python-glance: Load credentials from the identity class

The configuration files are now automatically created from
the templates.

Signed-off-by: Mihai Prica <prica.mihai@gmail.com>

3 files changed, 0 insertions, 588 deletions

diff --git a/meta-openstack/recipes-devtools/python/python-glance/glance-api.conf b/meta-openstack/recipes-devtools/python/python-glance/glance-api.conf
deleted file mode 100644
index cc7c43d..0000000
--- a/meta-openstack/recipes-devtools/python/python-glance/glance-api.conf
+++ /dev/null
@@ -1,356 +0,0 @@
-[DEFAULT]
-# Show more verbose log output (sets INFO log level output)
-#verbose = False
-
-# Show debugging output in logs (sets DEBUG log level output)
-#debug = False
-
-# Which backend scheme should Glance use by default is not specified
-# in a request to add a new image to Glance? Known schemes are determined
-# by the known_stores option below.
-# Default: 'file'
-default_store = file
-
-# List of which store classes and store class locations are
-# currently known to glance at startup.
-#known_stores = glance.store.filesystem.Store,
-#               glance.store.http.Store,
-#               glance.store.rbd.Store,
-#               glance.store.s3.Store,
-#               glance.store.swift.Store,
-
-
-# Maximum image size (in bytes) that may be uploaded through the
-# Glance API server. Defaults to 1 TB.
-# WARNING: this value should only be increased after careful consideration
-# and must be set to a value under 8 EB (9223372036854775808).
-#image_size_cap = 1099511627776
-
-# Address to bind the API server
-bind_host = 0.0.0.0
-
-# Port the bind the API server to
-bind_port = 9292
-
-# Log to this file. Make sure you do not set the same log
-# file for both the API and registry servers!
-log_file = /var/log/glance/api.log
-
-# Backlog requests when creating socket
-backlog = 4096
-
-# TCP_KEEPIDLE value in seconds when creating socket.
-# Not supported on OS X.
-#tcp_keepidle = 600
-
-# SQLAlchemy connection string for the reference implementation
-# registry server. Any valid SQLAlchemy connection string is fine.
-# See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine
-sql_connection = postgresql://admin:admin@localhost/glance
-
-# Period in seconds after which SQLAlchemy should reestablish its connection
-# to the database.
-#
-# MySQL uses a default `wait_timeout` of 8 hours, after which it will drop
-# idle connections. This can result in 'MySQL Gone Away' exceptions. If you
-# notice this, you can lower this value to ensure that SQLAlchemy reconnects
-# before MySQL can drop the connection.
-sql_idle_timeout = 3600
-
-# Number of Glance API worker processes to start.
-# On machines with more than one CPU increasing this value
-# may improve performance (especially if using SSL with
-# compression turned on). It is typically recommended to set
-# this value to the number of CPUs present on your machine.
-workers = 1
-
-# Role used to identify an authenticated user as administrator
-#admin_role = admin
-
-# Allow unauthenticated users to access the API with read-only
-# privileges. This only applies when using ContextMiddleware.
-#allow_anonymous_access = False
-
-# Allow access to version 1 of glance api
-#enable_v1_api = True
-
-# Allow access to version 2 of glance api
-#enable_v2_api = True
-
-# Return the URL that references where the data is stored on
-# the backend storage system.  For example, if using the
-# file system store a URL of 'file:///path/to/image' will
-# be returned to the user in the 'direct_url' meta-data field.
-# The default value is false.
-#show_image_direct_url = False
-
-# ================= Syslog Options ============================
-
-# Send logs to syslog (/dev/log) instead of to file specified
-# by `log_file`
-#use_syslog = False
-
-# Facility to use. If unset defaults to LOG_USER.
-#syslog_log_facility = LOG_LOCAL0
-
-# ================= SSL Options ===============================
-
-# Certificate file to use when starting API server securely
-#cert_file = /path/to/certfile
-
-# Private key file to use when starting API server securely
-#key_file = /path/to/keyfile
-
-# CA certificate file to use to verify connecting clients
-#ca_file = /path/to/cafile
-
-# ================= Security Options ==========================
-
-# AES key for encrypting store 'location' metadata, including
-# -- if used -- Swift or S3 credentials
-# Should be set to a random string of length 16, 24 or 32 bytes
-#metadata_encryption_key = <16, 24 or 32 char registry metadata key>
-
-# ============ Registry Options ===============================
-
-# Address to find the registry server
-registry_host = 0.0.0.0
-
-# Port the registry server is listening on
-registry_port = 9191
-
-# What protocol to use when connecting to the registry server?
-# Set to https for secure HTTP communication
-registry_client_protocol = http
-
-# The path to the key file to use in SSL connections to the
-# registry server, if any. Alternately, you may set the
-# GLANCE_CLIENT_KEY_FILE environ variable to a filepath of the key file
-#registry_client_key_file = /path/to/key/file
-
-# The path to the cert file to use in SSL connections to the
-# registry server, if any. Alternately, you may set the
-# GLANCE_CLIENT_CERT_FILE environ variable to a filepath of the cert file
-#registry_client_cert_file = /path/to/cert/file
-
-# The path to the certifying authority cert file to use in SSL connections
-# to the registry server, if any. Alternately, you may set the
-# GLANCE_CLIENT_CA_FILE environ variable to a filepath of the CA cert file
-#registry_client_ca_file = /path/to/ca/file
-
-# When using SSL in connections to the registry server, do not require
-# validation via a certifying authority. This is the registry's equivalent of
-# specifying --insecure on the command line using glanceclient for the API
-# Default: False
-#registry_client_insecure = False
-
-# The period of time, in seconds, that the API server will wait for a registry
-# request to complete. A value of '0' implies no timeout.
-# Default: 600
-#registry_client_timeout = 600
-
-# Whether to automatically create the database tables.
-# Default: False
-#db_auto_create = False
-
-# ============ Notification System Options =====================
-
-# Notifications can be sent when images are create, updated or deleted.
-# There are three methods of sending notifications, logging (via the
-# log_file directive), rabbit (via a rabbitmq queue), qpid (via a Qpid
-# message queue), or noop (no notifications sent, the default)
-notifier_strategy = noop
-
-# Configuration options if sending notifications via rabbitmq (these are
-# the defaults)
-rabbit_host = localhost
-rabbit_port = 5672
-rabbit_use_ssl = false
-rabbit_userid = guest
-rabbit_password = guest
-rabbit_virtual_host = /
-rabbit_notification_exchange = glance
-rabbit_notification_topic = notifications
-rabbit_durable_queues = False
-
-# Configuration options if sending notifications via Qpid (these are
-# the defaults)
-qpid_notification_exchange = glance
-qpid_notification_topic = notifications
-qpid_host = localhost
-qpid_port = 5672
-qpid_username =
-qpid_password =
-qpid_sasl_mechanisms =
-qpid_reconnect_timeout = 0
-qpid_reconnect_limit = 0
-qpid_reconnect_interval_min = 0
-qpid_reconnect_interval_max = 0
-qpid_reconnect_interval = 0
-qpid_heartbeat = 5
-# Set to 'ssl' to enable SSL
-qpid_protocol = tcp
-qpid_tcp_nodelay = True
-
-# ============ Filesystem Store Options ========================
-
-# Directory that the Filesystem backend store
-# writes image data to
-filesystem_store_datadir = /etc/glance/images/
-
-# ============ Swift Store Options =============================
-
-# Version of the authentication service to use
-# Valid versions are '2' for keystone and '1' for swauth and rackspace
-swift_store_auth_version = 2
-
-# Address where the Swift authentication service lives
-# Valid schemes are 'http://' and 'https://'
-# If no scheme specified,  default to 'https://'
-# For swauth, use something like '127.0.0.1:8080/v1.0/'
-swift_store_auth_address = 127.0.0.1:5000/v2.0/
-
-# User to authenticate against the Swift authentication service
-# If you use Swift authentication service, set it to 'account':'user'
-# where 'account' is a Swift storage account and 'user'
-# is a user in that account
-swift_store_user = jdoe:jdoe
-
-# Auth key for the user authenticating against the
-# Swift authentication service
-swift_store_key = a86850deb2742ec3cb41518e26aa2d89
-
-# Container within the account that the account should use
-# for storing images in Swift
-swift_store_container = glance
-
-# Do we create the container if it does not exist?
-swift_store_create_container_on_put = False
-
-# What size, in MB, should Glance start chunking image files
-# and do a large object manifest in Swift? By default, this is
-# the maximum object size in Swift, which is 5GB
-swift_store_large_object_size = 5120
-
-# When doing a large object manifest, what size, in MB, should
-# Glance write chunks to Swift? This amount of data is written
-# to a temporary disk buffer during the process of chunking
-# the image file, and the default is 200MB
-swift_store_large_object_chunk_size = 200
-
-# Whether to use ServiceNET to communicate with the Swift storage servers.
-# (If you aren't RACKSPACE, leave this False!)
-#
-# To use ServiceNET for authentication, prefix hostname of
-# `swift_store_auth_address` with 'snet-'.
-# Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/
-swift_enable_snet = False
-
-# If set to True enables multi-tenant storage mode which causes Glance images
-# to be stored in tenant specific Swift accounts.
-#swift_store_multi_tenant = False
-
-# A list of swift ACL strings that will be applied as both read and
-# write ACLs to the containers created by Glance in multi-tenant
-# mode. This grants the specified tenants/users read and write access
-# to all newly created image objects. The standard swift ACL string
-# formats are allowed, including:
-# <tenant_id>:<username>
-# <tenant_name>:<username>
-# *:<username>
-# Multiple ACLs can be combined using a comma separated list, for
-# example: swift_store_admin_tenants = service:glance,*:admin
-#swift_store_admin_tenants =
-
-# The region of the swift endpoint to be used for single tenant. This setting
-# is only necessary if the tenant has multiple swift endpoints.
-#swift_store_region =
-
-# ============ S3 Store Options =============================
-
-# Address where the S3 authentication service lives
-# Valid schemes are 'http://' and 'https://'
-# If no scheme specified,  default to 'http://'
-s3_store_host = 127.0.0.1:8080/v1.0/
-
-# User to authenticate against the S3 authentication service
-s3_store_access_key = <20-char AWS access key>
-
-# Auth key for the user authenticating against the
-# S3 authentication service
-s3_store_secret_key = <40-char AWS secret key>
-
-# Container within the account that the account should use
-# for storing images in S3. Note that S3 has a flat namespace,
-# so you need a unique bucket name for your glance images. An
-# easy way to do this is append your AWS access key to "glance".
-# S3 buckets in AWS *must* be lowercased, so remember to lowercase
-# your AWS access key if you use it in your bucket name below!
-s3_store_bucket = <lowercased 20-char aws access key>glance
-
-# Do we create the bucket if it does not exist?
-s3_store_create_bucket_on_put = False
-
-# When sending images to S3, the data will first be written to a
-# temporary buffer on disk. By default the platform's temporary directory
-# will be used. If required, an alternative directory can be specified here.
-#s3_store_object_buffer_dir = /path/to/dir
-
-# When forming a bucket url, boto will either set the bucket name as the
-# subdomain or as the first token of the path. Amazon's S3 service will
-# accept it as the subdomain, but Swift's S3 middleware requires it be
-# in the path. Set this to 'path' or 'subdomain' - defaults to 'subdomain'.
-#s3_store_bucket_url_format = subdomain
-
-# ============ RBD Store Options =============================
-
-# Ceph configuration file path
-# If using cephx authentication, this file should
-# include a reference to the right keyring
-# in a client.<USER> section
-rbd_store_ceph_conf = /etc/ceph/ceph.conf
-
-# RADOS user to authenticate as (only applicable if using cephx)
-rbd_store_user = glance
-
-# RADOS pool in which images are stored
-rbd_store_pool = images
-
-# Images will be chunked into objects of this size (in megabytes).
-# For best performance, this should be a power of two
-rbd_store_chunk_size = 8
-
-# ============ Delayed Delete Options =============================
-
-# Turn on/off delayed delete
-delayed_delete = False
-
-# Delayed delete time in seconds
-scrub_time = 43200
-
-# Directory that the scrubber will use to remind itself of what to delete
-# Make sure this is also set in glance-scrubber.conf
-scrubber_datadir = /var/lib/glance/scrubber
-
-# =============== Image Cache Options =============================
-
-# Base directory that the Image Cache uses
-image_cache_dir = /var/lib/glance/image_cache/
-
-[keystone_authtoken]
-auth_host = 127.0.0.1
-auth_port = 35357
-auth_protocol = http
-admin_tenant_name = service
-admin_user = admin
-admin_password = password
-
-[paste_deploy]
-# Name of the paste configuration file that defines the available pipelines
-#config_file = glance-api-paste.ini
-
-# Partial name of a pipeline in your paste configuration file with the
-# service name removed. For example, if your paste section name is
-# [pipeline:glance-api-keystone], you would configure the flavor below
-# as 'keystone'.
-#flavor=
diff --git a/meta-openstack/recipes-devtools/python/python-glance/glance-cache.conf b/meta-openstack/recipes-devtools/python/python-glance/glance-cache.conf
deleted file mode 100644
index 57b0dd9..0000000
--- a/meta-openstack/recipes-devtools/python/python-glance/glance-cache.conf
+++ /dev/null
@@ -1,142 +0,0 @@
-[DEFAULT]
-# Show more verbose log output (sets INFO log level output)
-#verbose = False
-
-# Show debugging output in logs (sets DEBUG log level output)
-#debug = False
-
-log_file = /var/log/glance/image-cache.log
-
-# Send logs to syslog (/dev/log) instead of to file specified by `log_file`
-#use_syslog = False
-
-# Directory that the Image Cache writes data to
-image_cache_dir = /var/lib/glance/image-cache/
-
-# Number of seconds after which we should consider an incomplete image to be
-# stalled and eligible for reaping
-image_cache_stall_time = 86400
-
-# image_cache_invalid_entry_grace_period - seconds
-#
-# If an exception is raised as we're writing to the cache, the cache-entry is
-# deemed invalid and moved to <image_cache_datadir>/invalid so that it can be
-# inspected for debugging purposes.
-#
-# This is number of seconds to leave these invalid images around before they
-# are elibible to be reaped.
-image_cache_invalid_entry_grace_period = 3600
-
-# Max cache size in bytes
-image_cache_max_size = 10737418240
-
-# Address to find the registry server
-registry_host = 0.0.0.0
-
-# Port the registry server is listening on
-registry_port = 9191
-
-# Auth settings if using Keystone
-# auth_url = http://127.0.0.1:5000/v2.0/
-# admin_tenant_name = %SERVICE_TENANT_NAME%
-# admin_user = %SERVICE_USER%
-# admin_password = %SERVICE_PASSWORD%
-
-# List of which store classes and store class locations are
-# currently known to glance at startup.
-# known_stores = glance.store.filesystem.Store,
-#               glance.store.http.Store,
-#               glance.store.rbd.Store,
-#               glance.store.s3.Store,
-#               glance.store.swift.Store,
-
-# ============ Filesystem Store Options ========================
-
-# Directory that the Filesystem backend store
-# writes image data to
-filesystem_store_datadir = /etc/glance/images/
-
-# ============ Swift Store Options =============================
-
-# Version of the authentication service to use
-# Valid versions are '2' for keystone and '1' for swauth and rackspace
-swift_store_auth_version = 2
-
-# Address where the Swift authentication service lives
-# Valid schemes are 'http://' and 'https://'
-# If no scheme specified,  default to 'https://'
-# For swauth, use something like '127.0.0.1:8080/v1.0/'
-swift_store_auth_address = 127.0.0.1:5000/v2.0/
-
-# User to authenticate against the Swift authentication service
-# If you use Swift authentication service, set it to 'account':'user'
-# where 'account' is a Swift storage account and 'user'
-# is a user in that account
-swift_store_user = jdoe:jdoe
-
-# Auth key for the user authenticating against the
-# Swift authentication service
-swift_store_key = a86850deb2742ec3cb41518e26aa2d89
-
-# Container within the account that the account should use
-# for storing images in Swift
-swift_store_container = glance
-
-# Do we create the container if it does not exist?
-swift_store_create_container_on_put = False
-
-# What size, in MB, should Glance start chunking image files
-# and do a large object manifest in Swift? By default, this is
-# the maximum object size in Swift, which is 5GB
-swift_store_large_object_size = 5120
-
-# When doing a large object manifest, what size, in MB, should
-# Glance write chunks to Swift? This amount of data is written
-# to a temporary disk buffer during the process of chunking
-# the image file, and the default is 200MB
-swift_store_large_object_chunk_size = 200
-
-# Whether to use ServiceNET to communicate with the Swift storage servers.
-# (If you aren't RACKSPACE, leave this False!)
-#
-# To use ServiceNET for authentication, prefix hostname of
-# `swift_store_auth_address` with 'snet-'.
-# Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/
-swift_enable_snet = False
-
-# ============ S3 Store Options =============================
-
-# Address where the S3 authentication service lives
-# Valid schemes are 'http://' and 'https://'
-# If no scheme specified,  default to 'http://'
-s3_store_host = 127.0.0.1:8080/v1.0/
-
-# User to authenticate against the S3 authentication service
-s3_store_access_key = <20-char AWS access key>
-
-# Auth key for the user authenticating against the
-# S3 authentication service
-s3_store_secret_key = <40-char AWS secret key>
-
-# Container within the account that the account should use
-# for storing images in S3. Note that S3 has a flat namespace,
-# so you need a unique bucket name for your glance images. An
-# easy way to do this is append your AWS access key to "glance".
-# S3 buckets in AWS *must* be lowercased, so remember to lowercase
-# your AWS access key if you use it in your bucket name below!
-s3_store_bucket = <lowercased 20-char aws access key>glance
-
-# Do we create the bucket if it does not exist?
-s3_store_create_bucket_on_put = False
-
-# When sending images to S3, the data will first be written to a
-# temporary buffer on disk. By default the platform's temporary directory
-# will be used. If required, an alternative directory can be specified here.
-# s3_store_object_buffer_dir = /path/to/dir
-
-# ================= Security Options ==========================
-
-# AES key for encrypting store 'location' metadata, including
-# -- if used -- Swift or S3 credentials
-# Should be set to a random string of length 16, 24 or 32 bytes
-# metadata_encryption_key = <16, 24 or 32 char registry metadata key>
diff --git a/meta-openstack/recipes-devtools/python/python-glance/glance-registry.conf b/meta-openstack/recipes-devtools/python/python-glance/glance-registry.conf
deleted file mode 100644
index a4675d0..0000000
--- a/meta-openstack/recipes-devtools/python/python-glance/glance-registry.conf
+++ /dev/null
@@ -1,90 +0,0 @@
-[DEFAULT]
-# Show more verbose log output (sets INFO log level output)
-#verbose = False
-
-# Show debugging output in logs (sets DEBUG log level output)
-#debug = False
-
-# Address to bind the registry server
-bind_host = 0.0.0.0
-
-# Port the bind the registry server to
-bind_port = 9191
-
-# Log to this file. Make sure you do not set the same log
-# file for both the API and registry servers!
-#log_file = /var/log/glance/registry.log
-
-# Backlog requests when creating socket
-backlog = 4096
-
-# TCP_KEEPIDLE value in seconds when creating socket.
-# Not supported on OS X.
-#tcp_keepidle = 600
-
-# SQLAlchemy connection string for the reference implementation
-# registry server. Any valid SQLAlchemy connection string is fine.
-# See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine
-sql_connection = postgresql://admin:admin@localhost/glance
-
-# Period in seconds after which SQLAlchemy should reestablish its connection
-# to the database.
-#
-# MySQL uses a default `wait_timeout` of 8 hours, after which it will drop
-# idle connections. This can result in 'MySQL Gone Away' exceptions. If you
-# notice this, you can lower this value to ensure that SQLAlchemy reconnects
-# before MySQL can drop the connection.
-sql_idle_timeout = 3600
-
-# Limit the api to return `param_limit_max` items in a call to a container. If
-# a larger `limit` query param is provided, it will be reduced to this value.
-api_limit_max = 1000
-
-# If a `limit` query param is not provided in an api request, it will
-# default to `limit_param_default`
-limit_param_default = 25
-
-# Role used to identify an authenticated user as administrator
-#admin_role = admin
-
-# Whether to automatically create the database tables.
-# Default: False
-#db_auto_create = False
-
-# ================= Syslog Options ============================
-
-# Send logs to syslog (/dev/log) instead of to file specified
-# by `log_file`
-#use_syslog = False
-
-# Facility to use. If unset defaults to LOG_USER.
-#syslog_log_facility = LOG_LOCAL1
-
-# ================= SSL Options ===============================
-
-# Certificate file to use when starting registry server securely
-#cert_file = /path/to/certfile
-
-# Private key file to use when starting registry server securely
-#key_file = /path/to/keyfile
-
-# CA certificate file to use to verify connecting clients
-#ca_file = /path/to/cafile
-
-[keystone_authtoken]
-auth_host = 127.0.0.1
-auth_port = 35357
-auth_protocol = http
-admin_tenant_name = service
-admin_user = admin
-admin_password = password
-
-[paste_deploy]
-# Name of the paste configuration file that defines the available pipelines
-#config_file = glance-registry-paste.ini
-
-# Partial name of a pipeline in your paste configuration file with the
-# service name removed. For example, if your paste section name is
-# [pipeline:glance-registry-keystone], you would configure the flavor below
-# as 'keystone'.
-#flavor=