quinlan (quinlan@yggdrasil.com) -0 string \\input\ texinfo text/x-texinfo -0 string This\ is\ Info\ file text/x-info - -# correct TeX magic for Linux (and maybe more) -# from Peter Tobias (tobias@server.et-inf.fho-emden.de) -# -0 leshort 0x02f7 application/x-dvi - -# RTF - Rich Text Format -0 string {\\rtf text/rtf - -#------------------------------------------------------------------------------ -# animation: file(1) magic for animation/movie formats -# -# animation formats, originally from vax@ccwf.cc.utexas.edu (VaX#n8) -# MPEG file -# MPEG sequences -0 belong 0x000001BA ->4 byte &0x40 video/mp2p ->4 byte ^0x40 video/mpeg -0 belong 0x000001BB video/mpeg -0 belong 0x000001B0 video/mp4v-es -0 belong 0x000001B5 video/mp4v-es -0 belong 0x000001B3 video/mpv -0 belong&0xFF5FFF1F 0x47400010 video/mp2t -0 belong 0x00000001 ->4 byte&0x1F 0x07 video/h264 - -# FLI animation format -0 leshort 0xAF11 video/fli -# FLC animation format -0 leshort 0xAF12 video/flc -# -# SGI and Apple formats -# Added ISO mimes -0 string MOVI video/sgi -4 string moov video/quicktime -4 string mdat video/quicktime -4 string wide video/quicktime -4 string skip video/quicktime -4 string free video/quicktime -4 string idsc image/x-quicktime -4 string idat image/x-quicktime -4 string pckg application/x-quicktime -4 string/B jP image/jp2 -4 string ftyp ->8 string isom video/mp4 ->8 string mp41 video/mp4 ->8 string mp42 video/mp4 ->8 string/B jp2 image/jp2 ->8 string 3gp video/3gpp ->8 string avc1 video/3gpp ->8 string mmp4 video/mp4 ->8 string/B M4A audio/mp4 ->8 string/B qt video/quicktime -# The contributor claims: -# I couldn't find a real magic number for these, however, this -# -appears- to work. Note that it might catch other files, too, -# so BE CAREFUL! -# -# Note that title and author appear in the two 20-byte chunks -# at decimal offsets 2 and 22, respectively, but they are XOR'ed with -# 255 (hex FF)! DL format SUCKS BIG ROCKS. -# -# DL file version 1 , medium format (160x100, 4 images/screen) -0 byte 1 video/unknown -0 byte 2 video/unknown -# -# Databases -# -# GDBM magic numbers -# Will be maintained as part of the GDBM distribution in the future. -# -0 belong 0x13579ace application/x-gdbm -0 lelong 0x13579ace application/x-gdbm -0 string GDBM application/x-gdbm -# -0 belong 0x061561 application/x-dbm -# -# Executables -# -0 string \177ELF ->16 leshort 0 application/octet-stream ->16 leshort 1 application/x-object ->16 leshort 2 application/x-executable ->16 leshort 3 application/x-sharedlib ->16 leshort 4 application/x-coredump ->16 beshort 0 application/octet-stream ->16 beshort 1 application/x-object ->16 beshort 2 application/x-executable ->16 beshort 3 application/x-sharedlib ->16 beshort 4 application/x-coredump -# -# DOS -0 string MZ application/x-dosexec -# -# KDE -0 string [KDE\ Desktop\ Entry] application/x-kdelnk -0 string \#\ KDE\ Config\ File application/x-kdelnk -# xmcd database file for kscd -0 string \#\ xmcd text/xmcd - -#------------------------------------------------------------------------------ -# pkgadd: file(1) magic for SysV R4 PKG Datastreams -# -0 string #\ PaCkAgE\ DaTaStReAm application/x-svr4-package - -#PNG Image Format -0 string \x89PNG image/png - -# MNG Video Format, -0 string \x8aMNG video/x-mng -0 string \x8aJNG video/x-jng - -#------------------------------------------------------------------------------ -# Hierarchical Data Format, used to facilitate scientific data exchange -# specifications at http://hdf.ncsa.uiuc.edu/ -#Hierarchical Data Format (version 4) data -0 belong 0x0e031301 application/x-hdf -#Hierarchical Data Format (version 5) data -0 string \211HDF\r\n\032 application/x-hdf - -# Adobe Photoshop -0 string 8BPS image/x-photoshop - -# Felix von Leitner -0 string d8:announce application/x-bittorrent - - -# lotus 1-2-3 document -0 belong 0x00001a00 application/x-123 -0 belong 0x00000200 application/x-123 - -# MS Access database -4 string Standard\ Jet\ DB application/msaccess - -## magic for XBase files -#0 byte 0x02 -#>8 leshort >0 -#>>12 leshort 0 application/x-dbf -# -#0 byte 0x03 -#>8 leshort >0 -#>>12 leshort 0 application/x-dbf -# -#0 byte 0x04 -#>8 leshort >0 -#>>12 leshort 0 application/x-dbf -# -#0 byte 0x05 -#>8 leshort >0 -#>>12 leshort 0 application/x-dbf -# -#0 byte 0x30 -#>8 leshort >0 -#>>12 leshort 0 application/x-dbf -# -#0 byte 0x43 -#>8 leshort >0 -#>>12 leshort 0 application/x-dbf -# -#0 byte 0x7b -#>8 leshort >0 -#>>12 leshort 0 application/x-dbf -# -#0 byte 0x83 -#>8 leshort >0 -#>>12 leshort 0 application/x-dbf -# -#0 byte 0x8b -#>8 leshort >0 -#>>12 leshort 0 application/x-dbf -# -#0 byte 0x8e -#>8 leshort >0 -#>>12 leshort 0 application/x-dbf -# -#0 byte 0xb3 -#>8 leshort >0 -#>>12 leshort 0 application/x-dbf -# -#0 byte 0xf5 -#>8 leshort >0 -#>>12 leshort 0 application/x-dbf -# -#0 leshort 0x0006 application/x-dbt - -# Debian has entries for the old PGP formats: -# pgp: file(1) magic for Pretty Good Privacy -# see http://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html -#text/PGP key public ring -0 beshort 0x9900 application/pgp -#text/PGP key security ring -0 beshort 0x9501 application/pgp -#text/PGP key security ring -0 beshort 0x9500 application/pgp -#text/PGP encrypted data -0 beshort 0xa600 application/pgp-encrypted -#text/PGP armored data -##public key block -2 string ---BEGIN\ PGP\ PUBLIC\ KEY\ BLOCK- application/pgp-keys -0 string -----BEGIN\040PGP\40MESSAGE- application/pgp -0 string -----BEGIN\040PGP\40SIGNATURE- application/pgp-signature -# -# GnuPG Magic: -# -# -#text/GnuPG key public ring -0 beshort 0x9901 application/pgp -#text/OpenPGP data -0 beshort 0x8501 application/pgp-encrypted - -# flash: file(1) magic for Macromedia Flash file format -# -# See -# -# http://www.macromedia.com/software/flash/open/ -# -0 string FWS ->3 byte x application/x-shockwave-flash - -# The following paramaters are created for Namazu. -# -# -# 1999/08/13 -#0 string \ - - - - - - - - - - - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/allow-dhcp.xml b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/allow-dhcp.xml deleted file mode 100644 index d66d2b6..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/allow-dhcp.xml +++ /dev/null @@ -1,21 +0,0 @@ - - - - - - - - - - - - - - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/allow-incoming-ipv4.xml b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/allow-incoming-ipv4.xml deleted file mode 100644 index dd1e50d..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/allow-incoming-ipv4.xml +++ /dev/null @@ -1,3 +0,0 @@ - - - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/allow-ipv4.xml b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/allow-ipv4.xml deleted file mode 100644 index 28e930a..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/allow-ipv4.xml +++ /dev/null @@ -1,3 +0,0 @@ - - - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/clean-traffic.xml b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/clean-traffic.xml deleted file mode 100644 index b8cde9c..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/clean-traffic.xml +++ /dev/null @@ -1,30 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-arp-ip-spoofing.xml b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-arp-ip-spoofing.xml deleted file mode 100644 index 7365298..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-arp-ip-spoofing.xml +++ /dev/null @@ -1,9 +0,0 @@ - - - - - - - - - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-arp-mac-spoofing.xml b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-arp-mac-spoofing.xml deleted file mode 100644 index 71482bb..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-arp-mac-spoofing.xml +++ /dev/null @@ -1,7 +0,0 @@ - - - - - - - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-arp-spoofing.xml b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-arp-spoofing.xml deleted file mode 100644 index 23f2d3c..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-arp-spoofing.xml +++ /dev/null @@ -1,4 +0,0 @@ - - - - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-ip-multicast.xml b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-ip-multicast.xml deleted file mode 100644 index edcf03f..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-ip-multicast.xml +++ /dev/null @@ -1,9 +0,0 @@ - - - - - - - - - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-ip-spoofing.xml b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-ip-spoofing.xml deleted file mode 100644 index f8c9573..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-ip-spoofing.xml +++ /dev/null @@ -1,14 +0,0 @@ - - - - - - - - - - - - - - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-mac-broadcast.xml b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-mac-broadcast.xml deleted file mode 100644 index 74e65bf..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-mac-broadcast.xml +++ /dev/null @@ -1,8 +0,0 @@ - - - - - - - - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-mac-spoofing.xml b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-mac-spoofing.xml deleted file mode 100644 index 2d0468f..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-mac-spoofing.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - - - - - - - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-other-l2-traffic.xml b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-other-l2-traffic.xml deleted file mode 100644 index 8bad86e..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-other-l2-traffic.xml +++ /dev/null @@ -1,7 +0,0 @@ - - - - - - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-other-rarp-traffic.xml b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-other-rarp-traffic.xml deleted file mode 100644 index 7729996..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/no-other-rarp-traffic.xml +++ /dev/null @@ -1,3 +0,0 @@ - - - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/qemu-announce-self-rarp.xml b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/qemu-announce-self-rarp.xml deleted file mode 100644 index b7a848a..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/qemu-announce-self-rarp.xml +++ /dev/null @@ -1,14 +0,0 @@ - - - - - - - - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/qemu-announce-self.xml b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/qemu-announce-self.xml deleted file mode 100644 index 352db50..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/nwfilter/qemu-announce-self.xml +++ /dev/null @@ -1,13 +0,0 @@ - - - - - - - - - - - - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/qemu.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/qemu.conf deleted file mode 100644 index 7a5e4ce..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/qemu.conf +++ /dev/null @@ -1,404 +0,0 @@ -# Master configuration file for the QEMU driver. -# All settings described here are optional - if omitted, sensible -# defaults are used. - -# VNC is configured to listen on 127.0.0.1 by default. -# To make it listen on all public interfaces, uncomment -# this next option. -# -# NB, strong recommendation to enable TLS + x509 certificate -# verification when allowing public access -# -#vnc_listen = "0.0.0.0" - -# Enable this option to have VNC served over an automatically created -# unix socket. This prevents unprivileged access from users on the -# host machine, though most VNC clients do not support it. -# -# This will only be enabled for VNC configurations that do not have -# a hardcoded 'listen' or 'socket' value. This setting takes preference -# over vnc_listen. -# -#vnc_auto_unix_socket = 1 - -# Enable use of TLS encryption on the VNC server. This requires -# a VNC client which supports the VeNCrypt protocol extension. -# Examples include vinagre, virt-viewer, virt-manager and vencrypt -# itself. UltraVNC, RealVNC, TightVNC do not support this -# -# It is necessary to setup CA and issue a server certificate -# before enabling this. -# -#vnc_tls = 1 - - -# Use of TLS requires that x509 certificates be issued. The -# default it to keep them in /etc/pki/libvirt-vnc. This directory -# must contain -# -# ca-cert.pem - the CA master certificate -# server-cert.pem - the server certificate signed with ca-cert.pem -# server-key.pem - the server private key -# -# This option allows the certificate directory to be changed -# -#vnc_tls_x509_cert_dir = "/etc/pki/libvirt-vnc" - - -# The default TLS configuration only uses certificates for the server -# allowing the client to verify the server's identity and establish -# an encrypted channel. -# -# It is possible to use x509 certificates for authentication too, by -# issuing a x509 certificate to every client who needs to connect. -# -# Enabling this option will reject any client who does not have a -# certificate signed by the CA in /etc/pki/libvirt-vnc/ca-cert.pem -# -#vnc_tls_x509_verify = 1 - - -# The default VNC password. Only 8 letters are significant for -# VNC passwords. This parameter is only used if the per-domain -# XML config does not already provide a password. To allow -# access without passwords, leave this commented out. An empty -# string will still enable passwords, but be rejected by QEMU, -# effectively preventing any use of VNC. Obviously change this -# example here before you set this. -# -#vnc_password = "XYZ12345" - - -# Enable use of SASL encryption on the VNC server. This requires -# a VNC client which supports the SASL protocol extension. -# Examples include vinagre, virt-viewer and virt-manager -# itself. UltraVNC, RealVNC, TightVNC do not support this -# -# It is necessary to configure /etc/sasl2/qemu.conf to choose -# the desired SASL plugin (eg, GSSPI for Kerberos) -# -#vnc_sasl = 1 - - -# The default SASL configuration file is located in /etc/sasl2/ -# When running libvirtd unprivileged, it may be desirable to -# override the configs in this location. Set this parameter to -# point to the directory, and create a qemu.conf in that location -# -#vnc_sasl_dir = "/some/directory/sasl2" - - -# QEMU implements an extension for providing audio over a VNC connection, -# though if your VNC client does not support it, your only chance for getting -# sound output is through regular audio backends. By default, libvirt will -# disable all QEMU sound backends if using VNC, since they can cause -# permissions issues. Enabling this option will make libvirtd honor the -# QEMU_AUDIO_DRV environment variable when using VNC. -# -#vnc_allow_host_audio = 0 - - - -# SPICE is configured to listen on 127.0.0.1 by default. -# To make it listen on all public interfaces, uncomment -# this next option. -# -# NB, strong recommendation to enable TLS + x509 certificate -# verification when allowing public access -# -#spice_listen = "0.0.0.0" - - -# Enable use of TLS encryption on the SPICE server. -# -# It is necessary to setup CA and issue a server certificate -# before enabling this. -# -#spice_tls = 1 - - -# Use of TLS requires that x509 certificates be issued. The -# default it to keep them in /etc/pki/libvirt-spice. This directory -# must contain -# -# ca-cert.pem - the CA master certificate -# server-cert.pem - the server certificate signed with ca-cert.pem -# server-key.pem - the server private key -# -# This option allows the certificate directory to be changed. -# -#spice_tls_x509_cert_dir = "/etc/pki/libvirt-spice" - - -# The default SPICE password. This parameter is only used if the -# per-domain XML config does not already provide a password. To -# allow access without passwords, leave this commented out. An -# empty string will still enable passwords, but be rejected by -# QEMU, effectively preventing any use of SPICE. Obviously change -# this example here before you set this. -# -#spice_password = "XYZ12345" - - -# Override the port for creating both VNC and SPICE sessions (min). -# This defaults to 5900 and increases for consecutive sessions -# or when ports are occupied, until it hits the maximum. -# -# Minimum must be greater than or equal to 5900 as lower number would -# result into negative vnc display number. -# -# Maximum must be less than 65536, because higher numbers do not make -# sense as a port number. -# -#remote_display_port_min = 5900 -#remote_display_port_max = 65535 - - -# The default security driver is SELinux. If SELinux is disabled -# on the host, then the security driver will automatically disable -# itself. If you wish to disable QEMU SELinux security driver while -# leaving SELinux enabled for the host in general, then set this -# to 'none' instead. It's also possible to use more than one security -# driver at the same time, for this use a list of names separated by -# comma and delimited by square brackets. For example: -# -# security_driver = [ "selinux", "apparmor" ] -# -# Notes: The DAC security driver is always enabled; as a result, the -# value of security_driver cannot contain "dac". The value "none" is -# a special value; security_driver can be set to that value in -# isolation, but it cannot appear in a list of drivers. -# -#security_driver = "selinux" - -# If set to non-zero, then the default security labeling -# will make guests confined. If set to zero, then guests -# will be unconfined by default. Defaults to 1. -#security_default_confined = 1 - -# If set to non-zero, then attempts to create unconfined -# guests will be blocked. Defaults to 0. -#security_require_confined = 1 - -# The user for QEMU processes run by the system instance. It can be -# specified as a user name or as a user id. The qemu driver will try to -# parse this value first as a name and then, if the name doesn't exist, -# as a user id. -# -# Since a sequence of digits is a valid user name, a leading plus sign -# can be used to ensure that a user id will not be interpreted as a user -# name. -# -# Some examples of valid values are: -# -# user = "qemu" # A user named "qemu" -# user = "+0" # Super user (uid=0) -# user = "100" # A user named "100" or a user with uid=100 -# -#user = "root" - -# The group for QEMU processes run by the system instance. It can be -# specified in a similar way to user. -#group = "root" - -# Whether libvirt should dynamically change file ownership -# to match the configured user/group above. Defaults to 1. -# Set to 0 to disable file ownership changes. -#dynamic_ownership = 1 - - -# What cgroup controllers to make use of with QEMU guests -# -# - 'cpu' - use for schedular tunables -# - 'devices' - use for device whitelisting -# - 'memory' - use for memory tunables -# - 'blkio' - use for block devices I/O tunables -# - 'cpuset' - use for CPUs and memory nodes -# - 'cpuacct' - use for CPUs statistics. -# -# NB, even if configured here, they won't be used unless -# the administrator has mounted cgroups, e.g.: -# -# mkdir /dev/cgroup -# mount -t cgroup -o devices,cpu,memory,blkio,cpuset none /dev/cgroup -# -# They can be mounted anywhere, and different controllers -# can be mounted in different locations. libvirt will detect -# where they are located. -# -#cgroup_controllers = [ "cpu", "devices", "memory", "blkio", "cpuset", "cpuacct" ] - -# This is the basic set of devices allowed / required by -# all virtual machines. -# -# As well as this, any configured block backed disks, -# all sound device, and all PTY devices are allowed. -# -# This will only need setting if newer QEMU suddenly -# wants some device we don't already know about. -# -#cgroup_device_acl = [ -# "/dev/null", "/dev/full", "/dev/zero", -# "/dev/random", "/dev/urandom", -# "/dev/ptmx", "/dev/kvm", "/dev/kqemu", -# "/dev/rtc","/dev/hpet" -#] - - -# The default format for Qemu/KVM guest save images is raw; that is, the -# memory from the domain is dumped out directly to a file. If you have -# guests with a large amount of memory, however, this can take up quite -# a bit of space. If you would like to compress the images while they -# are being saved to disk, you can also set "lzop", "gzip", "bzip2", or "xz" -# for save_image_format. Note that this means you slow down the process of -# saving a domain in order to save disk space; the list above is in descending -# order by performance and ascending order by compression ratio. -# -# save_image_format is used when you use 'virsh save' at scheduled -# saving, and it is an error if the specified save_image_format is -# not valid, or the requested compression program can't be found. -# -# dump_image_format is used when you use 'virsh dump' at emergency -# crashdump, and if the specified dump_image_format is not valid, or -# the requested compression program can't be found, this falls -# back to "raw" compression. -# -#save_image_format = "raw" -#dump_image_format = "raw" - -# When a domain is configured to be auto-dumped when libvirtd receives a -# watchdog event from qemu guest, libvirtd will save dump files in directory -# specified by auto_dump_path. Default value is /var/lib/libvirt/qemu/dump -# -#auto_dump_path = "/var/lib/libvirt/qemu/dump" - -# When a domain is configured to be auto-dumped, enabling this flag -# has the same effect as using the VIR_DUMP_BYPASS_CACHE flag with the -# virDomainCoreDump API. That is, the system will avoid using the -# file system cache while writing the dump file, but may cause -# slower operation. -# -#auto_dump_bypass_cache = 0 - -# When a domain is configured to be auto-started, enabling this flag -# has the same effect as using the VIR_DOMAIN_START_BYPASS_CACHE flag -# with the virDomainCreateWithFlags API. That is, the system will -# avoid using the file system cache when restoring any managed state -# file, but may cause slower operation. -# -#auto_start_bypass_cache = 0 - -# If provided by the host and a hugetlbfs mount point is configured, -# a guest may request huge page backing. When this mount point is -# unspecified here, determination of a host mount point in /proc/mounts -# will be attempted. Specifying an explicit mount overrides detection -# of the same in /proc/mounts. Setting the mount point to "" will -# disable guest hugepage backing. -# -# NB, within this mount point, guests will create memory backing files -# in a location of $MOUNTPOINT/libvirt/qemu -# -#hugetlbfs_mount = "/dev/hugepages" - - -# If clear_emulator_capabilities is enabled, libvirt will drop all -# privileged capabilities of the QEmu/KVM emulator. This is enabled by -# default. -# -# Warning: Disabling this option means that a compromised guest can -# exploit the privileges and possibly do damage to the host. -# -#clear_emulator_capabilities = 1 - - -# If enabled, libvirt will have QEMU set its process name to -# "qemu:VM_NAME", where VM_NAME is the name of the VM. The QEMU -# process will appear as "qemu:VM_NAME" in process listings and -# other system monitoring tools. By default, QEMU does not set -# its process title, so the complete QEMU command (emulator and -# its arguments) appear in process listings. -# -#set_process_name = 1 - - -# If max_processes is set to a positive integer, libvirt will use -# it to set the maximum number of processes that can be run by qemu -# user. This can be used to override default value set by host OS. -# The same applies to max_files which sets the limit on the maximum -# number of opened files. -# -#max_processes = 0 -#max_files = 0 - - - -# mac_filter enables MAC addressed based filtering on bridge ports. -# This currently requires ebtables to be installed. -# -#mac_filter = 1 - - -# By default, PCI devices below non-ACS switch are not allowed to be assigned -# to guests. By setting relaxed_acs_check to 1 such devices will be allowed to -# be assigned to guests. -# -#relaxed_acs_check = 1 - - -# If allow_disk_format_probing is enabled, libvirt will probe disk -# images to attempt to identify their format, when not otherwise -# specified in the XML. This is disabled by default. -# -# WARNING: Enabling probing is a security hole in almost all -# deployments. It is strongly recommended that users update their -# guest XML elements to include -# elements instead of enabling this option. -# -#allow_disk_format_probing = 1 - - -# To enable 'Sanlock' project based locking of the file -# content (to prevent two VMs writing to the same -# disk), uncomment this -# -#lock_manager = "sanlock" - - - -# Set limit of maximum APIs queued on one domain. All other APIs -# over this threshold will fail on acquiring job lock. Specially, -# setting to zero turns this feature off. -# Note, that job lock is per domain. -# -#max_queued = 0 - -################################################################### -# Keepalive protocol: -# This allows qemu driver to detect broken connections to remote -# libvirtd during peer-to-peer migration. A keepalive message is -# sent to the deamon after keepalive_interval seconds of inactivity -# to check if the deamon is still responding; keepalive_count is a -# maximum number of keepalive messages that are allowed to be sent -# to the deamon without getting any response before the connection -# is considered broken. In other words, the connection is -# automatically closed approximately after -# keepalive_interval * (keepalive_count + 1) seconds since the last -# message received from the deamon. If keepalive_interval is set to -# -1, qemu driver will not send keepalive requests during -# peer-to-peer migration; however, the remote libvirtd can still -# send them and source libvirtd will send responses. When -# keepalive_count is set to 0, connections will be automatically -# closed after keepalive_interval seconds of inactivity without -# sending any keepalive messages. -# -#keepalive_interval = 5 -#keepalive_count = 5 - - - -# Use seccomp syscall whitelisting in QEMU. -# 1 = on, 0 = off, -1 = use QEMU default -# Defaults to -1. -# -#seccomp_sandbox = 1 -security_driver="none" diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/qemu/networks/autostart/default.xml b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/qemu/networks/autostart/default.xml deleted file mode 100644 index b4a7e38..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/qemu/networks/autostart/default.xml +++ /dev/null @@ -1,12 +0,0 @@ - - default - 4f410192-feaf-421c-b6fc-2be9a443bc27 - - - - - - - - - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/qemu/networks/default.xml b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/qemu/networks/default.xml deleted file mode 100644 index b4a7e38..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/libvirt/qemu/networks/default.xml +++ /dev/null @@ -1,12 +0,0 @@ - - default - 4f410192-feaf-421c-b6fc-2be9a443bc27 - - - - - - - - - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/lvm/archive/os_00000-1366491051.vg b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/lvm/archive/os_00000-1366491051.vg deleted file mode 100644 index 9cb4ffe..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/lvm/archive/os_00000-1366491051.vg +++ /dev/null @@ -1,80 +0,0 @@ -# Generated by LVM2 version 2.02.98(2)-RHEL6 (2012-10-15): Tue Jun 11 22:57:34 2013 - -contents = "Text Format Volume Group" -version = 1 - -description = "Created *before* executing '/sbin/vgs --noheadings -o name --config 'log{command_names=0 prefix=\" \"}''" - -creation_host = "compute-5.domain.tld" # Linux compute-5.domain.tld 2.6.32-358.6.2.el6.x86_64 #1 SMP Thu May 16 20:59:36 UTC 2013 x86_64 -creation_time = 1370991454 # Tue Jun 11 22:57:34 2013 - -os { - id = "V557dk-2Ojc-t0ty-OjDd-Pxwr-yUen-xfcy2p" - seqno = 3 - format = "lvm2" # informational - status = ["RESIZEABLE", "READ", "WRITE"] - flags = [] - extent_size = 65536 # 32 Megabytes - max_lv = 0 - max_pv = 0 - metadata_copies = 0 - - physical_volumes { - - pv0 { - id = "0j1Ot5-woyY-sGkg-DgdG-zuq3-cSLV-fVn9gW" - device = "/dev/sda2" # Hint only - - status = ["ALLOCATABLE"] - flags = [] - dev_size = 29321216 # 13.9814 Gigabytes - pe_start = 2048 - pe_count = 447 # 13.9688 Gigabytes - } - } - - logical_volumes { - - root { - id = "yef2r3-aCvQ-v02L-0LjQ-Be0C-Dr6c-i8AWBn" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "compute-5.domain.tld" - creation_time = 1370991157 # 2013-06-11 22:52:37 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 320 # 10 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 0 - ] - } - } - - swap { - id = "jkj4fJ-Obpy-ib4E-P22M-5fFu-2kUV-WfzEDq" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "compute-5.domain.tld" - creation_time = 1370991160 # 2013-06-11 22:52:40 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 126 # 3.9375 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 320 - ] - } - } - } -} diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/lvm/archive/vm_00000-2105528902.vg b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/lvm/archive/vm_00000-2105528902.vg deleted file mode 100644 index d81ab85..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/lvm/archive/vm_00000-2105528902.vg +++ /dev/null @@ -1,59 +0,0 @@ -# Generated by LVM2 version 2.02.98(2)-RHEL6 (2012-10-15): Tue Jun 11 22:57:34 2013 - -contents = "Text Format Volume Group" -version = 1 - -description = "Created *before* executing '/sbin/vgs --noheadings -o name --config 'log{command_names=0 prefix=\" \"}''" - -creation_host = "compute-5.domain.tld" # Linux compute-5.domain.tld 2.6.32-358.6.2.el6.x86_64 #1 SMP Thu May 16 20:59:36 UTC 2013 x86_64 -creation_time = 1370991454 # Tue Jun 11 22:57:34 2013 - -vm { - id = "jt3r3R-JO5I-HVBd-sKv0-2tIY-qbuk-EF0OWQ" - seqno = 2 - format = "lvm2" # informational - status = ["RESIZEABLE", "READ", "WRITE"] - flags = [] - extent_size = 65536 # 32 Megabytes - max_lv = 0 - max_pv = 0 - metadata_copies = 0 - - physical_volumes { - - pv0 { - id = "Bsp0rM-hosI-uIqM-i5sb-5AcG-pzje-Sc9hF3" - device = "/dev/sda3" # Hint only - - status = ["ALLOCATABLE"] - flags = [] - dev_size = 3801088 # 1.8125 Gigabytes - pe_start = 2048 - pe_count = 57 # 1.78125 Gigabytes - } - } - - logical_volumes { - - libvirt { - id = "RJFm2W-Mxef-MfTO-A4It-Ac0u-PuQa-xp2AGJ" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "compute-5.domain.tld" - creation_time = 1370991160 # 2013-06-11 22:52:40 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 56 # 1.75 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 0 - ] - } - } - } -} diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/lvm/backup/os b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/lvm/backup/os deleted file mode 100644 index 910f638..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/lvm/backup/os +++ /dev/null @@ -1,80 +0,0 @@ -# Generated by LVM2 version 2.02.98(2)-RHEL6 (2012-10-15): Tue Jun 11 22:57:34 2013 - -contents = "Text Format Volume Group" -version = 1 - -description = "Created *after* executing '/sbin/vgs --noheadings -o name --config 'log{command_names=0 prefix=\" \"}''" - -creation_host = "compute-5.domain.tld" # Linux compute-5.domain.tld 2.6.32-358.6.2.el6.x86_64 #1 SMP Thu May 16 20:59:36 UTC 2013 x86_64 -creation_time = 1370991454 # Tue Jun 11 22:57:34 2013 - -os { - id = "V557dk-2Ojc-t0ty-OjDd-Pxwr-yUen-xfcy2p" - seqno = 3 - format = "lvm2" # informational - status = ["RESIZEABLE", "READ", "WRITE"] - flags = [] - extent_size = 65536 # 32 Megabytes - max_lv = 0 - max_pv = 0 - metadata_copies = 0 - - physical_volumes { - - pv0 { - id = "0j1Ot5-woyY-sGkg-DgdG-zuq3-cSLV-fVn9gW" - device = "/dev/sda2" # Hint only - - status = ["ALLOCATABLE"] - flags = [] - dev_size = 29321216 # 13.9814 Gigabytes - pe_start = 2048 - pe_count = 447 # 13.9688 Gigabytes - } - } - - logical_volumes { - - root { - id = "yef2r3-aCvQ-v02L-0LjQ-Be0C-Dr6c-i8AWBn" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "compute-5.domain.tld" - creation_time = 1370991157 # 2013-06-11 22:52:37 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 320 # 10 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 0 - ] - } - } - - swap { - id = "jkj4fJ-Obpy-ib4E-P22M-5fFu-2kUV-WfzEDq" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "compute-5.domain.tld" - creation_time = 1370991160 # 2013-06-11 22:52:40 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 126 # 3.9375 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 320 - ] - } - } - } -} diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/lvm/backup/vm b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/lvm/backup/vm deleted file mode 100644 index 29b7046..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/lvm/backup/vm +++ /dev/null @@ -1,59 +0,0 @@ -# Generated by LVM2 version 2.02.98(2)-RHEL6 (2012-10-15): Tue Jun 11 22:57:34 2013 - -contents = "Text Format Volume Group" -version = 1 - -description = "Created *after* executing '/sbin/vgs --noheadings -o name --config 'log{command_names=0 prefix=\" \"}''" - -creation_host = "compute-5.domain.tld" # Linux compute-5.domain.tld 2.6.32-358.6.2.el6.x86_64 #1 SMP Thu May 16 20:59:36 UTC 2013 x86_64 -creation_time = 1370991454 # Tue Jun 11 22:57:34 2013 - -vm { - id = "jt3r3R-JO5I-HVBd-sKv0-2tIY-qbuk-EF0OWQ" - seqno = 2 - format = "lvm2" # informational - status = ["RESIZEABLE", "READ", "WRITE"] - flags = [] - extent_size = 65536 # 32 Megabytes - max_lv = 0 - max_pv = 0 - metadata_copies = 0 - - physical_volumes { - - pv0 { - id = "Bsp0rM-hosI-uIqM-i5sb-5AcG-pzje-Sc9hF3" - device = "/dev/sda3" # Hint only - - status = ["ALLOCATABLE"] - flags = [] - dev_size = 3801088 # 1.8125 Gigabytes - pe_start = 2048 - pe_count = 57 # 1.78125 Gigabytes - } - } - - logical_volumes { - - libvirt { - id = "RJFm2W-Mxef-MfTO-A4It-Ac0u-PuQa-xp2AGJ" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "compute-5.domain.tld" - creation_time = 1370991160 # 2013-06-11 22:52:40 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 56 # 1.75 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 0 - ] - } - } - } -} diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/lvm/lvm.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/lvm/lvm.conf deleted file mode 100644 index 542a2e6..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/lvm/lvm.conf +++ /dev/null @@ -1,843 +0,0 @@ -# This is an example configuration file for the LVM2 system. -# It contains the default settings that would be used if there was no -# /etc/lvm/lvm.conf file. -# -# Refer to 'man lvm.conf' for further information including the file layout. -# -# To put this file in a different directory and override /etc/lvm set -# the environment variable LVM_SYSTEM_DIR before running the tools. -# -# N.B. Take care that each setting only appears once if uncommenting -# example settings in this file. - - -# This section allows you to configure which block devices should -# be used by the LVM system. -devices { - - # Where do you want your volume groups to appear ? - dir = "/dev" - - # An array of directories that contain the device nodes you wish - # to use with LVM2. - scan = [ "/dev" ] - - # If set, the cache of block device nodes with all associated symlinks - # will be constructed out of the existing udev database content. - # This avoids using and opening any inapplicable non-block devices or - # subdirectories found in the device directory. This setting is applied - # to udev-managed device directory only, other directories will be scanned - # fully. LVM2 needs to be compiled with udev support for this setting to - # take effect. N.B. Any device node or symlink not managed by udev in - # udev directory will be ignored with this setting on. - obtain_device_list_from_udev = 1 - - # If several entries in the scanned directories correspond to the - # same block device and the tools need to display a name for device, - # all the pathnames are matched against each item in the following - # list of regular expressions in turn and the first match is used. - # preferred_names = [ ] - - # Try to avoid using undescriptive /dev/dm-N names, if present. - preferred_names = [ "^/dev/mpath/", "^/dev/mapper/mpath", "^/dev/[hs]d" ] - - # A filter that tells LVM2 to only use a restricted set of devices. - # The filter consists of an array of regular expressions. These - # expressions can be delimited by a character of your choice, and - # prefixed with either an 'a' (for accept) or 'r' (for reject). - # The first expression found to match a device name determines if - # the device will be accepted or rejected (ignored). Devices that - # don't match any patterns are accepted. - - # Be careful if there there are symbolic links or multiple filesystem - # entries for the same device as each name is checked separately against - # the list of patterns. The effect is that if the first pattern in the - # list to match a name is an 'a' pattern for any of the names, the device - # is accepted; otherwise if the first pattern in the list to match a name - # is an 'r' pattern for any of the names it is rejected; otherwise it is - # accepted. - - # Don't have more than one filter line active at once: only one gets used. - - # Run vgscan after you change this parameter to ensure that - # the cache file gets regenerated (see below). - # If it doesn't do what you expect, check the output of 'vgscan -vvvv'. - - - # By default we accept every block device: - filter = [ "a/.*/" ] - - # Exclude the cdrom drive - # filter = [ "r|/dev/cdrom|" ] - - # When testing I like to work with just loopback devices: - # filter = [ "a/loop/", "r/.*/" ] - - # Or maybe all loops and ide drives except hdc: - # filter =[ "a|loop|", "r|/dev/hdc|", "a|/dev/ide|", "r|.*|" ] - - # Use anchors if you want to be really specific - # filter = [ "a|^/dev/hda8$|", "r/.*/" ] - - # Since "filter" is often overriden from command line, it is not suitable - # for system-wide device filtering (udev rules, lvmetad). To hide devices - # from LVM-specific udev processing and/or from lvmetad, you need to set - # global_filter. The syntax is the same as for normal "filter" - # above. Devices that fail the global_filter are not even opened by LVM. - - # global_filter = [] - - # The results of the filtering are cached on disk to avoid - # rescanning dud devices (which can take a very long time). - # By default this cache is stored in the /etc/lvm/cache directory - # in a file called '.cache'. - # It is safe to delete the contents: the tools regenerate it. - # (The old setting 'cache' is still respected if neither of - # these new ones is present.) - # N.B. If obtain_device_list_from_udev is set to 1 the list of - # devices is instead obtained from udev and any existing .cache - # file is removed. - cache_dir = "/etc/lvm/cache" - cache_file_prefix = "" - - # You can turn off writing this cache file by setting this to 0. - write_cache_state = 1 - - # Advanced settings. - - # List of pairs of additional acceptable block device types found - # in /proc/devices with maximum (non-zero) number of partitions. - # types = [ "fd", 16 ] - - # If sysfs is mounted (2.6 kernels) restrict device scanning to - # the block devices it believes are valid. - # 1 enables; 0 disables. - sysfs_scan = 1 - - # By default, LVM2 will ignore devices used as component paths - # of device-mapper multipath devices. - # 1 enables; 0 disables. - multipath_component_detection = 1 - - # By default, LVM2 will ignore devices used as components of - # software RAID (md) devices by looking for md superblocks. - # 1 enables; 0 disables. - md_component_detection = 1 - - # By default, if a PV is placed directly upon an md device, LVM2 - # will align its data blocks with the md device's stripe-width. - # 1 enables; 0 disables. - md_chunk_alignment = 1 - - # Default alignment of the start of a data area in MB. If set to 0, - # a value of 64KB will be used. Set to 1 for 1MiB, 2 for 2MiB, etc. - # default_data_alignment = 1 - - # By default, the start of a PV's data area will be a multiple of - # the 'minimum_io_size' or 'optimal_io_size' exposed in sysfs. - # - minimum_io_size - the smallest request the device can perform - # w/o incurring a read-modify-write penalty (e.g. MD's chunk size) - # - optimal_io_size - the device's preferred unit of receiving I/O - # (e.g. MD's stripe width) - # minimum_io_size is used if optimal_io_size is undefined (0). - # If md_chunk_alignment is enabled, that detects the optimal_io_size. - # This setting takes precedence over md_chunk_alignment. - # 1 enables; 0 disables. - data_alignment_detection = 1 - - # Alignment (in KB) of start of data area when creating a new PV. - # md_chunk_alignment and data_alignment_detection are disabled if set. - # Set to 0 for the default alignment (see: data_alignment_default) - # or page size, if larger. - data_alignment = 0 - - # By default, the start of the PV's aligned data area will be shifted by - # the 'alignment_offset' exposed in sysfs. This offset is often 0 but - # may be non-zero; e.g.: certain 4KB sector drives that compensate for - # windows partitioning will have an alignment_offset of 3584 bytes - # (sector 7 is the lowest aligned logical block, the 4KB sectors start - # at LBA -1, and consequently sector 63 is aligned on a 4KB boundary). - # But note that pvcreate --dataalignmentoffset will skip this detection. - # 1 enables; 0 disables. - data_alignment_offset_detection = 1 - - # If, while scanning the system for PVs, LVM2 encounters a device-mapper - # device that has its I/O suspended, it waits for it to become accessible. - # Set this to 1 to skip such devices. This should only be needed - # in recovery situations. - ignore_suspended_devices = 0 - - # During each LVM operation errors received from each device are counted. - # If the counter of a particular device exceeds the limit set here, no - # further I/O is sent to that device for the remainder of the respective - # operation. Setting the parameter to 0 disables the counters altogether. - disable_after_error_count = 0 - - # Allow use of pvcreate --uuid without requiring --restorefile. - require_restorefile_with_uuid = 1 - - # Minimum size (in KB) of block devices which can be used as PVs. - # In a clustered environment all nodes must use the same value. - # Any value smaller than 512KB is ignored. - - # Ignore devices smaller than 2MB such as floppy drives. - pv_min_size = 2048 - - # The original built-in setting was 512 up to and including version 2.02.84. - # pv_min_size = 512 - - # Issue discards to a logical volumes's underlying physical volume(s) when - # the logical volume is no longer using the physical volumes' space (e.g. - # lvremove, lvreduce, etc). Discards inform the storage that a region is - # no longer in use. Storage that supports discards advertise the protocol - # specific way discards should be issued by the kernel (TRIM, UNMAP, or - # WRITE SAME with UNMAP bit set). Not all storage will support or benefit - # from discards but SSDs and thinly provisioned LUNs generally do. If set - # to 1, discards will only be issued if both the storage and kernel provide - # support. - # 1 enables; 0 disables. - issue_discards = 0 -} - -# This section allows you to configure the way in which LVM selects -# free space for its Logical Volumes. -allocation { - - # When searching for free space to extend an LV, the "cling" - # allocation policy will choose space on the same PVs as the last - # segment of the existing LV. If there is insufficient space and a - # list of tags is defined here, it will check whether any of them are - # attached to the PVs concerned and then seek to match those PV tags - # between existing extents and new extents. - # Use the special tag "@*" as a wildcard to match any PV tag. - - # Example: LVs are mirrored between two sites within a single VG. - # PVs are tagged with either @site1 or @site2 to indicate where - # they are situated. - - # cling_tag_list = [ "@site1", "@site2" ] - # cling_tag_list = [ "@*" ] - - # Changes made in version 2.02.85 extended the reach of the 'cling' - # policies to detect more situations where data can be grouped - # onto the same disks. Set this to 0 to revert to the previous - # algorithm. - maximise_cling = 1 - - # Set to 1 to guarantee that mirror logs will always be placed on - # different PVs from the mirror images. This was the default - # until version 2.02.85. - mirror_logs_require_separate_pvs = 0 - - # Set to 1 to guarantee that thin pool metadata will always - # be placed on different PVs from the pool data. - thin_pool_metadata_require_separate_pvs = 0 - - # Specify the minimal chunk size (in KB) for thin pool volumes. - # Use of the larger chunk size may improve perfomance for plain - # thin volumes, however using them for snapshot volumes is less efficient, - # as it consumes more space and takes extra time for copying. - # When unset, lvm tries to estimate chunk size starting from 64KB - # Supported values are in range from 64 to 1048576. - # thin_pool_chunk_size = 64 - - # Specify discards behavior of the thin pool volume. - # Select one of "ignore", "nopassdown", "passdown" - # thin_pool_discards = "passdown" - - # Set to 0, to disable zeroing of thin pool data chunks before their - # first use. - # N.B. zeroing larger thin pool chunk size degrades performance. - # thin_pool_zero = 1 -} - -# This section that allows you to configure the nature of the -# information that LVM2 reports. -log { - - # Controls the messages sent to stdout or stderr. - # There are three levels of verbosity, 3 being the most verbose. - verbose = 0 - - # Set to 1 to suppress all non-essential messages from stdout. - # This has the same effect as -qq. - # When this is set, the following commands still produce output: - # dumpconfig, lvdisplay, lvmdiskscan, lvs, pvck, pvdisplay, - # pvs, version, vgcfgrestore -l, vgdisplay, vgs. - # Non-essential messages are shifted from log level 4 to log level 5 - # for syslog and lvm2_log_fn purposes. - # Any 'yes' or 'no' questions not overridden by other arguments - # are suppressed and default to 'no'. - silent = 0 - - # Should we send log messages through syslog? - # 1 is yes; 0 is no. - syslog = 1 - - # Should we log error and debug messages to a file? - # By default there is no log file. - #file = "/var/log/lvm2.log" - - # Should we overwrite the log file each time the program is run? - # By default we append. - overwrite = 0 - - # What level of log messages should we send to the log file and/or syslog? - # There are 6 syslog-like log levels currently in use - 2 to 7 inclusive. - # 7 is the most verbose (LOG_DEBUG). - level = 0 - - # Format of output messages - # Whether or not (1 or 0) to indent messages according to their severity - indent = 1 - - # Whether or not (1 or 0) to display the command name on each line output - command_names = 0 - - # A prefix to use before the message text (but after the command name, - # if selected). Default is two spaces, so you can see/grep the severity - # of each message. - prefix = " " - - # To make the messages look similar to the original LVM tools use: - # indent = 0 - # command_names = 1 - # prefix = " -- " - - # Set this if you want log messages during activation. - # Don't use this in low memory situations (can deadlock). - # activation = 0 -} - -# Configuration of metadata backups and archiving. In LVM2 when we -# talk about a 'backup' we mean making a copy of the metadata for the -# *current* system. The 'archive' contains old metadata configurations. -# Backups are stored in a human readeable text format. -backup { - - # Should we maintain a backup of the current metadata configuration ? - # Use 1 for Yes; 0 for No. - # Think very hard before turning this off! - backup = 1 - - # Where shall we keep it ? - # Remember to back up this directory regularly! - backup_dir = "/etc/lvm/backup" - - # Should we maintain an archive of old metadata configurations. - # Use 1 for Yes; 0 for No. - # On by default. Think very hard before turning this off. - archive = 1 - - # Where should archived files go ? - # Remember to back up this directory regularly! - archive_dir = "/etc/lvm/archive" - - # What is the minimum number of archive files you wish to keep ? - retain_min = 10 - - # What is the minimum time you wish to keep an archive file for ? - retain_days = 30 -} - -# Settings for the running LVM2 in shell (readline) mode. -shell { - - # Number of lines of history to store in ~/.lvm_history - history_size = 100 -} - - -# Miscellaneous global LVM2 settings -global { - - # The file creation mask for any files and directories created. - # Interpreted as octal if the first digit is zero. - umask = 077 - - # Allow other users to read the files - #umask = 022 - - # Enabling test mode means that no changes to the on disk metadata - # will be made. Equivalent to having the -t option on every - # command. Defaults to off. - test = 0 - - # Default value for --units argument - units = "h" - - # Since version 2.02.54, the tools distinguish between powers of - # 1024 bytes (e.g. KiB, MiB, GiB) and powers of 1000 bytes (e.g. - # KB, MB, GB). - # If you have scripts that depend on the old behaviour, set this to 0 - # temporarily until you update them. - si_unit_consistency = 1 - - # Whether or not to communicate with the kernel device-mapper. - # Set to 0 if you want to use the tools to manipulate LVM metadata - # without activating any logical volumes. - # If the device-mapper kernel driver is not present in your kernel - # setting this to 0 should suppress the error messages. - activation = 1 - - # If we can't communicate with device-mapper, should we try running - # the LVM1 tools? - # This option only applies to 2.4 kernels and is provided to help you - # switch between device-mapper kernels and LVM1 kernels. - # The LVM1 tools need to be installed with .lvm1 suffices - # e.g. vgscan.lvm1 and they will stop working after you start using - # the new lvm2 on-disk metadata format. - # The default value is set when the tools are built. - # fallback_to_lvm1 = 0 - - # The default metadata format that commands should use - "lvm1" or "lvm2". - # The command line override is -M1 or -M2. - # Defaults to "lvm2". - # format = "lvm2" - - # Location of proc filesystem - proc = "/proc" - - # Type of locking to use. Defaults to local file-based locking (1). - # Turn locking off by setting to 0 (dangerous: risks metadata corruption - # if LVM2 commands get run concurrently). - # Type 2 uses the external shared library locking_library. - # Type 3 uses built-in clustered locking. - # Type 4 uses read-only locking which forbids any operations that might - # change metadata. - locking_type = 1 - - # Set to 0 to fail when a lock request cannot be satisfied immediately. - wait_for_locks = 1 - - # If using external locking (type 2) and initialisation fails, - # with this set to 1 an attempt will be made to use the built-in - # clustered locking. - # If you are using a customised locking_library you should set this to 0. - fallback_to_clustered_locking = 1 - - # If an attempt to initialise type 2 or type 3 locking failed, perhaps - # because cluster components such as clvmd are not running, with this set - # to 1 an attempt will be made to use local file-based locking (type 1). - # If this succeeds, only commands against local volume groups will proceed. - # Volume Groups marked as clustered will be ignored. - fallback_to_local_locking = 1 - - # Local non-LV directory that holds file-based locks while commands are - # in progress. A directory like /tmp that may get wiped on reboot is OK. - locking_dir = "/var/lock/lvm" - - # Whenever there are competing read-only and read-write access requests for - # a volume group's metadata, instead of always granting the read-only - # requests immediately, delay them to allow the read-write requests to be - # serviced. Without this setting, write access may be stalled by a high - # volume of read-only requests. - # NB. This option only affects locking_type = 1 viz. local file-based - # locking. - prioritise_write_locks = 1 - - # Other entries can go here to allow you to load shared libraries - # e.g. if support for LVM1 metadata was compiled as a shared library use - # format_libraries = "liblvm2format1.so" - # Full pathnames can be given. - - # Search this directory first for shared libraries. - # library_dir = "/lib" - - # The external locking library to load if locking_type is set to 2. - # locking_library = "liblvm2clusterlock.so" - - # Treat any internal errors as fatal errors, aborting the process that - # encountered the internal error. Please only enable for debugging. - abort_on_internal_errors = 0 - - # Check whether CRC is matching when parsed VG is used multiple times. - # This is useful to catch unexpected internal cached volume group - # structure modification. Please only enable for debugging. - detect_internal_vg_cache_corruption = 0 - - # If set to 1, no operations that change on-disk metadata will be permitted. - # Additionally, read-only commands that encounter metadata in need of repair - # will still be allowed to proceed exactly as if the repair had been - # performed (except for the unchanged vg_seqno). - # Inappropriate use could mess up your system, so seek advice first! - metadata_read_only = 0 - - # 'mirror_segtype_default' defines which segtype will be used when the - # shorthand '-m' option is used for mirroring. The possible options are: - # - # "mirror" - The original RAID1 implementation provided by LVM2/DM. It is - # characterized by a flexible log solution (core, disk, mirrored) - # and by the necessity to block I/O while reconfiguring in the - # event of a failure. - # - # There is an inherent race in the dmeventd failure handling - # logic with snapshots of devices using this type of RAID1 that - # in the worst case could cause a deadlock. - # Ref: https://bugzilla.redhat.com/show_bug.cgi?id=817130#c10 - # - # "raid1" - This implementation leverages MD's RAID1 personality through - # device-mapper. It is characterized by a lack of log options. - # (A log is always allocated for every device and they are placed - # on the same device as the image - no separate devices are - # required.) This mirror implementation does not require I/O - # to be blocked in the kernel in the event of a failure. - # This mirror implementation is not cluster-aware and cannot be - # used in a shared (active/active) fashion in a cluster. - # - # Specify the '--type ' option to override this default - # setting. - mirror_segtype_default = "mirror" - - # The default format for displaying LV names in lvdisplay was changed - # in version 2.02.89 to show the LV name and path separately. - # Previously this was always shown as /dev/vgname/lvname even when that - # was never a valid path in the /dev filesystem. - # Set to 1 to reinstate the previous format. - # - # lvdisplay_shows_full_device_path = 0 - - # Whether to use (trust) a running instance of lvmetad. If this is set to - # 0, all commands fall back to the usual scanning mechanisms. When set to 1 - # *and* when lvmetad is running (it is not auto-started), the volume group - # metadata and PV state flags are obtained from the lvmetad instance and no - # scanning is done by the individual commands. In a setup with lvmetad, - # lvmetad udev rules *must* be set up for LVM to work correctly. Without - # proper udev rules, all changes in block device configuration will be - # *ignored* until a manual 'pvscan --cache' is performed. - # - # If lvmetad has been running while use_lvmetad was 0, it MUST be stopped - # before changing use_lvmetad to 1 and started again afterwards. - use_lvmetad = 0 - - # Full path of the utility called to check that a thin metadata device - # is in a state that allows it to be used. - # Each time a thin pool needs to be activated or after it is deactivated - # this utility is executed. The activation will only proceed if the utility - # has an exit status of 0. - # Set to "" to skip this check. (Not recommended.) - # The thin tools are available as part of the device-mapper-persistent-data - # package from https://github.com/jthornber/thin-provisioning-tools. - # - thin_check_executable = "/usr/sbin/thin_check" - - # String with options passed with thin_check command. By default, - # option '-q' is for quiet output. - thin_check_options = [ "-q" ] - - # If set, given features are not used by thin driver. - # This can be helpful not just for testing, but i.e. allows to avoid - # using problematic implementation of some thin feature. - # Features: - # block_size - # discards - # discards_non_power_2 - # - # thin_disabled_features = [ "discards", "block_size" ] -} - -activation { - # Set to 1 to perform internal checks on the operations issued to - # libdevmapper. Useful for debugging problems with activation. - # Some of the checks may be expensive, so it's best to use this - # only when there seems to be a problem. - checks = 0 - - # Set to 0 to disable udev synchronisation (if compiled into the binaries). - # Processes will not wait for notification from udev. - # They will continue irrespective of any possible udev processing - # in the background. You should only use this if udev is not running - # or has rules that ignore the devices LVM2 creates. - # The command line argument --nodevsync takes precedence over this setting. - # If set to 1 when udev is not running, and there are LVM2 processes - # waiting for udev, run 'dmsetup udevcomplete_all' manually to wake them up. - udev_sync = 1 - - # Set to 0 to disable the udev rules installed by LVM2 (if built with - # --enable-udev_rules). LVM2 will then manage the /dev nodes and symlinks - # for active logical volumes directly itself. - # N.B. Manual intervention may be required if this setting is changed - # while any logical volumes are active. - udev_rules = 1 - - # Set to 1 for LVM2 to verify operations performed by udev. This turns on - # additional checks (and if necessary, repairs) on entries in the device - # directory after udev has completed processing its events. - # Useful for diagnosing problems with LVM2/udev interactions. - verify_udev_operations = 0 - - # If set to 1 and if deactivation of an LV fails, perhaps because - # a process run from a quick udev rule temporarily opened the device, - # retry the operation for a few seconds before failing. - retry_deactivation = 1 - - # How to fill in missing stripes if activating an incomplete volume. - # Using "error" will make inaccessible parts of the device return - # I/O errors on access. You can instead use a device path, in which - # case, that device will be used to in place of missing stripes. - # But note that using anything other than "error" with mirrored - # or snapshotted volumes is likely to result in data corruption. - missing_stripe_filler = "error" - - # The linear target is an optimised version of the striped target - # that only handles a single stripe. Set this to 0 to disable this - # optimisation and always use the striped target. - use_linear_target = 1 - - # How much stack (in KB) to reserve for use while devices suspended - # Prior to version 2.02.89 this used to be set to 256KB - reserved_stack = 64 - - # How much memory (in KB) to reserve for use while devices suspended - reserved_memory = 8192 - - # Nice value used while devices suspended - process_priority = -18 - - # If volume_list is defined, each LV is only activated if there is a - # match against the list. - # "vgname" and "vgname/lvname" are matched exactly. - # "@tag" matches any tag set in the LV or VG. - # "@*" matches if any tag defined on the host is also set in the LV or VG - # - # volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] - - # If auto_activation_volume_list is defined, each LV that is to be - # activated is checked against the list while using the autoactivation - # option (--activate ay/-a ay), and if it matches, it is activated. - # "vgname" and "vgname/lvname" are matched exactly. - # "@tag" matches any tag set in the LV or VG. - # "@*" matches if any tag defined on the host is also set in the LV or VG - # - # auto_activation_volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] - - # If read_only_volume_list is defined, each LV that is to be activated - # is checked against the list, and if it matches, it as activated - # in read-only mode. (This overrides '--permission rw' stored in the - # metadata.) - # "vgname" and "vgname/lvname" are matched exactly. - # "@tag" matches any tag set in the LV or VG. - # "@*" matches if any tag defined on the host is also set in the LV or VG - # - # read_only_volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] - - # Size (in KB) of each copy operation when mirroring - mirror_region_size = 512 - - # Setting to use when there is no readahead value stored in the metadata. - # - # "none" - Disable readahead. - # "auto" - Use default value chosen by kernel. - readahead = "auto" - - # 'raid_fault_policy' defines how a device failure in a RAID logical - # volume is handled. This includes logical volumes that have the following - # segment types: raid1, raid4, raid5*, and raid6*. - # - # In the event of a failure, the following policies will determine what - # actions are performed during the automated response to failures (when - # dmeventd is monitoring the RAID logical volume) and when 'lvconvert' is - # called manually with the options '--repair' and '--use-policies'. - # - # "warn" - Use the system log to warn the user that a device in the RAID - # logical volume has failed. It is left to the user to run - # 'lvconvert --repair' manually to remove or replace the failed - # device. As long as the number of failed devices does not - # exceed the redundancy of the logical volume (1 device for - # raid4/5, 2 for raid6, etc) the logical volume will remain - # usable. - # - # "allocate" - Attempt to use any extra physical volumes in the volume - # group as spares and replace faulty devices. - # - raid_fault_policy = "warn" - - # 'mirror_image_fault_policy' and 'mirror_log_fault_policy' define - # how a device failure affecting a mirror (of "mirror" segment type) is - # handled. A mirror is composed of mirror images (copies) and a log. - # A disk log ensures that a mirror does not need to be re-synced - # (all copies made the same) every time a machine reboots or crashes. - # - # In the event of a failure, the specified policy will be used to determine - # what happens. This applies to automatic repairs (when the mirror is being - # monitored by dmeventd) and to manual lvconvert --repair when - # --use-policies is given. - # - # "remove" - Simply remove the faulty device and run without it. If - # the log device fails, the mirror would convert to using - # an in-memory log. This means the mirror will not - # remember its sync status across crashes/reboots and - # the entire mirror will be re-synced. If a - # mirror image fails, the mirror will convert to a - # non-mirrored device if there is only one remaining good - # copy. - # - # "allocate" - Remove the faulty device and try to allocate space on - # a new device to be a replacement for the failed device. - # Using this policy for the log is fast and maintains the - # ability to remember sync state through crashes/reboots. - # Using this policy for a mirror device is slow, as it - # requires the mirror to resynchronize the devices, but it - # will preserve the mirror characteristic of the device. - # This policy acts like "remove" if no suitable device and - # space can be allocated for the replacement. - # - # "allocate_anywhere" - Not yet implemented. Useful to place the log device - # temporarily on same physical volume as one of the mirror - # images. This policy is not recommended for mirror devices - # since it would break the redundant nature of the mirror. This - # policy acts like "remove" if no suitable device and space can - # be allocated for the replacement. - - mirror_log_fault_policy = "allocate" - mirror_image_fault_policy = "remove" - - # 'snapshot_autoextend_threshold' and 'snapshot_autoextend_percent' define - # how to handle automatic snapshot extension. The former defines when the - # snapshot should be extended: when its space usage exceeds this many - # percent. The latter defines how much extra space should be allocated for - # the snapshot, in percent of its current size. - # - # For example, if you set snapshot_autoextend_threshold to 70 and - # snapshot_autoextend_percent to 20, whenever a snapshot exceeds 70% usage, - # it will be extended by another 20%. For a 1G snapshot, using up 700M will - # trigger a resize to 1.2G. When the usage exceeds 840M, the snapshot will - # be extended to 1.44G, and so on. - # - # Setting snapshot_autoextend_threshold to 100 disables automatic - # extensions. The minimum value is 50 (A setting below 50 will be treated - # as 50). - - snapshot_autoextend_threshold = 100 - snapshot_autoextend_percent = 20 - - # 'thin_pool_autoextend_threshold' and 'thin_pool_autoextend_percent' define - # how to handle automatic pool extension. The former defines when the - # pool should be extended: when its space usage exceeds this many - # percent. The latter defines how much extra space should be allocated for - # the pool, in percent of its current size. - # - # For example, if you set thin_pool_autoextend_threshold to 70 and - # thin_pool_autoextend_percent to 20, whenever a pool exceeds 70% usage, - # it will be extended by another 20%. For a 1G pool, using up 700M will - # trigger a resize to 1.2G. When the usage exceeds 840M, the pool will - # be extended to 1.44G, and so on. - # - # Setting thin_pool_autoextend_threshold to 100 disables automatic - # extensions. The minimum value is 50 (A setting below 50 will be treated - # as 50). - - thin_pool_autoextend_threshold = 100 - thin_pool_autoextend_percent = 20 - - # While activating devices, I/O to devices being (re)configured is - # suspended, and as a precaution against deadlocks, LVM2 needs to pin - # any memory it is using so it is not paged out. Groups of pages that - # are known not to be accessed during activation need not be pinned - # into memory. Each string listed in this setting is compared against - # each line in /proc/self/maps, and the pages corresponding to any - # lines that match are not pinned. On some systems locale-archive was - # found to make up over 80% of the memory used by the process. - # mlock_filter = [ "locale/locale-archive", "gconv/gconv-modules.cache" ] - - # Set to 1 to revert to the default behaviour prior to version 2.02.62 - # which used mlockall() to pin the whole process's memory while activating - # devices. - use_mlockall = 0 - - # Monitoring is enabled by default when activating logical volumes. - # Set to 0 to disable monitoring or use the --ignoremonitoring option. - monitoring = 1 - - # When pvmove or lvconvert must wait for the kernel to finish - # synchronising or merging data, they check and report progress - # at intervals of this number of seconds. The default is 15 seconds. - # If this is set to 0 and there is only one thing to wait for, there - # are no progress reports, but the process is awoken immediately the - # operation is complete. - polling_interval = 15 -} - - -#################### -# Advanced section # -#################### - -# Metadata settings -# -# metadata { - # Default number of copies of metadata to hold on each PV. 0, 1 or 2. - # You might want to override it from the command line with 0 - # when running pvcreate on new PVs which are to be added to large VGs. - - # pvmetadatacopies = 1 - - # Default number of copies of metadata to maintain for each VG. - # If set to a non-zero value, LVM automatically chooses which of - # the available metadata areas to use to achieve the requested - # number of copies of the VG metadata. If you set a value larger - # than the the total number of metadata areas available then - # metadata is stored in them all. - # The default value of 0 ("unmanaged") disables this automatic - # management and allows you to control which metadata areas - # are used at the individual PV level using 'pvchange - # --metadataignore y/n'. - - # vgmetadatacopies = 0 - - # Approximate default size of on-disk metadata areas in sectors. - # You should increase this if you have large volume groups or - # you want to retain a large on-disk history of your metadata changes. - - # pvmetadatasize = 255 - - # List of directories holding live copies of text format metadata. - # These directories must not be on logical volumes! - # It's possible to use LVM2 with a couple of directories here, - # preferably on different (non-LV) filesystems, and with no other - # on-disk metadata (pvmetadatacopies = 0). Or this can be in - # addition to on-disk metadata areas. - # The feature was originally added to simplify testing and is not - # supported under low memory situations - the machine could lock up. - # - # Never edit any files in these directories by hand unless you - # you are absolutely sure you know what you are doing! Use - # the supplied toolset to make changes (e.g. vgcfgrestore). - - # dirs = [ "/etc/lvm/metadata", "/mnt/disk2/lvm/metadata2" ] -#} - -# Event daemon -# -dmeventd { - # mirror_library is the library used when monitoring a mirror device. - # - # "libdevmapper-event-lvm2mirror.so" attempts to recover from - # failures. It removes failed devices from a volume group and - # reconfigures a mirror as necessary. If no mirror library is - # provided, mirrors are not monitored through dmeventd. - - mirror_library = "libdevmapper-event-lvm2mirror.so" - - # snapshot_library is the library used when monitoring a snapshot device. - # - # "libdevmapper-event-lvm2snapshot.so" monitors the filling of - # snapshots and emits a warning through syslog when the use of - # the snapshot exceeds 80%. The warning is repeated when 85%, 90% and - # 95% of the snapshot is filled. - - snapshot_library = "libdevmapper-event-lvm2snapshot.so" - - # thin_library is the library used when monitoring a thin device. - # - # "libdevmapper-event-lvm2thin.so" monitors the filling of - # pool and emits a warning through syslog when the use of - # the pool exceeds 80%. The warning is repeated when 85%, 90% and - # 95% of the pool is filled. - - thin_library = "libdevmapper-event-lvm2thin.so" - - # Full path of the dmeventd binary. - # - # executable = "/sbin/dmeventd" -} diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/nova/api-paste.ini b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/nova/api-paste.ini deleted file mode 100644 index 31bdf8f..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/nova/api-paste.ini +++ /dev/null @@ -1,102 +0,0 @@ -############ -# Metadata # -############ -[composite:metadata] -use = egg:Paste#urlmap -/: meta - -[pipeline:meta] -pipeline = ec2faultwrap logrequest metaapp - -[app:metaapp] -paste.app_factory = nova.api.metadata.handler:MetadataRequestHandler.factory - -####### -# EC2 # -####### - -[composite:ec2] -use = egg:Paste#urlmap -/services/Cloud: ec2cloud - -[composite:ec2cloud] -use = call:nova.api.auth:pipeline_factory -noauth = ec2faultwrap logrequest ec2noauth cloudrequest validator ec2executor -keystone = ec2faultwrap logrequest ec2keystoneauth cloudrequest validator ec2executor - -[filter:ec2faultwrap] -paste.filter_factory = nova.api.ec2:FaultWrapper.factory - -[filter:logrequest] -paste.filter_factory = nova.api.ec2:RequestLogging.factory - -[filter:ec2lockout] -paste.filter_factory = nova.api.ec2:Lockout.factory - -[filter:ec2keystoneauth] -paste.filter_factory = nova.api.ec2:EC2KeystoneAuth.factory - -[filter:ec2noauth] -paste.filter_factory = nova.api.ec2:NoAuth.factory - -[filter:cloudrequest] -controller = nova.api.ec2.cloud.CloudController -paste.filter_factory = nova.api.ec2:Requestify.factory - -[filter:authorizer] -paste.filter_factory = nova.api.ec2:Authorizer.factory - -[filter:validator] -paste.filter_factory = nova.api.ec2:Validator.factory - -[app:ec2executor] -paste.app_factory = nova.api.ec2:Executor.factory - -############# -# Openstack # -############# - -[composite:osapi_compute] -use = call:nova.api.openstack.urlmap:urlmap_factory -/: oscomputeversions -/v1.1: openstack_compute_api_v2 -/v2: openstack_compute_api_v2 - -[composite:openstack_compute_api_v2] -use = call:nova.api.auth:pipeline_factory -noauth = faultwrap sizelimit noauth ratelimit osapi_compute_app_v2 -keystone = faultwrap sizelimit authtoken keystonecontext ratelimit osapi_compute_app_v2 -keystone_nolimit = faultwrap sizelimit authtoken keystonecontext osapi_compute_app_v2 - -[filter:faultwrap] -paste.filter_factory = nova.api.openstack:FaultWrapper.factory - -[filter:noauth] -paste.filter_factory = nova.api.openstack.auth:NoAuthMiddleware.factory - -[filter:ratelimit] -paste.filter_factory = nova.api.openstack.compute.limits:RateLimitingMiddleware.factory - -[filter:sizelimit] -paste.filter_factory = nova.api.sizelimit:RequestBodySizeLimiter.factory - -[app:osapi_compute_app_v2] -paste.app_factory = nova.api.openstack.compute:APIRouter.factory - -[pipeline:oscomputeversions] -pipeline = faultwrap oscomputeversionapp - -[app:oscomputeversionapp] -paste.app_factory = nova.api.openstack.compute.versions:Versions.factory - -########## -# Shared # -########## - -[filter:keystonecontext] -paste.filter_factory = nova.api.auth:NovaKeystoneContext.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory -# Workaround for https://bugs.launchpad.net/nova/+bug/1154809 -auth_version = v2.0 diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/nova/logging.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/nova/logging.conf deleted file mode 100644 index d8e0f98..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/nova/logging.conf +++ /dev/null @@ -1,21 +0,0 @@ -[loggers] -keys = root - -[handlers] -keys = syslog - -[formatters] -keys = default - -[logger_root] -level = DEBUG -handlers = syslog -qualname = nova - -[handler_syslog] -class = handlers.SysLogHandler -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL0) -formatter = default - -[formatter_default] -format = nova %(name)s %(levelname)s %(message)s diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/nova/nova.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/nova/nova.conf deleted file mode 100644 index f932d09..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/nova/nova.conf +++ /dev/null @@ -1,73 +0,0 @@ -[DEFAULT] -logdir = /var/log/nova -state_path = /var/lib/nova -lock_path = /var/lib/nova/tmp -volumes_dir = /etc/nova/volumes -dhcpbridge = /usr/bin/nova-dhcpbridge -dhcpbridge_flagfile = /etc/nova/nova.conf -force_dhcp_release = true -injected_network_template = /usr/share/nova/interfaces.template -libvirt_nonblocking = True -libvirt_inject_partition = -1 -network_manager = nova.network.manager.FlatDHCPManager -iscsi_helper = tgtadm -sql_connection = mysql://nova:DzroUa8T@192.168.0.2/nova -compute_driver = libvirt.LibvirtDriver -firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver -rpc_backend = nova.rpc.impl_kombu -rootwrap_config = /etc/nova/rootwrap.conf -flat_interface=eth0.103 -vncserver_proxyclient_address=192.168.0.3 -rabbit_hosts=192.168.0.2:5672 -osapi_compute_listen=192.168.0.3 -flat_network_bridge=br100 -ec2_listen=192.168.0.3 -glance_api_servers=192.168.0.2:9292 -rabbit_userid=nova -rabbit_ha_queues=True -rabbit_password=gvYmuJAb -verbose=true -logging_default_format_string=%(levelname)s %(name)s [-] %(instance)s %(message)s -logging_context_format_string=%(levelname)s %(name)s [%(request_id)s %(user_id)s %(project_id)s] %(instance)s %(message)s -enabled_apis=metadata -vnc_enabled=true -rabbit_virtual_host=/ -image_service=nova.image.glance.GlanceImageService -volume_api_class=nova.volume.cinder.API -log_config=/etc/nova/logging.conf -rabbit_port=5672 -api_paste_config=/etc/nova/api-paste.ini -novncproxy_base_url=http://240.0.1.2:6080/vnc_auto.html -public_interface=eth0.100 -service_down_time=60 -syslog_log_facility=LOCAL0 -vncserver_listen=192.168.0.3 -osapi_volume_listen=192.168.0.3 -metadata_listen=192.168.0.3 -auth_strategy=keystone -fixed_range=10.0.0.0/24 -use_syslog=True -dhcp_domain=novalocal -debug=true -use_cow_images=true -compute_scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler -start_guests_on_host_boot=true -metadata_host=192.168.0.3 -memcached_servers=127.0.0.1:11211 -send_arp_for_ha=True -multi_host=True -allow_resize_to_same_host=True -libvirt_type=qemu -connection_type=libvirt -flat_injected=false - -[keystone_authtoken] -admin_tenant_name = services -admin_user = nova -admin_password = 7jJEuuFg -auth_host = 192.168.0.2 -auth_port = 35357 -auth_protocol = http -signing_dir = /tmp/keystone-signing-nova -signing_dirname=/tmp/keystone-signing-nova - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/nova/policy.json b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/nova/policy.json deleted file mode 100644 index 5a6800f..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/nova/policy.json +++ /dev/null @@ -1,161 +0,0 @@ -{ - "context_is_admin": "role:admin", - "admin_or_owner": "is_admin:True or project_id:%(project_id)s", - "default": "rule:admin_or_owner", - - - "compute:create": "", - "compute:create:attach_network": "", - "compute:create:attach_volume": "", - "compute:create:forced_host": "is_admin:True", - "compute:get_all": "", - "compute:get_all_tenants": "", - - - "admin_api": "is_admin:True", - "compute_extension:accounts": "rule:admin_api", - "compute_extension:admin_actions": "rule:admin_api", - "compute_extension:admin_actions:pause": "rule:admin_or_owner", - "compute_extension:admin_actions:unpause": "rule:admin_or_owner", - "compute_extension:admin_actions:suspend": "rule:admin_or_owner", - "compute_extension:admin_actions:resume": "rule:admin_or_owner", - "compute_extension:admin_actions:lock": "rule:admin_api", - "compute_extension:admin_actions:unlock": "rule:admin_api", - "compute_extension:admin_actions:resetNetwork": "rule:admin_api", - "compute_extension:admin_actions:injectNetworkInfo": "rule:admin_api", - "compute_extension:admin_actions:createBackup": "rule:admin_or_owner", - "compute_extension:admin_actions:migrateLive": "rule:admin_api", - "compute_extension:admin_actions:resetState": "rule:admin_api", - "compute_extension:admin_actions:migrate": "rule:admin_api", - "compute_extension:aggregates": "rule:admin_api", - "compute_extension:agents": "rule:admin_api", - "compute_extension:attach_interfaces": "", - "compute_extension:baremetal_nodes": "rule:admin_api", - "compute_extension:cells": "rule:admin_api", - "compute_extension:certificates": "", - "compute_extension:cloudpipe": "rule:admin_api", - "compute_extension:cloudpipe_update": "rule:admin_api", - "compute_extension:console_output": "", - "compute_extension:consoles": "", - "compute_extension:coverage_ext": "rule:admin_api", - "compute_extension:createserverext": "", - "compute_extension:deferred_delete": "", - "compute_extension:disk_config": "", - "compute_extension:evacuate": "rule:admin_api", - "compute_extension:extended_server_attributes": "rule:admin_api", - "compute_extension:extended_status": "", - "compute_extension:extended_availability_zone": "", - "compute_extension:extended_ips": "", - "compute_extension:fixed_ips": "rule:admin_api", - "compute_extension:flavor_access": "", - "compute_extension:flavor_disabled": "", - "compute_extension:flavor_rxtx": "", - "compute_extension:flavor_swap": "", - "compute_extension:flavorextradata": "", - "compute_extension:flavorextraspecs:index": "", - "compute_extension:flavorextraspecs:show": "", - "compute_extension:flavorextraspecs:create": "rule:admin_api", - "compute_extension:flavorextraspecs:update": "rule:admin_api", - "compute_extension:flavorextraspecs:delete": "rule:admin_api", - "compute_extension:flavormanage": "rule:admin_api", - "compute_extension:floating_ip_dns": "", - "compute_extension:floating_ip_pools": "", - "compute_extension:floating_ips": "", - "compute_extension:floating_ips_bulk": "rule:admin_api", - "compute_extension:fping": "", - "compute_extension:fping:all_tenants": "rule:admin_api", - "compute_extension:hide_server_addresses": "is_admin:False", - "compute_extension:hosts": "rule:admin_api", - "compute_extension:hypervisors": "rule:admin_api", - "compute_extension:image_size": "", - "compute_extension:instance_actions": "", - "compute_extension:instance_actions:events": "rule:admin_api", - "compute_extension:instance_usage_audit_log": "rule:admin_api", - "compute_extension:keypairs": "", - "compute_extension:multinic": "", - "compute_extension:networks": "rule:admin_api", - "compute_extension:networks:view": "", - "compute_extension:networks_associate": "rule:admin_api", - "compute_extension:quotas:show": "", - "compute_extension:quotas:update": "rule:admin_api", - "compute_extension:quota_classes": "", - "compute_extension:rescue": "", - "compute_extension:security_group_default_rules": "rule:admin_api", - "compute_extension:security_groups": "", - "compute_extension:server_diagnostics": "rule:admin_api", - "compute_extension:server_password": "", - "compute_extension:services": "rule:admin_api", - "compute_extension:simple_tenant_usage:show": "rule:admin_or_owner", - "compute_extension:simple_tenant_usage:list": "rule:admin_api", - "compute_extension:users": "rule:admin_api", - "compute_extension:virtual_interfaces": "", - "compute_extension:virtual_storage_arrays": "", - "compute_extension:volumes": "", - "compute_extension:volume_attachments:index": "", - "compute_extension:volume_attachments:show": "", - "compute_extension:volume_attachments:create": "", - "compute_extension:volume_attachments:delete": "", - "compute_extension:volumetypes": "", - "compute_extension:availability_zone:list": "", - "compute_extension:availability_zone:detail": "rule:admin_api", - - - "volume:create": "", - "volume:get_all": "", - "volume:get_volume_metadata": "", - "volume:get_snapshot": "", - "volume:get_all_snapshots": "", - - - "volume_extension:types_manage": "rule:admin_api", - "volume_extension:types_extra_specs": "rule:admin_api", - "volume_extension:volume_admin_actions:reset_status": "rule:admin_api", - "volume_extension:snapshot_admin_actions:reset_status": "rule:admin_api", - "volume_extension:volume_admin_actions:force_delete": "rule:admin_api", - - - "network:get_all": "", - "network:get": "", - "network:create": "", - "network:delete": "", - "network:associate": "", - "network:disassociate": "", - "network:get_vifs_by_instance": "", - "network:allocate_for_instance": "", - "network:deallocate_for_instance": "", - "network:validate_networks": "", - "network:get_instance_uuids_by_ip_filter": "", - "network:get_instance_id_by_floating_address": "", - "network:setup_networks_on_host": "", - "network:get_backdoor_port": "", - - "network:get_floating_ip": "", - "network:get_floating_ip_pools": "", - "network:get_floating_ip_by_address": "", - "network:get_floating_ips_by_project": "", - "network:get_floating_ips_by_fixed_address": "", - "network:allocate_floating_ip": "", - "network:deallocate_floating_ip": "", - "network:associate_floating_ip": "", - "network:disassociate_floating_ip": "", - "network:release_floating_ip": "", - "network:migrate_instance_start": "", - "network:migrate_instance_finish": "", - - "network:get_fixed_ip": "", - "network:get_fixed_ip_by_address": "", - "network:add_fixed_ip_to_instance": "", - "network:remove_fixed_ip_from_instance": "", - "network:add_network_to_project": "", - "network:get_instance_nw_info": "", - - "network:get_dns_domains": "", - "network:add_dns_entry": "", - "network:modify_dns_entry": "", - "network:delete_dns_entry": "", - "network:get_dns_entries_by_address": "", - "network:get_dns_entries_by_name": "", - "network:create_private_dns_domain": "", - "network:create_public_dns_domain": "", - "network:delete_dns_domain": "" -} diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/nova/release b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/nova/release deleted file mode 100644 index 898c2a3..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/nova/release +++ /dev/null @@ -1,4 +0,0 @@ -[Nova] -vendor = Red Hat Inc. -product = OpenStack Nova -package = mira.2 diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/nova/rootwrap.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/nova/rootwrap.conf deleted file mode 100644 index fb2997a..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1comp/nova/rootwrap.conf +++ /dev/null @@ -1,27 +0,0 @@ -# Configuration for nova-rootwrap -# This file should be owned by (and only-writeable by) the root user - -[DEFAULT] -# List of directories to load filter definitions from (separated by ','). -# These directories MUST all be only writeable by root ! -filters_path=/etc/nova/rootwrap.d,/usr/share/nova/rootwrap - -# List of directories to search executables in, in case filters do not -# explicitely specify a full path (separated by ',') -# If not specified, defaults to system PATH environment variable. -# These directories MUST all be only writeable by root ! -exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin - -# Enable logging to syslog -# Default value is False -use_syslog=False - -# Which syslog facility to use. -# Valid values include auth, authpriv, syslog, user0, user1... -# Default value is 'syslog' -syslog_log_facility=syslog - -# Which messages to log. -# INFO means log all usage -# ERROR means only log unsuccessful attempts -syslog_log_level=ERROR diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/cinder/api-paste.ini b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/cinder/api-paste.ini deleted file mode 100644 index 5bfd738..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/cinder/api-paste.ini +++ /dev/null @@ -1,52 +0,0 @@ -############# -# OpenStack # -############# - -[composite:osapi_volume] -use = call:cinder.api:root_app_factory -/: apiversions -/v1: openstack_volume_api_v1 -/v2: openstack_volume_api_v2 - -[composite:openstack_volume_api_v1] -use = call:cinder.api.middleware.auth:pipeline_factory -noauth = faultwrap sizelimit noauth apiv1 -keystone = faultwrap sizelimit authtoken keystonecontext apiv1 -keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv1 - -[composite:openstack_volume_api_v2] -use = call:cinder.api.middleware.auth:pipeline_factory -noauth = faultwrap sizelimit noauth apiv2 -keystone = faultwrap sizelimit authtoken keystonecontext apiv2 -keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv2 - -[filter:faultwrap] -paste.filter_factory = cinder.api.middleware.fault:FaultWrapper.factory - -[filter:noauth] -paste.filter_factory = cinder.api.middleware.auth:NoAuthMiddleware.factory - -[filter:sizelimit] -paste.filter_factory = cinder.api.middleware.sizelimit:RequestBodySizeLimiter.factory - -[app:apiv1] -paste.app_factory = cinder.api.v1.router:APIRouter.factory - -[app:apiv2] -paste.app_factory = cinder.api.v2.router:APIRouter.factory - -[pipeline:apiversions] -pipeline = faultwrap osvolumeversionapp - -[app:osvolumeversionapp] -paste.app_factory = cinder.api.versions:Versions.factory - -########## -# Shared # -########## - -[filter:keystonecontext] -paste.filter_factory = cinder.api.middleware.auth:CinderKeystoneContext.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/cinder/cinder.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/cinder/cinder.conf deleted file mode 100644 index 44c5c85..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/cinder/cinder.conf +++ /dev/null @@ -1,31 +0,0 @@ -[DEFAULT] -logdir = /var/log/cinder -state_path = /var/lib/cinder -lock_path = /var/lib/cinder/tmp -volumes_dir = /etc/cinder/volumes -iscsi_helper = tgtadm -sql_connection = mysql://cinder:9wMHkDb4@127.0.0.1/cinder?charset=utf8 -rpc_backend = cinder.openstack.common.rpc.impl_kombu -rootwrap_config = /etc/cinder/rootwrap.conf -api_paste_config=/etc/cinder/api-paste.ini -log_config=/etc/cinder/logging.conf -rabbit_userid=nova -bind_host=0.0.0.0 -auth_strategy=keystone -osapi_volume_listen=0.0.0.0 -rabbit_virtual_host=/ -rabbit_hosts=192.168.0.2:5672 -verbose=true -rabbit_ha_queues=True -rabbit_password=gvYmuJAb -rabbit_port=5672 - -[keystone_authtoken] -admin_tenant_name = services -admin_user = cinder -admin_password = 1DLbHVLi -auth_host = 127.0.0.1 -auth_port = 35357 -auth_protocol = http -signing_dirname = /tmp/keystone-signing-cinder -signing_dir=/tmp/keystone-signing-cinder diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/cinder/logging.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/cinder/logging.conf deleted file mode 100644 index f2104c1..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/cinder/logging.conf +++ /dev/null @@ -1,21 +0,0 @@ -[loggers] -keys = root - -[handlers] -keys = syslog - -[formatters] -keys = default - -[logger_root] -level = DEBUG -handlers = syslog -qualname = cinder - -[handler_syslog] -class = handlers.SysLogHandler -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL3) -formatter = default - -[formatter_default] -format = cinder %(name)s %(levelname)s %(message)s diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/cinder/policy.json b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/cinder/policy.json deleted file mode 100644 index a4fd911..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/cinder/policy.json +++ /dev/null @@ -1,34 +0,0 @@ -{ - "context_is_admin": [["role:admin"]], - "admin_or_owner": [["is_admin:True"], ["project_id:%(project_id)s"]], - "default": [["rule:admin_or_owner"]], - - "admin_api": [["is_admin:True"]], - - "volume:create": [], - "volume:get_all": [], - "volume:get_volume_metadata": [], - "volume:get_snapshot": [], - "volume:get_all_snapshots": [], - - "volume_extension:types_manage": [["rule:admin_api"]], - "volume_extension:types_extra_specs": [["rule:admin_api"]], - "volume_extension:extended_snapshot_attributes": [], - "volume_extension:volume_image_metadata": [], - - "volume_extension:quotas:show": [], - "volume_extension:quotas:update_for_project": [["rule:admin_api"]], - "volume_extension:quotas:update_for_user": [["rule:admin_or_projectadmin"]], - "volume_extension:quota_classes": [], - - "volume_extension:volume_admin_actions:reset_status": [["rule:admin_api"]], - "volume_extension:snapshot_admin_actions:reset_status": [["rule:admin_api"]], - "volume_extension:volume_admin_actions:force_delete": [["rule:admin_api"]], - "volume_extension:snapshot_admin_actions:force_delete": [["rule:admin_api"]], - - "volume_extension:volume_host_attribute": [["rule:admin_api"]], - "volume_extension:volume_tenant_attribute": [["rule:admin_api"]], - "volume_extension:hosts": [["rule:admin_api"]], - "volume_extension:services": [["rule:admin_api"]], - "volume:services": [["rule:admin_api"]] -} diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/cinder/rootwrap.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/cinder/rootwrap.conf deleted file mode 100644 index dfa8a99..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/cinder/rootwrap.conf +++ /dev/null @@ -1,27 +0,0 @@ -# Configuration for cinder-rootwrap -# This file should be owned by (and only-writeable by) the root user - -[DEFAULT] -# List of directories to load filter definitions from (separated by ','). -# These directories MUST all be only writeable by root ! -filters_path=/etc/cinder/rootwrap.d,/usr/share/cinder/rootwrap - -# List of directories to search executables in, in case filters do not -# explicitely specify a full path (separated by ',') -# If not specified, defaults to system PATH environment variable. -# These directories MUST all be only writeable by root ! -exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin - -# Enable logging to syslog -# Default value is False -use_syslog=False - -# Which syslog facility to use. -# Valid values include auth, authpriv, syslog, user0, user1... -# Default value is 'syslog' -syslog_log_facility=syslog - -# Which messages to log. -# INFO means log all usage -# ERROR means only log unsuccessful attempts -syslog_log_level=ERROR diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/glance-api-paste.ini b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/glance-api-paste.ini deleted file mode 100644 index 0b29bc9..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/glance-api-paste.ini +++ /dev/null @@ -1,57 +0,0 @@ -# Use this pipeline for no auth or image caching - DEFAULT -[pipeline:glance-api] -pipeline = versionnegotiation unauthenticated-context rootapp - -# Use this pipeline for image caching and no auth -[pipeline:glance-api-caching] -pipeline = versionnegotiation unauthenticated-context cache rootapp - -# Use this pipeline for caching w/ management interface but no auth -[pipeline:glance-api-cachemanagement] -pipeline = versionnegotiation unauthenticated-context cache cachemanage rootapp - -# Use this pipeline for keystone auth -[pipeline:glance-api-keystone] -pipeline = versionnegotiation authtoken context rootapp - -# Use this pipeline for keystone auth with image caching -[pipeline:glance-api-keystone+caching] -pipeline = versionnegotiation authtoken context cache rootapp - -# Use this pipeline for keystone auth with caching and cache management -[pipeline:glance-api-keystone+cachemanagement] -pipeline = versionnegotiation authtoken context cache cachemanage rootapp - -[composite:rootapp] -paste.composite_factory = glance.api:root_app_factory -/: apiversions -/v1: apiv1app -/v2: apiv2app - -[app:apiversions] -paste.app_factory = glance.api.versions:create_resource - -[app:apiv1app] -paste.app_factory = glance.api.v1.router:API.factory - -[app:apiv2app] -paste.app_factory = glance.api.v2.router:API.factory - -[filter:versionnegotiation] -paste.filter_factory = glance.api.middleware.version_negotiation:VersionNegotiationFilter.factory - -[filter:cache] -paste.filter_factory = glance.api.middleware.cache:CacheFilter.factory - -[filter:cachemanage] -paste.filter_factory = glance.api.middleware.cache_manage:CacheManageFilter.factory - -[filter:context] -paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory - -[filter:unauthenticated-context] -paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory -delay_auth_decision = true diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/glance-api.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/glance-api.conf deleted file mode 100644 index 9a1537f..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/glance-api.conf +++ /dev/null @@ -1,364 +0,0 @@ -[DEFAULT] -# Show more verbose log output (sets INFO log level output) -#verbose = False -verbose = true - -# Show debugging output in logs (sets DEBUG log level output) -#debug = False -debug = true - -# Which backend scheme should Glance use by default is not specified -# in a request to add a new image to Glance? Known schemes are determined -# by the known_stores option below. -# Default: 'file' -default_store = file - -# List of which store classes and store class locations are -# currently known to glance at startup. -#known_stores = glance.store.filesystem.Store, -# glance.store.http.Store, -# glance.store.rbd.Store, -# glance.store.s3.Store, -# glance.store.swift.Store, - - -# Maximum image size (in bytes) that may be uploaded through the -# Glance API server. Defaults to 1 TB. -# WARNING: this value should only be increased after careful consideration -# and must be set to a value under 8 EB (9223372036854775808). -#image_size_cap = 1099511627776 - -# Address to bind the API server -bind_host = 0.0.0.0 - -# Port the bind the API server to -bind_port = 9292 - -# Log to this file. Make sure you do not set the same log -# file for both the API and registry servers! -log_file = /var/log/glance/api.log - -# Backlog requests when creating socket -backlog = 4096 - -# TCP_KEEPIDLE value in seconds when creating socket. -# Not supported on OS X. -#tcp_keepidle = 600 - -# SQLAlchemy connection string for the reference implementation -# registry server. Any valid SQLAlchemy connection string is fine. -# See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine -sql_connection = mysql://glance:dG7AbYrO@127.0.0.1/glance - -# Period in seconds after which SQLAlchemy should reestablish its connection -# to the database. -# -# MySQL uses a default `wait_timeout` of 8 hours, after which it will drop -# idle connections. This can result in 'MySQL Gone Away' exceptions. If you -# notice this, you can lower this value to ensure that SQLAlchemy reconnects -# before MySQL can drop the connection. -sql_idle_timeout = 3600 - -# Number of Glance API worker processes to start. -# On machines with more than one CPU increasing this value -# may improve performance (especially if using SSL with -# compression turned on). It is typically recommended to set -# this value to the number of CPUs present on your machine. -workers = 1 - -# Role used to identify an authenticated user as administrator -#admin_role = admin - -# Allow unauthenticated users to access the API with read-only -# privileges. This only applies when using ContextMiddleware. -#allow_anonymous_access = False - -# Allow access to version 1 of glance api -#enable_v1_api = True - -# Allow access to version 2 of glance api -#enable_v2_api = True - -# Return the URL that references where the data is stored on -# the backend storage system. For example, if using the -# file system store a URL of 'file:///path/to/image' will -# be returned to the user in the 'direct_url' meta-data field. -# The default value is false. -#show_image_direct_url = False - -# ================= Syslog Options ============================ - -# Send logs to syslog (/dev/log) instead of to file specified -# by `log_file` -#use_syslog = False -use_syslog = False - -# Facility to use. If unset defaults to LOG_USER. -#syslog_log_facility = LOG_LOCAL0 - -# ================= SSL Options =============================== - -# Certificate file to use when starting API server securely -#cert_file = /path/to/certfile - -# Private key file to use when starting API server securely -#key_file = /path/to/keyfile - -# CA certificate file to use to verify connecting clients -#ca_file = /path/to/cafile - -# ================= Security Options ========================== - -# AES key for encrypting store 'location' metadata, including -# -- if used -- Swift or S3 credentials -# Should be set to a random string of length 16, 24 or 32 bytes -#metadata_encryption_key = <16, 24 or 32 char registry metadata key> - -# ============ Registry Options =============================== - -# Address to find the registry server -registry_host = 127.0.0.1 - -# Port the registry server is listening on -registry_port = 9191 - -# What protocol to use when connecting to the registry server? -# Set to https for secure HTTP communication -registry_client_protocol = http - -# The path to the key file to use in SSL connections to the -# registry server, if any. Alternately, you may set the -# GLANCE_CLIENT_KEY_FILE environ variable to a filepath of the key file -#registry_client_key_file = /path/to/key/file - -# The path to the cert file to use in SSL connections to the -# registry server, if any. Alternately, you may set the -# GLANCE_CLIENT_CERT_FILE environ variable to a filepath of the cert file -#registry_client_cert_file = /path/to/cert/file - -# The path to the certifying authority cert file to use in SSL connections -# to the registry server, if any. Alternately, you may set the -# GLANCE_CLIENT_CA_FILE environ variable to a filepath of the CA cert file -#registry_client_ca_file = /path/to/ca/file - -# When using SSL in connections to the registry server, do not require -# validation via a certifying authority. This is the registry's equivalent of -# specifying --insecure on the command line using glanceclient for the API -# Default: False -#registry_client_insecure = False - -# The period of time, in seconds, that the API server will wait for a registry -# request to complete. A value of '0' implies no timeout. -# Default: 600 -#registry_client_timeout = 600 - -# Whether to automatically create the database tables. -# Default: False -#db_auto_create = False - -# ============ Notification System Options ===================== - -# Notifications can be sent when images are create, updated or deleted. -# There are three methods of sending notifications, logging (via the -# log_file directive), rabbit (via a rabbitmq queue), qpid (via a Qpid -# message queue), or noop (no notifications sent, the default) -notifier_strategy = noop - -# Configuration options if sending notifications via rabbitmq (these are -# the defaults) -rabbit_host = localhost -rabbit_port = 5672 -rabbit_use_ssl = false -rabbit_userid = guest -rabbit_password = guest -rabbit_virtual_host = / -rabbit_notification_exchange = glance -rabbit_notification_topic = notifications -rabbit_durable_queues = False - -# Configuration options if sending notifications via Qpid (these are -# the defaults) -qpid_notification_exchange = glance -qpid_notification_topic = notifications -qpid_host = localhost -qpid_port = 5672 -qpid_username = -qpid_password = -qpid_sasl_mechanisms = -qpid_reconnect_timeout = 0 -qpid_reconnect_limit = 0 -qpid_reconnect_interval_min = 0 -qpid_reconnect_interval_max = 0 -qpid_reconnect_interval = 0 -qpid_heartbeat = 5 -# Set to 'ssl' to enable SSL -qpid_protocol = tcp -qpid_tcp_nodelay = True - -# ============ Filesystem Store Options ======================== - -# Directory that the Filesystem backend store -# writes image data to -filesystem_store_datadir = /var/lib/glance/images/ - -# ============ Swift Store Options ============================= - -# Version of the authentication service to use -# Valid versions are '2' for keystone and '1' for swauth and rackspace -swift_store_auth_version = 2 - -# Address where the Swift authentication service lives -# Valid schemes are 'http://' and 'https://' -# If no scheme specified, default to 'https://' -# For swauth, use something like '127.0.0.1:8080/v1.0/' -swift_store_auth_address = 127.0.0.1:5000/v2.0/ - -# User to authenticate against the Swift authentication service -# If you use Swift authentication service, set it to 'account':'user' -# where 'account' is a Swift storage account and 'user' -# is a user in that account -swift_store_user = jdoe:jdoe - -# Auth key for the user authenticating against the -# Swift authentication service -swift_store_key = a86850deb2742ec3cb41518e26aa2d89 - -# Container within the account that the account should use -# for storing images in Swift -swift_store_container = glance - -# Do we create the container if it does not exist? -swift_store_create_container_on_put = False - -# What size, in MB, should Glance start chunking image files -# and do a large object manifest in Swift? By default, this is -# the maximum object size in Swift, which is 5GB -swift_store_large_object_size = 5120 - -# When doing a large object manifest, what size, in MB, should -# Glance write chunks to Swift? This amount of data is written -# to a temporary disk buffer during the process of chunking -# the image file, and the default is 200MB -swift_store_large_object_chunk_size = 200 - -# Whether to use ServiceNET to communicate with the Swift storage servers. -# (If you aren't RACKSPACE, leave this False!) -# -# To use ServiceNET for authentication, prefix hostname of -# `swift_store_auth_address` with 'snet-'. -# Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/ -swift_enable_snet = False - -# If set to True enables multi-tenant storage mode which causes Glance images -# to be stored in tenant specific Swift accounts. -#swift_store_multi_tenant = False - -# A list of swift ACL strings that will be applied as both read and -# write ACLs to the containers created by Glance in multi-tenant -# mode. This grants the specified tenants/users read and write access -# to all newly created image objects. The standard swift ACL string -# formats are allowed, including: -# : -# : -# *: -# Multiple ACLs can be combined using a comma separated list, for -# example: swift_store_admin_tenants = service:glance,*:admin -#swift_store_admin_tenants = - -# The region of the swift endpoint to be used for single tenant. This setting -# is only necessary if the tenant has multiple swift endpoints. -#swift_store_region = - -# ============ S3 Store Options ============================= - -# Address where the S3 authentication service lives -# Valid schemes are 'http://' and 'https://' -# If no scheme specified, default to 'http://' -s3_store_host = 127.0.0.1:8080/v1.0/ - -# User to authenticate against the S3 authentication service -s3_store_access_key = <20-char AWS access key> - -# Auth key for the user authenticating against the -# S3 authentication service -s3_store_secret_key = <40-char AWS secret key> - -# Container within the account that the account should use -# for storing images in S3. Note that S3 has a flat namespace, -# so you need a unique bucket name for your glance images. An -# easy way to do this is append your AWS access key to "glance". -# S3 buckets in AWS *must* be lowercased, so remember to lowercase -# your AWS access key if you use it in your bucket name below! -s3_store_bucket = glance - -# Do we create the bucket if it does not exist? -s3_store_create_bucket_on_put = False - -# When sending images to S3, the data will first be written to a -# temporary buffer on disk. By default the platform's temporary directory -# will be used. If required, an alternative directory can be specified here. -#s3_store_object_buffer_dir = /path/to/dir - -# When forming a bucket url, boto will either set the bucket name as the -# subdomain or as the first token of the path. Amazon's S3 service will -# accept it as the subdomain, but Swift's S3 middleware requires it be -# in the path. Set this to 'path' or 'subdomain' - defaults to 'subdomain'. -#s3_store_bucket_url_format = subdomain - -# ============ RBD Store Options ============================= - -# Ceph configuration file path -# If using cephx authentication, this file should -# include a reference to the right keyring -# in a client. section -rbd_store_ceph_conf = /etc/ceph/ceph.conf - -# RADOS user to authenticate as (only applicable if using cephx) -rbd_store_user = glance - -# RADOS pool in which images are stored -rbd_store_pool = images - -# Images will be chunked into objects of this size (in megabytes). -# For best performance, this should be a power of two -rbd_store_chunk_size = 8 - -# ============ Delayed Delete Options ============================= - -# Turn on/off delayed delete -delayed_delete = False - -# Delayed delete time in seconds -scrub_time = 43200 - -# Directory that the scrubber will use to remind itself of what to delete -# Make sure this is also set in glance-scrubber.conf -scrubber_datadir = /var/lib/glance/scrubber - -# =============== Image Cache Options ============================= - -# Base directory that the Image Cache uses -image_cache_dir = /var/lib/glance/image-cache/ -log_config=/etc/glance/logging.conf - -[keystone_authtoken] -auth_host = 127.0.0.1 -auth_port = 35357 -auth_protocol = http -admin_tenant_name = services -admin_user = glance -admin_password = PT4deDMj -signing_dirname=/tmp/keystone-signing-glance -auth_uri=http://127.0.0.1:35357 -signing_dir=/tmp/keystone-signing-glance - -[paste_deploy] -# Name of the paste configuration file that defines the available pipelines -#config_file = glance-api-paste.ini - -# Partial name of a pipeline in your paste configuration file with the -# service name removed. For example, if your paste section name is -# [pipeline:glance-api-keystone], you would configure the flavor below -# as 'keystone'. -#flavor= -flavor=keystone+cachemanagement diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/glance-cache.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/glance-cache.conf deleted file mode 100644 index ba60f86..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/glance-cache.conf +++ /dev/null @@ -1,149 +0,0 @@ -[DEFAULT] -# Show more verbose log output (sets INFO log level output) -#verbose = False -verbose = true - -# Show debugging output in logs (sets DEBUG log level output) -#debug = False -debug = true - -log_file = /var/log/glance/image-cache.log - -# Send logs to syslog (/dev/log) instead of to file specified by `log_file` -#use_syslog = False -use_syslog = False - -# Directory that the Image Cache writes data to -image_cache_dir = /var/lib/glance/image-cache/ - -# Number of seconds after which we should consider an incomplete image to be -# stalled and eligible for reaping -image_cache_stall_time = 86400 - -# image_cache_invalid_entry_grace_period - seconds -# -# If an exception is raised as we're writing to the cache, the cache-entry is -# deemed invalid and moved to /invalid so that it can be -# inspected for debugging purposes. -# -# This is number of seconds to leave these invalid images around before they -# are elibible to be reaped. -image_cache_invalid_entry_grace_period = 3600 - -# Max cache size in bytes -image_cache_max_size = 10737418240 - -# Address to find the registry server -registry_host = 127.0.0.1 - -# Port the registry server is listening on -registry_port = 9191 - -# Auth settings if using Keystone -# auth_url = http://127.0.0.1:5000/v2.0/ -auth_url = http://127.0.0.1:35357 -# admin_tenant_name = %SERVICE_TENANT_NAME% -admin_tenant_name = services -# admin_user = %SERVICE_USER% -admin_user = glance -# admin_password = %SERVICE_PASSWORD% -admin_password = PT4deDMj - -# List of which store classes and store class locations are -# currently known to glance at startup. -# known_stores = glance.store.filesystem.Store, -# glance.store.http.Store, -# glance.store.rbd.Store, -# glance.store.s3.Store, -# glance.store.swift.Store, - -# ============ Filesystem Store Options ======================== - -# Directory that the Filesystem backend store -# writes image data to -filesystem_store_datadir = /var/lib/glance/images/ - -# ============ Swift Store Options ============================= - -# Version of the authentication service to use -# Valid versions are '2' for keystone and '1' for swauth and rackspace -swift_store_auth_version = 2 - -# Address where the Swift authentication service lives -# Valid schemes are 'http://' and 'https://' -# If no scheme specified, default to 'https://' -# For swauth, use something like '127.0.0.1:8080/v1.0/' -swift_store_auth_address = 127.0.0.1:5000/v2.0/ - -# User to authenticate against the Swift authentication service -# If you use Swift authentication service, set it to 'account':'user' -# where 'account' is a Swift storage account and 'user' -# is a user in that account -swift_store_user = jdoe:jdoe - -# Auth key for the user authenticating against the -# Swift authentication service -swift_store_key = a86850deb2742ec3cb41518e26aa2d89 - -# Container within the account that the account should use -# for storing images in Swift -swift_store_container = glance - -# Do we create the container if it does not exist? -swift_store_create_container_on_put = False - -# What size, in MB, should Glance start chunking image files -# and do a large object manifest in Swift? By default, this is -# the maximum object size in Swift, which is 5GB -swift_store_large_object_size = 5120 - -# When doing a large object manifest, what size, in MB, should -# Glance write chunks to Swift? This amount of data is written -# to a temporary disk buffer during the process of chunking -# the image file, and the default is 200MB -swift_store_large_object_chunk_size = 200 - -# Whether to use ServiceNET to communicate with the Swift storage servers. -# (If you aren't RACKSPACE, leave this False!) -# -# To use ServiceNET for authentication, prefix hostname of -# `swift_store_auth_address` with 'snet-'. -# Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/ -swift_enable_snet = False - -# ============ S3 Store Options ============================= - -# Address where the S3 authentication service lives -# Valid schemes are 'http://' and 'https://' -# If no scheme specified, default to 'http://' -s3_store_host = 127.0.0.1:8080/v1.0/ - -# User to authenticate against the S3 authentication service -s3_store_access_key = <20-char AWS access key> - -# Auth key for the user authenticating against the -# S3 authentication service -s3_store_secret_key = <40-char AWS secret key> - -# Container within the account that the account should use -# for storing images in S3. Note that S3 has a flat namespace, -# so you need a unique bucket name for your glance images. An -# easy way to do this is append your AWS access key to "glance". -# S3 buckets in AWS *must* be lowercased, so remember to lowercase -# your AWS access key if you use it in your bucket name below! -s3_store_bucket = glance - -# Do we create the bucket if it does not exist? -s3_store_create_bucket_on_put = False - -# When sending images to S3, the data will first be written to a -# temporary buffer on disk. By default the platform's temporary directory -# will be used. If required, an alternative directory can be specified here. -# s3_store_object_buffer_dir = /path/to/dir - -# ================= Security Options ========================== - -# AES key for encrypting store 'location' metadata, including -# -- if used -- Swift or S3 credentials -# Should be set to a random string of length 16, 24 or 32 bytes -# metadata_encryption_key = <16, 24 or 32 char registry metadata key> diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/glance-registry-paste.ini b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/glance-registry-paste.ini deleted file mode 100644 index 5519c5c..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/glance-registry-paste.ini +++ /dev/null @@ -1,19 +0,0 @@ -# Use this pipeline for no auth - DEFAULT -[pipeline:glance-registry] -pipeline = unauthenticated-context registryapp - -# Use this pipeline for keystone auth -[pipeline:glance-registry-keystone] -pipeline = authtoken context registryapp - -[app:registryapp] -paste.app_factory = glance.registry.api.v1:API.factory - -[filter:context] -paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory - -[filter:unauthenticated-context] -paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/glance-registry.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/glance-registry.conf deleted file mode 100644 index fbd5327..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/glance-registry.conf +++ /dev/null @@ -1,97 +0,0 @@ -[DEFAULT] -# Show more verbose log output (sets INFO log level output) -#verbose = False -verbose = true - -# Show debugging output in logs (sets DEBUG log level output) -#debug = False -debug = true - -# Address to bind the registry server -bind_host = 0.0.0.0 - -# Port the bind the registry server to -bind_port = 9191 - -# Log to this file. Make sure you do not set the same log -# file for both the API and registry servers! -log_file = /var/log/glance/registry.log - -# Backlog requests when creating socket -backlog = 4096 - -# TCP_KEEPIDLE value in seconds when creating socket. -# Not supported on OS X. -#tcp_keepidle = 600 - -# SQLAlchemy connection string for the reference implementation -# registry server. Any valid SQLAlchemy connection string is fine. -# See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine -sql_connection = mysql://glance:dG7AbYrO@127.0.0.1/glance - -# Period in seconds after which SQLAlchemy should reestablish its connection -# to the database. -# -# MySQL uses a default `wait_timeout` of 8 hours, after which it will drop -# idle connections. This can result in 'MySQL Gone Away' exceptions. If you -# notice this, you can lower this value to ensure that SQLAlchemy reconnects -# before MySQL can drop the connection. -sql_idle_timeout = 3600 - -# Limit the api to return `param_limit_max` items in a call to a container. If -# a larger `limit` query param is provided, it will be reduced to this value. -api_limit_max = 1000 - -# If a `limit` query param is not provided in an api request, it will -# default to `limit_param_default` -limit_param_default = 25 - -# Role used to identify an authenticated user as administrator -#admin_role = admin - -# Whether to automatically create the database tables. -# Default: False -#db_auto_create = False - -# ================= Syslog Options ============================ - -# Send logs to syslog (/dev/log) instead of to file specified -# by `log_file` -#use_syslog = False -use_syslog = False - -# Facility to use. If unset defaults to LOG_USER. -#syslog_log_facility = LOG_LOCAL1 - -# ================= SSL Options =============================== - -# Certificate file to use when starting registry server securely -#cert_file = /path/to/certfile - -# Private key file to use when starting registry server securely -#key_file = /path/to/keyfile - -# CA certificate file to use to verify connecting clients -#ca_file = /path/to/cafile -log_config=/etc/glance/logging.conf - -[keystone_authtoken] -auth_host = 127.0.0.1 -auth_port = 35357 -auth_protocol = http -admin_tenant_name = services -admin_user = glance -admin_password = PT4deDMj -signing_dir=/tmp/keystone-signing-glance -signing_dirname=/tmp/keystone-signing-glance - -[paste_deploy] -# Name of the paste configuration file that defines the available pipelines -#config_file = glance-registry-paste.ini - -# Partial name of a pipeline in your paste configuration file with the -# service name removed. For example, if your paste section name is -# [pipeline:glance-registry-keystone], you would configure the flavor below -# as 'keystone'. -#flavor= -flavor=keystone diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/glance-scrubber.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/glance-scrubber.conf deleted file mode 100644 index 9273043..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/glance-scrubber.conf +++ /dev/null @@ -1,40 +0,0 @@ -[DEFAULT] -# Show more verbose log output (sets INFO log level output) -#verbose = False - -# Show debugging output in logs (sets DEBUG log level output) -#debug = False - -# Log to this file. Make sure you do not set the same log -# file for both the API and registry servers! -log_file = /var/log/glance/scrubber.log - -# Send logs to syslog (/dev/log) instead of to file specified by `log_file` -#use_syslog = False - -# Should we run our own loop or rely on cron/scheduler to run us -daemon = False - -# Loop time between checking for new items to schedule for delete -wakeup_time = 300 - -# Directory that the scrubber will use to remind itself of what to delete -# Make sure this is also set in glance-api.conf -scrubber_datadir = /var/lib/glance/scrubber - -# Only one server in your deployment should be designated the cleanup host -cleanup_scrubber = False - -# pending_delete items older than this time are candidates for cleanup -cleanup_scrubber_time = 86400 - -# Address to find the registry server for cleanups -registry_host = 0.0.0.0 - -# Port the registry server is listening on -registry_port = 9191 - -# AES key for encrypting store 'location' metadata, including -# -- if used -- Swift or S3 credentials -# Should be set to a random string of length 16, 24 or 32 bytes -#metadata_encryption_key = <16, 24 or 32 char registry metadata key> diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/logging.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/logging.conf deleted file mode 100644 index 319e40e..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/logging.conf +++ /dev/null @@ -1,21 +0,0 @@ -[loggers] -keys = root - -[handlers] -keys = syslog - -[formatters] -keys = default - -[logger_root] -level = DEBUG -handlers = syslog -qualname = glance - -[handler_syslog] -class = handlers.SysLogHandler -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL2) -formatter = default - -[formatter_default] -format = glance %(name)s %(levelname)s %(message)s diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/policy.json b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/policy.json deleted file mode 100644 index 30ef83c..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/policy.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "default": "", - "manage_image_cache": "role:admin" -} diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/schema-image.json b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/schema-image.json deleted file mode 100644 index 5aafd6b..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/glance/schema-image.json +++ /dev/null @@ -1,28 +0,0 @@ -{ - "kernel_id": { - "type": "string", - "pattern": "^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$", - "description": "ID of image stored in Glance that should be used as the kernel when booting an AMI-style image." - }, - "ramdisk_id": { - "type": "string", - "pattern": "^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$", - "description": "ID of image stored in Glance that should be used as the ramdisk when booting an AMI-style image." - }, - "instance_uuid": { - "type": "string", - "description": "ID of instance used to create this image." - }, - "architecture": { - "description": "Operating system architecture as specified in http://docs.openstack.org/trunk/openstack-compute/admin/content/adding-images.html", - "type": "string" - }, - "os_distro": { - "description": "Common name of operating system distribution as specified in http://docs.openstack.org/trunk/openstack-compute/admin/content/adding-images.html", - "type": "string" - }, - "os_version": { - "description": "Operating system version as specified by the distributor", - "type": "string" - } -} diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf.d/README b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf.d/README deleted file mode 100644 index c12e149..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf.d/README +++ /dev/null @@ -1,9 +0,0 @@ - -This directory holds Apache 2.0 module-specific configuration files; -any files in this directory which have the ".conf" extension will be -processed as Apache configuration files. - -Files are processed in alphabetical order, so if using configuration -directives which depend on, say, mod_perl being loaded, ensure that -these are placed in a filename later in the sort order than "perl.conf". - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf.d/openstack-dashboard.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf.d/openstack-dashboard.conf deleted file mode 100644 index 67bfbce..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf.d/openstack-dashboard.conf +++ /dev/null @@ -1,33 +0,0 @@ -WSGIDaemonProcess dashboard -WSGIProcessGroup dashboard -WSGISocketPrefix run/wsgi - -WSGIScriptAlias /dashboard /usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi -Alias /static /usr/share/openstack-dashboard/static - - - - SetOutputFilter DEFLATE - - # Make sure proxies don’t deliver the wrong content - Header append Vary User-Agent env=!dont-vary - - - - Order allow,deny - Allow from all - - - - - ExpiresActive On - ExpiresDefault "access 6 month" - - - SetOutputFilter DEFLATE - - - Order allow,deny - Allow from all - - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf.d/ports.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf.d/ports.conf deleted file mode 100644 index b5b0801..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf.d/ports.conf +++ /dev/null @@ -1,8 +0,0 @@ -# If you just change the port or add more ports here, you will likely also -# have to change the VirtualHost statement - -NameVirtualHost *:80 -Listen 0.0.0.0:80 - - - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf.d/ssl.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf.d/ssl.conf deleted file mode 100644 index 0e7c5e0..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf.d/ssl.conf +++ /dev/null @@ -1,10 +0,0 @@ -# -# This file autogenerated by Puppet -# Do not edit, changes will be overwritten -# - -RedirectMatch permanent ^/$ /dashboard/ - - - - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf.d/welcome.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf.d/welcome.conf deleted file mode 100644 index c1d23c5..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf.d/welcome.conf +++ /dev/null @@ -1,11 +0,0 @@ -# -# This configuration file enables the default "Welcome" -# page if there is no default index page present for -# the root URL. To disable the Welcome page, comment -# out all the lines below. -# - - Options -Indexes - ErrorDocument 403 /error/noindex.html - - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf.d/wsgi.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf.d/wsgi.conf deleted file mode 100644 index 19f3567..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf.d/wsgi.conf +++ /dev/null @@ -1 +0,0 @@ -LoadModule wsgi_module modules/mod_wsgi.so diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf/httpd.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf/httpd.conf deleted file mode 100644 index 9a092df..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf/httpd.conf +++ /dev/null @@ -1,1008 +0,0 @@ -# -# This is the main Apache server configuration file. It contains the -# configuration directives that give the server its instructions. -# See for detailed information. -# In particular, see -# -# for a discussion of each configuration directive. -# -# -# Do NOT simply read the instructions in here without understanding -# what they do. They're here only as hints or reminders. If you are unsure -# consult the online docs. You have been warned. -# -# The configuration directives are grouped into three basic sections: -# 1. Directives that control the operation of the Apache server process as a -# whole (the 'global environment'). -# 2. Directives that define the parameters of the 'main' or 'default' server, -# which responds to requests that aren't handled by a virtual host. -# These directives also provide default values for the settings -# of all virtual hosts. -# 3. Settings for virtual hosts, which allow Web requests to be sent to -# different IP addresses or hostnames and have them handled by the -# same Apache server process. -# -# Configuration and logfile names: If the filenames you specify for many -# of the server's control files begin with "/" (or "drive:/" for Win32), the -# server will use that explicit path. If the filenames do *not* begin -# with "/", the value of ServerRoot is prepended -- so "logs/foo.log" -# with ServerRoot set to "/etc/httpd" will be interpreted by the -# server as "/etc/httpd/logs/foo.log". -# - -### Section 1: Global Environment -# -# The directives in this section affect the overall operation of Apache, -# such as the number of concurrent requests it can handle or where it -# can find its configuration files. -# - -# -# Don't give away too much information about all the subcomponents -# we are running. Comment out this line if you don't mind remote sites -# finding out what major optional modules you are running -ServerTokens OS - -# -# ServerRoot: The top of the directory tree under which the server's -# configuration, error, and log files are kept. -# -# NOTE! If you intend to place this on an NFS (or otherwise network) -# mounted filesystem then please read the LockFile documentation -# (available at ); -# you will save yourself a lot of trouble. -# -# Do NOT add a slash at the end of the directory path. -# -ServerRoot "/etc/httpd" - -# -# PidFile: The file in which the server should record its process -# identification number when it starts. Note the PIDFILE variable in -# /etc/sysconfig/httpd must be set appropriately if this location is -# changed. -# -PidFile run/httpd.pid - -# -# Timeout: The number of seconds before receives and sends time out. -# -Timeout 60 - -# -# KeepAlive: Whether or not to allow persistent connections (more than -# one request per connection). Set to "Off" to deactivate. -# -KeepAlive Off - -# -# MaxKeepAliveRequests: The maximum number of requests to allow -# during a persistent connection. Set to 0 to allow an unlimited amount. -# We recommend you leave this number high, for maximum performance. -# -MaxKeepAliveRequests 100 - -# -# KeepAliveTimeout: Number of seconds to wait for the next request from the -# same client on the same connection. -# -KeepAliveTimeout 15 - -## -## Server-Pool Size Regulation (MPM specific) -## - -# prefork MPM -# StartServers: number of server processes to start -# MinSpareServers: minimum number of server processes which are kept spare -# MaxSpareServers: maximum number of server processes which are kept spare -# ServerLimit: maximum value for MaxClients for the lifetime of the server -# MaxClients: maximum number of server processes allowed to start -# MaxRequestsPerChild: maximum number of requests a server process serves - -StartServers 8 -MinSpareServers 5 -MaxSpareServers 20 -ServerLimit 256 -MaxClients 256 -MaxRequestsPerChild 4000 - - -# worker MPM -# StartServers: initial number of server processes to start -# MaxClients: maximum number of simultaneous client connections -# MinSpareThreads: minimum number of worker threads which are kept spare -# MaxSpareThreads: maximum number of worker threads which are kept spare -# ThreadsPerChild: constant number of worker threads in each server process -# MaxRequestsPerChild: maximum number of requests a server process serves - -StartServers 4 -MaxClients 300 -MinSpareThreads 25 -MaxSpareThreads 75 -ThreadsPerChild 25 -MaxRequestsPerChild 0 - - -# -# Listen: Allows you to bind Apache to specific IP addresses and/or -# ports, in addition to the default. See also the -# directive. -# -# Change this to Listen on specific IP addresses as shown below to -# prevent Apache from glomming onto all bound IP addresses (0.0.0.0) -# -#Listen 12.34.56.78:80 - -# -# Dynamic Shared Object (DSO) Support -# -# To be able to use the functionality of a module which was built as a DSO you -# have to place corresponding `LoadModule' lines at this location so the -# directives contained in it are actually available _before_ they are used. -# Statically compiled modules (those listed by `httpd -l') do not need -# to be loaded here. -# -# Example: -# LoadModule foo_module modules/mod_foo.so -# -LoadModule auth_basic_module modules/mod_auth_basic.so -LoadModule auth_digest_module modules/mod_auth_digest.so -LoadModule authn_file_module modules/mod_authn_file.so -LoadModule authn_alias_module modules/mod_authn_alias.so -LoadModule authn_anon_module modules/mod_authn_anon.so -LoadModule authn_dbm_module modules/mod_authn_dbm.so -LoadModule authn_default_module modules/mod_authn_default.so -LoadModule authz_host_module modules/mod_authz_host.so -LoadModule authz_user_module modules/mod_authz_user.so -LoadModule authz_owner_module modules/mod_authz_owner.so -LoadModule authz_groupfile_module modules/mod_authz_groupfile.so -LoadModule authz_dbm_module modules/mod_authz_dbm.so -LoadModule authz_default_module modules/mod_authz_default.so -LoadModule ldap_module modules/mod_ldap.so -LoadModule authnz_ldap_module modules/mod_authnz_ldap.so -LoadModule include_module modules/mod_include.so -LoadModule log_config_module modules/mod_log_config.so -LoadModule logio_module modules/mod_logio.so -LoadModule env_module modules/mod_env.so -LoadModule ext_filter_module modules/mod_ext_filter.so -LoadModule mime_magic_module modules/mod_mime_magic.so -LoadModule expires_module modules/mod_expires.so -LoadModule deflate_module modules/mod_deflate.so -LoadModule headers_module modules/mod_headers.so -LoadModule usertrack_module modules/mod_usertrack.so -LoadModule setenvif_module modules/mod_setenvif.so -LoadModule mime_module modules/mod_mime.so -LoadModule dav_module modules/mod_dav.so -LoadModule status_module modules/mod_status.so -LoadModule autoindex_module modules/mod_autoindex.so -LoadModule info_module modules/mod_info.so -LoadModule dav_fs_module modules/mod_dav_fs.so -LoadModule vhost_alias_module modules/mod_vhost_alias.so -LoadModule negotiation_module modules/mod_negotiation.so -LoadModule dir_module modules/mod_dir.so -LoadModule actions_module modules/mod_actions.so -LoadModule speling_module modules/mod_speling.so -LoadModule userdir_module modules/mod_userdir.so -LoadModule alias_module modules/mod_alias.so -LoadModule substitute_module modules/mod_substitute.so -LoadModule rewrite_module modules/mod_rewrite.so -LoadModule proxy_module modules/mod_proxy.so -LoadModule proxy_balancer_module modules/mod_proxy_balancer.so -LoadModule proxy_ftp_module modules/mod_proxy_ftp.so -LoadModule proxy_http_module modules/mod_proxy_http.so -LoadModule proxy_ajp_module modules/mod_proxy_ajp.so -LoadModule proxy_connect_module modules/mod_proxy_connect.so -LoadModule cache_module modules/mod_cache.so -LoadModule suexec_module modules/mod_suexec.so -LoadModule disk_cache_module modules/mod_disk_cache.so -LoadModule cgi_module modules/mod_cgi.so -LoadModule version_module modules/mod_version.so - -# -# The following modules are not loaded by default: -# -#LoadModule asis_module modules/mod_asis.so -#LoadModule authn_dbd_module modules/mod_authn_dbd.so -#LoadModule cern_meta_module modules/mod_cern_meta.so -#LoadModule cgid_module modules/mod_cgid.so -#LoadModule dbd_module modules/mod_dbd.so -#LoadModule dumpio_module modules/mod_dumpio.so -#LoadModule filter_module modules/mod_filter.so -#LoadModule ident_module modules/mod_ident.so -#LoadModule log_forensic_module modules/mod_log_forensic.so -#LoadModule unique_id_module modules/mod_unique_id.so -# - -# -# Load config files from the config directory "/etc/httpd/conf.d". -# -Include conf.d/*.conf - -# -# ExtendedStatus controls whether Apache will generate "full" status -# information (ExtendedStatus On) or just basic information (ExtendedStatus -# Off) when the "server-status" handler is called. The default is Off. -# -#ExtendedStatus On - -# -# If you wish httpd to run as a different user or group, you must run -# httpd as root initially and it will switch. -# -# User/Group: The name (or #number) of the user/group to run httpd as. -# . On SCO (ODT 3) use "User nouser" and "Group nogroup". -# . On HPUX you may not be able to use shared memory as nobody, and the -# suggested workaround is to create a user www and use that user. -# NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET) -# when the value of (unsigned)Group is above 60000; -# don't use Group #-1 on these systems! -# -User apache -Group apache - -### Section 2: 'Main' server configuration -# -# The directives in this section set up the values used by the 'main' -# server, which responds to any requests that aren't handled by a -# definition. These values also provide defaults for -# any containers you may define later in the file. -# -# All of these directives may appear inside containers, -# in which case these default settings will be overridden for the -# virtual host being defined. -# - -# -# ServerAdmin: Your address, where problems with the server should be -# e-mailed. This address appears on some server-generated pages, such -# as error documents. e.g. admin@your-domain.com -# -ServerAdmin root@localhost - -# -# ServerName gives the name and port that the server uses to identify itself. -# This can often be determined automatically, but we recommend you specify -# it explicitly to prevent problems during startup. -# -# If this is not set to valid DNS name for your host, server-generated -# redirections will not work. See also the UseCanonicalName directive. -# -# If your host doesn't have a registered DNS name, enter its IP address here. -# You will have to access it by its address anyway, and this will make -# redirections work in a sensible way. -# -#ServerName www.example.com:80 - -# -# UseCanonicalName: Determines how Apache constructs self-referencing -# URLs and the SERVER_NAME and SERVER_PORT variables. -# When set "Off", Apache will use the Hostname and Port supplied -# by the client. When set "On", Apache will use the value of the -# ServerName directive. -# -UseCanonicalName Off - -# -# DocumentRoot: The directory out of which you will serve your -# documents. By default, all requests are taken from this directory, but -# symbolic links and aliases may be used to point to other locations. -# -DocumentRoot "/var/www/html" - -# -# Each directory to which Apache has access can be configured with respect -# to which services and features are allowed and/or disabled in that -# directory (and its subdirectories). -# -# First, we configure the "default" to be a very restrictive set of -# features. -# - - Options FollowSymLinks - AllowOverride None - - -# -# Note that from this point forward you must specifically allow -# particular features to be enabled - so if something's not working as -# you might expect, make sure that you have specifically enabled it -# below. -# - -# -# This should be changed to whatever you set DocumentRoot to. -# - - -# -# Possible values for the Options directive are "None", "All", -# or any combination of: -# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews -# -# Note that "MultiViews" must be named *explicitly* --- "Options All" -# doesn't give it to you. -# -# The Options directive is both complicated and important. Please see -# http://httpd.apache.org/docs/2.2/mod/core.html#options -# for more information. -# - Options Indexes FollowSymLinks - -# -# AllowOverride controls what directives may be placed in .htaccess files. -# It can be "All", "None", or any combination of the keywords: -# Options FileInfo AuthConfig Limit -# - AllowOverride None - -# -# Controls who can get stuff from this server. -# - Order allow,deny - Allow from all - - - -# -# UserDir: The name of the directory that is appended onto a user's home -# directory if a ~user request is received. -# -# The path to the end user account 'public_html' directory must be -# accessible to the webserver userid. This usually means that ~userid -# must have permissions of 711, ~userid/public_html must have permissions -# of 755, and documents contained therein must be world-readable. -# Otherwise, the client will only receive a "403 Forbidden" message. -# -# See also: http://httpd.apache.org/docs/misc/FAQ.html#forbidden -# - - # - # UserDir is disabled by default since it can confirm the presence - # of a username on the system (depending on home directory - # permissions). - # - UserDir disabled - - # - # To enable requests to /~user/ to serve the user's public_html - # directory, remove the "UserDir disabled" line above, and uncomment - # the following line instead: - # - #UserDir public_html - - - -# -# Control access to UserDir directories. The following is an example -# for a site where these directories are restricted to read-only. -# -# -# AllowOverride FileInfo AuthConfig Limit -# Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec -# -# Order allow,deny -# Allow from all -# -# -# Order deny,allow -# Deny from all -# -# - -# -# DirectoryIndex: sets the file that Apache will serve if a directory -# is requested. -# -# The index.html.var file (a type-map) is used to deliver content- -# negotiated documents. The MultiViews Option can be used for the -# same purpose, but it is much slower. -# -DirectoryIndex index.html index.html.var - -# -# AccessFileName: The name of the file to look for in each directory -# for additional configuration directives. See also the AllowOverride -# directive. -# -AccessFileName .htaccess - -# -# The following lines prevent .htaccess and .htpasswd files from being -# viewed by Web clients. -# - - Order allow,deny - Deny from all - Satisfy All - - -# -# TypesConfig describes where the mime.types file (or equivalent) is -# to be found. -# -TypesConfig /etc/mime.types - -# -# DefaultType is the default MIME type the server will use for a document -# if it cannot otherwise determine one, such as from filename extensions. -# If your server contains mostly text or HTML documents, "text/plain" is -# a good value. If most of your content is binary, such as applications -# or images, you may want to use "application/octet-stream" instead to -# keep browsers from trying to display binary files as though they are -# text. -# -DefaultType text/plain - -# -# The mod_mime_magic module allows the server to use various hints from the -# contents of the file itself to determine its type. The MIMEMagicFile -# directive tells the module where the hint definitions are located. -# - -# MIMEMagicFile /usr/share/magic.mime - MIMEMagicFile conf/magic - - -# -# HostnameLookups: Log the names of clients or just their IP addresses -# e.g., www.apache.org (on) or 204.62.129.132 (off). -# The default is off because it'd be overall better for the net if people -# had to knowingly turn this feature on, since enabling it means that -# each client request will result in AT LEAST one lookup request to the -# nameserver. -# -HostnameLookups Off - -# -# EnableMMAP: Control whether memory-mapping is used to deliver -# files (assuming that the underlying OS supports it). -# The default is on; turn this off if you serve from NFS-mounted -# filesystems. On some systems, turning it off (regardless of -# filesystem) can improve performance; for details, please see -# http://httpd.apache.org/docs/2.2/mod/core.html#enablemmap -# -#EnableMMAP off - -# -# EnableSendfile: Control whether the sendfile kernel support is -# used to deliver files (assuming that the OS supports it). -# The default is on; turn this off if you serve from NFS-mounted -# filesystems. Please see -# http://httpd.apache.org/docs/2.2/mod/core.html#enablesendfile -# -#EnableSendfile off - -# -# ErrorLog: The location of the error log file. -# If you do not specify an ErrorLog directive within a -# container, error messages relating to that virtual host will be -# logged here. If you *do* define an error logfile for a -# container, that host's errors will be logged there and not here. -# -ErrorLog logs/error_log - -# -# LogLevel: Control the number of messages logged to the error_log. -# Possible values include: debug, info, notice, warn, error, crit, -# alert, emerg. -# -LogLevel warn - -# -# The following directives define some format nicknames for use with -# a CustomLog directive (see below). -# -LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined -LogFormat "%h %l %u %t \"%r\" %>s %b" common -LogFormat "%{Referer}i -> %U" referer -LogFormat "%{User-agent}i" agent - -# "combinedio" includes actual counts of actual bytes received (%I) and sent (%O); this -# requires the mod_logio module to be loaded. -#LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio - -# -# The location and format of the access logfile (Common Logfile Format). -# If you do not define any access logfiles within a -# container, they will be logged here. Contrariwise, if you *do* -# define per- access logfiles, transactions will be -# logged therein and *not* in this file. -# -#CustomLog logs/access_log common - -# -# If you would like to have separate agent and referer logfiles, uncomment -# the following directives. -# -#CustomLog logs/referer_log referer -#CustomLog logs/agent_log agent - -# -# For a single logfile with access, agent, and referer information -# (Combined Logfile Format), use the following directive: -# -CustomLog logs/access_log combined - -# -# Optionally add a line containing the server version and virtual host -# name to server-generated pages (internal error documents, FTP directory -# listings, mod_status and mod_info output etc., but not CGI generated -# documents or custom error documents). -# Set to "EMail" to also include a mailto: link to the ServerAdmin. -# Set to one of: On | Off | EMail -# -ServerSignature On - -# -# Aliases: Add here as many aliases as you need (with no limit). The format is -# Alias fakename realname -# -# Note that if you include a trailing / on fakename then the server will -# require it to be present in the URL. So "/icons" isn't aliased in this -# example, only "/icons/". If the fakename is slash-terminated, then the -# realname must also be slash terminated, and if the fakename omits the -# trailing slash, the realname must also omit it. -# -# We include the /icons/ alias for FancyIndexed directory listings. If you -# do not use FancyIndexing, you may comment this out. -# -Alias /icons/ "/var/www/icons/" - - - Options Indexes MultiViews FollowSymLinks - AllowOverride None - Order allow,deny - Allow from all - - -# -# WebDAV module configuration section. -# - - # Location of the WebDAV lock database. - DAVLockDB /var/lib/dav/lockdb - - -# -# ScriptAlias: This controls which directories contain server scripts. -# ScriptAliases are essentially the same as Aliases, except that -# documents in the realname directory are treated as applications and -# run by the server when requested rather than as documents sent to the client. -# The same rules about trailing "/" apply to ScriptAlias directives as to -# Alias. -# -ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" - -# -# "/var/www/cgi-bin" should be changed to whatever your ScriptAliased -# CGI directory exists, if you have that configured. -# - - AllowOverride None - Options None - Order allow,deny - Allow from all - - -# -# Redirect allows you to tell clients about documents which used to exist in -# your server's namespace, but do not anymore. This allows you to tell the -# clients where to look for the relocated document. -# Example: -# Redirect permanent /foo http://www.example.com/bar - -# -# Directives controlling the display of server-generated directory listings. -# - -# -# IndexOptions: Controls the appearance of server-generated directory -# listings. -# -IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable Charset=UTF-8 - -# -# AddIcon* directives tell the server which icon to show for different -# files or filename extensions. These are only displayed for -# FancyIndexed directories. -# -AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip - -AddIconByType (TXT,/icons/text.gif) text/* -AddIconByType (IMG,/icons/image2.gif) image/* -AddIconByType (SND,/icons/sound2.gif) audio/* -AddIconByType (VID,/icons/movie.gif) video/* - -AddIcon /icons/binary.gif .bin .exe -AddIcon /icons/binhex.gif .hqx -AddIcon /icons/tar.gif .tar -AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv -AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip -AddIcon /icons/a.gif .ps .ai .eps -AddIcon /icons/layout.gif .html .shtml .htm .pdf -AddIcon /icons/text.gif .txt -AddIcon /icons/c.gif .c -AddIcon /icons/p.gif .pl .py -AddIcon /icons/f.gif .for -AddIcon /icons/dvi.gif .dvi -AddIcon /icons/uuencoded.gif .uu -AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl -AddIcon /icons/tex.gif .tex -AddIcon /icons/bomb.gif core - -AddIcon /icons/back.gif .. -AddIcon /icons/hand.right.gif README -AddIcon /icons/folder.gif ^^DIRECTORY^^ -AddIcon /icons/blank.gif ^^BLANKICON^^ - -# -# DefaultIcon is which icon to show for files which do not have an icon -# explicitly set. -# -DefaultIcon /icons/unknown.gif - -# -# AddDescription allows you to place a short description after a file in -# server-generated indexes. These are only displayed for FancyIndexed -# directories. -# Format: AddDescription "description" filename -# -#AddDescription "GZIP compressed document" .gz -#AddDescription "tar archive" .tar -#AddDescription "GZIP compressed tar archive" .tgz - -# -# ReadmeName is the name of the README file the server will look for by -# default, and append to directory listings. -# -# HeaderName is the name of a file which should be prepended to -# directory indexes. -ReadmeName README.html -HeaderName HEADER.html - -# -# IndexIgnore is a set of filenames which directory indexing should ignore -# and not include in the listing. Shell-style wildcarding is permitted. -# -IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t - -# -# DefaultLanguage and AddLanguage allows you to specify the language of -# a document. You can then use content negotiation to give a browser a -# file in a language the user can understand. -# -# Specify a default language. This means that all data -# going out without a specific language tag (see below) will -# be marked with this one. You probably do NOT want to set -# this unless you are sure it is correct for all cases. -# -# * It is generally better to not mark a page as -# * being a certain language than marking it with the wrong -# * language! -# -# DefaultLanguage nl -# -# Note 1: The suffix does not have to be the same as the language -# keyword --- those with documents in Polish (whose net-standard -# language code is pl) may wish to use "AddLanguage pl .po" to -# avoid the ambiguity with the common suffix for perl scripts. -# -# Note 2: The example entries below illustrate that in some cases -# the two character 'Language' abbreviation is not identical to -# the two character 'Country' code for its country, -# E.g. 'Danmark/dk' versus 'Danish/da'. -# -# Note 3: In the case of 'ltz' we violate the RFC by using a three char -# specifier. There is 'work in progress' to fix this and get -# the reference data for rfc1766 cleaned up. -# -# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl) -# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de) -# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja) -# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn) -# Norwegian (no) - Polish (pl) - Portugese (pt) -# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv) -# Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW) -# -AddLanguage ca .ca -AddLanguage cs .cz .cs -AddLanguage da .dk -AddLanguage de .de -AddLanguage el .el -AddLanguage en .en -AddLanguage eo .eo -AddLanguage es .es -AddLanguage et .et -AddLanguage fr .fr -AddLanguage he .he -AddLanguage hr .hr -AddLanguage it .it -AddLanguage ja .ja -AddLanguage ko .ko -AddLanguage ltz .ltz -AddLanguage nl .nl -AddLanguage nn .nn -AddLanguage no .no -AddLanguage pl .po -AddLanguage pt .pt -AddLanguage pt-BR .pt-br -AddLanguage ru .ru -AddLanguage sv .sv -AddLanguage zh-CN .zh-cn -AddLanguage zh-TW .zh-tw - -# -# LanguagePriority allows you to give precedence to some languages -# in case of a tie during content negotiation. -# -# Just list the languages in decreasing order of preference. We have -# more or less alphabetized them here. You probably want to change this. -# -LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW - -# -# ForceLanguagePriority allows you to serve a result page rather than -# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback) -# [in case no accepted languages matched the available variants] -# -ForceLanguagePriority Prefer Fallback - -# -# Specify a default charset for all content served; this enables -# interpretation of all content as UTF-8 by default. To use the -# default browser choice (ISO-8859-1), or to allow the META tags -# in HTML content to override this choice, comment out this -# directive: -# -AddDefaultCharset UTF-8 - -# -# AddType allows you to add to or override the MIME configuration -# file mime.types for specific file types. -# -#AddType application/x-tar .tgz - -# -# AddEncoding allows you to have certain browsers uncompress -# information on the fly. Note: Not all browsers support this. -# Despite the name similarity, the following Add* directives have nothing -# to do with the FancyIndexing customization directives above. -# -#AddEncoding x-compress .Z -#AddEncoding x-gzip .gz .tgz - -# If the AddEncoding directives above are commented-out, then you -# probably should define those extensions to indicate media types: -# -AddType application/x-compress .Z -AddType application/x-gzip .gz .tgz - -# -# MIME-types for downloading Certificates and CRLs -# -AddType application/x-x509-ca-cert .crt -AddType application/x-pkcs7-crl .crl - -# -# AddHandler allows you to map certain file extensions to "handlers": -# actions unrelated to filetype. These can be either built into the server -# or added with the Action directive (see below) -# -# To use CGI scripts outside of ScriptAliased directories: -# (You will also need to add "ExecCGI" to the "Options" directive.) -# -#AddHandler cgi-script .cgi - -# -# For files that include their own HTTP headers: -# -#AddHandler send-as-is asis - -# -# For type maps (negotiated resources): -# (This is enabled by default to allow the Apache "It Worked" page -# to be distributed in multiple languages.) -# -AddHandler type-map var - -# -# Filters allow you to process content before it is sent to the client. -# -# To parse .shtml files for server-side includes (SSI): -# (You will also need to add "Includes" to the "Options" directive.) -# -AddType text/html .shtml -AddOutputFilter INCLUDES .shtml - -# -# Action lets you define media types that will execute a script whenever -# a matching file is called. This eliminates the need for repeated URL -# pathnames for oft-used CGI file processors. -# Format: Action media/type /cgi-script/location -# Format: Action handler-name /cgi-script/location -# - -# -# Customizable error responses come in three flavors: -# 1) plain text 2) local redirects 3) external redirects -# -# Some examples: -#ErrorDocument 500 "The server made a boo boo." -#ErrorDocument 404 /missing.html -#ErrorDocument 404 "/cgi-bin/missing_handler.pl" -#ErrorDocument 402 http://www.example.com/subscription_info.html -# - -# -# Putting this all together, we can internationalize error responses. -# -# We use Alias to redirect any /error/HTTP_.html.var response to -# our collection of by-error message multi-language collections. We use -# includes to substitute the appropriate text. -# -# You can modify the messages' appearance without changing any of the -# default HTTP_.html.var files by adding the line: -# -# Alias /error/include/ "/your/include/path/" -# -# which allows you to create your own set of files by starting with the -# /var/www/error/include/ files and -# copying them to /your/include/path/, even on a per-VirtualHost basis. -# - -Alias /error/ "/var/www/error/" - - - - - AllowOverride None - Options IncludesNoExec - AddOutputFilter Includes html - AddHandler type-map var - Order allow,deny - Allow from all - LanguagePriority en es de fr - ForceLanguagePriority Prefer Fallback - - -# ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var -# ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var -# ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var -# ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var -# ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var -# ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var -# ErrorDocument 410 /error/HTTP_GONE.html.var -# ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var -# ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var -# ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var -# ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var -# ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var -# ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var -# ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var -# ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var -# ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var -# ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var - - - - -# -# The following directives modify normal HTTP response behavior to -# handle known problems with browser implementations. -# -BrowserMatch "Mozilla/2" nokeepalive -BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 -BrowserMatch "RealPlayer 4\.0" force-response-1.0 -BrowserMatch "Java/1\.0" force-response-1.0 -BrowserMatch "JDK/1\.0" force-response-1.0 - -# -# The following directive disables redirects on non-GET requests for -# a directory that does not include the trailing slash. This fixes a -# problem with Microsoft WebFolders which does not appropriately handle -# redirects for folders with DAV methods. -# Same deal with Apple's DAV filesystem and Gnome VFS support for DAV. -# -BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully -BrowserMatch "MS FrontPage" redirect-carefully -BrowserMatch "^WebDrive" redirect-carefully -BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully -BrowserMatch "^gnome-vfs/1.0" redirect-carefully -BrowserMatch "^XML Spy" redirect-carefully -BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully - -# -# Allow server status reports generated by mod_status, -# with the URL of http://servername/server-status -# Change the ".example.com" to match your domain to enable. -# -# -# SetHandler server-status -# Order deny,allow -# Deny from all -# Allow from .example.com -# - -# -# Allow remote server configuration reports, with the URL of -# http://servername/server-info (requires that mod_info.c be loaded). -# Change the ".example.com" to match your domain to enable. -# -# -# SetHandler server-info -# Order deny,allow -# Deny from all -# Allow from .example.com -# - -# -# Proxy Server directives. Uncomment the following lines to -# enable the proxy server: -# -# -#ProxyRequests On -# -# -# Order deny,allow -# Deny from all -# Allow from .example.com -# - -# -# Enable/disable the handling of HTTP/1.1 "Via:" headers. -# ("Full" adds the server version; "Block" removes all outgoing Via: headers) -# Set to one of: Off | On | Full | Block -# -#ProxyVia On - -# -# To enable a cache of proxied content, uncomment the following lines. -# See http://httpd.apache.org/docs/2.2/mod/mod_cache.html for more details. -# -# -# CacheEnable disk / -# CacheRoot "/var/cache/mod_proxy" -# -# - -# -# End of proxy directives. - -### Section 3: Virtual Hosts -# -# VirtualHost: If you want to maintain multiple domains/hostnames on your -# machine you can setup VirtualHost containers for them. Most configurations -# use only name-based virtual hosts so the server doesn't need to worry about -# IP addresses. This is indicated by the asterisks in the directives below. -# -# Please see the documentation at -# -# for further details before you try to setup virtual hosts. -# -# You may use the command line option '-S' to verify your virtual host -# configuration. - -# -# Use name-based virtual hosting. -# -#NameVirtualHost *:80 -# -# NOTE: NameVirtualHost cannot be used without a port specifier -# (e.g. :80) if mod_ssl is being used, due to the nature of the -# SSL protocol. -# - -# -# VirtualHost example: -# Almost any Apache directive may go into a VirtualHost container. -# The first VirtualHost section is used for requests without a known -# server name. -# -# -# ServerAdmin webmaster@dummy-host.example.com -# DocumentRoot /www/docs/dummy-host.example.com -# ServerName dummy-host.example.com -# ErrorLog logs/dummy-host.example.com-error_log -# CustomLog logs/dummy-host.example.com-access_log common -# diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf/magic b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf/magic deleted file mode 100644 index 8e8fdd9..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/conf/magic +++ /dev/null @@ -1,386 +0,0 @@ -# Magic data for mod_mime_magic Apache module (originally for file(1) command) -# The module is described in /manual/mod/mod_mime_magic.html -# -# The format is 4-5 columns: -# Column #1: byte number to begin checking from, ">" indicates continuation -# Column #2: type of data to match -# Column #3: contents of data to match -# Column #4: MIME type of result -# Column #5: MIME encoding of result (optional) - -#------------------------------------------------------------------------------ -# Localstuff: file(1) magic for locally observed files -# Add any locally observed files here. - -#------------------------------------------------------------------------------ -# end local stuff -#------------------------------------------------------------------------------ - -#------------------------------------------------------------------------------ -# Java - -0 short 0xcafe ->2 short 0xbabe application/java - -#------------------------------------------------------------------------------ -# audio: file(1) magic for sound formats -# -# from Jan Nicolai Langfeldt , -# - -# Sun/NeXT audio data -0 string .snd ->12 belong 1 audio/basic ->12 belong 2 audio/basic ->12 belong 3 audio/basic ->12 belong 4 audio/basic ->12 belong 5 audio/basic ->12 belong 6 audio/basic ->12 belong 7 audio/basic - ->12 belong 23 audio/x-adpcm - -# DEC systems (e.g. DECstation 5000) use a variant of the Sun/NeXT format -# that uses little-endian encoding and has a different magic number -# (0x0064732E in little-endian encoding). -0 lelong 0x0064732E ->12 lelong 1 audio/x-dec-basic ->12 lelong 2 audio/x-dec-basic ->12 lelong 3 audio/x-dec-basic ->12 lelong 4 audio/x-dec-basic ->12 lelong 5 audio/x-dec-basic ->12 lelong 6 audio/x-dec-basic ->12 lelong 7 audio/x-dec-basic -# compressed (G.721 ADPCM) ->12 lelong 23 audio/x-dec-adpcm - -# Bytes 0-3 of AIFF, AIFF-C, & 8SVX audio files are "FORM" -# AIFF audio data -8 string AIFF audio/x-aiff -# AIFF-C audio data -8 string AIFC audio/x-aiff -# IFF/8SVX audio data -8 string 8SVX audio/x-aiff - -# Creative Labs AUDIO stuff -# Standard MIDI data -0 string MThd audio/unknown -#>9 byte >0 (format %d) -#>11 byte >1 using %d channels -# Creative Music (CMF) data -0 string CTMF audio/unknown -# SoundBlaster instrument data -0 string SBI audio/unknown -# Creative Labs voice data -0 string Creative\ Voice\ File audio/unknown -## is this next line right? it came this way... -#>19 byte 0x1A -#>23 byte >0 - version %d -#>22 byte >0 \b.%d - -# [GRR 950115: is this also Creative Labs? Guessing that first line -# should be string instead of unknown-endian long...] -#0 long 0x4e54524b MultiTrack sound data -#0 string NTRK MultiTrack sound data -#>4 long x - version %ld - -# Microsoft WAVE format (*.wav) -# [GRR 950115: probably all of the shorts and longs should be leshort/lelong] -# Microsoft RIFF -0 string RIFF audio/unknown -# - WAVE format ->8 string WAVE audio/x-wav -# MPEG audio. -0 beshort&0xfff0 0xfff0 audio/mpeg -# C64 SID Music files, from Linus Walleij -0 string PSID audio/prs.sid - -#------------------------------------------------------------------------------ -# c-lang: file(1) magic for C programs or various scripts -# - -# XPM icons (Greg Roelofs, newt@uchicago.edu) -# ideally should go into "images", but entries below would tag XPM as C source -0 string /*\ XPM image/x-xbm 7bit - -# this first will upset you if you're a PL/1 shop... (are there any left?) -# in which case rm it; ascmagic will catch real C programs -# C or REXX program text -0 string /* text/plain -# C++ program text -0 string // text/plain - -#------------------------------------------------------------------------------ -# compress: file(1) magic for pure-compression formats (no archives) -# -# compress, gzip, pack, compact, huf, squeeze, crunch, freeze, yabba, whap, etc. -# -# Formats for various forms of compressed data -# Formats for "compress" proper have been moved into "compress.c", -# because it tries to uncompress it to figure out what's inside. - -# standard unix compress -0 string \037\235 application/octet-stream x-compress - -# gzip (GNU zip, not to be confused with [Info-ZIP/PKWARE] zip archiver) -0 string \037\213 application/octet-stream x-gzip - -# According to gzip.h, this is the correct byte order for packed data. -0 string \037\036 application/octet-stream -# -# This magic number is byte-order-independent. -# -0 short 017437 application/octet-stream - -# XXX - why *two* entries for "compacted data", one of which is -# byte-order independent, and one of which is byte-order dependent? -# -# compacted data -0 short 0x1fff application/octet-stream -0 string \377\037 application/octet-stream -# huf output -0 short 0145405 application/octet-stream - -# Squeeze and Crunch... -# These numbers were gleaned from the Unix versions of the programs to -# handle these formats. Note that I can only uncrunch, not crunch, and -# I didn't have a crunched file handy, so the crunch number is untested. -# Keith Waclena -#0 leshort 0x76FF squeezed data (CP/M, DOS) -#0 leshort 0x76FE crunched data (CP/M, DOS) - -# Freeze -#0 string \037\237 Frozen file 2.1 -#0 string \037\236 Frozen file 1.0 (or gzip 0.5) - -# lzh? -#0 string \037\240 LZH compressed data - -#------------------------------------------------------------------------------ -# frame: file(1) magic for FrameMaker files -# -# This stuff came on a FrameMaker demo tape, most of which is -# copyright, but this file is "published" as witness the following: -# -0 string \ -# and Anna Shergold -# -0 string \ -0 string \14 byte 12 (OS/2 1.x format) -#>14 byte 64 (OS/2 2.x format) -#>14 byte 40 (Windows 3.x format) -#0 string IC icon -#0 string PI pointer -#0 string CI color icon -#0 string CP color pointer -#0 string BA bitmap array - - -#------------------------------------------------------------------------------ -# lisp: file(1) magic for lisp programs -# -# various lisp types, from Daniel Quinlan (quinlan@yggdrasil.com) -0 string ;; text/plain 8bit -# Emacs 18 - this is always correct, but not very magical. -0 string \012( application/x-elc -# Emacs 19 -0 string ;ELC\023\000\000\000 application/x-elc - -#------------------------------------------------------------------------------ -# mail.news: file(1) magic for mail and news -# -# There are tests to ascmagic.c to cope with mail and news. -0 string Relay-Version: message/rfc822 7bit -0 string #!\ rnews message/rfc822 7bit -0 string N#!\ rnews message/rfc822 7bit -0 string Forward\ to message/rfc822 7bit -0 string Pipe\ to message/rfc822 7bit -0 string Return-Path: message/rfc822 7bit -0 string Path: message/news 8bit -0 string Xref: message/news 8bit -0 string From: message/rfc822 7bit -0 string Article message/news 8bit -#------------------------------------------------------------------------------ -# msword: file(1) magic for MS Word files -# -# Contributor claims: -# Reversed-engineered MS Word magic numbers -# - -0 string \376\067\0\043 application/msword -0 string \333\245-\0\0\0 application/msword - -# disable this one because it applies also to other -# Office/OLE documents for which msword is not correct. See PR#2608. -#0 string \320\317\021\340\241\261 application/msword - - - -#------------------------------------------------------------------------------ -# printer: file(1) magic for printer-formatted files -# - -# PostScript -0 string %! application/postscript -0 string \004%! application/postscript - -# Acrobat -# (due to clamen@cs.cmu.edu) -0 string %PDF- application/pdf - -#------------------------------------------------------------------------------ -# sc: file(1) magic for "sc" spreadsheet -# -38 string Spreadsheet application/x-sc - -#------------------------------------------------------------------------------ -# tex: file(1) magic for TeX files -# -# XXX - needs byte-endian stuff (big-endian and little-endian DVI?) -# -# From - -# Although we may know the offset of certain text fields in TeX DVI -# and font files, we can't use them reliably because they are not -# zero terminated. [but we do anyway, christos] -0 string \367\002 application/x-dvi -#0 string \367\203 TeX generic font data -#0 string \367\131 TeX packed font data -#0 string \367\312 TeX virtual font data -#0 string This\ is\ TeX, TeX transcript text -#0 string This\ is\ METAFONT, METAFONT transcript text - -# There is no way to detect TeX Font Metric (*.tfm) files without -# breaking them apart and reading the data. The following patterns -# match most *.tfm files generated by METAFONT or afm2tfm. -#2 string \000\021 TeX font metric data -#2 string \000\022 TeX font metric data -#>34 string >\0 (%s) - -# Texinfo and GNU Info, from Daniel Quinlan (quinlan@yggdrasil.com) -#0 string \\input\ texinfo Texinfo source text -#0 string This\ is\ Info\ file GNU Info text - -# correct TeX magic for Linux (and maybe more) -# from Peter Tobias (tobias@server.et-inf.fho-emden.de) -# -0 leshort 0x02f7 application/x-dvi - -# RTF - Rich Text Format -0 string {\\rtf application/rtf - -#------------------------------------------------------------------------------ -# animation: file(1) magic for animation/movie formats -# -# animation formats, originally from vax@ccwf.cc.utexas.edu (VaX#n8) -# MPEG file -0 string \000\000\001\263 video/mpeg -# -# The contributor claims: -# I couldn't find a real magic number for these, however, this -# -appears- to work. Note that it might catch other files, too, -# so BE CAREFUL! -# -# Note that title and author appear in the two 20-byte chunks -# at decimal offsets 2 and 22, respectively, but they are XOR'ed with -# 255 (hex FF)! DL format SUCKS BIG ROCKS. -# -# DL file version 1 , medium format (160x100, 4 images/screen) -0 byte 1 video/unknown -0 byte 2 video/unknown -# Quicktime video, from Linus Walleij -# from Apple quicktime file format documentation. -4 string moov video/quicktime -4 string mdat video/quicktime - -# PNG [Portable Network Graphics, or "PNG's Not GIF"] images -# -# 137 P N G \r \n ^Z \n [4-byte length] H E A D [HEAD data] [HEAD crc] ... -0 string \211PNG\015 image/png diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/logs/access_log b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/logs/access_log deleted file mode 100644 index 0e9af01..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/logs/access_log +++ /dev/null @@ -1,5 +0,0 @@ -10.20.0.1 - - [16/Sep/2013:10:50:57 +0000] "GET / HTTP/1.1" 301 314 "http://localhost:8000/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.66 Safari/537.36" -10.20.0.1 - - [16/Sep/2013:10:50:57 +0000] "GET /dashboard/ HTTP/1.1" 200 736 "http://localhost:8000/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.66 Safari/537.36" -10.20.0.1 - - [16/Sep/2013:10:51:03 +0000] "GET /static/dashboard/css/f7d819ea8542.css HTTP/1.1" 200 20525 "http://10.20.0.129/dashboard/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.66 Safari/537.36" -10.20.0.1 - - [16/Sep/2013:10:51:03 +0000] "GET /static/dashboard/img/logo-splash.png?bd0a834bae0e HTTP/1.1" 200 4852 "http://10.20.0.129/dashboard/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.66 Safari/537.36" -10.20.0.1 - - [16/Sep/2013:10:51:03 +0000] "GET /static/dashboard/img/favicon.ico HTTP/1.1" 200 635 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.66 Safari/537.36" diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/logs/error_log b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/logs/error_log deleted file mode 100644 index bb8d251..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/logs/error_log +++ /dev/null @@ -1,13 +0,0 @@ -[Sun Jul 28 04:02:03 2013] [notice] Digest: generating secret for digest authentication ... -[Sun Jul 28 04:02:03 2013] [notice] Digest: done -[Sun Jul 28 04:02:03 2013] [notice] Apache/2.2.15 (Unix) DAV/2 mod_wsgi/3.2 Python/2.6.6 configured -- resuming normal operations -[Mon Sep 16 10:18:13 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) -[Mon Sep 16 10:18:13 2013] [notice] Digest: generating secret for digest authentication ... -[Mon Sep 16 10:18:13 2013] [notice] Digest: done -[Mon Sep 16 10:18:13 2013] [notice] Apache/2.2.15 (Unix) DAV/2 mod_wsgi/3.2 Python/2.6.6 configured -- resuming normal operations -[Mon Sep 16 10:29:59 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) -[Mon Sep 16 10:29:59 2013] [notice] Digest: generating secret for digest authentication ... -[Mon Sep 16 10:29:59 2013] [notice] Digest: done -[Mon Sep 16 10:29:59 2013] [notice] Apache/2.2.15 (Unix) DAV/2 mod_wsgi/3.2 Python/2.6.6 configured -- resuming normal operations -[Mon Sep 16 10:50:57 2013] [warn] [client 10.20.0.1] incomplete redirection target of '/dashboard/' for URI '/' modified to 'http://10.20.0.129/dashboard/', referer: http://localhost:8000/ -[Mon Sep 16 10:50:57 2013] [warn] [client 10.20.0.1] incomplete redirection target of '/dashboard/' for URI '/' modified to 'http://10.20.0.129/dashboard/', referer: http://localhost:8000/ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/logs/error_log-20130707 b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/logs/error_log-20130707 deleted file mode 100644 index 328c157..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/logs/error_log-20130707 +++ /dev/null @@ -1,4 +0,0 @@ -[Sun Jun 30 04:02:01 2013] [notice] Digest: generating secret for digest authentication ... -[Sun Jun 30 04:02:01 2013] [notice] Digest: done -[Sun Jun 30 04:02:01 2013] [notice] Apache/2.2.15 (Unix) DAV/2 mod_wsgi/3.2 Python/2.6.6 configured -- resuming normal operations -[Sun Jul 07 04:02:02 2013] [notice] SIGHUP received. Attempting to restart diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/logs/error_log-20130714 b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/logs/error_log-20130714 deleted file mode 100644 index 798a7bd..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/logs/error_log-20130714 +++ /dev/null @@ -1,4 +0,0 @@ -[Sun Jul 07 04:02:02 2013] [notice] Digest: generating secret for digest authentication ... -[Sun Jul 07 04:02:02 2013] [notice] Digest: done -[Sun Jul 07 04:02:02 2013] [notice] Apache/2.2.15 (Unix) DAV/2 mod_wsgi/3.2 Python/2.6.6 configured -- resuming normal operations -[Sun Jul 14 04:02:05 2013] [notice] SIGHUP received. Attempting to restart diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/logs/error_log-20130721 b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/logs/error_log-20130721 deleted file mode 100644 index ebd2044..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/logs/error_log-20130721 +++ /dev/null @@ -1,4 +0,0 @@ -[Sun Jul 14 04:02:05 2013] [notice] Digest: generating secret for digest authentication ... -[Sun Jul 14 04:02:05 2013] [notice] Digest: done -[Sun Jul 14 04:02:05 2013] [notice] Apache/2.2.15 (Unix) DAV/2 mod_wsgi/3.2 Python/2.6.6 configured -- resuming normal operations -[Sun Jul 21 04:02:06 2013] [notice] SIGHUP received. Attempting to restart diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/logs/error_log-20130728 b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/logs/error_log-20130728 deleted file mode 100644 index b49f7fe..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/logs/error_log-20130728 +++ /dev/null @@ -1,4 +0,0 @@ -[Sun Jul 21 04:02:06 2013] [notice] Digest: generating secret for digest authentication ... -[Sun Jul 21 04:02:06 2013] [notice] Digest: done -[Sun Jul 21 04:02:06 2013] [notice] Apache/2.2.15 (Unix) DAV/2 mod_wsgi/3.2 Python/2.6.6 configured -- resuming normal operations -[Sun Jul 28 04:02:02 2013] [notice] SIGHUP received. Attempting to restart diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_actions.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_actions.so deleted file mode 100644 index f44cc76..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_actions.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_alias.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_alias.so deleted file mode 100644 index 454b625..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_alias.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_asis.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_asis.so deleted file mode 100644 index ddd03ec..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_asis.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_auth_basic.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_auth_basic.so deleted file mode 100644 index a8aae85..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_auth_basic.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_auth_digest.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_auth_digest.so deleted file mode 100644 index fe83398..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_auth_digest.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authn_alias.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authn_alias.so deleted file mode 100644 index fe9dc93..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authn_alias.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authn_anon.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authn_anon.so deleted file mode 100644 index d08c5c2..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authn_anon.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authn_dbd.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authn_dbd.so deleted file mode 100644 index bde5bb3..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authn_dbd.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authn_dbm.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authn_dbm.so deleted file mode 100644 index 19ec77e..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authn_dbm.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authn_default.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authn_default.so deleted file mode 100644 index 4d138ee..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authn_default.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authn_file.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authn_file.so deleted file mode 100644 index 912e07b..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authn_file.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authnz_ldap.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authnz_ldap.so deleted file mode 100644 index 5d6889f..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authnz_ldap.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authz_dbm.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authz_dbm.so deleted file mode 100644 index 71470a3..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authz_dbm.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authz_default.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authz_default.so deleted file mode 100644 index 6898989..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authz_default.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authz_groupfile.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authz_groupfile.so deleted file mode 100644 index 5f651b9..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authz_groupfile.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authz_host.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authz_host.so deleted file mode 100644 index 0e97812..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authz_host.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authz_owner.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authz_owner.so deleted file mode 100644 index 37c4581..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authz_owner.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authz_user.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authz_user.so deleted file mode 100644 index 3d61689..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_authz_user.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_autoindex.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_autoindex.so deleted file mode 100644 index dcd1c8a..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_autoindex.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_cache.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_cache.so deleted file mode 100644 index 0e1f1b9..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_cache.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_cern_meta.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_cern_meta.so deleted file mode 100644 index 059355d..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_cern_meta.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_cgi.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_cgi.so deleted file mode 100644 index 40730db..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_cgi.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_cgid.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_cgid.so deleted file mode 100644 index bee1538..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_cgid.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_dav.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_dav.so deleted file mode 100644 index f571bfa..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_dav.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_dav_fs.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_dav_fs.so deleted file mode 100644 index 3bbd42b..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_dav_fs.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_dbd.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_dbd.so deleted file mode 100644 index 5c0e3cd..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_dbd.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_deflate.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_deflate.so deleted file mode 100644 index 6c6c9d7..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_deflate.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_dir.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_dir.so deleted file mode 100644 index 27cd176..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_dir.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_disk_cache.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_disk_cache.so deleted file mode 100644 index fd9fe84..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_disk_cache.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_dumpio.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_dumpio.so deleted file mode 100644 index 6e96524..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_dumpio.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_env.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_env.so deleted file mode 100644 index c0386f6..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_env.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_expires.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_expires.so deleted file mode 100644 index def759a..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_expires.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_ext_filter.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_ext_filter.so deleted file mode 100644 index 903e965..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_ext_filter.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_filter.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_filter.so deleted file mode 100644 index add626d..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_filter.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_headers.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_headers.so deleted file mode 100644 index 7007cb2..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_headers.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_ident.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_ident.so deleted file mode 100644 index ae96a16..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_ident.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_include.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_include.so deleted file mode 100644 index 2ae0fc0..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_include.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_info.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_info.so deleted file mode 100644 index 4b44417..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_info.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_ldap.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_ldap.so deleted file mode 100644 index eb7dd6e..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_ldap.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_log_config.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_log_config.so deleted file mode 100644 index 7d6d956..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_log_config.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_log_forensic.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_log_forensic.so deleted file mode 100644 index 00e676a..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_log_forensic.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_logio.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_logio.so deleted file mode 100644 index 60ff544..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_logio.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_mime.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_mime.so deleted file mode 100644 index 3c3bf42..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_mime.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_mime_magic.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_mime_magic.so deleted file mode 100644 index 52f221d..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_mime_magic.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_negotiation.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_negotiation.so deleted file mode 100644 index dae2bef..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_negotiation.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_proxy.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_proxy.so deleted file mode 100644 index c20eea2..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_proxy.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_proxy_ajp.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_proxy_ajp.so deleted file mode 100644 index 41fdbec..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_proxy_ajp.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_proxy_balancer.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_proxy_balancer.so deleted file mode 100644 index d54a0b9..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_proxy_balancer.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_proxy_connect.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_proxy_connect.so deleted file mode 100644 index a4b1211..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_proxy_connect.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_proxy_ftp.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_proxy_ftp.so deleted file mode 100644 index 06ebfef..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_proxy_ftp.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_proxy_http.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_proxy_http.so deleted file mode 100644 index a0bb125..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_proxy_http.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_proxy_scgi.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_proxy_scgi.so deleted file mode 100644 index aa5e162..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_proxy_scgi.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_reqtimeout.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_reqtimeout.so deleted file mode 100644 index 4356efa..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_reqtimeout.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_rewrite.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_rewrite.so deleted file mode 100644 index f4c5e50..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_rewrite.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_setenvif.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_setenvif.so deleted file mode 100644 index c1bd793..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_setenvif.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_speling.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_speling.so deleted file mode 100644 index 055f764..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_speling.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_status.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_status.so deleted file mode 100644 index eb29484..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_status.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_substitute.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_substitute.so deleted file mode 100644 index d0c860d..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_substitute.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_suexec.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_suexec.so deleted file mode 100644 index 233c565..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_suexec.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_unique_id.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_unique_id.so deleted file mode 100644 index dba65ca..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_unique_id.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_userdir.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_userdir.so deleted file mode 100644 index b17e51f..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_userdir.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_usertrack.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_usertrack.so deleted file mode 100644 index e82cc7c..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_usertrack.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_version.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_version.so deleted file mode 100644 index be77736..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_version.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_vhost_alias.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_vhost_alias.so deleted file mode 100644 index bbab068..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_vhost_alias.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_wsgi.so b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_wsgi.so deleted file mode 100644 index c27c852..0000000 Binary files a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/modules/mod_wsgi.so and /dev/null differ diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/run/httpd.pid b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/run/httpd.pid deleted file mode 100644 index c05d464..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/httpd/run/httpd.pid +++ /dev/null @@ -1 +0,0 @@ -2041 diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/keystone/default_catalog.templates b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/keystone/default_catalog.templates deleted file mode 100644 index eb1e044..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/keystone/default_catalog.templates +++ /dev/null @@ -1,27 +0,0 @@ -# config for TemplatedCatalog, using camelCase because I don't want to do -# translations for keystone compat -catalog.RegionOne.identity.publicURL = http://localhost:$(public_port)s/v2.0 -catalog.RegionOne.identity.adminURL = http://localhost:$(admin_port)s/v2.0 -catalog.RegionOne.identity.internalURL = http://localhost:$(public_port)s/v2.0 -catalog.RegionOne.identity.name = Identity Service - -# fake compute service for now to help novaclient tests work -catalog.RegionOne.compute.publicURL = http://localhost:$(compute_port)s/v1.1/$(tenant_id)s -catalog.RegionOne.compute.adminURL = http://localhost:$(compute_port)s/v1.1/$(tenant_id)s -catalog.RegionOne.compute.internalURL = http://localhost:$(compute_port)s/v1.1/$(tenant_id)s -catalog.RegionOne.compute.name = Compute Service - -catalog.RegionOne.volume.publicURL = http://localhost:8776/v1/$(tenant_id)s -catalog.RegionOne.volume.adminURL = http://localhost:8776/v1/$(tenant_id)s -catalog.RegionOne.volume.internalURL = http://localhost:8776/v1/$(tenant_id)s -catalog.RegionOne.volume.name = Volume Service - -catalog.RegionOne.ec2.publicURL = http://localhost:8773/services/Cloud -catalog.RegionOne.ec2.adminURL = http://localhost:8773/services/Admin -catalog.RegionOne.ec2.internalURL = http://localhost:8773/services/Cloud -catalog.RegionOne.ec2.name = EC2 Service - -catalog.RegionOne.image.publicURL = http://localhost:9292/v1 -catalog.RegionOne.image.adminURL = http://localhost:9292/v1 -catalog.RegionOne.image.internalURL = http://localhost:9292/v1 -catalog.RegionOne.image.name = Image Service diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/keystone/keystone.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/keystone/keystone.conf deleted file mode 100644 index 93ac45b..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/keystone/keystone.conf +++ /dev/null @@ -1,320 +0,0 @@ -[DEFAULT] -log_file = /var/log/keystone/keystone.log -# A "shared secret" between keystone and other openstack services -# admin_token = ADMIN -admin_token = oYjmvOM8 - -# The IP address of the network interface to listen on -# bind_host = 0.0.0.0 -bind_host = 0.0.0.0 - -# The port number which the public service listens on -# public_port = 5000 -public_port = 5000 - -# The port number which the public admin listens on -# admin_port = 35357 -admin_port = 35357 - -# The base endpoint URLs for keystone that are advertised to clients -# (NOTE: this does NOT affect how keystone listens for connections) -# public_endpoint = http://localhost:%(public_port)d/ -# admin_endpoint = http://localhost:%(admin_port)d/ - -# The port number which the OpenStack Compute service listens on -# compute_port = 8774 -compute_port = 3000 - -# Path to your policy definition containing identity actions -# policy_file = policy.json - -# Rule to check if no matching policy definition is found -# FIXME(dolph): This should really be defined as [policy] default_rule -# policy_default_rule = admin_required - -# Role for migrating membership relationships -# During a SQL upgrade, the following values will be used to create a new role -# that will replace records in the user_tenant_membership table with explicit -# role grants. After migration, the member_role_id will be used in the API -# add_user_to_project, and member_role_name will be ignored. -# member_role_id = 9fe2ff9ee4384b1894a90878d3e92bab -# member_role_name = _member_ - -# === Logging Options === -# Print debugging output -# (includes plaintext request logging, potentially including passwords) -# debug = False -debug = true - -# Print more verbose output -# verbose = False -verbose = true - -# Name of log file to output to. If not set, logging will go to stdout. -# log_file = keystone.log - -# The directory to keep log files in (will be prepended to --logfile) -# log_dir = /var/log/keystone - -# Use syslog for logging. -# use_syslog = False - -# syslog facility to receive log lines -# syslog_log_facility = LOG_USER - -# If this option is specified, the logging configuration file specified is -# used and overrides any other logging options specified. Please see the -# Python logging module documentation for details on logging configuration -# files. -# log_config = logging.conf -log_config = /etc/keystone/logging.conf - -# A logging.Formatter log message format string which may use any of the -# available logging.LogRecord attributes. -# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s - -# Format string for %(asctime)s in log records. -# log_date_format = %Y-%m-%d %H:%M:%S - -# onready allows you to send a notification when the process is ready to serve -# For example, to have it notify using systemd, one could set shell command: -# onready = systemd-notify --ready -# or a module with notify() method: -# onready = keystone.common.systemd - -[sql] -connection = mysql://keystone:b3Wdfgg6@127.0.0.1/keystone -# The SQLAlchemy connection string used to connect to the database -# connection = sqlite:///keystone.db - -# the timeout before idle sql connections are reaped -# idle_timeout = 200 -idle_timeout = 200 - -[identity] -driver = keystone.identity.backends.sql.Identity -# driver = keystone.identity.backends.sql.Identity - -# This references the domain to use for all Identity API v2 requests (which are -# not aware of domains). A domain with this ID will be created for you by -# keystone-manage db_sync in migration 008. The domain referenced by this ID -# cannot be deleted on the v3 API, to prevent accidentally breaking the v2 API. -# There is nothing special about this domain, other than the fact that it must -# exist to order to maintain support for your v2 clients. -# default_domain_id = default - -[trust] -# driver = keystone.trust.backends.sql.Trust - -# delegation and impersonation features can be optionally disabled -# enabled = True - -[catalog] -template_file = /etc/keystone/default_catalog.templates -driver = keystone.catalog.backends.sql.Catalog -# dynamic, sql-based backend (supports API/CLI-based management commands) -# driver = keystone.catalog.backends.sql.Catalog - -# static, file-based backend (does *NOT* support any management commands) -# driver = keystone.catalog.backends.templated.TemplatedCatalog - -# template_file = default_catalog.templates - -[token] -driver = keystone.token.backends.sql.Token -# driver = keystone.token.backends.kvs.Token - -# Amount of time a token should remain valid (in seconds) -# expiration = 86400 - -[policy] -# driver = keystone.policy.backends.sql.Policy -driver = keystone.policy.backends.rules.Policy - -[ec2] -driver = keystone.contrib.ec2.backends.sql.Ec2 -# driver = keystone.contrib.ec2.backends.kvs.Ec2 - -[ssl] -#enable = True -#certfile = /etc/keystone/ssl/certs/keystone.pem -#keyfile = /etc/keystone/ssl/private/keystonekey.pem -#ca_certs = /etc/keystone/ssl/certs/ca.pem -#cert_required = True - -[signing] -#token_format = PKI -token_format = UUID -#certfile = /etc/keystone/ssl/certs/signing_cert.pem -#keyfile = /etc/keystone/ssl/private/signing_key.pem -#ca_certs = /etc/keystone/ssl/certs/ca.pem -#key_size = 1024 -#valid_days = 3650 -#ca_password = None - -[ldap] -# url = ldap://localhost -# user = dc=Manager,dc=example,dc=com -# password = None -# suffix = cn=example,cn=com -# use_dumb_member = False -# allow_subtree_delete = False -# dumb_member = cn=dumb,dc=example,dc=com - -# Maximum results per page; a value of zero ('0') disables paging (default) -# page_size = 0 - -# The LDAP dereferencing option for queries. This can be either 'never', -# 'searching', 'always', 'finding' or 'default'. The 'default' option falls -# back to using default dereferencing configured by your ldap.conf. -# alias_dereferencing = default - -# The LDAP scope for queries, this can be either 'one' -# (onelevel/singleLevel) or 'sub' (subtree/wholeSubtree) -# query_scope = one - -# user_tree_dn = ou=Users,dc=example,dc=com -# user_filter = -# user_objectclass = inetOrgPerson -# user_domain_id_attribute = businessCategory -# user_id_attribute = cn -# user_name_attribute = sn -# user_mail_attribute = email -# user_pass_attribute = userPassword -# user_enabled_attribute = enabled -# user_enabled_mask = 0 -# user_enabled_default = True -# user_attribute_ignore = tenant_id,tenants -# user_allow_create = True -# user_allow_update = True -# user_allow_delete = True -# user_enabled_emulation = False -# user_enabled_emulation_dn = - -# tenant_tree_dn = ou=Groups,dc=example,dc=com -# tenant_filter = -# tenant_objectclass = groupOfNames -# tenant_domain_id_attribute = businessCategory -# tenant_id_attribute = cn -# tenant_member_attribute = member -# tenant_name_attribute = ou -# tenant_desc_attribute = desc -# tenant_enabled_attribute = enabled -# tenant_attribute_ignore = -# tenant_allow_create = True -# tenant_allow_update = True -# tenant_allow_delete = True -# tenant_enabled_emulation = False -# tenant_enabled_emulation_dn = - -# role_tree_dn = ou=Roles,dc=example,dc=com -# role_filter = -# role_objectclass = organizationalRole -# role_id_attribute = cn -# role_name_attribute = ou -# role_member_attribute = roleOccupant -# role_attribute_ignore = -# role_allow_create = True -# role_allow_update = True -# role_allow_delete = True - -# group_tree_dn = -# group_filter = -# group_objectclass = groupOfNames -# group_id_attribute = cn -# group_name_attribute = ou -# group_member_attribute = member -# group_desc_attribute = desc -# group_attribute_ignore = -# group_allow_create = True -# group_allow_update = True -# group_allow_delete = True - -[auth] -methods = password,token -password = keystone.auth.plugins.password.Password -token = keystone.auth.plugins.token.Token - -[filter:debug] -paste.filter_factory = keystone.common.wsgi:Debug.factory - -[filter:token_auth] -paste.filter_factory = keystone.middleware:TokenAuthMiddleware.factory - -[filter:admin_token_auth] -paste.filter_factory = keystone.middleware:AdminTokenAuthMiddleware.factory - -[filter:xml_body] -paste.filter_factory = keystone.middleware:XmlBodyMiddleware.factory - -[filter:json_body] -paste.filter_factory = keystone.middleware:JsonBodyMiddleware.factory - -[filter:user_crud_extension] -paste.filter_factory = keystone.contrib.user_crud:CrudExtension.factory - -[filter:crud_extension] -paste.filter_factory = keystone.contrib.admin_crud:CrudExtension.factory - -[filter:ec2_extension] -paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory - -[filter:s3_extension] -paste.filter_factory = keystone.contrib.s3:S3Extension.factory - -[filter:url_normalize] -paste.filter_factory = keystone.middleware:NormalizingFilter.factory - -[filter:sizelimit] -paste.filter_factory = keystone.middleware:RequestBodySizeLimiter.factory - -[filter:stats_monitoring] -paste.filter_factory = keystone.contrib.stats:StatsMiddleware.factory - -[filter:stats_reporting] -paste.filter_factory = keystone.contrib.stats:StatsExtension.factory - -[filter:access_log] -paste.filter_factory = keystone.contrib.access:AccessLogMiddleware.factory - -[app:public_service] -paste.app_factory = keystone.service:public_app_factory - -[app:service_v3] -paste.app_factory = keystone.service:v3_app_factory - -[app:admin_service] -paste.app_factory = keystone.service:admin_app_factory - -[pipeline:public_api] -pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug ec2_extension user_crud_extension public_service - -[pipeline:admin_api] -pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension crud_extension admin_service - -[pipeline:api_v3] -pipeline = access_log sizelimit stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension service_v3 - -[app:public_version_service] -paste.app_factory = keystone.service:public_version_app_factory - -[app:admin_version_service] -paste.app_factory = keystone.service:admin_version_app_factory - -[pipeline:public_version_api] -pipeline = stats_monitoring url_normalize xml_body public_version_service - -[pipeline:admin_version_api] -pipeline = stats_monitoring url_normalize xml_body admin_version_service - -[composite:main] -use = egg:Paste#urlmap -/v2.0 = public_api -/v3 = api_v3 -/ = public_version_api - -[composite:admin] -use = egg:Paste#urlmap -/v2.0 = admin_api -/v3 = api_v3 -/ = admin_version_api diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/keystone/logging.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/keystone/logging.conf deleted file mode 100644 index f907736..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/keystone/logging.conf +++ /dev/null @@ -1,21 +0,0 @@ -[loggers] -keys = root - -[handlers] -keys = syslog - -[formatters] -keys = default - -[logger_root] -level = DEBUG -handlers = syslog -qualname = keystone - -[handler_syslog] -class = handlers.SysLogHandler -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL1) -formatter = default - -[formatter_default] -format = keystone %(name)s %(levelname)s %(message)s diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/keystone/policy.json b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/keystone/policy.json deleted file mode 100644 index 17da8ea..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/keystone/policy.json +++ /dev/null @@ -1,85 +0,0 @@ -{ - "admin_required": [["role:admin"], ["is_admin:1"]], - "owner" : [["user_id:%(user_id)s"]], - "admin_or_owner": [["rule:admin_required"], ["rule:owner"]], - - "default": [["rule:admin_required"]], - - "identity:get_service": [["rule:admin_required"]], - "identity:list_services": [["rule:admin_required"]], - "identity:create_service": [["rule:admin_required"]], - "identity:update_service": [["rule:admin_required"]], - "identity:delete_service": [["rule:admin_required"]], - - "identity:get_endpoint": [["rule:admin_required"]], - "identity:list_endpoints": [["rule:admin_required"]], - "identity:create_endpoint": [["rule:admin_required"]], - "identity:update_endpoint": [["rule:admin_required"]], - "identity:delete_endpoint": [["rule:admin_required"]], - - "identity:get_domain": [["rule:admin_required"]], - "identity:list_domains": [["rule:admin_required"]], - "identity:create_domain": [["rule:admin_required"]], - "identity:update_domain": [["rule:admin_required"]], - "identity:delete_domain": [["rule:admin_required"]], - - "identity:get_project": [["rule:admin_required"]], - "identity:list_projects": [["rule:admin_required"]], - "identity:list_user_projects": [["rule:admin_or_owner"]], - "identity:create_project": [["rule:admin_or_owner"]], - "identity:update_project": [["rule:admin_required"]], - "identity:delete_project": [["rule:admin_required"]], - - "identity:get_user": [["rule:admin_required"]], - "identity:list_users": [["rule:admin_required"]], - "identity:create_user": [["rule:admin_required"]], - "identity:update_user": [["rule:admin_or_owner"]], - "identity:delete_user": [["rule:admin_required"]], - - "identity:get_group": [["rule:admin_required"]], - "identity:list_groups": [["rule:admin_required"]], - "identity:create_group": [["rule:admin_required"]], - "identity:update_group": [["rule:admin_required"]], - "identity:delete_group": [["rule:admin_required"]], - "identity:list_users_in_group": [["rule:admin_required"]], - "identity:remove_user_from_group": [["rule:admin_required"]], - "identity:check_user_in_group": [["rule:admin_required"]], - "identity:add_user_to_group": [["rule:admin_required"]], - - "identity:get_credential": [["rule:admin_required"]], - "identity:list_credentials": [["rule:admin_required"]], - "identity:create_credential": [["rule:admin_required"]], - "identity:update_credential": [["rule:admin_required"]], - "identity:delete_credential": [["rule:admin_required"]], - - "identity:get_role": [["rule:admin_required"]], - "identity:list_roles": [["rule:admin_required"]], - "identity:create_role": [["rule:admin_required"]], - "identity:update_role": [["rule:admin_required"]], - "identity:delete_role": [["rule:admin_required"]], - - "identity:check_grant": [["rule:admin_required"]], - "identity:list_grants": [["rule:admin_required"]], - "identity:create_grant": [["rule:admin_required"]], - "identity:revoke_grant": [["rule:admin_required"]], - - "identity:get_policy": [["rule:admin_required"]], - "identity:list_policies": [["rule:admin_required"]], - "identity:create_policy": [["rule:admin_required"]], - "identity:update_policy": [["rule:admin_required"]], - "identity:delete_policy": [["rule:admin_required"]], - - "identity:check_token": [["rule:admin_required"]], - "identity:validate_token": [["rule:admin_required"]], - "identity:revocation_list": [["rule:admin_required"]], - "identity:revoke_token": [["rule:admin_required"], - ["user_id:%(user_id)s"]], - - "identity:create_trust": [["user_id:%(trust.trustor_user_id)s"]], - "identity:get_trust": [["rule:admin_or_owner"]], - "identity:list_trusts": [["@"]], - "identity:list_roles_for_trust": [["@"]], - "identity:check_role_for_trust": [["@"]], - "identity:get_role_for_trust": [["@"]], - "identity:delete_trust": [["@"]] -} diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/libvirt/libvirt.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/libvirt/libvirt.conf deleted file mode 100644 index 016cd24..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/libvirt/libvirt.conf +++ /dev/null @@ -1,18 +0,0 @@ -# -# This can be used to setup URI aliases for frequently -# used connection URIs. Aliases may contain only the -# characters a-Z, 0-9, _, -. -# -# Following the '=' may be any valid libvirt connection -# URI, including arbitrary parameters - -#uri_aliases = [ -# "hail=qemu+ssh://root@hail.cloud.example.com/system", -# "sleet=qemu+ssh://root@sleet.cloud.example.com/system", -#] - -# -# This can be used to prevent probing of the hypervisor -# driver when no URI is supplied by the application. - -#uri_default = "qemu:///system" diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/nova/api-paste.ini b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/nova/api-paste.ini deleted file mode 100644 index 31bdf8f..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/nova/api-paste.ini +++ /dev/null @@ -1,102 +0,0 @@ -############ -# Metadata # -############ -[composite:metadata] -use = egg:Paste#urlmap -/: meta - -[pipeline:meta] -pipeline = ec2faultwrap logrequest metaapp - -[app:metaapp] -paste.app_factory = nova.api.metadata.handler:MetadataRequestHandler.factory - -####### -# EC2 # -####### - -[composite:ec2] -use = egg:Paste#urlmap -/services/Cloud: ec2cloud - -[composite:ec2cloud] -use = call:nova.api.auth:pipeline_factory -noauth = ec2faultwrap logrequest ec2noauth cloudrequest validator ec2executor -keystone = ec2faultwrap logrequest ec2keystoneauth cloudrequest validator ec2executor - -[filter:ec2faultwrap] -paste.filter_factory = nova.api.ec2:FaultWrapper.factory - -[filter:logrequest] -paste.filter_factory = nova.api.ec2:RequestLogging.factory - -[filter:ec2lockout] -paste.filter_factory = nova.api.ec2:Lockout.factory - -[filter:ec2keystoneauth] -paste.filter_factory = nova.api.ec2:EC2KeystoneAuth.factory - -[filter:ec2noauth] -paste.filter_factory = nova.api.ec2:NoAuth.factory - -[filter:cloudrequest] -controller = nova.api.ec2.cloud.CloudController -paste.filter_factory = nova.api.ec2:Requestify.factory - -[filter:authorizer] -paste.filter_factory = nova.api.ec2:Authorizer.factory - -[filter:validator] -paste.filter_factory = nova.api.ec2:Validator.factory - -[app:ec2executor] -paste.app_factory = nova.api.ec2:Executor.factory - -############# -# Openstack # -############# - -[composite:osapi_compute] -use = call:nova.api.openstack.urlmap:urlmap_factory -/: oscomputeversions -/v1.1: openstack_compute_api_v2 -/v2: openstack_compute_api_v2 - -[composite:openstack_compute_api_v2] -use = call:nova.api.auth:pipeline_factory -noauth = faultwrap sizelimit noauth ratelimit osapi_compute_app_v2 -keystone = faultwrap sizelimit authtoken keystonecontext ratelimit osapi_compute_app_v2 -keystone_nolimit = faultwrap sizelimit authtoken keystonecontext osapi_compute_app_v2 - -[filter:faultwrap] -paste.filter_factory = nova.api.openstack:FaultWrapper.factory - -[filter:noauth] -paste.filter_factory = nova.api.openstack.auth:NoAuthMiddleware.factory - -[filter:ratelimit] -paste.filter_factory = nova.api.openstack.compute.limits:RateLimitingMiddleware.factory - -[filter:sizelimit] -paste.filter_factory = nova.api.sizelimit:RequestBodySizeLimiter.factory - -[app:osapi_compute_app_v2] -paste.app_factory = nova.api.openstack.compute:APIRouter.factory - -[pipeline:oscomputeversions] -pipeline = faultwrap oscomputeversionapp - -[app:oscomputeversionapp] -paste.app_factory = nova.api.openstack.compute.versions:Versions.factory - -########## -# Shared # -########## - -[filter:keystonecontext] -paste.filter_factory = nova.api.auth:NovaKeystoneContext.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory -# Workaround for https://bugs.launchpad.net/nova/+bug/1154809 -auth_version = v2.0 diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/nova/logging.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/nova/logging.conf deleted file mode 100644 index d8e0f98..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/nova/logging.conf +++ /dev/null @@ -1,21 +0,0 @@ -[loggers] -keys = root - -[handlers] -keys = syslog - -[formatters] -keys = default - -[logger_root] -level = DEBUG -handlers = syslog -qualname = nova - -[handler_syslog] -class = handlers.SysLogHandler -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL0) -formatter = default - -[formatter_default] -format = nova %(name)s %(levelname)s %(message)s diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/nova/nova.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/nova/nova.conf deleted file mode 100644 index 44a6232..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/nova/nova.conf +++ /dev/null @@ -1,77 +0,0 @@ -[DEFAULT] -logdir = /var/log/nova -state_path = /var/lib/nova -lock_path = /var/lib/nova/tmp -volumes_dir = /etc/nova/volumes -dhcpbridge = /usr/bin/nova-dhcpbridge -dhcpbridge_flagfile = /etc/nova/nova.conf -force_dhcp_release = true -injected_network_template = /usr/share/nova/interfaces.template -libvirt_nonblocking = True -libvirt_inject_partition = -1 -network_manager = nova.network.manager.FlatDHCPManager -iscsi_helper = tgtadm -sql_connection = mysql://nova:DzroUa8T@127.0.0.1/nova -compute_driver = libvirt.LibvirtDriver -firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver -rpc_backend = nova.rpc.impl_kombu -rootwrap_config = /etc/nova/rootwrap.conf -flat_interface=eth0.103 -debug=true -rabbit_hosts=192.168.0.2:5672 -quota_volumes=100 -osapi_compute_listen=0.0.0.0 -flat_network_bridge=br100 -memcached_servers=127.0.0.1:11211 -ec2_listen=0.0.0.0 -quota_max_injected_file_content_bytes=102400 -glance_api_servers=240.0.1.2:9292 -novncproxy_host=240.0.1.2 -rabbit_userid=nova -rabbit_ha_queues=True -rabbit_password=gvYmuJAb -verbose=true -auto_assign_floating_ip=True -logging_default_format_string=%(levelname)s %(name)s [-] %(instance)s %(message)s -quota_cores=100 -logging_context_format_string=%(levelname)s %(name)s [%(request_id)s %(user_id)s %(project_id)s] %(instance)s %(message)s -enabled_apis=ec2,osapi_compute -rabbit_virtual_host=/ -image_service=nova.image.glance.GlanceImageService -volume_api_class=nova.volume.cinder.API -use_cow_images=true -quota_max_injected_files=50 -novncproxy_port=6080 -log_config=/etc/nova/logging.conf -rabbit_port=5672 -compute_scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler -quota_max_injected_file_path_bytes=4096 -api_paste_config=/etc/nova/api-paste.ini -quota_floating_ips=100 -multi_host=True -public_interface=eth0.100 -start_guests_on_host_boot=true -service_down_time=60 -syslog_log_facility=LOCAL0 -quota_gigabytes=1000 -quota_instances=100 -osapi_volume_listen=0.0.0.0 -metadata_listen=0.0.0.0 -auth_strategy=keystone -quota_metadata_items=1024 -fixed_range=10.0.0.0/24 -use_syslog=True -dhcp_domain=novalocal -allow_resize_to_same_host=True -flat_injected=false - -[keystone_authtoken] -admin_tenant_name = services -admin_user = nova -admin_password = 7jJEuuFg -auth_host = 127.0.0.1 -auth_port = 35357 -auth_protocol = http -signing_dir = /tmp/keystone-signing-nova -signing_dirname=/tmp/keystone-signing-nova - diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/nova/policy.json b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/nova/policy.json deleted file mode 100644 index 5a6800f..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/nova/policy.json +++ /dev/null @@ -1,161 +0,0 @@ -{ - "context_is_admin": "role:admin", - "admin_or_owner": "is_admin:True or project_id:%(project_id)s", - "default": "rule:admin_or_owner", - - - "compute:create": "", - "compute:create:attach_network": "", - "compute:create:attach_volume": "", - "compute:create:forced_host": "is_admin:True", - "compute:get_all": "", - "compute:get_all_tenants": "", - - - "admin_api": "is_admin:True", - "compute_extension:accounts": "rule:admin_api", - "compute_extension:admin_actions": "rule:admin_api", - "compute_extension:admin_actions:pause": "rule:admin_or_owner", - "compute_extension:admin_actions:unpause": "rule:admin_or_owner", - "compute_extension:admin_actions:suspend": "rule:admin_or_owner", - "compute_extension:admin_actions:resume": "rule:admin_or_owner", - "compute_extension:admin_actions:lock": "rule:admin_api", - "compute_extension:admin_actions:unlock": "rule:admin_api", - "compute_extension:admin_actions:resetNetwork": "rule:admin_api", - "compute_extension:admin_actions:injectNetworkInfo": "rule:admin_api", - "compute_extension:admin_actions:createBackup": "rule:admin_or_owner", - "compute_extension:admin_actions:migrateLive": "rule:admin_api", - "compute_extension:admin_actions:resetState": "rule:admin_api", - "compute_extension:admin_actions:migrate": "rule:admin_api", - "compute_extension:aggregates": "rule:admin_api", - "compute_extension:agents": "rule:admin_api", - "compute_extension:attach_interfaces": "", - "compute_extension:baremetal_nodes": "rule:admin_api", - "compute_extension:cells": "rule:admin_api", - "compute_extension:certificates": "", - "compute_extension:cloudpipe": "rule:admin_api", - "compute_extension:cloudpipe_update": "rule:admin_api", - "compute_extension:console_output": "", - "compute_extension:consoles": "", - "compute_extension:coverage_ext": "rule:admin_api", - "compute_extension:createserverext": "", - "compute_extension:deferred_delete": "", - "compute_extension:disk_config": "", - "compute_extension:evacuate": "rule:admin_api", - "compute_extension:extended_server_attributes": "rule:admin_api", - "compute_extension:extended_status": "", - "compute_extension:extended_availability_zone": "", - "compute_extension:extended_ips": "", - "compute_extension:fixed_ips": "rule:admin_api", - "compute_extension:flavor_access": "", - "compute_extension:flavor_disabled": "", - "compute_extension:flavor_rxtx": "", - "compute_extension:flavor_swap": "", - "compute_extension:flavorextradata": "", - "compute_extension:flavorextraspecs:index": "", - "compute_extension:flavorextraspecs:show": "", - "compute_extension:flavorextraspecs:create": "rule:admin_api", - "compute_extension:flavorextraspecs:update": "rule:admin_api", - "compute_extension:flavorextraspecs:delete": "rule:admin_api", - "compute_extension:flavormanage": "rule:admin_api", - "compute_extension:floating_ip_dns": "", - "compute_extension:floating_ip_pools": "", - "compute_extension:floating_ips": "", - "compute_extension:floating_ips_bulk": "rule:admin_api", - "compute_extension:fping": "", - "compute_extension:fping:all_tenants": "rule:admin_api", - "compute_extension:hide_server_addresses": "is_admin:False", - "compute_extension:hosts": "rule:admin_api", - "compute_extension:hypervisors": "rule:admin_api", - "compute_extension:image_size": "", - "compute_extension:instance_actions": "", - "compute_extension:instance_actions:events": "rule:admin_api", - "compute_extension:instance_usage_audit_log": "rule:admin_api", - "compute_extension:keypairs": "", - "compute_extension:multinic": "", - "compute_extension:networks": "rule:admin_api", - "compute_extension:networks:view": "", - "compute_extension:networks_associate": "rule:admin_api", - "compute_extension:quotas:show": "", - "compute_extension:quotas:update": "rule:admin_api", - "compute_extension:quota_classes": "", - "compute_extension:rescue": "", - "compute_extension:security_group_default_rules": "rule:admin_api", - "compute_extension:security_groups": "", - "compute_extension:server_diagnostics": "rule:admin_api", - "compute_extension:server_password": "", - "compute_extension:services": "rule:admin_api", - "compute_extension:simple_tenant_usage:show": "rule:admin_or_owner", - "compute_extension:simple_tenant_usage:list": "rule:admin_api", - "compute_extension:users": "rule:admin_api", - "compute_extension:virtual_interfaces": "", - "compute_extension:virtual_storage_arrays": "", - "compute_extension:volumes": "", - "compute_extension:volume_attachments:index": "", - "compute_extension:volume_attachments:show": "", - "compute_extension:volume_attachments:create": "", - "compute_extension:volume_attachments:delete": "", - "compute_extension:volumetypes": "", - "compute_extension:availability_zone:list": "", - "compute_extension:availability_zone:detail": "rule:admin_api", - - - "volume:create": "", - "volume:get_all": "", - "volume:get_volume_metadata": "", - "volume:get_snapshot": "", - "volume:get_all_snapshots": "", - - - "volume_extension:types_manage": "rule:admin_api", - "volume_extension:types_extra_specs": "rule:admin_api", - "volume_extension:volume_admin_actions:reset_status": "rule:admin_api", - "volume_extension:snapshot_admin_actions:reset_status": "rule:admin_api", - "volume_extension:volume_admin_actions:force_delete": "rule:admin_api", - - - "network:get_all": "", - "network:get": "", - "network:create": "", - "network:delete": "", - "network:associate": "", - "network:disassociate": "", - "network:get_vifs_by_instance": "", - "network:allocate_for_instance": "", - "network:deallocate_for_instance": "", - "network:validate_networks": "", - "network:get_instance_uuids_by_ip_filter": "", - "network:get_instance_id_by_floating_address": "", - "network:setup_networks_on_host": "", - "network:get_backdoor_port": "", - - "network:get_floating_ip": "", - "network:get_floating_ip_pools": "", - "network:get_floating_ip_by_address": "", - "network:get_floating_ips_by_project": "", - "network:get_floating_ips_by_fixed_address": "", - "network:allocate_floating_ip": "", - "network:deallocate_floating_ip": "", - "network:associate_floating_ip": "", - "network:disassociate_floating_ip": "", - "network:release_floating_ip": "", - "network:migrate_instance_start": "", - "network:migrate_instance_finish": "", - - "network:get_fixed_ip": "", - "network:get_fixed_ip_by_address": "", - "network:add_fixed_ip_to_instance": "", - "network:remove_fixed_ip_from_instance": "", - "network:add_network_to_project": "", - "network:get_instance_nw_info": "", - - "network:get_dns_domains": "", - "network:add_dns_entry": "", - "network:modify_dns_entry": "", - "network:delete_dns_entry": "", - "network:get_dns_entries_by_address": "", - "network:get_dns_entries_by_name": "", - "network:create_private_dns_domain": "", - "network:create_public_dns_domain": "", - "network:delete_dns_domain": "" -} diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/nova/release b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/nova/release deleted file mode 100644 index 898c2a3..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/nova/release +++ /dev/null @@ -1,4 +0,0 @@ -[Nova] -vendor = Red Hat Inc. -product = OpenStack Nova -package = mira.2 diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/nova/rootwrap.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/nova/rootwrap.conf deleted file mode 100644 index fb2997a..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/nova/rootwrap.conf +++ /dev/null @@ -1,27 +0,0 @@ -# Configuration for nova-rootwrap -# This file should be owned by (and only-writeable by) the root user - -[DEFAULT] -# List of directories to load filter definitions from (separated by ','). -# These directories MUST all be only writeable by root ! -filters_path=/etc/nova/rootwrap.d,/usr/share/nova/rootwrap - -# List of directories to search executables in, in case filters do not -# explicitely specify a full path (separated by ',') -# If not specified, defaults to system PATH environment variable. -# These directories MUST all be only writeable by root ! -exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin - -# Enable logging to syslog -# Default value is False -use_syslog=False - -# Which syslog facility to use. -# Valid values include auth, authpriv, syslog, user0, user1... -# Default value is 'syslog' -syslog_log_facility=syslog - -# Which messages to log. -# INFO means log all usage -# ERROR means only log unsuccessful attempts -syslog_log_level=ERROR diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/ntp.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/ntp.conf deleted file mode 100644 index 8ba49de..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/ntp.conf +++ /dev/null @@ -1,55 +0,0 @@ -# For more information about this file, see the man pages -# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5). - -driftfile /var/lib/ntp/drift - -# Permit time synchronization with our time source, but do not -# permit the source to query or modify the service on this system. -restrict default kod nomodify notrap nopeer noquery -restrict -6 default kod nomodify notrap nopeer noquery - -# Permit all access over the loopback interface. This could -# be tightened as well, but to do so would effect some of -# the administrative functions. -restrict 127.0.0.1 -restrict -6 ::1 - -# Hosts on local network are less restricted. -#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap - -# Use public servers from the pool.ntp.org project. -# Please consider joining the pool (http://www.pool.ntp.org/join.html). - -#broadcast 192.168.1.255 autokey # broadcast server -#broadcastclient # broadcast client -#broadcast 224.0.1.1 autokey # multicast server -#multicastclient 224.0.1.1 # multicast client -#manycastserver 239.255.254.254 # manycast server -#manycastclient 239.255.254.254 autokey # manycast client - -# Undisciplined Local Clock. This is a fake driver intended for backup -# and when no outside source of synchronized time is available. -#server 127.127.1.0 # local clock -#fudge 127.127.1.0 stratum 10 - -# Enable public key cryptography. -#crypto - -includefile /etc/ntp/crypto/pw - -# Key file containing the keys and key identifiers used when operating -# with symmetric key cryptography. -keys /etc/ntp/keys - -# Specify the key identifiers which are trusted. -#trustedkey 4 8 42 - -# Specify the key identifier to use with the ntpdc utility. -#requestkey 8 - -# Specify the key identifier to use with the ntpq utility. -#controlkey 8 - -# Enable writing of statistics records. -#statistics clockstats cryptostats loopstats peerstats -server 10.20.0.2 diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/ntp/crypto/pw b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/ntp/crypto/pw deleted file mode 100644 index b76b0ca..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/ntp/crypto/pw +++ /dev/null @@ -1,4 +0,0 @@ -# Specify the password to decrypt files containing private keys and identity -# parameters. This is required only if these files have been encrypted. -# -#crypto pw apassword diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/ntp/keys b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/ntp/keys deleted file mode 100644 index 5500a71..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/ntp/keys +++ /dev/null @@ -1,5 +0,0 @@ -# -# PLEASE DO NOT USE THE DEFAULT VALUES HERE. -# -#65535 M akey -#1 M pass diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/ntp/step-tickers b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/ntp/step-tickers deleted file mode 100644 index 92b33c9..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/ntp/step-tickers +++ /dev/null @@ -1 +0,0 @@ -# List of servers used for initial synchronization. diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/openstack-dashboard/local_settings b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/openstack-dashboard/local_settings deleted file mode 100644 index 1c804b1..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/openstack-dashboard/local_settings +++ /dev/null @@ -1,143 +0,0 @@ -import os - -from django.utils.translation import ugettext_lazy as _ - -DEBUG = False -TEMPLATE_DEBUG = DEBUG - - - -# Specify a regular expression to validate user passwords. -# HORIZON_CONFIG = { -# "password_validator": { -# "regex": '.*', -# "help_text": _("Your password does not meet the requirements.") -# } -# } - -LOCAL_PATH = os.path.dirname(os.path.abspath(__file__)) - -# Note: You should change this value -SECRET_KEY = 'dummy_secret_key' - -# We recommend you use memcached for development; otherwise after every reload -# of the django development server, you will have to login again. To use -# memcached set CACHE_BACKED to something like 'memcached://127.0.0.1:11211/' -CACHE_BACKEND = 'memcached://127.0.0.1:11211/' - -# Send email to the console by default -EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' -# Or send them to /dev/null -#EMAIL_BACKEND = 'django.core.mail.backends.dummy.EmailBackend' - -# Configure these for your outgoing email host -# EMAIL_HOST = 'smtp.my-company.com' -# EMAIL_PORT = 25 -# EMAIL_HOST_USER = 'djangomail' -# EMAIL_HOST_PASSWORD = 'top-secret!' - -# For multiple regions uncomment this configuration, and add (endpoint, title). -# AVAILABLE_REGIONS = [ -# ('http://cluster1.example.com:5000/v2.0', 'cluster1'), -# ('http://cluster2.example.com:5000/v2.0', 'cluster2'), -# ] - -OPENSTACK_HOST = "127.0.0.1" -OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0" % OPENSTACK_HOST -OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member" - -# Disable SSL certificate checks (useful for self-signed certificates): -OPENSTACK_SSL_NO_VERIFY = True - -# The OPENSTACK_KEYSTONE_BACKEND settings can be used to identify the -# capabilities of the auth backend for Keystone. -# If Keystone has been configured to use LDAP as the auth backend then set -# can_edit_user to False and name to 'ldap'. -# -# TODO(tres): Remove these once Keystone has an API to identify auth backend. -OPENSTACK_KEYSTONE_BACKEND = { - 'name': 'native', - 'can_edit_user': True -} - -OPENSTACK_HYPERVISOR_FEATURES = { - 'can_set_mount_point': True -} - -# OPENSTACK_ENDPOINT_TYPE specifies the endpoint type to use for the endpoints -# in the Keystone service catalog. Use this setting when Horizon is running -# external to the OpenStack environment. The default is 'internalURL'. -#OPENSTACK_ENDPOINT_TYPE = "publicURL" - - -# The number of Swift containers and objects to display on a single page before -# providing a paging element (a "more" link) to paginate results. -API_RESULT_LIMIT = 1000 -API_RESULT_PAGE_SIZE = 20 - - -# If you have external monitoring links, eg: -EXTERNAL_MONITORING = [ ] -LOGGING = { - 'version': 1, - # When set to True this will disable all logging except - # for loggers specified in this configuration dictionary. Note that - # if nothing is specified here and disable_existing_loggers is True, - # django.db.backends will still log unless it is disabled explicitly. - 'disable_existing_loggers': False, - 'handlers': { - 'null': { - 'level': 'DEBUG', - 'class': 'django.utils.log.NullHandler', - }, - 'console': { - # Set the level to "DEBUG" for verbose output logging. - 'level': 'INFO', - 'class': 'logging.StreamHandler', - }, - 'file': { - 'level': 'DEBUG', - 'class': 'logging.FileHandler', - 'filename': '/var/log/horizon/horizon.log' - }, - }, - 'loggers': { - # Logging from django.db.backends is VERY verbose, send to null - # by default. - 'django.db.backends': { - 'handlers': ['null'], - 'propagate': False, - }, - 'horizon': { - 'handlers': ['file'], - 'propagate': False, - }, - 'openstack_dashboard': { - 'handlers': ['file'], - 'propagate': False, - }, - 'novaclient': { - 'handlers': ['file'], - 'propagate': False, - }, - 'glanceclient': { - 'handlers': ['file'], - 'propagate': False, - }, - 'keystoneclient': { - 'handlers': ['file'], - 'propagate': False, - }, - 'nose.plugins.manager': { - 'handlers': ['file'], - 'propagate': False, - } - } -} -LOGIN_URL='/dashboard/auth/login/' -LOGIN_REDIRECT_URL='/dashboard' - -# The Ubuntu package includes pre-compressed JS and compiled CSS to allow -# offline compression by default. To enable online compression, install -# the node-less package and enable the following option. -COMPRESS_OFFLINE = False diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/rabbitmq/rabbitmq-env.conf b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/rabbitmq/rabbitmq-env.conf deleted file mode 100644 index 870cdb6..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/rabbitmq/rabbitmq-env.conf +++ /dev/null @@ -1,5 +0,0 @@ -RABBITMQ_NODE_PORT=5672 -RABBITMQ_SERVER_ERL_ARGS="+K true +A30 +P 1048576 \ --kernel inet_default_connect_options [{nodelay,true}] \ --kernel inet_dist_listen_min 41055 \ --kernel inet_dist_listen_max 41055" diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/rabbitmq/rabbitmq.config b/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/rabbitmq/rabbitmq.config deleted file mode 100644 index 0baa1b0..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/1cont/rabbitmq/rabbitmq.config +++ /dev/null @@ -1,5 +0,0 @@ -% This file managed by Puppet 2.7.19 -% Template Path: rabbitmq/templates/rabbitmq.config -[ - ]. -% EOF diff --git a/config_samples/fuel_web/1cnt_1cmp_1cndr/readme b/config_samples/fuel_web/1cnt_1cmp_1cndr/readme deleted file mode 100644 index 8311569..0000000 --- a/config_samples/fuel_web/1cnt_1cmp_1cndr/readme +++ /dev/null @@ -1,5 +0,0 @@ -Configuration: -1. One controller -2. One compute -3. One cinder -4. Flat DHCP mode - nova-network diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/libvirt.conf b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/libvirt.conf deleted file mode 100644 index 016cd24..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/libvirt.conf +++ /dev/null @@ -1,18 +0,0 @@ -# -# This can be used to setup URI aliases for frequently -# used connection URIs. Aliases may contain only the -# characters a-Z, 0-9, _, -. -# -# Following the '=' may be any valid libvirt connection -# URI, including arbitrary parameters - -#uri_aliases = [ -# "hail=qemu+ssh://root@hail.cloud.example.com/system", -# "sleet=qemu+ssh://root@sleet.cloud.example.com/system", -#] - -# -# This can be used to prevent probing of the hypervisor -# driver when no URI is supplied by the application. - -#uri_default = "qemu:///system" diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/libvirtd.conf b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/libvirtd.conf deleted file mode 100644 index 49d7899..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/libvirtd.conf +++ /dev/null @@ -1,398 +0,0 @@ -# Master libvirt daemon configuration file -# -# For further information consult http://libvirt.org/format.html -# -# NOTE: the tests/daemon-conf regression test script requires -# that each "PARAMETER = VALUE" line in this file have the parameter -# name just after a leading "#". - -################################################################# -# -# Network connectivity controls -# - -# Flag listening for secure TLS connections on the public TCP/IP port. -# NB, must pass the --listen flag to the libvirtd process for this to -# have any effect. -# -# It is necessary to setup a CA and issue server certificates before -# using this capability. -# -# This is enabled by default, uncomment this to disable it -#listen_tls = 0 - -# Listen for unencrypted TCP connections on the public TCP/IP port. -# NB, must pass the --listen flag to the libvirtd process for this to -# have any effect. -# -# Using the TCP socket requires SASL authentication by default. Only -# SASL mechanisms which support data encryption are allowed. This is -# DIGEST_MD5 and GSSAPI (Kerberos5) -# -# This is disabled by default, uncomment this to enable it. -#listen_tcp = 1 - - - -# Override the port for accepting secure TLS connections -# This can be a port number, or service name -# -#tls_port = "16514" - -# Override the port for accepting insecure TCP connections -# This can be a port number, or service name -# -#tcp_port = "16509" - - -# Override the default configuration which binds to all network -# interfaces. This can be a numeric IPv4/6 address, or hostname -# -#listen_addr = "192.168.0.1" - - -# Flag toggling mDNS advertizement of the libvirt service. -# -# Alternatively can disable for all services on a host by -# stopping the Avahi daemon -# -# This is disabled by default, uncomment this to enable it -#mdns_adv = 1 - -# Override the default mDNS advertizement name. This must be -# unique on the immediate broadcast network. -# -# The default is "Virtualization Host HOSTNAME", where HOSTNAME -# is subsituted for the short hostname of the machine (without domain) -# -#mdns_name = "Virtualization Host Joe Demo" - - -################################################################# -# -# UNIX socket access controls -# - -# Set the UNIX domain socket group ownership. This can be used to -# allow a 'trusted' set of users access to management capabilities -# without becoming root. -# -# This is restricted to 'root' by default. -#unix_sock_group = "libvirt" - -# Set the UNIX socket permissions for the R/O socket. This is used -# for monitoring VM status only -# -# Default allows any user. If setting group ownership may want to -# restrict this to: -#unix_sock_ro_perms = "0777" - -# Set the UNIX socket permissions for the R/W socket. This is used -# for full management of VMs -# -# Default allows only root. If PolicyKit is enabled on the socket, -# the default will change to allow everyone (eg, 0777) -# -# If not using PolicyKit and setting group ownership for access -# control then you may want to relax this to: -#unix_sock_rw_perms = "0770" - -# Set the name of the directory in which sockets will be found/created. -#unix_sock_dir = "/var/run/libvirt" - -################################################################# -# -# Authentication. -# -# - none: do not perform auth checks. If you can connect to the -# socket you are allowed. This is suitable if there are -# restrictions on connecting to the socket (eg, UNIX -# socket permissions), or if there is a lower layer in -# the network providing auth (eg, TLS/x509 certificates) -# -# - sasl: use SASL infrastructure. The actual auth scheme is then -# controlled from /etc/sasl2/libvirt.conf. For the TCP -# socket only GSSAPI & DIGEST-MD5 mechanisms will be used. -# For non-TCP or TLS sockets, any scheme is allowed. -# -# - polkit: use PolicyKit to authenticate. This is only suitable -# for use on the UNIX sockets. The default policy will -# require a user to supply their own password to gain -# full read/write access (aka sudo like), while anyone -# is allowed read/only access. -# -# Set an authentication scheme for UNIX read-only sockets -# By default socket permissions allow anyone to connect -# -# To restrict monitoring of domains you may wish to enable -# an authentication mechanism here -#auth_unix_ro = "none" - -# Set an authentication scheme for UNIX read-write sockets -# By default socket permissions only allow root. If PolicyKit -# support was compiled into libvirt, the default will be to -# use 'polkit' auth. -# -# If the unix_sock_rw_perms are changed you may wish to enable -# an authentication mechanism here -#auth_unix_rw = "none" - -# Change the authentication scheme for TCP sockets. -# -# If you don't enable SASL, then all TCP traffic is cleartext. -# Don't do this outside of a dev/test scenario. For real world -# use, always enable SASL and use the GSSAPI or DIGEST-MD5 -# mechanism in /etc/sasl2/libvirt.conf -#auth_tcp = "sasl" - -# Change the authentication scheme for TLS sockets. -# -# TLS sockets already have encryption provided by the TLS -# layer, and limited authentication is done by certificates -# -# It is possible to make use of any SASL authentication -# mechanism as well, by using 'sasl' for this option -#auth_tls = "none" - - - -################################################################# -# -# TLS x509 certificate configuration -# - - -# Override the default server key file path -# -#key_file = "/etc/pki/libvirt/private/serverkey.pem" - -# Override the default server certificate file path -# -#cert_file = "/etc/pki/libvirt/servercert.pem" - -# Override the default CA certificate path -# -#ca_file = "/etc/pki/CA/cacert.pem" - -# Specify a certificate revocation list. -# -# Defaults to not using a CRL, uncomment to enable it -#crl_file = "/etc/pki/CA/crl.pem" - - - -################################################################# -# -# Authorization controls -# - - -# Flag to disable verification of our own server certificates -# -# When libvirtd starts it performs some sanity checks against -# its own certificates. -# -# Default is to always run sanity checks. Uncommenting this -# will disable sanity checks which is not a good idea -#tls_no_sanity_certificate = 1 - -# Flag to disable verification of client certificates -# -# Client certificate verification is the primary authentication mechanism. -# Any client which does not present a certificate signed by the CA -# will be rejected. -# -# Default is to always verify. Uncommenting this will disable -# verification - make sure an IP whitelist is set -#tls_no_verify_certificate = 1 - - -# A whitelist of allowed x509 Distinguished Names -# This list may contain wildcards such as -# -# "C=GB,ST=London,L=London,O=Red Hat,CN=*" -# -# See the POSIX fnmatch function for the format of the wildcards. -# -# NB If this is an empty list, no client can connect, so comment out -# entirely rather than using empty list to disable these checks -# -# By default, no DN's are checked -#tls_allowed_dn_list = ["DN1", "DN2"] - - -# A whitelist of allowed SASL usernames. The format for usernames -# depends on the SASL authentication mechanism. Kerberos usernames -# look like username@REALM -# -# This list may contain wildcards such as -# -# "*@EXAMPLE.COM" -# -# See the POSIX fnmatch function for the format of the wildcards. -# -# NB If this is an empty list, no client can connect, so comment out -# entirely rather than using empty list to disable these checks -# -# By default, no Username's are checked -#sasl_allowed_username_list = ["joe@EXAMPLE.COM", "fred@EXAMPLE.COM" ] - - - -################################################################# -# -# Processing controls -# - -# The maximum number of concurrent client connections to allow -# over all sockets combined. -#max_clients = 20 - - -# The minimum limit sets the number of workers to start up -# initially. If the number of active clients exceeds this, -# then more threads are spawned, upto max_workers limit. -# Typically you'd want max_workers to equal maximum number -# of clients allowed -#min_workers = 5 -#max_workers = 20 - - -# The number of priority workers. If all workers from above -# pool will stuck, some calls marked as high priority -# (notably domainDestroy) can be executed in this pool. -#prio_workers = 5 - -# Total global limit on concurrent RPC calls. Should be -# at least as large as max_workers. Beyond this, RPC requests -# will be read into memory and queued. This directly impact -# memory usage, currently each request requires 256 KB of -# memory. So by default upto 5 MB of memory is used -# -# XXX this isn't actually enforced yet, only the per-client -# limit is used so far -#max_requests = 20 - -# Limit on concurrent requests from a single client -# connection. To avoid one client monopolizing the server -# this should be a small fraction of the global max_requests -# and max_workers parameter -#max_client_requests = 5 - -################################################################# -# -# Logging controls -# - -# Logging level: 4 errors, 3 warnings, 2 information, 1 debug -# basically 1 will log everything possible -#log_level = 3 - -# Logging filters: -# A filter allows to select a different logging level for a given category -# of logs -# The format for a filter is one of: -# x:name -# x:+name -# where name is a string which is matched against source file name, -# e.g., "remote", "qemu", or "util/json", the optional "+" prefix -# tells libvirt to log stack trace for each message matching name, -# and x is the minimal level where matching messages should be logged: -# 1: DEBUG -# 2: INFO -# 3: WARNING -# 4: ERROR -# -# Multiple filter can be defined in a single @filters, they just need to be -# separated by spaces. -# -# e.g. to only get warning or errors from the remote layer and only errors -# from the event layer: -#log_filters="3:remote 4:event" - -# Logging outputs: -# An output is one of the places to save logging information -# The format for an output can be: -# x:stderr -# output goes to stderr -# x:syslog:name -# use syslog for the output and use the given name as the ident -# x:file:file_path -# output to a file, with the given filepath -# In all case the x prefix is the minimal level, acting as a filter -# 1: DEBUG -# 2: INFO -# 3: WARNING -# 4: ERROR -# -# Multiple output can be defined, they just need to be separated by spaces. -# e.g. to log all warnings and errors to syslog under the libvirtd ident: -#log_outputs="3:syslog:libvirtd" -# - -# Log debug buffer size: default 64 -# The daemon keeps an internal debug log buffer which will be dumped in case -# of crash or upon receiving a SIGUSR2 signal. This setting allows to override -# the default buffer size in kilobytes. -# If value is 0 or less the debug log buffer is deactivated -#log_buffer_size = 64 - - -################################################################## -# -# Auditing -# -# This setting allows usage of the auditing subsystem to be altered: -# -# audit_level == 0 -> disable all auditing -# audit_level == 1 -> enable auditing, only if enabled on host (default) -# audit_level == 2 -> enable auditing, and exit if disabled on host -# -#audit_level = 2 -# -# If set to 1, then audit messages will also be sent -# via libvirt logging infrastructure. Defaults to 0 -# -#audit_logging = 1 - -################################################################### -# UUID of the host: -# Provide the UUID of the host here in case the command -# 'dmidecode -s system-uuid' does not provide a valid uuid. In case -# 'dmidecode' does not provide a valid UUID and none is provided here, a -# temporary UUID will be generated. -# Keep the format of the example UUID below. UUID must not have all digits -# be the same. - -# NB This default all-zeros UUID will not work. Replace -# it with the output of the 'uuidgen' command and then -# uncomment this entry -#host_uuid = "00000000-0000-0000-0000-000000000000" - -################################################################### -# Keepalive protocol: -# This allows libvirtd to detect broken client connections or even -# dead client. A keepalive message is sent to a client after -# keepalive_interval seconds of inactivity to check if the client is -# still responding; keepalive_count is a maximum number of keepalive -# messages that are allowed to be sent to the client without getting -# any response before the connection is considered broken. In other -# words, the connection is automatically closed approximately after -# keepalive_interval * (keepalive_count + 1) seconds since the last -# message received from the client. If keepalive_interval is set to -# -1, libvirtd will never send keepalive requests; however clients -# can still send them and the deamon will send responses. When -# keepalive_count is set to 0, connections will be automatically -# closed after keepalive_interval seconds of inactivity without -# sending any keepalive messages. -# -#keepalive_interval = 5 -#keepalive_count = 5 -# -# If set to 1, libvirtd will refuse to talk to clients that do not -# support keepalive protocol. Defaults to 0. -# -#keepalive_required = 1 -listen_tls = 0 -listen_tcp = 1 -auth_tcp = "none" diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/lxc.conf b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/lxc.conf deleted file mode 100644 index 8df4601..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/lxc.conf +++ /dev/null @@ -1,31 +0,0 @@ -# Master configuration file for the LXC driver. -# All settings described here are optional - if omitted, sensible -# defaults are used. - -# By default, log messages generated by the lxc controller go to the -# container logfile. It is also possible to accumulate log messages -# from all lxc controllers along with libvirtd's log outputs. In this -# case, the lxc controller will honor either LIBVIRT_LOG_OUTPUTS or -# log_outputs from libvirtd.conf. -# -# This is disabled by default, uncomment below to enable it. -# -#log_with_libvirtd = 1 - - -# The default security driver is SELinux. If SELinux is disabled -# on the host, then the security driver will automatically disable -# itself. If you wish to disable QEMU SELinux security driver while -# leaving SELinux enabled for the host in general, then set this -# to 'none' instead. -# -#security_driver = "selinux" - -# If set to non-zero, then the default security labeling -# will make guests confined. If set to zero, then guests -# will be unconfined by default. Defaults to 0. -#security_default_confined = 1 - -# If set to non-zero, then attempts to create unconfined -# guests will be blocked. Defaults to 0. -#security_require_confined = 1 diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/allow-arp.xml b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/allow-arp.xml deleted file mode 100644 index 63a92b2..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/allow-arp.xml +++ /dev/null @@ -1,3 +0,0 @@ - - - diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/allow-dhcp-server.xml b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/allow-dhcp-server.xml deleted file mode 100644 index 37e708e..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/allow-dhcp-server.xml +++ /dev/null @@ -1,24 +0,0 @@ - - - - - - - - - - - - - - diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/allow-dhcp.xml b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/allow-dhcp.xml deleted file mode 100644 index d66d2b6..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/allow-dhcp.xml +++ /dev/null @@ -1,21 +0,0 @@ - - - - - - - - - - - - - - diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/allow-incoming-ipv4.xml b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/allow-incoming-ipv4.xml deleted file mode 100644 index dd1e50d..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/allow-incoming-ipv4.xml +++ /dev/null @@ -1,3 +0,0 @@ - - - diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/allow-ipv4.xml b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/allow-ipv4.xml deleted file mode 100644 index 28e930a..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/allow-ipv4.xml +++ /dev/null @@ -1,3 +0,0 @@ - - - diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/clean-traffic.xml b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/clean-traffic.xml deleted file mode 100644 index b8cde9c..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/clean-traffic.xml +++ /dev/null @@ -1,30 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-arp-ip-spoofing.xml b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-arp-ip-spoofing.xml deleted file mode 100644 index 7365298..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-arp-ip-spoofing.xml +++ /dev/null @@ -1,9 +0,0 @@ - - - - - - - - - diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-arp-mac-spoofing.xml b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-arp-mac-spoofing.xml deleted file mode 100644 index 71482bb..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-arp-mac-spoofing.xml +++ /dev/null @@ -1,7 +0,0 @@ - - - - - - - diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-arp-spoofing.xml b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-arp-spoofing.xml deleted file mode 100644 index 23f2d3c..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-arp-spoofing.xml +++ /dev/null @@ -1,4 +0,0 @@ - - - - diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-ip-multicast.xml b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-ip-multicast.xml deleted file mode 100644 index edcf03f..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-ip-multicast.xml +++ /dev/null @@ -1,9 +0,0 @@ - - - - - - - - - diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-ip-spoofing.xml b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-ip-spoofing.xml deleted file mode 100644 index f8c9573..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-ip-spoofing.xml +++ /dev/null @@ -1,14 +0,0 @@ - - - - - - - - - - - - - - diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-mac-broadcast.xml b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-mac-broadcast.xml deleted file mode 100644 index 74e65bf..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-mac-broadcast.xml +++ /dev/null @@ -1,8 +0,0 @@ - - - - - - - - diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-mac-spoofing.xml b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-mac-spoofing.xml deleted file mode 100644 index 2d0468f..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-mac-spoofing.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - - - - - - - diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-other-l2-traffic.xml b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-other-l2-traffic.xml deleted file mode 100644 index 8bad86e..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-other-l2-traffic.xml +++ /dev/null @@ -1,7 +0,0 @@ - - - - - - diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-other-rarp-traffic.xml b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-other-rarp-traffic.xml deleted file mode 100644 index 7729996..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/no-other-rarp-traffic.xml +++ /dev/null @@ -1,3 +0,0 @@ - - - diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/qemu-announce-self-rarp.xml b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/qemu-announce-self-rarp.xml deleted file mode 100644 index b7a848a..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/qemu-announce-self-rarp.xml +++ /dev/null @@ -1,14 +0,0 @@ - - - - - - - - diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/qemu-announce-self.xml b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/qemu-announce-self.xml deleted file mode 100644 index 352db50..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/nwfilter/qemu-announce-self.xml +++ /dev/null @@ -1,13 +0,0 @@ - - - - - - - - - - - - diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/qemu.conf b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/qemu.conf deleted file mode 100644 index 7a5e4ce..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/qemu.conf +++ /dev/null @@ -1,404 +0,0 @@ -# Master configuration file for the QEMU driver. -# All settings described here are optional - if omitted, sensible -# defaults are used. - -# VNC is configured to listen on 127.0.0.1 by default. -# To make it listen on all public interfaces, uncomment -# this next option. -# -# NB, strong recommendation to enable TLS + x509 certificate -# verification when allowing public access -# -#vnc_listen = "0.0.0.0" - -# Enable this option to have VNC served over an automatically created -# unix socket. This prevents unprivileged access from users on the -# host machine, though most VNC clients do not support it. -# -# This will only be enabled for VNC configurations that do not have -# a hardcoded 'listen' or 'socket' value. This setting takes preference -# over vnc_listen. -# -#vnc_auto_unix_socket = 1 - -# Enable use of TLS encryption on the VNC server. This requires -# a VNC client which supports the VeNCrypt protocol extension. -# Examples include vinagre, virt-viewer, virt-manager and vencrypt -# itself. UltraVNC, RealVNC, TightVNC do not support this -# -# It is necessary to setup CA and issue a server certificate -# before enabling this. -# -#vnc_tls = 1 - - -# Use of TLS requires that x509 certificates be issued. The -# default it to keep them in /etc/pki/libvirt-vnc. This directory -# must contain -# -# ca-cert.pem - the CA master certificate -# server-cert.pem - the server certificate signed with ca-cert.pem -# server-key.pem - the server private key -# -# This option allows the certificate directory to be changed -# -#vnc_tls_x509_cert_dir = "/etc/pki/libvirt-vnc" - - -# The default TLS configuration only uses certificates for the server -# allowing the client to verify the server's identity and establish -# an encrypted channel. -# -# It is possible to use x509 certificates for authentication too, by -# issuing a x509 certificate to every client who needs to connect. -# -# Enabling this option will reject any client who does not have a -# certificate signed by the CA in /etc/pki/libvirt-vnc/ca-cert.pem -# -#vnc_tls_x509_verify = 1 - - -# The default VNC password. Only 8 letters are significant for -# VNC passwords. This parameter is only used if the per-domain -# XML config does not already provide a password. To allow -# access without passwords, leave this commented out. An empty -# string will still enable passwords, but be rejected by QEMU, -# effectively preventing any use of VNC. Obviously change this -# example here before you set this. -# -#vnc_password = "XYZ12345" - - -# Enable use of SASL encryption on the VNC server. This requires -# a VNC client which supports the SASL protocol extension. -# Examples include vinagre, virt-viewer and virt-manager -# itself. UltraVNC, RealVNC, TightVNC do not support this -# -# It is necessary to configure /etc/sasl2/qemu.conf to choose -# the desired SASL plugin (eg, GSSPI for Kerberos) -# -#vnc_sasl = 1 - - -# The default SASL configuration file is located in /etc/sasl2/ -# When running libvirtd unprivileged, it may be desirable to -# override the configs in this location. Set this parameter to -# point to the directory, and create a qemu.conf in that location -# -#vnc_sasl_dir = "/some/directory/sasl2" - - -# QEMU implements an extension for providing audio over a VNC connection, -# though if your VNC client does not support it, your only chance for getting -# sound output is through regular audio backends. By default, libvirt will -# disable all QEMU sound backends if using VNC, since they can cause -# permissions issues. Enabling this option will make libvirtd honor the -# QEMU_AUDIO_DRV environment variable when using VNC. -# -#vnc_allow_host_audio = 0 - - - -# SPICE is configured to listen on 127.0.0.1 by default. -# To make it listen on all public interfaces, uncomment -# this next option. -# -# NB, strong recommendation to enable TLS + x509 certificate -# verification when allowing public access -# -#spice_listen = "0.0.0.0" - - -# Enable use of TLS encryption on the SPICE server. -# -# It is necessary to setup CA and issue a server certificate -# before enabling this. -# -#spice_tls = 1 - - -# Use of TLS requires that x509 certificates be issued. The -# default it to keep them in /etc/pki/libvirt-spice. This directory -# must contain -# -# ca-cert.pem - the CA master certificate -# server-cert.pem - the server certificate signed with ca-cert.pem -# server-key.pem - the server private key -# -# This option allows the certificate directory to be changed. -# -#spice_tls_x509_cert_dir = "/etc/pki/libvirt-spice" - - -# The default SPICE password. This parameter is only used if the -# per-domain XML config does not already provide a password. To -# allow access without passwords, leave this commented out. An -# empty string will still enable passwords, but be rejected by -# QEMU, effectively preventing any use of SPICE. Obviously change -# this example here before you set this. -# -#spice_password = "XYZ12345" - - -# Override the port for creating both VNC and SPICE sessions (min). -# This defaults to 5900 and increases for consecutive sessions -# or when ports are occupied, until it hits the maximum. -# -# Minimum must be greater than or equal to 5900 as lower number would -# result into negative vnc display number. -# -# Maximum must be less than 65536, because higher numbers do not make -# sense as a port number. -# -#remote_display_port_min = 5900 -#remote_display_port_max = 65535 - - -# The default security driver is SELinux. If SELinux is disabled -# on the host, then the security driver will automatically disable -# itself. If you wish to disable QEMU SELinux security driver while -# leaving SELinux enabled for the host in general, then set this -# to 'none' instead. It's also possible to use more than one security -# driver at the same time, for this use a list of names separated by -# comma and delimited by square brackets. For example: -# -# security_driver = [ "selinux", "apparmor" ] -# -# Notes: The DAC security driver is always enabled; as a result, the -# value of security_driver cannot contain "dac". The value "none" is -# a special value; security_driver can be set to that value in -# isolation, but it cannot appear in a list of drivers. -# -#security_driver = "selinux" - -# If set to non-zero, then the default security labeling -# will make guests confined. If set to zero, then guests -# will be unconfined by default. Defaults to 1. -#security_default_confined = 1 - -# If set to non-zero, then attempts to create unconfined -# guests will be blocked. Defaults to 0. -#security_require_confined = 1 - -# The user for QEMU processes run by the system instance. It can be -# specified as a user name or as a user id. The qemu driver will try to -# parse this value first as a name and then, if the name doesn't exist, -# as a user id. -# -# Since a sequence of digits is a valid user name, a leading plus sign -# can be used to ensure that a user id will not be interpreted as a user -# name. -# -# Some examples of valid values are: -# -# user = "qemu" # A user named "qemu" -# user = "+0" # Super user (uid=0) -# user = "100" # A user named "100" or a user with uid=100 -# -#user = "root" - -# The group for QEMU processes run by the system instance. It can be -# specified in a similar way to user. -#group = "root" - -# Whether libvirt should dynamically change file ownership -# to match the configured user/group above. Defaults to 1. -# Set to 0 to disable file ownership changes. -#dynamic_ownership = 1 - - -# What cgroup controllers to make use of with QEMU guests -# -# - 'cpu' - use for schedular tunables -# - 'devices' - use for device whitelisting -# - 'memory' - use for memory tunables -# - 'blkio' - use for block devices I/O tunables -# - 'cpuset' - use for CPUs and memory nodes -# - 'cpuacct' - use for CPUs statistics. -# -# NB, even if configured here, they won't be used unless -# the administrator has mounted cgroups, e.g.: -# -# mkdir /dev/cgroup -# mount -t cgroup -o devices,cpu,memory,blkio,cpuset none /dev/cgroup -# -# They can be mounted anywhere, and different controllers -# can be mounted in different locations. libvirt will detect -# where they are located. -# -#cgroup_controllers = [ "cpu", "devices", "memory", "blkio", "cpuset", "cpuacct" ] - -# This is the basic set of devices allowed / required by -# all virtual machines. -# -# As well as this, any configured block backed disks, -# all sound device, and all PTY devices are allowed. -# -# This will only need setting if newer QEMU suddenly -# wants some device we don't already know about. -# -#cgroup_device_acl = [ -# "/dev/null", "/dev/full", "/dev/zero", -# "/dev/random", "/dev/urandom", -# "/dev/ptmx", "/dev/kvm", "/dev/kqemu", -# "/dev/rtc","/dev/hpet" -#] - - -# The default format for Qemu/KVM guest save images is raw; that is, the -# memory from the domain is dumped out directly to a file. If you have -# guests with a large amount of memory, however, this can take up quite -# a bit of space. If you would like to compress the images while they -# are being saved to disk, you can also set "lzop", "gzip", "bzip2", or "xz" -# for save_image_format. Note that this means you slow down the process of -# saving a domain in order to save disk space; the list above is in descending -# order by performance and ascending order by compression ratio. -# -# save_image_format is used when you use 'virsh save' at scheduled -# saving, and it is an error if the specified save_image_format is -# not valid, or the requested compression program can't be found. -# -# dump_image_format is used when you use 'virsh dump' at emergency -# crashdump, and if the specified dump_image_format is not valid, or -# the requested compression program can't be found, this falls -# back to "raw" compression. -# -#save_image_format = "raw" -#dump_image_format = "raw" - -# When a domain is configured to be auto-dumped when libvirtd receives a -# watchdog event from qemu guest, libvirtd will save dump files in directory -# specified by auto_dump_path. Default value is /var/lib/libvirt/qemu/dump -# -#auto_dump_path = "/var/lib/libvirt/qemu/dump" - -# When a domain is configured to be auto-dumped, enabling this flag -# has the same effect as using the VIR_DUMP_BYPASS_CACHE flag with the -# virDomainCoreDump API. That is, the system will avoid using the -# file system cache while writing the dump file, but may cause -# slower operation. -# -#auto_dump_bypass_cache = 0 - -# When a domain is configured to be auto-started, enabling this flag -# has the same effect as using the VIR_DOMAIN_START_BYPASS_CACHE flag -# with the virDomainCreateWithFlags API. That is, the system will -# avoid using the file system cache when restoring any managed state -# file, but may cause slower operation. -# -#auto_start_bypass_cache = 0 - -# If provided by the host and a hugetlbfs mount point is configured, -# a guest may request huge page backing. When this mount point is -# unspecified here, determination of a host mount point in /proc/mounts -# will be attempted. Specifying an explicit mount overrides detection -# of the same in /proc/mounts. Setting the mount point to "" will -# disable guest hugepage backing. -# -# NB, within this mount point, guests will create memory backing files -# in a location of $MOUNTPOINT/libvirt/qemu -# -#hugetlbfs_mount = "/dev/hugepages" - - -# If clear_emulator_capabilities is enabled, libvirt will drop all -# privileged capabilities of the QEmu/KVM emulator. This is enabled by -# default. -# -# Warning: Disabling this option means that a compromised guest can -# exploit the privileges and possibly do damage to the host. -# -#clear_emulator_capabilities = 1 - - -# If enabled, libvirt will have QEMU set its process name to -# "qemu:VM_NAME", where VM_NAME is the name of the VM. The QEMU -# process will appear as "qemu:VM_NAME" in process listings and -# other system monitoring tools. By default, QEMU does not set -# its process title, so the complete QEMU command (emulator and -# its arguments) appear in process listings. -# -#set_process_name = 1 - - -# If max_processes is set to a positive integer, libvirt will use -# it to set the maximum number of processes that can be run by qemu -# user. This can be used to override default value set by host OS. -# The same applies to max_files which sets the limit on the maximum -# number of opened files. -# -#max_processes = 0 -#max_files = 0 - - - -# mac_filter enables MAC addressed based filtering on bridge ports. -# This currently requires ebtables to be installed. -# -#mac_filter = 1 - - -# By default, PCI devices below non-ACS switch are not allowed to be assigned -# to guests. By setting relaxed_acs_check to 1 such devices will be allowed to -# be assigned to guests. -# -#relaxed_acs_check = 1 - - -# If allow_disk_format_probing is enabled, libvirt will probe disk -# images to attempt to identify their format, when not otherwise -# specified in the XML. This is disabled by default. -# -# WARNING: Enabling probing is a security hole in almost all -# deployments. It is strongly recommended that users update their -# guest XML elements to include -# elements instead of enabling this option. -# -#allow_disk_format_probing = 1 - - -# To enable 'Sanlock' project based locking of the file -# content (to prevent two VMs writing to the same -# disk), uncomment this -# -#lock_manager = "sanlock" - - - -# Set limit of maximum APIs queued on one domain. All other APIs -# over this threshold will fail on acquiring job lock. Specially, -# setting to zero turns this feature off. -# Note, that job lock is per domain. -# -#max_queued = 0 - -################################################################### -# Keepalive protocol: -# This allows qemu driver to detect broken connections to remote -# libvirtd during peer-to-peer migration. A keepalive message is -# sent to the deamon after keepalive_interval seconds of inactivity -# to check if the deamon is still responding; keepalive_count is a -# maximum number of keepalive messages that are allowed to be sent -# to the deamon without getting any response before the connection -# is considered broken. In other words, the connection is -# automatically closed approximately after -# keepalive_interval * (keepalive_count + 1) seconds since the last -# message received from the deamon. If keepalive_interval is set to -# -1, qemu driver will not send keepalive requests during -# peer-to-peer migration; however, the remote libvirtd can still -# send them and source libvirtd will send responses. When -# keepalive_count is set to 0, connections will be automatically -# closed after keepalive_interval seconds of inactivity without -# sending any keepalive messages. -# -#keepalive_interval = 5 -#keepalive_count = 5 - - - -# Use seccomp syscall whitelisting in QEMU. -# 1 = on, 0 = off, -1 = use QEMU default -# Defaults to -1. -# -#seccomp_sandbox = 1 -security_driver="none" diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/qemu/networks/autostart/default.xml b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/qemu/networks/autostart/default.xml deleted file mode 100644 index 3818405..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/qemu/networks/autostart/default.xml +++ /dev/null @@ -1,12 +0,0 @@ - - default - 7c31927a-3bca-4e99-88c3-066478cc6a62 - - - - - - - - - diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/qemu/networks/default.xml b/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/qemu/networks/default.xml deleted file mode 100644 index 3818405..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/libvirt/qemu/networks/default.xml +++ /dev/null @@ -1,12 +0,0 @@ - - default - 7c31927a-3bca-4e99-88c3-066478cc6a62 - - - - - - - - - diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/lvm/archive/os_00000-1760572599.vg b/config_samples/fuel_web/golden_fuelweb/cmp/lvm/archive/os_00000-1760572599.vg deleted file mode 100644 index b0b3608..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/lvm/archive/os_00000-1760572599.vg +++ /dev/null @@ -1,80 +0,0 @@ -# Generated by LVM2 version 2.02.98(2)-RHEL6 (2012-10-15): Mon Sep 16 13:31:51 2013 - -contents = "Text Format Volume Group" -version = 1 - -description = "Created *before* executing '/sbin/vgs --noheadings -o name --config 'log{command_names=0 prefix=\" \"}''" - -creation_host = "compute-16.domain.tld" # Linux compute-16.domain.tld 2.6.32-358.6.2.el6.x86_64 #1 SMP Thu May 16 20:59:36 UTC 2013 x86_64 -creation_time = 1379338311 # Mon Sep 16 13:31:51 2013 - -os { - id = "vOWwZt-1R8M-W1fR-DdyR-MtPN-LEuV-G4247X" - seqno = 3 - format = "lvm2" # informational - status = ["RESIZEABLE", "READ", "WRITE"] - flags = [] - extent_size = 65536 # 32 Megabytes - max_lv = 0 - max_pv = 0 - metadata_copies = 0 - - physical_volumes { - - pv0 { - id = "DcHtP1-1FFx-x9wL-xi7w-qihb-ytLQ-LWkpHc" - device = "/dev/sda2" # Hint only - - status = ["ALLOCATABLE"] - flags = [] - dev_size = 29321216 # 13.9814 Gigabytes - pe_start = 2048 - pe_count = 447 # 13.9688 Gigabytes - } - } - - logical_volumes { - - root { - id = "b4uooc-r4Kx-7JON-FPoO-0JAL-QMg1-mr1vyi" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "compute-16.domain.tld" - creation_time = 1379337936 # 2013-09-16 13:25:36 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 320 # 10 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 0 - ] - } - } - - swap { - id = "6wpV9P-RA5V-NivX-P2d0-eTJm-pqp9-ayOkrP" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "compute-16.domain.tld" - creation_time = 1379337940 # 2013-09-16 13:25:40 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 126 # 3.9375 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 320 - ] - } - } - } -} diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/lvm/archive/vm_00000-1437943878.vg b/config_samples/fuel_web/golden_fuelweb/cmp/lvm/archive/vm_00000-1437943878.vg deleted file mode 100644 index 4321bb7..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/lvm/archive/vm_00000-1437943878.vg +++ /dev/null @@ -1,59 +0,0 @@ -# Generated by LVM2 version 2.02.98(2)-RHEL6 (2012-10-15): Mon Sep 16 13:31:51 2013 - -contents = "Text Format Volume Group" -version = 1 - -description = "Created *before* executing '/sbin/vgs --noheadings -o name --config 'log{command_names=0 prefix=\" \"}''" - -creation_host = "compute-16.domain.tld" # Linux compute-16.domain.tld 2.6.32-358.6.2.el6.x86_64 #1 SMP Thu May 16 20:59:36 UTC 2013 x86_64 -creation_time = 1379338311 # Mon Sep 16 13:31:51 2013 - -vm { - id = "82EdLb-ChnU-MHfe-NMwG-Ssyj-0VKi-Sd0VG8" - seqno = 2 - format = "lvm2" # informational - status = ["RESIZEABLE", "READ", "WRITE"] - flags = [] - extent_size = 65536 # 32 Megabytes - max_lv = 0 - max_pv = 0 - metadata_copies = 0 - - physical_volumes { - - pv0 { - id = "K5Epsi-flho-3DPH-83e8-mTCh-qEZY-p9yFiS" - device = "/dev/sda3" # Hint only - - status = ["ALLOCATABLE"] - flags = [] - dev_size = 3801088 # 1.8125 Gigabytes - pe_start = 2048 - pe_count = 57 # 1.78125 Gigabytes - } - } - - logical_volumes { - - libvirt { - id = "tBFkcf-B6xs-9fUH-lEhW-XL2p-PSQF-EpMAHq" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "compute-16.domain.tld" - creation_time = 1379337941 # 2013-09-16 13:25:41 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 56 # 1.75 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 0 - ] - } - } - } -} diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/lvm/backup/os b/config_samples/fuel_web/golden_fuelweb/cmp/lvm/backup/os deleted file mode 100644 index 78e9758..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/lvm/backup/os +++ /dev/null @@ -1,80 +0,0 @@ -# Generated by LVM2 version 2.02.98(2)-RHEL6 (2012-10-15): Mon Sep 16 13:31:51 2013 - -contents = "Text Format Volume Group" -version = 1 - -description = "Created *after* executing '/sbin/vgs --noheadings -o name --config 'log{command_names=0 prefix=\" \"}''" - -creation_host = "compute-16.domain.tld" # Linux compute-16.domain.tld 2.6.32-358.6.2.el6.x86_64 #1 SMP Thu May 16 20:59:36 UTC 2013 x86_64 -creation_time = 1379338311 # Mon Sep 16 13:31:51 2013 - -os { - id = "vOWwZt-1R8M-W1fR-DdyR-MtPN-LEuV-G4247X" - seqno = 3 - format = "lvm2" # informational - status = ["RESIZEABLE", "READ", "WRITE"] - flags = [] - extent_size = 65536 # 32 Megabytes - max_lv = 0 - max_pv = 0 - metadata_copies = 0 - - physical_volumes { - - pv0 { - id = "DcHtP1-1FFx-x9wL-xi7w-qihb-ytLQ-LWkpHc" - device = "/dev/sda2" # Hint only - - status = ["ALLOCATABLE"] - flags = [] - dev_size = 29321216 # 13.9814 Gigabytes - pe_start = 2048 - pe_count = 447 # 13.9688 Gigabytes - } - } - - logical_volumes { - - root { - id = "b4uooc-r4Kx-7JON-FPoO-0JAL-QMg1-mr1vyi" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "compute-16.domain.tld" - creation_time = 1379337936 # 2013-09-16 13:25:36 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 320 # 10 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 0 - ] - } - } - - swap { - id = "6wpV9P-RA5V-NivX-P2d0-eTJm-pqp9-ayOkrP" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "compute-16.domain.tld" - creation_time = 1379337940 # 2013-09-16 13:25:40 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 126 # 3.9375 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 320 - ] - } - } - } -} diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/lvm/backup/vm b/config_samples/fuel_web/golden_fuelweb/cmp/lvm/backup/vm deleted file mode 100644 index 93f2e8b..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/lvm/backup/vm +++ /dev/null @@ -1,59 +0,0 @@ -# Generated by LVM2 version 2.02.98(2)-RHEL6 (2012-10-15): Mon Sep 16 13:31:51 2013 - -contents = "Text Format Volume Group" -version = 1 - -description = "Created *after* executing '/sbin/vgs --noheadings -o name --config 'log{command_names=0 prefix=\" \"}''" - -creation_host = "compute-16.domain.tld" # Linux compute-16.domain.tld 2.6.32-358.6.2.el6.x86_64 #1 SMP Thu May 16 20:59:36 UTC 2013 x86_64 -creation_time = 1379338311 # Mon Sep 16 13:31:51 2013 - -vm { - id = "82EdLb-ChnU-MHfe-NMwG-Ssyj-0VKi-Sd0VG8" - seqno = 2 - format = "lvm2" # informational - status = ["RESIZEABLE", "READ", "WRITE"] - flags = [] - extent_size = 65536 # 32 Megabytes - max_lv = 0 - max_pv = 0 - metadata_copies = 0 - - physical_volumes { - - pv0 { - id = "K5Epsi-flho-3DPH-83e8-mTCh-qEZY-p9yFiS" - device = "/dev/sda3" # Hint only - - status = ["ALLOCATABLE"] - flags = [] - dev_size = 3801088 # 1.8125 Gigabytes - pe_start = 2048 - pe_count = 57 # 1.78125 Gigabytes - } - } - - logical_volumes { - - libvirt { - id = "tBFkcf-B6xs-9fUH-lEhW-XL2p-PSQF-EpMAHq" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "compute-16.domain.tld" - creation_time = 1379337941 # 2013-09-16 13:25:41 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 56 # 1.75 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 0 - ] - } - } - } -} diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/lvm/lvm.conf b/config_samples/fuel_web/golden_fuelweb/cmp/lvm/lvm.conf deleted file mode 100644 index 542a2e6..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/lvm/lvm.conf +++ /dev/null @@ -1,843 +0,0 @@ -# This is an example configuration file for the LVM2 system. -# It contains the default settings that would be used if there was no -# /etc/lvm/lvm.conf file. -# -# Refer to 'man lvm.conf' for further information including the file layout. -# -# To put this file in a different directory and override /etc/lvm set -# the environment variable LVM_SYSTEM_DIR before running the tools. -# -# N.B. Take care that each setting only appears once if uncommenting -# example settings in this file. - - -# This section allows you to configure which block devices should -# be used by the LVM system. -devices { - - # Where do you want your volume groups to appear ? - dir = "/dev" - - # An array of directories that contain the device nodes you wish - # to use with LVM2. - scan = [ "/dev" ] - - # If set, the cache of block device nodes with all associated symlinks - # will be constructed out of the existing udev database content. - # This avoids using and opening any inapplicable non-block devices or - # subdirectories found in the device directory. This setting is applied - # to udev-managed device directory only, other directories will be scanned - # fully. LVM2 needs to be compiled with udev support for this setting to - # take effect. N.B. Any device node or symlink not managed by udev in - # udev directory will be ignored with this setting on. - obtain_device_list_from_udev = 1 - - # If several entries in the scanned directories correspond to the - # same block device and the tools need to display a name for device, - # all the pathnames are matched against each item in the following - # list of regular expressions in turn and the first match is used. - # preferred_names = [ ] - - # Try to avoid using undescriptive /dev/dm-N names, if present. - preferred_names = [ "^/dev/mpath/", "^/dev/mapper/mpath", "^/dev/[hs]d" ] - - # A filter that tells LVM2 to only use a restricted set of devices. - # The filter consists of an array of regular expressions. These - # expressions can be delimited by a character of your choice, and - # prefixed with either an 'a' (for accept) or 'r' (for reject). - # The first expression found to match a device name determines if - # the device will be accepted or rejected (ignored). Devices that - # don't match any patterns are accepted. - - # Be careful if there there are symbolic links or multiple filesystem - # entries for the same device as each name is checked separately against - # the list of patterns. The effect is that if the first pattern in the - # list to match a name is an 'a' pattern for any of the names, the device - # is accepted; otherwise if the first pattern in the list to match a name - # is an 'r' pattern for any of the names it is rejected; otherwise it is - # accepted. - - # Don't have more than one filter line active at once: only one gets used. - - # Run vgscan after you change this parameter to ensure that - # the cache file gets regenerated (see below). - # If it doesn't do what you expect, check the output of 'vgscan -vvvv'. - - - # By default we accept every block device: - filter = [ "a/.*/" ] - - # Exclude the cdrom drive - # filter = [ "r|/dev/cdrom|" ] - - # When testing I like to work with just loopback devices: - # filter = [ "a/loop/", "r/.*/" ] - - # Or maybe all loops and ide drives except hdc: - # filter =[ "a|loop|", "r|/dev/hdc|", "a|/dev/ide|", "r|.*|" ] - - # Use anchors if you want to be really specific - # filter = [ "a|^/dev/hda8$|", "r/.*/" ] - - # Since "filter" is often overriden from command line, it is not suitable - # for system-wide device filtering (udev rules, lvmetad). To hide devices - # from LVM-specific udev processing and/or from lvmetad, you need to set - # global_filter. The syntax is the same as for normal "filter" - # above. Devices that fail the global_filter are not even opened by LVM. - - # global_filter = [] - - # The results of the filtering are cached on disk to avoid - # rescanning dud devices (which can take a very long time). - # By default this cache is stored in the /etc/lvm/cache directory - # in a file called '.cache'. - # It is safe to delete the contents: the tools regenerate it. - # (The old setting 'cache' is still respected if neither of - # these new ones is present.) - # N.B. If obtain_device_list_from_udev is set to 1 the list of - # devices is instead obtained from udev and any existing .cache - # file is removed. - cache_dir = "/etc/lvm/cache" - cache_file_prefix = "" - - # You can turn off writing this cache file by setting this to 0. - write_cache_state = 1 - - # Advanced settings. - - # List of pairs of additional acceptable block device types found - # in /proc/devices with maximum (non-zero) number of partitions. - # types = [ "fd", 16 ] - - # If sysfs is mounted (2.6 kernels) restrict device scanning to - # the block devices it believes are valid. - # 1 enables; 0 disables. - sysfs_scan = 1 - - # By default, LVM2 will ignore devices used as component paths - # of device-mapper multipath devices. - # 1 enables; 0 disables. - multipath_component_detection = 1 - - # By default, LVM2 will ignore devices used as components of - # software RAID (md) devices by looking for md superblocks. - # 1 enables; 0 disables. - md_component_detection = 1 - - # By default, if a PV is placed directly upon an md device, LVM2 - # will align its data blocks with the md device's stripe-width. - # 1 enables; 0 disables. - md_chunk_alignment = 1 - - # Default alignment of the start of a data area in MB. If set to 0, - # a value of 64KB will be used. Set to 1 for 1MiB, 2 for 2MiB, etc. - # default_data_alignment = 1 - - # By default, the start of a PV's data area will be a multiple of - # the 'minimum_io_size' or 'optimal_io_size' exposed in sysfs. - # - minimum_io_size - the smallest request the device can perform - # w/o incurring a read-modify-write penalty (e.g. MD's chunk size) - # - optimal_io_size - the device's preferred unit of receiving I/O - # (e.g. MD's stripe width) - # minimum_io_size is used if optimal_io_size is undefined (0). - # If md_chunk_alignment is enabled, that detects the optimal_io_size. - # This setting takes precedence over md_chunk_alignment. - # 1 enables; 0 disables. - data_alignment_detection = 1 - - # Alignment (in KB) of start of data area when creating a new PV. - # md_chunk_alignment and data_alignment_detection are disabled if set. - # Set to 0 for the default alignment (see: data_alignment_default) - # or page size, if larger. - data_alignment = 0 - - # By default, the start of the PV's aligned data area will be shifted by - # the 'alignment_offset' exposed in sysfs. This offset is often 0 but - # may be non-zero; e.g.: certain 4KB sector drives that compensate for - # windows partitioning will have an alignment_offset of 3584 bytes - # (sector 7 is the lowest aligned logical block, the 4KB sectors start - # at LBA -1, and consequently sector 63 is aligned on a 4KB boundary). - # But note that pvcreate --dataalignmentoffset will skip this detection. - # 1 enables; 0 disables. - data_alignment_offset_detection = 1 - - # If, while scanning the system for PVs, LVM2 encounters a device-mapper - # device that has its I/O suspended, it waits for it to become accessible. - # Set this to 1 to skip such devices. This should only be needed - # in recovery situations. - ignore_suspended_devices = 0 - - # During each LVM operation errors received from each device are counted. - # If the counter of a particular device exceeds the limit set here, no - # further I/O is sent to that device for the remainder of the respective - # operation. Setting the parameter to 0 disables the counters altogether. - disable_after_error_count = 0 - - # Allow use of pvcreate --uuid without requiring --restorefile. - require_restorefile_with_uuid = 1 - - # Minimum size (in KB) of block devices which can be used as PVs. - # In a clustered environment all nodes must use the same value. - # Any value smaller than 512KB is ignored. - - # Ignore devices smaller than 2MB such as floppy drives. - pv_min_size = 2048 - - # The original built-in setting was 512 up to and including version 2.02.84. - # pv_min_size = 512 - - # Issue discards to a logical volumes's underlying physical volume(s) when - # the logical volume is no longer using the physical volumes' space (e.g. - # lvremove, lvreduce, etc). Discards inform the storage that a region is - # no longer in use. Storage that supports discards advertise the protocol - # specific way discards should be issued by the kernel (TRIM, UNMAP, or - # WRITE SAME with UNMAP bit set). Not all storage will support or benefit - # from discards but SSDs and thinly provisioned LUNs generally do. If set - # to 1, discards will only be issued if both the storage and kernel provide - # support. - # 1 enables; 0 disables. - issue_discards = 0 -} - -# This section allows you to configure the way in which LVM selects -# free space for its Logical Volumes. -allocation { - - # When searching for free space to extend an LV, the "cling" - # allocation policy will choose space on the same PVs as the last - # segment of the existing LV. If there is insufficient space and a - # list of tags is defined here, it will check whether any of them are - # attached to the PVs concerned and then seek to match those PV tags - # between existing extents and new extents. - # Use the special tag "@*" as a wildcard to match any PV tag. - - # Example: LVs are mirrored between two sites within a single VG. - # PVs are tagged with either @site1 or @site2 to indicate where - # they are situated. - - # cling_tag_list = [ "@site1", "@site2" ] - # cling_tag_list = [ "@*" ] - - # Changes made in version 2.02.85 extended the reach of the 'cling' - # policies to detect more situations where data can be grouped - # onto the same disks. Set this to 0 to revert to the previous - # algorithm. - maximise_cling = 1 - - # Set to 1 to guarantee that mirror logs will always be placed on - # different PVs from the mirror images. This was the default - # until version 2.02.85. - mirror_logs_require_separate_pvs = 0 - - # Set to 1 to guarantee that thin pool metadata will always - # be placed on different PVs from the pool data. - thin_pool_metadata_require_separate_pvs = 0 - - # Specify the minimal chunk size (in KB) for thin pool volumes. - # Use of the larger chunk size may improve perfomance for plain - # thin volumes, however using them for snapshot volumes is less efficient, - # as it consumes more space and takes extra time for copying. - # When unset, lvm tries to estimate chunk size starting from 64KB - # Supported values are in range from 64 to 1048576. - # thin_pool_chunk_size = 64 - - # Specify discards behavior of the thin pool volume. - # Select one of "ignore", "nopassdown", "passdown" - # thin_pool_discards = "passdown" - - # Set to 0, to disable zeroing of thin pool data chunks before their - # first use. - # N.B. zeroing larger thin pool chunk size degrades performance. - # thin_pool_zero = 1 -} - -# This section that allows you to configure the nature of the -# information that LVM2 reports. -log { - - # Controls the messages sent to stdout or stderr. - # There are three levels of verbosity, 3 being the most verbose. - verbose = 0 - - # Set to 1 to suppress all non-essential messages from stdout. - # This has the same effect as -qq. - # When this is set, the following commands still produce output: - # dumpconfig, lvdisplay, lvmdiskscan, lvs, pvck, pvdisplay, - # pvs, version, vgcfgrestore -l, vgdisplay, vgs. - # Non-essential messages are shifted from log level 4 to log level 5 - # for syslog and lvm2_log_fn purposes. - # Any 'yes' or 'no' questions not overridden by other arguments - # are suppressed and default to 'no'. - silent = 0 - - # Should we send log messages through syslog? - # 1 is yes; 0 is no. - syslog = 1 - - # Should we log error and debug messages to a file? - # By default there is no log file. - #file = "/var/log/lvm2.log" - - # Should we overwrite the log file each time the program is run? - # By default we append. - overwrite = 0 - - # What level of log messages should we send to the log file and/or syslog? - # There are 6 syslog-like log levels currently in use - 2 to 7 inclusive. - # 7 is the most verbose (LOG_DEBUG). - level = 0 - - # Format of output messages - # Whether or not (1 or 0) to indent messages according to their severity - indent = 1 - - # Whether or not (1 or 0) to display the command name on each line output - command_names = 0 - - # A prefix to use before the message text (but after the command name, - # if selected). Default is two spaces, so you can see/grep the severity - # of each message. - prefix = " " - - # To make the messages look similar to the original LVM tools use: - # indent = 0 - # command_names = 1 - # prefix = " -- " - - # Set this if you want log messages during activation. - # Don't use this in low memory situations (can deadlock). - # activation = 0 -} - -# Configuration of metadata backups and archiving. In LVM2 when we -# talk about a 'backup' we mean making a copy of the metadata for the -# *current* system. The 'archive' contains old metadata configurations. -# Backups are stored in a human readeable text format. -backup { - - # Should we maintain a backup of the current metadata configuration ? - # Use 1 for Yes; 0 for No. - # Think very hard before turning this off! - backup = 1 - - # Where shall we keep it ? - # Remember to back up this directory regularly! - backup_dir = "/etc/lvm/backup" - - # Should we maintain an archive of old metadata configurations. - # Use 1 for Yes; 0 for No. - # On by default. Think very hard before turning this off. - archive = 1 - - # Where should archived files go ? - # Remember to back up this directory regularly! - archive_dir = "/etc/lvm/archive" - - # What is the minimum number of archive files you wish to keep ? - retain_min = 10 - - # What is the minimum time you wish to keep an archive file for ? - retain_days = 30 -} - -# Settings for the running LVM2 in shell (readline) mode. -shell { - - # Number of lines of history to store in ~/.lvm_history - history_size = 100 -} - - -# Miscellaneous global LVM2 settings -global { - - # The file creation mask for any files and directories created. - # Interpreted as octal if the first digit is zero. - umask = 077 - - # Allow other users to read the files - #umask = 022 - - # Enabling test mode means that no changes to the on disk metadata - # will be made. Equivalent to having the -t option on every - # command. Defaults to off. - test = 0 - - # Default value for --units argument - units = "h" - - # Since version 2.02.54, the tools distinguish between powers of - # 1024 bytes (e.g. KiB, MiB, GiB) and powers of 1000 bytes (e.g. - # KB, MB, GB). - # If you have scripts that depend on the old behaviour, set this to 0 - # temporarily until you update them. - si_unit_consistency = 1 - - # Whether or not to communicate with the kernel device-mapper. - # Set to 0 if you want to use the tools to manipulate LVM metadata - # without activating any logical volumes. - # If the device-mapper kernel driver is not present in your kernel - # setting this to 0 should suppress the error messages. - activation = 1 - - # If we can't communicate with device-mapper, should we try running - # the LVM1 tools? - # This option only applies to 2.4 kernels and is provided to help you - # switch between device-mapper kernels and LVM1 kernels. - # The LVM1 tools need to be installed with .lvm1 suffices - # e.g. vgscan.lvm1 and they will stop working after you start using - # the new lvm2 on-disk metadata format. - # The default value is set when the tools are built. - # fallback_to_lvm1 = 0 - - # The default metadata format that commands should use - "lvm1" or "lvm2". - # The command line override is -M1 or -M2. - # Defaults to "lvm2". - # format = "lvm2" - - # Location of proc filesystem - proc = "/proc" - - # Type of locking to use. Defaults to local file-based locking (1). - # Turn locking off by setting to 0 (dangerous: risks metadata corruption - # if LVM2 commands get run concurrently). - # Type 2 uses the external shared library locking_library. - # Type 3 uses built-in clustered locking. - # Type 4 uses read-only locking which forbids any operations that might - # change metadata. - locking_type = 1 - - # Set to 0 to fail when a lock request cannot be satisfied immediately. - wait_for_locks = 1 - - # If using external locking (type 2) and initialisation fails, - # with this set to 1 an attempt will be made to use the built-in - # clustered locking. - # If you are using a customised locking_library you should set this to 0. - fallback_to_clustered_locking = 1 - - # If an attempt to initialise type 2 or type 3 locking failed, perhaps - # because cluster components such as clvmd are not running, with this set - # to 1 an attempt will be made to use local file-based locking (type 1). - # If this succeeds, only commands against local volume groups will proceed. - # Volume Groups marked as clustered will be ignored. - fallback_to_local_locking = 1 - - # Local non-LV directory that holds file-based locks while commands are - # in progress. A directory like /tmp that may get wiped on reboot is OK. - locking_dir = "/var/lock/lvm" - - # Whenever there are competing read-only and read-write access requests for - # a volume group's metadata, instead of always granting the read-only - # requests immediately, delay them to allow the read-write requests to be - # serviced. Without this setting, write access may be stalled by a high - # volume of read-only requests. - # NB. This option only affects locking_type = 1 viz. local file-based - # locking. - prioritise_write_locks = 1 - - # Other entries can go here to allow you to load shared libraries - # e.g. if support for LVM1 metadata was compiled as a shared library use - # format_libraries = "liblvm2format1.so" - # Full pathnames can be given. - - # Search this directory first for shared libraries. - # library_dir = "/lib" - - # The external locking library to load if locking_type is set to 2. - # locking_library = "liblvm2clusterlock.so" - - # Treat any internal errors as fatal errors, aborting the process that - # encountered the internal error. Please only enable for debugging. - abort_on_internal_errors = 0 - - # Check whether CRC is matching when parsed VG is used multiple times. - # This is useful to catch unexpected internal cached volume group - # structure modification. Please only enable for debugging. - detect_internal_vg_cache_corruption = 0 - - # If set to 1, no operations that change on-disk metadata will be permitted. - # Additionally, read-only commands that encounter metadata in need of repair - # will still be allowed to proceed exactly as if the repair had been - # performed (except for the unchanged vg_seqno). - # Inappropriate use could mess up your system, so seek advice first! - metadata_read_only = 0 - - # 'mirror_segtype_default' defines which segtype will be used when the - # shorthand '-m' option is used for mirroring. The possible options are: - # - # "mirror" - The original RAID1 implementation provided by LVM2/DM. It is - # characterized by a flexible log solution (core, disk, mirrored) - # and by the necessity to block I/O while reconfiguring in the - # event of a failure. - # - # There is an inherent race in the dmeventd failure handling - # logic with snapshots of devices using this type of RAID1 that - # in the worst case could cause a deadlock. - # Ref: https://bugzilla.redhat.com/show_bug.cgi?id=817130#c10 - # - # "raid1" - This implementation leverages MD's RAID1 personality through - # device-mapper. It is characterized by a lack of log options. - # (A log is always allocated for every device and they are placed - # on the same device as the image - no separate devices are - # required.) This mirror implementation does not require I/O - # to be blocked in the kernel in the event of a failure. - # This mirror implementation is not cluster-aware and cannot be - # used in a shared (active/active) fashion in a cluster. - # - # Specify the '--type ' option to override this default - # setting. - mirror_segtype_default = "mirror" - - # The default format for displaying LV names in lvdisplay was changed - # in version 2.02.89 to show the LV name and path separately. - # Previously this was always shown as /dev/vgname/lvname even when that - # was never a valid path in the /dev filesystem. - # Set to 1 to reinstate the previous format. - # - # lvdisplay_shows_full_device_path = 0 - - # Whether to use (trust) a running instance of lvmetad. If this is set to - # 0, all commands fall back to the usual scanning mechanisms. When set to 1 - # *and* when lvmetad is running (it is not auto-started), the volume group - # metadata and PV state flags are obtained from the lvmetad instance and no - # scanning is done by the individual commands. In a setup with lvmetad, - # lvmetad udev rules *must* be set up for LVM to work correctly. Without - # proper udev rules, all changes in block device configuration will be - # *ignored* until a manual 'pvscan --cache' is performed. - # - # If lvmetad has been running while use_lvmetad was 0, it MUST be stopped - # before changing use_lvmetad to 1 and started again afterwards. - use_lvmetad = 0 - - # Full path of the utility called to check that a thin metadata device - # is in a state that allows it to be used. - # Each time a thin pool needs to be activated or after it is deactivated - # this utility is executed. The activation will only proceed if the utility - # has an exit status of 0. - # Set to "" to skip this check. (Not recommended.) - # The thin tools are available as part of the device-mapper-persistent-data - # package from https://github.com/jthornber/thin-provisioning-tools. - # - thin_check_executable = "/usr/sbin/thin_check" - - # String with options passed with thin_check command. By default, - # option '-q' is for quiet output. - thin_check_options = [ "-q" ] - - # If set, given features are not used by thin driver. - # This can be helpful not just for testing, but i.e. allows to avoid - # using problematic implementation of some thin feature. - # Features: - # block_size - # discards - # discards_non_power_2 - # - # thin_disabled_features = [ "discards", "block_size" ] -} - -activation { - # Set to 1 to perform internal checks on the operations issued to - # libdevmapper. Useful for debugging problems with activation. - # Some of the checks may be expensive, so it's best to use this - # only when there seems to be a problem. - checks = 0 - - # Set to 0 to disable udev synchronisation (if compiled into the binaries). - # Processes will not wait for notification from udev. - # They will continue irrespective of any possible udev processing - # in the background. You should only use this if udev is not running - # or has rules that ignore the devices LVM2 creates. - # The command line argument --nodevsync takes precedence over this setting. - # If set to 1 when udev is not running, and there are LVM2 processes - # waiting for udev, run 'dmsetup udevcomplete_all' manually to wake them up. - udev_sync = 1 - - # Set to 0 to disable the udev rules installed by LVM2 (if built with - # --enable-udev_rules). LVM2 will then manage the /dev nodes and symlinks - # for active logical volumes directly itself. - # N.B. Manual intervention may be required if this setting is changed - # while any logical volumes are active. - udev_rules = 1 - - # Set to 1 for LVM2 to verify operations performed by udev. This turns on - # additional checks (and if necessary, repairs) on entries in the device - # directory after udev has completed processing its events. - # Useful for diagnosing problems with LVM2/udev interactions. - verify_udev_operations = 0 - - # If set to 1 and if deactivation of an LV fails, perhaps because - # a process run from a quick udev rule temporarily opened the device, - # retry the operation for a few seconds before failing. - retry_deactivation = 1 - - # How to fill in missing stripes if activating an incomplete volume. - # Using "error" will make inaccessible parts of the device return - # I/O errors on access. You can instead use a device path, in which - # case, that device will be used to in place of missing stripes. - # But note that using anything other than "error" with mirrored - # or snapshotted volumes is likely to result in data corruption. - missing_stripe_filler = "error" - - # The linear target is an optimised version of the striped target - # that only handles a single stripe. Set this to 0 to disable this - # optimisation and always use the striped target. - use_linear_target = 1 - - # How much stack (in KB) to reserve for use while devices suspended - # Prior to version 2.02.89 this used to be set to 256KB - reserved_stack = 64 - - # How much memory (in KB) to reserve for use while devices suspended - reserved_memory = 8192 - - # Nice value used while devices suspended - process_priority = -18 - - # If volume_list is defined, each LV is only activated if there is a - # match against the list. - # "vgname" and "vgname/lvname" are matched exactly. - # "@tag" matches any tag set in the LV or VG. - # "@*" matches if any tag defined on the host is also set in the LV or VG - # - # volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] - - # If auto_activation_volume_list is defined, each LV that is to be - # activated is checked against the list while using the autoactivation - # option (--activate ay/-a ay), and if it matches, it is activated. - # "vgname" and "vgname/lvname" are matched exactly. - # "@tag" matches any tag set in the LV or VG. - # "@*" matches if any tag defined on the host is also set in the LV or VG - # - # auto_activation_volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] - - # If read_only_volume_list is defined, each LV that is to be activated - # is checked against the list, and if it matches, it as activated - # in read-only mode. (This overrides '--permission rw' stored in the - # metadata.) - # "vgname" and "vgname/lvname" are matched exactly. - # "@tag" matches any tag set in the LV or VG. - # "@*" matches if any tag defined on the host is also set in the LV or VG - # - # read_only_volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] - - # Size (in KB) of each copy operation when mirroring - mirror_region_size = 512 - - # Setting to use when there is no readahead value stored in the metadata. - # - # "none" - Disable readahead. - # "auto" - Use default value chosen by kernel. - readahead = "auto" - - # 'raid_fault_policy' defines how a device failure in a RAID logical - # volume is handled. This includes logical volumes that have the following - # segment types: raid1, raid4, raid5*, and raid6*. - # - # In the event of a failure, the following policies will determine what - # actions are performed during the automated response to failures (when - # dmeventd is monitoring the RAID logical volume) and when 'lvconvert' is - # called manually with the options '--repair' and '--use-policies'. - # - # "warn" - Use the system log to warn the user that a device in the RAID - # logical volume has failed. It is left to the user to run - # 'lvconvert --repair' manually to remove or replace the failed - # device. As long as the number of failed devices does not - # exceed the redundancy of the logical volume (1 device for - # raid4/5, 2 for raid6, etc) the logical volume will remain - # usable. - # - # "allocate" - Attempt to use any extra physical volumes in the volume - # group as spares and replace faulty devices. - # - raid_fault_policy = "warn" - - # 'mirror_image_fault_policy' and 'mirror_log_fault_policy' define - # how a device failure affecting a mirror (of "mirror" segment type) is - # handled. A mirror is composed of mirror images (copies) and a log. - # A disk log ensures that a mirror does not need to be re-synced - # (all copies made the same) every time a machine reboots or crashes. - # - # In the event of a failure, the specified policy will be used to determine - # what happens. This applies to automatic repairs (when the mirror is being - # monitored by dmeventd) and to manual lvconvert --repair when - # --use-policies is given. - # - # "remove" - Simply remove the faulty device and run without it. If - # the log device fails, the mirror would convert to using - # an in-memory log. This means the mirror will not - # remember its sync status across crashes/reboots and - # the entire mirror will be re-synced. If a - # mirror image fails, the mirror will convert to a - # non-mirrored device if there is only one remaining good - # copy. - # - # "allocate" - Remove the faulty device and try to allocate space on - # a new device to be a replacement for the failed device. - # Using this policy for the log is fast and maintains the - # ability to remember sync state through crashes/reboots. - # Using this policy for a mirror device is slow, as it - # requires the mirror to resynchronize the devices, but it - # will preserve the mirror characteristic of the device. - # This policy acts like "remove" if no suitable device and - # space can be allocated for the replacement. - # - # "allocate_anywhere" - Not yet implemented. Useful to place the log device - # temporarily on same physical volume as one of the mirror - # images. This policy is not recommended for mirror devices - # since it would break the redundant nature of the mirror. This - # policy acts like "remove" if no suitable device and space can - # be allocated for the replacement. - - mirror_log_fault_policy = "allocate" - mirror_image_fault_policy = "remove" - - # 'snapshot_autoextend_threshold' and 'snapshot_autoextend_percent' define - # how to handle automatic snapshot extension. The former defines when the - # snapshot should be extended: when its space usage exceeds this many - # percent. The latter defines how much extra space should be allocated for - # the snapshot, in percent of its current size. - # - # For example, if you set snapshot_autoextend_threshold to 70 and - # snapshot_autoextend_percent to 20, whenever a snapshot exceeds 70% usage, - # it will be extended by another 20%. For a 1G snapshot, using up 700M will - # trigger a resize to 1.2G. When the usage exceeds 840M, the snapshot will - # be extended to 1.44G, and so on. - # - # Setting snapshot_autoextend_threshold to 100 disables automatic - # extensions. The minimum value is 50 (A setting below 50 will be treated - # as 50). - - snapshot_autoextend_threshold = 100 - snapshot_autoextend_percent = 20 - - # 'thin_pool_autoextend_threshold' and 'thin_pool_autoextend_percent' define - # how to handle automatic pool extension. The former defines when the - # pool should be extended: when its space usage exceeds this many - # percent. The latter defines how much extra space should be allocated for - # the pool, in percent of its current size. - # - # For example, if you set thin_pool_autoextend_threshold to 70 and - # thin_pool_autoextend_percent to 20, whenever a pool exceeds 70% usage, - # it will be extended by another 20%. For a 1G pool, using up 700M will - # trigger a resize to 1.2G. When the usage exceeds 840M, the pool will - # be extended to 1.44G, and so on. - # - # Setting thin_pool_autoextend_threshold to 100 disables automatic - # extensions. The minimum value is 50 (A setting below 50 will be treated - # as 50). - - thin_pool_autoextend_threshold = 100 - thin_pool_autoextend_percent = 20 - - # While activating devices, I/O to devices being (re)configured is - # suspended, and as a precaution against deadlocks, LVM2 needs to pin - # any memory it is using so it is not paged out. Groups of pages that - # are known not to be accessed during activation need not be pinned - # into memory. Each string listed in this setting is compared against - # each line in /proc/self/maps, and the pages corresponding to any - # lines that match are not pinned. On some systems locale-archive was - # found to make up over 80% of the memory used by the process. - # mlock_filter = [ "locale/locale-archive", "gconv/gconv-modules.cache" ] - - # Set to 1 to revert to the default behaviour prior to version 2.02.62 - # which used mlockall() to pin the whole process's memory while activating - # devices. - use_mlockall = 0 - - # Monitoring is enabled by default when activating logical volumes. - # Set to 0 to disable monitoring or use the --ignoremonitoring option. - monitoring = 1 - - # When pvmove or lvconvert must wait for the kernel to finish - # synchronising or merging data, they check and report progress - # at intervals of this number of seconds. The default is 15 seconds. - # If this is set to 0 and there is only one thing to wait for, there - # are no progress reports, but the process is awoken immediately the - # operation is complete. - polling_interval = 15 -} - - -#################### -# Advanced section # -#################### - -# Metadata settings -# -# metadata { - # Default number of copies of metadata to hold on each PV. 0, 1 or 2. - # You might want to override it from the command line with 0 - # when running pvcreate on new PVs which are to be added to large VGs. - - # pvmetadatacopies = 1 - - # Default number of copies of metadata to maintain for each VG. - # If set to a non-zero value, LVM automatically chooses which of - # the available metadata areas to use to achieve the requested - # number of copies of the VG metadata. If you set a value larger - # than the the total number of metadata areas available then - # metadata is stored in them all. - # The default value of 0 ("unmanaged") disables this automatic - # management and allows you to control which metadata areas - # are used at the individual PV level using 'pvchange - # --metadataignore y/n'. - - # vgmetadatacopies = 0 - - # Approximate default size of on-disk metadata areas in sectors. - # You should increase this if you have large volume groups or - # you want to retain a large on-disk history of your metadata changes. - - # pvmetadatasize = 255 - - # List of directories holding live copies of text format metadata. - # These directories must not be on logical volumes! - # It's possible to use LVM2 with a couple of directories here, - # preferably on different (non-LV) filesystems, and with no other - # on-disk metadata (pvmetadatacopies = 0). Or this can be in - # addition to on-disk metadata areas. - # The feature was originally added to simplify testing and is not - # supported under low memory situations - the machine could lock up. - # - # Never edit any files in these directories by hand unless you - # you are absolutely sure you know what you are doing! Use - # the supplied toolset to make changes (e.g. vgcfgrestore). - - # dirs = [ "/etc/lvm/metadata", "/mnt/disk2/lvm/metadata2" ] -#} - -# Event daemon -# -dmeventd { - # mirror_library is the library used when monitoring a mirror device. - # - # "libdevmapper-event-lvm2mirror.so" attempts to recover from - # failures. It removes failed devices from a volume group and - # reconfigures a mirror as necessary. If no mirror library is - # provided, mirrors are not monitored through dmeventd. - - mirror_library = "libdevmapper-event-lvm2mirror.so" - - # snapshot_library is the library used when monitoring a snapshot device. - # - # "libdevmapper-event-lvm2snapshot.so" monitors the filling of - # snapshots and emits a warning through syslog when the use of - # the snapshot exceeds 80%. The warning is repeated when 85%, 90% and - # 95% of the snapshot is filled. - - snapshot_library = "libdevmapper-event-lvm2snapshot.so" - - # thin_library is the library used when monitoring a thin device. - # - # "libdevmapper-event-lvm2thin.so" monitors the filling of - # pool and emits a warning through syslog when the use of - # the pool exceeds 80%. The warning is repeated when 85%, 90% and - # 95% of the pool is filled. - - thin_library = "libdevmapper-event-lvm2thin.so" - - # Full path of the dmeventd binary. - # - # executable = "/sbin/dmeventd" -} diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/nova/api-paste.ini b/config_samples/fuel_web/golden_fuelweb/cmp/nova/api-paste.ini deleted file mode 100644 index 31bdf8f..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/nova/api-paste.ini +++ /dev/null @@ -1,102 +0,0 @@ -############ -# Metadata # -############ -[composite:metadata] -use = egg:Paste#urlmap -/: meta - -[pipeline:meta] -pipeline = ec2faultwrap logrequest metaapp - -[app:metaapp] -paste.app_factory = nova.api.metadata.handler:MetadataRequestHandler.factory - -####### -# EC2 # -####### - -[composite:ec2] -use = egg:Paste#urlmap -/services/Cloud: ec2cloud - -[composite:ec2cloud] -use = call:nova.api.auth:pipeline_factory -noauth = ec2faultwrap logrequest ec2noauth cloudrequest validator ec2executor -keystone = ec2faultwrap logrequest ec2keystoneauth cloudrequest validator ec2executor - -[filter:ec2faultwrap] -paste.filter_factory = nova.api.ec2:FaultWrapper.factory - -[filter:logrequest] -paste.filter_factory = nova.api.ec2:RequestLogging.factory - -[filter:ec2lockout] -paste.filter_factory = nova.api.ec2:Lockout.factory - -[filter:ec2keystoneauth] -paste.filter_factory = nova.api.ec2:EC2KeystoneAuth.factory - -[filter:ec2noauth] -paste.filter_factory = nova.api.ec2:NoAuth.factory - -[filter:cloudrequest] -controller = nova.api.ec2.cloud.CloudController -paste.filter_factory = nova.api.ec2:Requestify.factory - -[filter:authorizer] -paste.filter_factory = nova.api.ec2:Authorizer.factory - -[filter:validator] -paste.filter_factory = nova.api.ec2:Validator.factory - -[app:ec2executor] -paste.app_factory = nova.api.ec2:Executor.factory - -############# -# Openstack # -############# - -[composite:osapi_compute] -use = call:nova.api.openstack.urlmap:urlmap_factory -/: oscomputeversions -/v1.1: openstack_compute_api_v2 -/v2: openstack_compute_api_v2 - -[composite:openstack_compute_api_v2] -use = call:nova.api.auth:pipeline_factory -noauth = faultwrap sizelimit noauth ratelimit osapi_compute_app_v2 -keystone = faultwrap sizelimit authtoken keystonecontext ratelimit osapi_compute_app_v2 -keystone_nolimit = faultwrap sizelimit authtoken keystonecontext osapi_compute_app_v2 - -[filter:faultwrap] -paste.filter_factory = nova.api.openstack:FaultWrapper.factory - -[filter:noauth] -paste.filter_factory = nova.api.openstack.auth:NoAuthMiddleware.factory - -[filter:ratelimit] -paste.filter_factory = nova.api.openstack.compute.limits:RateLimitingMiddleware.factory - -[filter:sizelimit] -paste.filter_factory = nova.api.sizelimit:RequestBodySizeLimiter.factory - -[app:osapi_compute_app_v2] -paste.app_factory = nova.api.openstack.compute:APIRouter.factory - -[pipeline:oscomputeversions] -pipeline = faultwrap oscomputeversionapp - -[app:oscomputeversionapp] -paste.app_factory = nova.api.openstack.compute.versions:Versions.factory - -########## -# Shared # -########## - -[filter:keystonecontext] -paste.filter_factory = nova.api.auth:NovaKeystoneContext.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory -# Workaround for https://bugs.launchpad.net/nova/+bug/1154809 -auth_version = v2.0 diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/nova/logging.conf b/config_samples/fuel_web/golden_fuelweb/cmp/nova/logging.conf deleted file mode 100644 index d8e0f98..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/nova/logging.conf +++ /dev/null @@ -1,21 +0,0 @@ -[loggers] -keys = root - -[handlers] -keys = syslog - -[formatters] -keys = default - -[logger_root] -level = DEBUG -handlers = syslog -qualname = nova - -[handler_syslog] -class = handlers.SysLogHandler -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL0) -formatter = default - -[formatter_default] -format = nova %(name)s %(levelname)s %(message)s diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/nova/nova.conf b/config_samples/fuel_web/golden_fuelweb/cmp/nova/nova.conf deleted file mode 100644 index e5b9ee8..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/nova/nova.conf +++ /dev/null @@ -1,72 +0,0 @@ -[DEFAULT] -logdir = /var/log/nova -state_path = /var/lib/nova -lock_path = /var/lib/nova/tmp -volumes_dir = /etc/nova/volumes -dhcpbridge = /usr/bin/nova-dhcpbridge -dhcpbridge_flagfile = /etc/nova/nova.conf -force_dhcp_release = true -injected_network_template = /usr/share/nova/interfaces.template -libvirt_nonblocking = True -libvirt_inject_partition = -1 -network_manager = nova.network.manager.VlanManager -iscsi_helper = tgtadm -sql_connection = mysql://nova:jMsyf1wU@192.168.0.7/nova -compute_driver = libvirt.LibvirtDriver -firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver -rpc_backend = nova.rpc.impl_kombu -rootwrap_config = /etc/nova/rootwrap.conf -debug=true -vncserver_proxyclient_address=192.168.0.5 -rabbit_hosts=192.168.0.7:5672 -osapi_compute_listen=192.168.0.5 -ec2_listen=192.168.0.5 -glance_api_servers=192.168.0.7:9292 -rabbit_userid=nova -rabbit_ha_queues=True -rabbit_password=zrk9MfKV -verbose=true -logging_default_format_string=%(levelname)s %(name)s [-] %(instance)s %(message)s -logging_context_format_string=%(levelname)s %(name)s [%(request_id)s %(user_id)s %(project_id)s] %(instance)s %(message)s -enabled_apis=metadata -vnc_enabled=true -rabbit_virtual_host=/ -image_service=nova.image.glance.GlanceImageService -volume_api_class=nova.volume.cinder.API -use_cow_images=true -log_config=/etc/nova/logging.conf -rabbit_port=5672 -vlan_start=103 -compute_scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler -api_paste_config=/etc/nova/api-paste.ini -novncproxy_base_url=http://240.0.1.7:6080/vnc_auto.html -public_interface=eth0.100 -start_guests_on_host_boot=true -service_down_time=60 -syslog_log_facility=LOCAL0 -vncserver_listen=192.168.0.5 -osapi_volume_listen=192.168.0.5 -metadata_listen=192.168.0.5 -auth_strategy=keystone -fixed_range=10.0.0.0/24 -use_syslog=True -dhcp_domain=novalocal -metadata_host=192.168.0.5 -memcached_servers=controller-15:11211,controller-14:11211,controller-13:11211 -send_arp_for_ha=True -multi_host=True -allow_resize_to_same_host=True -libvirt_type=qemu -vlan_interface=eth0 -connection_type=libvirt - -[keystone_authtoken] -admin_tenant_name = services -admin_user = nova -admin_password = Zc1VlBC9 -auth_host = 192.168.0.7 -auth_port = 35357 -auth_protocol = http -signing_dir = /tmp/keystone-signing-nova -signing_dirname=/tmp/keystone-signing-nova - diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/nova/policy.json b/config_samples/fuel_web/golden_fuelweb/cmp/nova/policy.json deleted file mode 100644 index 5a6800f..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/nova/policy.json +++ /dev/null @@ -1,161 +0,0 @@ -{ - "context_is_admin": "role:admin", - "admin_or_owner": "is_admin:True or project_id:%(project_id)s", - "default": "rule:admin_or_owner", - - - "compute:create": "", - "compute:create:attach_network": "", - "compute:create:attach_volume": "", - "compute:create:forced_host": "is_admin:True", - "compute:get_all": "", - "compute:get_all_tenants": "", - - - "admin_api": "is_admin:True", - "compute_extension:accounts": "rule:admin_api", - "compute_extension:admin_actions": "rule:admin_api", - "compute_extension:admin_actions:pause": "rule:admin_or_owner", - "compute_extension:admin_actions:unpause": "rule:admin_or_owner", - "compute_extension:admin_actions:suspend": "rule:admin_or_owner", - "compute_extension:admin_actions:resume": "rule:admin_or_owner", - "compute_extension:admin_actions:lock": "rule:admin_api", - "compute_extension:admin_actions:unlock": "rule:admin_api", - "compute_extension:admin_actions:resetNetwork": "rule:admin_api", - "compute_extension:admin_actions:injectNetworkInfo": "rule:admin_api", - "compute_extension:admin_actions:createBackup": "rule:admin_or_owner", - "compute_extension:admin_actions:migrateLive": "rule:admin_api", - "compute_extension:admin_actions:resetState": "rule:admin_api", - "compute_extension:admin_actions:migrate": "rule:admin_api", - "compute_extension:aggregates": "rule:admin_api", - "compute_extension:agents": "rule:admin_api", - "compute_extension:attach_interfaces": "", - "compute_extension:baremetal_nodes": "rule:admin_api", - "compute_extension:cells": "rule:admin_api", - "compute_extension:certificates": "", - "compute_extension:cloudpipe": "rule:admin_api", - "compute_extension:cloudpipe_update": "rule:admin_api", - "compute_extension:console_output": "", - "compute_extension:consoles": "", - "compute_extension:coverage_ext": "rule:admin_api", - "compute_extension:createserverext": "", - "compute_extension:deferred_delete": "", - "compute_extension:disk_config": "", - "compute_extension:evacuate": "rule:admin_api", - "compute_extension:extended_server_attributes": "rule:admin_api", - "compute_extension:extended_status": "", - "compute_extension:extended_availability_zone": "", - "compute_extension:extended_ips": "", - "compute_extension:fixed_ips": "rule:admin_api", - "compute_extension:flavor_access": "", - "compute_extension:flavor_disabled": "", - "compute_extension:flavor_rxtx": "", - "compute_extension:flavor_swap": "", - "compute_extension:flavorextradata": "", - "compute_extension:flavorextraspecs:index": "", - "compute_extension:flavorextraspecs:show": "", - "compute_extension:flavorextraspecs:create": "rule:admin_api", - "compute_extension:flavorextraspecs:update": "rule:admin_api", - "compute_extension:flavorextraspecs:delete": "rule:admin_api", - "compute_extension:flavormanage": "rule:admin_api", - "compute_extension:floating_ip_dns": "", - "compute_extension:floating_ip_pools": "", - "compute_extension:floating_ips": "", - "compute_extension:floating_ips_bulk": "rule:admin_api", - "compute_extension:fping": "", - "compute_extension:fping:all_tenants": "rule:admin_api", - "compute_extension:hide_server_addresses": "is_admin:False", - "compute_extension:hosts": "rule:admin_api", - "compute_extension:hypervisors": "rule:admin_api", - "compute_extension:image_size": "", - "compute_extension:instance_actions": "", - "compute_extension:instance_actions:events": "rule:admin_api", - "compute_extension:instance_usage_audit_log": "rule:admin_api", - "compute_extension:keypairs": "", - "compute_extension:multinic": "", - "compute_extension:networks": "rule:admin_api", - "compute_extension:networks:view": "", - "compute_extension:networks_associate": "rule:admin_api", - "compute_extension:quotas:show": "", - "compute_extension:quotas:update": "rule:admin_api", - "compute_extension:quota_classes": "", - "compute_extension:rescue": "", - "compute_extension:security_group_default_rules": "rule:admin_api", - "compute_extension:security_groups": "", - "compute_extension:server_diagnostics": "rule:admin_api", - "compute_extension:server_password": "", - "compute_extension:services": "rule:admin_api", - "compute_extension:simple_tenant_usage:show": "rule:admin_or_owner", - "compute_extension:simple_tenant_usage:list": "rule:admin_api", - "compute_extension:users": "rule:admin_api", - "compute_extension:virtual_interfaces": "", - "compute_extension:virtual_storage_arrays": "", - "compute_extension:volumes": "", - "compute_extension:volume_attachments:index": "", - "compute_extension:volume_attachments:show": "", - "compute_extension:volume_attachments:create": "", - "compute_extension:volume_attachments:delete": "", - "compute_extension:volumetypes": "", - "compute_extension:availability_zone:list": "", - "compute_extension:availability_zone:detail": "rule:admin_api", - - - "volume:create": "", - "volume:get_all": "", - "volume:get_volume_metadata": "", - "volume:get_snapshot": "", - "volume:get_all_snapshots": "", - - - "volume_extension:types_manage": "rule:admin_api", - "volume_extension:types_extra_specs": "rule:admin_api", - "volume_extension:volume_admin_actions:reset_status": "rule:admin_api", - "volume_extension:snapshot_admin_actions:reset_status": "rule:admin_api", - "volume_extension:volume_admin_actions:force_delete": "rule:admin_api", - - - "network:get_all": "", - "network:get": "", - "network:create": "", - "network:delete": "", - "network:associate": "", - "network:disassociate": "", - "network:get_vifs_by_instance": "", - "network:allocate_for_instance": "", - "network:deallocate_for_instance": "", - "network:validate_networks": "", - "network:get_instance_uuids_by_ip_filter": "", - "network:get_instance_id_by_floating_address": "", - "network:setup_networks_on_host": "", - "network:get_backdoor_port": "", - - "network:get_floating_ip": "", - "network:get_floating_ip_pools": "", - "network:get_floating_ip_by_address": "", - "network:get_floating_ips_by_project": "", - "network:get_floating_ips_by_fixed_address": "", - "network:allocate_floating_ip": "", - "network:deallocate_floating_ip": "", - "network:associate_floating_ip": "", - "network:disassociate_floating_ip": "", - "network:release_floating_ip": "", - "network:migrate_instance_start": "", - "network:migrate_instance_finish": "", - - "network:get_fixed_ip": "", - "network:get_fixed_ip_by_address": "", - "network:add_fixed_ip_to_instance": "", - "network:remove_fixed_ip_from_instance": "", - "network:add_network_to_project": "", - "network:get_instance_nw_info": "", - - "network:get_dns_domains": "", - "network:add_dns_entry": "", - "network:modify_dns_entry": "", - "network:delete_dns_entry": "", - "network:get_dns_entries_by_address": "", - "network:get_dns_entries_by_name": "", - "network:create_private_dns_domain": "", - "network:create_public_dns_domain": "", - "network:delete_dns_domain": "" -} diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/nova/release b/config_samples/fuel_web/golden_fuelweb/cmp/nova/release deleted file mode 100644 index 898c2a3..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/nova/release +++ /dev/null @@ -1,4 +0,0 @@ -[Nova] -vendor = Red Hat Inc. -product = OpenStack Nova -package = mira.2 diff --git a/config_samples/fuel_web/golden_fuelweb/cmp/nova/rootwrap.conf b/config_samples/fuel_web/golden_fuelweb/cmp/nova/rootwrap.conf deleted file mode 100644 index fb2997a..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cmp/nova/rootwrap.conf +++ /dev/null @@ -1,27 +0,0 @@ -# Configuration for nova-rootwrap -# This file should be owned by (and only-writeable by) the root user - -[DEFAULT] -# List of directories to load filter definitions from (separated by ','). -# These directories MUST all be only writeable by root ! -filters_path=/etc/nova/rootwrap.d,/usr/share/nova/rootwrap - -# List of directories to search executables in, in case filters do not -# explicitely specify a full path (separated by ',') -# If not specified, defaults to system PATH environment variable. -# These directories MUST all be only writeable by root ! -exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin - -# Enable logging to syslog -# Default value is False -use_syslog=False - -# Which syslog facility to use. -# Valid values include auth, authpriv, syslog, user0, user1... -# Default value is 'syslog' -syslog_log_facility=syslog - -# Which messages to log. -# INFO means log all usage -# ERROR means only log unsuccessful attempts -syslog_log_level=ERROR diff --git a/config_samples/fuel_web/golden_fuelweb/cndr/cinder/api-paste.ini b/config_samples/fuel_web/golden_fuelweb/cndr/cinder/api-paste.ini deleted file mode 100644 index 5bfd738..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cndr/cinder/api-paste.ini +++ /dev/null @@ -1,52 +0,0 @@ -############# -# OpenStack # -############# - -[composite:osapi_volume] -use = call:cinder.api:root_app_factory -/: apiversions -/v1: openstack_volume_api_v1 -/v2: openstack_volume_api_v2 - -[composite:openstack_volume_api_v1] -use = call:cinder.api.middleware.auth:pipeline_factory -noauth = faultwrap sizelimit noauth apiv1 -keystone = faultwrap sizelimit authtoken keystonecontext apiv1 -keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv1 - -[composite:openstack_volume_api_v2] -use = call:cinder.api.middleware.auth:pipeline_factory -noauth = faultwrap sizelimit noauth apiv2 -keystone = faultwrap sizelimit authtoken keystonecontext apiv2 -keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv2 - -[filter:faultwrap] -paste.filter_factory = cinder.api.middleware.fault:FaultWrapper.factory - -[filter:noauth] -paste.filter_factory = cinder.api.middleware.auth:NoAuthMiddleware.factory - -[filter:sizelimit] -paste.filter_factory = cinder.api.middleware.sizelimit:RequestBodySizeLimiter.factory - -[app:apiv1] -paste.app_factory = cinder.api.v1.router:APIRouter.factory - -[app:apiv2] -paste.app_factory = cinder.api.v2.router:APIRouter.factory - -[pipeline:apiversions] -pipeline = faultwrap osvolumeversionapp - -[app:osvolumeversionapp] -paste.app_factory = cinder.api.versions:Versions.factory - -########## -# Shared # -########## - -[filter:keystonecontext] -paste.filter_factory = cinder.api.middleware.auth:CinderKeystoneContext.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory diff --git a/config_samples/fuel_web/golden_fuelweb/cndr/cinder/cinder.conf b/config_samples/fuel_web/golden_fuelweb/cndr/cinder/cinder.conf deleted file mode 100644 index f65fbd8..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cndr/cinder/cinder.conf +++ /dev/null @@ -1,33 +0,0 @@ -[DEFAULT] -logdir = /var/log/cinder -state_path = /var/lib/cinder -lock_path = /var/lib/cinder/tmp -volumes_dir = /etc/cinder/volumes -iscsi_helper = tgtadm -sql_connection = mysql://cinder:aJJbMNpG@192.168.0.7/cinder?charset=utf8 -rpc_backend = cinder.openstack.common.rpc.impl_kombu -rootwrap_config = /etc/cinder/rootwrap.conf -api_paste_config=/etc/cinder/api-paste.ini -volume_group=cinder -log_config=/etc/cinder/logging.conf -rabbit_userid=nova -bind_host=0.0.0.0 -auth_strategy=keystone -osapi_volume_listen=0.0.0.0 -iscsi_ip_address=172.16.0.6 -rabbit_virtual_host=/ -rabbit_hosts=controller-15:5672,controller-14:5672,controller-13:5672 -verbose=true -rabbit_ha_queues=True -rabbit_password=zrk9MfKV -rabbit_port=5672 - -[keystone_authtoken] -admin_tenant_name = services -admin_user = cinder -admin_password = LCBarOJB -auth_host = 127.0.0.1 -auth_port = 35357 -auth_protocol = http -signing_dirname = /tmp/keystone-signing-cinder -signing_dir=/tmp/keystone-signing-cinder diff --git a/config_samples/fuel_web/golden_fuelweb/cndr/cinder/logging.conf b/config_samples/fuel_web/golden_fuelweb/cndr/cinder/logging.conf deleted file mode 100644 index f2104c1..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cndr/cinder/logging.conf +++ /dev/null @@ -1,21 +0,0 @@ -[loggers] -keys = root - -[handlers] -keys = syslog - -[formatters] -keys = default - -[logger_root] -level = DEBUG -handlers = syslog -qualname = cinder - -[handler_syslog] -class = handlers.SysLogHandler -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL3) -formatter = default - -[formatter_default] -format = cinder %(name)s %(levelname)s %(message)s diff --git a/config_samples/fuel_web/golden_fuelweb/cndr/cinder/policy.json b/config_samples/fuel_web/golden_fuelweb/cndr/cinder/policy.json deleted file mode 100644 index a4fd911..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cndr/cinder/policy.json +++ /dev/null @@ -1,34 +0,0 @@ -{ - "context_is_admin": [["role:admin"]], - "admin_or_owner": [["is_admin:True"], ["project_id:%(project_id)s"]], - "default": [["rule:admin_or_owner"]], - - "admin_api": [["is_admin:True"]], - - "volume:create": [], - "volume:get_all": [], - "volume:get_volume_metadata": [], - "volume:get_snapshot": [], - "volume:get_all_snapshots": [], - - "volume_extension:types_manage": [["rule:admin_api"]], - "volume_extension:types_extra_specs": [["rule:admin_api"]], - "volume_extension:extended_snapshot_attributes": [], - "volume_extension:volume_image_metadata": [], - - "volume_extension:quotas:show": [], - "volume_extension:quotas:update_for_project": [["rule:admin_api"]], - "volume_extension:quotas:update_for_user": [["rule:admin_or_projectadmin"]], - "volume_extension:quota_classes": [], - - "volume_extension:volume_admin_actions:reset_status": [["rule:admin_api"]], - "volume_extension:snapshot_admin_actions:reset_status": [["rule:admin_api"]], - "volume_extension:volume_admin_actions:force_delete": [["rule:admin_api"]], - "volume_extension:snapshot_admin_actions:force_delete": [["rule:admin_api"]], - - "volume_extension:volume_host_attribute": [["rule:admin_api"]], - "volume_extension:volume_tenant_attribute": [["rule:admin_api"]], - "volume_extension:hosts": [["rule:admin_api"]], - "volume_extension:services": [["rule:admin_api"]], - "volume:services": [["rule:admin_api"]] -} diff --git a/config_samples/fuel_web/golden_fuelweb/cndr/cinder/rootwrap.conf b/config_samples/fuel_web/golden_fuelweb/cndr/cinder/rootwrap.conf deleted file mode 100644 index dfa8a99..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cndr/cinder/rootwrap.conf +++ /dev/null @@ -1,27 +0,0 @@ -# Configuration for cinder-rootwrap -# This file should be owned by (and only-writeable by) the root user - -[DEFAULT] -# List of directories to load filter definitions from (separated by ','). -# These directories MUST all be only writeable by root ! -filters_path=/etc/cinder/rootwrap.d,/usr/share/cinder/rootwrap - -# List of directories to search executables in, in case filters do not -# explicitely specify a full path (separated by ',') -# If not specified, defaults to system PATH environment variable. -# These directories MUST all be only writeable by root ! -exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin - -# Enable logging to syslog -# Default value is False -use_syslog=False - -# Which syslog facility to use. -# Valid values include auth, authpriv, syslog, user0, user1... -# Default value is 'syslog' -syslog_log_facility=syslog - -# Which messages to log. -# INFO means log all usage -# ERROR means only log unsuccessful attempts -syslog_log_level=ERROR diff --git a/config_samples/fuel_web/golden_fuelweb/cndr/lvm/archive/cinder_00000-715047446.vg b/config_samples/fuel_web/golden_fuelweb/cndr/lvm/archive/cinder_00000-715047446.vg deleted file mode 100644 index fd1ed55..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cndr/lvm/archive/cinder_00000-715047446.vg +++ /dev/null @@ -1,36 +0,0 @@ -# Generated by LVM2 version 2.02.98(2)-RHEL6 (2012-10-15): Mon Sep 16 13:31:17 2013 - -contents = "Text Format Volume Group" -version = 1 - -description = "Created *before* executing '/sbin/vgs --noheadings -o name --config 'log{command_names=0 prefix=\" \"}''" - -creation_host = "cinder-17.domain.tld" # Linux cinder-17.domain.tld 2.6.32-358.6.2.el6.x86_64 #1 SMP Thu May 16 20:59:36 UTC 2013 x86_64 -creation_time = 1379338277 # Mon Sep 16 13:31:17 2013 - -cinder { - id = "JkhZ33-QPjO-1JQb-I6v0-ryhN-N5Eo-yRXato" - seqno = 1 - format = "lvm2" # informational - status = ["RESIZEABLE", "READ", "WRITE"] - flags = [] - extent_size = 65536 # 32 Megabytes - max_lv = 0 - max_pv = 0 - metadata_copies = 0 - - physical_volumes { - - pv0 { - id = "xOUdQg-oWXY-q9wX-2wJH-0eYK-jD5t-SOdWuV" - device = "/dev/sda3" # Hint only - - status = ["ALLOCATABLE"] - flags = [] - dev_size = 3801088 # 1.8125 Gigabytes - pe_start = 2048 - pe_count = 57 # 1.78125 Gigabytes - } - } - -} diff --git a/config_samples/fuel_web/golden_fuelweb/cndr/lvm/archive/os_00000-1387443591.vg b/config_samples/fuel_web/golden_fuelweb/cndr/lvm/archive/os_00000-1387443591.vg deleted file mode 100644 index c303943..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cndr/lvm/archive/os_00000-1387443591.vg +++ /dev/null @@ -1,80 +0,0 @@ -# Generated by LVM2 version 2.02.98(2)-RHEL6 (2012-10-15): Mon Sep 16 13:31:17 2013 - -contents = "Text Format Volume Group" -version = 1 - -description = "Created *before* executing '/sbin/vgs --noheadings -o name --config 'log{command_names=0 prefix=\" \"}''" - -creation_host = "cinder-17.domain.tld" # Linux cinder-17.domain.tld 2.6.32-358.6.2.el6.x86_64 #1 SMP Thu May 16 20:59:36 UTC 2013 x86_64 -creation_time = 1379338277 # Mon Sep 16 13:31:17 2013 - -os { - id = "uO3dCZ-rc1v-AFiY-np8m-dBrA-ABCJ-32tTbx" - seqno = 3 - format = "lvm2" # informational - status = ["RESIZEABLE", "READ", "WRITE"] - flags = [] - extent_size = 65536 # 32 Megabytes - max_lv = 0 - max_pv = 0 - metadata_copies = 0 - - physical_volumes { - - pv0 { - id = "e9BcjU-6mIp-df6W-H46z-Fd70-2JmT-in6sEe" - device = "/dev/sda2" # Hint only - - status = ["ALLOCATABLE"] - flags = [] - dev_size = 29321216 # 13.9814 Gigabytes - pe_start = 2048 - pe_count = 447 # 13.9688 Gigabytes - } - } - - logical_volumes { - - root { - id = "X0t3ds-557Y-3E9D-6KTT-d5fc-l0s1-W3hyLl" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "cinder-17.domain.tld" - creation_time = 1379337901 # 2013-09-16 13:25:01 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 320 # 10 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 0 - ] - } - } - - swap { - id = "c3tvxZ-wxk4-bX5H-MbOP-QXsP-BCEk-KjB120" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "cinder-17.domain.tld" - creation_time = 1379337908 # 2013-09-16 13:25:08 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 126 # 3.9375 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 320 - ] - } - } - } -} diff --git a/config_samples/fuel_web/golden_fuelweb/cndr/lvm/backup/cinder b/config_samples/fuel_web/golden_fuelweb/cndr/lvm/backup/cinder deleted file mode 100644 index 26ca8d6..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cndr/lvm/backup/cinder +++ /dev/null @@ -1,36 +0,0 @@ -# Generated by LVM2 version 2.02.98(2)-RHEL6 (2012-10-15): Mon Sep 16 13:31:17 2013 - -contents = "Text Format Volume Group" -version = 1 - -description = "Created *after* executing '/sbin/vgs --noheadings -o name --config 'log{command_names=0 prefix=\" \"}''" - -creation_host = "cinder-17.domain.tld" # Linux cinder-17.domain.tld 2.6.32-358.6.2.el6.x86_64 #1 SMP Thu May 16 20:59:36 UTC 2013 x86_64 -creation_time = 1379338277 # Mon Sep 16 13:31:17 2013 - -cinder { - id = "JkhZ33-QPjO-1JQb-I6v0-ryhN-N5Eo-yRXato" - seqno = 1 - format = "lvm2" # informational - status = ["RESIZEABLE", "READ", "WRITE"] - flags = [] - extent_size = 65536 # 32 Megabytes - max_lv = 0 - max_pv = 0 - metadata_copies = 0 - - physical_volumes { - - pv0 { - id = "xOUdQg-oWXY-q9wX-2wJH-0eYK-jD5t-SOdWuV" - device = "/dev/sda3" # Hint only - - status = ["ALLOCATABLE"] - flags = [] - dev_size = 3801088 # 1.8125 Gigabytes - pe_start = 2048 - pe_count = 57 # 1.78125 Gigabytes - } - } - -} diff --git a/config_samples/fuel_web/golden_fuelweb/cndr/lvm/backup/os b/config_samples/fuel_web/golden_fuelweb/cndr/lvm/backup/os deleted file mode 100644 index 9f40925..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cndr/lvm/backup/os +++ /dev/null @@ -1,80 +0,0 @@ -# Generated by LVM2 version 2.02.98(2)-RHEL6 (2012-10-15): Mon Sep 16 13:31:17 2013 - -contents = "Text Format Volume Group" -version = 1 - -description = "Created *after* executing '/sbin/vgs --noheadings -o name --config 'log{command_names=0 prefix=\" \"}''" - -creation_host = "cinder-17.domain.tld" # Linux cinder-17.domain.tld 2.6.32-358.6.2.el6.x86_64 #1 SMP Thu May 16 20:59:36 UTC 2013 x86_64 -creation_time = 1379338277 # Mon Sep 16 13:31:17 2013 - -os { - id = "uO3dCZ-rc1v-AFiY-np8m-dBrA-ABCJ-32tTbx" - seqno = 3 - format = "lvm2" # informational - status = ["RESIZEABLE", "READ", "WRITE"] - flags = [] - extent_size = 65536 # 32 Megabytes - max_lv = 0 - max_pv = 0 - metadata_copies = 0 - - physical_volumes { - - pv0 { - id = "e9BcjU-6mIp-df6W-H46z-Fd70-2JmT-in6sEe" - device = "/dev/sda2" # Hint only - - status = ["ALLOCATABLE"] - flags = [] - dev_size = 29321216 # 13.9814 Gigabytes - pe_start = 2048 - pe_count = 447 # 13.9688 Gigabytes - } - } - - logical_volumes { - - root { - id = "X0t3ds-557Y-3E9D-6KTT-d5fc-l0s1-W3hyLl" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "cinder-17.domain.tld" - creation_time = 1379337901 # 2013-09-16 13:25:01 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 320 # 10 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 0 - ] - } - } - - swap { - id = "c3tvxZ-wxk4-bX5H-MbOP-QXsP-BCEk-KjB120" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "cinder-17.domain.tld" - creation_time = 1379337908 # 2013-09-16 13:25:08 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 126 # 3.9375 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 320 - ] - } - } - } -} diff --git a/config_samples/fuel_web/golden_fuelweb/cndr/lvm/lvm.conf b/config_samples/fuel_web/golden_fuelweb/cndr/lvm/lvm.conf deleted file mode 100644 index 542a2e6..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cndr/lvm/lvm.conf +++ /dev/null @@ -1,843 +0,0 @@ -# This is an example configuration file for the LVM2 system. -# It contains the default settings that would be used if there was no -# /etc/lvm/lvm.conf file. -# -# Refer to 'man lvm.conf' for further information including the file layout. -# -# To put this file in a different directory and override /etc/lvm set -# the environment variable LVM_SYSTEM_DIR before running the tools. -# -# N.B. Take care that each setting only appears once if uncommenting -# example settings in this file. - - -# This section allows you to configure which block devices should -# be used by the LVM system. -devices { - - # Where do you want your volume groups to appear ? - dir = "/dev" - - # An array of directories that contain the device nodes you wish - # to use with LVM2. - scan = [ "/dev" ] - - # If set, the cache of block device nodes with all associated symlinks - # will be constructed out of the existing udev database content. - # This avoids using and opening any inapplicable non-block devices or - # subdirectories found in the device directory. This setting is applied - # to udev-managed device directory only, other directories will be scanned - # fully. LVM2 needs to be compiled with udev support for this setting to - # take effect. N.B. Any device node or symlink not managed by udev in - # udev directory will be ignored with this setting on. - obtain_device_list_from_udev = 1 - - # If several entries in the scanned directories correspond to the - # same block device and the tools need to display a name for device, - # all the pathnames are matched against each item in the following - # list of regular expressions in turn and the first match is used. - # preferred_names = [ ] - - # Try to avoid using undescriptive /dev/dm-N names, if present. - preferred_names = [ "^/dev/mpath/", "^/dev/mapper/mpath", "^/dev/[hs]d" ] - - # A filter that tells LVM2 to only use a restricted set of devices. - # The filter consists of an array of regular expressions. These - # expressions can be delimited by a character of your choice, and - # prefixed with either an 'a' (for accept) or 'r' (for reject). - # The first expression found to match a device name determines if - # the device will be accepted or rejected (ignored). Devices that - # don't match any patterns are accepted. - - # Be careful if there there are symbolic links or multiple filesystem - # entries for the same device as each name is checked separately against - # the list of patterns. The effect is that if the first pattern in the - # list to match a name is an 'a' pattern for any of the names, the device - # is accepted; otherwise if the first pattern in the list to match a name - # is an 'r' pattern for any of the names it is rejected; otherwise it is - # accepted. - - # Don't have more than one filter line active at once: only one gets used. - - # Run vgscan after you change this parameter to ensure that - # the cache file gets regenerated (see below). - # If it doesn't do what you expect, check the output of 'vgscan -vvvv'. - - - # By default we accept every block device: - filter = [ "a/.*/" ] - - # Exclude the cdrom drive - # filter = [ "r|/dev/cdrom|" ] - - # When testing I like to work with just loopback devices: - # filter = [ "a/loop/", "r/.*/" ] - - # Or maybe all loops and ide drives except hdc: - # filter =[ "a|loop|", "r|/dev/hdc|", "a|/dev/ide|", "r|.*|" ] - - # Use anchors if you want to be really specific - # filter = [ "a|^/dev/hda8$|", "r/.*/" ] - - # Since "filter" is often overriden from command line, it is not suitable - # for system-wide device filtering (udev rules, lvmetad). To hide devices - # from LVM-specific udev processing and/or from lvmetad, you need to set - # global_filter. The syntax is the same as for normal "filter" - # above. Devices that fail the global_filter are not even opened by LVM. - - # global_filter = [] - - # The results of the filtering are cached on disk to avoid - # rescanning dud devices (which can take a very long time). - # By default this cache is stored in the /etc/lvm/cache directory - # in a file called '.cache'. - # It is safe to delete the contents: the tools regenerate it. - # (The old setting 'cache' is still respected if neither of - # these new ones is present.) - # N.B. If obtain_device_list_from_udev is set to 1 the list of - # devices is instead obtained from udev and any existing .cache - # file is removed. - cache_dir = "/etc/lvm/cache" - cache_file_prefix = "" - - # You can turn off writing this cache file by setting this to 0. - write_cache_state = 1 - - # Advanced settings. - - # List of pairs of additional acceptable block device types found - # in /proc/devices with maximum (non-zero) number of partitions. - # types = [ "fd", 16 ] - - # If sysfs is mounted (2.6 kernels) restrict device scanning to - # the block devices it believes are valid. - # 1 enables; 0 disables. - sysfs_scan = 1 - - # By default, LVM2 will ignore devices used as component paths - # of device-mapper multipath devices. - # 1 enables; 0 disables. - multipath_component_detection = 1 - - # By default, LVM2 will ignore devices used as components of - # software RAID (md) devices by looking for md superblocks. - # 1 enables; 0 disables. - md_component_detection = 1 - - # By default, if a PV is placed directly upon an md device, LVM2 - # will align its data blocks with the md device's stripe-width. - # 1 enables; 0 disables. - md_chunk_alignment = 1 - - # Default alignment of the start of a data area in MB. If set to 0, - # a value of 64KB will be used. Set to 1 for 1MiB, 2 for 2MiB, etc. - # default_data_alignment = 1 - - # By default, the start of a PV's data area will be a multiple of - # the 'minimum_io_size' or 'optimal_io_size' exposed in sysfs. - # - minimum_io_size - the smallest request the device can perform - # w/o incurring a read-modify-write penalty (e.g. MD's chunk size) - # - optimal_io_size - the device's preferred unit of receiving I/O - # (e.g. MD's stripe width) - # minimum_io_size is used if optimal_io_size is undefined (0). - # If md_chunk_alignment is enabled, that detects the optimal_io_size. - # This setting takes precedence over md_chunk_alignment. - # 1 enables; 0 disables. - data_alignment_detection = 1 - - # Alignment (in KB) of start of data area when creating a new PV. - # md_chunk_alignment and data_alignment_detection are disabled if set. - # Set to 0 for the default alignment (see: data_alignment_default) - # or page size, if larger. - data_alignment = 0 - - # By default, the start of the PV's aligned data area will be shifted by - # the 'alignment_offset' exposed in sysfs. This offset is often 0 but - # may be non-zero; e.g.: certain 4KB sector drives that compensate for - # windows partitioning will have an alignment_offset of 3584 bytes - # (sector 7 is the lowest aligned logical block, the 4KB sectors start - # at LBA -1, and consequently sector 63 is aligned on a 4KB boundary). - # But note that pvcreate --dataalignmentoffset will skip this detection. - # 1 enables; 0 disables. - data_alignment_offset_detection = 1 - - # If, while scanning the system for PVs, LVM2 encounters a device-mapper - # device that has its I/O suspended, it waits for it to become accessible. - # Set this to 1 to skip such devices. This should only be needed - # in recovery situations. - ignore_suspended_devices = 0 - - # During each LVM operation errors received from each device are counted. - # If the counter of a particular device exceeds the limit set here, no - # further I/O is sent to that device for the remainder of the respective - # operation. Setting the parameter to 0 disables the counters altogether. - disable_after_error_count = 0 - - # Allow use of pvcreate --uuid without requiring --restorefile. - require_restorefile_with_uuid = 1 - - # Minimum size (in KB) of block devices which can be used as PVs. - # In a clustered environment all nodes must use the same value. - # Any value smaller than 512KB is ignored. - - # Ignore devices smaller than 2MB such as floppy drives. - pv_min_size = 2048 - - # The original built-in setting was 512 up to and including version 2.02.84. - # pv_min_size = 512 - - # Issue discards to a logical volumes's underlying physical volume(s) when - # the logical volume is no longer using the physical volumes' space (e.g. - # lvremove, lvreduce, etc). Discards inform the storage that a region is - # no longer in use. Storage that supports discards advertise the protocol - # specific way discards should be issued by the kernel (TRIM, UNMAP, or - # WRITE SAME with UNMAP bit set). Not all storage will support or benefit - # from discards but SSDs and thinly provisioned LUNs generally do. If set - # to 1, discards will only be issued if both the storage and kernel provide - # support. - # 1 enables; 0 disables. - issue_discards = 0 -} - -# This section allows you to configure the way in which LVM selects -# free space for its Logical Volumes. -allocation { - - # When searching for free space to extend an LV, the "cling" - # allocation policy will choose space on the same PVs as the last - # segment of the existing LV. If there is insufficient space and a - # list of tags is defined here, it will check whether any of them are - # attached to the PVs concerned and then seek to match those PV tags - # between existing extents and new extents. - # Use the special tag "@*" as a wildcard to match any PV tag. - - # Example: LVs are mirrored between two sites within a single VG. - # PVs are tagged with either @site1 or @site2 to indicate where - # they are situated. - - # cling_tag_list = [ "@site1", "@site2" ] - # cling_tag_list = [ "@*" ] - - # Changes made in version 2.02.85 extended the reach of the 'cling' - # policies to detect more situations where data can be grouped - # onto the same disks. Set this to 0 to revert to the previous - # algorithm. - maximise_cling = 1 - - # Set to 1 to guarantee that mirror logs will always be placed on - # different PVs from the mirror images. This was the default - # until version 2.02.85. - mirror_logs_require_separate_pvs = 0 - - # Set to 1 to guarantee that thin pool metadata will always - # be placed on different PVs from the pool data. - thin_pool_metadata_require_separate_pvs = 0 - - # Specify the minimal chunk size (in KB) for thin pool volumes. - # Use of the larger chunk size may improve perfomance for plain - # thin volumes, however using them for snapshot volumes is less efficient, - # as it consumes more space and takes extra time for copying. - # When unset, lvm tries to estimate chunk size starting from 64KB - # Supported values are in range from 64 to 1048576. - # thin_pool_chunk_size = 64 - - # Specify discards behavior of the thin pool volume. - # Select one of "ignore", "nopassdown", "passdown" - # thin_pool_discards = "passdown" - - # Set to 0, to disable zeroing of thin pool data chunks before their - # first use. - # N.B. zeroing larger thin pool chunk size degrades performance. - # thin_pool_zero = 1 -} - -# This section that allows you to configure the nature of the -# information that LVM2 reports. -log { - - # Controls the messages sent to stdout or stderr. - # There are three levels of verbosity, 3 being the most verbose. - verbose = 0 - - # Set to 1 to suppress all non-essential messages from stdout. - # This has the same effect as -qq. - # When this is set, the following commands still produce output: - # dumpconfig, lvdisplay, lvmdiskscan, lvs, pvck, pvdisplay, - # pvs, version, vgcfgrestore -l, vgdisplay, vgs. - # Non-essential messages are shifted from log level 4 to log level 5 - # for syslog and lvm2_log_fn purposes. - # Any 'yes' or 'no' questions not overridden by other arguments - # are suppressed and default to 'no'. - silent = 0 - - # Should we send log messages through syslog? - # 1 is yes; 0 is no. - syslog = 1 - - # Should we log error and debug messages to a file? - # By default there is no log file. - #file = "/var/log/lvm2.log" - - # Should we overwrite the log file each time the program is run? - # By default we append. - overwrite = 0 - - # What level of log messages should we send to the log file and/or syslog? - # There are 6 syslog-like log levels currently in use - 2 to 7 inclusive. - # 7 is the most verbose (LOG_DEBUG). - level = 0 - - # Format of output messages - # Whether or not (1 or 0) to indent messages according to their severity - indent = 1 - - # Whether or not (1 or 0) to display the command name on each line output - command_names = 0 - - # A prefix to use before the message text (but after the command name, - # if selected). Default is two spaces, so you can see/grep the severity - # of each message. - prefix = " " - - # To make the messages look similar to the original LVM tools use: - # indent = 0 - # command_names = 1 - # prefix = " -- " - - # Set this if you want log messages during activation. - # Don't use this in low memory situations (can deadlock). - # activation = 0 -} - -# Configuration of metadata backups and archiving. In LVM2 when we -# talk about a 'backup' we mean making a copy of the metadata for the -# *current* system. The 'archive' contains old metadata configurations. -# Backups are stored in a human readeable text format. -backup { - - # Should we maintain a backup of the current metadata configuration ? - # Use 1 for Yes; 0 for No. - # Think very hard before turning this off! - backup = 1 - - # Where shall we keep it ? - # Remember to back up this directory regularly! - backup_dir = "/etc/lvm/backup" - - # Should we maintain an archive of old metadata configurations. - # Use 1 for Yes; 0 for No. - # On by default. Think very hard before turning this off. - archive = 1 - - # Where should archived files go ? - # Remember to back up this directory regularly! - archive_dir = "/etc/lvm/archive" - - # What is the minimum number of archive files you wish to keep ? - retain_min = 10 - - # What is the minimum time you wish to keep an archive file for ? - retain_days = 30 -} - -# Settings for the running LVM2 in shell (readline) mode. -shell { - - # Number of lines of history to store in ~/.lvm_history - history_size = 100 -} - - -# Miscellaneous global LVM2 settings -global { - - # The file creation mask for any files and directories created. - # Interpreted as octal if the first digit is zero. - umask = 077 - - # Allow other users to read the files - #umask = 022 - - # Enabling test mode means that no changes to the on disk metadata - # will be made. Equivalent to having the -t option on every - # command. Defaults to off. - test = 0 - - # Default value for --units argument - units = "h" - - # Since version 2.02.54, the tools distinguish between powers of - # 1024 bytes (e.g. KiB, MiB, GiB) and powers of 1000 bytes (e.g. - # KB, MB, GB). - # If you have scripts that depend on the old behaviour, set this to 0 - # temporarily until you update them. - si_unit_consistency = 1 - - # Whether or not to communicate with the kernel device-mapper. - # Set to 0 if you want to use the tools to manipulate LVM metadata - # without activating any logical volumes. - # If the device-mapper kernel driver is not present in your kernel - # setting this to 0 should suppress the error messages. - activation = 1 - - # If we can't communicate with device-mapper, should we try running - # the LVM1 tools? - # This option only applies to 2.4 kernels and is provided to help you - # switch between device-mapper kernels and LVM1 kernels. - # The LVM1 tools need to be installed with .lvm1 suffices - # e.g. vgscan.lvm1 and they will stop working after you start using - # the new lvm2 on-disk metadata format. - # The default value is set when the tools are built. - # fallback_to_lvm1 = 0 - - # The default metadata format that commands should use - "lvm1" or "lvm2". - # The command line override is -M1 or -M2. - # Defaults to "lvm2". - # format = "lvm2" - - # Location of proc filesystem - proc = "/proc" - - # Type of locking to use. Defaults to local file-based locking (1). - # Turn locking off by setting to 0 (dangerous: risks metadata corruption - # if LVM2 commands get run concurrently). - # Type 2 uses the external shared library locking_library. - # Type 3 uses built-in clustered locking. - # Type 4 uses read-only locking which forbids any operations that might - # change metadata. - locking_type = 1 - - # Set to 0 to fail when a lock request cannot be satisfied immediately. - wait_for_locks = 1 - - # If using external locking (type 2) and initialisation fails, - # with this set to 1 an attempt will be made to use the built-in - # clustered locking. - # If you are using a customised locking_library you should set this to 0. - fallback_to_clustered_locking = 1 - - # If an attempt to initialise type 2 or type 3 locking failed, perhaps - # because cluster components such as clvmd are not running, with this set - # to 1 an attempt will be made to use local file-based locking (type 1). - # If this succeeds, only commands against local volume groups will proceed. - # Volume Groups marked as clustered will be ignored. - fallback_to_local_locking = 1 - - # Local non-LV directory that holds file-based locks while commands are - # in progress. A directory like /tmp that may get wiped on reboot is OK. - locking_dir = "/var/lock/lvm" - - # Whenever there are competing read-only and read-write access requests for - # a volume group's metadata, instead of always granting the read-only - # requests immediately, delay them to allow the read-write requests to be - # serviced. Without this setting, write access may be stalled by a high - # volume of read-only requests. - # NB. This option only affects locking_type = 1 viz. local file-based - # locking. - prioritise_write_locks = 1 - - # Other entries can go here to allow you to load shared libraries - # e.g. if support for LVM1 metadata was compiled as a shared library use - # format_libraries = "liblvm2format1.so" - # Full pathnames can be given. - - # Search this directory first for shared libraries. - # library_dir = "/lib" - - # The external locking library to load if locking_type is set to 2. - # locking_library = "liblvm2clusterlock.so" - - # Treat any internal errors as fatal errors, aborting the process that - # encountered the internal error. Please only enable for debugging. - abort_on_internal_errors = 0 - - # Check whether CRC is matching when parsed VG is used multiple times. - # This is useful to catch unexpected internal cached volume group - # structure modification. Please only enable for debugging. - detect_internal_vg_cache_corruption = 0 - - # If set to 1, no operations that change on-disk metadata will be permitted. - # Additionally, read-only commands that encounter metadata in need of repair - # will still be allowed to proceed exactly as if the repair had been - # performed (except for the unchanged vg_seqno). - # Inappropriate use could mess up your system, so seek advice first! - metadata_read_only = 0 - - # 'mirror_segtype_default' defines which segtype will be used when the - # shorthand '-m' option is used for mirroring. The possible options are: - # - # "mirror" - The original RAID1 implementation provided by LVM2/DM. It is - # characterized by a flexible log solution (core, disk, mirrored) - # and by the necessity to block I/O while reconfiguring in the - # event of a failure. - # - # There is an inherent race in the dmeventd failure handling - # logic with snapshots of devices using this type of RAID1 that - # in the worst case could cause a deadlock. - # Ref: https://bugzilla.redhat.com/show_bug.cgi?id=817130#c10 - # - # "raid1" - This implementation leverages MD's RAID1 personality through - # device-mapper. It is characterized by a lack of log options. - # (A log is always allocated for every device and they are placed - # on the same device as the image - no separate devices are - # required.) This mirror implementation does not require I/O - # to be blocked in the kernel in the event of a failure. - # This mirror implementation is not cluster-aware and cannot be - # used in a shared (active/active) fashion in a cluster. - # - # Specify the '--type ' option to override this default - # setting. - mirror_segtype_default = "mirror" - - # The default format for displaying LV names in lvdisplay was changed - # in version 2.02.89 to show the LV name and path separately. - # Previously this was always shown as /dev/vgname/lvname even when that - # was never a valid path in the /dev filesystem. - # Set to 1 to reinstate the previous format. - # - # lvdisplay_shows_full_device_path = 0 - - # Whether to use (trust) a running instance of lvmetad. If this is set to - # 0, all commands fall back to the usual scanning mechanisms. When set to 1 - # *and* when lvmetad is running (it is not auto-started), the volume group - # metadata and PV state flags are obtained from the lvmetad instance and no - # scanning is done by the individual commands. In a setup with lvmetad, - # lvmetad udev rules *must* be set up for LVM to work correctly. Without - # proper udev rules, all changes in block device configuration will be - # *ignored* until a manual 'pvscan --cache' is performed. - # - # If lvmetad has been running while use_lvmetad was 0, it MUST be stopped - # before changing use_lvmetad to 1 and started again afterwards. - use_lvmetad = 0 - - # Full path of the utility called to check that a thin metadata device - # is in a state that allows it to be used. - # Each time a thin pool needs to be activated or after it is deactivated - # this utility is executed. The activation will only proceed if the utility - # has an exit status of 0. - # Set to "" to skip this check. (Not recommended.) - # The thin tools are available as part of the device-mapper-persistent-data - # package from https://github.com/jthornber/thin-provisioning-tools. - # - thin_check_executable = "/usr/sbin/thin_check" - - # String with options passed with thin_check command. By default, - # option '-q' is for quiet output. - thin_check_options = [ "-q" ] - - # If set, given features are not used by thin driver. - # This can be helpful not just for testing, but i.e. allows to avoid - # using problematic implementation of some thin feature. - # Features: - # block_size - # discards - # discards_non_power_2 - # - # thin_disabled_features = [ "discards", "block_size" ] -} - -activation { - # Set to 1 to perform internal checks on the operations issued to - # libdevmapper. Useful for debugging problems with activation. - # Some of the checks may be expensive, so it's best to use this - # only when there seems to be a problem. - checks = 0 - - # Set to 0 to disable udev synchronisation (if compiled into the binaries). - # Processes will not wait for notification from udev. - # They will continue irrespective of any possible udev processing - # in the background. You should only use this if udev is not running - # or has rules that ignore the devices LVM2 creates. - # The command line argument --nodevsync takes precedence over this setting. - # If set to 1 when udev is not running, and there are LVM2 processes - # waiting for udev, run 'dmsetup udevcomplete_all' manually to wake them up. - udev_sync = 1 - - # Set to 0 to disable the udev rules installed by LVM2 (if built with - # --enable-udev_rules). LVM2 will then manage the /dev nodes and symlinks - # for active logical volumes directly itself. - # N.B. Manual intervention may be required if this setting is changed - # while any logical volumes are active. - udev_rules = 1 - - # Set to 1 for LVM2 to verify operations performed by udev. This turns on - # additional checks (and if necessary, repairs) on entries in the device - # directory after udev has completed processing its events. - # Useful for diagnosing problems with LVM2/udev interactions. - verify_udev_operations = 0 - - # If set to 1 and if deactivation of an LV fails, perhaps because - # a process run from a quick udev rule temporarily opened the device, - # retry the operation for a few seconds before failing. - retry_deactivation = 1 - - # How to fill in missing stripes if activating an incomplete volume. - # Using "error" will make inaccessible parts of the device return - # I/O errors on access. You can instead use a device path, in which - # case, that device will be used to in place of missing stripes. - # But note that using anything other than "error" with mirrored - # or snapshotted volumes is likely to result in data corruption. - missing_stripe_filler = "error" - - # The linear target is an optimised version of the striped target - # that only handles a single stripe. Set this to 0 to disable this - # optimisation and always use the striped target. - use_linear_target = 1 - - # How much stack (in KB) to reserve for use while devices suspended - # Prior to version 2.02.89 this used to be set to 256KB - reserved_stack = 64 - - # How much memory (in KB) to reserve for use while devices suspended - reserved_memory = 8192 - - # Nice value used while devices suspended - process_priority = -18 - - # If volume_list is defined, each LV is only activated if there is a - # match against the list. - # "vgname" and "vgname/lvname" are matched exactly. - # "@tag" matches any tag set in the LV or VG. - # "@*" matches if any tag defined on the host is also set in the LV or VG - # - # volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] - - # If auto_activation_volume_list is defined, each LV that is to be - # activated is checked against the list while using the autoactivation - # option (--activate ay/-a ay), and if it matches, it is activated. - # "vgname" and "vgname/lvname" are matched exactly. - # "@tag" matches any tag set in the LV or VG. - # "@*" matches if any tag defined on the host is also set in the LV or VG - # - # auto_activation_volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] - - # If read_only_volume_list is defined, each LV that is to be activated - # is checked against the list, and if it matches, it as activated - # in read-only mode. (This overrides '--permission rw' stored in the - # metadata.) - # "vgname" and "vgname/lvname" are matched exactly. - # "@tag" matches any tag set in the LV or VG. - # "@*" matches if any tag defined on the host is also set in the LV or VG - # - # read_only_volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] - - # Size (in KB) of each copy operation when mirroring - mirror_region_size = 512 - - # Setting to use when there is no readahead value stored in the metadata. - # - # "none" - Disable readahead. - # "auto" - Use default value chosen by kernel. - readahead = "auto" - - # 'raid_fault_policy' defines how a device failure in a RAID logical - # volume is handled. This includes logical volumes that have the following - # segment types: raid1, raid4, raid5*, and raid6*. - # - # In the event of a failure, the following policies will determine what - # actions are performed during the automated response to failures (when - # dmeventd is monitoring the RAID logical volume) and when 'lvconvert' is - # called manually with the options '--repair' and '--use-policies'. - # - # "warn" - Use the system log to warn the user that a device in the RAID - # logical volume has failed. It is left to the user to run - # 'lvconvert --repair' manually to remove or replace the failed - # device. As long as the number of failed devices does not - # exceed the redundancy of the logical volume (1 device for - # raid4/5, 2 for raid6, etc) the logical volume will remain - # usable. - # - # "allocate" - Attempt to use any extra physical volumes in the volume - # group as spares and replace faulty devices. - # - raid_fault_policy = "warn" - - # 'mirror_image_fault_policy' and 'mirror_log_fault_policy' define - # how a device failure affecting a mirror (of "mirror" segment type) is - # handled. A mirror is composed of mirror images (copies) and a log. - # A disk log ensures that a mirror does not need to be re-synced - # (all copies made the same) every time a machine reboots or crashes. - # - # In the event of a failure, the specified policy will be used to determine - # what happens. This applies to automatic repairs (when the mirror is being - # monitored by dmeventd) and to manual lvconvert --repair when - # --use-policies is given. - # - # "remove" - Simply remove the faulty device and run without it. If - # the log device fails, the mirror would convert to using - # an in-memory log. This means the mirror will not - # remember its sync status across crashes/reboots and - # the entire mirror will be re-synced. If a - # mirror image fails, the mirror will convert to a - # non-mirrored device if there is only one remaining good - # copy. - # - # "allocate" - Remove the faulty device and try to allocate space on - # a new device to be a replacement for the failed device. - # Using this policy for the log is fast and maintains the - # ability to remember sync state through crashes/reboots. - # Using this policy for a mirror device is slow, as it - # requires the mirror to resynchronize the devices, but it - # will preserve the mirror characteristic of the device. - # This policy acts like "remove" if no suitable device and - # space can be allocated for the replacement. - # - # "allocate_anywhere" - Not yet implemented. Useful to place the log device - # temporarily on same physical volume as one of the mirror - # images. This policy is not recommended for mirror devices - # since it would break the redundant nature of the mirror. This - # policy acts like "remove" if no suitable device and space can - # be allocated for the replacement. - - mirror_log_fault_policy = "allocate" - mirror_image_fault_policy = "remove" - - # 'snapshot_autoextend_threshold' and 'snapshot_autoextend_percent' define - # how to handle automatic snapshot extension. The former defines when the - # snapshot should be extended: when its space usage exceeds this many - # percent. The latter defines how much extra space should be allocated for - # the snapshot, in percent of its current size. - # - # For example, if you set snapshot_autoextend_threshold to 70 and - # snapshot_autoextend_percent to 20, whenever a snapshot exceeds 70% usage, - # it will be extended by another 20%. For a 1G snapshot, using up 700M will - # trigger a resize to 1.2G. When the usage exceeds 840M, the snapshot will - # be extended to 1.44G, and so on. - # - # Setting snapshot_autoextend_threshold to 100 disables automatic - # extensions. The minimum value is 50 (A setting below 50 will be treated - # as 50). - - snapshot_autoextend_threshold = 100 - snapshot_autoextend_percent = 20 - - # 'thin_pool_autoextend_threshold' and 'thin_pool_autoextend_percent' define - # how to handle automatic pool extension. The former defines when the - # pool should be extended: when its space usage exceeds this many - # percent. The latter defines how much extra space should be allocated for - # the pool, in percent of its current size. - # - # For example, if you set thin_pool_autoextend_threshold to 70 and - # thin_pool_autoextend_percent to 20, whenever a pool exceeds 70% usage, - # it will be extended by another 20%. For a 1G pool, using up 700M will - # trigger a resize to 1.2G. When the usage exceeds 840M, the pool will - # be extended to 1.44G, and so on. - # - # Setting thin_pool_autoextend_threshold to 100 disables automatic - # extensions. The minimum value is 50 (A setting below 50 will be treated - # as 50). - - thin_pool_autoextend_threshold = 100 - thin_pool_autoextend_percent = 20 - - # While activating devices, I/O to devices being (re)configured is - # suspended, and as a precaution against deadlocks, LVM2 needs to pin - # any memory it is using so it is not paged out. Groups of pages that - # are known not to be accessed during activation need not be pinned - # into memory. Each string listed in this setting is compared against - # each line in /proc/self/maps, and the pages corresponding to any - # lines that match are not pinned. On some systems locale-archive was - # found to make up over 80% of the memory used by the process. - # mlock_filter = [ "locale/locale-archive", "gconv/gconv-modules.cache" ] - - # Set to 1 to revert to the default behaviour prior to version 2.02.62 - # which used mlockall() to pin the whole process's memory while activating - # devices. - use_mlockall = 0 - - # Monitoring is enabled by default when activating logical volumes. - # Set to 0 to disable monitoring or use the --ignoremonitoring option. - monitoring = 1 - - # When pvmove or lvconvert must wait for the kernel to finish - # synchronising or merging data, they check and report progress - # at intervals of this number of seconds. The default is 15 seconds. - # If this is set to 0 and there is only one thing to wait for, there - # are no progress reports, but the process is awoken immediately the - # operation is complete. - polling_interval = 15 -} - - -#################### -# Advanced section # -#################### - -# Metadata settings -# -# metadata { - # Default number of copies of metadata to hold on each PV. 0, 1 or 2. - # You might want to override it from the command line with 0 - # when running pvcreate on new PVs which are to be added to large VGs. - - # pvmetadatacopies = 1 - - # Default number of copies of metadata to maintain for each VG. - # If set to a non-zero value, LVM automatically chooses which of - # the available metadata areas to use to achieve the requested - # number of copies of the VG metadata. If you set a value larger - # than the the total number of metadata areas available then - # metadata is stored in them all. - # The default value of 0 ("unmanaged") disables this automatic - # management and allows you to control which metadata areas - # are used at the individual PV level using 'pvchange - # --metadataignore y/n'. - - # vgmetadatacopies = 0 - - # Approximate default size of on-disk metadata areas in sectors. - # You should increase this if you have large volume groups or - # you want to retain a large on-disk history of your metadata changes. - - # pvmetadatasize = 255 - - # List of directories holding live copies of text format metadata. - # These directories must not be on logical volumes! - # It's possible to use LVM2 with a couple of directories here, - # preferably on different (non-LV) filesystems, and with no other - # on-disk metadata (pvmetadatacopies = 0). Or this can be in - # addition to on-disk metadata areas. - # The feature was originally added to simplify testing and is not - # supported under low memory situations - the machine could lock up. - # - # Never edit any files in these directories by hand unless you - # you are absolutely sure you know what you are doing! Use - # the supplied toolset to make changes (e.g. vgcfgrestore). - - # dirs = [ "/etc/lvm/metadata", "/mnt/disk2/lvm/metadata2" ] -#} - -# Event daemon -# -dmeventd { - # mirror_library is the library used when monitoring a mirror device. - # - # "libdevmapper-event-lvm2mirror.so" attempts to recover from - # failures. It removes failed devices from a volume group and - # reconfigures a mirror as necessary. If no mirror library is - # provided, mirrors are not monitored through dmeventd. - - mirror_library = "libdevmapper-event-lvm2mirror.so" - - # snapshot_library is the library used when monitoring a snapshot device. - # - # "libdevmapper-event-lvm2snapshot.so" monitors the filling of - # snapshots and emits a warning through syslog when the use of - # the snapshot exceeds 80%. The warning is repeated when 85%, 90% and - # 95% of the snapshot is filled. - - snapshot_library = "libdevmapper-event-lvm2snapshot.so" - - # thin_library is the library used when monitoring a thin device. - # - # "libdevmapper-event-lvm2thin.so" monitors the filling of - # pool and emits a warning through syslog when the use of - # the pool exceeds 80%. The warning is repeated when 85%, 90% and - # 95% of the pool is filled. - - thin_library = "libdevmapper-event-lvm2thin.so" - - # Full path of the dmeventd binary. - # - # executable = "/sbin/dmeventd" -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/cinder/api-paste.ini b/config_samples/fuel_web/golden_fuelweb/cnt1/cinder/api-paste.ini deleted file mode 100644 index 5bfd738..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/cinder/api-paste.ini +++ /dev/null @@ -1,52 +0,0 @@ -############# -# OpenStack # -############# - -[composite:osapi_volume] -use = call:cinder.api:root_app_factory -/: apiversions -/v1: openstack_volume_api_v1 -/v2: openstack_volume_api_v2 - -[composite:openstack_volume_api_v1] -use = call:cinder.api.middleware.auth:pipeline_factory -noauth = faultwrap sizelimit noauth apiv1 -keystone = faultwrap sizelimit authtoken keystonecontext apiv1 -keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv1 - -[composite:openstack_volume_api_v2] -use = call:cinder.api.middleware.auth:pipeline_factory -noauth = faultwrap sizelimit noauth apiv2 -keystone = faultwrap sizelimit authtoken keystonecontext apiv2 -keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv2 - -[filter:faultwrap] -paste.filter_factory = cinder.api.middleware.fault:FaultWrapper.factory - -[filter:noauth] -paste.filter_factory = cinder.api.middleware.auth:NoAuthMiddleware.factory - -[filter:sizelimit] -paste.filter_factory = cinder.api.middleware.sizelimit:RequestBodySizeLimiter.factory - -[app:apiv1] -paste.app_factory = cinder.api.v1.router:APIRouter.factory - -[app:apiv2] -paste.app_factory = cinder.api.v2.router:APIRouter.factory - -[pipeline:apiversions] -pipeline = faultwrap osvolumeversionapp - -[app:osvolumeversionapp] -paste.app_factory = cinder.api.versions:Versions.factory - -########## -# Shared # -########## - -[filter:keystonecontext] -paste.filter_factory = cinder.api.middleware.auth:CinderKeystoneContext.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/cinder/cinder.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/cinder/cinder.conf deleted file mode 100644 index dd44473..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/cinder/cinder.conf +++ /dev/null @@ -1,31 +0,0 @@ -[DEFAULT] -logdir = /var/log/cinder -state_path = /var/lib/cinder -lock_path = /var/lib/cinder/tmp -volumes_dir = /etc/cinder/volumes -iscsi_helper = tgtadm -sql_connection = mysql://cinder:aJJbMNpG@192.168.0.7/cinder?charset=utf8 -rpc_backend = cinder.openstack.common.rpc.impl_kombu -rootwrap_config = /etc/cinder/rootwrap.conf -api_paste_config=/etc/cinder/api-paste.ini -log_config=/etc/cinder/logging.conf -rabbit_userid=nova -bind_host=192.168.0.2 -auth_strategy=keystone -osapi_volume_listen=192.168.0.2 -rabbit_virtual_host=/ -rabbit_hosts=192.168.0.7:5672 -verbose=true -rabbit_ha_queues=True -rabbit_password=zrk9MfKV -rabbit_port=5672 - -[keystone_authtoken] -admin_tenant_name = services -admin_user = cinder -admin_password = LCBarOJB -auth_host = 192.168.0.7 -auth_port = 35357 -auth_protocol = http -signing_dirname = /tmp/keystone-signing-cinder -signing_dir=/tmp/keystone-signing-cinder diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/cinder/logging.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/cinder/logging.conf deleted file mode 100644 index f2104c1..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/cinder/logging.conf +++ /dev/null @@ -1,21 +0,0 @@ -[loggers] -keys = root - -[handlers] -keys = syslog - -[formatters] -keys = default - -[logger_root] -level = DEBUG -handlers = syslog -qualname = cinder - -[handler_syslog] -class = handlers.SysLogHandler -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL3) -formatter = default - -[formatter_default] -format = cinder %(name)s %(levelname)s %(message)s diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/cinder/policy.json b/config_samples/fuel_web/golden_fuelweb/cnt1/cinder/policy.json deleted file mode 100644 index a4fd911..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/cinder/policy.json +++ /dev/null @@ -1,34 +0,0 @@ -{ - "context_is_admin": [["role:admin"]], - "admin_or_owner": [["is_admin:True"], ["project_id:%(project_id)s"]], - "default": [["rule:admin_or_owner"]], - - "admin_api": [["is_admin:True"]], - - "volume:create": [], - "volume:get_all": [], - "volume:get_volume_metadata": [], - "volume:get_snapshot": [], - "volume:get_all_snapshots": [], - - "volume_extension:types_manage": [["rule:admin_api"]], - "volume_extension:types_extra_specs": [["rule:admin_api"]], - "volume_extension:extended_snapshot_attributes": [], - "volume_extension:volume_image_metadata": [], - - "volume_extension:quotas:show": [], - "volume_extension:quotas:update_for_project": [["rule:admin_api"]], - "volume_extension:quotas:update_for_user": [["rule:admin_or_projectadmin"]], - "volume_extension:quota_classes": [], - - "volume_extension:volume_admin_actions:reset_status": [["rule:admin_api"]], - "volume_extension:snapshot_admin_actions:reset_status": [["rule:admin_api"]], - "volume_extension:volume_admin_actions:force_delete": [["rule:admin_api"]], - "volume_extension:snapshot_admin_actions:force_delete": [["rule:admin_api"]], - - "volume_extension:volume_host_attribute": [["rule:admin_api"]], - "volume_extension:volume_tenant_attribute": [["rule:admin_api"]], - "volume_extension:hosts": [["rule:admin_api"]], - "volume_extension:services": [["rule:admin_api"]], - "volume:services": [["rule:admin_api"]] -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/cinder/rootwrap.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/cinder/rootwrap.conf deleted file mode 100644 index dfa8a99..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/cinder/rootwrap.conf +++ /dev/null @@ -1,27 +0,0 @@ -# Configuration for cinder-rootwrap -# This file should be owned by (and only-writeable by) the root user - -[DEFAULT] -# List of directories to load filter definitions from (separated by ','). -# These directories MUST all be only writeable by root ! -filters_path=/etc/cinder/rootwrap.d,/usr/share/cinder/rootwrap - -# List of directories to search executables in, in case filters do not -# explicitely specify a full path (separated by ',') -# If not specified, defaults to system PATH environment variable. -# These directories MUST all be only writeable by root ! -exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin - -# Enable logging to syslog -# Default value is False -use_syslog=False - -# Which syslog facility to use. -# Valid values include auth, authpriv, syslog, user0, user1... -# Default value is 'syslog' -syslog_log_facility=syslog - -# Which messages to log. -# INFO means log all usage -# ERROR means only log unsuccessful attempts -syslog_log_level=ERROR diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/glance/glance-api-paste.ini b/config_samples/fuel_web/golden_fuelweb/cnt1/glance/glance-api-paste.ini deleted file mode 100644 index 0b29bc9..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/glance/glance-api-paste.ini +++ /dev/null @@ -1,57 +0,0 @@ -# Use this pipeline for no auth or image caching - DEFAULT -[pipeline:glance-api] -pipeline = versionnegotiation unauthenticated-context rootapp - -# Use this pipeline for image caching and no auth -[pipeline:glance-api-caching] -pipeline = versionnegotiation unauthenticated-context cache rootapp - -# Use this pipeline for caching w/ management interface but no auth -[pipeline:glance-api-cachemanagement] -pipeline = versionnegotiation unauthenticated-context cache cachemanage rootapp - -# Use this pipeline for keystone auth -[pipeline:glance-api-keystone] -pipeline = versionnegotiation authtoken context rootapp - -# Use this pipeline for keystone auth with image caching -[pipeline:glance-api-keystone+caching] -pipeline = versionnegotiation authtoken context cache rootapp - -# Use this pipeline for keystone auth with caching and cache management -[pipeline:glance-api-keystone+cachemanagement] -pipeline = versionnegotiation authtoken context cache cachemanage rootapp - -[composite:rootapp] -paste.composite_factory = glance.api:root_app_factory -/: apiversions -/v1: apiv1app -/v2: apiv2app - -[app:apiversions] -paste.app_factory = glance.api.versions:create_resource - -[app:apiv1app] -paste.app_factory = glance.api.v1.router:API.factory - -[app:apiv2app] -paste.app_factory = glance.api.v2.router:API.factory - -[filter:versionnegotiation] -paste.filter_factory = glance.api.middleware.version_negotiation:VersionNegotiationFilter.factory - -[filter:cache] -paste.filter_factory = glance.api.middleware.cache:CacheFilter.factory - -[filter:cachemanage] -paste.filter_factory = glance.api.middleware.cache_manage:CacheManageFilter.factory - -[filter:context] -paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory - -[filter:unauthenticated-context] -paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory -delay_auth_decision = true diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/glance/glance-api.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/glance/glance-api.conf deleted file mode 100644 index 3bc78d0..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/glance/glance-api.conf +++ /dev/null @@ -1,364 +0,0 @@ -[DEFAULT] -# Show more verbose log output (sets INFO log level output) -#verbose = False -verbose = true - -# Show debugging output in logs (sets DEBUG log level output) -#debug = False -debug = true - -# Which backend scheme should Glance use by default is not specified -# in a request to add a new image to Glance? Known schemes are determined -# by the known_stores option below. -# Default: 'file' -default_store = swift - -# List of which store classes and store class locations are -# currently known to glance at startup. -#known_stores = glance.store.filesystem.Store, -# glance.store.http.Store, -# glance.store.rbd.Store, -# glance.store.s3.Store, -# glance.store.swift.Store, - - -# Maximum image size (in bytes) that may be uploaded through the -# Glance API server. Defaults to 1 TB. -# WARNING: this value should only be increased after careful consideration -# and must be set to a value under 8 EB (9223372036854775808). -#image_size_cap = 1099511627776 - -# Address to bind the API server -bind_host = 192.168.0.2 - -# Port the bind the API server to -bind_port = 9292 - -# Log to this file. Make sure you do not set the same log -# file for both the API and registry servers! -log_file = /var/log/glance/api.log - -# Backlog requests when creating socket -backlog = 4096 - -# TCP_KEEPIDLE value in seconds when creating socket. -# Not supported on OS X. -#tcp_keepidle = 600 - -# SQLAlchemy connection string for the reference implementation -# registry server. Any valid SQLAlchemy connection string is fine. -# See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine -sql_connection = mysql://glance:mKJzWqLK@192.168.0.7/glance - -# Period in seconds after which SQLAlchemy should reestablish its connection -# to the database. -# -# MySQL uses a default `wait_timeout` of 8 hours, after which it will drop -# idle connections. This can result in 'MySQL Gone Away' exceptions. If you -# notice this, you can lower this value to ensure that SQLAlchemy reconnects -# before MySQL can drop the connection. -sql_idle_timeout = 3600 - -# Number of Glance API worker processes to start. -# On machines with more than one CPU increasing this value -# may improve performance (especially if using SSL with -# compression turned on). It is typically recommended to set -# this value to the number of CPUs present on your machine. -workers = 1 - -# Role used to identify an authenticated user as administrator -#admin_role = admin - -# Allow unauthenticated users to access the API with read-only -# privileges. This only applies when using ContextMiddleware. -#allow_anonymous_access = False - -# Allow access to version 1 of glance api -#enable_v1_api = True - -# Allow access to version 2 of glance api -#enable_v2_api = True - -# Return the URL that references where the data is stored on -# the backend storage system. For example, if using the -# file system store a URL of 'file:///path/to/image' will -# be returned to the user in the 'direct_url' meta-data field. -# The default value is false. -#show_image_direct_url = False - -# ================= Syslog Options ============================ - -# Send logs to syslog (/dev/log) instead of to file specified -# by `log_file` -#use_syslog = False -use_syslog = False - -# Facility to use. If unset defaults to LOG_USER. -#syslog_log_facility = LOG_LOCAL0 - -# ================= SSL Options =============================== - -# Certificate file to use when starting API server securely -#cert_file = /path/to/certfile - -# Private key file to use when starting API server securely -#key_file = /path/to/keyfile - -# CA certificate file to use to verify connecting clients -#ca_file = /path/to/cafile - -# ================= Security Options ========================== - -# AES key for encrypting store 'location' metadata, including -# -- if used -- Swift or S3 credentials -# Should be set to a random string of length 16, 24 or 32 bytes -#metadata_encryption_key = <16, 24 or 32 char registry metadata key> - -# ============ Registry Options =============================== - -# Address to find the registry server -registry_host = 192.168.0.7 - -# Port the registry server is listening on -registry_port = 9191 - -# What protocol to use when connecting to the registry server? -# Set to https for secure HTTP communication -registry_client_protocol = http - -# The path to the key file to use in SSL connections to the -# registry server, if any. Alternately, you may set the -# GLANCE_CLIENT_KEY_FILE environ variable to a filepath of the key file -#registry_client_key_file = /path/to/key/file - -# The path to the cert file to use in SSL connections to the -# registry server, if any. Alternately, you may set the -# GLANCE_CLIENT_CERT_FILE environ variable to a filepath of the cert file -#registry_client_cert_file = /path/to/cert/file - -# The path to the certifying authority cert file to use in SSL connections -# to the registry server, if any. Alternately, you may set the -# GLANCE_CLIENT_CA_FILE environ variable to a filepath of the CA cert file -#registry_client_ca_file = /path/to/ca/file - -# When using SSL in connections to the registry server, do not require -# validation via a certifying authority. This is the registry's equivalent of -# specifying --insecure on the command line using glanceclient for the API -# Default: False -#registry_client_insecure = False - -# The period of time, in seconds, that the API server will wait for a registry -# request to complete. A value of '0' implies no timeout. -# Default: 600 -#registry_client_timeout = 600 - -# Whether to automatically create the database tables. -# Default: False -#db_auto_create = False - -# ============ Notification System Options ===================== - -# Notifications can be sent when images are create, updated or deleted. -# There are three methods of sending notifications, logging (via the -# log_file directive), rabbit (via a rabbitmq queue), qpid (via a Qpid -# message queue), or noop (no notifications sent, the default) -notifier_strategy = noop - -# Configuration options if sending notifications via rabbitmq (these are -# the defaults) -rabbit_host = localhost -rabbit_port = 5672 -rabbit_use_ssl = false -rabbit_userid = guest -rabbit_password = guest -rabbit_virtual_host = / -rabbit_notification_exchange = glance -rabbit_notification_topic = notifications -rabbit_durable_queues = False - -# Configuration options if sending notifications via Qpid (these are -# the defaults) -qpid_notification_exchange = glance -qpid_notification_topic = notifications -qpid_host = localhost -qpid_port = 5672 -qpid_username = -qpid_password = -qpid_sasl_mechanisms = -qpid_reconnect_timeout = 0 -qpid_reconnect_limit = 0 -qpid_reconnect_interval_min = 0 -qpid_reconnect_interval_max = 0 -qpid_reconnect_interval = 0 -qpid_heartbeat = 5 -# Set to 'ssl' to enable SSL -qpid_protocol = tcp -qpid_tcp_nodelay = True - -# ============ Filesystem Store Options ======================== - -# Directory that the Filesystem backend store -# writes image data to -filesystem_store_datadir = /var/lib/glance/images/ - -# ============ Swift Store Options ============================= - -# Version of the authentication service to use -# Valid versions are '2' for keystone and '1' for swauth and rackspace -swift_store_auth_version = 2 - -# Address where the Swift authentication service lives -# Valid schemes are 'http://' and 'https://' -# If no scheme specified, default to 'https://' -# For swauth, use something like '127.0.0.1:8080/v1.0/' -swift_store_auth_address = http://192.168.0.7:5000/v2.0/ - -# User to authenticate against the Swift authentication service -# If you use Swift authentication service, set it to 'account':'user' -# where 'account' is a Swift storage account and 'user' -# is a user in that account -swift_store_user = services:glance - -# Auth key for the user authenticating against the -# Swift authentication service -swift_store_key = Bzlunhw0 - -# Container within the account that the account should use -# for storing images in Swift -swift_store_container = glance - -# Do we create the container if it does not exist? -swift_store_create_container_on_put = True - -# What size, in MB, should Glance start chunking image files -# and do a large object manifest in Swift? By default, this is -# the maximum object size in Swift, which is 5GB -swift_store_large_object_size = 5120 - -# When doing a large object manifest, what size, in MB, should -# Glance write chunks to Swift? This amount of data is written -# to a temporary disk buffer during the process of chunking -# the image file, and the default is 200MB -swift_store_large_object_chunk_size = 200 - -# Whether to use ServiceNET to communicate with the Swift storage servers. -# (If you aren't RACKSPACE, leave this False!) -# -# To use ServiceNET for authentication, prefix hostname of -# `swift_store_auth_address` with 'snet-'. -# Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/ -swift_enable_snet = False - -# If set to True enables multi-tenant storage mode which causes Glance images -# to be stored in tenant specific Swift accounts. -#swift_store_multi_tenant = False - -# A list of swift ACL strings that will be applied as both read and -# write ACLs to the containers created by Glance in multi-tenant -# mode. This grants the specified tenants/users read and write access -# to all newly created image objects. The standard swift ACL string -# formats are allowed, including: -# : -# : -# *: -# Multiple ACLs can be combined using a comma separated list, for -# example: swift_store_admin_tenants = service:glance,*:admin -#swift_store_admin_tenants = - -# The region of the swift endpoint to be used for single tenant. This setting -# is only necessary if the tenant has multiple swift endpoints. -#swift_store_region = - -# ============ S3 Store Options ============================= - -# Address where the S3 authentication service lives -# Valid schemes are 'http://' and 'https://' -# If no scheme specified, default to 'http://' -s3_store_host = 127.0.0.1:8080/v1.0/ - -# User to authenticate against the S3 authentication service -s3_store_access_key = <20-char AWS access key> - -# Auth key for the user authenticating against the -# S3 authentication service -s3_store_secret_key = <40-char AWS secret key> - -# Container within the account that the account should use -# for storing images in S3. Note that S3 has a flat namespace, -# so you need a unique bucket name for your glance images. An -# easy way to do this is append your AWS access key to "glance". -# S3 buckets in AWS *must* be lowercased, so remember to lowercase -# your AWS access key if you use it in your bucket name below! -s3_store_bucket = glance - -# Do we create the bucket if it does not exist? -s3_store_create_bucket_on_put = False - -# When sending images to S3, the data will first be written to a -# temporary buffer on disk. By default the platform's temporary directory -# will be used. If required, an alternative directory can be specified here. -#s3_store_object_buffer_dir = /path/to/dir - -# When forming a bucket url, boto will either set the bucket name as the -# subdomain or as the first token of the path. Amazon's S3 service will -# accept it as the subdomain, but Swift's S3 middleware requires it be -# in the path. Set this to 'path' or 'subdomain' - defaults to 'subdomain'. -#s3_store_bucket_url_format = subdomain - -# ============ RBD Store Options ============================= - -# Ceph configuration file path -# If using cephx authentication, this file should -# include a reference to the right keyring -# in a client. section -rbd_store_ceph_conf = /etc/ceph/ceph.conf - -# RADOS user to authenticate as (only applicable if using cephx) -rbd_store_user = glance - -# RADOS pool in which images are stored -rbd_store_pool = images - -# Images will be chunked into objects of this size (in megabytes). -# For best performance, this should be a power of two -rbd_store_chunk_size = 8 - -# ============ Delayed Delete Options ============================= - -# Turn on/off delayed delete -delayed_delete = False - -# Delayed delete time in seconds -scrub_time = 43200 - -# Directory that the scrubber will use to remind itself of what to delete -# Make sure this is also set in glance-scrubber.conf -scrubber_datadir = /var/lib/glance/scrubber - -# =============== Image Cache Options ============================= - -# Base directory that the Image Cache uses -image_cache_dir = /var/lib/glance/image-cache/ -log_config=/etc/glance/logging.conf - -[keystone_authtoken] -auth_host = 192.168.0.7 -auth_port = 35357 -auth_protocol = http -admin_tenant_name = services -admin_user = glance -admin_password = Bzlunhw0 -signing_dirname=/tmp/keystone-signing-glance -auth_uri=http://192.168.0.7:35357 -signing_dir=/tmp/keystone-signing-glance - -[paste_deploy] -# Name of the paste configuration file that defines the available pipelines -#config_file = glance-api-paste.ini - -# Partial name of a pipeline in your paste configuration file with the -# service name removed. For example, if your paste section name is -# [pipeline:glance-api-keystone], you would configure the flavor below -# as 'keystone'. -#flavor= -flavor=keystone+cachemanagement diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/glance/glance-cache.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/glance/glance-cache.conf deleted file mode 100644 index 5ea89d4..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/glance/glance-cache.conf +++ /dev/null @@ -1,149 +0,0 @@ -[DEFAULT] -# Show more verbose log output (sets INFO log level output) -#verbose = False -verbose = true - -# Show debugging output in logs (sets DEBUG log level output) -#debug = False -debug = true - -log_file = /var/log/glance/image-cache.log - -# Send logs to syslog (/dev/log) instead of to file specified by `log_file` -#use_syslog = False -use_syslog = False - -# Directory that the Image Cache writes data to -image_cache_dir = /var/lib/glance/image-cache/ - -# Number of seconds after which we should consider an incomplete image to be -# stalled and eligible for reaping -image_cache_stall_time = 86400 - -# image_cache_invalid_entry_grace_period - seconds -# -# If an exception is raised as we're writing to the cache, the cache-entry is -# deemed invalid and moved to /invalid so that it can be -# inspected for debugging purposes. -# -# This is number of seconds to leave these invalid images around before they -# are elibible to be reaped. -image_cache_invalid_entry_grace_period = 3600 - -# Max cache size in bytes -image_cache_max_size = 10737418240 - -# Address to find the registry server -registry_host = 192.168.0.7 - -# Port the registry server is listening on -registry_port = 9191 - -# Auth settings if using Keystone -# auth_url = http://127.0.0.1:5000/v2.0/ -auth_url = http://192.168.0.7:35357 -# admin_tenant_name = %SERVICE_TENANT_NAME% -admin_tenant_name = services -# admin_user = %SERVICE_USER% -admin_user = glance -# admin_password = %SERVICE_PASSWORD% -admin_password = Bzlunhw0 - -# List of which store classes and store class locations are -# currently known to glance at startup. -# known_stores = glance.store.filesystem.Store, -# glance.store.http.Store, -# glance.store.rbd.Store, -# glance.store.s3.Store, -# glance.store.swift.Store, - -# ============ Filesystem Store Options ======================== - -# Directory that the Filesystem backend store -# writes image data to -filesystem_store_datadir = /var/lib/glance/images/ - -# ============ Swift Store Options ============================= - -# Version of the authentication service to use -# Valid versions are '2' for keystone and '1' for swauth and rackspace -swift_store_auth_version = 2 - -# Address where the Swift authentication service lives -# Valid schemes are 'http://' and 'https://' -# If no scheme specified, default to 'https://' -# For swauth, use something like '127.0.0.1:8080/v1.0/' -swift_store_auth_address = 127.0.0.1:5000/v2.0/ - -# User to authenticate against the Swift authentication service -# If you use Swift authentication service, set it to 'account':'user' -# where 'account' is a Swift storage account and 'user' -# is a user in that account -swift_store_user = jdoe:jdoe - -# Auth key for the user authenticating against the -# Swift authentication service -swift_store_key = a86850deb2742ec3cb41518e26aa2d89 - -# Container within the account that the account should use -# for storing images in Swift -swift_store_container = glance - -# Do we create the container if it does not exist? -swift_store_create_container_on_put = False - -# What size, in MB, should Glance start chunking image files -# and do a large object manifest in Swift? By default, this is -# the maximum object size in Swift, which is 5GB -swift_store_large_object_size = 5120 - -# When doing a large object manifest, what size, in MB, should -# Glance write chunks to Swift? This amount of data is written -# to a temporary disk buffer during the process of chunking -# the image file, and the default is 200MB -swift_store_large_object_chunk_size = 200 - -# Whether to use ServiceNET to communicate with the Swift storage servers. -# (If you aren't RACKSPACE, leave this False!) -# -# To use ServiceNET for authentication, prefix hostname of -# `swift_store_auth_address` with 'snet-'. -# Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/ -swift_enable_snet = False - -# ============ S3 Store Options ============================= - -# Address where the S3 authentication service lives -# Valid schemes are 'http://' and 'https://' -# If no scheme specified, default to 'http://' -s3_store_host = 127.0.0.1:8080/v1.0/ - -# User to authenticate against the S3 authentication service -s3_store_access_key = <20-char AWS access key> - -# Auth key for the user authenticating against the -# S3 authentication service -s3_store_secret_key = <40-char AWS secret key> - -# Container within the account that the account should use -# for storing images in S3. Note that S3 has a flat namespace, -# so you need a unique bucket name for your glance images. An -# easy way to do this is append your AWS access key to "glance". -# S3 buckets in AWS *must* be lowercased, so remember to lowercase -# your AWS access key if you use it in your bucket name below! -s3_store_bucket = glance - -# Do we create the bucket if it does not exist? -s3_store_create_bucket_on_put = False - -# When sending images to S3, the data will first be written to a -# temporary buffer on disk. By default the platform's temporary directory -# will be used. If required, an alternative directory can be specified here. -# s3_store_object_buffer_dir = /path/to/dir - -# ================= Security Options ========================== - -# AES key for encrypting store 'location' metadata, including -# -- if used -- Swift or S3 credentials -# Should be set to a random string of length 16, 24 or 32 bytes -# metadata_encryption_key = <16, 24 or 32 char registry metadata key> diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/glance/glance-registry-paste.ini b/config_samples/fuel_web/golden_fuelweb/cnt1/glance/glance-registry-paste.ini deleted file mode 100644 index 5519c5c..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/glance/glance-registry-paste.ini +++ /dev/null @@ -1,19 +0,0 @@ -# Use this pipeline for no auth - DEFAULT -[pipeline:glance-registry] -pipeline = unauthenticated-context registryapp - -# Use this pipeline for keystone auth -[pipeline:glance-registry-keystone] -pipeline = authtoken context registryapp - -[app:registryapp] -paste.app_factory = glance.registry.api.v1:API.factory - -[filter:context] -paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory - -[filter:unauthenticated-context] -paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/glance/glance-registry.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/glance/glance-registry.conf deleted file mode 100644 index 82089d7..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/glance/glance-registry.conf +++ /dev/null @@ -1,97 +0,0 @@ -[DEFAULT] -# Show more verbose log output (sets INFO log level output) -#verbose = False -verbose = true - -# Show debugging output in logs (sets DEBUG log level output) -#debug = False -debug = true - -# Address to bind the registry server -bind_host = 192.168.0.2 - -# Port the bind the registry server to -bind_port = 9191 - -# Log to this file. Make sure you do not set the same log -# file for both the API and registry servers! -log_file = /var/log/glance/registry.log - -# Backlog requests when creating socket -backlog = 4096 - -# TCP_KEEPIDLE value in seconds when creating socket. -# Not supported on OS X. -#tcp_keepidle = 600 - -# SQLAlchemy connection string for the reference implementation -# registry server. Any valid SQLAlchemy connection string is fine. -# See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine -sql_connection = mysql://glance:mKJzWqLK@192.168.0.7/glance - -# Period in seconds after which SQLAlchemy should reestablish its connection -# to the database. -# -# MySQL uses a default `wait_timeout` of 8 hours, after which it will drop -# idle connections. This can result in 'MySQL Gone Away' exceptions. If you -# notice this, you can lower this value to ensure that SQLAlchemy reconnects -# before MySQL can drop the connection. -sql_idle_timeout = 3600 - -# Limit the api to return `param_limit_max` items in a call to a container. If -# a larger `limit` query param is provided, it will be reduced to this value. -api_limit_max = 1000 - -# If a `limit` query param is not provided in an api request, it will -# default to `limit_param_default` -limit_param_default = 25 - -# Role used to identify an authenticated user as administrator -#admin_role = admin - -# Whether to automatically create the database tables. -# Default: False -#db_auto_create = False - -# ================= Syslog Options ============================ - -# Send logs to syslog (/dev/log) instead of to file specified -# by `log_file` -#use_syslog = False -use_syslog = False - -# Facility to use. If unset defaults to LOG_USER. -#syslog_log_facility = LOG_LOCAL1 - -# ================= SSL Options =============================== - -# Certificate file to use when starting registry server securely -#cert_file = /path/to/certfile - -# Private key file to use when starting registry server securely -#key_file = /path/to/keyfile - -# CA certificate file to use to verify connecting clients -#ca_file = /path/to/cafile -log_config=/etc/glance/logging.conf - -[keystone_authtoken] -auth_host = 192.168.0.7 -auth_port = 35357 -auth_protocol = http -admin_tenant_name = services -admin_user = glance -admin_password = Bzlunhw0 -signing_dir=/tmp/keystone-signing-glance -signing_dirname=/tmp/keystone-signing-glance - -[paste_deploy] -# Name of the paste configuration file that defines the available pipelines -#config_file = glance-registry-paste.ini - -# Partial name of a pipeline in your paste configuration file with the -# service name removed. For example, if your paste section name is -# [pipeline:glance-registry-keystone], you would configure the flavor below -# as 'keystone'. -#flavor= -flavor=keystone diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/glance/glance-scrubber.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/glance/glance-scrubber.conf deleted file mode 100644 index 9273043..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/glance/glance-scrubber.conf +++ /dev/null @@ -1,40 +0,0 @@ -[DEFAULT] -# Show more verbose log output (sets INFO log level output) -#verbose = False - -# Show debugging output in logs (sets DEBUG log level output) -#debug = False - -# Log to this file. Make sure you do not set the same log -# file for both the API and registry servers! -log_file = /var/log/glance/scrubber.log - -# Send logs to syslog (/dev/log) instead of to file specified by `log_file` -#use_syslog = False - -# Should we run our own loop or rely on cron/scheduler to run us -daemon = False - -# Loop time between checking for new items to schedule for delete -wakeup_time = 300 - -# Directory that the scrubber will use to remind itself of what to delete -# Make sure this is also set in glance-api.conf -scrubber_datadir = /var/lib/glance/scrubber - -# Only one server in your deployment should be designated the cleanup host -cleanup_scrubber = False - -# pending_delete items older than this time are candidates for cleanup -cleanup_scrubber_time = 86400 - -# Address to find the registry server for cleanups -registry_host = 0.0.0.0 - -# Port the registry server is listening on -registry_port = 9191 - -# AES key for encrypting store 'location' metadata, including -# -- if used -- Swift or S3 credentials -# Should be set to a random string of length 16, 24 or 32 bytes -#metadata_encryption_key = <16, 24 or 32 char registry metadata key> diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/glance/logging.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/glance/logging.conf deleted file mode 100644 index 319e40e..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/glance/logging.conf +++ /dev/null @@ -1,21 +0,0 @@ -[loggers] -keys = root - -[handlers] -keys = syslog - -[formatters] -keys = default - -[logger_root] -level = DEBUG -handlers = syslog -qualname = glance - -[handler_syslog] -class = handlers.SysLogHandler -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL2) -formatter = default - -[formatter_default] -format = glance %(name)s %(levelname)s %(message)s diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/glance/policy.json b/config_samples/fuel_web/golden_fuelweb/cnt1/glance/policy.json deleted file mode 100644 index 30ef83c..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/glance/policy.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "default": "", - "manage_image_cache": "role:admin" -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/glance/schema-image.json b/config_samples/fuel_web/golden_fuelweb/cnt1/glance/schema-image.json deleted file mode 100644 index 5aafd6b..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/glance/schema-image.json +++ /dev/null @@ -1,28 +0,0 @@ -{ - "kernel_id": { - "type": "string", - "pattern": "^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$", - "description": "ID of image stored in Glance that should be used as the kernel when booting an AMI-style image." - }, - "ramdisk_id": { - "type": "string", - "pattern": "^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$", - "description": "ID of image stored in Glance that should be used as the ramdisk when booting an AMI-style image." - }, - "instance_uuid": { - "type": "string", - "description": "ID of instance used to create this image." - }, - "architecture": { - "description": "Operating system architecture as specified in http://docs.openstack.org/trunk/openstack-compute/admin/content/adding-images.html", - "type": "string" - }, - "os_distro": { - "description": "Common name of operating system distribution as specified in http://docs.openstack.org/trunk/openstack-compute/admin/content/adding-images.html", - "type": "string" - }, - "os_version": { - "description": "Operating system version as specified by the distributor", - "type": "string" - } -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/keepalived/keepalived.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/keepalived/keepalived.conf deleted file mode 100644 index bae1106..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/keepalived/keepalived.conf +++ /dev/null @@ -1,59 +0,0 @@ -# This file is managed by Puppet. DO NOT EDIT. -global_defs { - notification_email { - root@domain.tld - - } - notification_email_from keepalived@domain.tld - smtp_server localhost - smtp_connect_timeout 30 - router_id controller-13 -} - -vrrp_instance 4 { - virtual_router_id 4 - - # for electing MASTER, highest priority wins. - priority 101 - state MASTER - - interface eth0.100 - - virtual_ipaddress { - 240.0.1.7 label eth0.100:ka - - } - - - - - - - - - -} - -vrrp_instance 5 { - virtual_router_id 5 - - # for electing MASTER, highest priority wins. - priority 101 - state MASTER - - interface eth0.101 - - virtual_ipaddress { - 192.168.0.7 label eth0.101:ka - - } - - - - - - - - - -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/keystone/default_catalog.templates b/config_samples/fuel_web/golden_fuelweb/cnt1/keystone/default_catalog.templates deleted file mode 100644 index eb1e044..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/keystone/default_catalog.templates +++ /dev/null @@ -1,27 +0,0 @@ -# config for TemplatedCatalog, using camelCase because I don't want to do -# translations for keystone compat -catalog.RegionOne.identity.publicURL = http://localhost:$(public_port)s/v2.0 -catalog.RegionOne.identity.adminURL = http://localhost:$(admin_port)s/v2.0 -catalog.RegionOne.identity.internalURL = http://localhost:$(public_port)s/v2.0 -catalog.RegionOne.identity.name = Identity Service - -# fake compute service for now to help novaclient tests work -catalog.RegionOne.compute.publicURL = http://localhost:$(compute_port)s/v1.1/$(tenant_id)s -catalog.RegionOne.compute.adminURL = http://localhost:$(compute_port)s/v1.1/$(tenant_id)s -catalog.RegionOne.compute.internalURL = http://localhost:$(compute_port)s/v1.1/$(tenant_id)s -catalog.RegionOne.compute.name = Compute Service - -catalog.RegionOne.volume.publicURL = http://localhost:8776/v1/$(tenant_id)s -catalog.RegionOne.volume.adminURL = http://localhost:8776/v1/$(tenant_id)s -catalog.RegionOne.volume.internalURL = http://localhost:8776/v1/$(tenant_id)s -catalog.RegionOne.volume.name = Volume Service - -catalog.RegionOne.ec2.publicURL = http://localhost:8773/services/Cloud -catalog.RegionOne.ec2.adminURL = http://localhost:8773/services/Admin -catalog.RegionOne.ec2.internalURL = http://localhost:8773/services/Cloud -catalog.RegionOne.ec2.name = EC2 Service - -catalog.RegionOne.image.publicURL = http://localhost:9292/v1 -catalog.RegionOne.image.adminURL = http://localhost:9292/v1 -catalog.RegionOne.image.internalURL = http://localhost:9292/v1 -catalog.RegionOne.image.name = Image Service diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/keystone/keystone.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/keystone/keystone.conf deleted file mode 100644 index 8c61b9f..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/keystone/keystone.conf +++ /dev/null @@ -1,320 +0,0 @@ -[DEFAULT] -log_file = /var/log/keystone/keystone.log -# A "shared secret" between keystone and other openstack services -# admin_token = ADMIN -admin_token = 6Cx19zRq - -# The IP address of the network interface to listen on -# bind_host = 0.0.0.0 -bind_host = 192.168.0.2 - -# The port number which the public service listens on -# public_port = 5000 -public_port = 5000 - -# The port number which the public admin listens on -# admin_port = 35357 -admin_port = 35357 - -# The base endpoint URLs for keystone that are advertised to clients -# (NOTE: this does NOT affect how keystone listens for connections) -# public_endpoint = http://localhost:%(public_port)d/ -# admin_endpoint = http://localhost:%(admin_port)d/ - -# The port number which the OpenStack Compute service listens on -# compute_port = 8774 -compute_port = 3000 - -# Path to your policy definition containing identity actions -# policy_file = policy.json - -# Rule to check if no matching policy definition is found -# FIXME(dolph): This should really be defined as [policy] default_rule -# policy_default_rule = admin_required - -# Role for migrating membership relationships -# During a SQL upgrade, the following values will be used to create a new role -# that will replace records in the user_tenant_membership table with explicit -# role grants. After migration, the member_role_id will be used in the API -# add_user_to_project, and member_role_name will be ignored. -# member_role_id = 9fe2ff9ee4384b1894a90878d3e92bab -# member_role_name = _member_ - -# === Logging Options === -# Print debugging output -# (includes plaintext request logging, potentially including passwords) -# debug = False -debug = true - -# Print more verbose output -# verbose = False -verbose = true - -# Name of log file to output to. If not set, logging will go to stdout. -# log_file = keystone.log - -# The directory to keep log files in (will be prepended to --logfile) -# log_dir = /var/log/keystone - -# Use syslog for logging. -# use_syslog = False - -# syslog facility to receive log lines -# syslog_log_facility = LOG_USER - -# If this option is specified, the logging configuration file specified is -# used and overrides any other logging options specified. Please see the -# Python logging module documentation for details on logging configuration -# files. -# log_config = logging.conf -log_config = /etc/keystone/logging.conf - -# A logging.Formatter log message format string which may use any of the -# available logging.LogRecord attributes. -# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s - -# Format string for %(asctime)s in log records. -# log_date_format = %Y-%m-%d %H:%M:%S - -# onready allows you to send a notification when the process is ready to serve -# For example, to have it notify using systemd, one could set shell command: -# onready = systemd-notify --ready -# or a module with notify() method: -# onready = keystone.common.systemd - -[sql] -connection = mysql://keystone:cg5UvHsO@192.168.0.7/keystone -# The SQLAlchemy connection string used to connect to the database -# connection = sqlite:///keystone.db - -# the timeout before idle sql connections are reaped -# idle_timeout = 200 -idle_timeout = 200 - -[identity] -driver = keystone.identity.backends.sql.Identity -# driver = keystone.identity.backends.sql.Identity - -# This references the domain to use for all Identity API v2 requests (which are -# not aware of domains). A domain with this ID will be created for you by -# keystone-manage db_sync in migration 008. The domain referenced by this ID -# cannot be deleted on the v3 API, to prevent accidentally breaking the v2 API. -# There is nothing special about this domain, other than the fact that it must -# exist to order to maintain support for your v2 clients. -# default_domain_id = default - -[trust] -# driver = keystone.trust.backends.sql.Trust - -# delegation and impersonation features can be optionally disabled -# enabled = True - -[catalog] -template_file = /etc/keystone/default_catalog.templates -driver = keystone.catalog.backends.sql.Catalog -# dynamic, sql-based backend (supports API/CLI-based management commands) -# driver = keystone.catalog.backends.sql.Catalog - -# static, file-based backend (does *NOT* support any management commands) -# driver = keystone.catalog.backends.templated.TemplatedCatalog - -# template_file = default_catalog.templates - -[token] -driver = keystone.token.backends.sql.Token -# driver = keystone.token.backends.kvs.Token - -# Amount of time a token should remain valid (in seconds) -# expiration = 86400 - -[policy] -# driver = keystone.policy.backends.sql.Policy -driver = keystone.policy.backends.rules.Policy - -[ec2] -driver = keystone.contrib.ec2.backends.sql.Ec2 -# driver = keystone.contrib.ec2.backends.kvs.Ec2 - -[ssl] -#enable = True -#certfile = /etc/keystone/ssl/certs/keystone.pem -#keyfile = /etc/keystone/ssl/private/keystonekey.pem -#ca_certs = /etc/keystone/ssl/certs/ca.pem -#cert_required = True - -[signing] -#token_format = PKI -token_format = UUID -#certfile = /etc/keystone/ssl/certs/signing_cert.pem -#keyfile = /etc/keystone/ssl/private/signing_key.pem -#ca_certs = /etc/keystone/ssl/certs/ca.pem -#key_size = 1024 -#valid_days = 3650 -#ca_password = None - -[ldap] -# url = ldap://localhost -# user = dc=Manager,dc=example,dc=com -# password = None -# suffix = cn=example,cn=com -# use_dumb_member = False -# allow_subtree_delete = False -# dumb_member = cn=dumb,dc=example,dc=com - -# Maximum results per page; a value of zero ('0') disables paging (default) -# page_size = 0 - -# The LDAP dereferencing option for queries. This can be either 'never', -# 'searching', 'always', 'finding' or 'default'. The 'default' option falls -# back to using default dereferencing configured by your ldap.conf. -# alias_dereferencing = default - -# The LDAP scope for queries, this can be either 'one' -# (onelevel/singleLevel) or 'sub' (subtree/wholeSubtree) -# query_scope = one - -# user_tree_dn = ou=Users,dc=example,dc=com -# user_filter = -# user_objectclass = inetOrgPerson -# user_domain_id_attribute = businessCategory -# user_id_attribute = cn -# user_name_attribute = sn -# user_mail_attribute = email -# user_pass_attribute = userPassword -# user_enabled_attribute = enabled -# user_enabled_mask = 0 -# user_enabled_default = True -# user_attribute_ignore = tenant_id,tenants -# user_allow_create = True -# user_allow_update = True -# user_allow_delete = True -# user_enabled_emulation = False -# user_enabled_emulation_dn = - -# tenant_tree_dn = ou=Groups,dc=example,dc=com -# tenant_filter = -# tenant_objectclass = groupOfNames -# tenant_domain_id_attribute = businessCategory -# tenant_id_attribute = cn -# tenant_member_attribute = member -# tenant_name_attribute = ou -# tenant_desc_attribute = desc -# tenant_enabled_attribute = enabled -# tenant_attribute_ignore = -# tenant_allow_create = True -# tenant_allow_update = True -# tenant_allow_delete = True -# tenant_enabled_emulation = False -# tenant_enabled_emulation_dn = - -# role_tree_dn = ou=Roles,dc=example,dc=com -# role_filter = -# role_objectclass = organizationalRole -# role_id_attribute = cn -# role_name_attribute = ou -# role_member_attribute = roleOccupant -# role_attribute_ignore = -# role_allow_create = True -# role_allow_update = True -# role_allow_delete = True - -# group_tree_dn = -# group_filter = -# group_objectclass = groupOfNames -# group_id_attribute = cn -# group_name_attribute = ou -# group_member_attribute = member -# group_desc_attribute = desc -# group_attribute_ignore = -# group_allow_create = True -# group_allow_update = True -# group_allow_delete = True - -[auth] -methods = password,token -password = keystone.auth.plugins.password.Password -token = keystone.auth.plugins.token.Token - -[filter:debug] -paste.filter_factory = keystone.common.wsgi:Debug.factory - -[filter:token_auth] -paste.filter_factory = keystone.middleware:TokenAuthMiddleware.factory - -[filter:admin_token_auth] -paste.filter_factory = keystone.middleware:AdminTokenAuthMiddleware.factory - -[filter:xml_body] -paste.filter_factory = keystone.middleware:XmlBodyMiddleware.factory - -[filter:json_body] -paste.filter_factory = keystone.middleware:JsonBodyMiddleware.factory - -[filter:user_crud_extension] -paste.filter_factory = keystone.contrib.user_crud:CrudExtension.factory - -[filter:crud_extension] -paste.filter_factory = keystone.contrib.admin_crud:CrudExtension.factory - -[filter:ec2_extension] -paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory - -[filter:s3_extension] -paste.filter_factory = keystone.contrib.s3:S3Extension.factory - -[filter:url_normalize] -paste.filter_factory = keystone.middleware:NormalizingFilter.factory - -[filter:sizelimit] -paste.filter_factory = keystone.middleware:RequestBodySizeLimiter.factory - -[filter:stats_monitoring] -paste.filter_factory = keystone.contrib.stats:StatsMiddleware.factory - -[filter:stats_reporting] -paste.filter_factory = keystone.contrib.stats:StatsExtension.factory - -[filter:access_log] -paste.filter_factory = keystone.contrib.access:AccessLogMiddleware.factory - -[app:public_service] -paste.app_factory = keystone.service:public_app_factory - -[app:service_v3] -paste.app_factory = keystone.service:v3_app_factory - -[app:admin_service] -paste.app_factory = keystone.service:admin_app_factory - -[pipeline:public_api] -pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug ec2_extension user_crud_extension public_service - -[pipeline:admin_api] -pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension crud_extension admin_service - -[pipeline:api_v3] -pipeline = access_log sizelimit stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension service_v3 - -[app:public_version_service] -paste.app_factory = keystone.service:public_version_app_factory - -[app:admin_version_service] -paste.app_factory = keystone.service:admin_version_app_factory - -[pipeline:public_version_api] -pipeline = stats_monitoring url_normalize xml_body public_version_service - -[pipeline:admin_version_api] -pipeline = stats_monitoring url_normalize xml_body admin_version_service - -[composite:main] -use = egg:Paste#urlmap -/v2.0 = public_api -/v3 = api_v3 -/ = public_version_api - -[composite:admin] -use = egg:Paste#urlmap -/v2.0 = admin_api -/v3 = api_v3 -/ = admin_version_api diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/keystone/logging.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/keystone/logging.conf deleted file mode 100644 index f907736..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/keystone/logging.conf +++ /dev/null @@ -1,21 +0,0 @@ -[loggers] -keys = root - -[handlers] -keys = syslog - -[formatters] -keys = default - -[logger_root] -level = DEBUG -handlers = syslog -qualname = keystone - -[handler_syslog] -class = handlers.SysLogHandler -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL1) -formatter = default - -[formatter_default] -format = keystone %(name)s %(levelname)s %(message)s diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/keystone/policy.json b/config_samples/fuel_web/golden_fuelweb/cnt1/keystone/policy.json deleted file mode 100644 index 17da8ea..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/keystone/policy.json +++ /dev/null @@ -1,85 +0,0 @@ -{ - "admin_required": [["role:admin"], ["is_admin:1"]], - "owner" : [["user_id:%(user_id)s"]], - "admin_or_owner": [["rule:admin_required"], ["rule:owner"]], - - "default": [["rule:admin_required"]], - - "identity:get_service": [["rule:admin_required"]], - "identity:list_services": [["rule:admin_required"]], - "identity:create_service": [["rule:admin_required"]], - "identity:update_service": [["rule:admin_required"]], - "identity:delete_service": [["rule:admin_required"]], - - "identity:get_endpoint": [["rule:admin_required"]], - "identity:list_endpoints": [["rule:admin_required"]], - "identity:create_endpoint": [["rule:admin_required"]], - "identity:update_endpoint": [["rule:admin_required"]], - "identity:delete_endpoint": [["rule:admin_required"]], - - "identity:get_domain": [["rule:admin_required"]], - "identity:list_domains": [["rule:admin_required"]], - "identity:create_domain": [["rule:admin_required"]], - "identity:update_domain": [["rule:admin_required"]], - "identity:delete_domain": [["rule:admin_required"]], - - "identity:get_project": [["rule:admin_required"]], - "identity:list_projects": [["rule:admin_required"]], - "identity:list_user_projects": [["rule:admin_or_owner"]], - "identity:create_project": [["rule:admin_or_owner"]], - "identity:update_project": [["rule:admin_required"]], - "identity:delete_project": [["rule:admin_required"]], - - "identity:get_user": [["rule:admin_required"]], - "identity:list_users": [["rule:admin_required"]], - "identity:create_user": [["rule:admin_required"]], - "identity:update_user": [["rule:admin_or_owner"]], - "identity:delete_user": [["rule:admin_required"]], - - "identity:get_group": [["rule:admin_required"]], - "identity:list_groups": [["rule:admin_required"]], - "identity:create_group": [["rule:admin_required"]], - "identity:update_group": [["rule:admin_required"]], - "identity:delete_group": [["rule:admin_required"]], - "identity:list_users_in_group": [["rule:admin_required"]], - "identity:remove_user_from_group": [["rule:admin_required"]], - "identity:check_user_in_group": [["rule:admin_required"]], - "identity:add_user_to_group": [["rule:admin_required"]], - - "identity:get_credential": [["rule:admin_required"]], - "identity:list_credentials": [["rule:admin_required"]], - "identity:create_credential": [["rule:admin_required"]], - "identity:update_credential": [["rule:admin_required"]], - "identity:delete_credential": [["rule:admin_required"]], - - "identity:get_role": [["rule:admin_required"]], - "identity:list_roles": [["rule:admin_required"]], - "identity:create_role": [["rule:admin_required"]], - "identity:update_role": [["rule:admin_required"]], - "identity:delete_role": [["rule:admin_required"]], - - "identity:check_grant": [["rule:admin_required"]], - "identity:list_grants": [["rule:admin_required"]], - "identity:create_grant": [["rule:admin_required"]], - "identity:revoke_grant": [["rule:admin_required"]], - - "identity:get_policy": [["rule:admin_required"]], - "identity:list_policies": [["rule:admin_required"]], - "identity:create_policy": [["rule:admin_required"]], - "identity:update_policy": [["rule:admin_required"]], - "identity:delete_policy": [["rule:admin_required"]], - - "identity:check_token": [["rule:admin_required"]], - "identity:validate_token": [["rule:admin_required"]], - "identity:revocation_list": [["rule:admin_required"]], - "identity:revoke_token": [["rule:admin_required"], - ["user_id:%(user_id)s"]], - - "identity:create_trust": [["user_id:%(trust.trustor_user_id)s"]], - "identity:get_trust": [["rule:admin_or_owner"]], - "identity:list_trusts": [["@"]], - "identity:list_roles_for_trust": [["@"]], - "identity:check_role_for_trust": [["@"]], - "identity:get_role_for_trust": [["@"]], - "identity:delete_trust": [["@"]] -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/libvirt/libvirt.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/libvirt/libvirt.conf deleted file mode 100644 index 016cd24..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/libvirt/libvirt.conf +++ /dev/null @@ -1,18 +0,0 @@ -# -# This can be used to setup URI aliases for frequently -# used connection URIs. Aliases may contain only the -# characters a-Z, 0-9, _, -. -# -# Following the '=' may be any valid libvirt connection -# URI, including arbitrary parameters - -#uri_aliases = [ -# "hail=qemu+ssh://root@hail.cloud.example.com/system", -# "sleet=qemu+ssh://root@sleet.cloud.example.com/system", -#] - -# -# This can be used to prevent probing of the hypervisor -# driver when no URI is supplied by the application. - -#uri_default = "qemu:///system" diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/lvm/archive/os_00000-138444499.vg b/config_samples/fuel_web/golden_fuelweb/cnt1/lvm/archive/os_00000-138444499.vg deleted file mode 100644 index 17e7b10..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/lvm/archive/os_00000-138444499.vg +++ /dev/null @@ -1,80 +0,0 @@ -# Generated by LVM2 version 2.02.98(2)-RHEL6 (2012-10-15): Mon Sep 16 13:29:54 2013 - -contents = "Text Format Volume Group" -version = 1 - -description = "Created *before* executing '/sbin/vgs --noheadings -o name --config 'log{command_names=0 prefix=\" \"}''" - -creation_host = "controller-13.domain.tld" # Linux controller-13.domain.tld 2.6.32-358.6.2.el6.x86_64 #1 SMP Thu May 16 20:59:36 UTC 2013 x86_64 -creation_time = 1379338194 # Mon Sep 16 13:29:54 2013 - -os { - id = "VIjRLX-xF0U-D3ge-eBtO-mRbK-2Ojf-ou2LIt" - seqno = 3 - format = "lvm2" # informational - status = ["RESIZEABLE", "READ", "WRITE"] - flags = [] - extent_size = 65536 # 32 Megabytes - max_lv = 0 - max_pv = 0 - metadata_copies = 0 - - physical_volumes { - - pv0 { - id = "Odqxed-6TFL-FydT-JHUC-mEDU-pj7G-w6qgHf" - device = "/dev/sda2" # Hint only - - status = ["ALLOCATABLE"] - flags = [] - dev_size = 29321216 # 13.9814 Gigabytes - pe_start = 2048 - pe_count = 447 # 13.9688 Gigabytes - } - } - - logical_volumes { - - root { - id = "p5Q4L3-DUZ1-H4Io-eftj-OObE-OFiC-mIpldy" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "controller-13.domain.tld" - creation_time = 1379337811 # 2013-09-16 13:23:31 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 320 # 10 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 0 - ] - } - } - - swap { - id = "1nDiS3-10T0-JpQ5-n4El-JwXJ-b7qD-ZA0ZdX" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "controller-13.domain.tld" - creation_time = 1379337815 # 2013-09-16 13:23:35 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 126 # 3.9375 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 320 - ] - } - } - } -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/lvm/backup/os b/config_samples/fuel_web/golden_fuelweb/cnt1/lvm/backup/os deleted file mode 100644 index fde550e..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/lvm/backup/os +++ /dev/null @@ -1,80 +0,0 @@ -# Generated by LVM2 version 2.02.98(2)-RHEL6 (2012-10-15): Mon Sep 16 13:29:54 2013 - -contents = "Text Format Volume Group" -version = 1 - -description = "Created *after* executing '/sbin/vgs --noheadings -o name --config 'log{command_names=0 prefix=\" \"}''" - -creation_host = "controller-13.domain.tld" # Linux controller-13.domain.tld 2.6.32-358.6.2.el6.x86_64 #1 SMP Thu May 16 20:59:36 UTC 2013 x86_64 -creation_time = 1379338194 # Mon Sep 16 13:29:54 2013 - -os { - id = "VIjRLX-xF0U-D3ge-eBtO-mRbK-2Ojf-ou2LIt" - seqno = 3 - format = "lvm2" # informational - status = ["RESIZEABLE", "READ", "WRITE"] - flags = [] - extent_size = 65536 # 32 Megabytes - max_lv = 0 - max_pv = 0 - metadata_copies = 0 - - physical_volumes { - - pv0 { - id = "Odqxed-6TFL-FydT-JHUC-mEDU-pj7G-w6qgHf" - device = "/dev/sda2" # Hint only - - status = ["ALLOCATABLE"] - flags = [] - dev_size = 29321216 # 13.9814 Gigabytes - pe_start = 2048 - pe_count = 447 # 13.9688 Gigabytes - } - } - - logical_volumes { - - root { - id = "p5Q4L3-DUZ1-H4Io-eftj-OObE-OFiC-mIpldy" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "controller-13.domain.tld" - creation_time = 1379337811 # 2013-09-16 13:23:31 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 320 # 10 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 0 - ] - } - } - - swap { - id = "1nDiS3-10T0-JpQ5-n4El-JwXJ-b7qD-ZA0ZdX" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "controller-13.domain.tld" - creation_time = 1379337815 # 2013-09-16 13:23:35 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 126 # 3.9375 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 320 - ] - } - } - } -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/lvm/lvm.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/lvm/lvm.conf deleted file mode 100644 index 542a2e6..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/lvm/lvm.conf +++ /dev/null @@ -1,843 +0,0 @@ -# This is an example configuration file for the LVM2 system. -# It contains the default settings that would be used if there was no -# /etc/lvm/lvm.conf file. -# -# Refer to 'man lvm.conf' for further information including the file layout. -# -# To put this file in a different directory and override /etc/lvm set -# the environment variable LVM_SYSTEM_DIR before running the tools. -# -# N.B. Take care that each setting only appears once if uncommenting -# example settings in this file. - - -# This section allows you to configure which block devices should -# be used by the LVM system. -devices { - - # Where do you want your volume groups to appear ? - dir = "/dev" - - # An array of directories that contain the device nodes you wish - # to use with LVM2. - scan = [ "/dev" ] - - # If set, the cache of block device nodes with all associated symlinks - # will be constructed out of the existing udev database content. - # This avoids using and opening any inapplicable non-block devices or - # subdirectories found in the device directory. This setting is applied - # to udev-managed device directory only, other directories will be scanned - # fully. LVM2 needs to be compiled with udev support for this setting to - # take effect. N.B. Any device node or symlink not managed by udev in - # udev directory will be ignored with this setting on. - obtain_device_list_from_udev = 1 - - # If several entries in the scanned directories correspond to the - # same block device and the tools need to display a name for device, - # all the pathnames are matched against each item in the following - # list of regular expressions in turn and the first match is used. - # preferred_names = [ ] - - # Try to avoid using undescriptive /dev/dm-N names, if present. - preferred_names = [ "^/dev/mpath/", "^/dev/mapper/mpath", "^/dev/[hs]d" ] - - # A filter that tells LVM2 to only use a restricted set of devices. - # The filter consists of an array of regular expressions. These - # expressions can be delimited by a character of your choice, and - # prefixed with either an 'a' (for accept) or 'r' (for reject). - # The first expression found to match a device name determines if - # the device will be accepted or rejected (ignored). Devices that - # don't match any patterns are accepted. - - # Be careful if there there are symbolic links or multiple filesystem - # entries for the same device as each name is checked separately against - # the list of patterns. The effect is that if the first pattern in the - # list to match a name is an 'a' pattern for any of the names, the device - # is accepted; otherwise if the first pattern in the list to match a name - # is an 'r' pattern for any of the names it is rejected; otherwise it is - # accepted. - - # Don't have more than one filter line active at once: only one gets used. - - # Run vgscan after you change this parameter to ensure that - # the cache file gets regenerated (see below). - # If it doesn't do what you expect, check the output of 'vgscan -vvvv'. - - - # By default we accept every block device: - filter = [ "a/.*/" ] - - # Exclude the cdrom drive - # filter = [ "r|/dev/cdrom|" ] - - # When testing I like to work with just loopback devices: - # filter = [ "a/loop/", "r/.*/" ] - - # Or maybe all loops and ide drives except hdc: - # filter =[ "a|loop|", "r|/dev/hdc|", "a|/dev/ide|", "r|.*|" ] - - # Use anchors if you want to be really specific - # filter = [ "a|^/dev/hda8$|", "r/.*/" ] - - # Since "filter" is often overriden from command line, it is not suitable - # for system-wide device filtering (udev rules, lvmetad). To hide devices - # from LVM-specific udev processing and/or from lvmetad, you need to set - # global_filter. The syntax is the same as for normal "filter" - # above. Devices that fail the global_filter are not even opened by LVM. - - # global_filter = [] - - # The results of the filtering are cached on disk to avoid - # rescanning dud devices (which can take a very long time). - # By default this cache is stored in the /etc/lvm/cache directory - # in a file called '.cache'. - # It is safe to delete the contents: the tools regenerate it. - # (The old setting 'cache' is still respected if neither of - # these new ones is present.) - # N.B. If obtain_device_list_from_udev is set to 1 the list of - # devices is instead obtained from udev and any existing .cache - # file is removed. - cache_dir = "/etc/lvm/cache" - cache_file_prefix = "" - - # You can turn off writing this cache file by setting this to 0. - write_cache_state = 1 - - # Advanced settings. - - # List of pairs of additional acceptable block device types found - # in /proc/devices with maximum (non-zero) number of partitions. - # types = [ "fd", 16 ] - - # If sysfs is mounted (2.6 kernels) restrict device scanning to - # the block devices it believes are valid. - # 1 enables; 0 disables. - sysfs_scan = 1 - - # By default, LVM2 will ignore devices used as component paths - # of device-mapper multipath devices. - # 1 enables; 0 disables. - multipath_component_detection = 1 - - # By default, LVM2 will ignore devices used as components of - # software RAID (md) devices by looking for md superblocks. - # 1 enables; 0 disables. - md_component_detection = 1 - - # By default, if a PV is placed directly upon an md device, LVM2 - # will align its data blocks with the md device's stripe-width. - # 1 enables; 0 disables. - md_chunk_alignment = 1 - - # Default alignment of the start of a data area in MB. If set to 0, - # a value of 64KB will be used. Set to 1 for 1MiB, 2 for 2MiB, etc. - # default_data_alignment = 1 - - # By default, the start of a PV's data area will be a multiple of - # the 'minimum_io_size' or 'optimal_io_size' exposed in sysfs. - # - minimum_io_size - the smallest request the device can perform - # w/o incurring a read-modify-write penalty (e.g. MD's chunk size) - # - optimal_io_size - the device's preferred unit of receiving I/O - # (e.g. MD's stripe width) - # minimum_io_size is used if optimal_io_size is undefined (0). - # If md_chunk_alignment is enabled, that detects the optimal_io_size. - # This setting takes precedence over md_chunk_alignment. - # 1 enables; 0 disables. - data_alignment_detection = 1 - - # Alignment (in KB) of start of data area when creating a new PV. - # md_chunk_alignment and data_alignment_detection are disabled if set. - # Set to 0 for the default alignment (see: data_alignment_default) - # or page size, if larger. - data_alignment = 0 - - # By default, the start of the PV's aligned data area will be shifted by - # the 'alignment_offset' exposed in sysfs. This offset is often 0 but - # may be non-zero; e.g.: certain 4KB sector drives that compensate for - # windows partitioning will have an alignment_offset of 3584 bytes - # (sector 7 is the lowest aligned logical block, the 4KB sectors start - # at LBA -1, and consequently sector 63 is aligned on a 4KB boundary). - # But note that pvcreate --dataalignmentoffset will skip this detection. - # 1 enables; 0 disables. - data_alignment_offset_detection = 1 - - # If, while scanning the system for PVs, LVM2 encounters a device-mapper - # device that has its I/O suspended, it waits for it to become accessible. - # Set this to 1 to skip such devices. This should only be needed - # in recovery situations. - ignore_suspended_devices = 0 - - # During each LVM operation errors received from each device are counted. - # If the counter of a particular device exceeds the limit set here, no - # further I/O is sent to that device for the remainder of the respective - # operation. Setting the parameter to 0 disables the counters altogether. - disable_after_error_count = 0 - - # Allow use of pvcreate --uuid without requiring --restorefile. - require_restorefile_with_uuid = 1 - - # Minimum size (in KB) of block devices which can be used as PVs. - # In a clustered environment all nodes must use the same value. - # Any value smaller than 512KB is ignored. - - # Ignore devices smaller than 2MB such as floppy drives. - pv_min_size = 2048 - - # The original built-in setting was 512 up to and including version 2.02.84. - # pv_min_size = 512 - - # Issue discards to a logical volumes's underlying physical volume(s) when - # the logical volume is no longer using the physical volumes' space (e.g. - # lvremove, lvreduce, etc). Discards inform the storage that a region is - # no longer in use. Storage that supports discards advertise the protocol - # specific way discards should be issued by the kernel (TRIM, UNMAP, or - # WRITE SAME with UNMAP bit set). Not all storage will support or benefit - # from discards but SSDs and thinly provisioned LUNs generally do. If set - # to 1, discards will only be issued if both the storage and kernel provide - # support. - # 1 enables; 0 disables. - issue_discards = 0 -} - -# This section allows you to configure the way in which LVM selects -# free space for its Logical Volumes. -allocation { - - # When searching for free space to extend an LV, the "cling" - # allocation policy will choose space on the same PVs as the last - # segment of the existing LV. If there is insufficient space and a - # list of tags is defined here, it will check whether any of them are - # attached to the PVs concerned and then seek to match those PV tags - # between existing extents and new extents. - # Use the special tag "@*" as a wildcard to match any PV tag. - - # Example: LVs are mirrored between two sites within a single VG. - # PVs are tagged with either @site1 or @site2 to indicate where - # they are situated. - - # cling_tag_list = [ "@site1", "@site2" ] - # cling_tag_list = [ "@*" ] - - # Changes made in version 2.02.85 extended the reach of the 'cling' - # policies to detect more situations where data can be grouped - # onto the same disks. Set this to 0 to revert to the previous - # algorithm. - maximise_cling = 1 - - # Set to 1 to guarantee that mirror logs will always be placed on - # different PVs from the mirror images. This was the default - # until version 2.02.85. - mirror_logs_require_separate_pvs = 0 - - # Set to 1 to guarantee that thin pool metadata will always - # be placed on different PVs from the pool data. - thin_pool_metadata_require_separate_pvs = 0 - - # Specify the minimal chunk size (in KB) for thin pool volumes. - # Use of the larger chunk size may improve perfomance for plain - # thin volumes, however using them for snapshot volumes is less efficient, - # as it consumes more space and takes extra time for copying. - # When unset, lvm tries to estimate chunk size starting from 64KB - # Supported values are in range from 64 to 1048576. - # thin_pool_chunk_size = 64 - - # Specify discards behavior of the thin pool volume. - # Select one of "ignore", "nopassdown", "passdown" - # thin_pool_discards = "passdown" - - # Set to 0, to disable zeroing of thin pool data chunks before their - # first use. - # N.B. zeroing larger thin pool chunk size degrades performance. - # thin_pool_zero = 1 -} - -# This section that allows you to configure the nature of the -# information that LVM2 reports. -log { - - # Controls the messages sent to stdout or stderr. - # There are three levels of verbosity, 3 being the most verbose. - verbose = 0 - - # Set to 1 to suppress all non-essential messages from stdout. - # This has the same effect as -qq. - # When this is set, the following commands still produce output: - # dumpconfig, lvdisplay, lvmdiskscan, lvs, pvck, pvdisplay, - # pvs, version, vgcfgrestore -l, vgdisplay, vgs. - # Non-essential messages are shifted from log level 4 to log level 5 - # for syslog and lvm2_log_fn purposes. - # Any 'yes' or 'no' questions not overridden by other arguments - # are suppressed and default to 'no'. - silent = 0 - - # Should we send log messages through syslog? - # 1 is yes; 0 is no. - syslog = 1 - - # Should we log error and debug messages to a file? - # By default there is no log file. - #file = "/var/log/lvm2.log" - - # Should we overwrite the log file each time the program is run? - # By default we append. - overwrite = 0 - - # What level of log messages should we send to the log file and/or syslog? - # There are 6 syslog-like log levels currently in use - 2 to 7 inclusive. - # 7 is the most verbose (LOG_DEBUG). - level = 0 - - # Format of output messages - # Whether or not (1 or 0) to indent messages according to their severity - indent = 1 - - # Whether or not (1 or 0) to display the command name on each line output - command_names = 0 - - # A prefix to use before the message text (but after the command name, - # if selected). Default is two spaces, so you can see/grep the severity - # of each message. - prefix = " " - - # To make the messages look similar to the original LVM tools use: - # indent = 0 - # command_names = 1 - # prefix = " -- " - - # Set this if you want log messages during activation. - # Don't use this in low memory situations (can deadlock). - # activation = 0 -} - -# Configuration of metadata backups and archiving. In LVM2 when we -# talk about a 'backup' we mean making a copy of the metadata for the -# *current* system. The 'archive' contains old metadata configurations. -# Backups are stored in a human readeable text format. -backup { - - # Should we maintain a backup of the current metadata configuration ? - # Use 1 for Yes; 0 for No. - # Think very hard before turning this off! - backup = 1 - - # Where shall we keep it ? - # Remember to back up this directory regularly! - backup_dir = "/etc/lvm/backup" - - # Should we maintain an archive of old metadata configurations. - # Use 1 for Yes; 0 for No. - # On by default. Think very hard before turning this off. - archive = 1 - - # Where should archived files go ? - # Remember to back up this directory regularly! - archive_dir = "/etc/lvm/archive" - - # What is the minimum number of archive files you wish to keep ? - retain_min = 10 - - # What is the minimum time you wish to keep an archive file for ? - retain_days = 30 -} - -# Settings for the running LVM2 in shell (readline) mode. -shell { - - # Number of lines of history to store in ~/.lvm_history - history_size = 100 -} - - -# Miscellaneous global LVM2 settings -global { - - # The file creation mask for any files and directories created. - # Interpreted as octal if the first digit is zero. - umask = 077 - - # Allow other users to read the files - #umask = 022 - - # Enabling test mode means that no changes to the on disk metadata - # will be made. Equivalent to having the -t option on every - # command. Defaults to off. - test = 0 - - # Default value for --units argument - units = "h" - - # Since version 2.02.54, the tools distinguish between powers of - # 1024 bytes (e.g. KiB, MiB, GiB) and powers of 1000 bytes (e.g. - # KB, MB, GB). - # If you have scripts that depend on the old behaviour, set this to 0 - # temporarily until you update them. - si_unit_consistency = 1 - - # Whether or not to communicate with the kernel device-mapper. - # Set to 0 if you want to use the tools to manipulate LVM metadata - # without activating any logical volumes. - # If the device-mapper kernel driver is not present in your kernel - # setting this to 0 should suppress the error messages. - activation = 1 - - # If we can't communicate with device-mapper, should we try running - # the LVM1 tools? - # This option only applies to 2.4 kernels and is provided to help you - # switch between device-mapper kernels and LVM1 kernels. - # The LVM1 tools need to be installed with .lvm1 suffices - # e.g. vgscan.lvm1 and they will stop working after you start using - # the new lvm2 on-disk metadata format. - # The default value is set when the tools are built. - # fallback_to_lvm1 = 0 - - # The default metadata format that commands should use - "lvm1" or "lvm2". - # The command line override is -M1 or -M2. - # Defaults to "lvm2". - # format = "lvm2" - - # Location of proc filesystem - proc = "/proc" - - # Type of locking to use. Defaults to local file-based locking (1). - # Turn locking off by setting to 0 (dangerous: risks metadata corruption - # if LVM2 commands get run concurrently). - # Type 2 uses the external shared library locking_library. - # Type 3 uses built-in clustered locking. - # Type 4 uses read-only locking which forbids any operations that might - # change metadata. - locking_type = 1 - - # Set to 0 to fail when a lock request cannot be satisfied immediately. - wait_for_locks = 1 - - # If using external locking (type 2) and initialisation fails, - # with this set to 1 an attempt will be made to use the built-in - # clustered locking. - # If you are using a customised locking_library you should set this to 0. - fallback_to_clustered_locking = 1 - - # If an attempt to initialise type 2 or type 3 locking failed, perhaps - # because cluster components such as clvmd are not running, with this set - # to 1 an attempt will be made to use local file-based locking (type 1). - # If this succeeds, only commands against local volume groups will proceed. - # Volume Groups marked as clustered will be ignored. - fallback_to_local_locking = 1 - - # Local non-LV directory that holds file-based locks while commands are - # in progress. A directory like /tmp that may get wiped on reboot is OK. - locking_dir = "/var/lock/lvm" - - # Whenever there are competing read-only and read-write access requests for - # a volume group's metadata, instead of always granting the read-only - # requests immediately, delay them to allow the read-write requests to be - # serviced. Without this setting, write access may be stalled by a high - # volume of read-only requests. - # NB. This option only affects locking_type = 1 viz. local file-based - # locking. - prioritise_write_locks = 1 - - # Other entries can go here to allow you to load shared libraries - # e.g. if support for LVM1 metadata was compiled as a shared library use - # format_libraries = "liblvm2format1.so" - # Full pathnames can be given. - - # Search this directory first for shared libraries. - # library_dir = "/lib" - - # The external locking library to load if locking_type is set to 2. - # locking_library = "liblvm2clusterlock.so" - - # Treat any internal errors as fatal errors, aborting the process that - # encountered the internal error. Please only enable for debugging. - abort_on_internal_errors = 0 - - # Check whether CRC is matching when parsed VG is used multiple times. - # This is useful to catch unexpected internal cached volume group - # structure modification. Please only enable for debugging. - detect_internal_vg_cache_corruption = 0 - - # If set to 1, no operations that change on-disk metadata will be permitted. - # Additionally, read-only commands that encounter metadata in need of repair - # will still be allowed to proceed exactly as if the repair had been - # performed (except for the unchanged vg_seqno). - # Inappropriate use could mess up your system, so seek advice first! - metadata_read_only = 0 - - # 'mirror_segtype_default' defines which segtype will be used when the - # shorthand '-m' option is used for mirroring. The possible options are: - # - # "mirror" - The original RAID1 implementation provided by LVM2/DM. It is - # characterized by a flexible log solution (core, disk, mirrored) - # and by the necessity to block I/O while reconfiguring in the - # event of a failure. - # - # There is an inherent race in the dmeventd failure handling - # logic with snapshots of devices using this type of RAID1 that - # in the worst case could cause a deadlock. - # Ref: https://bugzilla.redhat.com/show_bug.cgi?id=817130#c10 - # - # "raid1" - This implementation leverages MD's RAID1 personality through - # device-mapper. It is characterized by a lack of log options. - # (A log is always allocated for every device and they are placed - # on the same device as the image - no separate devices are - # required.) This mirror implementation does not require I/O - # to be blocked in the kernel in the event of a failure. - # This mirror implementation is not cluster-aware and cannot be - # used in a shared (active/active) fashion in a cluster. - # - # Specify the '--type ' option to override this default - # setting. - mirror_segtype_default = "mirror" - - # The default format for displaying LV names in lvdisplay was changed - # in version 2.02.89 to show the LV name and path separately. - # Previously this was always shown as /dev/vgname/lvname even when that - # was never a valid path in the /dev filesystem. - # Set to 1 to reinstate the previous format. - # - # lvdisplay_shows_full_device_path = 0 - - # Whether to use (trust) a running instance of lvmetad. If this is set to - # 0, all commands fall back to the usual scanning mechanisms. When set to 1 - # *and* when lvmetad is running (it is not auto-started), the volume group - # metadata and PV state flags are obtained from the lvmetad instance and no - # scanning is done by the individual commands. In a setup with lvmetad, - # lvmetad udev rules *must* be set up for LVM to work correctly. Without - # proper udev rules, all changes in block device configuration will be - # *ignored* until a manual 'pvscan --cache' is performed. - # - # If lvmetad has been running while use_lvmetad was 0, it MUST be stopped - # before changing use_lvmetad to 1 and started again afterwards. - use_lvmetad = 0 - - # Full path of the utility called to check that a thin metadata device - # is in a state that allows it to be used. - # Each time a thin pool needs to be activated or after it is deactivated - # this utility is executed. The activation will only proceed if the utility - # has an exit status of 0. - # Set to "" to skip this check. (Not recommended.) - # The thin tools are available as part of the device-mapper-persistent-data - # package from https://github.com/jthornber/thin-provisioning-tools. - # - thin_check_executable = "/usr/sbin/thin_check" - - # String with options passed with thin_check command. By default, - # option '-q' is for quiet output. - thin_check_options = [ "-q" ] - - # If set, given features are not used by thin driver. - # This can be helpful not just for testing, but i.e. allows to avoid - # using problematic implementation of some thin feature. - # Features: - # block_size - # discards - # discards_non_power_2 - # - # thin_disabled_features = [ "discards", "block_size" ] -} - -activation { - # Set to 1 to perform internal checks on the operations issued to - # libdevmapper. Useful for debugging problems with activation. - # Some of the checks may be expensive, so it's best to use this - # only when there seems to be a problem. - checks = 0 - - # Set to 0 to disable udev synchronisation (if compiled into the binaries). - # Processes will not wait for notification from udev. - # They will continue irrespective of any possible udev processing - # in the background. You should only use this if udev is not running - # or has rules that ignore the devices LVM2 creates. - # The command line argument --nodevsync takes precedence over this setting. - # If set to 1 when udev is not running, and there are LVM2 processes - # waiting for udev, run 'dmsetup udevcomplete_all' manually to wake them up. - udev_sync = 1 - - # Set to 0 to disable the udev rules installed by LVM2 (if built with - # --enable-udev_rules). LVM2 will then manage the /dev nodes and symlinks - # for active logical volumes directly itself. - # N.B. Manual intervention may be required if this setting is changed - # while any logical volumes are active. - udev_rules = 1 - - # Set to 1 for LVM2 to verify operations performed by udev. This turns on - # additional checks (and if necessary, repairs) on entries in the device - # directory after udev has completed processing its events. - # Useful for diagnosing problems with LVM2/udev interactions. - verify_udev_operations = 0 - - # If set to 1 and if deactivation of an LV fails, perhaps because - # a process run from a quick udev rule temporarily opened the device, - # retry the operation for a few seconds before failing. - retry_deactivation = 1 - - # How to fill in missing stripes if activating an incomplete volume. - # Using "error" will make inaccessible parts of the device return - # I/O errors on access. You can instead use a device path, in which - # case, that device will be used to in place of missing stripes. - # But note that using anything other than "error" with mirrored - # or snapshotted volumes is likely to result in data corruption. - missing_stripe_filler = "error" - - # The linear target is an optimised version of the striped target - # that only handles a single stripe. Set this to 0 to disable this - # optimisation and always use the striped target. - use_linear_target = 1 - - # How much stack (in KB) to reserve for use while devices suspended - # Prior to version 2.02.89 this used to be set to 256KB - reserved_stack = 64 - - # How much memory (in KB) to reserve for use while devices suspended - reserved_memory = 8192 - - # Nice value used while devices suspended - process_priority = -18 - - # If volume_list is defined, each LV is only activated if there is a - # match against the list. - # "vgname" and "vgname/lvname" are matched exactly. - # "@tag" matches any tag set in the LV or VG. - # "@*" matches if any tag defined on the host is also set in the LV or VG - # - # volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] - - # If auto_activation_volume_list is defined, each LV that is to be - # activated is checked against the list while using the autoactivation - # option (--activate ay/-a ay), and if it matches, it is activated. - # "vgname" and "vgname/lvname" are matched exactly. - # "@tag" matches any tag set in the LV or VG. - # "@*" matches if any tag defined on the host is also set in the LV or VG - # - # auto_activation_volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] - - # If read_only_volume_list is defined, each LV that is to be activated - # is checked against the list, and if it matches, it as activated - # in read-only mode. (This overrides '--permission rw' stored in the - # metadata.) - # "vgname" and "vgname/lvname" are matched exactly. - # "@tag" matches any tag set in the LV or VG. - # "@*" matches if any tag defined on the host is also set in the LV or VG - # - # read_only_volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] - - # Size (in KB) of each copy operation when mirroring - mirror_region_size = 512 - - # Setting to use when there is no readahead value stored in the metadata. - # - # "none" - Disable readahead. - # "auto" - Use default value chosen by kernel. - readahead = "auto" - - # 'raid_fault_policy' defines how a device failure in a RAID logical - # volume is handled. This includes logical volumes that have the following - # segment types: raid1, raid4, raid5*, and raid6*. - # - # In the event of a failure, the following policies will determine what - # actions are performed during the automated response to failures (when - # dmeventd is monitoring the RAID logical volume) and when 'lvconvert' is - # called manually with the options '--repair' and '--use-policies'. - # - # "warn" - Use the system log to warn the user that a device in the RAID - # logical volume has failed. It is left to the user to run - # 'lvconvert --repair' manually to remove or replace the failed - # device. As long as the number of failed devices does not - # exceed the redundancy of the logical volume (1 device for - # raid4/5, 2 for raid6, etc) the logical volume will remain - # usable. - # - # "allocate" - Attempt to use any extra physical volumes in the volume - # group as spares and replace faulty devices. - # - raid_fault_policy = "warn" - - # 'mirror_image_fault_policy' and 'mirror_log_fault_policy' define - # how a device failure affecting a mirror (of "mirror" segment type) is - # handled. A mirror is composed of mirror images (copies) and a log. - # A disk log ensures that a mirror does not need to be re-synced - # (all copies made the same) every time a machine reboots or crashes. - # - # In the event of a failure, the specified policy will be used to determine - # what happens. This applies to automatic repairs (when the mirror is being - # monitored by dmeventd) and to manual lvconvert --repair when - # --use-policies is given. - # - # "remove" - Simply remove the faulty device and run without it. If - # the log device fails, the mirror would convert to using - # an in-memory log. This means the mirror will not - # remember its sync status across crashes/reboots and - # the entire mirror will be re-synced. If a - # mirror image fails, the mirror will convert to a - # non-mirrored device if there is only one remaining good - # copy. - # - # "allocate" - Remove the faulty device and try to allocate space on - # a new device to be a replacement for the failed device. - # Using this policy for the log is fast and maintains the - # ability to remember sync state through crashes/reboots. - # Using this policy for a mirror device is slow, as it - # requires the mirror to resynchronize the devices, but it - # will preserve the mirror characteristic of the device. - # This policy acts like "remove" if no suitable device and - # space can be allocated for the replacement. - # - # "allocate_anywhere" - Not yet implemented. Useful to place the log device - # temporarily on same physical volume as one of the mirror - # images. This policy is not recommended for mirror devices - # since it would break the redundant nature of the mirror. This - # policy acts like "remove" if no suitable device and space can - # be allocated for the replacement. - - mirror_log_fault_policy = "allocate" - mirror_image_fault_policy = "remove" - - # 'snapshot_autoextend_threshold' and 'snapshot_autoextend_percent' define - # how to handle automatic snapshot extension. The former defines when the - # snapshot should be extended: when its space usage exceeds this many - # percent. The latter defines how much extra space should be allocated for - # the snapshot, in percent of its current size. - # - # For example, if you set snapshot_autoextend_threshold to 70 and - # snapshot_autoextend_percent to 20, whenever a snapshot exceeds 70% usage, - # it will be extended by another 20%. For a 1G snapshot, using up 700M will - # trigger a resize to 1.2G. When the usage exceeds 840M, the snapshot will - # be extended to 1.44G, and so on. - # - # Setting snapshot_autoextend_threshold to 100 disables automatic - # extensions. The minimum value is 50 (A setting below 50 will be treated - # as 50). - - snapshot_autoextend_threshold = 100 - snapshot_autoextend_percent = 20 - - # 'thin_pool_autoextend_threshold' and 'thin_pool_autoextend_percent' define - # how to handle automatic pool extension. The former defines when the - # pool should be extended: when its space usage exceeds this many - # percent. The latter defines how much extra space should be allocated for - # the pool, in percent of its current size. - # - # For example, if you set thin_pool_autoextend_threshold to 70 and - # thin_pool_autoextend_percent to 20, whenever a pool exceeds 70% usage, - # it will be extended by another 20%. For a 1G pool, using up 700M will - # trigger a resize to 1.2G. When the usage exceeds 840M, the pool will - # be extended to 1.44G, and so on. - # - # Setting thin_pool_autoextend_threshold to 100 disables automatic - # extensions. The minimum value is 50 (A setting below 50 will be treated - # as 50). - - thin_pool_autoextend_threshold = 100 - thin_pool_autoextend_percent = 20 - - # While activating devices, I/O to devices being (re)configured is - # suspended, and as a precaution against deadlocks, LVM2 needs to pin - # any memory it is using so it is not paged out. Groups of pages that - # are known not to be accessed during activation need not be pinned - # into memory. Each string listed in this setting is compared against - # each line in /proc/self/maps, and the pages corresponding to any - # lines that match are not pinned. On some systems locale-archive was - # found to make up over 80% of the memory used by the process. - # mlock_filter = [ "locale/locale-archive", "gconv/gconv-modules.cache" ] - - # Set to 1 to revert to the default behaviour prior to version 2.02.62 - # which used mlockall() to pin the whole process's memory while activating - # devices. - use_mlockall = 0 - - # Monitoring is enabled by default when activating logical volumes. - # Set to 0 to disable monitoring or use the --ignoremonitoring option. - monitoring = 1 - - # When pvmove or lvconvert must wait for the kernel to finish - # synchronising or merging data, they check and report progress - # at intervals of this number of seconds. The default is 15 seconds. - # If this is set to 0 and there is only one thing to wait for, there - # are no progress reports, but the process is awoken immediately the - # operation is complete. - polling_interval = 15 -} - - -#################### -# Advanced section # -#################### - -# Metadata settings -# -# metadata { - # Default number of copies of metadata to hold on each PV. 0, 1 or 2. - # You might want to override it from the command line with 0 - # when running pvcreate on new PVs which are to be added to large VGs. - - # pvmetadatacopies = 1 - - # Default number of copies of metadata to maintain for each VG. - # If set to a non-zero value, LVM automatically chooses which of - # the available metadata areas to use to achieve the requested - # number of copies of the VG metadata. If you set a value larger - # than the the total number of metadata areas available then - # metadata is stored in them all. - # The default value of 0 ("unmanaged") disables this automatic - # management and allows you to control which metadata areas - # are used at the individual PV level using 'pvchange - # --metadataignore y/n'. - - # vgmetadatacopies = 0 - - # Approximate default size of on-disk metadata areas in sectors. - # You should increase this if you have large volume groups or - # you want to retain a large on-disk history of your metadata changes. - - # pvmetadatasize = 255 - - # List of directories holding live copies of text format metadata. - # These directories must not be on logical volumes! - # It's possible to use LVM2 with a couple of directories here, - # preferably on different (non-LV) filesystems, and with no other - # on-disk metadata (pvmetadatacopies = 0). Or this can be in - # addition to on-disk metadata areas. - # The feature was originally added to simplify testing and is not - # supported under low memory situations - the machine could lock up. - # - # Never edit any files in these directories by hand unless you - # you are absolutely sure you know what you are doing! Use - # the supplied toolset to make changes (e.g. vgcfgrestore). - - # dirs = [ "/etc/lvm/metadata", "/mnt/disk2/lvm/metadata2" ] -#} - -# Event daemon -# -dmeventd { - # mirror_library is the library used when monitoring a mirror device. - # - # "libdevmapper-event-lvm2mirror.so" attempts to recover from - # failures. It removes failed devices from a volume group and - # reconfigures a mirror as necessary. If no mirror library is - # provided, mirrors are not monitored through dmeventd. - - mirror_library = "libdevmapper-event-lvm2mirror.so" - - # snapshot_library is the library used when monitoring a snapshot device. - # - # "libdevmapper-event-lvm2snapshot.so" monitors the filling of - # snapshots and emits a warning through syslog when the use of - # the snapshot exceeds 80%. The warning is repeated when 85%, 90% and - # 95% of the snapshot is filled. - - snapshot_library = "libdevmapper-event-lvm2snapshot.so" - - # thin_library is the library used when monitoring a thin device. - # - # "libdevmapper-event-lvm2thin.so" monitors the filling of - # pool and emits a warning through syslog when the use of - # the pool exceeds 80%. The warning is repeated when 85%, 90% and - # 95% of the pool is filled. - - thin_library = "libdevmapper-event-lvm2thin.so" - - # Full path of the dmeventd binary. - # - # executable = "/sbin/dmeventd" -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/mysql/conf.d/wsrep.cnf b/config_samples/fuel_web/golden_fuelweb/cnt1/mysql/conf.d/wsrep.cnf deleted file mode 100644 index 8c50719..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/mysql/conf.d/wsrep.cnf +++ /dev/null @@ -1,129 +0,0 @@ -# This file contains wsrep-related mysqld options. It should be included -# in the main MySQL configuration file. -# -# Options that need to be customized: -# - wsrep_provider -# - wsrep_cluster_address -# - wsrep_sst_auth -# The rest of defaults should work out of the box. - -## -## mysqld options _MANDATORY_ for correct opration of the cluster -## -[mysqld] - -# (This must be substituted by wsrep_format) -binlog_format=ROW - -# Currently only InnoDB storage engine is supported -default-storage-engine=innodb - -# to avoid issues with 'bulk mode inserts' using autoinc -innodb_autoinc_lock_mode=2 - -# This is a must for paralell applying -innodb_locks_unsafe_for_binlog=1 - -# Query Cache is not supported with wsrep -query_cache_size=0 -query_cache_type=0 - -# Override bind-address -# In some systems bind-address defaults to 127.0.0.1, and with mysqldump SST -# it will have (most likely) disastrous consequences on donor node -bind-address=192.168.0.2 -port=3307 - -max_connections=2048 - -## -## WSREP options -## -# Full path to wsrep provider library or 'none' -wsrep_provider=/usr/lib64/galera/libgalera_smm.so - -# Provider specific configuration options -# See http://www.codership.com/wiki/doku.php?id=faq - -wsrep_provider_options="pc.ignore_sb = no;ist.recv_addr=192.168.0.2;gmcast.listen_addr=tcp://192.168.0.2:4567" - -# Logical cluster name. Should be the same for all nodes. -wsrep_cluster_name="openstack" - -wsrep_cluster_address="gcomm://192.168.0.4:4567,192.168.0.3:4567" - -# Human-readable node name (non-unique). Hostname by default. -#wsrep_node_name= - -# Base replication [:port] of the node. -# The values supplied will be used as defaults for state transfer receiving, -# listening ports and so on. Default: address of the first network interface. -wsrep_node_address=192.168.0.2 - -# Address for incoming client connections. Autodetect by default. -#wsrep_node_incoming_address= - -# How many threads will process writesets from other nodes -wsrep_slave_threads=32 - -# DBUG options for wsrep provider -#wsrep_dbug_option - -# Generate fake primary keys for non-PK tables (required for multi-master -# and parallel applying operation) -wsrep_certify_nonPK=1 - -# Maximum number of rows in write set -wsrep_max_ws_rows=131072 - -# Maximum size of write set -wsrep_max_ws_size=1073741824 - -# to enable debug level logging, set this to 1 -wsrep_debug=0 - -# convert locking sessions into transactions -wsrep_convert_LOCK_to_trx=0 - -# how many times to retry deadlocked autocommits -wsrep_retry_autocommit=1 - -# change auto_increment_increment and auto_increment_offset automatically -wsrep_auto_increment_control=1 - -# retry autoinc insert, which failed for duplicate key error -wsrep_drupal_282555_workaround=0 - -# enable "strictly synchronous" semantics for read operations -wsrep_causal_reads=0 - -# Command to call when node status or cluster membership changes. -# Will be passed all or some of the following options: -# --status - new status of this node -# --uuid - UUID of the cluster -# --primary - whether the component is primary or not ("yes"/"no") -# --members - comma-separated list of members -# --index - index of this node in the list -wsrep_notify_cmd= - -## -## WSREP State Transfer options -## - -# State Snapshot Transfer method -wsrep_sst_method=mysqldump - -# Address on THIS node to receive SST at. DON'T SET IT TO DONOR ADDRESS!!! -# (SST method dependent. Defaults to the first IP of the first interface) -wsrep_sst_receive_address=192.168.0.2:3307 - -# SST authentication string. This will be used to send SST to joining nodes. -# Depends on SST method. For mysqldump method it is root: -wsrep_sst_auth=wsrep_sst:password - -# Desired SST donor name. -#wsrep_sst_donor= - -# Protocol version to use -# wsrep_protocol_version= -skip-name-resolve diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/nova/api-paste.ini b/config_samples/fuel_web/golden_fuelweb/cnt1/nova/api-paste.ini deleted file mode 100644 index 31bdf8f..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/nova/api-paste.ini +++ /dev/null @@ -1,102 +0,0 @@ -############ -# Metadata # -############ -[composite:metadata] -use = egg:Paste#urlmap -/: meta - -[pipeline:meta] -pipeline = ec2faultwrap logrequest metaapp - -[app:metaapp] -paste.app_factory = nova.api.metadata.handler:MetadataRequestHandler.factory - -####### -# EC2 # -####### - -[composite:ec2] -use = egg:Paste#urlmap -/services/Cloud: ec2cloud - -[composite:ec2cloud] -use = call:nova.api.auth:pipeline_factory -noauth = ec2faultwrap logrequest ec2noauth cloudrequest validator ec2executor -keystone = ec2faultwrap logrequest ec2keystoneauth cloudrequest validator ec2executor - -[filter:ec2faultwrap] -paste.filter_factory = nova.api.ec2:FaultWrapper.factory - -[filter:logrequest] -paste.filter_factory = nova.api.ec2:RequestLogging.factory - -[filter:ec2lockout] -paste.filter_factory = nova.api.ec2:Lockout.factory - -[filter:ec2keystoneauth] -paste.filter_factory = nova.api.ec2:EC2KeystoneAuth.factory - -[filter:ec2noauth] -paste.filter_factory = nova.api.ec2:NoAuth.factory - -[filter:cloudrequest] -controller = nova.api.ec2.cloud.CloudController -paste.filter_factory = nova.api.ec2:Requestify.factory - -[filter:authorizer] -paste.filter_factory = nova.api.ec2:Authorizer.factory - -[filter:validator] -paste.filter_factory = nova.api.ec2:Validator.factory - -[app:ec2executor] -paste.app_factory = nova.api.ec2:Executor.factory - -############# -# Openstack # -############# - -[composite:osapi_compute] -use = call:nova.api.openstack.urlmap:urlmap_factory -/: oscomputeversions -/v1.1: openstack_compute_api_v2 -/v2: openstack_compute_api_v2 - -[composite:openstack_compute_api_v2] -use = call:nova.api.auth:pipeline_factory -noauth = faultwrap sizelimit noauth ratelimit osapi_compute_app_v2 -keystone = faultwrap sizelimit authtoken keystonecontext ratelimit osapi_compute_app_v2 -keystone_nolimit = faultwrap sizelimit authtoken keystonecontext osapi_compute_app_v2 - -[filter:faultwrap] -paste.filter_factory = nova.api.openstack:FaultWrapper.factory - -[filter:noauth] -paste.filter_factory = nova.api.openstack.auth:NoAuthMiddleware.factory - -[filter:ratelimit] -paste.filter_factory = nova.api.openstack.compute.limits:RateLimitingMiddleware.factory - -[filter:sizelimit] -paste.filter_factory = nova.api.sizelimit:RequestBodySizeLimiter.factory - -[app:osapi_compute_app_v2] -paste.app_factory = nova.api.openstack.compute:APIRouter.factory - -[pipeline:oscomputeversions] -pipeline = faultwrap oscomputeversionapp - -[app:oscomputeversionapp] -paste.app_factory = nova.api.openstack.compute.versions:Versions.factory - -########## -# Shared # -########## - -[filter:keystonecontext] -paste.filter_factory = nova.api.auth:NovaKeystoneContext.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory -# Workaround for https://bugs.launchpad.net/nova/+bug/1154809 -auth_version = v2.0 diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/nova/logging.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/nova/logging.conf deleted file mode 100644 index d8e0f98..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/nova/logging.conf +++ /dev/null @@ -1,21 +0,0 @@ -[loggers] -keys = root - -[handlers] -keys = syslog - -[formatters] -keys = default - -[logger_root] -level = DEBUG -handlers = syslog -qualname = nova - -[handler_syslog] -class = handlers.SysLogHandler -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL0) -formatter = default - -[formatter_default] -format = nova %(name)s %(levelname)s %(message)s diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/nova/nova.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/nova/nova.conf deleted file mode 100644 index 8a295fb..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/nova/nova.conf +++ /dev/null @@ -1,76 +0,0 @@ -[DEFAULT] -logdir = /var/log/nova -state_path = /var/lib/nova -lock_path = /var/lib/nova/tmp -volumes_dir = /etc/nova/volumes -dhcpbridge = /usr/bin/nova-dhcpbridge -dhcpbridge_flagfile = /etc/nova/nova.conf -force_dhcp_release = true -injected_network_template = /usr/share/nova/interfaces.template -libvirt_nonblocking = True -libvirt_inject_partition = -1 -network_manager = nova.network.manager.VlanManager -iscsi_helper = tgtadm -sql_connection = mysql://nova:jMsyf1wU@192.168.0.7/nova -compute_driver = libvirt.LibvirtDriver -firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver -rpc_backend = nova.rpc.impl_kombu -rootwrap_config = /etc/nova/rootwrap.conf -debug=true -rabbit_hosts=192.168.0.7:5672 -quota_volumes=100 -osapi_compute_listen=192.168.0.2 -ec2_listen=192.168.0.2 -quota_max_injected_file_content_bytes=102400 -glance_api_servers=240.0.1.7:9292 -novncproxy_host=240.0.1.7 -rabbit_userid=nova -rabbit_ha_queues=True -rabbit_password=zrk9MfKV -verbose=true -auto_assign_floating_ip=True -logging_default_format_string=%(levelname)s %(name)s [-] %(instance)s %(message)s -quota_cores=100 -logging_context_format_string=%(levelname)s %(name)s [%(request_id)s %(user_id)s %(project_id)s] %(instance)s %(message)s -enabled_apis=ec2,osapi_compute -rabbit_virtual_host=/ -image_service=nova.image.glance.GlanceImageService -volume_api_class=nova.volume.cinder.API -use_cow_images=true -quota_max_injected_files=50 -novncproxy_port=6080 -log_config=/etc/nova/logging.conf -rabbit_port=5672 -vlan_start=103 -compute_scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler -quota_max_injected_file_path_bytes=4096 -api_paste_config=/etc/nova/api-paste.ini -quota_floating_ips=100 -multi_host=True -public_interface=eth0.100 -start_guests_on_host_boot=true -service_down_time=60 -syslog_log_facility=LOCAL0 -quota_gigabytes=1000 -quota_instances=100 -osapi_volume_listen=192.168.0.2 -metadata_listen=192.168.0.2 -auth_strategy=keystone -quota_metadata_items=1024 -fixed_range=10.0.0.0/24 -use_syslog=True -dhcp_domain=novalocal -allow_resize_to_same_host=True -vlan_interface=eth0 -memcached_servers=controller-15:11211,controller-14:11211,controller-13:11211 - -[keystone_authtoken] -admin_tenant_name = services -admin_user = nova -admin_password = Zc1VlBC9 -auth_host = 192.168.0.7 -auth_port = 35357 -auth_protocol = http -signing_dir = /tmp/keystone-signing-nova -signing_dirname=/tmp/keystone-signing-nova - diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/nova/policy.json b/config_samples/fuel_web/golden_fuelweb/cnt1/nova/policy.json deleted file mode 100644 index 5a6800f..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/nova/policy.json +++ /dev/null @@ -1,161 +0,0 @@ -{ - "context_is_admin": "role:admin", - "admin_or_owner": "is_admin:True or project_id:%(project_id)s", - "default": "rule:admin_or_owner", - - - "compute:create": "", - "compute:create:attach_network": "", - "compute:create:attach_volume": "", - "compute:create:forced_host": "is_admin:True", - "compute:get_all": "", - "compute:get_all_tenants": "", - - - "admin_api": "is_admin:True", - "compute_extension:accounts": "rule:admin_api", - "compute_extension:admin_actions": "rule:admin_api", - "compute_extension:admin_actions:pause": "rule:admin_or_owner", - "compute_extension:admin_actions:unpause": "rule:admin_or_owner", - "compute_extension:admin_actions:suspend": "rule:admin_or_owner", - "compute_extension:admin_actions:resume": "rule:admin_or_owner", - "compute_extension:admin_actions:lock": "rule:admin_api", - "compute_extension:admin_actions:unlock": "rule:admin_api", - "compute_extension:admin_actions:resetNetwork": "rule:admin_api", - "compute_extension:admin_actions:injectNetworkInfo": "rule:admin_api", - "compute_extension:admin_actions:createBackup": "rule:admin_or_owner", - "compute_extension:admin_actions:migrateLive": "rule:admin_api", - "compute_extension:admin_actions:resetState": "rule:admin_api", - "compute_extension:admin_actions:migrate": "rule:admin_api", - "compute_extension:aggregates": "rule:admin_api", - "compute_extension:agents": "rule:admin_api", - "compute_extension:attach_interfaces": "", - "compute_extension:baremetal_nodes": "rule:admin_api", - "compute_extension:cells": "rule:admin_api", - "compute_extension:certificates": "", - "compute_extension:cloudpipe": "rule:admin_api", - "compute_extension:cloudpipe_update": "rule:admin_api", - "compute_extension:console_output": "", - "compute_extension:consoles": "", - "compute_extension:coverage_ext": "rule:admin_api", - "compute_extension:createserverext": "", - "compute_extension:deferred_delete": "", - "compute_extension:disk_config": "", - "compute_extension:evacuate": "rule:admin_api", - "compute_extension:extended_server_attributes": "rule:admin_api", - "compute_extension:extended_status": "", - "compute_extension:extended_availability_zone": "", - "compute_extension:extended_ips": "", - "compute_extension:fixed_ips": "rule:admin_api", - "compute_extension:flavor_access": "", - "compute_extension:flavor_disabled": "", - "compute_extension:flavor_rxtx": "", - "compute_extension:flavor_swap": "", - "compute_extension:flavorextradata": "", - "compute_extension:flavorextraspecs:index": "", - "compute_extension:flavorextraspecs:show": "", - "compute_extension:flavorextraspecs:create": "rule:admin_api", - "compute_extension:flavorextraspecs:update": "rule:admin_api", - "compute_extension:flavorextraspecs:delete": "rule:admin_api", - "compute_extension:flavormanage": "rule:admin_api", - "compute_extension:floating_ip_dns": "", - "compute_extension:floating_ip_pools": "", - "compute_extension:floating_ips": "", - "compute_extension:floating_ips_bulk": "rule:admin_api", - "compute_extension:fping": "", - "compute_extension:fping:all_tenants": "rule:admin_api", - "compute_extension:hide_server_addresses": "is_admin:False", - "compute_extension:hosts": "rule:admin_api", - "compute_extension:hypervisors": "rule:admin_api", - "compute_extension:image_size": "", - "compute_extension:instance_actions": "", - "compute_extension:instance_actions:events": "rule:admin_api", - "compute_extension:instance_usage_audit_log": "rule:admin_api", - "compute_extension:keypairs": "", - "compute_extension:multinic": "", - "compute_extension:networks": "rule:admin_api", - "compute_extension:networks:view": "", - "compute_extension:networks_associate": "rule:admin_api", - "compute_extension:quotas:show": "", - "compute_extension:quotas:update": "rule:admin_api", - "compute_extension:quota_classes": "", - "compute_extension:rescue": "", - "compute_extension:security_group_default_rules": "rule:admin_api", - "compute_extension:security_groups": "", - "compute_extension:server_diagnostics": "rule:admin_api", - "compute_extension:server_password": "", - "compute_extension:services": "rule:admin_api", - "compute_extension:simple_tenant_usage:show": "rule:admin_or_owner", - "compute_extension:simple_tenant_usage:list": "rule:admin_api", - "compute_extension:users": "rule:admin_api", - "compute_extension:virtual_interfaces": "", - "compute_extension:virtual_storage_arrays": "", - "compute_extension:volumes": "", - "compute_extension:volume_attachments:index": "", - "compute_extension:volume_attachments:show": "", - "compute_extension:volume_attachments:create": "", - "compute_extension:volume_attachments:delete": "", - "compute_extension:volumetypes": "", - "compute_extension:availability_zone:list": "", - "compute_extension:availability_zone:detail": "rule:admin_api", - - - "volume:create": "", - "volume:get_all": "", - "volume:get_volume_metadata": "", - "volume:get_snapshot": "", - "volume:get_all_snapshots": "", - - - "volume_extension:types_manage": "rule:admin_api", - "volume_extension:types_extra_specs": "rule:admin_api", - "volume_extension:volume_admin_actions:reset_status": "rule:admin_api", - "volume_extension:snapshot_admin_actions:reset_status": "rule:admin_api", - "volume_extension:volume_admin_actions:force_delete": "rule:admin_api", - - - "network:get_all": "", - "network:get": "", - "network:create": "", - "network:delete": "", - "network:associate": "", - "network:disassociate": "", - "network:get_vifs_by_instance": "", - "network:allocate_for_instance": "", - "network:deallocate_for_instance": "", - "network:validate_networks": "", - "network:get_instance_uuids_by_ip_filter": "", - "network:get_instance_id_by_floating_address": "", - "network:setup_networks_on_host": "", - "network:get_backdoor_port": "", - - "network:get_floating_ip": "", - "network:get_floating_ip_pools": "", - "network:get_floating_ip_by_address": "", - "network:get_floating_ips_by_project": "", - "network:get_floating_ips_by_fixed_address": "", - "network:allocate_floating_ip": "", - "network:deallocate_floating_ip": "", - "network:associate_floating_ip": "", - "network:disassociate_floating_ip": "", - "network:release_floating_ip": "", - "network:migrate_instance_start": "", - "network:migrate_instance_finish": "", - - "network:get_fixed_ip": "", - "network:get_fixed_ip_by_address": "", - "network:add_fixed_ip_to_instance": "", - "network:remove_fixed_ip_from_instance": "", - "network:add_network_to_project": "", - "network:get_instance_nw_info": "", - - "network:get_dns_domains": "", - "network:add_dns_entry": "", - "network:modify_dns_entry": "", - "network:delete_dns_entry": "", - "network:get_dns_entries_by_address": "", - "network:get_dns_entries_by_name": "", - "network:create_private_dns_domain": "", - "network:create_public_dns_domain": "", - "network:delete_dns_domain": "" -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/nova/release b/config_samples/fuel_web/golden_fuelweb/cnt1/nova/release deleted file mode 100644 index 898c2a3..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/nova/release +++ /dev/null @@ -1,4 +0,0 @@ -[Nova] -vendor = Red Hat Inc. -product = OpenStack Nova -package = mira.2 diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/nova/rootwrap.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/nova/rootwrap.conf deleted file mode 100644 index fb2997a..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/nova/rootwrap.conf +++ /dev/null @@ -1,27 +0,0 @@ -# Configuration for nova-rootwrap -# This file should be owned by (and only-writeable by) the root user - -[DEFAULT] -# List of directories to load filter definitions from (separated by ','). -# These directories MUST all be only writeable by root ! -filters_path=/etc/nova/rootwrap.d,/usr/share/nova/rootwrap - -# List of directories to search executables in, in case filters do not -# explicitely specify a full path (separated by ',') -# If not specified, defaults to system PATH environment variable. -# These directories MUST all be only writeable by root ! -exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin - -# Enable logging to syslog -# Default value is False -use_syslog=False - -# Which syslog facility to use. -# Valid values include auth, authpriv, syslog, user0, user1... -# Default value is 'syslog' -syslog_log_facility=syslog - -# Which messages to log. -# INFO means log all usage -# ERROR means only log unsuccessful attempts -syslog_log_level=ERROR diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/openstack-dashboard/local_settings b/config_samples/fuel_web/golden_fuelweb/cnt1/openstack-dashboard/local_settings deleted file mode 100644 index a63b74b..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/openstack-dashboard/local_settings +++ /dev/null @@ -1,146 +0,0 @@ -import os - -from django.utils.translation import ugettext_lazy as _ - -DEBUG = False -TEMPLATE_DEBUG = DEBUG - - - -# Specify a regular expression to validate user passwords. -# HORIZON_CONFIG = { -# "password_validator": { -# "regex": '.*', -# "help_text": _("Your password does not meet the requirements.") -# } -# } - -LOCAL_PATH = os.path.dirname(os.path.abspath(__file__)) - -# Note: You should change this value -SECRET_KEY = 'dummy_secret_key' - -# We recommend you use memcached for development; otherwise after every reload -# of the django development server, you will have to login again. To use -# memcached set CACHE_BACKED to something like 'memcached://127.0.0.1:11211/' -CACHE_BACKEND = 'memcached://controller-15:11211;controller-14:11211;controller-13:11211/' - -# Send email to the console by default -EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' -# Or send them to /dev/null -#EMAIL_BACKEND = 'django.core.mail.backends.dummy.EmailBackend' - -# Configure these for your outgoing email host -# EMAIL_HOST = 'smtp.my-company.com' -# EMAIL_PORT = 25 -# EMAIL_HOST_USER = 'djangomail' -# EMAIL_HOST_PASSWORD = 'top-secret!' - -# For multiple regions uncomment this configuration, and add (endpoint, title). -# AVAILABLE_REGIONS = [ -# ('http://cluster1.example.com:5000/v2.0', 'cluster1'), -# ('http://cluster2.example.com:5000/v2.0', 'cluster2'), -# ] - -OPENSTACK_HOST = "192.168.0.7" -OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0" % OPENSTACK_HOST -OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member" - -# Disable SSL certificate checks (useful for self-signed certificates): -OPENSTACK_SSL_NO_VERIFY = True - -# The OPENSTACK_KEYSTONE_BACKEND settings can be used to identify the -# capabilities of the auth backend for Keystone. -# If Keystone has been configured to use LDAP as the auth backend then set -# can_edit_user to False and name to 'ldap'. -# -# TODO(tres): Remove these once Keystone has an API to identify auth backend. -OPENSTACK_KEYSTONE_BACKEND = { - 'name': 'native', - 'can_edit_user': True -} - -OPENSTACK_HYPERVISOR_FEATURES = { - 'can_set_mount_point': True -} - -# OPENSTACK_ENDPOINT_TYPE specifies the endpoint type to use for the endpoints -# in the Keystone service catalog. Use this setting when Horizon is running -# external to the OpenStack environment. The default is 'internalURL'. -#OPENSTACK_ENDPOINT_TYPE = "publicURL" - -# Include the SWIFT interface extension in Horizon -SWIFT_ENABLED = True -SWIFT_PAGINATE_LIMIT = 100 - -# The number of Swift containers and objects to display on a single page before -# providing a paging element (a "more" link) to paginate results. -API_RESULT_LIMIT = 1000 -API_RESULT_PAGE_SIZE = 20 - - -# If you have external monitoring links, eg: -EXTERNAL_MONITORING = [ ] -LOGGING = { - 'version': 1, - # When set to True this will disable all logging except - # for loggers specified in this configuration dictionary. Note that - # if nothing is specified here and disable_existing_loggers is True, - # django.db.backends will still log unless it is disabled explicitly. - 'disable_existing_loggers': False, - 'handlers': { - 'null': { - 'level': 'DEBUG', - 'class': 'django.utils.log.NullHandler', - }, - 'console': { - # Set the level to "DEBUG" for verbose output logging. - 'level': 'INFO', - 'class': 'logging.StreamHandler', - }, - 'file': { - 'level': 'DEBUG', - 'class': 'logging.FileHandler', - 'filename': '/var/log/horizon/horizon.log' - }, - }, - 'loggers': { - # Logging from django.db.backends is VERY verbose, send to null - # by default. - 'django.db.backends': { - 'handlers': ['null'], - 'propagate': False, - }, - 'horizon': { - 'handlers': ['file'], - 'propagate': False, - }, - 'openstack_dashboard': { - 'handlers': ['file'], - 'propagate': False, - }, - 'novaclient': { - 'handlers': ['file'], - 'propagate': False, - }, - 'glanceclient': { - 'handlers': ['file'], - 'propagate': False, - }, - 'keystoneclient': { - 'handlers': ['file'], - 'propagate': False, - }, - 'nose.plugins.manager': { - 'handlers': ['file'], - 'propagate': False, - } - } -} -LOGIN_URL='/dashboard/auth/login/' -LOGIN_REDIRECT_URL='/dashboard' - -# The Ubuntu package includes pre-compressed JS and compiled CSS to allow -# offline compression by default. To enable online compression, install -# the node-less package and enable the following option. -COMPRESS_OFFLINE = False diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/rabbitmq/rabbitmq-env.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/rabbitmq/rabbitmq-env.conf deleted file mode 100644 index 2377bb6..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/rabbitmq/rabbitmq-env.conf +++ /dev/null @@ -1,6 +0,0 @@ -RABBITMQ_NODE_PORT=5673 -RABBITMQ_NODE_IP_ADDRESS=192.168.0.2 -RABBITMQ_SERVER_ERL_ARGS="+K true +A30 +P 1048576 \ --kernel inet_default_connect_options [{nodelay,true}] \ --kernel inet_dist_listen_min 41055 \ --kernel inet_dist_listen_max 41055" diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/rabbitmq/rabbitmq.config b/config_samples/fuel_web/golden_fuelweb/cnt1/rabbitmq/rabbitmq.config deleted file mode 100644 index b0965b2..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/rabbitmq/rabbitmq.config +++ /dev/null @@ -1,6 +0,0 @@ -% This file managed by Puppet 2.7.19 -% Template Path: rabbitmq/templates/rabbitmq.config -[ - {rabbit, [{cluster_nodes, ['rabbit@controller-15', 'rabbit@controller-14', 'rabbit@controller-13']}]} - ]. -% EOF diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/account-server.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/swift/account-server.conf deleted file mode 100644 index ad3cc32..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/account-server.conf +++ /dev/null @@ -1,22 +0,0 @@ -[DEFAULT] -devices = /srv/node -bind_ip = 172.16.0.2 -bind_port = 6002 -mount_check = false -user = swift -log_facility = LOG_LOCAL2 -workers = 1 - -[pipeline:main] -pipeline = account-server - -[app:account-server] -use = egg:swift#account - -[account-replicator] -concurrency = 1 - -[account-auditor] - -[account-reaper] -concurrency = 1 diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/account.builder b/config_samples/fuel_web/golden_fuelweb/cnt1/swift/account.builder deleted file mode 100644 index 4da476d..0000000 Binary files a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/account.builder and /dev/null differ diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/account.ring.gz b/config_samples/fuel_web/golden_fuelweb/cnt1/swift/account.ring.gz deleted file mode 100644 index 69cad1b..0000000 Binary files a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/account.ring.gz and /dev/null differ diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379338749.container.builder b/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379338749.container.builder deleted file mode 100644 index 07fea61..0000000 Binary files a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379338749.container.builder and /dev/null differ diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379338750.object.builder b/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379338750.object.builder deleted file mode 100644 index 07fea61..0000000 Binary files a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379338750.object.builder and /dev/null differ diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379338804.account.builder b/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379338804.account.builder deleted file mode 100644 index 07fea61..0000000 Binary files a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379338804.account.builder and /dev/null differ diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379339140.container.builder b/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379339140.container.builder deleted file mode 100644 index ac9ed78..0000000 Binary files a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379339140.container.builder and /dev/null differ diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379339140.container.ring.gz b/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379339140.container.ring.gz deleted file mode 100644 index 7b3425c..0000000 Binary files a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379339140.container.ring.gz and /dev/null differ diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379339320.account.builder b/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379339320.account.builder deleted file mode 100644 index 1a678d9..0000000 Binary files a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379339320.account.builder and /dev/null differ diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379339320.account.ring.gz b/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379339320.account.ring.gz deleted file mode 100644 index a8acbef..0000000 Binary files a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379339320.account.ring.gz and /dev/null differ diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379339498.object.builder b/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379339498.object.builder deleted file mode 100644 index 2339f63..0000000 Binary files a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379339498.object.builder and /dev/null differ diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379339498.object.ring.gz b/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379339498.object.ring.gz deleted file mode 100644 index b8077ce..0000000 Binary files a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/backups/1379339498.object.ring.gz and /dev/null differ diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/container-server.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/swift/container-server.conf deleted file mode 100644 index a3a784b..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/container-server.conf +++ /dev/null @@ -1,24 +0,0 @@ -[DEFAULT] -devices = /srv/node -bind_ip = 172.16.0.2 -bind_port = 6001 -mount_check = false -user = swift -log_facility = LOG_LOCAL2 -workers = 1 - -[pipeline:main] -pipeline = container-server - -[app:container-server] -use = egg:swift#container - -[container-replicator] -concurrency = 1 - -[container-updater] -concurrency = 1 - -[container-auditor] - -[container-sync] diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/container-server.conf.rpmnew b/config_samples/fuel_web/golden_fuelweb/cnt1/swift/container-server.conf.rpmnew deleted file mode 100644 index ac96702..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/container-server.conf.rpmnew +++ /dev/null @@ -1,18 +0,0 @@ -[DEFAULT] -bind_ip = 127.0.0.1 -bind_port = 6001 -workers = 2 - -[pipeline:main] -pipeline = container-server - -[app:container-server] -use = egg:swift#container - -[container-replicator] - -[container-updater] - -[container-auditor] - -[container-sync] diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/container.builder b/config_samples/fuel_web/golden_fuelweb/cnt1/swift/container.builder deleted file mode 100644 index b251424..0000000 Binary files a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/container.builder and /dev/null differ diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/container.ring.gz b/config_samples/fuel_web/golden_fuelweb/cnt1/swift/container.ring.gz deleted file mode 100644 index bb0dd6a..0000000 Binary files a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/container.ring.gz and /dev/null differ diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/object-expirer.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/swift/object-expirer.conf deleted file mode 100644 index b75963c..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/object-expirer.conf +++ /dev/null @@ -1,17 +0,0 @@ -[DEFAULT] - -[object-expirer] -# auto_create_account_prefix = . - -[pipeline:main] -pipeline = catch_errors cache proxy-server - -[app:proxy-server] -use = egg:swift#proxy - -[filter:cache] -use = egg:swift#memcache -memcache_servers = 127.0.0.1:11211 - -[filter:catch_errors] -use = egg:swift#catch_errors diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/object-server.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/swift/object-server.conf deleted file mode 100644 index 08822c5..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/object-server.conf +++ /dev/null @@ -1,22 +0,0 @@ -[DEFAULT] -devices = /srv/node -bind_ip = 172.16.0.2 -bind_port = 6000 -mount_check = false -user = swift -log_facility = LOG_LOCAL2 -workers = 1 - -[pipeline:main] -pipeline = object-server - -[app:object-server] -use = egg:swift#object - -[object-replicator] -concurrency = 1 - -[object-updater] -concurrency = 1 - -[object-auditor] diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/object.builder b/config_samples/fuel_web/golden_fuelweb/cnt1/swift/object.builder deleted file mode 100644 index f057dd1..0000000 Binary files a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/object.builder and /dev/null differ diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/object.ring.gz b/config_samples/fuel_web/golden_fuelweb/cnt1/swift/object.ring.gz deleted file mode 100644 index 170d798..0000000 Binary files a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/object.ring.gz and /dev/null differ diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/proxy-server.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/swift/proxy-server.conf deleted file mode 100644 index f936a79..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/proxy-server.conf +++ /dev/null @@ -1,65 +0,0 @@ -# This file is managed by puppet. Do not edit -# -[DEFAULT] -bind_ip = 192.168.0.2 -bind_port = 8080 -workers = 1 -user = swift - -[pipeline:main] -pipeline = catch_errors healthcheck cache ratelimit swift3 s3token authtoken keystone proxy-server - -[app:proxy-server] -use = egg:swift#proxy -allow_account_management = true -account_autocreate = true - -[filter:cache] -use = egg:swift#memcache -memcache_servers = controller-13:11211,controller-14:11211,controller-15:11211 -[filter:catch_errors] -use = egg:swift#catch_errors - - -[filter:healthcheck] -use = egg:swift#healthcheck - -[filter:ratelimit] -use = egg:swift#ratelimit -clock_accuracy = 1000 -max_sleep_time_seconds = 60 -log_sleep_time_seconds = 0 -rate_buffer_seconds = 5 -account_ratelimit = 0 - -[filter:swift3] -use = egg:swift3#swift3 - -[filter:s3token] -paste.filter_factory = keystone.middleware.s3_token:filter_factory -auth_port = 35357 -auth_protocol = http -auth_host = 192.168.0.7 - -[filter:keystone] -use = egg:swift#keystoneauth -operator_roles = admin, SwiftOperator -is_admin = true -cache = swift.cache - - -# -# used to specify connection information to keystone -# -[filter:authtoken] -paste.filter_factory = keystone.middleware.auth_token:filter_factory -auth_host = 192.168.0.7 -auth_port = 35357 -auth_protocol = http -auth_uri = http://192.168.0.7:35357 -# if its defined -admin_tenant_name = services -admin_user = swift -admin_password = 0moSL8AJ -delay_auth_decision = 0 -signing_dir = /etc/swift diff --git a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/swift.conf b/config_samples/fuel_web/golden_fuelweb/cnt1/swift/swift.conf deleted file mode 100644 index acb7d1b..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt1/swift/swift.conf +++ /dev/null @@ -1,2 +0,0 @@ -[swift-hash] -swift_hash_path_suffix = swift_secret diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/cinder/api-paste.ini b/config_samples/fuel_web/golden_fuelweb/cnt2/cinder/api-paste.ini deleted file mode 100644 index 5bfd738..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/cinder/api-paste.ini +++ /dev/null @@ -1,52 +0,0 @@ -############# -# OpenStack # -############# - -[composite:osapi_volume] -use = call:cinder.api:root_app_factory -/: apiversions -/v1: openstack_volume_api_v1 -/v2: openstack_volume_api_v2 - -[composite:openstack_volume_api_v1] -use = call:cinder.api.middleware.auth:pipeline_factory -noauth = faultwrap sizelimit noauth apiv1 -keystone = faultwrap sizelimit authtoken keystonecontext apiv1 -keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv1 - -[composite:openstack_volume_api_v2] -use = call:cinder.api.middleware.auth:pipeline_factory -noauth = faultwrap sizelimit noauth apiv2 -keystone = faultwrap sizelimit authtoken keystonecontext apiv2 -keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv2 - -[filter:faultwrap] -paste.filter_factory = cinder.api.middleware.fault:FaultWrapper.factory - -[filter:noauth] -paste.filter_factory = cinder.api.middleware.auth:NoAuthMiddleware.factory - -[filter:sizelimit] -paste.filter_factory = cinder.api.middleware.sizelimit:RequestBodySizeLimiter.factory - -[app:apiv1] -paste.app_factory = cinder.api.v1.router:APIRouter.factory - -[app:apiv2] -paste.app_factory = cinder.api.v2.router:APIRouter.factory - -[pipeline:apiversions] -pipeline = faultwrap osvolumeversionapp - -[app:osvolumeversionapp] -paste.app_factory = cinder.api.versions:Versions.factory - -########## -# Shared # -########## - -[filter:keystonecontext] -paste.filter_factory = cinder.api.middleware.auth:CinderKeystoneContext.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/cinder/cinder.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/cinder/cinder.conf deleted file mode 100644 index 3cc971f..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/cinder/cinder.conf +++ /dev/null @@ -1,31 +0,0 @@ -[DEFAULT] -logdir = /var/log/cinder -state_path = /var/lib/cinder -lock_path = /var/lib/cinder/tmp -volumes_dir = /etc/cinder/volumes -iscsi_helper = tgtadm -sql_connection = mysql://cinder:aJJbMNpG@192.168.0.7/cinder?charset=utf8 -rpc_backend = cinder.openstack.common.rpc.impl_kombu -rootwrap_config = /etc/cinder/rootwrap.conf -api_paste_config=/etc/cinder/api-paste.ini -log_config=/etc/cinder/logging.conf -rabbit_userid=nova -bind_host=192.168.0.3 -auth_strategy=keystone -osapi_volume_listen=192.168.0.3 -rabbit_virtual_host=/ -rabbit_hosts=192.168.0.7:5672 -verbose=true -rabbit_ha_queues=True -rabbit_password=zrk9MfKV -rabbit_port=5672 - -[keystone_authtoken] -admin_tenant_name = services -admin_user = cinder -admin_password = LCBarOJB -auth_host = 192.168.0.7 -auth_port = 35357 -auth_protocol = http -signing_dirname = /tmp/keystone-signing-cinder -signing_dir=/tmp/keystone-signing-cinder diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/cinder/logging.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/cinder/logging.conf deleted file mode 100644 index f2104c1..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/cinder/logging.conf +++ /dev/null @@ -1,21 +0,0 @@ -[loggers] -keys = root - -[handlers] -keys = syslog - -[formatters] -keys = default - -[logger_root] -level = DEBUG -handlers = syslog -qualname = cinder - -[handler_syslog] -class = handlers.SysLogHandler -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL3) -formatter = default - -[formatter_default] -format = cinder %(name)s %(levelname)s %(message)s diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/cinder/policy.json b/config_samples/fuel_web/golden_fuelweb/cnt2/cinder/policy.json deleted file mode 100644 index a4fd911..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/cinder/policy.json +++ /dev/null @@ -1,34 +0,0 @@ -{ - "context_is_admin": [["role:admin"]], - "admin_or_owner": [["is_admin:True"], ["project_id:%(project_id)s"]], - "default": [["rule:admin_or_owner"]], - - "admin_api": [["is_admin:True"]], - - "volume:create": [], - "volume:get_all": [], - "volume:get_volume_metadata": [], - "volume:get_snapshot": [], - "volume:get_all_snapshots": [], - - "volume_extension:types_manage": [["rule:admin_api"]], - "volume_extension:types_extra_specs": [["rule:admin_api"]], - "volume_extension:extended_snapshot_attributes": [], - "volume_extension:volume_image_metadata": [], - - "volume_extension:quotas:show": [], - "volume_extension:quotas:update_for_project": [["rule:admin_api"]], - "volume_extension:quotas:update_for_user": [["rule:admin_or_projectadmin"]], - "volume_extension:quota_classes": [], - - "volume_extension:volume_admin_actions:reset_status": [["rule:admin_api"]], - "volume_extension:snapshot_admin_actions:reset_status": [["rule:admin_api"]], - "volume_extension:volume_admin_actions:force_delete": [["rule:admin_api"]], - "volume_extension:snapshot_admin_actions:force_delete": [["rule:admin_api"]], - - "volume_extension:volume_host_attribute": [["rule:admin_api"]], - "volume_extension:volume_tenant_attribute": [["rule:admin_api"]], - "volume_extension:hosts": [["rule:admin_api"]], - "volume_extension:services": [["rule:admin_api"]], - "volume:services": [["rule:admin_api"]] -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/cinder/rootwrap.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/cinder/rootwrap.conf deleted file mode 100644 index dfa8a99..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/cinder/rootwrap.conf +++ /dev/null @@ -1,27 +0,0 @@ -# Configuration for cinder-rootwrap -# This file should be owned by (and only-writeable by) the root user - -[DEFAULT] -# List of directories to load filter definitions from (separated by ','). -# These directories MUST all be only writeable by root ! -filters_path=/etc/cinder/rootwrap.d,/usr/share/cinder/rootwrap - -# List of directories to search executables in, in case filters do not -# explicitely specify a full path (separated by ',') -# If not specified, defaults to system PATH environment variable. -# These directories MUST all be only writeable by root ! -exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin - -# Enable logging to syslog -# Default value is False -use_syslog=False - -# Which syslog facility to use. -# Valid values include auth, authpriv, syslog, user0, user1... -# Default value is 'syslog' -syslog_log_facility=syslog - -# Which messages to log. -# INFO means log all usage -# ERROR means only log unsuccessful attempts -syslog_log_level=ERROR diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/glance/glance-api-paste.ini b/config_samples/fuel_web/golden_fuelweb/cnt2/glance/glance-api-paste.ini deleted file mode 100644 index 0b29bc9..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/glance/glance-api-paste.ini +++ /dev/null @@ -1,57 +0,0 @@ -# Use this pipeline for no auth or image caching - DEFAULT -[pipeline:glance-api] -pipeline = versionnegotiation unauthenticated-context rootapp - -# Use this pipeline for image caching and no auth -[pipeline:glance-api-caching] -pipeline = versionnegotiation unauthenticated-context cache rootapp - -# Use this pipeline for caching w/ management interface but no auth -[pipeline:glance-api-cachemanagement] -pipeline = versionnegotiation unauthenticated-context cache cachemanage rootapp - -# Use this pipeline for keystone auth -[pipeline:glance-api-keystone] -pipeline = versionnegotiation authtoken context rootapp - -# Use this pipeline for keystone auth with image caching -[pipeline:glance-api-keystone+caching] -pipeline = versionnegotiation authtoken context cache rootapp - -# Use this pipeline for keystone auth with caching and cache management -[pipeline:glance-api-keystone+cachemanagement] -pipeline = versionnegotiation authtoken context cache cachemanage rootapp - -[composite:rootapp] -paste.composite_factory = glance.api:root_app_factory -/: apiversions -/v1: apiv1app -/v2: apiv2app - -[app:apiversions] -paste.app_factory = glance.api.versions:create_resource - -[app:apiv1app] -paste.app_factory = glance.api.v1.router:API.factory - -[app:apiv2app] -paste.app_factory = glance.api.v2.router:API.factory - -[filter:versionnegotiation] -paste.filter_factory = glance.api.middleware.version_negotiation:VersionNegotiationFilter.factory - -[filter:cache] -paste.filter_factory = glance.api.middleware.cache:CacheFilter.factory - -[filter:cachemanage] -paste.filter_factory = glance.api.middleware.cache_manage:CacheManageFilter.factory - -[filter:context] -paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory - -[filter:unauthenticated-context] -paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory -delay_auth_decision = true diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/glance/glance-api.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/glance/glance-api.conf deleted file mode 100644 index 504df48..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/glance/glance-api.conf +++ /dev/null @@ -1,364 +0,0 @@ -[DEFAULT] -# Show more verbose log output (sets INFO log level output) -#verbose = False -verbose = true - -# Show debugging output in logs (sets DEBUG log level output) -#debug = False -debug = true - -# Which backend scheme should Glance use by default is not specified -# in a request to add a new image to Glance? Known schemes are determined -# by the known_stores option below. -# Default: 'file' -default_store = swift - -# List of which store classes and store class locations are -# currently known to glance at startup. -#known_stores = glance.store.filesystem.Store, -# glance.store.http.Store, -# glance.store.rbd.Store, -# glance.store.s3.Store, -# glance.store.swift.Store, - - -# Maximum image size (in bytes) that may be uploaded through the -# Glance API server. Defaults to 1 TB. -# WARNING: this value should only be increased after careful consideration -# and must be set to a value under 8 EB (9223372036854775808). -#image_size_cap = 1099511627776 - -# Address to bind the API server -bind_host = 192.168.0.3 - -# Port the bind the API server to -bind_port = 9292 - -# Log to this file. Make sure you do not set the same log -# file for both the API and registry servers! -log_file = /var/log/glance/api.log - -# Backlog requests when creating socket -backlog = 4096 - -# TCP_KEEPIDLE value in seconds when creating socket. -# Not supported on OS X. -#tcp_keepidle = 600 - -# SQLAlchemy connection string for the reference implementation -# registry server. Any valid SQLAlchemy connection string is fine. -# See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine -sql_connection = mysql://glance:mKJzWqLK@192.168.0.7/glance - -# Period in seconds after which SQLAlchemy should reestablish its connection -# to the database. -# -# MySQL uses a default `wait_timeout` of 8 hours, after which it will drop -# idle connections. This can result in 'MySQL Gone Away' exceptions. If you -# notice this, you can lower this value to ensure that SQLAlchemy reconnects -# before MySQL can drop the connection. -sql_idle_timeout = 3600 - -# Number of Glance API worker processes to start. -# On machines with more than one CPU increasing this value -# may improve performance (especially if using SSL with -# compression turned on). It is typically recommended to set -# this value to the number of CPUs present on your machine. -workers = 1 - -# Role used to identify an authenticated user as administrator -#admin_role = admin - -# Allow unauthenticated users to access the API with read-only -# privileges. This only applies when using ContextMiddleware. -#allow_anonymous_access = False - -# Allow access to version 1 of glance api -#enable_v1_api = True - -# Allow access to version 2 of glance api -#enable_v2_api = True - -# Return the URL that references where the data is stored on -# the backend storage system. For example, if using the -# file system store a URL of 'file:///path/to/image' will -# be returned to the user in the 'direct_url' meta-data field. -# The default value is false. -#show_image_direct_url = False - -# ================= Syslog Options ============================ - -# Send logs to syslog (/dev/log) instead of to file specified -# by `log_file` -#use_syslog = False -use_syslog = False - -# Facility to use. If unset defaults to LOG_USER. -#syslog_log_facility = LOG_LOCAL0 - -# ================= SSL Options =============================== - -# Certificate file to use when starting API server securely -#cert_file = /path/to/certfile - -# Private key file to use when starting API server securely -#key_file = /path/to/keyfile - -# CA certificate file to use to verify connecting clients -#ca_file = /path/to/cafile - -# ================= Security Options ========================== - -# AES key for encrypting store 'location' metadata, including -# -- if used -- Swift or S3 credentials -# Should be set to a random string of length 16, 24 or 32 bytes -#metadata_encryption_key = <16, 24 or 32 char registry metadata key> - -# ============ Registry Options =============================== - -# Address to find the registry server -registry_host = 192.168.0.7 - -# Port the registry server is listening on -registry_port = 9191 - -# What protocol to use when connecting to the registry server? -# Set to https for secure HTTP communication -registry_client_protocol = http - -# The path to the key file to use in SSL connections to the -# registry server, if any. Alternately, you may set the -# GLANCE_CLIENT_KEY_FILE environ variable to a filepath of the key file -#registry_client_key_file = /path/to/key/file - -# The path to the cert file to use in SSL connections to the -# registry server, if any. Alternately, you may set the -# GLANCE_CLIENT_CERT_FILE environ variable to a filepath of the cert file -#registry_client_cert_file = /path/to/cert/file - -# The path to the certifying authority cert file to use in SSL connections -# to the registry server, if any. Alternately, you may set the -# GLANCE_CLIENT_CA_FILE environ variable to a filepath of the CA cert file -#registry_client_ca_file = /path/to/ca/file - -# When using SSL in connections to the registry server, do not require -# validation via a certifying authority. This is the registry's equivalent of -# specifying --insecure on the command line using glanceclient for the API -# Default: False -#registry_client_insecure = False - -# The period of time, in seconds, that the API server will wait for a registry -# request to complete. A value of '0' implies no timeout. -# Default: 600 -#registry_client_timeout = 600 - -# Whether to automatically create the database tables. -# Default: False -#db_auto_create = False - -# ============ Notification System Options ===================== - -# Notifications can be sent when images are create, updated or deleted. -# There are three methods of sending notifications, logging (via the -# log_file directive), rabbit (via a rabbitmq queue), qpid (via a Qpid -# message queue), or noop (no notifications sent, the default) -notifier_strategy = noop - -# Configuration options if sending notifications via rabbitmq (these are -# the defaults) -rabbit_host = localhost -rabbit_port = 5672 -rabbit_use_ssl = false -rabbit_userid = guest -rabbit_password = guest -rabbit_virtual_host = / -rabbit_notification_exchange = glance -rabbit_notification_topic = notifications -rabbit_durable_queues = False - -# Configuration options if sending notifications via Qpid (these are -# the defaults) -qpid_notification_exchange = glance -qpid_notification_topic = notifications -qpid_host = localhost -qpid_port = 5672 -qpid_username = -qpid_password = -qpid_sasl_mechanisms = -qpid_reconnect_timeout = 0 -qpid_reconnect_limit = 0 -qpid_reconnect_interval_min = 0 -qpid_reconnect_interval_max = 0 -qpid_reconnect_interval = 0 -qpid_heartbeat = 5 -# Set to 'ssl' to enable SSL -qpid_protocol = tcp -qpid_tcp_nodelay = True - -# ============ Filesystem Store Options ======================== - -# Directory that the Filesystem backend store -# writes image data to -filesystem_store_datadir = /var/lib/glance/images/ - -# ============ Swift Store Options ============================= - -# Version of the authentication service to use -# Valid versions are '2' for keystone and '1' for swauth and rackspace -swift_store_auth_version = 2 - -# Address where the Swift authentication service lives -# Valid schemes are 'http://' and 'https://' -# If no scheme specified, default to 'https://' -# For swauth, use something like '127.0.0.1:8080/v1.0/' -swift_store_auth_address = http://192.168.0.7:5000/v2.0/ - -# User to authenticate against the Swift authentication service -# If you use Swift authentication service, set it to 'account':'user' -# where 'account' is a Swift storage account and 'user' -# is a user in that account -swift_store_user = services:glance - -# Auth key for the user authenticating against the -# Swift authentication service -swift_store_key = Bzlunhw0 - -# Container within the account that the account should use -# for storing images in Swift -swift_store_container = glance - -# Do we create the container if it does not exist? -swift_store_create_container_on_put = True - -# What size, in MB, should Glance start chunking image files -# and do a large object manifest in Swift? By default, this is -# the maximum object size in Swift, which is 5GB -swift_store_large_object_size = 5120 - -# When doing a large object manifest, what size, in MB, should -# Glance write chunks to Swift? This amount of data is written -# to a temporary disk buffer during the process of chunking -# the image file, and the default is 200MB -swift_store_large_object_chunk_size = 200 - -# Whether to use ServiceNET to communicate with the Swift storage servers. -# (If you aren't RACKSPACE, leave this False!) -# -# To use ServiceNET for authentication, prefix hostname of -# `swift_store_auth_address` with 'snet-'. -# Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/ -swift_enable_snet = False - -# If set to True enables multi-tenant storage mode which causes Glance images -# to be stored in tenant specific Swift accounts. -#swift_store_multi_tenant = False - -# A list of swift ACL strings that will be applied as both read and -# write ACLs to the containers created by Glance in multi-tenant -# mode. This grants the specified tenants/users read and write access -# to all newly created image objects. The standard swift ACL string -# formats are allowed, including: -# : -# : -# *: -# Multiple ACLs can be combined using a comma separated list, for -# example: swift_store_admin_tenants = service:glance,*:admin -#swift_store_admin_tenants = - -# The region of the swift endpoint to be used for single tenant. This setting -# is only necessary if the tenant has multiple swift endpoints. -#swift_store_region = - -# ============ S3 Store Options ============================= - -# Address where the S3 authentication service lives -# Valid schemes are 'http://' and 'https://' -# If no scheme specified, default to 'http://' -s3_store_host = 127.0.0.1:8080/v1.0/ - -# User to authenticate against the S3 authentication service -s3_store_access_key = <20-char AWS access key> - -# Auth key for the user authenticating against the -# S3 authentication service -s3_store_secret_key = <40-char AWS secret key> - -# Container within the account that the account should use -# for storing images in S3. Note that S3 has a flat namespace, -# so you need a unique bucket name for your glance images. An -# easy way to do this is append your AWS access key to "glance". -# S3 buckets in AWS *must* be lowercased, so remember to lowercase -# your AWS access key if you use it in your bucket name below! -s3_store_bucket = glance - -# Do we create the bucket if it does not exist? -s3_store_create_bucket_on_put = False - -# When sending images to S3, the data will first be written to a -# temporary buffer on disk. By default the platform's temporary directory -# will be used. If required, an alternative directory can be specified here. -#s3_store_object_buffer_dir = /path/to/dir - -# When forming a bucket url, boto will either set the bucket name as the -# subdomain or as the first token of the path. Amazon's S3 service will -# accept it as the subdomain, but Swift's S3 middleware requires it be -# in the path. Set this to 'path' or 'subdomain' - defaults to 'subdomain'. -#s3_store_bucket_url_format = subdomain - -# ============ RBD Store Options ============================= - -# Ceph configuration file path -# If using cephx authentication, this file should -# include a reference to the right keyring -# in a client. section -rbd_store_ceph_conf = /etc/ceph/ceph.conf - -# RADOS user to authenticate as (only applicable if using cephx) -rbd_store_user = glance - -# RADOS pool in which images are stored -rbd_store_pool = images - -# Images will be chunked into objects of this size (in megabytes). -# For best performance, this should be a power of two -rbd_store_chunk_size = 8 - -# ============ Delayed Delete Options ============================= - -# Turn on/off delayed delete -delayed_delete = False - -# Delayed delete time in seconds -scrub_time = 43200 - -# Directory that the scrubber will use to remind itself of what to delete -# Make sure this is also set in glance-scrubber.conf -scrubber_datadir = /var/lib/glance/scrubber - -# =============== Image Cache Options ============================= - -# Base directory that the Image Cache uses -image_cache_dir = /var/lib/glance/image-cache/ -log_config=/etc/glance/logging.conf - -[keystone_authtoken] -auth_host = 192.168.0.7 -auth_port = 35357 -auth_protocol = http -admin_tenant_name = services -admin_user = glance -admin_password = Bzlunhw0 -signing_dirname=/tmp/keystone-signing-glance -auth_uri=http://192.168.0.7:35357 -signing_dir=/tmp/keystone-signing-glance - -[paste_deploy] -# Name of the paste configuration file that defines the available pipelines -#config_file = glance-api-paste.ini - -# Partial name of a pipeline in your paste configuration file with the -# service name removed. For example, if your paste section name is -# [pipeline:glance-api-keystone], you would configure the flavor below -# as 'keystone'. -#flavor= -flavor=keystone+cachemanagement diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/glance/glance-cache.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/glance/glance-cache.conf deleted file mode 100644 index 5ea89d4..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/glance/glance-cache.conf +++ /dev/null @@ -1,149 +0,0 @@ -[DEFAULT] -# Show more verbose log output (sets INFO log level output) -#verbose = False -verbose = true - -# Show debugging output in logs (sets DEBUG log level output) -#debug = False -debug = true - -log_file = /var/log/glance/image-cache.log - -# Send logs to syslog (/dev/log) instead of to file specified by `log_file` -#use_syslog = False -use_syslog = False - -# Directory that the Image Cache writes data to -image_cache_dir = /var/lib/glance/image-cache/ - -# Number of seconds after which we should consider an incomplete image to be -# stalled and eligible for reaping -image_cache_stall_time = 86400 - -# image_cache_invalid_entry_grace_period - seconds -# -# If an exception is raised as we're writing to the cache, the cache-entry is -# deemed invalid and moved to /invalid so that it can be -# inspected for debugging purposes. -# -# This is number of seconds to leave these invalid images around before they -# are elibible to be reaped. -image_cache_invalid_entry_grace_period = 3600 - -# Max cache size in bytes -image_cache_max_size = 10737418240 - -# Address to find the registry server -registry_host = 192.168.0.7 - -# Port the registry server is listening on -registry_port = 9191 - -# Auth settings if using Keystone -# auth_url = http://127.0.0.1:5000/v2.0/ -auth_url = http://192.168.0.7:35357 -# admin_tenant_name = %SERVICE_TENANT_NAME% -admin_tenant_name = services -# admin_user = %SERVICE_USER% -admin_user = glance -# admin_password = %SERVICE_PASSWORD% -admin_password = Bzlunhw0 - -# List of which store classes and store class locations are -# currently known to glance at startup. -# known_stores = glance.store.filesystem.Store, -# glance.store.http.Store, -# glance.store.rbd.Store, -# glance.store.s3.Store, -# glance.store.swift.Store, - -# ============ Filesystem Store Options ======================== - -# Directory that the Filesystem backend store -# writes image data to -filesystem_store_datadir = /var/lib/glance/images/ - -# ============ Swift Store Options ============================= - -# Version of the authentication service to use -# Valid versions are '2' for keystone and '1' for swauth and rackspace -swift_store_auth_version = 2 - -# Address where the Swift authentication service lives -# Valid schemes are 'http://' and 'https://' -# If no scheme specified, default to 'https://' -# For swauth, use something like '127.0.0.1:8080/v1.0/' -swift_store_auth_address = 127.0.0.1:5000/v2.0/ - -# User to authenticate against the Swift authentication service -# If you use Swift authentication service, set it to 'account':'user' -# where 'account' is a Swift storage account and 'user' -# is a user in that account -swift_store_user = jdoe:jdoe - -# Auth key for the user authenticating against the -# Swift authentication service -swift_store_key = a86850deb2742ec3cb41518e26aa2d89 - -# Container within the account that the account should use -# for storing images in Swift -swift_store_container = glance - -# Do we create the container if it does not exist? -swift_store_create_container_on_put = False - -# What size, in MB, should Glance start chunking image files -# and do a large object manifest in Swift? By default, this is -# the maximum object size in Swift, which is 5GB -swift_store_large_object_size = 5120 - -# When doing a large object manifest, what size, in MB, should -# Glance write chunks to Swift? This amount of data is written -# to a temporary disk buffer during the process of chunking -# the image file, and the default is 200MB -swift_store_large_object_chunk_size = 200 - -# Whether to use ServiceNET to communicate with the Swift storage servers. -# (If you aren't RACKSPACE, leave this False!) -# -# To use ServiceNET for authentication, prefix hostname of -# `swift_store_auth_address` with 'snet-'. -# Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/ -swift_enable_snet = False - -# ============ S3 Store Options ============================= - -# Address where the S3 authentication service lives -# Valid schemes are 'http://' and 'https://' -# If no scheme specified, default to 'http://' -s3_store_host = 127.0.0.1:8080/v1.0/ - -# User to authenticate against the S3 authentication service -s3_store_access_key = <20-char AWS access key> - -# Auth key for the user authenticating against the -# S3 authentication service -s3_store_secret_key = <40-char AWS secret key> - -# Container within the account that the account should use -# for storing images in S3. Note that S3 has a flat namespace, -# so you need a unique bucket name for your glance images. An -# easy way to do this is append your AWS access key to "glance". -# S3 buckets in AWS *must* be lowercased, so remember to lowercase -# your AWS access key if you use it in your bucket name below! -s3_store_bucket = glance - -# Do we create the bucket if it does not exist? -s3_store_create_bucket_on_put = False - -# When sending images to S3, the data will first be written to a -# temporary buffer on disk. By default the platform's temporary directory -# will be used. If required, an alternative directory can be specified here. -# s3_store_object_buffer_dir = /path/to/dir - -# ================= Security Options ========================== - -# AES key for encrypting store 'location' metadata, including -# -- if used -- Swift or S3 credentials -# Should be set to a random string of length 16, 24 or 32 bytes -# metadata_encryption_key = <16, 24 or 32 char registry metadata key> diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/glance/glance-registry-paste.ini b/config_samples/fuel_web/golden_fuelweb/cnt2/glance/glance-registry-paste.ini deleted file mode 100644 index 5519c5c..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/glance/glance-registry-paste.ini +++ /dev/null @@ -1,19 +0,0 @@ -# Use this pipeline for no auth - DEFAULT -[pipeline:glance-registry] -pipeline = unauthenticated-context registryapp - -# Use this pipeline for keystone auth -[pipeline:glance-registry-keystone] -pipeline = authtoken context registryapp - -[app:registryapp] -paste.app_factory = glance.registry.api.v1:API.factory - -[filter:context] -paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory - -[filter:unauthenticated-context] -paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/glance/glance-registry.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/glance/glance-registry.conf deleted file mode 100644 index 79accd8..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/glance/glance-registry.conf +++ /dev/null @@ -1,97 +0,0 @@ -[DEFAULT] -# Show more verbose log output (sets INFO log level output) -#verbose = False -verbose = true - -# Show debugging output in logs (sets DEBUG log level output) -#debug = False -debug = true - -# Address to bind the registry server -bind_host = 192.168.0.3 - -# Port the bind the registry server to -bind_port = 9191 - -# Log to this file. Make sure you do not set the same log -# file for both the API and registry servers! -log_file = /var/log/glance/registry.log - -# Backlog requests when creating socket -backlog = 4096 - -# TCP_KEEPIDLE value in seconds when creating socket. -# Not supported on OS X. -#tcp_keepidle = 600 - -# SQLAlchemy connection string for the reference implementation -# registry server. Any valid SQLAlchemy connection string is fine. -# See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine -sql_connection = mysql://glance:mKJzWqLK@192.168.0.7/glance - -# Period in seconds after which SQLAlchemy should reestablish its connection -# to the database. -# -# MySQL uses a default `wait_timeout` of 8 hours, after which it will drop -# idle connections. This can result in 'MySQL Gone Away' exceptions. If you -# notice this, you can lower this value to ensure that SQLAlchemy reconnects -# before MySQL can drop the connection. -sql_idle_timeout = 3600 - -# Limit the api to return `param_limit_max` items in a call to a container. If -# a larger `limit` query param is provided, it will be reduced to this value. -api_limit_max = 1000 - -# If a `limit` query param is not provided in an api request, it will -# default to `limit_param_default` -limit_param_default = 25 - -# Role used to identify an authenticated user as administrator -#admin_role = admin - -# Whether to automatically create the database tables. -# Default: False -#db_auto_create = False - -# ================= Syslog Options ============================ - -# Send logs to syslog (/dev/log) instead of to file specified -# by `log_file` -#use_syslog = False -use_syslog = False - -# Facility to use. If unset defaults to LOG_USER. -#syslog_log_facility = LOG_LOCAL1 - -# ================= SSL Options =============================== - -# Certificate file to use when starting registry server securely -#cert_file = /path/to/certfile - -# Private key file to use when starting registry server securely -#key_file = /path/to/keyfile - -# CA certificate file to use to verify connecting clients -#ca_file = /path/to/cafile -log_config=/etc/glance/logging.conf - -[keystone_authtoken] -auth_host = 192.168.0.7 -auth_port = 35357 -auth_protocol = http -admin_tenant_name = services -admin_user = glance -admin_password = Bzlunhw0 -signing_dir=/tmp/keystone-signing-glance -signing_dirname=/tmp/keystone-signing-glance - -[paste_deploy] -# Name of the paste configuration file that defines the available pipelines -#config_file = glance-registry-paste.ini - -# Partial name of a pipeline in your paste configuration file with the -# service name removed. For example, if your paste section name is -# [pipeline:glance-registry-keystone], you would configure the flavor below -# as 'keystone'. -#flavor= -flavor=keystone diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/glance/glance-scrubber.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/glance/glance-scrubber.conf deleted file mode 100644 index 9273043..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/glance/glance-scrubber.conf +++ /dev/null @@ -1,40 +0,0 @@ -[DEFAULT] -# Show more verbose log output (sets INFO log level output) -#verbose = False - -# Show debugging output in logs (sets DEBUG log level output) -#debug = False - -# Log to this file. Make sure you do not set the same log -# file for both the API and registry servers! -log_file = /var/log/glance/scrubber.log - -# Send logs to syslog (/dev/log) instead of to file specified by `log_file` -#use_syslog = False - -# Should we run our own loop or rely on cron/scheduler to run us -daemon = False - -# Loop time between checking for new items to schedule for delete -wakeup_time = 300 - -# Directory that the scrubber will use to remind itself of what to delete -# Make sure this is also set in glance-api.conf -scrubber_datadir = /var/lib/glance/scrubber - -# Only one server in your deployment should be designated the cleanup host -cleanup_scrubber = False - -# pending_delete items older than this time are candidates for cleanup -cleanup_scrubber_time = 86400 - -# Address to find the registry server for cleanups -registry_host = 0.0.0.0 - -# Port the registry server is listening on -registry_port = 9191 - -# AES key for encrypting store 'location' metadata, including -# -- if used -- Swift or S3 credentials -# Should be set to a random string of length 16, 24 or 32 bytes -#metadata_encryption_key = <16, 24 or 32 char registry metadata key> diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/glance/logging.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/glance/logging.conf deleted file mode 100644 index 319e40e..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/glance/logging.conf +++ /dev/null @@ -1,21 +0,0 @@ -[loggers] -keys = root - -[handlers] -keys = syslog - -[formatters] -keys = default - -[logger_root] -level = DEBUG -handlers = syslog -qualname = glance - -[handler_syslog] -class = handlers.SysLogHandler -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL2) -formatter = default - -[formatter_default] -format = glance %(name)s %(levelname)s %(message)s diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/glance/policy.json b/config_samples/fuel_web/golden_fuelweb/cnt2/glance/policy.json deleted file mode 100644 index 30ef83c..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/glance/policy.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "default": "", - "manage_image_cache": "role:admin" -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/glance/schema-image.json b/config_samples/fuel_web/golden_fuelweb/cnt2/glance/schema-image.json deleted file mode 100644 index 5aafd6b..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/glance/schema-image.json +++ /dev/null @@ -1,28 +0,0 @@ -{ - "kernel_id": { - "type": "string", - "pattern": "^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$", - "description": "ID of image stored in Glance that should be used as the kernel when booting an AMI-style image." - }, - "ramdisk_id": { - "type": "string", - "pattern": "^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$", - "description": "ID of image stored in Glance that should be used as the ramdisk when booting an AMI-style image." - }, - "instance_uuid": { - "type": "string", - "description": "ID of instance used to create this image." - }, - "architecture": { - "description": "Operating system architecture as specified in http://docs.openstack.org/trunk/openstack-compute/admin/content/adding-images.html", - "type": "string" - }, - "os_distro": { - "description": "Common name of operating system distribution as specified in http://docs.openstack.org/trunk/openstack-compute/admin/content/adding-images.html", - "type": "string" - }, - "os_version": { - "description": "Operating system version as specified by the distributor", - "type": "string" - } -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/keepalived/keepalived.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/keepalived/keepalived.conf deleted file mode 100644 index 5a7af43..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/keepalived/keepalived.conf +++ /dev/null @@ -1,59 +0,0 @@ -# This file is managed by Puppet. DO NOT EDIT. -global_defs { - notification_email { - root@domain.tld - - } - notification_email_from keepalived@domain.tld - smtp_server localhost - smtp_connect_timeout 30 - router_id controller-14 -} - -vrrp_instance 4 { - virtual_router_id 4 - - # for electing MASTER, highest priority wins. - priority 100 - state BACKUP - - interface eth0.100 - - virtual_ipaddress { - 240.0.1.7 label eth0.100:ka - - } - - - - - - - - - -} - -vrrp_instance 5 { - virtual_router_id 5 - - # for electing MASTER, highest priority wins. - priority 100 - state BACKUP - - interface eth0.101 - - virtual_ipaddress { - 192.168.0.7 label eth0.101:ka - - } - - - - - - - - - -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/keystone/default_catalog.templates b/config_samples/fuel_web/golden_fuelweb/cnt2/keystone/default_catalog.templates deleted file mode 100644 index eb1e044..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/keystone/default_catalog.templates +++ /dev/null @@ -1,27 +0,0 @@ -# config for TemplatedCatalog, using camelCase because I don't want to do -# translations for keystone compat -catalog.RegionOne.identity.publicURL = http://localhost:$(public_port)s/v2.0 -catalog.RegionOne.identity.adminURL = http://localhost:$(admin_port)s/v2.0 -catalog.RegionOne.identity.internalURL = http://localhost:$(public_port)s/v2.0 -catalog.RegionOne.identity.name = Identity Service - -# fake compute service for now to help novaclient tests work -catalog.RegionOne.compute.publicURL = http://localhost:$(compute_port)s/v1.1/$(tenant_id)s -catalog.RegionOne.compute.adminURL = http://localhost:$(compute_port)s/v1.1/$(tenant_id)s -catalog.RegionOne.compute.internalURL = http://localhost:$(compute_port)s/v1.1/$(tenant_id)s -catalog.RegionOne.compute.name = Compute Service - -catalog.RegionOne.volume.publicURL = http://localhost:8776/v1/$(tenant_id)s -catalog.RegionOne.volume.adminURL = http://localhost:8776/v1/$(tenant_id)s -catalog.RegionOne.volume.internalURL = http://localhost:8776/v1/$(tenant_id)s -catalog.RegionOne.volume.name = Volume Service - -catalog.RegionOne.ec2.publicURL = http://localhost:8773/services/Cloud -catalog.RegionOne.ec2.adminURL = http://localhost:8773/services/Admin -catalog.RegionOne.ec2.internalURL = http://localhost:8773/services/Cloud -catalog.RegionOne.ec2.name = EC2 Service - -catalog.RegionOne.image.publicURL = http://localhost:9292/v1 -catalog.RegionOne.image.adminURL = http://localhost:9292/v1 -catalog.RegionOne.image.internalURL = http://localhost:9292/v1 -catalog.RegionOne.image.name = Image Service diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/keystone/keystone.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/keystone/keystone.conf deleted file mode 100644 index 414ed1f..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/keystone/keystone.conf +++ /dev/null @@ -1,320 +0,0 @@ -[DEFAULT] -log_file = /var/log/keystone/keystone.log -# A "shared secret" between keystone and other openstack services -# admin_token = ADMIN -admin_token = 6Cx19zRq - -# The IP address of the network interface to listen on -# bind_host = 0.0.0.0 -bind_host = 192.168.0.3 - -# The port number which the public service listens on -# public_port = 5000 -public_port = 5000 - -# The port number which the public admin listens on -# admin_port = 35357 -admin_port = 35357 - -# The base endpoint URLs for keystone that are advertised to clients -# (NOTE: this does NOT affect how keystone listens for connections) -# public_endpoint = http://localhost:%(public_port)d/ -# admin_endpoint = http://localhost:%(admin_port)d/ - -# The port number which the OpenStack Compute service listens on -# compute_port = 8774 -compute_port = 3000 - -# Path to your policy definition containing identity actions -# policy_file = policy.json - -# Rule to check if no matching policy definition is found -# FIXME(dolph): This should really be defined as [policy] default_rule -# policy_default_rule = admin_required - -# Role for migrating membership relationships -# During a SQL upgrade, the following values will be used to create a new role -# that will replace records in the user_tenant_membership table with explicit -# role grants. After migration, the member_role_id will be used in the API -# add_user_to_project, and member_role_name will be ignored. -# member_role_id = 9fe2ff9ee4384b1894a90878d3e92bab -# member_role_name = _member_ - -# === Logging Options === -# Print debugging output -# (includes plaintext request logging, potentially including passwords) -# debug = False -debug = true - -# Print more verbose output -# verbose = False -verbose = true - -# Name of log file to output to. If not set, logging will go to stdout. -# log_file = keystone.log - -# The directory to keep log files in (will be prepended to --logfile) -# log_dir = /var/log/keystone - -# Use syslog for logging. -# use_syslog = False - -# syslog facility to receive log lines -# syslog_log_facility = LOG_USER - -# If this option is specified, the logging configuration file specified is -# used and overrides any other logging options specified. Please see the -# Python logging module documentation for details on logging configuration -# files. -# log_config = logging.conf -log_config = /etc/keystone/logging.conf - -# A logging.Formatter log message format string which may use any of the -# available logging.LogRecord attributes. -# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s - -# Format string for %(asctime)s in log records. -# log_date_format = %Y-%m-%d %H:%M:%S - -# onready allows you to send a notification when the process is ready to serve -# For example, to have it notify using systemd, one could set shell command: -# onready = systemd-notify --ready -# or a module with notify() method: -# onready = keystone.common.systemd - -[sql] -connection = mysql://keystone:cg5UvHsO@192.168.0.7/keystone -# The SQLAlchemy connection string used to connect to the database -# connection = sqlite:///keystone.db - -# the timeout before idle sql connections are reaped -# idle_timeout = 200 -idle_timeout = 200 - -[identity] -driver = keystone.identity.backends.sql.Identity -# driver = keystone.identity.backends.sql.Identity - -# This references the domain to use for all Identity API v2 requests (which are -# not aware of domains). A domain with this ID will be created for you by -# keystone-manage db_sync in migration 008. The domain referenced by this ID -# cannot be deleted on the v3 API, to prevent accidentally breaking the v2 API. -# There is nothing special about this domain, other than the fact that it must -# exist to order to maintain support for your v2 clients. -# default_domain_id = default - -[trust] -# driver = keystone.trust.backends.sql.Trust - -# delegation and impersonation features can be optionally disabled -# enabled = True - -[catalog] -template_file = /etc/keystone/default_catalog.templates -driver = keystone.catalog.backends.sql.Catalog -# dynamic, sql-based backend (supports API/CLI-based management commands) -# driver = keystone.catalog.backends.sql.Catalog - -# static, file-based backend (does *NOT* support any management commands) -# driver = keystone.catalog.backends.templated.TemplatedCatalog - -# template_file = default_catalog.templates - -[token] -driver = keystone.token.backends.sql.Token -# driver = keystone.token.backends.kvs.Token - -# Amount of time a token should remain valid (in seconds) -# expiration = 86400 - -[policy] -# driver = keystone.policy.backends.sql.Policy -driver = keystone.policy.backends.rules.Policy - -[ec2] -driver = keystone.contrib.ec2.backends.sql.Ec2 -# driver = keystone.contrib.ec2.backends.kvs.Ec2 - -[ssl] -#enable = True -#certfile = /etc/keystone/ssl/certs/keystone.pem -#keyfile = /etc/keystone/ssl/private/keystonekey.pem -#ca_certs = /etc/keystone/ssl/certs/ca.pem -#cert_required = True - -[signing] -#token_format = PKI -token_format = UUID -#certfile = /etc/keystone/ssl/certs/signing_cert.pem -#keyfile = /etc/keystone/ssl/private/signing_key.pem -#ca_certs = /etc/keystone/ssl/certs/ca.pem -#key_size = 1024 -#valid_days = 3650 -#ca_password = None - -[ldap] -# url = ldap://localhost -# user = dc=Manager,dc=example,dc=com -# password = None -# suffix = cn=example,cn=com -# use_dumb_member = False -# allow_subtree_delete = False -# dumb_member = cn=dumb,dc=example,dc=com - -# Maximum results per page; a value of zero ('0') disables paging (default) -# page_size = 0 - -# The LDAP dereferencing option for queries. This can be either 'never', -# 'searching', 'always', 'finding' or 'default'. The 'default' option falls -# back to using default dereferencing configured by your ldap.conf. -# alias_dereferencing = default - -# The LDAP scope for queries, this can be either 'one' -# (onelevel/singleLevel) or 'sub' (subtree/wholeSubtree) -# query_scope = one - -# user_tree_dn = ou=Users,dc=example,dc=com -# user_filter = -# user_objectclass = inetOrgPerson -# user_domain_id_attribute = businessCategory -# user_id_attribute = cn -# user_name_attribute = sn -# user_mail_attribute = email -# user_pass_attribute = userPassword -# user_enabled_attribute = enabled -# user_enabled_mask = 0 -# user_enabled_default = True -# user_attribute_ignore = tenant_id,tenants -# user_allow_create = True -# user_allow_update = True -# user_allow_delete = True -# user_enabled_emulation = False -# user_enabled_emulation_dn = - -# tenant_tree_dn = ou=Groups,dc=example,dc=com -# tenant_filter = -# tenant_objectclass = groupOfNames -# tenant_domain_id_attribute = businessCategory -# tenant_id_attribute = cn -# tenant_member_attribute = member -# tenant_name_attribute = ou -# tenant_desc_attribute = desc -# tenant_enabled_attribute = enabled -# tenant_attribute_ignore = -# tenant_allow_create = True -# tenant_allow_update = True -# tenant_allow_delete = True -# tenant_enabled_emulation = False -# tenant_enabled_emulation_dn = - -# role_tree_dn = ou=Roles,dc=example,dc=com -# role_filter = -# role_objectclass = organizationalRole -# role_id_attribute = cn -# role_name_attribute = ou -# role_member_attribute = roleOccupant -# role_attribute_ignore = -# role_allow_create = True -# role_allow_update = True -# role_allow_delete = True - -# group_tree_dn = -# group_filter = -# group_objectclass = groupOfNames -# group_id_attribute = cn -# group_name_attribute = ou -# group_member_attribute = member -# group_desc_attribute = desc -# group_attribute_ignore = -# group_allow_create = True -# group_allow_update = True -# group_allow_delete = True - -[auth] -methods = password,token -password = keystone.auth.plugins.password.Password -token = keystone.auth.plugins.token.Token - -[filter:debug] -paste.filter_factory = keystone.common.wsgi:Debug.factory - -[filter:token_auth] -paste.filter_factory = keystone.middleware:TokenAuthMiddleware.factory - -[filter:admin_token_auth] -paste.filter_factory = keystone.middleware:AdminTokenAuthMiddleware.factory - -[filter:xml_body] -paste.filter_factory = keystone.middleware:XmlBodyMiddleware.factory - -[filter:json_body] -paste.filter_factory = keystone.middleware:JsonBodyMiddleware.factory - -[filter:user_crud_extension] -paste.filter_factory = keystone.contrib.user_crud:CrudExtension.factory - -[filter:crud_extension] -paste.filter_factory = keystone.contrib.admin_crud:CrudExtension.factory - -[filter:ec2_extension] -paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory - -[filter:s3_extension] -paste.filter_factory = keystone.contrib.s3:S3Extension.factory - -[filter:url_normalize] -paste.filter_factory = keystone.middleware:NormalizingFilter.factory - -[filter:sizelimit] -paste.filter_factory = keystone.middleware:RequestBodySizeLimiter.factory - -[filter:stats_monitoring] -paste.filter_factory = keystone.contrib.stats:StatsMiddleware.factory - -[filter:stats_reporting] -paste.filter_factory = keystone.contrib.stats:StatsExtension.factory - -[filter:access_log] -paste.filter_factory = keystone.contrib.access:AccessLogMiddleware.factory - -[app:public_service] -paste.app_factory = keystone.service:public_app_factory - -[app:service_v3] -paste.app_factory = keystone.service:v3_app_factory - -[app:admin_service] -paste.app_factory = keystone.service:admin_app_factory - -[pipeline:public_api] -pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug ec2_extension user_crud_extension public_service - -[pipeline:admin_api] -pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension crud_extension admin_service - -[pipeline:api_v3] -pipeline = access_log sizelimit stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension service_v3 - -[app:public_version_service] -paste.app_factory = keystone.service:public_version_app_factory - -[app:admin_version_service] -paste.app_factory = keystone.service:admin_version_app_factory - -[pipeline:public_version_api] -pipeline = stats_monitoring url_normalize xml_body public_version_service - -[pipeline:admin_version_api] -pipeline = stats_monitoring url_normalize xml_body admin_version_service - -[composite:main] -use = egg:Paste#urlmap -/v2.0 = public_api -/v3 = api_v3 -/ = public_version_api - -[composite:admin] -use = egg:Paste#urlmap -/v2.0 = admin_api -/v3 = api_v3 -/ = admin_version_api diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/keystone/logging.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/keystone/logging.conf deleted file mode 100644 index f907736..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/keystone/logging.conf +++ /dev/null @@ -1,21 +0,0 @@ -[loggers] -keys = root - -[handlers] -keys = syslog - -[formatters] -keys = default - -[logger_root] -level = DEBUG -handlers = syslog -qualname = keystone - -[handler_syslog] -class = handlers.SysLogHandler -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL1) -formatter = default - -[formatter_default] -format = keystone %(name)s %(levelname)s %(message)s diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/keystone/policy.json b/config_samples/fuel_web/golden_fuelweb/cnt2/keystone/policy.json deleted file mode 100644 index 17da8ea..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/keystone/policy.json +++ /dev/null @@ -1,85 +0,0 @@ -{ - "admin_required": [["role:admin"], ["is_admin:1"]], - "owner" : [["user_id:%(user_id)s"]], - "admin_or_owner": [["rule:admin_required"], ["rule:owner"]], - - "default": [["rule:admin_required"]], - - "identity:get_service": [["rule:admin_required"]], - "identity:list_services": [["rule:admin_required"]], - "identity:create_service": [["rule:admin_required"]], - "identity:update_service": [["rule:admin_required"]], - "identity:delete_service": [["rule:admin_required"]], - - "identity:get_endpoint": [["rule:admin_required"]], - "identity:list_endpoints": [["rule:admin_required"]], - "identity:create_endpoint": [["rule:admin_required"]], - "identity:update_endpoint": [["rule:admin_required"]], - "identity:delete_endpoint": [["rule:admin_required"]], - - "identity:get_domain": [["rule:admin_required"]], - "identity:list_domains": [["rule:admin_required"]], - "identity:create_domain": [["rule:admin_required"]], - "identity:update_domain": [["rule:admin_required"]], - "identity:delete_domain": [["rule:admin_required"]], - - "identity:get_project": [["rule:admin_required"]], - "identity:list_projects": [["rule:admin_required"]], - "identity:list_user_projects": [["rule:admin_or_owner"]], - "identity:create_project": [["rule:admin_or_owner"]], - "identity:update_project": [["rule:admin_required"]], - "identity:delete_project": [["rule:admin_required"]], - - "identity:get_user": [["rule:admin_required"]], - "identity:list_users": [["rule:admin_required"]], - "identity:create_user": [["rule:admin_required"]], - "identity:update_user": [["rule:admin_or_owner"]], - "identity:delete_user": [["rule:admin_required"]], - - "identity:get_group": [["rule:admin_required"]], - "identity:list_groups": [["rule:admin_required"]], - "identity:create_group": [["rule:admin_required"]], - "identity:update_group": [["rule:admin_required"]], - "identity:delete_group": [["rule:admin_required"]], - "identity:list_users_in_group": [["rule:admin_required"]], - "identity:remove_user_from_group": [["rule:admin_required"]], - "identity:check_user_in_group": [["rule:admin_required"]], - "identity:add_user_to_group": [["rule:admin_required"]], - - "identity:get_credential": [["rule:admin_required"]], - "identity:list_credentials": [["rule:admin_required"]], - "identity:create_credential": [["rule:admin_required"]], - "identity:update_credential": [["rule:admin_required"]], - "identity:delete_credential": [["rule:admin_required"]], - - "identity:get_role": [["rule:admin_required"]], - "identity:list_roles": [["rule:admin_required"]], - "identity:create_role": [["rule:admin_required"]], - "identity:update_role": [["rule:admin_required"]], - "identity:delete_role": [["rule:admin_required"]], - - "identity:check_grant": [["rule:admin_required"]], - "identity:list_grants": [["rule:admin_required"]], - "identity:create_grant": [["rule:admin_required"]], - "identity:revoke_grant": [["rule:admin_required"]], - - "identity:get_policy": [["rule:admin_required"]], - "identity:list_policies": [["rule:admin_required"]], - "identity:create_policy": [["rule:admin_required"]], - "identity:update_policy": [["rule:admin_required"]], - "identity:delete_policy": [["rule:admin_required"]], - - "identity:check_token": [["rule:admin_required"]], - "identity:validate_token": [["rule:admin_required"]], - "identity:revocation_list": [["rule:admin_required"]], - "identity:revoke_token": [["rule:admin_required"], - ["user_id:%(user_id)s"]], - - "identity:create_trust": [["user_id:%(trust.trustor_user_id)s"]], - "identity:get_trust": [["rule:admin_or_owner"]], - "identity:list_trusts": [["@"]], - "identity:list_roles_for_trust": [["@"]], - "identity:check_role_for_trust": [["@"]], - "identity:get_role_for_trust": [["@"]], - "identity:delete_trust": [["@"]] -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/libvirt/libvirt.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/libvirt/libvirt.conf deleted file mode 100644 index 016cd24..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/libvirt/libvirt.conf +++ /dev/null @@ -1,18 +0,0 @@ -# -# This can be used to setup URI aliases for frequently -# used connection URIs. Aliases may contain only the -# characters a-Z, 0-9, _, -. -# -# Following the '=' may be any valid libvirt connection -# URI, including arbitrary parameters - -#uri_aliases = [ -# "hail=qemu+ssh://root@hail.cloud.example.com/system", -# "sleet=qemu+ssh://root@sleet.cloud.example.com/system", -#] - -# -# This can be used to prevent probing of the hypervisor -# driver when no URI is supplied by the application. - -#uri_default = "qemu:///system" diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/lvm/archive/os_00000-1386071611.vg b/config_samples/fuel_web/golden_fuelweb/cnt2/lvm/archive/os_00000-1386071611.vg deleted file mode 100644 index b06d5e4..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/lvm/archive/os_00000-1386071611.vg +++ /dev/null @@ -1,80 +0,0 @@ -# Generated by LVM2 version 2.02.98(2)-RHEL6 (2012-10-15): Mon Sep 16 13:29:47 2013 - -contents = "Text Format Volume Group" -version = 1 - -description = "Created *before* executing '/sbin/vgs --noheadings -o name --config 'log{command_names=0 prefix=\" \"}''" - -creation_host = "controller-14.domain.tld" # Linux controller-14.domain.tld 2.6.32-358.6.2.el6.x86_64 #1 SMP Thu May 16 20:59:36 UTC 2013 x86_64 -creation_time = 1379338187 # Mon Sep 16 13:29:47 2013 - -os { - id = "WfRNIa-37bC-8xQ9-nkV2-ajsy-7pEd-zDxWPE" - seqno = 3 - format = "lvm2" # informational - status = ["RESIZEABLE", "READ", "WRITE"] - flags = [] - extent_size = 65536 # 32 Megabytes - max_lv = 0 - max_pv = 0 - metadata_copies = 0 - - physical_volumes { - - pv0 { - id = "RndaGt-ZhCP-k88s-ceHd-CF8k-rTGf-pu5UuB" - device = "/dev/sda2" # Hint only - - status = ["ALLOCATABLE"] - flags = [] - dev_size = 29321216 # 13.9814 Gigabytes - pe_start = 2048 - pe_count = 447 # 13.9688 Gigabytes - } - } - - logical_volumes { - - root { - id = "xhrGP1-FqLA-flEd-8BOa-c3UE-Rf8p-WdIQrt" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "controller-14.domain.tld" - creation_time = 1379337792 # 2013-09-16 13:23:12 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 320 # 10 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 0 - ] - } - } - - swap { - id = "wLfLWt-HCzz-QC3L-FAhA-xG1N-fJnJ-Wj6rho" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "controller-14.domain.tld" - creation_time = 1379337796 # 2013-09-16 13:23:16 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 126 # 3.9375 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 320 - ] - } - } - } -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/lvm/backup/os b/config_samples/fuel_web/golden_fuelweb/cnt2/lvm/backup/os deleted file mode 100644 index 7052f08..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/lvm/backup/os +++ /dev/null @@ -1,80 +0,0 @@ -# Generated by LVM2 version 2.02.98(2)-RHEL6 (2012-10-15): Mon Sep 16 13:29:47 2013 - -contents = "Text Format Volume Group" -version = 1 - -description = "Created *after* executing '/sbin/vgs --noheadings -o name --config 'log{command_names=0 prefix=\" \"}''" - -creation_host = "controller-14.domain.tld" # Linux controller-14.domain.tld 2.6.32-358.6.2.el6.x86_64 #1 SMP Thu May 16 20:59:36 UTC 2013 x86_64 -creation_time = 1379338187 # Mon Sep 16 13:29:47 2013 - -os { - id = "WfRNIa-37bC-8xQ9-nkV2-ajsy-7pEd-zDxWPE" - seqno = 3 - format = "lvm2" # informational - status = ["RESIZEABLE", "READ", "WRITE"] - flags = [] - extent_size = 65536 # 32 Megabytes - max_lv = 0 - max_pv = 0 - metadata_copies = 0 - - physical_volumes { - - pv0 { - id = "RndaGt-ZhCP-k88s-ceHd-CF8k-rTGf-pu5UuB" - device = "/dev/sda2" # Hint only - - status = ["ALLOCATABLE"] - flags = [] - dev_size = 29321216 # 13.9814 Gigabytes - pe_start = 2048 - pe_count = 447 # 13.9688 Gigabytes - } - } - - logical_volumes { - - root { - id = "xhrGP1-FqLA-flEd-8BOa-c3UE-Rf8p-WdIQrt" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "controller-14.domain.tld" - creation_time = 1379337792 # 2013-09-16 13:23:12 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 320 # 10 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 0 - ] - } - } - - swap { - id = "wLfLWt-HCzz-QC3L-FAhA-xG1N-fJnJ-Wj6rho" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "controller-14.domain.tld" - creation_time = 1379337796 # 2013-09-16 13:23:16 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 126 # 3.9375 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 320 - ] - } - } - } -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/lvm/lvm.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/lvm/lvm.conf deleted file mode 100644 index 542a2e6..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/lvm/lvm.conf +++ /dev/null @@ -1,843 +0,0 @@ -# This is an example configuration file for the LVM2 system. -# It contains the default settings that would be used if there was no -# /etc/lvm/lvm.conf file. -# -# Refer to 'man lvm.conf' for further information including the file layout. -# -# To put this file in a different directory and override /etc/lvm set -# the environment variable LVM_SYSTEM_DIR before running the tools. -# -# N.B. Take care that each setting only appears once if uncommenting -# example settings in this file. - - -# This section allows you to configure which block devices should -# be used by the LVM system. -devices { - - # Where do you want your volume groups to appear ? - dir = "/dev" - - # An array of directories that contain the device nodes you wish - # to use with LVM2. - scan = [ "/dev" ] - - # If set, the cache of block device nodes with all associated symlinks - # will be constructed out of the existing udev database content. - # This avoids using and opening any inapplicable non-block devices or - # subdirectories found in the device directory. This setting is applied - # to udev-managed device directory only, other directories will be scanned - # fully. LVM2 needs to be compiled with udev support for this setting to - # take effect. N.B. Any device node or symlink not managed by udev in - # udev directory will be ignored with this setting on. - obtain_device_list_from_udev = 1 - - # If several entries in the scanned directories correspond to the - # same block device and the tools need to display a name for device, - # all the pathnames are matched against each item in the following - # list of regular expressions in turn and the first match is used. - # preferred_names = [ ] - - # Try to avoid using undescriptive /dev/dm-N names, if present. - preferred_names = [ "^/dev/mpath/", "^/dev/mapper/mpath", "^/dev/[hs]d" ] - - # A filter that tells LVM2 to only use a restricted set of devices. - # The filter consists of an array of regular expressions. These - # expressions can be delimited by a character of your choice, and - # prefixed with either an 'a' (for accept) or 'r' (for reject). - # The first expression found to match a device name determines if - # the device will be accepted or rejected (ignored). Devices that - # don't match any patterns are accepted. - - # Be careful if there there are symbolic links or multiple filesystem - # entries for the same device as each name is checked separately against - # the list of patterns. The effect is that if the first pattern in the - # list to match a name is an 'a' pattern for any of the names, the device - # is accepted; otherwise if the first pattern in the list to match a name - # is an 'r' pattern for any of the names it is rejected; otherwise it is - # accepted. - - # Don't have more than one filter line active at once: only one gets used. - - # Run vgscan after you change this parameter to ensure that - # the cache file gets regenerated (see below). - # If it doesn't do what you expect, check the output of 'vgscan -vvvv'. - - - # By default we accept every block device: - filter = [ "a/.*/" ] - - # Exclude the cdrom drive - # filter = [ "r|/dev/cdrom|" ] - - # When testing I like to work with just loopback devices: - # filter = [ "a/loop/", "r/.*/" ] - - # Or maybe all loops and ide drives except hdc: - # filter =[ "a|loop|", "r|/dev/hdc|", "a|/dev/ide|", "r|.*|" ] - - # Use anchors if you want to be really specific - # filter = [ "a|^/dev/hda8$|", "r/.*/" ] - - # Since "filter" is often overriden from command line, it is not suitable - # for system-wide device filtering (udev rules, lvmetad). To hide devices - # from LVM-specific udev processing and/or from lvmetad, you need to set - # global_filter. The syntax is the same as for normal "filter" - # above. Devices that fail the global_filter are not even opened by LVM. - - # global_filter = [] - - # The results of the filtering are cached on disk to avoid - # rescanning dud devices (which can take a very long time). - # By default this cache is stored in the /etc/lvm/cache directory - # in a file called '.cache'. - # It is safe to delete the contents: the tools regenerate it. - # (The old setting 'cache' is still respected if neither of - # these new ones is present.) - # N.B. If obtain_device_list_from_udev is set to 1 the list of - # devices is instead obtained from udev and any existing .cache - # file is removed. - cache_dir = "/etc/lvm/cache" - cache_file_prefix = "" - - # You can turn off writing this cache file by setting this to 0. - write_cache_state = 1 - - # Advanced settings. - - # List of pairs of additional acceptable block device types found - # in /proc/devices with maximum (non-zero) number of partitions. - # types = [ "fd", 16 ] - - # If sysfs is mounted (2.6 kernels) restrict device scanning to - # the block devices it believes are valid. - # 1 enables; 0 disables. - sysfs_scan = 1 - - # By default, LVM2 will ignore devices used as component paths - # of device-mapper multipath devices. - # 1 enables; 0 disables. - multipath_component_detection = 1 - - # By default, LVM2 will ignore devices used as components of - # software RAID (md) devices by looking for md superblocks. - # 1 enables; 0 disables. - md_component_detection = 1 - - # By default, if a PV is placed directly upon an md device, LVM2 - # will align its data blocks with the md device's stripe-width. - # 1 enables; 0 disables. - md_chunk_alignment = 1 - - # Default alignment of the start of a data area in MB. If set to 0, - # a value of 64KB will be used. Set to 1 for 1MiB, 2 for 2MiB, etc. - # default_data_alignment = 1 - - # By default, the start of a PV's data area will be a multiple of - # the 'minimum_io_size' or 'optimal_io_size' exposed in sysfs. - # - minimum_io_size - the smallest request the device can perform - # w/o incurring a read-modify-write penalty (e.g. MD's chunk size) - # - optimal_io_size - the device's preferred unit of receiving I/O - # (e.g. MD's stripe width) - # minimum_io_size is used if optimal_io_size is undefined (0). - # If md_chunk_alignment is enabled, that detects the optimal_io_size. - # This setting takes precedence over md_chunk_alignment. - # 1 enables; 0 disables. - data_alignment_detection = 1 - - # Alignment (in KB) of start of data area when creating a new PV. - # md_chunk_alignment and data_alignment_detection are disabled if set. - # Set to 0 for the default alignment (see: data_alignment_default) - # or page size, if larger. - data_alignment = 0 - - # By default, the start of the PV's aligned data area will be shifted by - # the 'alignment_offset' exposed in sysfs. This offset is often 0 but - # may be non-zero; e.g.: certain 4KB sector drives that compensate for - # windows partitioning will have an alignment_offset of 3584 bytes - # (sector 7 is the lowest aligned logical block, the 4KB sectors start - # at LBA -1, and consequently sector 63 is aligned on a 4KB boundary). - # But note that pvcreate --dataalignmentoffset will skip this detection. - # 1 enables; 0 disables. - data_alignment_offset_detection = 1 - - # If, while scanning the system for PVs, LVM2 encounters a device-mapper - # device that has its I/O suspended, it waits for it to become accessible. - # Set this to 1 to skip such devices. This should only be needed - # in recovery situations. - ignore_suspended_devices = 0 - - # During each LVM operation errors received from each device are counted. - # If the counter of a particular device exceeds the limit set here, no - # further I/O is sent to that device for the remainder of the respective - # operation. Setting the parameter to 0 disables the counters altogether. - disable_after_error_count = 0 - - # Allow use of pvcreate --uuid without requiring --restorefile. - require_restorefile_with_uuid = 1 - - # Minimum size (in KB) of block devices which can be used as PVs. - # In a clustered environment all nodes must use the same value. - # Any value smaller than 512KB is ignored. - - # Ignore devices smaller than 2MB such as floppy drives. - pv_min_size = 2048 - - # The original built-in setting was 512 up to and including version 2.02.84. - # pv_min_size = 512 - - # Issue discards to a logical volumes's underlying physical volume(s) when - # the logical volume is no longer using the physical volumes' space (e.g. - # lvremove, lvreduce, etc). Discards inform the storage that a region is - # no longer in use. Storage that supports discards advertise the protocol - # specific way discards should be issued by the kernel (TRIM, UNMAP, or - # WRITE SAME with UNMAP bit set). Not all storage will support or benefit - # from discards but SSDs and thinly provisioned LUNs generally do. If set - # to 1, discards will only be issued if both the storage and kernel provide - # support. - # 1 enables; 0 disables. - issue_discards = 0 -} - -# This section allows you to configure the way in which LVM selects -# free space for its Logical Volumes. -allocation { - - # When searching for free space to extend an LV, the "cling" - # allocation policy will choose space on the same PVs as the last - # segment of the existing LV. If there is insufficient space and a - # list of tags is defined here, it will check whether any of them are - # attached to the PVs concerned and then seek to match those PV tags - # between existing extents and new extents. - # Use the special tag "@*" as a wildcard to match any PV tag. - - # Example: LVs are mirrored between two sites within a single VG. - # PVs are tagged with either @site1 or @site2 to indicate where - # they are situated. - - # cling_tag_list = [ "@site1", "@site2" ] - # cling_tag_list = [ "@*" ] - - # Changes made in version 2.02.85 extended the reach of the 'cling' - # policies to detect more situations where data can be grouped - # onto the same disks. Set this to 0 to revert to the previous - # algorithm. - maximise_cling = 1 - - # Set to 1 to guarantee that mirror logs will always be placed on - # different PVs from the mirror images. This was the default - # until version 2.02.85. - mirror_logs_require_separate_pvs = 0 - - # Set to 1 to guarantee that thin pool metadata will always - # be placed on different PVs from the pool data. - thin_pool_metadata_require_separate_pvs = 0 - - # Specify the minimal chunk size (in KB) for thin pool volumes. - # Use of the larger chunk size may improve perfomance for plain - # thin volumes, however using them for snapshot volumes is less efficient, - # as it consumes more space and takes extra time for copying. - # When unset, lvm tries to estimate chunk size starting from 64KB - # Supported values are in range from 64 to 1048576. - # thin_pool_chunk_size = 64 - - # Specify discards behavior of the thin pool volume. - # Select one of "ignore", "nopassdown", "passdown" - # thin_pool_discards = "passdown" - - # Set to 0, to disable zeroing of thin pool data chunks before their - # first use. - # N.B. zeroing larger thin pool chunk size degrades performance. - # thin_pool_zero = 1 -} - -# This section that allows you to configure the nature of the -# information that LVM2 reports. -log { - - # Controls the messages sent to stdout or stderr. - # There are three levels of verbosity, 3 being the most verbose. - verbose = 0 - - # Set to 1 to suppress all non-essential messages from stdout. - # This has the same effect as -qq. - # When this is set, the following commands still produce output: - # dumpconfig, lvdisplay, lvmdiskscan, lvs, pvck, pvdisplay, - # pvs, version, vgcfgrestore -l, vgdisplay, vgs. - # Non-essential messages are shifted from log level 4 to log level 5 - # for syslog and lvm2_log_fn purposes. - # Any 'yes' or 'no' questions not overridden by other arguments - # are suppressed and default to 'no'. - silent = 0 - - # Should we send log messages through syslog? - # 1 is yes; 0 is no. - syslog = 1 - - # Should we log error and debug messages to a file? - # By default there is no log file. - #file = "/var/log/lvm2.log" - - # Should we overwrite the log file each time the program is run? - # By default we append. - overwrite = 0 - - # What level of log messages should we send to the log file and/or syslog? - # There are 6 syslog-like log levels currently in use - 2 to 7 inclusive. - # 7 is the most verbose (LOG_DEBUG). - level = 0 - - # Format of output messages - # Whether or not (1 or 0) to indent messages according to their severity - indent = 1 - - # Whether or not (1 or 0) to display the command name on each line output - command_names = 0 - - # A prefix to use before the message text (but after the command name, - # if selected). Default is two spaces, so you can see/grep the severity - # of each message. - prefix = " " - - # To make the messages look similar to the original LVM tools use: - # indent = 0 - # command_names = 1 - # prefix = " -- " - - # Set this if you want log messages during activation. - # Don't use this in low memory situations (can deadlock). - # activation = 0 -} - -# Configuration of metadata backups and archiving. In LVM2 when we -# talk about a 'backup' we mean making a copy of the metadata for the -# *current* system. The 'archive' contains old metadata configurations. -# Backups are stored in a human readeable text format. -backup { - - # Should we maintain a backup of the current metadata configuration ? - # Use 1 for Yes; 0 for No. - # Think very hard before turning this off! - backup = 1 - - # Where shall we keep it ? - # Remember to back up this directory regularly! - backup_dir = "/etc/lvm/backup" - - # Should we maintain an archive of old metadata configurations. - # Use 1 for Yes; 0 for No. - # On by default. Think very hard before turning this off. - archive = 1 - - # Where should archived files go ? - # Remember to back up this directory regularly! - archive_dir = "/etc/lvm/archive" - - # What is the minimum number of archive files you wish to keep ? - retain_min = 10 - - # What is the minimum time you wish to keep an archive file for ? - retain_days = 30 -} - -# Settings for the running LVM2 in shell (readline) mode. -shell { - - # Number of lines of history to store in ~/.lvm_history - history_size = 100 -} - - -# Miscellaneous global LVM2 settings -global { - - # The file creation mask for any files and directories created. - # Interpreted as octal if the first digit is zero. - umask = 077 - - # Allow other users to read the files - #umask = 022 - - # Enabling test mode means that no changes to the on disk metadata - # will be made. Equivalent to having the -t option on every - # command. Defaults to off. - test = 0 - - # Default value for --units argument - units = "h" - - # Since version 2.02.54, the tools distinguish between powers of - # 1024 bytes (e.g. KiB, MiB, GiB) and powers of 1000 bytes (e.g. - # KB, MB, GB). - # If you have scripts that depend on the old behaviour, set this to 0 - # temporarily until you update them. - si_unit_consistency = 1 - - # Whether or not to communicate with the kernel device-mapper. - # Set to 0 if you want to use the tools to manipulate LVM metadata - # without activating any logical volumes. - # If the device-mapper kernel driver is not present in your kernel - # setting this to 0 should suppress the error messages. - activation = 1 - - # If we can't communicate with device-mapper, should we try running - # the LVM1 tools? - # This option only applies to 2.4 kernels and is provided to help you - # switch between device-mapper kernels and LVM1 kernels. - # The LVM1 tools need to be installed with .lvm1 suffices - # e.g. vgscan.lvm1 and they will stop working after you start using - # the new lvm2 on-disk metadata format. - # The default value is set when the tools are built. - # fallback_to_lvm1 = 0 - - # The default metadata format that commands should use - "lvm1" or "lvm2". - # The command line override is -M1 or -M2. - # Defaults to "lvm2". - # format = "lvm2" - - # Location of proc filesystem - proc = "/proc" - - # Type of locking to use. Defaults to local file-based locking (1). - # Turn locking off by setting to 0 (dangerous: risks metadata corruption - # if LVM2 commands get run concurrently). - # Type 2 uses the external shared library locking_library. - # Type 3 uses built-in clustered locking. - # Type 4 uses read-only locking which forbids any operations that might - # change metadata. - locking_type = 1 - - # Set to 0 to fail when a lock request cannot be satisfied immediately. - wait_for_locks = 1 - - # If using external locking (type 2) and initialisation fails, - # with this set to 1 an attempt will be made to use the built-in - # clustered locking. - # If you are using a customised locking_library you should set this to 0. - fallback_to_clustered_locking = 1 - - # If an attempt to initialise type 2 or type 3 locking failed, perhaps - # because cluster components such as clvmd are not running, with this set - # to 1 an attempt will be made to use local file-based locking (type 1). - # If this succeeds, only commands against local volume groups will proceed. - # Volume Groups marked as clustered will be ignored. - fallback_to_local_locking = 1 - - # Local non-LV directory that holds file-based locks while commands are - # in progress. A directory like /tmp that may get wiped on reboot is OK. - locking_dir = "/var/lock/lvm" - - # Whenever there are competing read-only and read-write access requests for - # a volume group's metadata, instead of always granting the read-only - # requests immediately, delay them to allow the read-write requests to be - # serviced. Without this setting, write access may be stalled by a high - # volume of read-only requests. - # NB. This option only affects locking_type = 1 viz. local file-based - # locking. - prioritise_write_locks = 1 - - # Other entries can go here to allow you to load shared libraries - # e.g. if support for LVM1 metadata was compiled as a shared library use - # format_libraries = "liblvm2format1.so" - # Full pathnames can be given. - - # Search this directory first for shared libraries. - # library_dir = "/lib" - - # The external locking library to load if locking_type is set to 2. - # locking_library = "liblvm2clusterlock.so" - - # Treat any internal errors as fatal errors, aborting the process that - # encountered the internal error. Please only enable for debugging. - abort_on_internal_errors = 0 - - # Check whether CRC is matching when parsed VG is used multiple times. - # This is useful to catch unexpected internal cached volume group - # structure modification. Please only enable for debugging. - detect_internal_vg_cache_corruption = 0 - - # If set to 1, no operations that change on-disk metadata will be permitted. - # Additionally, read-only commands that encounter metadata in need of repair - # will still be allowed to proceed exactly as if the repair had been - # performed (except for the unchanged vg_seqno). - # Inappropriate use could mess up your system, so seek advice first! - metadata_read_only = 0 - - # 'mirror_segtype_default' defines which segtype will be used when the - # shorthand '-m' option is used for mirroring. The possible options are: - # - # "mirror" - The original RAID1 implementation provided by LVM2/DM. It is - # characterized by a flexible log solution (core, disk, mirrored) - # and by the necessity to block I/O while reconfiguring in the - # event of a failure. - # - # There is an inherent race in the dmeventd failure handling - # logic with snapshots of devices using this type of RAID1 that - # in the worst case could cause a deadlock. - # Ref: https://bugzilla.redhat.com/show_bug.cgi?id=817130#c10 - # - # "raid1" - This implementation leverages MD's RAID1 personality through - # device-mapper. It is characterized by a lack of log options. - # (A log is always allocated for every device and they are placed - # on the same device as the image - no separate devices are - # required.) This mirror implementation does not require I/O - # to be blocked in the kernel in the event of a failure. - # This mirror implementation is not cluster-aware and cannot be - # used in a shared (active/active) fashion in a cluster. - # - # Specify the '--type ' option to override this default - # setting. - mirror_segtype_default = "mirror" - - # The default format for displaying LV names in lvdisplay was changed - # in version 2.02.89 to show the LV name and path separately. - # Previously this was always shown as /dev/vgname/lvname even when that - # was never a valid path in the /dev filesystem. - # Set to 1 to reinstate the previous format. - # - # lvdisplay_shows_full_device_path = 0 - - # Whether to use (trust) a running instance of lvmetad. If this is set to - # 0, all commands fall back to the usual scanning mechanisms. When set to 1 - # *and* when lvmetad is running (it is not auto-started), the volume group - # metadata and PV state flags are obtained from the lvmetad instance and no - # scanning is done by the individual commands. In a setup with lvmetad, - # lvmetad udev rules *must* be set up for LVM to work correctly. Without - # proper udev rules, all changes in block device configuration will be - # *ignored* until a manual 'pvscan --cache' is performed. - # - # If lvmetad has been running while use_lvmetad was 0, it MUST be stopped - # before changing use_lvmetad to 1 and started again afterwards. - use_lvmetad = 0 - - # Full path of the utility called to check that a thin metadata device - # is in a state that allows it to be used. - # Each time a thin pool needs to be activated or after it is deactivated - # this utility is executed. The activation will only proceed if the utility - # has an exit status of 0. - # Set to "" to skip this check. (Not recommended.) - # The thin tools are available as part of the device-mapper-persistent-data - # package from https://github.com/jthornber/thin-provisioning-tools. - # - thin_check_executable = "/usr/sbin/thin_check" - - # String with options passed with thin_check command. By default, - # option '-q' is for quiet output. - thin_check_options = [ "-q" ] - - # If set, given features are not used by thin driver. - # This can be helpful not just for testing, but i.e. allows to avoid - # using problematic implementation of some thin feature. - # Features: - # block_size - # discards - # discards_non_power_2 - # - # thin_disabled_features = [ "discards", "block_size" ] -} - -activation { - # Set to 1 to perform internal checks on the operations issued to - # libdevmapper. Useful for debugging problems with activation. - # Some of the checks may be expensive, so it's best to use this - # only when there seems to be a problem. - checks = 0 - - # Set to 0 to disable udev synchronisation (if compiled into the binaries). - # Processes will not wait for notification from udev. - # They will continue irrespective of any possible udev processing - # in the background. You should only use this if udev is not running - # or has rules that ignore the devices LVM2 creates. - # The command line argument --nodevsync takes precedence over this setting. - # If set to 1 when udev is not running, and there are LVM2 processes - # waiting for udev, run 'dmsetup udevcomplete_all' manually to wake them up. - udev_sync = 1 - - # Set to 0 to disable the udev rules installed by LVM2 (if built with - # --enable-udev_rules). LVM2 will then manage the /dev nodes and symlinks - # for active logical volumes directly itself. - # N.B. Manual intervention may be required if this setting is changed - # while any logical volumes are active. - udev_rules = 1 - - # Set to 1 for LVM2 to verify operations performed by udev. This turns on - # additional checks (and if necessary, repairs) on entries in the device - # directory after udev has completed processing its events. - # Useful for diagnosing problems with LVM2/udev interactions. - verify_udev_operations = 0 - - # If set to 1 and if deactivation of an LV fails, perhaps because - # a process run from a quick udev rule temporarily opened the device, - # retry the operation for a few seconds before failing. - retry_deactivation = 1 - - # How to fill in missing stripes if activating an incomplete volume. - # Using "error" will make inaccessible parts of the device return - # I/O errors on access. You can instead use a device path, in which - # case, that device will be used to in place of missing stripes. - # But note that using anything other than "error" with mirrored - # or snapshotted volumes is likely to result in data corruption. - missing_stripe_filler = "error" - - # The linear target is an optimised version of the striped target - # that only handles a single stripe. Set this to 0 to disable this - # optimisation and always use the striped target. - use_linear_target = 1 - - # How much stack (in KB) to reserve for use while devices suspended - # Prior to version 2.02.89 this used to be set to 256KB - reserved_stack = 64 - - # How much memory (in KB) to reserve for use while devices suspended - reserved_memory = 8192 - - # Nice value used while devices suspended - process_priority = -18 - - # If volume_list is defined, each LV is only activated if there is a - # match against the list. - # "vgname" and "vgname/lvname" are matched exactly. - # "@tag" matches any tag set in the LV or VG. - # "@*" matches if any tag defined on the host is also set in the LV or VG - # - # volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] - - # If auto_activation_volume_list is defined, each LV that is to be - # activated is checked against the list while using the autoactivation - # option (--activate ay/-a ay), and if it matches, it is activated. - # "vgname" and "vgname/lvname" are matched exactly. - # "@tag" matches any tag set in the LV or VG. - # "@*" matches if any tag defined on the host is also set in the LV or VG - # - # auto_activation_volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] - - # If read_only_volume_list is defined, each LV that is to be activated - # is checked against the list, and if it matches, it as activated - # in read-only mode. (This overrides '--permission rw' stored in the - # metadata.) - # "vgname" and "vgname/lvname" are matched exactly. - # "@tag" matches any tag set in the LV or VG. - # "@*" matches if any tag defined on the host is also set in the LV or VG - # - # read_only_volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] - - # Size (in KB) of each copy operation when mirroring - mirror_region_size = 512 - - # Setting to use when there is no readahead value stored in the metadata. - # - # "none" - Disable readahead. - # "auto" - Use default value chosen by kernel. - readahead = "auto" - - # 'raid_fault_policy' defines how a device failure in a RAID logical - # volume is handled. This includes logical volumes that have the following - # segment types: raid1, raid4, raid5*, and raid6*. - # - # In the event of a failure, the following policies will determine what - # actions are performed during the automated response to failures (when - # dmeventd is monitoring the RAID logical volume) and when 'lvconvert' is - # called manually with the options '--repair' and '--use-policies'. - # - # "warn" - Use the system log to warn the user that a device in the RAID - # logical volume has failed. It is left to the user to run - # 'lvconvert --repair' manually to remove or replace the failed - # device. As long as the number of failed devices does not - # exceed the redundancy of the logical volume (1 device for - # raid4/5, 2 for raid6, etc) the logical volume will remain - # usable. - # - # "allocate" - Attempt to use any extra physical volumes in the volume - # group as spares and replace faulty devices. - # - raid_fault_policy = "warn" - - # 'mirror_image_fault_policy' and 'mirror_log_fault_policy' define - # how a device failure affecting a mirror (of "mirror" segment type) is - # handled. A mirror is composed of mirror images (copies) and a log. - # A disk log ensures that a mirror does not need to be re-synced - # (all copies made the same) every time a machine reboots or crashes. - # - # In the event of a failure, the specified policy will be used to determine - # what happens. This applies to automatic repairs (when the mirror is being - # monitored by dmeventd) and to manual lvconvert --repair when - # --use-policies is given. - # - # "remove" - Simply remove the faulty device and run without it. If - # the log device fails, the mirror would convert to using - # an in-memory log. This means the mirror will not - # remember its sync status across crashes/reboots and - # the entire mirror will be re-synced. If a - # mirror image fails, the mirror will convert to a - # non-mirrored device if there is only one remaining good - # copy. - # - # "allocate" - Remove the faulty device and try to allocate space on - # a new device to be a replacement for the failed device. - # Using this policy for the log is fast and maintains the - # ability to remember sync state through crashes/reboots. - # Using this policy for a mirror device is slow, as it - # requires the mirror to resynchronize the devices, but it - # will preserve the mirror characteristic of the device. - # This policy acts like "remove" if no suitable device and - # space can be allocated for the replacement. - # - # "allocate_anywhere" - Not yet implemented. Useful to place the log device - # temporarily on same physical volume as one of the mirror - # images. This policy is not recommended for mirror devices - # since it would break the redundant nature of the mirror. This - # policy acts like "remove" if no suitable device and space can - # be allocated for the replacement. - - mirror_log_fault_policy = "allocate" - mirror_image_fault_policy = "remove" - - # 'snapshot_autoextend_threshold' and 'snapshot_autoextend_percent' define - # how to handle automatic snapshot extension. The former defines when the - # snapshot should be extended: when its space usage exceeds this many - # percent. The latter defines how much extra space should be allocated for - # the snapshot, in percent of its current size. - # - # For example, if you set snapshot_autoextend_threshold to 70 and - # snapshot_autoextend_percent to 20, whenever a snapshot exceeds 70% usage, - # it will be extended by another 20%. For a 1G snapshot, using up 700M will - # trigger a resize to 1.2G. When the usage exceeds 840M, the snapshot will - # be extended to 1.44G, and so on. - # - # Setting snapshot_autoextend_threshold to 100 disables automatic - # extensions. The minimum value is 50 (A setting below 50 will be treated - # as 50). - - snapshot_autoextend_threshold = 100 - snapshot_autoextend_percent = 20 - - # 'thin_pool_autoextend_threshold' and 'thin_pool_autoextend_percent' define - # how to handle automatic pool extension. The former defines when the - # pool should be extended: when its space usage exceeds this many - # percent. The latter defines how much extra space should be allocated for - # the pool, in percent of its current size. - # - # For example, if you set thin_pool_autoextend_threshold to 70 and - # thin_pool_autoextend_percent to 20, whenever a pool exceeds 70% usage, - # it will be extended by another 20%. For a 1G pool, using up 700M will - # trigger a resize to 1.2G. When the usage exceeds 840M, the pool will - # be extended to 1.44G, and so on. - # - # Setting thin_pool_autoextend_threshold to 100 disables automatic - # extensions. The minimum value is 50 (A setting below 50 will be treated - # as 50). - - thin_pool_autoextend_threshold = 100 - thin_pool_autoextend_percent = 20 - - # While activating devices, I/O to devices being (re)configured is - # suspended, and as a precaution against deadlocks, LVM2 needs to pin - # any memory it is using so it is not paged out. Groups of pages that - # are known not to be accessed during activation need not be pinned - # into memory. Each string listed in this setting is compared against - # each line in /proc/self/maps, and the pages corresponding to any - # lines that match are not pinned. On some systems locale-archive was - # found to make up over 80% of the memory used by the process. - # mlock_filter = [ "locale/locale-archive", "gconv/gconv-modules.cache" ] - - # Set to 1 to revert to the default behaviour prior to version 2.02.62 - # which used mlockall() to pin the whole process's memory while activating - # devices. - use_mlockall = 0 - - # Monitoring is enabled by default when activating logical volumes. - # Set to 0 to disable monitoring or use the --ignoremonitoring option. - monitoring = 1 - - # When pvmove or lvconvert must wait for the kernel to finish - # synchronising or merging data, they check and report progress - # at intervals of this number of seconds. The default is 15 seconds. - # If this is set to 0 and there is only one thing to wait for, there - # are no progress reports, but the process is awoken immediately the - # operation is complete. - polling_interval = 15 -} - - -#################### -# Advanced section # -#################### - -# Metadata settings -# -# metadata { - # Default number of copies of metadata to hold on each PV. 0, 1 or 2. - # You might want to override it from the command line with 0 - # when running pvcreate on new PVs which are to be added to large VGs. - - # pvmetadatacopies = 1 - - # Default number of copies of metadata to maintain for each VG. - # If set to a non-zero value, LVM automatically chooses which of - # the available metadata areas to use to achieve the requested - # number of copies of the VG metadata. If you set a value larger - # than the the total number of metadata areas available then - # metadata is stored in them all. - # The default value of 0 ("unmanaged") disables this automatic - # management and allows you to control which metadata areas - # are used at the individual PV level using 'pvchange - # --metadataignore y/n'. - - # vgmetadatacopies = 0 - - # Approximate default size of on-disk metadata areas in sectors. - # You should increase this if you have large volume groups or - # you want to retain a large on-disk history of your metadata changes. - - # pvmetadatasize = 255 - - # List of directories holding live copies of text format metadata. - # These directories must not be on logical volumes! - # It's possible to use LVM2 with a couple of directories here, - # preferably on different (non-LV) filesystems, and with no other - # on-disk metadata (pvmetadatacopies = 0). Or this can be in - # addition to on-disk metadata areas. - # The feature was originally added to simplify testing and is not - # supported under low memory situations - the machine could lock up. - # - # Never edit any files in these directories by hand unless you - # you are absolutely sure you know what you are doing! Use - # the supplied toolset to make changes (e.g. vgcfgrestore). - - # dirs = [ "/etc/lvm/metadata", "/mnt/disk2/lvm/metadata2" ] -#} - -# Event daemon -# -dmeventd { - # mirror_library is the library used when monitoring a mirror device. - # - # "libdevmapper-event-lvm2mirror.so" attempts to recover from - # failures. It removes failed devices from a volume group and - # reconfigures a mirror as necessary. If no mirror library is - # provided, mirrors are not monitored through dmeventd. - - mirror_library = "libdevmapper-event-lvm2mirror.so" - - # snapshot_library is the library used when monitoring a snapshot device. - # - # "libdevmapper-event-lvm2snapshot.so" monitors the filling of - # snapshots and emits a warning through syslog when the use of - # the snapshot exceeds 80%. The warning is repeated when 85%, 90% and - # 95% of the snapshot is filled. - - snapshot_library = "libdevmapper-event-lvm2snapshot.so" - - # thin_library is the library used when monitoring a thin device. - # - # "libdevmapper-event-lvm2thin.so" monitors the filling of - # pool and emits a warning through syslog when the use of - # the pool exceeds 80%. The warning is repeated when 85%, 90% and - # 95% of the pool is filled. - - thin_library = "libdevmapper-event-lvm2thin.so" - - # Full path of the dmeventd binary. - # - # executable = "/sbin/dmeventd" -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/mysql/conf.d/wsrep.cnf b/config_samples/fuel_web/golden_fuelweb/cnt2/mysql/conf.d/wsrep.cnf deleted file mode 100644 index 2593e33..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/mysql/conf.d/wsrep.cnf +++ /dev/null @@ -1,129 +0,0 @@ -# This file contains wsrep-related mysqld options. It should be included -# in the main MySQL configuration file. -# -# Options that need to be customized: -# - wsrep_provider -# - wsrep_cluster_address -# - wsrep_sst_auth -# The rest of defaults should work out of the box. - -## -## mysqld options _MANDATORY_ for correct opration of the cluster -## -[mysqld] - -# (This must be substituted by wsrep_format) -binlog_format=ROW - -# Currently only InnoDB storage engine is supported -default-storage-engine=innodb - -# to avoid issues with 'bulk mode inserts' using autoinc -innodb_autoinc_lock_mode=2 - -# This is a must for paralell applying -innodb_locks_unsafe_for_binlog=1 - -# Query Cache is not supported with wsrep -query_cache_size=0 -query_cache_type=0 - -# Override bind-address -# In some systems bind-address defaults to 127.0.0.1, and with mysqldump SST -# it will have (most likely) disastrous consequences on donor node -bind-address=192.168.0.3 -port=3307 - -max_connections=2048 - -## -## WSREP options -## -# Full path to wsrep provider library or 'none' -wsrep_provider=/usr/lib64/galera/libgalera_smm.so - -# Provider specific configuration options -# See http://www.codership.com/wiki/doku.php?id=faq - -wsrep_provider_options="pc.ignore_sb = no;ist.recv_addr=192.168.0.3;gmcast.listen_addr=tcp://192.168.0.3:4567" - -# Logical cluster name. Should be the same for all nodes. -wsrep_cluster_name="openstack" - - wsrep_cluster_address="gcomm://192.168.0.4:4567,192.168.0.2:4567" - -# Human-readable node name (non-unique). Hostname by default. -#wsrep_node_name= - -# Base replication [:port] of the node. -# The values supplied will be used as defaults for state transfer receiving, -# listening ports and so on. Default: address of the first network interface. -wsrep_node_address=192.168.0.3 - -# Address for incoming client connections. Autodetect by default. -#wsrep_node_incoming_address= - -# How many threads will process writesets from other nodes -wsrep_slave_threads=32 - -# DBUG options for wsrep provider -#wsrep_dbug_option - -# Generate fake primary keys for non-PK tables (required for multi-master -# and parallel applying operation) -wsrep_certify_nonPK=1 - -# Maximum number of rows in write set -wsrep_max_ws_rows=131072 - -# Maximum size of write set -wsrep_max_ws_size=1073741824 - -# to enable debug level logging, set this to 1 -wsrep_debug=0 - -# convert locking sessions into transactions -wsrep_convert_LOCK_to_trx=0 - -# how many times to retry deadlocked autocommits -wsrep_retry_autocommit=1 - -# change auto_increment_increment and auto_increment_offset automatically -wsrep_auto_increment_control=1 - -# retry autoinc insert, which failed for duplicate key error -wsrep_drupal_282555_workaround=0 - -# enable "strictly synchronous" semantics for read operations -wsrep_causal_reads=0 - -# Command to call when node status or cluster membership changes. -# Will be passed all or some of the following options: -# --status - new status of this node -# --uuid - UUID of the cluster -# --primary - whether the component is primary or not ("yes"/"no") -# --members - comma-separated list of members -# --index - index of this node in the list -wsrep_notify_cmd= - -## -## WSREP State Transfer options -## - -# State Snapshot Transfer method -wsrep_sst_method=mysqldump - -# Address on THIS node to receive SST at. DON'T SET IT TO DONOR ADDRESS!!! -# (SST method dependent. Defaults to the first IP of the first interface) -wsrep_sst_receive_address=192.168.0.3:3307 - -# SST authentication string. This will be used to send SST to joining nodes. -# Depends on SST method. For mysqldump method it is root: -wsrep_sst_auth=wsrep_sst:password - -# Desired SST donor name. -#wsrep_sst_donor= - -# Protocol version to use -# wsrep_protocol_version= -skip-name-resolve diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/nova/api-paste.ini b/config_samples/fuel_web/golden_fuelweb/cnt2/nova/api-paste.ini deleted file mode 100644 index 31bdf8f..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/nova/api-paste.ini +++ /dev/null @@ -1,102 +0,0 @@ -############ -# Metadata # -############ -[composite:metadata] -use = egg:Paste#urlmap -/: meta - -[pipeline:meta] -pipeline = ec2faultwrap logrequest metaapp - -[app:metaapp] -paste.app_factory = nova.api.metadata.handler:MetadataRequestHandler.factory - -####### -# EC2 # -####### - -[composite:ec2] -use = egg:Paste#urlmap -/services/Cloud: ec2cloud - -[composite:ec2cloud] -use = call:nova.api.auth:pipeline_factory -noauth = ec2faultwrap logrequest ec2noauth cloudrequest validator ec2executor -keystone = ec2faultwrap logrequest ec2keystoneauth cloudrequest validator ec2executor - -[filter:ec2faultwrap] -paste.filter_factory = nova.api.ec2:FaultWrapper.factory - -[filter:logrequest] -paste.filter_factory = nova.api.ec2:RequestLogging.factory - -[filter:ec2lockout] -paste.filter_factory = nova.api.ec2:Lockout.factory - -[filter:ec2keystoneauth] -paste.filter_factory = nova.api.ec2:EC2KeystoneAuth.factory - -[filter:ec2noauth] -paste.filter_factory = nova.api.ec2:NoAuth.factory - -[filter:cloudrequest] -controller = nova.api.ec2.cloud.CloudController -paste.filter_factory = nova.api.ec2:Requestify.factory - -[filter:authorizer] -paste.filter_factory = nova.api.ec2:Authorizer.factory - -[filter:validator] -paste.filter_factory = nova.api.ec2:Validator.factory - -[app:ec2executor] -paste.app_factory = nova.api.ec2:Executor.factory - -############# -# Openstack # -############# - -[composite:osapi_compute] -use = call:nova.api.openstack.urlmap:urlmap_factory -/: oscomputeversions -/v1.1: openstack_compute_api_v2 -/v2: openstack_compute_api_v2 - -[composite:openstack_compute_api_v2] -use = call:nova.api.auth:pipeline_factory -noauth = faultwrap sizelimit noauth ratelimit osapi_compute_app_v2 -keystone = faultwrap sizelimit authtoken keystonecontext ratelimit osapi_compute_app_v2 -keystone_nolimit = faultwrap sizelimit authtoken keystonecontext osapi_compute_app_v2 - -[filter:faultwrap] -paste.filter_factory = nova.api.openstack:FaultWrapper.factory - -[filter:noauth] -paste.filter_factory = nova.api.openstack.auth:NoAuthMiddleware.factory - -[filter:ratelimit] -paste.filter_factory = nova.api.openstack.compute.limits:RateLimitingMiddleware.factory - -[filter:sizelimit] -paste.filter_factory = nova.api.sizelimit:RequestBodySizeLimiter.factory - -[app:osapi_compute_app_v2] -paste.app_factory = nova.api.openstack.compute:APIRouter.factory - -[pipeline:oscomputeversions] -pipeline = faultwrap oscomputeversionapp - -[app:oscomputeversionapp] -paste.app_factory = nova.api.openstack.compute.versions:Versions.factory - -########## -# Shared # -########## - -[filter:keystonecontext] -paste.filter_factory = nova.api.auth:NovaKeystoneContext.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory -# Workaround for https://bugs.launchpad.net/nova/+bug/1154809 -auth_version = v2.0 diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/nova/logging.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/nova/logging.conf deleted file mode 100644 index d8e0f98..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/nova/logging.conf +++ /dev/null @@ -1,21 +0,0 @@ -[loggers] -keys = root - -[handlers] -keys = syslog - -[formatters] -keys = default - -[logger_root] -level = DEBUG -handlers = syslog -qualname = nova - -[handler_syslog] -class = handlers.SysLogHandler -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL0) -formatter = default - -[formatter_default] -format = nova %(name)s %(levelname)s %(message)s diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/nova/nova.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/nova/nova.conf deleted file mode 100644 index ae7699b..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/nova/nova.conf +++ /dev/null @@ -1,76 +0,0 @@ -[DEFAULT] -logdir = /var/log/nova -state_path = /var/lib/nova -lock_path = /var/lib/nova/tmp -volumes_dir = /etc/nova/volumes -dhcpbridge = /usr/bin/nova-dhcpbridge -dhcpbridge_flagfile = /etc/nova/nova.conf -force_dhcp_release = true -injected_network_template = /usr/share/nova/interfaces.template -libvirt_nonblocking = True -libvirt_inject_partition = -1 -network_manager = nova.network.manager.VlanManager -iscsi_helper = tgtadm -sql_connection = mysql://nova:jMsyf1wU@192.168.0.7/nova -compute_driver = libvirt.LibvirtDriver -firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver -rpc_backend = nova.rpc.impl_kombu -rootwrap_config = /etc/nova/rootwrap.conf -debug=true -rabbit_hosts=192.168.0.7:5672 -quota_volumes=100 -osapi_compute_listen=192.168.0.3 -ec2_listen=192.168.0.3 -quota_max_injected_file_content_bytes=102400 -glance_api_servers=240.0.1.7:9292 -novncproxy_host=240.0.1.7 -rabbit_userid=nova -rabbit_ha_queues=True -rabbit_password=zrk9MfKV -verbose=true -auto_assign_floating_ip=True -logging_default_format_string=%(levelname)s %(name)s [-] %(instance)s %(message)s -quota_cores=100 -logging_context_format_string=%(levelname)s %(name)s [%(request_id)s %(user_id)s %(project_id)s] %(instance)s %(message)s -enabled_apis=ec2,osapi_compute -rabbit_virtual_host=/ -image_service=nova.image.glance.GlanceImageService -volume_api_class=nova.volume.cinder.API -use_cow_images=true -quota_max_injected_files=50 -novncproxy_port=6080 -log_config=/etc/nova/logging.conf -rabbit_port=5672 -vlan_start=103 -compute_scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler -quota_max_injected_file_path_bytes=4096 -api_paste_config=/etc/nova/api-paste.ini -quota_floating_ips=100 -multi_host=True -public_interface=eth0.100 -start_guests_on_host_boot=true -service_down_time=60 -syslog_log_facility=LOCAL0 -quota_gigabytes=1000 -quota_instances=100 -osapi_volume_listen=192.168.0.3 -metadata_listen=192.168.0.3 -auth_strategy=keystone -quota_metadata_items=1024 -fixed_range=10.0.0.0/24 -use_syslog=True -dhcp_domain=novalocal -allow_resize_to_same_host=True -vlan_interface=eth0 -memcached_servers=controller-15:11211,controller-14:11211,controller-13:11211 - -[keystone_authtoken] -admin_tenant_name = services -admin_user = nova -admin_password = Zc1VlBC9 -auth_host = 192.168.0.7 -auth_port = 35357 -auth_protocol = http -signing_dir = /tmp/keystone-signing-nova -signing_dirname=/tmp/keystone-signing-nova - diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/nova/policy.json b/config_samples/fuel_web/golden_fuelweb/cnt2/nova/policy.json deleted file mode 100644 index 5a6800f..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/nova/policy.json +++ /dev/null @@ -1,161 +0,0 @@ -{ - "context_is_admin": "role:admin", - "admin_or_owner": "is_admin:True or project_id:%(project_id)s", - "default": "rule:admin_or_owner", - - - "compute:create": "", - "compute:create:attach_network": "", - "compute:create:attach_volume": "", - "compute:create:forced_host": "is_admin:True", - "compute:get_all": "", - "compute:get_all_tenants": "", - - - "admin_api": "is_admin:True", - "compute_extension:accounts": "rule:admin_api", - "compute_extension:admin_actions": "rule:admin_api", - "compute_extension:admin_actions:pause": "rule:admin_or_owner", - "compute_extension:admin_actions:unpause": "rule:admin_or_owner", - "compute_extension:admin_actions:suspend": "rule:admin_or_owner", - "compute_extension:admin_actions:resume": "rule:admin_or_owner", - "compute_extension:admin_actions:lock": "rule:admin_api", - "compute_extension:admin_actions:unlock": "rule:admin_api", - "compute_extension:admin_actions:resetNetwork": "rule:admin_api", - "compute_extension:admin_actions:injectNetworkInfo": "rule:admin_api", - "compute_extension:admin_actions:createBackup": "rule:admin_or_owner", - "compute_extension:admin_actions:migrateLive": "rule:admin_api", - "compute_extension:admin_actions:resetState": "rule:admin_api", - "compute_extension:admin_actions:migrate": "rule:admin_api", - "compute_extension:aggregates": "rule:admin_api", - "compute_extension:agents": "rule:admin_api", - "compute_extension:attach_interfaces": "", - "compute_extension:baremetal_nodes": "rule:admin_api", - "compute_extension:cells": "rule:admin_api", - "compute_extension:certificates": "", - "compute_extension:cloudpipe": "rule:admin_api", - "compute_extension:cloudpipe_update": "rule:admin_api", - "compute_extension:console_output": "", - "compute_extension:consoles": "", - "compute_extension:coverage_ext": "rule:admin_api", - "compute_extension:createserverext": "", - "compute_extension:deferred_delete": "", - "compute_extension:disk_config": "", - "compute_extension:evacuate": "rule:admin_api", - "compute_extension:extended_server_attributes": "rule:admin_api", - "compute_extension:extended_status": "", - "compute_extension:extended_availability_zone": "", - "compute_extension:extended_ips": "", - "compute_extension:fixed_ips": "rule:admin_api", - "compute_extension:flavor_access": "", - "compute_extension:flavor_disabled": "", - "compute_extension:flavor_rxtx": "", - "compute_extension:flavor_swap": "", - "compute_extension:flavorextradata": "", - "compute_extension:flavorextraspecs:index": "", - "compute_extension:flavorextraspecs:show": "", - "compute_extension:flavorextraspecs:create": "rule:admin_api", - "compute_extension:flavorextraspecs:update": "rule:admin_api", - "compute_extension:flavorextraspecs:delete": "rule:admin_api", - "compute_extension:flavormanage": "rule:admin_api", - "compute_extension:floating_ip_dns": "", - "compute_extension:floating_ip_pools": "", - "compute_extension:floating_ips": "", - "compute_extension:floating_ips_bulk": "rule:admin_api", - "compute_extension:fping": "", - "compute_extension:fping:all_tenants": "rule:admin_api", - "compute_extension:hide_server_addresses": "is_admin:False", - "compute_extension:hosts": "rule:admin_api", - "compute_extension:hypervisors": "rule:admin_api", - "compute_extension:image_size": "", - "compute_extension:instance_actions": "", - "compute_extension:instance_actions:events": "rule:admin_api", - "compute_extension:instance_usage_audit_log": "rule:admin_api", - "compute_extension:keypairs": "", - "compute_extension:multinic": "", - "compute_extension:networks": "rule:admin_api", - "compute_extension:networks:view": "", - "compute_extension:networks_associate": "rule:admin_api", - "compute_extension:quotas:show": "", - "compute_extension:quotas:update": "rule:admin_api", - "compute_extension:quota_classes": "", - "compute_extension:rescue": "", - "compute_extension:security_group_default_rules": "rule:admin_api", - "compute_extension:security_groups": "", - "compute_extension:server_diagnostics": "rule:admin_api", - "compute_extension:server_password": "", - "compute_extension:services": "rule:admin_api", - "compute_extension:simple_tenant_usage:show": "rule:admin_or_owner", - "compute_extension:simple_tenant_usage:list": "rule:admin_api", - "compute_extension:users": "rule:admin_api", - "compute_extension:virtual_interfaces": "", - "compute_extension:virtual_storage_arrays": "", - "compute_extension:volumes": "", - "compute_extension:volume_attachments:index": "", - "compute_extension:volume_attachments:show": "", - "compute_extension:volume_attachments:create": "", - "compute_extension:volume_attachments:delete": "", - "compute_extension:volumetypes": "", - "compute_extension:availability_zone:list": "", - "compute_extension:availability_zone:detail": "rule:admin_api", - - - "volume:create": "", - "volume:get_all": "", - "volume:get_volume_metadata": "", - "volume:get_snapshot": "", - "volume:get_all_snapshots": "", - - - "volume_extension:types_manage": "rule:admin_api", - "volume_extension:types_extra_specs": "rule:admin_api", - "volume_extension:volume_admin_actions:reset_status": "rule:admin_api", - "volume_extension:snapshot_admin_actions:reset_status": "rule:admin_api", - "volume_extension:volume_admin_actions:force_delete": "rule:admin_api", - - - "network:get_all": "", - "network:get": "", - "network:create": "", - "network:delete": "", - "network:associate": "", - "network:disassociate": "", - "network:get_vifs_by_instance": "", - "network:allocate_for_instance": "", - "network:deallocate_for_instance": "", - "network:validate_networks": "", - "network:get_instance_uuids_by_ip_filter": "", - "network:get_instance_id_by_floating_address": "", - "network:setup_networks_on_host": "", - "network:get_backdoor_port": "", - - "network:get_floating_ip": "", - "network:get_floating_ip_pools": "", - "network:get_floating_ip_by_address": "", - "network:get_floating_ips_by_project": "", - "network:get_floating_ips_by_fixed_address": "", - "network:allocate_floating_ip": "", - "network:deallocate_floating_ip": "", - "network:associate_floating_ip": "", - "network:disassociate_floating_ip": "", - "network:release_floating_ip": "", - "network:migrate_instance_start": "", - "network:migrate_instance_finish": "", - - "network:get_fixed_ip": "", - "network:get_fixed_ip_by_address": "", - "network:add_fixed_ip_to_instance": "", - "network:remove_fixed_ip_from_instance": "", - "network:add_network_to_project": "", - "network:get_instance_nw_info": "", - - "network:get_dns_domains": "", - "network:add_dns_entry": "", - "network:modify_dns_entry": "", - "network:delete_dns_entry": "", - "network:get_dns_entries_by_address": "", - "network:get_dns_entries_by_name": "", - "network:create_private_dns_domain": "", - "network:create_public_dns_domain": "", - "network:delete_dns_domain": "" -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/nova/release b/config_samples/fuel_web/golden_fuelweb/cnt2/nova/release deleted file mode 100644 index 898c2a3..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/nova/release +++ /dev/null @@ -1,4 +0,0 @@ -[Nova] -vendor = Red Hat Inc. -product = OpenStack Nova -package = mira.2 diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/nova/rootwrap.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/nova/rootwrap.conf deleted file mode 100644 index fb2997a..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/nova/rootwrap.conf +++ /dev/null @@ -1,27 +0,0 @@ -# Configuration for nova-rootwrap -# This file should be owned by (and only-writeable by) the root user - -[DEFAULT] -# List of directories to load filter definitions from (separated by ','). -# These directories MUST all be only writeable by root ! -filters_path=/etc/nova/rootwrap.d,/usr/share/nova/rootwrap - -# List of directories to search executables in, in case filters do not -# explicitely specify a full path (separated by ',') -# If not specified, defaults to system PATH environment variable. -# These directories MUST all be only writeable by root ! -exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin - -# Enable logging to syslog -# Default value is False -use_syslog=False - -# Which syslog facility to use. -# Valid values include auth, authpriv, syslog, user0, user1... -# Default value is 'syslog' -syslog_log_facility=syslog - -# Which messages to log. -# INFO means log all usage -# ERROR means only log unsuccessful attempts -syslog_log_level=ERROR diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/openstack-dashboard/local_settings b/config_samples/fuel_web/golden_fuelweb/cnt2/openstack-dashboard/local_settings deleted file mode 100644 index a63b74b..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/openstack-dashboard/local_settings +++ /dev/null @@ -1,146 +0,0 @@ -import os - -from django.utils.translation import ugettext_lazy as _ - -DEBUG = False -TEMPLATE_DEBUG = DEBUG - - - -# Specify a regular expression to validate user passwords. -# HORIZON_CONFIG = { -# "password_validator": { -# "regex": '.*', -# "help_text": _("Your password does not meet the requirements.") -# } -# } - -LOCAL_PATH = os.path.dirname(os.path.abspath(__file__)) - -# Note: You should change this value -SECRET_KEY = 'dummy_secret_key' - -# We recommend you use memcached for development; otherwise after every reload -# of the django development server, you will have to login again. To use -# memcached set CACHE_BACKED to something like 'memcached://127.0.0.1:11211/' -CACHE_BACKEND = 'memcached://controller-15:11211;controller-14:11211;controller-13:11211/' - -# Send email to the console by default -EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' -# Or send them to /dev/null -#EMAIL_BACKEND = 'django.core.mail.backends.dummy.EmailBackend' - -# Configure these for your outgoing email host -# EMAIL_HOST = 'smtp.my-company.com' -# EMAIL_PORT = 25 -# EMAIL_HOST_USER = 'djangomail' -# EMAIL_HOST_PASSWORD = 'top-secret!' - -# For multiple regions uncomment this configuration, and add (endpoint, title). -# AVAILABLE_REGIONS = [ -# ('http://cluster1.example.com:5000/v2.0', 'cluster1'), -# ('http://cluster2.example.com:5000/v2.0', 'cluster2'), -# ] - -OPENSTACK_HOST = "192.168.0.7" -OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0" % OPENSTACK_HOST -OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member" - -# Disable SSL certificate checks (useful for self-signed certificates): -OPENSTACK_SSL_NO_VERIFY = True - -# The OPENSTACK_KEYSTONE_BACKEND settings can be used to identify the -# capabilities of the auth backend for Keystone. -# If Keystone has been configured to use LDAP as the auth backend then set -# can_edit_user to False and name to 'ldap'. -# -# TODO(tres): Remove these once Keystone has an API to identify auth backend. -OPENSTACK_KEYSTONE_BACKEND = { - 'name': 'native', - 'can_edit_user': True -} - -OPENSTACK_HYPERVISOR_FEATURES = { - 'can_set_mount_point': True -} - -# OPENSTACK_ENDPOINT_TYPE specifies the endpoint type to use for the endpoints -# in the Keystone service catalog. Use this setting when Horizon is running -# external to the OpenStack environment. The default is 'internalURL'. -#OPENSTACK_ENDPOINT_TYPE = "publicURL" - -# Include the SWIFT interface extension in Horizon -SWIFT_ENABLED = True -SWIFT_PAGINATE_LIMIT = 100 - -# The number of Swift containers and objects to display on a single page before -# providing a paging element (a "more" link) to paginate results. -API_RESULT_LIMIT = 1000 -API_RESULT_PAGE_SIZE = 20 - - -# If you have external monitoring links, eg: -EXTERNAL_MONITORING = [ ] -LOGGING = { - 'version': 1, - # When set to True this will disable all logging except - # for loggers specified in this configuration dictionary. Note that - # if nothing is specified here and disable_existing_loggers is True, - # django.db.backends will still log unless it is disabled explicitly. - 'disable_existing_loggers': False, - 'handlers': { - 'null': { - 'level': 'DEBUG', - 'class': 'django.utils.log.NullHandler', - }, - 'console': { - # Set the level to "DEBUG" for verbose output logging. - 'level': 'INFO', - 'class': 'logging.StreamHandler', - }, - 'file': { - 'level': 'DEBUG', - 'class': 'logging.FileHandler', - 'filename': '/var/log/horizon/horizon.log' - }, - }, - 'loggers': { - # Logging from django.db.backends is VERY verbose, send to null - # by default. - 'django.db.backends': { - 'handlers': ['null'], - 'propagate': False, - }, - 'horizon': { - 'handlers': ['file'], - 'propagate': False, - }, - 'openstack_dashboard': { - 'handlers': ['file'], - 'propagate': False, - }, - 'novaclient': { - 'handlers': ['file'], - 'propagate': False, - }, - 'glanceclient': { - 'handlers': ['file'], - 'propagate': False, - }, - 'keystoneclient': { - 'handlers': ['file'], - 'propagate': False, - }, - 'nose.plugins.manager': { - 'handlers': ['file'], - 'propagate': False, - } - } -} -LOGIN_URL='/dashboard/auth/login/' -LOGIN_REDIRECT_URL='/dashboard' - -# The Ubuntu package includes pre-compressed JS and compiled CSS to allow -# offline compression by default. To enable online compression, install -# the node-less package and enable the following option. -COMPRESS_OFFLINE = False diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/rabbitmq/rabbitmq-env.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/rabbitmq/rabbitmq-env.conf deleted file mode 100644 index e874743..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/rabbitmq/rabbitmq-env.conf +++ /dev/null @@ -1,6 +0,0 @@ -RABBITMQ_NODE_PORT=5673 -RABBITMQ_NODE_IP_ADDRESS=192.168.0.3 -RABBITMQ_SERVER_ERL_ARGS="+K true +A30 +P 1048576 \ --kernel inet_default_connect_options [{nodelay,true}] \ --kernel inet_dist_listen_min 41055 \ --kernel inet_dist_listen_max 41055" diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/rabbitmq/rabbitmq.config b/config_samples/fuel_web/golden_fuelweb/cnt2/rabbitmq/rabbitmq.config deleted file mode 100644 index b0965b2..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/rabbitmq/rabbitmq.config +++ /dev/null @@ -1,6 +0,0 @@ -% This file managed by Puppet 2.7.19 -% Template Path: rabbitmq/templates/rabbitmq.config -[ - {rabbit, [{cluster_nodes, ['rabbit@controller-15', 'rabbit@controller-14', 'rabbit@controller-13']}]} - ]. -% EOF diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/swift/account-server.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/swift/account-server.conf deleted file mode 100644 index 7de3ffb..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/swift/account-server.conf +++ /dev/null @@ -1,22 +0,0 @@ -[DEFAULT] -devices = /srv/node -bind_ip = 172.16.0.3 -bind_port = 6002 -mount_check = false -user = swift -log_facility = LOG_LOCAL2 -workers = 1 - -[pipeline:main] -pipeline = account-server - -[app:account-server] -use = egg:swift#account - -[account-replicator] -concurrency = 1 - -[account-auditor] - -[account-reaper] -concurrency = 1 diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/swift/account.ring.gz b/config_samples/fuel_web/golden_fuelweb/cnt2/swift/account.ring.gz deleted file mode 100644 index 69cad1b..0000000 Binary files a/config_samples/fuel_web/golden_fuelweb/cnt2/swift/account.ring.gz and /dev/null differ diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/swift/container-server.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/swift/container-server.conf deleted file mode 100644 index baa66d3..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/swift/container-server.conf +++ /dev/null @@ -1,24 +0,0 @@ -[DEFAULT] -devices = /srv/node -bind_ip = 172.16.0.3 -bind_port = 6001 -mount_check = false -user = swift -log_facility = LOG_LOCAL2 -workers = 1 - -[pipeline:main] -pipeline = container-server - -[app:container-server] -use = egg:swift#container - -[container-replicator] -concurrency = 1 - -[container-updater] -concurrency = 1 - -[container-auditor] - -[container-sync] diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/swift/container-server.conf.rpmnew b/config_samples/fuel_web/golden_fuelweb/cnt2/swift/container-server.conf.rpmnew deleted file mode 100644 index ac96702..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/swift/container-server.conf.rpmnew +++ /dev/null @@ -1,18 +0,0 @@ -[DEFAULT] -bind_ip = 127.0.0.1 -bind_port = 6001 -workers = 2 - -[pipeline:main] -pipeline = container-server - -[app:container-server] -use = egg:swift#container - -[container-replicator] - -[container-updater] - -[container-auditor] - -[container-sync] diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/swift/container.ring.gz b/config_samples/fuel_web/golden_fuelweb/cnt2/swift/container.ring.gz deleted file mode 100644 index bb0dd6a..0000000 Binary files a/config_samples/fuel_web/golden_fuelweb/cnt2/swift/container.ring.gz and /dev/null differ diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/swift/object-expirer.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/swift/object-expirer.conf deleted file mode 100644 index b75963c..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/swift/object-expirer.conf +++ /dev/null @@ -1,17 +0,0 @@ -[DEFAULT] - -[object-expirer] -# auto_create_account_prefix = . - -[pipeline:main] -pipeline = catch_errors cache proxy-server - -[app:proxy-server] -use = egg:swift#proxy - -[filter:cache] -use = egg:swift#memcache -memcache_servers = 127.0.0.1:11211 - -[filter:catch_errors] -use = egg:swift#catch_errors diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/swift/object-server.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/swift/object-server.conf deleted file mode 100644 index 1c956e7..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/swift/object-server.conf +++ /dev/null @@ -1,22 +0,0 @@ -[DEFAULT] -devices = /srv/node -bind_ip = 172.16.0.3 -bind_port = 6000 -mount_check = false -user = swift -log_facility = LOG_LOCAL2 -workers = 1 - -[pipeline:main] -pipeline = object-server - -[app:object-server] -use = egg:swift#object - -[object-replicator] -concurrency = 1 - -[object-updater] -concurrency = 1 - -[object-auditor] diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/swift/object.ring.gz b/config_samples/fuel_web/golden_fuelweb/cnt2/swift/object.ring.gz deleted file mode 100644 index 170d798..0000000 Binary files a/config_samples/fuel_web/golden_fuelweb/cnt2/swift/object.ring.gz and /dev/null differ diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/swift/proxy-server.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/swift/proxy-server.conf deleted file mode 100644 index 4b4d5db..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/swift/proxy-server.conf +++ /dev/null @@ -1,65 +0,0 @@ -# This file is managed by puppet. Do not edit -# -[DEFAULT] -bind_ip = 192.168.0.3 -bind_port = 8080 -workers = 1 -user = swift - -[pipeline:main] -pipeline = catch_errors healthcheck cache ratelimit swift3 s3token authtoken keystone proxy-server - -[app:proxy-server] -use = egg:swift#proxy -allow_account_management = true -account_autocreate = true - -[filter:cache] -use = egg:swift#memcache -memcache_servers = controller-13:11211,controller-14:11211,controller-15:11211 -[filter:catch_errors] -use = egg:swift#catch_errors - - -[filter:healthcheck] -use = egg:swift#healthcheck - -[filter:ratelimit] -use = egg:swift#ratelimit -clock_accuracy = 1000 -max_sleep_time_seconds = 60 -log_sleep_time_seconds = 0 -rate_buffer_seconds = 5 -account_ratelimit = 0 - -[filter:swift3] -use = egg:swift3#swift3 - -[filter:s3token] -paste.filter_factory = keystone.middleware.s3_token:filter_factory -auth_port = 35357 -auth_protocol = http -auth_host = 192.168.0.7 - -[filter:keystone] -use = egg:swift#keystoneauth -operator_roles = admin, SwiftOperator -is_admin = true -cache = swift.cache - - -# -# used to specify connection information to keystone -# -[filter:authtoken] -paste.filter_factory = keystone.middleware.auth_token:filter_factory -auth_host = 192.168.0.7 -auth_port = 35357 -auth_protocol = http -auth_uri = http://192.168.0.7:35357 -# if its defined -admin_tenant_name = services -admin_user = swift -admin_password = 0moSL8AJ -delay_auth_decision = 0 -signing_dir = /etc/swift diff --git a/config_samples/fuel_web/golden_fuelweb/cnt2/swift/swift.conf b/config_samples/fuel_web/golden_fuelweb/cnt2/swift/swift.conf deleted file mode 100644 index acb7d1b..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt2/swift/swift.conf +++ /dev/null @@ -1,2 +0,0 @@ -[swift-hash] -swift_hash_path_suffix = swift_secret diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/cinder/api-paste.ini b/config_samples/fuel_web/golden_fuelweb/cnt3/cinder/api-paste.ini deleted file mode 100644 index 5bfd738..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/cinder/api-paste.ini +++ /dev/null @@ -1,52 +0,0 @@ -############# -# OpenStack # -############# - -[composite:osapi_volume] -use = call:cinder.api:root_app_factory -/: apiversions -/v1: openstack_volume_api_v1 -/v2: openstack_volume_api_v2 - -[composite:openstack_volume_api_v1] -use = call:cinder.api.middleware.auth:pipeline_factory -noauth = faultwrap sizelimit noauth apiv1 -keystone = faultwrap sizelimit authtoken keystonecontext apiv1 -keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv1 - -[composite:openstack_volume_api_v2] -use = call:cinder.api.middleware.auth:pipeline_factory -noauth = faultwrap sizelimit noauth apiv2 -keystone = faultwrap sizelimit authtoken keystonecontext apiv2 -keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv2 - -[filter:faultwrap] -paste.filter_factory = cinder.api.middleware.fault:FaultWrapper.factory - -[filter:noauth] -paste.filter_factory = cinder.api.middleware.auth:NoAuthMiddleware.factory - -[filter:sizelimit] -paste.filter_factory = cinder.api.middleware.sizelimit:RequestBodySizeLimiter.factory - -[app:apiv1] -paste.app_factory = cinder.api.v1.router:APIRouter.factory - -[app:apiv2] -paste.app_factory = cinder.api.v2.router:APIRouter.factory - -[pipeline:apiversions] -pipeline = faultwrap osvolumeversionapp - -[app:osvolumeversionapp] -paste.app_factory = cinder.api.versions:Versions.factory - -########## -# Shared # -########## - -[filter:keystonecontext] -paste.filter_factory = cinder.api.middleware.auth:CinderKeystoneContext.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/cinder/cinder.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/cinder/cinder.conf deleted file mode 100644 index cc84a20..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/cinder/cinder.conf +++ /dev/null @@ -1,31 +0,0 @@ -[DEFAULT] -logdir = /var/log/cinder -state_path = /var/lib/cinder -lock_path = /var/lib/cinder/tmp -volumes_dir = /etc/cinder/volumes -iscsi_helper = tgtadm -sql_connection = mysql://cinder:aJJbMNpG@192.168.0.7/cinder?charset=utf8 -rpc_backend = cinder.openstack.common.rpc.impl_kombu -rootwrap_config = /etc/cinder/rootwrap.conf -api_paste_config=/etc/cinder/api-paste.ini -log_config=/etc/cinder/logging.conf -rabbit_userid=nova -bind_host=192.168.0.4 -auth_strategy=keystone -osapi_volume_listen=192.168.0.4 -rabbit_virtual_host=/ -rabbit_hosts=192.168.0.7:5672 -verbose=true -rabbit_ha_queues=True -rabbit_password=zrk9MfKV -rabbit_port=5672 - -[keystone_authtoken] -admin_tenant_name = services -admin_user = cinder -admin_password = LCBarOJB -auth_host = 192.168.0.7 -auth_port = 35357 -auth_protocol = http -signing_dirname = /tmp/keystone-signing-cinder -signing_dir=/tmp/keystone-signing-cinder diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/cinder/logging.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/cinder/logging.conf deleted file mode 100644 index f2104c1..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/cinder/logging.conf +++ /dev/null @@ -1,21 +0,0 @@ -[loggers] -keys = root - -[handlers] -keys = syslog - -[formatters] -keys = default - -[logger_root] -level = DEBUG -handlers = syslog -qualname = cinder - -[handler_syslog] -class = handlers.SysLogHandler -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL3) -formatter = default - -[formatter_default] -format = cinder %(name)s %(levelname)s %(message)s diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/cinder/policy.json b/config_samples/fuel_web/golden_fuelweb/cnt3/cinder/policy.json deleted file mode 100644 index a4fd911..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/cinder/policy.json +++ /dev/null @@ -1,34 +0,0 @@ -{ - "context_is_admin": [["role:admin"]], - "admin_or_owner": [["is_admin:True"], ["project_id:%(project_id)s"]], - "default": [["rule:admin_or_owner"]], - - "admin_api": [["is_admin:True"]], - - "volume:create": [], - "volume:get_all": [], - "volume:get_volume_metadata": [], - "volume:get_snapshot": [], - "volume:get_all_snapshots": [], - - "volume_extension:types_manage": [["rule:admin_api"]], - "volume_extension:types_extra_specs": [["rule:admin_api"]], - "volume_extension:extended_snapshot_attributes": [], - "volume_extension:volume_image_metadata": [], - - "volume_extension:quotas:show": [], - "volume_extension:quotas:update_for_project": [["rule:admin_api"]], - "volume_extension:quotas:update_for_user": [["rule:admin_or_projectadmin"]], - "volume_extension:quota_classes": [], - - "volume_extension:volume_admin_actions:reset_status": [["rule:admin_api"]], - "volume_extension:snapshot_admin_actions:reset_status": [["rule:admin_api"]], - "volume_extension:volume_admin_actions:force_delete": [["rule:admin_api"]], - "volume_extension:snapshot_admin_actions:force_delete": [["rule:admin_api"]], - - "volume_extension:volume_host_attribute": [["rule:admin_api"]], - "volume_extension:volume_tenant_attribute": [["rule:admin_api"]], - "volume_extension:hosts": [["rule:admin_api"]], - "volume_extension:services": [["rule:admin_api"]], - "volume:services": [["rule:admin_api"]] -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/cinder/rootwrap.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/cinder/rootwrap.conf deleted file mode 100644 index dfa8a99..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/cinder/rootwrap.conf +++ /dev/null @@ -1,27 +0,0 @@ -# Configuration for cinder-rootwrap -# This file should be owned by (and only-writeable by) the root user - -[DEFAULT] -# List of directories to load filter definitions from (separated by ','). -# These directories MUST all be only writeable by root ! -filters_path=/etc/cinder/rootwrap.d,/usr/share/cinder/rootwrap - -# List of directories to search executables in, in case filters do not -# explicitely specify a full path (separated by ',') -# If not specified, defaults to system PATH environment variable. -# These directories MUST all be only writeable by root ! -exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin - -# Enable logging to syslog -# Default value is False -use_syslog=False - -# Which syslog facility to use. -# Valid values include auth, authpriv, syslog, user0, user1... -# Default value is 'syslog' -syslog_log_facility=syslog - -# Which messages to log. -# INFO means log all usage -# ERROR means only log unsuccessful attempts -syslog_log_level=ERROR diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/glance/glance-api-paste.ini b/config_samples/fuel_web/golden_fuelweb/cnt3/glance/glance-api-paste.ini deleted file mode 100644 index 0b29bc9..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/glance/glance-api-paste.ini +++ /dev/null @@ -1,57 +0,0 @@ -# Use this pipeline for no auth or image caching - DEFAULT -[pipeline:glance-api] -pipeline = versionnegotiation unauthenticated-context rootapp - -# Use this pipeline for image caching and no auth -[pipeline:glance-api-caching] -pipeline = versionnegotiation unauthenticated-context cache rootapp - -# Use this pipeline for caching w/ management interface but no auth -[pipeline:glance-api-cachemanagement] -pipeline = versionnegotiation unauthenticated-context cache cachemanage rootapp - -# Use this pipeline for keystone auth -[pipeline:glance-api-keystone] -pipeline = versionnegotiation authtoken context rootapp - -# Use this pipeline for keystone auth with image caching -[pipeline:glance-api-keystone+caching] -pipeline = versionnegotiation authtoken context cache rootapp - -# Use this pipeline for keystone auth with caching and cache management -[pipeline:glance-api-keystone+cachemanagement] -pipeline = versionnegotiation authtoken context cache cachemanage rootapp - -[composite:rootapp] -paste.composite_factory = glance.api:root_app_factory -/: apiversions -/v1: apiv1app -/v2: apiv2app - -[app:apiversions] -paste.app_factory = glance.api.versions:create_resource - -[app:apiv1app] -paste.app_factory = glance.api.v1.router:API.factory - -[app:apiv2app] -paste.app_factory = glance.api.v2.router:API.factory - -[filter:versionnegotiation] -paste.filter_factory = glance.api.middleware.version_negotiation:VersionNegotiationFilter.factory - -[filter:cache] -paste.filter_factory = glance.api.middleware.cache:CacheFilter.factory - -[filter:cachemanage] -paste.filter_factory = glance.api.middleware.cache_manage:CacheManageFilter.factory - -[filter:context] -paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory - -[filter:unauthenticated-context] -paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory -delay_auth_decision = true diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/glance/glance-api.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/glance/glance-api.conf deleted file mode 100644 index 726e9b9..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/glance/glance-api.conf +++ /dev/null @@ -1,364 +0,0 @@ -[DEFAULT] -# Show more verbose log output (sets INFO log level output) -#verbose = False -verbose = true - -# Show debugging output in logs (sets DEBUG log level output) -#debug = False -debug = true - -# Which backend scheme should Glance use by default is not specified -# in a request to add a new image to Glance? Known schemes are determined -# by the known_stores option below. -# Default: 'file' -default_store = swift - -# List of which store classes and store class locations are -# currently known to glance at startup. -#known_stores = glance.store.filesystem.Store, -# glance.store.http.Store, -# glance.store.rbd.Store, -# glance.store.s3.Store, -# glance.store.swift.Store, - - -# Maximum image size (in bytes) that may be uploaded through the -# Glance API server. Defaults to 1 TB. -# WARNING: this value should only be increased after careful consideration -# and must be set to a value under 8 EB (9223372036854775808). -#image_size_cap = 1099511627776 - -# Address to bind the API server -bind_host = 192.168.0.4 - -# Port the bind the API server to -bind_port = 9292 - -# Log to this file. Make sure you do not set the same log -# file for both the API and registry servers! -log_file = /var/log/glance/api.log - -# Backlog requests when creating socket -backlog = 4096 - -# TCP_KEEPIDLE value in seconds when creating socket. -# Not supported on OS X. -#tcp_keepidle = 600 - -# SQLAlchemy connection string for the reference implementation -# registry server. Any valid SQLAlchemy connection string is fine. -# See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine -sql_connection = mysql://glance:mKJzWqLK@192.168.0.7/glance - -# Period in seconds after which SQLAlchemy should reestablish its connection -# to the database. -# -# MySQL uses a default `wait_timeout` of 8 hours, after which it will drop -# idle connections. This can result in 'MySQL Gone Away' exceptions. If you -# notice this, you can lower this value to ensure that SQLAlchemy reconnects -# before MySQL can drop the connection. -sql_idle_timeout = 3600 - -# Number of Glance API worker processes to start. -# On machines with more than one CPU increasing this value -# may improve performance (especially if using SSL with -# compression turned on). It is typically recommended to set -# this value to the number of CPUs present on your machine. -workers = 1 - -# Role used to identify an authenticated user as administrator -#admin_role = admin - -# Allow unauthenticated users to access the API with read-only -# privileges. This only applies when using ContextMiddleware. -#allow_anonymous_access = False - -# Allow access to version 1 of glance api -#enable_v1_api = True - -# Allow access to version 2 of glance api -#enable_v2_api = True - -# Return the URL that references where the data is stored on -# the backend storage system. For example, if using the -# file system store a URL of 'file:///path/to/image' will -# be returned to the user in the 'direct_url' meta-data field. -# The default value is false. -#show_image_direct_url = False - -# ================= Syslog Options ============================ - -# Send logs to syslog (/dev/log) instead of to file specified -# by `log_file` -#use_syslog = False -use_syslog = False - -# Facility to use. If unset defaults to LOG_USER. -#syslog_log_facility = LOG_LOCAL0 - -# ================= SSL Options =============================== - -# Certificate file to use when starting API server securely -#cert_file = /path/to/certfile - -# Private key file to use when starting API server securely -#key_file = /path/to/keyfile - -# CA certificate file to use to verify connecting clients -#ca_file = /path/to/cafile - -# ================= Security Options ========================== - -# AES key for encrypting store 'location' metadata, including -# -- if used -- Swift or S3 credentials -# Should be set to a random string of length 16, 24 or 32 bytes -#metadata_encryption_key = <16, 24 or 32 char registry metadata key> - -# ============ Registry Options =============================== - -# Address to find the registry server -registry_host = 192.168.0.7 - -# Port the registry server is listening on -registry_port = 9191 - -# What protocol to use when connecting to the registry server? -# Set to https for secure HTTP communication -registry_client_protocol = http - -# The path to the key file to use in SSL connections to the -# registry server, if any. Alternately, you may set the -# GLANCE_CLIENT_KEY_FILE environ variable to a filepath of the key file -#registry_client_key_file = /path/to/key/file - -# The path to the cert file to use in SSL connections to the -# registry server, if any. Alternately, you may set the -# GLANCE_CLIENT_CERT_FILE environ variable to a filepath of the cert file -#registry_client_cert_file = /path/to/cert/file - -# The path to the certifying authority cert file to use in SSL connections -# to the registry server, if any. Alternately, you may set the -# GLANCE_CLIENT_CA_FILE environ variable to a filepath of the CA cert file -#registry_client_ca_file = /path/to/ca/file - -# When using SSL in connections to the registry server, do not require -# validation via a certifying authority. This is the registry's equivalent of -# specifying --insecure on the command line using glanceclient for the API -# Default: False -#registry_client_insecure = False - -# The period of time, in seconds, that the API server will wait for a registry -# request to complete. A value of '0' implies no timeout. -# Default: 600 -#registry_client_timeout = 600 - -# Whether to automatically create the database tables. -# Default: False -#db_auto_create = False - -# ============ Notification System Options ===================== - -# Notifications can be sent when images are create, updated or deleted. -# There are three methods of sending notifications, logging (via the -# log_file directive), rabbit (via a rabbitmq queue), qpid (via a Qpid -# message queue), or noop (no notifications sent, the default) -notifier_strategy = noop - -# Configuration options if sending notifications via rabbitmq (these are -# the defaults) -rabbit_host = localhost -rabbit_port = 5672 -rabbit_use_ssl = false -rabbit_userid = guest -rabbit_password = guest -rabbit_virtual_host = / -rabbit_notification_exchange = glance -rabbit_notification_topic = notifications -rabbit_durable_queues = False - -# Configuration options if sending notifications via Qpid (these are -# the defaults) -qpid_notification_exchange = glance -qpid_notification_topic = notifications -qpid_host = localhost -qpid_port = 5672 -qpid_username = -qpid_password = -qpid_sasl_mechanisms = -qpid_reconnect_timeout = 0 -qpid_reconnect_limit = 0 -qpid_reconnect_interval_min = 0 -qpid_reconnect_interval_max = 0 -qpid_reconnect_interval = 0 -qpid_heartbeat = 5 -# Set to 'ssl' to enable SSL -qpid_protocol = tcp -qpid_tcp_nodelay = True - -# ============ Filesystem Store Options ======================== - -# Directory that the Filesystem backend store -# writes image data to -filesystem_store_datadir = /var/lib/glance/images/ - -# ============ Swift Store Options ============================= - -# Version of the authentication service to use -# Valid versions are '2' for keystone and '1' for swauth and rackspace -swift_store_auth_version = 2 - -# Address where the Swift authentication service lives -# Valid schemes are 'http://' and 'https://' -# If no scheme specified, default to 'https://' -# For swauth, use something like '127.0.0.1:8080/v1.0/' -swift_store_auth_address = http://192.168.0.7:5000/v2.0/ - -# User to authenticate against the Swift authentication service -# If you use Swift authentication service, set it to 'account':'user' -# where 'account' is a Swift storage account and 'user' -# is a user in that account -swift_store_user = services:glance - -# Auth key for the user authenticating against the -# Swift authentication service -swift_store_key = Bzlunhw0 - -# Container within the account that the account should use -# for storing images in Swift -swift_store_container = glance - -# Do we create the container if it does not exist? -swift_store_create_container_on_put = True - -# What size, in MB, should Glance start chunking image files -# and do a large object manifest in Swift? By default, this is -# the maximum object size in Swift, which is 5GB -swift_store_large_object_size = 5120 - -# When doing a large object manifest, what size, in MB, should -# Glance write chunks to Swift? This amount of data is written -# to a temporary disk buffer during the process of chunking -# the image file, and the default is 200MB -swift_store_large_object_chunk_size = 200 - -# Whether to use ServiceNET to communicate with the Swift storage servers. -# (If you aren't RACKSPACE, leave this False!) -# -# To use ServiceNET for authentication, prefix hostname of -# `swift_store_auth_address` with 'snet-'. -# Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/ -swift_enable_snet = False - -# If set to True enables multi-tenant storage mode which causes Glance images -# to be stored in tenant specific Swift accounts. -#swift_store_multi_tenant = False - -# A list of swift ACL strings that will be applied as both read and -# write ACLs to the containers created by Glance in multi-tenant -# mode. This grants the specified tenants/users read and write access -# to all newly created image objects. The standard swift ACL string -# formats are allowed, including: -# : -# : -# *: -# Multiple ACLs can be combined using a comma separated list, for -# example: swift_store_admin_tenants = service:glance,*:admin -#swift_store_admin_tenants = - -# The region of the swift endpoint to be used for single tenant. This setting -# is only necessary if the tenant has multiple swift endpoints. -#swift_store_region = - -# ============ S3 Store Options ============================= - -# Address where the S3 authentication service lives -# Valid schemes are 'http://' and 'https://' -# If no scheme specified, default to 'http://' -s3_store_host = 127.0.0.1:8080/v1.0/ - -# User to authenticate against the S3 authentication service -s3_store_access_key = <20-char AWS access key> - -# Auth key for the user authenticating against the -# S3 authentication service -s3_store_secret_key = <40-char AWS secret key> - -# Container within the account that the account should use -# for storing images in S3. Note that S3 has a flat namespace, -# so you need a unique bucket name for your glance images. An -# easy way to do this is append your AWS access key to "glance". -# S3 buckets in AWS *must* be lowercased, so remember to lowercase -# your AWS access key if you use it in your bucket name below! -s3_store_bucket = glance - -# Do we create the bucket if it does not exist? -s3_store_create_bucket_on_put = False - -# When sending images to S3, the data will first be written to a -# temporary buffer on disk. By default the platform's temporary directory -# will be used. If required, an alternative directory can be specified here. -#s3_store_object_buffer_dir = /path/to/dir - -# When forming a bucket url, boto will either set the bucket name as the -# subdomain or as the first token of the path. Amazon's S3 service will -# accept it as the subdomain, but Swift's S3 middleware requires it be -# in the path. Set this to 'path' or 'subdomain' - defaults to 'subdomain'. -#s3_store_bucket_url_format = subdomain - -# ============ RBD Store Options ============================= - -# Ceph configuration file path -# If using cephx authentication, this file should -# include a reference to the right keyring -# in a client. section -rbd_store_ceph_conf = /etc/ceph/ceph.conf - -# RADOS user to authenticate as (only applicable if using cephx) -rbd_store_user = glance - -# RADOS pool in which images are stored -rbd_store_pool = images - -# Images will be chunked into objects of this size (in megabytes). -# For best performance, this should be a power of two -rbd_store_chunk_size = 8 - -# ============ Delayed Delete Options ============================= - -# Turn on/off delayed delete -delayed_delete = False - -# Delayed delete time in seconds -scrub_time = 43200 - -# Directory that the scrubber will use to remind itself of what to delete -# Make sure this is also set in glance-scrubber.conf -scrubber_datadir = /var/lib/glance/scrubber - -# =============== Image Cache Options ============================= - -# Base directory that the Image Cache uses -image_cache_dir = /var/lib/glance/image-cache/ -log_config=/etc/glance/logging.conf - -[keystone_authtoken] -auth_host = 192.168.0.7 -auth_port = 35357 -auth_protocol = http -admin_tenant_name = services -admin_user = glance -admin_password = Bzlunhw0 -signing_dirname=/tmp/keystone-signing-glance -auth_uri=http://192.168.0.7:35357 -signing_dir=/tmp/keystone-signing-glance - -[paste_deploy] -# Name of the paste configuration file that defines the available pipelines -#config_file = glance-api-paste.ini - -# Partial name of a pipeline in your paste configuration file with the -# service name removed. For example, if your paste section name is -# [pipeline:glance-api-keystone], you would configure the flavor below -# as 'keystone'. -#flavor= -flavor=keystone+cachemanagement diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/glance/glance-cache.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/glance/glance-cache.conf deleted file mode 100644 index 5ea89d4..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/glance/glance-cache.conf +++ /dev/null @@ -1,149 +0,0 @@ -[DEFAULT] -# Show more verbose log output (sets INFO log level output) -#verbose = False -verbose = true - -# Show debugging output in logs (sets DEBUG log level output) -#debug = False -debug = true - -log_file = /var/log/glance/image-cache.log - -# Send logs to syslog (/dev/log) instead of to file specified by `log_file` -#use_syslog = False -use_syslog = False - -# Directory that the Image Cache writes data to -image_cache_dir = /var/lib/glance/image-cache/ - -# Number of seconds after which we should consider an incomplete image to be -# stalled and eligible for reaping -image_cache_stall_time = 86400 - -# image_cache_invalid_entry_grace_period - seconds -# -# If an exception is raised as we're writing to the cache, the cache-entry is -# deemed invalid and moved to /invalid so that it can be -# inspected for debugging purposes. -# -# This is number of seconds to leave these invalid images around before they -# are elibible to be reaped. -image_cache_invalid_entry_grace_period = 3600 - -# Max cache size in bytes -image_cache_max_size = 10737418240 - -# Address to find the registry server -registry_host = 192.168.0.7 - -# Port the registry server is listening on -registry_port = 9191 - -# Auth settings if using Keystone -# auth_url = http://127.0.0.1:5000/v2.0/ -auth_url = http://192.168.0.7:35357 -# admin_tenant_name = %SERVICE_TENANT_NAME% -admin_tenant_name = services -# admin_user = %SERVICE_USER% -admin_user = glance -# admin_password = %SERVICE_PASSWORD% -admin_password = Bzlunhw0 - -# List of which store classes and store class locations are -# currently known to glance at startup. -# known_stores = glance.store.filesystem.Store, -# glance.store.http.Store, -# glance.store.rbd.Store, -# glance.store.s3.Store, -# glance.store.swift.Store, - -# ============ Filesystem Store Options ======================== - -# Directory that the Filesystem backend store -# writes image data to -filesystem_store_datadir = /var/lib/glance/images/ - -# ============ Swift Store Options ============================= - -# Version of the authentication service to use -# Valid versions are '2' for keystone and '1' for swauth and rackspace -swift_store_auth_version = 2 - -# Address where the Swift authentication service lives -# Valid schemes are 'http://' and 'https://' -# If no scheme specified, default to 'https://' -# For swauth, use something like '127.0.0.1:8080/v1.0/' -swift_store_auth_address = 127.0.0.1:5000/v2.0/ - -# User to authenticate against the Swift authentication service -# If you use Swift authentication service, set it to 'account':'user' -# where 'account' is a Swift storage account and 'user' -# is a user in that account -swift_store_user = jdoe:jdoe - -# Auth key for the user authenticating against the -# Swift authentication service -swift_store_key = a86850deb2742ec3cb41518e26aa2d89 - -# Container within the account that the account should use -# for storing images in Swift -swift_store_container = glance - -# Do we create the container if it does not exist? -swift_store_create_container_on_put = False - -# What size, in MB, should Glance start chunking image files -# and do a large object manifest in Swift? By default, this is -# the maximum object size in Swift, which is 5GB -swift_store_large_object_size = 5120 - -# When doing a large object manifest, what size, in MB, should -# Glance write chunks to Swift? This amount of data is written -# to a temporary disk buffer during the process of chunking -# the image file, and the default is 200MB -swift_store_large_object_chunk_size = 200 - -# Whether to use ServiceNET to communicate with the Swift storage servers. -# (If you aren't RACKSPACE, leave this False!) -# -# To use ServiceNET for authentication, prefix hostname of -# `swift_store_auth_address` with 'snet-'. -# Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/ -swift_enable_snet = False - -# ============ S3 Store Options ============================= - -# Address where the S3 authentication service lives -# Valid schemes are 'http://' and 'https://' -# If no scheme specified, default to 'http://' -s3_store_host = 127.0.0.1:8080/v1.0/ - -# User to authenticate against the S3 authentication service -s3_store_access_key = <20-char AWS access key> - -# Auth key for the user authenticating against the -# S3 authentication service -s3_store_secret_key = <40-char AWS secret key> - -# Container within the account that the account should use -# for storing images in S3. Note that S3 has a flat namespace, -# so you need a unique bucket name for your glance images. An -# easy way to do this is append your AWS access key to "glance". -# S3 buckets in AWS *must* be lowercased, so remember to lowercase -# your AWS access key if you use it in your bucket name below! -s3_store_bucket = glance - -# Do we create the bucket if it does not exist? -s3_store_create_bucket_on_put = False - -# When sending images to S3, the data will first be written to a -# temporary buffer on disk. By default the platform's temporary directory -# will be used. If required, an alternative directory can be specified here. -# s3_store_object_buffer_dir = /path/to/dir - -# ================= Security Options ========================== - -# AES key for encrypting store 'location' metadata, including -# -- if used -- Swift or S3 credentials -# Should be set to a random string of length 16, 24 or 32 bytes -# metadata_encryption_key = <16, 24 or 32 char registry metadata key> diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/glance/glance-registry-paste.ini b/config_samples/fuel_web/golden_fuelweb/cnt3/glance/glance-registry-paste.ini deleted file mode 100644 index 5519c5c..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/glance/glance-registry-paste.ini +++ /dev/null @@ -1,19 +0,0 @@ -# Use this pipeline for no auth - DEFAULT -[pipeline:glance-registry] -pipeline = unauthenticated-context registryapp - -# Use this pipeline for keystone auth -[pipeline:glance-registry-keystone] -pipeline = authtoken context registryapp - -[app:registryapp] -paste.app_factory = glance.registry.api.v1:API.factory - -[filter:context] -paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory - -[filter:unauthenticated-context] -paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/glance/glance-registry.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/glance/glance-registry.conf deleted file mode 100644 index 693cd63..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/glance/glance-registry.conf +++ /dev/null @@ -1,97 +0,0 @@ -[DEFAULT] -# Show more verbose log output (sets INFO log level output) -#verbose = False -verbose = true - -# Show debugging output in logs (sets DEBUG log level output) -#debug = False -debug = true - -# Address to bind the registry server -bind_host = 192.168.0.4 - -# Port the bind the registry server to -bind_port = 9191 - -# Log to this file. Make sure you do not set the same log -# file for both the API and registry servers! -log_file = /var/log/glance/registry.log - -# Backlog requests when creating socket -backlog = 4096 - -# TCP_KEEPIDLE value in seconds when creating socket. -# Not supported on OS X. -#tcp_keepidle = 600 - -# SQLAlchemy connection string for the reference implementation -# registry server. Any valid SQLAlchemy connection string is fine. -# See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine -sql_connection = mysql://glance:mKJzWqLK@192.168.0.7/glance - -# Period in seconds after which SQLAlchemy should reestablish its connection -# to the database. -# -# MySQL uses a default `wait_timeout` of 8 hours, after which it will drop -# idle connections. This can result in 'MySQL Gone Away' exceptions. If you -# notice this, you can lower this value to ensure that SQLAlchemy reconnects -# before MySQL can drop the connection. -sql_idle_timeout = 3600 - -# Limit the api to return `param_limit_max` items in a call to a container. If -# a larger `limit` query param is provided, it will be reduced to this value. -api_limit_max = 1000 - -# If a `limit` query param is not provided in an api request, it will -# default to `limit_param_default` -limit_param_default = 25 - -# Role used to identify an authenticated user as administrator -#admin_role = admin - -# Whether to automatically create the database tables. -# Default: False -#db_auto_create = False - -# ================= Syslog Options ============================ - -# Send logs to syslog (/dev/log) instead of to file specified -# by `log_file` -#use_syslog = False -use_syslog = False - -# Facility to use. If unset defaults to LOG_USER. -#syslog_log_facility = LOG_LOCAL1 - -# ================= SSL Options =============================== - -# Certificate file to use when starting registry server securely -#cert_file = /path/to/certfile - -# Private key file to use when starting registry server securely -#key_file = /path/to/keyfile - -# CA certificate file to use to verify connecting clients -#ca_file = /path/to/cafile -log_config=/etc/glance/logging.conf - -[keystone_authtoken] -auth_host = 192.168.0.7 -auth_port = 35357 -auth_protocol = http -admin_tenant_name = services -admin_user = glance -admin_password = Bzlunhw0 -signing_dir=/tmp/keystone-signing-glance -signing_dirname=/tmp/keystone-signing-glance - -[paste_deploy] -# Name of the paste configuration file that defines the available pipelines -#config_file = glance-registry-paste.ini - -# Partial name of a pipeline in your paste configuration file with the -# service name removed. For example, if your paste section name is -# [pipeline:glance-registry-keystone], you would configure the flavor below -# as 'keystone'. -#flavor= -flavor=keystone diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/glance/glance-scrubber.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/glance/glance-scrubber.conf deleted file mode 100644 index 9273043..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/glance/glance-scrubber.conf +++ /dev/null @@ -1,40 +0,0 @@ -[DEFAULT] -# Show more verbose log output (sets INFO log level output) -#verbose = False - -# Show debugging output in logs (sets DEBUG log level output) -#debug = False - -# Log to this file. Make sure you do not set the same log -# file for both the API and registry servers! -log_file = /var/log/glance/scrubber.log - -# Send logs to syslog (/dev/log) instead of to file specified by `log_file` -#use_syslog = False - -# Should we run our own loop or rely on cron/scheduler to run us -daemon = False - -# Loop time between checking for new items to schedule for delete -wakeup_time = 300 - -# Directory that the scrubber will use to remind itself of what to delete -# Make sure this is also set in glance-api.conf -scrubber_datadir = /var/lib/glance/scrubber - -# Only one server in your deployment should be designated the cleanup host -cleanup_scrubber = False - -# pending_delete items older than this time are candidates for cleanup -cleanup_scrubber_time = 86400 - -# Address to find the registry server for cleanups -registry_host = 0.0.0.0 - -# Port the registry server is listening on -registry_port = 9191 - -# AES key for encrypting store 'location' metadata, including -# -- if used -- Swift or S3 credentials -# Should be set to a random string of length 16, 24 or 32 bytes -#metadata_encryption_key = <16, 24 or 32 char registry metadata key> diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/glance/logging.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/glance/logging.conf deleted file mode 100644 index 319e40e..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/glance/logging.conf +++ /dev/null @@ -1,21 +0,0 @@ -[loggers] -keys = root - -[handlers] -keys = syslog - -[formatters] -keys = default - -[logger_root] -level = DEBUG -handlers = syslog -qualname = glance - -[handler_syslog] -class = handlers.SysLogHandler -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL2) -formatter = default - -[formatter_default] -format = glance %(name)s %(levelname)s %(message)s diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/glance/policy.json b/config_samples/fuel_web/golden_fuelweb/cnt3/glance/policy.json deleted file mode 100644 index 30ef83c..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/glance/policy.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "default": "", - "manage_image_cache": "role:admin" -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/glance/schema-image.json b/config_samples/fuel_web/golden_fuelweb/cnt3/glance/schema-image.json deleted file mode 100644 index 5aafd6b..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/glance/schema-image.json +++ /dev/null @@ -1,28 +0,0 @@ -{ - "kernel_id": { - "type": "string", - "pattern": "^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$", - "description": "ID of image stored in Glance that should be used as the kernel when booting an AMI-style image." - }, - "ramdisk_id": { - "type": "string", - "pattern": "^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$", - "description": "ID of image stored in Glance that should be used as the ramdisk when booting an AMI-style image." - }, - "instance_uuid": { - "type": "string", - "description": "ID of instance used to create this image." - }, - "architecture": { - "description": "Operating system architecture as specified in http://docs.openstack.org/trunk/openstack-compute/admin/content/adding-images.html", - "type": "string" - }, - "os_distro": { - "description": "Common name of operating system distribution as specified in http://docs.openstack.org/trunk/openstack-compute/admin/content/adding-images.html", - "type": "string" - }, - "os_version": { - "description": "Operating system version as specified by the distributor", - "type": "string" - } -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/keepalived/keepalived.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/keepalived/keepalived.conf deleted file mode 100644 index a3abf5f..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/keepalived/keepalived.conf +++ /dev/null @@ -1,59 +0,0 @@ -# This file is managed by Puppet. DO NOT EDIT. -global_defs { - notification_email { - root@domain.tld - - } - notification_email_from keepalived@domain.tld - smtp_server localhost - smtp_connect_timeout 30 - router_id controller-15 -} - -vrrp_instance 4 { - virtual_router_id 4 - - # for electing MASTER, highest priority wins. - priority 100 - state BACKUP - - interface eth0.100 - - virtual_ipaddress { - 240.0.1.7 label eth0.100:ka - - } - - - - - - - - - -} - -vrrp_instance 5 { - virtual_router_id 5 - - # for electing MASTER, highest priority wins. - priority 100 - state BACKUP - - interface eth0.101 - - virtual_ipaddress { - 192.168.0.7 label eth0.101:ka - - } - - - - - - - - - -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/keystone/default_catalog.templates b/config_samples/fuel_web/golden_fuelweb/cnt3/keystone/default_catalog.templates deleted file mode 100644 index eb1e044..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/keystone/default_catalog.templates +++ /dev/null @@ -1,27 +0,0 @@ -# config for TemplatedCatalog, using camelCase because I don't want to do -# translations for keystone compat -catalog.RegionOne.identity.publicURL = http://localhost:$(public_port)s/v2.0 -catalog.RegionOne.identity.adminURL = http://localhost:$(admin_port)s/v2.0 -catalog.RegionOne.identity.internalURL = http://localhost:$(public_port)s/v2.0 -catalog.RegionOne.identity.name = Identity Service - -# fake compute service for now to help novaclient tests work -catalog.RegionOne.compute.publicURL = http://localhost:$(compute_port)s/v1.1/$(tenant_id)s -catalog.RegionOne.compute.adminURL = http://localhost:$(compute_port)s/v1.1/$(tenant_id)s -catalog.RegionOne.compute.internalURL = http://localhost:$(compute_port)s/v1.1/$(tenant_id)s -catalog.RegionOne.compute.name = Compute Service - -catalog.RegionOne.volume.publicURL = http://localhost:8776/v1/$(tenant_id)s -catalog.RegionOne.volume.adminURL = http://localhost:8776/v1/$(tenant_id)s -catalog.RegionOne.volume.internalURL = http://localhost:8776/v1/$(tenant_id)s -catalog.RegionOne.volume.name = Volume Service - -catalog.RegionOne.ec2.publicURL = http://localhost:8773/services/Cloud -catalog.RegionOne.ec2.adminURL = http://localhost:8773/services/Admin -catalog.RegionOne.ec2.internalURL = http://localhost:8773/services/Cloud -catalog.RegionOne.ec2.name = EC2 Service - -catalog.RegionOne.image.publicURL = http://localhost:9292/v1 -catalog.RegionOne.image.adminURL = http://localhost:9292/v1 -catalog.RegionOne.image.internalURL = http://localhost:9292/v1 -catalog.RegionOne.image.name = Image Service diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/keystone/keystone.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/keystone/keystone.conf deleted file mode 100644 index 33ba106..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/keystone/keystone.conf +++ /dev/null @@ -1,320 +0,0 @@ -[DEFAULT] -log_file = /var/log/keystone/keystone.log -# A "shared secret" between keystone and other openstack services -# admin_token = ADMIN -admin_token = 6Cx19zRq - -# The IP address of the network interface to listen on -# bind_host = 0.0.0.0 -bind_host = 192.168.0.4 - -# The port number which the public service listens on -# public_port = 5000 -public_port = 5000 - -# The port number which the public admin listens on -# admin_port = 35357 -admin_port = 35357 - -# The base endpoint URLs for keystone that are advertised to clients -# (NOTE: this does NOT affect how keystone listens for connections) -# public_endpoint = http://localhost:%(public_port)d/ -# admin_endpoint = http://localhost:%(admin_port)d/ - -# The port number which the OpenStack Compute service listens on -# compute_port = 8774 -compute_port = 3000 - -# Path to your policy definition containing identity actions -# policy_file = policy.json - -# Rule to check if no matching policy definition is found -# FIXME(dolph): This should really be defined as [policy] default_rule -# policy_default_rule = admin_required - -# Role for migrating membership relationships -# During a SQL upgrade, the following values will be used to create a new role -# that will replace records in the user_tenant_membership table with explicit -# role grants. After migration, the member_role_id will be used in the API -# add_user_to_project, and member_role_name will be ignored. -# member_role_id = 9fe2ff9ee4384b1894a90878d3e92bab -# member_role_name = _member_ - -# === Logging Options === -# Print debugging output -# (includes plaintext request logging, potentially including passwords) -# debug = False -debug = true - -# Print more verbose output -# verbose = False -verbose = true - -# Name of log file to output to. If not set, logging will go to stdout. -# log_file = keystone.log - -# The directory to keep log files in (will be prepended to --logfile) -# log_dir = /var/log/keystone - -# Use syslog for logging. -# use_syslog = False - -# syslog facility to receive log lines -# syslog_log_facility = LOG_USER - -# If this option is specified, the logging configuration file specified is -# used and overrides any other logging options specified. Please see the -# Python logging module documentation for details on logging configuration -# files. -# log_config = logging.conf -log_config = /etc/keystone/logging.conf - -# A logging.Formatter log message format string which may use any of the -# available logging.LogRecord attributes. -# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s - -# Format string for %(asctime)s in log records. -# log_date_format = %Y-%m-%d %H:%M:%S - -# onready allows you to send a notification when the process is ready to serve -# For example, to have it notify using systemd, one could set shell command: -# onready = systemd-notify --ready -# or a module with notify() method: -# onready = keystone.common.systemd - -[sql] -connection = mysql://keystone:cg5UvHsO@192.168.0.7/keystone -# The SQLAlchemy connection string used to connect to the database -# connection = sqlite:///keystone.db - -# the timeout before idle sql connections are reaped -# idle_timeout = 200 -idle_timeout = 200 - -[identity] -driver = keystone.identity.backends.sql.Identity -# driver = keystone.identity.backends.sql.Identity - -# This references the domain to use for all Identity API v2 requests (which are -# not aware of domains). A domain with this ID will be created for you by -# keystone-manage db_sync in migration 008. The domain referenced by this ID -# cannot be deleted on the v3 API, to prevent accidentally breaking the v2 API. -# There is nothing special about this domain, other than the fact that it must -# exist to order to maintain support for your v2 clients. -# default_domain_id = default - -[trust] -# driver = keystone.trust.backends.sql.Trust - -# delegation and impersonation features can be optionally disabled -# enabled = True - -[catalog] -template_file = /etc/keystone/default_catalog.templates -driver = keystone.catalog.backends.sql.Catalog -# dynamic, sql-based backend (supports API/CLI-based management commands) -# driver = keystone.catalog.backends.sql.Catalog - -# static, file-based backend (does *NOT* support any management commands) -# driver = keystone.catalog.backends.templated.TemplatedCatalog - -# template_file = default_catalog.templates - -[token] -driver = keystone.token.backends.sql.Token -# driver = keystone.token.backends.kvs.Token - -# Amount of time a token should remain valid (in seconds) -# expiration = 86400 - -[policy] -# driver = keystone.policy.backends.sql.Policy -driver = keystone.policy.backends.rules.Policy - -[ec2] -driver = keystone.contrib.ec2.backends.sql.Ec2 -# driver = keystone.contrib.ec2.backends.kvs.Ec2 - -[ssl] -#enable = True -#certfile = /etc/keystone/ssl/certs/keystone.pem -#keyfile = /etc/keystone/ssl/private/keystonekey.pem -#ca_certs = /etc/keystone/ssl/certs/ca.pem -#cert_required = True - -[signing] -#token_format = PKI -token_format = UUID -#certfile = /etc/keystone/ssl/certs/signing_cert.pem -#keyfile = /etc/keystone/ssl/private/signing_key.pem -#ca_certs = /etc/keystone/ssl/certs/ca.pem -#key_size = 1024 -#valid_days = 3650 -#ca_password = None - -[ldap] -# url = ldap://localhost -# user = dc=Manager,dc=example,dc=com -# password = None -# suffix = cn=example,cn=com -# use_dumb_member = False -# allow_subtree_delete = False -# dumb_member = cn=dumb,dc=example,dc=com - -# Maximum results per page; a value of zero ('0') disables paging (default) -# page_size = 0 - -# The LDAP dereferencing option for queries. This can be either 'never', -# 'searching', 'always', 'finding' or 'default'. The 'default' option falls -# back to using default dereferencing configured by your ldap.conf. -# alias_dereferencing = default - -# The LDAP scope for queries, this can be either 'one' -# (onelevel/singleLevel) or 'sub' (subtree/wholeSubtree) -# query_scope = one - -# user_tree_dn = ou=Users,dc=example,dc=com -# user_filter = -# user_objectclass = inetOrgPerson -# user_domain_id_attribute = businessCategory -# user_id_attribute = cn -# user_name_attribute = sn -# user_mail_attribute = email -# user_pass_attribute = userPassword -# user_enabled_attribute = enabled -# user_enabled_mask = 0 -# user_enabled_default = True -# user_attribute_ignore = tenant_id,tenants -# user_allow_create = True -# user_allow_update = True -# user_allow_delete = True -# user_enabled_emulation = False -# user_enabled_emulation_dn = - -# tenant_tree_dn = ou=Groups,dc=example,dc=com -# tenant_filter = -# tenant_objectclass = groupOfNames -# tenant_domain_id_attribute = businessCategory -# tenant_id_attribute = cn -# tenant_member_attribute = member -# tenant_name_attribute = ou -# tenant_desc_attribute = desc -# tenant_enabled_attribute = enabled -# tenant_attribute_ignore = -# tenant_allow_create = True -# tenant_allow_update = True -# tenant_allow_delete = True -# tenant_enabled_emulation = False -# tenant_enabled_emulation_dn = - -# role_tree_dn = ou=Roles,dc=example,dc=com -# role_filter = -# role_objectclass = organizationalRole -# role_id_attribute = cn -# role_name_attribute = ou -# role_member_attribute = roleOccupant -# role_attribute_ignore = -# role_allow_create = True -# role_allow_update = True -# role_allow_delete = True - -# group_tree_dn = -# group_filter = -# group_objectclass = groupOfNames -# group_id_attribute = cn -# group_name_attribute = ou -# group_member_attribute = member -# group_desc_attribute = desc -# group_attribute_ignore = -# group_allow_create = True -# group_allow_update = True -# group_allow_delete = True - -[auth] -methods = password,token -password = keystone.auth.plugins.password.Password -token = keystone.auth.plugins.token.Token - -[filter:debug] -paste.filter_factory = keystone.common.wsgi:Debug.factory - -[filter:token_auth] -paste.filter_factory = keystone.middleware:TokenAuthMiddleware.factory - -[filter:admin_token_auth] -paste.filter_factory = keystone.middleware:AdminTokenAuthMiddleware.factory - -[filter:xml_body] -paste.filter_factory = keystone.middleware:XmlBodyMiddleware.factory - -[filter:json_body] -paste.filter_factory = keystone.middleware:JsonBodyMiddleware.factory - -[filter:user_crud_extension] -paste.filter_factory = keystone.contrib.user_crud:CrudExtension.factory - -[filter:crud_extension] -paste.filter_factory = keystone.contrib.admin_crud:CrudExtension.factory - -[filter:ec2_extension] -paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory - -[filter:s3_extension] -paste.filter_factory = keystone.contrib.s3:S3Extension.factory - -[filter:url_normalize] -paste.filter_factory = keystone.middleware:NormalizingFilter.factory - -[filter:sizelimit] -paste.filter_factory = keystone.middleware:RequestBodySizeLimiter.factory - -[filter:stats_monitoring] -paste.filter_factory = keystone.contrib.stats:StatsMiddleware.factory - -[filter:stats_reporting] -paste.filter_factory = keystone.contrib.stats:StatsExtension.factory - -[filter:access_log] -paste.filter_factory = keystone.contrib.access:AccessLogMiddleware.factory - -[app:public_service] -paste.app_factory = keystone.service:public_app_factory - -[app:service_v3] -paste.app_factory = keystone.service:v3_app_factory - -[app:admin_service] -paste.app_factory = keystone.service:admin_app_factory - -[pipeline:public_api] -pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug ec2_extension user_crud_extension public_service - -[pipeline:admin_api] -pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension crud_extension admin_service - -[pipeline:api_v3] -pipeline = access_log sizelimit stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension service_v3 - -[app:public_version_service] -paste.app_factory = keystone.service:public_version_app_factory - -[app:admin_version_service] -paste.app_factory = keystone.service:admin_version_app_factory - -[pipeline:public_version_api] -pipeline = stats_monitoring url_normalize xml_body public_version_service - -[pipeline:admin_version_api] -pipeline = stats_monitoring url_normalize xml_body admin_version_service - -[composite:main] -use = egg:Paste#urlmap -/v2.0 = public_api -/v3 = api_v3 -/ = public_version_api - -[composite:admin] -use = egg:Paste#urlmap -/v2.0 = admin_api -/v3 = api_v3 -/ = admin_version_api diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/keystone/logging.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/keystone/logging.conf deleted file mode 100644 index f907736..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/keystone/logging.conf +++ /dev/null @@ -1,21 +0,0 @@ -[loggers] -keys = root - -[handlers] -keys = syslog - -[formatters] -keys = default - -[logger_root] -level = DEBUG -handlers = syslog -qualname = keystone - -[handler_syslog] -class = handlers.SysLogHandler -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL1) -formatter = default - -[formatter_default] -format = keystone %(name)s %(levelname)s %(message)s diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/keystone/policy.json b/config_samples/fuel_web/golden_fuelweb/cnt3/keystone/policy.json deleted file mode 100644 index 17da8ea..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/keystone/policy.json +++ /dev/null @@ -1,85 +0,0 @@ -{ - "admin_required": [["role:admin"], ["is_admin:1"]], - "owner" : [["user_id:%(user_id)s"]], - "admin_or_owner": [["rule:admin_required"], ["rule:owner"]], - - "default": [["rule:admin_required"]], - - "identity:get_service": [["rule:admin_required"]], - "identity:list_services": [["rule:admin_required"]], - "identity:create_service": [["rule:admin_required"]], - "identity:update_service": [["rule:admin_required"]], - "identity:delete_service": [["rule:admin_required"]], - - "identity:get_endpoint": [["rule:admin_required"]], - "identity:list_endpoints": [["rule:admin_required"]], - "identity:create_endpoint": [["rule:admin_required"]], - "identity:update_endpoint": [["rule:admin_required"]], - "identity:delete_endpoint": [["rule:admin_required"]], - - "identity:get_domain": [["rule:admin_required"]], - "identity:list_domains": [["rule:admin_required"]], - "identity:create_domain": [["rule:admin_required"]], - "identity:update_domain": [["rule:admin_required"]], - "identity:delete_domain": [["rule:admin_required"]], - - "identity:get_project": [["rule:admin_required"]], - "identity:list_projects": [["rule:admin_required"]], - "identity:list_user_projects": [["rule:admin_or_owner"]], - "identity:create_project": [["rule:admin_or_owner"]], - "identity:update_project": [["rule:admin_required"]], - "identity:delete_project": [["rule:admin_required"]], - - "identity:get_user": [["rule:admin_required"]], - "identity:list_users": [["rule:admin_required"]], - "identity:create_user": [["rule:admin_required"]], - "identity:update_user": [["rule:admin_or_owner"]], - "identity:delete_user": [["rule:admin_required"]], - - "identity:get_group": [["rule:admin_required"]], - "identity:list_groups": [["rule:admin_required"]], - "identity:create_group": [["rule:admin_required"]], - "identity:update_group": [["rule:admin_required"]], - "identity:delete_group": [["rule:admin_required"]], - "identity:list_users_in_group": [["rule:admin_required"]], - "identity:remove_user_from_group": [["rule:admin_required"]], - "identity:check_user_in_group": [["rule:admin_required"]], - "identity:add_user_to_group": [["rule:admin_required"]], - - "identity:get_credential": [["rule:admin_required"]], - "identity:list_credentials": [["rule:admin_required"]], - "identity:create_credential": [["rule:admin_required"]], - "identity:update_credential": [["rule:admin_required"]], - "identity:delete_credential": [["rule:admin_required"]], - - "identity:get_role": [["rule:admin_required"]], - "identity:list_roles": [["rule:admin_required"]], - "identity:create_role": [["rule:admin_required"]], - "identity:update_role": [["rule:admin_required"]], - "identity:delete_role": [["rule:admin_required"]], - - "identity:check_grant": [["rule:admin_required"]], - "identity:list_grants": [["rule:admin_required"]], - "identity:create_grant": [["rule:admin_required"]], - "identity:revoke_grant": [["rule:admin_required"]], - - "identity:get_policy": [["rule:admin_required"]], - "identity:list_policies": [["rule:admin_required"]], - "identity:create_policy": [["rule:admin_required"]], - "identity:update_policy": [["rule:admin_required"]], - "identity:delete_policy": [["rule:admin_required"]], - - "identity:check_token": [["rule:admin_required"]], - "identity:validate_token": [["rule:admin_required"]], - "identity:revocation_list": [["rule:admin_required"]], - "identity:revoke_token": [["rule:admin_required"], - ["user_id:%(user_id)s"]], - - "identity:create_trust": [["user_id:%(trust.trustor_user_id)s"]], - "identity:get_trust": [["rule:admin_or_owner"]], - "identity:list_trusts": [["@"]], - "identity:list_roles_for_trust": [["@"]], - "identity:check_role_for_trust": [["@"]], - "identity:get_role_for_trust": [["@"]], - "identity:delete_trust": [["@"]] -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/libvirt/libvirt.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/libvirt/libvirt.conf deleted file mode 100644 index 016cd24..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/libvirt/libvirt.conf +++ /dev/null @@ -1,18 +0,0 @@ -# -# This can be used to setup URI aliases for frequently -# used connection URIs. Aliases may contain only the -# characters a-Z, 0-9, _, -. -# -# Following the '=' may be any valid libvirt connection -# URI, including arbitrary parameters - -#uri_aliases = [ -# "hail=qemu+ssh://root@hail.cloud.example.com/system", -# "sleet=qemu+ssh://root@sleet.cloud.example.com/system", -#] - -# -# This can be used to prevent probing of the hypervisor -# driver when no URI is supplied by the application. - -#uri_default = "qemu:///system" diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/lvm/archive/os_00000-1434595773.vg b/config_samples/fuel_web/golden_fuelweb/cnt3/lvm/archive/os_00000-1434595773.vg deleted file mode 100644 index aba04d7..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/lvm/archive/os_00000-1434595773.vg +++ /dev/null @@ -1,80 +0,0 @@ -# Generated by LVM2 version 2.02.98(2)-RHEL6 (2012-10-15): Mon Sep 16 13:29:56 2013 - -contents = "Text Format Volume Group" -version = 1 - -description = "Created *before* executing '/sbin/vgs --noheadings -o name --config 'log{command_names=0 prefix=\" \"}''" - -creation_host = "controller-15.domain.tld" # Linux controller-15.domain.tld 2.6.32-358.6.2.el6.x86_64 #1 SMP Thu May 16 20:59:36 UTC 2013 x86_64 -creation_time = 1379338196 # Mon Sep 16 13:29:56 2013 - -os { - id = "Ck6OHF-ywh2-yN8y-88tU-Sf30-Qz8B-BSqA16" - seqno = 3 - format = "lvm2" # informational - status = ["RESIZEABLE", "READ", "WRITE"] - flags = [] - extent_size = 65536 # 32 Megabytes - max_lv = 0 - max_pv = 0 - metadata_copies = 0 - - physical_volumes { - - pv0 { - id = "6Ww3ew-uSbC-MaKa-G1Hb-V30J-Tomf-6jZ3Tm" - device = "/dev/sda2" # Hint only - - status = ["ALLOCATABLE"] - flags = [] - dev_size = 29321216 # 13.9814 Gigabytes - pe_start = 2048 - pe_count = 447 # 13.9688 Gigabytes - } - } - - logical_volumes { - - root { - id = "z5tza6-CMfw-jm1b-u7jT-8HmM-Wc51-OlTJuX" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "controller-15.domain.tld" - creation_time = 1379337787 # 2013-09-16 13:23:07 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 320 # 10 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 0 - ] - } - } - - swap { - id = "I12BKg-Yia3-46c0-r6cE-KHBE-s5kO-kGUvnl" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "controller-15.domain.tld" - creation_time = 1379337791 # 2013-09-16 13:23:11 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 126 # 3.9375 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 320 - ] - } - } - } -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/lvm/backup/os b/config_samples/fuel_web/golden_fuelweb/cnt3/lvm/backup/os deleted file mode 100644 index bf1c185..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/lvm/backup/os +++ /dev/null @@ -1,80 +0,0 @@ -# Generated by LVM2 version 2.02.98(2)-RHEL6 (2012-10-15): Mon Sep 16 13:29:56 2013 - -contents = "Text Format Volume Group" -version = 1 - -description = "Created *after* executing '/sbin/vgs --noheadings -o name --config 'log{command_names=0 prefix=\" \"}''" - -creation_host = "controller-15.domain.tld" # Linux controller-15.domain.tld 2.6.32-358.6.2.el6.x86_64 #1 SMP Thu May 16 20:59:36 UTC 2013 x86_64 -creation_time = 1379338196 # Mon Sep 16 13:29:56 2013 - -os { - id = "Ck6OHF-ywh2-yN8y-88tU-Sf30-Qz8B-BSqA16" - seqno = 3 - format = "lvm2" # informational - status = ["RESIZEABLE", "READ", "WRITE"] - flags = [] - extent_size = 65536 # 32 Megabytes - max_lv = 0 - max_pv = 0 - metadata_copies = 0 - - physical_volumes { - - pv0 { - id = "6Ww3ew-uSbC-MaKa-G1Hb-V30J-Tomf-6jZ3Tm" - device = "/dev/sda2" # Hint only - - status = ["ALLOCATABLE"] - flags = [] - dev_size = 29321216 # 13.9814 Gigabytes - pe_start = 2048 - pe_count = 447 # 13.9688 Gigabytes - } - } - - logical_volumes { - - root { - id = "z5tza6-CMfw-jm1b-u7jT-8HmM-Wc51-OlTJuX" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "controller-15.domain.tld" - creation_time = 1379337787 # 2013-09-16 13:23:07 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 320 # 10 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 0 - ] - } - } - - swap { - id = "I12BKg-Yia3-46c0-r6cE-KHBE-s5kO-kGUvnl" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - creation_host = "controller-15.domain.tld" - creation_time = 1379337791 # 2013-09-16 13:23:11 +0000 - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 126 # 3.9375 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 320 - ] - } - } - } -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/lvm/lvm.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/lvm/lvm.conf deleted file mode 100644 index 542a2e6..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/lvm/lvm.conf +++ /dev/null @@ -1,843 +0,0 @@ -# This is an example configuration file for the LVM2 system. -# It contains the default settings that would be used if there was no -# /etc/lvm/lvm.conf file. -# -# Refer to 'man lvm.conf' for further information including the file layout. -# -# To put this file in a different directory and override /etc/lvm set -# the environment variable LVM_SYSTEM_DIR before running the tools. -# -# N.B. Take care that each setting only appears once if uncommenting -# example settings in this file. - - -# This section allows you to configure which block devices should -# be used by the LVM system. -devices { - - # Where do you want your volume groups to appear ? - dir = "/dev" - - # An array of directories that contain the device nodes you wish - # to use with LVM2. - scan = [ "/dev" ] - - # If set, the cache of block device nodes with all associated symlinks - # will be constructed out of the existing udev database content. - # This avoids using and opening any inapplicable non-block devices or - # subdirectories found in the device directory. This setting is applied - # to udev-managed device directory only, other directories will be scanned - # fully. LVM2 needs to be compiled with udev support for this setting to - # take effect. N.B. Any device node or symlink not managed by udev in - # udev directory will be ignored with this setting on. - obtain_device_list_from_udev = 1 - - # If several entries in the scanned directories correspond to the - # same block device and the tools need to display a name for device, - # all the pathnames are matched against each item in the following - # list of regular expressions in turn and the first match is used. - # preferred_names = [ ] - - # Try to avoid using undescriptive /dev/dm-N names, if present. - preferred_names = [ "^/dev/mpath/", "^/dev/mapper/mpath", "^/dev/[hs]d" ] - - # A filter that tells LVM2 to only use a restricted set of devices. - # The filter consists of an array of regular expressions. These - # expressions can be delimited by a character of your choice, and - # prefixed with either an 'a' (for accept) or 'r' (for reject). - # The first expression found to match a device name determines if - # the device will be accepted or rejected (ignored). Devices that - # don't match any patterns are accepted. - - # Be careful if there there are symbolic links or multiple filesystem - # entries for the same device as each name is checked separately against - # the list of patterns. The effect is that if the first pattern in the - # list to match a name is an 'a' pattern for any of the names, the device - # is accepted; otherwise if the first pattern in the list to match a name - # is an 'r' pattern for any of the names it is rejected; otherwise it is - # accepted. - - # Don't have more than one filter line active at once: only one gets used. - - # Run vgscan after you change this parameter to ensure that - # the cache file gets regenerated (see below). - # If it doesn't do what you expect, check the output of 'vgscan -vvvv'. - - - # By default we accept every block device: - filter = [ "a/.*/" ] - - # Exclude the cdrom drive - # filter = [ "r|/dev/cdrom|" ] - - # When testing I like to work with just loopback devices: - # filter = [ "a/loop/", "r/.*/" ] - - # Or maybe all loops and ide drives except hdc: - # filter =[ "a|loop|", "r|/dev/hdc|", "a|/dev/ide|", "r|.*|" ] - - # Use anchors if you want to be really specific - # filter = [ "a|^/dev/hda8$|", "r/.*/" ] - - # Since "filter" is often overriden from command line, it is not suitable - # for system-wide device filtering (udev rules, lvmetad). To hide devices - # from LVM-specific udev processing and/or from lvmetad, you need to set - # global_filter. The syntax is the same as for normal "filter" - # above. Devices that fail the global_filter are not even opened by LVM. - - # global_filter = [] - - # The results of the filtering are cached on disk to avoid - # rescanning dud devices (which can take a very long time). - # By default this cache is stored in the /etc/lvm/cache directory - # in a file called '.cache'. - # It is safe to delete the contents: the tools regenerate it. - # (The old setting 'cache' is still respected if neither of - # these new ones is present.) - # N.B. If obtain_device_list_from_udev is set to 1 the list of - # devices is instead obtained from udev and any existing .cache - # file is removed. - cache_dir = "/etc/lvm/cache" - cache_file_prefix = "" - - # You can turn off writing this cache file by setting this to 0. - write_cache_state = 1 - - # Advanced settings. - - # List of pairs of additional acceptable block device types found - # in /proc/devices with maximum (non-zero) number of partitions. - # types = [ "fd", 16 ] - - # If sysfs is mounted (2.6 kernels) restrict device scanning to - # the block devices it believes are valid. - # 1 enables; 0 disables. - sysfs_scan = 1 - - # By default, LVM2 will ignore devices used as component paths - # of device-mapper multipath devices. - # 1 enables; 0 disables. - multipath_component_detection = 1 - - # By default, LVM2 will ignore devices used as components of - # software RAID (md) devices by looking for md superblocks. - # 1 enables; 0 disables. - md_component_detection = 1 - - # By default, if a PV is placed directly upon an md device, LVM2 - # will align its data blocks with the md device's stripe-width. - # 1 enables; 0 disables. - md_chunk_alignment = 1 - - # Default alignment of the start of a data area in MB. If set to 0, - # a value of 64KB will be used. Set to 1 for 1MiB, 2 for 2MiB, etc. - # default_data_alignment = 1 - - # By default, the start of a PV's data area will be a multiple of - # the 'minimum_io_size' or 'optimal_io_size' exposed in sysfs. - # - minimum_io_size - the smallest request the device can perform - # w/o incurring a read-modify-write penalty (e.g. MD's chunk size) - # - optimal_io_size - the device's preferred unit of receiving I/O - # (e.g. MD's stripe width) - # minimum_io_size is used if optimal_io_size is undefined (0). - # If md_chunk_alignment is enabled, that detects the optimal_io_size. - # This setting takes precedence over md_chunk_alignment. - # 1 enables; 0 disables. - data_alignment_detection = 1 - - # Alignment (in KB) of start of data area when creating a new PV. - # md_chunk_alignment and data_alignment_detection are disabled if set. - # Set to 0 for the default alignment (see: data_alignment_default) - # or page size, if larger. - data_alignment = 0 - - # By default, the start of the PV's aligned data area will be shifted by - # the 'alignment_offset' exposed in sysfs. This offset is often 0 but - # may be non-zero; e.g.: certain 4KB sector drives that compensate for - # windows partitioning will have an alignment_offset of 3584 bytes - # (sector 7 is the lowest aligned logical block, the 4KB sectors start - # at LBA -1, and consequently sector 63 is aligned on a 4KB boundary). - # But note that pvcreate --dataalignmentoffset will skip this detection. - # 1 enables; 0 disables. - data_alignment_offset_detection = 1 - - # If, while scanning the system for PVs, LVM2 encounters a device-mapper - # device that has its I/O suspended, it waits for it to become accessible. - # Set this to 1 to skip such devices. This should only be needed - # in recovery situations. - ignore_suspended_devices = 0 - - # During each LVM operation errors received from each device are counted. - # If the counter of a particular device exceeds the limit set here, no - # further I/O is sent to that device for the remainder of the respective - # operation. Setting the parameter to 0 disables the counters altogether. - disable_after_error_count = 0 - - # Allow use of pvcreate --uuid without requiring --restorefile. - require_restorefile_with_uuid = 1 - - # Minimum size (in KB) of block devices which can be used as PVs. - # In a clustered environment all nodes must use the same value. - # Any value smaller than 512KB is ignored. - - # Ignore devices smaller than 2MB such as floppy drives. - pv_min_size = 2048 - - # The original built-in setting was 512 up to and including version 2.02.84. - # pv_min_size = 512 - - # Issue discards to a logical volumes's underlying physical volume(s) when - # the logical volume is no longer using the physical volumes' space (e.g. - # lvremove, lvreduce, etc). Discards inform the storage that a region is - # no longer in use. Storage that supports discards advertise the protocol - # specific way discards should be issued by the kernel (TRIM, UNMAP, or - # WRITE SAME with UNMAP bit set). Not all storage will support or benefit - # from discards but SSDs and thinly provisioned LUNs generally do. If set - # to 1, discards will only be issued if both the storage and kernel provide - # support. - # 1 enables; 0 disables. - issue_discards = 0 -} - -# This section allows you to configure the way in which LVM selects -# free space for its Logical Volumes. -allocation { - - # When searching for free space to extend an LV, the "cling" - # allocation policy will choose space on the same PVs as the last - # segment of the existing LV. If there is insufficient space and a - # list of tags is defined here, it will check whether any of them are - # attached to the PVs concerned and then seek to match those PV tags - # between existing extents and new extents. - # Use the special tag "@*" as a wildcard to match any PV tag. - - # Example: LVs are mirrored between two sites within a single VG. - # PVs are tagged with either @site1 or @site2 to indicate where - # they are situated. - - # cling_tag_list = [ "@site1", "@site2" ] - # cling_tag_list = [ "@*" ] - - # Changes made in version 2.02.85 extended the reach of the 'cling' - # policies to detect more situations where data can be grouped - # onto the same disks. Set this to 0 to revert to the previous - # algorithm. - maximise_cling = 1 - - # Set to 1 to guarantee that mirror logs will always be placed on - # different PVs from the mirror images. This was the default - # until version 2.02.85. - mirror_logs_require_separate_pvs = 0 - - # Set to 1 to guarantee that thin pool metadata will always - # be placed on different PVs from the pool data. - thin_pool_metadata_require_separate_pvs = 0 - - # Specify the minimal chunk size (in KB) for thin pool volumes. - # Use of the larger chunk size may improve perfomance for plain - # thin volumes, however using them for snapshot volumes is less efficient, - # as it consumes more space and takes extra time for copying. - # When unset, lvm tries to estimate chunk size starting from 64KB - # Supported values are in range from 64 to 1048576. - # thin_pool_chunk_size = 64 - - # Specify discards behavior of the thin pool volume. - # Select one of "ignore", "nopassdown", "passdown" - # thin_pool_discards = "passdown" - - # Set to 0, to disable zeroing of thin pool data chunks before their - # first use. - # N.B. zeroing larger thin pool chunk size degrades performance. - # thin_pool_zero = 1 -} - -# This section that allows you to configure the nature of the -# information that LVM2 reports. -log { - - # Controls the messages sent to stdout or stderr. - # There are three levels of verbosity, 3 being the most verbose. - verbose = 0 - - # Set to 1 to suppress all non-essential messages from stdout. - # This has the same effect as -qq. - # When this is set, the following commands still produce output: - # dumpconfig, lvdisplay, lvmdiskscan, lvs, pvck, pvdisplay, - # pvs, version, vgcfgrestore -l, vgdisplay, vgs. - # Non-essential messages are shifted from log level 4 to log level 5 - # for syslog and lvm2_log_fn purposes. - # Any 'yes' or 'no' questions not overridden by other arguments - # are suppressed and default to 'no'. - silent = 0 - - # Should we send log messages through syslog? - # 1 is yes; 0 is no. - syslog = 1 - - # Should we log error and debug messages to a file? - # By default there is no log file. - #file = "/var/log/lvm2.log" - - # Should we overwrite the log file each time the program is run? - # By default we append. - overwrite = 0 - - # What level of log messages should we send to the log file and/or syslog? - # There are 6 syslog-like log levels currently in use - 2 to 7 inclusive. - # 7 is the most verbose (LOG_DEBUG). - level = 0 - - # Format of output messages - # Whether or not (1 or 0) to indent messages according to their severity - indent = 1 - - # Whether or not (1 or 0) to display the command name on each line output - command_names = 0 - - # A prefix to use before the message text (but after the command name, - # if selected). Default is two spaces, so you can see/grep the severity - # of each message. - prefix = " " - - # To make the messages look similar to the original LVM tools use: - # indent = 0 - # command_names = 1 - # prefix = " -- " - - # Set this if you want log messages during activation. - # Don't use this in low memory situations (can deadlock). - # activation = 0 -} - -# Configuration of metadata backups and archiving. In LVM2 when we -# talk about a 'backup' we mean making a copy of the metadata for the -# *current* system. The 'archive' contains old metadata configurations. -# Backups are stored in a human readeable text format. -backup { - - # Should we maintain a backup of the current metadata configuration ? - # Use 1 for Yes; 0 for No. - # Think very hard before turning this off! - backup = 1 - - # Where shall we keep it ? - # Remember to back up this directory regularly! - backup_dir = "/etc/lvm/backup" - - # Should we maintain an archive of old metadata configurations. - # Use 1 for Yes; 0 for No. - # On by default. Think very hard before turning this off. - archive = 1 - - # Where should archived files go ? - # Remember to back up this directory regularly! - archive_dir = "/etc/lvm/archive" - - # What is the minimum number of archive files you wish to keep ? - retain_min = 10 - - # What is the minimum time you wish to keep an archive file for ? - retain_days = 30 -} - -# Settings for the running LVM2 in shell (readline) mode. -shell { - - # Number of lines of history to store in ~/.lvm_history - history_size = 100 -} - - -# Miscellaneous global LVM2 settings -global { - - # The file creation mask for any files and directories created. - # Interpreted as octal if the first digit is zero. - umask = 077 - - # Allow other users to read the files - #umask = 022 - - # Enabling test mode means that no changes to the on disk metadata - # will be made. Equivalent to having the -t option on every - # command. Defaults to off. - test = 0 - - # Default value for --units argument - units = "h" - - # Since version 2.02.54, the tools distinguish between powers of - # 1024 bytes (e.g. KiB, MiB, GiB) and powers of 1000 bytes (e.g. - # KB, MB, GB). - # If you have scripts that depend on the old behaviour, set this to 0 - # temporarily until you update them. - si_unit_consistency = 1 - - # Whether or not to communicate with the kernel device-mapper. - # Set to 0 if you want to use the tools to manipulate LVM metadata - # without activating any logical volumes. - # If the device-mapper kernel driver is not present in your kernel - # setting this to 0 should suppress the error messages. - activation = 1 - - # If we can't communicate with device-mapper, should we try running - # the LVM1 tools? - # This option only applies to 2.4 kernels and is provided to help you - # switch between device-mapper kernels and LVM1 kernels. - # The LVM1 tools need to be installed with .lvm1 suffices - # e.g. vgscan.lvm1 and they will stop working after you start using - # the new lvm2 on-disk metadata format. - # The default value is set when the tools are built. - # fallback_to_lvm1 = 0 - - # The default metadata format that commands should use - "lvm1" or "lvm2". - # The command line override is -M1 or -M2. - # Defaults to "lvm2". - # format = "lvm2" - - # Location of proc filesystem - proc = "/proc" - - # Type of locking to use. Defaults to local file-based locking (1). - # Turn locking off by setting to 0 (dangerous: risks metadata corruption - # if LVM2 commands get run concurrently). - # Type 2 uses the external shared library locking_library. - # Type 3 uses built-in clustered locking. - # Type 4 uses read-only locking which forbids any operations that might - # change metadata. - locking_type = 1 - - # Set to 0 to fail when a lock request cannot be satisfied immediately. - wait_for_locks = 1 - - # If using external locking (type 2) and initialisation fails, - # with this set to 1 an attempt will be made to use the built-in - # clustered locking. - # If you are using a customised locking_library you should set this to 0. - fallback_to_clustered_locking = 1 - - # If an attempt to initialise type 2 or type 3 locking failed, perhaps - # because cluster components such as clvmd are not running, with this set - # to 1 an attempt will be made to use local file-based locking (type 1). - # If this succeeds, only commands against local volume groups will proceed. - # Volume Groups marked as clustered will be ignored. - fallback_to_local_locking = 1 - - # Local non-LV directory that holds file-based locks while commands are - # in progress. A directory like /tmp that may get wiped on reboot is OK. - locking_dir = "/var/lock/lvm" - - # Whenever there are competing read-only and read-write access requests for - # a volume group's metadata, instead of always granting the read-only - # requests immediately, delay them to allow the read-write requests to be - # serviced. Without this setting, write access may be stalled by a high - # volume of read-only requests. - # NB. This option only affects locking_type = 1 viz. local file-based - # locking. - prioritise_write_locks = 1 - - # Other entries can go here to allow you to load shared libraries - # e.g. if support for LVM1 metadata was compiled as a shared library use - # format_libraries = "liblvm2format1.so" - # Full pathnames can be given. - - # Search this directory first for shared libraries. - # library_dir = "/lib" - - # The external locking library to load if locking_type is set to 2. - # locking_library = "liblvm2clusterlock.so" - - # Treat any internal errors as fatal errors, aborting the process that - # encountered the internal error. Please only enable for debugging. - abort_on_internal_errors = 0 - - # Check whether CRC is matching when parsed VG is used multiple times. - # This is useful to catch unexpected internal cached volume group - # structure modification. Please only enable for debugging. - detect_internal_vg_cache_corruption = 0 - - # If set to 1, no operations that change on-disk metadata will be permitted. - # Additionally, read-only commands that encounter metadata in need of repair - # will still be allowed to proceed exactly as if the repair had been - # performed (except for the unchanged vg_seqno). - # Inappropriate use could mess up your system, so seek advice first! - metadata_read_only = 0 - - # 'mirror_segtype_default' defines which segtype will be used when the - # shorthand '-m' option is used for mirroring. The possible options are: - # - # "mirror" - The original RAID1 implementation provided by LVM2/DM. It is - # characterized by a flexible log solution (core, disk, mirrored) - # and by the necessity to block I/O while reconfiguring in the - # event of a failure. - # - # There is an inherent race in the dmeventd failure handling - # logic with snapshots of devices using this type of RAID1 that - # in the worst case could cause a deadlock. - # Ref: https://bugzilla.redhat.com/show_bug.cgi?id=817130#c10 - # - # "raid1" - This implementation leverages MD's RAID1 personality through - # device-mapper. It is characterized by a lack of log options. - # (A log is always allocated for every device and they are placed - # on the same device as the image - no separate devices are - # required.) This mirror implementation does not require I/O - # to be blocked in the kernel in the event of a failure. - # This mirror implementation is not cluster-aware and cannot be - # used in a shared (active/active) fashion in a cluster. - # - # Specify the '--type ' option to override this default - # setting. - mirror_segtype_default = "mirror" - - # The default format for displaying LV names in lvdisplay was changed - # in version 2.02.89 to show the LV name and path separately. - # Previously this was always shown as /dev/vgname/lvname even when that - # was never a valid path in the /dev filesystem. - # Set to 1 to reinstate the previous format. - # - # lvdisplay_shows_full_device_path = 0 - - # Whether to use (trust) a running instance of lvmetad. If this is set to - # 0, all commands fall back to the usual scanning mechanisms. When set to 1 - # *and* when lvmetad is running (it is not auto-started), the volume group - # metadata and PV state flags are obtained from the lvmetad instance and no - # scanning is done by the individual commands. In a setup with lvmetad, - # lvmetad udev rules *must* be set up for LVM to work correctly. Without - # proper udev rules, all changes in block device configuration will be - # *ignored* until a manual 'pvscan --cache' is performed. - # - # If lvmetad has been running while use_lvmetad was 0, it MUST be stopped - # before changing use_lvmetad to 1 and started again afterwards. - use_lvmetad = 0 - - # Full path of the utility called to check that a thin metadata device - # is in a state that allows it to be used. - # Each time a thin pool needs to be activated or after it is deactivated - # this utility is executed. The activation will only proceed if the utility - # has an exit status of 0. - # Set to "" to skip this check. (Not recommended.) - # The thin tools are available as part of the device-mapper-persistent-data - # package from https://github.com/jthornber/thin-provisioning-tools. - # - thin_check_executable = "/usr/sbin/thin_check" - - # String with options passed with thin_check command. By default, - # option '-q' is for quiet output. - thin_check_options = [ "-q" ] - - # If set, given features are not used by thin driver. - # This can be helpful not just for testing, but i.e. allows to avoid - # using problematic implementation of some thin feature. - # Features: - # block_size - # discards - # discards_non_power_2 - # - # thin_disabled_features = [ "discards", "block_size" ] -} - -activation { - # Set to 1 to perform internal checks on the operations issued to - # libdevmapper. Useful for debugging problems with activation. - # Some of the checks may be expensive, so it's best to use this - # only when there seems to be a problem. - checks = 0 - - # Set to 0 to disable udev synchronisation (if compiled into the binaries). - # Processes will not wait for notification from udev. - # They will continue irrespective of any possible udev processing - # in the background. You should only use this if udev is not running - # or has rules that ignore the devices LVM2 creates. - # The command line argument --nodevsync takes precedence over this setting. - # If set to 1 when udev is not running, and there are LVM2 processes - # waiting for udev, run 'dmsetup udevcomplete_all' manually to wake them up. - udev_sync = 1 - - # Set to 0 to disable the udev rules installed by LVM2 (if built with - # --enable-udev_rules). LVM2 will then manage the /dev nodes and symlinks - # for active logical volumes directly itself. - # N.B. Manual intervention may be required if this setting is changed - # while any logical volumes are active. - udev_rules = 1 - - # Set to 1 for LVM2 to verify operations performed by udev. This turns on - # additional checks (and if necessary, repairs) on entries in the device - # directory after udev has completed processing its events. - # Useful for diagnosing problems with LVM2/udev interactions. - verify_udev_operations = 0 - - # If set to 1 and if deactivation of an LV fails, perhaps because - # a process run from a quick udev rule temporarily opened the device, - # retry the operation for a few seconds before failing. - retry_deactivation = 1 - - # How to fill in missing stripes if activating an incomplete volume. - # Using "error" will make inaccessible parts of the device return - # I/O errors on access. You can instead use a device path, in which - # case, that device will be used to in place of missing stripes. - # But note that using anything other than "error" with mirrored - # or snapshotted volumes is likely to result in data corruption. - missing_stripe_filler = "error" - - # The linear target is an optimised version of the striped target - # that only handles a single stripe. Set this to 0 to disable this - # optimisation and always use the striped target. - use_linear_target = 1 - - # How much stack (in KB) to reserve for use while devices suspended - # Prior to version 2.02.89 this used to be set to 256KB - reserved_stack = 64 - - # How much memory (in KB) to reserve for use while devices suspended - reserved_memory = 8192 - - # Nice value used while devices suspended - process_priority = -18 - - # If volume_list is defined, each LV is only activated if there is a - # match against the list. - # "vgname" and "vgname/lvname" are matched exactly. - # "@tag" matches any tag set in the LV or VG. - # "@*" matches if any tag defined on the host is also set in the LV or VG - # - # volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] - - # If auto_activation_volume_list is defined, each LV that is to be - # activated is checked against the list while using the autoactivation - # option (--activate ay/-a ay), and if it matches, it is activated. - # "vgname" and "vgname/lvname" are matched exactly. - # "@tag" matches any tag set in the LV or VG. - # "@*" matches if any tag defined on the host is also set in the LV or VG - # - # auto_activation_volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] - - # If read_only_volume_list is defined, each LV that is to be activated - # is checked against the list, and if it matches, it as activated - # in read-only mode. (This overrides '--permission rw' stored in the - # metadata.) - # "vgname" and "vgname/lvname" are matched exactly. - # "@tag" matches any tag set in the LV or VG. - # "@*" matches if any tag defined on the host is also set in the LV or VG - # - # read_only_volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] - - # Size (in KB) of each copy operation when mirroring - mirror_region_size = 512 - - # Setting to use when there is no readahead value stored in the metadata. - # - # "none" - Disable readahead. - # "auto" - Use default value chosen by kernel. - readahead = "auto" - - # 'raid_fault_policy' defines how a device failure in a RAID logical - # volume is handled. This includes logical volumes that have the following - # segment types: raid1, raid4, raid5*, and raid6*. - # - # In the event of a failure, the following policies will determine what - # actions are performed during the automated response to failures (when - # dmeventd is monitoring the RAID logical volume) and when 'lvconvert' is - # called manually with the options '--repair' and '--use-policies'. - # - # "warn" - Use the system log to warn the user that a device in the RAID - # logical volume has failed. It is left to the user to run - # 'lvconvert --repair' manually to remove or replace the failed - # device. As long as the number of failed devices does not - # exceed the redundancy of the logical volume (1 device for - # raid4/5, 2 for raid6, etc) the logical volume will remain - # usable. - # - # "allocate" - Attempt to use any extra physical volumes in the volume - # group as spares and replace faulty devices. - # - raid_fault_policy = "warn" - - # 'mirror_image_fault_policy' and 'mirror_log_fault_policy' define - # how a device failure affecting a mirror (of "mirror" segment type) is - # handled. A mirror is composed of mirror images (copies) and a log. - # A disk log ensures that a mirror does not need to be re-synced - # (all copies made the same) every time a machine reboots or crashes. - # - # In the event of a failure, the specified policy will be used to determine - # what happens. This applies to automatic repairs (when the mirror is being - # monitored by dmeventd) and to manual lvconvert --repair when - # --use-policies is given. - # - # "remove" - Simply remove the faulty device and run without it. If - # the log device fails, the mirror would convert to using - # an in-memory log. This means the mirror will not - # remember its sync status across crashes/reboots and - # the entire mirror will be re-synced. If a - # mirror image fails, the mirror will convert to a - # non-mirrored device if there is only one remaining good - # copy. - # - # "allocate" - Remove the faulty device and try to allocate space on - # a new device to be a replacement for the failed device. - # Using this policy for the log is fast and maintains the - # ability to remember sync state through crashes/reboots. - # Using this policy for a mirror device is slow, as it - # requires the mirror to resynchronize the devices, but it - # will preserve the mirror characteristic of the device. - # This policy acts like "remove" if no suitable device and - # space can be allocated for the replacement. - # - # "allocate_anywhere" - Not yet implemented. Useful to place the log device - # temporarily on same physical volume as one of the mirror - # images. This policy is not recommended for mirror devices - # since it would break the redundant nature of the mirror. This - # policy acts like "remove" if no suitable device and space can - # be allocated for the replacement. - - mirror_log_fault_policy = "allocate" - mirror_image_fault_policy = "remove" - - # 'snapshot_autoextend_threshold' and 'snapshot_autoextend_percent' define - # how to handle automatic snapshot extension. The former defines when the - # snapshot should be extended: when its space usage exceeds this many - # percent. The latter defines how much extra space should be allocated for - # the snapshot, in percent of its current size. - # - # For example, if you set snapshot_autoextend_threshold to 70 and - # snapshot_autoextend_percent to 20, whenever a snapshot exceeds 70% usage, - # it will be extended by another 20%. For a 1G snapshot, using up 700M will - # trigger a resize to 1.2G. When the usage exceeds 840M, the snapshot will - # be extended to 1.44G, and so on. - # - # Setting snapshot_autoextend_threshold to 100 disables automatic - # extensions. The minimum value is 50 (A setting below 50 will be treated - # as 50). - - snapshot_autoextend_threshold = 100 - snapshot_autoextend_percent = 20 - - # 'thin_pool_autoextend_threshold' and 'thin_pool_autoextend_percent' define - # how to handle automatic pool extension. The former defines when the - # pool should be extended: when its space usage exceeds this many - # percent. The latter defines how much extra space should be allocated for - # the pool, in percent of its current size. - # - # For example, if you set thin_pool_autoextend_threshold to 70 and - # thin_pool_autoextend_percent to 20, whenever a pool exceeds 70% usage, - # it will be extended by another 20%. For a 1G pool, using up 700M will - # trigger a resize to 1.2G. When the usage exceeds 840M, the pool will - # be extended to 1.44G, and so on. - # - # Setting thin_pool_autoextend_threshold to 100 disables automatic - # extensions. The minimum value is 50 (A setting below 50 will be treated - # as 50). - - thin_pool_autoextend_threshold = 100 - thin_pool_autoextend_percent = 20 - - # While activating devices, I/O to devices being (re)configured is - # suspended, and as a precaution against deadlocks, LVM2 needs to pin - # any memory it is using so it is not paged out. Groups of pages that - # are known not to be accessed during activation need not be pinned - # into memory. Each string listed in this setting is compared against - # each line in /proc/self/maps, and the pages corresponding to any - # lines that match are not pinned. On some systems locale-archive was - # found to make up over 80% of the memory used by the process. - # mlock_filter = [ "locale/locale-archive", "gconv/gconv-modules.cache" ] - - # Set to 1 to revert to the default behaviour prior to version 2.02.62 - # which used mlockall() to pin the whole process's memory while activating - # devices. - use_mlockall = 0 - - # Monitoring is enabled by default when activating logical volumes. - # Set to 0 to disable monitoring or use the --ignoremonitoring option. - monitoring = 1 - - # When pvmove or lvconvert must wait for the kernel to finish - # synchronising or merging data, they check and report progress - # at intervals of this number of seconds. The default is 15 seconds. - # If this is set to 0 and there is only one thing to wait for, there - # are no progress reports, but the process is awoken immediately the - # operation is complete. - polling_interval = 15 -} - - -#################### -# Advanced section # -#################### - -# Metadata settings -# -# metadata { - # Default number of copies of metadata to hold on each PV. 0, 1 or 2. - # You might want to override it from the command line with 0 - # when running pvcreate on new PVs which are to be added to large VGs. - - # pvmetadatacopies = 1 - - # Default number of copies of metadata to maintain for each VG. - # If set to a non-zero value, LVM automatically chooses which of - # the available metadata areas to use to achieve the requested - # number of copies of the VG metadata. If you set a value larger - # than the the total number of metadata areas available then - # metadata is stored in them all. - # The default value of 0 ("unmanaged") disables this automatic - # management and allows you to control which metadata areas - # are used at the individual PV level using 'pvchange - # --metadataignore y/n'. - - # vgmetadatacopies = 0 - - # Approximate default size of on-disk metadata areas in sectors. - # You should increase this if you have large volume groups or - # you want to retain a large on-disk history of your metadata changes. - - # pvmetadatasize = 255 - - # List of directories holding live copies of text format metadata. - # These directories must not be on logical volumes! - # It's possible to use LVM2 with a couple of directories here, - # preferably on different (non-LV) filesystems, and with no other - # on-disk metadata (pvmetadatacopies = 0). Or this can be in - # addition to on-disk metadata areas. - # The feature was originally added to simplify testing and is not - # supported under low memory situations - the machine could lock up. - # - # Never edit any files in these directories by hand unless you - # you are absolutely sure you know what you are doing! Use - # the supplied toolset to make changes (e.g. vgcfgrestore). - - # dirs = [ "/etc/lvm/metadata", "/mnt/disk2/lvm/metadata2" ] -#} - -# Event daemon -# -dmeventd { - # mirror_library is the library used when monitoring a mirror device. - # - # "libdevmapper-event-lvm2mirror.so" attempts to recover from - # failures. It removes failed devices from a volume group and - # reconfigures a mirror as necessary. If no mirror library is - # provided, mirrors are not monitored through dmeventd. - - mirror_library = "libdevmapper-event-lvm2mirror.so" - - # snapshot_library is the library used when monitoring a snapshot device. - # - # "libdevmapper-event-lvm2snapshot.so" monitors the filling of - # snapshots and emits a warning through syslog when the use of - # the snapshot exceeds 80%. The warning is repeated when 85%, 90% and - # 95% of the snapshot is filled. - - snapshot_library = "libdevmapper-event-lvm2snapshot.so" - - # thin_library is the library used when monitoring a thin device. - # - # "libdevmapper-event-lvm2thin.so" monitors the filling of - # pool and emits a warning through syslog when the use of - # the pool exceeds 80%. The warning is repeated when 85%, 90% and - # 95% of the pool is filled. - - thin_library = "libdevmapper-event-lvm2thin.so" - - # Full path of the dmeventd binary. - # - # executable = "/sbin/dmeventd" -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/mysql/conf.d/wsrep.cnf b/config_samples/fuel_web/golden_fuelweb/cnt3/mysql/conf.d/wsrep.cnf deleted file mode 100644 index cf7236c..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/mysql/conf.d/wsrep.cnf +++ /dev/null @@ -1,129 +0,0 @@ -# This file contains wsrep-related mysqld options. It should be included -# in the main MySQL configuration file. -# -# Options that need to be customized: -# - wsrep_provider -# - wsrep_cluster_address -# - wsrep_sst_auth -# The rest of defaults should work out of the box. - -## -## mysqld options _MANDATORY_ for correct opration of the cluster -## -[mysqld] - -# (This must be substituted by wsrep_format) -binlog_format=ROW - -# Currently only InnoDB storage engine is supported -default-storage-engine=innodb - -# to avoid issues with 'bulk mode inserts' using autoinc -innodb_autoinc_lock_mode=2 - -# This is a must for paralell applying -innodb_locks_unsafe_for_binlog=1 - -# Query Cache is not supported with wsrep -query_cache_size=0 -query_cache_type=0 - -# Override bind-address -# In some systems bind-address defaults to 127.0.0.1, and with mysqldump SST -# it will have (most likely) disastrous consequences on donor node -bind-address=192.168.0.4 -port=3307 - -max_connections=2048 - -## -## WSREP options -## -# Full path to wsrep provider library or 'none' -wsrep_provider=/usr/lib64/galera/libgalera_smm.so - -# Provider specific configuration options -# See http://www.codership.com/wiki/doku.php?id=faq - -wsrep_provider_options="pc.ignore_sb = no;ist.recv_addr=192.168.0.4;gmcast.listen_addr=tcp://192.168.0.4:4567" - -# Logical cluster name. Should be the same for all nodes. -wsrep_cluster_name="openstack" - - wsrep_cluster_address="gcomm://192.168.0.3:4567,192.168.0.2:4567" - -# Human-readable node name (non-unique). Hostname by default. -#wsrep_node_name= - -# Base replication [:port] of the node. -# The values supplied will be used as defaults for state transfer receiving, -# listening ports and so on. Default: address of the first network interface. -wsrep_node_address=192.168.0.4 - -# Address for incoming client connections. Autodetect by default. -#wsrep_node_incoming_address= - -# How many threads will process writesets from other nodes -wsrep_slave_threads=32 - -# DBUG options for wsrep provider -#wsrep_dbug_option - -# Generate fake primary keys for non-PK tables (required for multi-master -# and parallel applying operation) -wsrep_certify_nonPK=1 - -# Maximum number of rows in write set -wsrep_max_ws_rows=131072 - -# Maximum size of write set -wsrep_max_ws_size=1073741824 - -# to enable debug level logging, set this to 1 -wsrep_debug=0 - -# convert locking sessions into transactions -wsrep_convert_LOCK_to_trx=0 - -# how many times to retry deadlocked autocommits -wsrep_retry_autocommit=1 - -# change auto_increment_increment and auto_increment_offset automatically -wsrep_auto_increment_control=1 - -# retry autoinc insert, which failed for duplicate key error -wsrep_drupal_282555_workaround=0 - -# enable "strictly synchronous" semantics for read operations -wsrep_causal_reads=0 - -# Command to call when node status or cluster membership changes. -# Will be passed all or some of the following options: -# --status - new status of this node -# --uuid - UUID of the cluster -# --primary - whether the component is primary or not ("yes"/"no") -# --members - comma-separated list of members -# --index - index of this node in the list -wsrep_notify_cmd= - -## -## WSREP State Transfer options -## - -# State Snapshot Transfer method -wsrep_sst_method=mysqldump - -# Address on THIS node to receive SST at. DON'T SET IT TO DONOR ADDRESS!!! -# (SST method dependent. Defaults to the first IP of the first interface) -wsrep_sst_receive_address=192.168.0.4:3307 - -# SST authentication string. This will be used to send SST to joining nodes. -# Depends on SST method. For mysqldump method it is root: -wsrep_sst_auth=wsrep_sst:password - -# Desired SST donor name. -#wsrep_sst_donor= - -# Protocol version to use -# wsrep_protocol_version= -skip-name-resolve diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/nova/api-paste.ini b/config_samples/fuel_web/golden_fuelweb/cnt3/nova/api-paste.ini deleted file mode 100644 index 31bdf8f..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/nova/api-paste.ini +++ /dev/null @@ -1,102 +0,0 @@ -############ -# Metadata # -############ -[composite:metadata] -use = egg:Paste#urlmap -/: meta - -[pipeline:meta] -pipeline = ec2faultwrap logrequest metaapp - -[app:metaapp] -paste.app_factory = nova.api.metadata.handler:MetadataRequestHandler.factory - -####### -# EC2 # -####### - -[composite:ec2] -use = egg:Paste#urlmap -/services/Cloud: ec2cloud - -[composite:ec2cloud] -use = call:nova.api.auth:pipeline_factory -noauth = ec2faultwrap logrequest ec2noauth cloudrequest validator ec2executor -keystone = ec2faultwrap logrequest ec2keystoneauth cloudrequest validator ec2executor - -[filter:ec2faultwrap] -paste.filter_factory = nova.api.ec2:FaultWrapper.factory - -[filter:logrequest] -paste.filter_factory = nova.api.ec2:RequestLogging.factory - -[filter:ec2lockout] -paste.filter_factory = nova.api.ec2:Lockout.factory - -[filter:ec2keystoneauth] -paste.filter_factory = nova.api.ec2:EC2KeystoneAuth.factory - -[filter:ec2noauth] -paste.filter_factory = nova.api.ec2:NoAuth.factory - -[filter:cloudrequest] -controller = nova.api.ec2.cloud.CloudController -paste.filter_factory = nova.api.ec2:Requestify.factory - -[filter:authorizer] -paste.filter_factory = nova.api.ec2:Authorizer.factory - -[filter:validator] -paste.filter_factory = nova.api.ec2:Validator.factory - -[app:ec2executor] -paste.app_factory = nova.api.ec2:Executor.factory - -############# -# Openstack # -############# - -[composite:osapi_compute] -use = call:nova.api.openstack.urlmap:urlmap_factory -/: oscomputeversions -/v1.1: openstack_compute_api_v2 -/v2: openstack_compute_api_v2 - -[composite:openstack_compute_api_v2] -use = call:nova.api.auth:pipeline_factory -noauth = faultwrap sizelimit noauth ratelimit osapi_compute_app_v2 -keystone = faultwrap sizelimit authtoken keystonecontext ratelimit osapi_compute_app_v2 -keystone_nolimit = faultwrap sizelimit authtoken keystonecontext osapi_compute_app_v2 - -[filter:faultwrap] -paste.filter_factory = nova.api.openstack:FaultWrapper.factory - -[filter:noauth] -paste.filter_factory = nova.api.openstack.auth:NoAuthMiddleware.factory - -[filter:ratelimit] -paste.filter_factory = nova.api.openstack.compute.limits:RateLimitingMiddleware.factory - -[filter:sizelimit] -paste.filter_factory = nova.api.sizelimit:RequestBodySizeLimiter.factory - -[app:osapi_compute_app_v2] -paste.app_factory = nova.api.openstack.compute:APIRouter.factory - -[pipeline:oscomputeversions] -pipeline = faultwrap oscomputeversionapp - -[app:oscomputeversionapp] -paste.app_factory = nova.api.openstack.compute.versions:Versions.factory - -########## -# Shared # -########## - -[filter:keystonecontext] -paste.filter_factory = nova.api.auth:NovaKeystoneContext.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory -# Workaround for https://bugs.launchpad.net/nova/+bug/1154809 -auth_version = v2.0 diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/nova/logging.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/nova/logging.conf deleted file mode 100644 index d8e0f98..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/nova/logging.conf +++ /dev/null @@ -1,21 +0,0 @@ -[loggers] -keys = root - -[handlers] -keys = syslog - -[formatters] -keys = default - -[logger_root] -level = DEBUG -handlers = syslog -qualname = nova - -[handler_syslog] -class = handlers.SysLogHandler -args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL0) -formatter = default - -[formatter_default] -format = nova %(name)s %(levelname)s %(message)s diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/nova/nova.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/nova/nova.conf deleted file mode 100644 index a8c7efb..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/nova/nova.conf +++ /dev/null @@ -1,76 +0,0 @@ -[DEFAULT] -logdir = /var/log/nova -state_path = /var/lib/nova -lock_path = /var/lib/nova/tmp -volumes_dir = /etc/nova/volumes -dhcpbridge = /usr/bin/nova-dhcpbridge -dhcpbridge_flagfile = /etc/nova/nova.conf -force_dhcp_release = true -injected_network_template = /usr/share/nova/interfaces.template -libvirt_nonblocking = True -libvirt_inject_partition = -1 -network_manager = nova.network.manager.VlanManager -iscsi_helper = tgtadm -sql_connection = mysql://nova:jMsyf1wU@192.168.0.7/nova -compute_driver = libvirt.LibvirtDriver -firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver -rpc_backend = nova.rpc.impl_kombu -rootwrap_config = /etc/nova/rootwrap.conf -debug=true -rabbit_hosts=192.168.0.7:5672 -quota_volumes=100 -osapi_compute_listen=192.168.0.4 -ec2_listen=192.168.0.4 -quota_max_injected_file_content_bytes=102400 -glance_api_servers=240.0.1.7:9292 -novncproxy_host=240.0.1.7 -rabbit_userid=nova -rabbit_ha_queues=True -rabbit_password=zrk9MfKV -verbose=true -auto_assign_floating_ip=True -logging_default_format_string=%(levelname)s %(name)s [-] %(instance)s %(message)s -quota_cores=100 -logging_context_format_string=%(levelname)s %(name)s [%(request_id)s %(user_id)s %(project_id)s] %(instance)s %(message)s -enabled_apis=ec2,osapi_compute -rabbit_virtual_host=/ -image_service=nova.image.glance.GlanceImageService -volume_api_class=nova.volume.cinder.API -use_cow_images=true -quota_max_injected_files=50 -novncproxy_port=6080 -log_config=/etc/nova/logging.conf -rabbit_port=5672 -vlan_start=103 -compute_scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler -quota_max_injected_file_path_bytes=4096 -api_paste_config=/etc/nova/api-paste.ini -quota_floating_ips=100 -multi_host=True -public_interface=eth0.100 -start_guests_on_host_boot=true -service_down_time=60 -syslog_log_facility=LOCAL0 -quota_gigabytes=1000 -quota_instances=100 -osapi_volume_listen=192.168.0.4 -metadata_listen=192.168.0.4 -auth_strategy=keystone -quota_metadata_items=1024 -fixed_range=10.0.0.0/24 -use_syslog=True -dhcp_domain=novalocal -allow_resize_to_same_host=True -vlan_interface=eth0 -memcached_servers=controller-15:11211,controller-14:11211,controller-13:11211 - -[keystone_authtoken] -admin_tenant_name = services -admin_user = nova -admin_password = Zc1VlBC9 -auth_host = 192.168.0.7 -auth_port = 35357 -auth_protocol = http -signing_dir = /tmp/keystone-signing-nova -signing_dirname=/tmp/keystone-signing-nova - diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/nova/policy.json b/config_samples/fuel_web/golden_fuelweb/cnt3/nova/policy.json deleted file mode 100644 index 5a6800f..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/nova/policy.json +++ /dev/null @@ -1,161 +0,0 @@ -{ - "context_is_admin": "role:admin", - "admin_or_owner": "is_admin:True or project_id:%(project_id)s", - "default": "rule:admin_or_owner", - - - "compute:create": "", - "compute:create:attach_network": "", - "compute:create:attach_volume": "", - "compute:create:forced_host": "is_admin:True", - "compute:get_all": "", - "compute:get_all_tenants": "", - - - "admin_api": "is_admin:True", - "compute_extension:accounts": "rule:admin_api", - "compute_extension:admin_actions": "rule:admin_api", - "compute_extension:admin_actions:pause": "rule:admin_or_owner", - "compute_extension:admin_actions:unpause": "rule:admin_or_owner", - "compute_extension:admin_actions:suspend": "rule:admin_or_owner", - "compute_extension:admin_actions:resume": "rule:admin_or_owner", - "compute_extension:admin_actions:lock": "rule:admin_api", - "compute_extension:admin_actions:unlock": "rule:admin_api", - "compute_extension:admin_actions:resetNetwork": "rule:admin_api", - "compute_extension:admin_actions:injectNetworkInfo": "rule:admin_api", - "compute_extension:admin_actions:createBackup": "rule:admin_or_owner", - "compute_extension:admin_actions:migrateLive": "rule:admin_api", - "compute_extension:admin_actions:resetState": "rule:admin_api", - "compute_extension:admin_actions:migrate": "rule:admin_api", - "compute_extension:aggregates": "rule:admin_api", - "compute_extension:agents": "rule:admin_api", - "compute_extension:attach_interfaces": "", - "compute_extension:baremetal_nodes": "rule:admin_api", - "compute_extension:cells": "rule:admin_api", - "compute_extension:certificates": "", - "compute_extension:cloudpipe": "rule:admin_api", - "compute_extension:cloudpipe_update": "rule:admin_api", - "compute_extension:console_output": "", - "compute_extension:consoles": "", - "compute_extension:coverage_ext": "rule:admin_api", - "compute_extension:createserverext": "", - "compute_extension:deferred_delete": "", - "compute_extension:disk_config": "", - "compute_extension:evacuate": "rule:admin_api", - "compute_extension:extended_server_attributes": "rule:admin_api", - "compute_extension:extended_status": "", - "compute_extension:extended_availability_zone": "", - "compute_extension:extended_ips": "", - "compute_extension:fixed_ips": "rule:admin_api", - "compute_extension:flavor_access": "", - "compute_extension:flavor_disabled": "", - "compute_extension:flavor_rxtx": "", - "compute_extension:flavor_swap": "", - "compute_extension:flavorextradata": "", - "compute_extension:flavorextraspecs:index": "", - "compute_extension:flavorextraspecs:show": "", - "compute_extension:flavorextraspecs:create": "rule:admin_api", - "compute_extension:flavorextraspecs:update": "rule:admin_api", - "compute_extension:flavorextraspecs:delete": "rule:admin_api", - "compute_extension:flavormanage": "rule:admin_api", - "compute_extension:floating_ip_dns": "", - "compute_extension:floating_ip_pools": "", - "compute_extension:floating_ips": "", - "compute_extension:floating_ips_bulk": "rule:admin_api", - "compute_extension:fping": "", - "compute_extension:fping:all_tenants": "rule:admin_api", - "compute_extension:hide_server_addresses": "is_admin:False", - "compute_extension:hosts": "rule:admin_api", - "compute_extension:hypervisors": "rule:admin_api", - "compute_extension:image_size": "", - "compute_extension:instance_actions": "", - "compute_extension:instance_actions:events": "rule:admin_api", - "compute_extension:instance_usage_audit_log": "rule:admin_api", - "compute_extension:keypairs": "", - "compute_extension:multinic": "", - "compute_extension:networks": "rule:admin_api", - "compute_extension:networks:view": "", - "compute_extension:networks_associate": "rule:admin_api", - "compute_extension:quotas:show": "", - "compute_extension:quotas:update": "rule:admin_api", - "compute_extension:quota_classes": "", - "compute_extension:rescue": "", - "compute_extension:security_group_default_rules": "rule:admin_api", - "compute_extension:security_groups": "", - "compute_extension:server_diagnostics": "rule:admin_api", - "compute_extension:server_password": "", - "compute_extension:services": "rule:admin_api", - "compute_extension:simple_tenant_usage:show": "rule:admin_or_owner", - "compute_extension:simple_tenant_usage:list": "rule:admin_api", - "compute_extension:users": "rule:admin_api", - "compute_extension:virtual_interfaces": "", - "compute_extension:virtual_storage_arrays": "", - "compute_extension:volumes": "", - "compute_extension:volume_attachments:index": "", - "compute_extension:volume_attachments:show": "", - "compute_extension:volume_attachments:create": "", - "compute_extension:volume_attachments:delete": "", - "compute_extension:volumetypes": "", - "compute_extension:availability_zone:list": "", - "compute_extension:availability_zone:detail": "rule:admin_api", - - - "volume:create": "", - "volume:get_all": "", - "volume:get_volume_metadata": "", - "volume:get_snapshot": "", - "volume:get_all_snapshots": "", - - - "volume_extension:types_manage": "rule:admin_api", - "volume_extension:types_extra_specs": "rule:admin_api", - "volume_extension:volume_admin_actions:reset_status": "rule:admin_api", - "volume_extension:snapshot_admin_actions:reset_status": "rule:admin_api", - "volume_extension:volume_admin_actions:force_delete": "rule:admin_api", - - - "network:get_all": "", - "network:get": "", - "network:create": "", - "network:delete": "", - "network:associate": "", - "network:disassociate": "", - "network:get_vifs_by_instance": "", - "network:allocate_for_instance": "", - "network:deallocate_for_instance": "", - "network:validate_networks": "", - "network:get_instance_uuids_by_ip_filter": "", - "network:get_instance_id_by_floating_address": "", - "network:setup_networks_on_host": "", - "network:get_backdoor_port": "", - - "network:get_floating_ip": "", - "network:get_floating_ip_pools": "", - "network:get_floating_ip_by_address": "", - "network:get_floating_ips_by_project": "", - "network:get_floating_ips_by_fixed_address": "", - "network:allocate_floating_ip": "", - "network:deallocate_floating_ip": "", - "network:associate_floating_ip": "", - "network:disassociate_floating_ip": "", - "network:release_floating_ip": "", - "network:migrate_instance_start": "", - "network:migrate_instance_finish": "", - - "network:get_fixed_ip": "", - "network:get_fixed_ip_by_address": "", - "network:add_fixed_ip_to_instance": "", - "network:remove_fixed_ip_from_instance": "", - "network:add_network_to_project": "", - "network:get_instance_nw_info": "", - - "network:get_dns_domains": "", - "network:add_dns_entry": "", - "network:modify_dns_entry": "", - "network:delete_dns_entry": "", - "network:get_dns_entries_by_address": "", - "network:get_dns_entries_by_name": "", - "network:create_private_dns_domain": "", - "network:create_public_dns_domain": "", - "network:delete_dns_domain": "" -} diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/nova/release b/config_samples/fuel_web/golden_fuelweb/cnt3/nova/release deleted file mode 100644 index 898c2a3..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/nova/release +++ /dev/null @@ -1,4 +0,0 @@ -[Nova] -vendor = Red Hat Inc. -product = OpenStack Nova -package = mira.2 diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/nova/rootwrap.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/nova/rootwrap.conf deleted file mode 100644 index fb2997a..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/nova/rootwrap.conf +++ /dev/null @@ -1,27 +0,0 @@ -# Configuration for nova-rootwrap -# This file should be owned by (and only-writeable by) the root user - -[DEFAULT] -# List of directories to load filter definitions from (separated by ','). -# These directories MUST all be only writeable by root ! -filters_path=/etc/nova/rootwrap.d,/usr/share/nova/rootwrap - -# List of directories to search executables in, in case filters do not -# explicitely specify a full path (separated by ',') -# If not specified, defaults to system PATH environment variable. -# These directories MUST all be only writeable by root ! -exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin - -# Enable logging to syslog -# Default value is False -use_syslog=False - -# Which syslog facility to use. -# Valid values include auth, authpriv, syslog, user0, user1... -# Default value is 'syslog' -syslog_log_facility=syslog - -# Which messages to log. -# INFO means log all usage -# ERROR means only log unsuccessful attempts -syslog_log_level=ERROR diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/openstack-dashboard/local_settings b/config_samples/fuel_web/golden_fuelweb/cnt3/openstack-dashboard/local_settings deleted file mode 100644 index a63b74b..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/openstack-dashboard/local_settings +++ /dev/null @@ -1,146 +0,0 @@ -import os - -from django.utils.translation import ugettext_lazy as _ - -DEBUG = False -TEMPLATE_DEBUG = DEBUG - - - -# Specify a regular expression to validate user passwords. -# HORIZON_CONFIG = { -# "password_validator": { -# "regex": '.*', -# "help_text": _("Your password does not meet the requirements.") -# } -# } - -LOCAL_PATH = os.path.dirname(os.path.abspath(__file__)) - -# Note: You should change this value -SECRET_KEY = 'dummy_secret_key' - -# We recommend you use memcached for development; otherwise after every reload -# of the django development server, you will have to login again. To use -# memcached set CACHE_BACKED to something like 'memcached://127.0.0.1:11211/' -CACHE_BACKEND = 'memcached://controller-15:11211;controller-14:11211;controller-13:11211/' - -# Send email to the console by default -EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' -# Or send them to /dev/null -#EMAIL_BACKEND = 'django.core.mail.backends.dummy.EmailBackend' - -# Configure these for your outgoing email host -# EMAIL_HOST = 'smtp.my-company.com' -# EMAIL_PORT = 25 -# EMAIL_HOST_USER = 'djangomail' -# EMAIL_HOST_PASSWORD = 'top-secret!' - -# For multiple regions uncomment this configuration, and add (endpoint, title). -# AVAILABLE_REGIONS = [ -# ('http://cluster1.example.com:5000/v2.0', 'cluster1'), -# ('http://cluster2.example.com:5000/v2.0', 'cluster2'), -# ] - -OPENSTACK_HOST = "192.168.0.7" -OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0" % OPENSTACK_HOST -OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member" - -# Disable SSL certificate checks (useful for self-signed certificates): -OPENSTACK_SSL_NO_VERIFY = True - -# The OPENSTACK_KEYSTONE_BACKEND settings can be used to identify the -# capabilities of the auth backend for Keystone. -# If Keystone has been configured to use LDAP as the auth backend then set -# can_edit_user to False and name to 'ldap'. -# -# TODO(tres): Remove these once Keystone has an API to identify auth backend. -OPENSTACK_KEYSTONE_BACKEND = { - 'name': 'native', - 'can_edit_user': True -} - -OPENSTACK_HYPERVISOR_FEATURES = { - 'can_set_mount_point': True -} - -# OPENSTACK_ENDPOINT_TYPE specifies the endpoint type to use for the endpoints -# in the Keystone service catalog. Use this setting when Horizon is running -# external to the OpenStack environment. The default is 'internalURL'. -#OPENSTACK_ENDPOINT_TYPE = "publicURL" - -# Include the SWIFT interface extension in Horizon -SWIFT_ENABLED = True -SWIFT_PAGINATE_LIMIT = 100 - -# The number of Swift containers and objects to display on a single page before -# providing a paging element (a "more" link) to paginate results. -API_RESULT_LIMIT = 1000 -API_RESULT_PAGE_SIZE = 20 - - -# If you have external monitoring links, eg: -EXTERNAL_MONITORING = [ ] -LOGGING = { - 'version': 1, - # When set to True this will disable all logging except - # for loggers specified in this configuration dictionary. Note that - # if nothing is specified here and disable_existing_loggers is True, - # django.db.backends will still log unless it is disabled explicitly. - 'disable_existing_loggers': False, - 'handlers': { - 'null': { - 'level': 'DEBUG', - 'class': 'django.utils.log.NullHandler', - }, - 'console': { - # Set the level to "DEBUG" for verbose output logging. - 'level': 'INFO', - 'class': 'logging.StreamHandler', - }, - 'file': { - 'level': 'DEBUG', - 'class': 'logging.FileHandler', - 'filename': '/var/log/horizon/horizon.log' - }, - }, - 'loggers': { - # Logging from django.db.backends is VERY verbose, send to null - # by default. - 'django.db.backends': { - 'handlers': ['null'], - 'propagate': False, - }, - 'horizon': { - 'handlers': ['file'], - 'propagate': False, - }, - 'openstack_dashboard': { - 'handlers': ['file'], - 'propagate': False, - }, - 'novaclient': { - 'handlers': ['file'], - 'propagate': False, - }, - 'glanceclient': { - 'handlers': ['file'], - 'propagate': False, - }, - 'keystoneclient': { - 'handlers': ['file'], - 'propagate': False, - }, - 'nose.plugins.manager': { - 'handlers': ['file'], - 'propagate': False, - } - } -} -LOGIN_URL='/dashboard/auth/login/' -LOGIN_REDIRECT_URL='/dashboard' - -# The Ubuntu package includes pre-compressed JS and compiled CSS to allow -# offline compression by default. To enable online compression, install -# the node-less package and enable the following option. -COMPRESS_OFFLINE = False diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/rabbitmq/rabbitmq-env.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/rabbitmq/rabbitmq-env.conf deleted file mode 100644 index c73a1b2..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/rabbitmq/rabbitmq-env.conf +++ /dev/null @@ -1,6 +0,0 @@ -RABBITMQ_NODE_PORT=5673 -RABBITMQ_NODE_IP_ADDRESS=192.168.0.4 -RABBITMQ_SERVER_ERL_ARGS="+K true +A30 +P 1048576 \ --kernel inet_default_connect_options [{nodelay,true}] \ --kernel inet_dist_listen_min 41055 \ --kernel inet_dist_listen_max 41055" diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/rabbitmq/rabbitmq.config b/config_samples/fuel_web/golden_fuelweb/cnt3/rabbitmq/rabbitmq.config deleted file mode 100644 index b0965b2..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/rabbitmq/rabbitmq.config +++ /dev/null @@ -1,6 +0,0 @@ -% This file managed by Puppet 2.7.19 -% Template Path: rabbitmq/templates/rabbitmq.config -[ - {rabbit, [{cluster_nodes, ['rabbit@controller-15', 'rabbit@controller-14', 'rabbit@controller-13']}]} - ]. -% EOF diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/swift/account-server.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/swift/account-server.conf deleted file mode 100644 index 06c35d2..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/swift/account-server.conf +++ /dev/null @@ -1,22 +0,0 @@ -[DEFAULT] -devices = /srv/node -bind_ip = 172.16.0.4 -bind_port = 6002 -mount_check = false -user = swift -log_facility = LOG_LOCAL2 -workers = 1 - -[pipeline:main] -pipeline = account-server - -[app:account-server] -use = egg:swift#account - -[account-replicator] -concurrency = 1 - -[account-auditor] - -[account-reaper] -concurrency = 1 diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/swift/account.ring.gz b/config_samples/fuel_web/golden_fuelweb/cnt3/swift/account.ring.gz deleted file mode 100644 index 69cad1b..0000000 Binary files a/config_samples/fuel_web/golden_fuelweb/cnt3/swift/account.ring.gz and /dev/null differ diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/swift/container-server.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/swift/container-server.conf deleted file mode 100644 index be317d3..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/swift/container-server.conf +++ /dev/null @@ -1,24 +0,0 @@ -[DEFAULT] -devices = /srv/node -bind_ip = 172.16.0.4 -bind_port = 6001 -mount_check = false -user = swift -log_facility = LOG_LOCAL2 -workers = 1 - -[pipeline:main] -pipeline = container-server - -[app:container-server] -use = egg:swift#container - -[container-replicator] -concurrency = 1 - -[container-updater] -concurrency = 1 - -[container-auditor] - -[container-sync] diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/swift/container-server.conf.rpmnew b/config_samples/fuel_web/golden_fuelweb/cnt3/swift/container-server.conf.rpmnew deleted file mode 100644 index ac96702..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/swift/container-server.conf.rpmnew +++ /dev/null @@ -1,18 +0,0 @@ -[DEFAULT] -bind_ip = 127.0.0.1 -bind_port = 6001 -workers = 2 - -[pipeline:main] -pipeline = container-server - -[app:container-server] -use = egg:swift#container - -[container-replicator] - -[container-updater] - -[container-auditor] - -[container-sync] diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/swift/container.ring.gz b/config_samples/fuel_web/golden_fuelweb/cnt3/swift/container.ring.gz deleted file mode 100644 index bb0dd6a..0000000 Binary files a/config_samples/fuel_web/golden_fuelweb/cnt3/swift/container.ring.gz and /dev/null differ diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/swift/object-expirer.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/swift/object-expirer.conf deleted file mode 100644 index b75963c..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/swift/object-expirer.conf +++ /dev/null @@ -1,17 +0,0 @@ -[DEFAULT] - -[object-expirer] -# auto_create_account_prefix = . - -[pipeline:main] -pipeline = catch_errors cache proxy-server - -[app:proxy-server] -use = egg:swift#proxy - -[filter:cache] -use = egg:swift#memcache -memcache_servers = 127.0.0.1:11211 - -[filter:catch_errors] -use = egg:swift#catch_errors diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/swift/object-server.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/swift/object-server.conf deleted file mode 100644 index 4c1e6df..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/swift/object-server.conf +++ /dev/null @@ -1,22 +0,0 @@ -[DEFAULT] -devices = /srv/node -bind_ip = 172.16.0.4 -bind_port = 6000 -mount_check = false -user = swift -log_facility = LOG_LOCAL2 -workers = 1 - -[pipeline:main] -pipeline = object-server - -[app:object-server] -use = egg:swift#object - -[object-replicator] -concurrency = 1 - -[object-updater] -concurrency = 1 - -[object-auditor] diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/swift/object.ring.gz b/config_samples/fuel_web/golden_fuelweb/cnt3/swift/object.ring.gz deleted file mode 100644 index 170d798..0000000 Binary files a/config_samples/fuel_web/golden_fuelweb/cnt3/swift/object.ring.gz and /dev/null differ diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/swift/proxy-server.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/swift/proxy-server.conf deleted file mode 100644 index cf809d7..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/swift/proxy-server.conf +++ /dev/null @@ -1,65 +0,0 @@ -# This file is managed by puppet. Do not edit -# -[DEFAULT] -bind_ip = 192.168.0.4 -bind_port = 8080 -workers = 1 -user = swift - -[pipeline:main] -pipeline = catch_errors healthcheck cache ratelimit swift3 s3token authtoken keystone proxy-server - -[app:proxy-server] -use = egg:swift#proxy -allow_account_management = true -account_autocreate = true - -[filter:cache] -use = egg:swift#memcache -memcache_servers = controller-13:11211,controller-14:11211,controller-15:11211 -[filter:catch_errors] -use = egg:swift#catch_errors - - -[filter:healthcheck] -use = egg:swift#healthcheck - -[filter:ratelimit] -use = egg:swift#ratelimit -clock_accuracy = 1000 -max_sleep_time_seconds = 60 -log_sleep_time_seconds = 0 -rate_buffer_seconds = 5 -account_ratelimit = 0 - -[filter:swift3] -use = egg:swift3#swift3 - -[filter:s3token] -paste.filter_factory = keystone.middleware.s3_token:filter_factory -auth_port = 35357 -auth_protocol = http -auth_host = 192.168.0.7 - -[filter:keystone] -use = egg:swift#keystoneauth -operator_roles = admin, SwiftOperator -is_admin = true -cache = swift.cache - - -# -# used to specify connection information to keystone -# -[filter:authtoken] -paste.filter_factory = keystone.middleware.auth_token:filter_factory -auth_host = 192.168.0.7 -auth_port = 35357 -auth_protocol = http -auth_uri = http://192.168.0.7:35357 -# if its defined -admin_tenant_name = services -admin_user = swift -admin_password = 0moSL8AJ -delay_auth_decision = 0 -signing_dir = /etc/swift diff --git a/config_samples/fuel_web/golden_fuelweb/cnt3/swift/swift.conf b/config_samples/fuel_web/golden_fuelweb/cnt3/swift/swift.conf deleted file mode 100644 index acb7d1b..0000000 --- a/config_samples/fuel_web/golden_fuelweb/cnt3/swift/swift.conf +++ /dev/null @@ -1,2 +0,0 @@ -[swift-hash] -swift_hash_path_suffix = swift_secret diff --git a/config_samples/fuel_web/readme b/config_samples/fuel_web/readme deleted file mode 100644 index 12a8e8c..0000000 --- a/config_samples/fuel_web/readme +++ /dev/null @@ -1 +0,0 @@ -Configs that generated by FuelWeb. diff --git a/config_samples/schema_validation/host1/nova/nova.conf b/config_samples/schema_validation/host1/nova/nova.conf deleted file mode 100644 index b01e215..0000000 --- a/config_samples/schema_validation/host1/nova/nova.conf +++ /dev/null @@ -1,10 +0,0 @@ -[DEFAULT] -verbose=foo -verbose=bar -verbose=True -use_stderr true - -[foo] - -[DEFAULT] -verbose=False diff --git a/config_samples/schema_validation/host1/nova/version b/config_samples/schema_validation/host1/nova/version deleted file mode 100644 index f52e616..0000000 --- a/config_samples/schema_validation/host1/nova/version +++ /dev/null @@ -1 +0,0 @@ -2013.1