Barbican¶
There are various customizations you can do to tailor the deployment of OpenStack Barbican. You can find those below.
General Parameters¶
bootstrap.enabled
Type: bool
Description:
false
bootstrap.ks_user
Type: string
Description:
“barbican”
bootstrap.script
Type: string
Description:
openstack token issueconf.audit_map.DEFAULT.target_endpoint_type
Type: string
Description:
“key-manager”
conf.audit_map.custom_actions.acl/get
Type: string
Description:
“read”
conf.audit_map.path_keywords.cas
Type: string
Description:
“None”
conf.audit_map.path_keywords.containers
Type: string
Description:
nil
conf.audit_map.path_keywords.orders
Type: string
Description:
nil
conf.audit_map.path_keywords.project-quotas
Type: string
Description:
nil
conf.audit_map.path_keywords.quotas
Type: string
Description:
nil
conf.audit_map.path_keywords.secrets
Type: string
Description:
nil
conf.audit_map.service_endpoints.key-manager
Type: string
Description:
“service/security/keymanager”
conf.barbican.DEFAULT.log_config_append
Type: string
Description:
“/etc/barbican/logging.conf”
conf.barbican.DEFAULT.transport_url
Type: string
Description:
nil
conf.barbican.barbican_api.bind_port
Type: string
Description:
nil
conf.barbican.database.max_retries
Type: int
Description:
-1
conf.barbican.keystone_authtoken.auth_type
Type: string
Description:
“password”
conf.barbican.keystone_authtoken.auth_version
Type: string
Description:
“v3”
conf.barbican.keystone_authtoken.memcache_secret_key
Type: string
Description:
nil
conf.barbican.keystone_authtoken.memcache_security_strategy
Type: string
Description:
“ENCRYPT”
conf.barbican.keystone_authtoken.service_type
Type: string
Description:
“key-manager”
conf.barbican.oslo_policy.policy_file
Type: string
Description:
“/etc/barbican/policy.yaml”
conf.barbican_api_uwsgi.uwsgi.add-header
Type: string
Description:
“Connection: close”
conf.barbican_api_uwsgi.uwsgi.buffer-size
Type: int
Description:
65535
conf.barbican_api_uwsgi.uwsgi.die-on-term
Type: bool
Description:
true
conf.barbican_api_uwsgi.uwsgi.enable-threads
Type: bool
Description:
true
conf.barbican_api_uwsgi.uwsgi.exit-on-reload
Type: bool
Description:
false
conf.barbican_api_uwsgi.uwsgi.hook-master-start
Type: string
Description:
“unix_signal:15 gracefully_kill_them_all”
conf.barbican_api_uwsgi.uwsgi.lazy-apps
Type: bool
Description:
true
conf.barbican_api_uwsgi.uwsgi.log-x-forwarded-for
Type: bool
Description:
true
conf.barbican_api_uwsgi.uwsgi.master
Type: bool
Description:
true
conf.barbican_api_uwsgi.uwsgi.processes
Type: int
Description:
1
conf.barbican_api_uwsgi.uwsgi.procname-prefix-spaced
Type: string
Description:
“barbiacan-api:”
conf.barbican_api_uwsgi.uwsgi.route-user-agent
Type: string
Description:
“^kube-probe.* donotlog:”
conf.barbican_api_uwsgi.uwsgi.thunder-lock
Type: bool
Description:
true
conf.barbican_api_uwsgi.uwsgi.worker-reload-mercy
Type: int
Description:
80
conf.barbican_api_uwsgi.uwsgi.wsgi-file
Type: string
Description:
“/var/lib/openstack/bin/barbican-wsgi-api”
conf.logging.formatter_context.class
Type: string
Description:
“oslo_log.formatters.ContextFormatter”
conf.logging.formatter_context.datefmt
Type: string
Description:
“%Y-%m-%d %H:%M:%S”
conf.logging.formatter_default.datefmt
Type: string
Description:
“%Y-%m-%d %H:%M:%S”
conf.logging.formatter_default.format
Type: string
Description:
“%(message)s”
conf.logging.formatters.keys[0]
Type: string
Description:
“context”
conf.logging.formatters.keys[1]
Type: string
Description:
“default”
conf.logging.handler_null.args
Type: string
Description:
“()”
conf.logging.handler_null.class
Type: string
Description:
“logging.NullHandler”
conf.logging.handler_null.formatter
Type: string
Description:
“default”
conf.logging.handler_stderr.args
Type: string
Description:
“(sys.stderr,)”
conf.logging.handler_stderr.class
Type: string
Description:
“StreamHandler”
conf.logging.handler_stderr.formatter
Type: string
Description:
“context”
conf.logging.handler_stdout.args
Type: string
Description:
“(sys.stdout,)”
conf.logging.handler_stdout.class
Type: string
Description:
“StreamHandler”
conf.logging.handler_stdout.formatter
Type: string
Description:
“context”
conf.logging.handlers.keys[0]
Type: string
Description:
“stdout”
conf.logging.handlers.keys[1]
Type: string
Description:
“stderr”
conf.logging.handlers.keys[2]
Type: string
Description:
“null”
conf.logging.logger_amqp.handlers
Type: string
Description:
“stderr”
conf.logging.logger_amqp.level
Type: string
Description:
“WARNING”
conf.logging.logger_amqp.qualname
Type: string
Description:
“amqp”
conf.logging.logger_amqplib.handlers
Type: string
Description:
“stderr”
conf.logging.logger_amqplib.level
Type: string
Description:
“WARNING”
conf.logging.logger_amqplib.qualname
Type: string
Description:
“amqplib”
conf.logging.logger_barbican.handlers[0]
Type: string
Description:
“stdout”
conf.logging.logger_barbican.level
Type: string
Description:
“INFO”
conf.logging.logger_barbican.qualname
Type: string
Description:
“barbican”
conf.logging.logger_boto.handlers
Type: string
Description:
“stderr”
conf.logging.logger_boto.level
Type: string
Description:
“WARNING”
conf.logging.logger_boto.qualname
Type: string
Description:
“boto”
conf.logging.logger_eventletwsgi.handlers
Type: string
Description:
“stderr”
conf.logging.logger_eventletwsgi.level
Type: string
Description:
“WARNING”
conf.logging.logger_eventletwsgi.qualname
Type: string
Description:
“eventlet.wsgi.server”
conf.logging.logger_root.handlers
Type: string
Description:
“null”
conf.logging.logger_root.level
Type: string
Description:
“WARNING”
conf.logging.logger_sqlalchemy.handlers
Type: string
Description:
“stderr”
conf.logging.logger_sqlalchemy.level
Type: string
Description:
“WARNING”
conf.logging.logger_sqlalchemy.qualname
Type: string
Description:
“sqlalchemy”
conf.logging.loggers.keys[0]
Type: string
Description:
“root”
conf.logging.loggers.keys[1]
Type: string
Description:
“barbican”
conf.paste.app:apiapp.”paste.app_factory”
Type: string
Description:
“barbican.api.app:create_main_app”
conf.paste.app:healthcheck.”paste.app_factory”
Type: string
Description:
“oslo_middleware:Healthcheck.app_factory”
conf.paste.app:healthcheck.backends
Type: string
Description:
“disable_by_file”
conf.paste.app:healthcheck.disable_by_file_path
Type: string
Description:
“/etc/barbican/healthcheck_disable”
conf.paste.app:versionapp.”paste.app_factory”
Type: string
Description:
“barbican.api.app:create_version_app”
conf.paste.composite:main./
Type: string
Description:
“barbican_version”
conf.paste.composite:main./healthcheck
Type: string
Description:
“healthcheck”
conf.paste.composite:main./v1
Type: string
Description:
“barbican-api-keystone”
conf.paste.composite:main.use
Type: string
Description:
“egg:Paste#urlmap”
conf.paste.filter:audit.”paste.filter_factory”
Type: string
Description:
“keystonemiddleware.audit:filter_factory”
conf.paste.filter:audit.audit_map_file
Type: string
Description:
“/etc/barbican/api_audit_map.conf”
conf.paste.filter:authtoken.”paste.filter_factory”
Type: string
Description:
“keystonemiddleware.auth_token:filter_factory”
conf.paste.filter:context.”paste.filter_factory”
Type: string
Description:
“barbican.api.middleware.context:ContextMiddleware.factory”
conf.paste.filter:cors.”paste.filter_factory”
Type: string
Description:
“oslo_middleware.cors:filter_factory”
conf.paste.filter:cors.oslo_config_project
Type: string
Description:
“barbican”
conf.paste.filter:http_proxy_to_wsgi.”paste.filter_factory”
Type: string
Description:
“oslo_middleware:HTTPProxyToWSGI.factory”
conf.paste.filter:profile.cachegrind_filename
Type: string
Description:
“cachegrind.out.myapp”
conf.paste.filter:profile.discard_first_request
Type: bool
Description:
true
conf.paste.filter:profile.flush_at_shutdown
Type: bool
Description:
true
conf.paste.filter:profile.log_filename
Type: string
Description:
“myapp.profile”
conf.paste.filter:profile.path
Type: string
Description:
“/__profile__”
conf.paste.filter:profile.unwind
Type: bool
Description:
false
conf.paste.filter:profile.use
Type: string
Description:
“egg:repoze.profile”
conf.paste.filter:simple.”paste.filter_factory”
Type: string
Description:
“barbican.api.middleware.simple:SimpleFilter.factory”
conf.paste.filter:unauthenticated-context.”paste.filter_factory”
Type: string
Description:
“barbican.api.middleware.context:UnauthenticatedContextMiddleware.factory”
conf.paste.pipeline:barbican-api-keystone-audit.pipeline
Type: string
Description:
“http_proxy_to_wsgi authtoken context audit apiapp”
conf.paste.pipeline:barbican-api-keystone.pipeline
Type: string
Description:
“cors http_proxy_to_wsgi authtoken context apiapp”
conf.paste.pipeline:barbican-profile.pipeline
Type: string
Description:
“cors http_proxy_to_wsgi unauthenticated-context egg:Paste#cgitb egg:Paste#httpexceptions profile apiapp”
conf.paste.pipeline:barbican_api.pipeline
Type: string
Description:
“cors http_proxy_to_wsgi unauthenticated-context apiapp”
conf.paste.pipeline:barbican_version.pipeline
Type: string
Description:
“cors http_proxy_to_wsgi versionapp”
conf.policy
Type: object
Description:
{}
conf.simple_crypto_kek_rewrap.old_kek
Type: string
Description:
“dGhpcnR5X3R3b19ieXRlX2tleWJsYWhibGFoYmxhaGg=”
dependencies.dynamic.common.local_image_registry.jobs[0]
Type: string
Description:
“barbican-image-repo-sync”
dependencies.dynamic.common.local_image_registry.services[0].endpoint
Type: string
Description:
“node”
dependencies.dynamic.common.local_image_registry.services[0].service
Type: string
Description:
“local_image_registry”
dependencies.static.api.jobs[0]
Type: string
Description:
“barbican-db-sync”
dependencies.static.api.jobs[1]
Type: string
Description:
“barbican-ks-user”
dependencies.static.api.jobs[2]
Type: string
Description:
“barbican-ks-endpoints”
dependencies.static.api.jobs[3]
Type: string
Description:
“barbican-rabbit-init”
dependencies.static.api.services[0].endpoint
Type: string
Description:
“internal”
dependencies.static.api.services[0].service
Type: string
Description:
“oslo_db”
dependencies.static.api.services[1].endpoint
Type: string
Description:
“internal”
dependencies.static.api.services[1].service
Type: string
Description:
“identity”
dependencies.static.api.services[2].endpoint
Type: string
Description:
“internal”
dependencies.static.api.services[2].service
Type: string
Description:
“oslo_messaging”
dependencies.static.db_drop.services[0].endpoint
Type: string
Description:
“internal”
dependencies.static.db_drop.services[0].service
Type: string
Description:
“oslo_db”
dependencies.static.db_init.services[0].endpoint
Type: string
Description:
“internal”
dependencies.static.db_init.services[0].service
Type: string
Description:
“oslo_db”
dependencies.static.db_sync.jobs[0]
Type: string
Description:
“barbican-db-init”
dependencies.static.db_sync.services[0].endpoint
Type: string
Description:
“internal”
dependencies.static.db_sync.services[0].service
Type: string
Description:
“oslo_db”
dependencies.static.image_repo_sync.services[0].endpoint
Type: string
Description:
“internal”
dependencies.static.image_repo_sync.services[0].service
Type: string
Description:
“local_image_registry”
dependencies.static.ks_endpoints.jobs[0]
Type: string
Description:
“barbican-ks-service”
dependencies.static.ks_endpoints.services[0].endpoint
Type: string
Description:
“internal”
dependencies.static.ks_endpoints.services[0].service
Type: string
Description:
“identity”
dependencies.static.ks_service.services[0].endpoint
Type: string
Description:
“internal”
dependencies.static.ks_service.services[0].service
Type: string
Description:
“identity”
dependencies.static.ks_user.services[0].endpoint
Type: string
Description:
“internal”
dependencies.static.ks_user.services[0].service
Type: string
Description:
“identity”
dependencies.static.rabbit_init.services[0].endpoint
Type: string
Description:
“internal”
dependencies.static.rabbit_init.services[0].service
Type: string
Description:
“oslo_messaging”
endpoints.cluster_domain_suffix
Type: string
Description:
“cluster.local”
endpoints.fluentd.host_fqdn_override.default
Type: string
Description:
nil
endpoints.fluentd.hosts.default
Type: string
Description:
“fluentd-logging”
endpoints.fluentd.name
Type: string
Description:
“fluentd”
endpoints.fluentd.namespace
Type: string
Description:
nil
endpoints.fluentd.path.default
Type: string
Description:
nil
endpoints.fluentd.port.metrics.default
Type: int
Description:
24220
endpoints.fluentd.port.service.default
Type: int
Description:
24224
endpoints.fluentd.scheme
Type: string
Description:
“http”
endpoints.identity.auth.admin.password
Type: string
Description:
“password”
endpoints.identity.auth.admin.project_domain_name
Type: string
Description:
“default”
endpoints.identity.auth.admin.project_name
Type: string
Description:
“admin”
endpoints.identity.auth.admin.region_name
Type: string
Description:
“RegionOne”
endpoints.identity.auth.admin.user_domain_name
Type: string
Description:
“default”
endpoints.identity.auth.admin.username
Type: string
Description:
“admin”
endpoints.identity.auth.barbican.password
Type: string
Description:
“password”
endpoints.identity.auth.barbican.project_domain_name
Type: string
Description:
“service”
endpoints.identity.auth.barbican.project_name
Type: string
Description:
“service”
endpoints.identity.auth.barbican.region_name
Type: string
Description:
“RegionOne”
endpoints.identity.auth.barbican.role
Type: string
Description:
“admin”
endpoints.identity.auth.barbican.user_domain_name
Type: string
Description:
“service”
endpoints.identity.auth.barbican.username
Type: string
Description:
“barbican”
endpoints.identity.host_fqdn_override.default
Type: string
Description:
nil
endpoints.identity.hosts.default
Type: string
Description:
“keystone”
endpoints.identity.hosts.internal
Type: string
Description:
“keystone-api”
endpoints.identity.name
Type: string
Description:
“keystone”
endpoints.identity.path.default
Type: string
Description:
“/v3”
endpoints.identity.port.api.default
Type: int
Description:
80
endpoints.identity.port.api.internal
Type: int
Description:
5000
endpoints.identity.scheme.default
Type: string
Description:
“http”
endpoints.ingress.hosts.default
Type: string
Description:
“ingress”
endpoints.ingress.name
Type: string
Description:
“ingress”
endpoints.ingress.namespace
Type: string
Description:
nil
endpoints.ingress.port.ingress.default
Type: int
Description:
80
endpoints.key_manager.host_fqdn_override.default.tls.issuerRef.kind
Type: string
Description:
“ClusterIssuer”
endpoints.key_manager.host_fqdn_override.default.tls.issuerRef.name
Type: string
Description:
“ca-clusterissuer”
endpoints.key_manager.host_fqdn_override.default.tls.secretName
Type: string
Description:
“barbican-tls-internal”
endpoints.key_manager.hosts.default
Type: string
Description:
“barbican-api”
endpoints.key_manager.hosts.public
Type: string
Description:
“barbican”
endpoints.key_manager.name
Type: string
Description:
“barbican”
endpoints.key_manager.path.default
Type: string
Description:
“/”
endpoints.key_manager.path.healthcheck
Type: string
Description:
“/healthcheck”
endpoints.key_manager.port.api.default
Type: int
Description:
9311
endpoints.key_manager.port.api.public
Type: int
Description:
80
endpoints.key_manager.port.api.service
Type: int
Description:
9311
endpoints.key_manager.scheme.default
Type: string
Description:
“http”
endpoints.key_manager.scheme.service
Type: string
Description:
“http”
endpoints.kube_dns.host_fqdn_override.default
Type: string
Description:
nil
endpoints.kube_dns.hosts.default
Type: string
Description:
“kube-dns”
endpoints.kube_dns.name
Type: string
Description:
“kubernetes-dns”
endpoints.kube_dns.namespace
Type: string
Description:
“kube-system”
endpoints.kube_dns.path.default
Type: string
Description:
nil
endpoints.kube_dns.port.dns.default
Type: int
Description:
53
endpoints.kube_dns.port.dns.protocol
Type: string
Description:
“UDP”
endpoints.kube_dns.scheme
Type: string
Description:
“http”
endpoints.local_image_registry.host_fqdn_override.default
Type: string
Description:
nil
endpoints.local_image_registry.hosts.default
Type: string
Description:
“localhost”
endpoints.local_image_registry.hosts.internal
Type: string
Description:
“docker-registry”
endpoints.local_image_registry.hosts.node
Type: string
Description:
“localhost”
endpoints.local_image_registry.name
Type: string
Description:
“docker-registry”
endpoints.local_image_registry.namespace
Type: string
Description:
“docker-registry”
endpoints.local_image_registry.port.registry.node
Type: int
Description:
5000
endpoints.oci_image_registry.auth.barbican.password
Type: string
Description:
“password”
endpoints.oci_image_registry.auth.barbican.username
Type: string
Description:
“barbican”
endpoints.oci_image_registry.auth.enabled
Type: bool
Description:
false
endpoints.oci_image_registry.host_fqdn_override.default
Type: string
Description:
nil
endpoints.oci_image_registry.hosts.default
Type: string
Description:
“localhost”
endpoints.oci_image_registry.name
Type: string
Description:
“oci-image-registry”
endpoints.oci_image_registry.namespace
Type: string
Description:
“oci-image-registry”
endpoints.oci_image_registry.port.registry.default
Type: string
Description:
nil
endpoints.oslo_cache.auth.memcache_secret_key
Type: string
Description:
nil
endpoints.oslo_cache.host_fqdn_override.default
Type: string
Description:
nil
endpoints.oslo_cache.hosts.default
Type: string
Description:
“memcached”
endpoints.oslo_cache.port.memcache.default
Type: int
Description:
11211
endpoints.oslo_db.auth.admin.password
Type: string
Description:
“password”
endpoints.oslo_db.auth.admin.secret.tls.internal
Type: string
Description:
“mariadb-tls-direct”
endpoints.oslo_db.auth.admin.username
Type: string
Description:
“root”
endpoints.oslo_db.auth.barbican.password
Type: string
Description:
“password”
endpoints.oslo_db.auth.barbican.username
Type: string
Description:
“barbican”
endpoints.oslo_db.host_fqdn_override.default
Type: string
Description:
nil
endpoints.oslo_db.hosts.default
Type: string
Description:
“mariadb”
endpoints.oslo_db.path
Type: string
Description:
“/barbican”
endpoints.oslo_db.port.mysql.default
Type: int
Description:
3306
endpoints.oslo_db.scheme
Type: string
Description:
“mysql+pymysql”
endpoints.oslo_messaging.auth.admin.password
Type: string
Description:
“password”
endpoints.oslo_messaging.auth.admin.secret.tls.internal
Type: string
Description:
“rabbitmq-tls-direct”
endpoints.oslo_messaging.auth.admin.username
Type: string
Description:
“rabbitmq”
endpoints.oslo_messaging.auth.barbican.password
Type: string
Description:
“password”
endpoints.oslo_messaging.auth.barbican.username
Type: string
Description:
“barbican”
endpoints.oslo_messaging.host_fqdn_override.default
Type: string
Description:
nil
endpoints.oslo_messaging.hosts.default
Type: string
Description:
“rabbitmq”
endpoints.oslo_messaging.path
Type: string
Description:
“/barbican”
endpoints.oslo_messaging.port.amqp.default
Type: int
Description:
5672
endpoints.oslo_messaging.port.http.default
Type: int
Description:
15672
endpoints.oslo_messaging.scheme
Type: string
Description:
“rabbit”
endpoints.oslo_messaging.statefulset.name
Type: string
Description:
“rabbitmq-rabbitmq”
endpoints.oslo_messaging.statefulset.replicas
Type: int
Description:
2
helm3_hook
Type: bool
Description:
true
images.local_registry.active
Type: bool
Description:
false
images.local_registry.exclude[0]
Type: string
Description:
“dep_check”
images.local_registry.exclude[1]
Type: string
Description:
“image_repo_sync”
images.pull_policy
Type: string
Description:
“IfNotPresent”
images.tags.barbican_api
Type: string
Description:
“docker.io/openstackhelm/barbican:2024.1-ubuntu_jammy”
images.tags.barbican_db_sync
Type: string
Description:
“docker.io/openstackhelm/barbican:2024.1-ubuntu_jammy”
images.tags.bootstrap
Type: string
Description:
“docker.io/openstackhelm/heat:2024.1-ubuntu_jammy”
images.tags.db_drop
Type: string
Description:
“docker.io/openstackhelm/heat:2024.1-ubuntu_jammy”
images.tags.db_init
Type: string
Description:
“docker.io/openstackhelm/heat:2024.1-ubuntu_jammy”
images.tags.dep_check
Type: string
Description:
“quay.io/airshipit/kubernetes-entrypoint:latest-ubuntu_focal”
images.tags.image_repo_sync
Type: string
Description:
“docker.io/docker:17.07.0”
images.tags.ks_endpoints
Type: string
Description:
“docker.io/openstackhelm/heat:2024.1-ubuntu_jammy”
images.tags.ks_service
Type: string
Description:
“docker.io/openstackhelm/heat:2024.1-ubuntu_jammy”
images.tags.ks_user
Type: string
Description:
“docker.io/openstackhelm/heat:2024.1-ubuntu_jammy”
images.tags.rabbit_init
Type: string
Description:
“docker.io/rabbitmq:3.13-management”
images.tags.scripted_test
Type: string
Description:
“docker.io/openstackhelm/heat:2024.1-ubuntu_jammy”
labels.api.node_selector_key
Type: string
Description:
“openstack-control-plane”
labels.api.node_selector_value
Type: string
Description:
“enabled”
labels.job.node_selector_key
Type: string
Description:
“openstack-control-plane”
labels.job.node_selector_value
Type: string
Description:
“enabled”
labels.test.node_selector_key
Type: string
Description:
“openstack-control-plane”
labels.test.node_selector_value
Type: string
Description:
“enabled”
manifests.certificates
Type: bool
Description:
false
manifests.configmap_bin
Type: bool
Description:
true
manifests.configmap_etc
Type: bool
Description:
true
manifests.deployment_api
Type: bool
Description:
true
manifests.ingress_api
Type: bool
Description:
true
manifests.job_bootstrap
Type: bool
Description:
true
manifests.job_db_drop
Type: bool
Description:
false
manifests.job_db_init
Type: bool
Description:
true
manifests.job_db_sync
Type: bool
Description:
true
manifests.job_image_repo_sync
Type: bool
Description:
true
manifests.job_ks_endpoints
Type: bool
Description:
true
manifests.job_ks_service
Type: bool
Description:
true
manifests.job_ks_user
Type: bool
Description:
true
manifests.job_rabbit_init
Type: bool
Description:
true
manifests.network_policy
Type: bool
Description:
false
manifests.pdb_api
Type: bool
Description:
true
manifests.pod_test
Type: bool
Description:
true
manifests.secret_db
Type: bool
Description:
true
manifests.secret_ingress_tls
Type: bool
Description:
true
manifests.secret_keystone
Type: bool
Description:
true
manifests.secret_rabbitmq
Type: bool
Description:
true
manifests.secret_registry
Type: bool
Description:
true
manifests.service_api
Type: bool
Description:
true
manifests.service_ingress_api
Type: bool
Description:
true
network.api.external_policy_local
Type: bool
Description:
false
network.api.ingress.annotations.”nginx.ingress.kubernetes.io/rewrite-target”
Type: string
Description:
“/”
network.api.ingress.classes.cluster
Type: string
Description:
“nginx-cluster”
network.api.ingress.classes.namespace
Type: string
Description:
“nginx”
network.api.ingress.public
Type: bool
Description:
true
network.api.node_port.enabled
Type: bool
Description:
false
network.api.node_port.port
Type: int
Description:
30486
network_policy.barbican.egress[0]
Type: object
Description:
{}
network_policy.barbican.ingress[0]
Type: object
Description:
{}
pod.affinity.anti.topologyKey.default
Type: string
Description:
“kubernetes.io/hostname”
pod.affinity.anti.type.default
Type: string
Description:
“preferredDuringSchedulingIgnoredDuringExecution”
pod.affinity.anti.weight.default
Type: int
Description:
10
pod.lifecycle.disruption_budget.api.min_available
Type: int
Description:
0
pod.lifecycle.upgrades.deployments.pod_replacement_strategy
Type: string
Description:
“RollingUpdate”
pod.lifecycle.upgrades.deployments.revision_history
Type: int
Description:
3
pod.lifecycle.upgrades.deployments.rolling_update.max_surge
Type: int
Description:
3
pod.lifecycle.upgrades.deployments.rolling_update.max_unavailable
Type: int
Description:
1
pod.mounts.barbican_api.barbican_api.volumeMounts
Type: string
Description:
nil
pod.mounts.barbican_api.barbican_api.volumes
Type: string
Description:
nil
pod.mounts.barbican_api.init_container
Type: string
Description:
nil
pod.mounts.barbican_bootstrap.barbican_bootstrap.volumeMounts
Type: string
Description:
nil
pod.mounts.barbican_bootstrap.barbican_bootstrap.volumes
Type: string
Description:
nil
pod.mounts.barbican_bootstrap.init_container
Type: string
Description:
nil
pod.mounts.barbican_db_sync.barbican_db_sync.volumeMounts
Type: string
Description:
nil
pod.mounts.barbican_db_sync.barbican_db_sync.volumes
Type: string
Description:
nil
pod.mounts.barbican_tests.barbican_tests.volumeMounts
Type: string
Description:
nil
pod.mounts.barbican_tests.barbican_tests.volumes
Type: string
Description:
nil
pod.mounts.barbican_tests.init_container
Type: string
Description:
nil
pod.probes.api.barbican-api.liveness.enabled
Type: bool
Description:
true
pod.probes.api.barbican-api.liveness.params.initialDelaySeconds
Type: int
Description:
5
pod.probes.api.barbican-api.liveness.params.periodSeconds
Type: int
Description:
10
pod.probes.api.barbican-api.liveness.params.timeoutSeconds
Type: int
Description:
5
pod.probes.api.barbican-api.readiness.enabled
Type: bool
Description:
true
pod.probes.api.barbican-api.readiness.params.periodSeconds
Type: int
Description:
10
pod.probes.api.barbican-api.readiness.params.timeoutSeconds
Type: int
Description:
5
pod.replicas.api
Type: int
Description:
1
pod.resources.api.limits.cpu
Type: string
Description:
“2000m”
pod.resources.api.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.api.requests.cpu
Type: string
Description:
“100m”
pod.resources.api.requests.memory
Type: string
Description:
“128Mi”
pod.resources.enabled
Type: bool
Description:
false
pod.resources.jobs.bootstrap.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.bootstrap.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.bootstrap.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.bootstrap.requests.memory
Type: string
Description:
“128Mi”
pod.resources.jobs.db_drop.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.db_drop.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.db_drop.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.db_drop.requests.memory
Type: string
Description:
“128Mi”
pod.resources.jobs.db_init.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.db_init.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.db_init.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.db_init.requests.memory
Type: string
Description:
“128Mi”
pod.resources.jobs.db_sync.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.db_sync.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.db_sync.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.db_sync.requests.memory
Type: string
Description:
“128Mi”
pod.resources.jobs.image_repo_sync.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.image_repo_sync.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.image_repo_sync.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.image_repo_sync.requests.memory
Type: string
Description:
“128Mi”
pod.resources.jobs.ks_endpoints.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.ks_endpoints.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.ks_endpoints.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.ks_endpoints.requests.memory
Type: string
Description:
“128Mi”
pod.resources.jobs.ks_service.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.ks_service.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.ks_service.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.ks_service.requests.memory
Type: string
Description:
“128Mi”
pod.resources.jobs.ks_user.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.ks_user.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.ks_user.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.ks_user.requests.memory
Type: string
Description:
“128Mi”
pod.resources.jobs.rabbit_init.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.rabbit_init.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.rabbit_init.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.rabbit_init.requests.memory
Type: string
Description:
“128Mi”
pod.resources.jobs.tests.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.tests.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.tests.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.tests.requests.memory
Type: string
Description:
“128Mi”
pod.security_context.barbican.container.barbican_api.allowPrivilegeEscalation
Type: bool
Description:
false
pod.security_context.barbican.container.barbican_api.readOnlyRootFilesystem
Type: bool
Description:
true
pod.security_context.barbican.pod.runAsUser
Type: int
Description:
42424
pod.security_context.test.container.barbican_test.allowPrivilegeEscalation
Type: bool
Description:
false
pod.security_context.test.container.barbican_test.readOnlyRootFilesystem
Type: bool
Description:
true
pod.security_context.test.pod.runAsUser
Type: int
Description:
42424
pod.tolerations.barbican.enabled
Type: bool
Description:
false
pod.tolerations.barbican.tolerations[0].effect
Type: string
Description:
“NoSchedule”
pod.tolerations.barbican.tolerations[0].key
Type: string
Description:
“node-role.kubernetes.io/master”
pod.tolerations.barbican.tolerations[0].operator
Type: string
Description:
“Exists”
pod.tolerations.barbican.tolerations[1].effect
Type: string
Description:
“NoSchedule”
pod.tolerations.barbican.tolerations[1].key
Type: string
Description:
“node-role.kubernetes.io/control-plane”
pod.tolerations.barbican.tolerations[1].operator
Type: string
Description:
“Exists”
release_group
Type: string
Description:
nil
secrets.identity.admin
Type: string
Description:
“barbican-keystone-admin”
secrets.identity.barbican
Type: string
Description:
“barbican-keystone-user”
secrets.oci_image_registry.barbican
Type: string
Description:
“barbican-oci-image-registry”
secrets.oslo_db.admin
Type: string
Description:
“barbican-db-admin”
secrets.oslo_db.barbican
Type: string
Description:
“barbican-db-user”
secrets.oslo_messaging.admin
Type: string
Description:
“barbican-rabbitmq-admin”
secrets.oslo_messaging.barbican
Type: string
Description:
“barbican-rabbitmq-user”
secrets.tls.key_manager.api.internal
Type: string
Description:
“barbican-tls-internal”
secrets.tls.key_manager.api.public
Type: string
Description:
“barbican-tls-public”
tls.identity
Type: bool
Description:
false
tls.oslo_db
Type: bool
Description:
false
tls.oslo_messaging
Type: bool
Description:
false