root / snf-cyclades-app / synnefo / app_settings / default / api.py @ ad297723
History | View | Annotate | Download (5.4 kB)
1 |
# -*- coding: utf-8 -*-
|
---|---|
2 |
#
|
3 |
# API configuration
|
4 |
#####################
|
5 |
|
6 |
|
7 |
DEBUG = False
|
8 |
|
9 |
# Top-level URL for deployment. Numerous other URLs depend on this.
|
10 |
APP_INSTALL_URL = "https://host:port"
|
11 |
|
12 |
# The API implementation needs to accept and return absolute references
|
13 |
# to its resources. Thus, it needs to know its public URL.
|
14 |
API_ROOT_URL = APP_INSTALL_URL + '/api'
|
15 |
|
16 |
# The API will return HTTP Bad Request if the ?changes-since
|
17 |
# parameter refers to a point in time more than POLL_LIMIT seconds ago.
|
18 |
POLL_LIMIT = 3600
|
19 |
|
20 |
#
|
21 |
# Network Configuration
|
22 |
#
|
23 |
|
24 |
# Maximum allowed network size for private networks.
|
25 |
MAX_CIDR_BLOCK = 22
|
26 |
# Name of the network in Ganeti corresponding to the default public network.
|
27 |
# All created VMs will obtain an IP from this network.
|
28 |
GANETI_PUBLIC_NETWORK = 'snf-net-1'
|
29 |
|
30 |
ENABLED_NETWORKS = ['PUBLIC_ROUTED',
|
31 |
'PRIVATE_MAC_FILTERED',
|
32 |
'PRIVATE_PHYSICAL_VLAN']
|
33 |
# CUSTOM_ROUTED,
|
34 |
# CUSTOM_BRIDGED,
|
35 |
|
36 |
# Settings for PUBLIC_ROUTED network:
|
37 |
# -----------------------------------
|
38 |
# In this case VMCs act as routers that forward the traffic to/from VMs, based
|
39 |
# on the defined routing table($PUBLIC_ROUTED_ROUTING_TABLE) and ip rules, that
|
40 |
# exist in every node, implenting an IP-less routed and proxy-arp setup.
|
41 |
# (This value is also hardcoded in fixture db/fixtures/initial_data.json)
|
42 |
PUBLIC_ROUTED_ROUTING_TABLE = 'snf_public'
|
43 |
PUBLIC_ROUTED_TAGS = ['ip-less-routed']
|
44 |
|
45 |
# Boolean value indicating whether synnefo would hold a Pool and allocate IP
|
46 |
# addresses. If this setting is set to False, IP pool management will be
|
47 |
# delegated to Ganeti. If machines have been created with this option as False,
|
48 |
# you must run network reconciliation after turning it to True.
|
49 |
PUBLIC_ROUTED_USE_POOL = True
|
50 |
|
51 |
# Settings for PRIVATE_MAC_FILTERED network:
|
52 |
# ------------------------------------------
|
53 |
# All networks of this type are bridged to the same bridge. Isolation between
|
54 |
# networks is achieved by assigning a unique MAC-prefix to each network and
|
55 |
# filtering packets via ebtables.
|
56 |
PRIVATE_MAC_FILTERED_BRIDGE = 'br0'
|
57 |
# The first mac prefix to use
|
58 |
PRIVATE_MAC_FILTERED_BASE_MAC_PREFIX = 'aa:00:00'
|
59 |
PRIVATE_MAC_FILTERED_MAX_PREFIX_NUMBER = 8192
|
60 |
PRIVATE_MAC_FILTERED_TAGS = ['private-filtered']
|
61 |
|
62 |
# Settings for PRIVATE_PHSICAL_VLAN network:
|
63 |
# ------------------------------------------
|
64 |
# Each network of this type is mapped to an isolated physical VLAN, which must
|
65 |
# be preconfigured in the backend. Each vlan corresponds to a bridge named
|
66 |
# $PRIVATE_PHYSICAL_VLAN_PREFIX{1..$PRIVATE_PHYSICAL_VLAN_MAX_NUMBER} (e.g. prv5)
|
67 |
# VirtualMachine's taps are eventually bridged to the corresponding bridge.
|
68 |
PRIVATE_PHYSICAL_VLAN_BRIDGE_PREFIX = 'prv'
|
69 |
# The max limit of physical vlan pool
|
70 |
PRIVATE_PHYSICAL_VLAN_MAX_NUMBER = 100
|
71 |
|
72 |
|
73 |
# Settings for CUSTOM_ROUTED:
|
74 |
# ---------------------------
|
75 |
# Same as PUBLIC_ROUTED but with custom values
|
76 |
CUSTOM_ROUTED_ROUTING_TABLE = 'custom_routing_table'
|
77 |
CUSTOM_ROUTED_TAGS = [] |
78 |
|
79 |
# Settings for CUSTOM_BRIDGED:
|
80 |
# ---------------------------
|
81 |
# Same as PRIVATE_BRIDGED but with custom values
|
82 |
CUSTOM_BRIDGED_BRIDGE = 'custom_bridge'
|
83 |
CUSTOM_BRIDGED_TAGS = [] |
84 |
|
85 |
# Firewalling
|
86 |
GANETI_FIREWALL_ENABLED_TAG = 'synnefo:network:0:protected'
|
87 |
GANETI_FIREWALL_DISABLED_TAG = 'synnefo:network:0:unprotected'
|
88 |
GANETI_FIREWALL_PROTECTED_TAG = 'synnefo:network:0:limited'
|
89 |
|
90 |
# The default firewall profile that will be in effect if no tags are defined
|
91 |
DEFAULT_FIREWALL_PROFILE = 'DISABLED'
|
92 |
|
93 |
# our REST API would prefer to be explicit about trailing slashes
|
94 |
APPEND_SLASH = False
|
95 |
|
96 |
# Ignore disk size specified by flavor, always build the
|
97 |
# machine with a 4GB (in the case of Windows: 14GB) disk.
|
98 |
# This setting is helpful in development setups.
|
99 |
#
|
100 |
IGNORE_FLAVOR_DISK_SIZES = False
|
101 |
|
102 |
# Quota
|
103 |
#
|
104 |
# Maximum number of VMs a user is allowed to have.
|
105 |
MAX_VMS_PER_USER = 3
|
106 |
|
107 |
# Override maximum number of VMs for specific users.
|
108 |
# e.g. VMS_USER_QUOTA = {'user1@grnet.gr': 5, 'user2@grnet.gr': 10}
|
109 |
VMS_USER_QUOTA = {} |
110 |
|
111 |
# Maximum number of networks a user is allowed to have.
|
112 |
MAX_NETWORKS_PER_USER = 5
|
113 |
|
114 |
# Override maximum number of private networks for specific users.
|
115 |
# e.g. NETWORKS_USER_QUOTA = {'user1@grnet.gr': 5, 'user2@grnet.gr': 10}
|
116 |
NETWORKS_USER_QUOTA = {} |
117 |
|
118 |
# URL templates for the stat graphs.
|
119 |
# The API implementation replaces '%s' with the encrypted backend id.
|
120 |
# FIXME: For now we do not encrypt the backend id.
|
121 |
CPU_BAR_GRAPH_URL = 'http://stats.okeanos.grnet.gr/%s/cpu-bar.png'
|
122 |
CPU_TIMESERIES_GRAPH_URL = 'http://stats.okeanos.grnet.gr/%s/cpu-ts.png'
|
123 |
NET_BAR_GRAPH_URL = 'http://stats.okeanos.grnet.gr/%s/net-bar.png'
|
124 |
NET_TIMESERIES_GRAPH_URL = 'http://stats.okeanos.grnet.gr/%s/net-ts.png'
|
125 |
|
126 |
# Recommended refresh period for server stats
|
127 |
STATS_REFRESH_PERIOD = 60
|
128 |
|
129 |
# The maximum number of file path/content pairs that can be supplied on server
|
130 |
# build
|
131 |
MAX_PERSONALITY = 5
|
132 |
|
133 |
# The maximum size, in bytes, for each personality file
|
134 |
MAX_PERSONALITY_SIZE = 10240
|
135 |
|
136 |
# Available storage types to be used as disk templates
|
137 |
GANETI_DISK_TEMPLATES = ('blockdev', 'diskless', 'drbd', 'file', 'plain', |
138 |
'rbd', 'sharedfile') |
139 |
DEFAULT_GANETI_DISK_TEMPLATE = 'drbd'
|
140 |
|
141 |
# The URL of an astakos instance that will be used for user authentication
|
142 |
ASTAKOS_URL = 'https://astakos.okeanos.grnet.gr/im/authenticate'
|
143 |
|
144 |
# Key for password encryption-decryption. After changing this setting, synnefo
|
145 |
# will be unable to decrypt all existing Backend passwords. You will need to
|
146 |
# store again the new password by using 'snf-manage backend-modify'
|
147 |
ENCRYPTION_KEY= "Password Encryption Key"
|