API options

API options

The Message service has two APIs: the HTTP REST API for WSGI transport driver, and the Websocket API for Websocket transport driver. The Message service can use only one transport driver at the same time. See Drivers options for driver options.

The functionality and behavior of the APIs are defined by API versions. For example, the Websocket API v2 acts the same as the HTTP REST API v2. For now there are v1, v1.1 and v2 versions of HTTP REST API and only v2 version of Websocket API.

Permission control options in each API version:

  • The v1 does not have any permission options.
  • The v1.1 has only admin_mode option which controls the global permission to access the pools and flavors functionality.
  • The v2 has only:
    • RBAC policy options: policy_default_rule, policy_dirs, policy_file which controls the permissions to access each type of functionality for different types of users. See The policy.json file.
    • secret_key option which defines a secret key to use for signing special URLs. These are called pre-signed URLs and give temporary permissions to outsiders of the system.

The Message service can be configured by changing the following options:

Description of API configuration options
Configuration option = Default value Description
[DEFAULT]  
admin_mode = False (Boolean) Activate privileged endpoints.
daemon = False (Boolean) Run Zaqar server in the background.
unreliable = False (Boolean) Disable all reliability constraints.
[certificates]  
barbican_auth = barbican_acl_auth (String) Name of the Barbican authentication method to use
cert_manager_type = barbican (String) Certificate Manager plugin. Defaults to barbican.
[notification]  
smtp_command = /usr/sbin/sendmail -t -oi (String) The command of smtp to send email. The format is “command_name arg1 arg2”.
[oslo_policy]  
policy_default_rule = default (String) Default rule. Enforced when a requested rule is not found.
policy_dirs = ['policy.d'] (Multi-valued) Directories where policy configuration files are stored. They can be relative to any directory in the search path defined by the config_dir option, or absolute paths. The file defined by policy_file must exist for these directories to be searched. Missing or empty directories are ignored.
policy_file = policy.json (String) The JSON file that defines policies.
[service_auth]  
admin_password = password (String) The service admin password
admin_project_domain = admin (String) The admin project domain name
admin_tenant_name = admin (String) The service admin tenant name
admin_user = admin (String) The service admin user name
admin_user_domain = admin (String) The admin user domain name
auth_url = http://127.0.0.1:5000/v2.0 (String) Authentication endpoint
auth_version = 2 (String) The auth version used to authenticate
endpoint_type = public (String) The endpoint_type to be used
region = RegionOne (String) The deployment region
service_name = lbaas (String) The name of the service
[signed_url]  
secret_key = None (String) Secret key used to encrypt pre-signed URLs.
Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.