API options¶
The Message service has two APIs: the HTTP REST API for WSGI transport driver, and the Websocket API for Websocket transport driver. The Message service can use only one transport driver at the same time. See Drivers options for driver options.
The functionality and behavior of the APIs are defined by API versions. For example, the Websocket API v2 acts the same as the HTTP REST API v2. For now there are v1, v1.1 and v2 versions of HTTP REST API and only v2 version of Websocket API.
Permission control options in each API version:
- The v1 does not have any permission options.
- The v1.1 has only admin_mode option which controls the global permission to access the pools and flavors functionality.
- The v2 has only:
- RBAC policy options: policy_default_rule, policy_dirs, policy_file which controls the permissions to access each type of functionality for different types of users. See The policy.json file.
- secret_key option which defines a secret key to use for signing special URLs. These are called pre-signed URLs and give temporary permissions to outsiders of the system.
The Message service can be configured by changing the following options:
| Configuration option = Default value | Description |
|---|---|
| [DEFAULT] | |
| admin_mode = False | (Boolean) Activate privileged endpoints. |
| daemon = False | (Boolean) Run Zaqar server in the background. |
| unreliable = False | (Boolean) Disable all reliability constraints. |
| [certificates] | |
| barbican_auth = barbican_acl_auth | (String) Name of the Barbican authentication method to use |
| cert_manager_type = barbican | (String) Certificate Manager plugin. Defaults to barbican. |
| [notification] | |
| smtp_command = /usr/sbin/sendmail -t -oi | (String) The command of smtp to send email. The format is “command_name arg1 arg2”. |
| [oslo_policy] | |
| policy_default_rule = default | (String) Default rule. Enforced when a requested rule is not found. |
| policy_dirs = ['policy.d'] | (Multi-valued) Directories where policy configuration files are stored. They can be relative to any directory in the search path defined by the config_dir option, or absolute paths. The file defined by policy_file must exist for these directories to be searched. Missing or empty directories are ignored. |
| policy_file = policy.json | (String) The JSON file that defines policies. |
| [service_auth] | |
| admin_password = password | (String) The service admin password |
| admin_project_domain = admin | (String) The admin project domain name |
| admin_tenant_name = admin | (String) The service admin tenant name |
| admin_user = admin | (String) The service admin user name |
| admin_user_domain = admin | (String) The admin user domain name |
| auth_url = http://127.0.0.1:5000/v2.0 | (String) Authentication endpoint |
| auth_version = 2 | (String) The auth version used to authenticate |
| endpoint_type = public | (String) The endpoint_type to be used |
| region = RegionOne | (String) The deployment region |
| service_name = lbaas | (String) The name of the service |
| [signed_url] | |
| secret_key = None | (String) Secret key used to encrypt pre-signed URLs. |
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.