listen_address
¶Type: | string |
---|---|
Default: | 0.0.0.0 |
IP to listen on.
listen_port
¶Type: | port number |
---|---|
Default: | 5050 |
Minimum Value: | 0 |
Maximum Value: | 65535 |
Port to listen on.
auth_strategy
¶Type: | string |
---|---|
Default: | keystone |
Valid Values: | keystone, noauth |
Authentication method used on the ironic-inspector API. Either “noauth” or “keystone” are currently valid options. “noauth” will disable all authentication.
timeout
¶Type: | integer |
---|---|
Default: | 3600 |
Timeout after which introspection is considered failed, set to 0 to disable.
node_status_keep_time
¶Type: | integer |
---|---|
Default: | 0 |
For how much time (in seconds) to keep status information about nodes after introspection was finished for them. Set to 0 (the default) to disable the timeout.
Warning
This option is deprecated for removal. Its value may be silently ignored in the future.
clean_up_period
¶Type: | integer |
---|---|
Default: | 60 |
Amount of time in seconds, after which repeat clean up of timed out nodes and old nodes status information.
use_ssl
¶Type: | boolean |
---|---|
Default: | false |
SSL Enabled/Disabled
ssl_cert_path
¶Type: | string |
---|---|
Default: |
Path to SSL certificate
ssl_key_path
¶Type: | string |
---|---|
Default: |
Path to SSL key
max_concurrency
¶Type: | integer |
---|---|
Default: | 1000 |
Minimum Value: | 2 |
The green thread pool size.
introspection_delay
¶Type: | integer |
---|---|
Default: | 5 |
Delay (in seconds) between two introspections.
ipmi_address_fields
¶Type: | list |
---|---|
Default: | ilo_address,drac_host,drac_address,cimc_address |
Ironic driver_info fields that are equivalent to ipmi_address.
rootwrap_config
¶Type: | string |
---|---|
Default: | /etc/ironic-inspector/rootwrap.conf |
Path to the rootwrap configuration file to use for running commands as root
api_max_limit
¶Type: | integer |
---|---|
Default: | 1000 |
Minimum Value: | 1 |
Limit the number of elements an API list-call returns
debug
¶Type: | boolean |
---|---|
Default: | false |
Mutable: | This option can be changed without restarting. |
If set to true, the logging level will be set to DEBUG instead of the default INFO level.
log_config_append
¶Type: | string |
---|---|
Default: | <None> |
Mutable: | This option can be changed without restarting. |
The name of a logging configuration file. This file is appended to any existing logging configuration files. For details about logging configuration files, see the Python logging module documentation. Note that when logging configuration files are used then all logging configuration is set in the configuration file and other logging configuration options are ignored (for example, logging_context_format_string).
Group | Name |
---|---|
DEFAULT | log-config |
DEFAULT | log_config |
log_date_format
¶Type: | string |
---|---|
Default: | %Y-%m-%d %H:%M:%S |
Defines the format string for %(asctime)s in log records. Default: the value above . This option is ignored if log_config_append is set.
log_file
¶Type: | string |
---|---|
Default: | <None> |
(Optional) Name of log file to send logging output to. If no default is set, logging will go to stderr as defined by use_stderr. This option is ignored if log_config_append is set.
Group | Name |
---|---|
DEFAULT | logfile |
log_dir
¶Type: | string |
---|---|
Default: | <None> |
(Optional) The base directory used for relative log_file paths. This option is ignored if log_config_append is set.
Group | Name |
---|---|
DEFAULT | logdir |
watch_log_file
¶Type: | boolean |
---|---|
Default: | false |
Uses logging handler designed to watch file system. When log file is moved or removed this handler will open a new log file with specified path instantaneously. It makes sense only if log_file option is specified and Linux platform is used. This option is ignored if log_config_append is set.
use_syslog
¶Type: | boolean |
---|---|
Default: | false |
Use syslog for logging. Existing syslog format is DEPRECATED and will be changed later to honor RFC5424. This option is ignored if log_config_append is set.
use_journal
¶Type: | boolean |
---|---|
Default: | false |
Enable journald for logging. If running in a systemd environment you may wish to enable journal support. Doing so will use the journal native protocol which includes structured metadata in addition to log messages.This option is ignored if log_config_append is set.
syslog_log_facility
¶Type: | string |
---|---|
Default: | LOG_USER |
Syslog facility to receive log lines. This option is ignored if log_config_append is set.
use_stderr
¶Type: | boolean |
---|---|
Default: | false |
Log output to standard error. This option is ignored if log_config_append is set.
logging_context_format_string
¶Type: | string |
---|---|
Default: | %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s |
Format string to use for log messages with context.
logging_default_format_string
¶Type: | string |
---|---|
Default: | %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s |
Format string to use for log messages when context is undefined.
logging_debug_format_suffix
¶Type: | string |
---|---|
Default: | %(funcName)s %(pathname)s:%(lineno)d |
Additional data to append to log message when logging level for the message is DEBUG.
logging_exception_prefix
¶Type: | string |
---|---|
Default: | %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s |
Prefix each line of exception output with this format.
logging_user_identity_format
¶Type: | string |
---|---|
Default: | %(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s |
Defines the format string for %(user_identity)s that is used in logging_context_format_string.
default_log_levels
¶Type: | list |
---|---|
Default: | amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,oslo_messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN,keystoneauth=WARN,oslo.cache=INFO,dogpile.core.dogpile=INFO |
List of package logging levels in logger=LEVEL pairs. This option is ignored if log_config_append is set.
publish_errors
¶Type: | boolean |
---|---|
Default: | false |
Enables or disables publication of error events.
instance_format
¶Type: | string |
---|---|
Default: | "[instance: %(uuid)s] " |
The format for an instance that is passed with the log message.
instance_uuid_format
¶Type: | string |
---|---|
Default: | "[instance: %(uuid)s] " |
The format for an instance UUID that is passed with the log message.
rate_limit_interval
¶Type: | integer |
---|---|
Default: | 0 |
Interval, number of seconds, of log rate limiting.
rate_limit_burst
¶Type: | integer |
---|---|
Default: | 0 |
Maximum number of logged messages per rate_limit_interval.
rate_limit_except_level
¶Type: | string |
---|---|
Default: | CRITICAL |
Log level name used by rate limiting: CRITICAL, ERROR, INFO, WARNING, DEBUG or empty string. Logs with level greater or equal to rate_limit_except_level are not filtered. An empty string means that all levels are filtered.
fatal_deprecations
¶Type: | boolean |
---|---|
Default: | false |
Enables or disables fatal status of deprecations.
boot_mode
¶Type: | boolean |
---|---|
Default: | false |
Whether to store the boot mode (BIOS or UEFI).
cpu_flags
¶Type: | dict |
---|---|
Default: | aes:cpu_aes,pdpe1gb:cpu_hugepages_1g,pse:cpu_hugepages,smx:cpu_txt,svm:cpu_vt,vmx:cpu_vt |
Mapping between a CPU flag and a capability to set if this flag is present.
allowed_origin
¶Type: | list |
---|---|
Default: | <None> |
Indicate whether this resource may be shared with the domain received in the requests “origin” header. Format: “<protocol>://<host>[:<port>]”, no trailing slash. Example: https://horizon.example.com
allow_credentials
¶Type: | boolean |
---|---|
Default: | true |
Indicate that the actual request can include user credentials
expose_headers
¶Type: | list |
---|---|
Default: |
Indicate which headers are safe to expose to the API. Defaults to HTTP Simple Headers.
max_age
¶Type: | integer |
---|---|
Default: | 3600 |
Maximum cache age of CORS preflight requests.
allow_methods
¶Type: | list |
---|---|
Default: | GET,POST,PUT,HEAD,PATCH,DELETE,OPTIONS |
Indicate which methods can be used during the actual request.
allow_headers
¶Type: | list |
---|---|
Default: | X-Auth-Token,X-OpenStack-Ironic-Inspector-API-Minimum-Version,X-OpenStack-Ironic-Inspector-API-Maximum-Version,X-OpenStack-Ironic-Inspector-API-Version |
Indicate which header field names may be used during the actual request.
sqlite_synchronous
¶Type: | boolean |
---|---|
Default: | true |
If True, SQLite uses synchronous mode.
Group | Name |
---|---|
DEFAULT | sqlite_synchronous |
backend
¶Type: | string |
---|---|
Default: | sqlalchemy |
The back end to use for the database.
Group | Name |
---|---|
DEFAULT | db_backend |
connection
¶Type: | string |
---|---|
Default: | <None> |
The SQLAlchemy connection string to use to connect to the database.
Group | Name |
---|---|
DEFAULT | sql_connection |
DATABASE | sql_connection |
sql | connection |
slave_connection
¶Type: | string |
---|---|
Default: | <None> |
The SQLAlchemy connection string to use to connect to the slave database.
mysql_sql_mode
¶Type: | string |
---|---|
Default: | TRADITIONAL |
The SQL mode to be used for MySQL sessions. This option, including the default, overrides any server-set SQL mode. To use whatever SQL mode is set by the server configuration, set this to no value. Example: mysql_sql_mode=
mysql_enable_ndb
¶Type: | boolean |
---|---|
Default: | false |
If True, transparently enables support for handling MySQL Cluster (NDB).
idle_timeout
¶Type: | integer |
---|---|
Default: | 3600 |
Timeout before idle SQL connections are reaped.
Group | Name |
---|---|
DEFAULT | sql_idle_timeout |
DATABASE | sql_idle_timeout |
sql | idle_timeout |
min_pool_size
¶Type: | integer |
---|---|
Default: | 1 |
Minimum number of SQL connections to keep open in a pool.
Group | Name |
---|---|
DEFAULT | sql_min_pool_size |
DATABASE | sql_min_pool_size |
max_pool_size
¶Type: | integer |
---|---|
Default: | 5 |
Maximum number of SQL connections to keep open in a pool. Setting a value of 0 indicates no limit.
Group | Name |
---|---|
DEFAULT | sql_max_pool_size |
DATABASE | sql_max_pool_size |
max_retries
¶Type: | integer |
---|---|
Default: | 10 |
Maximum number of database connection retries during startup. Set to -1 to specify an infinite retry count.
Group | Name |
---|---|
DEFAULT | sql_max_retries |
DATABASE | sql_max_retries |
retry_interval
¶Type: | integer |
---|---|
Default: | 10 |
Interval between retries of opening a SQL connection.
Group | Name |
---|---|
DEFAULT | sql_retry_interval |
DATABASE | reconnect_interval |
max_overflow
¶Type: | integer |
---|---|
Default: | 50 |
If set, use this value for max_overflow with SQLAlchemy.
Group | Name |
---|---|
DEFAULT | sql_max_overflow |
DATABASE | sqlalchemy_max_overflow |
connection_debug
¶Type: | integer |
---|---|
Default: | 0 |
Minimum Value: | 0 |
Maximum Value: | 100 |
Verbosity of SQL debugging information: 0=None, 100=Everything.
Group | Name |
---|---|
DEFAULT | sql_connection_debug |
connection_trace
¶Type: | boolean |
---|---|
Default: | false |
Add Python stack traces to SQL as comment strings.
Group | Name |
---|---|
DEFAULT | sql_connection_trace |
pool_timeout
¶Type: | integer |
---|---|
Default: | <None> |
If set, use this value for pool_timeout with SQLAlchemy.
Group | Name |
---|---|
DATABASE | sqlalchemy_pool_timeout |
use_db_reconnect
¶Type: | boolean |
---|---|
Default: | false |
Enable the experimental use of database reconnect on connection lost.
db_retry_interval
¶Type: | integer |
---|---|
Default: | 1 |
Seconds between retries of a database transaction.
db_inc_retry_interval
¶Type: | boolean |
---|---|
Default: | true |
If True, increases the interval between retries of a database operation up to db_max_retry_interval.
db_max_retry_interval
¶Type: | integer |
---|---|
Default: | 10 |
If db_inc_retry_interval is set, the maximum seconds between retries of a database operation.
db_max_retries
¶Type: | integer |
---|---|
Default: | 20 |
Maximum retries in case of connection error or deadlock error before error is raised. Set to -1 to specify an infinite retry count.
enroll_node_driver
¶Type: | string |
---|---|
Default: | fake |
The name of the Ironic driver used by the enroll hook when creating a new node in Ironic.
manage_firewall
¶Type: | boolean |
---|---|
Default: | true |
Whether to manage firewall rules for PXE port.
dnsmasq_interface
¶Type: | string |
---|---|
Default: | br-ctlplane |
Interface on which dnsmasq listens, the default is for VM’s.
firewall_update_period
¶Type: | integer |
---|---|
Default: | 15 |
Amount of time in seconds, after which repeat periodic update of firewall.
firewall_chain
¶Type: | string |
---|---|
Default: | ironic-inspector |
iptables chain name to use.
ethoib_interfaces
¶Type: | list |
---|---|
Default: |
List of Etherent Over InfiniBand interfaces on the Inspector host which are used for physical access to the DHCP network. Multiple interfaces would be attached to a bond or bridge specified in dnsmasq_interface. The MACs of the InfiniBand nodes which are not in desired state are going to be blacklisted based on the list of neighbor MACs on these interfaces.
auth_url
¶Type: | unknown type |
---|---|
Default: | <None> |
Authentication URL
auth_strategy
¶Type: | string |
---|---|
Default: | keystone |
Valid Values: | keystone, noauth |
Method to use for authentication: noauth or keystone.
auth_type
¶Type: | unknown type |
---|---|
Default: | <None> |
Authentication type to load
Group | Name |
---|---|
ironic | auth_plugin |
cafile
¶Type: | string |
---|---|
Default: | <None> |
PEM encoded Certificate Authority to use when verifying HTTPs connections.
certfile
¶Type: | string |
---|---|
Default: | <None> |
PEM encoded client certificate cert file
default_domain_id
¶Type: | unknown type |
---|---|
Default: | <None> |
Optional domain ID to use with v3 and v2 parameters. It will be used for both the user and project domain in v3 and ignored in v2 authentication.
default_domain_name
¶Type: | unknown type |
---|---|
Default: | <None> |
Optional domain name to use with v3 API and v2 parameters. It will be used for both the user and project domain in v3 and ignored in v2 authentication.
domain_id
¶Type: | unknown type |
---|---|
Default: | <None> |
Domain ID to scope to
domain_name
¶Type: | unknown type |
---|---|
Default: | <None> |
Domain name to scope to
insecure
¶Type: | boolean |
---|---|
Default: | false |
Verify HTTPS connections.
ironic_url
¶Type: | string |
---|---|
Default: | http://localhost:6385/ |
Ironic API URL, used to set Ironic API URL when auth_strategy option is noauth to work with standalone Ironic without keystone.
keyfile
¶Type: | string |
---|---|
Default: | <None> |
PEM encoded client certificate key file
max_retries
¶Type: | integer |
---|---|
Default: | 30 |
Maximum number of retries in case of conflict error (HTTP 409).
os_endpoint_type
¶Type: | string |
---|---|
Default: | internalURL |
Ironic endpoint type.
os_region
¶Type: | string |
---|---|
Default: | <None> |
Keystone region used to get Ironic endpoints.
os_service_type
¶Type: | string |
---|---|
Default: | baremetal |
Ironic service type.
password
¶Type: | unknown type |
---|---|
Default: | <None> |
User’s password
project_domain_id
¶Type: | unknown type |
---|---|
Default: | <None> |
Domain ID containing project
project_domain_name
¶Type: | unknown type |
---|---|
Default: | <None> |
Domain name containing project
project_id
¶Type: | unknown type |
---|---|
Default: | <None> |
Project ID to scope to
Group | Name |
---|---|
ironic | tenant-id |
ironic | tenant_id |
project_name
¶Type: | unknown type |
---|---|
Default: | <None> |
Project name to scope to
Group | Name |
---|---|
ironic | tenant-name |
ironic | tenant_name |
retry_interval
¶Type: | integer |
---|---|
Default: | 2 |
Interval between retries in case of conflict error (HTTP 409).
tenant_id
¶Type: | unknown type |
---|---|
Default: | <None> |
Tenant ID
tenant_name
¶Type: | unknown type |
---|---|
Default: | <None> |
Tenant Name
timeout
¶Type: | integer |
---|---|
Default: | <None> |
Timeout value for http requests
trust_id
¶Type: | unknown type |
---|---|
Default: | <None> |
Trust ID
user_domain_id
¶Type: | unknown type |
---|---|
Default: | <None> |
User’s domain id
user_domain_name
¶Type: | unknown type |
---|---|
Default: | <None> |
User’s domain name
user_id
¶Type: | unknown type |
---|---|
Default: | <None> |
User id
auth_uri
¶Type: | string |
---|---|
Default: | <None> |
Complete “public” Identity API endpoint. This endpoint should not be an “admin” endpoint, as it should be accessible by all end users. Unauthenticated clients are redirected to this endpoint to authenticate. Although this endpoint should ideally be unversioned, client support in the wild varies. If you’re using a versioned v2 endpoint here, then this should not be the same endpoint the service user utilizes for validating tokens, because normal end users may not be able to reach that endpoint.
auth_version
¶Type: | string |
---|---|
Default: | <None> |
API version of the admin Identity API endpoint.
delay_auth_decision
¶Type: | boolean |
---|---|
Default: | false |
Do not handle authorization requests within the middleware, but delegate the authorization decision to downstream WSGI components.
http_connect_timeout
¶Type: | integer |
---|---|
Default: | <None> |
Request timeout value for communicating with Identity API server.
http_request_max_retries
¶Type: | integer |
---|---|
Default: | 3 |
How many times are we trying to reconnect when communicating with Identity API Server.
cache
¶Type: | string |
---|---|
Default: | <None> |
Request environment key where the Swift cache object is stored. When auth_token middleware is deployed with a Swift cache, use this option to have the middleware share a caching backend with swift. Otherwise, use the memcached_servers
option instead.
certfile
¶Type: | string |
---|---|
Default: | <None> |
Required if identity server requires client certificate
keyfile
¶Type: | string |
---|---|
Default: | <None> |
Required if identity server requires client certificate
cafile
¶Type: | string |
---|---|
Default: | <None> |
A PEM encoded Certificate Authority to use when verifying HTTPs connections. Defaults to system CAs.
insecure
¶Type: | boolean |
---|---|
Default: | false |
Verify HTTPS connections.
region_name
¶Type: | string |
---|---|
Default: | <None> |
The region in which the identity server can be found.
signing_dir
¶Type: | string |
---|---|
Default: | <None> |
Directory used to cache files related to PKI tokens. This option has been deprecated in the Ocata release and will be removed in the P release.
Warning
This option is deprecated for removal since Ocata. Its value may be silently ignored in the future.
Reason: | PKI token format is no longer supported. |
---|
memcached_servers
¶Type: | list |
---|---|
Default: | <None> |
Optionally specify a list of memcached server(s) to use for caching. If left undefined, tokens will instead be cached in-process.
Group | Name |
---|---|
keystone_authtoken | memcache_servers |
token_cache_time
¶Type: | integer |
---|---|
Default: | 300 |
In order to prevent excessive effort spent validating tokens, the middleware caches previously-seen tokens for a configurable duration (in seconds). Set to -1 to disable caching completely.
revocation_cache_time
¶Type: | integer |
---|---|
Default: | 10 |
Determines the frequency at which the list of revoked tokens is retrieved from the Identity service (in seconds). A high number of revocation events combined with a low cache duration may significantly reduce performance. Only valid for PKI tokens. This option has been deprecated in the Ocata release and will be removed in the P release.
Warning
This option is deprecated for removal since Ocata. Its value may be silently ignored in the future.
Reason: | PKI token format is no longer supported. |
---|
memcache_security_strategy
¶Type: | string |
---|---|
Default: | None |
Valid Values: | None, MAC, ENCRYPT |
(Optional) If defined, indicate whether token data should be authenticated or authenticated and encrypted. If MAC, token data is authenticated (with HMAC) in the cache. If ENCRYPT, token data is encrypted and authenticated in the cache. If the value is not one of these options or empty, auth_token will raise an exception on initialization.
memcache_secret_key
¶Type: | string |
---|---|
Default: | <None> |
(Optional, mandatory if memcache_security_strategy is defined) This string is used for key derivation.
memcache_pool_dead_retry
¶Type: | integer |
---|---|
Default: | 300 |
(Optional) Number of seconds memcached server is considered dead before it is tried again.
memcache_pool_maxsize
¶Type: | integer |
---|---|
Default: | 10 |
(Optional) Maximum total number of open connections to every memcached server.
memcache_pool_socket_timeout
¶Type: | integer |
---|---|
Default: | 3 |
(Optional) Socket timeout in seconds for communicating with a memcached server.
memcache_pool_unused_timeout
¶Type: | integer |
---|---|
Default: | 60 |
(Optional) Number of seconds a connection to memcached is held unused in the pool before it is closed.
memcache_pool_conn_get_timeout
¶Type: | integer |
---|---|
Default: | 10 |
(Optional) Number of seconds that an operation will wait to get a memcached client connection from the pool.
memcache_use_advanced_pool
¶Type: | boolean |
---|---|
Default: | false |
(Optional) Use the advanced (eventlet safe) memcached client pool. The advanced pool will only work under python 2.x.
include_service_catalog
¶Type: | boolean |
---|---|
Default: | true |
(Optional) Indicate whether to set the X-Service-Catalog header. If False, middleware will not ask for service catalog on token validation and will not set the X-Service-Catalog header.
enforce_token_bind
¶Type: | string |
---|---|
Default: | permissive |
Used to control the use and type of token binding. Can be set to: “disabled” to not check token binding. “permissive” (default) to validate binding information if the bind type is of a form known to the server and ignore it if not. “strict” like “permissive” but if the bind type is unknown the token will be rejected. “required” any form of token binding is needed to be allowed. Finally the name of a binding method that must be present in tokens.
check_revocations_for_cached
¶Type: | boolean |
---|---|
Default: | false |
If true, the revocation list will be checked for cached tokens. This requires that PKI tokens are configured on the identity server.
Warning
This option is deprecated for removal since Ocata. Its value may be silently ignored in the future.
Reason: | PKI token format is no longer supported. |
---|
hash_algorithms
¶Type: | list |
---|---|
Default: | md5 |
Hash algorithms to use for hashing PKI tokens. This may be a single algorithm or multiple. The algorithms are those supported by Python standard hashlib.new(). The hashes will be tried in the order given, so put the preferred one first for performance. The result of the first hash will be stored in the cache. This will typically be set to multiple values only while migrating from a less secure algorithm to a more secure one. Once all the old tokens are expired this option should be set to a single value for better performance.
Warning
This option is deprecated for removal since Ocata. Its value may be silently ignored in the future.
Reason: | PKI token format is no longer supported. |
---|
service_token_roles
¶Type: | list |
---|---|
Default: | service |
A choice of roles that must be present in a service token. Service tokens are allowed to request that an expired token can be used and so this check should tightly control that only actual services should be sending this token. Roles here are applied as an ANY check so any role in this list must be present. For backwards compatibility reasons this currently only affects the allow_expired check.
service_token_roles_required
¶Type: | boolean |
---|---|
Default: | false |
For backwards compatibility reasons we must let valid service tokens pass that don’t pass the service_token_roles check as valid. Setting this true will become the default in a future release and should be enabled if possible.
auth_type
¶Type: | unknown type |
---|---|
Default: | <None> |
Authentication type to load
Group | Name |
---|---|
keystone_authtoken | auth_plugin |
auth_section
¶Type: | unknown type |
---|---|
Default: | <None> |
Config Section from which to load plugin specific options
alias
¶Type: | multi-valued |
---|---|
Default: |
An alias for PCI device identified by ‘vendor_id’ and ‘product_id’ fields. Format: {“vendor_id”: “1234”, “product_id”: “5678”, “name”: “pci_dev1”}
add_ports
¶Type: | string |
---|---|
Default: | pxe |
Valid Values: | all, active, pxe, disabled |
Which MAC addresses to add as ports during introspection. Possible values: all (all MAC addresses), active (MAC addresses of NIC with IP addresses), pxe (only MAC address of NIC node PXE booted from, falls back to “active” if PXE MAC is not supplied by the ramdisk).
keep_ports
¶Type: | string |
---|---|
Default: | all |
Valid Values: | all, present, added |
Which ports (already present on a node) to keep after introspection. Possible values: all (do not delete anything), present (keep ports which MACs were present in introspection data), added (keep only MACs that we added during introspection).
overwrite_existing
¶Type: | boolean |
---|---|
Default: | true |
Whether to overwrite existing values in node database. Disable this option to make introspection a non-destructive operation.
default_processing_hooks
¶Type: | string |
---|---|
Default: | ramdisk_error,root_disk_selection,scheduler,validate_interfaces,capabilities,pci_devices |
Comma-separated list of default hooks for processing pipeline. Hook ‘scheduler’ updates the node with the minimum properties required by the Nova scheduler. Hook ‘validate_interfaces’ ensures that valid NIC data was provided by the ramdisk. Do not exclude these two unless you really know what you’re doing.
processing_hooks
¶Type: | string |
---|---|
Default: | $default_processing_hooks |
Comma-separated list of enabled hooks for processing pipeline. The default for this is $default_processing_hooks, hooks can be added before or after the defaults like this: “prehook,$default_processing_hooks,posthook”.
ramdisk_logs_dir
¶Type: | string |
---|---|
Default: | <None> |
If set, logs from ramdisk will be stored in this directory.
always_store_ramdisk_logs
¶Type: | boolean |
---|---|
Default: | false |
Whether to store ramdisk logs even if it did not return an error message (dependent upon “ramdisk_logs_dir” option being set).
node_not_found_hook
¶Type: | string |
---|---|
Default: | <None> |
The name of the hook to run when inspector receives inspection information from a node it isn’t already aware of. This hook is ignored by default.
store_data
¶Type: | string |
---|---|
Default: | none |
Valid Values: | none, swift |
Method for storing introspection data. If set to ‘none’, introspection data will not be stored.
store_data_location
¶Type: | string |
---|---|
Default: | <None> |
Name of the key to store the location of stored data in the extra column of the Ironic database.
disk_partitioning_spacing
¶Type: | boolean |
---|---|
Default: | true |
Whether to leave 1 GiB of disk size untouched for partitioning. Only has effect when used with the IPA as a ramdisk, for older ramdisk local_gb is calculated on the ramdisk side.
ramdisk_logs_filename_format
¶Type: | string |
---|---|
Default: | {uuid}_{dt:%Y%m%d-%H%M%S.%f}.tar.gz |
File name template for storing ramdisk logs. The following replacements can be used: {uuid} - node UUID or “unknown”, {bmc} - node BMC address or “unknown”, {dt} - current UTC date and time, {mac} - PXE booting MAC or “unknown”.
power_off
¶Type: | boolean |
---|---|
Default: | true |
Whether to power off a node after introspection.
driver
¶Type: | string |
---|---|
Default: | noop |
PXE boot filter driver to use, such as iptables. This option has no effect yet.
sync_period
¶Type: | integer |
---|---|
Default: | 15 |
Minimum Value: | 0 |
Amount of time in seconds, after which repeat periodic update of the filter. This option has no effect yet.
auth_url
¶Type: | unknown type |
---|---|
Default: | <None> |
Authentication URL
auth_type
¶Type: | unknown type |
---|---|
Default: | <None> |
Authentication type to load
Group | Name |
---|---|
swift | auth_plugin |
cafile
¶Type: | string |
---|---|
Default: | <None> |
PEM encoded Certificate Authority to use when verifying HTTPs connections.
certfile
¶Type: | string |
---|---|
Default: | <None> |
PEM encoded client certificate cert file
container
¶Type: | string |
---|---|
Default: | ironic-inspector |
Default Swift container to use when creating objects.
default_domain_id
¶Type: | unknown type |
---|---|
Default: | <None> |
Optional domain ID to use with v3 and v2 parameters. It will be used for both the user and project domain in v3 and ignored in v2 authentication.
default_domain_name
¶Type: | unknown type |
---|---|
Default: | <None> |
Optional domain name to use with v3 API and v2 parameters. It will be used for both the user and project domain in v3 and ignored in v2 authentication.
delete_after
¶Type: | integer |
---|---|
Default: | 0 |
Number of seconds that the Swift object will last before being deleted. (set to 0 to never delete the object).
domain_id
¶Type: | unknown type |
---|---|
Default: | <None> |
Domain ID to scope to
domain_name
¶Type: | unknown type |
---|---|
Default: | <None> |
Domain name to scope to
insecure
¶Type: | boolean |
---|---|
Default: | false |
Verify HTTPS connections.
keyfile
¶Type: | string |
---|---|
Default: | <None> |
PEM encoded client certificate key file
max_retries
¶Type: | integer |
---|---|
Default: | 2 |
Maximum number of times to retry a Swift request, before failing.
os_endpoint_type
¶Type: | string |
---|---|
Default: | internalURL |
Swift endpoint type.
os_region
¶Type: | string |
---|---|
Default: | <None> |
Keystone region to get endpoint for.
os_service_type
¶Type: | string |
---|---|
Default: | object-store |
Swift service type.
password
¶Type: | unknown type |
---|---|
Default: | <None> |
User’s password
project_domain_id
¶Type: | unknown type |
---|---|
Default: | <None> |
Domain ID containing project
project_domain_name
¶Type: | unknown type |
---|---|
Default: | <None> |
Domain name containing project
project_id
¶Type: | unknown type |
---|---|
Default: | <None> |
Project ID to scope to
Group | Name |
---|---|
swift | tenant-id |
swift | tenant_id |
project_name
¶Type: | unknown type |
---|---|
Default: | <None> |
Project name to scope to
Group | Name |
---|---|
swift | tenant-name |
swift | tenant_name |
tenant_id
¶Type: | unknown type |
---|---|
Default: | <None> |
Tenant ID
tenant_name
¶Type: | unknown type |
---|---|
Default: | <None> |
Tenant Name
timeout
¶Type: | integer |
---|---|
Default: | <None> |
Timeout value for http requests
trust_id
¶Type: | unknown type |
---|---|
Default: | <None> |
Trust ID
user_domain_id
¶Type: | unknown type |
---|---|
Default: | <None> |
User’s domain id
user_domain_name
¶Type: | unknown type |
---|---|
Default: | <None> |
User’s domain name
user_id
¶Type: | unknown type |
---|---|
Default: | <None> |
User id
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.