Cadoles
/
eole-one-master
18
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update OpenNebula configuration to match 5.4.1 

Ref: #21703
This commit is contained in:
Daniel Dehennin 2017-10-16 15:37:28 +02:00
parent 97b8edde6b
commit 05d37c6569
3 changed files with 394 additions and 96 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
tmpl/OpenNebulaNetwork.conf
View File

@ -1,5 +1,5 @@
# -------------------------------------------------------------------------- #
# Copyright 2002-2014, OpenNebula Project (OpenNebula.org), C12G Labs #
# Copyright 2002-2017, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
@ -15,11 +15,22 @@
#--------------------------------------------------------------------------- #
################################################################################
# General Options
# Overriding Options in Network Template
################################################################################
#
# Option can be overridden or added per network using this format
# in the network template:
#
# CONF="vxlan_mc=239.0.100.0,test=false,validate_vlan_id=true"
# BRIDGE_CONF="sethello=6"
# IP_LINK_CONF="tos=10,udpcsum=,udp6zerocsumrx=__delete__"
#
# Options can have empty value when they don't need a parameter. Also the
# special value "__delete__" can be used to delete parameters set here.
# Configure the initial VLAN ID tag (corresponds to vnet ID = 0)
:start_vlan: 2
# Set to true to check that no other vlans are connected to the bridge.
# Works with 802.1Q and VXLAN.
:validate_vlan_id: false
################################################################################
# Open vSwitch Options
@ -32,3 +43,44 @@
:arp_cache_poisoning: false
%end if
################################################################################
# 802.1Q Options
################################################################################
# Default MTU for the 802.1Q interface
:vlan_mtu: 1500
################################################################################
# VXLAN Options
################################################################################
# Base multicast address for each VLAN. The mc address is :vxlan_mc + :vlan_id
:vxlan_mc: 239.0.0.0
# Time To Live (TTL) should be > 1 in routed multicast networks (IGMP)
:vxlan_ttl: 16
# Default MTU for the VXLAN interface
:vxlan_mtu: 1500
################################################################################
# Bridge and Interface Creation Options
################################################################################
# These options will execute brctl commands with these values. For example,
# this option will execute:
#
# brctl stp <bridge name> on
#
# :bridge_conf:
# :stp: on
# These options will be added to the ip link add command. For example:
#
# sudo ip link add lxcbr0.260 type vxlan id 260 group 239.0.101.4 \
# ttl 16 dev lxcbr0 udp6zerocsumrx tos 3
#
# :ip_link_conf:
# :udp6zerocsumrx:
# :tos: 3

391
tmpl/oned.conf
View File

@ -42,7 +42,8 @@
# VNC_PORTS: VNC port pool for automatic VNC port assignment, if possible the
# port will be set to ``START`` + ``VMID``
# start : first port to assign
# reserved: comma separated list of ports
# reserved: comma separated list of ports or ranges. Two numbers separated by
# a colon indicate a range.
#
# LOG: Configuration for the logging system
# system: defines the logging system:
@ -80,15 +81,23 @@ LISTEN_ADDRESS = "127.0.0.1"
DB = [ BACKEND = "sqlite" ]
# Sample configuration for MySQL
# DB = [ BACKEND = "mysql",
# SERVER = "localhost",
# PORT = 0,
# USER = "oneadmin",
# PASSWD = "oneadmin",
# DB_NAME = "opennebula" ]
VNC_PORTS = [
START = 5901,
RESERVED = "5900"
START = 5900
# RESERVED = "6800, 6801, 6810:6820, 9869"
]
#VM_SUBMIT_ON_HOLD = "NO"
#*******************************************************************************
# Federation configuration attributes
# Federation & HA configuration attributes
#-------------------------------------------------------------------------------
# Control the federation capabilities of oned. Operation in a federated setup
# requires a special DB configuration.
@ -99,16 +108,70 @@ VNC_PORTS = [
# MASTER this oned is the master zone of the federation
# SLAVE this oned is a slave zone
# ZONE_ID: The zone ID as returned by onezone command
# SERVER_ID: ID identifying this server in the zone as returned by the
# onezone server-add command. This ID controls the HA configuration of
# OpenNebula:
# -1 (default) OpenNebula will operate in "solo" mode no HA
# <id> Operate in HA (leader election and state replication)
# MASTER_ONED: The xml-rpc endpoint of the master oned, e.g.
# http://master.one.org:2633/RPC2
#
#
# RAFT: Algorithm attributes
# LOG_RETENTION: Number of DB log records kept, it determines the
# synchronization window across servers and extra storage space needed.
# LOG_PURGE_TIMEOUT: How often applied records are purged according the log
# retention value. (in seconds)
# ELECTION_TIMEOUT_MS: Timeout to start a election process if no heartbeat
# or log is received from leader.
# BROADCAST_TIMEOUT_MS: How often heartbeats are sent to followers.
# XMLRPC_TIMEOUT_MS: To timeout raft related API calls
#
# RAFT_LEADER_HOOK: Executed when a server transits from follower->leader
# The purpose of this hook is to configure the Virtual IP.
# COMMAND: raft/vip.sh is a fully working script, this should not be changed
# ARGUMENTS: <interface> and <ip_cidr> must be replaced. For example
# ARGUMENTS = "leader ens1 10.0.0.2/24"
#
# RAFT_FOLLOWER_HOOK: Executed when a server transits from leader->follower
# The purpose of this hook is to configure the Virtual IP.
# COMMAND: raft/vip.sh is a fully working script, this should not be changed
# ARGUMENTS: <interface> and <ip_cidr> must be replaced. For example
# ARGUMENTS = "follower ens1 10.0.0.2/24"
#
# NOTE: Timeout tunning depends on the latency of the servers (network and load)
# as well as the max downtime tolerated by the system. Timeouts needs to be
# greater than 10ms
#
#*******************************************************************************
FEDERATION = [
MODE = "STANDALONE",
ZONE_ID = 0,
MASTER_ONED = ""
MODE = "STANDALONE",
ZONE_ID = 0,
SERVER_ID = -1,
MASTER_ONED = ""
]
RAFT = [
LOG_RETENTION = 500000,
LOG_PURGE_TIMEOUT = 600,
ELECTION_TIMEOUT_MS = 2500,
BROADCAST_TIMEOUT_MS = 500,
XMLRPC_TIMEOUT_MS = 2000
]
# Executed when a server transits from follower->leader
# RAFT_LEADER_HOOK = [
# COMMAND = "raft/vip.sh",
# ARGUMENTS = "leader <interface> <ip_cidr>"
# ]
# Executed when a server transits from leader->follower
# RAFT_FOLLOWER_HOOK = [
# COMMAND = "raft/vip.sh",
# ARGUMENTS = "follower <interface> <ip_cidr>"
# ]
#*******************************************************************************
# Default showback cost
#-------------------------------------------------------------------------------
@ -185,12 +248,17 @@ DEFAULT_COST = [
# is for 802.1Q networks (Open vSwitch and 802.1Q drivers). The driver
# will try first to allocate VLAN_IDS[START] + VNET_ID
# start: First VLAN_ID to use
# reserved: Comma separated list of VLAN_IDs
# reserved: Comma separated list of VLAN_IDs or ranges. Two numbers
# separated by a colon indicate a range.
#
# VXLAN_IDS: Automatic VXLAN Network ID (VNI) assignment. This is used
# for vxlan networks.
# start: First VNI to use
# NOTE: reserved is not supported by this pool
#
# PCI_PASSTHROUGH_BUS: Default bus to attach passthrough devices in the guest,
# in hex notation. It may be overwritten in the PCI device using the BUS
# attribute.
#*******************************************************************************
NETWORK_SIZE = 254
@ -206,6 +274,8 @@ VXLAN_IDS = [
START = "2"
]
#PCI_PASSTHROUGH_BUS = "0x01"
#*******************************************************************************
# DataStore Configuration
#*******************************************************************************
@ -230,17 +300,27 @@ VXLAN_IDS = [
# vd KVM virtual disk
#
# DEFAULT_CDROM_DEVICE_PREFIX: Same as above but for CDROM devices.
#
# DEFAULT_IMAGE_PERSISTENT: Control the default value for the PERSISTENT
# attribute on image creation (oneimage clone, onevm disk-saveas). If blank
# images will inherit the persistent attribute from the base image.
#
# DEFAULT_IMAGE_PERSISTENT_NEW: Control the default value for the PERSISTENT
# attribute on image creation (oneimage create). By default images are no
# persistent if not set.
#*******************************************************************************
#DATASTORE_LOCATION = /var/lib/one/datastores
DATASTORE_CAPACITY_CHECK = "yes"
DEFAULT_IMAGE_TYPE = "OS"
DEFAULT_DEVICE_PREFIX = "vd"
DEFAULT_DEVICE_PREFIX = "vd"
DEFAULT_CDROM_DEVICE_PREFIX = "hd"
DEFAULT_IMAGE_TYPE = "OS"
#DEFAULT_IMAGE_PERSISTENT = ""
#DEFAULT_IMAGE_PERSISTENT_NEW = ""
#*******************************************************************************
# Information Driver Configuration
#*******************************************************************************
@ -270,6 +350,7 @@ DEFAULT_CDROM_DEVICE_PREFIX = "hd"
# -i Time in seconds of the monitorization push cycle. This parameter must
# be smaller than MONITORING_INTERVAL, otherwise push monitorization will
# not be effective.
# -w Timeout in seconds to execute external commands (default unlimited)
#-------------------------------------------------------------------------------
IM_MAD = [
NAME = "collectd",
@ -281,6 +362,7 @@ IM_MAD = [
# KVM UDP-push Information Driver Manager Configuration
# -r number of retries when monitoring a host
# -t number of threads, i.e. number of hosts monitored at the same time
# -w Timeout in seconds to execute external commands (default unlimited)
#-------------------------------------------------------------------------------
IM_MAD = [
NAME = "kvm",
@ -293,6 +375,7 @@ IM_MAD = [
# KVM SSH-pull Information Driver Manager Configuration
# -r number of retries when monitoring a host
# -t number of threads, i.e. number of hosts monitored at the same time
# -w Timeout in seconds to execute external commands (default unlimited)
#-------------------------------------------------------------------------------
# IM_MAD = [
# NAME = "kvm",
@ -305,30 +388,33 @@ IM_MAD = [
# vCenter Information Driver Manager Configuration
# -r number of retries when monitoring a host
# -t number of threads, i.e. number of hosts monitored at the same time
# -w Timeout in seconds to execute external commands (default unlimited)
#-------------------------------------------------------------------------------
#IM_MAD = [
# NAME = "vcenter",
# SUNSTONE_NAME = "VMWare vCenter",
# EXECUTABLE = "one_im_sh",
# ARGUMENTS = "-c -t 15 -r 0 vcenter" ]
IM_MAD = [
NAME = "vcenter",
SUNSTONE_NAME = "VMWare vCenter",
EXECUTABLE = "one_im_sh",
ARGUMENTS = "-c -t 15 -r 0 vcenter" ]
#-------------------------------------------------------------------------------
#-------------------------------------------------------------------------------
# EC2 Information Driver Manager Configuration
# -r number of retries when monitoring a host
# -t number of threads, i.e. number of hosts monitored at the same time
# -w Timeout in seconds to execute external commands (default unlimited)
#-------------------------------------------------------------------------------
#IM_MAD = [
# NAME = "ec2",
# SUNSTONE_NAME = "Amazon EC2",
# EXECUTABLE = "one_im_sh",
# ARGUMENTS = "-c -t 1 -r 0 ec2" ]
# ARGUMENTS = "-c -t 1 -r 0 -w 600 ec2" ]
#-------------------------------------------------------------------------------
#-------------------------------------------------------------------------------
# Azure Information Driver Manager Configuration
# -r number of retries when monitoring a host
# -t number of threads, i.e. number of hosts monitored at the same time
# -w Timeout in seconds to execute external commands (default unlimited)
#-------------------------------------------------------------------------------
#IM_MAD = [
# NAME = "az",
@ -363,7 +449,7 @@ IM_MAD = [
#
# type : driver type, supported drivers: xen, kvm, xml
#
# keep_snapshots: do not remove snapshots on power on/off cycles and live
# keep_snapshots: do not remove snapshots on power on/off cycles and live
# migrations if the hypervisor supports that.
#
# imported_vms_actions : comma-separated list of actions supported
@ -405,6 +491,7 @@ IM_MAD = [
# An example: "-l migrate=migrate_local,save"
# -p more than one action per host in parallel, needs support from hypervisor
# -s <shell> to execute remote commands, bash by default
# -w Timeout in seconds to execute external commands (default unlimited)
#
# Note: You can use type = "qemu" to use qemu emulated guests, e.g. if your
# CPU does not have virtualization extensions or use nested Qemu-KVM hosts
@ -416,7 +503,7 @@ VM_MAD = [
ARGUMENTS = "-t 15 -r 0 kvm",
DEFAULT = "vmm_exec/vmm_exec_kvm.conf",
TYPE = "kvm",
KEEP_SNAPSHOTS = "no",
KEEP_SNAPSHOTS = "yes",
IMPORTED_VMS_ACTIONS = "terminate, terminate-hard, hold, release, suspend,
resume, delete, reboot, reboot-hard, resched, unresched, disk-attach,
disk-detach, nic-attach, nic-detach, snap-create, snap-delete"
@ -432,32 +519,35 @@ VM_MAD = [
# -s <shell> to execute commands, bash by default
# -d default snapshot strategy. It can be either 'detach' or 'suspend'. It
# defaults to 'suspend'.
# -w Timeout in seconds to execute external commands (default unlimited)
#-------------------------------------------------------------------------------
#VM_MAD = [
# NAME = "vcenter",
# SUNSTONE_NAME = "VMWare vCenter",
# EXECUTABLE = "one_vmm_sh",
# ARGUMENTS = "-p -t 15 -r 0 vcenter -s sh",
# DEFAULT = "vmm_exec/vmm_exec_vcenter.conf",
# TYPE = "xml",
# KEEP_SNAPSHOTS = "yes",
# IMPORTED_VMS_ACTIONS = "terminate, terminate-hard, hold, release, suspend,
# resume, delete, reboot, reboot-hard, resched, unresched, poweroff,
# poweroff-hard, disk-attach, disk-detach, nic-attach, nic-detach,
# snap-create, snap-delete"
#]
VM_MAD = [
NAME = "vcenter",
SUNSTONE_NAME = "VMWare vCenter",
EXECUTABLE = "one_vmm_sh",
ARGUMENTS = "-p -t 15 -r 0 vcenter -s sh",
DEFAULT = "vmm_exec/vmm_exec_vcenter.conf",
TYPE = "xml",
KEEP_SNAPSHOTS = "yes",
IMPORTED_VMS_ACTIONS = "terminate, terminate-hard, hold, release, suspend,
resume, delete, reboot, reboot-hard, resched, unresched, poweroff,
poweroff-hard, disk-attach, disk-detach, nic-attach, nic-detach,
snap-create, snap-delete"
]
#-------------------------------------------------------------------------------
#-------------------------------------------------------------------------------
# EC2 Virtualization Driver Manager Configuration
# -r number of retries when monitoring a host
# -t number of threads, i.e. number of actions performed at the same time
# -w Timeout in seconds to execute external commands (default unlimited)
# -p more than one action per host in parallel, needs support from hypervisor
#-------------------------------------------------------------------------------
#VM_MAD = [
# NAME = "ec2",
# SUNSTONE_NAME = "Amazon EC2",
# EXECUTABLE = "one_vmm_sh",
# ARGUMENTS = "-t 15 -r 0 ec2",
# ARGUMENTS = "-t 15 -r 0 -w 600 -p ec2",
# TYPE = "xml",
# KEEP_SNAPSHOTS = "no",
# IMPORTED_VMS_ACTIONS = "terminate, terminate-hard, hold, release, suspend,
@ -471,6 +561,7 @@ VM_MAD = [
# Azure Virtualization Driver Manager Configuration
# -r number of retries when monitoring a host
# -t number of threads, i.e. number of actions performed at the same time
# -w Timeout in seconds to execute external commands (default unlimited)
#-------------------------------------------------------------------------------
#VM_MAD = [
# NAME = "az",
@ -507,6 +598,7 @@ VM_MAD = [
# -t: number of threads, i.e. number of transfers made at the same time
# -d: list of transfer drivers separated by commas, if not defined all the
# drivers available will be enabled
# -w: Timeout in seconds to execute external commands (default unlimited)
#*******************************************************************************
TM_MAD = [
@ -526,11 +618,12 @@ TM_MAD = [
# -t number of threads, i.e. number of repo operations at the same time
# -d datastore mads separated by commas
# -s system datastore tm drivers, used to monitor shared system ds.
# -w Timeout in seconds to execute external commands (default unlimited)
#*******************************************************************************
DATASTORE_MAD = [
EXECUTABLE = "one_datastore",
ARGUMENTS = "-t 15 -d dummy,fs,lvm,ceph,dev,iscsi_libvirt,vcenter -s shared,ssh,ceph,fs_lvm,qcow2"
ARGUMENTS = "-t 15 -d dummy,fs,lvm,ceph,dev,iscsi_libvirt,vcenter -s shared,ssh,ceph,fs_lvm,qcow2,vcenter"
]
#*******************************************************************************
@ -544,6 +637,8 @@ DATASTORE_MAD = [
# arguments : for the driver executable
# -t number of threads, i.e. number of repo operations at the same time
# -m marketplace mads separated by commas
# --proxy proxy address if required to access the internet
# -w Timeout in seconds to execute external commands (default unlimited)
#*******************************************************************************
MARKET_MAD = [
@ -566,10 +661,9 @@ MARKET_MAD = [
IPAM_MAD = [
EXECUTABLE = "one_ipam",
ARGUMENTS = "-t 1 -i dummy"
ARGUMENTS = "-t 1 -i dummy"
]
#*******************************************************************************
# Hook Manager Configuration
#*******************************************************************************
@ -749,19 +843,34 @@ USER_HOOK = [
HM_MAD = [
EXECUTABLE = "one_hm" ]
#VNET_HOOK = [
# name = "vcenter_net_create",
# on = "CREATE",
# command = "vcenter/create_vcenter_net.rb",
# arguments = "$ID $TEMPLATE"]
#VNET_HOOK = [
# name = "vcenter_net_delete",
# on = "REMOVE",
# command = "vcenter/delete_vcenter_net.rb",
# arguments = "$ID $TEMPLATE"]
#*******************************************************************************
# Fault Tolerance Hooks
#*******************************************************************************
# This hook is used to perform recovery actions when a host fails.
# Script to implement host failure tolerance
# It can be set to
# -m migrate VMs to another host. Only for images in shared storage
# One of the following modes must be chosen
# -m resched VMs to another host. (Only for images in shared storage!)
# -r recreate VMs running in the host. State will be lost.
# -d delete VMs running in the host
#
# Additional flags
# -f force resubmission of suspended VMs
# -p <n> avoid resubmission if host comes
# back after n monitoring cycles
# -f resubmit suspended and powered off VMs (only for recreate)
# -p <n> avoid resubmission if host comes back after n monitoring
# cycles. 0 to disable it. Default is 2.
# -u disables fencing. Fencing is enabled by default. Don't disable it
# unless you are very sure about what you're doing
#*******************************************************************************
#
#HOST_HOOK = [
@ -771,7 +880,6 @@ HM_MAD = [
# ARGUMENTS = "$ID -m -p 5",
# REMOTE = "no" ]
#-------------------------------------------------------------------------------
#
%if %%getVar('activer_hooks', 'non') == 'oui'
#*******************************************************************************
@ -814,7 +922,6 @@ USER_HOOK = [
%end if
#*******************************************************************************
# Auth Manager Configuration
#*******************************************************************************
@ -850,38 +957,15 @@ USER_HOOK = [
# the new object's permissions to 640 "um- u-- ---"
#*******************************************************************************
%if %%getVar('sunstone_auth_modes', 'non') == 'non'
AUTH_MAD = [
EXECUTABLE = "one_auth_mad",
AUTHN = "ssh,x509,server_cipher,server_x509"
]
AUTH_MAD_CONF = [
NAME = "core",
PASSWORD_CHANGE = "YES",
DRIVER_MANAGED_GROUPS = "NO",
MAX_TOKEN_TIME = "-1"
]
%else
AUTH_MAD = [
EXECUTABLE = "one_auth_mad",
AUTHN = "ssh,x509,server_cipher,server_x509,%%getVar('sunstone_auth_modes','')"
AUTHN = "ssh,x509,ldap,server_cipher,server_x509"
]
%if %%getVar('sunstone_auth_modes','') == 'ldap'
DEFAULT_AUTH = "ldap"
%if %%getVar('sunstone_auth_modes','') == 'ldap'
AUTH_MAD_CONF = [
NAME = "ldap",
PASSWORD_CHANGE = "YES",
DRIVER_MANAGED_GROUPS = "NO",
MAX_TOKEN_TIME = "86400"
]
%end if
%end if
SESSION_EXPIRATION_TIME = 900
#ENABLE_OTHER_PERMISSIONS = "YES"
@ -897,6 +981,28 @@ DEFAULT_UMASK = 177
#ONEGATE_ENDPOINT = "http://frontend:5030"
#*******************************************************************************
# VM Operations Permissions
#******************************************************************************
# The following parameters define the operations associated to the ADMIN,
# MANAGE and USE permissions. Note that some VM operations require additional
# permissions on other objects. Also some operations refers to a class of
# actions:
# - disk-snapshot, includes create, delete and revert actions
# - disk-attach, includes attach and detach actions
# - nic-attach, includes attach and detach actions
# - snapshot, includes create, delete and revert actions
# - resched, includes resched and unresched actions
#******************************************************************************
VM_ADMIN_OPERATIONS = "migrate, delete, recover, retry, deploy, resched"
VM_MANAGE_OPERATIONS = "undeploy, hold, release, stop, suspend, resume, reboot,
poweroff, disk-attach, nic-attach, disk-snapshot, terminate, disk-resize,
snapshot, updateconf, rename, resize, update, disk-saveas"
VM_USE_OPERATIONS = ""
#*******************************************************************************
# Restricted Attributes Configuration
#*******************************************************************************
@ -907,22 +1013,42 @@ VM_RESTRICTED_ATTR = "CONTEXT/FILES"
VM_RESTRICTED_ATTR = "NIC/MAC"
VM_RESTRICTED_ATTR = "NIC/VLAN_ID"
VM_RESTRICTED_ATTR = "NIC/BRIDGE"
#VM_RESTRICTED_ATTR = "NIC/INBOUND_AVG_BW"
#VM_RESTRICTED_ATTR = "NIC/INBOUND_PEAK_BW"
#VM_RESTRICTED_ATTR = "NIC/INBOUND_PEAK_KB"
#VM_RESTRICTED_ATTR = "NIC/OUTBOUND_AVG_BW"
#VM_RESTRICTED_ATTR = "NIC/OUTBOUND_PEAK_BW"
#VM_RESTRICTED_ATTR = "NIC/OUTBOUND_PEAK_KB"
#VM_RESTRICTED_ATTR = "NIC/OPENNEBULA_MANAGED"
#VM_RESTRICTED_ATTR = "NIC/VCENTER_INSTANCE_ID"
#VM_RESTRICTED_ATTR = "NIC/VCENTER_NET_REF"
#VM_RESTRICTED_ATTR = "NIC/VCENTER_PORTGROUP_TYPE"
VM_RESTRICTED_ATTR = "NIC_DEFAULT/MAC"
VM_RESTRICTED_ATTR = "NIC_DEFAULT/VLAN_ID"
VM_RESTRICTED_ATTR = "NIC_DEFAULT/BRIDGE"
VM_RESTRICTED_ATTR = "DISK/TOTAL_BYTES_SEC"
VM_RESTRICTED_ATTR = "DISK/READ_BYTES_SEC"
VM_RESTRICTED_ATTR = "DISK/WRITE_BYTES_SEC"
VM_RESTRICTED_ATTR = "DISK/TOTAL_IOPS_SEC"
VM_RESTRICTED_ATTR = "DISK/READ_IOPS_SEC"
VM_RESTRICTED_ATTR = "DISK/WRITE_IOPS_SEC"
#VM_RESTRICTED_ATTR = "DISK/TOTAL_BYTES_SEC"
#VM_RESTRICTED_ATTR = "DISK/READ_BYTES_SEC"
#VM_RESTRICTED_ATTR = "DISK/WRITE_BYTES_SEC"
#VM_RESTRICTED_ATTR = "DISK/TOTAL_IOPS_SEC"
#VM_RESTRICTED_ATTR = "DISK/READ_IOPS_SEC"
#VM_RESTRICTED_ATTR = "DISK/WRITE_IOPS_SEC"
#VM_RESTRICTED_ATTR = "DISK/OPENNEBULA_MANAGED"
#VM_RESTRICTED_ATTR = "DISK/VCENTER_DS_REF"
#VM_RESTRICTED_ATTR = "DISK/VCENTER_INSTANCE_ID"
#VM_RESTRICTED_ATTR = "DISK/SIZE"
VM_RESTRICTED_ATTR = "DISK/ORIGINAL_SIZE"
#VM_RESTRICTED_ATTR = "DISK/ORIGINAL_SIZE"
#VM_RESTRICTED_ATTR = "DISK/SIZE_PREV"
VM_RESTRICTED_ATTR = "CPU_COST"
VM_RESTRICTED_ATTR = "MEMORY_COST"
VM_RESTRICTED_ATTR = "DISK_COST"
VM_RESTRICTED_ATTR = "PCI"
VM_RESTRICTED_ATTR = "USER_INPUTS"
VM_RESTRICTED_ATTR = "EMULATOR"
VM_RESTRICTED_ATTR = "RAW"
VM_RESTRICTED_ATTR = "USER_PRIORITY"
#VM_RESTRICTED_ATTR = "USER_INPUTS/CPU"
#VM_RESTRICTED_ATTR = "USER_INPUTS/MEMORY"
#VM_RESTRICTED_ATTR = "USER_INPUTS/VCPU"
#VM_RESTRICTED_ATTR = "TEMPLATE/VCENTER_VM_FOLDER"
#VM_RESTRICTED_ATTR = "RANK"
#VM_RESTRICTED_ATTR = "SCHED_RANK"
@ -930,6 +1056,7 @@ VM_RESTRICTED_ATTR = "USER_INPUTS"
#VM_RESTRICTED_ATTR = "SCHED_REQUIREMENTS"
IMAGE_RESTRICTED_ATTR = "SOURCE"
#IMAGE_RESTRICTED_ATTR = "TEMPLATE/VCENTER_IMPORTED"
#*******************************************************************************
# The following restricted attributes only apply to VNets that are a reservation.
@ -940,6 +1067,9 @@ VNET_RESTRICTED_ATTR = "VN_MAD"
VNET_RESTRICTED_ATTR = "PHYDEV"
VNET_RESTRICTED_ATTR = "VLAN_ID"
VNET_RESTRICTED_ATTR = "BRIDGE"
VNET_RESTRICTED_ATTR = "CONF"
VNET_RESTRICTED_ATTR = "BRIDGE_CONF"
VNET_RESTRICTED_ATTR = "IP_LINK_CONF"
VNET_RESTRICTED_ATTR = "AR/VN_MAD"
VNET_RESTRICTED_ATTR = "AR/PHYDEV"
@ -969,6 +1099,7 @@ VNET_RESTRICTED_ATTR = "AR/BRIDGE"
INHERIT_DATASTORE_ATTR = "CEPH_HOST"
INHERIT_DATASTORE_ATTR = "CEPH_SECRET"
INHERIT_DATASTORE_ATTR = "CEPH_KEY"
INHERIT_DATASTORE_ATTR = "CEPH_USER"
INHERIT_DATASTORE_ATTR = "CEPH_CONF"
INHERIT_DATASTORE_ATTR = "POOL_NAME"
@ -986,15 +1117,39 @@ INHERIT_DATASTORE_ATTR = "GLUSTER_HOST"
INHERIT_DATASTORE_ATTR = "GLUSTER_VOLUME"
INHERIT_DATASTORE_ATTR = "DISK_TYPE"
INHERIT_DATASTORE_ATTR = "ADAPTER_TYPE"
INHERIT_DATASTORE_ATTR = "ALLOW_ORPHANS"
INHERIT_DATASTORE_ATTR = "VCENTER_ADAPTER_TYPE"
INHERIT_DATASTORE_ATTR = "VCENTER_DISK_TYPE"
INHERIT_DATASTORE_ATTR = "VCENTER_DS_REF"
INHERIT_DATASTORE_ATTR = "VCENTER_DS_IMAGE_DIR"
INHERIT_DATASTORE_ATTR = "VCENTER_DS_VOLATILE_DIR"
INHERIT_DATASTORE_ATTR = "VCENTER_INSTANCE_ID"
INHERIT_IMAGE_ATTR = "DISK_TYPE"
INHERIT_IMAGE_ATTR = "ADAPTER_TYPE"
INHERIT_IMAGE_ATTR = "VCENTER_ADAPTER_TYPE"
INHERIT_IMAGE_ATTR = "VCENTER_DISK_TYPE"
INHERIT_VNET_ATTR = "VLAN_TAGGED_ID"
INHERIT_VNET_ATTR = "FILTER_IP_SPOOFING"
INHERIT_VNET_ATTR = "FILTER_MAC_SPOOFING"
INHERIT_VNET_ATTR = "MTU"
INHERIT_VNET_ATTR = "INBOUND_AVG_BW"
INHERIT_VNET_ATTR = "INBOUND_PEAK_BW"
INHERIT_VNET_ATTR = "INBOUND_PEAK_KB"
INHERIT_VNET_ATTR = "OUTBOUND_AVG_BW"
INHERIT_VNET_ATTR = "OUTBOUND_PEAK_BW"
INHERIT_VNET_ATTR = "OUTBOUND_PEAK_KB"
INHERIT_VNET_ATTR = "CONF"
INHERIT_VNET_ATTR = "BRIDGE_CONF"
INHERIT_VNET_ATTR = "IP_LINK_CONF"
INHERIT_VNET_ATTR = "VCENTER_NET_REF"
INHERIT_VNET_ATTR = "VCENTER_SWITCH_NAME"
INHERIT_VNET_ATTR = "VCENTER_SWITCH_NPORTS"
INHERIT_VNET_ATTR = "VCENTER_PORTGROUP_TYPE"
INHERIT_VNET_ATTR = "VCENTER_CCR_REF"
INHERIT_VNET_ATTR = "VCENTER_INSTANCE_ID"
#*******************************************************************************
# Transfer Manager Driver Behavior Configuration
@ -1018,6 +1173,7 @@ INHERIT_VNET_ATTR = "MTU"
# among the different hosts or not. Valid values: "yes" or "no"
# ds_migrate : The driver allows migrations across datastores. Valid values:
# "yes" or "no". Note: THIS ONLY APPLIES TO SYSTEM DS.
# allow_orphans: Snapshots can live without parents
#*******************************************************************************
TM_MAD_CONF = [
@ -1035,11 +1191,13 @@ TM_MAD_CONF = [
]
TM_MAD_CONF = [
NAME = "fs_lvm", LN_TARGET = "SYSTEM", CLONE_TARGET = "SYSTEM", SHARED="YES"
NAME = "fs_lvm", LN_TARGET = "SYSTEM", CLONE_TARGET = "SYSTEM", SHARED="YES",
DRIVER = "raw"
]
TM_MAD_CONF = [
NAME = "qcow2", LN_TARGET = "NONE", CLONE_TARGET = "SYSTEM", SHARED = "YES"
NAME = "qcow2", LN_TARGET = "NONE", CLONE_TARGET = "SYSTEM", SHARED = "YES",
DRIVER = "qcow2"
]
TM_MAD_CONF = [
@ -1049,7 +1207,7 @@ TM_MAD_CONF = [
TM_MAD_CONF = [
NAME = "ceph", LN_TARGET = "NONE", CLONE_TARGET = "SELF", SHARED = "YES",
DS_MIGRATE = "NO"
DS_MIGRATE = "NO", DRIVER = "raw", ALLOW_ORPHANS="yes"
]
TM_MAD_CONF = [
@ -1062,7 +1220,7 @@ TM_MAD_CONF = [
]
TM_MAD_CONF = [
NAME = "vcenter", LN_TARGET = "NONE", CLONE_TARGET = "NONE", SHARED = "YES"
NAME = "vcenter", LN_TARGET = "NONE", CLONE_TARGET = "SYSTEM", SHARED = "YES"
]
#*******************************************************************************
@ -1110,7 +1268,9 @@ DS_MAD_CONF = [
]
DS_MAD_CONF = [
NAME = "vcenter", REQUIRED_ATTRS = "VCENTER_CLUSTER", PERSISTENT_ONLY = "YES",
NAME = "vcenter",
REQUIRED_ATTRS = "VCENTER_INSTANCE_ID, VCENTER_DS_REF, VCENTER_DC_REF",
PERSISTENT_ONLY = "NO",
MARKETPLACE_ACTIONS = "export"
]
@ -1152,3 +1312,68 @@ MARKET_MAD_CONF = [
REQUIRED_ATTRS = "ACCESS_KEY_ID,SECRET_ACCESS_KEY,REGION,BUCKET",
APP_ACTIONS = "create, delete, monitor"
]
#*******************************************************************************
# Authentication Driver Behavior Definition
#*******************************************************************************
# The configuration for each driver is defined in AUTH_MAD_CONF. These
# values must not be modified since they define the driver behavior.
# name : name of the auth driver
# password_change : allow the end users to change their own password. Oneadmin
# can still change other user's passwords
# driver_managed_groups : allow the driver to set the user's group even after
# user creation. In this case addgroup, delgroup and chgrp
# will be disabled, with the exception of chgrp to one of
# the groups in the list of secondary groups
# max_token_time : limit the maximum token validity, in seconds. Use -1 for
# unlimited maximum, 0 to disable login tokens
#*******************************************************************************
AUTH_MAD_CONF = [
NAME = "core",
PASSWORD_CHANGE = "YES",
DRIVER_MANAGED_GROUPS = "NO",
MAX_TOKEN_TIME = "-1"
]
AUTH_MAD_CONF = [
NAME = "public",
PASSWORD_CHANGE = "NO",
DRIVER_MANAGED_GROUPS = "NO",
MAX_TOKEN_TIME = "-1"
]
AUTH_MAD_CONF = [
NAME = "ssh",
PASSWORD_CHANGE = "YES",
DRIVER_MANAGED_GROUPS = "NO",
MAX_TOKEN_TIME = "-1"
]
AUTH_MAD_CONF = [
NAME = "x509",
PASSWORD_CHANGE = "NO",
DRIVER_MANAGED_GROUPS = "NO",
MAX_TOKEN_TIME = "-1"
]
AUTH_MAD_CONF = [
NAME = "ldap",
PASSWORD_CHANGE = "YES",
DRIVER_MANAGED_GROUPS = "NO",
MAX_TOKEN_TIME = "86400"
]
AUTH_MAD_CONF = [
NAME = "server_cipher",
PASSWORD_CHANGE = "NO",
DRIVER_MANAGED_GROUPS = "NO",
MAX_TOKEN_TIME = "-1"
]
AUTH_MAD_CONF = [
NAME = "server_x509",
PASSWORD_CHANGE = "NO",
DRIVER_MANAGED_GROUPS = "NO",
MAX_TOKEN_TIME = "-1"
]

39
tmpl/vmm_exec_kvm.conf
View File

@ -1,5 +1,5 @@
# -------------------------------------------------------------------------- #
# Copyright 2002-2013, OpenNebula Project (OpenNebula.org), C12G Labs #
# Copyright 2002-2017, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
@ -18,21 +18,22 @@
# (all domains will use these values as defaults). These values can
# be overridden in each VM template. Valid atributes are:
# - emulator
# - os [kernel,initrd,boot,root,kernel_cmd,arch]
# - os [kernel,initrd,boot,root,kernel_cmd,arch,machine]
# - vcpu
# - features [acpi, pae]
# - disk [driver, cache, io]
# - features [acpi, pae, apic, hyperv, localtime, guest_agent, virtio_scsi_queues]
# - disk [driver, cache, io, discard, total_bytes_sec, total_iops_sec, read_bytes_sec, write_bytes_sec, read_iops_sec, write_iops_sec]
# - nic [filter, model]
# - raw
# - hyperv_options: options used for FEATURES = [ HYPERV = yes ]
# NOTE: raw attribute value is appended to that on the VM template
#EMULATOR = /usr/libexec/qemu-kvm
EMULATOR = /usr/bin/qemu-system-x86_64
#VCPU = 1
OS = [ boot = "hd", arch = "x86_64" ]
FEATURES = [ PAE = "no", ACPI = "yes" ]
NIC = [ model = "virtio" ]
OS = [ arch = "x86_64" ]
FEATURES = [ PAE = "no", ACPI = "yes", APIC = "no", HYPERV = "no", GUEST_AGENT = "no",
VIRTIO_SCSI_QUEUES = "0" ]
%if %%getVar('activer_onesinglenode','non') == 'oui'
%if %%getVar('one_disk_cache','non') == 'oui'
@ -44,3 +45,23 @@ DISK = [ driver = "qcow2" , cache = "none", DEV_PREFIX="vd" ]
RAW = "<devices><video><model type='%%one_video_driver' heads='1'/></video></devices>"
%end if
%end if
NIC = [ model = "virtio" ]
#NIC = [ filter = "clean-traffic", model="virtio" ]
#RAW = "<devices><serial type=\"pty\"><source path=\"/dev/pts/5\"/><target port=\"0\"/></serial><console type=\"pty\" tty=\"/dev/pts/5\"><source path=\"/dev/pts/5\"/><target port=\"0\"/></console></devices>"
HYPERV_OPTIONS="<relaxed state='on'/><vapic state='on'/><spinlocks state='on' retries='4096'/>"
SPICE_OPTIONS="
<video>
<model type='qxl' heads='1'/>
</video>
<sound model='ich6' />
<channel type='spicevmc'>
<target type='virtio' name='com.redhat.spice.0'/>
</channel>
<redirdev bus='usb' type='spicevmc'/>
<redirdev bus='usb' type='spicevmc'/>
<redirdev bus='usb' type='spicevmc'/>"