root / snf-cyclades-app / synnefo / app_settings / default / api.py @ d0986bac
History | View | Annotate | Download (4.6 kB)
1 | 1277fb19 | Vangelis Koukis | # -*- coding: utf-8 -*-
|
---|---|---|---|
2 | 1277fb19 | Vangelis Koukis | #
|
3 | 1277fb19 | Vangelis Koukis | # API configuration
|
4 | 1277fb19 | Vangelis Koukis | #####################
|
5 | 1277fb19 | Vangelis Koukis | |
6 | de470b1e | Kostas Papadimitriou | |
7 | de470b1e | Kostas Papadimitriou | DEBUG = False
|
8 | de470b1e | Kostas Papadimitriou | |
9 | 07d104d8 | Kostas Papadimitriou | # Top-level URL for deployment. Numerous other URLs depend on this.
|
10 | 07d104d8 | Kostas Papadimitriou | APP_INSTALL_URL = "https://host:port"
|
11 | 04a38bd0 | Kostas Papadimitriou | |
12 | 1277fb19 | Vangelis Koukis | # The API implementation needs to accept and return absolute references
|
13 | 1277fb19 | Vangelis Koukis | # to its resources. Thus, it needs to know its public URL.
|
14 | 1277fb19 | Vangelis Koukis | API_ROOT_URL = APP_INSTALL_URL + '/api'
|
15 | 1277fb19 | Vangelis Koukis | |
16 | 1277fb19 | Vangelis Koukis | # The API will return HTTP Bad Request if the ?changes-since
|
17 | 1277fb19 | Vangelis Koukis | # parameter refers to a point in time more than POLL_LIMIT seconds ago.
|
18 | 1277fb19 | Vangelis Koukis | POLL_LIMIT = 3600
|
19 | 1277fb19 | Vangelis Koukis | |
20 | 1277fb19 | Vangelis Koukis | #
|
21 | 1277fb19 | Vangelis Koukis | # Network Configuration
|
22 | 1277fb19 | Vangelis Koukis | #
|
23 | 1277fb19 | Vangelis Koukis | |
24 | 6eed1ede | Christos Stavrakakis | # Maximum allowed network size for private networks.
|
25 | 6eed1ede | Christos Stavrakakis | MAX_CIDR_BLOCK = 22
|
26 | 839e2bd0 | Christos Stavrakakis | |
27 | b7d38981 | Dimitris Aragiorgis | # Default settings used by network flavors
|
28 | b7d38981 | Dimitris Aragiorgis | DEFAULT_MAC_PREFIX = 'aa:00:0'
|
29 | b7d38981 | Dimitris Aragiorgis | DEFAULT_BRIDGE = 'br0'
|
30 | 839e2bd0 | Christos Stavrakakis | |
31 | ad297723 | Christos Stavrakakis | # Boolean value indicating whether synnefo would hold a Pool and allocate IP
|
32 | ad297723 | Christos Stavrakakis | # addresses. If this setting is set to False, IP pool management will be
|
33 | ad297723 | Christos Stavrakakis | # delegated to Ganeti. If machines have been created with this option as False,
|
34 | ad297723 | Christos Stavrakakis | # you must run network reconciliation after turning it to True.
|
35 | d1b1e683 | Dimitris Aragiorgis | PUBLIC_USE_POOL = True
|
36 | ad297723 | Christos Stavrakakis | |
37 | b7d38981 | Dimitris Aragiorgis | # Network flavors that users are allowed to create through API requests
|
38 | b7d38981 | Dimitris Aragiorgis | API_ENABLED_NETWORK_FLAVORS = ['MAC_FILTERED']
|
39 | b7d38981 | Dimitris Aragiorgis | |
40 | b7d38981 | Dimitris Aragiorgis | # Settings for IP_LESS_ROUTED network:
|
41 | b7d38981 | Dimitris Aragiorgis | # -----------------------------------
|
42 | b7d38981 | Dimitris Aragiorgis | # In this case VMCs act as routers that forward the traffic to/from VMs, based
|
43 | b7d38981 | Dimitris Aragiorgis | # on the defined routing table($DEFAULT_ROUTING_TABLE) and ip rules, that
|
44 | b7d38981 | Dimitris Aragiorgis | # exist in every node, implenting an IP-less routed and proxy-arp setup.
|
45 | b7d38981 | Dimitris Aragiorgis | DEFAULT_ROUTING_TABLE = 'snf_public'
|
46 | b7d38981 | Dimitris Aragiorgis | |
47 | b7d38981 | Dimitris Aragiorgis | # Settings for MAC_FILTERED network:
|
48 | 839e2bd0 | Christos Stavrakakis | # ------------------------------------------
|
49 | 839e2bd0 | Christos Stavrakakis | # All networks of this type are bridged to the same bridge. Isolation between
|
50 | 839e2bd0 | Christos Stavrakakis | # networks is achieved by assigning a unique MAC-prefix to each network and
|
51 | 839e2bd0 | Christos Stavrakakis | # filtering packets via ebtables.
|
52 | b7d38981 | Dimitris Aragiorgis | DEFAULT_MAC_FILTERED_BRIDGE = 'prv0'
|
53 | 839e2bd0 | Christos Stavrakakis | |
54 | e6a42a96 | Christos Stavrakakis | |
55 | 1277fb19 | Vangelis Koukis | # Firewalling
|
56 | cbaac7bc | Vangelis Koukis | GANETI_FIREWALL_ENABLED_TAG = 'synnefo:network:0:protected'
|
57 | cbaac7bc | Vangelis Koukis | GANETI_FIREWALL_DISABLED_TAG = 'synnefo:network:0:unprotected'
|
58 | cbaac7bc | Vangelis Koukis | GANETI_FIREWALL_PROTECTED_TAG = 'synnefo:network:0:limited'
|
59 | 1277fb19 | Vangelis Koukis | |
60 | 9b5b718a | Giorgos Verigakis | # The default firewall profile that will be in effect if no tags are defined
|
61 | 9b5b718a | Giorgos Verigakis | DEFAULT_FIREWALL_PROFILE = 'DISABLED'
|
62 | 9b5b718a | Giorgos Verigakis | |
63 | 1277fb19 | Vangelis Koukis | # our REST API would prefer to be explicit about trailing slashes
|
64 | 1277fb19 | Vangelis Koukis | APPEND_SLASH = False
|
65 | ccd0d474 | Giorgos Verigakis | |
66 | 5dd9d123 | Christos Stavrakakis | # Fixed mapping of user VMs to a specific backend.
|
67 | 5dd9d123 | Christos Stavrakakis | # e.g. BACKEND_PER_USER = {'example@okeanos.grnet.gr': 2}
|
68 | 5dd9d123 | Christos Stavrakakis | BACKEND_PER_USER = {} |
69 | 5dd9d123 | Christos Stavrakakis | |
70 | 776d2a3f | Christos Stavrakakis | # List of backend IDs used *only* for archipelago.
|
71 | 776d2a3f | Christos Stavrakakis | ARCHIPELAGO_BACKENDS = [] |
72 | 2e1e6844 | Christos Stavrakakis | |
73 | 61868190 | Vangelis Koukis | # Quota
|
74 | 95e64ecd | Kostas Papadimitriou | # Maximum number of VMs a user is allowed to have.
|
75 | 7cc1fa2d | Vangelis Koukis | MAX_VMS_PER_USER = 3
|
76 | c738c935 | Giorgos Verigakis | |
77 | 95e64ecd | Kostas Papadimitriou | # Override maximum number of VMs for specific users.
|
78 | 95e64ecd | Kostas Papadimitriou | # e.g. VMS_USER_QUOTA = {'user1@grnet.gr': 5, 'user2@grnet.gr': 10}
|
79 | ce55f211 | Kostas Papadimitriou | VMS_USER_QUOTA = {} |
80 | ce55f211 | Kostas Papadimitriou | |
81 | 95e64ecd | Kostas Papadimitriou | # Maximum number of networks a user is allowed to have.
|
82 | ce55f211 | Kostas Papadimitriou | MAX_NETWORKS_PER_USER = 5
|
83 | ce55f211 | Kostas Papadimitriou | |
84 | 95e64ecd | Kostas Papadimitriou | # Override maximum number of private networks for specific users.
|
85 | 95e64ecd | Kostas Papadimitriou | # e.g. NETWORKS_USER_QUOTA = {'user1@grnet.gr': 5, 'user2@grnet.gr': 10}
|
86 | ce55f211 | Kostas Papadimitriou | NETWORKS_USER_QUOTA = {} |
87 | ce55f211 | Kostas Papadimitriou | |
88 | 5391d6b5 | Giorgos Verigakis | # URL templates for the stat graphs.
|
89 | 5391d6b5 | Giorgos Verigakis | # The API implementation replaces '%s' with the encrypted backend id.
|
90 | 5391d6b5 | Giorgos Verigakis | # FIXME: For now we do not encrypt the backend id.
|
91 | 5391d6b5 | Giorgos Verigakis | CPU_BAR_GRAPH_URL = 'http://stats.okeanos.grnet.gr/%s/cpu-bar.png'
|
92 | 5391d6b5 | Giorgos Verigakis | CPU_TIMESERIES_GRAPH_URL = 'http://stats.okeanos.grnet.gr/%s/cpu-ts.png'
|
93 | 5391d6b5 | Giorgos Verigakis | NET_BAR_GRAPH_URL = 'http://stats.okeanos.grnet.gr/%s/net-bar.png'
|
94 | 5391d6b5 | Giorgos Verigakis | NET_TIMESERIES_GRAPH_URL = 'http://stats.okeanos.grnet.gr/%s/net-ts.png'
|
95 | c738c935 | Giorgos Verigakis | |
96 | c738c935 | Giorgos Verigakis | # Recommended refresh period for server stats
|
97 | c738c935 | Giorgos Verigakis | STATS_REFRESH_PERIOD = 60
|
98 | fc443bcd | Giorgos Verigakis | |
99 | fc443bcd | Giorgos Verigakis | # The maximum number of file path/content pairs that can be supplied on server
|
100 | fc443bcd | Giorgos Verigakis | # build
|
101 | fc443bcd | Giorgos Verigakis | MAX_PERSONALITY = 5
|
102 | fc443bcd | Giorgos Verigakis | |
103 | fc443bcd | Giorgos Verigakis | # The maximum size, in bytes, for each personality file
|
104 | fc443bcd | Giorgos Verigakis | MAX_PERSONALITY_SIZE = 10240
|
105 | c909cbbd | Giorgos Verigakis | |
106 | c909cbbd | Giorgos Verigakis | # Available storage types to be used as disk templates
|
107 | c6dda6cd | Kostas Papadimitriou | # Use ext_<provider_name> to map specific provider for `ext` disk template.
|
108 | c909cbbd | Giorgos Verigakis | GANETI_DISK_TEMPLATES = ('blockdev', 'diskless', 'drbd', 'file', 'plain', |
109 | c909cbbd | Giorgos Verigakis | 'rbd', 'sharedfile') |
110 | c909cbbd | Giorgos Verigakis | DEFAULT_GANETI_DISK_TEMPLATE = 'drbd'
|
111 | 6ef51e9f | Giorgos Verigakis | |
112 | 6ef51e9f | Giorgos Verigakis | # The URL of an astakos instance that will be used for user authentication
|
113 | 4ab620b6 | Christos Stavrakakis | ASTAKOS_URL = 'https://accounts.example.org/'
|
114 | 30e0ed74 | Christos Stavrakakis | |
115 | 30e0ed74 | Christos Stavrakakis | # Key for password encryption-decryption. After changing this setting, synnefo
|
116 | 30e0ed74 | Christos Stavrakakis | # will be unable to decrypt all existing Backend passwords. You will need to
|
117 | 0224049a | Christos Stavrakakis | # store again the new password by using 'snf-manage backend-modify'.
|
118 | 0224049a | Christos Stavrakakis | # SECRET_ENCRYPTION_KEY may up to 32 bytes. Keys bigger than 32 bytes are not
|
119 | 0224049a | Christos Stavrakakis | # supported.
|
120 | ca8b1c21 | Christos Stavrakakis | SECRET_ENCRYPTION_KEY= "Password Encryption Key"
|
121 | a682eaea | Kostas Papadimitriou | |
122 | a682eaea | Kostas Papadimitriou | # Astakos service token
|
123 | a682eaea | Kostas Papadimitriou | # The token used for astakos service api calls (e.g. api to retrieve user email
|
124 | a682eaea | Kostas Papadimitriou | # using a user uuid)
|
125 | a682eaea | Kostas Papadimitriou | CYCLADES_ASTAKOS_SERVICE_TOKEN = ''
|
126 | a682eaea | Kostas Papadimitriou | |
127 | 02f0cf8a | Kostas Papadimitriou | # Let cyclades proxy user specific api calls to astakos, via self served
|
128 | 02f0cf8a | Kostas Papadimitriou | # endpoints. Set this to False if you deploy cyclades-app/astakos-app on the
|
129 | 02f0cf8a | Kostas Papadimitriou | # same machine.
|
130 | 02f0cf8a | Kostas Papadimitriou | CYCLADES_PROXY_USER_SERVICES = True |