flake8 codestyle fixes and tox flake8 setting enable
Fix major below issues: E741 ambiguous variable name 'l' ./openstack/python-horizon/centos/files/guni_config.py E402 module level import not at top of file ./openstack/python-horizon/centos/files/local_settings.py E265 block comment should start with '# ' ./openstack/python-horizon/centos/files/local_settings.py Story: 2003428 Task: 24617 Change-Id: I9d4d6c33ce032849f09e2ec232c83909fc6690a3 Signed-off-by: Sun Austin <austin.sun@intel.com>
This commit is contained in:
parent
db03094634
commit
0de76ec71d
@ -17,16 +17,16 @@ def worker_abort(worker):
|
|||||||
path = ("/proc/%s/fd") % os.getpid()
|
path = ("/proc/%s/fd") % os.getpid()
|
||||||
contents = os.listdir(path)
|
contents = os.listdir(path)
|
||||||
upload_dir = getattr(settings, 'FILE_UPLOAD_TEMP_DIR', '/tmp')
|
upload_dir = getattr(settings, 'FILE_UPLOAD_TEMP_DIR', '/tmp')
|
||||||
pattern = os.path.join(upload_dir, '*.upload')
|
pattern = os.path.join(upload_dir, '*.upload')
|
||||||
|
|
||||||
for i in contents:
|
for i in contents:
|
||||||
f = os.path.join(path, i)
|
f = os.path.join(path, i)
|
||||||
if os.path.exists(f):
|
if os.path.exists(f):
|
||||||
try:
|
try:
|
||||||
l = os.readlink(f)
|
link = os.readlink(f)
|
||||||
if fnmatch.fnmatch(l, pattern):
|
if fnmatch.fnmatch(link, pattern):
|
||||||
worker.log.info(l)
|
worker.log.info(link)
|
||||||
os.remove(l)
|
os.remove(link)
|
||||||
except OSError:
|
except OSError:
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
@ -10,52 +10,55 @@ from openstack_dashboard.settings import HORIZON_CONFIG
|
|||||||
|
|
||||||
from tsconfig.tsconfig import distributed_cloud_role
|
from tsconfig.tsconfig import distributed_cloud_role
|
||||||
|
|
||||||
|
# Custom STX settings
|
||||||
|
import configss
|
||||||
|
|
||||||
DEBUG = False
|
DEBUG = False
|
||||||
|
|
||||||
# This setting controls whether or not compression is enabled. Disabling
|
# This setting controls whether or not compression is enabled. Disabling
|
||||||
# compression makes Horizon considerably slower, but makes it much easier
|
# compression makes Horizon considerably slower, but makes it much easier
|
||||||
# to debug JS and CSS changes
|
# to debug JS and CSS changes
|
||||||
#COMPRESS_ENABLED = not DEBUG
|
# COMPRESS_ENABLED = not DEBUG
|
||||||
|
|
||||||
# This setting controls whether compression happens on the fly, or offline
|
# This setting controls whether compression happens on the fly, or offline
|
||||||
# with `python manage.py compress`
|
# with `python manage.py compress`
|
||||||
# See https://django-compressor.readthedocs.io/en/latest/usage/#offline-compression
|
# See https://django-compressor.readthedocs.io/en/latest/usage/#offline-compression
|
||||||
# for more information
|
# for more information
|
||||||
#COMPRESS_OFFLINE = not DEBUG
|
# COMPRESS_OFFLINE = not DEBUG
|
||||||
|
|
||||||
# WEBROOT is the location relative to Webserver root
|
# WEBROOT is the location relative to Webserver root
|
||||||
# should end with a slash.
|
# should end with a slash.
|
||||||
WEBROOT = '/'
|
WEBROOT = '/'
|
||||||
#LOGIN_URL = WEBROOT + 'auth/login/'
|
# LOGIN_URL = WEBROOT + 'auth/login/'
|
||||||
#LOGOUT_URL = WEBROOT + 'auth/logout/'
|
# LOGOUT_URL = WEBROOT + 'auth/logout/'
|
||||||
#
|
#
|
||||||
# LOGIN_REDIRECT_URL can be used as an alternative for
|
# LOGIN_REDIRECT_URL can be used as an alternative for
|
||||||
# HORIZON_CONFIG.user_home, if user_home is not set.
|
# HORIZON_CONFIG.user_home, if user_home is not set.
|
||||||
# Do not set it to '/home/', as this will cause circular redirect loop
|
# Do not set it to '/home/', as this will cause circular redirect loop
|
||||||
#LOGIN_REDIRECT_URL = WEBROOT
|
# LOGIN_REDIRECT_URL = WEBROOT
|
||||||
|
|
||||||
# If horizon is running in production (DEBUG is False), set this
|
# If horizon is running in production (DEBUG is False), set this
|
||||||
# with the list of host/domain names that the application can serve.
|
# with the list of host/domain names that the application can serve.
|
||||||
# For more information see:
|
# For more information see:
|
||||||
# https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts
|
# https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts
|
||||||
#ALLOWED_HOSTS = ['horizon.example.com', ]
|
# ALLOWED_HOSTS = ['horizon.example.com', ]
|
||||||
|
|
||||||
# Set SSL proxy settings:
|
# Set SSL proxy settings:
|
||||||
# Pass this header from the proxy after terminating the SSL,
|
# Pass this header from the proxy after terminating the SSL,
|
||||||
# and don't forget to strip it from the client's request.
|
# and don't forget to strip it from the client's request.
|
||||||
# For more information see:
|
# For more information see:
|
||||||
# https://docs.djangoproject.com/en/dev/ref/settings/#secure-proxy-ssl-header
|
# https://docs.djangoproject.com/en/dev/ref/settings/#secure-proxy-ssl-header
|
||||||
#SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
|
# SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
|
||||||
|
|
||||||
# If Horizon is being served through SSL, then uncomment the following two
|
# If Horizon is being served through SSL, then uncomment the following two
|
||||||
# settings to better secure the cookies from security exploits
|
# settings to better secure the cookies from security exploits
|
||||||
#CSRF_COOKIE_SECURE = True
|
# CSRF_COOKIE_SECURE = True
|
||||||
#SESSION_COOKIE_SECURE = True
|
# SESSION_COOKIE_SECURE = True
|
||||||
|
|
||||||
# The absolute path to the directory where message files are collected.
|
# The absolute path to the directory where message files are collected.
|
||||||
# The message file must have a .json file extension. When the user logins to
|
# The message file must have a .json file extension. When the user logins to
|
||||||
# horizon, the message files collected are processed and displayed to the user.
|
# horizon, the message files collected are processed and displayed to the user.
|
||||||
#MESSAGES_PATH=None
|
# MESSAGES_PATH=None
|
||||||
|
|
||||||
# Overrides for OpenStack API versions. Use this setting to force the
|
# Overrides for OpenStack API versions. Use this setting to force the
|
||||||
# OpenStack dashboard to use a specific API version for a given service API.
|
# OpenStack dashboard to use a specific API version for a given service API.
|
||||||
@ -64,32 +67,32 @@ WEBROOT = '/'
|
|||||||
# service API. For example, The identity service APIs have inconsistent
|
# service API. For example, The identity service APIs have inconsistent
|
||||||
# use of the decimal point, so valid options would be 2.0 or 3.
|
# use of the decimal point, so valid options would be 2.0 or 3.
|
||||||
# Minimum compute version to get the instance locked status is 2.9.
|
# Minimum compute version to get the instance locked status is 2.9.
|
||||||
#OPENSTACK_API_VERSIONS = {
|
# OPENSTACK_API_VERSIONS = {
|
||||||
# "data-processing": 1.1,
|
# "data-processing": 1.1,
|
||||||
# "identity": 3,
|
# "identity": 3,
|
||||||
# "image": 2,
|
# "image": 2,
|
||||||
# "volume": 2,
|
# "volume": 2,
|
||||||
# "compute": 2,
|
# "compute": 2,
|
||||||
#}
|
# }
|
||||||
|
|
||||||
# Set this to True if running on a multi-domain model. When this is enabled, it
|
# Set this to True if running on a multi-domain model. When this is enabled, it
|
||||||
# will require the user to enter the Domain name in addition to the username
|
# will require the user to enter the Domain name in addition to the username
|
||||||
# for login.
|
# for login.
|
||||||
#OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = False
|
# OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = False
|
||||||
|
|
||||||
# Set this to True if you want available domains displayed as a dropdown menu
|
# Set this to True if you want available domains displayed as a dropdown menu
|
||||||
# on the login screen. It is strongly advised NOT to enable this for public
|
# on the login screen. It is strongly advised NOT to enable this for public
|
||||||
# clouds, as advertising enabled domains to unauthenticated customers
|
# clouds, as advertising enabled domains to unauthenticated customers
|
||||||
# irresponsibly exposes private information. This should only be used for
|
# irresponsibly exposes private information. This should only be used for
|
||||||
# private clouds where the dashboard sits behind a corporate firewall.
|
# private clouds where the dashboard sits behind a corporate firewall.
|
||||||
#OPENSTACK_KEYSTONE_DOMAIN_DROPDOWN = False
|
# OPENSTACK_KEYSTONE_DOMAIN_DROPDOWN = False
|
||||||
|
|
||||||
# If OPENSTACK_KEYSTONE_DOMAIN_DROPDOWN is enabled, this option can be used to
|
# If OPENSTACK_KEYSTONE_DOMAIN_DROPDOWN is enabled, this option can be used to
|
||||||
# set the available domains to choose from. This is a list of pairs whose first
|
# set the available domains to choose from. This is a list of pairs whose first
|
||||||
# value is the domain name and the second is the display name.
|
# value is the domain name and the second is the display name.
|
||||||
#OPENSTACK_KEYSTONE_DOMAIN_CHOICES = (
|
# OPENSTACK_KEYSTONE_DOMAIN_CHOICES = (
|
||||||
# ('Default', 'Default'),
|
# ('Default', 'Default'),
|
||||||
#)
|
# )
|
||||||
|
|
||||||
# Overrides the default domain used when running on single-domain model
|
# Overrides the default domain used when running on single-domain model
|
||||||
# with Keystone V3. All entities will be created in the default domain.
|
# with Keystone V3. All entities will be created in the default domain.
|
||||||
@ -97,45 +100,45 @@ WEBROOT = '/'
|
|||||||
# Also, you will most likely have a value in the keystone policy file like this
|
# Also, you will most likely have a value in the keystone policy file like this
|
||||||
# "cloud_admin": "rule:admin_required and domain_id:<your domain id>"
|
# "cloud_admin": "rule:admin_required and domain_id:<your domain id>"
|
||||||
# This value must be the name of the domain whose ID is specified there.
|
# This value must be the name of the domain whose ID is specified there.
|
||||||
#OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'Default'
|
# OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'Default'
|
||||||
|
|
||||||
# Set this to True to enable panels that provide the ability for users to
|
# Set this to True to enable panels that provide the ability for users to
|
||||||
# manage Identity Providers (IdPs) and establish a set of rules to map
|
# manage Identity Providers (IdPs) and establish a set of rules to map
|
||||||
# federation protocol attributes to Identity API attributes.
|
# federation protocol attributes to Identity API attributes.
|
||||||
# This extension requires v3.0+ of the Identity API.
|
# This extension requires v3.0+ of the Identity API.
|
||||||
#OPENSTACK_KEYSTONE_FEDERATION_MANAGEMENT = False
|
# OPENSTACK_KEYSTONE_FEDERATION_MANAGEMENT = False
|
||||||
|
|
||||||
# Set Console type:
|
# Set Console type:
|
||||||
# valid options are "AUTO"(default), "VNC", "SPICE", "RDP", "SERIAL" or None
|
# valid options are "AUTO"(default), "VNC", "SPICE", "RDP", "SERIAL" or None
|
||||||
# Set to None explicitly if you want to deactivate the console.
|
# Set to None explicitly if you want to deactivate the console.
|
||||||
#CONSOLE_TYPE = "AUTO"
|
# CONSOLE_TYPE = "AUTO"
|
||||||
|
|
||||||
# If provided, a "Report Bug" link will be displayed in the site header
|
# If provided, a "Report Bug" link will be displayed in the site header
|
||||||
# which links to the value of this setting (ideally a URL containing
|
# which links to the value of this setting (ideally a URL containing
|
||||||
# information on how to report issues).
|
# information on how to report issues).
|
||||||
#HORIZON_CONFIG["bug_url"] = "http://bug-report.example.com"
|
# HORIZON_CONFIG["bug_url"] = "http://bug-report.example.com"
|
||||||
|
|
||||||
# Show backdrop element outside the modal, do not close the modal
|
# Show backdrop element outside the modal, do not close the modal
|
||||||
# after clicking on backdrop.
|
# after clicking on backdrop.
|
||||||
#HORIZON_CONFIG["modal_backdrop"] = "static"
|
# HORIZON_CONFIG["modal_backdrop"] = "static"
|
||||||
|
|
||||||
# Specify a regular expression to validate user passwords.
|
# Specify a regular expression to validate user passwords.
|
||||||
#HORIZON_CONFIG["password_validator"] = {
|
# HORIZON_CONFIG["password_validator"] = {
|
||||||
# "regex": '.*',
|
# "regex": '.*',
|
||||||
# "help_text": _("Your password does not meet the requirements."),
|
# "help_text": _("Your password does not meet the requirements."),
|
||||||
#}
|
# }
|
||||||
|
|
||||||
# Disable simplified floating IP address management for deployments with
|
# Disable simplified floating IP address management for deployments with
|
||||||
# multiple floating IP pools or complex network requirements.
|
# multiple floating IP pools or complex network requirements.
|
||||||
#HORIZON_CONFIG["simple_ip_management"] = False
|
# HORIZON_CONFIG["simple_ip_management"] = False
|
||||||
|
|
||||||
# Turn off browser autocompletion for forms including the login form and
|
# Turn off browser autocompletion for forms including the login form and
|
||||||
# the database creation workflow if so desired.
|
# the database creation workflow if so desired.
|
||||||
#HORIZON_CONFIG["password_autocomplete"] = "off"
|
# HORIZON_CONFIG["password_autocomplete"] = "off"
|
||||||
|
|
||||||
# Setting this to True will disable the reveal button for password fields,
|
# Setting this to True will disable the reveal button for password fields,
|
||||||
# including on the login form.
|
# including on the login form.
|
||||||
#HORIZON_CONFIG["disable_password_reveal"] = False
|
# HORIZON_CONFIG["disable_password_reveal"] = False
|
||||||
|
|
||||||
LOCAL_PATH = os.path.dirname(os.path.abspath(__file__))
|
LOCAL_PATH = os.path.dirname(os.path.abspath(__file__))
|
||||||
|
|
||||||
@ -154,12 +157,12 @@ SECRET_KEY = secret_key.generate_or_read_from_file(
|
|||||||
# We recommend you use memcached for development; otherwise after every reload
|
# We recommend you use memcached for development; otherwise after every reload
|
||||||
# of the django development server, you will have to login again. To use
|
# of the django development server, you will have to login again. To use
|
||||||
# memcached set CACHES to something like
|
# memcached set CACHES to something like
|
||||||
#CACHES = {
|
# CACHES = {
|
||||||
# 'default': {
|
# 'default': {
|
||||||
# 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
|
# 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
|
||||||
# 'LOCATION': '127.0.0.1:11211',
|
# 'LOCATION': '127.0.0.1:11211',
|
||||||
# },
|
# },
|
||||||
#}
|
# }
|
||||||
|
|
||||||
CACHES = {
|
CACHES = {
|
||||||
'default': {
|
'default': {
|
||||||
@ -170,19 +173,19 @@ CACHES = {
|
|||||||
# Send email to the console by default
|
# Send email to the console by default
|
||||||
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
|
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
|
||||||
# Or send them to /dev/null
|
# Or send them to /dev/null
|
||||||
#EMAIL_BACKEND = 'django.core.mail.backends.dummy.EmailBackend'
|
# EMAIL_BACKEND = 'django.core.mail.backends.dummy.EmailBackend'
|
||||||
|
|
||||||
# Configure these for your outgoing email host
|
# Configure these for your outgoing email host
|
||||||
#EMAIL_HOST = 'smtp.my-company.com'
|
# EMAIL_HOST = 'smtp.my-company.com'
|
||||||
#EMAIL_PORT = 25
|
# EMAIL_PORT = 25
|
||||||
#EMAIL_HOST_USER = 'djangomail'
|
# EMAIL_HOST_USER = 'djangomail'
|
||||||
#EMAIL_HOST_PASSWORD = 'top-secret!'
|
# EMAIL_HOST_PASSWORD = 'top-secret!'
|
||||||
|
|
||||||
# For multiple regions uncomment this configuration, and add (endpoint, title).
|
# For multiple regions uncomment this configuration, and add (endpoint, title).
|
||||||
#AVAILABLE_REGIONS = [
|
# AVAILABLE_REGIONS = [
|
||||||
# ('http://cluster1.example.com:5000/v2.0', 'cluster1'),
|
# ('http://cluster1.example.com:5000/v2.0', 'cluster1'),
|
||||||
# ('http://cluster2.example.com:5000/v2.0', 'cluster2'),
|
# ('http://cluster2.example.com:5000/v2.0', 'cluster2'),
|
||||||
#]
|
# ]
|
||||||
|
|
||||||
OPENSTACK_HOST = "127.0.0.1"
|
OPENSTACK_HOST = "127.0.0.1"
|
||||||
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0" % OPENSTACK_HOST
|
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0" % OPENSTACK_HOST
|
||||||
@ -191,15 +194,15 @@ OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_"
|
|||||||
# For setting the default service region on a per-endpoint basis. Note that the
|
# For setting the default service region on a per-endpoint basis. Note that the
|
||||||
# default value for this setting is {}, and below is just an example of how it
|
# default value for this setting is {}, and below is just an example of how it
|
||||||
# should be specified.
|
# should be specified.
|
||||||
#DEFAULT_SERVICE_REGIONS = {
|
# DEFAULT_SERVICE_REGIONS = {
|
||||||
# OPENSTACK_KEYSTONE_URL: 'RegionOne'
|
# OPENSTACK_KEYSTONE_URL: 'RegionOne'
|
||||||
#}
|
# }
|
||||||
|
|
||||||
# Enables keystone web single-sign-on if set to True.
|
# Enables keystone web single-sign-on if set to True.
|
||||||
#WEBSSO_ENABLED = False
|
# WEBSSO_ENABLED = False
|
||||||
|
|
||||||
# Determines which authentication choice to show as default.
|
# Determines which authentication choice to show as default.
|
||||||
#WEBSSO_INITIAL_CHOICE = "credentials"
|
# WEBSSO_INITIAL_CHOICE = "credentials"
|
||||||
|
|
||||||
# The list of authentication mechanisms which include keystone
|
# The list of authentication mechanisms which include keystone
|
||||||
# federation protocols and identity provider/federation protocol
|
# federation protocols and identity provider/federation protocol
|
||||||
@ -209,13 +212,13 @@ OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_"
|
|||||||
# Do not remove the mandatory credentials mechanism.
|
# Do not remove the mandatory credentials mechanism.
|
||||||
# Note: The last two tuples are sample mapping keys to a identity provider
|
# Note: The last two tuples are sample mapping keys to a identity provider
|
||||||
# and federation protocol combination (WEBSSO_IDP_MAPPING).
|
# and federation protocol combination (WEBSSO_IDP_MAPPING).
|
||||||
#WEBSSO_CHOICES = (
|
# WEBSSO_CHOICES = (
|
||||||
# ("credentials", _("Keystone Credentials")),
|
# ("credentials", _("Keystone Credentials")),
|
||||||
# ("oidc", _("OpenID Connect")),
|
# ("oidc", _("OpenID Connect")),
|
||||||
# ("saml2", _("Security Assertion Markup Language")),
|
# ("saml2", _("Security Assertion Markup Language")),
|
||||||
# ("acme_oidc", "ACME - OpenID Connect"),
|
# ("acme_oidc", "ACME - OpenID Connect"),
|
||||||
# ("acme_saml2", "ACME - SAML2"),
|
# ("acme_saml2", "ACME - SAML2"),
|
||||||
#)
|
# )
|
||||||
|
|
||||||
# A dictionary of specific identity provider and federation protocol
|
# A dictionary of specific identity provider and federation protocol
|
||||||
# combinations. From the selected authentication mechanism, the value
|
# combinations. From the selected authentication mechanism, the value
|
||||||
@ -224,24 +227,24 @@ OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_"
|
|||||||
# specific WebSSO endpoint in keystone, otherwise it will use the value
|
# specific WebSSO endpoint in keystone, otherwise it will use the value
|
||||||
# as the protocol_id when redirecting to the WebSSO by protocol endpoint.
|
# as the protocol_id when redirecting to the WebSSO by protocol endpoint.
|
||||||
# NOTE: The value is expected to be a tuple formatted as: (<idp_id>, <protocol_id>).
|
# NOTE: The value is expected to be a tuple formatted as: (<idp_id>, <protocol_id>).
|
||||||
#WEBSSO_IDP_MAPPING = {
|
# WEBSSO_IDP_MAPPING = {
|
||||||
# "acme_oidc": ("acme", "oidc"),
|
# "acme_oidc": ("acme", "oidc"),
|
||||||
# "acme_saml2": ("acme", "saml2"),
|
# "acme_saml2": ("acme", "saml2"),
|
||||||
#}
|
# }
|
||||||
|
|
||||||
# The Keystone Provider drop down uses Keystone to Keystone federation
|
# The Keystone Provider drop down uses Keystone to Keystone federation
|
||||||
# to switch between Keystone service providers.
|
# to switch between Keystone service providers.
|
||||||
# Set display name for Identity Provider (dropdown display name)
|
# Set display name for Identity Provider (dropdown display name)
|
||||||
#KEYSTONE_PROVIDER_IDP_NAME = "Local Keystone"
|
# KEYSTONE_PROVIDER_IDP_NAME = "Local Keystone"
|
||||||
# This id is used for only for comparison with the service provider IDs. This ID
|
# This id is used for only for comparison with the service provider IDs. This ID
|
||||||
# should not match any service provider IDs.
|
# should not match any service provider IDs.
|
||||||
#KEYSTONE_PROVIDER_IDP_ID = "localkeystone"
|
# KEYSTONE_PROVIDER_IDP_ID = "localkeystone"
|
||||||
|
|
||||||
# Disable SSL certificate checks (useful for self-signed certificates):
|
# Disable SSL certificate checks (useful for self-signed certificates):
|
||||||
#OPENSTACK_SSL_NO_VERIFY = True
|
# OPENSTACK_SSL_NO_VERIFY = True
|
||||||
|
|
||||||
# The CA certificate to use to verify SSL connections
|
# The CA certificate to use to verify SSL connections
|
||||||
#OPENSTACK_SSL_CACERT = '/path/to/cacert.pem'
|
# OPENSTACK_SSL_CACERT = '/path/to/cacert.pem'
|
||||||
|
|
||||||
# The OPENSTACK_KEYSTONE_BACKEND settings can be used to identify the
|
# The OPENSTACK_KEYSTONE_BACKEND settings can be used to identify the
|
||||||
# capabilities of the auth backend for Keystone.
|
# capabilities of the auth backend for Keystone.
|
||||||
@ -260,12 +263,12 @@ OPENSTACK_KEYSTONE_BACKEND = {
|
|||||||
|
|
||||||
# Setting this to True, will add a new "Retrieve Password" action on instance,
|
# Setting this to True, will add a new "Retrieve Password" action on instance,
|
||||||
# allowing Admin session password retrieval/decryption.
|
# allowing Admin session password retrieval/decryption.
|
||||||
#OPENSTACK_ENABLE_PASSWORD_RETRIEVE = False
|
# OPENSTACK_ENABLE_PASSWORD_RETRIEVE = False
|
||||||
|
|
||||||
# This setting allows deployers to control whether a token is deleted on log
|
# This setting allows deployers to control whether a token is deleted on log
|
||||||
# out. This can be helpful when there are often long running processes being
|
# out. This can be helpful when there are often long running processes being
|
||||||
# run in the Horizon environment.
|
# run in the Horizon environment.
|
||||||
#TOKEN_DELETION_DISABLED = False
|
# TOKEN_DELETION_DISABLED = False
|
||||||
|
|
||||||
# The Launch Instance user experience has been significantly enhanced.
|
# The Launch Instance user experience has been significantly enhanced.
|
||||||
# You can choose whether to enable the new launch instance experience,
|
# You can choose whether to enable the new launch instance experience,
|
||||||
@ -278,12 +281,12 @@ OPENSTACK_KEYSTONE_BACKEND = {
|
|||||||
# Toggle LAUNCH_INSTANCE_LEGACY_ENABLED and LAUNCH_INSTANCE_NG_ENABLED to
|
# Toggle LAUNCH_INSTANCE_LEGACY_ENABLED and LAUNCH_INSTANCE_NG_ENABLED to
|
||||||
# determine the experience to enable. Set them both to true to enable
|
# determine the experience to enable. Set them both to true to enable
|
||||||
# both.
|
# both.
|
||||||
#LAUNCH_INSTANCE_LEGACY_ENABLED = True
|
# LAUNCH_INSTANCE_LEGACY_ENABLED = True
|
||||||
#LAUNCH_INSTANCE_NG_ENABLED = False
|
# LAUNCH_INSTANCE_NG_ENABLED = False
|
||||||
|
|
||||||
# A dictionary of settings which can be used to provide the default values for
|
# A dictionary of settings which can be used to provide the default values for
|
||||||
# properties found in the Launch Instance modal.
|
# properties found in the Launch Instance modal.
|
||||||
#LAUNCH_INSTANCE_DEFAULTS = {
|
# LAUNCH_INSTANCE_DEFAULTS = {
|
||||||
# 'config_drive': False,
|
# 'config_drive': False,
|
||||||
# 'enable_scheduler_hints': True,
|
# 'enable_scheduler_hints': True,
|
||||||
# 'disable_image': False,
|
# 'disable_image': False,
|
||||||
@ -291,7 +294,7 @@ OPENSTACK_KEYSTONE_BACKEND = {
|
|||||||
# 'disable_volume': False,
|
# 'disable_volume': False,
|
||||||
# 'disable_volume_snapshot': False,
|
# 'disable_volume_snapshot': False,
|
||||||
# 'create_volume': True,
|
# 'create_volume': True,
|
||||||
#}
|
# }
|
||||||
|
|
||||||
# The Xen Hypervisor has the ability to set the mount point for volumes
|
# The Xen Hypervisor has the ability to set the mount point for volumes
|
||||||
# attached to instances (other Hypervisors currently do not). Setting
|
# attached to instances (other Hypervisors currently do not). Setting
|
||||||
@ -374,7 +377,7 @@ OPENSTACK_HEAT_STACK = {
|
|||||||
# The OPENSTACK_IMAGE_BACKEND settings can be used to customize features
|
# The OPENSTACK_IMAGE_BACKEND settings can be used to customize features
|
||||||
# in the OpenStack Dashboard related to the Image service, such as the list
|
# in the OpenStack Dashboard related to the Image service, such as the list
|
||||||
# of supported image formats.
|
# of supported image formats.
|
||||||
#OPENSTACK_IMAGE_BACKEND = {
|
# OPENSTACK_IMAGE_BACKEND = {
|
||||||
# 'image_formats': [
|
# 'image_formats': [
|
||||||
# ('', _('Select format')),
|
# ('', _('Select format')),
|
||||||
# ('aki', _('AKI - Amazon Kernel Image')),
|
# ('aki', _('AKI - Amazon Kernel Image')),
|
||||||
@ -390,7 +393,7 @@ OPENSTACK_HEAT_STACK = {
|
|||||||
# ('vhdx', _('VHDX - Large Virtual Hard Disk')),
|
# ('vhdx', _('VHDX - Large Virtual Hard Disk')),
|
||||||
# ('vmdk', _('VMDK - Virtual Machine Disk')),
|
# ('vmdk', _('VMDK - Virtual Machine Disk')),
|
||||||
# ],
|
# ],
|
||||||
#}
|
# }
|
||||||
|
|
||||||
# The IMAGE_CUSTOM_PROPERTY_TITLES settings is used to customize the titles for
|
# The IMAGE_CUSTOM_PROPERTY_TITLES settings is used to customize the titles for
|
||||||
# image custom property attributes that appear on image detail pages.
|
# image custom property attributes that appear on image detail pages.
|
||||||
@ -412,29 +415,29 @@ IMAGE_RESERVED_CUSTOM_PROPERTIES = []
|
|||||||
# Horizon server. When enabled, a file form field will appear on the create
|
# Horizon server. When enabled, a file form field will appear on the create
|
||||||
# image form. If set to 'off', there will be no file form field on the create
|
# image form. If set to 'off', there will be no file form field on the create
|
||||||
# image form. See documentation for deployment considerations.
|
# image form. See documentation for deployment considerations.
|
||||||
#HORIZON_IMAGES_UPLOAD_MODE = 'legacy'
|
# HORIZON_IMAGES_UPLOAD_MODE = 'legacy'
|
||||||
|
|
||||||
# Allow a location to be set when creating or updating Glance images.
|
# Allow a location to be set when creating or updating Glance images.
|
||||||
# If using Glance V2, this value should be False unless the Glance
|
# If using Glance V2, this value should be False unless the Glance
|
||||||
# configuration and policies allow setting locations.
|
# configuration and policies allow setting locations.
|
||||||
#IMAGES_ALLOW_LOCATION = False
|
# IMAGES_ALLOW_LOCATION = False
|
||||||
|
|
||||||
# A dictionary of default settings for create image modal.
|
# A dictionary of default settings for create image modal.
|
||||||
#CREATE_IMAGE_DEFAULTS = {
|
# CREATE_IMAGE_DEFAULTS = {
|
||||||
# 'image_visibility': "public",
|
# 'image_visibility': "public",
|
||||||
#}
|
# }
|
||||||
|
|
||||||
# OPENSTACK_ENDPOINT_TYPE specifies the endpoint type to use for the endpoints
|
# OPENSTACK_ENDPOINT_TYPE specifies the endpoint type to use for the endpoints
|
||||||
# in the Keystone service catalog. Use this setting when Horizon is running
|
# in the Keystone service catalog. Use this setting when Horizon is running
|
||||||
# external to the OpenStack environment. The default is 'publicURL'.
|
# external to the OpenStack environment. The default is 'publicURL'.
|
||||||
#OPENSTACK_ENDPOINT_TYPE = "publicURL"
|
# OPENSTACK_ENDPOINT_TYPE = "publicURL"
|
||||||
|
|
||||||
# SECONDARY_ENDPOINT_TYPE specifies the fallback endpoint type to use in the
|
# SECONDARY_ENDPOINT_TYPE specifies the fallback endpoint type to use in the
|
||||||
# case that OPENSTACK_ENDPOINT_TYPE is not present in the endpoints
|
# case that OPENSTACK_ENDPOINT_TYPE is not present in the endpoints
|
||||||
# in the Keystone service catalog. Use this setting when Horizon is running
|
# in the Keystone service catalog. Use this setting when Horizon is running
|
||||||
# external to the OpenStack environment. The default is None. This
|
# external to the OpenStack environment. The default is None. This
|
||||||
# value should differ from OPENSTACK_ENDPOINT_TYPE if used.
|
# value should differ from OPENSTACK_ENDPOINT_TYPE if used.
|
||||||
#SECONDARY_ENDPOINT_TYPE = None
|
# SECONDARY_ENDPOINT_TYPE = None
|
||||||
|
|
||||||
# The number of objects (Swift containers/objects or images) to display
|
# The number of objects (Swift containers/objects or images) to display
|
||||||
# on a single page before providing a paging element (a "more" link)
|
# on a single page before providing a paging element (a "more" link)
|
||||||
@ -461,24 +464,24 @@ TIME_ZONE = "UTC"
|
|||||||
# can provide a custom callback method to use for sorting. You can also provide
|
# can provide a custom callback method to use for sorting. You can also provide
|
||||||
# a flag for reverse sort. For more info, see
|
# a flag for reverse sort. For more info, see
|
||||||
# http://docs.python.org/2/library/functions.html#sorted
|
# http://docs.python.org/2/library/functions.html#sorted
|
||||||
#CREATE_INSTANCE_FLAVOR_SORT = {
|
# CREATE_INSTANCE_FLAVOR_SORT = {
|
||||||
# 'key': 'name',
|
# 'key': 'name',
|
||||||
# # or
|
# # or
|
||||||
# 'key': my_awesome_callback_method,
|
# 'key': my_awesome_callback_method,
|
||||||
# 'reverse': False,
|
# 'reverse': False,
|
||||||
#}
|
# }
|
||||||
|
|
||||||
# Set this to True to display an 'Admin Password' field on the Change Password
|
# Set this to True to display an 'Admin Password' field on the Change Password
|
||||||
# form to verify that it is indeed the admin logged-in who wants to change
|
# form to verify that it is indeed the admin logged-in who wants to change
|
||||||
# the password.
|
# the password.
|
||||||
#ENFORCE_PASSWORD_CHECK = False
|
# ENFORCE_PASSWORD_CHECK = False
|
||||||
|
|
||||||
# Modules that provide /auth routes that can be used to handle different types
|
# Modules that provide /auth routes that can be used to handle different types
|
||||||
# of user authentication. Add auth plugins that require extra route handling to
|
# of user authentication. Add auth plugins that require extra route handling to
|
||||||
# this list.
|
# this list.
|
||||||
#AUTHENTICATION_URLS = [
|
# AUTHENTICATION_URLS = [
|
||||||
# 'openstack_auth.urls',
|
# 'openstack_auth.urls',
|
||||||
#]
|
# ]
|
||||||
|
|
||||||
# The Horizon Policy Enforcement engine uses these values to load per service
|
# The Horizon Policy Enforcement engine uses these values to load per service
|
||||||
# policy rule files. The content of these files should match the files the
|
# policy rule files. The content of these files should match the files the
|
||||||
@ -486,7 +489,7 @@ TIME_ZONE = "UTC"
|
|||||||
# target installation.
|
# target installation.
|
||||||
|
|
||||||
# Path to directory containing policy.json files
|
# Path to directory containing policy.json files
|
||||||
#POLICY_FILES_PATH = os.path.join(ROOT_PATH, "conf")
|
# POLICY_FILES_PATH = os.path.join(ROOT_PATH, "conf")
|
||||||
|
|
||||||
# Map of local copy of service policy files.
|
# Map of local copy of service policy files.
|
||||||
# Please insure that your identity policy file matches the one being used on
|
# Please insure that your identity policy file matches the one being used on
|
||||||
@ -498,14 +501,14 @@ TIME_ZONE = "UTC"
|
|||||||
# policy.v3cloudsample.json
|
# policy.v3cloudsample.json
|
||||||
# Having matching policy files on the Horizon and Keystone servers is essential
|
# Having matching policy files on the Horizon and Keystone servers is essential
|
||||||
# for normal operation. This holds true for all services and their policy files.
|
# for normal operation. This holds true for all services and their policy files.
|
||||||
#POLICY_FILES = {
|
# POLICY_FILES = {
|
||||||
# 'identity': 'keystone_policy.json',
|
# 'identity': 'keystone_policy.json',
|
||||||
# 'compute': 'nova_policy.json',
|
# 'compute': 'nova_policy.json',
|
||||||
# 'volume': 'cinder_policy.json',
|
# 'volume': 'cinder_policy.json',
|
||||||
# 'image': 'glance_policy.json',
|
# 'image': 'glance_policy.json',
|
||||||
# 'orchestration': 'heat_policy.json',
|
# 'orchestration': 'heat_policy.json',
|
||||||
# 'network': 'neutron_policy.json',
|
# 'network': 'neutron_policy.json',
|
||||||
#}
|
# }
|
||||||
|
|
||||||
# TODO: (david-lyle) remove when plugins support adding settings.
|
# TODO: (david-lyle) remove when plugins support adding settings.
|
||||||
# Note: Only used when trove-dashboard plugin is configured to be used by
|
# Note: Only used when trove-dashboard plugin is configured to be used by
|
||||||
@ -514,16 +517,16 @@ TIME_ZONE = "UTC"
|
|||||||
# creating users and databases on database instances is turned on.
|
# creating users and databases on database instances is turned on.
|
||||||
# To disable these extensions set the permission here to something
|
# To disable these extensions set the permission here to something
|
||||||
# unusable such as ["!"].
|
# unusable such as ["!"].
|
||||||
#TROVE_ADD_USER_PERMS = []
|
# TROVE_ADD_USER_PERMS = []
|
||||||
#TROVE_ADD_DATABASE_PERMS = []
|
# TROVE_ADD_DATABASE_PERMS = []
|
||||||
|
|
||||||
# Change this patch to the appropriate list of tuples containing
|
# Change this patch to the appropriate list of tuples containing
|
||||||
# a key, label and static directory containing two files:
|
# a key, label and static directory containing two files:
|
||||||
# _variables.scss and _styles.scss
|
# _variables.scss and _styles.scss
|
||||||
#AVAILABLE_THEMES = [
|
# AVAILABLE_THEMES = [
|
||||||
# ('default', 'Default', 'themes/default'),
|
# ('default', 'Default', 'themes/default'),
|
||||||
# ('material', 'Material', 'themes/material'),
|
# ('material', 'Material', 'themes/material'),
|
||||||
#]
|
# ]
|
||||||
|
|
||||||
LOGGING = {
|
LOGGING = {
|
||||||
'version': 1,
|
'version': 1,
|
||||||
@ -780,13 +783,13 @@ SECURITY_GROUP_RULES = {
|
|||||||
# pool for use in their cluster. False by default. You would want
|
# pool for use in their cluster. False by default. You would want
|
||||||
# to set this to True if you were running Nova Networking with
|
# to set this to True if you were running Nova Networking with
|
||||||
# auto_assign_floating_ip = True.
|
# auto_assign_floating_ip = True.
|
||||||
#SAHARA_AUTO_IP_ALLOCATION_ENABLED = False
|
# SAHARA_AUTO_IP_ALLOCATION_ENABLED = False
|
||||||
|
|
||||||
# The hash algorithm to use for authentication tokens. This must
|
# The hash algorithm to use for authentication tokens. This must
|
||||||
# match the hash algorithm that the identity server and the
|
# match the hash algorithm that the identity server and the
|
||||||
# auth_token middleware are using. Allowed values are the
|
# auth_token middleware are using. Allowed values are the
|
||||||
# algorithms supported by Python's hashlib library.
|
# algorithms supported by Python's hashlib library.
|
||||||
#OPENSTACK_TOKEN_HASH_ALGORITHM = 'md5'
|
# OPENSTACK_TOKEN_HASH_ALGORITHM = 'md5'
|
||||||
|
|
||||||
# AngularJS requires some settings to be made available to
|
# AngularJS requires some settings to be made available to
|
||||||
# the client side. Some settings are required by in-tree / built-in horizon
|
# the client side. Some settings are required by in-tree / built-in horizon
|
||||||
@ -811,7 +814,7 @@ REST_API_REQUIRED_SETTINGS = ['OPENSTACK_HYPERVISOR_FEATURES',
|
|||||||
# !! Please use extreme caution as the settings are transferred via HTTP/S
|
# !! Please use extreme caution as the settings are transferred via HTTP/S
|
||||||
# and are not encrypted on the browser. This is an experimental API and
|
# and are not encrypted on the browser. This is an experimental API and
|
||||||
# may be deprecated in the future without notice.
|
# may be deprecated in the future without notice.
|
||||||
#REST_API_ADDITIONAL_SETTINGS = []
|
# REST_API_ADDITIONAL_SETTINGS = []
|
||||||
|
|
||||||
# DISALLOW_IFRAME_EMBED can be used to prevent Horizon from being embedded
|
# DISALLOW_IFRAME_EMBED can be used to prevent Horizon from being embedded
|
||||||
# within an iframe. Legacy browsers are still vulnerable to a Cross-Frame
|
# within an iframe. Legacy browsers are still vulnerable to a Cross-Frame
|
||||||
@ -819,11 +822,11 @@ REST_API_REQUIRED_SETTINGS = ['OPENSTACK_HYPERVISOR_FEATURES',
|
|||||||
# where iframes are not used in deployment. Default setting is True.
|
# where iframes are not used in deployment. Default setting is True.
|
||||||
# For more information see:
|
# For more information see:
|
||||||
# http://tinyurl.com/anticlickjack
|
# http://tinyurl.com/anticlickjack
|
||||||
#DISALLOW_IFRAME_EMBED = True
|
# DISALLOW_IFRAME_EMBED = True
|
||||||
|
|
||||||
# Help URL can be made available for the client. To provide a help URL, edit the
|
# Help URL can be made available for the client. To provide a help URL, edit the
|
||||||
# following attribute to the URL of your choice.
|
# following attribute to the URL of your choice.
|
||||||
#HORIZON_CONFIG["help_url"] = "http://openstack.mycompany.org"
|
# HORIZON_CONFIG["help_url"] = "http://openstack.mycompany.org"
|
||||||
|
|
||||||
# Settings for OperationLogMiddleware
|
# Settings for OperationLogMiddleware
|
||||||
# OPERATION_LOG_ENABLED is flag to use the function to log an operation on
|
# OPERATION_LOG_ENABLED is flag to use the function to log an operation on
|
||||||
@ -831,8 +834,8 @@ REST_API_REQUIRED_SETTINGS = ['OPENSTACK_HYPERVISOR_FEATURES',
|
|||||||
# mask_targets is arrangement for appointing a target to mask.
|
# mask_targets is arrangement for appointing a target to mask.
|
||||||
# method_targets is arrangement of HTTP method to output log.
|
# method_targets is arrangement of HTTP method to output log.
|
||||||
# format is the log contents.
|
# format is the log contents.
|
||||||
#OPERATION_LOG_ENABLED = False
|
# OPERATION_LOG_ENABLED = False
|
||||||
#OPERATION_LOG_OPTIONS = {
|
# OPERATION_LOG_OPTIONS = {
|
||||||
# 'mask_fields': ['password'],
|
# 'mask_fields': ['password'],
|
||||||
# 'target_methods': ['POST'],
|
# 'target_methods': ['POST'],
|
||||||
# 'ignored_urls': ['/js/', '/static/', '^/api/'],
|
# 'ignored_urls': ['/js/', '/static/', '^/api/'],
|
||||||
@ -841,19 +844,19 @@ REST_API_REQUIRED_SETTINGS = ['OPENSTACK_HYPERVISOR_FEATURES',
|
|||||||
# " [%(project_id)s] [%(user_name)s] [%(user_id)s] [%(request_scheme)s]"
|
# " [%(project_id)s] [%(user_name)s] [%(user_id)s] [%(request_scheme)s]"
|
||||||
# " [%(referer_url)s] [%(request_url)s] [%(message)s] [%(method)s]"
|
# " [%(referer_url)s] [%(request_url)s] [%(message)s] [%(method)s]"
|
||||||
# " [%(http_status)s] [%(param)s]"),
|
# " [%(http_status)s] [%(param)s]"),
|
||||||
#}
|
# }
|
||||||
|
|
||||||
# The default date range in the Overview panel meters - either <today> minus N
|
# The default date range in the Overview panel meters - either <today> minus N
|
||||||
# days (if the value is integer N), or from the beginning of the current month
|
# days (if the value is integer N), or from the beginning of the current month
|
||||||
# until today (if set to None). This setting should be used to limit the amount
|
# until today (if set to None). This setting should be used to limit the amount
|
||||||
# of data fetched by default when rendering the Overview panel.
|
# of data fetched by default when rendering the Overview panel.
|
||||||
#OVERVIEW_DAYS_RANGE = 1
|
# OVERVIEW_DAYS_RANGE = 1
|
||||||
|
|
||||||
# To allow operators to require users provide a search criteria first
|
# To allow operators to require users provide a search criteria first
|
||||||
# before loading any data into the views, set the following dict
|
# before loading any data into the views, set the following dict
|
||||||
# attributes to True in each one of the panels you want to enable this feature.
|
# attributes to True in each one of the panels you want to enable this feature.
|
||||||
# Follow the convention <dashboard>.<view>
|
# Follow the convention <dashboard>.<view>
|
||||||
#FILTER_DATA_FIRST = {
|
# FILTER_DATA_FIRST = {
|
||||||
# 'admin.instances': False,
|
# 'admin.instances': False,
|
||||||
# 'admin.images': False,
|
# 'admin.images': False,
|
||||||
# 'admin.networks': False,
|
# 'admin.networks': False,
|
||||||
@ -863,7 +866,7 @@ REST_API_REQUIRED_SETTINGS = ['OPENSTACK_HYPERVISOR_FEATURES',
|
|||||||
# 'identity.projects': False,
|
# 'identity.projects': False,
|
||||||
# 'identity.groups': False,
|
# 'identity.groups': False,
|
||||||
# 'identity.roles': False
|
# 'identity.roles': False
|
||||||
#}
|
# }
|
||||||
|
|
||||||
# Dict used to restrict user private subnet cidr range.
|
# Dict used to restrict user private subnet cidr range.
|
||||||
# An empty list means that user input will not be restricted
|
# An empty list means that user input will not be restricted
|
||||||
@ -871,10 +874,10 @@ REST_API_REQUIRED_SETTINGS = ['OPENSTACK_HYPERVISOR_FEATURES',
|
|||||||
# no restriction for IPv4 or IPv6. To restrict
|
# no restriction for IPv4 or IPv6. To restrict
|
||||||
# user private subnet cidr range set ALLOWED_PRIVATE_SUBNET_CIDR
|
# user private subnet cidr range set ALLOWED_PRIVATE_SUBNET_CIDR
|
||||||
# to something like
|
# to something like
|
||||||
#ALLOWED_PRIVATE_SUBNET_CIDR = {
|
# ALLOWED_PRIVATE_SUBNET_CIDR = {
|
||||||
# 'ipv4': ['10.0.0.0/8', '192.168.0.0/16'],
|
# 'ipv4': ['10.0.0.0/8', '192.168.0.0/16'],
|
||||||
# 'ipv6': ['fc00::/7']
|
# 'ipv6': ['fc00::/7']
|
||||||
#}
|
# }
|
||||||
ALLOWED_PRIVATE_SUBNET_CIDR = {'ipv4': [], 'ipv6': []}
|
ALLOWED_PRIVATE_SUBNET_CIDR = {'ipv4': [], 'ipv6': []}
|
||||||
|
|
||||||
# Projects and users can have extra attributes as defined by keystone v3.
|
# Projects and users can have extra attributes as defined by keystone v3.
|
||||||
@ -882,12 +885,12 @@ ALLOWED_PRIVATE_SUBNET_CIDR = {'ipv4': [], 'ipv6': []}
|
|||||||
# If you'd like to display extra data in the project or user tables, set the
|
# If you'd like to display extra data in the project or user tables, set the
|
||||||
# corresponding dict key to the attribute name, followed by the display name.
|
# corresponding dict key to the attribute name, followed by the display name.
|
||||||
# For more information, see horizon's customization (http://docs.openstack.org/developer/horizon/topics/customizing.html#horizon-customization-module-overrides)
|
# For more information, see horizon's customization (http://docs.openstack.org/developer/horizon/topics/customizing.html#horizon-customization-module-overrides)
|
||||||
#PROJECT_TABLE_EXTRA_INFO = {
|
# PROJECT_TABLE_EXTRA_INFO = {
|
||||||
# 'phone_num': _('Phone Number'),
|
# 'phone_num': _('Phone Number'),
|
||||||
#}
|
# }
|
||||||
#USER_TABLE_EXTRA_INFO = {
|
# USER_TABLE_EXTRA_INFO = {
|
||||||
# 'phone_num': _('Phone Number'),
|
# 'phone_num': _('Phone Number'),
|
||||||
#}
|
# }
|
||||||
|
|
||||||
# Password will have an expiration date when using keystone v3 and enabling the
|
# Password will have an expiration date when using keystone v3 and enabling the
|
||||||
# feature.
|
# feature.
|
||||||
@ -895,22 +898,8 @@ ALLOWED_PRIVATE_SUBNET_CIDR = {'ipv4': [], 'ipv6': []}
|
|||||||
# prior to the password expiration.
|
# prior to the password expiration.
|
||||||
# Once the password expires keystone will deny the access and users must
|
# Once the password expires keystone will deny the access and users must
|
||||||
# contact an admin to change their password.
|
# contact an admin to change their password.
|
||||||
#PASSWORD_EXPIRES_WARNING_THRESHOLD_DAYS = 0
|
# PASSWORD_EXPIRES_WARNING_THRESHOLD_DAYS = 0
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# Custom WRS settings
|
|
||||||
import configss
|
|
||||||
|
|
||||||
ALLOWED_HOSTS = ["*"]
|
ALLOWED_HOSTS = ["*"]
|
||||||
|
|
||||||
|
|
||||||
HORIZON_CONFIG["password_autocomplete"] = "off"
|
HORIZON_CONFIG["password_autocomplete"] = "off"
|
||||||
|
|
||||||
# The OPENSTACK_HEAT_STACK settings can be used to disable password
|
# The OPENSTACK_HEAT_STACK settings can be used to disable password
|
||||||
@ -921,7 +910,7 @@ OPENSTACK_HEAT_STACK = {
|
|||||||
|
|
||||||
OPENSTACK_HOST = "controller"
|
OPENSTACK_HOST = "controller"
|
||||||
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
|
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
|
||||||
OPENSTACK_API_VERSIONS={"identity":3}
|
OPENSTACK_API_VERSIONS = {"identity": 3}
|
||||||
|
|
||||||
OPENSTACK_NEUTRON_NETWORK['enable_distributed_router'] = True
|
OPENSTACK_NEUTRON_NETWORK['enable_distributed_router'] = True
|
||||||
|
|
||||||
@ -936,7 +925,7 @@ try:
|
|||||||
|
|
||||||
OPENSTACK_HOST = configss.CONFSS['shared_services']['openstack_host']
|
OPENSTACK_HOST = configss.CONFSS['shared_services']['openstack_host']
|
||||||
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
|
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
|
||||||
AVAILABLE_REGIONS = [(OPENSTACK_KEYSTONE_URL, configss.CONFSS['shared_services']['region_name']),]
|
AVAILABLE_REGIONS = [(OPENSTACK_KEYSTONE_URL, configss.CONFSS['shared_services']['region_name'])]
|
||||||
REGION_NAME = configss.CONFSS['shared_services']['region_name']
|
REGION_NAME = configss.CONFSS['shared_services']['region_name']
|
||||||
SS_ENABLED = "True"
|
SS_ENABLED = "True"
|
||||||
else:
|
else:
|
||||||
@ -960,8 +949,8 @@ except Exception:
|
|||||||
|
|
||||||
# check if it is in distributed cloud
|
# check if it is in distributed cloud
|
||||||
DC_MODE = False
|
DC_MODE = False
|
||||||
if distributed_cloud_role and distributed_cloud_role in [ 'systemcontroller', 'subcloud']:
|
if distributed_cloud_role and distributed_cloud_role in ['systemcontroller', 'subcloud']:
|
||||||
DC_MODE= True
|
DC_MODE = True
|
||||||
|
|
||||||
OPENSTACK_ENDPOINT_TYPE = "internalURL"
|
OPENSTACK_ENDPOINT_TYPE = "internalURL"
|
||||||
|
|
||||||
@ -981,12 +970,12 @@ POLICY_FILES_PATH = "/etc/openstack-dashboard"
|
|||||||
# Settings for OperationLogMiddleware
|
# Settings for OperationLogMiddleware
|
||||||
OPERATION_LOG_ENABLED = True
|
OPERATION_LOG_ENABLED = True
|
||||||
OPERATION_LOG_OPTIONS = {
|
OPERATION_LOG_OPTIONS = {
|
||||||
'mask_fields': ['password', 'bm_password', 'bm_confirm_password',
|
'mask_fields': ['password', 'bm_password', 'bm_confirm_password',
|
||||||
'current_password', 'confirm_password', 'new_password'],
|
'current_password', 'confirm_password', 'new_password'],
|
||||||
'target_methods': ['POST', 'PUT', 'DELETE'],
|
'target_methods': ['POST', 'PUT', 'DELETE'],
|
||||||
'format': ("[%(project_name)s %(project_id)s] [%(user_name)s %(user_id)s]"
|
'format': ("[%(project_name)s %(project_id)s] [%(user_name)s %(user_id)s]"
|
||||||
" [%(method)s %(request_url)s %(http_status)s]"
|
" [%(method)s %(request_url)s %(http_status)s]"
|
||||||
" parameters:[%(param)s] message:[%(message)s]"),
|
" parameters:[%(param)s] message:[%(message)s]"),
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -1025,11 +1014,11 @@ try:
|
|||||||
if os.path.exists('/etc/openstack-dashboard/horizon-config.ini'):
|
if os.path.exists('/etc/openstack-dashboard/horizon-config.ini'):
|
||||||
if not configss.CONFSS or 'horizon_params' not in configss.CONFSS:
|
if not configss.CONFSS or 'horizon_params' not in configss.CONFSS:
|
||||||
configss.load('/etc/openstack-dashboard/horizon-config.ini')
|
configss.load('/etc/openstack-dashboard/horizon-config.ini')
|
||||||
|
|
||||||
if configss.CONFSS['horizon_params']['https_enabled'] == 'true':
|
if configss.CONFSS['horizon_params']['https_enabled'] == 'true':
|
||||||
CSRF_COOKIE_SECURE = True
|
CSRF_COOKIE_SECURE = True
|
||||||
SESSION_COOKIE_SECURE = True
|
SESSION_COOKIE_SECURE = True
|
||||||
|
|
||||||
if configss.CONFSS['auth']['lockout_period']:
|
if configss.CONFSS['auth']['lockout_period']:
|
||||||
LOCKOUT_PERIOD_SEC = float(configss.CONFSS['auth']['lockout_period'])
|
LOCKOUT_PERIOD_SEC = float(configss.CONFSS['auth']['lockout_period'])
|
||||||
if configss.CONFSS['auth']['lockout_retries']:
|
if configss.CONFSS['auth']['lockout_retries']:
|
||||||
@ -1190,6 +1179,3 @@ LOGGING = {
|
|||||||
},
|
},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -11,6 +11,7 @@ if command is None:
|
|||||||
|
|
||||||
syslog.openlog('nova_migration_wrapper')
|
syslog.openlog('nova_migration_wrapper')
|
||||||
|
|
||||||
|
|
||||||
def allow_command(user, args):
|
def allow_command(user, args):
|
||||||
syslog.syslog(syslog.LOG_INFO, "Allowing connection='{}' command={} ".format(
|
syslog.syslog(syslog.LOG_INFO, "Allowing connection='{}' command={} ".format(
|
||||||
ssh_connection,
|
ssh_connection,
|
||||||
@ -18,6 +19,7 @@ def allow_command(user, args):
|
|||||||
))
|
))
|
||||||
os.execlp('sudo', 'sudo', '-u', user, *args)
|
os.execlp('sudo', 'sudo', '-u', user, *args)
|
||||||
|
|
||||||
|
|
||||||
def deny_command(args):
|
def deny_command(args):
|
||||||
syslog.syslog(syslog.LOG_ERR, "Denying connection='{}' command={}".format(
|
syslog.syslog(syslog.LOG_ERR, "Denying connection='{}' command={}".format(
|
||||||
ssh_connection,
|
ssh_connection,
|
||||||
@ -26,13 +28,14 @@ def deny_command(args):
|
|||||||
sys.stderr.write('Forbidden\n')
|
sys.stderr.write('Forbidden\n')
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
|
|
||||||
|
|
||||||
# Handle libvirt ssh tunnel script snippet
|
# Handle libvirt ssh tunnel script snippet
|
||||||
# https://github.com/libvirt/libvirt/blob/f0803dae93d62a4b8a2f67f4873c290a76d978b3/src/rpc/virnetsocket.c#L890
|
# https://github.com/libvirt/libvirt/blob/f0803dae93d62a4b8a2f67f4873c290a76d978b3/src/rpc/virnetsocket.c#L890
|
||||||
libvirt_sock = '/var/run/libvirt/libvirt-sock'
|
libvirt_sock = '/var/run/libvirt/libvirt-sock'
|
||||||
live_migration_tunnel_cmd = "sh -c 'if 'nc' -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then " \
|
live_migration_tunnel_cmd = "sh -c 'if 'nc' -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then " \
|
||||||
"ARG=-q0;" \
|
" ARG=-q0;" \
|
||||||
"else " \
|
"else " \
|
||||||
"ARG=;" \
|
" ARG=;" \
|
||||||
"fi;" \
|
"fi;" \
|
||||||
"'nc' $ARG -U {}'".format(libvirt_sock)
|
"'nc' $ARG -U {}'".format(libvirt_sock)
|
||||||
|
|
||||||
@ -49,11 +52,13 @@ cold_migration_cmds = [
|
|||||||
]
|
]
|
||||||
rootwrap_args = ['/usr/bin/nova-rootwrap', '/etc/nova/migration/rootwrap.conf']
|
rootwrap_args = ['/usr/bin/nova-rootwrap', '/etc/nova/migration/rootwrap.conf']
|
||||||
|
|
||||||
|
|
||||||
def validate_cold_migration_cmd(args):
|
def validate_cold_migration_cmd(args):
|
||||||
target_path = os.path.normpath(args[-1])
|
target_path = os.path.normpath(args[-1])
|
||||||
cmd = args[:-1]
|
cmd = args[:-1]
|
||||||
return cmd in cold_migration_cmds and target_path.startswith(cold_migration_root)
|
return cmd in cold_migration_cmds and target_path.startswith(cold_migration_root)
|
||||||
|
|
||||||
|
|
||||||
# Rules
|
# Rules
|
||||||
args = command.split(' ')
|
args = command.split(' ')
|
||||||
if command == live_migration_tunnel_cmd:
|
if command == live_migration_tunnel_cmd:
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
#!/usr/bin/python2
|
#!/usr/bin/python2
|
||||||
#PBR Generated from u'wsgi_scripts'
|
# PBR Generated from u'wsgi_scripts'
|
||||||
|
|
||||||
import threading
|
import threading
|
||||||
|
|
||||||
@ -61,4 +61,3 @@ else:
|
|||||||
with app_lock:
|
with app_lock:
|
||||||
if application is None:
|
if application is None:
|
||||||
application = init_application()
|
application = init_application()
|
||||||
|
|
||||||
|
@ -16,7 +16,9 @@ import logging
|
|||||||
|
|
||||||
|
|
||||||
# logger
|
# logger
|
||||||
logging.basicConfig(level=logging.DEBUG, format='%(asctime)s - %(name)s - %(levelname)s - %(message)s')
|
|
||||||
|
logging.basicConfig(level=logging.DEBUG,
|
||||||
|
format='%(asctime)s - %(name)s - %(levelname)s - %(message)s')
|
||||||
logging.getLogger('multiprocessing').setLevel(logging.DEBUG)
|
logging.getLogger('multiprocessing').setLevel(logging.DEBUG)
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
||||||
@ -82,6 +84,7 @@ def get_l3_cache_allocation_info():
|
|||||||
_L3_CACHE[cache]['num_cbm_bits'] = None
|
_L3_CACHE[cache]['num_cbm_bits'] = None
|
||||||
return _L3_CACHE
|
return _L3_CACHE
|
||||||
|
|
||||||
|
|
||||||
def get_l3_cache_allocation_schemata(uuid=None):
|
def get_l3_cache_allocation_schemata(uuid=None):
|
||||||
"""Get resctrl L3 cache allocation technology schemata CBM corresponding
|
"""Get resctrl L3 cache allocation technology schemata CBM corresponding
|
||||||
to instance uuid, or the default schemata if uuid not provided.
|
to instance uuid, or the default schemata if uuid not provided.
|
||||||
@ -136,6 +139,7 @@ def get_l3_cache_allocation_schemata(uuid=None):
|
|||||||
|
|
||||||
return schemata
|
return schemata
|
||||||
|
|
||||||
|
|
||||||
def get_all_l3_schemata():
|
def get_all_l3_schemata():
|
||||||
"""Get L3 CLOS schemata CBM for all resctrl uuids.
|
"""Get L3 CLOS schemata CBM for all resctrl uuids.
|
||||||
:param: None
|
:param: None
|
||||||
@ -238,8 +242,8 @@ def print_all_instance_schematas(l3_info=None, default_schemata=None, schematas=
|
|||||||
closids_used = 1 + len(schematas)
|
closids_used = 1 + len(schematas)
|
||||||
|
|
||||||
print('%6s %4s : %*s : %8s : %20s : %4s : %s'
|
print('%6s %4s : %*s : %8s : %20s : %4s : %s'
|
||||||
% ('cache', 'bank', uuid_len, 'uuid',
|
% ('cache', 'bank', uuid_len, 'uuid',
|
||||||
'CBM', 'bitarray', 'size', 'setbits'))
|
'CBM', 'bitarray', 'size', 'setbits'))
|
||||||
for cache_type in cache_types:
|
for cache_type in cache_types:
|
||||||
for bank in banks:
|
for bank in banks:
|
||||||
default_s = hextoset(mask=default_schemata[cache_type][bank])
|
default_s = hextoset(mask=default_schemata[cache_type][bank])
|
||||||
@ -247,12 +251,12 @@ def print_all_instance_schematas(l3_info=None, default_schemata=None, schematas=
|
|||||||
default_d = int(default_h, 16)
|
default_d = int(default_h, 16)
|
||||||
name = 'default'
|
name = 'default'
|
||||||
print('%6s %4d : %*s : %08x : %s : %4d : %s'
|
print('%6s %4d : %*s : %08x : %s : %4d : %s'
|
||||||
% (cache_type, bank, uuid_len, name, default_d,
|
% (cache_type, bank, uuid_len, name, default_d,
|
||||||
format(default_d, '020b'), bin(default_d).count('1'),
|
format(default_d, '020b'), bin(default_d).count('1'),
|
||||||
list_to_range(input_list=default_s)))
|
list_to_range(input_list=default_s)))
|
||||||
|
|
||||||
for name, schemata in sorted(schematas.items(),
|
for name, schemata in sorted(schematas.items(),
|
||||||
key=lambda x: msb(int(x[1][cache_type][bank], 16))):
|
key=lambda x: msb(int(x[1][cache_type][bank], 16))):
|
||||||
|
|
||||||
if schemata[cache_type][bank] == cbm_mask:
|
if schemata[cache_type][bank] == cbm_mask:
|
||||||
cbm_s = set()
|
cbm_s = set()
|
||||||
@ -261,11 +265,12 @@ def print_all_instance_schematas(l3_info=None, default_schemata=None, schematas=
|
|||||||
cbm_h = settohex(setbits=cbm_s)
|
cbm_h = settohex(setbits=cbm_s)
|
||||||
cbm_d = int(cbm_h, 16)
|
cbm_d = int(cbm_h, 16)
|
||||||
print('%6s %4d : %s : %08x : %s : %4d : %s'
|
print('%6s %4d : %s : %08x : %s : %4d : %s'
|
||||||
% (cache_type, bank, name, cbm_d,
|
% (cache_type, bank, name, cbm_d,
|
||||||
format(cbm_d, '020b'), bin(cbm_d).count('1'),
|
format(cbm_d, '020b'), bin(cbm_d).count('1'),
|
||||||
list_to_range(input_list=cbm_s) or '-'))
|
list_to_range(input_list=cbm_s) or '-'))
|
||||||
print('CLOSIDS/type: %d total, %d used' % (closids_total, closids_used))
|
print('CLOSIDS/type: %d total, %d used' % (closids_total, closids_used))
|
||||||
|
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
l3_info = get_l3_cache_allocation_info()
|
l3_info = get_l3_cache_allocation_info()
|
||||||
if not _L3_RESCTRL_SUPPORT:
|
if not _L3_RESCTRL_SUPPORT:
|
||||||
@ -276,6 +281,7 @@ def main():
|
|||||||
default_schemata=default_schemata,
|
default_schemata=default_schemata,
|
||||||
schematas=schematas)
|
schematas=schematas)
|
||||||
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
main()
|
main()
|
||||||
sys.exit(0)
|
sys.exit(0)
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
bashate >= 0.2
|
bashate >= 0.2
|
||||||
PyYAML >= 3.1.0
|
PyYAML >= 3.1.0
|
||||||
yamllint >= 0.5.2
|
yamllint >= 0.5.2
|
||||||
|
flake8 >= 2.5.4 # MIT
|
||||||
|
22
tox.ini
22
tox.ini
@ -1,5 +1,5 @@
|
|||||||
[tox]
|
[tox]
|
||||||
envlist = linters
|
envlist = linters,pep8
|
||||||
minversion = 2.3
|
minversion = 2.3
|
||||||
skipsdist = True
|
skipsdist = True
|
||||||
|
|
||||||
@ -30,11 +30,23 @@ commands =
|
|||||||
|
|
||||||
[testenv:pep8]
|
[testenv:pep8]
|
||||||
usedevelop = False
|
usedevelop = False
|
||||||
skip_install = True
|
description =
|
||||||
deps =
|
Run style checks.
|
||||||
pep8
|
|
||||||
|
|
||||||
commands =
|
commands =
|
||||||
pep8
|
flake8
|
||||||
|
|
||||||
|
|
||||||
|
[flake8]
|
||||||
|
# E123, E125 skipped as they are invalid PEP-8.
|
||||||
|
# E501 skipped because some of the code files include templates
|
||||||
|
# that end up quite wide
|
||||||
|
# H405: multi line docstring summary not separated with an empty line
|
||||||
|
show-source = True
|
||||||
|
ignore = E123,E125,E501,H405
|
||||||
|
exclude = .venv,.git,.tox,dist,doc,*lib/python*,*egg,build,release-tag-*
|
||||||
|
|
||||||
|
|
||||||
[testenv:venv]
|
[testenv:venv]
|
||||||
commands = {posargs}
|
commands = {posargs}
|
||||||
|
Loading…
Reference in New Issue
Block a user