root / snf-cyclades-app / conf / 20-snf-cyclades-app-api.conf @ 72bf812d
History | View | Annotate | Download (5 kB)
1 | fd622d4b | Christos Stavrakakis | ## -*- coding: utf-8 -*- |
---|---|---|---|
2 | fd622d4b | Christos Stavrakakis | ## |
3 | fd622d4b | Christos Stavrakakis | ## API configuration |
4 | fd622d4b | Christos Stavrakakis | ###################### |
5 | fd622d4b | Christos Stavrakakis | # |
6 | fd622d4b | Christos Stavrakakis | # |
7 | fd622d4b | Christos Stavrakakis | #DEBUG = False |
8 | fd622d4b | Christos Stavrakakis | # |
9 | fd622d4b | Christos Stavrakakis | ## Top-level URL for deployment. Numerous other URLs depend on this. |
10 | fd622d4b | Christos Stavrakakis | #APP_INSTALL_URL = "https://host:port" |
11 | fd622d4b | Christos Stavrakakis | # |
12 | fd622d4b | Christos Stavrakakis | ## The API implementation needs to accept and return absolute references |
13 | fd622d4b | Christos Stavrakakis | ## to its resources. Thus, it needs to know its public URL. |
14 | fd622d4b | Christos Stavrakakis | #API_ROOT_URL = APP_INSTALL_URL + '/api' |
15 | fd622d4b | Christos Stavrakakis | # |
16 | fd622d4b | Christos Stavrakakis | ## The API will return HTTP Bad Request if the ?changes-since |
17 | fd622d4b | Christos Stavrakakis | ## parameter refers to a point in time more than POLL_LIMIT seconds ago. |
18 | fd622d4b | Christos Stavrakakis | #POLL_LIMIT = 3600 |
19 | fd622d4b | Christos Stavrakakis | # |
20 | fd622d4b | Christos Stavrakakis | ## |
21 | fd622d4b | Christos Stavrakakis | ## Network Configuration |
22 | fd622d4b | Christos Stavrakakis | ## |
23 | fd622d4b | Christos Stavrakakis | # |
24 | fd622d4b | Christos Stavrakakis | ## Maximum allowed network size for private networks. |
25 | fd622d4b | Christos Stavrakakis | #MAX_CIDR_BLOCK = 22 |
26 | fd622d4b | Christos Stavrakakis | # |
27 | fd622d4b | Christos Stavrakakis | ## Default settings used by network flavors |
28 | fd622d4b | Christos Stavrakakis | #DEFAULT_MAC_PREFIX = 'aa:00:0' |
29 | fd622d4b | Christos Stavrakakis | #DEFAULT_BRIDGE = 'br0' |
30 | fd622d4b | Christos Stavrakakis | # |
31 | fd622d4b | Christos Stavrakakis | ## Boolean value indicating whether synnefo would hold a Pool and allocate IP |
32 | fd622d4b | Christos Stavrakakis | ## addresses. If this setting is set to False, IP pool management will be |
33 | fd622d4b | Christos Stavrakakis | ## delegated to Ganeti. If machines have been created with this option as False, |
34 | fd622d4b | Christos Stavrakakis | ## you must run network reconciliation after turning it to True. |
35 | fd622d4b | Christos Stavrakakis | #PUBLIC_USE_POOL = True |
36 | fd622d4b | Christos Stavrakakis | # |
37 | fd622d4b | Christos Stavrakakis | ## Network flavors that users are allowed to create through API requests |
38 | fd622d4b | Christos Stavrakakis | #API_ENABLED_NETWORK_FLAVORS = ['MAC_FILTERED'] |
39 | fd622d4b | Christos Stavrakakis | # |
40 | fd622d4b | Christos Stavrakakis | ## Settings for IP_LESS_ROUTED network: |
41 | fd622d4b | Christos Stavrakakis | ## ----------------------------------- |
42 | fd622d4b | Christos Stavrakakis | ## In this case VMCs act as routers that forward the traffic to/from VMs, based |
43 | fd622d4b | Christos Stavrakakis | ## on the defined routing table($DEFAULT_ROUTING_TABLE) and ip rules, that |
44 | fd622d4b | Christos Stavrakakis | ## exist in every node, implenting an IP-less routed and proxy-arp setup. |
45 | fd622d4b | Christos Stavrakakis | #DEFAULT_ROUTING_TABLE = 'snf_public' |
46 | fd622d4b | Christos Stavrakakis | # |
47 | fd622d4b | Christos Stavrakakis | ## Settings for MAC_FILTERED network: |
48 | fd622d4b | Christos Stavrakakis | ## ------------------------------------------ |
49 | fd622d4b | Christos Stavrakakis | ## All networks of this type are bridged to the same bridge. Isolation between |
50 | fd622d4b | Christos Stavrakakis | ## networks is achieved by assigning a unique MAC-prefix to each network and |
51 | fd622d4b | Christos Stavrakakis | ## filtering packets via ebtables. |
52 | fd622d4b | Christos Stavrakakis | #DEFAULT_MAC_FILTERED_BRIDGE = 'prv0' |
53 | fd622d4b | Christos Stavrakakis | # |
54 | fd622d4b | Christos Stavrakakis | # |
55 | fd622d4b | Christos Stavrakakis | ## Firewalling |
56 | fd622d4b | Christos Stavrakakis | #GANETI_FIREWALL_ENABLED_TAG = 'synnefo:network:0:protected' |
57 | fd622d4b | Christos Stavrakakis | #GANETI_FIREWALL_DISABLED_TAG = 'synnefo:network:0:unprotected' |
58 | fd622d4b | Christos Stavrakakis | #GANETI_FIREWALL_PROTECTED_TAG = 'synnefo:network:0:limited' |
59 | fd622d4b | Christos Stavrakakis | # |
60 | fd622d4b | Christos Stavrakakis | ## The default firewall profile that will be in effect if no tags are defined |
61 | fd622d4b | Christos Stavrakakis | #DEFAULT_FIREWALL_PROFILE = 'DISABLED' |
62 | fd622d4b | Christos Stavrakakis | # |
63 | fd622d4b | Christos Stavrakakis | ## our REST API would prefer to be explicit about trailing slashes |
64 | fd622d4b | Christos Stavrakakis | #APPEND_SLASH = False |
65 | fd622d4b | Christos Stavrakakis | # |
66 | fd622d4b | Christos Stavrakakis | ## Fixed mapping of user VMs to a specific backend. |
67 | fd622d4b | Christos Stavrakakis | ## e.g. BACKEND_PER_USER = {'example@okeanos.grnet.gr': 2} |
68 | fd622d4b | Christos Stavrakakis | #BACKEND_PER_USER = {} |
69 | fd622d4b | Christos Stavrakakis | # |
70 | fd622d4b | Christos Stavrakakis | ## List of backend IDs used *only* for archipelago. |
71 | fd622d4b | Christos Stavrakakis | #ARCHIPELAGO_BACKENDS = [] |
72 | fd622d4b | Christos Stavrakakis | # |
73 | fd622d4b | Christos Stavrakakis | ## Quota |
74 | fd622d4b | Christos Stavrakakis | ## Maximum number of VMs a user is allowed to have. |
75 | fd622d4b | Christos Stavrakakis | #MAX_VMS_PER_USER = 3 |
76 | fd622d4b | Christos Stavrakakis | # |
77 | fd622d4b | Christos Stavrakakis | ## Override maximum number of VMs for specific users. |
78 | fd622d4b | Christos Stavrakakis | ## e.g. VMS_USER_QUOTA = {'user1@grnet.gr': 5, 'user2@grnet.gr': 10} |
79 | fd622d4b | Christos Stavrakakis | #VMS_USER_QUOTA = {} |
80 | fd622d4b | Christos Stavrakakis | # |
81 | fd622d4b | Christos Stavrakakis | ## Maximum number of networks a user is allowed to have. |
82 | fd622d4b | Christos Stavrakakis | #MAX_NETWORKS_PER_USER = 5 |
83 | fd622d4b | Christos Stavrakakis | # |
84 | fd622d4b | Christos Stavrakakis | ## Override maximum number of private networks for specific users. |
85 | fd622d4b | Christos Stavrakakis | ## e.g. NETWORKS_USER_QUOTA = {'user1@grnet.gr': 5, 'user2@grnet.gr': 10} |
86 | fd622d4b | Christos Stavrakakis | #NETWORKS_USER_QUOTA = {} |
87 | fd622d4b | Christos Stavrakakis | # |
88 | fd622d4b | Christos Stavrakakis | ## URL templates for the stat graphs. |
89 | fd622d4b | Christos Stavrakakis | ## The API implementation replaces '%s' with the encrypted backend id. |
90 | fd622d4b | Christos Stavrakakis | ## FIXME: For now we do not encrypt the backend id. |
91 | fd622d4b | Christos Stavrakakis | #CPU_BAR_GRAPH_URL = 'http://stats.okeanos.grnet.gr/%s/cpu-bar.png' |
92 | fd622d4b | Christos Stavrakakis | #CPU_TIMESERIES_GRAPH_URL = 'http://stats.okeanos.grnet.gr/%s/cpu-ts.png' |
93 | fd622d4b | Christos Stavrakakis | #NET_BAR_GRAPH_URL = 'http://stats.okeanos.grnet.gr/%s/net-bar.png' |
94 | fd622d4b | Christos Stavrakakis | #NET_TIMESERIES_GRAPH_URL = 'http://stats.okeanos.grnet.gr/%s/net-ts.png' |
95 | fd622d4b | Christos Stavrakakis | # |
96 | fd622d4b | Christos Stavrakakis | ## Recommended refresh period for server stats |
97 | fd622d4b | Christos Stavrakakis | #STATS_REFRESH_PERIOD = 60 |
98 | fd622d4b | Christos Stavrakakis | # |
99 | fd622d4b | Christos Stavrakakis | ## The maximum number of file path/content pairs that can be supplied on server |
100 | fd622d4b | Christos Stavrakakis | ## build |
101 | fd622d4b | Christos Stavrakakis | #MAX_PERSONALITY = 5 |
102 | fd622d4b | Christos Stavrakakis | # |
103 | fd622d4b | Christos Stavrakakis | ## The maximum size, in bytes, for each personality file |
104 | fd622d4b | Christos Stavrakakis | #MAX_PERSONALITY_SIZE = 10240 |
105 | fd622d4b | Christos Stavrakakis | # |
106 | fd622d4b | Christos Stavrakakis | ## Available storage types to be used as disk templates |
107 | fd622d4b | Christos Stavrakakis | ## Use ext_<provider_name> to map specific provider for `ext` disk template. |
108 | fd622d4b | Christos Stavrakakis | #GANETI_DISK_TEMPLATES = ('blockdev', 'diskless', 'drbd', 'file', 'plain', |
109 | fd622d4b | Christos Stavrakakis | # 'rbd', 'sharedfile') |
110 | fd622d4b | Christos Stavrakakis | #DEFAULT_GANETI_DISK_TEMPLATE = 'drbd' |
111 | fd622d4b | Christos Stavrakakis | # |
112 | fd622d4b | Christos Stavrakakis | ## The URL of an astakos instance that will be used for user authentication |
113 | fd622d4b | Christos Stavrakakis | #ASTAKOS_URL = 'https://astakos.okeanos.grnet.gr/im/authenticate' |
114 | fd622d4b | Christos Stavrakakis | # |
115 | fd622d4b | Christos Stavrakakis | ## Key for password encryption-decryption. After changing this setting, synnefo |
116 | fd622d4b | Christos Stavrakakis | ## will be unable to decrypt all existing Backend passwords. You will need to |
117 | fd622d4b | Christos Stavrakakis | ## store again the new password by using 'snf-manage backend-modify'. |
118 | fd622d4b | Christos Stavrakakis | ## SECRET_ENCRYPTION_KEY may up to 32 bytes. Keys bigger than 32 bytes are not |
119 | fd622d4b | Christos Stavrakakis | ## supported. |
120 | fd622d4b | Christos Stavrakakis | #SECRET_ENCRYPTION_KEY= "Password Encryption Key" |
121 | fd622d4b | Christos Stavrakakis | # |
122 | fd622d4b | Christos Stavrakakis | ## Astakos service token |
123 | fd622d4b | Christos Stavrakakis | ## The token used for astakos service api calls (e.g. api to retrieve user email |
124 | fd622d4b | Christos Stavrakakis | ## using a user uuid) |
125 | fd622d4b | Christos Stavrakakis | #CYCLADES_ASTAKOS_SERVICE_TOKEN = '' |
126 | fd622d4b | Christos Stavrakakis | # |
127 | 11bb4341 | Kostas Papadimitriou | ## Astakos user_catalogs endpoint |
128 | 11bb4341 | Kostas Papadimitriou | #CYCLADES_USER_CATALOG_URL = 'https://<astakos domain>/user_catalogs' |
129 | 02f0cf8a | Kostas Papadimitriou | |
130 | 02f0cf8a | Kostas Papadimitriou | # Let cyclades proxy user specific api calls to astakos, via self served |
131 | 02f0cf8a | Kostas Papadimitriou | # endpoints. Set this to False if you deploy cyclades-app/astakos-app on the |
132 | 02f0cf8a | Kostas Papadimitriou | # same machine. |
133 | 02f0cf8a | Kostas Papadimitriou | #CYCLADES_PROXY_USER_SERVICES = True |
134 | 5af5920c | Kostas Papadimitriou | # |
135 | 5af5920c | Kostas Papadimitriou | ## Astakos feedback endpoint. |
136 | 5af5920c | Kostas Papadimitriou | #CYCLADES_USER_FEEDBACK_URL = 'https://accounts.example.synnefo.org/feedback' |