Unification of manpages and conf-samples (default values, etc)
Change-Id: I47a3127ef698b4bd1537b1562901ee9c2b5924d4
This commit is contained in:
parent
0db4fa0a21
commit
28c4b7310f
@ -57,6 +57,8 @@ IP address the account server should bind to. The default is 0.0.0.0 which will
|
|||||||
it bind to all available addresses.
|
it bind to all available addresses.
|
||||||
.IP "\fBbind_port\fR"
|
.IP "\fBbind_port\fR"
|
||||||
TCP port the account server should bind to. The default is 6002.
|
TCP port the account server should bind to. The default is 6002.
|
||||||
|
.IP "\fBbind_timeout\fR"
|
||||||
|
Timeout to bind socket. The default is 30.
|
||||||
.IP \fBbacklog\fR
|
.IP \fBbacklog\fR
|
||||||
TCP backlog. Maximum number of allowed pending connections. The default value is 4096.
|
TCP backlog. Maximum number of allowed pending connections. The default value is 4096.
|
||||||
.IP \fBworkers\fR
|
.IP \fBworkers\fR
|
||||||
@ -79,12 +81,46 @@ Parent directory or where devices are mounted. Default is /srv/node.
|
|||||||
.IP \fBmount_check\fR
|
.IP \fBmount_check\fR
|
||||||
Whether or not check if the devices are mounted to prevent accidentally writing to
|
Whether or not check if the devices are mounted to prevent accidentally writing to
|
||||||
the root device. The default is set to true.
|
the root device. The default is set to true.
|
||||||
|
.IP \fBdisable_fallocate\fR
|
||||||
|
Disable pre-allocate disk space for a file. The default is false.
|
||||||
.IP \fBlog_name\fR
|
.IP \fBlog_name\fR
|
||||||
Label used when logging. The default is swift.
|
Label used when logging. The default is swift.
|
||||||
.IP \fBlog_facility\fR
|
.IP \fBlog_facility\fR
|
||||||
Syslog log facility. The default is LOG_LOCAL0.
|
Syslog log facility. The default is LOG_LOCAL0.
|
||||||
.IP \fBlog_level\fR
|
.IP \fBlog_level\fR
|
||||||
Logging level. The default is INFO.
|
Logging level. The default is INFO.
|
||||||
|
.IP "\fBlog_address\fR
|
||||||
|
Logging address. The default is /dev/log.
|
||||||
|
.IP \fBlog_max_line_length\fR
|
||||||
|
The following caps the length of log lines to the value given; no limit if
|
||||||
|
set to 0, the default.
|
||||||
|
.IP \fBlog_custom_handlers\fR
|
||||||
|
Comma separated list of functions to call to setup custom log handlers.
|
||||||
|
functions get passed: conf, name, log_to_console, log_route, fmt, logger,
|
||||||
|
adapted_logger. The default is empty.
|
||||||
|
.IP \fBlog_udp_host\fR
|
||||||
|
If set, log_udp_host will override log_address.
|
||||||
|
.IP "\fBlog_udp_port\fR
|
||||||
|
UDP log port, the default is 514.
|
||||||
|
.IP \fBlog_statsd_host\fR = localhost
|
||||||
|
log_statsd_* enable StatsD logging.
|
||||||
|
.IP \fBlog_statsd_port\fR
|
||||||
|
The default is 8125.
|
||||||
|
.IP \fBlog_statsd_default_sample_rate\fR
|
||||||
|
The default is 1.
|
||||||
|
.IP \fBlog_statsd_sample_rate_factor\fR
|
||||||
|
The default is 1.
|
||||||
|
.IP \fBlog_statsd_metric_prefix\fR
|
||||||
|
The default is empty.
|
||||||
|
.IP \fBdb_preallocation\fR
|
||||||
|
If you don't mind the extra disk space usage in overhead, you can turn this
|
||||||
|
on to preallocate disk space with SQLite databases to decrease fragmentation.
|
||||||
|
The default is false.
|
||||||
|
.IP \fBeventlet_debug\fR
|
||||||
|
Debug mode for eventlet library. The default is false.
|
||||||
|
.IP \fBfallocate_reserve\fR
|
||||||
|
You can set fallocate_reserve to the number of bytes you'd like fallocate to
|
||||||
|
reserve, whether there is space for the given file size or not. The default is 0.
|
||||||
.RE
|
.RE
|
||||||
.PD
|
.PD
|
||||||
|
|
||||||
@ -117,12 +153,21 @@ This is normally \fBegg:swift#account\fR.
|
|||||||
Label used when logging. The default is account-server.
|
Label used when logging. The default is account-server.
|
||||||
.IP "\fBset log_facility\fR
|
.IP "\fBset log_facility\fR
|
||||||
Syslog log facility. The default is LOG_LOCAL0.
|
Syslog log facility. The default is LOG_LOCAL0.
|
||||||
.IP "\fB set log_level\fR
|
.IP "\fBset log_level\fR
|
||||||
Logging level. The default is INFO.
|
Logging level. The default is INFO.
|
||||||
.IP "\fB set log_requests\fR
|
.IP "\fBset log_requests\fR
|
||||||
Enables request logging. The default is True.
|
Enables request logging. The default is True.
|
||||||
.IP "\fB set log_address\fR
|
.IP "\fBset log_address\fR
|
||||||
Logging address. The default is /dev/log.
|
Logging address. The default is /dev/log.
|
||||||
|
.IP "\fBauto_create_account_prefix\fR
|
||||||
|
The default is ".".
|
||||||
|
.IP "\fBreplication_server\fR
|
||||||
|
Configure parameter for creating specific server.
|
||||||
|
To handle all verbs, including replication verbs, do not specify
|
||||||
|
"replication_server" (this is the default). To only handle replication,
|
||||||
|
set to a true value (e.g. "true" or "1"). To handle only non-replication
|
||||||
|
verbs, set to "false". Unless you have a separate replication network, you
|
||||||
|
should not specify any value for "replication_server". The default is empty.
|
||||||
.RE
|
.RE
|
||||||
.PD
|
.PD
|
||||||
|
|
||||||
@ -158,6 +203,36 @@ and ensure that swift has read/write. The default is /var/cache/swift.
|
|||||||
.RE
|
.RE
|
||||||
.PD
|
.PD
|
||||||
|
|
||||||
|
.RS 0
|
||||||
|
.IP "\fB[filter:xprofile]\fR"
|
||||||
|
.RS 3
|
||||||
|
.IP "\fBuse\fR"
|
||||||
|
Entry point for paste.deploy for the xprofile middleware. This is the reference to the installed python egg.
|
||||||
|
This is normally \fBegg:swift#xprofile\fR.
|
||||||
|
.IP "\fBprofile_module\fR"
|
||||||
|
This option enable you to switch profilers which should inherit from python
|
||||||
|
standard profiler. Currently the supported value can be 'cProfile', 'eventlet.green.profile' etc.
|
||||||
|
.IP "\fBlog_filename_prefix\fR"
|
||||||
|
This prefix will be used to combine process ID and timestamp to name the
|
||||||
|
profile data file. Make sure the executing user has permission to write
|
||||||
|
into this path (missing path segments will be created, if necessary).
|
||||||
|
If you enable profiling in more than one type of daemon, you must override
|
||||||
|
it with an unique value like, the default is /var/log/swift/profile/account.profile.
|
||||||
|
.IP "\fBdump_interval\fR"
|
||||||
|
The profile data will be dumped to local disk based on above naming rule
|
||||||
|
in this interval. The default is 5.0.
|
||||||
|
.IP "\fBdump_timestamp\fR"
|
||||||
|
Be careful, this option will enable profiler to dump data into the file with
|
||||||
|
time stamp which means there will be lots of files piled up in the directory.
|
||||||
|
The default is false
|
||||||
|
.IP "\fBpath\fR"
|
||||||
|
This is the path of the URL to access the mini web UI. The default is __profile__.
|
||||||
|
.IP "\fBflush_at_shutdown\fR"
|
||||||
|
Clear the data when the wsgi server shutdown. The default is false.
|
||||||
|
.IP "\fBunwind\fR"
|
||||||
|
Unwind the iterator of applications. Default is false.
|
||||||
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
.SH ADDITIONAL SECTIONS
|
.SH ADDITIONAL SECTIONS
|
||||||
@ -193,6 +268,15 @@ Connection timeout to external services. The default is 0.5 seconds.
|
|||||||
.IP \fBreclaim_age\fR
|
.IP \fBreclaim_age\fR
|
||||||
Time elapsed in seconds before an account can be reclaimed. The default is
|
Time elapsed in seconds before an account can be reclaimed. The default is
|
||||||
604800 seconds.
|
604800 seconds.
|
||||||
|
.IP \fBrsync_compress\fR
|
||||||
|
Allow rsync to compress data which is transmitted to destination node
|
||||||
|
during sync. However, this is applicable only when destination node is in
|
||||||
|
a different region than the local one. The default is false.
|
||||||
|
.IP \fBrsync_module\fR
|
||||||
|
Format of the rysnc module where the replicator will send data. See
|
||||||
|
etc/rsyncd.conf-sample for some usage examples.
|
||||||
|
.IP \fBrecon_cache_path\fR
|
||||||
|
Path to recon cache directory. The default is /var/cache/swift.
|
||||||
.RE
|
.RE
|
||||||
|
|
||||||
|
|
||||||
@ -213,6 +297,8 @@ Logging address. The default is /dev/log.
|
|||||||
Will audit, at most, 1 account per device per interval. The default is 1800 seconds.
|
Will audit, at most, 1 account per device per interval. The default is 1800 seconds.
|
||||||
.IP \fBaccounts_per_second\fR
|
.IP \fBaccounts_per_second\fR
|
||||||
Maximum accounts audited per second. Should be tuned according to individual system specs. 0 is unlimited. The default is 200.
|
Maximum accounts audited per second. Should be tuned according to individual system specs. 0 is unlimited. The default is 200.
|
||||||
|
.IP \fBrecon_cache_path\fR
|
||||||
|
Path to recon cache directory. The default is /var/cache/swift.
|
||||||
.RE
|
.RE
|
||||||
|
|
||||||
|
|
||||||
@ -237,6 +323,18 @@ Minimum time for a pass to take. The default is 3600 seconds.
|
|||||||
Request timeout to external services. The default is 10 seconds.
|
Request timeout to external services. The default is 10 seconds.
|
||||||
.IP \fBconn_timeout\fR
|
.IP \fBconn_timeout\fR
|
||||||
Connection timeout to external services. The default is 0.5 seconds.
|
Connection timeout to external services. The default is 0.5 seconds.
|
||||||
|
.IP \fBdelay_reaping\fR
|
||||||
|
Normally, the reaper begins deleting account information for deleted accounts
|
||||||
|
immediately; you can set this to delay its work however. The value is in
|
||||||
|
seconds. The default is 0.
|
||||||
|
.IP \fBreap_warn_after\fR
|
||||||
|
If the account fails to be be reaped due to a persistent error, the
|
||||||
|
account reaper will log a message such as:
|
||||||
|
Account <name> has not been reaped since <date>
|
||||||
|
You can search logs for this message if space is not being reclaimed
|
||||||
|
after you delete account(s).
|
||||||
|
Default is 2592000 seconds (30 days). This is in addition to any time
|
||||||
|
requested by delay_reaping.
|
||||||
.RE
|
.RE
|
||||||
.PD
|
.PD
|
||||||
|
|
||||||
|
@ -57,6 +57,8 @@ IP address the container server should bind to. The default is 0.0.0.0 which wil
|
|||||||
it bind to all available addresses.
|
it bind to all available addresses.
|
||||||
.IP "\fBbind_port\fR"
|
.IP "\fBbind_port\fR"
|
||||||
TCP port the container server should bind to. The default is 6001.
|
TCP port the container server should bind to. The default is 6001.
|
||||||
|
.IP "\fBbind_timeout\fR"
|
||||||
|
Timeout to bind socket. The default is 30.
|
||||||
.IP \fBbacklog\fR
|
.IP \fBbacklog\fR
|
||||||
TCP backlog. Maximum number of allowed pending connections. The default value is 4096.
|
TCP backlog. Maximum number of allowed pending connections. The default value is 4096.
|
||||||
.IP \fBworkers\fR
|
.IP \fBworkers\fR
|
||||||
@ -70,6 +72,12 @@ concurrent requests.
|
|||||||
Maximum number of clients one worker can process simultaneously (it will
|
Maximum number of clients one worker can process simultaneously (it will
|
||||||
actually accept(2) N + 1). Setting this to one (1) will only handle one request
|
actually accept(2) N + 1). Setting this to one (1) will only handle one request
|
||||||
at a time, without accepting another request concurrently. The default is 1024.
|
at a time, without accepting another request concurrently. The default is 1024.
|
||||||
|
.IP \fBallowed_sync_hosts\fR
|
||||||
|
This is a comma separated list of hosts allowed in the X-Container-Sync-To
|
||||||
|
field for containers. This is the old-style of using container sync. It is
|
||||||
|
strongly recommended to use the new style of a separate
|
||||||
|
container-sync-realms.conf -- see container-sync-realms.conf-sample
|
||||||
|
allowed_sync_hosts = 127.0.0.1
|
||||||
.IP \fBuser\fR
|
.IP \fBuser\fR
|
||||||
The system user that the container server will run as. The default is swift.
|
The system user that the container server will run as. The default is swift.
|
||||||
.IP \fBswift_dir\fR
|
.IP \fBswift_dir\fR
|
||||||
@ -79,6 +87,8 @@ Parent directory or where devices are mounted. Default is /srv/node.
|
|||||||
.IP \fBmount_check\fR
|
.IP \fBmount_check\fR
|
||||||
Whether or not check if the devices are mounted to prevent accidentally writing to
|
Whether or not check if the devices are mounted to prevent accidentally writing to
|
||||||
the root device. The default is set to true.
|
the root device. The default is set to true.
|
||||||
|
.IP \fBdisable_fallocate\fR
|
||||||
|
Disable pre-allocate disk space for a file. The default is false.
|
||||||
.IP \fBlog_name\fR
|
.IP \fBlog_name\fR
|
||||||
Label used when logging. The default is swift.
|
Label used when logging. The default is swift.
|
||||||
.IP \fBlog_facility\fR
|
.IP \fBlog_facility\fR
|
||||||
@ -87,6 +97,36 @@ Syslog log facility. The default is LOG_LOCAL0.
|
|||||||
Logging level. The default is INFO.
|
Logging level. The default is INFO.
|
||||||
.IP \fBlog_address\fR
|
.IP \fBlog_address\fR
|
||||||
Logging address. The default is /dev/log.
|
Logging address. The default is /dev/log.
|
||||||
|
.IP \fBlog_max_line_length\fR
|
||||||
|
The following caps the length of log lines to the value given; no limit if
|
||||||
|
set to 0, the default.
|
||||||
|
.IP \fBlog_custom_handlers\fR
|
||||||
|
Comma separated list of functions to call to setup custom log handlers.
|
||||||
|
functions get passed: conf, name, log_to_console, log_route, fmt, logger,
|
||||||
|
adapted_logger. The default is empty.
|
||||||
|
.IP \fBlog_udp_host\fR
|
||||||
|
If set, log_udp_host will override log_address.
|
||||||
|
.IP "\fBlog_udp_port\fR
|
||||||
|
UDP log port, the default is 514.
|
||||||
|
.IP \fBlog_statsd_host\fR = localhost
|
||||||
|
log_statsd_* enable StatsD logging.
|
||||||
|
.IP \fBlog_statsd_port\fR
|
||||||
|
The default is 8125.
|
||||||
|
.IP \fBlog_statsd_default_sample_rate\fR
|
||||||
|
The default is 1.
|
||||||
|
.IP \fBlog_statsd_sample_rate_factor\fR
|
||||||
|
The default is 1.
|
||||||
|
.IP \fBlog_statsd_metric_prefix\fR
|
||||||
|
The default is empty.
|
||||||
|
.IP \fBdb_preallocation\fR
|
||||||
|
If you don't mind the extra disk space usage in overhead, you can turn this
|
||||||
|
on to preallocate disk space with SQLite databases to decrease fragmentation.
|
||||||
|
The default is false.
|
||||||
|
.IP \fBeventlet_debug\fR
|
||||||
|
Debug mode for eventlet library. The default is false.
|
||||||
|
.IP \fBfallocate_reserve\fR
|
||||||
|
You can set fallocate_reserve to the number of bytes you'd like fallocate to
|
||||||
|
reserve, whether there is space for the given file size or not. The default is 0.
|
||||||
.RE
|
.RE
|
||||||
.PD
|
.PD
|
||||||
|
|
||||||
@ -129,6 +169,17 @@ Logging address. The default is /dev/log.
|
|||||||
Request timeout to external services. The default is 3 seconds.
|
Request timeout to external services. The default is 3 seconds.
|
||||||
.IP \fBconn_timeout\fR
|
.IP \fBconn_timeout\fR
|
||||||
Connection timeout to external services. The default is 0.5 seconds.
|
Connection timeout to external services. The default is 0.5 seconds.
|
||||||
|
.IP \fBallow_versions\fR
|
||||||
|
The default is false.
|
||||||
|
.IP \fBauto_create_account_prefix\fR
|
||||||
|
The default is '.'.
|
||||||
|
.IP \fBreplication_server\fR
|
||||||
|
Configure parameter for creating specific server.
|
||||||
|
To handle all verbs, including replication verbs, do not specify
|
||||||
|
"replication_server" (this is the default). To only handle replication,
|
||||||
|
set to a True value (e.g. "True" or "1"). To handle only non-replication
|
||||||
|
verbs, set to "False". Unless you have a separate replication network, you
|
||||||
|
should not specify any value for "replication_server".
|
||||||
.RE
|
.RE
|
||||||
.PD
|
.PD
|
||||||
|
|
||||||
@ -164,6 +215,36 @@ and ensure that swift has read/write. The default is /var/cache/swift.
|
|||||||
.RE
|
.RE
|
||||||
.PD
|
.PD
|
||||||
|
|
||||||
|
.RS 0
|
||||||
|
.IP "\fB[filter:xprofile]\fR"
|
||||||
|
.RS 3
|
||||||
|
.IP "\fBuse\fR"
|
||||||
|
Entry point for paste.deploy for the xprofile middleware. This is the reference to the installed python egg.
|
||||||
|
This is normally \fBegg:swift#xprofile\fR.
|
||||||
|
.IP "\fBprofile_module\fR"
|
||||||
|
This option enable you to switch profilers which should inherit from python
|
||||||
|
standard profiler. Currently the supported value can be 'cProfile', 'eventlet.green.profile' etc.
|
||||||
|
.IP "\fBlog_filename_prefix\fR"
|
||||||
|
This prefix will be used to combine process ID and timestamp to name the
|
||||||
|
profile data file. Make sure the executing user has permission to write
|
||||||
|
into this path (missing path segments will be created, if necessary).
|
||||||
|
If you enable profiling in more than one type of daemon, you must override
|
||||||
|
it with an unique value like, the default is /var/log/swift/profile/account.profile.
|
||||||
|
.IP "\fBdump_interval\fR"
|
||||||
|
The profile data will be dumped to local disk based on above naming rule
|
||||||
|
in this interval. The default is 5.0.
|
||||||
|
.IP "\fBdump_timestamp\fR"
|
||||||
|
Be careful, this option will enable profiler to dump data into the file with
|
||||||
|
time stamp which means there will be lots of files piled up in the directory.
|
||||||
|
The default is false
|
||||||
|
.IP "\fBpath\fR"
|
||||||
|
This is the path of the URL to access the mini web UI. The default is __profile__.
|
||||||
|
.IP "\fBflush_at_shutdown\fR"
|
||||||
|
Clear the data when the wsgi server shutdown. The default is false.
|
||||||
|
.IP "\fBunwind\fR"
|
||||||
|
Unwind the iterator of applications. Default is false.
|
||||||
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
.SH ADDITIONAL SECTIONS
|
.SH ADDITIONAL SECTIONS
|
||||||
@ -182,7 +263,7 @@ Syslog log facility. The default is LOG_LOCAL0.
|
|||||||
Logging level. The default is INFO.
|
Logging level. The default is INFO.
|
||||||
.IP \fBlog_address\fR
|
.IP \fBlog_address\fR
|
||||||
Logging address. The default is /dev/log.
|
Logging address. The default is /dev/log.
|
||||||
.IP \fBer_diff\fR
|
.IP \fBper_diff\fR
|
||||||
Maximum number of database rows that will be sync'd in a single HTTP replication request. The default is 1000.
|
Maximum number of database rows that will be sync'd in a single HTTP replication request. The default is 1000.
|
||||||
.IP \fBmax_diffs\fR
|
.IP \fBmax_diffs\fR
|
||||||
This caps how long the replicator will spend trying to sync a given database per pass so the other databases don't get starved. The default is 100.
|
This caps how long the replicator will spend trying to sync a given database per pass so the other databases don't get starved. The default is 100.
|
||||||
@ -199,6 +280,15 @@ Connection timeout to external services. The default is 0.5 seconds.
|
|||||||
.IP \fBreclaim_age\fR
|
.IP \fBreclaim_age\fR
|
||||||
Time elapsed in seconds before an container can be reclaimed. The default is
|
Time elapsed in seconds before an container can be reclaimed. The default is
|
||||||
604800 seconds.
|
604800 seconds.
|
||||||
|
.IP \fBrsync_compress\fR
|
||||||
|
Allow rsync to compress data which is transmitted to destination node
|
||||||
|
during sync. However, this is applicable only when destination node is in
|
||||||
|
a different region than the local one. The default is false.
|
||||||
|
.IP \fBrsync_module\fR
|
||||||
|
Format of the rysnc module where the replicator will send data. See
|
||||||
|
etc/rsyncd.conf-sample for some usage examples.
|
||||||
|
.IP \fBrecon_cache_path\fR
|
||||||
|
Path to recon cache directory. The default is /var/cache/swift.
|
||||||
.RE
|
.RE
|
||||||
|
|
||||||
|
|
||||||
@ -226,6 +316,8 @@ Connection timeout to external services. The default is 0.5 seconds.
|
|||||||
Slowdown will sleep that amount between containers. The default is 0.01 seconds.
|
Slowdown will sleep that amount between containers. The default is 0.01 seconds.
|
||||||
.IP \fBaccount_suppression_time\fR
|
.IP \fBaccount_suppression_time\fR
|
||||||
Seconds to suppress updating an account that has generated an error. The default is 60 seconds.
|
Seconds to suppress updating an account that has generated an error. The default is 60 seconds.
|
||||||
|
.IP \fBrecon_cache_path\fR
|
||||||
|
Path to recon cache directory. The default is /var/cache/swift.
|
||||||
.RE
|
.RE
|
||||||
.PD
|
.PD
|
||||||
|
|
||||||
@ -246,6 +338,8 @@ Logging address. The default is /dev/log.
|
|||||||
Will audit, at most, 1 container per device per interval. The default is 1800 seconds.
|
Will audit, at most, 1 container per device per interval. The default is 1800 seconds.
|
||||||
.IP \fBcontainers_per_second\fR
|
.IP \fBcontainers_per_second\fR
|
||||||
Maximum containers audited per second. Should be tuned according to individual system specs. 0 is unlimited. The default is 200.
|
Maximum containers audited per second. Should be tuned according to individual system specs. 0 is unlimited. The default is 200.
|
||||||
|
.IP \fBrecon_cache_path\fR
|
||||||
|
Path to recon cache directory. The default is /var/cache/swift.
|
||||||
.RE
|
.RE
|
||||||
|
|
||||||
|
|
||||||
@ -268,8 +362,10 @@ If you need to use an HTTP Proxy, set it here; defaults to no proxy.
|
|||||||
Will audit, at most, each container once per interval. The default is 300 seconds.
|
Will audit, at most, each container once per interval. The default is 300 seconds.
|
||||||
.IP \fBcontainer_time\fR
|
.IP \fBcontainer_time\fR
|
||||||
Maximum amount of time to spend syncing each container per pass. The default is 60 seconds.
|
Maximum amount of time to spend syncing each container per pass. The default is 60 seconds.
|
||||||
.IP \fBrequest_retries\fR
|
.IP \fBconn_timeout\fR
|
||||||
Server errors from requests will be retried by default.
|
Connection timeout to external services. The default is 5 seconds.
|
||||||
|
.IP \fBrequest_tries\fR
|
||||||
|
Server errors from requests will be retried by default. The default is 3.
|
||||||
.IP \fBinternal_client_conf_path\fR
|
.IP \fBinternal_client_conf_path\fR
|
||||||
Internal client config file path.
|
Internal client config file path.
|
||||||
.RE
|
.RE
|
||||||
|
@ -50,14 +50,22 @@ Project name in case of keystone auth version 3
|
|||||||
Project domain name in case of keystone auth version 3
|
Project domain name in case of keystone auth version 3
|
||||||
.IP "\fBuser_domain_name\fR"
|
.IP "\fBuser_domain_name\fR"
|
||||||
User domain name in case of keystone auth version 3
|
User domain name in case of keystone auth version 3
|
||||||
|
.IP "\fBendpoint_type\fR"
|
||||||
|
The default is 'publicURL'.
|
||||||
|
.IP "\fBkeystone_api_insecure\fR"
|
||||||
|
The default is false.
|
||||||
.IP "\fBswift_dir\fR"
|
.IP "\fBswift_dir\fR"
|
||||||
Location of openstack-swift configuration and ring files
|
Location of openstack-swift configuration and ring files
|
||||||
.IP "\fBdispersion_coverage\fR"
|
.IP "\fBdispersion_coverage\fR"
|
||||||
Percentage of partition coverage to use. The default is 1.0.
|
Percentage of partition coverage to use. The default is 1.0.
|
||||||
.IP "\fBretries\fR"
|
.IP "\fBretries\fR"
|
||||||
Maximum number of attempts
|
Maximum number of attempts. The defaul is 5.
|
||||||
.IP "\fBconcurrency\fR"
|
.IP "\fBconcurrency\fR"
|
||||||
Concurrency to use. The default is 25.
|
Concurrency to use. The default is 25.
|
||||||
|
.IP "\fBcontainer_populate\fR"
|
||||||
|
The default is true.
|
||||||
|
.IP "\fBobject_populate\fR"
|
||||||
|
The default is true.
|
||||||
.IP "\fBdump_json\fR"
|
.IP "\fBdump_json\fR"
|
||||||
Whether to output in json format. The default is no.
|
Whether to output in json format. The default is no.
|
||||||
.IP "\fBcontainer_report\fR"
|
.IP "\fBcontainer_report\fR"
|
||||||
|
@ -65,6 +65,27 @@ Syslog log facility. The default is LOG_LOCAL0.
|
|||||||
Logging level. The default is INFO.
|
Logging level. The default is INFO.
|
||||||
.IP \fBlog_address\fR
|
.IP \fBlog_address\fR
|
||||||
Logging address. The default is /dev/log.
|
Logging address. The default is /dev/log.
|
||||||
|
.IP \fBlog_max_line_length\fR
|
||||||
|
The following caps the length of log lines to the value given; no limit if
|
||||||
|
set to 0, the default.
|
||||||
|
.IP \fBlog_custom_handlers\fR
|
||||||
|
Comma separated list of functions to call to setup custom log handlers.
|
||||||
|
functions get passed: conf, name, log_to_console, log_route, fmt, logger,
|
||||||
|
adapted_logger. The default is empty.
|
||||||
|
.IP \fBlog_udp_host\fR
|
||||||
|
If set, log_udp_host will override log_address.
|
||||||
|
.IP "\fBlog_udp_port\fR
|
||||||
|
UDP log port, the default is 514.
|
||||||
|
.IP \fBlog_statsd_host\fR = localhost
|
||||||
|
log_statsd_* enable StatsD logging.
|
||||||
|
.IP \fBlog_statsd_port\fR
|
||||||
|
The default is 8125.
|
||||||
|
.IP \fBlog_statsd_default_sample_rate\fR
|
||||||
|
The default is 1.
|
||||||
|
.IP \fBlog_statsd_sample_rate_factor\fR
|
||||||
|
The default is 1.
|
||||||
|
.IP \fBlog_statsd_metric_prefix\fR
|
||||||
|
The default is empty.
|
||||||
.RE
|
.RE
|
||||||
.PD
|
.PD
|
||||||
|
|
||||||
@ -126,9 +147,59 @@ Entry point for paste.deploy for the catch_errors middleware. This is the refere
|
|||||||
The default is \fBegg:swift#catch_errors\fR. See proxy-server.conf-sample for options or See proxy-server.conf manpage.
|
The default is \fBegg:swift#catch_errors\fR. See proxy-server.conf-sample for options or See proxy-server.conf manpage.
|
||||||
.RE
|
.RE
|
||||||
|
|
||||||
|
.RS 0
|
||||||
|
.IP "\fB[filter:proxy-logging]\fR"
|
||||||
|
.RE
|
||||||
|
|
||||||
|
Logging for the proxy server now lives in this middleware.
|
||||||
|
If the access_* variables are not set, logging directives from [DEFAULT]
|
||||||
|
without "access_" will be used.
|
||||||
|
|
||||||
|
.RS 3
|
||||||
|
.IP \fBuse\fR
|
||||||
|
Entry point for paste.deploy for the proxy_logging middleware. This is the reference to the installed python egg.
|
||||||
|
This is normally \fBegg:swift#proxy_logging\fR. See proxy-server.conf-sample for options or See proxy-server.conf manpage.
|
||||||
|
.RE
|
||||||
|
|
||||||
.PD
|
.PD
|
||||||
|
|
||||||
|
|
||||||
|
.SH ADDITIONAL SECTIONS
|
||||||
|
.PD 1
|
||||||
|
.RS 0
|
||||||
|
The following sections are used by other swift-account services, such as replicator,
|
||||||
|
auditor and reaper.
|
||||||
|
.IP "\fB[account-replicator]\fR"
|
||||||
|
.RE
|
||||||
|
.RS 3
|
||||||
|
.IP \fBinterval\fR
|
||||||
|
Replaces run_pause with the more standard "interval", which means the replicator won't pause unless it takes less than the interval set. The default is 300.
|
||||||
|
.IP "\fBauto_create_account_prefix\fR
|
||||||
|
The default is ".".
|
||||||
|
.IP \fBexpiring_objects_account_name\fR
|
||||||
|
The default is 'expiring_objects'.
|
||||||
|
.IP \fBreport_interval\fR
|
||||||
|
The default is 300 seconds.
|
||||||
|
.IP \fBconcurrency\fR
|
||||||
|
Number of replication workers to spawn. The default is 1.
|
||||||
|
.IP \fBprocesses\fR
|
||||||
|
Processes is how many parts to divide the work into, one part per process that will be doing the work.
|
||||||
|
Processes set 0 means that a single process will be doing all the work.
|
||||||
|
Processes can also be specified on the command line and will override the config value.
|
||||||
|
The default is 0.
|
||||||
|
.IP \fBprocess\fR
|
||||||
|
Process is which of the parts a particular process will work on process can also be specified
|
||||||
|
on the command line and will override the config value process is "zero based", if you want
|
||||||
|
to use 3 processes, you should run processes with process set to 0, 1, and 2. The default is 0.
|
||||||
|
.IP \fBreclaim_age\fR
|
||||||
|
The expirer will re-attempt expiring if the source object is not available
|
||||||
|
up to reclaim_age seconds before it gives up and deletes the entry in the
|
||||||
|
queue. The default is 604800 seconds.
|
||||||
|
.IP \fBrecon_cache_path\fR
|
||||||
|
Path to recon cache directory. The default is /var/cache/swift.
|
||||||
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
.SH DOCUMENTATION
|
.SH DOCUMENTATION
|
||||||
.LP
|
.LP
|
||||||
|
@ -33,7 +33,7 @@
|
|||||||
.SH DESCRIPTION
|
.SH DESCRIPTION
|
||||||
.PP
|
.PP
|
||||||
This is the configuration file used by the object server and other object
|
This is the configuration file used by the object server and other object
|
||||||
background services, such as; replicator, updater and auditor.
|
background services, such as; replicator, reconstructor, updater and auditor.
|
||||||
|
|
||||||
The configuration file follows the python-pastedeploy syntax. The file is divided
|
The configuration file follows the python-pastedeploy syntax. The file is divided
|
||||||
into sections, which are enclosed by square brackets. Each section will contain a
|
into sections, which are enclosed by square brackets. Each section will contain a
|
||||||
@ -57,6 +57,8 @@ IP address the object server should bind to. The default is 0.0.0.0 which will m
|
|||||||
it bind to all available addresses.
|
it bind to all available addresses.
|
||||||
.IP "\fBbind_port\fR"
|
.IP "\fBbind_port\fR"
|
||||||
TCP port the object server should bind to. The default is 6000.
|
TCP port the object server should bind to. The default is 6000.
|
||||||
|
.IP "\fBbind_timeout\fR"
|
||||||
|
Timeout to bind socket. The default is 30.
|
||||||
.IP \fBbacklog\fR
|
.IP \fBbacklog\fR
|
||||||
TCP backlog. Maximum number of allowed pending connections. The default value is 4096.
|
TCP backlog. Maximum number of allowed pending connections. The default value is 4096.
|
||||||
.IP \fBworkers\fR
|
.IP \fBworkers\fR
|
||||||
@ -79,6 +81,17 @@ Parent directory or where devices are mounted. Default is /srv/node.
|
|||||||
.IP \fBmount_check\fR
|
.IP \fBmount_check\fR
|
||||||
Whether or not check if the devices are mounted to prevent accidentally writing to
|
Whether or not check if the devices are mounted to prevent accidentally writing to
|
||||||
the root device. The default is set to true.
|
the root device. The default is set to true.
|
||||||
|
.IP \fBdisable_fallocate\fR
|
||||||
|
Disable pre-allocate disk space for a file. The default is false.
|
||||||
|
.IP \fBexpiring_objects_container_divisor\fR
|
||||||
|
The default is 86400.
|
||||||
|
.IP \fBexpiring_objects_account_name\fR
|
||||||
|
The default is 'expiring_objects'.
|
||||||
|
.IP \fBservers_per_port\fR
|
||||||
|
Make object-server run this many worker processes per unique port of
|
||||||
|
"local" ring devices across all storage policies. This can help provide
|
||||||
|
the isolation of threads_per_disk without the severe overhead. The default
|
||||||
|
value of 0 disables this feature.
|
||||||
.IP \fBlog_name\fR
|
.IP \fBlog_name\fR
|
||||||
Label used when logging. The default is swift.
|
Label used when logging. The default is swift.
|
||||||
.IP \fBlog_facility\fR
|
.IP \fBlog_facility\fR
|
||||||
@ -87,6 +100,45 @@ Syslog log facility. The default is LOG_LOCAL0.
|
|||||||
Logging level. The default is INFO.
|
Logging level. The default is INFO.
|
||||||
.IP \fBlog_address\fR
|
.IP \fBlog_address\fR
|
||||||
Logging address. The default is /dev/log.
|
Logging address. The default is /dev/log.
|
||||||
|
.IP \fBlog_max_line_length\fR
|
||||||
|
The following caps the length of log lines to the value given; no limit if
|
||||||
|
set to 0, the default.
|
||||||
|
.IP \fBlog_custom_handlers\fR
|
||||||
|
Comma separated list of functions to call to setup custom log handlers.
|
||||||
|
functions get passed: conf, name, log_to_console, log_route, fmt, logger,
|
||||||
|
adapted_logger. The default is empty.
|
||||||
|
.IP \fBlog_udp_host\fR
|
||||||
|
If set, log_udp_host will override log_address.
|
||||||
|
.IP "\fBlog_udp_port\fR
|
||||||
|
UDP log port, the default is 514.
|
||||||
|
.IP \fBlog_statsd_host\fR = localhost
|
||||||
|
log_statsd_* enable StatsD logging.
|
||||||
|
.IP \fBlog_statsd_port\fR
|
||||||
|
The default is 8125.
|
||||||
|
.IP \fBlog_statsd_default_sample_rate\fR
|
||||||
|
The default is 1.
|
||||||
|
.IP \fBlog_statsd_sample_rate_factor\fR
|
||||||
|
The default is 1.
|
||||||
|
.IP \fBlog_statsd_metric_prefix\fR
|
||||||
|
The default is empty.
|
||||||
|
.IP \fBeventlet_debug\fR
|
||||||
|
Debug mode for eventlet library. The default is false.
|
||||||
|
.IP \fBfallocate_reserve\fR
|
||||||
|
You can set fallocate_reserve to the number of bytes you'd like fallocate to
|
||||||
|
reserve, whether there is space for the given file size or not. The default is 0.
|
||||||
|
.IP \fBnode_timeout\fR
|
||||||
|
Request timeout to external services. The default is 3 seconds.
|
||||||
|
.IP \fBconn_timeout\fR
|
||||||
|
Connection timeout to external services. The default is 0.5 seconds.
|
||||||
|
.IP \fBcontainer_update_timeout\fR
|
||||||
|
Time to wait while sending a container update on object update. The default is 1 second.
|
||||||
|
.IP \fBclient_timeout\fR
|
||||||
|
Time to wait while receiving each chunk of data from a client or another
|
||||||
|
backend node. The default is 60.
|
||||||
|
.IP \fBnetwork_chunk_size\fR
|
||||||
|
The default is 65536.
|
||||||
|
.IP \fBdisk_chunk_size\fR
|
||||||
|
The default is 65536.
|
||||||
.RE
|
.RE
|
||||||
.PD
|
.PD
|
||||||
|
|
||||||
@ -115,22 +167,68 @@ that are acceptable within this section.
|
|||||||
.IP "\fBuse\fR"
|
.IP "\fBuse\fR"
|
||||||
Entry point for paste.deploy for the object server. This is the reference to the installed python egg.
|
Entry point for paste.deploy for the object server. This is the reference to the installed python egg.
|
||||||
This is normally \fBegg:swift#object\fR.
|
This is normally \fBegg:swift#object\fR.
|
||||||
.IP "\fBset log_name\fR
|
.IP "\fBset log_name\fR"
|
||||||
Label used when logging. The default is object-server.
|
Label used when logging. The default is object-server.
|
||||||
.IP "\fBset log_facility\fR
|
.IP "\fBset log_facility\fR"
|
||||||
Syslog log facility. The default is LOG_LOCAL0.
|
Syslog log facility. The default is LOG_LOCAL0.
|
||||||
.IP "\fB set log_level\fR
|
.IP "\fBset log_level\fR"
|
||||||
Logging level. The default is INFO.
|
Logging level. The default is INFO.
|
||||||
.IP "\fB set log_requests\fR
|
.IP "\fBset log_requests\fR"
|
||||||
Enables request logging. The default is True.
|
Enables request logging. The default is True.
|
||||||
.IP "\fB set log_address\fR
|
.IP "\fBset log_address\fR"
|
||||||
Logging address. The default is /dev/log.
|
Logging address. The default is /dev/log.
|
||||||
.IP \fBnode_timeout\fR
|
.IP "\fBmax_upload_time\fR"
|
||||||
Request timeout to external services. The default is 3 seconds.
|
The default is 86400.
|
||||||
.IP \fBconn_timeout\fR
|
.IP "\fBslow\fR"
|
||||||
Connection timeout to external services. The default is 0.5 seconds.
|
The default is 0.
|
||||||
.IP \fBcontainer_update_timeout\fR
|
.IP "\fBkeep_cache_size\fR"
|
||||||
Time to wait while sending a container update on object update. The default is 1 second.
|
Objects smaller than this are not evicted from the buffercache once read. The default is 5242880.
|
||||||
|
.IP "\fBkeep_cache_private\fR"
|
||||||
|
If true, objects for authenticated GET requests may be kept in buffer cache
|
||||||
|
if small enough. The default is false.
|
||||||
|
.IP "\fBmb_per_sync\fR"
|
||||||
|
On PUTs, sync data every n MB. The default is 512.
|
||||||
|
.IP "\fBallowed_headers\fR"
|
||||||
|
Comma separated list of headers that can be set in metadata on an object.
|
||||||
|
This list is in addition to X-Object-Meta-* headers and cannot include Content-Type, etag, Content-Length, or deleted.
|
||||||
|
The default is 'Content-Disposition, Content-Encoding, X-Delete-At, X-Object-Manifest, X-Static-Large-Object'.
|
||||||
|
.IP "\fBauto_create_account_prefix\fR"
|
||||||
|
The default is '.'.
|
||||||
|
.IP "\fBthreads_per_disk\fR"
|
||||||
|
A value of 0 means "don't use thread pools". A reasonable starting point is
|
||||||
|
4. The default is 0.
|
||||||
|
.IP "\fBreplication_server\fR"
|
||||||
|
Configure parameter for creating specific server
|
||||||
|
To handle all verbs, including replication verbs, do not specify
|
||||||
|
"replication_server" (this is the default). To only handle replication,
|
||||||
|
set to a True value (e.g. "True" or "1"). To handle only non-replication
|
||||||
|
verbs, set to "False". Unless you have a separate replication network, you
|
||||||
|
should not specify any value for "replication_server".
|
||||||
|
.IP "\fBreplication_concurrency\fR"
|
||||||
|
Set to restrict the number of concurrent incoming REPLICATION requests
|
||||||
|
Set to 0 for unlimited (the default is 4). Note that REPLICATION is currently an ssync only item.
|
||||||
|
.IP "\fBreplication_one_per_device\fR"
|
||||||
|
Restricts incoming REPLICATION requests to one per device,
|
||||||
|
replication_currency above allowing. This can help control I/O to each
|
||||||
|
device, but you may wish to set this to False to allow multiple REPLICATION
|
||||||
|
requests (up to the above replication_concurrency setting) per device. The default is true.
|
||||||
|
.IP "\fBreplication_lock_timeout\fR"
|
||||||
|
Number of seconds to wait for an existing replication device lock before
|
||||||
|
giving up. The default is 15.
|
||||||
|
.IP "\fBreplication_failure_threshold\fR"
|
||||||
|
.IP "\fBreplication_failure_ratio\fR"
|
||||||
|
These two settings control when the REPLICATION subrequest handler will
|
||||||
|
abort an incoming REPLICATION attempt. An abort will occur if there are at
|
||||||
|
least threshold number of failures and the value of failures / successes
|
||||||
|
exceeds the ratio. The defaults of 100 and 1.0 means that at least 100
|
||||||
|
failures have to occur and there have to be more failures than successes for
|
||||||
|
an abort to occur.
|
||||||
|
.IP "\fBsplice\fR"
|
||||||
|
Use splice() for zero-copy object GETs. This requires Linux kernel
|
||||||
|
version 3.0 or greater. If you set "splice = yes" but the kernel
|
||||||
|
does not support it, error messages will appear in the object server
|
||||||
|
logs at startup, but your object servers should continue to function.
|
||||||
|
The default is false.
|
||||||
.RE
|
.RE
|
||||||
.PD
|
.PD
|
||||||
|
|
||||||
@ -164,9 +262,41 @@ This is normally \fBegg:swift#recon\fR.
|
|||||||
The recon_cache_path simply sets the directory where stats for a few items will be stored.
|
The recon_cache_path simply sets the directory where stats for a few items will be stored.
|
||||||
Depending on the method of deployment you may need to create this directory manually
|
Depending on the method of deployment you may need to create this directory manually
|
||||||
and ensure that swift has read/write. The default is /var/cache/swift.
|
and ensure that swift has read/write. The default is /var/cache/swift.
|
||||||
|
.IP "\fBrecon_lock_path\fR"
|
||||||
|
The default is /var/lock.
|
||||||
.RE
|
.RE
|
||||||
.PD
|
.PD
|
||||||
|
|
||||||
|
.RS 0
|
||||||
|
.IP "\fB[filter:xprofile]\fR"
|
||||||
|
.RS 3
|
||||||
|
.IP "\fBuse\fR"
|
||||||
|
Entry point for paste.deploy for the xprofile middleware. This is the reference to the installed python egg.
|
||||||
|
This is normally \fBegg:swift#xprofile\fR.
|
||||||
|
.IP "\fBprofile_module\fR"
|
||||||
|
This option enable you to switch profilers which should inherit from python
|
||||||
|
standard profiler. Currently the supported value can be 'cProfile', 'eventlet.green.profile' etc.
|
||||||
|
.IP "\fBlog_filename_prefix\fR"
|
||||||
|
This prefix will be used to combine process ID and timestamp to name the
|
||||||
|
profile data file. Make sure the executing user has permission to write
|
||||||
|
into this path (missing path segments will be created, if necessary).
|
||||||
|
If you enable profiling in more than one type of daemon, you must override
|
||||||
|
it with an unique value like, the default is /var/log/swift/profile/account.profile.
|
||||||
|
.IP "\fBdump_interval\fR"
|
||||||
|
The profile data will be dumped to local disk based on above naming rule
|
||||||
|
in this interval. The default is 5.0.
|
||||||
|
.IP "\fBdump_timestamp\fR"
|
||||||
|
Be careful, this option will enable profiler to dump data into the file with
|
||||||
|
time stamp which means there will be lots of files piled up in the directory.
|
||||||
|
The default is false
|
||||||
|
.IP "\fBpath\fR"
|
||||||
|
This is the path of the URL to access the mini web UI. The default is __profile__.
|
||||||
|
.IP "\fBflush_at_shutdown\fR"
|
||||||
|
Clear the data when the wsgi server shutdown. The default is false.
|
||||||
|
.IP "\fBunwind\fR"
|
||||||
|
Unwind the iterator of applications. Default is false.
|
||||||
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
.SH ADDITIONAL SECTIONS
|
.SH ADDITIONAL SECTIONS
|
||||||
@ -195,10 +325,26 @@ Time in seconds to wait between replication passes. The default is 30.
|
|||||||
Number of replication workers to spawn. The default is 1.
|
Number of replication workers to spawn. The default is 1.
|
||||||
.IP \fBstats_interval\fR
|
.IP \fBstats_interval\fR
|
||||||
Interval in seconds between logging replication statistics. The default is 300.
|
Interval in seconds between logging replication statistics. The default is 300.
|
||||||
|
.IP \fBsync_method\fR
|
||||||
|
The sync method to use; default is rsync but you can use ssync to try the
|
||||||
|
EXPERIMENTAL all-swift-code-no-rsync-callouts method. Once ssync is verified
|
||||||
|
as having performance comparable to, or better than, rsync, we plan to
|
||||||
|
deprecate rsync so we can move on with more features for replication.
|
||||||
.IP \fBrsync_timeout\fR
|
.IP \fBrsync_timeout\fR
|
||||||
Max duration of a partition rsync. The default is 900 seconds.
|
Max duration of a partition rsync. The default is 900 seconds.
|
||||||
.IP \fBrsync_io_timeout\fR
|
.IP \fBrsync_io_timeout\fR
|
||||||
Passed to rsync for I/O OP timeout. The default is 30 seconds.
|
Passed to rsync for I/O OP timeout. The default is 30 seconds.
|
||||||
|
.IP \fBrsync_compress\fR
|
||||||
|
Allow rsync to compress data which is transmitted to destination node
|
||||||
|
during sync. However, this is applicable only when destination node is in
|
||||||
|
a different region than the local one.
|
||||||
|
NOTE: Objects that are already compressed (for example: .tar.gz, .mp3) might
|
||||||
|
slow down the syncing process. The default is false.
|
||||||
|
.IP \fBrsync_module\fR
|
||||||
|
Format of the rysnc module where the replicator will send data. See
|
||||||
|
etc/rsyncd.conf-sample for some usage examples. The default is empty.
|
||||||
|
.IP \fBnode_timeout\fR
|
||||||
|
Request timeout to external services. The default is 10 seconds.
|
||||||
.IP \fBrsync_bwlimit\fR
|
.IP \fBrsync_bwlimit\fR
|
||||||
Passed to rsync for bandwidth limit in kB/s. The default is 0 (unlimited).
|
Passed to rsync for bandwidth limit in kB/s. The default is 0 (unlimited).
|
||||||
.IP \fBhttp_timeout\fR
|
.IP \fBhttp_timeout\fR
|
||||||
@ -206,18 +352,87 @@ Max duration of an HTTP request. The default is 60 seconds.
|
|||||||
.IP \fBlockup_timeout\fR
|
.IP \fBlockup_timeout\fR
|
||||||
Attempts to kill all workers if nothing replicates for lockup_timeout seconds. The
|
Attempts to kill all workers if nothing replicates for lockup_timeout seconds. The
|
||||||
default is 1800 seconds.
|
default is 1800 seconds.
|
||||||
|
.IP \fBring_check_interval\fR
|
||||||
|
The default is 15.
|
||||||
|
.IP \fBrsync_error_log_line_length\fR
|
||||||
|
Limits how long rsync error log lines are. 0 (default) means to log the entire line.
|
||||||
.IP \fBreclaim_age\fR
|
.IP \fBreclaim_age\fR
|
||||||
Time elapsed in seconds before an object can be reclaimed. The default is
|
Time elapsed in seconds before an object can be reclaimed. The default is
|
||||||
604800 seconds.
|
604800 seconds.
|
||||||
.IP \fBrecon_enable\fR
|
|
||||||
Enable logging of replication stats for recon. The default is on.
|
|
||||||
.IP "\fBrecon_cache_path\fR"
|
.IP "\fBrecon_cache_path\fR"
|
||||||
The recon_cache_path simply sets the directory where stats for a few items will be stored.
|
The recon_cache_path simply sets the directory where stats for a few items will be stored.
|
||||||
Depending on the method of deployment you may need to create this directory manually
|
Depending on the method of deployment you may need to create this directory manually
|
||||||
and ensure that swift has read/write.The default is /var/cache/swift.
|
and ensure that swift has read/write.The default is /var/cache/swift.
|
||||||
|
.IP "\fBhandoffs_first\fR"
|
||||||
|
The flag to replicate handoffs prior to canonical partitions.
|
||||||
|
It allows to force syncing and deleting handoffs quickly.
|
||||||
|
If set to a True value(e.g. "True" or "1"), partitions
|
||||||
|
that are not supposed to be on the node will be replicated first.
|
||||||
|
The default is false.
|
||||||
|
.IP "\fBhandoff_delete\fR"
|
||||||
|
The number of replicas which are ensured in swift.
|
||||||
|
If the number less than the number of replicas is set, object-replicator
|
||||||
|
could delete local handoffs even if all replicas are not ensured in the
|
||||||
|
cluster. Object-replicator would remove local handoff partition directories
|
||||||
|
after syncing partition when the number of successful responses is greater
|
||||||
|
than or equal to this number. By default(auto), handoff partitions will be
|
||||||
|
removed when it has successfully replicated to all the canonical nodes.
|
||||||
|
|
||||||
|
The handoffs_first and handoff_delete are options for a special case
|
||||||
|
such as disk full in the cluster. These two options SHOULD NOT BE
|
||||||
|
CHANGED, except for such an extreme situations. (e.g. disks filled up
|
||||||
|
or are about to fill up. Anyway, DO NOT let your drives fill up).
|
||||||
.RE
|
.RE
|
||||||
|
|
||||||
|
|
||||||
|
.RS 0
|
||||||
|
.IP "\fB[object-reconstructor]\fR"
|
||||||
|
.RE
|
||||||
|
.RS 3
|
||||||
|
.IP \fBlog_name\fR
|
||||||
|
Label used when logging. The default is object-reconstructor.
|
||||||
|
.IP \fBlog_facility\fR
|
||||||
|
Syslog log facility. The default is LOG_LOCAL0.
|
||||||
|
.IP \fBlog_level\fR
|
||||||
|
Logging level. The default is INFO.
|
||||||
|
.IP \fBlog_address\fR
|
||||||
|
Logging address. The default is /dev/log.
|
||||||
|
.IP \fBdaemonize\fR
|
||||||
|
Whether or not to run replication as a daemon. The default is yes.
|
||||||
|
.IP "\fBrun_pause [deprecated]\fR"
|
||||||
|
Time in seconds to wait between replication passes. The default is 30.
|
||||||
|
.IP \fBinterval\fR
|
||||||
|
Time in seconds to wait between replication passes. The default is 30.
|
||||||
|
.IP \fBconcurrency\fR
|
||||||
|
Number of replication workers to spawn. The default is 1.
|
||||||
|
.IP \fBstats_interval\fR
|
||||||
|
Interval in seconds between logging replication statistics. The default is 300.
|
||||||
|
.IP \fBnode_timeout\fR
|
||||||
|
Request timeout to external services. The default is 10 seconds.
|
||||||
|
.IP \fBhttp_timeout\fR
|
||||||
|
Max duration of an HTTP request. The default is 60 seconds.
|
||||||
|
.IP \fBlockup_timeout\fR
|
||||||
|
Attempts to kill all workers if nothing replicates for lockup_timeout seconds. The
|
||||||
|
default is 1800 seconds.
|
||||||
|
.IP \fBring_check_interval\fR
|
||||||
|
The default is 15.
|
||||||
|
.IP \fBreclaim_age\fR
|
||||||
|
Time elapsed in seconds before an object can be reclaimed. The default is
|
||||||
|
604800 seconds.
|
||||||
|
.IP "\fBrecon_cache_path\fR"
|
||||||
|
The recon_cache_path simply sets the directory where stats for a few items will be stored.
|
||||||
|
Depending on the method of deployment you may need to create this directory manually
|
||||||
|
and ensure that swift has read/write.The default is /var/cache/swift.
|
||||||
|
.IP "\fBhandoffs_first\fR"
|
||||||
|
The flag to replicate handoffs prior to canonical partitions.
|
||||||
|
It allows to force syncing and deleting handoffs quickly.
|
||||||
|
If set to a True value(e.g. "True" or "1"), partitions
|
||||||
|
that are not supposed to be on the node will be replicated first.
|
||||||
|
The default is false.
|
||||||
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
.RS 0
|
.RS 0
|
||||||
.IP "\fB[object-updater]\fR"
|
.IP "\fB[object-updater]\fR"
|
||||||
.RE
|
.RE
|
||||||
@ -236,10 +451,12 @@ Minimum time for a pass to take. The default is 300 seconds.
|
|||||||
Number of reaper workers to spawn. The default is 1.
|
Number of reaper workers to spawn. The default is 1.
|
||||||
.IP \fBnode_timeout\fR
|
.IP \fBnode_timeout\fR
|
||||||
Request timeout to external services. The default is 10 seconds.
|
Request timeout to external services. The default is 10 seconds.
|
||||||
.IP \fBconn_timeout\fR
|
|
||||||
Connection timeout to external services. The default is 0.5 seconds.
|
|
||||||
.IP \fBslowdown\fR
|
.IP \fBslowdown\fR
|
||||||
Slowdown will sleep that amount between objects. The default is 0.01 seconds.
|
Slowdown will sleep that amount between objects. The default is 0.01 seconds.
|
||||||
|
.IP "\fBrecon_cache_path\fR"
|
||||||
|
The recon_cache_path simply sets the directory where stats for a few items will be stored.
|
||||||
|
Depending on the method of deployment you may need to create this directory manually
|
||||||
|
and ensure that swift has read/write. The default is /var/cache/swift.
|
||||||
.RE
|
.RE
|
||||||
.PD
|
.PD
|
||||||
|
|
||||||
@ -257,16 +474,28 @@ Logging level. The default is INFO.
|
|||||||
.IP \fBlog_address\fR
|
.IP \fBlog_address\fR
|
||||||
Logging address. The default is /dev/log.
|
Logging address. The default is /dev/log.
|
||||||
|
|
||||||
|
.IP \fBdisk_chunk_size\fR
|
||||||
|
The default is 65536.
|
||||||
.IP \fBfiles_per_second\fR
|
.IP \fBfiles_per_second\fR
|
||||||
Maximum files audited per second. Should be tuned according to individual
|
Maximum files audited per second. Should be tuned according to individual
|
||||||
system specs. 0 is unlimited. The default is 20.
|
system specs. 0 is unlimited. The default is 20.
|
||||||
.IP \fBbytes_per_second\fR
|
.IP \fBbytes_per_second\fR
|
||||||
Maximum bytes audited per second. Should be tuned according to individual
|
Maximum bytes audited per second. Should be tuned according to individual
|
||||||
system specs. 0 is unlimited. The default is 10000000.
|
system specs. 0 is unlimited. The default is 10000000.
|
||||||
|
.IP \fBconcurrency\fR
|
||||||
|
Number of reaper workers to spawn. The default is 1.
|
||||||
.IP \fBlog_time\fR
|
.IP \fBlog_time\fR
|
||||||
The default is 3600 seconds.
|
The default is 3600 seconds.
|
||||||
.IP \fBzero_byte_files_per_second\fR
|
.IP \fBzero_byte_files_per_second\fR
|
||||||
The default is 50.
|
The default is 50.
|
||||||
|
.IP "\fBrecon_cache_path\fR"
|
||||||
|
The recon_cache_path simply sets the directory where stats for a few items will be stored.
|
||||||
|
Depending on the method of deployment you may need to create this directory manually
|
||||||
|
and ensure that swift has read/write. The default is /var/cache/swift.
|
||||||
|
.IP \fBobject_size_stats\fR
|
||||||
|
Takes a comma separated list of ints. If set, the object auditor will
|
||||||
|
increment a counter for every object whose size is <= to the given break
|
||||||
|
points and report the result after a full scan.
|
||||||
.RE
|
.RE
|
||||||
|
|
||||||
|
|
||||||
|
@ -56,8 +56,21 @@ IP address the proxy server should bind to. The default is 0.0.0.0 which will ma
|
|||||||
it bind to all available addresses.
|
it bind to all available addresses.
|
||||||
.IP "\fBbind_port\fR"
|
.IP "\fBbind_port\fR"
|
||||||
TCP port the proxy server should bind to. The default is 80.
|
TCP port the proxy server should bind to. The default is 80.
|
||||||
|
.IP "\fBbind_timeout\fR"
|
||||||
|
Timeout to bind socket. The default is 30.
|
||||||
.IP \fBbacklog\fR
|
.IP \fBbacklog\fR
|
||||||
TCP backlog. Maximum number of allowed pending connections. The default value is 4096.
|
TCP backlog. Maximum number of allowed pending connections. The default value is 4096.
|
||||||
|
.IP \fBadmin_key\fR
|
||||||
|
Key to use for admin calls that are HMAC signed. Default is empty,
|
||||||
|
which will disable admin calls to /info.
|
||||||
|
.IP \fBdisallowed_sections\fR
|
||||||
|
Allows the ability to withhold sections from showing up in the public calls
|
||||||
|
to /info. You can withhold subsections by separating the dict level with a
|
||||||
|
".". The following would cause the sections 'container_quotas' and 'tempurl'
|
||||||
|
to not be listed, and the key max_failed_deletes would be removed from
|
||||||
|
bulk_delete. Default value is 'swift.valid_api_versions' which allows all
|
||||||
|
registered features to be listed via HTTP GET /info except
|
||||||
|
swift.valid_api_versions information
|
||||||
.IP \fBworkers\fR
|
.IP \fBworkers\fR
|
||||||
The number of pre-forked processes that will accept connections. Zero means
|
The number of pre-forked processes that will accept connections. Zero means
|
||||||
no fork. The default is auto which will make the server try to match the
|
no fork. The default is auto which will make the server try to match the
|
||||||
@ -71,6 +84,8 @@ actually accept(2) N + 1). Setting this to one (1) will only handle one request
|
|||||||
at a time, without accepting another request concurrently. The default is 1024.
|
at a time, without accepting another request concurrently. The default is 1024.
|
||||||
.IP \fBuser\fR
|
.IP \fBuser\fR
|
||||||
The system user that the proxy server will run as. The default is swift.
|
The system user that the proxy server will run as. The default is swift.
|
||||||
|
.IP \fBexpose_info\fR
|
||||||
|
Enables exposing configuration settings via HTTP GET /info. The default is true.
|
||||||
.IP \fBswift_dir\fR
|
.IP \fBswift_dir\fR
|
||||||
Swift configuration directory. The default is /etc/swift.
|
Swift configuration directory. The default is /etc/swift.
|
||||||
.IP \fBcert_file\fR
|
.IP \fBcert_file\fR
|
||||||
@ -79,6 +94,10 @@ disabled by default.
|
|||||||
.IP \fBkey_file\fR
|
.IP \fBkey_file\fR
|
||||||
Location of the SSL certificate key file. The default path is /etc/swift/proxy.key. This is
|
Location of the SSL certificate key file. The default path is /etc/swift/proxy.key. This is
|
||||||
disabled by default.
|
disabled by default.
|
||||||
|
.IP \fBexpiring_objects_container_divisor\fR
|
||||||
|
The default is 86400.
|
||||||
|
.IP \fBexpiring_objects_account_name\fR
|
||||||
|
The default is 'expiring_objects'.
|
||||||
.IP \fBlog_name\fR
|
.IP \fBlog_name\fR
|
||||||
Label used when logging. The default is swift.
|
Label used when logging. The default is swift.
|
||||||
.IP \fBlog_facility\fR
|
.IP \fBlog_facility\fR
|
||||||
@ -87,10 +106,41 @@ Syslog log facility. The default is LOG_LOCAL0.
|
|||||||
Logging level. The default is INFO.
|
Logging level. The default is INFO.
|
||||||
.IP \fBlog_address\fR
|
.IP \fBlog_address\fR
|
||||||
Logging address. The default is /dev/log.
|
Logging address. The default is /dev/log.
|
||||||
|
.IP \fBlog_max_line_length\fR
|
||||||
|
To cap the length of log lines to the value given. No limit if set to 0, the default.
|
||||||
|
.IP \fBlog_headers\fR
|
||||||
|
The default is false.
|
||||||
|
.IP \fBlog_custom_handlers\fR
|
||||||
|
Comma separated list of functions to call to setup custom log handlers.
|
||||||
|
functions get passed: conf, name, log_to_console, log_route, fmt, logger,
|
||||||
|
adapted_logger. The default is empty.
|
||||||
|
.IP \fBlog_udp_host\fR
|
||||||
|
If set, log_udp_host will override log_address.
|
||||||
|
.IP "\fBlog_udp_port\fR
|
||||||
|
UDP log port, the default is 514.
|
||||||
|
.IP \fBlog_statsd_host\fR = localhost
|
||||||
|
log_statsd_* enable StatsD logging.
|
||||||
|
.IP \fBlog_statsd_port\fR
|
||||||
|
The default is 8125.
|
||||||
|
.IP \fBlog_statsd_default_sample_rate\fR
|
||||||
|
The default is 1.
|
||||||
|
.IP \fBlog_statsd_sample_rate_factor\fR
|
||||||
|
The default is 1.
|
||||||
|
.IP \fBlog_statsd_metric_prefix\fR
|
||||||
|
The default is empty.
|
||||||
|
.IP \fBclient_timeout\fR
|
||||||
|
Time to wait while receiving each chunk of data from a client or another
|
||||||
|
backend node. The default is 60.
|
||||||
|
.IP \fBeventlet_debug\fR
|
||||||
|
Debug mode for eventlet library. The default is false.
|
||||||
.IP \fBtrans_id_suffix\fR
|
.IP \fBtrans_id_suffix\fR
|
||||||
This optional suffix (default is empty) that would be appended to the swift transaction
|
This optional suffix (default is empty) that would be appended to the swift transaction
|
||||||
id allows one to easily figure out from which cluster that X-Trans-Id belongs to.
|
id allows one to easily figure out from which cluster that X-Trans-Id belongs to.
|
||||||
This is very useful when one is managing more than one swift cluster.
|
This is very useful when one is managing more than one swift cluster.
|
||||||
|
.IP \fBcors_allow_origin\fR
|
||||||
|
Use a comma separated list of full url (http://foo.bar:1234,https://foo.bar)
|
||||||
|
.IP \fBstrict_cors_mode\fR
|
||||||
|
The default is true.
|
||||||
.RE
|
.RE
|
||||||
.PD
|
.PD
|
||||||
|
|
||||||
@ -104,8 +154,13 @@ are acceptable within this section.
|
|||||||
|
|
||||||
.IP "\fBpipeline\fR"
|
.IP "\fBpipeline\fR"
|
||||||
It is used when you need apply a number of filters. It is a list of filters
|
It is used when you need apply a number of filters. It is a list of filters
|
||||||
ended by an application. The normal pipeline is "catch_errors healthcheck
|
ended by an application. The normal pipeline is "catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit tempauth container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server".
|
||||||
cache ratelimit tempauth proxy-logging proxy-server".
|
|
||||||
|
Note: The double proxy-logging in the pipeline is not a mistake. The
|
||||||
|
left-most proxy-logging is there to log requests that were handled in
|
||||||
|
middleware and never made it through to the right-most middleware (and
|
||||||
|
proxy server). Double logging is prevented for normal requests. See
|
||||||
|
proxy-logging docs.
|
||||||
.RE
|
.RE
|
||||||
.PD
|
.PD
|
||||||
|
|
||||||
@ -127,6 +182,7 @@ This is normally \fBegg:swift#healthcheck\fR.
|
|||||||
An optional filesystem path which, if present, will cause the healthcheck
|
An optional filesystem path which, if present, will cause the healthcheck
|
||||||
URL to return "503 Service Unavailable" with a body of "DISABLED BY FILE".
|
URL to return "503 Service Unavailable" with a body of "DISABLED BY FILE".
|
||||||
.RE
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
.RS 0
|
.RS 0
|
||||||
@ -154,11 +210,28 @@ systems are in use for one Swift cluster. The default is AUTH.
|
|||||||
.IP \fBauth_prefix\fR
|
.IP \fBauth_prefix\fR
|
||||||
The auth prefix will cause requests beginning with this prefix to be routed
|
The auth prefix will cause requests beginning with this prefix to be routed
|
||||||
to the auth subsystem, for granting tokens, etc. The default is /auth/.
|
to the auth subsystem, for granting tokens, etc. The default is /auth/.
|
||||||
|
.IP \fBrequire_group\fR
|
||||||
|
The require_group parameter names a group that must be presented by
|
||||||
|
either X-Auth-Token or X-Service-Token. Usually this parameter is
|
||||||
|
used only with multiple reseller prefixes (e.g., SERVICE_require_group=blah).
|
||||||
|
By default, no group is needed. Do not use .admin.
|
||||||
.IP \fBtoken_life\fR
|
.IP \fBtoken_life\fR
|
||||||
This is the time in seconds before the token expires. The default is 86400.
|
This is the time in seconds before the token expires. The default is 86400.
|
||||||
|
.IP \fBallow_overrides\fR
|
||||||
|
This allows middleware higher in the WSGI pipeline to override auth
|
||||||
|
processing, useful for middleware such as tempurl and formpost. If you know
|
||||||
|
you're not going to use such middleware and you want a bit of extra security,
|
||||||
|
you can set this to false. The default is true.
|
||||||
|
.IP \fBstorage_url_scheme\fR
|
||||||
|
This specifies what scheme to return with storage urls:
|
||||||
|
http, https, or default (chooses based on what the server is running as)
|
||||||
|
This can be useful with an SSL load balancer in front of a non-SSL server.
|
||||||
.IP \fBuser_<account>_<user>\fR
|
.IP \fBuser_<account>_<user>\fR
|
||||||
Lastly, you need to list all the accounts/users you want here. The format is:
|
Lastly, you need to list all the accounts/users you want here. The format is:
|
||||||
user_<account>_<user> = <key> [group] [group] [...] [storage_url]
|
user_<account>_<user> = <key> [group] [group] [...] [storage_url]
|
||||||
|
or if you want underscores in <account> or <user>, you can base64 encode them
|
||||||
|
(with no equal signs) and use this format:
|
||||||
|
user64_<account_b64>_<user_b64> = <key> [group] [group] [...] [storage_url]
|
||||||
|
|
||||||
There are special groups of: \fI.reseller_admin\fR who can do anything to any account for this auth
|
There are special groups of: \fI.reseller_admin\fR who can do anything to any account for this auth
|
||||||
and also \fI.admin\fR who can do anything within the account.
|
and also \fI.admin\fR who can do anything within the account.
|
||||||
@ -184,6 +257,107 @@ Here are example entries, required for running the tests:
|
|||||||
.RE
|
.RE
|
||||||
.PD
|
.PD
|
||||||
|
|
||||||
|
.RS 0
|
||||||
|
.IP "\fB[filter:authtoken]\fR"
|
||||||
|
.RE
|
||||||
|
|
||||||
|
To enable Keystone authentication you need to have the auth token
|
||||||
|
middleware first to be configured. Here is an example below, please
|
||||||
|
refer to the keystone's documentation for details about the
|
||||||
|
different settings.
|
||||||
|
|
||||||
|
You'll need to have as well the keystoneauth middleware enabled
|
||||||
|
and have it in your main pipeline so instead of having tempauth in
|
||||||
|
there you can change it to: authtoken keystoneauth
|
||||||
|
|
||||||
|
.PD 0
|
||||||
|
.RS 10
|
||||||
|
.IP "paste.filter_factory = keystonemiddleware.auth_token:filter_factory"
|
||||||
|
.IP "identity_uri = http://keystonehost:35357/"
|
||||||
|
.IP "auth_uri = http://keystonehost:5000/"
|
||||||
|
.IP "admin_tenant_name = service"
|
||||||
|
.IP "admin_user = swift"
|
||||||
|
.IP "admin_password = password"
|
||||||
|
.IP ""
|
||||||
|
.IP "# delay_auth_decision defaults to False, but leaving it as false will"
|
||||||
|
.IP "# prevent other auth systems, staticweb, tempurl, formpost, and ACLs from"
|
||||||
|
.IP "# working. This value must be explicitly set to True."
|
||||||
|
.IP "delay_auth_decision = False"
|
||||||
|
.IP
|
||||||
|
.IP "cache = swift.cache"
|
||||||
|
.IP "include_service_catalog = False"
|
||||||
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
|
.RS 0
|
||||||
|
.IP "\fB[filter:keystoneauth]\fR"
|
||||||
|
.RE
|
||||||
|
|
||||||
|
Keystone authentication middleware.
|
||||||
|
|
||||||
|
.RS 3
|
||||||
|
.IP \fBuse\fR
|
||||||
|
Entry point for paste.deploy for the keystoneauth middleware. This is the reference to the installed python egg.
|
||||||
|
This is normally \fBegg:swift#keystoneauth\fR.
|
||||||
|
.IP \fBreseller_prefix\fR
|
||||||
|
The reseller_prefix option lists account namespaces that this middleware is
|
||||||
|
responsible for. The prefix is placed before the Keystone project id.
|
||||||
|
For example, for project 12345678, and prefix AUTH, the account is
|
||||||
|
named AUTH_12345678 (i.e., path is /v1/AUTH_12345678/...).
|
||||||
|
Several prefixes are allowed by specifying a comma-separated list
|
||||||
|
as in: "reseller_prefix = AUTH, SERVICE". The empty string indicates a
|
||||||
|
single blank/empty prefix. If an empty prefix is required in a list of
|
||||||
|
prefixes, a value of '' (two single quote characters) indicates a
|
||||||
|
blank/empty prefix. Except for the blank/empty prefix, an underscore ('_')
|
||||||
|
character is appended to the value unless already present.
|
||||||
|
.IP \fBoperator_roles\fR
|
||||||
|
The user must have at least one role named by operator_roles on a
|
||||||
|
project in order to create, delete and modify containers and objects
|
||||||
|
and to set and read privileged headers such as ACLs.
|
||||||
|
If there are several reseller prefix items, you can prefix the
|
||||||
|
parameter so it applies only to those accounts (for example
|
||||||
|
the parameter SERVICE_operator_roles applies to the /v1/SERVICE_<project>
|
||||||
|
path). If you omit the prefix, the option applies to all reseller
|
||||||
|
prefix items. For the blank/empty prefix, prefix with '' (do not put
|
||||||
|
underscore after the two single quote characters).
|
||||||
|
.IP \fBreseller_admin_role\fR
|
||||||
|
The reseller admin role has the ability to create and delete accounts.
|
||||||
|
.IP \fBallow_overrides\fR
|
||||||
|
This allows middleware higher in the WSGI pipeline to override auth
|
||||||
|
processing, useful for middleware such as tempurl and formpost. If you know
|
||||||
|
you're not going to use such middleware and you want a bit of extra security,
|
||||||
|
you can set this to false.
|
||||||
|
.IP \fBis_admin [DEPRECATED]\fR
|
||||||
|
If is_admin is true, a user whose username is the same as the project name
|
||||||
|
and who has any role on the project will have access rights elevated to be
|
||||||
|
the same as if the user had an operator role. Note that the condition
|
||||||
|
compares names rather than UUIDs. This option is deprecated.
|
||||||
|
.IP \fBservice_roles\fR
|
||||||
|
If the service_roles parameter is present, an X-Service-Token must be
|
||||||
|
present in the request that when validated, grants at least one role listed
|
||||||
|
in the parameter. The X-Service-Token may be scoped to any project.
|
||||||
|
If there are several reseller prefix items, you can prefix the
|
||||||
|
parameter so it applies only to those accounts (for example
|
||||||
|
the parameter SERVICE_service_roles applies to the /v1/SERVICE_<project>
|
||||||
|
path). If you omit the prefix, the option applies to all reseller
|
||||||
|
prefix items. For the blank/empty prefix, prefix with '' (do not put
|
||||||
|
underscore after the two single quote characters).
|
||||||
|
By default, no service_roles are required.
|
||||||
|
.IP \fBdefault_domain_id\fR
|
||||||
|
For backwards compatibility, keystoneauth will match names in cross-tenant
|
||||||
|
access control lists (ACLs) when both the requesting user and the tenant
|
||||||
|
are in the default domain i.e the domain to which existing tenants are
|
||||||
|
migrated. The default_domain_id value configured here should be the same as
|
||||||
|
the value used during migration of tenants to keystone domains.
|
||||||
|
.IP \fBallow_names_in_acls\fR
|
||||||
|
For a new installation, or an installation in which keystone projects may
|
||||||
|
move between domains, you should disable backwards compatible name matching
|
||||||
|
in ACLs by setting allow_names_in_acls to false:
|
||||||
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
.RS 0
|
.RS 0
|
||||||
.IP "\fB[filter:cache]\fR"
|
.IP "\fB[filter:cache]\fR"
|
||||||
.RE
|
.RE
|
||||||
@ -202,8 +376,10 @@ Syslog log facility. The default is LOG_LOCAL0.
|
|||||||
Logging level. The default is INFO.
|
Logging level. The default is INFO.
|
||||||
.IP "\fBset log_address\fR"
|
.IP "\fBset log_address\fR"
|
||||||
Logging address. The default is /dev/log.
|
Logging address. The default is /dev/log.
|
||||||
.IP "\fBset log_headers\fR "
|
.IP "\fBset log_headers\fR"
|
||||||
Enables the ability to log request headers. The default is False.
|
Enables the ability to log request headers. The default is False.
|
||||||
|
.IP \fBmemcache_max_connections\fR
|
||||||
|
Sets the maximum number of connections to each memcached server per worker.
|
||||||
.IP \fBmemcache_servers\fR
|
.IP \fBmemcache_servers\fR
|
||||||
If not set in the configuration file, the value for memcache_servers will be
|
If not set in the configuration file, the value for memcache_servers will be
|
||||||
read from /etc/swift/memcache.conf (see memcache.conf-sample) or lacking that
|
read from /etc/swift/memcache.conf (see memcache.conf-sample) or lacking that
|
||||||
@ -225,7 +401,7 @@ To avoid an instant full cache flush, existing installations should upgrade with
|
|||||||
|
|
||||||
If not set in the configuration file, the value for memcache_serialization_support will be read from /etc/swift/memcache.conf if it exists (see memcache.conf-sample). Otherwise, the default value as indicated above will be used.
|
If not set in the configuration file, the value for memcache_serialization_support will be read from /etc/swift/memcache.conf if it exists (see memcache.conf-sample). Otherwise, the default value as indicated above will be used.
|
||||||
.RE
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
.RS 0
|
.RS 0
|
||||||
@ -268,14 +444,20 @@ in requests per second. If set to 0 means disabled. The default is 0.
|
|||||||
.IP \fBcontainer_ratelimit_size\fR
|
.IP \fBcontainer_ratelimit_size\fR
|
||||||
When set with container_limit_x = r: for containers of size x, limit requests per second
|
When set with container_limit_x = r: for containers of size x, limit requests per second
|
||||||
to r. Will limit PUT, DELETE, and POST requests to /a/c/o. The default is ''.
|
to r. Will limit PUT, DELETE, and POST requests to /a/c/o. The default is ''.
|
||||||
|
.IP \fBcontainer_listing_ratelimit_size\fR
|
||||||
|
Similarly to the above container-level write limits, the following will limit
|
||||||
|
container GET (listing) requests.
|
||||||
.RE
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
.RS 0
|
.RS 0
|
||||||
.IP "\fB[filter:domain_remap]\fR"
|
.IP "\fB[filter:domain_remap]\fR"
|
||||||
.RE
|
.RE
|
||||||
|
|
||||||
Middleware that translates container and account parts of a domain to path parameters that the proxy server understands. The container.account.storageurl/object gets translated to container.account.storageurl/path_root/account/container/object and account.storageurl/path_root/container/object gets translated to account.storageurl/path_root/account/container/object
|
Middleware that translates container and account parts of a domain to path parameters that the proxy server understands.
|
||||||
|
The container.account.storageurl/object gets translated to container.account.storageurl/path_root/account/container/object and account.storageurl/path_root/container/object gets translated to account.storageurl/path_root/account/container/object
|
||||||
|
|
||||||
.RS 3
|
.RS 3
|
||||||
.IP \fBuse\fR
|
.IP \fBuse\fR
|
||||||
@ -283,9 +465,13 @@ Entry point for paste.deploy for the domain_remap middleware. This is the refere
|
|||||||
This is normally \fBegg:swift#domain_remap\fR.
|
This is normally \fBegg:swift#domain_remap\fR.
|
||||||
.IP "\fBset log_name\fR"
|
.IP "\fBset log_name\fR"
|
||||||
Label used when logging. The default is domain_remap.
|
Label used when logging. The default is domain_remap.
|
||||||
|
.IP "\fBset log_facility\fR"
|
||||||
|
Syslog log facility. The default is LOG_LOCAL0.
|
||||||
|
.IP "\fBset log_level\fR "
|
||||||
|
Logging level. The default is INFO.
|
||||||
.IP "\fBset log_address\fR"
|
.IP "\fBset log_address\fR"
|
||||||
Logging address. The default is /dev/log.
|
Logging address. The default is /dev/log.
|
||||||
.IP "\fBset log_headers\fR"
|
.IP "\fBset log_headers\fR "
|
||||||
Enables the ability to log request headers. The default is False.
|
Enables the ability to log request headers. The default is False.
|
||||||
.IP \fBstorage_domain\fR
|
.IP \fBstorage_domain\fR
|
||||||
The domain to be used by the middleware.
|
The domain to be used by the middleware.
|
||||||
@ -304,7 +490,7 @@ Defaults to 'AUTH'.
|
|||||||
The default reseller prefix. This is used when none of the configured
|
The default reseller prefix. This is used when none of the configured
|
||||||
reseller_prefixes match. When not set, no reseller prefix is added.
|
reseller_prefixes match. When not set, no reseller prefix is added.
|
||||||
.RE
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
.RS 0
|
.RS 0
|
||||||
@ -325,7 +511,7 @@ Logging address. The default is /dev/log.
|
|||||||
.IP "\fBset log_headers\fR"
|
.IP "\fBset log_headers\fR"
|
||||||
Enables the ability to log request headers. The default is False.
|
Enables the ability to log request headers. The default is False.
|
||||||
.RE
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
.RS 0
|
.RS 0
|
||||||
@ -354,7 +540,7 @@ The domain to be used by the middleware.
|
|||||||
How deep in the CNAME chain to look for something that matches the storage domain.
|
How deep in the CNAME chain to look for something that matches the storage domain.
|
||||||
The default is 1.
|
The default is 1.
|
||||||
.RE
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
.RS 0
|
.RS 0
|
||||||
@ -367,8 +553,6 @@ Note: Put staticweb just after your auth filter(s) in the pipeline
|
|||||||
.IP \fBuse\fR
|
.IP \fBuse\fR
|
||||||
Entry point for paste.deploy for the staticweb middleware. This is the reference to the installed python egg.
|
Entry point for paste.deploy for the staticweb middleware. This is the reference to the installed python egg.
|
||||||
This is normally \fBegg:swift#staticweb\fR.
|
This is normally \fBegg:swift#staticweb\fR.
|
||||||
.IP \fBcache_timeout\fR
|
|
||||||
Seconds to cache container x-container-meta-web-* header values. The default is 300 seconds.
|
|
||||||
.IP "\fBset log_name\fR"
|
.IP "\fBset log_name\fR"
|
||||||
Label used when logging. The default is staticweb.
|
Label used when logging. The default is staticweb.
|
||||||
.IP "\fBset log_facility\fR"
|
.IP "\fBset log_facility\fR"
|
||||||
@ -379,14 +563,8 @@ Logging level. The default is INFO.
|
|||||||
Logging address. The default is /dev/log.
|
Logging address. The default is /dev/log.
|
||||||
.IP "\fBset log_headers\fR"
|
.IP "\fBset log_headers\fR"
|
||||||
Enables the ability to log request headers. The default is False.
|
Enables the ability to log request headers. The default is False.
|
||||||
.IP "\fBset access_log_name\fR"
|
|
||||||
Label used when logging. The default is staticweb.
|
|
||||||
.IP "\fBset access_log_facility\fR"
|
|
||||||
Syslog log facility. The default is LOG_LOCAL0.
|
|
||||||
.IP "\fBset access_log_level\fR "
|
|
||||||
Logging level. The default is INFO.
|
|
||||||
.RE
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
.RS 0
|
.RS 0
|
||||||
@ -396,6 +574,11 @@ Logging level. The default is INFO.
|
|||||||
Note: Put tempurl before slo, dlo, and your auth filter(s) in the pipeline
|
Note: Put tempurl before slo, dlo, and your auth filter(s) in the pipeline
|
||||||
|
|
||||||
.RS 3
|
.RS 3
|
||||||
|
.IP \fBuse\fR
|
||||||
|
Entry point for paste.deploy for the tempurl middleware. This is the reference to the installed python egg.
|
||||||
|
This is normally \fBegg:swift#tempurl\fR.
|
||||||
|
.IP \fBmethods\fR
|
||||||
|
The methods allowed with Temp URLs. The default is 'GET HEAD PUT POST DELETE'.
|
||||||
.IP \fBincoming_remove_headers\fR
|
.IP \fBincoming_remove_headers\fR
|
||||||
The headers to remove from incoming requests. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match. incoming_allow_headers is a list of exceptions to these removals.
|
The headers to remove from incoming requests. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match. incoming_allow_headers is a list of exceptions to these removals.
|
||||||
.IP \fBincoming_allow_headers\fR
|
.IP \fBincoming_allow_headers\fR
|
||||||
@ -404,9 +587,8 @@ The headers allowed as exceptions to incoming_remove_headers. Simply a whitespac
|
|||||||
The headers to remove from outgoing responses. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match. outgoing_allow_headers is a list of exceptions to these removals.
|
The headers to remove from outgoing responses. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match. outgoing_allow_headers is a list of exceptions to these removals.
|
||||||
.IP "\fBoutgoing_allow_headers\fR"
|
.IP "\fBoutgoing_allow_headers\fR"
|
||||||
The headers allowed as exceptions to outgoing_remove_headers. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match.
|
The headers allowed as exceptions to outgoing_remove_headers. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match.
|
||||||
.IP "\fBset log_level\fR "
|
|
||||||
.RE
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
.RS 0
|
.RS 0
|
||||||
@ -420,6 +602,7 @@ Note: Put formpost just before your auth filter(s) in the pipeline
|
|||||||
Entry point for paste.deploy for the formpost middleware. This is the reference to the installed python egg.
|
Entry point for paste.deploy for the formpost middleware. This is the reference to the installed python egg.
|
||||||
This is normally \fBegg:swift#formpost\fR.
|
This is normally \fBegg:swift#formpost\fR.
|
||||||
.RE
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -434,12 +617,25 @@ Note: Just needs to be placed before the proxy-server in the pipeline.
|
|||||||
Entry point for paste.deploy for the name_check middleware. This is the reference to the installed python egg.
|
Entry point for paste.deploy for the name_check middleware. This is the reference to the installed python egg.
|
||||||
This is normally \fBegg:swift#name_check\fR.
|
This is normally \fBegg:swift#name_check\fR.
|
||||||
.IP \fBforbidden_chars\fR
|
.IP \fBforbidden_chars\fR
|
||||||
Characters that will not be allowed in a name.
|
Characters that will not be allowed in a name. The default is '"`<>.
|
||||||
.IP \fBmaximum_length\fR
|
.IP \fBmaximum_length\fR
|
||||||
Maximum number of characters that can be in the name.
|
Maximum number of characters that can be in the name. The default is 255.
|
||||||
.IP \fBforbidden_regexp\fR
|
.IP \fBforbidden_regexp\fR
|
||||||
Python regular expressions of substrings that will not be allowed in a name.
|
Python regular expressions of substrings that will not be allowed in a name. The default is /\./|/\.\./|/\.$|/\.\.$.
|
||||||
.RE
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
|
.RS 0
|
||||||
|
.IP "\fB[filter:list-endpoints]\fR"
|
||||||
|
.RS 3
|
||||||
|
.IP \fBuse\fR
|
||||||
|
Entry point for paste.deploy for the list_endpoints middleware. This is the reference to the installed python egg.
|
||||||
|
This is normally \fBegg:swift#list_endpoints\fR.
|
||||||
|
.IP \fBlist_endpoints_path\fR
|
||||||
|
The default is '/endpoints/'.
|
||||||
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
.RS 0
|
.RS 0
|
||||||
@ -474,20 +670,249 @@ Default is localhost.
|
|||||||
Default is 8125.
|
Default is 8125.
|
||||||
.IP \fBaccess_log_statsd_default_sample_rate\fR
|
.IP \fBaccess_log_statsd_default_sample_rate\fR
|
||||||
Default is 1.
|
Default is 1.
|
||||||
|
.IP \fBaccess_log_statsd_sample_rate_factor\fR
|
||||||
|
The default is 1.
|
||||||
.IP \fBaccess_log_statsd_metric_prefix\fR
|
.IP \fBaccess_log_statsd_metric_prefix\fR
|
||||||
Default is "" (empty-string)
|
Default is "" (empty-string)
|
||||||
.IP \fBaccess_log_headers\fR
|
.IP \fBaccess_log_headers\fR
|
||||||
Default is False.
|
Default is False.
|
||||||
|
.IP \fBaccess_log_headers_only\fR
|
||||||
|
If access_log_headers is True and access_log_headers_only is set only
|
||||||
|
these headers are logged. Multiple headers can be defined as comma separated
|
||||||
|
list like this: access_log_headers_only = Host, X-Object-Meta-Mtime
|
||||||
|
.IP \fBreveal_sensitive_prefix\fR
|
||||||
|
By default, the X-Auth-Token is logged. To obscure the value,
|
||||||
|
set reveal_sensitive_prefix to the number of characters to log.
|
||||||
|
For example, if set to 12, only the first 12 characters of the
|
||||||
|
token appear in the log. An unauthorized access of the log file
|
||||||
|
won't allow unauthorized usage of the token. However, the first
|
||||||
|
12 or so characters is unique enough that you can trace/debug
|
||||||
|
token usage. Set to 0 to suppress the token completely (replaced
|
||||||
|
by '...' in the log). The default is 16 chars.
|
||||||
|
Note: reveal_sensitive_prefix will not affect the value logged with access_log_headers=True.
|
||||||
.IP \fBlog_statsd_valid_http_methods\fR
|
.IP \fBlog_statsd_valid_http_methods\fR
|
||||||
What HTTP methods are allowed for StatsD logging (comma-sep); request methods
|
What HTTP methods are allowed for StatsD logging (comma-sep); request methods
|
||||||
not in this list will have "BAD_METHOD" for the <verb> portion of the metric.
|
not in this list will have "BAD_METHOD" for the <verb> portion of the metric.
|
||||||
Default is "GET,HEAD,POST,PUT,DELETE,COPY,OPTIONS".
|
Default is "GET,HEAD,POST,PUT,DELETE,COPY,OPTIONS".
|
||||||
.RE
|
.RE
|
||||||
|
|
||||||
|
|
||||||
.PD
|
.PD
|
||||||
|
|
||||||
|
|
||||||
|
.RS 0
|
||||||
|
.IP "\fB[filter:bulk]\fR"
|
||||||
|
.RE
|
||||||
|
|
||||||
|
Note: Put before both ratelimit and auth in the pipeline.
|
||||||
|
|
||||||
|
.RS 3
|
||||||
|
.IP \fBuse\fR
|
||||||
|
Entry point for paste.deploy for the bulk middleware. This is the reference to the installed python egg.
|
||||||
|
This is normally \fBegg:swift#bulk\fR.
|
||||||
|
.IP \fBmax_containers_per_extraction\fR
|
||||||
|
The default is 10000.
|
||||||
|
.IP \fBmax_failed_extractions\fR
|
||||||
|
The default is 1000.
|
||||||
|
.IP \fBmax_deletes_per_request\fR
|
||||||
|
The default is 10000.
|
||||||
|
.IP \fBmax_failed_deletes\fR
|
||||||
|
The default is 1000.
|
||||||
|
|
||||||
|
In order to keep a connection active during a potentially long bulk request,
|
||||||
|
Swift may return whitespace prepended to the actual response body. This
|
||||||
|
whitespace will be yielded no more than every yield_frequency seconds.
|
||||||
|
The default is 10.
|
||||||
|
.IP \fByield_frequency\fR
|
||||||
|
|
||||||
|
.IP \fBdelete_container_retry_count\fR
|
||||||
|
Note: This parameter is used during a bulk delete of objects and
|
||||||
|
their container. This would frequently fail because it is very likely
|
||||||
|
that all replicated objects have not been deleted by the time the middleware got a
|
||||||
|
successful response. It can be configured the number of retries. And the
|
||||||
|
number of seconds to wait between each retry will be 1.5**retry
|
||||||
|
The default is 0.
|
||||||
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
|
.RS 0
|
||||||
|
.IP "\fB[filter:slo]\fR"
|
||||||
|
.RE
|
||||||
|
|
||||||
|
Note: Put after auth and staticweb in the pipeline.
|
||||||
|
|
||||||
|
.RS 3
|
||||||
|
.IP \fBuse\fR
|
||||||
|
Entry point for paste.deploy for the slo middleware. This is the reference to the installed python egg.
|
||||||
|
This is normally \fBegg:swift#slo\fR.
|
||||||
|
.IP \fBmax_manifest_segments\fR
|
||||||
|
The default is 1000.
|
||||||
|
.IP \fBmax_manifest_size\fR
|
||||||
|
The default is 2097152.
|
||||||
|
.IP \fBmin_segment_size\fR
|
||||||
|
The default is 1048576
|
||||||
|
.IP \fBrate_limit_after_segment\fR
|
||||||
|
Start rate-limiting object segments after the Nth segment of a segmented
|
||||||
|
object. The default is 10 segments.
|
||||||
|
.IP \fBrate_limit_segments_per_sec\fR
|
||||||
|
Once segment rate-limiting kicks in for an object, limit segments served to N
|
||||||
|
per second. The default is 1.
|
||||||
|
.IP \fBmax_get_time\fR
|
||||||
|
Time limit on GET requests (seconds). The default is 86400.
|
||||||
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
|
.RS 0
|
||||||
|
.IP "\fB[filter:dlo]\fR"
|
||||||
|
.RE
|
||||||
|
|
||||||
|
Note: Put after auth and staticweb in the pipeline.
|
||||||
|
If you don't put it in the pipeline, it will be inserted for you.
|
||||||
|
|
||||||
|
.RS 3
|
||||||
|
.IP \fBuse\fR
|
||||||
|
Entry point for paste.deploy for the dlo middleware. This is the reference to the installed python egg.
|
||||||
|
This is normally \fBegg:swift#dlo\fR.
|
||||||
|
.IP \fBrate_limit_after_segment\fR
|
||||||
|
Start rate-limiting object segments after the Nth segment of a segmented
|
||||||
|
object. The default is 10 segments.
|
||||||
|
.IP \fBrate_limit_segments_per_sec\fR
|
||||||
|
Once segment rate-limiting kicks in for an object, limit segments served to N
|
||||||
|
per second. The default is 1.
|
||||||
|
.IP \fBmax_get_time\fR
|
||||||
|
Time limit on GET requests (seconds). The default is 86400.
|
||||||
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
|
.RS 0
|
||||||
|
.IP "\fB[filter:container-quotas]\fR"
|
||||||
|
.RE
|
||||||
|
|
||||||
|
Note: Put after auth in the pipeline.
|
||||||
|
|
||||||
|
.RS 3
|
||||||
|
.IP \fBuse\fR
|
||||||
|
Entry point for paste.deploy for the container_quotas middleware. This is the reference to the installed python egg.
|
||||||
|
This is normally \fBegg:swift#container_quotas\fR.
|
||||||
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
|
.RS 0
|
||||||
|
.IP "\fB[filter:account-quotas]\fR"
|
||||||
|
.RE
|
||||||
|
|
||||||
|
Note: Put after auth in the pipeline.
|
||||||
|
|
||||||
|
.RS 3
|
||||||
|
.IP \fBuse\fR
|
||||||
|
Entry point for paste.deploy for the account_quotas middleware. This is the reference to the installed python egg.
|
||||||
|
This is normally \fBegg:swift#account_quotas\fR.
|
||||||
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
|
.RS 0
|
||||||
|
.IP "\fB[filter:gatekeeper]\fR"
|
||||||
|
.RE
|
||||||
|
|
||||||
|
Note: this middleware requires python-dnspython
|
||||||
|
|
||||||
|
.RS 3
|
||||||
|
.IP \fBuse\fR
|
||||||
|
Entry point for paste.deploy for the gatekeeper middleware. This is the reference to the installed python egg.
|
||||||
|
This is normally \fBegg:swift#gatekeeper\fR.
|
||||||
|
.IP "\fBset log_name\fR"
|
||||||
|
Label used when logging. The default is gatekeeper.
|
||||||
|
.IP "\fBset log_facility\fR"
|
||||||
|
Syslog log facility. The default is LOG_LOCAL0.
|
||||||
|
.IP "\fBset log_level\fR "
|
||||||
|
Logging level. The default is INFO.
|
||||||
|
.IP "\fBset log_address\fR"
|
||||||
|
Logging address. The default is /dev/log.
|
||||||
|
.IP "\fBset log_headers\fR"
|
||||||
|
Enables the ability to log request headers. The default is False.
|
||||||
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
|
.RS 0
|
||||||
|
.IP "\fB[filter:container_sync]\fR"
|
||||||
|
.RE
|
||||||
|
|
||||||
|
Note: this middleware requires python-dnspython
|
||||||
|
|
||||||
|
.RS 3
|
||||||
|
.IP \fBuse\fR
|
||||||
|
Entry point for paste.deploy for the container_sync middleware. This is the reference to the installed python egg.
|
||||||
|
This is normally \fBegg:swift#container_sync\fR.
|
||||||
|
.IP \fBallow_full_urls\fR
|
||||||
|
Set this to false if you want to disallow any full url values to be set for
|
||||||
|
any new X-Container-Sync-To headers. This will keep any new full urls from
|
||||||
|
coming in, but won't change any existing values already in the cluster.
|
||||||
|
Updating those will have to be done manually, as knowing what the true realm
|
||||||
|
endpoint should be cannot always be guessed. The default is true.
|
||||||
|
.IP \fBcurrent\fR
|
||||||
|
Set this to specify this clusters //realm/cluster as "current" in /info
|
||||||
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
|
.RS 0
|
||||||
|
.IP "\fB[filter:xprofile]\fR"
|
||||||
|
.RE
|
||||||
|
|
||||||
|
Note: Put it at the beginning of the pipeline to profile all middleware. But it is safer to put this after healthcheck.
|
||||||
|
|
||||||
|
.RS 3
|
||||||
|
.IP "\fBuse\fR"
|
||||||
|
Entry point for paste.deploy for the xprofile middleware. This is the reference to the installed python egg.
|
||||||
|
This is normally \fBegg:swift#xprofile\fR.
|
||||||
|
.IP "\fBprofile_module\fR"
|
||||||
|
This option enable you to switch profilers which should inherit from python
|
||||||
|
standard profiler. Currently the supported value can be 'cProfile', 'eventlet.green.profile' etc.
|
||||||
|
.IP "\fBlog_filename_prefix\fR"
|
||||||
|
This prefix will be used to combine process ID and timestamp to name the
|
||||||
|
profile data file. Make sure the executing user has permission to write
|
||||||
|
into this path (missing path segments will be created, if necessary).
|
||||||
|
If you enable profiling in more than one type of daemon, you must override
|
||||||
|
it with an unique value like, the default is /var/log/swift/profile/account.profile.
|
||||||
|
.IP "\fBdump_interval\fR"
|
||||||
|
The profile data will be dumped to local disk based on above naming rule
|
||||||
|
in this interval. The default is 5.0.
|
||||||
|
.IP "\fBdump_timestamp\fR"
|
||||||
|
Be careful, this option will enable profiler to dump data into the file with
|
||||||
|
time stamp which means there will be lots of files piled up in the directory.
|
||||||
|
The default is false
|
||||||
|
.IP "\fBpath\fR"
|
||||||
|
This is the path of the URL to access the mini web UI. The default is __profile__.
|
||||||
|
.IP "\fBflush_at_shutdown\fR"
|
||||||
|
Clear the data when the wsgi server shutdown. The default is false.
|
||||||
|
.IP "\fBunwind\fR"
|
||||||
|
Unwind the iterator of applications. Default is false.
|
||||||
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
|
.RS 0
|
||||||
|
.IP "\fB[filter:versioned_writes]\fR"
|
||||||
|
.RE
|
||||||
|
|
||||||
|
Note: Put after slo, dlo in the pipeline.
|
||||||
|
If you don't put it in the pipeline, it will be inserted automatically.
|
||||||
|
|
||||||
|
.RS 3
|
||||||
|
.IP \fBuse\fR
|
||||||
|
Entry point for paste.deploy for the versioned_writes middleware. This is the reference to the installed python egg.
|
||||||
|
This is normally \fBegg:swift#versioned_writes\fR.
|
||||||
|
.IP \fBallow_versioned_writes\fR
|
||||||
|
Enables using versioned writes middleware and exposing configuration settings via HTTP GET /info.
|
||||||
|
WARNING: Setting this option bypasses the "allow_versions" option
|
||||||
|
in the container configuration file, which will be eventually
|
||||||
|
deprecated. See documentation for more details.
|
||||||
|
.RE
|
||||||
|
.PD
|
||||||
|
|
||||||
|
|
||||||
.SH APP SECTION
|
.SH APP SECTION
|
||||||
@ -518,10 +943,19 @@ Chunk size to read from object servers. The default is 8192.
|
|||||||
Chunk size to read from clients. The default is 8192.
|
Chunk size to read from clients. The default is 8192.
|
||||||
.IP \fBnode_timeout\fR
|
.IP \fBnode_timeout\fR
|
||||||
Request timeout to external services. The default is 10 seconds.
|
Request timeout to external services. The default is 10 seconds.
|
||||||
.IP \fBclient_timeout\fR
|
.IP \fBrecoverable_node_timeout\fR
|
||||||
Timeout to read one chunk from a client. The default is 60 seconds.
|
How long the proxy server will wait for an initial response and to read a
|
||||||
|
chunk of data from the object servers while serving GET / HEAD requests.
|
||||||
|
Timeouts from these requests can be recovered from so setting this to
|
||||||
|
something lower than node_timeout would provide quicker error recovery
|
||||||
|
while allowing for a longer timeout for non-recoverable requests (PUTs).
|
||||||
|
Defaults to node_timeout, should be overriden if node_timeout is set to a
|
||||||
|
high number to prevent client timeouts from firing before the proxy server
|
||||||
|
has a chance to retry.
|
||||||
.IP \fBconn_timeout\fR
|
.IP \fBconn_timeout\fR
|
||||||
Connection timeout to external services. The default is 0.5 seconds.
|
Connection timeout to external services. The default is 0.5 seconds.
|
||||||
|
.IP \fBpost_quorum_timeout\fR
|
||||||
|
How long to wait for requests to finish after a quorum has been established. The default is 0.5 seconds.
|
||||||
.IP \fBerror_suppression_interval\fR
|
.IP \fBerror_suppression_interval\fR
|
||||||
Time in seconds that must elapse since the last error for a node to
|
Time in seconds that must elapse since the last error for a node to
|
||||||
be considered no longer error limited. The default is 60 seconds.
|
be considered no longer error limited. The default is 60 seconds.
|
||||||
@ -539,12 +973,63 @@ container sync won't be able to sync posts. The default is True.
|
|||||||
.IP \fBaccount_autocreate\fR
|
.IP \fBaccount_autocreate\fR
|
||||||
If set to 'true' authorized accounts that do not yet exist within the Swift cluster
|
If set to 'true' authorized accounts that do not yet exist within the Swift cluster
|
||||||
will be automatically created. The default is set to false.
|
will be automatically created. The default is set to false.
|
||||||
.IP \fBrate_limit_after_segment\fR
|
.IP \fBauto_create_account_prefix\fR
|
||||||
Start rate-limiting object segments after the Nth segment of a segmented
|
Prefix used when automatically creating accounts. The default is '.'.
|
||||||
object. The default is 10 segments.
|
.IP \fBmax_containers_per_account\fR
|
||||||
.IP \fBrate_limit_segments_per_sec\fR
|
If set to a positive value, trying to create a container when the account
|
||||||
Once segment rate-limiting kicks in for an object, limit segments served to N
|
already has at least this maximum containers will result in a 403 Forbidden.
|
||||||
per second. The default is 1.
|
Note: This is a soft limit, meaning a user might exceed the cap for
|
||||||
|
recheck_account_existence before the 403s kick in.
|
||||||
|
.IP \fBmax_containers_whitelist\fR
|
||||||
|
This is a comma separated list of account hashes that ignore the max_containers_per_account cap.
|
||||||
|
.IP \fBdeny_host_headers\fR
|
||||||
|
Comma separated list of Host headers to which the proxy will deny requests. The default is empty.
|
||||||
|
.IP \fBput_queue_depth\fR
|
||||||
|
Depth of the proxy put queue. The default is 10.
|
||||||
|
.IP \fBsorting_method\fR
|
||||||
|
Storage nodes can be chosen at random (shuffle - default), by using timing
|
||||||
|
measurements (timing), or by using an explicit match (affinity).
|
||||||
|
Using timing measurements may allow for lower overall latency, while
|
||||||
|
using affinity allows for finer control. In both the timing and
|
||||||
|
affinity cases, equally-sorting nodes are still randomly chosen to
|
||||||
|
spread load.
|
||||||
|
The valid values for sorting_method are "affinity", "shuffle", and "timing".
|
||||||
|
.IP \fBtiming_expiry\fR
|
||||||
|
If the "timing" sorting_method is used, the timings will only be valid for
|
||||||
|
the number of seconds configured by timing_expiry. The default is 300.
|
||||||
|
.IP \fBmax_large_object_get_time\fR
|
||||||
|
The maximum time (seconds) that a large object connection is allowed to last. The default is 86400.
|
||||||
|
.IP \fBrequest_node_count\fR
|
||||||
|
Set to the number of nodes to contact for a normal request. You can use
|
||||||
|
'* replicas' at the end to have it use the number given times the number of
|
||||||
|
replicas for the ring being used for the request. The default is '2 * replicas'.
|
||||||
|
.IP \fBread_affinity\fR
|
||||||
|
Which backend servers to prefer on reads. Format is r<N> for region
|
||||||
|
N or r<N>z<M> for region N, zone M. The value after the equals is
|
||||||
|
the priority; lower numbers are higher priority.
|
||||||
|
Default is empty, meaning no preference.
|
||||||
|
Example: first read from region 1 zone 1, then region 1 zone 2, then anything in region 2, then everything else:
|
||||||
|
read_affinity = r1z1=100, r1z2=200, r2=300
|
||||||
|
.IP \fBwrite_affinity\fR
|
||||||
|
Which backend servers to prefer on writes. Format is r<N> for region
|
||||||
|
N or r<N>z<M> for region N, zone M. If this is set, then when
|
||||||
|
handling an object PUT request, some number (see setting
|
||||||
|
write_affinity_node_count) of local backend servers will be tried
|
||||||
|
before any nonlocal ones. Default is empty, meaning no preference.
|
||||||
|
Example: try to write to regions 1 and 2 before writing to any other
|
||||||
|
nodes:
|
||||||
|
write_affinity = r1, r2
|
||||||
|
.IP \fBwrite_affinity_node_count\fR
|
||||||
|
The number of local (as governed by the write_affinity setting)
|
||||||
|
nodes to attempt to contact first, before any non-local ones. You
|
||||||
|
can use '* replicas' at the end to have it use the number given
|
||||||
|
times the number of replicas for the ring being used for the
|
||||||
|
request. The default is '2 * replicas'.
|
||||||
|
.IP \fBswift_owner_headers\fR
|
||||||
|
These are the headers whose values will only be shown to swift_owners. The
|
||||||
|
exact definition of a swift_owner is up to the auth system in use, but
|
||||||
|
usually indicates administrative responsibilities.
|
||||||
|
The default is 'x-container-read, x-container-write, x-container-sync-key, x-container-sync-to, x-account-meta-temp-url-key, x-account-meta-temp-url-key-2, x-container-meta-temp-url-key, x-container-meta-temp-url-key-2, x-account-access-control'.
|
||||||
.RE
|
.RE
|
||||||
.PD
|
.PD
|
||||||
|
|
||||||
|
File diff suppressed because it is too large
Load Diff
@ -70,7 +70,7 @@ use = egg:swift#account
|
|||||||
# "replication_server" (this is the default). To only handle replication,
|
# "replication_server" (this is the default). To only handle replication,
|
||||||
# set to a True value (e.g. "True" or "1"). To handle only non-replication
|
# set to a True value (e.g. "True" or "1"). To handle only non-replication
|
||||||
# verbs, set to "False". Unless you have a separate replication network, you
|
# verbs, set to "False". Unless you have a separate replication network, you
|
||||||
# should not specify any value for "replication_server".
|
# should not specify any value for "replication_server". Default is empty.
|
||||||
# replication_server = false
|
# replication_server = false
|
||||||
|
|
||||||
[filter:healthcheck]
|
[filter:healthcheck]
|
||||||
@ -137,8 +137,6 @@ use = egg:swift#recon
|
|||||||
# Will audit each account at most once per interval
|
# Will audit each account at most once per interval
|
||||||
# interval = 1800
|
# interval = 1800
|
||||||
#
|
#
|
||||||
# log_facility = LOG_LOCAL0
|
|
||||||
# log_level = INFO
|
|
||||||
# accounts_per_second = 200
|
# accounts_per_second = 200
|
||||||
# recon_cache_path = /var/cache/swift
|
# recon_cache_path = /var/cache/swift
|
||||||
|
|
||||||
|
@ -499,6 +499,12 @@ use = egg:swift#cname_lookup
|
|||||||
# Note: Put staticweb just after your auth filter(s) in the pipeline
|
# Note: Put staticweb just after your auth filter(s) in the pipeline
|
||||||
[filter:staticweb]
|
[filter:staticweb]
|
||||||
use = egg:swift#staticweb
|
use = egg:swift#staticweb
|
||||||
|
# You can override the default log routing for this filter here:
|
||||||
|
# set log_name = staticweb
|
||||||
|
# set log_facility = LOG_LOCAL0
|
||||||
|
# set log_level = INFO
|
||||||
|
# set log_headers = false
|
||||||
|
# set log_address = /dev/log
|
||||||
|
|
||||||
# Note: Put tempurl before dlo, slo and your auth filter(s) in the pipeline
|
# Note: Put tempurl before dlo, slo and your auth filter(s) in the pipeline
|
||||||
[filter:tempurl]
|
[filter:tempurl]
|
||||||
|
@ -73,7 +73,7 @@ class AccountReaper(Daemon):
|
|||||||
self.node_timeout = float(conf.get('node_timeout', 10))
|
self.node_timeout = float(conf.get('node_timeout', 10))
|
||||||
self.conn_timeout = float(conf.get('conn_timeout', 0.5))
|
self.conn_timeout = float(conf.get('conn_timeout', 0.5))
|
||||||
self.myips = whataremyips(conf.get('bind_ip', '0.0.0.0'))
|
self.myips = whataremyips(conf.get('bind_ip', '0.0.0.0'))
|
||||||
self.bind_port = int(conf.get('bind_port', 0))
|
self.bind_port = int(conf.get('bind_port', 6002))
|
||||||
self.concurrency = int(conf.get('concurrency', 25))
|
self.concurrency = int(conf.get('concurrency', 25))
|
||||||
self.container_concurrency = self.object_concurrency = \
|
self.container_concurrency = self.object_concurrency = \
|
||||||
sqrt(self.concurrency)
|
sqrt(self.concurrency)
|
||||||
|
Loading…
Reference in New Issue
Block a user