Also, all of the Swift sample configs are included in-tree in the code repo
https://github.com/openstack/swift/tree/master/etc They are well-commented. Anything that is commented out is a variable that has a default (the default value is given). Anything that isn't commented out is a required option that a deployer must set (ie there is no default). --John > On Mar 16, 2015, at 9:33 AM, Caius Howcroft <caius.howcr...@gmail.com> wrote: > > For what its worth all bloomberg's configs are open source (apart from > things like ips, tokens and such) and in chef templates: > https://github.com/bloomberg/chef-bcpc/tree/master/cookbooks/bcpc/templates/default > > thats what we run in production on several clusters at the moment, > > caius > > > On Mon, Mar 16, 2015 at 12:08 PM, Jonathan Proulx <j...@jonproulx.com> wrote: >> Hi All, >> >> One of the requests that's come up a few times around here has been >> for 'real' config example. >> >> During the PHL Ops Midccyle we finally mad ea place to put them: >> https://github.com/osops/example-configs >> >> And over the past couple days I pushed up the configs from MIT CSAIL's >> deploy. There's a delightful real world mess, but there you go. >> >> This can also serve as a meta example for how to organize example >> configs, so if anyone has comments on the structure of how I put them >> up now is probably a good time to discuss so that when others (if >> there are others who can do this) put their configs on line the format >> is both good and consistent. >> >> The sanitization process is hairy... >> >> I rgrep'ed through for things like 'password','token','connection' (to >> get the DB connection strings) and probably a couple other things but >> missed 'auth_encryption_key' in the Heat config. Thankfully we're not >> yet big heat users so changing this wasn't a disaster, and also >> reminded me to switch to using trusts rather than the more than >> slightly scary password deferred_auth_method... >> >> So I think this will get all the bits you need to redact (and quite a >> bit more but still less than looking at every line of every file): >> >> rgrep -e key -e token -e encryption -e password >> >> (note there's still a glance-cache.conf:swift_store_key in my configs >> but it's an unused default) >> >> If anyone finds things I left your PLEASE let me know (preferably >> directly), hopefully I won't spend the rest of my life switching keys >> and passwords :) >> >> >> -Jon >> >> _______________________________________________ >> OpenStack-operators mailing list >> OpenStack-operators@lists.openstack.org >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators > > > > -- > Caius Howcroft > @caiushowcroft > http://www.linkedin.com/in/caius > > _______________________________________________ > OpenStack-operators mailing list > OpenStack-operators@lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
