Open Stack

Also, all of the Swift sample configs are included in-tree in the code repo

https://github.com/openstack/swift/tree/master/etc

They are well-commented. Anything that is commented out is a variable that has a default (the default value is given). Anything that isn't commented out is a required option that a deployer must set (ie there is no default).


--John






> On Mar 16, 2015, at 9:33 AM, Caius Howcroft <caius.howcroft at gmail.com> wrote:
> 
> For what its worth all bloomberg's configs are open source (apart from
> things like ips, tokens and such) and in chef templates:
> https://github.com/bloomberg/chef-bcpc/tree/master/cookbooks/bcpc/templates/default
> 
> thats what we run in production on several clusters at the moment,
> 
> caius
> 
> 
> On Mon, Mar 16, 2015 at 12:08 PM, Jonathan Proulx <jon at jonproulx.com> wrote:
>> Hi All,
>> 
>> One of the requests that's come up a few times around here has been
>> for 'real' config example.
>> 
>> During the PHL Ops Midccyle we finally mad ea place to put them:
>> https://github.com/osops/example-configs
>> 
>> And over the past couple days I pushed up the configs from MIT CSAIL's
>> deploy.  There's a delightful real world mess, but there you go.
>> 
>> This can also serve as a meta example for how to organize example
>> configs, so if anyone has comments on the structure of how I put them
>> up now is probably a good time to discuss so that when others (if
>> there are others who can do this) put their configs on line the format
>> is both good and consistent.
>> 
>> The sanitization process is hairy...
>> 
>> I rgrep'ed through for things like 'password','token','connection' (to
>> get the DB connection strings) and probably a couple other things but
>> missed 'auth_encryption_key' in the Heat config.  Thankfully we're not
>> yet big heat users so changing this wasn't a disaster, and also
>> reminded me to switch to using trusts rather than the more than
>> slightly scary password deferred_auth_method...
>> 
>> So I think this will get all the bits you need to redact (and quite a
>> bit more but still less than looking at every line of every file):
>> 
>> rgrep -e key -e token -e encryption -e password
>> 
>> (note there's still a glance-cache.conf:swift_store_key in my configs
>> but it's an unused default)
>> 
>> If anyone finds things I left your PLEASE let me know (preferably
>> directly), hopefully I won't spend the rest of my life switching keys
>> and passwords :)
>> 
>> 
>> -Jon
>> 
>> _______________________________________________
>> OpenStack-operators mailing list
>> OpenStack-operators at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
> 
> 
> 
> --
> Caius Howcroft
> @caiushowcroft
> http://www.linkedin.com/in/caius
> 
> _______________________________________________
> OpenStack-operators mailing list
> OpenStack-operators at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20150316/6a31f422/attachment.pgp>