Red Hat Training

A Red Hat training course is available for Red Hat OpenStack Platform

Chapter 9. Orchestration

The Orchestration service is designed to manage the lifecycle of infrastructure and applications within OpenStack clouds. Its various agents and services are configured in the /etc/heat/heat.conf file.

9.1. Orchestration Configuration Options

Note

The common configurations for shared services and libraries, such as database connections and RPC messaging, are described at Common configurations.

9.1.1. Description of Configuration Options

The following tables provide a comprehensive list of the Orchestration configuration options.

Table 9.1. Description of API configuration options

Configuration option = Default valueDescription

[DEFAULT]

 

action_retry_limit = 5

(Integer) Number of times to retry to bring a resource to a non-error state. Set to 0 to disable retries.

enable_stack_abandon = False

(Boolean) Enable the preview Stack Abandon feature.

enable_stack_adopt = False

(Boolean) Enable the preview Stack Adopt feature.

encrypt_parameters_and_properties = False

(Boolean) Encrypt template parameters that were marked as hidden and also all the resource properties before storing them in database.

heat_metadata_server_url = None

(String) URL of the Heat metadata server. NOTE: Setting this is only needed if you require instances to use a different endpoint than in the keystone catalog

heat_stack_user_role = heat_stack_user

(String) Keystone role for heat template-defined users.

heat_waitcondition_server_url = None

(String) URL of the Heat waitcondition server.

heat_watch_server_url =

(String) URL of the Heat CloudWatch server.

hidden_stack_tags = data-processing-cluster

(List) Stacks containing these tag names will be hidden. Multiple tags should be given in a comma-delimited list (eg. hidden_stack_tags=hide_me,me_too).

max_json_body_size = 1048576

(Integer) Maximum raw byte size of JSON request body. Should be larger than max_template_size.

num_engine_workers = None

(Integer) Number of heat-engine processes to fork and run. Will default to either to 4 or number of CPUs on the host, whichever is greater.

observe_on_update = False

(Boolean) On update, enables heat to collect existing resource properties from reality and converge to updated template.

stack_action_timeout = 3600

(Integer) Timeout in seconds for stack action (ie. create or update).

stack_domain_admin = None

(String) Keystone username, a user with roles sufficient to manage users and projects in the stack_user_domain.

stack_domain_admin_password = None

(String) Keystone password for stack_domain_admin user.

stack_scheduler_hints = False

(Boolean) When this feature is enabled, scheduler hints identifying the heat stack context of a server or volume resource are passed to the configured schedulers in nova and cinder, for creates done using heat resource types OS::Cinder::Volume, OS::Nova::Server, and AWS::EC2::Instance. heat_root_stack_id will be set to the id of the root stack of the resource, heat_stack_id will be set to the id of the resource’s parent stack, heat_stack_name will be set to the name of the resource’s parent stack, heat_path_in_stack will be set to a list of comma delimited strings of stackresourcename and stackname with list[0] being 'rootstackname', heat_resource_name will be set to the resource’s name, and heat_resource_uuid will be set to the resource’s orchestration id.

stack_user_domain_id = None

(String) Keystone domain ID which contains heat template-defined users. If this option is set, stack_user_domain_name option will be ignored.

stack_user_domain_name = None

(String) Keystone domain name which contains heat template-defined users. If stack_user_domain_id option is set, this option is ignored.

stale_token_duration = 30

(Integer) Gap, in seconds, to determine whether the given token is about to expire.

trusts_delegated_roles =

(List) Subset of trustor roles to be delegated to heat. If left unset, all roles of a user will be delegated to heat when creating a stack.

[auth_password]

 

allowed_auth_uris =

(List) Allowed keystone endpoints for auth_uri when multi_cloud is enabled. At least one endpoint needs to be specified.

multi_cloud = False

(Boolean) Allow orchestration of multiple clouds.

[ec2authtoken]

 

allowed_auth_uris =

(List) Allowed keystone endpoints for auth_uri when multi_cloud is enabled. At least one endpoint needs to be specified.

auth_uri = None

(String) Authentication Endpoint URI.

ca_file = None

(String) Optional CA cert file to use in SSL connections.

cert_file = None

(String) Optional PEM-formatted certificate chain file.

insecure = False

(Boolean) If set, then the server’s certificate will not be verified.

key_file = None

(String) Optional PEM-formatted file that contains the private key.

multi_cloud = False

(Boolean) Allow orchestration of multiple clouds.

[eventlet_opts]

 

client_socket_timeout = 900

(Integer) Timeout for client connections' socket operations. If an incoming connection is idle for this number of seconds it will be closed. A value of '0' means wait forever.

wsgi_keep_alive = True

(Boolean) If False, closes the client socket connection explicitly.

[heat_api]

 

backlog = 4096

(Integer) Number of backlog requests to configure the socket with.

bind_host = 0.0.0.0

(IP) Address to bind the server. Useful when selecting a particular network interface.

bind_port = 8004

(Port number) The port on which the server will listen.

cert_file = None

(String) Location of the SSL certificate file to use for SSL mode.

key_file = None

(String) Location of the SSL key file to use for enabling SSL mode.

max_header_line = 16384

(Integer) Maximum line size of message headers to be accepted. max_header_line may need to be increased when using large tokens (typically those generated by the Keystone v3 API with big service catalogs).

tcp_keepidle = 600

(Integer) The value for the socket option TCP_KEEPIDLE. This is the time in seconds that the connection must be idle before TCP starts sending keepalive probes.

workers = 0

(Integer) Number of workers for Heat service. Default value 0 means, that service will start number of workers equal number of cores on server.

[oslo_middleware]

 

enable_proxy_headers_parsing = False

(Boolean) Whether the application is behind a proxy or not. This determines if the middleware should parse the headers or not.

max_request_body_size = 114688

(Integer) The maximum body size for each request, in bytes.

secure_proxy_ssl_header = X-Forwarded-Proto

(String) DEPRECATED: The HTTP Header that will be used to determine what the original request protocol scheme was, even if it was hidden by a SSL termination proxy.

[oslo_versionedobjects]

 

fatal_exception_format_errors = False

(Boolean) Make exception message format errors fatal

[paste_deploy]

 

api_paste_config = api-paste.ini

(String) The API paste config file to use.

flavor = None

(String) The flavor to use.

Table 9.2. Description of Cloudformation-compatible API configuration options

Configuration option = Default valueDescription

[DEFAULT]

 

instance_connection_https_validate_certificates = 1

(String) Instance connection to CFN/CW API validate certs if SSL is used.

instance_connection_is_secure = 0

(String) Instance connection to CFN/CW API via https.

[heat_api_cfn]

 

backlog = 4096

(Integer) Number of backlog requests to configure the socket with.

bind_host = 0.0.0.0

(IP) Address to bind the server. Useful when selecting a particular network interface.

bind_port = 8000

(Port number) The port on which the server will listen.

cert_file = None

(String) Location of the SSL certificate file to use for SSL mode.

key_file = None

(String) Location of the SSL key file to use for enabling SSL mode.

max_header_line = 16384

(Integer) Maximum line size of message headers to be accepted. max_header_line may need to be increased when using large tokens (typically those generated by the Keystone v3 API with big service catalogs).

tcp_keepidle = 600

(Integer) The value for the socket option TCP_KEEPIDLE. This is the time in seconds that the connection must be idle before TCP starts sending keepalive probes.

workers = 1

(Integer) Number of workers for Heat service.

Table 9.3. Description of aodh clients configuration options

Configuration option = Default valueDescription

[clients_aodh]

 

ca_file = None

(String) Optional CA cert file to use in SSL connections.

cert_file = None

(String) Optional PEM-formatted certificate chain file.

endpoint_type = None

(String) Type of endpoint in Identity service catalog to use for communication with the OpenStack service.

insecure = None

(Boolean) If set, then the server’s certificate will not be verified.

key_file = None

(String) Optional PEM-formatted file that contains the private key.

Table 9.4. Description of client backends configuration options

Configuration option = Default valueDescription

[DEFAULT]

 

cloud_backend = heat.engine.clients.OpenStackClients

(String) Fully qualified class name to use as a client backend.

Table 9.5. Description of barbican clients configuration options

Configuration option = Default valueDescription

[clients_barbican]

 

ca_file = None

(String) Optional CA cert file to use in SSL connections.

cert_file = None

(String) Optional PEM-formatted certificate chain file.

endpoint_type = None

(String) Type of endpoint in Identity service catalog to use for communication with the OpenStack service.

insecure = None

(Boolean) If set, then the server’s certificate will not be verified.

key_file = None

(String) Optional PEM-formatted file that contains the private key.

Table 9.6. Description of ceilometer clients configuration options

Configuration option = Default valueDescription

[clients_ceilometer]

 

ca_file = None

(String) Optional CA cert file to use in SSL connections.

cert_file = None

(String) Optional PEM-formatted certificate chain file.

endpoint_type = None

(String) Type of endpoint in Identity service catalog to use for communication with the OpenStack service.

insecure = None

(Boolean) If set, then the server’s certificate will not be verified.

key_file = None

(String) Optional PEM-formatted file that contains the private key.

Table 9.7. Description of cinder clients configuration options

Configuration option = Default valueDescription

[clients_cinder]

 

ca_file = None

(String) Optional CA cert file to use in SSL connections.

cert_file = None

(String) Optional PEM-formatted certificate chain file.

endpoint_type = None

(String) Type of endpoint in Identity service catalog to use for communication with the OpenStack service.

http_log_debug = False

(Boolean) Allow client’s debug log output.

insecure = None

(Boolean) If set, then the server’s certificate will not be verified.

key_file = None

(String) Optional PEM-formatted file that contains the private key.

Table 9.8. Description of designate clients configuration options

Configuration option = Default valueDescription

[clients_designate]

 

ca_file = None

(String) Optional CA cert file to use in SSL connections.

cert_file = None

(String) Optional PEM-formatted certificate chain file.

endpoint_type = None

(String) Type of endpoint in Identity service catalog to use for communication with the OpenStack service.

insecure = None

(Boolean) If set, then the server’s certificate will not be verified.

key_file = None

(String) Optional PEM-formatted file that contains the private key.

Table 9.9. Description of glance clients configuration options

Configuration option = Default valueDescription

[clients_glance]

 

ca_file = None

(String) Optional CA cert file to use in SSL connections.

cert_file = None

(String) Optional PEM-formatted certificate chain file.

endpoint_type = None

(String) Type of endpoint in Identity service catalog to use for communication with the OpenStack service.

insecure = None

(Boolean) If set, then the server’s certificate will not be verified.

key_file = None

(String) Optional PEM-formatted file that contains the private key.

Table 9.10. Description of heat clients configuration options

Configuration option = Default valueDescription

[clients_heat]

 

ca_file = None

(String) Optional CA cert file to use in SSL connections.

cert_file = None

(String) Optional PEM-formatted certificate chain file.

endpoint_type = None

(String) Type of endpoint in Identity service catalog to use for communication with the OpenStack service.

insecure = None

(Boolean) If set, then the server’s certificate will not be verified.

key_file = None

(String) Optional PEM-formatted file that contains the private key.

url =

(String) Optional heat url in format like http://0.0.0.0:8004/v1/%(tenant_id)s.

Table 9.11. Description of keystone clients configuration options

Configuration option = Default valueDescription

[clients_keystone]

 

auth_uri =

(String) Unversioned keystone url in format like http://0.0.0.0:5000.

ca_file = None

(String) Optional CA cert file to use in SSL connections.

cert_file = None

(String) Optional PEM-formatted certificate chain file.

endpoint_type = None

(String) Type of endpoint in Identity service catalog to use for communication with the OpenStack service.

insecure = None

(Boolean) If set, then the server’s certificate will not be verified.

key_file = None

(String) Optional PEM-formatted file that contains the private key.

Table 9.12. Description of magnum clients configuration options

Configuration option = Default valueDescription

[clients_magnum]

 

ca_file = None

(String) Optional CA cert file to use in SSL connections.

cert_file = None

(String) Optional PEM-formatted certificate chain file.

endpoint_type = None

(String) Type of endpoint in Identity service catalog to use for communication with the OpenStack service.

insecure = None

(Boolean) If set, then the server’s certificate will not be verified.

key_file = None

(String) Optional PEM-formatted file that contains the private key.

Table 9.13. Description of manila clients configuration options

Configuration option = Default valueDescription

[clients_manila]

 

ca_file = None

(String) Optional CA cert file to use in SSL connections.

cert_file = None

(String) Optional PEM-formatted certificate chain file.

endpoint_type = None

(String) Type of endpoint in Identity service catalog to use for communication with the OpenStack service.

insecure = None

(Boolean) If set, then the server’s certificate will not be verified.

key_file = None

(String) Optional PEM-formatted file that contains the private key.

Table 9.14. Description of mistral clients configuration options

Configuration option = Default valueDescription

[clients_mistral]

 

ca_file = None

(String) Optional CA cert file to use in SSL connections.

cert_file = None

(String) Optional PEM-formatted certificate chain file.

endpoint_type = None

(String) Type of endpoint in Identity service catalog to use for communication with the OpenStack service.

insecure = None

(Boolean) If set, then the server’s certificate will not be verified.

key_file = None

(String) Optional PEM-formatted file that contains the private key.

Table 9.15. Description of monasca clients configuration options

Configuration option = Default valueDescription

[clients_monasca]

 

ca_file = None

(String) Optional CA cert file to use in SSL connections.

cert_file = None

(String) Optional PEM-formatted certificate chain file.

endpoint_type = None

(String) Type of endpoint in Identity service catalog to use for communication with the OpenStack service.

insecure = None

(Boolean) If set, then the server’s certificate will not be verified.

key_file = None

(String) Optional PEM-formatted file that contains the private key.

Table 9.16. Description of neutron clients configuration options

Configuration option = Default valueDescription

[clients_neutron]

 

ca_file = None

(String) Optional CA cert file to use in SSL connections.

cert_file = None

(String) Optional PEM-formatted certificate chain file.

endpoint_type = None

(String) Type of endpoint in Identity service catalog to use for communication with the OpenStack service.

insecure = None

(Boolean) If set, then the server’s certificate will not be verified.

key_file = None

(String) Optional PEM-formatted file that contains the private key.

Table 9.17. Description of nova clients configuration options

Configuration option = Default valueDescription

[clients_nova]

 

ca_file = None

(String) Optional CA cert file to use in SSL connections.

cert_file = None

(String) Optional PEM-formatted certificate chain file.

endpoint_type = None

(String) Type of endpoint in Identity service catalog to use for communication with the OpenStack service.

http_log_debug = False

(Boolean) Allow client’s debug log output.

insecure = None

(Boolean) If set, then the server’s certificate will not be verified.

key_file = None

(String) Optional PEM-formatted file that contains the private key.

Table 9.18. Description of clients configuration options

Configuration option = Default valueDescription

[DEFAULT]

 

region_name_for_services = None

(String) Default region name used to get services endpoints.

[clients]

 

ca_file = None

(String) Optional CA cert file to use in SSL connections.

cert_file = None

(String) Optional PEM-formatted certificate chain file.

endpoint_type = publicURL

(String) Type of endpoint in Identity service catalog to use for communication with the OpenStack service.

insecure = False

(Boolean) If set, then the server’s certificate will not be verified.

key_file = None

(String) Optional PEM-formatted file that contains the private key.

Table 9.19. Description of sahara clients configuration options

Configuration option = Default valueDescription

[clients_sahara]

 

ca_file = None

(String) Optional CA cert file to use in SSL connections.

cert_file = None

(String) Optional PEM-formatted certificate chain file.

endpoint_type = None

(String) Type of endpoint in Identity service catalog to use for communication with the OpenStack service.

insecure = None

(Boolean) If set, then the server’s certificate will not be verified.

key_file = None

(String) Optional PEM-formatted file that contains the private key.

Table 9.20. Description of senlin clients configuration options

Configuration option = Default valueDescription

[clients_senlin]

 

ca_file = None

(String) Optional CA cert file to use in SSL connections.

cert_file = None

(String) Optional PEM-formatted certificate chain file.

endpoint_type = None

(String) Type of endpoint in Identity service catalog to use for communication with the OpenStack service.

insecure = None

(Boolean) If set, then the server’s certificate will not be verified.

key_file = None

(String) Optional PEM-formatted file that contains the private key.

Table 9.21. Description of swift clients configuration options

Configuration option = Default valueDescription

[clients_swift]

 

ca_file = None

(String) Optional CA cert file to use in SSL connections.

cert_file = None

(String) Optional PEM-formatted certificate chain file.

endpoint_type = None

(String) Type of endpoint in Identity service catalog to use for communication with the OpenStack service.

insecure = None

(Boolean) If set, then the server’s certificate will not be verified.

key_file = None

(String) Optional PEM-formatted file that contains the private key.

Table 9.22. Description of trove clients configuration options

Configuration option = Default valueDescription

[clients_trove]

 

ca_file = None

(String) Optional CA cert file to use in SSL connections.

cert_file = None

(String) Optional PEM-formatted certificate chain file.

endpoint_type = None

(String) Type of endpoint in Identity service catalog to use for communication with the OpenStack service.

insecure = None

(Boolean) If set, then the server’s certificate will not be verified.

key_file = None

(String) Optional PEM-formatted file that contains the private key.

Table 9.23. Description of zaqar clients configuration options

Configuration option = Default valueDescription

[clients_zaqar]

 

ca_file = None

(String) Optional CA cert file to use in SSL connections.

cert_file = None

(String) Optional PEM-formatted certificate chain file.

endpoint_type = None

(String) Type of endpoint in Identity service catalog to use for communication with the OpenStack service.

insecure = None

(Boolean) If set, then the server’s certificate will not be verified.

key_file = None

(String) Optional PEM-formatted file that contains the private key.

Table 9.24. Description of CloudWatch API configuration options

Configuration option = Default valueDescription

[DEFAULT]

 

enable_cloud_watch_lite = False

(Boolean) Enable the legacy OS::Heat::CWLiteAlarm resource.

heat_watch_server_url =

(String) URL of the Heat CloudWatch server.

[heat_api_cloudwatch]

 

backlog = 4096

(Integer) Number of backlog requests to configure the socket with.

bind_host = 0.0.0.0

(IP) Address to bind the server. Useful when selecting a particular network interface.

bind_port = 8003

(Port number) The port on which the server will listen.

cert_file = None

(String) Location of the SSL certificate file to use for SSL mode.

key_file = None

(String) Location of the SSL key file to use for enabling SSL mode.

max_header_line = 16384

(Integer) Maximum line size of message headers to be accepted. max_header_line may need to be increased when using large tokens (typically those generated by the Keystone v3 API with big service catalogs.)

tcp_keepidle = 600

(Integer) The value for the socket option TCP_KEEPIDLE. This is the time in seconds that the connection must be idle before TCP starts sending keepalive probes.

workers = 1

(Integer) Number of workers for Heat service.

Table 9.25. Description of common configuration options

Configuration option = Default valueDescription

[DEFAULT]

 

client_retry_limit = 2

(Integer) Number of times to retry when a client encounters an expected intermittent error. Set to 0 to disable retries.

convergence_engine = True

(Boolean) Enables engine with convergence architecture. All stacks with this option will be created using convergence engine.

default_deployment_signal_transport = CFN_SIGNAL

(String) Template default for how the server should signal to heat with the deployment output values. CFN_SIGNAL will allow an HTTP POST to a CFN keypair signed URL (requires enabled heat-api-cfn). TEMP_URL_SIGNAL will create a Swift TempURL to be signaled via HTTP PUT (requires object-store endpoint which supports TempURL). HEAT_SIGNAL will allow calls to the Heat API resource-signal using the provided keystone credentials. ZAQAR_SIGNAL will create a dedicated zaqar queue to be signaled using the provided keystone credentials.

default_software_config_transport = POLL_SERVER_CFN

(String) Template default for how the server should receive the metadata required for software configuration. POLL_SERVER_CFN will allow calls to the cfn API action DescribeStackResource authenticated with the provided keypair (requires enabled heat-api-cfn). POLL_SERVER_HEAT will allow calls to the Heat API resource-show using the provided keystone credentials (requires keystone v3 API, and configured stack_user_* config options). POLL_TEMP_URL will create and populate a Swift TempURL with metadata for polling (requires object-store endpoint which supports TempURL).ZAQAR_MESSAGE will create a dedicated zaqar queue and post the metadata for polling.

default_user_data_format = HEAT_CFNTOOLS

(String) Template default for how the user_data should be formatted for the server. For HEAT_CFNTOOLS, the user_data is bundled as part of the heat-cfntools cloud-init boot configuration data. For RAW the user_data is passed to Nova unmodified. For SOFTWARE_CONFIG user_data is bundled as part of the software config data, and metadata is derived from any associated SoftwareDeployment resources.

deferred_auth_method = trusts

(String) Select deferred auth method, stored password or trusts.

environment_dir = /etc/heat/environment.d

(String) The directory to search for environment files.

error_wait_time = 240

(Integer) The amount of time in seconds after an error has occurred that tasks may continue to run before being cancelled.

event_purge_batch_size = 200

(Integer) Controls how many events will be pruned whenever a stack’s events are purged. Set this lower to keep more events at the expense of more frequent purges.

executor_thread_pool_size = 64

(Integer) Size of executor thread pool.

host = localhost

(String) Name of the engine node. This can be an opaque identifier. It is not necessarily a hostname, FQDN, or IP address.

keystone_backend = heat.engine.clients.os.keystone.heat_keystoneclient.KsClientWrapper

(String) Fully qualified class name to use as a keystone backend.

max_interface_check_attempts = 10

(Integer) Number of times to check whether an interface has been attached or detached.

periodic_interval = 60

(Integer) Seconds between running periodic tasks.

plugin_dirs = /usr/lib64/heat, /usr/lib/heat, /usr/local/lib/heat, /usr/local/lib64/heat

(List) List of directories to search for plug-ins.

reauthentication_auth_method =

(String) Allow reauthentication on token expiry, such that long-running tasks may complete. Note this defeats the expiry of any provided user tokens.

template_dir = /etc/heat/templates

(String) The directory to search for template files.

[constraint_validation_cache]

 

caching = True

(Boolean) Toggle to enable/disable caching when Orchestration Engine validates property constraints of stack.During property validation with constraints Orchestration Engine caches requests to other OpenStack services. Please note that the global toggle for oslo.cache(enabled=True in [cache] group) must be enabled to use this feature.

expiration_time = 60

(Integer) TTL, in seconds, for any cached item in the dogpile.cache region used for caching of validation constraints.

[healthcheck]

 

backends =

(List) Additional backends that can perform health checks and report that information back as part of a request.

detailed = False

(Boolean) Show more detailed information as part of the response

disable_by_file_path = None

(String) Check the presence of a file to determine if an application is running on a port. Used by DisableByFileHealthcheck plugin.

disable_by_file_paths =

(List) Check the presence of a file based on a port to determine if an application is running on a port. Expects a "port:path" list of strings. Used by DisableByFilesPortsHealthcheck plugin.

path = /healthcheck

(String) DEPRECATED: The path to respond to healtcheck requests on.

[heat_all]

 

enabled_services = engine, api, api_cfn

(List) Specifies the heat services that are enabled when running heat-all. Valid options are all or any combination of api, engine, api_cfn, or api_cloudwatch.

[profiler]

 

connection_string = messaging://

(String) Connection string for a notifier backend. Default value is messaging:// which sets the notifier to oslo_messaging. Examples of possible values:

  • messaging://: use oslo_messaging driver for sending notifications.
  • mongodb://127.0.0.1:27017 : use mongodb driver for sending notifications.
  • elasticsearch://127.0.0.1:9200 : use elasticsearch driver for sending notifications.

enabled = False

(Boolean) Enables the profiling for all services on this node. Default value is False (fully disable the profiling feature). Possible values:

  • True: Enables the feature
  • False: Disables the feature. The profiling cannot be started via this project operations. If the profiling is triggered by another project, this project part will be empty.

es_doc_type = notification

(String) Document type for notification indexing in elasticsearch.

es_scroll_size = 10000

(Integer) Elasticsearch splits large requests in batches. This parameter defines maximum size of each batch (for example: es_scroll_size=10000).

es_scroll_time = 2m

(String) This parameter is a time value parameter (for example: es_scroll_time=2m), indicating for how long the nodes that participate in the search will maintain relevant resources in order to continue and support it.

hmac_keys = SECRET_KEY

(String) Secret key(s) to use for encrypting context data for performance profiling. This string value should have the following format: <key1>[,<key2>,…​<keyn>], where each key is some random string. A user who triggers the profiling via the REST API has to set one of these keys in the headers of the REST API call to include profiling results of this node for this particular project. Both "enabled" flag and "hmac_keys" config options should be set to enable profiling. Also, to generate correct profiling information across all services at least one key needs to be consistent between OpenStack projects. This ensures it can be used from client side to generate the trace, containing information from all possible resources.

sentinel_service_name = mymaster

(String) Redissentinel uses a service name to identify a master redis service. This parameter defines the name (for example: sentinal_service_name=mymaster).

socket_timeout = 0.1

(Floating point) Redissentinel provides a timeout option on the connections. This parameter defines that timeout (for example: socket_timeout=0.1).

trace_sqlalchemy = False

(Boolean) Enables SQL requests profiling in services. Default value is False (SQL requests won’t be traced). Possible values:

  • True: Enables SQL requests profiling. Each SQL query will be part of the trace and can the be analyzed by how much time was spent for that.
  • False: Disables SQL requests profiling. The spent time is only shown on a higher level of operations. Single SQL queries cannot be analyzed this way.

[resource_finder_cache]

 

caching = True

(Boolean) Toggle to enable/disable caching when Orchestration Engine looks for other OpenStack service resources using name or id. Please note that the global toggle for oslo.cache(enabled=True in [cache] group) must be enabled to use this feature.

expiration_time = 3600

(Integer) TTL, in seconds, for any cached item in the dogpile.cache region used for caching of OpenStack service finder functions.

[revision]

 

heat_revision = unknown

(String) Heat build revision. If you would prefer to manage your build revision separately, you can move this section to a different file and add it as another config option.

[service_extension_cache]

 

caching = True

(Boolean) Toggle to enable/disable caching when Orchestration Engine retrieves extensions from other OpenStack services. Please note that the global toggle for oslo.cache(enabled=True in [cache] group) must be enabled to use this feature.

expiration_time = 3600

(Integer) TTL, in seconds, for any cached item in the dogpile.cache region used for caching of service extensions.

[volumes]

 

backups_enabled = True

(Boolean) Indicate if cinder-backup service is enabled. This is a temporary workaround until cinder-backup service becomes discoverable, see LP#1334856.

[yaql]

 

limit_iterators = 200

(Integer) The maximum number of elements in collection expression can take for its evaluation.

memory_quota = 10000

(Integer) The maximum size of memory in bytes that expression can take for its evaluation.

Table 9.26. Description of crypt configuration options

Configuration option = Default valueDescription

[DEFAULT]

 

auth_encryption_key = notgood but just long enough i t

(String) Key used to encrypt authentication info in the database. Length of this key must be 32 characters.

Table 9.27. Description of load balancer configuration options

Configuration option = Default valueDescription

[DEFAULT]

 

loadbalancer_template = None

(String) Custom template for the built-in loadbalancer nested stack.

Table 9.28. Description of metadata API configuration options

Configuration option = Default valueDescription

[DEFAULT]

 

heat_metadata_server_url = None

(String) URL of the Heat metadata server. NOTE: Setting this is only needed if you require instances to use a different endpoint than in the keystone catalog

Table 9.29. Description of notification configuration options

Configuration option = Default valueDescription

[DEFAULT]

 

onready = None

(String) Deprecated.

Table 9.30. Description of quota configuration options

Configuration option = Default valueDescription

[DEFAULT]

 

max_events_per_stack = 1000

(Integer) Rough number of maximum events that will be available per stack. Actual number of events can be a bit higher since purge checks take place randomly 200/event_purge_batch_size percent of the time. Older events are deleted when events are purged. Set to 0 for unlimited events per stack.

max_nested_stack_depth = 5

(Integer) Maximum depth allowed when using nested stacks.

max_resources_per_stack = 1000

(Integer) Maximum resources allowed per top-level stack. -1 stands for unlimited.

max_server_name_length = 53

(Integer) Maximum length of a server name to be used in nova.

max_stacks_per_tenant = 100

(Integer) Maximum number of stacks any one tenant may have active at one time.

max_template_size = 524288

(Integer) Maximum raw byte size of any template.

Table 9.31. Description of Redis configuration options

Configuration option = Default valueDescription

[matchmaker_redis]

 

check_timeout = 20000

(Integer) Time in ms to wait before the transaction is killed.

host = 127.0.0.1

(String) DEPRECATED: Host to locate redis. Replaced by [DEFAULT]/transport_url

password =

(String) DEPRECATED: Password for Redis server (optional). Replaced by [DEFAULT]/transport_url

port = 6379

(Port number) DEPRECATED: Use this port to connect to redis host. Replaced by [DEFAULT]/transport_url

sentinel_group_name = oslo-messaging-zeromq

(String) Redis replica set name.

sentinel_hosts =

(List) DEPRECATED: List of Redis Sentinel hosts (fault tolerance mode), e.g., [host:port, host1:port …​ ] Replaced by [DEFAULT]/transport_url

socket_timeout = 10000

(Integer) Timeout in ms on blocking socket operations.

wait_timeout = 2000

(Integer) Time in ms to wait between connection attempts.

Table 9.32. Description of testing configuration options

Configuration option = Default valueDescription

[profiler]

 

connection_string = messaging://

(String) Connection string for a notifier backend. Default value is messaging:// which sets the notifier to oslo_messaging. Examples of possible values:

  • messaging://: use oslo_messaging driver for sending notifications.

enabled = False

(Boolean) Enables the profiling for all services on this node. Default value is False (fully disable the profiling feature). Possible values:

  • True: Enables the feature
  • False: Disables the feature. The profiling cannot be started via this project operations. If the profiling is triggered by another project, this project part will be empty.

hmac_keys = SECRET_KEY

(String) Secret key(s) to use for encrypting context data for performance profiling. This string value should have the following format: <key1>[,<key2>,…​<keyn>], where each key is some random string. A user who triggers the profiling via the REST API has to set one of these keys in the headers of the REST API call to include profiling results of this node for this particular project. Both "enabled" flag and "hmac_keys" config options should be set to enable profiling. Also, to generate correct profiling information across all services at least one key needs to be consistent between OpenStack projects. This ensures it can be used from client side to generate the trace, containing information from all possible resources.

trace_sqlalchemy = False

(Boolean) Enables SQL requests profiling in services. Default value is False (SQL requests won’t be traced). Possible values:

  • True: Enables SQL requests profiling. Each SQL query will be part of the trace and can the be analyzed by how much time was spent for that.
  • False: Disables SQL requests profiling. The spent time is only shown on a higher level of operations. Single SQL queries cannot be analyzed this way.

Table 9.33. Description of trustee configuration options

Configuration option = Default valueDescription

[trustee]

 

auth_section = None

(Unknown) Config Section from which to load plugin specific options

auth_type = None

(Unknown) Authentication type to load

Table 9.34. Description of waitcondition API configuration options

Configuration option = Default valueDescription

[DEFAULT]

 

heat_waitcondition_server_url = None

(String) URL of the Heat waitcondition server.

9.1.2. New, updated, and deprecated options in Ocata for Orchestration

Table 9.35. New options

Option = default value(Type) Help string

[DEFAULT] default_user_data_format = HEAT_CFNTOOLS

(StrOpt) Template default for how the user_data should be formatted for the server. For HEAT_CFNTOOLS, the user_data is bundled as part of the heat-cfntools cloud-init boot configuration data. For RAW the user_data is passed to Nova unmodified. For SOFTWARE_CONFIG user_data is bundled as part of the software config data, and metadata is derived from any associated SoftwareDeployment resources.

[heat_all] enabled_services = engine, api, api_cfn

(ListOpt) Specifies the heat services that are enabled when running heat-all. Valid options are all or any combination of api, engine, api_cfn, or api_cloudwatch.

Table 9.36. New default values

OptionPrevious default valueNew default value

[DEFAULT] event_purge_batch_size

10

200

Table 9.37. Deprecated options

Deprecated optionNew Option

[DEFAULT] rpc_thread_pool_size

[DEFAULT] executor_thread_pool_size

[DEFAULT] use_syslog

None