controller

package
v0.0.0-...-e2523e8 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 28, 2024 License: AGPL-3.0 Imports: 16 Imported by: 84

Documentation

Index

Constants

View Source
const (
	// MongoProfLow represents the most conservative mongo memory profile.
	MongoProfLow = "low"
	// MongoProfDefault represents the mongo memory profile shipped by default.
	MongoProfDefault = "default"
)
View Source
const (
	// APIPort is the port used for api connections.
	APIPort = "api-port"

	// ControllerAPIPort is an optional port that may be set for controllers
	// that have a very heavy load. If this port is set, this port is used by
	// the controllers to talk to each other - used for the local API connection
	// as well as the pubsub forwarders. If this value is set, the api-port
	// isn't opened until the controllers have started properly.
	ControllerAPIPort = "controller-api-port"

	// ControllerName is the canonical name for the controller.
	ControllerName = "controller-name"

	// ApplicationResourceDownloadLimit limits the number of concurrent resource download
	// requests from unit agents which will be served. The limit is per application.
	// Use a value of 0 to disable the limit.
	ApplicationResourceDownloadLimit = "application-resource-download-limit"

	// ControllerResourceDownloadLimit limits the number of concurrent resource download
	// requests from unit agents which will be served. The limit is for the combined total
	// of all applications on the controller.
	// Use a value of 0 to disable the limit.
	ControllerResourceDownloadLimit = "controller-resource-download-limit"

	// AgentRateLimitMax is the maximum size of the token bucket used to
	// ratelimit the agent connections to the API server.
	AgentRateLimitMax = "agent-ratelimit-max"

	// AgentRateLimitRate is the interval at which a new token is added to
	// the token bucket, in milliseconds (ms).
	AgentRateLimitRate = "agent-ratelimit-rate"

	// APIPortOpenDelay is a duration that the controller will wait
	// between when the controller has been deemed to be ready to open
	// the api-port and when the api-port is actually opened. This value
	// is only used when a controller-api-port value is set.
	APIPortOpenDelay = "api-port-open-delay"

	// AuditingEnabled determines whether the controller will record
	// auditing information.
	AuditingEnabled = "auditing-enabled"

	// AuditLogCaptureArgs determines whether the audit log will
	// contain the arguments passed to API methods.
	AuditLogCaptureArgs = "audit-log-capture-args"

	// AuditLogMaxSize is the maximum size for the current audit log
	// file, eg "250M".
	AuditLogMaxSize = "audit-log-max-size"

	// AuditLogMaxBackups is the number of old audit log files to keep
	// (compressed).
	AuditLogMaxBackups = "audit-log-max-backups"

	// AuditLogExcludeMethods is a list of Facade.Method names that
	// aren't interesting for audit logging purposes. A conversation
	// with only calls to these will be excluded from the
	// log. (They'll still appear in conversations that have other
	// interesting calls though.)
	AuditLogExcludeMethods = "audit-log-exclude-methods"

	// ReadOnlyMethodsWildcard is the special value that can be added
	// to the exclude-methods list that represents all of the read
	// only methods (see apiserver/observer/auditfilter.go). This
	// value will be stored in the DB (rather than being expanded at
	// write time) so any changes to the set of read-only methods in
	// new versions of Juju will be honoured.
	ReadOnlyMethodsWildcard = "ReadOnlyMethods"

	// StatePort is the port used for mongo connections.
	StatePort = "state-port"

	// CACertKey is the key for the controller's CA certificate attribute.
	CACertKey = "ca-cert"

	// ControllerUUIDKey is the key for the controller UUID attribute.
	ControllerUUIDKey = "controller-uuid"

	// LoginTokenRefreshURL sets the URL of the login JWT well-known endpoint.
	// Use this when authentication/authorisation is done using a JWT in the
	// login request rather than a username/password or macaroon and a local
	// permissions model.
	LoginTokenRefreshURL = "login-token-refresh-url"

	// IdentityURL sets the URL of the identity manager.
	// Use this when users should be managed externally rather than
	// created locally on the controller.
	IdentityURL = "identity-url"

	// IdentityPublicKey sets the public key of the identity manager.
	// Use this when users should be managed externally rather than
	// created locally on the controller.
	IdentityPublicKey = "identity-public-key"

	// SetNUMAControlPolicyKey (true/false) is deprecated.
	// Use to configure whether mongo is started with NUMA
	// controller policy turned on.
	SetNUMAControlPolicyKey = "set-numa-control-policy"

	// AutocertDNSNameKey sets the DNS name of the controller. If a
	// client connects to this name, an official certificate will be
	// automatically requested. Connecting to any other host name
	// will use the usual self-generated certificate.
	AutocertDNSNameKey = "autocert-dns-name"

	// AutocertURLKey sets the URL used to obtain official TLS
	// certificates when a client connects to the API. By default,
	// certficates are obtains from LetsEncrypt. A good value for
	// testing is
	// "https://acme-staging.api.letsencrypt.org/directory".
	AutocertURLKey = "autocert-url"

	// AllowModelAccessKey sets whether the controller will allow users to
	// connect to models they have been authorized for, even when
	// they don't have any access rights to the controller itself.
	AllowModelAccessKey = "allow-model-access"

	// MongoMemoryProfile sets the memory profile for MongoDB. Valid values are:
	// - "low": use the least possible memory
	// - "default": use the default memory profile
	MongoMemoryProfile = "mongo-memory-profile"

	// JujuDBSnapChannel selects the channel to use when installing Mongo
	// snaps for focal or later. The value is ignored for older releases.
	JujuDBSnapChannel = "juju-db-snap-channel"

	// MaxDebugLogDuration is used to provide a backstop to the execution of a
	// debug-log command. If someone starts a debug-log session in a remote
	// screen for example, it is very easy to disconnect from the screen while
	// leaving the debug-log process running. This causes unnecessary load on
	// the API server. The max debug-log duration has a default of 24 hours,
	// which should be more than enough time for a debugging session.
	MaxDebugLogDuration = "max-debug-log-duration"

	// AgentLogfileMaxSize is the maximum file size of each agent log file,
	// in MB.
	AgentLogfileMaxSize = "agent-logfile-max-size"

	// AgentLogfileMaxBackups is the maximum number of old agent log files
	// to keep (compressed; saved on each unit, synced to the controller).
	AgentLogfileMaxBackups = "agent-logfile-max-backups"

	// ModelLogfileMaxSize is the maximum size of the log file written out by the
	// controller on behalf of workers running for a model.
	ModelLogfileMaxSize = "model-logfile-max-size"

	// ModelLogfileMaxBackups is the number of old model
	// log files to keep (compressed).
	ModelLogfileMaxBackups = "model-logfile-max-backups"

	// MaxTxnLogSize is the maximum size the of capped txn log collection, eg "10M"
	MaxTxnLogSize = "max-txn-log-size"

	// MaxPruneTxnBatchSize (deprecated) is the maximum number of transactions
	// we will evaluate in one go when pruning. Default is 1M transactions.
	// A value <= 0 indicates to do all transactions at once.
	MaxPruneTxnBatchSize = "max-prune-txn-batch-size"

	// MaxPruneTxnPasses (deprecated) is the maximum number of batches that
	// we will process. So total number of transactions that can be processed
	// is MaxPruneTxnBatchSize * MaxPruneTxnPasses. A value <= 0 implies
	// 'do a single pass'. If both MaxPruneTxnBatchSize and MaxPruneTxnPasses
	// are 0, then the default value of 1M BatchSize and 100 passes
	// will be used instead.
	MaxPruneTxnPasses = "max-prune-txn-passes"

	// PruneTxnQueryCount is the number of transactions to read in a single query.
	// Minimum of 10, a value of 0 will indicate to use the default value (1000)
	PruneTxnQueryCount = "prune-txn-query-count"

	// PruneTxnSleepTime is the amount of time to sleep between processing each
	// batch query. This is used to reduce load on the system, allowing other
	// queries to time to operate. On large controllers, processing 1000 txs
	// seems to take about 100ms, so a sleep time of 10ms represents a 10%
	// slowdown, but allows other systems to operate concurrently.
	// A negative number will indicate to use the default, a value of 0
	// indicates to not sleep at all.
	PruneTxnSleepTime = "prune-txn-sleep-time"

	// MaxCharmStateSize is the maximum allowed size of charm-specific
	// per-unit state data that charms can store to the controller in
	// bytes. A value of 0 disables the quota checks although in
	// principle, mongo imposes a hard (but configurable) limit of 16M.
	MaxCharmStateSize = "max-charm-state-size"

	// MaxAgentStateSize is the maximum allowed size of internal state
	// data that agents can store to the controller in bytes. A value of 0
	// disables the quota checks although in principle, mongo imposes a
	// hard (but configurable) limit of 16M.
	MaxAgentStateSize = "max-agent-state-size"

	// MigrationMinionWaitMax is the maximum time that the migration-master
	// worker will wait for agents to report for a migration phase when
	// executing a model migration.
	MigrationMinionWaitMax = "migration-agent-wait-time"

	// JujuHASpace is the network space within which the MongoDB replica-set
	// should communicate.
	JujuHASpace = "juju-ha-space"

	// JujuManagementSpace is the network space that agents should use to
	// communicate with controllers.
	JujuManagementSpace = "juju-mgmt-space"

	// CAASOperatorImagePath sets the URL of the docker image
	// used for the application operator.
	// Deprecated: use CAASImageRepo
	CAASOperatorImagePath = "caas-operator-image-path"

	// CAASImageRepo sets the docker repo to use
	// for the jujud operator and mongo images.
	CAASImageRepo = "caas-image-repo"

	// Features allows a list of runtime changeable features to be updated.
	Features = "features"

	// PublicDNSAddress is the public DNS address (and port) of the controller.
	PublicDNSAddress = "public-dns-address"

	// QueryTracingEnabled returns whether query tracing is enabled. If so, any
	// queries which take longer than QueryTracingThreshold will be logged.
	QueryTracingEnabled = "query-tracing-enabled"

	// QueryTracingThreshold returns the "threshold" for query tracing. Any
	// queries which take longer than this value will be logged (if query tracing
	// is enabled). The lower the threshold, the more queries will be output. A
	// value of 0 means all queries will be output.
	QueryTracingThreshold = "query-tracing-threshold"

	// OpenTelemetryEnabled returns whether open telemetry is enabled.
	OpenTelemetryEnabled = "open-telemetry-enabled"

	// OpenTelemetryEndpoint returns the endpoint at which the telemetry will
	// be pushed to.
	OpenTelemetryEndpoint = "open-telemetry-endpoint"

	// OpenTelemetryInsecure returns if the telemetry collector endpoint is
	// insecure or not. Useful for debug or local testing.
	OpenTelemetryInsecure = "open-telemetry-insecure"

	// OpenTelemetryStackTraces return whether stack traces should be added per
	// span.
	OpenTelemetryStackTraces = "open-telemetry-stack-traces"

	// OpenTelemetrySampleRatio returns the sample ratio for open telemetry.
	OpenTelemetrySampleRatio = "open-telemetry-sample-ratio"

	// OpenTelemetryTailSamplingThreshold returns the tail sampling threshold
	// for open telemetry as a duration.
	OpenTelemetryTailSamplingThreshold = "open-telemetry-tail-sampling-threshold"

	// ObjectStoreType is the type of object store to use for storing blobs.
	// This isn't currently allowed to be changed dynamically, that will come
	// when we support multiple object store types (not including state).
	ObjectStoreType = "object-store-type"

	// ObjectStoreS3Endpoint is the endpoint to use for S3 object stores.
	ObjectStoreS3Endpoint = "object-store-s3-endpoint"

	// ObjectStoreS3StaticKey is the static key to use for S3 object stores.
	ObjectStoreS3StaticKey = "object-store-s3-static-key"

	// ObjectStoreS3StaticSecret is the static secret to use for S3 object
	// stores.
	ObjectStoreS3StaticSecret = "object-store-s3-static-secret"

	// ObjectStoreS3StaticSession is the static session token to use for S3
	// object stores.
	ObjectStoreS3StaticSession = "object-store-s3-static-session"

	// SystemSSHKeys returns the set of ssh keys that should be trusted by
	// agents of this controller regardless of the model.
	SystemSSHKeys = "system-ssh-keys"

	// JujudControllerSnapSource returns the source for the controller snap.
	// Can be set to "legacy", "snapstore", "local" or "local-dangerous".
	// Cannot be changed.
	JujudControllerSnapSource = "jujud-controller-snap-source"
)

docs:controller-config-keys

View Source
const (
	// DefaultApplicationResourceDownloadLimit allows unlimited
	// resource download requests initiated by a unit agent per application.
	DefaultApplicationResourceDownloadLimit = 0

	// DefaultControllerResourceDownloadLimit allows unlimited concurrent resource
	// download requests initiated by unit agents for any application on the controller.
	DefaultControllerResourceDownloadLimit = 0

	// DefaultAgentRateLimitMax allows the first 10 agents to connect without
	// any issue. After that the rate limiting kicks in.
	DefaultAgentRateLimitMax = 10

	// DefaultAgentRateLimitRate will allow four agents to connect every
	// second. A token is added to the ratelimit token bucket every 250ms.
	DefaultAgentRateLimitRate = 250 * time.Millisecond

	// DefaultAuditingEnabled contains the default value for the
	// AuditingEnabled config value.
	DefaultAuditingEnabled = true

	// DefaultAuditLogCaptureArgs is the default for the
	// AuditLogCaptureArgs setting (which is not to capture them).
	DefaultAuditLogCaptureArgs = false

	// DefaultAuditLogMaxSizeMB is the default size in MB at which we
	// roll the audit log file.
	DefaultAuditLogMaxSizeMB = 300

	// DefaultAuditLogMaxBackups is the default number of files to
	// keep.
	DefaultAuditLogMaxBackups = 10

	// DefaultNUMAControlPolicy should not be used by default.
	// Only use numactl if user specifically requests it
	DefaultNUMAControlPolicy = false

	// DefaultStatePort is the default port the controller is listening on.
	DefaultStatePort int = 37017

	// DefaultAPIPort is the default port the API server is listening on.
	DefaultAPIPort int = 17070

	// DefaultAPIPortOpenDelay is the default value for api-port-open-delay.
	DefaultAPIPortOpenDelay = 2 * time.Second

	// DefaultMongoMemoryProfile is the default profile used by mongo.
	DefaultMongoMemoryProfile = MongoProfDefault

	// DefaultJujuDBSnapChannel is the default snap channel for installing
	// mongo in focal or later.
	DefaultJujuDBSnapChannel = "4.4/stable"

	// DefaultMaxDebugLogDuration is the default duration that debug-log
	// commands can run before being terminated by the API server.
	DefaultMaxDebugLogDuration = 24 * time.Hour

	// DefaultMaxTxnLogCollectionMB is the maximum size the txn log collection.
	DefaultMaxTxnLogCollectionMB = 10 // 10 MB

	// DefaultMaxPruneTxnBatchSize is the normal number of transaction
	// we will prune in a given pass (1M) (deprecated)
	DefaultMaxPruneTxnBatchSize = 1 * 1000 * 1000

	// DefaultMaxPruneTxnPasses is the default number of
	// batches we will process. (deprecated)
	DefaultMaxPruneTxnPasses = 100

	// DefaultAgentLogfileMaxSize is the maximum file size in MB of each
	// agent/controller log file.
	DefaultAgentLogfileMaxSize = 100

	// DefaultAgentLogfileMaxBackups is the number of old agent/controller log
	// files to keep (compressed).
	DefaultAgentLogfileMaxBackups = 2

	// DefaultModelLogfileMaxSize is the maximum file size in MB of
	// the log file written out by the controller on behalf of workers
	// running for a model.
	DefaultModelLogfileMaxSize = 10

	// DefaultModelLogfileMaxBackups is the number of old model
	// log files to keep (compressed).
	DefaultModelLogfileMaxBackups = 2

	// DefaultPruneTxnQueryCount is the number of transactions
	// to read in a single query.
	DefaultPruneTxnQueryCount = 1000

	// DefaultPruneTxnSleepTime is the amount of time to sleep between
	// processing each batch query. This is used to reduce load on the system,
	// allowing other queries to time to operate. On large controllers,
	// processing 1000 txs seems to take about 100ms, so a sleep time of 10ms
	// represents a 10% slowdown, but allows other systems to
	// operate concurrently.
	DefaultPruneTxnSleepTime = 10 * time.Millisecond

	// DefaultMaxCharmStateSize is the maximum size (in bytes) of charm
	// state data that each unit can store to the controller.
	DefaultMaxCharmStateSize = 2 * 1024 * 1024

	// DefaultMaxAgentStateSize is the maximum size (in bytes) of internal
	// state data that agents can store to the controller.
	DefaultMaxAgentStateSize = 512 * 1024

	// DefaultMigrationMinionWaitMax is the default value for how long a
	// migration minion will wait for the migration to complete.
	DefaultMigrationMinionWaitMax = 15 * time.Minute

	// DefaultQueryTracingEnabled is the default value for if query tracing
	// is enabled.
	DefaultQueryTracingEnabled = false

	// DefaultQueryTracingThreshold is the default value for the threshold
	// for query tracing. If a query takes longer than this to complete
	// it will be logged if query tracing is enabled.
	DefaultQueryTracingThreshold = time.Second

	// DefaultAuditLogExcludeMethods is the default list of methods to
	// exclude from the audit log.
	// This special value means we exclude any methods in the set
	// listed in apiserver/observer/auditfilter.go
	DefaultAuditLogExcludeMethods = ReadOnlyMethodsWildcard

	// DefaultOpenTelemetryEnabled is the default value for if the open
	// telemetry tracing is enabled or not.
	DefaultOpenTelemetryEnabled = false

	// DefaultOpenTelemetryInsecure is the default value for it the open
	// telemetry tracing endpoint is insecure or not.
	DefaultOpenTelemetryInsecure = false

	// DefaultOpenTelemetryStackTraces is the default value for it the open
	// telemetry tracing has stack traces or not.
	DefaultOpenTelemetryStackTraces = false

	// DefaultOpenTelemetrySampleRatio is the default value for the sample
	// ratio for open telemetry.
	// By default we only want to trace 10% of the requests.
	DefaultOpenTelemetrySampleRatio = 0.1

	// DefaultOpenTelemetryTailSamplingThreshold is the default value for the
	// tail sampling threshold for open telemetry.
	DefaultOpenTelemetryTailSamplingThreshold = 1 * time.Millisecond

	// JujudControllerSnapSource is the default value for the jujud controller
	// snap source, which is the snapstore.
	// TODO(jujud-controller-snap): change this to "snapstore" once it is implemented.
	DefaultJujudControllerSnapSource = "legacy"

	// DefaultObjectStoreType is the default type of object store to use for
	// storing blobs.
	DefaultObjectStoreType = objectstore.FileBackend
)

Attribute Defaults

Variables

View Source
var (
	// ControllerOnlyConfigAttributes lists all the controller config keys, so we
	// can distinguish these from model config keys when bootstrapping.
	ControllerOnlyConfigAttributes = []string{
		AllowModelAccessKey,
		AgentRateLimitMax,
		AgentRateLimitRate,
		APIPort,
		APIPortOpenDelay,
		AutocertDNSNameKey,
		AutocertURLKey,
		CACertKey,
		ControllerAPIPort,
		ControllerName,
		ControllerUUIDKey,
		LoginTokenRefreshURL,
		IdentityPublicKey,
		IdentityURL,
		SetNUMAControlPolicyKey,
		StatePort,
		MongoMemoryProfile,
		JujuDBSnapChannel,
		MaxDebugLogDuration,
		MaxTxnLogSize,
		MaxPruneTxnBatchSize,
		MaxPruneTxnPasses,
		AgentLogfileMaxBackups,
		AgentLogfileMaxSize,
		ModelLogfileMaxBackups,
		ModelLogfileMaxSize,
		PruneTxnQueryCount,
		PruneTxnSleepTime,
		PublicDNSAddress,
		JujuHASpace,
		JujuManagementSpace,
		AuditingEnabled,
		AuditLogCaptureArgs,
		AuditLogMaxSize,
		AuditLogMaxBackups,
		AuditLogExcludeMethods,
		CAASOperatorImagePath,
		CAASImageRepo,
		Features,
		MaxCharmStateSize,
		MaxAgentStateSize,
		MigrationMinionWaitMax,
		ApplicationResourceDownloadLimit,
		ControllerResourceDownloadLimit,
		QueryTracingEnabled,
		QueryTracingThreshold,
		OpenTelemetryEnabled,
		OpenTelemetryEndpoint,
		OpenTelemetryInsecure,
		OpenTelemetryStackTraces,
		OpenTelemetrySampleRatio,
		OpenTelemetryTailSamplingThreshold,
		ObjectStoreType,
		ObjectStoreS3Endpoint,
		ObjectStoreS3StaticKey,
		ObjectStoreS3StaticSecret,
		ObjectStoreS3StaticSession,
		SystemSSHKeys,
		JujudControllerSnapSource,
	}

	// For backwards compatibility, we must include "anything", "juju-apiserver"
	// and "juju-mongodb" as hostnames as that is what clients specify
	// as the hostname for verification (this certificate is used both
	// for serving MongoDB and API server connections).  We also
	// explicitly include localhost.
	DefaultDNSNames = []string{
		"localhost",
		"juju-apiserver",
		"juju-mongodb",
		"anything",
	}

	// AllowedUpdateConfigAttributes contains all of the controller
	// config attributes that are allowed to be updated after the
	// controller has been created.
	AllowedUpdateConfigAttributes = set.NewStrings(
		AgentLogfileMaxBackups,
		AgentLogfileMaxSize,
		AgentRateLimitMax,
		AgentRateLimitRate,
		APIPortOpenDelay,
		ApplicationResourceDownloadLimit,
		AuditingEnabled,
		AuditLogCaptureArgs,
		AuditLogExcludeMethods,
		AuditLogMaxBackups,
		AuditLogMaxSize,
		CAASImageRepo,
		ControllerResourceDownloadLimit,
		Features,
		JujuHASpace,
		JujuManagementSpace,
		MaxAgentStateSize,
		MaxCharmStateSize,
		MaxDebugLogDuration,
		MaxPruneTxnBatchSize,
		MaxPruneTxnPasses,
		MigrationMinionWaitMax,
		ModelLogfileMaxBackups,
		ModelLogfileMaxSize,
		MongoMemoryProfile,
		OpenTelemetryEnabled,
		OpenTelemetryEndpoint,
		OpenTelemetryInsecure,
		OpenTelemetryStackTraces,
		OpenTelemetrySampleRatio,
		OpenTelemetryTailSamplingThreshold,
		PruneTxnQueryCount,
		PruneTxnSleepTime,
		PublicDNSAddress,
		QueryTracingEnabled,
		QueryTracingThreshold,
		ObjectStoreType,
		ObjectStoreS3Endpoint,
		ObjectStoreS3StaticKey,
		ObjectStoreS3StaticSecret,
		ObjectStoreS3StaticSession,
	)
)
View Source
var ConfigSchema = environschema.Fields{
	ApplicationResourceDownloadLimit: {
		Description: "The maximum number of concurrent resources downloads per application",
		Type:        environschema.Tint,
	},
	ControllerResourceDownloadLimit: {
		Description: "The maximum number of concurrent resources downloads across all the applications on the controller",
		Type:        environschema.Tint,
	},
	AgentRateLimitMax: {
		Description: "The maximum size of the token bucket used to ratelimit agent connections",
		Type:        environschema.Tint,
	},
	AgentRateLimitRate: {
		Description: "The time taken to add a new token to the ratelimit bucket",
		Type:        environschema.Tstring,
	},
	AuditingEnabled: {
		Description: "Determines if the controller records auditing information",
		Type:        environschema.Tbool,
	},
	AuditLogCaptureArgs: {
		Description: `Determines if the audit log contains the arguments passed to API methods`,
		Type:        environschema.Tbool,
	},
	AuditLogMaxSize: {
		Description: "The maximum size for the current controller audit log file",
		Type:        environschema.Tstring,
	},
	AuditLogMaxBackups: {
		Type:        environschema.Tint,
		Description: "The number of old audit log files to keep (compressed)",
	},
	AuditLogExcludeMethods: {
		Type:        environschema.Tstring,
		Description: "A comma-delimited list of Facade.Method names that aren't interesting for audit logging purposes.",
	},
	APIPort: {
		Type:        environschema.Tint,
		Description: "The port used for api connections",
	},
	APIPortOpenDelay: {
		Type: environschema.Tstring,
		Description: `The duration that the controller will wait 
between when the controller has been deemed to be ready to open 
the api-port and when the api-port is actually opened 
(only used when a controller-api-port value is set).`,
	},
	ControllerAPIPort: {
		Type: environschema.Tint,
		Description: `An optional port that may be set for controllers
that have a very heavy load. If this port is set, this port is used by
the controllers to talk to each other - used for the local API connection
as well as the pubsub forwarders, and the raft workers. If this value is
set, the api-port isn't opened until the controllers have started properly.`,
	},
	ControllerName: {
		Type:        environschema.Tstring,
		Description: `The canonical name of the controller`,
	},
	StatePort: {
		Type:        environschema.Tint,
		Description: `The port used for mongo connections`,
	},
	LoginTokenRefreshURL: {
		Type:        environschema.Tstring,
		Description: `The url of the jwt well known endpoint`,
	},
	IdentityURL: {
		Type:        environschema.Tstring,
		Description: `The url of the identity manager`,
	},
	IdentityPublicKey: {
		Type:        environschema.Tstring,
		Description: `The public key of the identity manager`,
	},
	SetNUMAControlPolicyKey: {
		Type:        environschema.Tbool,
		Description: `Determines if the NUMA control policy is set`,
	},
	AutocertURLKey: {
		Type:        environschema.Tstring,
		Description: `The URL used to obtain official TLS certificates when a client connects to the API`,
	},
	AutocertDNSNameKey: {
		Type:        environschema.Tstring,
		Description: `The DNS name of the controller`,
	},
	AllowModelAccessKey: {
		Type: environschema.Tbool,
		Description: `Determines if the controller allows users to 
connect to models they have been authorized for even when 
they don't have any access rights to the controller itself`,
	},
	MongoMemoryProfile: {
		Type:        environschema.Tstring,
		Description: `Sets mongo memory profile`,
	},
	JujuDBSnapChannel: {
		Type:        environschema.Tstring,
		Description: `Sets channel for installing mongo snaps when bootstrapping on focal or later`,
	},
	MaxDebugLogDuration: {
		Type:        environschema.Tstring,
		Description: `The maximum duration that a debug-log session is allowed to run`,
	},
	MaxTxnLogSize: {
		Type:        environschema.Tstring,
		Description: `The maximum size the of capped txn log collection`,
	},
	MaxPruneTxnBatchSize: {
		Type:        environschema.Tint,
		Description: `(deprecated) The maximum number of transactions evaluated in one go when pruning`,
	},
	MaxPruneTxnPasses: {
		Type:        environschema.Tint,
		Description: `(deprecated) The maximum number of batches processed when pruning`,
	},
	AgentLogfileMaxBackups: {
		Type:        environschema.Tint,
		Description: "The number of old agent log files to keep (compressed)",
	},
	AgentLogfileMaxSize: {
		Type:        environschema.Tstring,
		Description: `The maximum size of the agent log file`,
	},
	ModelLogfileMaxBackups: {
		Type:        environschema.Tint,
		Description: "The number of old model log files to keep (compressed)",
	},
	ModelLogfileMaxSize: {
		Type:        environschema.Tstring,
		Description: `The maximum size of the log file written out by the controller on behalf of workers running for a model`,
	},
	PruneTxnQueryCount: {
		Type:        environschema.Tint,
		Description: `The number of transactions to read in a single query`,
	},
	PruneTxnSleepTime: {
		Type:        environschema.Tstring,
		Description: `The amount of time to sleep between processing each batch query`,
	},
	PublicDNSAddress: {
		Type:        environschema.Tstring,
		Description: `Public DNS address (with port) of the controller.`,
	},
	JujuHASpace: {
		Type:        environschema.Tstring,
		Description: `The network space within which the MongoDB replica-set should communicate`,
	},
	JujuManagementSpace: {
		Type:        environschema.Tstring,
		Description: `The network space that agents should use to communicate with controllers`,
	},
	CAASOperatorImagePath: {
		Type: environschema.Tstring,
		Description: `(deprecated) The url of the docker image used for the application operator.
Use "caas-image-repo" instead.`,
	},
	CAASImageRepo: {
		Type:        environschema.Tstring,
		Description: `The docker repo to use for the jujud operator and mongo images`,
	},
	Features: {
		Type:        environschema.Tstring,
		Description: `A comma-delimited list of runtime changeable features to be updated`,
	},
	MaxCharmStateSize: {
		Type:        environschema.Tint,
		Description: `The maximum size (in bytes) of charm-specific state that units can store to the controller`,
	},
	MaxAgentStateSize: {
		Type:        environschema.Tint,
		Description: `The maximum size (in bytes) of internal state data that agents can store to the controller`,
	},
	MigrationMinionWaitMax: {
		Type:        environschema.Tstring,
		Description: `The maximum during model migrations that the migration worker will wait for agents to report on phases of the migration`,
	},
	QueryTracingEnabled: {
		Type:        environschema.Tbool,
		Description: `Enable query tracing for the dqlite driver`,
	},
	QueryTracingThreshold: {
		Type: environschema.Tstring,
		Description: `The minimum duration of a query for it to be traced. The lower the 
threshold, the more queries will be output. A value of 0 means all queries 
will be output if tracing is enabled.`,
	},
	OpenTelemetryEnabled: {
		Type:        environschema.Tbool,
		Description: `Enable open telemetry tracing`,
	},
	OpenTelemetryEndpoint: {
		Type:        environschema.Tstring,
		Description: `Endpoint open telemetry tracing`,
	},
	OpenTelemetryInsecure: {
		Type:        environschema.Tbool,
		Description: `Allows insecure endpoint for open telemetry tracing`,
	},
	OpenTelemetryStackTraces: {
		Type:        environschema.Tbool,
		Description: `Allows stack traces open telemetry tracing per span`,
	},
	OpenTelemetrySampleRatio: {
		Type:        environschema.Tstring,
		Description: `Allows defining a sample ratio open telemetry tracing`,
	},
	OpenTelemetryTailSamplingThreshold: {
		Type:        environschema.Tstring,
		Description: "Allows defining a tail sampling threshold open telemetry tracing",
	},
	ObjectStoreType: {
		Type:        environschema.Tstring,
		Description: `The type of object store backend to use for storing blobs`,
	},
	ObjectStoreS3Endpoint: {
		Type:        environschema.Tstring,
		Description: `The s3 endpoint for the object store backend`,
	},
	ObjectStoreS3StaticKey: {
		Type:        environschema.Tstring,
		Description: `The s3 static key for the object store backend`,
	},
	ObjectStoreS3StaticSecret: {
		Type:        environschema.Tstring,
		Description: `The s3 static secret for the object store backend`,
	},
	ObjectStoreS3StaticSession: {
		Type:        environschema.Tstring,
		Description: `The s3 static session for the object store backend`,
	},
	SystemSSHKeys: {
		Type:        environschema.Tstring,
		Description: `Defines the system ssh keys`,
	},
	JujudControllerSnapSource: {
		Type:        environschema.Tstring,
		Description: `The source for the jujud-controller snap.`,
	},
}

ConfigSchema holds information on all the fields defined by the config package.

Functions

func ControllerOnlyAttribute

func ControllerOnlyAttribute(attr string) bool

ControllerOnlyAttribute returns true if the specified attribute name is a controller config key (as opposed to, say, a model config key).

func EncodeToString

func EncodeToString(cfg Config) (map[string]string, error)

EncodeToString encodes the given controller config into a map of strings.

func HasCompleteS3Config

func HasCompleteS3Config(endpoint, staticKey, staticSecret string) error

HasCompleteS3Config returns true if the S3 configuration is complete.

func HasCompleteS3ControllerConfig

func HasCompleteS3ControllerConfig(cfg Config) error

HasCompleteS3ControllerConfig returns true if the controller has a complete S3 configuration. This includes an endpoint, static key, and static secret.

func Validate

func Validate(c Config) error

Validate ensures that config is a valid configuration.

Types

type Config

type Config map[string]interface{}

Config is a string-keyed map of controller configuration attributes.

func NewConfig

func NewConfig(controllerUUID, caCert string, attrs map[string]interface{}) (Config, error)

NewConfig creates a new Config from the supplied attributes. Default values will be used where defaults are available.

The controller UUID and CA certificate must be passed in. The UUID is typically generated by the immediate caller, and the CA certificate generated by environs/bootstrap.NewConfig.

func (Config) APIPort

func (c Config) APIPort() int

APIPort returns the API server port for the environment.

func (Config) APIPortOpenDelay

func (c Config) APIPortOpenDelay() time.Duration

APIPortOpenDelay returns the duration to wait before opening the APIPort once the controller has started up. Only used when the ControllerAPIPort is non-zero.

func (Config) AgentLogfileMaxBackups

func (c Config) AgentLogfileMaxBackups() int

AgentLogfileMaxBackups is the number of old agent/controller log files to keep (compressed).

func (Config) AgentLogfileMaxSizeMB

func (c Config) AgentLogfileMaxSizeMB() int

AgentLogfileMaxSizeMB is the maximum file size in MB of each agent/controller log file.

func (Config) AgentRateLimitMax

func (c Config) AgentRateLimitMax() int

AgentRateLimitMax is the initial size of the token bucket that is used to rate limit agent connections.

func (Config) AgentRateLimitRate

func (c Config) AgentRateLimitRate() time.Duration

AgentRateLimitRate is the time taken to add a token into the token bucket that is used to rate limit agent connections.

func (Config) AllowModelAccess

func (c Config) AllowModelAccess() bool

AllowModelAccess reports whether users are allowed to access models they have been granted permission for even when they can't access the controller.

func (Config) ApplicationResourceDownloadLimit

func (c Config) ApplicationResourceDownloadLimit() int

ApplicationResourceDownloadLimit limits the number of concurrent resource download requests from unit agents which will be served. The limit is per application.

func (Config) AsSpaceConstraints

func (c Config) AsSpaceConstraints(spaces *[]string) *[]string

AsSpaceConstraints checks to see whether config has spaces names populated for management and/or HA (Mongo). Non-empty values are merged with any input spaces and returned as a new slice reference. A slice pointer is used for congruence with the Spaces member in constraints.Value.

func (Config) AuditLogCaptureArgs

func (c Config) AuditLogCaptureArgs() bool

AuditLogCaptureArgs returns whether audit logging should capture the arguments to API methods. The default is false.

func (Config) AuditLogExcludeMethods

func (c Config) AuditLogExcludeMethods() set.Strings

AuditLogExcludeMethods returns the set of method names that are considered uninteresting for audit logging. Conversations containing only these will be excluded from the audit log.

func (Config) AuditLogMaxBackups

func (c Config) AuditLogMaxBackups() int

AuditLogMaxBackups returns the maximum number of backup audit log files to keep.

func (Config) AuditLogMaxSizeMB

func (c Config) AuditLogMaxSizeMB() int

AuditLogMaxSizeMB returns the maximum size for an audit log file in MB.

func (Config) AuditingEnabled

func (c Config) AuditingEnabled() bool

AuditingEnabled returns whether or not auditing has been enabled for the environment. The default is false.

func (Config) AutocertDNSName

func (c Config) AutocertDNSName() string

AutocertDNSName returns the DNS name of the controller. See AutocertDNSNameKey for more details.

func (Config) AutocertURL

func (c Config) AutocertURL() string

AutocertURL returns the URL used to obtain official TLS certificates when a client connects to the API. See AutocertURLKey for more details.

func (Config) CAASImageRepo

func (c Config) CAASImageRepo() string

CAASImageRepo sets the URL of the docker repo used for the jujud operator and mongo images.

func (Config) CAASOperatorImagePath

func (c Config) CAASOperatorImagePath() string

CAASOperatorImagePath sets the URL of the docker image used for the application operator. Deprecated: use CAASImageRepo

func (Config) CACert

func (c Config) CACert() (string, bool)

CACert returns the certificate of the CA that signed the controller certificate, in PEM format, and whether the setting is available.

TODO(axw) once the controller config is completely constructed, there will always be a CA certificate. Get rid of the bool result.

func (Config) ControllerAPIPort

func (c Config) ControllerAPIPort() int

ControllerAPIPort returns the optional API port to be used for the controllers to talk to each other. A zero value means that it is not set.

func (Config) ControllerName

func (c Config) ControllerName() string

ControllerName returns the name for the controller

func (Config) ControllerResourceDownloadLimit

func (c Config) ControllerResourceDownloadLimit() int

ControllerResourceDownloadLimit limits the number of concurrent resource download requests from unit agents which will be served. The limit is for the combined total of all applications on the controller.

func (Config) ControllerUUID

func (c Config) ControllerUUID() string

ControllerUUID returns the uuid for the controller.

func (Config) Features

func (c Config) Features() set.Strings

Features returns the controller config set features flags.

func (Config) IdentityPublicKey

func (c Config) IdentityPublicKey() *bakery.PublicKey

IdentityPublicKey returns the public key of the identity manager.

func (Config) IdentityURL

func (c Config) IdentityURL() string

IdentityURL returns the URL of the identity manager.

func (Config) JujuDBSnapChannel

func (c Config) JujuDBSnapChannel() string

JujuDBSnapChannel returns the channel for installing mongo snaps.

func (Config) JujuHASpace

func (c Config) JujuHASpace() string

JujuHASpace is the network space within which the MongoDB replica-set should communicate.

func (Config) JujuManagementSpace

func (c Config) JujuManagementSpace() string

JujuManagementSpace is the network space that agents should use to communicate with controllers.

func (Config) JujudControllerSnapSource

func (c Config) JujudControllerSnapSource() string

JujudControllerSnapSource returns the source of the jujud-controller snap.

func (Config) LoginTokenRefreshURL

func (c Config) LoginTokenRefreshURL() string

LoginTokenRefreshURL returns the URL of the login jwt well known endpoint.

func (Config) MaxAgentStateSize

func (c Config) MaxAgentStateSize() int

MaxAgentStateSize returns the max size (in bytes) of state data that agents can store to the controller. A value of zero indicates no limit.

func (Config) MaxCharmStateSize

func (c Config) MaxCharmStateSize() int

MaxCharmStateSize returns the max size (in bytes) of charm-specific state that each unit can store to the controller. A value of zero indicates no limit.

func (Config) MaxDebugLogDuration

func (c Config) MaxDebugLogDuration() time.Duration

MaxDebugLogDuration is the maximum time a debug-log session is allowed to run before it is terminated by the server.

func (Config) MaxPruneTxnBatchSize

func (c Config) MaxPruneTxnBatchSize() int

MaxPruneTxnBatchSize is the maximum size of the txn log collection.

func (Config) MaxPruneTxnPasses

func (c Config) MaxPruneTxnPasses() int

MaxPruneTxnPasses is the maximum number of batches of the txn log collection we will process at a time.

func (Config) MaxTxnLogSizeMB

func (c Config) MaxTxnLogSizeMB() int

MaxTxnLogSizeMB is the maximum size in MiB of the txn log collection.

func (Config) MigrationMinionWaitMax

func (c Config) MigrationMinionWaitMax() time.Duration

MigrationMinionWaitMax returns a duration for the maximum time that the migration-master worker should wait for migration-minion reports during phases of a model migration.

func (Config) ModelLogfileMaxBackups

func (c Config) ModelLogfileMaxBackups() int

ModelLogfileMaxBackups is the number of old model log files to keep (compressed).

func (Config) ModelLogfileMaxSizeMB

func (c Config) ModelLogfileMaxSizeMB() int

ModelLogfileMaxSizeMB is the maximum size of the log file written out by the controller on behalf of workers running for a model.

func (Config) MongoMemoryProfile

func (c Config) MongoMemoryProfile() string

MongoMemoryProfile returns the selected profile or low.

func (Config) NUMACtlPreference

func (c Config) NUMACtlPreference() bool

NUMACtlPreference returns if numactl is preferred.

func (Config) ObjectStoreS3Endpoint

func (c Config) ObjectStoreS3Endpoint() string

ObjectStoreS3Endpoint returns the endpoint to use for S3 object stores.

func (Config) ObjectStoreS3StaticKey

func (c Config) ObjectStoreS3StaticKey() string

ObjectStoreS3StaticKey returns the static key to use for S3 object stores.

func (Config) ObjectStoreS3StaticSecret

func (c Config) ObjectStoreS3StaticSecret() string

ObjectStoreS3StaticSecret returns the static secret to use for S3 object stores.

func (Config) ObjectStoreS3StaticSession

func (c Config) ObjectStoreS3StaticSession() string

ObjectStoreS3StaticSession returns the static session token to use for S3 object stores.

func (Config) ObjectStoreType

func (c Config) ObjectStoreType() objectstore.BackendType

ObjectStoreType returns the type of object store to use for storing blobs.

func (Config) OpenTelemetryEnabled

func (c Config) OpenTelemetryEnabled() bool

OpenTelemetryEnabled returns whether open telemetry tracing is enabled.

func (Config) OpenTelemetryEndpoint

func (c Config) OpenTelemetryEndpoint() string

OpenTelemetryEndpoint returns the open telemetry endpoint.

func (Config) OpenTelemetryInsecure

func (c Config) OpenTelemetryInsecure() bool

OpenTelemetryInsecure returns whether open telemetry tracing endpoint is insecure or not.

func (Config) OpenTelemetrySampleRatio

func (c Config) OpenTelemetrySampleRatio() float64

OpenTelemetrySampleRatio returns whether open telemetry tracing spans requires to have stack traces.

func (Config) OpenTelemetryStackTraces

func (c Config) OpenTelemetryStackTraces() bool

OpenTelemetryStackTraces returns whether open telemetry tracing spans requires to have stack traces.

func (Config) OpenTelemetryTailSamplingThreshold

func (c Config) OpenTelemetryTailSamplingThreshold() time.Duration

OpenTelemetryTailSamplingThreshold returns the tail sampling threshold for open telemetry tracing spans.

func (Config) PruneTxnQueryCount

func (c Config) PruneTxnQueryCount() int

PruneTxnQueryCount is the size of small batches for pruning

func (Config) PruneTxnSleepTime

func (c Config) PruneTxnSleepTime() time.Duration

PruneTxnSleepTime is the amount of time to sleep between batches.

func (Config) PublicDNSAddress

func (c Config) PublicDNSAddress() string

PublicDNSAddress returns the DNS name of the controller.

func (Config) QueryTracingEnabled

func (c Config) QueryTracingEnabled() bool

QueryTracingEnabled returns whether query tracing is enabled.

func (Config) QueryTracingThreshold

func (c Config) QueryTracingThreshold() time.Duration

QueryTracingThreshold returns the threshold for query tracing. The lower the threshold, the more queries will be output. A value of 0 means all queries will be output.

func (Config) StatePort

func (c Config) StatePort() int

StatePort returns the mongo server port for the environment.

func (Config) SystemSSHKeys

func (c Config) SystemSSHKeys() string

SystemSSHKeys returns the trusted ssh keys that agents of this controller should trust.

func (Config) Validate

func (c Config) Validate() error

Validate validates the controller configuration.

type StateServingInfo

type StateServingInfo struct {
	APIPort           int
	ControllerAPIPort int
	StatePort         int
	Cert              string
	PrivateKey        string
	CAPrivateKey      string
	// this will be passed as the KeyFile argument to MongoDB
	SharedSecret   string
	SystemIdentity string
}

StateServingInfo holds network/auth information needed by a controller.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL