[DEFAULT] # # Options defined in ironic.api.app # # Authentication strategy used by ironic-api: one of # "keystone" or "noauth". "noauth" should not be used in a # production environment because all authentication will be # disabled. (string value) auth_strategy={{ ironic_auth_strategy }} # Enable pecan debug mode. WARNING: this is insecure and # should not be used in a production environment. (boolean # value) #pecan_debug=false # # Options defined in ironic.common.driver_factory # # Specify the list of drivers to load during service # initialization. Missing drivers, or drivers which fail to # initialize, will prevent the conductor service from # starting. The option default is a recommended set of # production-oriented drivers. A complete list of drivers # present on your system may be found by enumerating the # "ironic.drivers" entrypoint. An example may be found in the # developer documentation online. (list value) enabled_drivers={{ ironic_driver_list }} # # Options defined in ironic.common.exception # # Used if there is a formatting error when generating an # exception message (a programming error). If True, raise an # exception; if False, use the unformatted message. (boolean # value) #fatal_exception_format_errors=false # # Options defined in ironic.common.hash_ring # # Exponent to determine number of hash partitions to use when # distributing load across conductors. Larger values will # result in more even distribution of load and less load when # rebalancing the ring, but more memory usage. Number of # partitions per conductor is (2^hash_partition_exponent). # This determines the granularity of rebalancing: given 10 # hosts, and an exponent of the 2, there are 40 partitions in # the ring.A few thousand partitions should make rebalancing # smooth in most cases. The default is suitable for up to a # few hundred conductors. Too many partitions has a CPU # impact. (integer value) #hash_partition_exponent=5 # [Experimental Feature] Number of hosts to map onto each hash # partition. Setting this to more than one will cause # additional conductor services to prepare deployment # environments and potentially allow the Ironic cluster to # recover more quickly if a conductor instance is terminated. # (integer value) #hash_distribution_replicas=1 # Interval (in seconds) between hash ring resets. (integer # value) #hash_ring_reset_interval=180 # # Options defined in ironic.common.images # # If True, convert backing images to "raw" disk image format. # (boolean value) #force_raw_images=true # Path to isolinux binary file. (string value) #isolinux_bin=/usr/lib/syslinux/isolinux.bin # Template file for isolinux configuration file. (string # value) #isolinux_config_template=$pybasedir/common/isolinux_config.template # Template file for grub configuration file. (string value) #grub_config_template=$pybasedir/common/grub_conf.template # # Options defined in ironic.common.paths # # Directory where the ironic python module is installed. # (string value) #pybasedir=/usr/lib/python/site-packages/ironic/ironic # Directory where ironic binaries are installed. (string # value) #bindir=$pybasedir/bin # Top-level directory for maintaining ironic's state. (string # value) #state_path=$pybasedir # # Options defined in ironic.common.service # # Seconds between running periodic tasks. (integer value) #periodic_interval=60 # Name of this node. This can be an opaque identifier. It is # not necessarily a hostname, FQDN, or IP address. However, # the node name must be valid within an AMQP key, and if using # ZeroMQ, a valid hostname, FQDN, or IP address. (string # value) host={{ ansible_hostname }} # # Options defined in ironic.common.utils # # Path to the rootwrap configuration file to use for running # commands as root. (string value) #rootwrap_config=/etc/ironic/rootwrap.conf # Temporary working directory, default is Python temp dir. # (string value) #tempdir=/tmp # # Options defined in ironic.drivers.modules.image_cache # # Run image downloads and raw format conversions in parallel. # (boolean value) #parallel_image_downloads=false # # Options defined in ironic.netconf # # IP address of this host. If unset, will determine the IP # programmatically. If unable to do so, will use "127.0.0.1". # (string value) #my_ip=10.0.0.1 # # Options defined in oslo.log # # Print debugging output (set logging level to DEBUG instead # of default INFO level). (boolean value) #debug=false # If set to false, will disable INFO logging level, making # WARNING the default. (boolean value) #verbose=true # The name of a logging configuration file. This file is # appended to any existing logging configuration files. For # details about logging configuration files, see the Python # logging module documentation. Note that when logging # configuration files are used then all logging configuration # is set in the configuration file and other logging # configuration options are ignored (for example, log_format). # (string value) # Deprecated group/name - [DEFAULT]/log_config #log_config_append= # DEPRECATED. A logging.Formatter log message format string # which may use any of the available logging.LogRecord # attributes. This option is deprecated. Please use # logging_context_format_string and # logging_default_format_string instead. This option is # ignored if log_config_append is set. (string value) #log_format= # Format string for %%(asctime)s in log records. Default: # %(default)s . This option is ignored if log_config_append is # set. (string value) #log_date_format=%Y-%m-%d %H:%M:%S # (Optional) Name of log file to output to. If no default is # set, logging will go to stdout. This option is ignored if # log_config_append is set. (string value) # Deprecated group/name - [DEFAULT]/logfile #log_file= # (Optional) The base directory used for relative --log-file # paths. This option is ignored if log_config_append is set. # (string value) # Deprecated group/name - [DEFAULT]/logdir #log_dir= # (Optional) Uses logging handler designed to watch file # system. When log file is moved or removed this handler will # open a new log file with specified path instantaneously. It # makes sense only if log-file option is specified and Linux # platform is used. This option is ignored if # log_config_append is set. (boolean value) #watch_log_file=false # Use syslog for logging. Existing syslog format is DEPRECATED # and will be changed later to honor RFC5424. This option is # ignored if log_config_append is set. (boolean value) #use_syslog=false # (Optional) Enables or disables syslog rfc5424 format for # logging. If enabled, prefixes the MSG part of the syslog # message with APP-NAME (RFC5424). The format without the APP- # NAME is deprecated in Kilo, and will be removed in Mitaka, # along with this option. This option is ignored if # log_config_append is set. (boolean value) #use_syslog_rfc_format=true # Syslog facility to receive log lines. This option is ignored # if log_config_append is set. (string value) #syslog_log_facility=LOG_USER # Log output to standard error. This option is ignored if # log_config_append is set. (boolean value) #use_stderr=true # Format string to use for log messages with context. (string # value) #logging_context_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s # Format string to use for log messages without context. # (string value) #logging_default_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s # Data to append to log format when level is DEBUG. (string # value) #logging_debug_format_suffix=%(funcName)s %(pathname)s:%(lineno)d # Prefix each line of exception output with this format. # (string value) #logging_exception_prefix=%(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s # List of logger=LEVEL pairs. This option is ignored if # log_config_append is set. (list value) #default_log_levels=amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN # Enables or disables publication of error events. (boolean # value) #publish_errors=false # The format for an instance that is passed with the log # message. (string value) #instance_format="[instance: %(uuid)s] " # The format for an instance UUID that is passed with the log # message. (string value) #instance_uuid_format="[instance: %(uuid)s] " # Enables or disables fatal status of deprecations. (boolean # value) #fatal_deprecations=false # # Options defined in oslo.messaging # # Size of RPC connection pool. (integer value) #rpc_conn_pool_size=30 # ZeroMQ bind address. Should be a wildcard (*), an ethernet # interface, or IP. The "host" option should point or resolve # to this address. (string value) #rpc_zmq_bind_address=* # MatchMaker driver. (string value) #rpc_zmq_matchmaker=redis # Use REQ/REP pattern for all methods CALL/CAST/FANOUT. # (boolean value) #rpc_zmq_all_req_rep=true # Type of concurrency used. Either "native" or "eventlet" # (string value) #rpc_zmq_concurrency=eventlet # Number of ZeroMQ contexts, defaults to 1. (integer value) #rpc_zmq_contexts=1 # Maximum number of ingress messages to locally buffer per # topic. Default is unlimited. (integer value) #rpc_zmq_topic_backlog= # Directory for holding IPC sockets. (string value) #rpc_zmq_ipc_dir=/var/run/openstack # Name of this node. Must be a valid hostname, FQDN, or IP # address. Must match "host" option, if running Nova. (string # value) #rpc_zmq_host=ironic # Seconds to wait before a cast expires (TTL). Only supported # by impl_zmq. (integer value) #rpc_cast_timeout=30 # The default number of seconds that poll should wait. Poll # raises timeout exception when timeout expired. (integer # value) #rpc_poll_timeout=1 # Shows whether zmq-messaging uses broker or not. (boolean # value) #zmq_use_broker=true # Host to locate redis. (string value) #host=127.0.0.1 # Use this port to connect to redis host. (integer value) #port=6379 # Password for Redis server (optional). (string value) #password= # Size of executor thread pool. (integer value) # Deprecated group/name - [DEFAULT]/rpc_thread_pool_size #executor_thread_pool_size=64 # The Drivers(s) to handle sending notifications. Possible # values are messaging, messagingv2, routing, log, test, noop # (multi valued) #notification_driver= # AMQP topic used for OpenStack notifications. (list value) # Deprecated group/name - [rpc_notifier2]/topics #notification_topics=notifications # Seconds to wait for a response from a call. (integer value) #rpc_response_timeout=60 # A URL representing the messaging driver to use and its full # configuration. If not set, we fall back to the rpc_backend # option and driver specific configuration. (string value) #transport_url= # The messaging driver to use, defaults to rabbit. Other # drivers include qpid and zmq. (string value) #rpc_backend=rabbit # The default exchange under which topics are scoped. May be # overridden by an exchange name specified in the # transport_url option. (string value) #control_exchange=openstack # # Options defined in oslo.service.periodic_task # # Some periodic tasks can be run in a separate process. Should # we run them here? (boolean value) #run_external_periodic_tasks=true # # Options defined in oslo.service.service # # Enable eventlet backdoor. Acceptable values are 0, , # and :, where 0 results in listening on a random # tcp port number; results in listening on the # specified port number (and not enabling backdoor if that # port is in use); and : results in listening on # the smallest unused port number within the specified range # of port numbers. The chosen port is displayed in the # service's log file. (string value) #backdoor_port= # Enables or disables logging values of all registered options # when starting a service (at DEBUG level). (boolean value) #log_options=true [agent] # # Options defined in ironic.drivers.modules.agent # # DEPRECATED. Additional append parameters for baremetal PXE # boot. This option is deprecated and will be removed in # Mitaka release. Please use [pxe]pxe_append_params instead. # (string value) #agent_pxe_append_params=nofb nomodeset vga=normal # DEPRECATED. Template file for PXE configuration. This option # is deprecated and will be removed in Mitaka release. Please # use [pxe]pxe_config_template instead. (string value) #agent_pxe_config_template=$pybasedir/drivers/modules/agent_config.template # Whether Ironic will manage booting of the agent ramdisk. If # set to False, you will need to configure your mechanism to # allow booting the agent ramdisk. (boolean value) # Deprecated group/name - [agent]/manage_tftp #manage_agent_boot=true # The memory size in MiB consumed by agent when it is booted # on a bare metal node. This is used for checking if the image # can be downloaded and deployed on the bare metal node after # booting agent ramdisk. This may be set according to the # memory consumed by the agent ramdisk image. (integer value) #memory_consumed_by_agent=0 # # Options defined in ironic.drivers.modules.agent_base_vendor # # Maximum interval (in seconds) for agent heartbeats. (integer # value) #heartbeat_timeout=300 # Number of times to retry getting power state to check if # bare metal node has been powered off after a soft power off. # (integer value) #post_deploy_get_power_state_retries=6 # Amount of time (in seconds) to wait between polling power # state after trigger soft poweroff. (integer value) #post_deploy_get_power_state_retry_interval=5 # # Options defined in ironic.drivers.modules.agent_client # # API version to use for communicating with the ramdisk agent. # (string value) #agent_api_version=v1 [amt] # # Options defined in ironic.drivers.modules.amt.common # # Protocol used for AMT endpoint, support http/https (string # value) #protocol=http # # Options defined in ironic.drivers.modules.amt.power # # Maximum number of times to attempt an AMT operation, before # failing (integer value) #max_attempts=3 # Amount of time (in seconds) to wait, before retrying an AMT # operation (integer value) #action_wait=10 [api] # # Options defined in ironic.api # # The IP address on which ironic-api listens. (string value) #host_ip=0.0.0.0 # The TCP port on which ironic-api listens. (integer value) #port=6385 # The maximum number of items returned in a single response # from a collection resource. (integer value) #max_limit=1000 # Public URL to use when building the links to the API # resources (for example, "https://ironic.rocks:6384"). If # None the links will be built using the request's host URL. # If the API is operating behind a proxy, you will want to # change this to represent the proxy's URL. Defaults to None. # (string value) #public_endpoint= [cimc] # # Options defined in ironic.drivers.modules.cimc.power # # Number of times a power operation needs to be retried # (integer value) #max_retry=6 # Amount of time in seconds to wait in between power # operations (integer value) #action_interval=10 [cisco_ucs] # # Options defined in ironic.drivers.modules.ucs.power # # Number of times a power operation needs to be retried # (integer value) #max_retry=6 # Amount of time in seconds to wait in between power # operations (integer value) #action_interval=5 [conductor] # # Options defined in ironic.conductor.manager # # URL of Ironic API service. If not set ironic can get the # current value from the keystone service catalog. (string # value) api_url={{ ironic_api_url }} # Seconds between conductor heart beats. (integer value) #heartbeat_interval=10 # Maximum time (in seconds) since the last check-in of a # conductor. A conductor is considered inactive when this time # has been exceeded. (integer value) #heartbeat_timeout=60 # Interval between syncing the node power state to the # database, in seconds. (integer value) sync_power_state_interval={{ ironic_sync_power_state_interval }} # Interval between checks of provision timeouts, in seconds. # (integer value) #check_provision_state_interval=60 # Timeout (seconds) to wait for a callback from a deploy # ramdisk. Set to 0 to disable timeout. (integer value) #deploy_callback_timeout=1800 # During sync_power_state, should the hardware power state be # set to the state recorded in the database (True) or should # the database be updated based on the hardware state (False). # (boolean value) #force_power_state_during_sync=true # During sync_power_state failures, limit the number of times # Ironic should try syncing the hardware node power state with # the node power state in DB (integer value) #power_state_sync_max_retries=3 # Maximum number of worker threads that can be started # simultaneously by a periodic task. Should be less than RPC # thread pool size. (integer value) #periodic_max_workers=8 # The size of the workers greenthread pool. (integer value) #workers_pool_size=100 # Number of attempts to grab a node lock. (integer value) #node_locked_retry_attempts=3 # Seconds to sleep between node lock attempts. (integer value) #node_locked_retry_interval=1 # Enable sending sensor data message via the notification bus # (boolean value) #send_sensor_data=false # Seconds between conductor sending sensor data message to # ceilometer via the notification bus. (integer value) #send_sensor_data_interval=600 # List of comma separated meter types which need to be sent to # Ceilometer. The default value, "ALL", is a special value # meaning send all the sensor data. (list value) #send_sensor_data_types=ALL # When conductors join or leave the cluster, existing # conductors may need to update any persistent local state as # nodes are moved around the cluster. This option controls how # often, in seconds, each conductor will check for nodes that # it should "take over". Set it to a negative value to disable # the check entirely. (integer value) #sync_local_state_interval=180 # Whether to upload the config drive to Swift. (boolean value) #configdrive_use_swift=false # Name of the Swift container to store config drive data. Used # when configdrive_use_swift is True. (string value) #configdrive_swift_container=ironic_configdrive_container # Timeout (seconds) for waiting for node inspection. 0 - # unlimited. (integer value) #inspect_timeout=1800 # Cleaning is a configurable set of steps, such as erasing # disk drives, that are performed on the node to ensure it is # in a baseline state and ready to be deployed to. This is # done after instance deletion, and during the transition from # a "managed" to "available" state. When enabled, the # particular steps performed to clean a node depend on which # driver that node is managed by; see the individual driver's # documentation for details. NOTE: The introduction of the # cleaning operation causes instance deletion to take # significantly longer. In an environment where all tenants # are trusted (eg, because there is only one tenant), this # option could be safely disabled. (boolean value) #clean_nodes=true # Timeout (seconds) to wait for a callback from the ramdisk # doing the cleaning. If the timeout is reached the node will # be put in the "clean failed" provision state. Set to 0 to # disable timeout. (integer value) #clean_callback_timeout=1800 [console] # # Options defined in ironic.drivers.modules.console_utils # # Path to serial console terminal program (string value) #terminal=shellinaboxd # Directory containing the terminal SSL cert(PEM) for serial # console access (string value) #terminal_cert_dir= # Directory for holding terminal pid files. If not specified, # the temporary directory will be used. (string value) #terminal_pid_dir= # Time interval (in seconds) for checking the status of # console subprocess. (integer value) #subprocess_checking_interval=1 # Time (in seconds) to wait for the console subprocess to # start. (integer value) #subprocess_timeout=10 [cors] # # Options defined in oslo.middleware.cors # # Indicate whether this resource may be shared with the domain # received in the requests "origin" header. (string value) #allowed_origin= # Indicate that the actual request can include user # credentials (boolean value) #allow_credentials=true # Indicate which headers are safe to expose to the API. # Defaults to HTTP Simple Headers. (list value) #expose_headers=Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma # Maximum cache age of CORS preflight requests. (integer # value) #max_age=3600 # Indicate which methods can be used during the actual # request. (list value) #allow_methods=GET,POST,PUT,DELETE,OPTIONS # Indicate which header field names may be used during the # actual request. (list value) #allow_headers=Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma [cors.subdomain] # # Options defined in oslo.middleware.cors # # Indicate whether this resource may be shared with the domain # received in the requests "origin" header. (string value) #allowed_origin= # Indicate that the actual request can include user # credentials (boolean value) #allow_credentials=true # Indicate which headers are safe to expose to the API. # Defaults to HTTP Simple Headers. (list value) #expose_headers=Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma # Maximum cache age of CORS preflight requests. (integer # value) #max_age=3600 # Indicate which methods can be used during the actual # request. (list value) #allow_methods=GET,POST,PUT,DELETE,OPTIONS # Indicate which header field names may be used during the # actual request. (list value) #allow_headers=Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma [database] # # Options defined in ironic.db.sqlalchemy.models # # MySQL engine to use. (string value) #mysql_engine=InnoDB # # Options defined in oslo.db # # The file name to use with SQLite. (string value) #sqlite_db=oslo.sqlite # If True, SQLite uses synchronous mode. (boolean value) #sqlite_synchronous=true # The back end to use for the database. (string value) # Deprecated group/name - [DEFAULT]/db_backend #backend=sqlalchemy # The SQLAlchemy connection string to use to connect to the # database. (string value) # Deprecated group/name - [DEFAULT]/sql_connection # Deprecated group/name - [DATABASE]/sql_connection # Deprecated group/name - [sql]/connection connection={{ ironic_db_connection_string }} # The SQLAlchemy connection string to use to connect to the # slave database. (string value) #slave_connection= # The SQL mode to be used for MySQL sessions. This option, # including the default, overrides any server-set SQL mode. To # use whatever SQL mode is set by the server configuration, # set this to no value. Example: mysql_sql_mode= (string # value) #mysql_sql_mode=TRADITIONAL # Timeout before idle SQL connections are reaped. (integer # value) # Deprecated group/name - [DEFAULT]/sql_idle_timeout # Deprecated group/name - [DATABASE]/sql_idle_timeout # Deprecated group/name - [sql]/idle_timeout #idle_timeout=3600 # Minimum number of SQL connections to keep open in a pool. # (integer value) # Deprecated group/name - [DEFAULT]/sql_min_pool_size # Deprecated group/name - [DATABASE]/sql_min_pool_size #min_pool_size=1 # Maximum number of SQL connections to keep open in a pool. # (integer value) # Deprecated group/name - [DEFAULT]/sql_max_pool_size # Deprecated group/name - [DATABASE]/sql_max_pool_size #max_pool_size= # Maximum number of database connection retries during # startup. Set to -1 to specify an infinite retry count. # (integer value) # Deprecated group/name - [DEFAULT]/sql_max_retries # Deprecated group/name - [DATABASE]/sql_max_retries #max_retries=10 # Interval between retries of opening a SQL connection. # (integer value) # Deprecated group/name - [DEFAULT]/sql_retry_interval # Deprecated group/name - [DATABASE]/reconnect_interval #retry_interval=10 # If set, use this value for max_overflow with SQLAlchemy. # (integer value) # Deprecated group/name - [DEFAULT]/sql_max_overflow # Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow #max_overflow= # Verbosity of SQL debugging information: 0=None, # 100=Everything. (integer value) # Deprecated group/name - [DEFAULT]/sql_connection_debug #connection_debug=0 # Add Python stack traces to SQL as comment strings. (boolean # value) # Deprecated group/name - [DEFAULT]/sql_connection_trace #connection_trace=false # If set, use this value for pool_timeout with SQLAlchemy. # (integer value) # Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout #pool_timeout= # Enable the experimental use of database reconnect on # connection lost. (boolean value) #use_db_reconnect=false # Seconds between retries of a database transaction. (integer # value) #db_retry_interval=1 # If True, increases the interval between retries of a # database operation up to db_max_retry_interval. (boolean # value) #db_inc_retry_interval=true # If db_inc_retry_interval is set, the maximum seconds between # retries of a database operation. (integer value) #db_max_retry_interval=10 # Maximum retries in case of connection error or deadlock # error before error is raised. Set to -1 to specify an # infinite retry count. (integer value) #db_max_retries=20 [deploy] # # Options defined in ironic.drivers.modules.deploy_utils # # Size of EFI system partition in MiB when configuring UEFI # systems for local boot. (integer value) #efi_system_partition_size=200 # Block size to use when writing to the nodes disk. (string # value) #dd_block_size=1M # Maximum attempts to verify an iSCSI connection is active, # sleeping 1 second between attempts. (integer value) #iscsi_verify_attempts=3 # ironic-conductor node's HTTP server URL. Example: # http://192.1.2.3:8080 (string value) #http_url= # ironic-conductor node's HTTP root path. (string value) #http_root=/httpboot # Priority to run in-band erase devices via the Ironic Python # Agent ramdisk. If unset, will use the priority set in the # ramdisk (defaults to 10 for the GenericHardwareManager). If # set to 0, will not run during cleaning. (integer value) # Deprecated group/name - [agent]/agent_erase_devices_priority #erase_devices_priority= # Number of iterations to be run for erasing devices. (integer # value) # Deprecated group/name - [agent]/agent_erase_devices_iterations #erase_devices_iterations=1 [dhcp] # # Options defined in ironic.common.dhcp_factory # # DHCP provider to use. "neutron" uses Neutron, and "none" # uses a no-op provider. (string value) dhcp_provider={{ ironic_dhcp_provider }} [disk_partitioner] # # Options defined in ironic.common.disk_partitioner # # After Ironic has completed creating the partition table, it # continues to check for activity on the attached iSCSI device # status at this interval prior to copying the image to the # node, in seconds (integer value) #check_device_interval=1 # The maximum number of times to check that the device is not # accessed by another process. If the device is still busy # after that, the disk partitioning will be treated as having # failed. (integer value) #check_device_max_retries=20 [drac] # # Options defined in ironic.drivers.modules.drac.client # # In case there is a communication failure, the DRAC client # resends the request as many times as defined in this # setting. (integer value) #client_retry_count=5 # In case there is a communication failure, the DRAC client # waits for as many seconds as defined in this setting before # resending the request. (integer value) #client_retry_delay=5 [glance] # # Options defined in ironic.common.glance_service.v2.image_service # # A list of URL schemes that can be downloaded directly via # the direct_url. Currently supported schemes: [file]. (list # value) #allowed_direct_url_schemes= # The secret token given to Swift to allow temporary URL # downloads. Required for temporary URLs. (string value) #swift_temp_url_key= # The length of time in seconds that the temporary URL will be # valid for. Defaults to 20 minutes. If some deploys get a 401 # response code when trying to download from the temporary # URL, try raising this duration. (integer value) #swift_temp_url_duration=1200 # The "endpoint" (scheme, hostname, optional port) for the # Swift URL of the form # "endpoint_url/api_version/[account/]container/object_id". Do # not include trailing "/". For example, use # "https://swift.example.com". In case of using RADOS Gateway, # endpoint may also contain /swift path, if it does not, it # will be appended. Required for temporary URLs. (string # value) #swift_endpoint_url= # The Swift API version to create a temporary URL for. # Defaults to "v1". Swift temporary URL format: # "endpoint_url/api_version/[account/]container/object_id" # (string value) #swift_api_version=v1 # The account that Glance uses to communicate with Swift. The # format is "AUTH_uuid". "uuid" is the UUID for the account # configured in the glance-api.conf. Required for temporary # URLs when Glance backend is Swift. For example: # "AUTH_a422b2-91f3-2f46-74b7-d7c9e8958f5d30". Swift temporary # URL format: # "endpoint_url/api_version/[account/]container/object_id" # (string value) #swift_account= # The Swift container Glance is configured to store its images # in. Defaults to "glance", which is the default in glance- # api.conf. Swift temporary URL format: # "endpoint_url/api_version/[account/]container/object_id" # (string value) #swift_container=glance # This should match a config by the same name in the Glance # configuration file. When set to 0, a single-tenant store # will only use one container to store all images. When set to # an integer value between 1 and 32, a single-tenant store # will use multiple containers to store images, and this value # will determine how many containers are created. (integer # value) #swift_store_multiple_containers_seed=0 # Type of the endpoint to use for temporary URLs. It depends # on an actual Glance backend used. Possible values are # "swift" and "radosgw". (string value) #temp_url_endpoint_type=swift # # Options defined in ironic.common.image_service # # Default glance hostname or IP address. (string value) glance_host={{ internal_lb_vip_address }} # Default glance port. (integer value) #glance_port=9292 # Default protocol to use when connecting to glance. Set to # https for SSL. (string value) #glance_protocol=http # A list of the glance api servers available to ironic. Prefix # with https:// for SSL-based glance API servers. Format is # [hostname|IP]:port. (list value) #glance_api_servers= # Allow to perform insecure SSL (https) requests to glance. # (boolean value) #glance_api_insecure=false # Number of retries when downloading an image from glance. # (integer value) #glance_num_retries=0 # Authentication strategy to use when connecting to glance. # Only "keystone" and "noauth" are currently supported by # ironic. (string value) auth_strategy={{ ironic_auth_strategy }} [iboot] # # Options defined in ironic.drivers.modules.iboot # # Maximum retries for iBoot operations (integer value) #max_retry=3 # Time (in seconds) between retry attempts for iBoot # operations (integer value) #retry_interval=1 # Time (in seconds) to sleep between when rebooting (powering # off and on again). (integer value) #reboot_delay=5 [ilo] # # Options defined in ironic.drivers.modules.ilo.common # # Timeout (in seconds) for iLO operations (integer value) #client_timeout=60 # Port to be used for iLO operations (integer value) #client_port=443 # The Swift iLO container to store data. (string value) #swift_ilo_container=ironic_ilo_container # Amount of time in seconds for Swift objects to auto-expire. # (integer value) #swift_object_expiry_timeout=900 # Set this to True to use http web server to host floppy # images and generated boot ISO. This requires http_root and # http_url to be configured in the [deploy] section of the # config file. If this is set to False, then Ironic will use # Swift to host the floppy images and generated boot_iso. # (boolean value) #use_web_server_for_images=false # # Options defined in ironic.drivers.modules.ilo.deploy # # Priority for erase devices clean step. If unset, it defaults # to 10. If set to 0, the step will be disabled and will not # run during cleaning. (integer value) #clean_priority_erase_devices= # # Options defined in ironic.drivers.modules.ilo.management # # Priority for reset_ilo clean step. (integer value) #clean_priority_reset_ilo=1 # Priority for reset_bios_to_default clean step. (integer # value) #clean_priority_reset_bios_to_default=10 # Priority for reset_secure_boot_keys clean step. This step # will reset the secure boot keys to manufacturing defaults. # (integer value) #clean_priority_reset_secure_boot_keys_to_default=20 # Priority for clear_secure_boot_keys clean step. This step is # not enabled by default. It can be enabled to to clear all # secure boot keys enrolled with iLO. (integer value) #clean_priority_clear_secure_boot_keys=0 # Priority for reset_ilo_credential clean step. This step # requires "ilo_change_password" parameter to be updated in # nodes's driver_info with the new password. (integer value) #clean_priority_reset_ilo_credential=30 # # Options defined in ironic.drivers.modules.ilo.power # # Number of times a power operation needs to be retried # (integer value) #power_retry=6 # Amount of time in seconds to wait in between power # operations (integer value) #power_wait=2 [inspector] # # Options defined in ironic.drivers.modules.inspector # # whether to enable inspection using ironic-inspector (boolean # value) #enabled=false # ironic-inspector HTTP endpoint. If this is not set, the # ironic-inspector client default (http://127.0.0.1:5050) will # be used. (string value) #service_url= # period (in seconds) to check status of nodes on inspection # (integer value) #status_check_period=60 [ipmi] # # Options defined in ironic.drivers.modules.ipminative # # Maximum time in seconds to retry IPMI operations. There is a # tradeoff when setting this value. Setting this too low may # cause older BMCs to crash and require a hard reset. However, # setting too high can cause the sync power state periodic # task to hang when there are slow or unresponsive BMCs. # (integer value) #retry_timeout=60 # Minimum time, in seconds, between IPMI operations sent to a # server. There is a risk with some hardware that setting this # too low may cause the BMC to crash. Recommended setting is 5 # seconds. (integer value) #min_command_interval=5 [irmc] # # Options defined in ironic.drivers.modules.irmc.common # # Port to be used for iRMC operations, either 80 or 443 # (integer value) #port=443 # Authentication method to be used for iRMC operations, either # "basic" or "digest" (string value) #auth_method=basic # Timeout (in seconds) for iRMC operations (integer value) #client_timeout=60 # Sensor data retrieval method, either "ipmitool" or "scci" # (string value) #sensor_method=ipmitool # # Options defined in ironic.drivers.modules.irmc.deploy # # Ironic conductor node's "NFS" or "CIFS" root path (string # value) #remote_image_share_root=/remote_image_share_root # IP of remote image server (string value) #remote_image_server= # Share type of virtual media, either "NFS" or "CIFS" (string # value) #remote_image_share_type=CIFS # share name of remote_image_server (string value) #remote_image_share_name=share # User name of remote_image_server (string value) #remote_image_user_name= # Password of remote_image_user_name (string value) #remote_image_user_password= # Domain name of remote_image_user_name (string value) #remote_image_user_domain= [keystone] # # Options defined in ironic.common.keystone # # The region used for getting endpoints of OpenStack services. # (string value) #region_name= [keystone_authtoken] # # Options defined in keystonemiddleware.auth_token # # Complete public Identity API endpoint. (string value) auth_uri={{ keystone_service_internaluri }} # API version of the admin Identity API endpoint. (string # value) #auth_version= # Do not handle authorization requests within the middleware, # but delegate the authorization decision to downstream WSGI # components. (boolean value) #delay_auth_decision=false # Request timeout value for communicating with Identity API # server. (integer value) #http_connect_timeout= # How many times are we trying to reconnect when communicating # with Identity API Server. (integer value) #http_request_max_retries=3 # Env key for the swift cache. (string value) #cache= # Required if identity server requires client certificate # (string value) #certfile= # Required if identity server requires client certificate # (string value) #keyfile= # A PEM encoded Certificate Authority to use when verifying # HTTPs connections. Defaults to system CAs. (string value) #cafile= # Verify HTTPS connections. (boolean value) #insecure=false # The region in which the identity server can be found. # (string value) #region_name= # Directory used to cache files related to PKI tokens. (string # value) #signing_dir= # Optionally specify a list of memcached server(s) to use for # caching. If left undefined, tokens will instead be cached # in-process. (list value) # Deprecated group/name - [DEFAULT]/memcache_servers #memcached_servers= # In order to prevent excessive effort spent validating # tokens, the middleware caches previously-seen tokens for a # configurable duration (in seconds). Set to -1 to disable # caching completely. (integer value) #token_cache_time=300 # Determines the frequency at which the list of revoked tokens # is retrieved from the Identity service (in seconds). A high # number of revocation events combined with a low cache # duration may significantly reduce performance. (integer # value) #revocation_cache_time=10 # (Optional) If defined, indicate whether token data should be # authenticated or authenticated and encrypted. Acceptable # values are MAC or ENCRYPT. If MAC, token data is # authenticated (with HMAC) in the cache. If ENCRYPT, token # data is encrypted and authenticated in the cache. If the # value is not one of these options or empty, auth_token will # raise an exception on initialization. (string value) #memcache_security_strategy= # (Optional, mandatory if memcache_security_strategy is # defined) This string is used for key derivation. (string # value) #memcache_secret_key= # (Optional) Number of seconds memcached server is considered # dead before it is tried again. (integer value) #memcache_pool_dead_retry=300 # (Optional) Maximum total number of open connections to every # memcached server. (integer value) #memcache_pool_maxsize=10 # (Optional) Socket timeout in seconds for communicating with # a memcached server. (integer value) #memcache_pool_socket_timeout=3 # (Optional) Number of seconds a connection to memcached is # held unused in the pool before it is closed. (integer value) #memcache_pool_unused_timeout=60 # (Optional) Number of seconds that an operation will wait to # get a memcached client connection from the pool. (integer # value) #memcache_pool_conn_get_timeout=10 # (Optional) Use the advanced (eventlet safe) memcached client # pool. The advanced pool will only work under python 2.x. # (boolean value) #memcache_use_advanced_pool=false # (Optional) Indicate whether to set the X-Service-Catalog # header. If False, middleware will not ask for service # catalog on token validation and will not set the X-Service- # Catalog header. (boolean value) #include_service_catalog=true # Used to control the use and type of token binding. Can be # set to: "disabled" to not check token binding. "permissive" # (default) to validate binding information if the bind type # is of a form known to the server and ignore it if not. # "strict" like "permissive" but if the bind type is unknown # the token will be rejected. "required" any form of token # binding is needed to be allowed. Finally the name of a # binding method that must be present in tokens. (string # value) #enforce_token_bind=permissive # If true, the revocation list will be checked for cached # tokens. This requires that PKI tokens are configured on the # identity server. (boolean value) #check_revocations_for_cached=false # Hash algorithms to use for hashing PKI tokens. This may be a # single algorithm or multiple. The algorithms are those # supported by Python standard hashlib.new(). The hashes will # be tried in the order given, so put the preferred one first # for performance. The result of the first hash will be stored # in the cache. This will typically be set to multiple values # only while migrating from a less secure algorithm to a more # secure one. Once all the old tokens are expired this option # should be set to a single value for better performance. # (list value) #hash_algorithms=md5 # Prefix to prepend at the beginning of the path. Deprecated, # use identity_uri. (string value) #auth_admin_prefix= # Host providing the admin Identity API endpoint. Deprecated, # use identity_uri. (string value) #auth_host=127.0.0.1 # Port of the admin Identity API endpoint. Deprecated, use # identity_uri. (integer value) #auth_port=35357 # Protocol of the admin Identity API endpoint (http or https). # Deprecated, use identity_uri. (string value) #auth_protocol=https # Complete admin Identity API endpoint. This should specify # the unversioned root endpoint e.g. https://localhost:35357/ # (string value) identity_uri={{ keystone_service_internaluri }} # This option is deprecated and may be removed in a future # release. Single shared secret with the Keystone # configuration used for bootstrapping a Keystone # installation, or otherwise bypassing the normal # authentication process. This option should not be used, use # `admin_user` and `admin_password` instead. (string value) #admin_token= # Service username. (string value) admin_user={{ ironic_service_user_name }} # Service user password. (string value) admin_password={{ ironic_service_password }} # Service tenant name. (string value) admin_tenant_name={{ ironic_service_project_name }} [matchmaker_redis] # # Options defined in oslo.messaging # # Host to locate redis. (string value) #host=127.0.0.1 # Use this port to connect to redis host. (integer value) #port=6379 # Password for Redis server (optional). (string value) #password= [neutron] # # Options defined in ironic.dhcp.neutron # # URL for connecting to neutron. (string value) url={{ neutron_service_adminurl }} # Timeout value for connecting to neutron in seconds. (integer # value) #url_timeout=30 # Client retries in the case of a failed request. (integer # value) #retries=3 # Default authentication strategy to use when connecting to # neutron. Can be either "keystone" or "noauth". Running # neutron in noauth mode (related to but not affected by this # setting) is insecure and should only be used for testing. # (string value) auth_strategy={{ ironic_auth_strategy }} # UUID of the network to create Neutron ports on when booting # to a ramdisk for cleaning/zapping using Neutron DHCP (string # value) #cleaning_network_uuid= [oneview] # # Options defined in ironic.drivers.modules.oneview.common # # URL where OneView is available (string value) #manager_url= # OneView username to be used (string value) #username= # OneView password to be used (string value) #password= # Option to allow insecure connection with OneView (boolean # value) #allow_insecure_connections=false # Path to CA certificate (string value) #tls_cacert_file= # Max connection retries to check changes on OneView (integer # value) #max_polling_attempts=12 [oslo_concurrency] # # Options defined in oslo.concurrency # # Enables or disables inter-process locks. (boolean value) #disable_process_locking=false # Directory to use for lock files. For security, the # specified directory should only be writable by the user # running the processes that need locking. Defaults to # environment variable OSLO_LOCK_PATH. If external locks are # used, a lock path must be set. (string value) #lock_path= [oslo_messaging_amqp] # # Options defined in oslo.messaging # # address prefix used when sending to a specific server # (string value) #server_request_prefix=exclusive # address prefix used when broadcasting to all servers (string # value) #broadcast_prefix=broadcast # address prefix when sending to any server in group (string # value) #group_request_prefix=unicast # Name for the AMQP container (string value) #container_name= # Timeout for inactive connections (in seconds) (integer # value) #idle_timeout=0 # Debug: dump AMQP frames to stdout (boolean value) #trace=false # CA certificate PEM file to verify server certificate (string # value) #ssl_ca_file= # Identifying certificate PEM file to present to clients # (string value) #ssl_cert_file= # Private key PEM file used to sign cert_file certificate # (string value) #ssl_key_file= # Password for decrypting ssl_key_file (if encrypted) (string # value) #ssl_key_password= # Accept clients using either SSL or plain TCP (boolean value) #allow_insecure_clients=false # Space separated list of acceptable SASL mechanisms (string # value) #sasl_mechanisms= # Path to directory that contains the SASL configuration # (string value) #sasl_config_dir= # Name of configuration file (without .conf suffix) (string # value) #sasl_config_name= # User name for message broker authentication (string value) #username= # Password for message broker authentication (string value) #password= [oslo_messaging_qpid] # # Options defined in oslo.messaging # # Use durable queues in AMQP. (boolean value) # Deprecated group/name - [DEFAULT]/amqp_durable_queues # Deprecated group/name - [DEFAULT]/rabbit_durable_queues #amqp_durable_queues=false # Auto-delete queues in AMQP. (boolean value) #amqp_auto_delete=false # Send a single AMQP reply to call message. The current # behaviour since oslo-incubator is to send two AMQP replies - # first one with the payload, a second one to ensure the other # have finish to send the payload. We are going to remove it # in the N release, but we must keep backward compatible at # the same time. This option provides such compatibility - it # defaults to False in Liberty and can be turned on for early # adopters with a new installations or for testing. Please # note, that this option will be removed in the Mitaka # release. (boolean value) #send_single_reply=false # Qpid broker hostname. (string value) #qpid_hostname=localhost # Qpid broker port. (integer value) #qpid_port=5672 # Qpid HA cluster host:port pairs. (list value) #qpid_hosts=$qpid_hostname:$qpid_port # Username for Qpid connection. (string value) #qpid_username= # Password for Qpid connection. (string value) #qpid_password= # Space separated list of SASL mechanisms to use for auth. # (string value) #qpid_sasl_mechanisms= # Seconds between connection keepalive heartbeats. (integer # value) #qpid_heartbeat=60 # Transport to use, either 'tcp' or 'ssl'. (string value) #qpid_protocol=tcp # Whether to disable the Nagle algorithm. (boolean value) #qpid_tcp_nodelay=true # The number of prefetched messages held by receiver. (integer # value) #qpid_receiver_capacity=1 # The qpid topology version to use. Version 1 is what was # originally used by impl_qpid. Version 2 includes some # backwards-incompatible changes that allow broker federation # to work. Users should update to version 2 when they are # able to take everything down, as it requires a clean break. # (integer value) #qpid_topology_version=1 [oslo_messaging_rabbit] # # Options defined in oslo.messaging # # Use durable queues in AMQP. (boolean value) # Deprecated group/name - [DEFAULT]/amqp_durable_queues # Deprecated group/name - [DEFAULT]/rabbit_durable_queues #amqp_durable_queues=false # Auto-delete queues in AMQP. (boolean value) #amqp_auto_delete=false # Send a single AMQP reply to call message. The current # behaviour since oslo-incubator is to send two AMQP replies - # first one with the payload, a second one to ensure the other # have finish to send the payload. We are going to remove it # in the N release, but we must keep backward compatible at # the same time. This option provides such compatibility - it # defaults to False in Liberty and can be turned on for early # adopters with a new installations or for testing. Please # note, that this option will be removed in the Mitaka # release. (boolean value) #send_single_reply=false # SSL version to use (valid only if SSL enabled). Valid values # are TLSv1 and SSLv23. SSLv2, SSLv3, TLSv1_1, and TLSv1_2 may # be available on some distributions. (string value) #kombu_ssl_version= # SSL key file (valid only if SSL enabled). (string value) #kombu_ssl_keyfile= # SSL cert file (valid only if SSL enabled). (string value) #kombu_ssl_certfile= # SSL certification authority file (valid only if SSL # enabled). (string value) #kombu_ssl_ca_certs= # How long to wait before reconnecting in response to an AMQP # consumer cancel notification. (floating point value) #kombu_reconnect_delay=1.0 # How long to wait before considering a reconnect attempt to # have failed. This value should not be longer than # rpc_response_timeout. (integer value) #kombu_reconnect_timeout=60 # The RabbitMQ broker address where a single node is used. # (string value) #rabbit_host=localhost # The RabbitMQ broker port where a single node is used. # (integer value) rabbit_port={{ rabbitmq_port }} # RabbitMQ HA cluster host:port pairs. (list value) rabbit_hosts={{ rabbitmq_servers }} # Connect over SSL for RabbitMQ. (boolean value) rabbit_use_ssl={{ rabbitmq_use_ssl }} # The RabbitMQ userid. (string value) rabbit_userid={{ ironic_rabbitmq_userid }} # The RabbitMQ password. (string value) rabbit_password={{ ironic_rabbitmq_password }} # The RabbitMQ login method. (string value) #rabbit_login_method=AMQPLAIN # The RabbitMQ virtual host. (string value) rabbit_virtual_host={{ ironic_rabbitmq_vhost }} # How frequently to retry connecting with RabbitMQ. (integer # value) #rabbit_retry_interval=1 # How long to backoff for between retries when connecting to # RabbitMQ. (integer value) #rabbit_retry_backoff=2 # Maximum number of RabbitMQ connection retries. Default is 0 # (infinite retry count). (integer value) #rabbit_max_retries=0 # Use HA queues in RabbitMQ (x-ha-policy: all). If you change # this option, you must wipe the RabbitMQ database. (boolean # value) #rabbit_ha_queues=false # Number of seconds after which the Rabbit broker is # considered down if heartbeat's keep-alive fails (0 disable # the heartbeat). EXPERIMENTAL (integer value) #heartbeat_timeout_threshold=60 # How often times during the heartbeat_timeout_threshold we # check the heartbeat. (integer value) #heartbeat_rate=2 # Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake # (boolean value) #fake_rabbit=false [oslo_policy] # # Options defined in oslo.policy # # The JSON file that defines policies. (string value) #policy_file=policy.json # Default rule. Enforced when a requested rule is not found. # (string value) #policy_default_rule=default # Directories where policy configuration files are stored. # They can be relative to any directory in the search path # defined by the config_dir option, or absolute paths. The # file defined by policy_file must exist for these directories # to be searched. Missing or empty directories are ignored. # (multi valued) #policy_dirs=policy.d [pxe] # # Options defined in ironic.drivers.modules.iscsi_deploy # # Additional append parameters for baremetal PXE boot. (string # value) #pxe_append_params=nofb nomodeset vga=normal # Default file system format for ephemeral partition, if one # is created. (string value) #default_ephemeral_format=ext4 # On the ironic-conductor node, directory where images are # stored on disk. (string value) #images_path=/var/lib/ironic/images/ # On the ironic-conductor node, directory where master # instance images are stored on disk. (string value) #instance_master_path=/var/lib/ironic/master_images # Maximum size (in MiB) of cache for master images, including # those in use. (integer value) #image_cache_size=20480 # Maximum TTL (in minutes) for old master images in cache. # (integer value) #image_cache_ttl=10080 # The disk devices to scan while doing the deploy. (string # value) #disk_devices=cciss/c0d0,sda,hda,vda # # Options defined in ironic.drivers.modules.pxe # # On ironic-conductor node, template file for PXE # configuration. (string value) #pxe_config_template=$pybasedir/drivers/modules/pxe_config.template # On ironic-conductor node, template file for PXE # configuration for UEFI boot loader. (string value) #uefi_pxe_config_template=$pybasedir/drivers/modules/elilo_efi_pxe_config.template # IP address of ironic-conductor node's TFTP server. (string # value) #tftp_server=$my_ip # ironic-conductor node's TFTP root path. The ironic-conductor # must have read/write access to this path. (string value) #tftp_root=/tftpboot # On ironic-conductor node, directory where master TFTP images # are stored on disk. (string value) #tftp_master_path=/tftpboot/master_images # Bootfile DHCP parameter. (string value) #pxe_bootfile_name=pxelinux.0 # Bootfile DHCP parameter for UEFI boot mode. (string value) #uefi_pxe_bootfile_name=elilo.efi # Enable iPXE boot. (boolean value) #ipxe_enabled=false # On ironic-conductor node, the path to the main iPXE script # file. (string value) #ipxe_boot_script=$pybasedir/drivers/modules/boot.ipxe # The IP version that will be used for PXE booting. Can be # either 4 or 6. Defaults to 4. EXPERIMENTAL (string value) #ip_version=4 [seamicro] # # Options defined in ironic.drivers.modules.seamicro # # Maximum retries for SeaMicro operations (integer value) #max_retry=3 # Seconds to wait for power action to be completed (integer # value) #action_timeout=10 [snmp] # # Options defined in ironic.drivers.modules.snmp # # Seconds to wait for power action to be completed (integer # value) #power_timeout=10 # Time (in seconds) to sleep between when rebooting (powering # off and on again) (integer value) #reboot_delay=0 [ssh] # # Options defined in ironic.drivers.modules.ssh # # libvirt URI. (string value) #libvirt_uri=qemu:///system # Number of attempts to try to get VM name used by the host # that corresponds to a node's MAC address. (integer value) #get_vm_name_attempts=3 # Number of seconds to wait between attempts to get VM name # used by the host that corresponds to a node's MAC address. # (integer value) #get_vm_name_retry_interval=3 [swift] # # Options defined in ironic.common.swift # # Maximum number of times to retry a Swift request, before # failing. (integer value) #swift_max_retries=2 [virtualbox] # # Options defined in ironic.drivers.modules.virtualbox # # Port on which VirtualBox web service is listening. (integer # value) #port=18083