Configuration reference
Enterprise Edition
Tarantool Cluster Manager is a part of the Enterprise Edition.
This topic describes configuration parameters of Tarantool Cluster Manager.
There are the following groups of TCM configuration parameters:
The cluster
group defines parameters of TCM interaction with connected
Tarantool clusters.
- connection-rate-limit
- tarantool-timeout
- tarantool-ping-timeout
- tt-command
- refresh-state-period
- refresh-state-timeout
- discovery-period
- sharding-index
- skew-time
- fragmentation-threshold
-
cluster.connection-rate-limit
¶ A rate limit for connections to Tarantool instances.
Type: uintDefault: 512Environment variable: TCM_CLUSTER_CONNECTION_RATE_LIMITCommand-line option:--cluster.connection-rate-limit
-
cluster.tarantool-timeout
¶ A timeout for receiving a response from Tarantool instances.
Type: time.DurationDefault: 10sEnvironment variable: TCM_CLUSTER_TARANTOOL_TIMEOUTCommand-line option:--cluster.tarantool-timeout
-
cluster.tarantool-ping-timeout
¶ A timeout for receiving a ping response from Tarantool instances.
Type: time.DurationDefault: 5sEnvironment variable: TCM_CLUSTER_TARANTOOL_PING_TIMEOUTCommand-line option:--cluster.tarantool-ping-timeout
-
cluster.tt-command
¶ The command that runs the tt utility on hosts with cluster instances.
Type: stringDefault:tt
Environment variable: TCM_CLUSTER_TT_COMMANDCommand-line option:--cluster.tt-command
-
cluster.refresh-state-period
¶ The time interval for refreshing the cluster instances state on the Stateboard.
Type: time.DurationDefault: 5sEnvironment variable: TCM_CLUSTER_REFRESH_STATE_PERIODCommand-line option:--cluster.refresh-state-period
-
cluster.refresh-state-timeout
¶ The time limit for refreshing an instance state. If this limit is reached, an error is shown.
Type: time.DurationDefault: 4sEnvironment variable: TCM_CLUSTER_REFRESH_STATE_TIMEOUTCommand-line option:--cluster.refresh-state-timeout
-
cluster.discovery-period
¶ The time interval for checking the leadership in replica sets.
Type: time.DurationDefault: 4sEnvironment variable: TCM_CLUSTER_DISCOVERY_PERIODCommand-line option:--cluster.discovery-period
-
cluster.sharding-index
¶ The name of the space field that is used as a sharding key.
Type: stringDefault:bucket_id
Environment variable: TCM_CLUSTER_SHARDING_INDEXCommand-line option:--cluster.sharding-index
-
cluster.skew-time
¶ The maximum time skew between any two cluster instances. If this limit is reached, a warning is shown.
Type: time.DurationDefault: 30sEnvironment variable: TCM_CLUSTER_SKEW_TIMECommand-line option:--cluster.skew-time
-
cluster.fragmentation-threshold
¶ The count of allocated slabs that reflects high memory fragmentation. When this number is reached, a warning is shown.
See also: Storing data with memtx
Type: intDefault: 40Environment variable: TCM_CLUSTER_FRAGMENTATION_THRESHOLDCommand-line option:--cluster.fragmentation-threshold
The http
group defines parameters of HTTP connections between TCM and clients.
- http.network
- http.host
- http.port
- http.request-size
- http.websocket.read-buffer-size
- http.websocket.write-buffer-size
- http.websocket.keepalive-ping-interval
- http.websocket.handshake-timeout
- http.websocket.init-timeout
- http.websession-cookie.name
- http.websession-cookie.path
- http.websession-cookie.domain
- http.websession-cookie.ttl
- http.websession-cookie.secure
- http.websession-cookie.http-only
- http.websession-cookie.same-site
- http.cors.enabled
- http.cors.allowed-origins
- http.cors.allowed-methods
- http.cors.allowed-headers
- http.cors.exposed-headers
- http.cors.allow-credentials
- http.cors.debug
- http.tls.enabled
- http.tls.cert-file
- http.tls.key-file
- http.tls.server
- http.tls.min-version
- http.tls.max-version
- http.tls.curve-preferences
- http.tls.cipher-suites
- http.read-timeout
- http.read-header-timeout
- http.write-timeout
- http.idle-timeout
- http.disable-general-options-handler
- http.max-header-bytes
- http.api-timeout
- http.api-update-interval
- http.frontend-dir
- http.show-stack-trace
- http.trace
- http.max-static-size
- http.graphql.complexity
-
http.network
¶ An addressing scheme that TCM uses.
Possible values:
tcp
: IPv4 addresstcp6
: IPv6 addressunix
: Unix domain socket
Type: stringDefault: tcpEnvironment variable: TCM_HTTP_NETWORKCommand-line option:--http.network
-
http.host
¶ A host name on which TCM serves.
Type: stringDefault: 127.0.0.1Environment variable: TCM_HTTP_HOSTCommand-line option:--http.host
-
http.port
¶ A port on which TCM serves.
Type: intDefault: 8080Environment variable: TCM_HTTP_PORTCommand-line option:--http.port
-
http.request-size
¶ The maximum size (in bytes) of a client HTTP request to TCM.
Type: int64Default: 1572864Environment variable: TCM_HTTP_REQUEST_SIZECommand-line option:--http.request-size
-
http.websocket.read-buffer-size
¶ The size (in bytes) of the read buffer for WebSocket connections.
Type: intDefault: 16384Environment variable: TCM_HTTP_WEBSOCKET_READ_BUFFER_SIZECommand-line option:--http.websocket.read-buffer-size
-
http.websocket.write-buffer-size
¶ The size (in bytes) of the write buffer for WebSocket connections.
Type: intDefault: 16384Environment variable: TCM_HTTP_WEBSOCKET_WRITE_BUFFER_SIZECommand-line option:--http.websocket.write-buffer-size
-
http.websocket.keepalive-ping-interval
¶ The time interval for sending WebSocket keepalive pings.
Type: time.DurationDefault: 20sEnvironment variable: TCM_HTTP_WEBSOCKET_KEEPALIVE_PING_INTERVALCommand-line option:--http.websocket.keepalive-ping-interval
-
http.websocket.handshake-timeout
¶ The time limit for completing a WebSocket opening handshake with a client.
Type: time.DurationDefault: 10sEnvironment variable: TCM_HTTP_WEBSOCKET_HANDSHAKE_TIMEOUTCommand-line option:--http.websocket.handshake-timeout
-
http.websocket.init-timeout
¶ The time limit for establishing a WebSocket connection with a client.
Type: time.DurationDefault: 15sEnvironment variable: TCM_HTTP_WEBSOCKET_INIT_TIMEOUTCommand-line option:--http.websocket.init-timeout
-
http.websession-cookie.name
¶ The name of the cookie that TCM sends to clients.
This value is used as the cookie name in the Set-Cookie HTTP response header.
Type: stringDefault: tcmEnvironment variable: TCM_HTTP_WEBSESSION_COOKIE_NAMECommand-line option:---http.websession-cookie.name
-
http.websession-cookie.path
¶ The URL path that must be present in the requested URL in order to send the cookie.
This value is used in the
Path
attribute of the Set-Cookie HTTP response header.Type: stringDefault: “”Environment variable: TCM_HTTP_WEBSESSION_COOKIE_PATHCommand-line option:---http.websession-cookie.path
-
http.websession-cookie.domain
¶ The domain to which the cookie can be sent.
This value is used in the
Domain
attribute of the Set-Cookie HTTP response header.Type: stringDefault: “”Environment variable: TCM_HTTP_WEBSESSION_COOKIE_DOMAINCommand-line option:---http.websession-cookie.domain
-
http.websession-cookie.ttl
¶ The maximum lifetime of the TCM cookie.
This value is used in the
Max-Age
attribute of the Set-Cookie HTTP response header.Type: time.DurationDefault: 2h0m0sEnvironment variable: TCM_HTTP_WEBSESSION_COOKIE_TTLCommand-line option:---http.websession-cookie.ttl
-
http.websession-cookie.secure
¶ Indicates whether the cookie can be sent only over the HTTPS protocol. In this case, it’s never sent over the unencrypted HTTP, therefore preventing man-in-the-middle attacks.
When
true
, theSecure
attribute is added to the Set-Cookie HTTP response header.Type: boolDefault: falseEnvironment variable: TCM_HTTP_WEBSESSION_COOKIE_SECURECommand-line option:---http.websession-cookie.secure
-
http.websession-cookie.http-only
¶ Indicates that the cookie can’t be accessed from the JavaScript Document.cookie API. This helps mitigate cross-site scripting attacks.
When
true
, theHttpOnly
attribute is added to the Set-Cookie HTTP response header.Type: boolDefault: trueEnvironment variable: TCM_HTTP_WEBSESSION_COOKIE_HTTP_ONLYCommand-line option:---http.websession-cookie.http-only
-
http.websession-cookie.same-site
¶ Indicates if it is possible to send the TCM cookie along with cross-site requests. Possible values are the Go’s http.SameSite constants:
SameSiteDefaultMode
SameSiteLaxMode
SameSiteStrictMode
SameSiteNoneMode
For details on
SameSite
modes, see the Set-Cookie header documentation in the MDN web docs.This value is used in the
SameSite
attribute of the Set-Cookie HTTP response header.Type: http.SameSiteDefault: SameSiteDefaultModeEnvironment variable: TCM_HTTP_WEBSESSION_COOKIE_SAME_SITECommand-line option:---http.websession-cookie.same-site
-
http.cors.enabled
¶ Indicates whether to use the Cross-Origin Resource Sharing (CORS).
Type: boolDefault: falseEnvironment variable: TCM_HTTP_CORS_ENABLEDCommand-line option:--http.cors.enabled
-
http.cors.allowed-origins
¶ The origins with which the HTTP response can be shared, separated by semicolons.
The specified values are sent in the Access-Control-Allow-Origin HTTP response headers.
Type: []stringDefault: []Environment variable: TCM_HTTP_CORS_ALLOWED_ORIGINSCommand-line option:--http.cors.allowed-origins
-
http.cors.allowed-methods
¶ HTTP request methods that are allowed when accessing a resource, separated by semicolons.
The specified values are sent in the Access-Control-Allow-Methods HTTP header of a response to a CORS preflight request.
Type: []stringDefault: []Environment variable: TCM_HTTP_CORS_ALLOWED_METHODSCommand-line option:--http.cors.allowed-methods
-
http.cors.allowed-headers
¶ HTTP headers that are allowed during the actual request, separated by semicolons.
The specified values are sent in the Access-Control-Allow-Headers HTTP header of a response to a CORS preflight request.
Type: []stringDefault: []Environment variable: TCM_HTTP_CORS_ALLOWED_HEADERSCommand-line option:--http.cors.allowed-headers
-
http.cors.exposed-headers
¶ Response headers that should be made available to scripts running in the browser, in response to a cross-origin request, separated by semicolons.
The specified values are sent in the Access-Control-Expose-Headers HTTP response headers.
Type: []stringDefault: []Environment variable: TCM_HTTP_CORS_EXPOSED_HEADERSCommand-line option:--http.cors.exposed-headers
-
http.cors.allow-credentials
¶ Whether to expose the response to the frontend JavaScript code when the request’s credentials mode is
include
.When
true
, the Access-Control-Allow-Credentials HTTP response header is sent.Type: boolDefault: falseEnvironment variable: TCM_HTTP_CORS_ALLOW_CREDENTIALSCommand-line option:--http.cors.allow-credentials
-
http.cors.debug
¶ For debug purposes.
Type: boolDefault: false
-
http.tls.enabled
¶ Indicates whether TLS is enabled for client connections to TCM.
Type: boolDefault: falseEnvironment variable: TCM_HTTP_TLS_ENABLEDCommand-line option:--http.tls.enabled
-
http.tls.cert-file
¶ A path to a TLS certificate file. Mandatory when TLS is enabled.
Type: stringDefault: “”Environment variable: TCM_HTTP_TLS_CERT_FILECommand-line option:--http.tls.cert-file
-
http.tls.key-file
¶ A path to a TLS private key file. Mandatory when TLS is enabled.
Type: stringDefault: “”Environment variable: TCM_HTTP_TLS_KEY_FILECommand-line option:--http.tls.key-file
-
http.tls.server
¶ The TLS server.
Type: stringDefault: “”Environment variable: TCM_HTTP_TLS_SERVERCommand-line option:--http.tls.server
-
http.tls.min-version
¶ The minimum version of the TLS protocol.
Type: uint16Default: 0Environment variable: TCM_HTTP_TLS_MIN_VERSIONCommand-line option:--http.tls.min-version
-
http.tls.max-version
¶ The maximum version of the TLS protocol.
Type: uint16Default: 0Environment variable: TCM_HTTP_TLS_MAX_VERSIONCommand-line option:--http.tls.max-version
-
http.tls.curve-preferences
¶ Elliptic curves that are used for TLS connections. Possible values are the Go’s tls.CurveID constants:
CurveP256
CurveP384
CurveP521
X25519
Type: []tls.CurveIDDefault: []Environment variable: TCM_HTTP_TLS_CURVE_PREFERENCESCommand-line option:--http.tls.curve-preferences
-
http.tls.cipher-suites
¶ Enabled TLS cipher suites. Possible values are the Golang tls.TLS_* constants.
Type: []uint16Default: []Environment variable: TCM_HTTP_TLS_CIPHER_SUITESCommand-line option:--http.tls.cipher-suites
-
http.read-timeout
¶ A timeout for reading an incoming request.
Type: time.DurationDefault: 30sEnvironment variable: TCM_HTTP_READ_TIMEOUTCommand-line option:--http.read-timeout
-
http.read-header-timeout
¶ A timeout for reading headers of an incoming request.
Type: time.DurationDefault: 30sEnvironment variable: TCM_HTTP_READ_HEADER_TIMEOUTCommand-line option:--http.read-header-timeout
-
http.write-timeout
¶ A timeout for writing a response.
Type: time.DurationDefault: 30sEnvironment variable: TCM_HTTP_WRITE_TIMEOUTCommand-line option:--http.write-timeout
-
http.idle-timeout
¶ The timeout for idle connections.
Type: time.DurationDefault: 30sEnvironment variable: TCM_HTTP_IDLE_TIMEOUTCommand-line option:--http.idle-timeout
-
http.disable-general-options-handler
¶ Whether the client requests with the
OPTIONS
HTTP method are allowed.Type: boolDefault: falseEnvironment variable: TCM_HTTP_DISABLE_GENERAL_OPTIONS_HANDLERCommand-line option:--http.disable-general-options-handler
-
http.max-header-bytes
¶ The maximum size (in bytes) of a header in a client’s request to TCM.
Type: intDefault: 0Environment variable: TCM_HTTP_MAX_HEADER_BYTESCommand-line option:--http.max-header-bytes
-
http.api-timeout
¶ The stateboard update timeout.
Type: time.DurationDefault: 8sEnvironment variable: TCM_HTTP_API_TIMEOUTCommand-line option:--http.api-timeout
-
http.api-update-interval
¶ The stateboard update interval.
Type: time.DurationDefault: 5sEnvironment variable: TCM_HTTP_API_UPDATE_INTERVALCommand-line option:--http.api-update-interval
-
http.frontend-dir
¶ The directory with custom TCM frontend files (for development purposes).
Type: stringDefault: “”Environment variable: TCM_HTTP_FRONTEND_DIRCommand-line option:--http.frontend-dir
-
http.show-stack-trace
¶ Whether error stack traces are shown in the web UI.
Type: boolDefault: trueEnvironment variable: TCM_HTTP_SHOW_STACK_TRACECommand-line option:--http.show-stack-trace
-
http.trace
¶ Whether all query tracing information is written in logs.
Type: boolDefault: falseEnvironment variable: TCM_HTTP_TRACECommand-line option:--http.trace
-
http.max-static-size
¶ The maximum size (in bytes) of a static content sent to TCM.
Type: intDefault: 104857600Environment variable: TCM_HTTP_MAX_STATIC_SIZECommand-line option:--http.max-static-size
-
http.graphql.complexity
¶ The maximum complexity of GraphQL queries that TCM processes. If this value is exceeded, TCM returns an error.
Type: intDefault: 40Environment variable: TCM_HTTP_GRAPHQL_COMPLEXITYCommand-line option:--http.graphql.complexity
The log
section defines the TCM logging parameters.
- log.default.add-source
- log.default.show-stack-trace
- log.default.level
- log.default.format
- log.default.output
- log.default.no-colorized
- log.default.file.name
- log.default.file.maxsize
- log.default.file.maxage
- log.default.file.maxbackups
- log.default.file.compress
- log.default.syslog.protocol
- log.default.syslog.output
- log.default.syslog.priority
- log.default.syslog.facility
- log.default.syslog.tag
- log.default.syslog.timeout
- log.outputs
-
log.default.add-source
¶ Whether sources are added to the TCM log.
Type: boolDefault: falseEnvironment variable: TCM_LOG_DEFAULT_ADD_SOURCECommand-line option:--log.default.add-source
-
log.default.show-stack-trace
¶ Whether stack traces are added to the TCM log.
Type: boolDefault: falseEnvironment variable: TCM_LOG_DEFAULT_SHOW_STACK_TRACECommand-line option:--log.default.show-stack-trace
-
log.default.level
¶ The default TCM logging level.
Possible values:
VERBOSE
INFO
WARN
ALARM
Type: stringDefault: INFOEnvironment variable: TCM_LOG_DEFAULT_LEVELCommand-line option:--log.default.level
-
log.default.format
¶ TCM log entries format.
Possible values:
struct
json
Type: stringDefault: structEnvironment variable: TCM_LOG_DEFAULT_FORMATCommand-line option:--log.default.format
-
log.default.output
¶ The output used for TCM log.
Possible values:
stdout
stderr
file
syslog
Type: stringDefault: stdoutEnvironment variable: TCM_LOG_DEFAULT_OUTPUTCommand-line option:--log.default.output
-
log.default.no-colorized
¶ Whether the stdout log is not colorized.
Type: boolDefault: falseEnvironment variable: TCM_LOG_DEFAULT_NO_COLORIZEDCommand-line option:--log.default.no-colorized
-
log.default.file.name
¶ The name of the TCM log file.
Type: stringDefault: “”Environment variable: TCM_LOG_DEFAULT_FILE_NAMECommand-line option:--log.default.file.name
-
log.default.file.maxsize
¶ The maximum size (in bytes) of the TCM log file.
Type: intDefault: 0Environment variable: TCM_LOG_DEFAULT_FILE_MAXSIZECommand-line option:--log.default.file.maxsize
-
log.default.file.maxage
¶ The maximum age of a TCM log file, in days.
Type: intDefault: 0Environment variable: TCM_LOG_DEFAULT_FILE_MAXAGECommand-line option:--log.default.file.maxage
-
log.default.file.maxbackups
¶ The maximum number of users in TCM.
Type: intDefault: 0Environment variable: TCM_LOG_DEFAULT_FILE_MAXBACKUPSCommand-line option:--log.default.file.maxbackups
-
log.default.file.compress
¶ Indicated that TCM compresses log files upon rotation.
Type: boolDefault: falseEnvironment variable: TCM_LOG_DEFAULT_FILE_COMPRESSCommand-line option:--log.default.file.compress
-
log.default.syslog.protocol
¶ The network protocol used for connecting to the syslog server. Typically, it’s
tcp
,udp
, orunix
. All possible values are listed in the Go’s net.Dial documentation.Type: stringDefault: tcpEnvironment variable: TCM_LOG_DEFAULT_SYSLOG_PROTOCOLCommand-line option:--log.default.syslog.protocol
-
log.default.syslog.output
¶ The syslog server URI.
Type: stringDefault: 127.0.0.1:5514Environment variable: TCM_LOG_DEFAULT_SYSLOG_OUTPUTCommand-line option:--log.default.syslog.output
-
log.default.syslog.priority
¶ The syslog severity level.
Type: stringDefault: “”Environment variable: TCM_LOG_DEFAULT_SYSLOG_PRIORITYCommand-line option:--log.default.syslog.priority
-
log.default.syslog.facility
¶ The syslog facility.
Type: stringDefault: “”Environment variable: TCM_LOG_DEFAULT_SYSLOG_FACILITYCommand-line option:--log.default.syslog.facility
-
log.default.syslog.tag
¶ The syslog tag.
Type: stringDefault: “”Environment variable: TCM_LOG_DEFAULT_SYSLOG_TAGCommand-line option:--log.default.syslog.tag
-
log.default.syslog.timeout
¶ The timeout for connecting to the syslog server.
Type: time.DurationDefault: 10sEnvironment variable: TCM_LOG_DEFAULT_SYSLOG_TIMEOUTCommand-line option:--log.default.syslog.timeout
-
log.outputs
¶ An array of log outputs that TCM uses in addition to the default one that is defined by the
log.default.*
parameters. Each array item can include the parameters of thelog.default
group. If a parameter is skipped, its value is taken fromlog.default
.Type: []LogOuputConfigDefault: []Environment variable: TCM_LOG_OUTPUTSCommand-line option:--log-outputs
The storage
section defines the parameters of the TCM backend store.
etcd backend store parameters:
- storage.etcd.prefix
- storage.etcd.endpoints
- storage.etcd.dial-timeout
- storage.etcd.auto-sync-interval
- storage.etcd.dial-keep-alive-time
- storage.etcd.dial-keep-alive-timeout
- storage.etcd.bootstrap-timeout
- storage.etcd.max-call-send-msg-size
- storage.etcd.username
- storage.etcd.password
- storage.etcd.password-file
- storage.etcd.tls.enabled
- storage.etcd.tls.auto
- storage.etcd.tls.cert-file
- storage.etcd.tls.key-file
- storage.etcd.tls.trusted-ca-file
- storage.etcd.tls.client-cert-auth
- storage.etcd.tls.crl-file
- storage.etcd.tls.insecure-skip-verify
- storage.etcd.tls.skip-client-san-verify
- storage.etcd.tls.server-name
- storage.etcd.tls.cipher-suites
- storage.etcd.tls.allowed-cn
- storage.etcd.tls.allowed-hostname
- storage.etcd.tls.empty-cn
- storage.etcd.permit-without-stream
- storage.etcd.embed.enabled
- storage.etcd.embed.endpoints
- storage.etcd.embed.advertises
- storage.etcd.embed.tls.enabled
- storage.etcd.embed.tls.auto
- storage.etcd.embed.tls.cert-file
- storage.etcd.embed.tls.key-file
- storage.etcd.embed.tls.trusted-ca-file
- storage.etcd.embed.tls.client-cert-auth
- storage.etcd.embed.tls.crl-file
- storage.etcd.embed.tls.insecure-skip-verify
- storage.etcd.embed.tls.skip-client-san-verify
- storage.etcd.embed.tls.server-name
- storage.etcd.embed.tls.cipher-suites
- storage.etcd.embed.tls.allowed-cn
- storage.etcd.embed.tls.allowed-hostname
- storage.etcd.embed.tls.empty-cn
- storage.etcd.embed.peer-endpoints
- storage.etcd.embed.peer-advertises
- storage.etcd.embed.peer-tls.enabled
- storage.etcd.embed.peer-tls.auto
- storage.etcd.embed.peer-tls.cert-file
- storage.etcd.embed.peer-tls.key-file
- storage.etcd.embed.peer-tls.trusted-ca-file
- storage.etcd.embed.peer-tls.client-cert-auth
- storage.etcd.embed.peer-tls.crl-file
- storage.etcd.embed.peer-tls.insecure-skip-verify
- storage.etcd.embed.peer-tls.skip-client-san-verify
- storage.etcd.embed.peer-tls.server-name
- storage.etcd.embed.peer-tls.cipher-suites
- storage.etcd.embed.peer-tls.allowed-cn
- storage.etcd.embed.peer-tls.allowed-hostname
- storage.etcd.embed.peer-tls.empty-cn
- storage.etcd.embed.grpc-keep-alive-timeout
- storage.etcd.embed.grpc-keep-alive-interval
- storage.etcd.embed.grpc-keep-alive-min-time
- storage.etcd.embed.workdir
- storage.etcd.embed.waldir
- storage.etcd.embed.max-request-bytes
- storage.etcd.embed.debug
- storage.etcd.embed.start-timeout
- storage.etcd.embed.log-level
- storage.etcd.embed.initial-cluster
- storage.etcd.embed.initial-cluster-token
- storage.etcd.embed.name
- storage.etcd.embed.initial-cluster-state
- storage.etcd.embed.self-signed-cert-validity
Tarantool backend store parameters:
- storage.tarantool.prefix
- storage.tarantool.addr
- storage.tarantool.addrs
- storage.tarantool.auth
- storage.tarantool.timeout
- storage.tarantool.reconnect
- storage.tarantool.max-reconnects
- storage.tarantool.username
- storage.tarantool.password
- storage.tarantool.password-file
- storage.tarantool.rate-limit
- storage.tarantool.rate-limit-action
- storage.tarantool.concurrency
- storage.tarantool.skip-schema
- storage.tarantool.transport
- storage.tarantool.ssl.key-file
- storage.tarantool.ssl.cert-file
- storage.tarantool.ssl.ca-file
- storage.tarantool.ssl.ciphers
- storage.tarantool.ssl.password
- storage.tarantool.ssl.password-file
- storage.tarantool.required-protocol-info.auth
- storage.tarantool.required-protocol-info.version
- storage.tarantool.required-protocol-info.features
- storage.tarantool.embed.enabled
- storage.tarantool.embed.workdir
- storage.tarantool.embed.executable
- storage.tarantool.embed.config-filename
- storage.tarantool.embed.config
- storage.tarantool.embed.args
- storage.tarantool.embed.env
-
storage.provider
¶ The type of the storage used for storing TCM configuration.
Possible values:
etcd
tarantool
Type: stringDefault: etcdEnvironment variable: TCM_STORAGE_PROVIDERCommand-line option:--storage.provider
-
storage.etcd.prefix
¶ A prefix for the TCM configuration parameters in etcd.
Type: stringDefault: “/tcm”Environment variable: TCM_STORAGE_ETCD_PREFIXCommand-line option:--storage.etcd.prefix
-
storage.etcd.endpoints
¶ An array of node URIs of the etcd cluster where the TCM configuration is stored, separated by semicolons (
;
).Type: []stringDefault: [“http://127.0.0.1:2379”]Environment variable: TCM_STORAGE_ETCD_ENDPOINTSCommand-line option:--storage.etcd.endpoints
-
storage.etcd.dial-timeout
¶ An etcd dial timeout.
Type: time.DurationDefault: 10sEnvironment variable: TCM_STORAGE_ETCD_DIAL_TIMEOUTCommand-line option:--storage.etcd.dial-timeout
-
storage.etcd.auto-sync-interval
¶ An automated sync interval.
Type: time.DurationDefault: 0 (disabled)Environment variable: TCM_STORAGE_ETCD_AUTO_SYNC_INTERVALCommand-line option:--storage.etcd.auto-sync-interval
-
storage.etcd.dial-keep-alive-time
¶ A dial keep-alive time.
Type: time.DurationDefault: 30sEnvironment variable: TCM_STORAGE_ETCD_DIAL_KEEP_ALIVE_TIMECommand-line option:--storage.etcd.dial-keep-alive-time
-
storage.etcd.dial-keep-alive-timeout
¶ A dial keep-alive timeout.
Type: time.DurationDefault: 30sEnvironment variable: TCM_STORAGE_ETCD_DIAL_KEEP_ALIVE_TIMEOUTCommand-line option:--storage.etcd.dial-keep-alive-timeout
-
storage.etcd.bootstrap-timeout
¶ A bootstrap timeout.
Type: time.DurationDefault: 30sEnvironment variable: TCM_STORAGE_ETCD_BOOTSTRAP_TIMEOUTCommand-line option:--storage.etcd.bootstrap-timeout
-
storage.etcd.max-call-send-msg-size
¶ The maximum size (in bytes) of a transaction between TCM and etcd.
Type: intDefault: 2097152Environment variable: TCM_STORAGE_ETCD_MAX_CALL_SEND_MSG_SIZECommand-line option:--storage.etcd.max-call-send-msg-size
-
storage.etcd.username
¶ A username for accessing the etcd storage.
Type: stringDefault: “”Environment variable: TCM_STORAGE_ETCD_USERNAMECommand-line option:--storage.etcd.username
-
storage.etcd.password
¶ A password for accessing the etcd storage.
Type: stringDefault: “”Environment variable: TCM_STORAGE_ETCD_PASSWORDCommand-line option:--storage.etcd.password
-
storage.etcd.password-file
¶ A path to the file with a password for accessing the etcd storage.
Type: stringDefault: “”Environment variable: TCM_STORAGE_ETCD_PASSWORD_FILECommand-line option:--storage.etcd.password-file
-
storage.etcd.tls.enabled
¶ Indicates whether TLS is enabled for etcd connections.
Type: boolDefault: falseEnvironment variable: TCM_STORAGE_ETCD_TLS_ENABLEDCommand-line option:--storage.etcd.tls.enabled
-
storage.etcd.tls.auto
¶ Use generated certificates for etcd connections.
Type: boolDefault: falseEnvironment variable: TCM_STORAGE_ETCD_TLS_AUTOCommand-line option:--storage.etcd.tls.auto
-
storage.etcd.tls.cert-file
¶ A path to a TLS certificate file to use for etcd connections.
Type: stringDefault: “”Environment variable: TCM_STORAGE_ETCD_TLS_CERT_FILECommand-line option:--storage.etcd.tls.cert-file
-
storage.etcd.tls.key-file
¶ A path to a TLS private key file to use for etcd connections.
Type: stringDefault: “”Environment variable: TCM_STORAGE_ETCD_TLS_KEY_FILECommand-line option:--storage.etcd.tls.key-file
-
storage.etcd.tls.trusted-ca-file
¶ A path to a trusted CA certificate file to use for etcd connections.
Type: stringDefault: “”Environment variable: TCM_STORAGE_ETCD_TLS_TRUSTED_CA_FILECommand-line option:--storage.etcd.tls.trusted-ca-file
-
storage.etcd.tls.client-cert-auth
¶ Indicates whether client cert authentication is enabled.
Type: boolDefault: falseEnvironment variable: TCM_STORAGE_ETCD_TLS_CLIENT_CERT_AUTHCommand-line option:--storage.etcd.tls.client-cert-auth
-
storage.etcd.tls.crl-file
¶ A path to the client certificate revocation list file.
Type: stringDefault: “”Environment variable: TCM_STORAGE_ETCD_TLS_CRL_FILECommand-line option:--storage.etcd.tls.crl-file
-
storage.etcd.tls.insecure-skip-verify
¶ Skip checking client certificate in etcd connections.
Type: boolDefault: falseEnvironment variable: TCM_STORAGE_ETCD_TLS_INSECURE_SKIP_VERIFYCommand-line option:--storage.etcd.tls.insecure-skip-verify
-
storage.etcd.tls.skip-client-san-verify
¶ Skip verification of SAN field in client certificate for etcd connections.
Type: boolDefault: falseEnvironment variable: TCM_STORAGE_ETCD_TLS_SKIP_CLIENT_SAN_VERIFYCommand-line option:--storage.etcd.tls.skip-client-san-verify
-
storage.etcd.tls.server-name
¶ Name of the TLS server for etcd connections.
Type: stringDefault: “”Environment variable: TCM_STORAGE_ETCD_TLS_SERVER_NAMECommand-line option:--storage.etcd.tls.server-name
-
storage.etcd.tls.cipher-suites
¶ TLS cipher suites for etcd connections. Possible values are the Golang tls.TLS_* constants.
Type: []uint16Default: []Environment variable: TCM_STORAGE_ETCD_TLS_CIPHER_SUITESCommand-line option:--storage.etcd.tls.cipher-suites
-
storage.etcd.tls.allowed-cn
¶ An allowed common name for authentication in etcd connections.
Type: stringDefault: “”Environment variable: TCM_STORAGE_ETCD_TLS_ALLOWED_CNCommand-line option:--storage.etcd.tls.allowed-cn
-
storage.etcd.tls.allowed-hostname
¶ An allowed TLS certificate name for authentication in etcd connections.
Type: stringDefault: “”Environment variable: TCM_STORAGE_ETCD_TLS_ALLOWED_HOSTNAMECommand-line option:--storage.etcd.tls.allowed-hostname
-
storage.etcd.tls.empty-cn
¶ Whether the empty common name is allowed in etcd connections.
Type: boolDefault: falseEnvironment variable: TCM_STORAGE_ETCD_TLS_EMPTY_CNCommand-line option:--storage.etcd.tls.empty-cn
-
storage.etcd.permit-without-stream
¶ Whether keepalive pings can be send to the etcd server without active streams.
Type: boolDefault: falseEnvironment variable: TCM_STORAGE_ETCD_PERMIT_WITHOUT_STREAMCommand-line option:--storage.etcd.permit-without-stream
The storage.etcd.embed
group defines the configuration of the embedded etcd
cluster to use as a TCM backend store.
This cluster can be used for development purposes when the production or testing
etcd cluster is not available or not needed.
See also Embedded backend store.
-
storage.tarantool.prefix
¶ A prefix for the TCM configuration parameters in the Tarantool-based configuration storage.
Type: stringDefault: “/tcm”Environment variable: TCM_STORAGE_TARANTOOL_PREFIXCommand-line option:--storage.tarantool.prefix
-
storage.tarantool.addr
¶ The URI for connecting to the Tarantool-based configuration storage.
Type: stringDefault: “unix/:/tmp/tnt_config_instance.sock”Environment variable: TCM_STORAGE_TARANTOOL_ADDRCommand-line option:--storage.tarantool.addr
-
storage.tarantool.addrs
¶ An array of the Tarantool-based configuration storage URIs.
Type: []stringDefault: [“unix/:/tmp/tnt_config_instance.sock”]Environment variable: TCM_STORAGE_TARANTOOL_ADDRSCommand-line option:--storage.tarantool.addrs
-
storage.tarantool.auth
¶ An authentication method for the Tarantool-based configuration storage.
Possible values are the Go’s go-tarantool/Auth constants:
AutoAuth
(0)ChapSha1Auth
PapSha256Auth
Type: intDefault: 0Environment variable: TCM_STORAGE_TARANTOOL_AUTHCommand-line option:--storage.tarantool.auth
-
storage.tarantool.timeout
¶ A request timeout for the Tarantool-based configuration storage.
See also go-tarantool.Opts.
Type: time.DurationDefault: 0sEnvironment variable: TCM_STORAGE_TARANTOOL_TIMEOUTCommand-line option:--storage.tarantool.timeout
-
storage.tarantool.reconnect
¶ A timeout between reconnect attempts for the Tarantool-based configuration storage.
See also go-tarantool.Opts.
Type: time.DurationDefault: 0sEnvironment variable: TCM_STORAGE_TARANTOOL_RECONNECTCommand-line option:--storage.tarantool.reconnect
-
storage.tarantool.max-reconnects
¶ The maximum number of reconnect attempts for the Tarantool-based configuration storage.
See also go-tarantool.Opts.
Type: intDefault: 0Environment variable: TCM_STORAGE_TARANTOOL_MAX_RECONNECTSCommand-line option:--storage.tarantool.max-reconnects
-
storage.tarantool.username
¶ A username for connecting to the Tarantool-based configuration storage.
See also go-tarantool.Opts.
Type: stringDefault: “”Environment variable: TCM_STORAGE_TARANTOOL_USERNAMECommand-line option:--storage.tarantool.username
-
storage.tarantool.password
¶ A password for connecting to the Tarantool-based configuration storage.
See also go-tarantool.Opts.
Type: stringDefault: “”Environment variable: TCM_STORAGE_TARANTOOL_PASSWORDCommand-line option:--storage.tarantool.password
-
storage.tarantool.password-file
¶ A path to the file with a password for connecting to the Tarantool-based configuration storage.
Type: stringDefault: “”Environment variable: TCM_STORAGE_TARANTOOL_PASSWORD_FILECommand-line option:--storage.tarantool.password-file
-
storage.tarantool.rate-limit
¶ A rate limit for connecting to the Tarantool-based configuration storage.
See also go-tarantool.Opts.
Type: intDefault: 0Environment variable: TCM_STORAGE_TARANTOOL_RATE_LIMITCommand-line option:--storage.tarantool.rate-limit
-
storage.tarantool.rate-limit-action
¶ An action to perform when the storage.tarantool.rate-limit is reached.
See also go-tarantool.Opts.
Type: intDefault: 0Environment variable: TCM_STORAGE_TARANTOOL_RATE_LIMIT_ACTIONCommand-line option:--storage.tarantool.rate-limit-action
-
storage.tarantool.concurrency
¶ An amount of separate mutexes for request queues and buffers inside of a connection to the Tarantool TCM configuration storage.
See also go-tarantool.Opts.
Type: intDefault: 0Environment variable: TCM_STORAGE_TARANTOOL_CONCURRENCYCommand-line option:--storage.tarantool.concurrency
-
storage.tarantool.skip-schema
¶ Whether the schema is loaded from the Tarantool TCM configuration storage.
See also go-tarantool.Opts.
Type: boolDefault: trueEnvironment variable: TCM_STORAGE_TARANTOOL_SKIP_SCHEMACommand-line option:--storage.tarantool.skip-schema
-
storage.tarantool.transport
¶ The connection type for the Tarantool TCM configuration storage.
See also go-tarantool.Opts.
Type: stringDefault: “”Environment variable: TCM_STORAGE_TARANTOOL_TRANSPORTCommand-line option:--storage.tarantool.transport
-
storage.tarantool.ssl.key-file
¶ A path to a TLS private key file to use for connecting to the Tarantool TCM configuration storage.
See also: Securing connections with SSL.
Type: stringDefault: “”Environment variable: TCM_STORAGE_TARANTOOL_SSL_KEY_FILECommand-line option:--storage.tarantool.ssl.key-file
-
storage.tarantool.ssl.cert-file
¶ A path to an SSL certificate to use for connecting to the Tarantool TCM configuration storage.
See also: Securing connections with SSL.
Type: stringDefault: “”Environment variable: TCM_STORAGE_TARANTOOL_SSL_CERT_FILECommand-line option:--storage.tarantool.ssl.cert-file
-
storage.tarantool.ssl.ca-file
¶ A path to a trusted CA certificate to use for connecting to the Tarantool TCM configuration storage.
See also: Securing connections with SSL.
Type: stringDefault: “”Environment variable: TCM_STORAGE_TARANTOOL_SSL_CA_FILECommand-line option:--storage.tarantool.ssl.ca-file
-
storage.tarantool.ssl.ciphers
¶ A list of SSL cipher suites that can be used for connecting to the Tarantool TCM configuration storage. Possible values are listed in <uri>.params.ssl_ciphers.
See also: Securing connections with SSL.
Type: stringDefault: “”Environment variable: TCM_STORAGE_TARANTOOL_SSL_CIPHERSCommand-line option:--storage.tarantool.ssl.ciphers
-
storage.tarantool.ssl.password
¶ A password for an encrypted private SSL key to use for connecting to the Tarantool TCM configuration storage.
See also: Securing connections with SSL.
Type: stringDefault: “”Environment variable: TCM_STORAGE_TARANTOOL_SSL_PASSWORDCommand-line option:--storage.tarantool.ssl.password
-
storage.tarantool.ssl.password-file
¶ A text file with passwords for encrypted private SSL keys to use for connecting to the Tarantool TCM configuration storage.
See also: Securing connections with SSL.
Type: stringDefault: “”Environment variable: TCM_STORAGE_TARANTOOL_SSL_PASSWORD_FILECommand-line option:--storage.tarantool.ssl.password-file
-
storage.tarantool.required-protocol-info.auth
¶ An authentication method for the Tarantool TCM configuration storage.
Possible values are the Go’s go-tarantool/Auth constants:
AutoAuth
(0)ChapSha1Auth
PapSha256Auth
See also go-tarantool.ProtocolInfo.
Type: intDefault: 0Environment variable: TCM_STORAGE_TARANTOOL_SSL_REQUIRED_PROTOCOL_INFO_AUTHCommand-line option:--storage.tarantool.required-protocol-info.auth
-
storage.tarantool.required-protocol-info.version
¶ A Tarantool protocol version.
See also go-tarantool.ProtocolInfo.
Type: uint64Default: 0Environment variable: TCM_STORAGE_TARANTOOL_SSL_REQUIRED_PROTOCOL_INFO_VERSIONCommand-line option:--storage.tarantool.required-protocol-info.version
-
storage.tarantool.required-protocol-info.features
¶ An array of Tarantool protocol features.
See also go-tarantool.ProtocolInfo.
Type: []intDefault: []Environment variable: TCM_STORAGE_TARANTOOL_SSL_REQUIRED_PROTOCOL_INFO_FEATURESCommand-line option:--storage.tarantool.required-protocol-info.features
The storage.tarantool.embed
group parameters define the configuration of the
embedded Tarantool cluster to use as a TCM backend store.
This cluster can be used for development purposes when the production or testing
cluster is not available or not needed.
See also Embedded backend store.
The addon
section defines settings related to TCM add-ons.
-
addon.enabled
¶ Whether to enable the add-on functionality in TCM.
Type: boolDefault: falseEnvironment variable: TCM_ADDON_ENABLEDCommand-line option:--addon.enabled
-
addon.addons-dir
¶ The directory from which TCM takes add-ons.
Type: stringDefault: addonsEnvironment variable: TCM_ADDON_ADDONS_DIRCommand-line option:--addon.addons-dir
-
addon.max-upload-size
¶ The maximum size (in bytes) of addon to upload to TCM.
Type: int64Default: 104857600Environment variable: TCM_ADDON_MAX_UPLOAD_SIZECommand-line option:--addon.max-upload-size
-
addon.dev-addons-dir
¶ Additional add-on directories for development purposes, separated by semicolons (
;
).Type: []stringDefault: []Environment variable: TCM_ADDON_DEV_ADDONS_DIRCommand-line option:--addon.dev-addons-dir
The limits
section defines limits on various TCM objects and relations
between them.
- limits.users-count
- limits.clusters-count
- limits.roles-count
- limits.webhooks-count
- limits.user-secrets-count
- limits.user-websessions-count
- limits.linked-cluster-users
-
limits.users-count
¶ The maximum number of users in TCM.
Type: intDefault: 1000Environment variable: TCM_LIMITS_USERS_COUNTCommand-line option:--limits.users-count
-
limits.clusters-count
¶ The maximum number of clusters in TCM.
Type: intDefault: 10Environment variable: TCM_LIMITS_CLUSTERS_COUNTCommand-line option:--limits.clusters-count
-
limits.roles-count
¶ The maximum number of roles in TCM.
Type: intDefault: 100Environment variable: TCM_LIMITS_ROLES_COUNTCommand-line option:--limits.roles-count
-
limits.webhooks-count
¶ The maximum number of webhooks in TCM.
Type: intDefault: 200Environment variable: TCM_LIMITS_WEBHOOKS_COUNTCommand-line option:--limits.webhooks-count
-
limits.user-secrets-count
¶ The maximum number secrets that a TCM user can have.
Type: intDefault: 10Environment variable: TCM_LIMITS_USER_SECRETS_COUNTCommand-line option:--limits.user-secrets-count
-
limits.user-websessions-count
¶ The maximum number of open sessions that a TCM user can have.
Type: intDefault: 10Environment variable: TCM_LIMITS_USER_WEBSESSIONS_COUNTCommand-line option:--limits.user-websessions-count
-
limits.linked-cluster-users
¶ The maximum number of clusters to which a single user can have access.
Type: intDefault: 10Environment variable: TCM_LIMITS_LINKED_CLUSTER_USERSCommand-line option:--limits.linked-cluster-users
The security
section defines the security parameters of TCM.
- security.auth
- security.hash-cost
- security.encryption-key
- security.encryption-key-file
- security.bootstrap-password
- security.bootstrap-api-token
- security.integrity-check
- security.signature-private-key-file
-
security.auth
¶ Ways to log into TCM.
Possible values:
local
ldap
Type: []stringDefault: [local]Environment variable: TCM_SECURITY_AUTHCommand-line option:--security.auth
-
security.hash-cost
¶ A hash cost for hashing users’ passwords.
Type: intDefault: 12Environment variable: TCM_SECURITY_HASH_COSTCommand-line option:--security.hash-cost
-
security.encryption-key
¶ An encryption key for passwords used by TCM for accessing Tarantool and etcd clusters.
Type: stringDefault: “”Environment variable: TCM_SECURITY_ENCRYPTION_KEYCommand-line option:--security.encryption-key
-
security.encryption-key-file
¶ A path to the file with the encryption key for passwords used by TCM for accessing Tarantool and etcd clusters.
Type: stringDefault: “”Environment variable: TCM_SECURITY_ENCRYPTION_KEY_FILECommand-line option:--security.encryption-key-file
-
security.bootstrap-password
¶ A password for the first login of the
admin
user. Only for testing purposes.Type: stringDefault: “”Environment variable: TCM_SECURITY_BOOTSTRAP_PASSWORDCommand-line option:--security.bootstrap-password
-
security.bootstrap-api-token
¶ A default API token for the
admin
user. Only for testing purposes.Type: stringDefault: “”Environment variable: TCM_SECURITY_BOOTSTRAP_API_TOKENCommand-line option:--security.bootstrap-api-token
-
security.integrity-check
¶ Whether to check the digital signature. If
true
, the error is raised in case an incorrect signature is detected.Type: boolDefault: falseEnvironment variable: TCM_SECURITY_INTEGRITY_CHECKCommand-line option:--security.integrity-check
-
security.signature-private-key-file
¶ A path to a file with the private key to sign TCM data.
Type: stringDefault: “”Environment variable: TCM_SECURITY_SIGNATURE_PRIVATE_KEY_FILECommand-line option:--security.signature-private-key-file
-
mode
¶ The TCM mode:
production
,development
, ortest
.Type: stringDefault: productionEnvironment variable: TCM_MODECommand-line option:--mode
The feature
section defines the security parameters of TCM.
-
feature.ttgraph
¶ Whether Tarantool Graph DB integration is enabled.
Type: boolDefault: falseEnvironment variable: TCM_FEATURE_TTGRAPHCommand-line option:--feature.ttgraph
-
feature.column-store
¶ Whether Tarantool Column Store integration is enabled.
Type: boolDefault: falseEnvironment variable: TCM_FEATURE_COLUMN_STORECommand-line option:--feature.column-store
-
feature.tqe
¶ Whether Tarantool Queue Enterprise integration is enabled.
Type: boolDefault: falseEnvironment variable: TCM_FEATURE_TQECommand-line option:--feature.tqe
-
feature.api-token
¶ Whether the use of API tokens is enabled.
Type: boolDefault: falseEnvironment variable: TCM_FEATURE_API_TOKENCommand-line option:--feature.api-token
The initial-settings
group defines entities that are created automatically
upon the first TCM startup.
See also Initial settings.
Important
The initial-settings.*
configuration options can be set in the YAML
configuration file only. There are no environment variables nor
command-line options for them.
-
initial-settings.clusters
¶ An array of clusters to create in TCM automatically upon the first startup.
See also Initial settings.
Type: []ClusterDefault: []
-
initial-settings.clusters.<cluster>.id
¶ Cluster ID. Skip this option to generate an ID automatically. Specify the value
00000000-0000-0000-0000-000000000000
to customize the default cluster upon TCM startup.Type: stringDefault: “” (ID is generated automatically)
-
initial-settings.clusters.<cluster>.name
¶ Cluster name.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.description
¶ Cluster description.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.color
¶ A color to highlight the cluster in TCM. Possible values:
dark
gray
red
pink
grape
violet
indigo
blue
cyan
green
lime
yellow
orange
teal
- empty string (no color)
Type: stringDefault: “” (no color)
-
initial-settings.clusters.<cluster>.urls
¶ URLs of additional services for the cluster. See also Adding a new cluster.
Type: []ClusterUrlDefault: []
-
initial-settings.clusters.<cluster>.<url>.label
¶ URL label to show in TCM. Typically, this is the linked service name.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.<url>.url
¶ The URL address of the linked service.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.storage-connection.provider
¶ The type of the storage used for storing the cluster configuration.
Possible values:
etcd
tarantool
- empty string (undefined)
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.endpoints
¶ An array of node URIs of the etcd cluster where the Tarantool cluster configuration is stored.
Type: []stringDefault: []
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.auto-sync-interval
¶ An automated sync interval.
Type: time.DurationDefault: 0 (disabled)
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.dial-timeout
¶ An etcd dial timeout.
Type: time.DurationDefault: 0 (not set)
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.dial-keep-alive-time
¶ A dial keep-alive time.
Type: time.DurationDefault: 0 (not set)
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.dial-keep-alive-timeout
¶ A dial keep-alive timeout.
Type: time.DurationDefault: 0 (not set)
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.max-call-send-msg-size
¶ The maximum size (in bytes) of a request from the cluster to its etcd configuration storage.
Type: intDefault: 2097152
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.max-call-recv-msg-size
¶ The maximum size (in bytes) of a response to the cluster from its etcd configuration storage.
Type: intDefault: 0 (unlimited)
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.username
¶ A username for accessing the cluster’s etcd storage.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.password
¶ A password for accessing the cluster’s etcd storage.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.reject-old-cluster
¶ Whether etcd should refuse to create a client against an outdated cluster.
Type: boolDefault: false
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.permit-without-stream
¶ Whether keepalive pings can be send to the etcd server without active streams.
Type: boolDefault: false
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.prefix
¶ A prefix for the cluster configuration parameters in etcd.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.tls.enabled
¶ Indicates whether TLS is enabled for connections to the cluster’s etcd storage.
Type: boolDefault: false
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.tls.cert-file
¶ A path to a TLS certificate file to use for etcd connections.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.tls.key-file
¶ A path to a TLS private key file to use for etcd connections.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.tls.trusted-ca-file
¶ A path to a trusted CA certificate file to use for etcd connections.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.tls.client-cert-auth
¶ Indicates whether client cert authentication is enabled.
Type: boolDefault: false
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.tls.crl-file
¶ A path to the client certificate revocation list file.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.tls.insecure-skip-verify
¶ Skip checking client certificate in etcd connections.
Type: boolDefault: false
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.tls.skip-client-san-verify
¶ Skip verification of SAN field in client certificate for etcd connections.
Type: boolDefault: false
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.tls.server-name
¶ Name of the TLS server for etcd connections.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.tls.cipher-suites
¶ TLS cipher suites for etcd connections. Possible values are the Golang tls.TLS_* constants.
Type: []uint16Default: []
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.tls.allowed-cn
¶ An allowed common name for authentication in etcd connections.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.tls.allowed-hostname
¶ An allowed TLS certificate name for authentication in etcd connections.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.storage-connection.etcd-connection.tls.empty-cn
¶ Whether the empty common name is allowed in etcd connections.
Type: boolDefault: false
-
initial-settings.clusters.<cluster>.storage-connection.tarantool-connection.username
¶ A username for connecting to the cluster’s Tarantool-based configuration storage.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.storage-connection.tarantool-connection.password
¶ A password for connecting to the cluster’s Tarantool-based configuration storage.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.storage-connection.tarantool-connection.endpoints
¶ An array of the cluster’s Tarantool-based configuration storage URIs.
Type: []stringDefault: []
-
initial-settings.clusters.<cluster>.storage-connection.tarantool-connection.method
¶ An authentication method for the cluster’s Tarantool-based configuration storage.
Possible values are the Go’s go-tarantool/Auth constants:
AutoAuth
(0)ChapSha1Auth
PapSha256Auth
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.storage-connection.tarantool-connection.prefix
¶ A prefix for the cluster configuration parameters in the Tarantool-based configuration storage.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.storage-connection.tarantool-connection.ssl.key-file
¶ A path to a TLS private key file to use for connecting to the cluster’s Tarantool-based configuration storage.
See also: Securing connections with SSL.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.storage-connection.tarantool-connection.ssl.cert-file
¶ A path to an SSL certificate to use for connecting to the cluster’s Tarantool-based configuration storage.
See also: Securing connections with SSL.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.storage-connection.tarantool-connection.ssl.ca-file
¶ A path to a trusted CA certificate to use for connecting to the cluster’s Tarantool-based configuration storage.
See also: Securing connections with SSL.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.storage-connection.tarantool-connection.ssl.ciphers
¶ A list of SSL cipher suites that can be used for connecting to the cluster’s Tarantool-based configuration storage. Possible values are listed in <uri>.params.ssl_ciphers.
See also: Securing connections with SSL.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.storage-connection.tarantool-connection.ssl.enabled
¶ A password for an encrypted private SSL key to use for connecting to the cluster’s Tarantool-based configuration storage.
See also: Securing connections with SSL.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.storage-connection.tarantool-connection.ssl.password-file
¶ A text file with passwords for encrypted private SSL keys to use for connecting to the cluster’s Tarantool-based configuration storage.
See also: Securing connections with SSL.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.tarantool-connection.username
¶ A username for connecting to the cluster instances.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.tarantool-connection.password
¶ A password for connecting to the cluster instances.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.tarantool-connection.method
¶ An authentication method for connecting to the cluster.
Possible values are the Go’s go-tarantool/Auth constants:
AutoAuth
(0)ChapSha1Auth
PapSha256Auth
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.tarantool-connection.timeout
¶ The cluster request timeout.
Type: time.DurationDefault: 0 (not set)
-
initial-settings.clusters.<cluster>.tarantool-connection.rate-limit
¶ The cluster rate limit.
Type: uintDefault: 0 (not set)
-
initial-settings.clusters.<cluster>.tarantool-connection.ssl.key-file
¶ A path to a TLS private key file to use for connecting to the cluster instances.
See also: Securing connections with SSL.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.tarantool-connection.ssl.cert-file
¶ A path to an SSL certificate to use for connecting to the cluster instances.
See also: Securing connections with SSL.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.tarantool-connection.ssl.ca-file
¶ A path to a trusted CA certificate to use for connecting to the cluster instances.
See also: Securing connections with SSL.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.tarantool-connection.ssl.ciphers
¶ A list of SSL cipher suites that can be used for connecting to the cluster instances. Possible values are listed in <uri>.params.ssl_ciphers.
See also: Securing connections with SSL.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.tarantool-connection.ssl.enabled
¶ A password for an encrypted private SSL key to use for connecting to the cluster instances.
See also: Securing connections with SSL.
Type: stringDefault: “”
-
initial-settings.clusters.<cluster>.tarantool-connection.ssl.password-file
¶ A text file with passwords for encrypted private SSL keys to use for connecting to the cluster instances.
See also: Securing connections with SSL.
Type: stringDefault: “”