このコンテンツは選択した言語では利用できません。
Chapter 6. Object Storage
6.1. Object Storage Configuration Options
OpenStack Object Storage uses multiple configuration files for multiple services and background daemons, and paste.deploy to manage server configurations. Default configuration options appear in the
[DEFAULT]
section. You can override the default values by setting values in the other sections.
6.1.1. Description of Configuration Options
The following tables provide a comprehensive list of the Object Storage configuration options.
Configuration option = Default value
|
Description
|
---|---|
accounts_per_second = 200
|
Maximum accounts audited per second. Should be tuned according to individual system specs. 0 is unlimited.
|
interval = 1800
|
Minimum time for a pass to take
|
log_address = /dev/log
|
Location where syslog sends the logs to
|
log_facility = LOG_LOCAL0
|
Syslog log facility
|
log_level = INFO
|
Logging level
|
log_name = account-auditor
|
Label used when logging
|
recon_cache_path = /var/cache/swift
|
Directory where stats for a few items will be stored
|
Configuration option = Default value
|
Description
|
---|---|
concurrency = 25
|
Number of replication workers to spawn
|
conn_timeout = 0.5
|
Connection timeout to external services
|
delay_reaping = 0
|
Normally, the reaper begins deleting account information for deleted accounts immediately; you can set this to delay its work however. The value is in seconds, 2592000 = 30 days, for example. bind to giving up worker can process simultaneously (it will actually accept(2) N + 1). Setting this to one (1) will only handle one request at a time, without accepting another request concurrently. By increasing the number of workers to a much higher value, one can reduce the impact of slow file system operations in one request from negatively impacting other requests.
|
interval = 3600
|
Minimum time for a pass to take
|
log_address = /dev/log
|
Location where syslog sends the logs to
|
log_facility = LOG_LOCAL0
|
Syslog log facility
|
log_level = INFO
|
Logging level
|
log_name = account-reaper
|
Label used when logging
|
node_timeout = 10
|
Request timeout to external services
|
reap_warn_after = 2592000
|
If the account fails to be reaped due to a persistent error, the account reaper will log a message such as:
Account <name> has not been reaped since <date>
You can search logs for this message if space is not being reclaimed after you delete account(s). This is in addition to any time requested by delay_reaping.
|
Configuration option = Default value
|
Description
|
---|---|
concurrency = 8
|
Number of replication workers to spawn
|
conn_timeout = 0.5
|
Connection timeout to external services
|
interval = 30
|
Minimum time for a pass to take
|
log_address = /dev/log
|
Location where syslog sends the logs to
|
log_facility = LOG_LOCAL0
|
Syslog log facility
|
log_level = INFO
|
Logging level
|
log_name = account-replicator
|
Label used when logging
|
max_diffs = 100
|
Caps how long the replicator spends trying to sync a database per pass
|
node_timeout = 10
|
Request timeout to external services
|
per_diff = 1000
|
Limit number of items to get per diff
|
reclaim_age = 604800
|
Time elapsed in seconds before an object can be reclaimed
|
recon_cache_path = /var/cache/swift
|
Directory where stats for a few items will be stored
|
rsync_compress = no
|
Allow rsync to compress data which is transmitted to destination node during sync. However, this is applicable only when destination node is in a different region than the local one.
|
rsync_module = {replication_ip}::account
|
Format of the rsync module where the replicator will send data. The configuration value can include some variables that will be extracted from the ring. Variables must follow the format {NAME} where NAME is one of: ip, port, replication_ip, replication_port, region, zone, device, meta. See etc/rsyncd.conf-sample for some examples. uses what's set here, or what's set in the DEFAULT section, or 10 (though other sections use 3 as the final default).
|
run_pause = 30
|
Time in seconds to wait between replication passes
|
Configuration option = Default value
|
Description
|
---|---|
auto_create_account_prefix = .
|
Prefix to use when automatically creating accounts
|
replication_server = false
|
If defined, tells server how to handle replication verbs in requests. When set to True (or 1), only replication verbs will be accepted. When set to False, replication verbs will be rejected. When undefined, server will accept any verb in the request.
|
set log_address = /dev/log
|
Location where syslog sends the logs to
|
set log_facility = LOG_LOCAL0
|
Syslog log facility
|
set log_level = INFO
|
Log level
|
set log_name = account-server
|
Label to use when logging
|
set log_requests = true
|
Whether or not to log requests
|
use = egg:swift#account
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
backlog = 4096
|
Maximum number of allowed pending TCP connections
|
bind_ip = 0.0.0.0
|
IP Address for server to bind to
|
bind_port = 6002
|
Port for server to bind to
|
bind_timeout = 30
|
Seconds to attempt bind before giving up
|
db_preallocation = off
|
If you don't mind the extra disk space usage in overhead, you can turn this on to preallocate disk space with SQLite databases to decrease fragmentation. underlying filesystem does not support it. to setup custom log handlers. bytes you'd like fallocate to reserve, whether there is space for the given file size or not. This is useful for systems that behave badly when they completely run out of space; you can make the services pretend they're out of space early. server. For most cases, this should be
|
devices = /srv/node
|
Parent directory of where devices are mounted
|
disable_fallocate = false
|
Disable "fast fail" fallocate checks if the underlying filesystem does not support it.
|
eventlet_debug = false
|
If true, turn on debug logging for eventlet
|
fallocate_reserve = 0
|
You can set fallocate_reserve to the number of bytes you'd like fallocate to reserve, whether there is space for the given file size or not. This is useful for systems that behave badly when they completely run out of space; you can make the services pretend they're out of space early. server. For most cases, this should be
|
log_address = /dev/log
|
Location where syslog sends the logs to
|
log_custom_handlers =
|
Comma-separated list of functions to call to setup custom log handlers.
|
log_facility = LOG_LOCAL0
|
Syslog log facility
|
log_level = INFO
|
Logging level
|
log_max_line_length = 0
|
Caps the length of log lines to the value given; no limit if set to 0, the default.
|
log_name = swift
|
Label used when logging
|
log_statsd_default_sample_rate = 1.0
|
Defines the probability of sending a sample for any given event or timing measurement.
|
log_statsd_host = localhost
|
If not set, the StatsD feature is disabled.
|
log_statsd_metric_prefix =
|
Value will be prepended to every metric sent to the StatsD server.
|
log_statsd_port = 8125
|
Port value for the StatsD server.
|
log_statsd_sample_rate_factor = 1.0
|
Not recommended to set this to a value less than 1.0, if frequency of logging is too high, tune the log_statsd_default_sample_rate instead.
|
log_udp_host =
|
If not set, the UDP receiver for syslog is disabled.
|
log_udp_port = 514
|
Port value for UDP receiver, if enabled.
|
max_clients = 1024
|
Maximum number of clients one worker can process simultaneously Lowering the number of clients handled per worker, and raising the number of workers can lessen the impact that a CPU intensive, or blocking, request can have on other requests served by the same worker. If the maximum number of clients is set to one, then a given worker will not perform another call while processing, allowing other workers a chance to process it.
|
mount_check = true
|
Whether or not check if the devices are mounted to prevent accidentally writing to the root device
|
swift_dir = /etc/swift
|
Swift configuration directory
|
user = swift
|
User to run as
|
workers = auto
|
a much higher value, one can reduce the impact of slow file system operations in one request from negatively impacting other requests.
|
Configuration option = Default value
|
Description
|
---|---|
disable_path =
|
An optional filesystem path, which if present, will cause the healthcheck URL to return "503 Service Unavailable" with a body of "DISABLED BY FILE"
|
use = egg:swift#healthcheck
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
recon_cache_path = /var/cache/swift
|
Directory where stats for a few items will be stored
|
use = egg:swift#recon
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
dump_interval = 5.0
|
the profile data will be dumped to local disk based on above naming rule in this interval (seconds).
|
dump_timestamp = false
|
Be careful, this option will enable the profiler to dump data into the file with a time stamp which means that there will be lots of files piled up in the directory.
|
flush_at_shutdown = false
|
Clears the data when the wsgi server shutdowns.
|
log_filename_prefix = /tmp/log/swift/profile/default.profile
|
This prefix is used to combine the process ID and timestamp to name the profile data file. Make sure the executing user has permission to write into this path. Any missing path segments will be created, if necessary. When you enable profiling in more than one type of daemon, you must override it with a unique value like: /var/log/swift/profile/accoutn.profile
|
path = /__profile__
|
This is the path of the URL to access the mini web UI.
|
profile_module = eventlet.green.profile
|
This option enables you to switch profilers which inherit from the Python standard profiler. Currently, the supported value can be ‘cProfile’, ‘eventlet.green.profile’, etc.
|
unwind = false
|
unwind the iterator of applications
|
use = egg:swift#xprofile
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
pipeline = healthcheck recon account-server
|
Pipeline to use for processing operations.
|
Configuration option = Default value
|
Description
|
---|---|
use = egg:swift#proxy
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
interval = 30
|
Minimum time for a pass to take
|
reclaim_age = 604800
|
Time elapsed in seconds before an object can be reclaimed
|
request_tries = 3
|
Server errors from requests will be retried by default
|
Configuration option = Default value
|
Description
|
---|---|
log_address = /dev/log
|
Location where syslog sends the logs to
|
log_custom_handlers =
|
Comma-separated list of functions to call to setup custom log handlers.
|
log_facility = LOG_LOCAL0
|
Syslog log facility
|
log_level = INFO
|
Logging level
|
log_name = swift
|
Label used when logging
|
log_statsd_default_sample_rate = 1.0
|
Defines the probability of sending a sample for any given event or timing measurement.
|
log_statsd_host = localhost
|
If not set, the StatsD feature is disabled.
|
log_statsd_metric_prefix =
|
Value will be prepended to every metric sent to the StatsD server.
|
log_statsd_port = 8125
|
Port value for the StatsD server.
|
log_statsd_sample_rate_factor = 1.0
|
Not recommended to set this to a value less than 1.0, if frequency of logging is too high, tune the log_statsd_default_sample_rate instead.
|
log_udp_host =
|
If not set, the UDP receiver for syslog is disabled.
|
log_udp_port = 514
|
Port value for UDP receiver, if enabled.
|
swift_dir = /etc/swift
|
Swift configuration directory
|
user = swift
|
User to run as
|
Configuration option = Default value
|
Description
|
---|---|
use = egg:swift#memcache
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
use = egg:swift#catch_errors
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
use = egg:swift#proxy_logging
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
pipeline = catch_errors proxy-logging cache proxy-server
|
Pipeline to use for processing operations.
|
Configuration option = Default value
|
Description
|
---|---|
allow_versions = false
|
Enable/Disable object versioning feature
|
auto_create_account_prefix = .
|
Prefix to use when automatically creating accounts
|
conn_timeout = 0.5
|
Connection timeout to external services
|
node_timeout = 3
|
Request timeout to external services
|
replication_server = false
|
If defined, tells server how to handle replication verbs in requests. When set to True (or 1), only replication verbs will be accepted. When set to False, replication verbs will be rejected. When undefined, server will accept any verb in the request.
|
set log_address = /dev/log
|
Location where syslog sends the logs to
|
set log_facility = LOG_LOCAL0
|
Syslog log facility
|
set log_level = INFO
|
Log level
|
set log_name = container-server
|
Label to use when logging
|
set log_requests = true
|
Whether or not to log requests
|
use = egg:swift#container
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
containers_per_second = 200
|
Maximum containers audited per second. Should be tuned according to individual system specs. 0 is unlimited. mounted to prevent accidentally writing to the root device process simultaneously (it will actually accept(2) N + 1). Setting this to one (1) will only handle one request at a time, without accepting another request concurrently. By increasing the number of workers to a much higher value, one can reduce the impact of slow file system operations in one request from negatively impacting other requests.
|
interval = 1800
|
Minimum time for a pass to take
|
log_address = /dev/log
|
Location where syslog sends the logs to
|
log_facility = LOG_LOCAL0
|
Syslog log facility
|
log_level = INFO
|
Logging level
|
log_name = container-auditor
|
Label used when logging
|
recon_cache_path = /var/cache/swift
|
Directory where stats for a few items will be stored
|
Configuration option = Default value
|
Description
|
---|---|
concurrency = 8
|
Number of replication workers to spawn
|
conn_timeout = 0.5
|
Connection timeout to external services
|
interval = 30
|
Minimum time for a pass to take
|
log_address = /dev/log
|
Location where syslog sends the logs to
|
log_facility = LOG_LOCAL0
|
Syslog log facility
|
log_level = INFO
|
Logging level
|
log_name = container-replicator
|
Label used when logging
|
max_diffs = 100
|
Caps how long the replicator spends trying to sync a database per pass
|
node_timeout = 10
|
Request timeout to external services
|
per_diff = 1000
|
Limit number of items to get per diff
|
reclaim_age = 604800
|
Time elapsed in seconds before an object can be reclaimed
|
recon_cache_path = /var/cache/swift
|
Directory where stats for a few items will be stored
|
rsync_compress = no
|
Allow rsync to compress data which is transmitted to destination node during sync. However, this is applicable only when destination node is in a different region than the local one.
|
rsync_module = {replication_ip}::container
|
Format of the rsync module where the replicator will send data. The configuration value can include some variables that will be extracted from the ring. Variables must follow the format {NAME} where NAME is one of: ip, port, replication_ip, replication_port, region, zone, device, meta. See etc/rsyncd.conf-sample for some examples. uses what's set here, or what's set in the DEFAULT section, or 10 (though other sections use 3 as the final default).
|
run_pause = 30
|
Time in seconds to wait between replication passes
|
Configuration option = Default value
|
Description
|
---|---|
conn_timeout = 5
|
Connection timeout to external services
|
container_time = 60
|
Maximum amount of time to spend syncing each container
|
internal_client_conf_path = /etc/swift/internal-client.conf
|
Internal client config file path
|
interval = 300
|
Minimum time for a pass to take
|
log_address = /dev/log
|
Location where syslog sends the logs to
|
log_facility = LOG_LOCAL0
|
Syslog log facility
|
log_level = INFO
|
Logging level
|
log_name = container-sync
|
Label used when logging
|
request_tries = 3
|
Server errors from requests will be retried by default
|
sync_proxy = http://10.1.1.1:8888,http://10.1.1.2:8888
|
If you need to use an HTTP proxy, set it here. Defaults to no proxy.
|
Configuration option = Default value
|
Description
|
---|---|
account_suppression_time = 60
|
Seconds to suppress updating an account that has generated an error (timeout, not yet found, etc.)
|
concurrency = 4
|
Number of replication workers to spawn
|
conn_timeout = 0.5
|
Connection timeout to external services
|
interval = 300
|
Minimum time for a pass to take
|
log_address = /dev/log
|
Location where syslog sends the logs to
|
log_facility = LOG_LOCAL0
|
Syslog log facility
|
log_level = INFO
|
Logging level
|
log_name = container-updater
|
Label used when logging
|
node_timeout = 3
|
Request timeout to external services
|
recon_cache_path = /var/cache/swift
|
Directory where stats for a few items will be stored
|
slowdown = 0.01
|
Time in seconds to wait between objects
|
Configuration option = Default value
|
Description
|
---|---|
allowed_sync_hosts = 127.0.0.1
|
The list of hosts that are allowed to send syncs to.
|
backlog = 4096
|
Maximum number of allowed pending TCP connections
|
bind_ip = 0.0.0.0
|
IP Address for server to bind to
|
bind_port = 6001
|
Port for server to bind to
|
bind_timeout = 30
|
Seconds to attempt bind before giving up
|
db_preallocation = off
|
If you don't mind the extra disk space usage in overhead, you can turn this on to preallocate disk space with SQLite databases to decrease fragmentation. underlying filesystem does not support it. to setup custom log handlers. bytes you'd like fallocate to reserve, whether there is space for the given file size or not. This is useful for systems that behave badly when they completely run out of space; you can make the services pretend they're out of space early. server. For most cases, this should be
|
devices = /srv/node
|
Parent directory of where devices are mounted
|
disable_fallocate = false
|
Disable "fast fail" fallocate checks if the underlying filesystem does not support it.
|
eventlet_debug = false
|
If true, turn on debug logging for eventlet
|
fallocate_reserve = 0
|
You can set fallocate_reserve to the number of bytes you'd like fallocate to reserve, whether there is space for the given file size or not. This is useful for systems that behave badly when they completely run out of space; you can make the services pretend they're out of space early. server. For most cases, this should be
|
log_address = /dev/log
|
Location where syslog sends the logs to
|
log_custom_handlers =
|
Comma-separated list of functions to call to setup custom log handlers.
|
log_facility = LOG_LOCAL0
|
Syslog log facility
|
log_level = INFO
|
Logging level
|
log_max_line_length = 0
|
Caps the length of log lines to the value given; no limit if set to 0, the default.
|
log_name = swift
|
Label used when logging
|
log_statsd_default_sample_rate = 1.0
|
Defines the probability of sending a sample for any given event or timing measurement.
|
log_statsd_host = localhost
|
If not set, the StatsD feature is disabled.
|
log_statsd_metric_prefix =
|
Value will be prepended to every metric sent to the StatsD server.
|
log_statsd_port = 8125
|
Port value for the StatsD server.
|
log_statsd_sample_rate_factor = 1.0
|
Not recommended to set this to a value less than 1.0, if frequency of logging is too high, tune the log_statsd_default_sample_rate instead.
|
log_udp_host =
|
If not set, the UDP receiver for syslog is disabled.
|
log_udp_port = 514
|
Port value for UDP receiver, if enabled.
|
max_clients = 1024
|
Maximum number of clients one worker can process simultaneously Lowering the number of clients handled per worker, and raising the number of workers can lessen the impact that a CPU intensive, or blocking, request can have on other requests served by the same worker. If the maximum number of clients is set to one, then a given worker will not perform another call while processing, allowing other workers a chance to process it.
|
mount_check = true
|
Whether or not check if the devices are mounted to prevent accidentally writing to the root device
|
swift_dir = /etc/swift
|
Swift configuration directory
|
user = swift
|
User to run as
|
workers = auto
|
a much higher value, one can reduce the impact of slow file system operations in one request from negatively impacting other requests.
|
Configuration option = Default value
|
Description
|
---|---|
disable_path =
|
An optional filesystem path, which if present, will cause the healthcheck URL to return "503 Service Unavailable" with a body of "DISABLED BY FILE"
|
use = egg:swift#healthcheck
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
recon_cache_path = /var/cache/swift
|
Directory where stats for a few items will be stored
|
use = egg:swift#recon
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
dump_interval = 5.0
|
the profile data will be dumped to local disk based on above naming rule in this interval (seconds).
|
dump_timestamp = false
|
Be careful, this option will enable the profiler to dump data into the file with a time stamp which means that there will be lots of files piled up in the directory.
|
flush_at_shutdown = false
|
Clears the data when the wsgi server shutdowns.
|
log_filename_prefix = /tmp/log/swift/profile/default.profile
|
This prefix is used to combine the process ID and timestamp to name the profile data file. Make sure the executing user has permission to write into this path. Any missing path segments will be created, if necessary. When you enable profiling in more than one type of daemon, you must override it with a unique value like: /var/log/swift/profile/object.profile
|
path = /__profile__
|
This is the path of the URL to access the mini web UI.
|
profile_module = eventlet.green.profile
|
This option enables you to switch profilers which inherit from the Python standard profiler. Currently, the supported value can be 'cProfile', 'eventlet.green.profile', etc.
|
unwind = false
|
unwind the iterator of applications
|
use = egg:swift#xprofile
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
pipeline = healthcheck recon container-server
|
Pipeline to use for processing operations.
|
Configuration option = Default value
|
Description
|
---|---|
mtime_check_interval = 300
|
The number of seconds between checking the modified time of this config file for changes and therefore reloading it.
|
Configuration option = Default value
|
Description
|
---|---|
cluster_clustername1 = https://host1/v1/
|
Any values in the realm section whose names begin with cluster_ will indicate the name and endpoint of a cluster and will be used by external users in their containers' X-Container-Sync-To metadata header values with the format "realm_name/cluster_name/container_name". Realm and cluster names are considered case insensitive.
|
cluster_clustername2 = https://host2/v1/
|
Any values in the realm section whose names begin with cluster_ will indicate the name and endpoint of a cluster and will be used by external users in their containers' X-Container-Sync-To metadata header values with the format "realm_name/cluster_name/container_name". Realm and cluster names are considered case insensitive.
|
key = realm1key
|
The key is the overall cluster-to-cluster key used in combination with the external users' key that they set on their containers' X-Container-Sync-Key metadata header values. These keys will be used to sign each request the container sync daemon makes and used to validate each incoming container sync request.
|
key2 = realm1key2
|
The key2 is optional and is an additional key incoming requests will be checked against. This is so you can rotate keys if you wish; you move the existing key to key2 and make a new key value.
|
Configuration option = Default value
|
Description
|
---|---|
cluster_clustername3 = https://host3/v1/
|
Any values in the realm section whose names begin with cluster_ will indicate the name and endpoint of a cluster and will be used by external users in their containers' X-Container-Sync-To metadata header values with the format "realm_name/cluster_name/container_name". Realm and cluster names are considered case insensitive.
|
cluster_clustername4 = https://host4/v1/
|
Any values in the realm section whose names begin with cluster_ will indicate the name and endpoint of a cluster and will be used by external users in their containers' X-Container-Sync-To metadata header values with the format "realm_name/cluster_name/container_name". Realm and cluster names are considered case insensitive.
|
key = realm2key
|
The key is the overall cluster-to-cluster key used in combination with the external users' key that they set on their containers' X-Container-Sync-Key metadata header values. These keys will be used to sign each request the container sync daemon makes and used to validate each incoming container sync request.
|
key2 = realm2key2
|
The key2 is optional and is an additional key incoming requests will be checked against. This is so you can rotate keys if you wish; you move the existing key to key2 and make a new key value.
|
Configuration option = Default value
|
Description
|
---|---|
auth_key = testing
|
No help text available for this option.
|
auth_url = http://localhost:8080/auth/v1.0
|
Endpoint for auth server, such as keystone
|
auth_user = test:tester
|
Default user for dispersion in this context
|
auth_version = 1.0
|
Indicates which version of auth
|
concurrency = 25
|
Number of replication workers to spawn
|
container_populate = yes
|
No help text available for this option.
|
container_report = yes
|
No help text available for this option.
|
dispersion_coverage = 1.0
|
No help text available for this option.
|
dump_json = no
|
No help text available for this option.
|
endpoint_type = publicURL
|
Indicates whether endpoint for auth is public or internal
|
keystone_api_insecure = no
|
Allow accessing insecure keystone server. The keystone's certificate will not be verified.
|
object_populate = yes
|
No help text available for this option.
|
object_report = yes
|
No help text available for this option.
|
project_domain_name = project_domain
|
No help text available for this option.
|
project_name = project
|
No help text available for this option.
|
retries = 5
|
No help text available for this option.
|
swift_dir = /etc/swift
|
Swift configuration directory
|
user_domain_name = user_domain
|
No help text available for this option.
|
Configuration option = Default value
|
Description
|
---|---|
device_dir = /srv/node
|
Directory devices are mounted under
|
error_limit = 1
|
Number of errors to find before a device is unmounted
|
log_address = /dev/log
|
Location where syslog sends the logs to
|
log_facility = LOG_LOCAL0
|
Syslog log facility
|
log_file_pattern = /var/log/kern.*[!.][!g][!z]
|
Location of the log file with globbing pattern to check against device errors locate device blocks with errors in the log file
|
log_level = INFO
|
Logging level
|
log_max_line_length = 0
|
Caps the length of log lines to the value given; no limit if set to 0, the default.
|
log_name = drive-audit
|
Label used when logging
|
log_to_console = False
|
No help text available for this option.
|
minutes = 60
|
Number of minutes to look back in
|
recon_cache_path = /var/cache/swift
|
Directory where stats for a few items will be stored
|
regex_pattern_1 = \berror\b.*\b(dm-[0-9]{1,2}\d?)\b
|
No help text available for this option.
|
unmount_failed_device = True
|
No help text available for this option.
|
Configuration option = Default value
|
Description
|
---|---|
use = egg:swift#proxy
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
log_address = /dev/log
|
Location where syslog sends the logs to
|
log_custom_handlers = `` ``
|
Comma-separated list of functions to call to setup custom log handlers.
|
log_facility = LOG_LOCAL0
|
Syslog log facility
|
log_level = INFO
|
Logging level
|
log_name = swift
|
Label used when logging
|
log_statsd_default_sample_rate = 1.0
|
Defines the probability of sending a sample for any given event or timing measurement.
|
log_statsd_host = localhost
|
If not set, the StatsD feature is disabled.
|
log_statsd_metric_prefix = `` ``
|
Value will be prepended to every metric sent to the StatsD server.
|
log_statsd_port = 8125
|
Port value for the StatsD server.
|
log_statsd_sample_rate_factor = 1.0
|
Not recommended to set this to a value less than 1.0, if frequency of logging is too high, tune the log_statsd_default_sample_rate instead.
|
log_udp_host = `` ``
|
If not set, the UDP receiver for syslog is disabled.
|
log_udp_port = 514
|
Port value for UDP receiver, if enabled.
|
swift_dir = /etc/swift
|
Swift configuration directory
|
user = swift
|
User to run as
|
Configuration option = Default value
|
Description
|
---|---|
use = egg:swift#memcache
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
use = egg:swift#catch_errors
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
use = egg:swift#proxy_logging
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
pipeline = catch_errors proxy-logging cache proxy-server
|
No help text available for this option.
|
Configuration option = Default value
|
Description
|
---|---|
connect_timeout = 0.3
|
Timeout in seconds (float) for connection.
|
io_timeout = 2.0
|
Timeout in seconds (float) for read and write.
|
memcache_max_connections = 2
|
Max number of connections to each memcached server per worker services.
|
memcache_serialization_support = 2
|
Sets how memcache values are serialized and deserialized.
|
memcache_servers = 127.0.0.1:11211
|
Comma-separated list of memcached servers ip:port services.
|
pool_timeout = 1.0
|
Timeout in seconds (float) for pooled connection.
|
tries = 3
|
Number of servers to retry on failures getting a pooled connection.
|
Configuration option = Default value
|
Description
|
---|---|
use = egg:swift#proxy
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
log_address = /dev/log
|
Location where syslog sends the logs to
|
log_custom_handlers =
|
Comma-separated list of functions to call to setup custom log handlers.
|
log_facility = LOG_LOCAL0
|
Syslog log facility
|
log_level = INFO
|
Logging level
|
log_max_line_length = 0
|
Caps the length of log lines to the value given; no limit if set to 0, the default.
|
log_name = swift
|
Label used when logging
|
log_statsd_default_sample_rate = 1.0
|
Defines the probability of sending a sample for any given event or timing measurement.
|
log_statsd_host = localhost
|
If not set, the StatsD feature is disabled.
|
log_statsd_metric_prefix =
|
Value will be prepended to every metric sent to the StatsD server.
|
log_statsd_port = 8125
|
Port value for the StatsD server.
|
log_statsd_sample_rate_factor = 1.0
|
Not recommended to set this to a value less than 1.0, if frequency of logging is too high, tune the log_statsd_default_sample_rate instead.
|
log_udp_host =
|
If not set, the UDP receiver for syslog is disabled.
|
log_udp_port = 514
|
Port value for UDP receiver, if enabled.
|
swift_dir = /etc/swift
|
Swift configuration directory
|
user = swift
|
User to run as
|
Configuration option = Default value
|
Description
|
---|---|
use = egg:swift#memcache
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
use = egg:swift#catch_errors
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
access_log_address = /dev/log
|
Location where syslog sends the logs to. If not set, logging directives from [DEFAULT] without "access_" will be used.
|
access_log_facility = LOG_LOCAL0
|
Syslog facility to receive log lines. If not set, logging directives from [DEFAULT] without "access_" will be used.
|
access_log_headers = false
|
Header to receive log lines. If not set, logging directives from [DEFAULT] without "access_" will be used.
|
access_log_headers_only =
|
If access_log_headers is True and access_log_headers_only is set only these headers are logged. Multiple headers can be defined as comma separated list like this: access_log_headers_only = Host, X-Object-Meta-Mtime
|
access_log_level = INFO
|
Syslog logging level to receive log lines. If not set, logging directives from [DEFAULT] without "access_" will be used.
|
access_log_name = swift
|
Label used when logging. If not set, logging directives from [DEFAULT] without "access_" will be used.
|
access_log_statsd_default_sample_rate = 1.0
|
Defines the probability of sending a sample for any given event or timing measurement. If not set, logging directives from [DEFAULT] without "access_" will be used.
|
access_log_statsd_host = localhost
|
You can use log_statsd_* from [DEFAULT], or override them here. StatsD server. IPv4/IPv6 addresses and hostnames are supported. If a hostname resolves to an IPv4 and IPv6 address, the IPv4 address will be used.
|
access_log_statsd_metric_prefix =
|
Value will be prepended to every metric sent to the StatsD server. If not set, logging directives from [DEFAULT] without "access_" will be used.
|
access_log_statsd_port = 8125
|
Port value for the StatsD server. If not set, logging directives from [DEFAULT] without "access_" will be used.
|
access_log_statsd_sample_rate_factor = 1.0
|
Not recommended to set this to a value less than 1.0, if frequency of logging is too high, tune the log_statsd_default_sample_rate instead. If not set, logging directives from [DEFAULT] without "access_" will be used.
|
access_log_udp_host =
|
If not set, the UDP receiver for syslog is disabled. If not set, logging directives from [DEFAULT] without "access_" will be used.
|
access_log_udp_port = 514
|
Port value for UDP receiver, if enabled. If not set, logging directives from [DEFAULT] without "access_" will be used.
|
log_statsd_valid_http_methods = GET,HEAD,POST,PUT,DELETE,COPY,OPTIONS
|
What HTTP methods are allowed for StatsD logging (comma-sep). request methods not in this list will have "BAD_METHOD" for the <verb> portion of the metric.
|
reveal_sensitive_prefix = 16
|
By default, the X-Auth-Token is logged. To obscure the value, set reveal_sensitive_prefix to the number of characters to log. For example, if set to 12, only the first 12 characters of the token appear in the log. An unauthorized access of the log file won't allow unauthorized usage of the token. However, the first 12 or so characters is unique enough that you can trace/debug token usage. Set to 0 to suppress the token completely (replaced by '...' in the log).
Note
reveal_sensitive_prefix will not affect the value logged with access_log_headers=True.
|
use = egg:swift#proxy_logging
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
auto_create_account_prefix = .
|
Prefix to use when automatically creating accounts
|
concurrency = 1
|
Number of replication workers to spawn
|
expiring_objects_account_name = expiring_objects
|
Account name for expiring objects.
|
interval = 300
|
Minimum time for a pass to take
|
process = 0
|
(it will actually accept(2) N + 1). Setting this to one (1) will only handle one request at a time, without accepting another request concurrently.
|
processes = 0
|
for each port (disk) in the ring. If you have 24 disks per server, and this setting is 4, then each storage node will have 1 + (24 * 4) = 97 total object-server processes running. This gives complete I/O isolation, drastically reducing the impact of slow disks on storage node performance. The object-replicator and object-reconstructor need to see this setting too, so it must be in the [DEFAULT] section.
|
reclaim_age = 604800
|
Time elapsed in seconds before an object can be reclaimed
|
recon_cache_path = /var/cache/swift
|
Directory where stats for a few items will be stored
|
report_interval = 300
|
Interval in seconds between reports.
|
Configuration option = Default value
|
Description
|
---|---|
pipeline = catch_errors proxy-logging cache proxy-server
|
Pipeline to use for processing operations.
|
Configuration option = Default value
|
Description
|
---|---|
allowed_headers = Content-Disposition, Content-Encoding, X-Delete-At, X-Object-Manifest, X-Static-Large-Object
|
Comma-separated list of headers that can be set in metadata of an object
|
auto_create_account_prefix = .
|
Prefix to use when automatically creating accounts
|
keep_cache_private = false
|
Allow non-public objects to stay in kernel's buffer cache
|
keep_cache_size = 5242880
|
Largest object size to keep in buffer cache
|
max_upload_time = 86400
|
Maximum time allowed to upload an object
|
mb_per_sync = 512
|
On PUT requests, sync file every n MB
|
replication_concurrency = 4
|
Set to restrict the number of concurrent incoming REPLICATION requests; set to 0 for unlimited
|
replication_failure_ratio = 1.0
|
If the value of failures / successes of REPLICATION subrequests exceeds this ratio, the overall REPLICATION request will be aborted
|
replication_failure_threshold = 100
|
The number of subrequest failures before the replication_failure_ratio is checked
|
replication_lock_timeout = 15
|
Number of seconds to wait for an existing replication device lock before giving up.
|
replication_one_per_device = True
|
Restricts incoming REPLICATION requests to one per device, replication_currency above allowing. This can help control I/O to each device, but you may wish to set this to False to allow multiple REPLICATION requests (up to the above replication_concurrency setting) per device.
|
replication_server = false
|
If defined, tells server how to handle replication verbs in requests. When set to True (or 1), only replication verbs will be accepted. When set to False, replication verbs will be rejected. When undefined, server will accept any verb in the request.
|
set log_address = /dev/log
|
Location where syslog sends the logs to
|
set log_facility = LOG_LOCAL0
|
Syslog log facility
|
set log_level = INFO
|
Log level
|
set log_name = object-server
|
Label to use when logging
|
set log_requests = true
|
Whether or not to log requests
|
slow = 0
|
If > 0, Minimum time in seconds for a PUT or DELETE request to complete
|
splice = no
|
Use splice() for zero-copy object GETs. This requires Linux kernel version 3.0 or greater. When you set "splice = yes" but the kernel does not support it, error messages will appear in the object server logs at startup, but your object servers should continue to function.
|
threads_per_disk = 0
|
Size of the per-disk thread pool used for performing disk I/O. The default of 0 means to not use a per-disk thread pool. It is recommended to keep this value small, as large values can result in high read latencies due to large queue depths. A good starting point is 4 threads per disk.
|
use = egg:swift#object
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
backlog = 4096
|
Maximum number of allowed pending TCP connections
|
bind_ip = 0.0.0.0
|
IP Address for server to bind to
|
bind_port = 6000
|
Port for server to bind to
|
bind_timeout = 30
|
Seconds to attempt bind before giving up
|
client_timeout = 60
|
Time to wait while receiving each chunk of data from a client or another backend node
|
conn_timeout = 0.5
|
Connection timeout to external services
|
container_update_timeout = 1.0
|
Time to wait while sending a container update on object update. object server. For most cases, this should be
|
devices = /srv/node
|
Parent directory of where devices are mounted
|
disable_fallocate = false
|
Disable "fast fail" fallocate checks if the underlying filesystem does not support it.
|
disk_chunk_size = 65536
|
Size of chunks to read/write to disk
|
eventlet_debug = false
|
If true, turn on debug logging for eventlet
|
expiring_objects_account_name = expiring_objects
|
Account name for the expiring objects
|
expiring_objects_container_divisor = 86400
|
Divisor for the expiring objects container
|
fallocate_reserve = 0
|
You can set fallocate_reserve to the number of bytes you'd like fallocate to reserve, whether there is space for the given file size or not. This is useful for systems that behave badly when they completely run out of space; you can make the services pretend they're out of space early. server. For most cases, this should be
|
log_address = /dev/log
|
Location where syslog sends the logs to
|
log_custom_handlers = `` ``
|
Comma-separated list of functions to call to setup custom log handlers.
|
log_facility = LOG_LOCAL0
|
Syslog log facility
|
log_level = INFO
|
Logging level
|
log_max_line_length = 0
|
Caps the length of log lines to the value given; no limit if set to 0, the default.
|
log_name = swift
|
Label used when logging
|
log_statsd_default_sample_rate = 1.0
|
Defines the probability of sending a sample for any given event or timing measurement.
|
log_statsd_host = localhost
|
If not set, the StatsD feature is disabled.
|
log_statsd_metric_prefix = `` ``
|
Value will be prepended to every metric sent to the StatsD server.
|
log_statsd_port = 8125
|
Port value for the StatsD server.
|
log_statsd_sample_rate_factor = 1.0
|
Not recommended to set this to a value less than 1.0, if frequency of logging is too high, tune the log_statsd_default_sample_rate instead.
|
log_udp_host = `` ``
|
If not set, the UDP receiver for syslog is disabled.
|
log_udp_port = 514
|
Port value for UDP receiver, if enabled.
|
max_clients = 1024
|
Maximum number of clients one worker can process simultaneously Lowering the number of clients handled per worker, and raising the number of workers can lessen the impact that a CPU intensive, or blocking, request can have on other requests served by the same worker. If the maximum number of clients is set to one, then a given worker will not perform another call while processing, allowing other workers a chance to process it.
|
mount_check = true
|
Whether or not check if the devices are mounted to prevent accidentally writing to the root device
|
network_chunk_size = 65536
|
Size of chunks to read/write over the network
|
node_timeout = 3
|
Request timeout to external services
|
servers_per_port = 0
|
If each disk in each storage policy ring has unique port numbers for its "ip" value, you can use this setting to have each object-server worker only service requests for the single disk matching the port in the ring. The value of this setting determines how many worker processes run for each port (disk) in the
|
swift_dir = /etc/swift
|
Swift configuration directory
|
user = swift
|
User to run as
|
workers = auto
|
a much higher value, one can reduce the impact of slow file system operations in one request from negatively impacting other requests.
|
Configuration option = Default value
|
Description
|
---|---|
disable_path =
|
An optional filesystem path, which if present, will cause the healthcheck URL to return "503 Service Unavailable" with a body of "DISABLED BY FILE"
|
use = egg:swift#healthcheck
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
recon_cache_path = /var/cache/swift
|
Directory where stats for a few items will be stored
|
recon_lock_path = /var/lock
|
Directory where lock files will be stored
|
use = egg:swift#recon
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
dump_interval = 5.0
|
the profile data will be dumped to local disk based on above naming rule in this interval (seconds).
|
dump_timestamp = false
|
Be careful, this option will enable the profiler to dump data into the file with a time stamp which means that there will be lots of files piled up in the directory.
|
flush_at_shutdown = false
|
Clears the data when the wsgi server shutdowns.
|
log_filename_prefix = /tmp/log/swift/profile/default.profile
|
This prefix is used to combine the process ID and timestamp to name the profile data file. Make sure the executing user has permission to write into this path. Any missing path segments will be created, if necessary. When you enable profiling in more than one type of daemon, you must override it with a unique value like: /var/log/swift/profile/object.profile
|
path = /__profile__
|
This is the path of the URL to access the mini web UI.
|
profile_module = eventlet.green.profile
|
This option enables you to switch profilers which inherit from the Python standard profiler. Currently, the supported value can be 'cProfile', 'eventlet.green.profile', etc.
|
unwind = false
|
unwind the iterator of applications
|
use = egg:swift#xprofile
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
bytes_per_second = 10000000
|
Maximum bytes audited per second. Should be tuned according to individual system specs. 0 is unlimited. mounted to prevent accidentally writing to the root device process simultaneously (it will actually accept(2) N + 1). Setting this to one (1) will only handle one request at a time, without accepting another request concurrently. By increasing the number of workers to a much higher value, one can reduce the impact of slow file system operations in one request from negatively impacting other requests. underlying filesystem does not support it. to setup custom log handlers. bytes you'd like fallocate to reserve, whether there is space for the given file size or not. This is useful for systems that behave badly when they completely run out of space; you can make the services pretend they're out of space early. container server. For most cases, this should be
|
concurrency = 1
|
Number of replication workers to spawn
|
disk_chunk_size = 65536
|
Size of chunks to read/write to disk
|
files_per_second = 20
|
Maximum files audited per second. Should be tuned according to individual system specs. 0 is unlimited.
|
log_address = /dev/log
|
Location where syslog sends the logs to
|
log_facility = LOG_LOCAL0
|
Syslog log facility
|
log_level = INFO
|
Logging level
|
log_name = object-auditor
|
Label used when logging
|
log_time = 3600
|
Frequency of status logs in seconds.
|
object_size_stats =
|
Takes a comma-separated list of ints. When set, the object auditor will increment a counter for every object whose size is greater or equal to the given breaking points and reports the result after a full scan.
|
recon_cache_path = /var/cache/swift
|
Directory where stats for a few items will be stored
|
zero_byte_files_per_second = 50
|
Maximum zero byte files audited per second.
|
Configuration option = Default value
|
Description
|
---|---|
concurrency = 1
|
Number of replication workers to spawn
|
daemonize = on
|
Whether or not to run replication as a daemon
|
handoffs_first = False
|
If set to True, partitions that are not supposed to be on the node will be replicated first. The default setting should not be changed, except for extreme situations.
|
http_timeout = 60
|
Maximum duration for an HTTP request
|
interval = 30
|
Minimum time for a pass to take
|
lockup_timeout = 1800
|
Attempts to kill all workers if nothing replications for lockup_timeout seconds
|
log_address = /dev/log
|
Location where syslog sends the logs to
|
log_facility = LOG_LOCAL0
|
Syslog log facility
|
log_level = INFO
|
Logging level
|
log_name = object-reconstructor
|
Label used when logging
|
node_timeout = 10
|
Request timeout to external services
|
reclaim_age = 604800
|
Time elapsed in seconds before an object can be reclaimed
|
recon_cache_path = /var/cache/swift
|
Directory where stats for a few items will be stored
|
ring_check_interval = 15
|
How often (in seconds) to check the ring
|
run_pause = 30
|
Time in seconds to wait between replication passes
|
stats_interval = 300
|
Interval in seconds between logging replication statistics
|
Configuration option = Default value
|
Description
|
---|---|
concurrency = 1
|
Number of replication workers to spawn
|
daemonize = on
|
Whether or not to run replication as a daemon
|
handoff_delete = auto
|
By default handoff partitions will be removed when it has successfully replicated to all the canonical nodes. If set to an integer n, it will remove the partition if it is successfully replicated to n nodes. The default setting should not be changed, except for extremem situations. This uses what's set here, or what's set in the DEFAULT section, or 10 (though other sections use 3 as the final default).
|
handoffs_first = False
|
If set to True, partitions that are not supposed to be on the node will be replicated first. The default setting should not be changed, except for extreme situations.
|
http_timeout = 60
|
Maximum duration for an HTTP request
|
interval = 30
|
Minimum time for a pass to take
|
lockup_timeout = 1800
|
Attempts to kill all workers if nothing replications for lockup_timeout seconds
|
log_address = /dev/log
|
Location where syslog sends the logs to
|
log_facility = LOG_LOCAL0
|
Syslog log facility
|
log_level = INFO
|
Logging level
|
log_name = object-replicator
|
Label used when logging
|
node_timeout = <whatever's in the DEFAULT section or 10>
|
Request timeout to external services
|
reclaim_age = 604800
|
Time elapsed in seconds before an object can be reclaimed
|
recon_cache_path = /var/cache/swift
|
Directory where stats for a few items will be stored
|
ring_check_interval = 15
|
How often (in seconds) to check the ring
|
rsync_bwlimit = 0
|
bandwidth limit for rsync in kB/s. 0 means unlimited
|
rsync_compress = no
|
Allows rsync to compress data which is transmitted to the destination node during sync. However, this applies only when the destination node is in a different region than the local one.
Note
Objects that are already compressed (for example: .tar.gz, .mp3) might slow down the syncing process.
|
rsync_error_log_line_length = 0
|
Limits the length of the rsync error log lines. 0 will log the entire line.
|
rsync_io_timeout = 30
|
Passed to rsync for a max duration (seconds) of an I/O op
|
rsync_module = {replication_ip}::object
|
Format of the rsync module where the replicator will send data. The configuration value can include some variables that will be extracted from the ring. Variables must follow the format {NAME} where NAME is one of: ip, port, replication_ip, replication_port, region, zone, device, meta. See etc/rsyncd.conf-sample for some examples. uses what's set here, or what's set in the DEFAULT section, or 10 (though other sections use 3 as the final default).
|
rsync_timeout = 900
|
Max duration (seconds) of a partition rsync
|
run_pause = 30
|
Time in seconds to wait between replication passes
|
stats_interval = 300
|
Interval in seconds between logging replication statistics
|
sync_method = rsync
|
default is rsync, alternative is ssync
|
Configuration option = Default value
|
Description
|
---|---|
concurrency = 1
|
Number of replication workers to spawn
|
interval = 300
|
Minimum time for a pass to take
|
log_address = /dev/log
|
Location where syslog sends the logs to
|
log_facility = LOG_LOCAL0
|
Syslog log facility
|
log_level = INFO
|
Logging level
|
log_name = object-updater
|
Label used when logging
|
node_timeout = <whatever's in the DEFAULT section or 10>
|
Request timeout to external services
|
recon_cache_path = /var/cache/swift
|
Directory where stats for a few items will be stored
|
slowdown = 0.01
|
Time in seconds to wait between objects
|
Configuration option = Default value
|
Description
|
---|---|
pipeline = healthcheck recon object-server
|
Pipeline to use for processing operations.
|
Configuration option = Default value
|
Description
|
---|---|
account_autocreate = false
|
If set to 'true' authorized accounts that do not yet exist within the Swift cluster will be automatically created.
|
allow_account_management = false
|
Whether account PUTs and DELETEs are even callable.
|
auto_create_account_prefix = .
|
Prefix to use when automatically creating accounts.
|
client_chunk_size = 65536
|
Chunk size to read from clients.
|
conn_timeout = 0.5
|
Connection timeout to external services.
|
deny_host_headers =
|
Comma separated list of Host headers to which the proxy will deny requests.
|
error_suppression_interval = 60
|
Time in seconds that must elapse since the last error for a node to be considered no longer error limited.
|
error_suppression_limit = 10
|
Error count to consider a node error limited.
|
log_handoffs = true
|
Log handoff requests if handoff logging is enabled and the handoff was not expected.
We only log handoffs when we've pushed the handoff count further than we would normally have expected under normal circumstances, that is (request_node_count - num_primaries), when handoffs goes higher than that it means one of the primaries must have been skipped because of error limiting before we consumed all of our nodes_left.
|
max_containers_per_account = 0
|
If set to a positive value, trying to create a container when the account already has at least this maximum containers will result in a 403 Forbidden. Note: This is a soft limit, meaning a user might exceed the cap for recheck_account_existence before the 403s kick in.
|
max_containers_whitelist =
|
is a comma separated list of account names that ignore the max_containers_per_account cap.
|
node_timeout = 10
|
Request timeout to external services.
|
object_chunk_size = 65536
|
Chunk size to read from object servers.
|
object_post_as_copy = true
|
Set object_post_as_copy = false to turn on fast posts where only the metadata changes are stored anew and the original data file is kept in place. This makes for quicker posts; but since the container metadata isn't updated in this mode, features like container sync won't be able to sync posts.
|
post_quorum_timeout = 0.5
|
How long to wait for requests to finish after a quorum has been established.
|
put_queue_depth = 10
|
Depth of the proxy put queue.
|
read_affinity = r1z1=100, r1z2=200, r2=300
|
Which backend servers to prefer on reads. Format is r<N> for region N or r<N>z<M> for region N, zone M. The value after the equals is the priority; lower numbers are higher priority.
Example: first read from region 1 zone 1, then region 1 zone 2, then anything in region 2, then everything else: read_affinity = r1z1=100, r1z2=200, r2=300
Default is empty, meaning no preference.
|
recheck_account_existence = 60
|
Cache timeout in seconds to send memcached for account existence.
|
recheck_container_existence = 60
|
Cache timeout in seconds to send memcached for container existence.
|
recoverable_node_timeout = node_timeout
|
Request timeout to external services for requests that, on failure, can be recovered from. For example, object GET. from a client external services.
|
request_node_count = 2 * replicas
|
replicas Set to the number of nodes to contact for a normal request. You can use '* replicas' at the end to have it use the number given times the number of replicas for the ring being used for the request. conf file for values will only be shown to the list of swift_owners. The exact default definition of a swift_owner is headers> up to the auth system in use, but usually indicates administrative responsibilities. paste.deploy to use for auth. To use tempauth set to:
|
set log_address = /dev/log
|
Location where syslog sends the logs to.
|
set log_facility = LOG_LOCAL0
|
Syslog log facility.
|
set log_level = INFO
|
Log level.
|
set log_name = proxy-server
|
Label to use when logging.
|
sorting_method = shuffle
|
Storage nodes can be chosen at random (shuffle), by using timing measurements (timing), or by using an explicit match (affinity). Using timing measurements may allow for lower overall latency, while using affinity allows for finer control. In both the timing and affinity cases, equally-sorting nodes are still randomly chosen to spread load.
The valid values for sorting_method are "affinity", "shuffle", or "timing".
|
swift_owner_headers = x-container-read, x-container-write, x-container-sync-key, x-container-sync-to, x-account-meta-temp-url-key, x-account-meta-temp-url-key-2, x-container-meta-temp-url-key, x-container-meta-temp-url-key-2, x-account-access-control
|
These are the headers whose conf file for values will only be shown to the list of swift_owners. The exact default definition of a swift_owner is headers> up to the auth system in use, but usually indicates administrative responsibilities. paste.deploy to use for auth. To use tempauth set to:
|
timing_expiry = 300
|
If the "timing" sorting_method is used, the timings will only be valid for the number of seconds configured by timing_expiry.
|
use = egg:swift#proxy
|
Entry point of paste.deploy in the server.
|
write_affinity = r1, r2
|
This setting lets you trade data distribution for throughput. It makes the proxy server prefer local back-end servers for object PUT requests over non-local ones. Note that only object PUT requests are affected by the write_affinity setting; POST, GET, HEAD, DELETE, OPTIONS, and account/container PUT requests are not affected. The format is r<N> for region N or r<N>z<M> for region N, zone M. If this is set, then when handling an object PUT request, some number (see the write_affinity_node_count setting) of local backend servers will be tried before any nonlocal ones. Example: try to write to regions 1 and 2 before writing to any other nodes: write_affinity = r1, r2
|
write_affinity_node_count = 2 * replicas
|
This setting is only useful in conjunction with write_affinity; it governs how many local object servers will be tried before falling back to non-local ones. You can use '* replicas' at the end to have it use the number given times the number of replicas for the ring being used for the request: write_affinity_node_count = 2 * replicas
|
Configuration option = Default value
|
Description
|
---|---|
admin_key = secret_admin_key
|
To use for admin calls that are HMAC signed. Default is empty, which will disable admin calls to /info.
|
backlog = 4096
|
Maximum number of allowed pending TCP connections.
|
bind_ip = 0.0.0.0
|
IP Address for server to bind to.
|
bind_port = 8080
|
Port for server to bind to.
|
bind_timeout = 30
|
Seconds to attempt bind before giving up.
|
cert_file = /etc/swift/proxy.crt
|
To the ssl .crt. This should be enabled for testing purposes only.
|
client_timeout = 60
|
Time to wait while receiving each chunk of data from a client or another backend node.
|
cors_allow_origin =
|
is a list of hosts that are included with any CORS request by default and returned with the Access-Control-Allow-Origin header in addition to what the container has set. to call to setup custom log handlers. for eventlet the proxy server. For most cases, this should be.
|
disallowed_sections = swift.valid_api_versions, container_quotas, tempurl
|
Allows the ability to withhold sections from showing up in the public calls to /info. You can withhold subsections by separating the dict level with a ".". The following would cause the sections 'container_quotas' and 'tempurl' to not be listed, and the key max_failed_deletes would be removed from bulk_delete.
Default value is 'swift.valid_api_versions' which allows all registered features to be listed via HTTP GET /info except swift.valid_api_versions information.
|
eventlet_debug = false
|
If true, turn on debug logging for eventlet.
|
expiring_objects_account_name = expiring_objects
|
Account name for the expiring objects.
|
expiring_objects_container_divisor = 86400
|
Divisor for the expiring objects container.
|
expose_info = true
|
Enables exposing configuration settings via HTTP GET /info.
|
key_file = /etc/swift/proxy.key
|
to the ssl .key. This should be enabled for testing purposes only.
|
log_address = /dev/log
|
Location where syslog sends the logs to.
|
log_custom_handlers =
|
Comma-separated list of functions to call to setup custom log handlers.
|
log_facility = LOG_LOCAL0
|
Syslog log facility.
|
log_headers = false
|
Enables the ability to log request headers.
|
log_level = INFO
|
Logging level.
|
log_max_line_length = 0
|
Caps the length of log lines to the value given; no limit if set to 0, the default.
|
log_name = swift
|
Label used when logging.
|
log_statsd_default_sample_rate = 1.0
|
Defines the probability of sending a sample for any given event or timing measurement.
|
log_statsd_host = localhost
|
If not set, the StatsD feature is disabled.
|
log_statsd_metric_prefix =
|
Value will be prepended to every metric sent to the StatsD server.
|
log_statsd_port = 8125
|
Port value for the StatsD server.
|
log_statsd_sample_rate_factor = 1.0
|
Not recommended to set this to a value less than 1.0, if frequency of logging is too high, tune the log_statsd_default_sample_rate instead.
|
log_udp_host =
|
If not set, the UDP receiver for syslog is disabled.
|
log_udp_port = 514
|
Port value for UDP receiver, if enabled.
|
max_clients = 1024
|
Maximum number of clients one worker can process simultaneously Lowering the number of clients handled per worker, and raising the number of workers can lessen the impact that a CPU intensive, or blocking, request can have on other requests served by the same worker. If the maximum number of clients is set to one, then a given worker will not perform another call while processing, allowing other workers a chance to process it.
|
strict_cors_mode = True
|
Enforce CORS.
|
swift_dir = /etc/swift
|
Swift configuration directory.
|
trans_id_suffix =
|
This optional suffix (default is empty) that would be appended to the swift transaction id allows one to easily figure out from which cluster that X-Trans-Id belongs to. This is very useful when one is managing more than one swift cluster.
|
user = swift
|
User to run as.
|
workers = auto
|
a much higher value, one can reduce the impact of slow file system operations in one request from negatively impacting other requests.
|
Configuration option = Default value
|
Description
|
---|---|
use = egg:swift#account_quotas
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
auth_plugin = password
|
Authentication module to use.
|
auth_uri = http://keystonehost:5000
|
auth_uri should point to a Keystone service from which users may retrieve tokens. This value is used in the WWW-Authenticate header that auth_token sends with any denial response.
|
auth_url = http://keystonehost:35357
|
auth_url points to the Keystone Admin service. This information is used by the middleware to actually query Keystone about the validity of the authentication tokens. It is not necessary to append any Keystone API version number to this URI.
|
cache = swift.cache
| cache is set to swift.cache . This means that the middleware will get the Swift memcache from the request environment.
|
delay_auth_decision = False
|
delay_auth_decision defaults to False, but leaving it as false will prevent other auth systems, staticweb, tempurl, formpost, and ACLs from working. This value must be explicitly set to True.
|
include_service_catalog = False
|
include_service_catalog defaults to True if not set. This means that when validating a token, the service catalog is retrieved and stored in the X-Service-Catalog header. Since Swift does not use the X-Service-Catalog header, there is no point in getting the service catalog. We recommend you set include_service_catalog to False.
|
password = password
|
Password for service user.
|
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
|
Entry point of paste.filter_factory in the server.
|
project_domain_id = default
|
Service project domain.
|
project_name = service
|
Service project name.
|
user_domain_id = default
|
Service user domain.
|
username = swift
|
Service user name.
|
Configuration option = Default value
|
Description
|
---|---|
delete_container_retry_count = 0
|
The parameter is used during a bulk delete of objects and their container. This would frequently fail because it is very likely that all replicated objects have not been deleted by the time the middleware got a successful response. It can be configured the number of retries. And the number of seconds to wait between each retry will be 1.5**retry.
|
max_containers_per_extraction = 10000
|
The maximum numbers of containers per extraction.
|
max_deletes_per_request = 10000
|
The maximum numbers of deletion per request.
|
max_failed_deletes = 1000
|
The maximum number of tries to delete before failure.
|
max_failed_extractions = 1000
|
The maximum number of tries to extract before failure.
|
use = egg:swift#bulk
|
Entry point of paste.deploy in the server.
|
yield_frequency = 10
|
In order to keep a connection active during a potentially long bulk request, Swift may return whitespace prepended to the actual response body. This whitespace will be yielded no more than every yield_frequency seconds.
|
Configuration option = Default value
|
Description
|
---|---|
memcache_max_connections = 2
|
Max number of connections to each memcached server per worker services
|
memcache_serialization_support = 2
|
Sets how memcache values are serialized and deserialized
|
memcache_servers = 127.0.0.1:11211
|
Comma-separated list of memcached servers ip:port services
|
set log_address = /dev/log
|
Location where syslog sends the logs to
|
set log_facility = LOG_LOCAL0
|
Syslog log facility
|
set log_headers = false
|
If True, log headers in each request
|
set log_level = INFO
|
Log level
|
set log_name = cache
|
Label to use when logging
|
use = egg:swift#memcache
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
set log_address = /dev/log
|
Location where syslog sends the logs to
|
set log_facility = LOG_LOCAL0
|
Syslog log facility
|
set log_headers = false
|
If True, log headers in each request
|
set log_level = INFO
|
Log level
|
set log_name = catch_errors
|
Label to use when logging
|
use = egg:swift#catch_errors
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
lookup_depth = 1
|
Because CNAMES can be recursive, specifies the number of levels through which to search.
|
set log_address = /dev/log
|
Location where syslog sends the logs to
|
set log_facility = LOG_LOCAL0
|
Syslog log facility
|
set log_headers = false
|
If True, log headers in each request
|
set log_level = INFO
|
Log level
|
set log_name = cname_lookup
|
Label to use when logging
|
storage_domain = example.com
|
Domain that matches your cloud. Multiple domains can be specified using a comma-separated list.
|
use = egg:swift#cname_lookup
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
use = egg:swift#container_quotas
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
allow_full_urls = true
|
Set this to false if you want to disallow any full URL values to be set for any new X-Container-Sync-To headers. This will keep any new full URLs from coming in, but won't change any existing values already in the cluster. Updating those will have to be done manually, as knowing what the true realm endpoint should be cannot always be guessed.
|
current = //REALM/CLUSTER
|
Set this to specify this cluster //realm/cluster as "current" in /info.
|
use = egg:swift#container_sync
|
Entry point of paste.deploy in the server.
|
Configuration option = Default value
|
Description
|
---|---|
max_get_time = 86400
|
Time limit on GET requests (seconds).
|
rate_limit_after_segment = 10
|
Rate limit the download of large object segments after this segment is downloaded.
|
rate_limit_segments_per_sec = 1
|
Rate limit large object downloads at this rate. contact for a normal request. You can use '* replicas' at the end to have it use the number given times the number of replicas for the ring being used for the request. paste.deploy to use for auth. To use tempauth set to:
|
use = egg:swift#dlo
|
Entry point of paste.deploy in the server.
|
Configuration option = Default value
|
Description
|
---|---|
default_reseller_prefix =
|
If the reseller prefixes do not match, the default reseller prefix is used. When no default reseller prefix is configured, any request with an account prefix not in that list will be ignored by this middleware.
|
path_root = v1
|
Root path.
|
reseller_prefixes = AUTH
|
Browsers can convert a host header to lowercase, so check that reseller prefix on the account is the correct case. This is done by comparing the items in the reseller_prefixes config option to the found prefix. If they match except for case, the item from reseller_prefixes will be used instead of the found reseller prefix.
|
set log_address = /dev/log
|
Location where syslog sends the logs to.
|
set log_facility = LOG_LOCAL0
|
Syslog log facility.
|
set log_headers = false
|
If True, log headers in each request.
|
set log_level = INFO
|
Log level.
|
set log_name = domain_remap
|
Label to use when logging.
|
storage_domain = example.com
|
Domain that matches your cloud. Multiple domains can be specified using a comma-separated list.
|
use = egg:swift#domain_remap
|
Entry point of paste.deploy in the server.
|
Configuration option = Default value
|
Description
|
---|---|
use = egg:swift#formpost
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
set log_address = /dev/log
|
Location where syslog sends the logs to
|
set log_facility = LOG_LOCAL0
|
Syslog log facility
|
set log_headers = false
|
If True, log headers in each request
|
set log_level = INFO
|
Log level
|
set log_name = gatekeeper
|
Label to use when logging
|
use = egg:swift#gatekeeper
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
disable_path =
|
An optional filesystem path, which if present, will cause the healthcheck URL to return "503 Service Unavailable" with a body of "DISABLED BY FILE".
|
use = egg:swift#healthcheck
|
Entry point of paste.deploy in the server.
|
Configuration option = Default value
|
Description
|
---|---|
allow_names_in_acls = true
|
The backwards compatible behavior can be disabled by setting this option to False.
|
allow_overrides = true
|
This option allows middleware higher in the WSGI pipeline to override auth processing, useful for middleware such as tempurl and formpost. If you know you are not going to use such middleware and you want a bit of extra security, you can set this to False.
|
default_domain_id = default
|
Name of the default domain. It is identified by its UUID, which by default has the value "default".
|
is_admin = false
|
If this option is set to True, it allows to give a user whose username is the same as the project name and who has any role in the project access rights elevated to be the same as if the user had one of the operator_roles. Note that the condition compares names rather than UUIDs. This option is deprecated. It is False by default.
|
operator_roles = admin, swiftoperator
|
Operator role defines the user which is allowed to manage a tenant and create containers or give ACL to others. This parameter may be prefixed with an appropriate prefix.
|
reseller_admin_role = ResellerAdmin
|
The reseller admin role gives the ability to create and delete accounts.
|
reseller_prefix = AUTH
|
The naming scope for the auth service.
|
service_roles =
|
When present, this option requires that the X-Service-Token header supplies a token from a user who has a role listed in service_roles. This parameter may be prefixed with an appropriate prefix.
|
use = egg:swift#keystoneauth
|
Entry point of paste.deploy in the server.
|
Configuration option = Default value
|
Description
|
---|---|
list_endpoints_path = /endpoints/
|
Path to list endpoints for an object, account or container.
|
use = egg:swift#list_endpoints
|
Entry point of paste.deploy in the server.
|
Configuration option = Default value
|
Description
|
---|---|
forbidden_chars = '"`<>
|
Characters that are not allowed in a name
|
forbidden_regexp = /\./|/\.\./|/\.$|/\.\.$
|
Substrings to forbid, using regular expression syntax
|
maximum_length = 255
|
Maximum length of a name
|
use = egg:swift#name_check
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
access_log_address = /dev/log
|
Location where syslog sends the logs to. If not set, logging directives from [DEFAULT] without "access_" will be used.
|
access_log_facility = LOG_LOCAL0
|
Syslog facility to receive log lines. If not set, logging directives from [DEFAULT] without "access_" will be used.
|
access_log_headers = false
|
Header to receive log lines. If not set, logging directives from [DEFAULT] without "access_" will be used.
|
access_log_headers_only =
|
If access_log_headers is True and access_log_headers_only is set only these headers are logged. Multiple headers can be defined as comma separated list like this: access_log_headers_only = Host, X-Object-Meta-Mtime.
|
access_log_level = INFO
|
Syslog logging level to receive log lines. If not set, logging directives from [DEFAULT] without "access_" will be used.
|
access_log_name = swift
|
Label used when logging. If not set, logging directives from [DEFAULT] without "access_" will be used.
|
access_log_statsd_default_sample_rate = 1.0
|
Defines the probability of sending a sample for any given event or timing measurement. If not set, logging directives from [DEFAULT] without "access_" will be used.
|
access_log_statsd_host = localhost
|
You can use log_statsd_* from [DEFAULT], or override them here. StatsD server. IPv4/IPv6 addresses and hostnames are supported. If a hostname resolves to an IPv4 and IPv6 address, the IPv4 address will be used.
|
access_log_statsd_metric_prefix =
|
Value will be prepended to every metric sent to the StatsD server. If not set, logging directives from [DEFAULT] without "access_" will be used.
|
access_log_statsd_port = 8125
|
Port value for the StatsD server. If not set, logging directives from [DEFAULT] without "access_" will be used.
|
access_log_statsd_sample_rate_factor = 1.0
|
Not recommended to set this to a value less than 1.0, if frequency of logging is too high, tune the log_statsd_default_sample_rate instead. If not set, logging directives from [DEFAULT] without "access_" will be used.
|
access_log_udp_host =
|
If not set, the UDP receiver for syslog is disabled. If not set, logging directives from [DEFAULT] without "access_" will be used.
|
access_log_udp_port = 514
|
Port value for UDP receiver, if enabled. If not set, logging directives from [DEFAULT] without "access_" will be used.
|
log_statsd_valid_http_methods = GET,HEAD,POST,PUT,DELETE,COPY,OPTIONS
|
What HTTP methods are allowed for StatsD logging (comma-sep). request methods not in this list will have "BAD_METHOD" for the <verb> portion of the metric.
|
reveal_sensitive_prefix = 16
|
The X-Auth-Token is sensitive data. If revealed to an unauthorised person, they can now make requests against an account until the token expires. Set reveal_sensitive_prefix to the number of characters of the token that are logged. For example reveal_sensitive_prefix = 12 so only first 12 characters of the token are logged. Or, set to 0 to completely remove the token.
Note
reveal_sensitive_prefix will not affect the value logged with access_log_headers=True.
|
use = egg:swift#proxy_logging
|
Entry point of paste.deploy in the server.
|
Configuration option = Default value
|
Description
|
---|---|
account_blacklist = c,d
|
Comma separated lists of account names that will not be allowed. Returns a 497 response. r: for containers of size x, limit requests per second to r. Will limit PUT, DELETE, and POST requests to /a/c/o. container_listing_ratelimit_x = r: for containers of size x, limit listing requests per second to r. Will limit GET requests to /a/c.
|
account_ratelimit = 0
|
If set, will limit PUT and DELETE requests to /account_name/container_name. Number is in requests per second.
|
account_whitelist = a,b
|
Comma separated lists of account names that will not be rate limited.
|
clock_accuracy = 1000
|
Represents how accurate the proxy servers' system clocks are with each other. 1000 means that all the proxies' clock are accurate to each other within 1 millisecond. No ratelimit should be higher than the clock accuracy.
|
container_listing_ratelimit_0 = 100
|
with container_listing_ratelimit_x = r, for containers of size x, limit container GET (listing) requests per second to r. The container rate will be linearly interpolated from the values given. With the default values, a container of size 5 will get a rate of 75.
|
container_listing_ratelimit_10 = 50
|
with container_listing_ratelimit_x = r, for containers of size x, limit container GET (listing) requests per second to r. The container rate will be linearly interpolated from the values given. With the default values, a container of size 5 will get a rate of 75.
|
container_listing_ratelimit_50 = 20
|
with container_listing_ratelimit_x = r, for containers of size x, limit container GET (listing) requests per second to r. The container rate will be linearly interpolated from the values given. With the default values, a container of size 5 will get a rate of 75.
|
container_ratelimit_0 = 100
|
with container_ratelimit_x = r, for containers of size x, limit write requests per second to r. The container rate will be linearly interpolated from the values given. With the default values, a container of size 5 will get a rate of 75.
|
container_ratelimit_10 = 50
|
with container_ratelimit_x = r, for containers of size x, limit write requests per second to r. The container rate will be linearly interpolated from the values given. With the default values, a container of size 5 will get a rate of 75.
|
container_ratelimit_50 = 20
|
with container_ratelimit_x = r, for containers of size x, limit write requests per second to r. The container rate will be linearly interpolated from the values given. With the default values, a container of size 5 will get a rate of 75.
|
log_sleep_time_seconds = 0
|
To allow visibility into rate limiting set this value > 0 and all sleeps greater than the number will be logged.
|
max_sleep_time_seconds = 60
|
App will immediately return a 498 response if the necessary sleep time ever exceeds the given max_sleep_time_seconds.
|
rate_buffer_seconds = 5
|
Number of seconds the rate counter can drop and be allowed to catch up (at a faster than listed rate). A larger number will result in larger spikes in rate but better average accuracy.
|
set log_address = /dev/log
|
Location where syslog sends the logs to.
|
set log_facility = LOG_LOCAL0
|
Syslog log facility.
|
set log_headers = false
|
If True, log headers in each request.
|
set log_level = INFO
|
Log level.
|
set log_name = ratelimit
|
Label to use when logging.
|
use = egg:swift#ratelimit
|
Entry point of paste.deploy in the server.
|
Configuration option = Default value
|
Description
|
---|---|
max_get_time = 86400
|
Time limit on GET requests (seconds)
|
max_manifest_segments = 1000
|
Maximum number of segments.
|
max_manifest_size = 2097152
|
Maximum size of segments.
|
min_segment_size = 1048576
|
Minimum size of segments.
|
rate_limit_after_segment = 10
|
Rate limit the download of large object segments after this segment is downloaded.
|
rate_limit_segments_per_sec = 0
|
Rate limit large object downloads at this rate. contact for a normal request. You can use '* replicas' at the end to have it use the number given times the number of replicas for the ring being used for the request. paste.deploy to use for auth. To use tempauth set to:
|
use = egg:swift#slo
|
Entry point of paste.deploy in the server.
|
Configuration option = Default value
|
Description
|
---|---|
use = egg:swift#staticweb
|
Entry point of paste.deploy in the server
|
Configuration option = Default value
|
Description
|
---|---|
allow_overrides = true
|
This option allows middleware higher in the WSGI pipeline to override auth processing, useful for middleware such as tempurl and formpost. If you know you are not going to use such middleware and you want a bit of extra security, you can set this to False.
|
auth_prefix = /auth/
|
The HTTP request path prefix for the auth service. Swift itself reserves anything beginning with the letter.
|
require_group =
|
The require_group parameter names a group that must be presented by either X-Auth-Token or X-Service-Token. Usually this parameter is used only with multiple reseller prefixes (for example, SERVICE_require_group=blah). By default, no group is needed. Do not use .admin.
|
reseller_prefix = AUTH
|
The naming scope for the auth service.
|
set log_address = /dev/log
|
Location where syslog sends the logs to.
|
set log_facility = LOG_LOCAL0
|
Syslog log facility.
|
set log_headers = false
|
If True, log headers in each request.
|
set log_level = INFO
|
Log level.
|
set log_name = tempauth
|
Label to use when logging.
|
storage_url_scheme = default
|
Scheme to return with storage urls: http, https, or default (chooses based on what the server is running as) This can be useful with an SSL load balancer in front of a non-SSL server.
|
token_life = 86400
|
The number of seconds a token is valid.
|
use = egg:swift#tempauth
|
Entry point of paste.deploy in the server.
|
user_<account>_<user> = <key> [group] [group] [...] [storage_url]
|
List of all the accounts and user you want.
The following are example entries required for running the tests:
|
Configuration option = Default value
|
Description
|
---|---|
incoming_allow_headers =
|
Headers allowed as exceptions to incoming_remove_headers. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match.
|
incoming_remove_headers = x-timestamp
|
Headers to remove from incoming requests. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match.
|
methods = GET HEAD PUT POST DELETE
|
HTTP methods allowed with Temporary URLs.
|
outgoing_allow_headers = x-object-meta-public-*
|
Headers allowed as exceptions to outgoing_allow_headers. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match.
|
outgoing_remove_headers = x-object-meta-*
|
Headers to remove from outgoing responses. Simply a whitespace delimited list of header names and names can optionally end with '*' to indicate a prefix match.
|
use = egg:swift#tempurl
|
Entry point of paste.deploy in the server.
|
Configuration option = Default value
|
Description
|
---|---|
allow_versioned_writes = false
|
Enables using versioned writes middleware and exposing configuration settings via HTTP GET /info.
Warning
Setting this option bypasses the allow_versions option in the container configuration file, which will be eventually deprecated. For more details, see Object Versioning.
|
use = egg:swift#versioned_writes
|
Entry point of paste.deploy in the server.
|
Configuration option = Default value
|
Description
|
---|---|
dump_interval = 5.0
|
The profile data will be dumped to local disk based on above naming rule in this interval (seconds).
|
dump_timestamp = false
|
Be careful, this option will enable the profiler to dump data into the file with a time stamp which means that there will be lots of files piled up in the directory.
|
flush_at_shutdown = false
|
Clears the data when the wsgi server shutdowns.
|
log_filename_prefix = /tmp/log/swift/profile/default.profile
|
This prefix is used to combine the process ID and timestamp to name the profile data file. Make sure the executing user has permission to write into this path. Any missing path segments will be created, if necessary. When you enable profiling in more than one type of daemon, you must override it with a unique value like: /var/log/swift/profile/accoutn.profile.
|
path = /__profile__
|
This is the path of the URL to access the mini web UI.
|
profile_module = eventlet.green.profile
|
This option enables you to switch profilers which inherit from the Python standard profiler. Currently, the supported value can be ‘cProfile’, ‘eventlet.green.profile’, etc.
|
unwind = false
|
Unwind the iterator of applications.
|
use = egg:swift#xprofile
|
Entry point of paste.deploy in the server.
|
Configuration option = Default value
|
Description
|
---|---|
pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit tempauth container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server
|
Pipeline to use for processing operations.
|
Configuration option = Default value
|
Description
|
---|---|
lock file = /var/lock/account.lock
|
No help text available for this option.
|
max connections = 2
|
No help text available for this option.
|
path = /srv/node
|
No help text available for this option.
|
read only = false
|
No help text available for this option.
|
Configuration option = Default value
|
Description
|
---|---|
gid = swift
|
Group ID for rsyncd.
|
log file = /var/log/rsyncd.log
|
Log file for rsyncd.
|
pid file = /var/run/rsyncd.pid
|
PID file for rsyncd.
|
uid = swift
|
User ID for rsyncd.
|
max connections =
|
Maximum number of connections for rsyncd. This option should be set for each account, container, or object.
|
path = /srv/node
|
Working directory for rsyncd to use. This option should be set for each account, container, or object.
|
read only = false
|
Set read only. This option should be set for each account, container, or object.
|
lock file =
|
Lock file for rsyncd. This option should be set for each account, container, or object.
|
Configuration option = Default value
|
Description
|
---|---|
default = yes
|
If no policies are defined a policy with index 0 will be automatically created for backwards compatibility and given the name Policy-0. A default policy is used when creating new containers when no policy is specified in the request. If no other policies are defined the policy with index 0 will be declared the default. If multiple policies are defined you must define a policy with index 0 and you must specify a default. It is recommended you always define a section for storage-policy:0. Aliases are not required when defining a storage policy.
|
name = Policy-0
|
No help text available for this option.
|
policy_type = replication
|
No help text available for this option.
|
Configuration option = Default value
|
Description
|
---|---|
account_listing_limit = 10000
|
The default (and maximum) number of items returned for an account listing request.
|
container_listing_limit = 10000
|
The default (and maximum) number of items returned for a container listing request.
|
extra_header_count = 0
|
By default the maximum number of allowed headers depends on the number of max allowed metadata settings plus a default value of 32 for regular http headers. If for some reason this is not enough (custom middleware for example) it can be increased with the extra_header_count constraint.
|
max_account_name_length = 256
|
The maximum number of bytes in the utf8 encoding of an account name.
|
max_container_name_length = 256
|
The maximum number of bytes in the utf8 encoding of a container name.
|
max_file_size = 5368709122
|
The largest normal object that can be saved in the cluster. This is also the limit on the size of each segment of a large object when using the large object manifest support. This value is set in bytes. Setting it to lower than 1MiB will cause some tests to fail. It is STRONGLY recommended to leave this value at the default (5 * 2**30 + 2).
|
max_header_size = 8192
|
The max number of bytes in the utf8 encoding of each header. Using 8192 as default because eventlet use 8192 as maximum size of header line. You may need to increase this value when using identity v3 API tokens including more than 7 catalog entries. See also include_service_catalog in proxy-server.conf-sample (documented in overview_auth.rst).
|
max_meta_count = 90
|
The max number of metadata keys that can be stored on a single account, container, or object.
|
max_meta_name_length = 128
|
The max number of bytes in the utf8 encoding of the name portion of a metadata header.
|
max_meta_overall_size = 4096
|
The max number of bytes in the utf8 encoding of the metadata (keys + values).
|
max_meta_value_length = 256
|
The max number of bytes in the utf8 encoding of a metadata value.
|
max_object_name_length = 1024
|
The max number of bytes in the utf8 encoding of an object name.
|
valid_api_versions = v0,v1,v2
|
No help text available for this option.
|
Configuration option = Default value
|
Description
|
---|---|
swift_hash_path_prefix = changeme
|
A prefix used by hash_path to offer a bit more security when generating hashes for paths. It simply appends this value to all paths; if someone knows this suffix, it's easier for them to guess the hash a path will end up with. New installations are advised to set this parameter to a random secret, which would not be disclosed ouside the organization. The same secret needs to be used by all swift servers of the same cluster. Existing installations should set this parameter to an empty string.
|
swift_hash_path_suffix = changeme
|
A suffix used by hash_path to offer a bit more security when generating hashes for paths. It simply appends this value to all paths; if someone knows this suffix, it's easier for them to guess the hash a path will end up with. New installations are advised to set this parameter to a random secret, which would not be disclosed ouside the organization. The same secret needs to be used by all swift servers of the same cluster. Existing installations should set this parameter to an empty string.
|
6.1.2. New, Updated, and Deprecated Options in Newton for OpenStack Object Storage
There are no new, updated, and deprecated options in Newton for OpenStack Object Storage.