Red Hat Training

A Red Hat training course is available for Red Hat OpenStack Platform

8.5. Configure back ends

The Image service supports several back ends for storing virtual machine images:
  • OpenStack Block Storage (cinder)
  • A directory on a local file system
  • GridFS
  • Ceph RBD
  • Amazon S3
  • Sheepdog
  • OpenStack Object Storage (swift)
  • VMware ESX
The following tables detail the options available for each.

Table 8.23.  Description of cinder configuration options

Configuration option = Default valueDescription
[glance_store]
cinder_api_insecure = False (Boolean) Allow to perform insecure SSL requests to cinder
cinder_ca_certificates_file = None (String) Location of ca certicates file to use for cinder client requests.
cinder_catalog_info = volumev2::publicURL (String) Info to match when looking for cinder in the service catalog. Format is : separated values of the form: <service_type>:<service_name>:<endpoint_type>
cinder_endpoint_template = None (String) Override service catalog lookup with template for cinder endpoint e.g. http://localhost:8776/v2/%(tenant)s
cinder_http_retries = 3 (Integer) Number of cinderclient retries on failed http calls
cinder_os_region_name = None (String) Region name of this node. If specified, it will be used to locate OpenStack services for stores.
cinder_state_transition_timeout = 300 (Integer) Time period of time in seconds to wait for a cinder volume transition to complete.
cinder_store_auth_address = None (String) The address where the Cinder authentication service is listening. If <None>, the cinder endpoint in the service catalog is used.
cinder_store_password = None (String) Password for the user authenticating against Cinder. If <None>, the current context auth token is used.
cinder_store_project_name = None (String) Project name where the image is stored in Cinder. If <None>, the project in current context is used.
cinder_store_user_name = None (String) User name to authenticate against Cinder. If <None>, the user of current context is used.

Table 8.24.  Description of filesystem configuration options

Configuration option = Default valueDescription
[glance_store]
filesystem_store_datadir = /var/lib/glance/images (String) Directory to which the Filesystem backend store writes images.
filesystem_store_datadirs = None (Multi-valued) List of directories and its priorities to which the Filesystem backend store writes images.
filesystem_store_file_perm = 0 (Integer) The required permission for created image file. In this way the user other service used, e.g. Nova, who consumes the image could be the exclusive member of the group that owns the files created. Assigning it less then or equal to zero means don't change the default permission of the file. This value will be decoded as an octal digit.
filesystem_store_metadata_file = None (String) The path to a file which contains the metadata to be returned with any location associated with this store. The file must contain a valid JSON object. The object should contain the keys 'id' and 'mountpoint'. The value for both keys should be 'string'.

Table 8.25.  Description of http configuration options

Configuration option = Default valueDescription
[glance_store]
http_proxy_information = {} (Dict) Specify the http/https proxy information that should be used to connect to the remote server. The proxy information should be a key value pair of the scheme and proxy. e.g. http:10.0.0.1:3128. You can specify proxies for multiple schemes by seperating the key value pairs with a comma.e.g. http:10.0.0.1:3128, https:10.0.0.1:1080.
https_ca_certificates_file = None (String) Specify the path to the CA bundle file to use in verifying the remote server certificate.
https_insecure = True (Boolean) If true, the remote server certificate is not verified. If false, then the default CA truststore is used for verification. This option is ignored if "https_ca_certificates_file" is set.

Table 8.26.  Description of RADOS Block Devices (RBD) configuration options

Configuration option = Default valueDescription
[glance_store]
rados_connect_timeout = 0 (Integer) Timeout value (in seconds) used when connecting to ceph cluster. If value <= 0, no timeout is set and default librados value is used.
rbd_store_ceph_conf = /etc/ceph/ceph.conf (String) Ceph configuration file path. If <None>, librados will locate the default config. If using cephx authentication, this file should include a reference to the right keyring in a client.<USER> section
rbd_store_chunk_size = 8 (Integer) RADOS images will be chunked into objects of this size (in megabytes). For best performance, this should be a power of two.
rbd_store_pool = images (String) RADOS pool in which images are stored.
rbd_store_user = None (String) RADOS user to authenticate as (only applicable if using Cephx. If <None>, a default will be chosen based on the client. section in rbd_store_ceph_conf)

Table 8.27.  Description of Sheepdog configuration options

Configuration option = Default valueDescription
[glance_store]
sheepdog_store_address = localhost (String) IP address of sheep daemon.
sheepdog_store_chunk_size = 64 (Integer) Images will be chunked into objects of this size (in megabytes). For best performance, this should be a power of two.
sheepdog_store_port = 7000 (Integer) Port of sheep daemon.

Table 8.28.  Description of swift configuration options

Configuration option = Default valueDescription
[DEFAULT]
default_swift_reference = ref1 (String) The reference to the default swift account/backing store parameters to use for adding new images.
swift_store_auth_address = None (String) The address where the Swift authentication service is listening.(deprecated)
swift_store_config_file = None (String) The config file that has the swift account(s)configs.
swift_store_key = None (String) Auth key for the user authenticating against the Swift authentication service. (deprecated)
swift_store_user = None (String) The user to authenticate against the Swift authentication service (deprecated)
[glance_store]
default_swift_reference = ref1 (String) The reference to the default swift account/backing store parameters to use for adding new images.
swift_store_admin_tenants = (List) A list of tenants that will be granted read/write access on all Swift containers created by Glance in multi-tenant mode.
swift_store_auth_address = None (String) The address where the Swift authentication service is listening. (deprecated - use "auth_address" in swift_store_config_file)
swift_store_auth_insecure = False (Boolean) If True, swiftclient won't check for a valid SSL certificate when authenticating.
swift_store_auth_version = 2 (String) Version of the authentication service to use. Valid versions are 2 and 3 for keystone and 1 (deprecated) for swauth and rackspace. (deprecated - use "auth_version" in swift_store_config_file)
swift_store_cacert = None (String) A string giving the CA certificate file to use in SSL connections for verifying certs.
swift_store_config_file = None (String) The config file that has the swift account(s)configs.
swift_store_container = glance (String) Container within the account that the account should use for storing images in Swift when using single container mode. In multiple container mode, this will be the prefix for all containers.
swift_store_create_container_on_put = False (Boolean) A boolean value that determines if we create the container if it does not exist.
swift_store_endpoint = None (String) If set, the configured endpoint will be used. If None, the storage url from the auth response will be used.
swift_store_endpoint_type = publicURL (String) A string giving the endpoint type of the swift service to use (publicURL, adminURL or internalURL). This setting is only used if swift_store_auth_version is 2.
swift_store_expire_soon_interval = 60 (Integer) The period of time (in seconds) before token expirationwhen glance_store will try to reques new user token. Default value 60 sec means that if token is going to expire in 1 min then glance_store request new user token.
swift_store_key = None (String) Auth key for the user authenticating against the Swift authentication service. (deprecated - use "key" in swift_store_config_file)
swift_store_large_object_chunk_size = 200 (Integer) The amount of data written to a temporary disk buffer during the process of chunking the image file.
swift_store_large_object_size = 5120 (Integer) The size, in MB, that Glance will start chunking image files and do a large object manifest in Swift.
swift_store_multi_tenant = False (Boolean) If set to True, enables multi-tenant storage mode which causes Glance images to be stored in tenant specific Swift accounts.
swift_store_multiple_containers_seed = 0 (Integer) When set to 0, a single-tenant store will only use one container to store all images. When set to an integer value between 1 and 32, a single-tenant store will use multiple containers to store images, and this value will determine how many containers are created.Used only when swift_store_multi_tenant is disabled. The total number of containers that will be used is equal to 16^N, so if this config option is set to 2, then 16^2=256 containers will be used to store images.
swift_store_region = None (String) The region of the swift endpoint to be used for single tenant. This setting is only necessary if the tenant has multiple swift endpoints.
swift_store_retry_get_count = 0 (Integer) The number of times a Swift download will be retried before the request fails.
swift_store_service_type = object-store (String) A string giving the service type of the swift service to use. This setting is only used if swift_store_auth_version is 2.
swift_store_ssl_compression = True (Boolean) If set to False, disables SSL layer compression of https swift requests. Setting to False may improve performance for images which are already in a compressed format, eg qcow2.
swift_store_use_trusts = True (Boolean) If set to True create a trust for each add/get request to Multi-tenant store in order to prevent authentication token to be expired during uploading/downloading data. If set to False then user token is used for Swift connection (so no overhead on trust creation). Please note that this option is considered only and only if swift_store_multi_tenant=True
swift_store_user = None (String) The user to authenticate against the Swift authentication service (deprecated - use "user" in swift_store_config_file)