root / snf-cyclades-app / conf / 20-snf-cyclades-app-api.conf @ 6ce03057
History | View | Annotate | Download (4.9 kB)
1 |
## -*- coding: utf-8 -*- |
---|---|
2 |
## |
3 |
## API configuration |
4 |
###################### |
5 |
# |
6 |
# |
7 |
#DEBUG = False |
8 |
# |
9 |
## Top-level URL for deployment. Numerous other URLs depend on this. |
10 |
#CYCLADES_BASE_URL = "https://host:port/cyclades" |
11 |
# |
12 |
## The API will return HTTP Bad Request if the ?changes-since |
13 |
## parameter refers to a point in time more than POLL_LIMIT seconds ago. |
14 |
#POLL_LIMIT = 3600 |
15 |
# |
16 |
## |
17 |
## Network Configuration |
18 |
## |
19 |
# |
20 |
## List of network IDs. All created instances will get a NIC connected to each |
21 |
## network of this list. If the special network ID "SNF:ANY_PUBLIC" is used, |
22 |
## Cyclades will automatically choose a public network and connect the server to |
23 |
## it. |
24 |
#DEFAULT_INSTANCE_NETWORKS=["SNF:ANY_PUBLIC"] |
25 |
# |
26 |
# |
27 |
## Maximum allowed network size for private networks. |
28 |
#MAX_CIDR_BLOCK = 22 |
29 |
# |
30 |
## Default settings used by network flavors |
31 |
#DEFAULT_MAC_PREFIX = 'aa:00:0' |
32 |
#DEFAULT_BRIDGE = 'br0' |
33 |
# |
34 |
## Network flavors that users are allowed to create through API requests |
35 |
#API_ENABLED_NETWORK_FLAVORS = ['MAC_FILTERED'] |
36 |
# |
37 |
## Settings for IP_LESS_ROUTED network: |
38 |
## ----------------------------------- |
39 |
## In this case VMCs act as routers that forward the traffic to/from VMs, based |
40 |
## on the defined routing table($DEFAULT_ROUTING_TABLE) and ip rules, that |
41 |
## exist in every node, implenting an IP-less routed and proxy-arp setup. |
42 |
#DEFAULT_ROUTING_TABLE = 'snf_public' |
43 |
# |
44 |
## Settings for MAC_FILTERED network: |
45 |
## ------------------------------------------ |
46 |
## All networks of this type are bridged to the same bridge. Isolation between |
47 |
## networks is achieved by assigning a unique MAC-prefix to each network and |
48 |
## filtering packets via ebtables. |
49 |
#DEFAULT_MAC_FILTERED_BRIDGE = 'prv0' |
50 |
# |
51 |
# |
52 |
## Firewall tags should contain '%d' to be filled with the NIC |
53 |
## index. |
54 |
#GANETI_FIREWALL_ENABLED_TAG = 'synnefo:network:0:protected' |
55 |
#GANETI_FIREWALL_DISABLED_TAG = 'synnefo:network:0:unprotected' |
56 |
#GANETI_FIREWALL_PROTECTED_TAG = 'synnefo:network:0:limited' |
57 |
# |
58 |
## The default firewall profile that will be in effect if no tags are defined |
59 |
#DEFAULT_FIREWALL_PROFILE = 'DISABLED' |
60 |
# |
61 |
## Fixed mapping of user VMs to a specific backend. |
62 |
## e.g. BACKEND_PER_USER = {'example@synnefo.org': 2} |
63 |
#BACKEND_PER_USER = {} |
64 |
# |
65 |
# |
66 |
## URL templates for the stat graphs. |
67 |
## The API implementation replaces '%s' with the encrypted backend id. |
68 |
## FIXME: For now we do not encrypt the backend id. |
69 |
#CPU_BAR_GRAPH_URL = 'http://stats.synnefo.org/%s/cpu-bar.png' |
70 |
#CPU_TIMESERIES_GRAPH_URL = 'http://stats.synnefo.org/%s/cpu-ts.png' |
71 |
#NET_BAR_GRAPH_URL = 'http://stats.synnefo.org/%s/net-bar.png' |
72 |
#NET_TIMESERIES_GRAPH_URL = 'http://stats.synnefo.org/%s/net-ts.png' |
73 |
# |
74 |
## Recommended refresh period for server stats |
75 |
#STATS_REFRESH_PERIOD = 60 |
76 |
# |
77 |
## The maximum number of file path/content pairs that can be supplied on server |
78 |
## build |
79 |
#MAX_PERSONALITY = 5 |
80 |
# |
81 |
## The maximum size, in bytes, for each personality file |
82 |
#MAX_PERSONALITY_SIZE = 10240 |
83 |
# |
84 |
# |
85 |
## Authentication URL of the astakos instance to be used for user management |
86 |
#ASTAKOS_AUTH_URL = 'https://accounts.example.synnefo.org/identity/v2.0' |
87 |
# |
88 |
## Key for password encryption-decryption. After changing this setting, synnefo |
89 |
## will be unable to decrypt all existing Backend passwords. You will need to |
90 |
## store again the new password by using 'snf-manage backend-modify'. |
91 |
## SECRET_ENCRYPTION_KEY may up to 32 bytes. Keys bigger than 32 bytes are not |
92 |
## supported. |
93 |
#SECRET_ENCRYPTION_KEY= "Password Encryption Key" |
94 |
# |
95 |
## Astakos service token |
96 |
## The token used for astakos service api calls (e.g. api to retrieve user email |
97 |
## using a user uuid) |
98 |
#CYCLADES_SERVICE_TOKEN = '' |
99 |
|
100 |
## PROXY Astakos services under the following path |
101 |
#CYCLADES_PROXY_PREFIX = '_astakos' |
102 |
|
103 |
# Tune the size of the http connection pool to astakos. |
104 |
#CYCLADES_ASTAKOSCLIENT_POOLSIZE = 50 |
105 |
# |
106 |
## Template to use to build the FQDN of VMs. The setting will be formated with |
107 |
## the id of the VM. If set to 'None' the first public IPv4 or IPv6 address |
108 |
## of the VM will be used. |
109 |
#CYCLADES_SERVERS_FQDN = 'snf-%(id)s.vm.example.synnefo.org' |
110 |
# |
111 |
## Description of applied port forwarding rules (DNAT) for Cyclades VMs. This |
112 |
## setting contains a mapping from the port of each VM to a tuple contaning the |
113 |
## destination IP/hostname and the new port: (host, port). Instead of a tuple a |
114 |
## python callable object may be used which must return such a tuple. The caller |
115 |
## will pass to the callable the following positional arguments, in the |
116 |
## following order: |
117 |
## * server_id: The ID of the VM in the DB |
118 |
## * ip_address: The IPv4 address of the public VM NIC |
119 |
## * fqdn: The FQDN of the VM |
120 |
## * user: The UUID of the owner of the VM |
121 |
## |
122 |
## Here is an example describing the mapping of the SSH port of all VMs to |
123 |
## the external address 'gate.example.synnefo.org' and port 60000+server_id. |
124 |
## e.g. iptables -t nat -A prerouting -d gate.example.synnefo.org \ |
125 |
## --dport (61000 # $(VM_ID)) -j DNAT --to-destination $(VM_IP):22 |
126 |
##CYCLADES_PORT_FORWARDING = { |
127 |
## 22: lambda ip_address, server_id, fqdn, user: |
128 |
## ("gate.example.synnefo.org", 61000 + server_id), |
129 |
##} |
130 |
#CYCLADES_PORT_FORWARDING = {} |