Atom feed of this document
Juno -  Juno -  Juno -  Juno -  Juno -  Juno -  Juno -  Juno - 

 Configure the API

The Image Service has two APIs: the user-facing API, and the registry API, which is for internal requests that require access to the database.

Both of the APIs currently have two major versions, v1 and v2. It is possible to run either or both versions, by setting appropriate values of enable_v1_api, enable_v2_api, enable_v1_registry and enable_v2_registry. If the v2 API is used, running glance-registry is optional, as v2 of glance-api can connect directly to the database.

Tables of all the options used to configure the APIs, including enabling SSL and modifying WSGI settings are found below.

Table 7.11. Description of API configuration options
Configuration option = Default value Description
admin_role = admin (StrOpt) Role used to identify an authenticated user as administrator.
allow_anonymous_access = False (BoolOpt) Allow unauthenticated users to access the API with read-only privileges. This only applies when using ContextMiddleware.
enable_v1_api = True (BoolOpt) Deploy the v1 OpenStack Images API.
enable_v1_registry = True (BoolOpt) Deploy the v1 OpenStack Registry API.
enable_v2_api = True (BoolOpt) Deploy the v2 OpenStack Images API.
enable_v2_registry = True (BoolOpt) Deploy the v2 OpenStack Registry API.
eventlet_hub = poll (StrOpt) Name of eventlet hub to use. Traditionally, we have only supported 'poll', however 'selects' may be appropriate for some platforms. See for more details.
image_size_cap = 1099511627776 (IntOpt) Maximum size of image a user can upload in bytes. Defaults to 1099511627776 bytes (1 TB).
location_strategy = location_order (StrOpt) This value sets what strategy will be used to determine the image location order. Currently two strategies are packaged with Glance 'location_order' and 'store_type'.
max_header_line = 16384 (IntOpt) Maximum line size of message headers to be accepted. max_header_line may need to be increased when using large tokens (typically those generated by the Keystone v3 API with big service catalogs
owner_is_tenant = True (BoolOpt) When true, this option sets the owner of an image to be the tenant. Otherwise, the owner of the image will be the authenticated user issuing the request.
send_identity_headers = False (BoolOpt) Whether to pass through headers containing user and tenant information when making requests to the registry. This allows the registry to use the context middleware without keystonemiddleware's auth_token middleware, removing calls to the keystone auth service. It is recommended that when using this option, secure communication between glance api and glance registry is ensured by means other than auth_token middleware.
show_multiple_locations = False (BoolOpt) Whether to include the backend image locations in image properties. Revealing storage location can be a security risk, so use this setting with caution! The overrides show_image_direct_url.
tcp_keepidle = 600 (IntOpt) The value for the socket option TCP_KEEPIDLE. This is the time in seconds that the connection must be idle before TCP starts sending keepalive probes.
use_user_token = True (BoolOpt) Whether to pass through the user token when making requests to the registry.
default_store = file (StrOpt) Default scheme to use to store image data. The scheme must be registered by one of the stores defined by the 'stores' config option.
stores = file, http (ListOpt) List of stores enabled
config_file = None (StrOpt) Name of the paste configuration file.
flavor = None (StrOpt) Partial name of a pipeline in your paste configuration file with the service name removed. For example, if your paste section name is [pipeline:glance-api-keystone] use the value "keystone"
store_type_preference = (ListOpt) The store names to use to get store preference order. The name must be registered by one of the stores defined by the 'known_stores' config option. This option will be applied when you using 'store_type' option as image location strategy defined by the 'location_strategy' config option.

Table 7.12. Description of CA and SSL configuration options
Configuration option = Default value Description
ca_file = None (StrOpt) CA certificate file to use to verify connecting clients.
cert_file = None (StrOpt) Certificate file to use when starting API server securely.
key_file = None (StrOpt) Private key file to use when starting API server securely.

Questions? Discuss on
Found an error? Report a bug against this page

loading table of contents...