root / snf-cyclades-app / synnefo / app_settings / default / api.py @ ad297723
History | View | Annotate | Download (5.4 kB)
1 | 1277fb19 | Vangelis Koukis | # -*- coding: utf-8 -*-
|
---|---|---|---|
2 | 1277fb19 | Vangelis Koukis | #
|
3 | 1277fb19 | Vangelis Koukis | # API configuration
|
4 | 1277fb19 | Vangelis Koukis | #####################
|
5 | 1277fb19 | Vangelis Koukis | |
6 | de470b1e | Kostas Papadimitriou | |
7 | de470b1e | Kostas Papadimitriou | DEBUG = False
|
8 | de470b1e | Kostas Papadimitriou | |
9 | 07d104d8 | Kostas Papadimitriou | # Top-level URL for deployment. Numerous other URLs depend on this.
|
10 | 07d104d8 | Kostas Papadimitriou | APP_INSTALL_URL = "https://host:port"
|
11 | 04a38bd0 | Kostas Papadimitriou | |
12 | 1277fb19 | Vangelis Koukis | # The API implementation needs to accept and return absolute references
|
13 | 1277fb19 | Vangelis Koukis | # to its resources. Thus, it needs to know its public URL.
|
14 | 1277fb19 | Vangelis Koukis | API_ROOT_URL = APP_INSTALL_URL + '/api'
|
15 | 1277fb19 | Vangelis Koukis | |
16 | 1277fb19 | Vangelis Koukis | # The API will return HTTP Bad Request if the ?changes-since
|
17 | 1277fb19 | Vangelis Koukis | # parameter refers to a point in time more than POLL_LIMIT seconds ago.
|
18 | 1277fb19 | Vangelis Koukis | POLL_LIMIT = 3600
|
19 | 1277fb19 | Vangelis Koukis | |
20 | 1277fb19 | Vangelis Koukis | #
|
21 | 1277fb19 | Vangelis Koukis | # Network Configuration
|
22 | 1277fb19 | Vangelis Koukis | #
|
23 | 1277fb19 | Vangelis Koukis | |
24 | 6eed1ede | Christos Stavrakakis | # Maximum allowed network size for private networks.
|
25 | 6eed1ede | Christos Stavrakakis | MAX_CIDR_BLOCK = 22
|
26 | 839e2bd0 | Christos Stavrakakis | # Name of the network in Ganeti corresponding to the default public network.
|
27 | 839e2bd0 | Christos Stavrakakis | # All created VMs will obtain an IP from this network.
|
28 | 839e2bd0 | Christos Stavrakakis | GANETI_PUBLIC_NETWORK = 'snf-net-1'
|
29 | 839e2bd0 | Christos Stavrakakis | |
30 | 839e2bd0 | Christos Stavrakakis | ENABLED_NETWORKS = ['PUBLIC_ROUTED',
|
31 | 839e2bd0 | Christos Stavrakakis | 'PRIVATE_MAC_FILTERED',
|
32 | 839e2bd0 | Christos Stavrakakis | 'PRIVATE_PHYSICAL_VLAN']
|
33 | 839e2bd0 | Christos Stavrakakis | # CUSTOM_ROUTED,
|
34 | 839e2bd0 | Christos Stavrakakis | # CUSTOM_BRIDGED,
|
35 | 839e2bd0 | Christos Stavrakakis | |
36 | 839e2bd0 | Christos Stavrakakis | # Settings for PUBLIC_ROUTED network:
|
37 | 839e2bd0 | Christos Stavrakakis | # -----------------------------------
|
38 | 839e2bd0 | Christos Stavrakakis | # In this case VMCs act as routers that forward the traffic to/from VMs, based
|
39 | 839e2bd0 | Christos Stavrakakis | # on the defined routing table($PUBLIC_ROUTED_ROUTING_TABLE) and ip rules, that
|
40 | 839e2bd0 | Christos Stavrakakis | # exist in every node, implenting an IP-less routed and proxy-arp setup.
|
41 | 839e2bd0 | Christos Stavrakakis | # (This value is also hardcoded in fixture db/fixtures/initial_data.json)
|
42 | 839e2bd0 | Christos Stavrakakis | PUBLIC_ROUTED_ROUTING_TABLE = 'snf_public'
|
43 | 839e2bd0 | Christos Stavrakakis | PUBLIC_ROUTED_TAGS = ['ip-less-routed']
|
44 | 839e2bd0 | Christos Stavrakakis | |
45 | ad297723 | Christos Stavrakakis | # Boolean value indicating whether synnefo would hold a Pool and allocate IP
|
46 | ad297723 | Christos Stavrakakis | # addresses. If this setting is set to False, IP pool management will be
|
47 | ad297723 | Christos Stavrakakis | # delegated to Ganeti. If machines have been created with this option as False,
|
48 | ad297723 | Christos Stavrakakis | # you must run network reconciliation after turning it to True.
|
49 | ad297723 | Christos Stavrakakis | PUBLIC_ROUTED_USE_POOL = True
|
50 | ad297723 | Christos Stavrakakis | |
51 | 839e2bd0 | Christos Stavrakakis | # Settings for PRIVATE_MAC_FILTERED network:
|
52 | 839e2bd0 | Christos Stavrakakis | # ------------------------------------------
|
53 | 839e2bd0 | Christos Stavrakakis | # All networks of this type are bridged to the same bridge. Isolation between
|
54 | 839e2bd0 | Christos Stavrakakis | # networks is achieved by assigning a unique MAC-prefix to each network and
|
55 | 839e2bd0 | Christos Stavrakakis | # filtering packets via ebtables.
|
56 | 839e2bd0 | Christos Stavrakakis | PRIVATE_MAC_FILTERED_BRIDGE = 'br0'
|
57 | e6a42a96 | Christos Stavrakakis | # The first mac prefix to use
|
58 | 839e2bd0 | Christos Stavrakakis | PRIVATE_MAC_FILTERED_BASE_MAC_PREFIX = 'aa:00:00'
|
59 | 839e2bd0 | Christos Stavrakakis | PRIVATE_MAC_FILTERED_MAX_PREFIX_NUMBER = 8192
|
60 | 839e2bd0 | Christos Stavrakakis | PRIVATE_MAC_FILTERED_TAGS = ['private-filtered']
|
61 | 839e2bd0 | Christos Stavrakakis | |
62 | 839e2bd0 | Christos Stavrakakis | # Settings for PRIVATE_PHSICAL_VLAN network:
|
63 | 839e2bd0 | Christos Stavrakakis | # ------------------------------------------
|
64 | 839e2bd0 | Christos Stavrakakis | # Each network of this type is mapped to an isolated physical VLAN, which must
|
65 | 839e2bd0 | Christos Stavrakakis | # be preconfigured in the backend. Each vlan corresponds to a bridge named
|
66 | 839e2bd0 | Christos Stavrakakis | # $PRIVATE_PHYSICAL_VLAN_PREFIX{1..$PRIVATE_PHYSICAL_VLAN_MAX_NUMBER} (e.g. prv5)
|
67 | 839e2bd0 | Christos Stavrakakis | # VirtualMachine's taps are eventually bridged to the corresponding bridge.
|
68 | 839e2bd0 | Christos Stavrakakis | PRIVATE_PHYSICAL_VLAN_BRIDGE_PREFIX = 'prv'
|
69 | 839e2bd0 | Christos Stavrakakis | # The max limit of physical vlan pool
|
70 | 839e2bd0 | Christos Stavrakakis | PRIVATE_PHYSICAL_VLAN_MAX_NUMBER = 100
|
71 | 839e2bd0 | Christos Stavrakakis | |
72 | 839e2bd0 | Christos Stavrakakis | |
73 | 839e2bd0 | Christos Stavrakakis | # Settings for CUSTOM_ROUTED:
|
74 | 839e2bd0 | Christos Stavrakakis | # ---------------------------
|
75 | 839e2bd0 | Christos Stavrakakis | # Same as PUBLIC_ROUTED but with custom values
|
76 | 839e2bd0 | Christos Stavrakakis | CUSTOM_ROUTED_ROUTING_TABLE = 'custom_routing_table'
|
77 | 839e2bd0 | Christos Stavrakakis | CUSTOM_ROUTED_TAGS = [] |
78 | 839e2bd0 | Christos Stavrakakis | |
79 | 839e2bd0 | Christos Stavrakakis | # Settings for CUSTOM_BRIDGED:
|
80 | 839e2bd0 | Christos Stavrakakis | # ---------------------------
|
81 | 839e2bd0 | Christos Stavrakakis | # Same as PRIVATE_BRIDGED but with custom values
|
82 | 839e2bd0 | Christos Stavrakakis | CUSTOM_BRIDGED_BRIDGE = 'custom_bridge'
|
83 | 839e2bd0 | Christos Stavrakakis | CUSTOM_BRIDGED_TAGS = [] |
84 | e6a42a96 | Christos Stavrakakis | |
85 | 1277fb19 | Vangelis Koukis | # Firewalling
|
86 | cbaac7bc | Vangelis Koukis | GANETI_FIREWALL_ENABLED_TAG = 'synnefo:network:0:protected'
|
87 | cbaac7bc | Vangelis Koukis | GANETI_FIREWALL_DISABLED_TAG = 'synnefo:network:0:unprotected'
|
88 | cbaac7bc | Vangelis Koukis | GANETI_FIREWALL_PROTECTED_TAG = 'synnefo:network:0:limited'
|
89 | 1277fb19 | Vangelis Koukis | |
90 | 9b5b718a | Giorgos Verigakis | # The default firewall profile that will be in effect if no tags are defined
|
91 | 9b5b718a | Giorgos Verigakis | DEFAULT_FIREWALL_PROFILE = 'DISABLED'
|
92 | 9b5b718a | Giorgos Verigakis | |
93 | 1277fb19 | Vangelis Koukis | # our REST API would prefer to be explicit about trailing slashes
|
94 | 1277fb19 | Vangelis Koukis | APPEND_SLASH = False
|
95 | ccd0d474 | Giorgos Verigakis | |
96 | 61868190 | Vangelis Koukis | # Ignore disk size specified by flavor, always build the
|
97 | 61868190 | Vangelis Koukis | # machine with a 4GB (in the case of Windows: 14GB) disk.
|
98 | 61868190 | Vangelis Koukis | # This setting is helpful in development setups.
|
99 | 61868190 | Vangelis Koukis | #
|
100 | 61868190 | Vangelis Koukis | IGNORE_FLAVOR_DISK_SIZES = False
|
101 | 61868190 | Vangelis Koukis | |
102 | 61868190 | Vangelis Koukis | # Quota
|
103 | 61868190 | Vangelis Koukis | #
|
104 | 95e64ecd | Kostas Papadimitriou | # Maximum number of VMs a user is allowed to have.
|
105 | 7cc1fa2d | Vangelis Koukis | MAX_VMS_PER_USER = 3
|
106 | c738c935 | Giorgos Verigakis | |
107 | 95e64ecd | Kostas Papadimitriou | # Override maximum number of VMs for specific users.
|
108 | 95e64ecd | Kostas Papadimitriou | # e.g. VMS_USER_QUOTA = {'user1@grnet.gr': 5, 'user2@grnet.gr': 10}
|
109 | ce55f211 | Kostas Papadimitriou | VMS_USER_QUOTA = {} |
110 | ce55f211 | Kostas Papadimitriou | |
111 | 95e64ecd | Kostas Papadimitriou | # Maximum number of networks a user is allowed to have.
|
112 | ce55f211 | Kostas Papadimitriou | MAX_NETWORKS_PER_USER = 5
|
113 | ce55f211 | Kostas Papadimitriou | |
114 | 95e64ecd | Kostas Papadimitriou | # Override maximum number of private networks for specific users.
|
115 | 95e64ecd | Kostas Papadimitriou | # e.g. NETWORKS_USER_QUOTA = {'user1@grnet.gr': 5, 'user2@grnet.gr': 10}
|
116 | ce55f211 | Kostas Papadimitriou | NETWORKS_USER_QUOTA = {} |
117 | ce55f211 | Kostas Papadimitriou | |
118 | 5391d6b5 | Giorgos Verigakis | # URL templates for the stat graphs.
|
119 | 5391d6b5 | Giorgos Verigakis | # The API implementation replaces '%s' with the encrypted backend id.
|
120 | 5391d6b5 | Giorgos Verigakis | # FIXME: For now we do not encrypt the backend id.
|
121 | 5391d6b5 | Giorgos Verigakis | CPU_BAR_GRAPH_URL = 'http://stats.okeanos.grnet.gr/%s/cpu-bar.png'
|
122 | 5391d6b5 | Giorgos Verigakis | CPU_TIMESERIES_GRAPH_URL = 'http://stats.okeanos.grnet.gr/%s/cpu-ts.png'
|
123 | 5391d6b5 | Giorgos Verigakis | NET_BAR_GRAPH_URL = 'http://stats.okeanos.grnet.gr/%s/net-bar.png'
|
124 | 5391d6b5 | Giorgos Verigakis | NET_TIMESERIES_GRAPH_URL = 'http://stats.okeanos.grnet.gr/%s/net-ts.png'
|
125 | c738c935 | Giorgos Verigakis | |
126 | c738c935 | Giorgos Verigakis | # Recommended refresh period for server stats
|
127 | c738c935 | Giorgos Verigakis | STATS_REFRESH_PERIOD = 60
|
128 | fc443bcd | Giorgos Verigakis | |
129 | fc443bcd | Giorgos Verigakis | # The maximum number of file path/content pairs that can be supplied on server
|
130 | fc443bcd | Giorgos Verigakis | # build
|
131 | fc443bcd | Giorgos Verigakis | MAX_PERSONALITY = 5
|
132 | fc443bcd | Giorgos Verigakis | |
133 | fc443bcd | Giorgos Verigakis | # The maximum size, in bytes, for each personality file
|
134 | fc443bcd | Giorgos Verigakis | MAX_PERSONALITY_SIZE = 10240
|
135 | c909cbbd | Giorgos Verigakis | |
136 | c909cbbd | Giorgos Verigakis | # Available storage types to be used as disk templates
|
137 | c909cbbd | Giorgos Verigakis | GANETI_DISK_TEMPLATES = ('blockdev', 'diskless', 'drbd', 'file', 'plain', |
138 | c909cbbd | Giorgos Verigakis | 'rbd', 'sharedfile') |
139 | c909cbbd | Giorgos Verigakis | DEFAULT_GANETI_DISK_TEMPLATE = 'drbd'
|
140 | 6ef51e9f | Giorgos Verigakis | |
141 | 6ef51e9f | Giorgos Verigakis | # The URL of an astakos instance that will be used for user authentication
|
142 | 6ef51e9f | Giorgos Verigakis | ASTAKOS_URL = 'https://astakos.okeanos.grnet.gr/im/authenticate'
|
143 | 30e0ed74 | Christos Stavrakakis | |
144 | 30e0ed74 | Christos Stavrakakis | # Key for password encryption-decryption. After changing this setting, synnefo
|
145 | 30e0ed74 | Christos Stavrakakis | # will be unable to decrypt all existing Backend passwords. You will need to
|
146 | 30e0ed74 | Christos Stavrakakis | # store again the new password by using 'snf-manage backend-modify'
|
147 | 30e0ed74 | Christos Stavrakakis | ENCRYPTION_KEY= "Password Encryption Key" |