Admin Guide 1. Abiquo. Config Properties
Abiquo uses a system based on Java properties that is flexible and easy to configure.
Configuration options are grouped in the file /opt/abiquo/config/abiquo.properties on each server of the Abiquo platform (Abiquo Server, Remote Services, V2V Services). The Abiquo Installer will create configuration files for your installation and example configuration files can be found in the directory /opt/abiquo/config/examples. If you wish to change the configuration options, add the properties you wish to change to your abiquo.properties file and specify the new values.
The tables below contain all the configuration options that can be modified and their default values as set by Abiquo. The default values for properties are used within the Abiquo platform if you do not set the properties. However, some default configuration options may also be set outside of the Abiquo platform, for example, in the hypervisor.
After modifying this file, check carefully to ensure you have the correct values and no unnecessary whitespace around the properties. You must restart the abiquo-tomcat service for the changes to take effect.
Open Sessions on Hyper-V
These reference files list all the properties that may be configured for each profile. Note that these files are versioned by date and new properties are not always added for minor versions.
Range: all range values are inclusive
– New property
– Changed property
– Deprecated Property
This table describes the abiquo.properties file of the Abiquo platform servers. For example, if a property is marked with symbol in the column, it can be configured in the abiquo.properties file of the Abiquo Server/API and Abiquo Monolithic Server.
Abiquo Monolithic Server
An Abiquo Monolithic Server is a single-server install of all or most of the Abiquo platform components, so the properties present on the Abiquo Server and the Remote Service machines may not be necessary or may only need to be added once. For example, Redis properties
Timestep for the email provider. This is the amount of time the two-factor authentication codes will be valid when generated (seconds).
Name of the issuer of the verification codes for two-factor authentication. This will appear in the user's Google Authenticator app to identify where the generated code comes from.
Number of virtual infrastructure check executions that a locked virtual machine with a pending task can pass before it will be marked as failed.
The number of consecutive health probe successes required before moving an AWS instance to the Healthy state.
Lapse of time in seconds where abiquo.api.login.maxtries apply.
Maximum login failures in a given lapse (abiquo.api.login.failurelapse).
Maximum number of sessions per user in the API. The default value of -1 means there is no limit and a value of 0 is invalid.
Allow only one NIC per VLAN on a virtual machine if false (or any other value).
Limit of NICs per virtual machine. If this is set to 0, there are no limits.
Abiquo session cookie name. This session does not store anything.
Location where ZooKeeper is listening in format <IP address>:<port> for example, 10.10.10.10:2181
Datacenter NFS repository refresh interval (milliseconds).
Perform the repository check against /etc/mtab. Set to false for local NFS Server installations in testing environment: NFS on Monolithic, V2V Server, or Remote Services Server.
Timeout for HTTP connections to the ApplianceManager server when using the ApplianceManager client. This property configures read and connection timeout in milliseconds.
Timeout for HTTP connections to be established when downloading a virtual machine template (milliseconds).
Timeout for idle HTTP connections when downloading a virtual machine template (milliseconds)
Timeout for HTTP connections when downloading a virtual machine template (milliseconds).
Frequency of download progress notification in milliseconds.
Maximum number of concurrent template downloads. A value of -1 means unlimited.
Maximum time for the appliance manager to perform a complete rescan of the repository filesystem in milliseconds.
Folder where the abiquo.appliancemanager.repositoryLocation is mounted on the remote services node.
Path name prefixes to be ignored in the repository refresh (comma separated values).
Path name pattern to be ignored in the repository refresh in Java regular expression format.
Path name suffixes to be ignored in the repository refresh (comma separated values).
Local Appliance Library, NFS repository location denoted by nfs-server-address:exportpath.
Interval to refresh progress of upload of virtual machine template (milliseconds).
Whether Abiquo will authenticate via: database; database and LDAP/Active Directory; or OpenID.
reCAPTCHA private key for user password reset. Obtain keys from Google.
Identify the AMQP datacenter queues. The Datacenter ID is used for building routing keys and queue names, so that they are unique for each datacenter. Warning: Do not change this property! This property is required and its value is generated at installation. You can recover the property's value through the API with Get Datacenter.
The URL of the Docker Registry that Abiquo will use to pull images. For example: http://localhost:5000
Docker registry filter that is a comma separated list of allowed tag patterns. Abiquo will compare the patterns with existing tags on images and only display the images with matching tags. The format of the pattern is defined by the Java regular expression pattern: http://docs.oracle.com/javase/8/docs/api/java/util/regex/Pattern.html, for example, ^fixedtag$,^tagswithprefix
Network adapter teaming policy in DVS port groups. This property controls the algorithm used for network adapter load balancing when multiple NICs are used in 'teaming mode'.
Number of available ports in each port group.
Password of the vCenter user account
Username of the vCenter user account
When using volumes, a VMFS datastore is required (Raw Device Mapping). If the supplied target datastore is not VMFS, then try to use the configured datastore.
The datastore to hold the VM definition file when deploying VMs with only volumes attached. If there are standard disks, use the datastore of one of these disks, otherwise use the property. The default value is defined by 'abiquo.esxi.datastoreRdm'.
Enforce disk UUID at VM level. Present disk UUID as SCSI serial number in the guest OS.
|com.abiquo.esxi.experimental.eagerzero.copy||If true, force eager zero thick provisioning on copied disks||v3.10.3|
|com.abiquo.esxi.experimental.eagerzero.new||If true, force eager zero thick provisioning on new empty disks||v3.10.3|
To prevent Abiquo from retrieving metrics, set the property to false for each ESXi metric (METRIC) you do not wish to retrieve. After you change these properties, restart the Monitor Manager (VSM) remote service for the properties to take effect.
For ESXi, to support dynamic metric IDs, set a value to override the default metric ID as given in the table in Abiquo documentation on Override IDs of ESXi metrics. Contact Abiquo Support for more information about how to determine the required metric IDs.
|New in Abiquo 3.10|
Default VirtualSCSIController implementation when diskController is not specified.
Present disk UUID as SCSI serial number in the guest OS
Delay between checks of all machines with state HA_IN_PROGRESS to determine if HA tasks on all VMs are complete, and if so, then set machine state to DISABLED_BY_HA (milliseconds).
Number of failed infrastructure checks on a machine before High Availability is triggered and the machine is set to state HA_IN_PROGRESS.
Automatically start Abiquo heartbeat
IP Address of HTTP proxy for Appliance Manager/API to Internet communication (download template definition list, template definition, VM disk file)
Password of HTTP proxy for Appliance Manager/API to Internet communication (download template definition list, template definition, VM disk file)
Port of HTTP proxy for Appliance Manager/API to Internet communication (download template definition list, template definition, VM disk file)
User of HTTP proxy for Appliance Manager/API to Internet communication (download template definition list, template definition, VM disk file)
Disk format type for instances taken in virtual datacenters for each hypervisor plugin (HV). Set to empty with no value to avoid any additional conversion (use the instance operation result format).
The attribute in LDAP/Active Directory to look up the Enterprise Name which must be an enterprise in Abiquo.
If true, Abiquo will create a user in Abiquo based on a successful login to LDAP.
Abiquo will perform an additional custom query against the specified schema in the LDAP/Active Directory. This value is required. The default value does not result in an additional query.
Base Distinguished Name of the LDAP/Active Directory
LDAP/Active Directory port. In LDAP mode this property is required, even if the server is listening at the default LDAP/Active Directory port.
Protocol to use when authenticating to an LDAP/Active Directory.
LDAP/Active Directory server URL
Timeout to establish the connections to the LDAP/Active Directory server (milliseconds).
Timeout to complete the connections to the LDAP/Active Directory server (milliseconds).
OAuth access token that M should use to perform requests to the Abiquo Server (API).
OAuth consumer key that M should use to perform requests to the Abiquo Server (API). If these tokens are set, M will use OAuth authentication. Otherwise Basic Authentication will be used.
OAuth consumer secret that M should use to perform requests to the Abiquo Server (API).
Credentials that M should use to perform requests to the Abiquo Server (API).
Identity that M should use to perform requests to the Abiquo Server (API).
Character set to be used in email notifications
|3.10.5 and 4.0.1|
Path to email template and text .properties files for email notifications
|Applies to all mail types|
Enable/disable monitoring, alarms and alerts
Name of the gateway network in Neutron where routers will be connected. This network is the one that connects the Neutron internal networks to the world.
The region that configures the Neutron endpoint in the Keystone installation. By default Abiquo will use the value of the 'abiquo.datacenter.id' property.
Number of IP addresses that are reserved for Neutron in each network. For each network, Neutron needs at least: one address for the DHCP agent, one for the network gateway, one for the network router, and one for each load balancer. This has to be taken into account when planning the number of IPs reserved for Neutron, as it will determine the total number of load balancers that users will be able to create in each network.
Name of the physical network in Neutron where the VLANs created from Abiquo will be attached.
Time between executions of infrastructure check in minutes
Number of concurrent machine checks by infrastructure check. This number should be tied to the number of cores of the machine running the Discovery manager service.
Infrastructure check timeout in seconds
Timeout for Server/API connections to Nodecollector (Discovery manager) in milliseconds.
Timeout to establish connections to the NSX manager in milliseconds. A value of 0 means no timeout.
vCenter cluster where the Edge appliances will be deployed.
vCenter datastore where the Edge appliances will be deployed.
vCenter distributed port where the uplink interfaces of the Edges will be attached.
Configure primary addresses of Edge uplink interfaces from this pool.
Number of IP addresses that are reserved for NSX in each private network to allocate to load balancers.
Timeout to complete connections to the NSX manager in milliseconds. A value of 0 means no timeout.
The transport zone that logical switches will be connected to.
Configure DHCP in Edge only for selected network types. The default is all network types (comma separated values).
The OpenID Connect authorization endpoint. This endpoint must be accessible from the user's browser.
The ID of the client that has been registered in the OpenID Connect server for the Abiquo platform.
The name of the client that has been registered in the OpenID Connect server for the Abiquo platform.
Comma separated list of allowed redirect (callback) URIs used during the authentication flow. Must be: http://<api endpoint>/api/openid_connect_login
Comma separated list of scopes to request during authentication. Must have at least: openid,profile,email. Abiquo 3.10.7 added support for phone
The secret of the client that has been registered in the OpenID Connect server for the Abiquo platform.
(Optional) If configured, Abiquo will attempt to perform a global logout performing a request to this endpoint. This is part of the Session Management optional spec. This endpoint must be accessible from the user's browser.
The name of the claim returned by the authorization server that contains the names used to map the Abiquo enterprise where the user belongs.
(Optional) If present, Abiquo will try to find an enterprise that has a property with the name configured in this property, and use its value to match the "enterprise claim" when resolving the user's enterprise. If absent, Abiquo will just look for an enterprise which name is returned in the "enterprise claim".
The OpenID Connect authorization issuer.
The OpenID Connect JWKS endpoint. This endpoint must be accessible from the Abiquo server.
The name of the claim returned by the authorization server that contains the names used to map the user permissions to an Abiquo role.
The URL where the user will be redirected from the Identity Server upon successful authentication. Something like http://<abiquo ui host>/ui/#/dashboard
The OpenID Connect token endpoint. This endpoint must be accessible from the Abiquo server.
The OpenID Connect user info endpoint. This endpoint must be accessible from the Abiquo server.
The authentication type to use in OpenStack installations. The standard authentication method is using a password. However, if the RAX_KSKEY extension (see http://docs.openstack.org/api/openstack-identity-service/2.0/content/Admin_API_Service_Developer_Operations-RAX-KSKEY-admin.html) is installed, users might be able to use an API key to authenticate.
Override default plugin metadata to update the preferred format when requesting compatible conversions. This format should be included in the 'compatibleDiskFormatTypes' list. Allowed values: any DiskFormatType; For more information and default values. See Template Compatibility Table.
Override default plugin metadata to update the list of compatible formats. Allowed values: any DiskFormatType. List of comma separated values, should contain 'baseDiskFormatType'. See Template Compatibility Table.
Override default plugin metadata to update the compatible controller. Allowed values: any DiskControllerType. List of comma separated values; first is used as default. Possible values are SCSI, IDE, VIRTIO
Delay between executions of the public cloud provider templates check (milliseconds). Default is 12 hours
Milliseconds to wait before retrying a public cloud region synchronize in the same enterprise and PCR.
Number of concurrent public cloud region synchronize operations at a given time. (not in the same enterprise and PCR)
Timeout for establishing a connection to RabbitMQ. The default value of 0 means to wait indefinitely until connection established or error (milliseconds).
Address where RabbitMQ is located
Port where RabbitMQ is located
The initially requested heartbeat interval, in seconds. The default value of 0 means no heartbeat.
Virtual host where RabbitMQ runs
Address where Redis is located. By default Redis is installed on the Abiquo Server in addition to the Remote Services machine. In a monolithic install, the Redis host and port properties should point to the monolithic server. When configuring API load balancing, only the Abiquo Server Redis property should point to the central datanode.
Port where Redis is located. By default Redis is installed on the Abiquo Server in addition to the Remote Services machine. In a monolithic install, the Redis host and port properties should point to the monolithic server. When configuring API load balancing, only the Abiquo Server Redis property should point to the central datanode.
Time in seconds to wait for checking if the .abiquo_repository file mark is present in the NFS repository filesystem (helps in finding a slow NFS repository).
This property must have the same value on all API and remote services servers. If true, Abiquo will read the custom seed file at /etc/abiquo/.store If you create the seed file, but the property is not true, Abiquo will use the default seed. Abiquo requires access to the configured seed file to work with passwords. If it is lost, you will need to regenerate ALL passwords stored in Abiquo.
Whether to take action if multiple users are logged in with the same account. If false, no action is taken. The user who logged in most recently will have true control of the session and actions by other users may cause problems. If true, the most recent user has control of the session and other users are warned and logged out. If not supplied, it is set to false.
Password for connecting to the mail server
Address where the mail server is located
System user with privileges for connecting to the mail server
Default remote repository space (OVF package sources) attached to all appliance libraries
Time the server waits before marking a client session as expired (minutes).
Time the server waits for long requests in milliseconds. The default value represents 7 days.
Delay between executions of stale sessions check (milliseconds).
Delay between checks of the storage infrastructure (milliseconds)
If true, the controller type for all additional disks will be the same one defined for the first template disk.
Recommended free space on NetApp aggregates.
If true, record requests to ONTAP and responses in the Abiquo logs.
Optionally create an initial initiator group with this name.
Optional ratio to allow a LUN of a provided size to fill on its container volume (volSize = lunSize * volumelunratio).
The block size in KB for the volumes created in Nexenta storage devices. Abiquo does not validate this property. Abiquo supports values from 8 to 128 KB inclusive but Nexenta requires the value to be a power of 2.
Maximum length of task history in Redis for API/Server by owner.
Delay between executions of the trimmer of task history in Redis for API/Server (milliseconds).
Milliseconds to wait before retrying a virtual appliance spec materialization in the same virtual datacenter.
Number of concurrent virtual appliance spec materialization operations at a given time (not in the same virtual datacenter).
Port for connection to vCenter
Delay between executions of the virtual infrastructure check (milliseconds).
Default password for virtual machines in Azure if not found in the template.
Default login for virtual machines in Azure if not found in the template.
Time to wait between polls during a retry
Timeout retrying an operation
Prefix of the name of the Azure Storage account created for deployments (one account per region).
Time to wait between polls during an operation wait.
Timeout waiting for an operation to complete, e.g deploy / undeploy.
The CIFS address //IP/resource/ where Windows can locate the virtual disk repository.
If false, create libvirt machines in KVM using PC emulation (software emulation, slower). Emulation only works with x86 64-bit based hosts, including virtual machines.
Prefix to name used to identify the VLAN bridge in the KVM hypervisor nodes.
Maximum number of simultaneous operations on a single hypervisor.
If true, create additional hard disks on the datastore as sparse.
Create all Oracle VMs with this domain type. Options are (Hardware Virtualized [HVM], Paravirtualized [PVM], Hardware Virtualized with Paravirtualized drivers [PVHVM]).
If true, Abiquo creates VMs configured within Oracle VM for ‘High Availability’. This means Abiquo will deploy a VM for HA if the Oracle VM Server hosting the VM is part of a Clustered Server Pool. Note that when a VM is re-configured, Abiquo will NOT update the HA status of the VM. Please note that some manual configuration of Oracle VM may be required for HA to be performed successfully.
If true, enable Oracle VM Hard Partitioning support (CPU pinning).
Expected ratio of virtual CPUs to Physical CPU cores (integer). For best performance, set to 1. To reduce physical CPUs per VM and thus licensing costs, set to a higher value. For example, a value of 1 means a 4xCPU VM will be pinned to 4 physical CPUs whereas a value of 4 means a 4xCPU VM will be pinned to one physical CPU.
Polling period for the job status check to monitor the status of asynchronous hypervisor jobs (milliseconds). Defaults to 1 second, with a valid range of 0.1 second to 1 minute.
The maximum length of time the Oracle VM Hypervisor Plugin will wait for an individual API-based job to complete (milliseconds). The default is 8 hours, but the valid range is 1 minute to 1 week.
NFS Repository location denoted by nfs-server-address:exportpath used by Oracle VM. Defaults to the value of ‘abiquo.appliancemanager.repositoryLocation’ if not explicitly specified in the abiquo.properties file.
The Storage Area network datastore location where the virtual disks are stored (usually the same as abiquo.appliancemanager.repositoryLocation).
Time to wait to establish the connection to ESXi (milliseconds)
Time to wait to read from the connection to ESXi (milliseconds)
Last port of the VNC range to be used when allocating virtual machines.
First port of the VNC range to be used when allocating virtual machines.
The delay in milliseconds added between the creation of actors on VSM startup for each hypervisor or public cloud plugin (PLUGIN).
Enable or disable backoff
Maximum backoff time in seconds between connection errors to reduce load and logging of these errors. A counter has been added to register the number of failed attempts to connect to the hypervisor or public cloud to perform any type of operation. When rescheduling operations, Abiquo will multiply the maximum backoff time by the number of failed connection attempts to determine the wait time until the next try. If a connection is established, the error counter is reset.
The heartbeat frequency of measurements pusher in milliseconds. Or the delay between reconnection process to Watchtower.
The delay between VSM polling of virtual machines in milliseconds for each public cloud plugin (PC).
The delay between VSM polling of virtual machines in milliseconds for each hypervisor plugin (HV).
When the VSM starts up, the first metrics request by a virtual machine on (PLUGIN) is at the current time minus the minutes configured by this property.
|New in docs|
The delay between virtual machine synchronizer operations in milliseconds. for each hypervisor or public cloud plugin (PLUGIN)
Address where watchtower is located
Port where watchtower is listening
ESXi only: When using a virtual machine as a VNC server, specify the language to use for the keyboard when supported VNC clients connect. If this property does not exist, the hypervisor will use the default value of config.keymaps in client-config-custom.json or client-config-default.json and the default in this case is the US101 keyboard map (US English). This property is now the default setting to complement the Virtual Machine configuration popup. See Configuring Remote Access to Virtual Machines. Not supported by noVNC.
Maximum waiting time in milliseconds to establish a connection with workflow endpoint.
Maximum waiting time in milliseconds to receive data from workflow endpoint.