root / snf-cyclades-app / synnefo / app_settings / default / api.py @ d7841399
History | View | Annotate | Download (5.4 kB)
1 | 1277fb19 | Vangelis Koukis | # -*- coding: utf-8 -*-
|
---|---|---|---|
2 | 1277fb19 | Vangelis Koukis | #
|
3 | 1277fb19 | Vangelis Koukis | # API configuration
|
4 | 1277fb19 | Vangelis Koukis | #####################
|
5 | 1277fb19 | Vangelis Koukis | |
6 | de470b1e | Kostas Papadimitriou | |
7 | de470b1e | Kostas Papadimitriou | DEBUG = False
|
8 | de470b1e | Kostas Papadimitriou | |
9 | 07d104d8 | Kostas Papadimitriou | # Top-level URL for deployment. Numerous other URLs depend on this.
|
10 | 07d104d8 | Kostas Papadimitriou | APP_INSTALL_URL = "https://host:port"
|
11 | 04a38bd0 | Kostas Papadimitriou | |
12 | 1277fb19 | Vangelis Koukis | # The API implementation needs to accept and return absolute references
|
13 | 1277fb19 | Vangelis Koukis | # to its resources. Thus, it needs to know its public URL.
|
14 | 1277fb19 | Vangelis Koukis | API_ROOT_URL = APP_INSTALL_URL + '/api'
|
15 | 1277fb19 | Vangelis Koukis | |
16 | 1277fb19 | Vangelis Koukis | # The API will return HTTP Bad Request if the ?changes-since
|
17 | 1277fb19 | Vangelis Koukis | # parameter refers to a point in time more than POLL_LIMIT seconds ago.
|
18 | 1277fb19 | Vangelis Koukis | POLL_LIMIT = 3600
|
19 | 1277fb19 | Vangelis Koukis | |
20 | 1277fb19 | Vangelis Koukis | #
|
21 | 1277fb19 | Vangelis Koukis | # Network Configuration
|
22 | 1277fb19 | Vangelis Koukis | #
|
23 | 1277fb19 | Vangelis Koukis | |
24 | 6eed1ede | Christos Stavrakakis | # Maximum allowed network size for private networks.
|
25 | 6eed1ede | Christos Stavrakakis | MAX_CIDR_BLOCK = 22
|
26 | 839e2bd0 | Christos Stavrakakis | |
27 | 3165f027 | Christos Stavrakakis | # The first mac prefix to use
|
28 | 3165f027 | Christos Stavrakakis | MAC_POOL_BASE = 'aa:00:0'
|
29 | 3165f027 | Christos Stavrakakis | MAC_POOL_LIMIT = 65536
|
30 | 3165f027 | Christos Stavrakakis | |
31 | 839e2bd0 | Christos Stavrakakis | ENABLED_NETWORKS = ['PUBLIC_ROUTED',
|
32 | 839e2bd0 | Christos Stavrakakis | 'PRIVATE_MAC_FILTERED',
|
33 | 839e2bd0 | Christos Stavrakakis | 'PRIVATE_PHYSICAL_VLAN']
|
34 | 839e2bd0 | Christos Stavrakakis | # CUSTOM_ROUTED,
|
35 | 839e2bd0 | Christos Stavrakakis | # CUSTOM_BRIDGED,
|
36 | 839e2bd0 | Christos Stavrakakis | |
37 | 839e2bd0 | Christos Stavrakakis | # Settings for PUBLIC_ROUTED network:
|
38 | 839e2bd0 | Christos Stavrakakis | # -----------------------------------
|
39 | 839e2bd0 | Christos Stavrakakis | # In this case VMCs act as routers that forward the traffic to/from VMs, based
|
40 | 839e2bd0 | Christos Stavrakakis | # on the defined routing table($PUBLIC_ROUTED_ROUTING_TABLE) and ip rules, that
|
41 | 839e2bd0 | Christos Stavrakakis | # exist in every node, implenting an IP-less routed and proxy-arp setup.
|
42 | 839e2bd0 | Christos Stavrakakis | # (This value is also hardcoded in fixture db/fixtures/initial_data.json)
|
43 | 839e2bd0 | Christos Stavrakakis | PUBLIC_ROUTED_ROUTING_TABLE = 'snf_public'
|
44 | 839e2bd0 | Christos Stavrakakis | PUBLIC_ROUTED_TAGS = ['ip-less-routed']
|
45 | 839e2bd0 | Christos Stavrakakis | |
46 | ad297723 | Christos Stavrakakis | # Boolean value indicating whether synnefo would hold a Pool and allocate IP
|
47 | ad297723 | Christos Stavrakakis | # addresses. If this setting is set to False, IP pool management will be
|
48 | ad297723 | Christos Stavrakakis | # delegated to Ganeti. If machines have been created with this option as False,
|
49 | ad297723 | Christos Stavrakakis | # you must run network reconciliation after turning it to True.
|
50 | d1b1e683 | Dimitris Aragiorgis | PUBLIC_USE_POOL = True
|
51 | ad297723 | Christos Stavrakakis | |
52 | 839e2bd0 | Christos Stavrakakis | # Settings for PRIVATE_MAC_FILTERED network:
|
53 | 839e2bd0 | Christos Stavrakakis | # ------------------------------------------
|
54 | 839e2bd0 | Christos Stavrakakis | # All networks of this type are bridged to the same bridge. Isolation between
|
55 | 839e2bd0 | Christos Stavrakakis | # networks is achieved by assigning a unique MAC-prefix to each network and
|
56 | 839e2bd0 | Christos Stavrakakis | # filtering packets via ebtables.
|
57 | 839e2bd0 | Christos Stavrakakis | PRIVATE_MAC_FILTERED_BRIDGE = 'br0'
|
58 | 839e2bd0 | Christos Stavrakakis | PRIVATE_MAC_FILTERED_TAGS = ['private-filtered']
|
59 | 839e2bd0 | Christos Stavrakakis | |
60 | 839e2bd0 | Christos Stavrakakis | # Settings for PRIVATE_PHSICAL_VLAN network:
|
61 | 839e2bd0 | Christos Stavrakakis | # ------------------------------------------
|
62 | 839e2bd0 | Christos Stavrakakis | # Each network of this type is mapped to an isolated physical VLAN, which must
|
63 | 839e2bd0 | Christos Stavrakakis | # be preconfigured in the backend. Each vlan corresponds to a bridge named
|
64 | 8731a246 | Christos Stavrakakis | # $PRIVATE_PHYSICAL_VLAN_PREFIX{1..$PRIVATE_PHYSICAL_VLAN_MAX_NUMBER} (e.g. prv5)
|
65 | 839e2bd0 | Christos Stavrakakis | # VirtualMachine's taps are eventually bridged to the corresponding bridge.
|
66 | 839e2bd0 | Christos Stavrakakis | PRIVATE_PHYSICAL_VLAN_BRIDGE_PREFIX = 'prv'
|
67 | 839e2bd0 | Christos Stavrakakis | # The max limit of physical vlan pool
|
68 | 839e2bd0 | Christos Stavrakakis | PRIVATE_PHYSICAL_VLAN_MAX_NUMBER = 100
|
69 | f1fc1e9c | Christos Stavrakakis | PRIVATE_PHYSICAL_VLAN_TAGS = ['physical-vlan']
|
70 | 839e2bd0 | Christos Stavrakakis | |
71 | 839e2bd0 | Christos Stavrakakis | |
72 | 839e2bd0 | Christos Stavrakakis | # Settings for CUSTOM_ROUTED:
|
73 | 839e2bd0 | Christos Stavrakakis | # ---------------------------
|
74 | 839e2bd0 | Christos Stavrakakis | # Same as PUBLIC_ROUTED but with custom values
|
75 | 839e2bd0 | Christos Stavrakakis | CUSTOM_ROUTED_ROUTING_TABLE = 'custom_routing_table'
|
76 | 839e2bd0 | Christos Stavrakakis | CUSTOM_ROUTED_TAGS = [] |
77 | 839e2bd0 | Christos Stavrakakis | |
78 | 839e2bd0 | Christos Stavrakakis | # Settings for CUSTOM_BRIDGED:
|
79 | 839e2bd0 | Christos Stavrakakis | # ---------------------------
|
80 | 839e2bd0 | Christos Stavrakakis | # Same as PRIVATE_BRIDGED but with custom values
|
81 | 839e2bd0 | Christos Stavrakakis | CUSTOM_BRIDGED_BRIDGE = 'custom_bridge'
|
82 | 839e2bd0 | Christos Stavrakakis | CUSTOM_BRIDGED_TAGS = [] |
83 | e6a42a96 | Christos Stavrakakis | |
84 | 1277fb19 | Vangelis Koukis | # Firewalling
|
85 | cbaac7bc | Vangelis Koukis | GANETI_FIREWALL_ENABLED_TAG = 'synnefo:network:0:protected'
|
86 | cbaac7bc | Vangelis Koukis | GANETI_FIREWALL_DISABLED_TAG = 'synnefo:network:0:unprotected'
|
87 | cbaac7bc | Vangelis Koukis | GANETI_FIREWALL_PROTECTED_TAG = 'synnefo:network:0:limited'
|
88 | 1277fb19 | Vangelis Koukis | |
89 | 9b5b718a | Giorgos Verigakis | # The default firewall profile that will be in effect if no tags are defined
|
90 | 9b5b718a | Giorgos Verigakis | DEFAULT_FIREWALL_PROFILE = 'DISABLED'
|
91 | 9b5b718a | Giorgos Verigakis | |
92 | 1277fb19 | Vangelis Koukis | # our REST API would prefer to be explicit about trailing slashes
|
93 | 1277fb19 | Vangelis Koukis | APPEND_SLASH = False
|
94 | ccd0d474 | Giorgos Verigakis | |
95 | 5dd9d123 | Christos Stavrakakis | # Fixed mapping of user VMs to a specific backend.
|
96 | 5dd9d123 | Christos Stavrakakis | # e.g. BACKEND_PER_USER = {'example@okeanos.grnet.gr': 2}
|
97 | 5dd9d123 | Christos Stavrakakis | BACKEND_PER_USER = {} |
98 | 5dd9d123 | Christos Stavrakakis | |
99 | 61868190 | Vangelis Koukis | # Quota
|
100 | 61868190 | Vangelis Koukis | #
|
101 | 95e64ecd | Kostas Papadimitriou | # Maximum number of VMs a user is allowed to have.
|
102 | 7cc1fa2d | Vangelis Koukis | MAX_VMS_PER_USER = 3
|
103 | c738c935 | Giorgos Verigakis | |
104 | 95e64ecd | Kostas Papadimitriou | # Override maximum number of VMs for specific users.
|
105 | 95e64ecd | Kostas Papadimitriou | # e.g. VMS_USER_QUOTA = {'user1@grnet.gr': 5, 'user2@grnet.gr': 10}
|
106 | ce55f211 | Kostas Papadimitriou | VMS_USER_QUOTA = {} |
107 | ce55f211 | Kostas Papadimitriou | |
108 | 95e64ecd | Kostas Papadimitriou | # Maximum number of networks a user is allowed to have.
|
109 | ce55f211 | Kostas Papadimitriou | MAX_NETWORKS_PER_USER = 5
|
110 | ce55f211 | Kostas Papadimitriou | |
111 | 95e64ecd | Kostas Papadimitriou | # Override maximum number of private networks for specific users.
|
112 | 95e64ecd | Kostas Papadimitriou | # e.g. NETWORKS_USER_QUOTA = {'user1@grnet.gr': 5, 'user2@grnet.gr': 10}
|
113 | ce55f211 | Kostas Papadimitriou | NETWORKS_USER_QUOTA = {} |
114 | ce55f211 | Kostas Papadimitriou | |
115 | 5391d6b5 | Giorgos Verigakis | # URL templates for the stat graphs.
|
116 | 5391d6b5 | Giorgos Verigakis | # The API implementation replaces '%s' with the encrypted backend id.
|
117 | 5391d6b5 | Giorgos Verigakis | # FIXME: For now we do not encrypt the backend id.
|
118 | 5391d6b5 | Giorgos Verigakis | CPU_BAR_GRAPH_URL = 'http://stats.okeanos.grnet.gr/%s/cpu-bar.png'
|
119 | 5391d6b5 | Giorgos Verigakis | CPU_TIMESERIES_GRAPH_URL = 'http://stats.okeanos.grnet.gr/%s/cpu-ts.png'
|
120 | 5391d6b5 | Giorgos Verigakis | NET_BAR_GRAPH_URL = 'http://stats.okeanos.grnet.gr/%s/net-bar.png'
|
121 | 5391d6b5 | Giorgos Verigakis | NET_TIMESERIES_GRAPH_URL = 'http://stats.okeanos.grnet.gr/%s/net-ts.png'
|
122 | c738c935 | Giorgos Verigakis | |
123 | c738c935 | Giorgos Verigakis | # Recommended refresh period for server stats
|
124 | c738c935 | Giorgos Verigakis | STATS_REFRESH_PERIOD = 60
|
125 | fc443bcd | Giorgos Verigakis | |
126 | fc443bcd | Giorgos Verigakis | # The maximum number of file path/content pairs that can be supplied on server
|
127 | fc443bcd | Giorgos Verigakis | # build
|
128 | fc443bcd | Giorgos Verigakis | MAX_PERSONALITY = 5
|
129 | fc443bcd | Giorgos Verigakis | |
130 | fc443bcd | Giorgos Verigakis | # The maximum size, in bytes, for each personality file
|
131 | fc443bcd | Giorgos Verigakis | MAX_PERSONALITY_SIZE = 10240
|
132 | c909cbbd | Giorgos Verigakis | |
133 | c909cbbd | Giorgos Verigakis | # Available storage types to be used as disk templates
|
134 | c6dda6cd | Kostas Papadimitriou | # Use ext_<provider_name> to map specific provider for `ext` disk template.
|
135 | c909cbbd | Giorgos Verigakis | GANETI_DISK_TEMPLATES = ('blockdev', 'diskless', 'drbd', 'file', 'plain', |
136 | c909cbbd | Giorgos Verigakis | 'rbd', 'sharedfile') |
137 | c909cbbd | Giorgos Verigakis | DEFAULT_GANETI_DISK_TEMPLATE = 'drbd'
|
138 | 6ef51e9f | Giorgos Verigakis | |
139 | 6ef51e9f | Giorgos Verigakis | # The URL of an astakos instance that will be used for user authentication
|
140 | 6ef51e9f | Giorgos Verigakis | ASTAKOS_URL = 'https://astakos.okeanos.grnet.gr/im/authenticate'
|
141 | 30e0ed74 | Christos Stavrakakis | |
142 | 30e0ed74 | Christos Stavrakakis | # Key for password encryption-decryption. After changing this setting, synnefo
|
143 | 30e0ed74 | Christos Stavrakakis | # will be unable to decrypt all existing Backend passwords. You will need to
|
144 | 0224049a | Christos Stavrakakis | # store again the new password by using 'snf-manage backend-modify'.
|
145 | 0224049a | Christos Stavrakakis | # SECRET_ENCRYPTION_KEY may up to 32 bytes. Keys bigger than 32 bytes are not
|
146 | 0224049a | Christos Stavrakakis | # supported.
|
147 | ca8b1c21 | Christos Stavrakakis | SECRET_ENCRYPTION_KEY= "Password Encryption Key" |